better-auth

Version:

The most comprehensive authentication framework for TypeScript.

1 lines • 52.7 kB

Source Map (JSON)

{"version":3,"file":"crud-invites.mjs","names":["teamIds","teamIds: string[]"],"sources":["../../../../src/plugins/organization/routes/crud-invites.ts"],"sourcesContent":["import { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { BASE_ERROR_CODES } from \"@better-auth/core/error\";\nimport { APIError } from \"better-call\";\nimport * as z from \"zod\";\nimport { getSessionFromCtx } from \"../../../api/routes\";\nimport { setSessionCookie } from \"../../../cookies\";\nimport type { InferAdditionalFieldsFromPluginOptions } from \"../../../db\";\nimport { toZodSchema } from \"../../../db\";\nimport { getDate } from \"../../../utils/date\";\nimport { defaultRoles } from \"../access/statement\";\nimport { getOrgAdapter } from \"../adapter\";\nimport { orgMiddleware, orgSessionMiddleware } from \"../call\";\nimport { ORGANIZATION_ERROR_CODES } from \"../error-codes\";\nimport { hasPermission } from \"../has-permission\";\nimport { parseRoles } from \"../organization\";\nimport type {\n\tInferInvitation,\n\tInferOrganizationRolesFromOption,\n\tInvitation,\n\tMember,\n} from \"../schema\";\nimport type { OrganizationOptions } from \"../types\";\n\nconst baseInvitationSchema = z.object({\n\temail: z.string().meta({\n\t\tdescription: \"The email address of the user to invite\",\n\t}),\n\trole: z\n\t\t.union([\n\t\t\tz.string().meta({\n\t\t\t\tdescription: \"The role to assign to the user\",\n\t\t\t}),\n\t\t\tz.array(\n\t\t\t\tz.string().meta({\n\t\t\t\t\tdescription: \"The roles to assign to the user\",\n\t\t\t\t}),\n\t\t\t),\n\t\t])\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t'The role(s) to assign to the user. It can be `admin`, `member`, owner. Eg: \"member\"',\n\t\t}),\n\torganizationId: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: \"The organization ID to invite the user to\",\n\t\t})\n\t\t.optional(),\n\tresend: z\n\t\t.boolean()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t\"Resend the invitation email, if the user is already invited. Eg: true\",\n\t\t})\n\t\t.optional(),\n\tteamId: z.union([\n\t\tz\n\t\t\t.string()\n\t\t\t.meta({\n\t\t\t\tdescription: \"The team ID to invite the user to\",\n\t\t\t})\n\t\t\t.optional(),\n\t\tz\n\t\t\t.array(z.string())\n\t\t\t.meta({\n\t\t\t\tdescription: \"The team IDs to invite the user to\",\n\t\t\t})\n\t\t\t.optional(),\n\t]),\n});\n\nexport const createInvitation = <O extends OrganizationOptions>(option: O) => {\n\tconst additionalFieldsSchema = toZodSchema({\n\t\tfields: option?.schema?.invitation?.additionalFields || {},\n\t\tisClientSide: true,\n\t});\n\n\treturn createAuthEndpoint(\n\t\t\"/organization/invite-member\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tbody: z.object({\n\t\t\t\t...baseInvitationSchema.shape,\n\t\t\t\t...additionalFieldsSchema.shape,\n\t\t\t}),\n\t\t\tmetadata: {\n\t\t\t\t$Infer: {\n\t\t\t\t\tbody: {} as {\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * The email address of the user\n\t\t\t\t\t\t * to invite\n\t\t\t\t\t\t */\n\t\t\t\t\t\temail: string;\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * The role to assign to the user\n\t\t\t\t\t\t */\n\t\t\t\t\t\trole:\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>[];\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * The organization ID to invite\n\t\t\t\t\t\t * the user to\n\t\t\t\t\t\t */\n\t\t\t\t\t\torganizationId?: string | undefined;\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * Resend the invitation email, if\n\t\t\t\t\t\t * the user is already invited\n\t\t\t\t\t\t */\n\t\t\t\t\t\tresend?: boolean | undefined;\n\t\t\t\t\t} & (O extends { teams: { enabled: true } }\n\t\t\t\t\t\t? {\n\t\t\t\t\t\t\t\t/**\n\t\t\t\t\t\t\t\t * The team the user is\n\t\t\t\t\t\t\t\t * being invited to.\n\t\t\t\t\t\t\t\t */\n\t\t\t\t\t\t\t\tteamId?: (string | string[]) | undefined;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t: {}) &\n\t\t\t\t\t\tInferAdditionalFieldsFromPluginOptions<\"invitation\", O, false>,\n\t\t\t\t},\n\t\t\t\topenapi: {\n\t\t\t\t\toperationId: \"createOrganizationInvitation\",\n\t\t\t\t\tdescription: \"Create an invitation to an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tinviterId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tstatus: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tcreatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\"email\",\n\t\t\t\t\t\t\t\t\t\t\t\"role\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationId\",\n\t\t\t\t\t\t\t\t\t\t\t\"inviterId\",\n\t\t\t\t\t\t\t\t\t\t\t\"status\",\n\t\t\t\t\t\t\t\t\t\t\t\"expiresAt\",\n\t\t\t\t\t\t\t\t\t\t\t\"createdAt\",\n\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst organizationId =\n\t\t\t\tctx.body.organizationId || session.session.activeOrganizationId;\n\t\t\tif (!organizationId) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst email = ctx.body.email.toLowerCase();\n\t\t\tconst isValidEmail = z.email().safeParse(email);\n\t\t\tif (!isValidEmail.success) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: BASE_ERROR_CODES.INVALID_EMAIL,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, option as O);\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst canInvite = await hasPermission(\n\t\t\t\t{\n\t\t\t\t\trole: member.role,\n\t\t\t\t\toptions: ctx.context.orgOptions,\n\t\t\t\t\tpermissions: {\n\t\t\t\t\t\tinvitation: [\"create\"],\n\t\t\t\t\t},\n\t\t\t\t\torganizationId,\n\t\t\t\t},\n\t\t\t\tctx,\n\t\t\t);\n\n\t\t\tif (!canInvite) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_INVITE_USERS_TO_THIS_ORGANIZATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst creatorRole = ctx.context.orgOptions.creatorRole || \"owner\";\n\n\t\t\tconst roles = parseRoles(ctx.body.role);\n\n\t\t\tconst rolesArray = roles\n\t\t\t\t.split(\",\")\n\t\t\t\t.map((r) => r.trim())\n\t\t\t\t.filter(Boolean);\n\t\t\tconst defaults = Object.keys(defaultRoles);\n\t\t\tconst customRoles = Object.keys(ctx.context.orgOptions.roles || {});\n\t\t\tconst validStaticRoles = new Set([...defaults, ...customRoles]);\n\n\t\t\tconst unknownRoles = rolesArray.filter(\n\t\t\t\t(role) => !validStaticRoles.has(role),\n\t\t\t);\n\n\t\t\tif (unknownRoles.length > 0) {\n\t\t\t\tif (ctx.context.orgOptions.dynamicAccessControl?.enabled) {\n\t\t\t\t\tconst foundRoles = await ctx.context.adapter.findMany({\n\t\t\t\t\t\tmodel: \"organizationRole\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: organizationId },\n\t\t\t\t\t\t\t{ field: \"role\", value: unknownRoles, operator: \"in\" },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\tconst foundRoleNames = foundRoles.map((r: any) => r.role);\n\t\t\t\t\tconst stillInvalid = unknownRoles.filter(\n\t\t\t\t\t\t(r) => !foundRoleNames.includes(r),\n\t\t\t\t\t);\n\n\t\t\t\t\tif (stillInvalid.length > 0) {\n\t\t\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\t\t\tmessage: `${ORGANIZATION_ERROR_CODES.ROLE_NOT_FOUND}: ${stillInvalid.join(\", \")}`,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t} else {\n\t\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\t\tmessage: `${ORGANIZATION_ERROR_CODES.ROLE_NOT_FOUND}: ${unknownRoles.join(\", \")}`,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tmember.role !== creatorRole &&\n\t\t\t\troles.split(\",\").includes(creatorRole)\n\t\t\t) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_INVITE_USER_WITH_THIS_ROLE,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst alreadyMember = await adapter.findMemberByEmail({\n\t\t\t\temail: email,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (alreadyMember) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst alreadyInvited = await adapter.findPendingInvitation({\n\t\t\t\temail: email,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (alreadyInvited.length && !ctx.body.resend) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.USER_IS_ALREADY_INVITED_TO_THIS_ORGANIZATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(organizationId);\n\t\t\tif (!organization) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\t// If resend is true and there's an existing invitation, reuse it\n\t\t\tif (alreadyInvited.length && ctx.body.resend) {\n\t\t\t\tconst existingInvitation = alreadyInvited[0];\n\n\t\t\t\t// Update the invitation's expiration date using the same logic as createInvitation\n\t\t\t\tconst defaultExpiration = 60 * 60 * 48; // 48 hours in seconds\n\t\t\t\tconst newExpiresAt = getDate(\n\t\t\t\t\tctx.context.orgOptions.invitationExpiresIn || defaultExpiration,\n\t\t\t\t\t\"sec\",\n\t\t\t\t);\n\n\t\t\t\tawait ctx.context.adapter.update({\n\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\twhere: [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tfield: \"id\",\n\t\t\t\t\t\t\tvalue: existingInvitation!.id,\n\t\t\t\t\t\t},\n\t\t\t\t\t],\n\t\t\t\t\tupdate: {\n\t\t\t\t\t\texpiresAt: newExpiresAt,\n\t\t\t\t\t},\n\t\t\t\t});\n\n\t\t\t\tconst updatedInvitation = {\n\t\t\t\t\t...existingInvitation,\n\t\t\t\t\texpiresAt: newExpiresAt,\n\t\t\t\t};\n\n\t\t\t\tif (ctx.context.orgOptions.sendInvitationEmail) {\n\t\t\t\t\tawait ctx.context.runInBackgroundOrAwait(\n\t\t\t\t\t\tctx.context.orgOptions.sendInvitationEmail(\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tid: updatedInvitation.id!,\n\t\t\t\t\t\t\t\trole: updatedInvitation.role! as string,\n\t\t\t\t\t\t\t\temail: updatedInvitation.email!.toLowerCase(),\n\t\t\t\t\t\t\t\torganization: organization,\n\t\t\t\t\t\t\t\tinviter: {\n\t\t\t\t\t\t\t\t\t...member,\n\t\t\t\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\tinvitation: updatedInvitation as unknown as Invitation,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tctx.request,\n\t\t\t\t\t\t),\n\t\t\t\t\t);\n\t\t\t\t}\n\n\t\t\t\treturn ctx.json(updatedInvitation as InferInvitation<O, false>);\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\talreadyInvited.length &&\n\t\t\t\tctx.context.orgOptions.cancelPendingInvitationsOnReInvite\n\t\t\t) {\n\t\t\t\tawait adapter.updateInvitation({\n\t\t\t\t\tinvitationId: alreadyInvited[0]!.id,\n\t\t\t\t\tstatus: \"canceled\",\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst invitationLimit =\n\t\t\t\ttypeof ctx.context.orgOptions.invitationLimit === \"function\"\n\t\t\t\t\t? await ctx.context.orgOptions.invitationLimit(\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t\t\t\torganization,\n\t\t\t\t\t\t\t\tmember: member as Member,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tctx.context,\n\t\t\t\t\t\t)\n\t\t\t\t\t: (ctx.context.orgOptions.invitationLimit ?? 100);\n\n\t\t\tconst pendingInvitations = await adapter.findPendingInvitations({\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\n\t\t\tif (pendingInvitations.length >= invitationLimit) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.INVITATION_LIMIT_REACHED,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.teams &&\n\t\t\t\tctx.context.orgOptions.teams.enabled &&\n\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam !==\n\t\t\t\t\t\"undefined\" &&\n\t\t\t\t\"teamId\" in ctx.body &&\n\t\t\t\tctx.body.teamId\n\t\t\t) {\n\t\t\t\tconst teamIds =\n\t\t\t\t\ttypeof ctx.body.teamId === \"string\"\n\t\t\t\t\t\t? [ctx.body.teamId as string]\n\t\t\t\t\t\t: (ctx.body.teamId as string[]);\n\n\t\t\t\tfor (const teamId of teamIds) {\n\t\t\t\t\tconst team = await adapter.findTeamById({\n\t\t\t\t\t\tteamId,\n\t\t\t\t\t\torganizationId: organizationId,\n\t\t\t\t\t\tincludeTeamMembers: true,\n\t\t\t\t\t});\n\n\t\t\t\t\tif (!team) {\n\t\t\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.TEAM_NOT_FOUND,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst maximumMembersPerTeam =\n\t\t\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam ===\n\t\t\t\t\t\t\"function\"\n\t\t\t\t\t\t\t? await ctx.context.orgOptions.teams.maximumMembersPerTeam({\n\t\t\t\t\t\t\t\t\tteamId,\n\t\t\t\t\t\t\t\t\tsession: session,\n\t\t\t\t\t\t\t\t\torganizationId: organizationId,\n\t\t\t\t\t\t\t\t})\n\t\t\t\t\t\t\t: ctx.context.orgOptions.teams.maximumMembersPerTeam;\n\t\t\t\t\tif (team.members.length >= maximumMembersPerTeam) {\n\t\t\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.TEAM_MEMBER_LIMIT_REACHED,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst teamIds: string[] =\n\t\t\t\t\"teamId\" in ctx.body\n\t\t\t\t\t? typeof ctx.body.teamId === \"string\"\n\t\t\t\t\t\t? [ctx.body.teamId as string]\n\t\t\t\t\t\t: ((ctx.body.teamId as string[]) ?? [])\n\t\t\t\t\t: [];\n\n\t\t\tconst {\n\t\t\t\temail: _,\n\t\t\t\trole: __,\n\t\t\t\torganizationId: ___,\n\t\t\t\tresend: ____,\n\t\t\t\t...additionalFields\n\t\t\t} = ctx.body;\n\n\t\t\tlet invitationData = {\n\t\t\t\trole: roles,\n\t\t\t\temail: email,\n\t\t\t\torganizationId: organizationId,\n\t\t\t\tteamIds,\n\t\t\t\t...(additionalFields ? additionalFields : {}),\n\t\t\t};\n\n\t\t\t// Run beforeCreateInvitation hook\n\t\t\tif (option?.organizationHooks?.beforeCreateInvitation) {\n\t\t\t\tconst response = await option?.organizationHooks.beforeCreateInvitation(\n\t\t\t\t\t{\n\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t...invitationData,\n\t\t\t\t\t\t\tinviterId: session.user.id,\n\t\t\t\t\t\t\tteamId: teamIds.length > 0 ? teamIds[0] : undefined,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tinviter: session.user,\n\t\t\t\t\t\torganization,\n\t\t\t\t\t},\n\t\t\t\t);\n\t\t\t\tif (response && typeof response === \"object\" && \"data\" in response) {\n\t\t\t\t\tinvitationData = {\n\t\t\t\t\t\t...invitationData,\n\t\t\t\t\t\t...response.data,\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst invitation = await adapter.createInvitation({\n\t\t\t\tinvitation: invitationData,\n\t\t\t\tuser: session.user,\n\t\t\t});\n\n\t\t\tif (ctx.context.orgOptions.sendInvitationEmail) {\n\t\t\t\tawait ctx.context.runInBackgroundOrAwait(\n\t\t\t\t\tctx.context.orgOptions.sendInvitationEmail(\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tid: invitation.id,\n\t\t\t\t\t\t\trole: invitation.role,\n\t\t\t\t\t\t\temail: invitation.email.toLowerCase(),\n\t\t\t\t\t\t\torganization: organization,\n\t\t\t\t\t\t\tinviter: {\n\t\t\t\t\t\t\t\t...(member as Member),\n\t\t\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tinvitation,\n\t\t\t\t\t\t},\n\t\t\t\t\t\tctx.request,\n\t\t\t\t\t),\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Run afterCreateInvitation hook\n\t\t\tif (option?.organizationHooks?.afterCreateInvitation) {\n\t\t\t\tawait option?.organizationHooks.afterCreateInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tinviter: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json(invitation);\n\t\t},\n\t);\n};\n\nconst acceptInvitationBodySchema = z.object({\n\tinvitationId: z.string().meta({\n\t\tdescription: \"The ID of the invitation to accept\",\n\t}),\n});\n\nexport const acceptInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/accept-invitation\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: acceptInvitationBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Accept an invitation to an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tmember: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst invitation = await adapter.findInvitationById(\n\t\t\t\tctx.body.invitationId,\n\t\t\t);\n\n\t\t\tif (\n\t\t\t\t!invitation ||\n\t\t\t\tinvitation.expiresAt < new Date() ||\n\t\t\t\tinvitation.status !== \"pending\"\n\t\t\t) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tif (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.requireEmailVerificationOnInvitation &&\n\t\t\t\t!session.user.emailVerified\n\t\t\t) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst membershipLimit = ctx.context.orgOptions?.membershipLimit || 100;\n\t\t\tconst membersCount = await adapter.countMembers({\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t});\n\n\t\t\tif (membersCount >= membershipLimit) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_MEMBERSHIP_LIMIT_REACHED,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\t// Run beforeAcceptInvitation hook\n\t\t\tif (options?.organizationHooks?.beforeAcceptInvitation) {\n\t\t\t\tawait options?.organizationHooks.beforeAcceptInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst acceptedI = await adapter.updateInvitation({\n\t\t\t\tinvitationId: ctx.body.invitationId,\n\t\t\t\tstatus: \"accepted\",\n\t\t\t});\n\t\t\tif (!acceptedI) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.FAILED_TO_RETRIEVE_INVITATION,\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.teams &&\n\t\t\t\tctx.context.orgOptions.teams.enabled &&\n\t\t\t\t\"teamId\" in acceptedI &&\n\t\t\t\tacceptedI.teamId\n\t\t\t) {\n\t\t\t\tconst teamIds = (acceptedI.teamId as string).split(\",\");\n\t\t\t\tconst onlyOne = teamIds.length === 1;\n\n\t\t\t\tfor (const teamId of teamIds) {\n\t\t\t\t\tawait adapter.findOrCreateTeamMember({\n\t\t\t\t\t\tteamId: teamId,\n\t\t\t\t\t\tuserId: session.user.id,\n\t\t\t\t\t});\n\n\t\t\t\t\tif (\n\t\t\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam !==\n\t\t\t\t\t\t\"undefined\"\n\t\t\t\t\t) {\n\t\t\t\t\t\tconst members = await adapter.countTeamMembers({ teamId });\n\n\t\t\t\t\t\tconst maximumMembersPerTeam =\n\t\t\t\t\t\t\ttypeof ctx.context.orgOptions.teams.maximumMembersPerTeam ===\n\t\t\t\t\t\t\t\"function\"\n\t\t\t\t\t\t\t\t? await ctx.context.orgOptions.teams.maximumMembersPerTeam({\n\t\t\t\t\t\t\t\t\t\tteamId,\n\t\t\t\t\t\t\t\t\t\tsession: session,\n\t\t\t\t\t\t\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\t\t\t\t\t\t})\n\t\t\t\t\t\t\t\t: ctx.context.orgOptions.teams.maximumMembersPerTeam;\n\n\t\t\t\t\t\tif (members >= maximumMembersPerTeam) {\n\t\t\t\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.TEAM_MEMBER_LIMIT_REACHED,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t\tif (onlyOne) {\n\t\t\t\t\tconst teamId = teamIds[0]!;\n\t\t\t\t\tconst updatedSession = await adapter.setActiveTeam(\n\t\t\t\t\t\tsession.session.token,\n\t\t\t\t\t\tteamId,\n\t\t\t\t\t\tctx,\n\t\t\t\t\t);\n\n\t\t\t\t\tawait setSessionCookie(ctx, {\n\t\t\t\t\t\tsession: updatedSession,\n\t\t\t\t\t\tuser: session.user,\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst member = await adapter.createMember({\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\tuserId: session.user.id,\n\t\t\t\trole: invitation.role,\n\t\t\t\tcreatedAt: new Date(),\n\t\t\t});\n\n\t\t\tawait adapter.setActiveOrganization(\n\t\t\t\tsession.session.token,\n\t\t\t\tinvitation.organizationId,\n\t\t\t\tctx,\n\t\t\t);\n\t\t\tif (!acceptedI) {\n\t\t\t\treturn ctx.json(null, {\n\t\t\t\t\tstatus: 400,\n\t\t\t\t\tbody: {\n\t\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND,\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (options?.organizationHooks?.afterAcceptInvitation) {\n\t\t\t\tawait options?.organizationHooks.afterAcceptInvitation({\n\t\t\t\t\tinvitation: acceptedI as unknown as Invitation,\n\t\t\t\t\tmember,\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\t\t\treturn ctx.json({\n\t\t\t\tinvitation: acceptedI,\n\t\t\t\tmember,\n\t\t\t});\n\t\t},\n\t);\n\nconst rejectInvitationBodySchema = z.object({\n\tinvitationId: z.string().meta({\n\t\tdescription: \"The ID of the invitation to reject\",\n\t}),\n});\n\nexport const rejectInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/reject-invitation\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: rejectInvitationBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Reject an invitation to an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tmember: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst adapter = getOrgAdapter(ctx.context, ctx.context.orgOptions);\n\t\t\tconst invitation = await adapter.findInvitationById(\n\t\t\t\tctx.body.invitationId,\n\t\t\t);\n\t\t\tif (\n\t\t\t\t!invitation ||\n\t\t\t\tinvitation.expiresAt < new Date() ||\n\t\t\t\tinvitation.status !== \"pending\"\n\t\t\t) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Invitation not found!\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tif (\n\t\t\t\tctx.context.orgOptions.requireEmailVerificationOnInvitation &&\n\t\t\t\t!session.user.emailVerified\n\t\t\t) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.EMAIL_VERIFICATION_REQUIRED_BEFORE_ACCEPTING_OR_REJECTING_INVITATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\t// Run beforeRejectInvitation hook\n\t\t\tif (options?.organizationHooks?.beforeRejectInvitation) {\n\t\t\t\tawait options?.organizationHooks.beforeRejectInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst rejectedI = await adapter.updateInvitation({\n\t\t\t\tinvitationId: ctx.body.invitationId,\n\t\t\t\tstatus: \"rejected\",\n\t\t\t});\n\n\t\t\t// Run afterRejectInvitation hook\n\t\t\tif (options?.organizationHooks?.afterRejectInvitation) {\n\t\t\t\tawait options?.organizationHooks.afterRejectInvitation({\n\t\t\t\t\tinvitation: rejectedI || (invitation as unknown as Invitation),\n\t\t\t\t\tuser: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\tinvitation: rejectedI,\n\t\t\t\tmember: null,\n\t\t\t});\n\t\t},\n\t);\n\nconst cancelInvitationBodySchema = z.object({\n\tinvitationId: z.string().meta({\n\t\tdescription: \"The ID of the invitation to cancel\",\n\t}),\n});\n\nexport const cancelInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/cancel-invitation\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: cancelInvitationBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\topenapi: {\n\t\t\t\toperationId: \"cancelOrganizationInvitation\",\n\t\t\t\tdescription: \"Cancel an invitation to an organization\",\n\t\t\t\tresponses: {\n\t\t\t\t\t\"200\": {\n\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\tinvitation: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst invitation = await adapter.findInvitationById(\n\t\t\t\tctx.body.invitationId,\n\t\t\t);\n\t\t\tif (!invitation) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.INVITATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst canCancel = await hasPermission(\n\t\t\t\t{\n\t\t\t\t\trole: member.role,\n\t\t\t\t\toptions: ctx.context.orgOptions,\n\t\t\t\t\tpermissions: {\n\t\t\t\t\t\tinvitation: [\"cancel\"],\n\t\t\t\t\t},\n\t\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\t},\n\t\t\t\tctx,\n\t\t\t);\n\n\t\t\tif (!canCancel) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_CANCEL_THIS_INVITATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\t// Run beforeCancelInvitation hook\n\t\t\tif (options?.organizationHooks?.beforeCancelInvitation) {\n\t\t\t\tawait options?.organizationHooks.beforeCancelInvitation({\n\t\t\t\t\tinvitation: invitation as unknown as Invitation,\n\t\t\t\t\tcancelledBy: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst canceledI = await adapter.updateInvitation({\n\t\t\t\tinvitationId: ctx.body.invitationId,\n\t\t\t\tstatus: \"canceled\",\n\t\t\t});\n\n\t\t\t// Run afterCancelInvitation hook\n\t\t\tif (options?.organizationHooks?.afterCancelInvitation) {\n\t\t\t\tawait options?.organizationHooks.afterCancelInvitation({\n\t\t\t\t\tinvitation: (canceledI as unknown as Invitation) || invitation,\n\t\t\t\t\tcancelledBy: session.user,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json(canceledI);\n\t\t},\n\t);\n\nconst getInvitationQuerySchema = z.object({\n\tid: z.string().meta({\n\t\tdescription: \"The ID of the invitation to get\",\n\t}),\n});\n\nexport const getInvitation = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/get-invitation\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tuse: [orgMiddleware],\n\t\t\trequireHeaders: true,\n\t\t\tquery: getInvitationQuerySchema,\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Get an invitation by ID\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tinviterId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tstatus: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationName: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationSlug: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tinviterEmail: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\"email\",\n\t\t\t\t\t\t\t\t\t\t\t\"role\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationId\",\n\t\t\t\t\t\t\t\t\t\t\t\"inviterId\",\n\t\t\t\t\t\t\t\t\t\t\t\"status\",\n\t\t\t\t\t\t\t\t\t\t\t\"expiresAt\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationName\",\n\t\t\t\t\t\t\t\t\t\t\t\"organizationSlug\",\n\t\t\t\t\t\t\t\t\t\t\t\"inviterEmail\",\n\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = await getSessionFromCtx(ctx);\n\t\t\tif (!session) {\n\t\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\t\tmessage: \"Not authenticated\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst invitation = await adapter.findInvitationById(ctx.query.id);\n\t\t\tif (\n\t\t\t\t!invitation ||\n\t\t\t\tinvitation.status !== \"pending\" ||\n\t\t\t\tinvitation.expiresAt < new Date()\n\t\t\t) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Invitation not found!\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tif (invitation.email.toLowerCase() !== session.user.email.toLowerCase()) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_THE_RECIPIENT_OF_THE_INVITATION,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst organization = await adapter.findOrganizationById(\n\t\t\t\tinvitation.organizationId,\n\t\t\t);\n\t\t\tif (!organization) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: invitation.inviterId,\n\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage:\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.INVITER_IS_NO_LONGER_A_MEMBER_OF_THE_ORGANIZATION,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\t...invitation,\n\t\t\t\torganizationName: organization.name,\n\t\t\t\torganizationSlug: organization.slug,\n\t\t\t\tinviterEmail: member.user.email,\n\t\t\t});\n\t\t},\n\t);\n\nconst listInvitationQuerySchema = z\n\t.object({\n\t\torganizationId: z\n\t\t\t.string()\n\t\t\t.meta({\n\t\t\t\tdescription: \"The ID of the organization to list invitations for\",\n\t\t\t})\n\t\t\t.optional(),\n\t})\n\t.optional();\n\nexport const listInvitations = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/list-invitations\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tquery: listInvitationQuerySchema,\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = await getSessionFromCtx(ctx);\n\t\t\tif (!session) {\n\t\t\t\tthrow new APIError(\"UNAUTHORIZED\", {\n\t\t\t\t\tmessage: \"Not authenticated\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst orgId =\n\t\t\t\tctx.query?.organizationId || session.session.activeOrganizationId;\n\t\t\tif (!orgId) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Organization ID is required\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst isMember = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: orgId,\n\t\t\t});\n\t\t\tif (!isMember) {\n\t\t\t\tthrow new APIError(\"FORBIDDEN\", {\n\t\t\t\t\tmessage: \"You are not a member of this organization\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst invitations = await adapter.listInvitations({\n\t\t\t\torganizationId: orgId,\n\t\t\t});\n\t\t\treturn ctx.json(invitations);\n\t\t},\n\t);\n\n/**\n * List all invitations a user has received\n */\nexport const listUserInvitations = <O extends OrganizationOptions>(\n\toptions: O,\n) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/list-user-invitations\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tuse: [orgMiddleware],\n\t\t\tquery: z\n\t\t\t\t.object({\n\t\t\t\t\temail: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\"The email of the user to list invitations for. This only works for server side API calls.\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t})\n\t\t\t\t.optional(),\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"List all invitations a user has received\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"array\",\n\t\t\t\t\t\t\t\t\t\titems: {\n\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\temail: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\torganizationName: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tinviterId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"The ID of the user who created the invitation\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tteamId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"The ID of the team associated with the invitation\",\n\t\t\t\t\t\t\t\t\t\t\t\t\tnullable: true,\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tstatus: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\tcreatedAt: {\n\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trequired: [\n\t\t\t\t\t\t\t\t\t\t\t\t\"id\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"email\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"role\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"organizationId\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"organizationName\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"inviterId\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"status\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"expiresAt\",\n\t\t\t\t\t\t\t\t\t\t\t\t\"createdAt\",\n\t\t\t\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = await getSessionFromCtx(ctx);\n\n\t\t\tif (ctx.request && ctx.query?.email) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"User email cannot be passed for client side API calls.\",\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst userEmail = session?.user.email || ctx.query?.email;\n\t\t\tif (!userEmail) {\n\t\t\t\tthrow new APIError(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Missing session headers, or email query parameter.\",\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\n\t\t\tconst invitations = await adapter.listUserInvitations(userEmail);\n\t\t\treturn ctx.json(invitations);\n\t\t},\n\t);\n"],"mappings":";;;;;;;;;;;;;;;;;;AAuBA,MAAM,uBAAuB,EAAE,OAAO;CACrC,OAAO,EAAE,QAAQ,CAAC,KAAK,EACtB,aAAa,2CACb,CAAC;CACF,MAAM,EACJ,MAAM,CACN,EAAE,QAAQ,CAAC,KAAK,EACf,aAAa,kCACb,CAAC,EACF,EAAE,MACD,EAAE,QAAQ,CAAC,KAAK,EACf,aAAa,mCACb,CAAC,CACF,CACD,CAAC,CACD,KAAK,EACL,aACC,yFACD,CAAC;CACH,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aAAa,6CACb,CAAC,CACD,UAAU;CACZ,QAAQ,EACN,SAAS,CACT,KAAK,EACL,aACC,yEACD,CAAC,CACD,UAAU;CACZ,QAAQ,EAAE,MAAM,CACf,EACE,QAAQ,CACR,KAAK,EACL,aAAa,qCACb,CAAC,CACD,UAAU,EACZ,EACE,MAAM,EAAE,QAAQ,CAAC,CACjB,KAAK,EACL,aAAa,sCACb,CAAC,CACD,UAAU,CACZ,CAAC;CACF,CAAC;AAEF,MAAa,oBAAmD,WAAc;CAC7E,MAAM,yBAAyB,YAAY;EAC1C,QAAQ,QAAQ,QAAQ,YAAY,oBAAoB,EAAE;EAC1D,cAAc;EACd,CAAC;AAEF,QAAO,mBACN,+BACA;EACC,QAAQ;EACR,gBAAgB;EAChB,KAAK,CAAC,eAAe,qBAAqB;EAC1C,MAAM,EAAE,OAAO;GACd,GAAG,qBAAqB;GACxB,GAAG,uBAAuB;GAC1B,CAAC;EACF,UAAU;GACT,QAAQ,EACP,MAAM,EAAE,EAgCR;GACD,SAAS;IACR,aAAa;IACb,aAAa;IACb,WAAW,EACV,OAAO;KACN,aAAa;KACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;MACP,MAAM;MACN,YAAY;OACX,IAAI,EACH,MAAM,UACN;OACD,OAAO,EACN,MAAM,UACN;OACD,MAAM,EACL,MAAM,UACN;OACD,gBAAgB,EACf,MAAM,UACN;OACD,WAAW,EACV,MAAM,UACN;OACD,QAAQ,EACP,MAAM,UACN;OACD,WAAW,EACV,MAAM,UACN;OACD,WAAW,EACV,MAAM,UACN;OACD;MACD,UAAU;OACT;OACA;OACA;OACA;OACA;OACA;OACA;OACA;OACA;MACD,EACD,EACD;KACD,EACD;IACD;GACD;EACD,EACD,OAAO,QAAQ;EACd,MAAM,UAAU,IAAI,QAAQ;EAC5B,MAAM,iBACL,IAAI,KAAK,kBAAkB,QAAQ,QAAQ;AAC5C,MAAI,CAAC,eACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,wBAClC,CAAC;EAGH,MAAM,QAAQ,IAAI,KAAK,MAAM,aAAa;AAE1C,MAAI,CADiB,EAAE,OAAO,CAAC,UAAU,MAAM,CAC7B,QACjB,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,iBAAiB,eAC1B,CAAC;EAGH,MAAM,UAAU,cAAiB,IAAI,SAAS,OAAY;EAC1D,MAAM,SAAS,MAAM,QAAQ,kBAAkB;GAC9C,QAAQ,QAAQ,KAAK;GACL;GAChB,CAAC;AACF,MAAI,CAAC,OACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,kBAClC,CAAC;AAcH,MAAI,CAZc,MAAM,cACvB;GACC,MAAM,OAAO;GACb,SAAS,IAAI,QAAQ;GACrB,aAAa,EACZ,YAAY,CAAC,SAAS,EACtB;GACD;GACA,EACD,IACA,CAGA,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,0DAC1B,CAAC;EAGH,MAAM,cAAc,IAAI,QAAQ,WAAW,eAAe;EAE1D,MAAM,QAAQ,WAAW,IAAI,KAAK,KAAK;EAEvC,MAAM,aAAa,MACjB,MAAM,IAAI,CACV,KAAK,MAAM,EAAE,MAAM,CAAC,CACpB,OAAO,QAAQ;EACjB,MAAM,WAAW,OAAO,KAAK,aAAa;EAC1C,MAAM,cAAc,OAAO,KAAK,IAAI,QAAQ,WAAW,SAAS,EAAE,CAAC;EACnE,MAAM,mBAAmB,IAAI,IAAI,CAAC,GAAG,UAAU,GAAG,YAAY,CAAC;EAE/D,MAAM,eAAe,WAAW,QAC9B,SAAS,CAAC,iBAAiB,IAAI,KAAK,CACrC;AAED,MAAI,aAAa,SAAS,EACzB,KAAI,IAAI,QAAQ,WAAW,sBAAsB,SAAS;GAQzD,MAAM,kBAPa,MAAM,IAAI,QAAQ,QAAQ,SAAS;IACrD,OAAO;IACP,OAAO,CACN;KAAE,OAAO;KAAkB,OAAO;KAAgB,EAClD;KAAE,OAAO;KAAQ,OAAO;KAAc,UAAU;KAAM,CACtD;IACD,CAAC,EACgC,KAAK,MAAW,EAAE,KAAK;GACzD,MAAM,eAAe,aAAa,QAChC,MAAM,CAAC,eAAe,SAAS,EAAE,CAClC;AAED,OAAI,aAAa,SAAS,EACzB,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,GAAG,yBAAyB,eAAe,IAAI,aAAa,KAAK,KAAK,IAC/E,CAAC;QAGH,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,GAAG,yBAAyB,eAAe,IAAI,aAAa,KAAK,KAAK,IAC/E,CAAC;AAIJ,MACC,OAAO,SAAS,eAChB,MAAM,MAAM,IAAI,CAAC,SAAS,YAAY,CAEtC,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,mDAC1B,CAAC;AAOH,MAJsB,MAAM,QAAQ,kBAAkB;GAC9C;GACS;GAChB,CAAC,CAED,OAAM,IAAI,SAAS,eAAe,EACjC,SACC,yBAAyB,+CAC1B,CAAC;EAEH,MAAM,iBAAiB,MAAM,QAAQ,sBAAsB;GACnD;GACS;GAChB,CAAC;AACF,MAAI,eAAe,UAAU,CAAC,IAAI,KAAK,OACtC,OAAM,IAAI,SAAS,eAAe,EACjC,SACC,yBAAyB,8CAC1B,CAAC;EAGH,MAAM,eAAe,MAAM,QAAQ,qBAAqB,eAAe;AACvE,MAAI,CAAC,aACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,wBAClC,CAAC;AAIH,MAAI,eAAe,UAAU,IAAI,KAAK,QAAQ;GAC7C,MAAM,qBAAqB,eAAe;GAI1C,MAAM,eAAe,QACpB,IAAI,QAAQ,WAAW,uBAFE,OAAU,IAGnC,MACA;AAED,SAAM,IAAI,QAAQ,QAAQ,OAAO;IAChC,OAAO;IACP,OAAO,CACN;KACC,OAAO;KACP,OAAO,mBAAoB;KAC3B,CACD;IACD,QAAQ,EACP,WAAW,cACX;IACD,CAAC;GAEF,MAAM,oBAAoB;IACzB,GAAG;IACH,WAAW;IACX;AAED,OAAI,IAAI,QAAQ,WAAW,oBAC1B,OAAM,IAAI,QAAQ,uBACjB,IAAI,QAAQ,WAAW,oBACtB;IACC,IAAI,kBAAkB;IACtB,MAAM,kBAAkB;IACxB,OAAO,kBAAkB,MAAO,aAAa;IAC/B;IACd,SAAS;KACR,GAAG;KACH,MAAM,QAAQ;KACd;IACD,YAAY;IACZ,EACD,IAAI,QACJ,CACD;AAGF,UAAO,IAAI,KAAK,kBAA+C;;AAGhE,MACC,eAAe,UACf,IAAI,QAAQ,WAAW,mCAEvB,OAAM,QAAQ,iBAAiB;GAC9B,cAAc,eAAe,GAAI;GACjC,QAAQ;GACR,CAAC;EAGH,MAAM,kBACL,OAAO,IAAI,QAAQ,WAAW,oBAAoB,aAC/C,MAAM,IAAI,QAAQ,WAAW,gBAC7B;GACC,MAAM,QAAQ;GACd;GACQ;GACR,EACD,IAAI,QACJ,GACC,IAAI,QAAQ,WAAW,mBAAmB;AAM/C,OAJ2B,MAAM,QAAQ,uBAAuB,EAC/C,gBAChB,CAAC,EAEqB,UAAU,gBAChC,OAAM,IAAI,SAAS,aAAa,EAC/B,SAAS,yBAAyB,0BAClC,CAAC;AAGH,MACC,IAAI,QAAQ,WAAW,SACvB,IAAI,QAAQ,WAAW,MAAM,WAC7B,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACnC,eACD,YAAY,IAAI,QAChB,IAAI,KAAK,QACR;GACD,MAAMA,YACL,OAAO,IAAI,KAAK,WAAW,WACxB,CAAC,IAAI,KAAK,OAAiB,GAC1B,IAAI,KAAK;AAEd,QAAK,MAAM,UAAUA,WAAS;IAC7B,MAAM,OAAO,MAAM,QAAQ,aAAa;KACvC;KACgB;KAChB,oBAAoB;KACpB,CAAC;AAEF,QAAI,CAAC,KACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,gBAClC,CAAC;IAGH,MAAM,wBACL,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACpC,aACG,MAAM,IAAI,QAAQ,WAAW,MAAM,sBAAsB;KACzD;KACS;KACO;KAChB,CAAC,GACD,IAAI,QAAQ,WAAW,MAAM;AACjC,QAAI,KAAK,QAAQ,UAAU,sBAC1B,OAAM,IAAI,SAAS,aAAa,EAC/B,SAAS,yBAAyB,2BAClC,CAAC;;;EAKL,MAAMC,UACL,YAAY,IAAI,OACb,OAAO,IAAI,KAAK,WAAW,WAC1B,CAAC,IAAI,KAAK,OAAiB,GACzB,IAAI,KAAK,UAAuB,EAAE,GACrC,EAAE;EAEN,MAAM,EACL,OAAO,GACP,MAAM,IACN,gBAAgB,KAChB,QAAQ,MACR,GAAG,qBACA,IAAI;EAER,IAAI,iBAAiB;GACpB,MAAM;GACC;GACS;GAChB;GACA,GAAI,mBAAmB,mBAAmB,EAAE;GAC5C;AAGD,MAAI,QAAQ,mBAAmB,wBAAwB;GACtD,MAAM,WAAW,MAAM,QAAQ,kBAAkB,uBAChD;IACC,YAAY;KACX,GAAG;KACH,WAAW,QAAQ,KAAK;KACxB,QAAQ,QAAQ,SAAS,IAAI,QAAQ,KAAK;KAC1C;IACD,SAAS,QAAQ;IACjB;IACA,CACD;AACD,OAAI,YAAY,OAAO,aAAa,YAAY,UAAU,SACzD,kBAAiB;IAChB,GAAG;IACH,GAAG,SAAS;IACZ;;EAIH,MAAM,aAAa,MAAM,QAAQ,iBAAiB;GACjD,YAAY;GACZ,MAAM,QAAQ;GACd,CAAC;AAEF,MAAI,IAAI,QAAQ,WAAW,oBAC1B,OAAM,IAAI,QAAQ,uBACjB,IAAI,QAAQ,WAAW,oBACtB;GACC,IAAI,WAAW;GACf,MAAM,WAAW;GACjB,OAAO,WAAW,MAAM,aAAa;GACvB;GACd,SAAS;IACR,GAAI;IACJ,MAAM,QAAQ;IACd;GACD;GACA,EACD,IAAI,QACJ,CACD;AAIF,MAAI,QAAQ,mBAAmB,sBAC9B,OAAM,QAAQ,kBAAkB,sBAAsB;GACzC;GACZ,SAAS,QAAQ;GACjB;GACA,CAAC;AAGH,SAAO,IAAI,KAAK,WAAW;GAE5B;;AAGF,MAAM,6BAA6B,EAAE,OAAO,EAC3C,cAAc,EAAE,QAAQ,CAAC,KAAK,EAC7B,aAAa,sCACb,CAAC,EACF,CAAC;AAEF,MAAa,oBAAmD,YAC/D,mBACC,mCACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,YAAY,EACX,MAAM,UACN;KACD,QAAQ,EACP,MAAM,UACN;KACD;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;CACtD,MAAM,aAAa,MAAM,QAAQ,mBAChC,IAAI,KAAK,aACT;AAED,KACC,CAAC,cACD,WAAW,4BAAY,IAAI,MAAM,IACjC,WAAW,WAAW,UAEtB,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,sBAClC,CAAC;AAGH,KAAI,WAAW,MAAM,aAAa,KAAK,QAAQ,KAAK,MAAM,aAAa,CACtE,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,6CAC1B,CAAC;AAGH,KACC,IAAI,QAAQ,WAAW,wCACvB,CAAC,QAAQ,KAAK,cAEd,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,sEAC1B,CAAC;CAGH,MAAM,kBAAkB,IAAI,QAAQ,YAAY,mBAAmB;AAKnE,KAJqB,MAAM,QAAQ,aAAa,EAC/C,gBAAgB,WAAW,gBAC3B,CAAC,IAEkB,gBACnB,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,uCAC1B,CAAC;CAGH,MAAM,eAAe,MAAM,QAAQ,qBAClC,WAAW,eACX;AACD,KAAI,CAAC,aACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,wBAClC,CAAC;AAIH,KAAI,SAAS,mBAAmB,uBAC/B,OAAM,SAAS,kBAAkB,uBAAuB;EAC3C;EACZ,MAAM,QAAQ;EACd;EACA,CAAC;CAGH,MAAM,YAAY,MAAM,QAAQ,iBAAiB;EAChD,cAAc,IAAI,KAAK;EACvB,QAAQ;EACR,CAAC;AACF,KAAI,CAAC,UACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,+BAClC,CAAC;AAEH,KACC,IAAI,QAAQ,WAAW,SACvB,IAAI,QAAQ,WAAW,MAAM,WAC7B,YAAY,aACZ,UAAU,QACT;EACD,MAAM,UAAW,UAAU,OAAkB,MAAM,IAAI;EACvD,MAAM,UAAU,QAAQ,WAAW;AAEnC,OAAK,MAAM,UAAU,SAAS;AAC7B,SAAM,QAAQ,uBAAuB;IAC5B;IACR,QAAQ,QAAQ,KAAK;IACrB,CAAC;AAEF,OACC,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACpC,aAcA;QAZgB,MAAM,QAAQ,iBAAiB,EAAE,QAAQ,CAAC,KAGzD,OAAO,IAAI,QAAQ,WAAW,MAAM,0BACpC,aACG,MAAM,IAAI,QAAQ,WAAW,MAAM,sBAAsB;KACzD;KACS;KACT,gBAAgB,WAAW;KAC3B,CAAC,GACD,IAAI,QAAQ,WAAW,MAAM,uBAGhC,OAAM,IAAI,SAAS,aAAa,EAC/B,SAAS,yBAAyB,2BAClC,CAAC;;;AAKL,MAAI,SAAS;GACZ,MAAM,SAAS,QAAQ;AAOvB,SAAM,iBAAiB,KAAK;IAC3B,SAPsB,MAAM,QAAQ,cACpC,QAAQ,QAAQ,OAChB,QACA,IACA;IAIA,MAAM,QAAQ;IACd,CAAC;;;CAIJ,MAAM,SAAS,MAAM,QAAQ,aAAa;EACzC,gBAAgB,WAAW;EAC3B,QAAQ,QAAQ,KAAK;EACrB,MAAM,WAAW;EACjB,2BAAW,IAAI,MAAM;EACrB,CAAC;AAEF,OAAM,QAAQ,sBACb,QAAQ,QAAQ,OAChB,WAAW,gBACX,IACA;AACD,KAAI,CAAC,UACJ,QAAO,IAAI,KAAK,MAAM;EACrB,QAAQ;EACR,MAAM,EACL,SAAS,yBAAyB,sBAClC;EACD,CAAC;AAEH,KAAI,SAAS,mBAAmB,sBAC/B,OAAM,SAAS,kBAAkB,sBAAsB;EACtD,YAAY;EACZ;EACA,MAAM,QAAQ;EACd;EACA,CAAC;AAEH,QAAO,IAAI,KAAK;EACf,YAAY;EACZ;EACA,CAAC;EAEH;AAEF,MAAM,6BAA6B,EAAE,OAAO,EAC3C,cAAc,EAAE,QAAQ,CAAC,KAAK,EAC7B,aAAa,sCACb,CAAC,EACF,CAAC;AAEF,MAAa,oBAAmD,YAC/D,mBACC,mCACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,YAAY,EACX,MAAM,UACN;KACD,QAAQ;MACP,MAAM;MACN,UAAU;MACV;KACD;IACD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,UAAU,cAAc,IAAI,SAAS,IAAI,QAAQ,WAAW;CAClE,MAAM,aAAa,MAAM,QAAQ,mBAChC,IAAI,KAAK,aACT;AACD,KACC,CAAC,cACD,WAAW,4BAAY,IAAI,MAAM,IACjC,WAAW,WAAW,UAEtB,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBACT,CAAC;AAEH,KAAI,WAAW,MAAM,aAAa,KAAK,QAAQ,KAAK,MAAM,aAAa,CACtE,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,6CAC1B,CAAC;AAGH,KACC,IAAI,QAAQ,WAAW,wCACvB,CAAC,QAAQ,KAAK,cAEd,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,sEAC1B,CAAC;CAGH,MAAM,eAAe,MAAM,QAAQ,qBAClC,WAAW,eACX;AACD,KAAI,CAAC,aACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,wBAClC,CAAC;AAIH,KAAI,SAAS,mBAAmB,uBAC/B,OAAM,SAAS,kBAAkB,uBAAuB;EAC3C;EACZ,MAAM,QAAQ;EACd;EACA,CAAC;CAGH,MAAM,YAAY,MAAM,QAAQ,iBAAiB;EAChD,cAAc,IAAI,KAAK;EACvB,QAAQ;EACR,CAAC;AAGF,KAAI,SAAS,mBAAmB,sBAC/B,OAAM,SAAS,kBAAkB,sBAAsB;EACtD,YAAY,aAAc;EAC1B,MAAM,QAAQ;EACd;EACA,CAAC;AAGH,QAAO,IAAI,KAAK;EACf,YAAY;EACZ,QAAQ;EACR,CAAC;EAEH;AAEF,MAAM,6BAA6B,EAAE,OAAO,EAC3C,cAAc,EAAE,QAAQ,CAAC,KAAK,EAC7B,aAAa,sCACb,CAAC,EACF,CAAC;AAEF,MAAa,oBAAmD,YAC/D,mBACC,mCACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,SAAS;EACR,aAAa;EACb,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY,EACX,YAAY,EACX,MAAM,UACN,EACD;IACD,EACD,EACD;GACD,EACD;EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;CACtD,MAAM,aAAa,MAAM,QAAQ,mBAChC,IAAI,KAAK,aACT;AACD,KAAI,CAAC,WACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,sBAClC,CAAC;CAEH,MAAM,SAAS,MAAM,QAAQ,kBAAkB;EAC9C,QAAQ,QAAQ,KAAK;EACrB,gBAAgB,WAAW;EAC3B,CAAC;AACF,KAAI,CAAC,OACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,kBAClC,CAAC;AAcH,KAAI,CAZc,MAAM,cACvB;EACC,MAAM,OAAO;EACb,SAAS,IAAI,QAAQ;EACrB,aAAa,EACZ,YAAY,CAAC,SAAS,EACtB;EACD,gBAAgB,WAAW;EAC3B,EACD,IACA,CAGA,OAAM,IAAI,SAAS,aAAa,EAC/B,SACC,yBAAyB,+CAC1B,CAAC;CAGH,MAAM,eAAe,MAAM,QAAQ,qBAClC,WAAW,eACX;AACD,KAAI,CAAC,aACJ,OAAM,IAAI,SAAS,eAAe,EACjC,SAAS,yBAAyB,wBAClC,CAAC;AAIH,KAAI,SAAS,mBAAmB,uBAC/B,OAAM,SAAS,kBAAkB,uBAAuB;EAC3C;EACZ,aAAa,QAAQ;EACrB;EACA,CAAC;CAGH,MAAM,YAAY,MAAM,QAAQ,iBAAiB;EAChD,cAAc,IAAI,KAAK;EACvB,QAAQ;EACR,CAAC;AAGF,KAAI,SAAS,mBAAmB,sBAC/B,OAAM,SAAS,kBAAkB,sBAAsB;EACtD,YAAa,aAAuC;EACpD,aAAa,QAAQ;EACrB;EACA,CAAC;AAGH,QAAO,IAAI,KAAK,UAAU;EAE3B;AAEF,MAAM,2BAA2B,EAAE,OAAO,EACzC,IAAI,EAAE,QAAQ,CAAC,KAAK,EACnB,aAAa,mCACb,CAAC,EACF,CAAC;AAEF,MAAa,iBAAgD,YAC5D,mBACC,gCACA;CACC,QAAQ;CACR,KAAK,CAAC,cAAc;CACpB,gBAAgB;CAChB,OAAO;CACP,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,IAAI,EACH,MAAM,UACN;KACD,OAAO,EACN,MAAM,UACN;KACD,MAAM,EACL,MAAM,UACN;KACD,gBAAgB,EACf,MAAM,UACN;KACD,WAAW,EACV,MAAM,UACN;KACD,QAAQ,EACP,MAAM,UA