npm - permissions-contractx - Versions diffs - 1.0.0 - Mend

permissions-contractx 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (75) hide show

package/LICENSE +21 -0
package/README.md +1397 -0
package/dist/constants/contractx-permissions.constants.d.ts +310 -0
package/dist/constants/contractx-permissions.constants.d.ts.map +1 -0
package/dist/constants/contractx-permissions.constants.js +1061 -0
package/dist/constants/contractx-roles.constants.d.ts +295 -0
package/dist/constants/contractx-roles.constants.d.ts.map +1 -0
package/dist/constants/contractx-roles.constants.js +238 -0
package/dist/constants/index.d.ts +3 -0
package/dist/constants/index.d.ts.map +1 -0
package/dist/constants/index.js +18 -0
package/dist/constants/security.constants.d.ts +77 -0
package/dist/constants/security.constants.d.ts.map +1 -0
package/dist/constants/security.constants.js +139 -0
package/dist/decorators/current-user.decorator.d.ts +73 -0
package/dist/decorators/current-user.decorator.d.ts.map +1 -0
package/dist/decorators/current-user.decorator.js +91 -0
package/dist/decorators/index.d.ts +5 -0
package/dist/decorators/index.d.ts.map +1 -0
package/dist/decorators/index.js +20 -0
package/dist/decorators/permissions.decorator.d.ts +97 -0
package/dist/decorators/permissions.decorator.d.ts.map +1 -0
package/dist/decorators/permissions.decorator.js +106 -0
package/dist/decorators/public.decorator.d.ts +18 -0
package/dist/decorators/public.decorator.d.ts.map +1 -0
package/dist/decorators/public.decorator.js +22 -0
package/dist/decorators/roles.decorator.d.ts +79 -0
package/dist/decorators/roles.decorator.d.ts.map +1 -0
package/dist/decorators/roles.decorator.js +87 -0
package/dist/guards/index.d.ts +4 -0
package/dist/guards/index.d.ts.map +1 -0
package/dist/guards/index.js +19 -0
package/dist/guards/jwt-auth.guard.d.ts +21 -0
package/dist/guards/jwt-auth.guard.d.ts.map +1 -0
package/dist/guards/jwt-auth.guard.js +115 -0
package/dist/guards/permissions.guard.d.ts +14 -0
package/dist/guards/permissions.guard.d.ts.map +1 -0
package/dist/guards/permissions.guard.js +77 -0
package/dist/guards/roles.guard.d.ts +13 -0
package/dist/guards/roles.guard.d.ts.map +1 -0
package/dist/guards/roles.guard.js +59 -0
package/dist/index.d.ts +8 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +28 -0
package/dist/interfaces/index.d.ts +2 -0
package/dist/interfaces/index.d.ts.map +1 -0
package/dist/interfaces/index.js +17 -0
package/dist/interfaces/jwt-payload.interface.d.ts +93 -0
package/dist/interfaces/jwt-payload.interface.d.ts.map +1 -0
package/dist/interfaces/jwt-payload.interface.js +2 -0
package/dist/modules/index.d.ts +2 -0
package/dist/modules/index.d.ts.map +1 -0
package/dist/modules/index.js +17 -0
package/dist/modules/permissions-contractx.module.d.ts +41 -0
package/dist/modules/permissions-contractx.module.d.ts.map +1 -0
package/dist/modules/permissions-contractx.module.js +215 -0
package/dist/services/contractx-authorization.service.d.ts +107 -0
package/dist/services/contractx-authorization.service.d.ts.map +1 -0
package/dist/services/contractx-authorization.service.js +362 -0
package/dist/services/contractx-document-compliance.service.d.ts +85 -0
package/dist/services/contractx-document-compliance.service.d.ts.map +1 -0
package/dist/services/contractx-document-compliance.service.js +536 -0
package/dist/services/contractx-validation.service.d.ts +76 -0
package/dist/services/contractx-validation.service.d.ts.map +1 -0
package/dist/services/contractx-validation.service.js +305 -0
package/dist/services/index.d.ts +6 -0
package/dist/services/index.d.ts.map +1 -0
package/dist/services/index.js +20 -0
package/dist/services/user-context.service.d.ts +114 -0
package/dist/services/user-context.service.d.ts.map +1 -0
package/dist/services/user-context.service.js +199 -0
package/dist/test-document-compliance.d.ts +7 -0
package/dist/test-document-compliance.d.ts.map +1 -0
package/dist/test-document-compliance.js +118 -0
package/package.json +405 -0

package/dist/services/contractx-authorization.service.js ADDED Viewed

@@ -0,0 +1,362 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ContractXAuthorizationService = void 0;
+const common_1 = require("@nestjs/common");
+const contractx_validation_service_1 = require("./contractx-validation.service");
+const contractx_roles_constants_1 = require("../constants/contractx-roles.constants");
+const contractx_permissions_constants_1 = require("../constants/contractx-permissions.constants");
+let ContractXAuthorizationService = class ContractXAuthorizationService {
+    constructor(validationService) {
+        this.validationService = validationService;
+    }
+    /**
+     * Authorize a user for a specific action on a resource
+     */
+    authorize(context) {
+        const { userRoles, userPermissions, requestedResource, requestedAction } = context;
+        // First validate the user context
+        const userValidation = this.validationService.validateUser(userRoles, userPermissions);
+        if (!userValidation.isValid) {
+            return {
+                granted: false,
+                reason: `Invalid user context: ${userValidation.errors.join(', ')}`,
+                level: 'denied',
+            };
+        }
+        // If no specific resource/action requested, just validate user
+        if (!requestedResource || !requestedAction) {
+            return {
+                granted: true,
+                reason: 'User context is valid',
+                level: 'system',
+                metadata: userValidation.metadata,
+            };
+        }
+        // Check system-level access first
+        if (this.hasSystemLevelAccess(userRoles)) {
+            return {
+                granted: true,
+                reason: 'System-level access granted via role',
+                level: 'system',
+                metadata: { systemRole: true },
+            };
+        }
+        // Check role-based access
+        const roleAccess = this.checkRoleBasedAccess(userRoles, requestedResource, requestedAction);
+        if (roleAccess.granted) {
+            return roleAccess;
+        }
+        // Check permission-based access
+        const permissionAccess = this.checkPermissionBasedAccess(userPermissions, requestedResource, requestedAction);
+        if (permissionAccess.granted) {
+            return permissionAccess;
+        }
+        // Check if user has any access to the module
+        const moduleAccess = this.checkModuleAccess(userPermissions, requestedResource);
+        if (moduleAccess) {
+            return {
+                granted: false,
+                reason: `Access denied for action '${requestedAction}' on resource '${requestedResource}'. User has module access but not for this action.`,
+                level: 'denied',
+                metadata: { hasModuleAccess: true },
+            };
+        }
+        return {
+            granted: false,
+            reason: `Access denied. No permissions found for resource '${requestedResource}'`,
+            level: 'denied',
+        };
+    }
+    /**
+     * Check if user has system-level access
+     */
+    hasSystemLevelAccess(userRoles) {
+        return userRoles.some(role => role === contractx_roles_constants_1.CONTRACTX_ROLES.SUPERADMIN ||
+            role === contractx_roles_constants_1.CONTRACTX_ROLES.SUPPORT ||
+            (0, contractx_roles_constants_1.isSystemRole)(role));
+    }
+    /**
+     * Check role-based access for a resource and action
+     */
+    checkRoleBasedAccess(userRoles, resource, action) {
+        // Get effective permissions for all user roles
+        const effectivePermissions = this.validationService.getEffectivePermissions(userRoles, []);
+        // Check if the effective permissions include the required permission
+        const requiredPermission = `${resource}:${action}`;
+        if (effectivePermissions.includes(requiredPermission)) {
+            return {
+                granted: true,
+                reason: `Access granted via role-based permissions`,
+                level: 'role',
+                metadata: { requiredPermission, effectivePermissions: effectivePermissions.length },
+            };
+        }
+        // Check for wildcard permissions
+        const wildcardPermission = `${resource}:*`;
+        if (effectivePermissions.includes(wildcardPermission)) {
+            return {
+                granted: true,
+                reason: `Access granted via role-based wildcard permission`,
+                level: 'role',
+                metadata: { wildcardPermission },
+            };
+        }
+        return {
+            granted: false,
+            reason: 'No role-based access found',
+            level: 'denied',
+        };
+    }
+    /**
+     * Check permission-based access for a resource and action
+     */
+    checkPermissionBasedAccess(userPermissions, resource, action) {
+        const requiredPermission = `${resource}:${action}`;
+        if (userPermissions.includes(requiredPermission)) {
+            return {
+                granted: true,
+                reason: `Access granted via explicit permission`,
+                level: 'permission',
+                metadata: { requiredPermission },
+            };
+        }
+        // Check for wildcard permissions
+        const wildcardPermission = `${resource}:*`;
+        if (userPermissions.includes(wildcardPermission)) {
+            return {
+                granted: true,
+                reason: `Access granted via wildcard permission`,
+                level: 'permission',
+                metadata: { wildcardPermission },
+            };
+        }
+        return {
+            granted: false,
+            reason: 'No explicit permission found',
+            level: 'denied',
+        };
+    }
+    /**
+     * Check if user has any access to a module
+     */
+    checkModuleAccess(userPermissions, module) {
+        return (0, contractx_permissions_constants_1.hasAnyModuleAccess)(userPermissions, module);
+    }
+    /**
+     * Generate an access matrix for the user
+     */
+    generateAccessMatrix(context) {
+        const { userRoles, userPermissions } = context;
+        // Get all role metadata
+        const roleMetadata = userRoles
+            .map(role => (0, contractx_roles_constants_1.getRoleMetadata)(role))
+            .filter(meta => meta !== null);
+        // Analyze access levels
+        const hasSystemAccess = userRoles.some(role => (0, contractx_roles_constants_1.isSystemRole)(role));
+        const hasClientAccess = userRoles.some(role => (0, contractx_roles_constants_1.isClientRole)(role));
+        const hasProviderAccess = userRoles.some(role => (0, contractx_roles_constants_1.isProviderRole)(role));
+        const hasAdminAccess = userRoles.some(role => (0, contractx_roles_constants_1.isAdminRole)(role));
+        // Get accessible modules
+        const accessibleModules = this.validationService.getUserModules(userPermissions);
+        // Calculate highest role level
+        const highestRoleLevel = Math.max(...roleMetadata.map(meta => meta?.level || 0), 0);
+        // Get effective permissions
+        const effectivePermissions = this.validationService.getEffectivePermissions(userRoles, userPermissions);
+        return {
+            hasSystemAccess,
+            hasClientAccess,
+            hasProviderAccess,
+            hasAdminAccess,
+            accessibleModules,
+            highestRoleLevel,
+            effectivePermissions,
+        };
+    }
+    /**
+     * Check if user can access a specific tenant
+     */
+    canAccessTenant(userRoles, tenantType) {
+        // System roles can access all tenants
+        if (this.hasSystemLevelAccess(userRoles)) {
+            return true;
+        }
+        // Check specific tenant access
+        if (tenantType === 'client') {
+            return userRoles.some(role => (0, contractx_roles_constants_1.isClientRole)(role));
+        }
+        else {
+            return userRoles.some(role => (0, contractx_roles_constants_1.isProviderRole)(role));
+        }
+    }
+    /**
+     * Get user's accessible tenant types
+     */
+    getAccessibleTenants(userRoles) {
+        const tenants = new Set();
+        if (this.hasSystemLevelAccess(userRoles)) {
+            tenants.add('system');
+            tenants.add('client');
+            tenants.add('provider');
+        }
+        else {
+            if (userRoles.some(role => (0, contractx_roles_constants_1.isClientRole)(role))) {
+                tenants.add('client');
+            }
+            if (userRoles.some(role => (0, contractx_roles_constants_1.isProviderRole)(role))) {
+                tenants.add('provider');
+            }
+        }
+        return Array.from(tenants);
+    }
+    /**
+     * Filter resources based on user permissions
+     */
+    filterAccessibleResources(userPermissions, resources, requiredAction = 'read') {
+        return resources.filter(resource => (0, contractx_permissions_constants_1.hasModuleAccess)(userPermissions, resource, requiredAction) ||
+            (0, contractx_permissions_constants_1.hasModuleAccess)(userPermissions, resource, '*'));
+    }
+    /**
+     * Get user's permissions for a specific module
+     */
+    getModulePermissions(userPermissions, module) {
+        return userPermissions
+            .filter(permission => {
+            const permModule = (0, contractx_permissions_constants_1.getModuleFromPermission)(permission);
+            return permModule === module;
+        })
+            .map(permission => (0, contractx_permissions_constants_1.getActionFromPermission)(permission))
+            .filter(action => action !== null);
+    }
+    /**
+     * Check if user has administrative access to a resource
+     */
+    hasAdministrativeAccess(userRoles, _resource) {
+        // System-level access
+        if (this.hasSystemLevelAccess(userRoles)) {
+            return true;
+        }
+        // Check for admin roles specific to the resource
+        const adminRoles = [
+            contractx_roles_constants_1.CONTRACTX_ROLES.CLIENT_CONTRACT_ADMIN,
+            contractx_roles_constants_1.CONTRACTX_ROLES.PROVIDER_CONTRACT_ADMIN,
+        ];
+        return userRoles.some(role => adminRoles.includes(role));
+    }
+    /**
+     * Validate user context for multi-tenant environment
+     */
+    validateMultiTenantAccess(context) {
+        const errors = [];
+        const warnings = [];
+        const { userRoles, tenantType, organizationId, projectId } = context;
+        // Validate tenant access
+        if (tenantType && !this.canAccessTenant(userRoles, tenantType)) {
+            errors.push(`User does not have access to ${tenantType} tenant`);
+        }
+        // Validate organization context
+        if (organizationId && !this.hasSystemLevelAccess(userRoles)) {
+            // In a real implementation, you'd check if user belongs to the organization
+            warnings.push(`Organization-specific access validation should be implemented`);
+        }
+        // Validate project context
+        if (projectId && !this.hasSystemLevelAccess(userRoles)) {
+            // In a real implementation, you'd check if user has project access
+            warnings.push(`Project-specific access validation should be implemented`);
+        }
+        return {
+            isValid: errors.length === 0,
+            errors,
+            warnings,
+        };
+    }
+    /**
+     * Get permission summary for logging/audit purposes
+     */
+    getPermissionSummary(context) {
+        const accessMatrix = this.generateAccessMatrix(context);
+        const accessibleTenants = this.getAccessibleTenants(context.userRoles);
+        return {
+            userId: context.requestedResource, // Assuming this might be passed in context
+            roles: context.userRoles,
+            permissionCount: context.userPermissions.length,
+            effectivePermissionCount: accessMatrix.effectivePermissions.length,
+            accessLevel: accessMatrix.highestRoleLevel,
+            tenants: accessibleTenants,
+            modules: accessMatrix.accessibleModules,
+            hasSystemAccess: accessMatrix.hasSystemAccess,
+            hasAdminAccess: accessMatrix.hasAdminAccess,
+        };
+    }
+    /**
+     * Check if authorization is required for a resource
+     */
+    isAuthorizationRequired(resource, action) {
+        // Define public resources that don't require authorization
+        const publicResources = ['health', 'status', 'version'];
+        const publicActions = ['read', 'view'];
+        if (publicResources.includes(resource) && publicActions.includes(action)) {
+            return false;
+        }
+        return true;
+    }
+    /**
+     * Get minimum required role for a resource/action combination
+     */
+    getMinimumRequiredRole(resource, action) {
+        // This would typically be configured based on your security requirements
+        const resourceRoleMap = {
+            contracts: {
+                create: [contractx_roles_constants_1.CONTRACTX_ROLES.CLIENT_CONTRACT_ADMIN, contractx_roles_constants_1.CONTRACTX_ROLES.PROVIDER_CONTRACT_ADMIN],
+                delete: [contractx_roles_constants_1.CONTRACTX_ROLES.CLIENT_CONTRACT_ADMIN, contractx_roles_constants_1.CONTRACTX_ROLES.PROVIDER_CONTRACT_ADMIN],
+                admin: [contractx_roles_constants_1.CONTRACTX_ROLES.SUPERADMIN, contractx_roles_constants_1.CONTRACTX_ROLES.SUPPORT],
+            },
+            projects: {
+                create: [contractx_roles_constants_1.CONTRACTX_ROLES.CLIENT_CONTRACT_ADMIN, contractx_roles_constants_1.CONTRACTX_ROLES.PROVIDER_CONTRACT_ADMIN],
+                delete: [contractx_roles_constants_1.CONTRACTX_ROLES.CLIENT_CONTRACT_ADMIN, contractx_roles_constants_1.CONTRACTX_ROLES.PROVIDER_CONTRACT_ADMIN],
+            },
+            security_control: {
+                '*': [contractx_roles_constants_1.CONTRACTX_ROLES.SUPERADMIN, contractx_roles_constants_1.CONTRACTX_ROLES.SUPPORT],
+            },
+        };
+        return resourceRoleMap[resource]?.[action] || resourceRoleMap[resource]?.['*'] || [];
+    }
+    /**
+     * Check permission for a user (simpler interface for admin service)
+     */
+    checkPermission(user, permission, context) {
+        const [resource, action] = permission.split(':');
+        const authContext = {
+            userRoles: user.role,
+            userPermissions: user.permissions,
+            requestedResource: resource,
+            requestedAction: action,
+            organizationId: context?.tenantId,
+            projectId: context?.resourceId,
+        };
+        return this.authorize(authContext);
+    }
+    /**
+     * Generate access matrix for a user object (simpler interface)
+     */
+    generateAccessMatrixForUser(user) {
+        const context = {
+            userRoles: user.role,
+            userPermissions: user.permissions,
+        };
+        return this.generateAccessMatrix(context);
+    }
+};
+exports.ContractXAuthorizationService = ContractXAuthorizationService;
+exports.ContractXAuthorizationService = ContractXAuthorizationService = __decorate([
+    (0, common_1.Injectable)(),
+    __metadata("design:paramtypes", [contractx_validation_service_1.ContractXValidationService])
+], ContractXAuthorizationService);

package/dist/services/contractx-document-compliance.service.d.ts ADDED Viewed

@@ -0,0 +1,85 @@
+/**
+ * ContractX Document Compliance Service
+ * Validates permissions-contractx package compliance with PermisosRoles.odt document requirements
+ */
+export interface ComplianceValidationResult {
+    isCompliant: boolean;
+    summary: {
+        totalRoles: number;
+        validatedRoles: number;
+        totalPermissions: number;
+        validatedPermissions: number;
+        compliantRoles: string[];
+        nonCompliantRoles: string[];
+    };
+    roleAnalysis: Array<{
+        role: string;
+        isCompliant: boolean;
+        expectedPermissions: string[];
+        actualPermissions: string[];
+        missingPermissions: string[];
+        extraPermissions: string[];
+        documentReference: string;
+    }>;
+    modulesCoverage: Array<{
+        module: string;
+        covered: boolean;
+        usedByRoles: string[];
+    }>;
+    warnings: string[];
+    errors: string[];
+}
+export interface DocumentRequirement {
+    role: string;
+    category: 'system' | 'client' | 'provider';
+    permissions: Record<string, string[]>;
+    restrictions: string[];
+}
+export declare class ContractXDocumentComplianceService {
+    private readonly logger;
+    /**
+     * Document-based role requirements extracted from PermisosRoles.odt
+     */
+    private readonly DOCUMENT_REQUIREMENTS;
+    /**
+     * Permission action mappings from document notation to system notation
+     */
+    private readonly ACTION_MAPPINGS;
+    /**
+     * Validates complete package compliance with PermisosRoles.odt document
+     */
+    validateDocumentCompliance(): Promise<ComplianceValidationResult>;
+    /**
+     * Validates a specific role against document requirements
+     */
+    private validateRoleCompliance;
+    /**
+     * Converts document requirements to permission strings
+     */
+    private convertRequirementsToPermissions;
+    /**
+     * Validates module coverage across all roles
+     */
+    private validateModulesCoverage;
+    /**
+     * Finds roles that use a specific module
+     */
+    private findRolesUsingModule;
+    /**
+     * Counts total validated permissions across all roles
+     */
+    private countValidatedPermissions;
+    /**
+     * Adds warnings for roles present in package but not in document
+     */
+    private addMissingRoleWarnings;
+    /**
+     * Gets the document section for a role
+     */
+    private getRoleSection;
+    /**
+     * Generates a compliance report summary
+     */
+    generateComplianceReport(validation: ComplianceValidationResult): string;
+}
+//# sourceMappingURL=contractx-document-compliance.service.d.ts.map

package/dist/services/contractx-document-compliance.service.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"contractx-document-compliance.service.d.ts","sourceRoot":"","sources":["../../src/services/contractx-document-compliance.service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AASH,MAAM,WAAW,0BAA0B;IACzC,WAAW,EAAE,OAAO,CAAC;IACrB,OAAO,EAAE;QACP,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,MAAM,CAAC;QACvB,gBAAgB,EAAE,MAAM,CAAC;QACzB,oBAAoB,EAAE,MAAM,CAAC;QAC7B,cAAc,EAAE,MAAM,EAAE,CAAC;QACzB,iBAAiB,EAAE,MAAM,EAAE,CAAC;KAC7B,CAAC;IACF,YAAY,EAAE,KAAK,CAAC;QAClB,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,OAAO,CAAC;QACrB,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,iBAAiB,EAAE,MAAM,EAAE,CAAC;QAC5B,kBAAkB,EAAE,MAAM,EAAE,CAAC;QAC7B,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,iBAAiB,EAAE,MAAM,CAAC;KAC3B,CAAC,CAAC;IACH,eAAe,EAAE,KAAK,CAAC;QACrB,MAAM,EAAE,MAAM,CAAC;QACf,OAAO,EAAE,OAAO,CAAC;QACjB,WAAW,EAAE,MAAM,EAAE,CAAC;KACvB,CAAC,CAAC;IACH,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,QAAQ,GAAG,QAAQ,GAAG,UAAU,CAAC;IAC3C,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACtC,YAAY,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,qBACa,kCAAkC;IAC7C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAuD;IAE9E;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAwRpC;IAEF;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,eAAe,CAO9B;IAEF;;OAEG;IACG,0BAA0B,IAAI,OAAO,CAAC,0BAA0B,CAAC;IAuDvE;;OAEG;YACW,sBAAsB;IA+BpC;;OAEG;IACH,OAAO,CAAC,gCAAgC;IAexC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAgB/B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAY5B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAWjC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAgB9B;;OAEG;IACH,OAAO,CAAC,cAAc;IA+BtB;;OAEG;IACH,wBAAwB,CAAC,UAAU,EAAE,0BAA0B,GAAG,MAAM;CA2DzE"}