rax-flow-core 0.2.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. package/dist/governance/audit-trail.d.ts +94 -0
  2. package/dist/governance/audit-trail.d.ts.map +1 -0
  3. package/dist/governance/audit-trail.js +246 -0
  4. package/dist/governance/audit-trail.js.map +1 -0
  5. package/dist/governance/policy-engine.d.ts +101 -0
  6. package/dist/governance/policy-engine.d.ts.map +1 -0
  7. package/dist/governance/policy-engine.js +446 -0
  8. package/dist/governance/policy-engine.js.map +1 -0
  9. package/dist/governance/rbac-engine.d.ts +59 -0
  10. package/dist/governance/rbac-engine.d.ts.map +1 -0
  11. package/dist/governance/rbac-engine.js +183 -0
  12. package/dist/governance/rbac-engine.js.map +1 -0
  13. package/dist/index.d.ts +5 -1
  14. package/dist/index.d.ts.map +1 -1
  15. package/dist/index.js +5 -1
  16. package/dist/index.js.map +1 -1
  17. package/dist/memory/embeddings-service.d.ts +116 -0
  18. package/dist/memory/embeddings-service.d.ts.map +1 -0
  19. package/dist/memory/embeddings-service.js +287 -0
  20. package/dist/memory/embeddings-service.js.map +1 -0
  21. package/dist/memory/local-vector-store.d.ts +37 -3
  22. package/dist/memory/local-vector-store.d.ts.map +1 -1
  23. package/dist/memory/local-vector-store.js +91 -8
  24. package/dist/memory/local-vector-store.js.map +1 -1
  25. package/dist/orchestrator/core-orchestrator.d.ts +12 -0
  26. package/dist/orchestrator/core-orchestrator.d.ts.map +1 -1
  27. package/dist/orchestrator/core-orchestrator.js +75 -0
  28. package/dist/orchestrator/core-orchestrator.js.map +1 -1
  29. package/dist/orchestrator/task-decomposer.d.ts +56 -0
  30. package/dist/orchestrator/task-decomposer.d.ts.map +1 -0
  31. package/dist/orchestrator/task-decomposer.js +286 -0
  32. package/dist/orchestrator/task-decomposer.js.map +1 -0
  33. package/dist/plugins/plugin-system.d.ts +84 -1
  34. package/dist/plugins/plugin-system.d.ts.map +1 -1
  35. package/dist/plugins/plugin-system.js +91 -0
  36. package/dist/plugins/plugin-system.js.map +1 -1
  37. package/package.json +1 -1
  38. package/src/governance/audit-trail.ts +375 -0
  39. package/src/governance/policy-engine.ts +582 -0
  40. package/src/governance/rbac-engine.ts +244 -0
  41. package/src/index.ts +5 -2
  42. package/src/memory/embeddings-service.ts +322 -0
  43. package/src/memory/local-vector-store.ts +105 -8
  44. package/src/orchestrator/core-orchestrator.ts +78 -0
  45. package/src/orchestrator/task-decomposer.ts +428 -0
  46. package/src/plugins/plugin-system.ts +162 -1
package/dist/governance/policy-engine.js ADDED
@@ -0,0 +1,446 @@
1
+ const DEFAULT_CONFIG = {
2
+ maxCostPerRun: 1.0,
3
+ maxTokensPerRun: 100000,
4
+ maxLatencyMs: 60000
5
+ };
6
+ export class GovernanceEngine {
7
+ rules = new Map();
8
+ config;
9
+ stats = {
10
+ totalEvaluations: 0,
11
+ violationsByType: {},
12
+ violationsBySeverity: {},
13
+ blockedCount: 0,
14
+ allowedCount: 0
15
+ };
16
+ rateLimitTracker = new Map();
17
+ constructor(config = {}) {
18
+ this.config = { ...DEFAULT_CONFIG, ...config };
19
+ this.initializeDefaultRules();
20
+ }
21
+ initializeDefaultRules() {
22
+ this.addRule({
23
+ id: "cost_limit",
24
+ name: "Cost Limit",
25
+ description: "Ensures execution cost stays within limits",
26
+ enabled: true,
27
+ severity: "high",
28
+ scope: "output",
29
+ evaluate: async (ctx) => this.evaluateCostLimit(ctx)
30
+ });
31
+ this.addRule({
32
+ id: "token_limit",
33
+ name: "Token Limit",
34
+ description: "Ensures token usage stays within limits",
35
+ enabled: true,
36
+ severity: "medium",
37
+ scope: "output",
38
+ evaluate: async (ctx) => this.evaluateTokenLimit(ctx)
39
+ });
40
+ this.addRule({
41
+ id: "latency_limit",
42
+ name: "Latency Limit",
43
+ description: "Ensures execution time stays within limits",
44
+ enabled: true,
45
+ severity: "medium",
46
+ scope: "output",
47
+ evaluate: async (ctx) => this.evaluateLatencyLimit(ctx)
48
+ });
49
+ this.addRule({
50
+ id: "blocked_content",
51
+ name: "Blocked Content",
52
+ description: "Blocks prompts containing disallowed patterns",
53
+ enabled: true,
54
+ severity: "critical",
55
+ scope: "input",
56
+ evaluate: async (ctx) => this.evaluateBlockedContent(ctx)
57
+ });
58
+ this.addRule({
59
+ id: "intent_whitelist",
60
+ name: "Intent Whitelist",
61
+ description: "Only allows specified intents",
62
+ enabled: false,
63
+ severity: "high",
64
+ scope: "input",
65
+ evaluate: async (ctx) => this.evaluateIntentWhitelist(ctx)
66
+ });
67
+ this.addRule({
68
+ id: "approval_required",
69
+ name: "Approval Required",
70
+ description: "Requires human approval for certain operations",
71
+ enabled: true,
72
+ severity: "medium",
73
+ scope: "both",
74
+ evaluate: async (ctx) => this.evaluateApprovalRequired(ctx)
75
+ });
76
+ this.addRule({
77
+ id: "rate_limit",
78
+ name: "Rate Limit",
79
+ description: "Limits request frequency",
80
+ enabled: true,
81
+ severity: "high",
82
+ scope: "input",
83
+ evaluate: async (ctx) => this.evaluateRateLimit(ctx)
84
+ });
85
+ }
86
+ addRule(rule) {
87
+ this.rules.set(rule.id, rule);
88
+ }
89
+ removeRule(ruleId) {
90
+ return this.rules.delete(ruleId);
91
+ }
92
+ enableRule(ruleId) {
93
+ const rule = this.rules.get(ruleId);
94
+ if (rule) {
95
+ rule.enabled = true;
96
+ return true;
97
+ }
98
+ return false;
99
+ }
100
+ disableRule(ruleId) {
101
+ const rule = this.rules.get(ruleId);
102
+ if (rule) {
103
+ rule.enabled = false;
104
+ return true;
105
+ }
106
+ return false;
107
+ }
108
+ async evaluateInput(context) {
109
+ const allViolations = [];
110
+ for (const rule of this.rules.values()) {
111
+ if (!rule.enabled || (rule.scope !== "input" && rule.scope !== "both"))
112
+ continue;
113
+ const decision = await rule.evaluate(context);
114
+ this.updateStats(rule.id, decision);
115
+ if (!decision.allowed) {
116
+ allViolations.push(...decision.violations);
117
+ }
118
+ }
119
+ return {
120
+ allowed: allViolations.length === 0 || !allViolations.some(v => v.severity === "critical"),
121
+ violations: allViolations
122
+ };
123
+ }
124
+ async evaluateOutput(context) {
125
+ const allViolations = [];
126
+ for (const rule of this.rules.values()) {
127
+ if (!rule.enabled || (rule.scope !== "output" && rule.scope !== "both"))
128
+ continue;
129
+ const decision = await rule.evaluate(context);
130
+ this.updateStats(rule.id, decision);
131
+ if (!decision.allowed) {
132
+ allViolations.push(...decision.violations);
133
+ }
134
+ }
135
+ return {
136
+ allowed: !allViolations.some(v => v.severity === "critical" || v.severity === "high"),
137
+ violations: allViolations
138
+ };
139
+ }
140
+ async evaluate(context, phase) {
141
+ this.stats.totalEvaluations++;
142
+ if (phase === "input") {
143
+ return this.evaluateInput(context);
144
+ }
145
+ return this.evaluateOutput(context);
146
+ }
147
+ async evaluateCostLimit(context) {
148
+ const cost = context.costUsd ?? context.output?.costUsd ?? 0;
149
+ if (cost > this.config.maxCostPerRun) {
150
+ return {
151
+ allowed: false,
152
+ violations: [{
153
+ policy: "cost_limit",
154
+ severity: "high",
155
+ message: `Cost $${cost.toFixed(4)} exceeds limit $${this.config.maxCostPerRun}`
156
+ }]
157
+ };
158
+ }
159
+ if (cost > this.config.maxCostPerRun * 0.8) {
160
+ return {
161
+ allowed: true,
162
+ violations: [{
163
+ policy: "cost_limit",
164
+ severity: "low",
165
+ message: `Cost approaching limit: $${cost.toFixed(4)} / $${this.config.maxCostPerRun}`
166
+ }]
167
+ };
168
+ }
169
+ return { allowed: true, violations: [] };
170
+ }
171
+ async evaluateTokenLimit(context) {
172
+ const tokens = context.tokensUsed ?? context.output?.usage?.totalTokens ?? 0;
173
+ if (tokens > this.config.maxTokensPerRun) {
174
+ return {
175
+ allowed: false,
176
+ violations: [{
177
+ policy: "token_limit",
178
+ severity: "medium",
179
+ message: `Token usage ${tokens} exceeds limit ${this.config.maxTokensPerRun}`
180
+ }]
181
+ };
182
+ }
183
+ return { allowed: true, violations: [] };
184
+ }
185
+ async evaluateLatencyLimit(context) {
186
+ const latency = context.latencyMs ?? 0;
187
+ if (latency > this.config.maxLatencyMs) {
188
+ return {
189
+ allowed: false,
190
+ violations: [{
191
+ policy: "latency_limit",
192
+ severity: "medium",
193
+ message: `Latency ${latency}ms exceeds limit ${this.config.maxLatencyMs}ms`
194
+ }]
195
+ };
196
+ }
197
+ return { allowed: true, violations: [] };
198
+ }
199
+ async evaluateBlockedContent(context) {
200
+ const violations = [];
201
+ const patterns = this.config.blockedPatterns ?? [];
202
+ if (!context.input?.userPrompt) {
203
+ return { allowed: true, violations: [] };
204
+ }
205
+ const text = context.input.userPrompt.toLowerCase();
206
+ for (const pattern of patterns) {
207
+ if (text.includes(pattern.toLowerCase())) {
208
+ violations.push({
209
+ policy: "blocked_content",
210
+ severity: "critical",
211
+ message: `Prompt contains blocked pattern: ${pattern}`
212
+ });
213
+ }
214
+ }
215
+ const dangerousPatterns = [
216
+ "ignore previous instructions",
217
+ "disregard all",
218
+ "override safety",
219
+ "bypass restrictions"
220
+ ];
221
+ for (const pattern of dangerousPatterns) {
222
+ if (text.includes(pattern)) {
223
+ violations.push({
224
+ policy: "blocked_content",
225
+ severity: "critical",
226
+ message: `Potential prompt injection detected: ${pattern}`
227
+ });
228
+ }
229
+ }
230
+ return {
231
+ allowed: violations.length === 0,
232
+ violations
233
+ };
234
+ }
235
+ async evaluateIntentWhitelist(context) {
236
+ if (!this.config.allowedIntents || this.config.allowedIntents.length === 0) {
237
+ return { allowed: true, violations: [] };
238
+ }
239
+ const intent = context.metadata?.intent;
240
+ if (!intent) {
241
+ return { allowed: true, violations: [] };
242
+ }
243
+ if (!this.config.allowedIntents.includes(intent)) {
244
+ return {
245
+ allowed: false,
246
+ violations: [{
247
+ policy: "intent_whitelist",
248
+ severity: "high",
249
+ message: `Intent '${intent}' is not in allowed list`
250
+ }]
251
+ };
252
+ }
253
+ return { allowed: true, violations: [] };
254
+ }
255
+ async evaluateApprovalRequired(context) {
256
+ const approvalFor = this.config.requireApprovalFor ?? [];
257
+ const agent = context.agent ?? context.metadata?.agent;
258
+ if (!agent || !approvalFor.includes(agent)) {
259
+ return { allowed: true, violations: [] };
260
+ }
261
+ if (context.metadata?.approved === true) {
262
+ return { allowed: true, violations: [] };
263
+ }
264
+ return {
265
+ allowed: false,
266
+ violations: [{
267
+ policy: "approval_required",
268
+ severity: "medium",
269
+ message: `Agent '${agent}' requires human approval before execution`
270
+ }]
271
+ };
272
+ }
273
+ async evaluateRateLimit(context) {
274
+ if (!this.config.rateLimitPerMinute) {
275
+ return { allowed: true, violations: [] };
276
+ }
277
+ const key = context.metadata?.userId ?? "anonymous";
278
+ const now = Date.now();
279
+ const windowStart = now - 60000;
280
+ let requests = this.rateLimitTracker.get(key) ?? [];
281
+ requests = requests.filter(t => t > windowStart);
282
+ if (requests.length >= this.config.rateLimitPerMinute) {
283
+ return {
284
+ allowed: false,
285
+ violations: [{
286
+ policy: "rate_limit",
287
+ severity: "high",
288
+ message: `Rate limit exceeded: ${requests.length} requests in the last minute`
289
+ }]
290
+ };
291
+ }
292
+ requests.push(now);
293
+ this.rateLimitTracker.set(key, requests);
294
+ return { allowed: true, violations: [] };
295
+ }
296
+ updateStats(ruleId, decision) {
297
+ if (decision.allowed) {
298
+ this.stats.allowedCount++;
299
+ }
300
+ else {
301
+ this.stats.blockedCount++;
302
+ }
303
+ for (const violation of decision.violations) {
304
+ this.stats.violationsByType[ruleId] = (this.stats.violationsByType[ruleId] ?? 0) + 1;
305
+ this.stats.violationsBySeverity[violation.severity] = (this.stats.violationsBySeverity[violation.severity] ?? 0) + 1;
306
+ }
307
+ }
308
+ getStats() {
309
+ return { ...this.stats };
310
+ }
311
+ getConfig() {
312
+ return { ...this.config };
313
+ }
314
+ updateConfig(updates) {
315
+ this.config = { ...this.config, ...updates };
316
+ }
317
+ getRules() {
318
+ return Array.from(this.rules.values());
319
+ }
320
+ getRule(id) {
321
+ return this.rules.get(id);
322
+ }
323
+ resetStats() {
324
+ this.stats = {
325
+ totalEvaluations: 0,
326
+ violationsByType: {},
327
+ violationsBySeverity: {},
328
+ blockedCount: 0,
329
+ allowedCount: 0
330
+ };
331
+ this.rateLimitTracker.clear();
332
+ }
333
+ }
334
+ export class CostPolicy {
335
+ config;
336
+ name = "CostPolicy";
337
+ sessionCosts = new Map();
338
+ dailyCosts = new Map();
339
+ constructor(config) {
340
+ this.config = config;
341
+ }
342
+ async validateInput(input) {
343
+ const sessionId = input.context?.sessionId;
344
+ const today = new Date().toISOString().split("T")[0];
345
+ const sessionCost = this.sessionCosts.get(sessionId ?? "default") ?? 0;
346
+ const dailyCost = this.dailyCosts.get(today) ?? 0;
347
+ const violations = [];
348
+ if (sessionCost >= this.config.maxPerSession) {
349
+ violations.push({
350
+ policy: this.name,
351
+ severity: "critical",
352
+ message: `Session cost limit reached: $${sessionCost.toFixed(4)}`
353
+ });
354
+ }
355
+ if (dailyCost >= this.config.maxPerDay) {
356
+ violations.push({
357
+ policy: this.name,
358
+ severity: "critical",
359
+ message: `Daily cost limit reached: $${dailyCost.toFixed(4)}`
360
+ });
361
+ }
362
+ return {
363
+ allowed: violations.length === 0,
364
+ violations
365
+ };
366
+ }
367
+ async validateOutput(output) {
368
+ const cost = output.costUsd ?? 0;
369
+ if (cost > this.config.maxPerRequest) {
370
+ return {
371
+ allowed: false,
372
+ violations: [{
373
+ policy: this.name,
374
+ severity: "high",
375
+ message: `Request cost $${cost.toFixed(4)} exceeds limit $${this.config.maxPerRequest}`
376
+ }]
377
+ };
378
+ }
379
+ return { allowed: true, violations: [] };
380
+ }
381
+ recordCost(sessionId, cost) {
382
+ const today = new Date().toISOString().split("T")[0];
383
+ this.sessionCosts.set(sessionId, (this.sessionCosts.get(sessionId) ?? 0) + cost);
384
+ this.dailyCosts.set(today, (this.dailyCosts.get(today) ?? 0) + cost);
385
+ }
386
+ getSessionCost(sessionId) {
387
+ return this.sessionCosts.get(sessionId) ?? 0;
388
+ }
389
+ getDailyCost() {
390
+ const today = new Date().toISOString().split("T")[0];
391
+ return this.dailyCosts.get(today) ?? 0;
392
+ }
393
+ }
394
+ export class TokenPolicy {
395
+ config;
396
+ name = "TokenPolicy";
397
+ sessionTokens = new Map();
398
+ constructor(config) {
399
+ this.config = config;
400
+ }
401
+ async validateInput(input) {
402
+ const sessionId = input.context?.sessionId;
403
+ const estimatedTokens = this.estimateTokens(input.userPrompt);
404
+ const sessionTokens = this.sessionTokens.get(sessionId ?? "default") ?? 0;
405
+ const violations = [];
406
+ if (estimatedTokens > this.config.maxPerRequest) {
407
+ violations.push({
408
+ policy: this.name,
409
+ severity: "high",
410
+ message: `Request would exceed token limit: ${estimatedTokens} > ${this.config.maxPerRequest}`
411
+ });
412
+ }
413
+ if (sessionTokens + estimatedTokens > this.config.maxPerSession) {
414
+ violations.push({
415
+ policy: this.name,
416
+ severity: "high",
417
+ message: `Session token limit would be exceeded`
418
+ });
419
+ }
420
+ return {
421
+ allowed: violations.length === 0,
422
+ violations
423
+ };
424
+ }
425
+ async validateOutput(output) {
426
+ const tokens = output.usage?.totalTokens ?? 0;
427
+ if (tokens > this.config.maxPerRequest) {
428
+ return {
429
+ allowed: false,
430
+ violations: [{
431
+ policy: this.name,
432
+ severity: "medium",
433
+ message: `Token usage ${tokens} exceeds limit ${this.config.maxPerRequest}`
434
+ }]
435
+ };
436
+ }
437
+ return { allowed: true, violations: [] };
438
+ }
439
+ recordTokens(sessionId, tokens) {
440
+ this.sessionTokens.set(sessionId, (this.sessionTokens.get(sessionId) ?? 0) + tokens);
441
+ }
442
+ estimateTokens(text) {
443
+ return Math.ceil(text.split(/\s+/).length * 1.3);
444
+ }
445
+ }
446
+ //# sourceMappingURL=policy-engine.js.map
package/dist/governance/policy-engine.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"policy-engine.js","sourceRoot":"","sources":["../../src/governance/policy-engine.ts"],"names":[],"mappings":"AA2CA,MAAM,cAAc,GAAqB;IACvC,aAAa,EAAE,GAAG;IAClB,eAAe,EAAE,MAAM;IACvB,YAAY,EAAE,KAAK;CACpB,CAAC;AAEF,MAAM,OAAO,gBAAgB;IACnB,KAAK,GAAgC,IAAI,GAAG,EAAE,CAAC;IAC/C,MAAM,CAAmB;IACzB,KAAK,GAAoB;QAC/B,gBAAgB,EAAE,CAAC;QACnB,gBAAgB,EAAE,EAAE;QACpB,oBAAoB,EAAE,EAAE;QACxB,YAAY,EAAE,CAAC;QACf,YAAY,EAAE,CAAC;KAChB,CAAC;IACM,gBAAgB,GAA0B,IAAI,GAAG,EAAE,CAAC;IAE5D,YAAY,SAAoC,EAAE;QAChD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;QAC/C,IAAI,CAAC,sBAAsB,EAAE,CAAC;IAChC,CAAC;IAEO,sBAAsB;QAC5B,IAAI,CAAC,OAAO,CAAC;YACX,EAAE,EAAE,YAAY;YAChB,IAAI,EAAE,YAAY;YAClB,WAAW,EAAE,4CAA4C;YACzD,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,QAAQ;YACf,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC;SACrD,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC;YACX,EAAE,EAAE,aAAa;YACjB,IAAI,EAAE,aAAa;YACnB,WAAW,EAAE,yCAAyC;YACtD,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,QAAQ;YACf,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC;SACtD,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC;YACX,EAAE,EAAE,eAAe;YACnB,IAAI,EAAE,eAAe;YACrB,WAAW,EAAE,4CAA4C;YACzD,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,QAAQ;YACf,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC;SACxD,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC;YACX,EAAE,EAAE,iBAAiB;YACrB,IAAI,EAAE,iBAAiB;YACvB,WAAW,EAAE,+CAA+C;YAC5D,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,OAAO;YACd,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,GAAG,CAAC;SAC1D,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC;YACX,EAAE,EAAE,kBAAkB;YACtB,IAAI,EAAE,kBAAkB;YACxB,WAAW,EAAE,+BAA+B;YAC5C,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,OAAO;YACd,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC;SAC3D,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC;YACX,EAAE,EAAE,mBAAmB;YACvB,IAAI,EAAE,mBAAmB;YACzB,WAAW,EAAE,gDAAgD;YAC7D,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,MAAM;YACb,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC;SAC5D,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC;YACX,EAAE,EAAE,YAAY;YAChB,IAAI,EAAE,YAAY;YAClB,WAAW,EAAE,0BAA0B;YACvC,OAAO,EAAE,IAAI;YACb,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,OAAO;YACd,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC;SACrD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CAAC,IAAoB;QAC1B,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,UAAU,CAAC,MAAc;QACvB,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,UAAU,CAAC,MAAc;QACvB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACpC,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;YACpB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,WAAW,CAAC,MAAc;QACxB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACpC,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,OAA0B;QAC5C,MAAM,aAAa,GAAsB,EAAE,CAAC;QAE5C,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YACvC,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,KAAK,KAAK,OAAO,IAAI,IAAI,CAAC,KAAK,KAAK,MAAM,CAAC;gBAAE,SAAS;YAEjF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;YAEpC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACtB,aAAa,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,OAAO;YACL,OAAO,EAAE,aAAa,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;YAC1F,UAAU,EAAE,aAAa;SAC1B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,OAA0B;QAC7C,MAAM,aAAa,GAAsB,EAAE,CAAC;QAE5C,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YACvC,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,KAAK,KAAK,QAAQ,IAAI,IAAI,CAAC,KAAK,KAAK,MAAM,CAAC;gBAAE,SAAS;YAElF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;YAEpC,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACtB,aAAa,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,OAAO;YACL,OAAO,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;YACrF,UAAU,EAAE,aAAa;SAC1B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAA0B,EAAE,KAAyB;QAClE,IAAI,CAAC,KAAK,CAAC,gBAAgB,EAAE,CAAC;QAE9B,IAAI,KAAK,KAAK,OAAO,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,OAA0B;QACxD,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,EAAE,OAAO,IAAI,CAAC,CAAC;QAE7D,IAAI,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YACrC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,YAAY;wBACpB,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,SAAS,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;qBAChF,CAAC;aACH,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,GAAG,EAAE,CAAC;YAC3C,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,YAAY;wBACpB,QAAQ,EAAE,KAAK;wBACf,OAAO,EAAE,4BAA4B,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;qBACvF,CAAC;aACH,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAAC,OAA0B;QACzD,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,MAAM,EAAE,KAAK,EAAE,WAAW,IAAI,CAAC,CAAC;QAE7E,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YACzC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,aAAa;wBACrB,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,eAAe,MAAM,kBAAkB,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE;qBAC9E,CAAC;aACH,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,oBAAoB,CAAC,OAA0B;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,IAAI,CAAC,CAAC;QAEvC,IAAI,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YACvC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,eAAe;wBACvB,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,WAAW,OAAO,oBAAoB,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI;qBAC5E,CAAC;aACH,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,sBAAsB,CAAC,OAA0B;QAC7D,MAAM,UAAU,GAAsB,EAAE,CAAC;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,IAAI,EAAE,CAAC;QAEnD,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC;YAC/B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC3C,CAAC;QAED,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,WAAW,EAAE,CAAC;QAEpD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACzC,UAAU,CAAC,IAAI,CAAC;oBACd,MAAM,EAAE,iBAAiB;oBACzB,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,oCAAoC,OAAO,EAAE;iBACvD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,MAAM,iBAAiB,GAAG;YACxB,8BAA8B;YAC9B,eAAe;YACf,iBAAiB;YACjB,qBAAqB;SACtB,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;YACxC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3B,UAAU,CAAC,IAAI,CAAC;oBACd,MAAM,EAAE,iBAAiB;oBACzB,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,wCAAwC,OAAO,EAAE;iBAC3D,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO;YACL,OAAO,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC;YAChC,UAAU;SACX,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,uBAAuB,CAAC,OAA0B;QAC9D,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC3C,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,EAAE,MAA4B,CAAC;QAC9D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC3C,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACjD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,kBAAkB;wBAC1B,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,WAAW,MAAM,0BAA0B;qBACrD,CAAC;aACH,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC3C,CAAC;IAEO,KAAK,CAAC,wBAAwB,CAAC,OAA0B;QAC/D,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,EAAE,CAAC;QACzD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,QAAQ,EAAE,KAA2B,CAAC;QAE7E,IAAI,CAAC,KAAK,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC3C,CAAC;QAED,IAAI,OAAO,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,EAAE,CAAC;YACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC3C,CAAC;QAED,OAAO;YACL,OAAO,EAAE,KAAK;YACd,UAAU,EAAE,CAAC;oBACX,MAAM,EAAE,mBAAmB;oBAC3B,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,UAAU,KAAK,4CAA4C;iBACrE,CAAC;SACH,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,OAA0B;QACxD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACpC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;QAC3C,CAAC;QAED,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAgB,IAAI,WAAW,CAAC;QAC9D,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,GAAG,GAAG,KAAK,CAAC;QAEhC,IAAI,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACpD,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;QAEjD,IAAI,QAAQ,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACtD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,YAAY;wBACpB,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,wBAAwB,QAAQ,CAAC,MAAM,8BAA8B;qBAC/E,CAAC;aACH,CAAC;QACJ,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnB,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAEzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC3C,CAAC;IAEO,WAAW,CAAC,MAAc,EAAE,QAAwB;QAC1D,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACrB,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;QAC5B,CAAC;QAED,KAAK,MAAM,SAAS,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YAC5C,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACrF,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,oBAAoB,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACvH,CAAC;IACH,CAAC;IAED,QAAQ;QACN,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED,SAAS;QACP,OAAO,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;IAC5B,CAAC;IAED,YAAY,CAAC,OAAkC;QAC7C,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,OAAO,EAAE,CAAC;IAC/C,CAAC;IAED,QAAQ;QACN,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,CAAC,EAAU;QAChB,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC5B,CAAC;IAED,UAAU;QACR,IAAI,CAAC,KAAK,GAAG;YACX,gBAAgB,EAAE,CAAC;YACnB,gBAAgB,EAAE,EAAE;YACpB,oBAAoB,EAAE,EAAE;YACxB,YAAY,EAAE,CAAC;YACf,YAAY,EAAE,CAAC;SAChB,CAAC;QACF,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;IAChC,CAAC;CACF;AASD,MAAM,OAAO,UAAU;IAKD;IAJpB,IAAI,GAAG,YAAY,CAAC;IACZ,YAAY,GAAwB,IAAI,GAAG,EAAE,CAAC;IAC9C,UAAU,GAAwB,IAAI,GAAG,EAAE,CAAC;IAEpD,YAAoB,MAAwB;QAAxB,WAAM,GAAN,MAAM,CAAkB;IAAG,CAAC;IAEhD,KAAK,CAAC,aAAa,CAAC,KAAiB;QACnC,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,EAAE,SAA+B,CAAC;QACjE,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAErD,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC;QACvE,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElD,MAAM,UAAU,GAAsB,EAAE,CAAC;QAEzC,IAAI,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAC7C,UAAU,CAAC,IAAI,CAAC;gBACd,MAAM,EAAE,IAAI,CAAC,IAAI;gBACjB,QAAQ,EAAE,UAAU;gBACpB,OAAO,EAAE,gCAAgC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;aAClE,CAAC,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YACvC,UAAU,CAAC,IAAI,CAAC;gBACd,MAAM,EAAE,IAAI,CAAC,IAAI;gBACjB,QAAQ,EAAE,UAAU;gBACpB,OAAO,EAAE,8BAA8B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;aAC9D,CAAC,CAAC;QACL,CAAC;QAED,OAAO;YACL,OAAO,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC;YAChC,UAAU;SACX,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAAmB;QACtC,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC;QAEjC,IAAI,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YACrC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,IAAI,CAAC,IAAI;wBACjB,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,iBAAiB,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,mBAAmB,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;qBACxF,CAAC;aACH,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC3C,CAAC;IAED,UAAU,CAAC,SAAiB,EAAE,IAAY;QACxC,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QACjF,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACvE,CAAC;IAED,cAAc,CAAC,SAAiB;QAC9B,OAAO,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAC/C,CAAC;IAED,YAAY;QACV,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;CACF;AAQD,MAAM,OAAO,WAAW;IAIF;IAHpB,IAAI,GAAG,aAAa,CAAC;IACb,aAAa,GAAwB,IAAI,GAAG,EAAE,CAAC;IAEvD,YAAoB,MAAyB;QAAzB,WAAM,GAAN,MAAM,CAAmB;IAAG,CAAC;IAEjD,KAAK,CAAC,aAAa,CAAC,KAAiB;QACnC,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,EAAE,SAA+B,CAAC;QACjE,MAAM,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAC9D,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC;QAE1E,MAAM,UAAU,GAAsB,EAAE,CAAC;QAEzC,IAAI,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAChD,UAAU,CAAC,IAAI,CAAC;gBACd,MAAM,EAAE,IAAI,CAAC,IAAI;gBACjB,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,qCAAqC,eAAe,MAAM,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;aAC/F,CAAC,CAAC;QACL,CAAC;QAED,IAAI,aAAa,GAAG,eAAe,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YAChE,UAAU,CAAC,IAAI,CAAC;gBACd,MAAM,EAAE,IAAI,CAAC,IAAI;gBACjB,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,uCAAuC;aACjD,CAAC,CAAC;QACL,CAAC;QAED,OAAO;YACL,OAAO,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC;YAChC,UAAU;SACX,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,MAAmB;QACtC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,EAAE,WAAW,IAAI,CAAC,CAAC;QAE9C,IAAI,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YACvC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,UAAU,EAAE,CAAC;wBACX,MAAM,EAAE,IAAI,CAAC,IAAI;wBACjB,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,eAAe,MAAM,kBAAkB,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE;qBAC5E,CAAC;aACH,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;IAC3C,CAAC;IAED,YAAY,CAAC,SAAiB,EAAE,MAAc;QAC5C,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC;IACvF,CAAC;IAEO,cAAc,CAAC,IAAY;QACjC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC;IACnD,CAAC;CACF"}
package/dist/governance/rbac-engine.d.ts ADDED
@@ -0,0 +1,59 @@
1
+ export type Role = "admin" | "user" | "viewer";
2
+ export type Permission = "workflow:read" | "workflow:write" | "workflow:execute" | "workflow:delete" | "config:read" | "config:write" | "metrics:read" | "audit:read" | "memory:read" | "memory:write" | "plugins:manage" | "providers:configure";
3
+ export interface User {
4
+ id: string;
5
+ name: string;
6
+ email?: string;
7
+ role: Role;
8
+ permissions?: Permission[];
9
+ metadata?: Record<string, unknown>;
10
+ createdAt: number;
11
+ }
12
+ export interface RoleDefinition {
13
+ name: Role;
14
+ permissions: Permission[];
15
+ inherits?: Role;
16
+ description: string;
17
+ }
18
+ export declare class RBACEngine {
19
+ private roles;
20
+ private users;
21
+ private customPermissions;
22
+ constructor(roles?: RoleDefinition[]);
23
+ createAdminUser(id: string, name: string, email?: string): User;
24
+ createUser(id: string, name: string, role: Role, email?: string): User;
25
+ getUser(id: string): User | undefined;
26
+ updateUserRole(userId: string, role: Role): boolean;
27
+ grantPermission(userId: string, permission: Permission): boolean;
28
+ revokePermission(userId: string, permission: Permission): boolean;
29
+ hasPermission(userId: string, permission: Permission): boolean;
30
+ checkPermission(userId: string, permission: Permission): {
31
+ allowed: boolean;
32
+ reason?: string;
33
+ };
34
+ getUserPermissions(userId: string): Permission[];
35
+ getRolePermissions(role: Role): Permission[];
36
+ addRole(definition: RoleDefinition): void;
37
+ removeRole(role: Role): boolean;
38
+ listRoles(): RoleDefinition[];
39
+ listUsers(): User[];
40
+ deleteUser(userId: string): boolean;
41
+ validateAccess(userId: string, resource: string, action: string): {
42
+ allowed: boolean;
43
+ reason?: string;
44
+ };
45
+ canExecuteWorkflow(userId: string): boolean;
46
+ canModifyConfig(userId: string): boolean;
47
+ canViewMetrics(userId: string): boolean;
48
+ canManagePlugins(userId: string): boolean;
49
+ canConfigureProviders(userId: string): boolean;
50
+ exportState(): {
51
+ users: User[];
52
+ customPermissions: Record<string, Permission[]>;
53
+ };
54
+ importState(state: {
55
+ users: User[];
56
+ customPermissions?: Record<string, Permission[]>;
57
+ }): void;
58
+ }
59
+ //# sourceMappingURL=rbac-engine.d.ts.map
package/dist/governance/rbac-engine.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"rbac-engine.d.ts","sourceRoot":"","sources":["../../src/governance/rbac-engine.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,IAAI,GAAG,OAAO,GAAG,MAAM,GAAG,QAAQ,CAAC;AAC/C,MAAM,MAAM,UAAU,GAClB,eAAe,GACf,gBAAgB,GAChB,kBAAkB,GAClB,iBAAiB,GACjB,aAAa,GACb,cAAc,GACd,cAAc,GACd,YAAY,GACZ,aAAa,GACb,cAAc,GACd,gBAAgB,GAChB,qBAAqB,CAAC;AAE1B,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,IAAI,CAAC;IACX,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,IAAI,CAAC;IACX,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,QAAQ,CAAC,EAAE,IAAI,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB;AAkCD,qBAAa,UAAU;IACrB,OAAO,CAAC,KAAK,CAAwC;IACrD,OAAO,CAAC,KAAK,CAAgC;IAC7C,OAAO,CAAC,iBAAiB,CAAwC;gBAErD,KAAK,GAAE,cAAc,EAAkB;IAMnD,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IAI/D,UAAU,CAAC,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IAYtE,OAAO,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS;IAIrC,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO;IAQnD,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO;IAWhE,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO;IAUjE,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO;IAoB9D,eAAe,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,GAAG;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE;IAa9F,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,EAAE;IAWhD,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,UAAU,EAAE;IAK5C,OAAO,CAAC,UAAU,EAAE,cAAc,GAAG,IAAI;IAIzC,UAAU,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAO/B,SAAS,IAAI,cAAc,EAAE;IAI7B,SAAS,IAAI,IAAI,EAAE;IAInB,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAKnC,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE;IAKvG,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAI3C,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAIxC,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAIvC,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAIzC,qBAAqB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAI9C,WAAW,IAAI;QAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAAA;KAAE;IAOjF,WAAW,CAAC,KAAK,EAAE;QAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAAA;KAAE,GAAG,IAAI;CAc9F"}