aws-service-stack 0.18.413 → 0.18.415
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/controller/controller-role.js +0 -3
- package/dist/controller/controller-role.js.map +1 -1
- package/dist/function/cognito/cognito.function.d.ts +6 -0
- package/dist/function/cognito/cognito.function.js +20 -0
- package/dist/function/cognito/cognito.function.js.map +1 -1
- package/dist/function/cognito/index.d.ts +3 -1
- package/dist/function/cognito/index.js +2 -0
- package/dist/function/cognito/index.js.map +1 -1
- package/dist/function/index.d.ts +2 -0
- package/package.json +1 -1
|
@@ -140,9 +140,6 @@ class ControllerRole {
|
|
|
140
140
|
const method = req.methode.toUpperCase();
|
|
141
141
|
const scope = this.getScope(req, scopeMap);
|
|
142
142
|
if (adminGroups?.length && this.isAdmin(roles, adminGroups)) {
|
|
143
|
-
if (method === "POST") {
|
|
144
|
-
this.setDefaultIndexFields(req, scopeMap);
|
|
145
|
-
}
|
|
146
143
|
return true;
|
|
147
144
|
}
|
|
148
145
|
this.applyMethodFilters(req, method, scope, scopeMap);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"controller-role.js","sourceRoot":"","sources":["../../src/controller/controller-role.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,4CAAyC;AAIzC,sEAAkE;AAClE,iDAAoG;AACpG,8DAA4E;AAC5E,sDAAuE;AAGvE,8EAA8E;AAC9E,cAAc;AACd,8EAA8E;AAE9E,MAAM,YAAY,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5B,GAAG,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC3B,IAAI,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC5B,KAAK,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC7B,GAAG,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC3B,MAAM,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChC,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC;IAC3C,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC;IACnD,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,mBAAmB,CAAC;IAC7C,MAAM,EAAE,YAAY;CACrB,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG,OAAC,CAAC,MAAM,CAAC;IACnC,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,QAAQ,EAAE;IACtD,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC,CAAC,QAAQ,EAAE;IAC9D,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,mBAAmB,CAAC,CAAC,QAAQ,EAAE;IACxD,MAAM,EAAE,YAAY,CAAC,QAAQ,EAAE;CAChC,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC;AAEvD,MAAM,QAAQ,GAAG,OAAC,CAAC,MAAM,CAAC;IACxB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wBAAwB,CAAC;IACvD,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;IACrD,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACnC,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5B,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wBAAwB,CAAC;IACvD,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC;IACnD,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;CACtD,CAAC,CAAC;AAEH,8EAA8E;AAE9E,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;AAI7D,MAAa,cAAc;IACN,iBAAiB,CAAoB;IAEvC,SAAS,GAAiC;QACzD,YAAY,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC;QACzF,iBAAiB,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;QAC9F,eAAe,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC;QAC7E,oBAAoB,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;KACpG,CAAC;IAEF,YAAY,aAAqB;QAC/B,IAAI,CAAC,iBAAiB,GAAG,IAAI,sCAAiB,CAAC,aAAa,CAAC,CAAC;IAChE,CAAC;IAED,8EAA8E;IAC9E,kBAAkB;IAClB,8EAA8E;IAE9E,KAAK,CAAC,aAAa,CAAC,KAKnB;QACC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,EAAU,EACV,OAA4E;QAE5E,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,EAAU;QAC/B,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAU;QAC5B,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,MAAe;QACnC,OAAO,IAAI,CAAC,iBAAiB,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IACxD,CAAC;IAED,8EAA8E;IAC9E,uBAAuB;IACvB,8EAA8E;IAE9E,KAAK,CAAC,OAAO,CAAC,UAAkB,EAAE,SAAiB,EAAE,WAAoB;QACvE,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;QAChE,OAAO,IAAA,qBAAW,EAAC,UAAU,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,UAAkB,EAAE,SAAiB;QACpD,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;QACnD,OAAO,IAAA,qBAAW,EAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,UAAkB,EAAE,QAAgB,EAAE,SAAiB;QACtE,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;QACjE,OAAO,IAAA,wBAAc,EAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,UAAkB,EAAE,QAAgB,EAAE,SAAiB;QACxE,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;QACjE,OAAO,IAAA,6BAAmB,EAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAC9D,CAAC;IAED,8EAA8E;IAC9E,qBAAqB;IACrB,8EAA8E;IAE9E,KAAK,CAAC,aAAa,CAAC,IAAY,EAAE,QAAgB,EAAE,KAAa,EAAE,MAAc;QAC/E,OAAO,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAC7E,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,aAAqB;QAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;IAClE,CAAC;IAED,8EAA8E;IAC9E,yDAAyD;IACzD,8EAA8E;IAE9E,KAAK,CAAC,uBAAuB,CAC3B,GAAgB,EAChB,IAAY,EACZ,aAA4B,EAC5B,WAAqB;QAErB,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAE5D,IAAI,GAAG,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;YAC3B,MAAM,cAAc,GAAG,IAAA,6BAAe,EAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,QAAQ,GAAG,IAAA,6BAAe,EAAC,aAAa,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;YAE/D,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC/D,IAAI,cAAc,KAAK,GAAG,QAAQ,GAAG,MAAM,EAAE,EAAE,CAAC;oBAC9C,OAAO,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;QAED,QAAQ,GAAG,CAAC,OAAO,EAAE,CAAC;YACpB,KAAK,KAAK;gBACR,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YACvD,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC7C;gBACE,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,2BAA2B,CAAC,CAAC;QACzF,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,0BAA0B;IAC1B,8EAA8E;IAE9E,KAAK,CAAC,WAAW,CACf,GAAgB,EAChB,QAAgB,EAChB,QAAkB,EAClB,WAAsB,EACtB,QAAuC;QAEvC,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,IAAI,CAAC,IAAI,EAAE,CAAC;QAE/B,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAE3C,IAAI,WAAW,EAAE,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE,CAAC;YAC5D,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtB,IAAI,CAAC,qBAAqB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC5C,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;QAEtD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAClF,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,IAAI,CAAC,IAAI,CAAC,sBAAsB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,QAAQ,IAAI,KAAK,IAAI,MAAM,GAAG,CAAC,CAAC;QACvF,CAAC;QAED,IAAI,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,oBAAoB,CAAC,aAAuB,EAAE,WAAqB;QACjE,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1D,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACjC,CAAC;IAED,8EAA8E;IAC9E,iCAAiC;IACjC,8EAA8E;IAEtE,IAAI,CAAC,OAAO,GAAG,uCAAuC;QAC5D,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,OAAO,CAAC,CAAC;IACzE,CAAC;IAEO,OAAO,CAAC,aAAmC,EAAE,WAAqB;QACxE,WAAW,GAAG,IAAA,4BAAc,EAAC,WAAW,CAAC,CAAC;QAC1C,OAAO,aAAa,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,CAAC;IAC9E,CAAC;IAEO,YAAY,CAAC,GAAgB;QACnC,OAAO,GAAG,CAAC,QAAQ,EAAE,MAAM,IAAI,EAAE,CAAC;IACpC,CAAC;IAEO,QAAQ,CAAC,GAAgB,EAAE,QAAkB;QACnD,OAAO,GAAG,CAAC,qBAAqB,EAAE,KAAK,IAAI,GAAG,CAAC,qBAAqB,EAAE,KAAK,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;IACnH,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAChC,KAAe,EACf,QAAgB,EAChB,KAAa,EACb,MAAc;QAEd,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,MAAM,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC7F,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,QAAQ,CAAsB,MAAS,EAAE,IAAa;QAC5D,IAAI,CAAC;YACH,OAAO,IAAA,oCAAkB,EAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,eAAe,GAAG,IAAA,8BAAY,EAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,eAAe,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,yCAAyC;IACzC,8EAA8E;IAEtE,KAAK,CAAC,oBAAoB,CAChC,GAAgB,EAChB,KAAa,EACb,QAAkB,EAClB,QAAuC;QAEvC,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpC,IAAI,CAAC,OAAO;YAAE,OAAO;QAErB,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACnD,IAAI,CAAC,UAAU;YAAE,IAAI,CAAC,IAAI,CAAC,4BAA4B,KAAK,GAAG,CAAC,CAAC;QAEjE,IAAI,CAAC,QAAQ;YAAE,OAAO;QAEtB,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,qBAAqB,CAAC,CAAC;QACjF,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,qBAAqB,GAAG,CAAC,QAAQ,aAAa,CAAC,CAAC;QACxG,CAAC;QAED,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,UAAU,EAAE,CAAC;YAC/C,IAAI,CAAC,IAAI,CAAC,0CAA0C,GAAG,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,6BAA6B;IAC7B,8EAA8E;IAEtE,YAAY,CAAC,GAAgB,EAAE,OAA8B;QACnE,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC1F,CAAC;IAEO,wBAAwB,CAC9B,GAAgB,EAChB,OAA8B,EAC9B,SAAiB;QAEjB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,SAAS,GAAG,SAAS,CAAC;QAC3D,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC;IAC/F,CAAC;IAED,8EAA8E;IAC9E,+BAA+B;IAC/B,8EAA8E;IAEtE,kBAAkB,CAAC,GAAgB,EAAE,MAAc,EAAE,KAAa,EAAE,QAAkB;QAC5F,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,IAAI,CAAC,qBAAqB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,MAAM,KAAK,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1D,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QACxC,CAAC;aAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;YAC5B,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAEO,gBAAgB,CAAC,GAAgB,EAAE,KAAa,EAAE,QAAkB;QAC1E,IAAI,CAAC,GAAG,CAAC,MAAM;YAAE,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;QACjC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEtC,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpC,IAAI,CAAC,OAAO;YAAE,OAAO;QAErB,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACnD,IAAI,UAAU,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YACnD,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,UAAU,CAAC;QAC/C,CAAC;QACD,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;IAC1B,CAAC;IAEO,qBAAqB,CAAC,GAAgB,EAAE,QAAkB;QAChE,IAAI,CAAC,GAAG,CAAC,IAAI;YAAE,GAAG,CAAC,IAAI,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC;QACzE,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;IAChD,CAAC;IAEO,iBAAiB,CAAC,GAAgB,EAAE,QAAkB;QAC5D,IAAI,CAAC,GAAG,CAAC,MAAM;YAAE,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;QAEjC,MAAM,cAAc,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;QAErE,KAAK,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC5C,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,IAAI,OAAO,CAAC,KAAK,GAAG,UAAU;gBAAE,SAAS;YAEpG,MAAM,UAAU,GAAG,IAAI,CAAC,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YAC1E,MAAM,OAAO,GAAG,OAAO,CAAC,WAAW,GAAG,cAAc,CAAC;YACrD,IAAI,UAAU,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;gBACpD,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,UAAU,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;IAC1B,CAAC;IAEO,mBAAmB,CAAC,GAAgB,EAAE,QAAkB,EAAE,YAAY,GAAG,KAAK;QACpF,KAAK,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YAC1E,IAAI,UAAU,IAAI,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjF,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,UAAU,CAAC;YAC7C,CAAC;QACH,CAAC;IACH,CAAC;IAEO,gBAAgB,CAAC,GAAgB;QACvC,MAAM,IAAI,GAAG,IAAA,6BAAe,EAAC,GAAG,CAAC,KAAK,EAAE,cAAc,EAAE,YAAY,IAAI,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;QAChG,OAAO,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IACvC,CAAC;IAEO,qBAAqB,CAAC,GAAgB;QAC5C,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,EAAE,KAAK,IAAI,GAAG,CAAC,qBAAqB,EAAE,KAAK,IAAI,GAAG,CAAC,qBAAqB,EAAE,KAAK,CAAC;QAC3G,IAAI,OAAO,QAAQ,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QACnD,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACjD,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;IACpD,CAAC;IAEO,kBAAkB,CAAC,cAAkC,EAAE,QAAkB;QAC/E,IAAI,CAAC,cAAc;YAAE,OAAO,SAAS,CAAC;QACtC,KAAK,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC5C,IAAI,SAAS,CAAC,WAAW,EAAE,KAAK,cAAc;gBAAE,OAAO,OAAO,CAAC,KAAK,CAAC;QACvE,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,OAAO,CAAC,KAAc;QAC5B,OAAO,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;IAC/D,CAAC;IAEO,iBAAiB,CAAC,GAAgB,EAAE,QAAkB;QAC5D,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC,IAAI,QAAQ,EAAE,CAAC;YACjC,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC/B,OAAO,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC7B,OAAO,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;CACF;AAhWD,wCAgWC","sourcesContent":["import { z } from \"zod\";\nimport { ErrorHttp } from \"../exception\";\nimport { Permission } from \"../model/role.model\";\nimport { List, PermissionMap, ScopeMap } from \"../model/base.model\";\nimport { HttpRequest } from \"../utils/http/http.util\";\nimport { PermissionService } from \"../service/permission.service\";\nimport { createGroup, deleteGroup, addUserToGroup, removeUserFromGroup } from \"../function/cognito\";\nimport { validateWithSchema, formatErrors } from \"../utils/validation.util\";\nimport { normalizeLower, trimSpecialChar } from \"../utils/string.util\";\nimport { Filter } from \"@chinggis/types\";\n\n// ---------------------------------------------------------------------------\n// DTO Schemas\n// ---------------------------------------------------------------------------\n\nconst MethodSchema = z.object({\n GET: z.boolean().optional(),\n POST: z.boolean().optional(),\n PATCH: z.boolean().optional(),\n PUT: z.boolean().optional(),\n DELETE: z.boolean().optional(),\n});\n\nconst AddPermissionDto = z.object({\n role: z.string().min(1, \"Role is required\"),\n resource: z.string().min(1, \"Resource is required\"),\n scope: z.string().min(1, \"Scope is required\"),\n method: MethodSchema,\n});\n\nconst UpdatePermissionDto = z.object({\n role: z.string().min(1, \"Role is required\").optional(),\n resource: z.string().min(1, \"Resource is required\").optional(),\n scope: z.string().min(1, \"Scope is required\").optional(),\n method: MethodSchema.optional(),\n});\n\nconst IdParamDto = z.string().min(1, \"Id is required\");\n\nconst GroupDto = z.object({\n userPoolId: z.string().min(1, \"UserPoolId is required\"),\n groupName: z.string().min(1, \"GroupName is required\"),\n description: z.string().optional(),\n});\n\nconst UserGroupDto = z.object({\n userPoolId: z.string().min(1, \"UserPoolId is required\"),\n username: z.string().min(1, \"Username is required\"),\n groupName: z.string().min(1, \"GroupName is required\"),\n});\n\n// ---------------------------------------------------------------------------\n\nconst MUTATING_METHODS = new Set([\"PATCH\", \"PUT\", \"DELETE\"]);\n\ntype RouteHandler = (permissionMap: PermissionMap, body: any) => Promise<any>;\n\nexport class ControllerRole {\n protected readonly permissionService: PermissionService;\n\n private readonly subRoutes: Record<string, RouteHandler> = {\n \"/add-group\": (pm, body) => this.addRole(pm.userPoolId, body.groupName, body.description),\n \"/add-user-group\": (pm, body) => this.assignRole(pm.userPoolId, body.username, body.groupName),\n \"/remove-group\": (pm, body) => this.removeRole(pm.userPoolId, body.groupName),\n \"/remove-user-group\": (pm, body) => this.unassignRole(pm.userPoolId, body.username, body.groupName),\n };\n\n constructor(roleTableName: string) {\n this.permissionService = new PermissionService(roleTableName);\n }\n\n // ---------------------------------------------------------------------------\n // Permission CRUD\n // ---------------------------------------------------------------------------\n\n async addPermission(input: {\n role: string;\n resource: string;\n scope: string;\n method: Permission[\"method\"];\n }): Promise<Permission> {\n this.validate(AddPermissionDto, input);\n return this.permissionService.createPermission(input);\n }\n\n async updatePermission(\n id: string,\n updates: Partial<Pick<Permission, \"role\" | \"resource\" | \"scope\" | \"method\">>,\n ): Promise<Permission> {\n this.validate(IdParamDto, id);\n this.validate(UpdatePermissionDto, updates);\n return this.permissionService.updatePermission(id, updates);\n }\n\n async deletePermission(id: string): Promise<boolean> {\n this.validate(IdParamDto, id);\n return this.permissionService.deletePermission(id);\n }\n\n async getPermission(id: string): Promise<Permission | null> {\n this.validate(IdParamDto, id);\n return this.permissionService.getPermissionById(id);\n }\n\n async listPermissions(filter?: Filter): Promise<List<Partial<Permission>>> {\n return this.permissionService.listPermissions(filter);\n }\n\n // ---------------------------------------------------------------------------\n // Role (Cognito group)\n // ---------------------------------------------------------------------------\n\n async addRole(userPoolId: string, groupName: string, description?: string) {\n this.validate(GroupDto, { userPoolId, groupName, description });\n return createGroup(userPoolId, groupName, description);\n }\n\n async removeRole(userPoolId: string, groupName: string) {\n this.validate(GroupDto, { userPoolId, groupName });\n return deleteGroup(userPoolId, groupName);\n }\n\n async assignRole(userPoolId: string, username: string, groupName: string) {\n this.validate(UserGroupDto, { userPoolId, username, groupName });\n return addUserToGroup(userPoolId, username, groupName);\n }\n\n async unassignRole(userPoolId: string, username: string, groupName: string) {\n this.validate(UserGroupDto, { userPoolId, username, groupName });\n return removeUserFromGroup(userPoolId, username, groupName);\n }\n\n // ---------------------------------------------------------------------------\n // Permission queries\n // ---------------------------------------------------------------------------\n\n async hasPermission(role: string, resource: string, scope: string, method: string): Promise<boolean> {\n return this.permissionService.hasPermission(role, resource, scope, method);\n }\n\n async getPermissionByKey(permissionKey: string): Promise<Permission | null> {\n return this.permissionService.getPermissionByKey(permissionKey);\n }\n\n // ---------------------------------------------------------------------------\n // Permission request handler (routes from ControllerApi)\n // ---------------------------------------------------------------------------\n\n async handlePermissionRequest(\n req: HttpRequest,\n path: string,\n permissionMap: PermissionMap,\n adminGroups: string[],\n ): Promise<any> {\n this.checkAdminPermission(req.identity.groups, adminGroups);\n\n if (req.methode === \"POST\") {\n const normalizedPath = trimSpecialChar(path);\n const rolePath = trimSpecialChar(permissionMap.rolePath ?? \"\");\n\n for (const [suffix, handler] of Object.entries(this.subRoutes)) {\n if (normalizedPath === `${rolePath}${suffix}`) {\n return handler(permissionMap, req.body);\n }\n }\n\n return this.addPermission(req.body);\n }\n\n switch (req.methode) {\n case \"GET\":\n return this.listPermissions(req.filter);\n case \"PATCH\":\n return this.updatePermission(req.entityId, req.body);\n case \"DELETE\":\n return this.deletePermission(req.entityId);\n default:\n throw new ErrorHttp({ code: 400, error: \"BadRequest\" }, \"[CORE] unsupported method\");\n }\n }\n\n // ---------------------------------------------------------------------------\n // RBAC access enforcement\n // ---------------------------------------------------------------------------\n\n async checkAccess(\n req: HttpRequest,\n resource: string,\n scopeMap: ScopeMap,\n adminGroups?: string[],\n findById?: (id: string) => Promise<any>,\n ): Promise<boolean> {\n const roles = this.extractRoles(req);\n if (!roles.length) this.deny();\n\n const method = req.methode.toUpperCase();\n const scope = this.getScope(req, scopeMap);\n\n if (adminGroups?.length && this.isAdmin(roles, adminGroups)) {\n if (method === \"POST\") {\n this.setDefaultIndexFields(req, scopeMap);\n }\n return true;\n }\n\n this.applyMethodFilters(req, method, scope, scopeMap);\n\n const permitted = await this.hasAnyRolePermission(roles, resource, scope, method);\n if (!permitted) {\n this.deny(`Permission denied: ${roles.join(\",\")}: \"${resource}#${scope}.${method}\"`);\n }\n\n if (MUTATING_METHODS.has(method)) {\n await this.verifyScopeOwnership(req, scope, scopeMap, findById);\n }\n\n return true;\n }\n\n checkAdminPermission(cognitoGroups: string[], adminGroups: string[]) {\n if (this.isAdmin(cognitoGroups, adminGroups)) return true;\n this.deny(\"Permission Denied\");\n }\n\n // ---------------------------------------------------------------------------\n // Private — error + auth helpers\n // ---------------------------------------------------------------------------\n\n private deny(message = \"Permission denied: no role accessible\"): never {\n throw new ErrorHttp({ code: 403, error: \"PermissionDenied\" }, message);\n }\n\n private isAdmin(cognitoGroups: string[] | undefined, adminGroups: string[]): boolean {\n adminGroups = normalizeLower(adminGroups);\n return cognitoGroups?.some((group) => adminGroups.includes(group)) ?? false;\n }\n\n private extractRoles(req: HttpRequest): string[] {\n return req.identity?.groups ?? [];\n }\n\n private getScope(req: HttpRequest, scopeMap: ScopeMap): string {\n return req.queryStringParameters?.scope || req.customQueryParameters?.scope || Array.from(scopeMap.keys()).pop();\n }\n\n private async hasAnyRolePermission(\n roles: string[],\n resource: string,\n scope: string,\n method: string,\n ): Promise<boolean> {\n for (const role of roles) {\n if (await this.permissionService.hasPermission(role, resource, scope, method)) return true;\n }\n return false;\n }\n\n private validate<T extends z.ZodType>(schema: T, data: unknown): z.infer<T> {\n try {\n return validateWithSchema(schema, data);\n } catch (error) {\n const formattedErrors = formatErrors(error);\n throw new ErrorHttp({ code: 400, error: \"BadRequest\" }, formattedErrors);\n }\n }\n\n // ---------------------------------------------------------------------------\n // Private — scope ownership verification\n // ---------------------------------------------------------------------------\n\n private async verifyScopeOwnership(\n req: HttpRequest,\n scope: string,\n scopeMap: ScopeMap,\n findById?: (id: string) => Promise<any>,\n ): Promise<void> {\n const mapping = scopeMap.get(scope);\n if (!mapping) return;\n\n const claimValue = this.resolveClaim(req, mapping);\n if (!claimValue) this.deny(`Missing claim for scope \"${scope}\"`);\n\n if (!findById) return;\n\n if (!req.entityId) {\n throw new ErrorHttp({ code: 400, error: \"BadRequest\" }, \"Missing resource id\");\n }\n\n const entity = await findById(req.entityId);\n if (!entity) {\n throw new ErrorHttp({ code: 404, error: \"NotFound\" }, `Resource with id \"${req.entityId}\" not found`);\n }\n\n if (entity[mapping.filterField] !== claimValue) {\n this.deny(`Scope mismatch: no access to resource \"${req.entityId}\"`);\n }\n }\n\n // ---------------------------------------------------------------------------\n // Private — claim resolution\n // ---------------------------------------------------------------------------\n\n private resolveClaim(req: HttpRequest, mapping: { claimKey?: string }): string | undefined {\n return req.identity?.[mapping.claimKey] || req.identity?.attributes?.[mapping.claimKey];\n }\n\n private resolveClaimWithFallback(\n req: HttpRequest,\n mapping: { claimKey?: string },\n scopeName: string,\n ): string | undefined {\n const claimKey = mapping.claimKey ?? \"custom:\" + scopeName;\n return req.identity?.[claimKey] || req.identity?.attributes?.[claimKey] || req.identity?.sub;\n }\n\n // ---------------------------------------------------------------------------\n // Private — filter application\n // ---------------------------------------------------------------------------\n\n private applyMethodFilters(req: HttpRequest, method: string, scope: string, scopeMap: ScopeMap): void {\n if (method === \"POST\") {\n this.setDefaultIndexFields(req, scopeMap);\n } else if (method === \"GET\" && this.isOpenSearchPath(req)) {\n this.setDefaultFilters(req, scopeMap);\n } else if (method === \"GET\") {\n this.applyScopeFilter(req, scope, scopeMap);\n }\n }\n\n private applyScopeFilter(req: HttpRequest, scope: string, scopeMap: ScopeMap): void {\n if (!req.filter) req.filter = {};\n this.clearScopeFilters(req, scopeMap);\n\n const mapping = scopeMap.get(scope);\n if (!mapping) return;\n\n const claimValue = this.resolveClaim(req, mapping);\n if (claimValue || !req.filter[mapping.filterField]) {\n req.filter[mapping.filterField] = claimValue;\n }\n delete req.filter.scope;\n }\n\n private setDefaultIndexFields(req: HttpRequest, scopeMap: ScopeMap): void {\n if (!req.body) req.body = {};\n if (this.isUnset(req.body.ownerId)) req.body.ownerId = req.identity?.sub;\n this.applyAllScopeValues(req, scopeMap, true);\n }\n\n private setDefaultFilters(req: HttpRequest, scopeMap: ScopeMap): void {\n if (!req.filter) req.filter = {};\n\n const requestedScope = this.resolveRequestedScope(req);\n const levelLimit = this.getScopeLevelLimit(requestedScope, scopeMap);\n\n for (const [scopeName, mapping] of scopeMap) {\n if (levelLimit !== undefined && mapping.level !== undefined && mapping.level > levelLimit) continue;\n\n const claimValue = this.resolveClaimWithFallback(req, mapping, scopeName);\n const eqField = mapping.filterField + \".keyword__eq\";\n if (claimValue && this.isUnset(req.filter[eqField])) {\n req.filter[eqField] = claimValue;\n }\n }\n\n delete req.filter.scope;\n }\n\n private applyAllScopeValues(req: HttpRequest, scopeMap: ScopeMap, defaultsOnly = false): void {\n for (const [scopeName, mapping] of scopeMap) {\n const claimValue = this.resolveClaimWithFallback(req, mapping, scopeName);\n if (claimValue && (!defaultsOnly || this.isUnset(req.body[mapping.filterField]))) {\n req.body[mapping.filterField] = claimValue;\n }\n }\n }\n\n private isOpenSearchPath(req: HttpRequest): boolean {\n const path = trimSpecialChar(req.event?.requestContext?.resourcePath ?? req.resourcePath ?? \"\");\n return path.endsWith(\"search/query\");\n }\n\n private resolveRequestedScope(req: HttpRequest): string | undefined {\n const scopeRaw = req.filter?.scope || req.queryStringParameters?.scope || req.customQueryParameters?.scope;\n if (typeof scopeRaw !== \"string\") return undefined;\n const normalized = scopeRaw.trim().toLowerCase();\n return normalized.length ? normalized : undefined;\n }\n\n private getScopeLevelLimit(requestedScope: string | undefined, scopeMap: ScopeMap): number | undefined {\n if (!requestedScope) return undefined;\n for (const [scopeName, mapping] of scopeMap) {\n if (scopeName.toLowerCase() === requestedScope) return mapping.level;\n }\n return undefined;\n }\n\n private isUnset(value: unknown): boolean {\n return value === undefined || value === null || value === \"\";\n }\n\n private clearScopeFilters(req: HttpRequest, scopeMap: ScopeMap): void {\n for (const [, entry] of scopeMap) {\n delete req.filter[entry.filterField];\n }\n delete req.filter[\"profileId\"];\n delete req.filter[\"ownerId\"];\n delete req.filter[\"scope\"];\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"controller-role.js","sourceRoot":"","sources":["../../src/controller/controller-role.ts"],"names":[],"mappings":";;;AAAA,6BAAwB;AACxB,4CAAyC;AAIzC,sEAAkE;AAClE,iDAAoG;AACpG,8DAA4E;AAC5E,sDAAuE;AAGvE,8EAA8E;AAC9E,cAAc;AACd,8EAA8E;AAE9E,MAAM,YAAY,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5B,GAAG,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC3B,IAAI,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC5B,KAAK,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC7B,GAAG,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;IAC3B,MAAM,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,OAAC,CAAC,MAAM,CAAC;IAChC,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC;IAC3C,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC;IACnD,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,mBAAmB,CAAC;IAC7C,MAAM,EAAE,YAAY;CACrB,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG,OAAC,CAAC,MAAM,CAAC;IACnC,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC,CAAC,QAAQ,EAAE;IACtD,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC,CAAC,QAAQ,EAAE;IAC9D,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,mBAAmB,CAAC,CAAC,QAAQ,EAAE;IACxD,MAAM,EAAE,YAAY,CAAC,QAAQ,EAAE;CAChC,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC;AAEvD,MAAM,QAAQ,GAAG,OAAC,CAAC,MAAM,CAAC;IACxB,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wBAAwB,CAAC;IACvD,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;IACrD,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACnC,CAAC,CAAC;AAEH,MAAM,YAAY,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5B,UAAU,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,wBAAwB,CAAC;IACvD,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,sBAAsB,CAAC;IACnD,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,uBAAuB,CAAC;CACtD,CAAC,CAAC;AAEH,8EAA8E;AAE9E,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;AAI7D,MAAa,cAAc;IACN,iBAAiB,CAAoB;IAEvC,SAAS,GAAiC;QACzD,YAAY,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC;QACzF,iBAAiB,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;QAC9F,eAAe,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC;QAC7E,oBAAoB,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;KACpG,CAAC;IAEF,YAAY,aAAqB;QAC/B,IAAI,CAAC,iBAAiB,GAAG,IAAI,sCAAiB,CAAC,aAAa,CAAC,CAAC;IAChE,CAAC;IAED,8EAA8E;IAC9E,kBAAkB;IAClB,8EAA8E;IAE9E,KAAK,CAAC,aAAa,CAAC,KAKnB;QACC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,EAAE,KAAK,CAAC,CAAC;QACvC,OAAO,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,EAAU,EACV,OAA4E;QAE5E,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC,CAAC;QAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,EAAU;QAC/B,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,EAAU;QAC5B,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAC9B,OAAO,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,MAAe;QACnC,OAAO,IAAI,CAAC,iBAAiB,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IACxD,CAAC;IAED,8EAA8E;IAC9E,uBAAuB;IACvB,8EAA8E;IAE9E,KAAK,CAAC,OAAO,CAAC,UAAkB,EAAE,SAAiB,EAAE,WAAoB;QACvE,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;QAChE,OAAO,IAAA,qBAAW,EAAC,UAAU,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,UAAkB,EAAE,SAAiB;QACpD,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC,CAAC;QACnD,OAAO,IAAA,qBAAW,EAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,UAAkB,EAAE,QAAgB,EAAE,SAAiB;QACtE,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;QACjE,OAAO,IAAA,wBAAc,EAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,UAAkB,EAAE,QAAgB,EAAE,SAAiB;QACxE,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;QACjE,OAAO,IAAA,6BAAmB,EAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAC9D,CAAC;IAED,8EAA8E;IAC9E,qBAAqB;IACrB,8EAA8E;IAE9E,KAAK,CAAC,aAAa,CAAC,IAAY,EAAE,QAAgB,EAAE,KAAa,EAAE,MAAc;QAC/E,OAAO,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAC7E,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,aAAqB;QAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;IAClE,CAAC;IAED,8EAA8E;IAC9E,yDAAyD;IACzD,8EAA8E;IAE9E,KAAK,CAAC,uBAAuB,CAC3B,GAAgB,EAChB,IAAY,EACZ,aAA4B,EAC5B,WAAqB;QAErB,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;QAE5D,IAAI,GAAG,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;YAC3B,MAAM,cAAc,GAAG,IAAA,6BAAe,EAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,QAAQ,GAAG,IAAA,6BAAe,EAAC,aAAa,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;YAE/D,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC/D,IAAI,cAAc,KAAK,GAAG,QAAQ,GAAG,MAAM,EAAE,EAAE,CAAC;oBAC9C,OAAO,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC;QAED,QAAQ,GAAG,CAAC,OAAO,EAAE,CAAC;YACpB,KAAK,KAAK;gBACR,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YACvD,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC7C;gBACE,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,2BAA2B,CAAC,CAAC;QACzF,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,0BAA0B;IAC1B,8EAA8E;IAE9E,KAAK,CAAC,WAAW,CACf,GAAgB,EAChB,QAAgB,EAChB,QAAkB,EAClB,WAAsB,EACtB,QAAuC;QAEvC,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,IAAI,CAAC,IAAI,EAAE,CAAC;QAE/B,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAE3C,IAAI,WAAW,EAAE,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE,CAAC;YAC5D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;QAEtD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAClF,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,IAAI,CAAC,IAAI,CAAC,sBAAsB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,QAAQ,IAAI,KAAK,IAAI,MAAM,GAAG,CAAC,CAAC;QACvF,CAAC;QAED,IAAI,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,oBAAoB,CAAC,aAAuB,EAAE,WAAqB;QACjE,IAAI,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,WAAW,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1D,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACjC,CAAC;IAED,8EAA8E;IAC9E,iCAAiC;IACjC,8EAA8E;IAEtE,IAAI,CAAC,OAAO,GAAG,uCAAuC;QAC5D,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,OAAO,CAAC,CAAC;IACzE,CAAC;IAEO,OAAO,CAAC,aAAmC,EAAE,WAAqB;QACxE,WAAW,GAAG,IAAA,4BAAc,EAAC,WAAW,CAAC,CAAC;QAC1C,OAAO,aAAa,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,CAAC;IAC9E,CAAC;IAEO,YAAY,CAAC,GAAgB;QACnC,OAAO,GAAG,CAAC,QAAQ,EAAE,MAAM,IAAI,EAAE,CAAC;IACpC,CAAC;IAEO,QAAQ,CAAC,GAAgB,EAAE,QAAkB;QACnD,OAAO,GAAG,CAAC,qBAAqB,EAAE,KAAK,IAAI,GAAG,CAAC,qBAAqB,EAAE,KAAK,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC;IACnH,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAChC,KAAe,EACf,QAAgB,EAChB,KAAa,EACb,MAAc;QAEd,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,MAAM,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC7F,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,QAAQ,CAAsB,MAAS,EAAE,IAAa;QAC5D,IAAI,CAAC;YACH,OAAO,IAAA,oCAAkB,EAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,eAAe,GAAG,IAAA,8BAAY,EAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,eAAe,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,yCAAyC;IACzC,8EAA8E;IAEtE,KAAK,CAAC,oBAAoB,CAChC,GAAgB,EAChB,KAAa,EACb,QAAkB,EAClB,QAAuC;QAEvC,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpC,IAAI,CAAC,OAAO;YAAE,OAAO;QAErB,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACnD,IAAI,CAAC,UAAU;YAAE,IAAI,CAAC,IAAI,CAAC,4BAA4B,KAAK,GAAG,CAAC,CAAC;QAEjE,IAAI,CAAC,QAAQ;YAAE,OAAO;QAEtB,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,qBAAqB,CAAC,CAAC;QACjF,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,qBAAS,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,qBAAqB,GAAG,CAAC,QAAQ,aAAa,CAAC,CAAC;QACxG,CAAC;QAED,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,UAAU,EAAE,CAAC;YAC/C,IAAI,CAAC,IAAI,CAAC,0CAA0C,GAAG,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,6BAA6B;IAC7B,8EAA8E;IAEtE,YAAY,CAAC,GAAgB,EAAE,OAA8B;QACnE,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC1F,CAAC;IAEO,wBAAwB,CAC9B,GAAgB,EAChB,OAA8B,EAC9B,SAAiB;QAEjB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,SAAS,GAAG,SAAS,CAAC;QAC3D,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,UAAU,EAAE,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC;IAC/F,CAAC;IAED,8EAA8E;IAC9E,+BAA+B;IAC/B,8EAA8E;IAEtE,kBAAkB,CAAC,GAAgB,EAAE,MAAc,EAAE,KAAa,EAAE,QAAkB;QAC5F,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,IAAI,CAAC,qBAAqB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,MAAM,KAAK,KAAK,IAAI,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1D,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QACxC,CAAC;aAAM,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;YAC5B,IAAI,CAAC,gBAAgB,CAAC,GAAG,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAEO,gBAAgB,CAAC,GAAgB,EAAE,KAAa,EAAE,QAAkB;QAC1E,IAAI,CAAC,GAAG,CAAC,MAAM;YAAE,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;QACjC,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEtC,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACpC,IAAI,CAAC,OAAO;YAAE,OAAO;QAErB,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACnD,IAAI,UAAU,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;YACnD,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,UAAU,CAAC;QAC/C,CAAC;QACD,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;IAC1B,CAAC;IAEO,qBAAqB,CAAC,GAAgB,EAAE,QAAkB;QAChE,IAAI,CAAC,GAAG,CAAC,IAAI;YAAE,GAAG,CAAC,IAAI,GAAG,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC;QACzE,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;IAChD,CAAC;IAEO,iBAAiB,CAAC,GAAgB,EAAE,QAAkB;QAC5D,IAAI,CAAC,GAAG,CAAC,MAAM;YAAE,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC;QAEjC,MAAM,cAAc,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;QAErE,KAAK,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC5C,IAAI,UAAU,KAAK,SAAS,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,IAAI,OAAO,CAAC,KAAK,GAAG,UAAU;gBAAE,SAAS;YAEpG,MAAM,UAAU,GAAG,IAAI,CAAC,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YAC1E,MAAM,OAAO,GAAG,OAAO,CAAC,WAAW,GAAG,cAAc,CAAC;YACrD,IAAI,UAAU,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;gBACpD,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,UAAU,CAAC;YACnC,CAAC;QACH,CAAC;QAED,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC;IAC1B,CAAC;IAEO,mBAAmB,CAAC,GAAgB,EAAE,QAAkB,EAAE,YAAY,GAAG,KAAK;QACpF,KAAK,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,wBAAwB,CAAC,GAAG,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YAC1E,IAAI,UAAU,IAAI,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjF,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,UAAU,CAAC;YAC7C,CAAC;QACH,CAAC;IACH,CAAC;IAEO,gBAAgB,CAAC,GAAgB;QACvC,MAAM,IAAI,GAAG,IAAA,6BAAe,EAAC,GAAG,CAAC,KAAK,EAAE,cAAc,EAAE,YAAY,IAAI,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;QAChG,OAAO,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IACvC,CAAC;IAEO,qBAAqB,CAAC,GAAgB;QAC5C,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,EAAE,KAAK,IAAI,GAAG,CAAC,qBAAqB,EAAE,KAAK,IAAI,GAAG,CAAC,qBAAqB,EAAE,KAAK,CAAC;QAC3G,IAAI,OAAO,QAAQ,KAAK,QAAQ;YAAE,OAAO,SAAS,CAAC;QACnD,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACjD,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;IACpD,CAAC;IAEO,kBAAkB,CAAC,cAAkC,EAAE,QAAkB;QAC/E,IAAI,CAAC,cAAc;YAAE,OAAO,SAAS,CAAC;QACtC,KAAK,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC5C,IAAI,SAAS,CAAC,WAAW,EAAE,KAAK,cAAc;gBAAE,OAAO,OAAO,CAAC,KAAK,CAAC;QACvE,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,OAAO,CAAC,KAAc;QAC5B,OAAO,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;IAC/D,CAAC;IAEO,iBAAiB,CAAC,GAAgB,EAAE,QAAkB;QAC5D,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC,IAAI,QAAQ,EAAE,CAAC;YACjC,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAC/B,OAAO,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC7B,OAAO,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;CACF;AA7VD,wCA6VC","sourcesContent":["import { z } from \"zod\";\nimport { ErrorHttp } from \"../exception\";\nimport { Permission } from \"../model/role.model\";\nimport { List, PermissionMap, ScopeMap } from \"../model/base.model\";\nimport { HttpRequest } from \"../utils/http/http.util\";\nimport { PermissionService } from \"../service/permission.service\";\nimport { createGroup, deleteGroup, addUserToGroup, removeUserFromGroup } from \"../function/cognito\";\nimport { validateWithSchema, formatErrors } from \"../utils/validation.util\";\nimport { normalizeLower, trimSpecialChar } from \"../utils/string.util\";\nimport { Filter } from \"@chinggis/types\";\n\n// ---------------------------------------------------------------------------\n// DTO Schemas\n// ---------------------------------------------------------------------------\n\nconst MethodSchema = z.object({\n GET: z.boolean().optional(),\n POST: z.boolean().optional(),\n PATCH: z.boolean().optional(),\n PUT: z.boolean().optional(),\n DELETE: z.boolean().optional(),\n});\n\nconst AddPermissionDto = z.object({\n role: z.string().min(1, \"Role is required\"),\n resource: z.string().min(1, \"Resource is required\"),\n scope: z.string().min(1, \"Scope is required\"),\n method: MethodSchema,\n});\n\nconst UpdatePermissionDto = z.object({\n role: z.string().min(1, \"Role is required\").optional(),\n resource: z.string().min(1, \"Resource is required\").optional(),\n scope: z.string().min(1, \"Scope is required\").optional(),\n method: MethodSchema.optional(),\n});\n\nconst IdParamDto = z.string().min(1, \"Id is required\");\n\nconst GroupDto = z.object({\n userPoolId: z.string().min(1, \"UserPoolId is required\"),\n groupName: z.string().min(1, \"GroupName is required\"),\n description: z.string().optional(),\n});\n\nconst UserGroupDto = z.object({\n userPoolId: z.string().min(1, \"UserPoolId is required\"),\n username: z.string().min(1, \"Username is required\"),\n groupName: z.string().min(1, \"GroupName is required\"),\n});\n\n// ---------------------------------------------------------------------------\n\nconst MUTATING_METHODS = new Set([\"PATCH\", \"PUT\", \"DELETE\"]);\n\ntype RouteHandler = (permissionMap: PermissionMap, body: any) => Promise<any>;\n\nexport class ControllerRole {\n protected readonly permissionService: PermissionService;\n\n private readonly subRoutes: Record<string, RouteHandler> = {\n \"/add-group\": (pm, body) => this.addRole(pm.userPoolId, body.groupName, body.description),\n \"/add-user-group\": (pm, body) => this.assignRole(pm.userPoolId, body.username, body.groupName),\n \"/remove-group\": (pm, body) => this.removeRole(pm.userPoolId, body.groupName),\n \"/remove-user-group\": (pm, body) => this.unassignRole(pm.userPoolId, body.username, body.groupName),\n };\n\n constructor(roleTableName: string) {\n this.permissionService = new PermissionService(roleTableName);\n }\n\n // ---------------------------------------------------------------------------\n // Permission CRUD\n // ---------------------------------------------------------------------------\n\n async addPermission(input: {\n role: string;\n resource: string;\n scope: string;\n method: Permission[\"method\"];\n }): Promise<Permission> {\n this.validate(AddPermissionDto, input);\n return this.permissionService.createPermission(input);\n }\n\n async updatePermission(\n id: string,\n updates: Partial<Pick<Permission, \"role\" | \"resource\" | \"scope\" | \"method\">>,\n ): Promise<Permission> {\n this.validate(IdParamDto, id);\n this.validate(UpdatePermissionDto, updates);\n return this.permissionService.updatePermission(id, updates);\n }\n\n async deletePermission(id: string): Promise<boolean> {\n this.validate(IdParamDto, id);\n return this.permissionService.deletePermission(id);\n }\n\n async getPermission(id: string): Promise<Permission | null> {\n this.validate(IdParamDto, id);\n return this.permissionService.getPermissionById(id);\n }\n\n async listPermissions(filter?: Filter): Promise<List<Partial<Permission>>> {\n return this.permissionService.listPermissions(filter);\n }\n\n // ---------------------------------------------------------------------------\n // Role (Cognito group)\n // ---------------------------------------------------------------------------\n\n async addRole(userPoolId: string, groupName: string, description?: string) {\n this.validate(GroupDto, { userPoolId, groupName, description });\n return createGroup(userPoolId, groupName, description);\n }\n\n async removeRole(userPoolId: string, groupName: string) {\n this.validate(GroupDto, { userPoolId, groupName });\n return deleteGroup(userPoolId, groupName);\n }\n\n async assignRole(userPoolId: string, username: string, groupName: string) {\n this.validate(UserGroupDto, { userPoolId, username, groupName });\n return addUserToGroup(userPoolId, username, groupName);\n }\n\n async unassignRole(userPoolId: string, username: string, groupName: string) {\n this.validate(UserGroupDto, { userPoolId, username, groupName });\n return removeUserFromGroup(userPoolId, username, groupName);\n }\n\n // ---------------------------------------------------------------------------\n // Permission queries\n // ---------------------------------------------------------------------------\n\n async hasPermission(role: string, resource: string, scope: string, method: string): Promise<boolean> {\n return this.permissionService.hasPermission(role, resource, scope, method);\n }\n\n async getPermissionByKey(permissionKey: string): Promise<Permission | null> {\n return this.permissionService.getPermissionByKey(permissionKey);\n }\n\n // ---------------------------------------------------------------------------\n // Permission request handler (routes from ControllerApi)\n // ---------------------------------------------------------------------------\n\n async handlePermissionRequest(\n req: HttpRequest,\n path: string,\n permissionMap: PermissionMap,\n adminGroups: string[],\n ): Promise<any> {\n this.checkAdminPermission(req.identity.groups, adminGroups);\n\n if (req.methode === \"POST\") {\n const normalizedPath = trimSpecialChar(path);\n const rolePath = trimSpecialChar(permissionMap.rolePath ?? \"\");\n\n for (const [suffix, handler] of Object.entries(this.subRoutes)) {\n if (normalizedPath === `${rolePath}${suffix}`) {\n return handler(permissionMap, req.body);\n }\n }\n\n return this.addPermission(req.body);\n }\n\n switch (req.methode) {\n case \"GET\":\n return this.listPermissions(req.filter);\n case \"PATCH\":\n return this.updatePermission(req.entityId, req.body);\n case \"DELETE\":\n return this.deletePermission(req.entityId);\n default:\n throw new ErrorHttp({ code: 400, error: \"BadRequest\" }, \"[CORE] unsupported method\");\n }\n }\n\n // ---------------------------------------------------------------------------\n // RBAC access enforcement\n // ---------------------------------------------------------------------------\n\n async checkAccess(\n req: HttpRequest,\n resource: string,\n scopeMap: ScopeMap,\n adminGroups?: string[],\n findById?: (id: string) => Promise<any>,\n ): Promise<boolean> {\n const roles = this.extractRoles(req);\n if (!roles.length) this.deny();\n\n const method = req.methode.toUpperCase();\n const scope = this.getScope(req, scopeMap);\n\n if (adminGroups?.length && this.isAdmin(roles, adminGroups)) {\n return true;\n }\n\n this.applyMethodFilters(req, method, scope, scopeMap);\n\n const permitted = await this.hasAnyRolePermission(roles, resource, scope, method);\n if (!permitted) {\n this.deny(`Permission denied: ${roles.join(\",\")}: \"${resource}#${scope}.${method}\"`);\n }\n\n if (MUTATING_METHODS.has(method)) {\n await this.verifyScopeOwnership(req, scope, scopeMap, findById);\n }\n\n return true;\n }\n\n checkAdminPermission(cognitoGroups: string[], adminGroups: string[]) {\n if (this.isAdmin(cognitoGroups, adminGroups)) return true;\n this.deny(\"Permission Denied\");\n }\n\n // ---------------------------------------------------------------------------\n // Private — error + auth helpers\n // ---------------------------------------------------------------------------\n\n private deny(message = \"Permission denied: no role accessible\"): never {\n throw new ErrorHttp({ code: 403, error: \"PermissionDenied\" }, message);\n }\n\n private isAdmin(cognitoGroups: string[] | undefined, adminGroups: string[]): boolean {\n adminGroups = normalizeLower(adminGroups);\n return cognitoGroups?.some((group) => adminGroups.includes(group)) ?? false;\n }\n\n private extractRoles(req: HttpRequest): string[] {\n return req.identity?.groups ?? [];\n }\n\n private getScope(req: HttpRequest, scopeMap: ScopeMap): string {\n return req.queryStringParameters?.scope || req.customQueryParameters?.scope || Array.from(scopeMap.keys()).pop();\n }\n\n private async hasAnyRolePermission(\n roles: string[],\n resource: string,\n scope: string,\n method: string,\n ): Promise<boolean> {\n for (const role of roles) {\n if (await this.permissionService.hasPermission(role, resource, scope, method)) return true;\n }\n return false;\n }\n\n private validate<T extends z.ZodType>(schema: T, data: unknown): z.infer<T> {\n try {\n return validateWithSchema(schema, data);\n } catch (error) {\n const formattedErrors = formatErrors(error);\n throw new ErrorHttp({ code: 400, error: \"BadRequest\" }, formattedErrors);\n }\n }\n\n // ---------------------------------------------------------------------------\n // Private — scope ownership verification\n // ---------------------------------------------------------------------------\n\n private async verifyScopeOwnership(\n req: HttpRequest,\n scope: string,\n scopeMap: ScopeMap,\n findById?: (id: string) => Promise<any>,\n ): Promise<void> {\n const mapping = scopeMap.get(scope);\n if (!mapping) return;\n\n const claimValue = this.resolveClaim(req, mapping);\n if (!claimValue) this.deny(`Missing claim for scope \"${scope}\"`);\n\n if (!findById) return;\n\n if (!req.entityId) {\n throw new ErrorHttp({ code: 400, error: \"BadRequest\" }, \"Missing resource id\");\n }\n\n const entity = await findById(req.entityId);\n if (!entity) {\n throw new ErrorHttp({ code: 404, error: \"NotFound\" }, `Resource with id \"${req.entityId}\" not found`);\n }\n\n if (entity[mapping.filterField] !== claimValue) {\n this.deny(`Scope mismatch: no access to resource \"${req.entityId}\"`);\n }\n }\n\n // ---------------------------------------------------------------------------\n // Private — claim resolution\n // ---------------------------------------------------------------------------\n\n private resolveClaim(req: HttpRequest, mapping: { claimKey?: string }): string | undefined {\n return req.identity?.[mapping.claimKey] || req.identity?.attributes?.[mapping.claimKey];\n }\n\n private resolveClaimWithFallback(\n req: HttpRequest,\n mapping: { claimKey?: string },\n scopeName: string,\n ): string | undefined {\n const claimKey = mapping.claimKey ?? \"custom:\" + scopeName;\n return req.identity?.[claimKey] || req.identity?.attributes?.[claimKey] || req.identity?.sub;\n }\n\n // ---------------------------------------------------------------------------\n // Private — filter application\n // ---------------------------------------------------------------------------\n\n private applyMethodFilters(req: HttpRequest, method: string, scope: string, scopeMap: ScopeMap): void {\n if (method === \"POST\") {\n this.setDefaultIndexFields(req, scopeMap);\n } else if (method === \"GET\" && this.isOpenSearchPath(req)) {\n this.setDefaultFilters(req, scopeMap);\n } else if (method === \"GET\") {\n this.applyScopeFilter(req, scope, scopeMap);\n }\n }\n\n private applyScopeFilter(req: HttpRequest, scope: string, scopeMap: ScopeMap): void {\n if (!req.filter) req.filter = {};\n this.clearScopeFilters(req, scopeMap);\n\n const mapping = scopeMap.get(scope);\n if (!mapping) return;\n\n const claimValue = this.resolveClaim(req, mapping);\n if (claimValue || !req.filter[mapping.filterField]) {\n req.filter[mapping.filterField] = claimValue;\n }\n delete req.filter.scope;\n }\n\n private setDefaultIndexFields(req: HttpRequest, scopeMap: ScopeMap): void {\n if (!req.body) req.body = {};\n if (this.isUnset(req.body.ownerId)) req.body.ownerId = req.identity?.sub;\n this.applyAllScopeValues(req, scopeMap, true);\n }\n\n private setDefaultFilters(req: HttpRequest, scopeMap: ScopeMap): void {\n if (!req.filter) req.filter = {};\n\n const requestedScope = this.resolveRequestedScope(req);\n const levelLimit = this.getScopeLevelLimit(requestedScope, scopeMap);\n\n for (const [scopeName, mapping] of scopeMap) {\n if (levelLimit !== undefined && mapping.level !== undefined && mapping.level > levelLimit) continue;\n\n const claimValue = this.resolveClaimWithFallback(req, mapping, scopeName);\n const eqField = mapping.filterField + \".keyword__eq\";\n if (claimValue && this.isUnset(req.filter[eqField])) {\n req.filter[eqField] = claimValue;\n }\n }\n\n delete req.filter.scope;\n }\n\n private applyAllScopeValues(req: HttpRequest, scopeMap: ScopeMap, defaultsOnly = false): void {\n for (const [scopeName, mapping] of scopeMap) {\n const claimValue = this.resolveClaimWithFallback(req, mapping, scopeName);\n if (claimValue && (!defaultsOnly || this.isUnset(req.body[mapping.filterField]))) {\n req.body[mapping.filterField] = claimValue;\n }\n }\n }\n\n private isOpenSearchPath(req: HttpRequest): boolean {\n const path = trimSpecialChar(req.event?.requestContext?.resourcePath ?? req.resourcePath ?? \"\");\n return path.endsWith(\"search/query\");\n }\n\n private resolveRequestedScope(req: HttpRequest): string | undefined {\n const scopeRaw = req.filter?.scope || req.queryStringParameters?.scope || req.customQueryParameters?.scope;\n if (typeof scopeRaw !== \"string\") return undefined;\n const normalized = scopeRaw.trim().toLowerCase();\n return normalized.length ? normalized : undefined;\n }\n\n private getScopeLevelLimit(requestedScope: string | undefined, scopeMap: ScopeMap): number | undefined {\n if (!requestedScope) return undefined;\n for (const [scopeName, mapping] of scopeMap) {\n if (scopeName.toLowerCase() === requestedScope) return mapping.level;\n }\n return undefined;\n }\n\n private isUnset(value: unknown): boolean {\n return value === undefined || value === null || value === \"\";\n }\n\n private clearScopeFilters(req: HttpRequest, scopeMap: ScopeMap): void {\n for (const [, entry] of scopeMap) {\n delete req.filter[entry.filterField];\n }\n delete req.filter[\"profileId\"];\n delete req.filter[\"ownerId\"];\n delete req.filter[\"scope\"];\n }\n}\n"]}
|
|
@@ -40,3 +40,9 @@ export declare function removeUserFromGroup(userPoolId: string, username: string
|
|
|
40
40
|
groupName: string;
|
|
41
41
|
username: string;
|
|
42
42
|
}>;
|
|
43
|
+
export declare function sendForgotPasswordCode(clientId: string, username: string): Promise<{
|
|
44
|
+
username: string;
|
|
45
|
+
}>;
|
|
46
|
+
export declare function confirmForgotPasswordCode(clientId: string, username: string, code: string, newPassword: string): Promise<{
|
|
47
|
+
username: string;
|
|
48
|
+
}>;
|
|
@@ -52,6 +52,8 @@ exports.createGroup = createGroup;
|
|
|
52
52
|
exports.addUserToGroup = addUserToGroup;
|
|
53
53
|
exports.deleteGroup = deleteGroup;
|
|
54
54
|
exports.removeUserFromGroup = removeUserFromGroup;
|
|
55
|
+
exports.sendForgotPasswordCode = sendForgotPasswordCode;
|
|
56
|
+
exports.confirmForgotPasswordCode = confirmForgotPasswordCode;
|
|
55
57
|
const client_cognito_identity_provider_1 = require("@aws-sdk/client-cognito-identity-provider");
|
|
56
58
|
const cognito_user_model_1 = require("../../model/cognito-user.model");
|
|
57
59
|
function mapCognitoAttributes(attributes) {
|
|
@@ -388,4 +390,22 @@ async function removeUserFromGroup(userPoolId, username, groupName) {
|
|
|
388
390
|
await cognitoClient.send(command);
|
|
389
391
|
return { username, groupName };
|
|
390
392
|
}
|
|
393
|
+
async function sendForgotPasswordCode(clientId, username) {
|
|
394
|
+
const command = new client_cognito_identity_provider_1.ForgotPasswordCommand({
|
|
395
|
+
ClientId: clientId,
|
|
396
|
+
Username: username,
|
|
397
|
+
});
|
|
398
|
+
await cognitoClient.send(command);
|
|
399
|
+
return { username };
|
|
400
|
+
}
|
|
401
|
+
async function confirmForgotPasswordCode(clientId, username, code, newPassword) {
|
|
402
|
+
const command = new client_cognito_identity_provider_1.ConfirmForgotPasswordCommand({
|
|
403
|
+
ClientId: clientId,
|
|
404
|
+
Username: username,
|
|
405
|
+
ConfirmationCode: code,
|
|
406
|
+
Password: newPassword,
|
|
407
|
+
});
|
|
408
|
+
await cognitoClient.send(command);
|
|
409
|
+
return { username };
|
|
410
|
+
}
|
|
391
411
|
//# sourceMappingURL=cognito.function.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cognito.function.js","sourceRoot":"","sources":["../../../src/function/cognito/cognito.function.ts"],"names":[],"mappings":";AAAA,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+BtB,8CAkDC;AAED,8CAyDC;AAED,8CAIC;AAED,gDAIC;AAED,8CAOC;AAED,wCAuBC;AAED,oDAuCC;AAED,kDAUC;AAED,kDAcC;AAKD,wDAQC;AAMD,oCAcC;AAMD,wCAmBC;AAGD,gDAeC;AAED,0BA+CC;AAED,kCAiBC;AAED,wCAiBC;AAED,kCAYC;AAED,kDAcC;AA9bD,gGAcmD;AACnD,uEAA0F;AAE1F,SAAS,oBAAoB,CAAC,UAA4B;IACxD,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,KAAK,MAAM,IAAI,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QACpC,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC;QACjC,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,aAAa,GAAG,IAAI,gEAA6B,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;AAErF,KAAK,UAAU,iBAAiB,CACrC,UAAkB,EAClB,IAAiB,EACjB,QAAiB;IAEjB,MAAM,cAAc,GAAoB,EAAE,CAAC;IAE3C,IAAI,IAAI,CAAC,KAAK;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IAC1E,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,YAAY;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;IAC/F,IAAI,IAAI,CAAC,SAAS;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IACvF,IAAI,IAAI,CAAC,UAAU;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,IAAI,IAAI,CAAC,MAAM;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7E,IAAI,IAAI,CAAC,QAAQ;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IACnF,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,SAAS;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IACtF,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,kBAAkB;QACzB,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,0BAA0B,EAAE,KAAK,EAAE,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC;IAC5F,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,QAAQ;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEnF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3D,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC;YACnE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED,MAAM,aAAa,CAAC,IAAI,CACtB,IAAI,mEAAgC,CAAC;QACnC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,cAAc,EAAE,cAAc;KAC/B,CAAC,CACH,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,EAAE,2BAA2B,EAAE,GAAG,wDAAa,2CAA2C,GAAC,CAAC;QAClG,MAAM,aAAa,CAAC,IAAI,CACtB,IAAI,2BAA2B,CAAC;YAC9B,UAAU,EAAE,UAAU;YACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,IAAI;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,cAAc,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzD,CAAC;AAEM,KAAK,UAAU,iBAAiB,CACrC,UAAkB,EAClB,IAAiB,EACjB,QAAiB;IAEjB,MAAM,cAAc,GAAoB;QACtC,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE;QACpC,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,MAAM,EAAE;QACzC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,IAAI,EAAE,EAAE;QACnD,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE;QACrD,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE;QACrD,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE,EAAE;QAC5C,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE;QAChD,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,IAAI,EAAE,EAAE;QAClD,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,CAAC,YAAY,IAAI,EAAE,EAAE;QACxD,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE;QACvF,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,IAAI,CAAC,kBAAkB,IAAI,EAAE,EAAE;QACpE,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE;KACjD,CAAC;IAEF,wBAAwB;IACxB,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3D,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC;YACnE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,yDAAsB,CAAC;QACzC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,cAAc,EAAE,cAAc;QAC9B,iBAAiB,EAAE,QAAQ;QAC3B,aAAa,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,gDAAgD;KACnG,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,oBAAoB,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAE9D,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,IAAI,IAAI,CAAC,QAAQ;QAClD,GAAG,EAAE,KAAK,CAAC,GAAG;QACd,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,SAAS,EAAE,KAAK,CAAC,UAAU;QAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;QAC7B,UAAU,EAAE,KAAK;QACjB,UAAU,EAAE,QAAQ,CAAC,IAAI,EAAE,UAA+B;QAC1D,OAAO,EAAE,QAAQ,CAAC,IAAI,EAAE,OAAO;QAC/B,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE;QACvD,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE;QAC7D,SAAS,EAAE,6BAAQ,CAAC,EAAE;KACvB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,UAAU,EAAE,QAAQ;IAC1D,MAAM,OAAO,GAAG,IAAI,yDAAsB,CAAC,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAE3F,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACrC,CAAC;AAEM,KAAK,UAAU,kBAAkB,CAAC,UAAU,EAAE,QAAQ;IAC3D,MAAM,OAAO,GAAG,IAAI,0DAAuB,CAAC,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAE5F,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACrC,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,UAAkB,EAAE,QAAgB;IAC1E,MAAM,OAAO,GAAG,IAAI,yDAAsB,CAAC;QACzC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;KACnB,CAAC,CAAC;IAEH,OAAO,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAC3C,CAAC;AAEM,KAAK,UAAU,cAAc,CAAC,UAAkB,EAAE,QAAgB;IACvE,MAAM,OAAO,GAAG,IAAI,sDAAmB,CAAC;QACtC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;KACnB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,oBAAoB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAE5D,OAAO;QACL,QAAQ;QACR,GAAG,EAAE,KAAK,CAAC,GAAG;QACd,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,SAAS,EAAE,KAAK,CAAC,UAAU;QAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;QAC7B,UAAU,EAAE,KAAK;QACjB,UAAU,EAAE,QAAQ,CAAC,UAA+B;QACpD,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,SAAS,EAAE,QAAQ,CAAC,cAAc,EAAE,WAAW,EAAE;QACjD,SAAS,EAAE,QAAQ,CAAC,oBAAoB,EAAE,WAAW,EAAE;QACvD,SAAS,EAAE,6BAAQ,CAAC,EAAE;KACvB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,UAAkB,EAClB,aAAqB,EACrB,cAAsB;IAEtB,MAAM,OAAO,GAAG,IAAI,mDAAgB,CAAC;QACnC,UAAU,EAAE,UAAU;QACtB,MAAM,EAAE,GAAG,aAAa,OAAO,cAAc,GAAG;KACjD,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,MAAM,gBAAgB,GAAkB,EAAE,CAAC;QAE3C,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,gBAAgB,CAAC;QAElD,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAEpD,gBAAgB,CAAC,IAAI,CAAC;gBACpB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,GAAG,EAAE,KAAK,CAAC,GAAG;gBACd,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,SAAS,EAAE,KAAK,CAAC,UAAU;gBAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;gBAC7B,UAAU,EAAE,KAAK;gBACjB,UAAU,EAAE,IAAI,CAAC,UAA+B;gBAChD,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,SAAS,EAAE,IAAI,CAAC,cAAc,EAAE,WAAW,EAAE;gBAC7C,SAAS,EAAE,IAAI,CAAC,oBAAoB,EAAE,WAAW,EAAE;gBACnD,SAAS,EAAE,6BAAQ,CAAC,EAAE;aACvB,CAAC,CAAC;QACL,CAAC;QAED,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,GAAG,CAAC,CAAC;IAC7C,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,mBAAmB,CAAC,UAAkB,EAAE,KAAa,EAAE,SAAiB;IAC5F,+BAA+B;IAC/B,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,UAAU,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;IACnF,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC;IAElD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,mBAAmB,KAAK,YAAY,CAAC,CAAC;IACxD,CAAC;IAED,OAAO,YAAY,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;AACnD,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,UAAkB,EAClB,WAAmB,EACnB,SAAiB;IAEjB,sCAAsC;IACtC,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,UAAU,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;IACnF,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,KAAK,WAAW,CAAC,CAAC;IAE/D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,0BAA0B,WAAW,YAAY,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,YAAY,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;AACnD,CAAC;AACD;;;GAGG;AACI,KAAK,UAAU,sBAAsB,CAC1C,UAAkB,EAClB,QAAgB,EAChB,SAAiB;IAEjB,qBAAqB;IACrB,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IACxD,OAAO,YAAY,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,YAAY,CAAC,UAAkB,EAAE,IAAiB,EAAE,SAAiB;IACzF,0CAA0C;IAC1C,MAAM,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,kBAAkB,EAAE,SAAS,CAAC,CAAC;IAE1E,iCAAiC;IACjC,MAAM,aAAa,GAAG;QACpB,GAAG,IAAI,CAAC,UAAU;QAClB,kBAAkB,EAAE,SAAS;KAC9B,CAAC;IAEF,OAAO;QACL,GAAG,IAAI;QACP,UAAU,EAAE,aAAa;KAC1B,CAAC;AACJ,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,cAAc,CAClC,UAAkB,EAClB,IAAiB,EACjB,eAAuB,EACvB,UAAe;IAEf,MAAM,QAAQ,GAAG,eAAe,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,eAAe,EAAE,CAAC;IAEvG,0CAA0C;IAC1C,MAAM,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,eAAe,EAAE,UAAU,CAAC,CAAC;IAExE,iCAAiC;IACjC,OAAO;QACL,GAAG,IAAI;QACP,UAAU,EAAE;YACV,GAAG,IAAI,CAAC,UAAU;YAClB,CAAC,QAAQ,CAAC,EAAE,UAAU;SACvB;KACF,CAAC;AACJ,CAAC;AAED,gDAAgD;AACzC,KAAK,UAAU,kBAAkB,CACtC,UAAkB,EAClB,IAAiB,EACjB,eAAuB,EACvB,UAAe;IAEf,MAAM,QAAQ,GAAG,eAAe,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,eAAe,EAAE,CAAC;IAEvG,MAAM,aAAa,CAAC,IAAI,CACtB,IAAI,mEAAgC,CAAC;QACnC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,cAAc,EAAE,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;KAChE,CAAC,CACH,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,OAAO,CAAC,UAAkB,EAAE,OAAe,CAAC,EAAE,OAAe,EAAE;IACnF,MAAM,MAAM,GAAG;QACb,UAAU,EAAE,UAAU;QACtB,KAAK,EAAE,IAAI;QACX,eAAe,EAAE,SAA+B;KACjD,CAAC;IAEF,0BAA0B;IAC1B,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,IAAI,KAAK,GAAkB,EAAE,CAAC;IAE9B,OAAO,WAAW,IAAI,IAAI,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,IAAI,mDAAgB,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,QAAQ,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAQ,CAAC;QAE5D,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACzB,KAAK;gBACH,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE;oBAC7B,MAAM,KAAK,GAA2B,EAAE,CAAC;oBACzC,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;wBACnC,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK;4BAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC;oBACjD,CAAC;oBAED,OAAO;wBACL,QAAQ,EAAE,CAAC,CAAC,QAAQ;wBACpB,GAAG,EAAE,KAAK,CAAC,GAAG;wBACd,KAAK,EAAE,KAAK,CAAC,KAAK;wBAClB,WAAW,EAAE,KAAK,CAAC,YAAY;wBAC/B,SAAS,EAAE,KAAK,CAAC,UAAU;wBAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;wBAC7B,UAAU,EAAE,KAAK;wBACjB,UAAU,EAAE,CAAC,CAAC,UAA+B;wBAC7C,OAAO,EAAE,CAAC,CAAC,OAAO;wBAClB,SAAS,EAAE,CAAC,CAAC,cAAc,EAAE,WAAW,EAAE;wBAC1C,SAAS,EAAE,CAAC,CAAC,oBAAoB,EAAE,WAAW,EAAE;wBAChD,SAAS,EAAE,IAAI;qBACD,CAAC;gBACnB,CAAC,CAAC,IAAI,EAAE,CAAC;QACb,CAAC;QAED,MAAM,CAAC,eAAe,GAAG,QAAQ,CAAC,eAAe,CAAC;QAClD,IAAI,CAAC,MAAM,CAAC,eAAe;YAAE,MAAM;QAEnC,WAAW,EAAE,CAAC;IAChB,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,UAAkB,EAClB,SAAiB,EACjB,WAAoB;IAEpB,MAAM,OAAO,GAAG,IAAI,qDAAkB,CAAC;QACrC,UAAU,EAAE,UAAU;QACtB,SAAS,EAAE,SAAS;QACpB,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAEnD,OAAO;QACL,SAAS,EAAE,QAAQ,CAAC,KAAK,EAAE,SAAS;QACpC,WAAW,EAAE,QAAQ,CAAC,KAAK,EAAE,WAAW;KACzC,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,UAAkB,EAClB,QAAgB,EAChB,SAAiB;IAEjB,MAAM,OAAO,GAAG,IAAI,6DAA0B,CAAC;QAC7C,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;KACrB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO;QACL,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;KACrB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,UAAkB,EAClB,SAAiB;IAEjB,MAAM,OAAO,GAAG,IAAI,qDAAkB,CAAC;QACrC,UAAU,EAAE,UAAU;QACtB,SAAS,EAAE,SAAS;KACrB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO,EAAE,SAAS,EAAE,CAAC;AACvB,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,UAAkB,EAClB,QAAgB,EAChB,SAAiB;IAEjB,MAAM,OAAO,GAAG,IAAI,kEAA+B,CAAC;QAClD,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;KACrB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC","sourcesContent":["// cognito.function.ts\n\nimport {\n AdminCreateUserCommand,\n AdminGetUserCommand,\n AdminDeleteUserCommand,\n AdminUpdateUserAttributesCommand,\n CreateGroupCommand,\n DeleteGroupCommand,\n AdminAddUserToGroupCommand,\n AdminRemoveUserFromGroupCommand,\n AttributeType,\n CognitoIdentityProviderClient,\n ListUsersCommand,\n AdminEnableUserCommand,\n AdminDisableUserCommand,\n} from \"@aws-sdk/client-cognito-identity-provider\";\nimport { CognitoUser, CognitoUserStatus, TokenUse } from \"../../model/cognito-user.model\";\n\nfunction mapCognitoAttributes(attributes?: AttributeType[]): Record<string, string> {\n const result: Record<string, string> = {};\n for (const attr of attributes || []) {\n if (attr.Name && attr.Value) {\n result[attr.Name] = attr.Value;\n }\n }\n return result;\n}\n\nconst cognitoClient = new CognitoIdentityProviderClient({ region: process.env.AWS_REGION });\n\nexport async function updateCognitoUser(\n userPoolId: string,\n user: CognitoUser,\n password?: string,\n): Promise<CognitoUser> {\n const userAttributes: AttributeType[] = [];\n\n if (user.email) userAttributes.push({ Name: \"email\", Value: user.email });\n if (user.profile) userAttributes.push({ Name: \"profile\", Value: user.profile });\n if (user.phone_number) userAttributes.push({ Name: \"phone_number\", Value: user.phone_number });\n if (user.givenName) userAttributes.push({ Name: \"given_name\", Value: user.givenName });\n if (user.familyName) userAttributes.push({ Name: \"family_name\", Value: user.familyName });\n if (user.gender) userAttributes.push({ Name: \"gender\", Value: user.gender });\n if (user.nickname) userAttributes.push({ Name: \"nickname\", Value: user.nickname });\n if (user.address) userAttributes.push({ Name: \"address\", Value: user.address });\n if (user.birthdate) userAttributes.push({ Name: \"birthdate\", Value: user.birthdate });\n if (user.picture) userAttributes.push({ Name: \"picture\", Value: user.picture });\n if (user.preferred_username)\n userAttributes.push({ Name: \"preff.preferred_username\", Value: user.preferred_username });\n if (user.website) userAttributes.push({ Name: \"website\", Value: user.website });\n if (user.zoneinfo) userAttributes.push({ Name: \"zoneinfo\", Value: user.zoneinfo });\n\n if (user.attributes) {\n for (const [key, value] of Object.entries(user.attributes)) {\n const attrName = key.startsWith(\"custom:\") ? key : `custom:${key}`;\n userAttributes.push({ Name: attrName, Value: String(value) });\n }\n }\n\n await cognitoClient.send(\n new AdminUpdateUserAttributesCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n UserAttributes: userAttributes,\n }),\n );\n\n if (password) {\n const { AdminSetUserPasswordCommand } = await import(\"@aws-sdk/client-cognito-identity-provider\");\n await cognitoClient.send(\n new AdminSetUserPasswordCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n Password: password,\n Permanent: true,\n }),\n );\n }\n\n return await getCognitoUser(userPoolId, user.username);\n}\n\nexport async function createCognitoUser(\n userPoolId: string,\n user: CognitoUser,\n password?: string,\n): Promise<CognitoUser> {\n const userAttributes: AttributeType[] = [\n { Name: \"email\", Value: user.email },\n { Name: \"email_verified\", Value: \"true\" },\n { Name: \"profile\", Value: user.profile ?? \"\" },\n { Name: \"given_name\", Value: user.givenName ?? \"\" },\n { Name: \"family_name\", Value: user.familyName ?? \"\" },\n { Name: \"middle_name\", Value: user.middleName ?? \"\" },\n { Name: \"gender\", Value: user.gender ?? \"\" },\n { Name: \"nickname\", Value: user.nickname ?? \"\" },\n { Name: \"address\", Value: user.address ?? \"\" },\n { Name: \"birthdate\", Value: user.birthdate ?? \"\" },\n { Name: \"picture\", Value: user.picture ?? \"\" },\n { Name: \"phone_number\", Value: user.phone_number ?? \"\" },\n { Name: \"phone_number_verified\", Value: user.phone_number_verified ? \"true\" : \"false\" },\n { Name: \"preferred_username\", Value: user.preferred_username ?? \"\" },\n { Name: \"website\", Value: user.website ?? \"\" },\n { Name: \"zoneinfo\", Value: user.zoneinfo ?? \"\" },\n ];\n\n // Add custom attributes\n if (user.attributes) {\n for (const [key, value] of Object.entries(user.attributes)) {\n const attrName = key.startsWith(\"custom:\") ? key : `custom:${key}`;\n userAttributes.push({ Name: attrName, Value: value });\n }\n }\n\n const command = new AdminCreateUserCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n UserAttributes: userAttributes,\n TemporaryPassword: password,\n MessageAction: password ? \"SUPPRESS\" : undefined, // Don't send welcome email if password provided\n });\n\n const response = await cognitoClient.send(command);\n const attrs = mapCognitoAttributes(response.User?.Attributes);\n\n return {\n username: response.User?.Username || user.username,\n sub: attrs.sub,\n email: attrs.email,\n phone_number: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: response.User?.UserStatus as CognitoUserStatus,\n enabled: response.User?.Enabled,\n createdAt: response.User?.UserCreateDate?.toISOString(),\n updatedAt: response.User?.UserLastModifiedDate?.toISOString(),\n token_use: TokenUse.ID,\n };\n}\n\nexport async function enableCognitoUser(userPoolId, username) {\n const command = new AdminEnableUserCommand({ UserPoolId: userPoolId, Username: username });\n\n return cognitoClient.send(command);\n}\n\nexport async function disableCognitoUser(userPoolId, username) {\n const command = new AdminDisableUserCommand({ UserPoolId: userPoolId, Username: username });\n\n return cognitoClient.send(command);\n}\n\nexport async function deleteCognitoUser(userPoolId: string, username: string): Promise<any> {\n const command = new AdminDeleteUserCommand({\n UserPoolId: userPoolId,\n Username: username,\n });\n\n return await cognitoClient.send(command);\n}\n\nexport async function getCognitoUser(userPoolId: string, username: string): Promise<CognitoUser> {\n const command = new AdminGetUserCommand({\n UserPoolId: userPoolId,\n Username: username,\n });\n\n const response = await cognitoClient.send(command);\n const attrs = mapCognitoAttributes(response.UserAttributes);\n\n return {\n username,\n sub: attrs.sub,\n email: attrs.email,\n phone_number: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: response.UserStatus as CognitoUserStatus,\n enabled: response.Enabled,\n createdAt: response.UserCreateDate?.toISOString(),\n updatedAt: response.UserLastModifiedDate?.toISOString(),\n token_use: TokenUse.ID,\n };\n}\n\nexport async function listUsersByAttribute(\n userPoolId: string,\n attributeName: string,\n attributeValue: string,\n): Promise<CognitoUser[]> {\n const command = new ListUsersCommand({\n UserPoolId: userPoolId,\n Filter: `${attributeName} = \"${attributeValue}\"`,\n });\n\n try {\n const response = await cognitoClient.send(command);\n const cognitoUsersList: CognitoUser[] = [];\n\n if (response.Users.length === 0) cognitoUsersList;\n\n for (const user of response.Users) {\n const attrs = mapCognitoAttributes(user.Attributes);\n\n cognitoUsersList.push({\n username: user.Username,\n sub: attrs.sub,\n email: attrs.email,\n phone_number: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: user.UserStatus as CognitoUserStatus,\n enabled: user.Enabled,\n createdAt: user.UserCreateDate?.toISOString(),\n updatedAt: user.UserLastModifiedDate?.toISOString(),\n token_use: TokenUse.ID,\n });\n }\n\n return cognitoUsersList;\n } catch (err) {\n console.error(\"Error listing users:\", err);\n }\n}\n\nexport async function setProfileIdByEmail(userPoolId: string, email: string, profileId: string): Promise<CognitoUser> {\n // Find the user by email first\n const users = await findAll(userPoolId, 1, 1000); // Get all users to find by email\n const user = users.find((u) => u.email === email);\n\n if (!user) {\n throw new Error(`User with email ${email} not found`);\n }\n\n return setProfileId(userPoolId, user, profileId);\n}\n\nexport async function setProfileIdByPhone(\n userPoolId: string,\n phoneNumber: string,\n profileId: string,\n): Promise<CognitoUser> {\n // Find the user by phone number first\n const users = await findAll(userPoolId, 1, 1000); // Get all users to find by phone\n const user = users.find((u) => u.phone_number === phoneNumber);\n\n if (!user) {\n throw new Error(`User with phone number ${phoneNumber} not found`);\n }\n\n return setProfileId(userPoolId, user, profileId);\n}\n/**\n * Sets a profileId as a Cognito custom attribute.\n * Returns a **new CognitoUser object** with the attribute updated.\n */\nexport async function setProfileIdByUsername(\n userPoolId: string,\n username: string,\n profileId: string,\n): Promise<CognitoUser> {\n // Get the user first\n const user = await getCognitoUser(userPoolId, username);\n return setProfileId(userPoolId, user, profileId);\n}\n\n/**\n * Sets a profileId as a Cognito custom attribute.\n * Saves the changes to the Cognito user pool and returns the updated CognitoUser object.\n */\nexport async function setProfileId(userPoolId: string, user: CognitoUser, profileId: string): Promise<CognitoUser> {\n // Persist the custom attribute to Cognito\n await persistCustomValue(userPoolId, user, \"custom:profileId\", profileId);\n\n // Return the updated user object\n const newAttributes = {\n ...user.attributes,\n \"custom:profileId\": profileId,\n };\n\n return {\n ...user,\n attributes: newAttributes,\n };\n}\n\n/**\n * Sets a custom attribute on a CognitoUser object.\n * Saves the changes to the Cognito user pool and returns the updated CognitoUser object.\n */\nexport async function setCustomValue(\n userPoolId: string,\n user: CognitoUser,\n customFieldName: string,\n fieldValue: any,\n): Promise<CognitoUser> {\n const attrName = customFieldName.startsWith(\"custom:\") ? customFieldName : `custom:${customFieldName}`;\n\n // Persist the custom attribute to Cognito\n await persistCustomValue(userPoolId, user, customFieldName, fieldValue);\n\n // Return the updated user object\n return {\n ...user,\n attributes: {\n ...user.attributes,\n [attrName]: fieldValue,\n },\n };\n}\n\n// Optional: Persist custom attribute to Cognito\nexport async function persistCustomValue(\n userPoolId: string,\n user: CognitoUser,\n customFieldName: string,\n fieldValue: any,\n): Promise<void> {\n const attrName = customFieldName.startsWith(\"custom:\") ? customFieldName : `custom:${customFieldName}`;\n\n await cognitoClient.send(\n new AdminUpdateUserAttributesCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n UserAttributes: [{ Name: attrName, Value: String(fieldValue) }],\n }),\n );\n}\n\nexport async function findAll(userPoolId: string, page: number = 1, size: number = 50): Promise<CognitoUser[]> {\n const params = {\n UserPoolId: userPoolId,\n Limit: size,\n PaginationToken: undefined as string | undefined,\n };\n\n // simple pagination logic\n let currentPage = 1;\n let users: CognitoUser[] = [];\n\n while (currentPage <= page) {\n const command = new ListUsersCommand(params);\n const response = (await cognitoClient.send(command)) as any;\n\n if (currentPage === page) {\n users =\n response.Users?.map((u: any) => {\n const attrs: Record<string, string> = {};\n for (const a of u.Attributes || []) {\n if (a.Name && a.Value) attrs[a.Name] = a.Value;\n }\n\n return {\n username: u.Username,\n sub: attrs.sub,\n email: attrs.email,\n phoneNumber: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: u.UserStatus as CognitoUserStatus,\n enabled: u.Enabled,\n createdAt: u.UserCreateDate?.toISOString(),\n updatedAt: u.UserLastModifiedDate?.toISOString(),\n token_use: \"id\",\n } as CognitoUser;\n }) || [];\n }\n\n params.PaginationToken = response.PaginationToken;\n if (!params.PaginationToken) break;\n\n currentPage++;\n }\n\n return users;\n}\n\nexport async function createGroup(\n userPoolId: string,\n groupName: string,\n description?: string,\n): Promise<{ groupName: string; description?: string }> {\n const command = new CreateGroupCommand({\n UserPoolId: userPoolId,\n GroupName: groupName,\n Description: description,\n });\n\n const response = await cognitoClient.send(command);\n\n return {\n groupName: response.Group?.GroupName,\n description: response.Group?.Description,\n };\n}\n\nexport async function addUserToGroup(\n userPoolId: string,\n username: string,\n groupName: string,\n): Promise<{ groupName: string; username: string }> {\n const command = new AdminAddUserToGroupCommand({\n UserPoolId: userPoolId,\n Username: username,\n GroupName: groupName,\n });\n\n await cognitoClient.send(command);\n\n return {\n username: username,\n groupName: groupName,\n };\n}\n\nexport async function deleteGroup(\n userPoolId: string,\n groupName: string,\n): Promise<{ groupName: string }> {\n const command = new DeleteGroupCommand({\n UserPoolId: userPoolId,\n GroupName: groupName,\n });\n\n await cognitoClient.send(command);\n\n return { groupName };\n}\n\nexport async function removeUserFromGroup(\n userPoolId: string,\n username: string,\n groupName: string,\n): Promise<{ groupName: string; username: string }> {\n const command = new AdminRemoveUserFromGroupCommand({\n UserPoolId: userPoolId,\n Username: username,\n GroupName: groupName,\n });\n\n await cognitoClient.send(command);\n\n return { username, groupName };\n}\n"]}
|
|
1
|
+
{"version":3,"file":"cognito.function.js","sourceRoot":"","sources":["../../../src/function/cognito/cognito.function.ts"],"names":[],"mappings":";AAAA,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCtB,8CAkDC;AAED,8CAyDC;AAED,8CAIC;AAED,gDAIC;AAED,8CAOC;AAED,wCAuBC;AAED,oDAuCC;AAED,kDAUC;AAED,kDAcC;AAKD,wDAQC;AAMD,oCAcC;AAMD,wCAmBC;AAGD,gDAeC;AAED,0BA+CC;AAED,kCAiBC;AAED,wCAiBC;AAED,kCASC;AAED,kDAcC;AAED,wDAcC;AAED,8DAkBC;AAjeD,gGAgBmD;AACnD,uEAA0F;AAE1F,SAAS,oBAAoB,CAAC,UAA4B;IACxD,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,KAAK,MAAM,IAAI,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QACpC,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC5B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC;QACjC,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,aAAa,GAAG,IAAI,gEAA6B,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;AAErF,KAAK,UAAU,iBAAiB,CACrC,UAAkB,EAClB,IAAiB,EACjB,QAAiB;IAEjB,MAAM,cAAc,GAAoB,EAAE,CAAC;IAE3C,IAAI,IAAI,CAAC,KAAK;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IAC1E,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,YAAY;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;IAC/F,IAAI,IAAI,CAAC,SAAS;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IACvF,IAAI,IAAI,CAAC,UAAU;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IAC1F,IAAI,IAAI,CAAC,MAAM;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7E,IAAI,IAAI,CAAC,QAAQ;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IACnF,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,SAAS;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IACtF,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,kBAAkB;QACzB,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,0BAA0B,EAAE,KAAK,EAAE,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC;IAC5F,IAAI,IAAI,CAAC,OAAO;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,IAAI,CAAC,QAAQ;QAAE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IAEnF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3D,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC;YACnE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED,MAAM,aAAa,CAAC,IAAI,CACtB,IAAI,mEAAgC,CAAC;QACnC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,cAAc,EAAE,cAAc;KAC/B,CAAC,CACH,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,EAAE,2BAA2B,EAAE,GAAG,wDAAa,2CAA2C,GAAC,CAAC;QAClG,MAAM,aAAa,CAAC,IAAI,CACtB,IAAI,2BAA2B,CAAC;YAC9B,UAAU,EAAE,UAAU;YACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,IAAI;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,cAAc,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzD,CAAC;AAEM,KAAK,UAAU,iBAAiB,CACrC,UAAkB,EAClB,IAAiB,EACjB,QAAiB;IAEjB,MAAM,cAAc,GAAoB;QACtC,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE;QACpC,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,MAAM,EAAE;QACzC,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,IAAI,EAAE,EAAE;QACnD,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE;QACrD,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE;QACrD,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE,EAAE;QAC5C,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE;QAChD,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,CAAC,SAAS,IAAI,EAAE,EAAE;QAClD,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,IAAI,CAAC,YAAY,IAAI,EAAE,EAAE;QACxD,EAAE,IAAI,EAAE,uBAAuB,EAAE,KAAK,EAAE,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE;QACvF,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,IAAI,CAAC,kBAAkB,IAAI,EAAE,EAAE;QACpE,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE;QAC9C,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE;KACjD,CAAC;IAEF,wBAAwB;IACxB,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3D,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC;YACnE,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,yDAAsB,CAAC;QACzC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,cAAc,EAAE,cAAc;QAC9B,iBAAiB,EAAE,QAAQ;QAC3B,aAAa,EAAE,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,EAAE,gDAAgD;KACnG,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,oBAAoB,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAE9D,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,IAAI,IAAI,CAAC,QAAQ;QAClD,GAAG,EAAE,KAAK,CAAC,GAAG;QACd,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,SAAS,EAAE,KAAK,CAAC,UAAU;QAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;QAC7B,UAAU,EAAE,KAAK;QACjB,UAAU,EAAE,QAAQ,CAAC,IAAI,EAAE,UAA+B;QAC1D,OAAO,EAAE,QAAQ,CAAC,IAAI,EAAE,OAAO;QAC/B,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE;QACvD,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,oBAAoB,EAAE,WAAW,EAAE;QAC7D,SAAS,EAAE,6BAAQ,CAAC,EAAE;KACvB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,UAAU,EAAE,QAAQ;IAC1D,MAAM,OAAO,GAAG,IAAI,yDAAsB,CAAC,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAE3F,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACrC,CAAC;AAEM,KAAK,UAAU,kBAAkB,CAAC,UAAU,EAAE,QAAQ;IAC3D,MAAM,OAAO,GAAG,IAAI,0DAAuB,CAAC,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAE5F,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACrC,CAAC;AAEM,KAAK,UAAU,iBAAiB,CAAC,UAAkB,EAAE,QAAgB;IAC1E,MAAM,OAAO,GAAG,IAAI,yDAAsB,CAAC;QACzC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;KACnB,CAAC,CAAC;IAEH,OAAO,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAC3C,CAAC;AAEM,KAAK,UAAU,cAAc,CAAC,UAAkB,EAAE,QAAgB;IACvE,MAAM,OAAO,GAAG,IAAI,sDAAmB,CAAC;QACtC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;KACnB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,oBAAoB,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;IAE5D,OAAO;QACL,QAAQ;QACR,GAAG,EAAE,KAAK,CAAC,GAAG;QACd,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,SAAS,EAAE,KAAK,CAAC,UAAU;QAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;QAC7B,UAAU,EAAE,KAAK;QACjB,UAAU,EAAE,QAAQ,CAAC,UAA+B;QACpD,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,SAAS,EAAE,QAAQ,CAAC,cAAc,EAAE,WAAW,EAAE;QACjD,SAAS,EAAE,QAAQ,CAAC,oBAAoB,EAAE,WAAW,EAAE;QACvD,SAAS,EAAE,6BAAQ,CAAC,EAAE;KACvB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,oBAAoB,CACxC,UAAkB,EAClB,aAAqB,EACrB,cAAsB;IAEtB,MAAM,OAAO,GAAG,IAAI,mDAAgB,CAAC;QACnC,UAAU,EAAE,UAAU;QACtB,MAAM,EAAE,GAAG,aAAa,OAAO,cAAc,GAAG;KACjD,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,MAAM,gBAAgB,GAAkB,EAAE,CAAC;QAE3C,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,gBAAgB,CAAC;QAElD,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;YAClC,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAEpD,gBAAgB,CAAC,IAAI,CAAC;gBACpB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,GAAG,EAAE,KAAK,CAAC,GAAG;gBACd,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,SAAS,EAAE,KAAK,CAAC,UAAU;gBAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;gBAC7B,UAAU,EAAE,KAAK;gBACjB,UAAU,EAAE,IAAI,CAAC,UAA+B;gBAChD,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,SAAS,EAAE,IAAI,CAAC,cAAc,EAAE,WAAW,EAAE;gBAC7C,SAAS,EAAE,IAAI,CAAC,oBAAoB,EAAE,WAAW,EAAE;gBACnD,SAAS,EAAE,6BAAQ,CAAC,EAAE;aACvB,CAAC,CAAC;QACL,CAAC;QAED,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,sBAAsB,EAAE,GAAG,CAAC,CAAC;IAC7C,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,mBAAmB,CAAC,UAAkB,EAAE,KAAa,EAAE,SAAiB;IAC5F,+BAA+B;IAC/B,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,UAAU,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;IACnF,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,CAAC;IAElD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,mBAAmB,KAAK,YAAY,CAAC,CAAC;IACxD,CAAC;IAED,OAAO,YAAY,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;AACnD,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,UAAkB,EAClB,WAAmB,EACnB,SAAiB;IAEjB,sCAAsC;IACtC,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,UAAU,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,iCAAiC;IACnF,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,KAAK,WAAW,CAAC,CAAC;IAE/D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,0BAA0B,WAAW,YAAY,CAAC,CAAC;IACrE,CAAC;IAED,OAAO,YAAY,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;AACnD,CAAC;AACD;;;GAGG;AACI,KAAK,UAAU,sBAAsB,CAC1C,UAAkB,EAClB,QAAgB,EAChB,SAAiB;IAEjB,qBAAqB;IACrB,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IACxD,OAAO,YAAY,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,YAAY,CAAC,UAAkB,EAAE,IAAiB,EAAE,SAAiB;IACzF,0CAA0C;IAC1C,MAAM,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,kBAAkB,EAAE,SAAS,CAAC,CAAC;IAE1E,iCAAiC;IACjC,MAAM,aAAa,GAAG;QACpB,GAAG,IAAI,CAAC,UAAU;QAClB,kBAAkB,EAAE,SAAS;KAC9B,CAAC;IAEF,OAAO;QACL,GAAG,IAAI;QACP,UAAU,EAAE,aAAa;KAC1B,CAAC;AACJ,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,cAAc,CAClC,UAAkB,EAClB,IAAiB,EACjB,eAAuB,EACvB,UAAe;IAEf,MAAM,QAAQ,GAAG,eAAe,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,eAAe,EAAE,CAAC;IAEvG,0CAA0C;IAC1C,MAAM,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,eAAe,EAAE,UAAU,CAAC,CAAC;IAExE,iCAAiC;IACjC,OAAO;QACL,GAAG,IAAI;QACP,UAAU,EAAE;YACV,GAAG,IAAI,CAAC,UAAU;YAClB,CAAC,QAAQ,CAAC,EAAE,UAAU;SACvB;KACF,CAAC;AACJ,CAAC;AAED,gDAAgD;AACzC,KAAK,UAAU,kBAAkB,CACtC,UAAkB,EAClB,IAAiB,EACjB,eAAuB,EACvB,UAAe;IAEf,MAAM,QAAQ,GAAG,eAAe,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,eAAe,EAAE,CAAC;IAEvG,MAAM,aAAa,CAAC,IAAI,CACtB,IAAI,mEAAgC,CAAC;QACnC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,cAAc,EAAE,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;KAChE,CAAC,CACH,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,OAAO,CAAC,UAAkB,EAAE,OAAe,CAAC,EAAE,OAAe,EAAE;IACnF,MAAM,MAAM,GAAG;QACb,UAAU,EAAE,UAAU;QACtB,KAAK,EAAE,IAAI;QACX,eAAe,EAAE,SAA+B;KACjD,CAAC;IAEF,0BAA0B;IAC1B,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,IAAI,KAAK,GAAkB,EAAE,CAAC;IAE9B,OAAO,WAAW,IAAI,IAAI,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,IAAI,mDAAgB,CAAC,MAAM,CAAC,CAAC;QAC7C,MAAM,QAAQ,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAQ,CAAC;QAE5D,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACzB,KAAK;gBACH,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE;oBAC7B,MAAM,KAAK,GAA2B,EAAE,CAAC;oBACzC,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;wBACnC,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK;4BAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC;oBACjD,CAAC;oBAED,OAAO;wBACL,QAAQ,EAAE,CAAC,CAAC,QAAQ;wBACpB,GAAG,EAAE,KAAK,CAAC,GAAG;wBACd,KAAK,EAAE,KAAK,CAAC,KAAK;wBAClB,WAAW,EAAE,KAAK,CAAC,YAAY;wBAC/B,SAAS,EAAE,KAAK,CAAC,UAAU;wBAC3B,UAAU,EAAE,KAAK,CAAC,WAAW;wBAC7B,UAAU,EAAE,KAAK;wBACjB,UAAU,EAAE,CAAC,CAAC,UAA+B;wBAC7C,OAAO,EAAE,CAAC,CAAC,OAAO;wBAClB,SAAS,EAAE,CAAC,CAAC,cAAc,EAAE,WAAW,EAAE;wBAC1C,SAAS,EAAE,CAAC,CAAC,oBAAoB,EAAE,WAAW,EAAE;wBAChD,SAAS,EAAE,IAAI;qBACD,CAAC;gBACnB,CAAC,CAAC,IAAI,EAAE,CAAC;QACb,CAAC;QAED,MAAM,CAAC,eAAe,GAAG,QAAQ,CAAC,eAAe,CAAC;QAClD,IAAI,CAAC,MAAM,CAAC,eAAe;YAAE,MAAM;QAEnC,WAAW,EAAE,CAAC;IAChB,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAEM,KAAK,UAAU,WAAW,CAC/B,UAAkB,EAClB,SAAiB,EACjB,WAAoB;IAEpB,MAAM,OAAO,GAAG,IAAI,qDAAkB,CAAC;QACrC,UAAU,EAAE,UAAU;QACtB,SAAS,EAAE,SAAS;QACpB,WAAW,EAAE,WAAW;KACzB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAEnD,OAAO;QACL,SAAS,EAAE,QAAQ,CAAC,KAAK,EAAE,SAAS;QACpC,WAAW,EAAE,QAAQ,CAAC,KAAK,EAAE,WAAW;KACzC,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,cAAc,CAClC,UAAkB,EAClB,QAAgB,EAChB,SAAiB;IAEjB,MAAM,OAAO,GAAG,IAAI,6DAA0B,CAAC;QAC7C,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;KACrB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO;QACL,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;KACrB,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,WAAW,CAAC,UAAkB,EAAE,SAAiB;IACrE,MAAM,OAAO,GAAG,IAAI,qDAAkB,CAAC;QACrC,UAAU,EAAE,UAAU;QACtB,SAAS,EAAE,SAAS;KACrB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO,EAAE,SAAS,EAAE,CAAC;AACvB,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,UAAkB,EAClB,QAAgB,EAChB,SAAiB;IAEjB,MAAM,OAAO,GAAG,IAAI,kEAA+B,CAAC;QAClD,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;KACrB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC;AAEM,KAAK,UAAU,sBAAsB,CAC1C,QAAgB,EAChB,QAAgB;IAIhB,MAAM,OAAO,GAAG,IAAI,wDAAqB,CAAC;QACxC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;KACnB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO,EAAE,QAAQ,EAAE,CAAC;AACtB,CAAC;AAEM,KAAK,UAAU,yBAAyB,CAC7C,QAAgB,EAChB,QAAgB,EAChB,IAAY,EACZ,WAAmB;IAInB,MAAM,OAAO,GAAG,IAAI,+DAA4B,CAAC;QAC/C,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;QAClB,gBAAgB,EAAE,IAAI;QACtB,QAAQ,EAAE,WAAW;KACtB,CAAC,CAAC;IAEH,MAAM,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO,EAAE,QAAQ,EAAE,CAAC;AACtB,CAAC","sourcesContent":["// cognito.function.ts\n\nimport {\n AdminCreateUserCommand,\n AdminGetUserCommand,\n AdminDeleteUserCommand,\n AdminUpdateUserAttributesCommand,\n CreateGroupCommand,\n DeleteGroupCommand,\n AdminAddUserToGroupCommand,\n AdminRemoveUserFromGroupCommand,\n AttributeType,\n CognitoIdentityProviderClient,\n ListUsersCommand,\n AdminEnableUserCommand,\n AdminDisableUserCommand,\n ForgotPasswordCommand,\n ConfirmForgotPasswordCommand,\n} from \"@aws-sdk/client-cognito-identity-provider\";\nimport { CognitoUser, CognitoUserStatus, TokenUse } from \"../../model/cognito-user.model\";\n\nfunction mapCognitoAttributes(attributes?: AttributeType[]): Record<string, string> {\n const result: Record<string, string> = {};\n for (const attr of attributes || []) {\n if (attr.Name && attr.Value) {\n result[attr.Name] = attr.Value;\n }\n }\n return result;\n}\n\nconst cognitoClient = new CognitoIdentityProviderClient({ region: process.env.AWS_REGION });\n\nexport async function updateCognitoUser(\n userPoolId: string,\n user: CognitoUser,\n password?: string,\n): Promise<CognitoUser> {\n const userAttributes: AttributeType[] = [];\n\n if (user.email) userAttributes.push({ Name: \"email\", Value: user.email });\n if (user.profile) userAttributes.push({ Name: \"profile\", Value: user.profile });\n if (user.phone_number) userAttributes.push({ Name: \"phone_number\", Value: user.phone_number });\n if (user.givenName) userAttributes.push({ Name: \"given_name\", Value: user.givenName });\n if (user.familyName) userAttributes.push({ Name: \"family_name\", Value: user.familyName });\n if (user.gender) userAttributes.push({ Name: \"gender\", Value: user.gender });\n if (user.nickname) userAttributes.push({ Name: \"nickname\", Value: user.nickname });\n if (user.address) userAttributes.push({ Name: \"address\", Value: user.address });\n if (user.birthdate) userAttributes.push({ Name: \"birthdate\", Value: user.birthdate });\n if (user.picture) userAttributes.push({ Name: \"picture\", Value: user.picture });\n if (user.preferred_username)\n userAttributes.push({ Name: \"preff.preferred_username\", Value: user.preferred_username });\n if (user.website) userAttributes.push({ Name: \"website\", Value: user.website });\n if (user.zoneinfo) userAttributes.push({ Name: \"zoneinfo\", Value: user.zoneinfo });\n\n if (user.attributes) {\n for (const [key, value] of Object.entries(user.attributes)) {\n const attrName = key.startsWith(\"custom:\") ? key : `custom:${key}`;\n userAttributes.push({ Name: attrName, Value: String(value) });\n }\n }\n\n await cognitoClient.send(\n new AdminUpdateUserAttributesCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n UserAttributes: userAttributes,\n }),\n );\n\n if (password) {\n const { AdminSetUserPasswordCommand } = await import(\"@aws-sdk/client-cognito-identity-provider\");\n await cognitoClient.send(\n new AdminSetUserPasswordCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n Password: password,\n Permanent: true,\n }),\n );\n }\n\n return await getCognitoUser(userPoolId, user.username);\n}\n\nexport async function createCognitoUser(\n userPoolId: string,\n user: CognitoUser,\n password?: string,\n): Promise<CognitoUser> {\n const userAttributes: AttributeType[] = [\n { Name: \"email\", Value: user.email },\n { Name: \"email_verified\", Value: \"true\" },\n { Name: \"profile\", Value: user.profile ?? \"\" },\n { Name: \"given_name\", Value: user.givenName ?? \"\" },\n { Name: \"family_name\", Value: user.familyName ?? \"\" },\n { Name: \"middle_name\", Value: user.middleName ?? \"\" },\n { Name: \"gender\", Value: user.gender ?? \"\" },\n { Name: \"nickname\", Value: user.nickname ?? \"\" },\n { Name: \"address\", Value: user.address ?? \"\" },\n { Name: \"birthdate\", Value: user.birthdate ?? \"\" },\n { Name: \"picture\", Value: user.picture ?? \"\" },\n { Name: \"phone_number\", Value: user.phone_number ?? \"\" },\n { Name: \"phone_number_verified\", Value: user.phone_number_verified ? \"true\" : \"false\" },\n { Name: \"preferred_username\", Value: user.preferred_username ?? \"\" },\n { Name: \"website\", Value: user.website ?? \"\" },\n { Name: \"zoneinfo\", Value: user.zoneinfo ?? \"\" },\n ];\n\n // Add custom attributes\n if (user.attributes) {\n for (const [key, value] of Object.entries(user.attributes)) {\n const attrName = key.startsWith(\"custom:\") ? key : `custom:${key}`;\n userAttributes.push({ Name: attrName, Value: value });\n }\n }\n\n const command = new AdminCreateUserCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n UserAttributes: userAttributes,\n TemporaryPassword: password,\n MessageAction: password ? \"SUPPRESS\" : undefined, // Don't send welcome email if password provided\n });\n\n const response = await cognitoClient.send(command);\n const attrs = mapCognitoAttributes(response.User?.Attributes);\n\n return {\n username: response.User?.Username || user.username,\n sub: attrs.sub,\n email: attrs.email,\n phone_number: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: response.User?.UserStatus as CognitoUserStatus,\n enabled: response.User?.Enabled,\n createdAt: response.User?.UserCreateDate?.toISOString(),\n updatedAt: response.User?.UserLastModifiedDate?.toISOString(),\n token_use: TokenUse.ID,\n };\n}\n\nexport async function enableCognitoUser(userPoolId, username) {\n const command = new AdminEnableUserCommand({ UserPoolId: userPoolId, Username: username });\n\n return cognitoClient.send(command);\n}\n\nexport async function disableCognitoUser(userPoolId, username) {\n const command = new AdminDisableUserCommand({ UserPoolId: userPoolId, Username: username });\n\n return cognitoClient.send(command);\n}\n\nexport async function deleteCognitoUser(userPoolId: string, username: string): Promise<any> {\n const command = new AdminDeleteUserCommand({\n UserPoolId: userPoolId,\n Username: username,\n });\n\n return await cognitoClient.send(command);\n}\n\nexport async function getCognitoUser(userPoolId: string, username: string): Promise<CognitoUser> {\n const command = new AdminGetUserCommand({\n UserPoolId: userPoolId,\n Username: username,\n });\n\n const response = await cognitoClient.send(command);\n const attrs = mapCognitoAttributes(response.UserAttributes);\n\n return {\n username,\n sub: attrs.sub,\n email: attrs.email,\n phone_number: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: response.UserStatus as CognitoUserStatus,\n enabled: response.Enabled,\n createdAt: response.UserCreateDate?.toISOString(),\n updatedAt: response.UserLastModifiedDate?.toISOString(),\n token_use: TokenUse.ID,\n };\n}\n\nexport async function listUsersByAttribute(\n userPoolId: string,\n attributeName: string,\n attributeValue: string,\n): Promise<CognitoUser[]> {\n const command = new ListUsersCommand({\n UserPoolId: userPoolId,\n Filter: `${attributeName} = \"${attributeValue}\"`,\n });\n\n try {\n const response = await cognitoClient.send(command);\n const cognitoUsersList: CognitoUser[] = [];\n\n if (response.Users.length === 0) cognitoUsersList;\n\n for (const user of response.Users) {\n const attrs = mapCognitoAttributes(user.Attributes);\n\n cognitoUsersList.push({\n username: user.Username,\n sub: attrs.sub,\n email: attrs.email,\n phone_number: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: user.UserStatus as CognitoUserStatus,\n enabled: user.Enabled,\n createdAt: user.UserCreateDate?.toISOString(),\n updatedAt: user.UserLastModifiedDate?.toISOString(),\n token_use: TokenUse.ID,\n });\n }\n\n return cognitoUsersList;\n } catch (err) {\n console.error(\"Error listing users:\", err);\n }\n}\n\nexport async function setProfileIdByEmail(userPoolId: string, email: string, profileId: string): Promise<CognitoUser> {\n // Find the user by email first\n const users = await findAll(userPoolId, 1, 1000); // Get all users to find by email\n const user = users.find((u) => u.email === email);\n\n if (!user) {\n throw new Error(`User with email ${email} not found`);\n }\n\n return setProfileId(userPoolId, user, profileId);\n}\n\nexport async function setProfileIdByPhone(\n userPoolId: string,\n phoneNumber: string,\n profileId: string,\n): Promise<CognitoUser> {\n // Find the user by phone number first\n const users = await findAll(userPoolId, 1, 1000); // Get all users to find by phone\n const user = users.find((u) => u.phone_number === phoneNumber);\n\n if (!user) {\n throw new Error(`User with phone number ${phoneNumber} not found`);\n }\n\n return setProfileId(userPoolId, user, profileId);\n}\n/**\n * Sets a profileId as a Cognito custom attribute.\n * Returns a **new CognitoUser object** with the attribute updated.\n */\nexport async function setProfileIdByUsername(\n userPoolId: string,\n username: string,\n profileId: string,\n): Promise<CognitoUser> {\n // Get the user first\n const user = await getCognitoUser(userPoolId, username);\n return setProfileId(userPoolId, user, profileId);\n}\n\n/**\n * Sets a profileId as a Cognito custom attribute.\n * Saves the changes to the Cognito user pool and returns the updated CognitoUser object.\n */\nexport async function setProfileId(userPoolId: string, user: CognitoUser, profileId: string): Promise<CognitoUser> {\n // Persist the custom attribute to Cognito\n await persistCustomValue(userPoolId, user, \"custom:profileId\", profileId);\n\n // Return the updated user object\n const newAttributes = {\n ...user.attributes,\n \"custom:profileId\": profileId,\n };\n\n return {\n ...user,\n attributes: newAttributes,\n };\n}\n\n/**\n * Sets a custom attribute on a CognitoUser object.\n * Saves the changes to the Cognito user pool and returns the updated CognitoUser object.\n */\nexport async function setCustomValue(\n userPoolId: string,\n user: CognitoUser,\n customFieldName: string,\n fieldValue: any,\n): Promise<CognitoUser> {\n const attrName = customFieldName.startsWith(\"custom:\") ? customFieldName : `custom:${customFieldName}`;\n\n // Persist the custom attribute to Cognito\n await persistCustomValue(userPoolId, user, customFieldName, fieldValue);\n\n // Return the updated user object\n return {\n ...user,\n attributes: {\n ...user.attributes,\n [attrName]: fieldValue,\n },\n };\n}\n\n// Optional: Persist custom attribute to Cognito\nexport async function persistCustomValue(\n userPoolId: string,\n user: CognitoUser,\n customFieldName: string,\n fieldValue: any,\n): Promise<void> {\n const attrName = customFieldName.startsWith(\"custom:\") ? customFieldName : `custom:${customFieldName}`;\n\n await cognitoClient.send(\n new AdminUpdateUserAttributesCommand({\n UserPoolId: userPoolId,\n Username: user.username,\n UserAttributes: [{ Name: attrName, Value: String(fieldValue) }],\n }),\n );\n}\n\nexport async function findAll(userPoolId: string, page: number = 1, size: number = 50): Promise<CognitoUser[]> {\n const params = {\n UserPoolId: userPoolId,\n Limit: size,\n PaginationToken: undefined as string | undefined,\n };\n\n // simple pagination logic\n let currentPage = 1;\n let users: CognitoUser[] = [];\n\n while (currentPage <= page) {\n const command = new ListUsersCommand(params);\n const response = (await cognitoClient.send(command)) as any;\n\n if (currentPage === page) {\n users =\n response.Users?.map((u: any) => {\n const attrs: Record<string, string> = {};\n for (const a of u.Attributes || []) {\n if (a.Name && a.Value) attrs[a.Name] = a.Value;\n }\n\n return {\n username: u.Username,\n sub: attrs.sub,\n email: attrs.email,\n phoneNumber: attrs.phone_number,\n givenName: attrs.given_name,\n familyName: attrs.family_name,\n attributes: attrs,\n userStatus: u.UserStatus as CognitoUserStatus,\n enabled: u.Enabled,\n createdAt: u.UserCreateDate?.toISOString(),\n updatedAt: u.UserLastModifiedDate?.toISOString(),\n token_use: \"id\",\n } as CognitoUser;\n }) || [];\n }\n\n params.PaginationToken = response.PaginationToken;\n if (!params.PaginationToken) break;\n\n currentPage++;\n }\n\n return users;\n}\n\nexport async function createGroup(\n userPoolId: string,\n groupName: string,\n description?: string,\n): Promise<{ groupName: string; description?: string }> {\n const command = new CreateGroupCommand({\n UserPoolId: userPoolId,\n GroupName: groupName,\n Description: description,\n });\n\n const response = await cognitoClient.send(command);\n\n return {\n groupName: response.Group?.GroupName,\n description: response.Group?.Description,\n };\n}\n\nexport async function addUserToGroup(\n userPoolId: string,\n username: string,\n groupName: string,\n): Promise<{ groupName: string; username: string }> {\n const command = new AdminAddUserToGroupCommand({\n UserPoolId: userPoolId,\n Username: username,\n GroupName: groupName,\n });\n\n await cognitoClient.send(command);\n\n return {\n username: username,\n groupName: groupName,\n };\n}\n\nexport async function deleteGroup(userPoolId: string, groupName: string): Promise<{ groupName: string }> {\n const command = new DeleteGroupCommand({\n UserPoolId: userPoolId,\n GroupName: groupName,\n });\n\n await cognitoClient.send(command);\n\n return { groupName };\n}\n\nexport async function removeUserFromGroup(\n userPoolId: string,\n username: string,\n groupName: string,\n): Promise<{ groupName: string; username: string }> {\n const command = new AdminRemoveUserFromGroupCommand({\n UserPoolId: userPoolId,\n Username: username,\n GroupName: groupName,\n });\n\n await cognitoClient.send(command);\n\n return { username, groupName };\n}\n\nexport async function sendForgotPasswordCode(\n clientId: string,\n username: string,\n): Promise<{\n username: string;\n}> {\n const command = new ForgotPasswordCommand({\n ClientId: clientId,\n Username: username,\n });\n\n await cognitoClient.send(command);\n\n return { username };\n}\n\nexport async function confirmForgotPasswordCode(\n clientId: string,\n username: string,\n code: string,\n newPassword: string,\n): Promise<{\n username: string;\n}> {\n const command = new ConfirmForgotPasswordCommand({\n ClientId: clientId,\n Username: username,\n ConfirmationCode: code,\n Password: newPassword,\n });\n\n await cognitoClient.send(command);\n\n return { username };\n}\n"]}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
export * from "./cognito.function";
|
|
2
|
-
import { createCognitoUser, findAll, getCognitoUser, persistCustomValue, listUsersByAttribute, setCustomValue, setProfileId, setProfileIdByEmail, setProfileIdByPhone, setProfileIdByUsername, updateCognitoUser, deleteCognitoUser, disableCognitoUser, enableCognitoUser, createGroup, deleteGroup, addUserToGroup, removeUserFromGroup } from "./cognito.function";
|
|
2
|
+
import { createCognitoUser, findAll, getCognitoUser, persistCustomValue, listUsersByAttribute, setCustomValue, setProfileId, setProfileIdByEmail, setProfileIdByPhone, setProfileIdByUsername, updateCognitoUser, deleteCognitoUser, disableCognitoUser, enableCognitoUser, createGroup, deleteGroup, addUserToGroup, removeUserFromGroup, sendForgotPasswordCode, confirmForgotPasswordCode } from "./cognito.function";
|
|
3
3
|
export declare const cognito: {
|
|
4
4
|
create: typeof createCognitoUser;
|
|
5
5
|
get: typeof getCognitoUser;
|
|
@@ -19,5 +19,7 @@ export declare const cognito: {
|
|
|
19
19
|
deleteGroup: typeof deleteGroup;
|
|
20
20
|
addUserToGroup: typeof addUserToGroup;
|
|
21
21
|
removeUserFromGroup: typeof removeUserFromGroup;
|
|
22
|
+
sendForgotPasswordCode: typeof sendForgotPasswordCode;
|
|
23
|
+
confirmForgotPasswordCode: typeof confirmForgotPasswordCode;
|
|
22
24
|
};
|
|
23
25
|
export type CognitoApi = typeof cognito;
|
|
@@ -36,5 +36,7 @@ exports.cognito = {
|
|
|
36
36
|
deleteGroup: cognito_function_1.deleteGroup,
|
|
37
37
|
addUserToGroup: cognito_function_1.addUserToGroup,
|
|
38
38
|
removeUserFromGroup: cognito_function_1.removeUserFromGroup,
|
|
39
|
+
sendForgotPasswordCode: cognito_function_1.sendForgotPasswordCode,
|
|
40
|
+
confirmForgotPasswordCode: cognito_function_1.confirmForgotPasswordCode,
|
|
39
41
|
};
|
|
40
42
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/function/cognito/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,qDAAmC;AAEnC,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/function/cognito/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,qDAAmC;AAEnC,yDAqB4B;AAEf,QAAA,OAAO,GAAG;IACrB,MAAM,EAAE,oCAAiB;IACzB,GAAG,EAAE,iCAAc;IACnB,eAAe,EAAE,uCAAoB;IACrC,OAAO,EAAP,0BAAO;IACP,MAAM,EAAE,oCAAiB;IACzB,MAAM,EAAE,oCAAiB;IACzB,mBAAmB,EAAnB,sCAAmB;IACnB,mBAAmB,EAAnB,sCAAmB;IACnB,sBAAsB,EAAtB,yCAAsB;IACtB,YAAY,EAAZ,+BAAY;IACZ,cAAc,EAAd,iCAAc;IACd,kBAAkB,EAAlB,qCAAkB;IAClB,OAAO,EAAE,qCAAkB;IAC3B,MAAM,EAAE,oCAAiB;IACzB,WAAW,EAAX,8BAAW;IACX,WAAW,EAAX,8BAAW;IACX,cAAc,EAAd,iCAAc;IACd,mBAAmB,EAAnB,sCAAmB;IACnB,sBAAsB,EAAtB,yCAAsB;IACtB,yBAAyB,EAAzB,4CAAyB;CAC1B,CAAC","sourcesContent":["export * from \"./cognito.function\";\n\nimport {\n createCognitoUser,\n findAll,\n getCognitoUser,\n persistCustomValue,\n listUsersByAttribute,\n setCustomValue,\n setProfileId,\n setProfileIdByEmail,\n setProfileIdByPhone,\n setProfileIdByUsername,\n updateCognitoUser,\n deleteCognitoUser,\n disableCognitoUser,\n enableCognitoUser,\n createGroup,\n deleteGroup,\n addUserToGroup,\n removeUserFromGroup,\n sendForgotPasswordCode,\n confirmForgotPasswordCode,\n} from \"./cognito.function\";\n\nexport const cognito = {\n create: createCognitoUser,\n get: getCognitoUser,\n listByAttribute: listUsersByAttribute,\n findAll,\n update: updateCognitoUser,\n delete: deleteCognitoUser,\n setProfileIdByEmail,\n setProfileIdByPhone,\n setProfileIdByUsername,\n setProfileId,\n setCustomValue,\n persistCustomValue,\n disable: disableCognitoUser,\n enable: enableCognitoUser,\n createGroup,\n deleteGroup,\n addUserToGroup,\n removeUserFromGroup,\n sendForgotPasswordCode,\n confirmForgotPasswordCode,\n};\n\nexport type CognitoApi = typeof cognito;\n"]}
|
package/dist/function/index.d.ts
CHANGED
|
@@ -18,6 +18,8 @@ export declare const aws: {
|
|
|
18
18
|
deleteGroup: typeof import("./cognito").deleteGroup;
|
|
19
19
|
addUserToGroup: typeof import("./cognito").addUserToGroup;
|
|
20
20
|
removeUserFromGroup: typeof import("./cognito").removeUserFromGroup;
|
|
21
|
+
sendForgotPasswordCode: typeof import("./cognito").sendForgotPasswordCode;
|
|
22
|
+
confirmForgotPasswordCode: typeof import("./cognito").confirmForgotPasswordCode;
|
|
21
23
|
};
|
|
22
24
|
s3: {
|
|
23
25
|
createBucket: typeof import("./s3").createBucket;
|