# v2 git bundle
d86f5f6c17160ab07b6320bea1ad426679259156 refs/heads/bundle
d86f5f6c17160ab07b6320bea1ad426679259156 HEAD

PACK      ”—#x7Èýtree 3ade6385fdbd698d232ead16c80e43dfad3fe2d6
author R3D347HR4Y <redeathray@gmail.com> 1779458573 +0200
committer R3D347HR4Y <redeathray@gmail.com> 1779458573 +0200

Initialize Ulti Backend project with Docker setup, environment configuration, and core services. Added .dockerignore, .env.example, Dockerfile, and docker-compose files for PostgreSQL, KeyDB, RustFS, Authentik, Nextcloud, Jitsi, and Immich. Implemented main application structure in Go with API handlers and environment variable expansion. Included README for project overview and setup instructions.
·êÂg¤x´Kþ100644 .dockerignore !S#cU“|€.˜‹à-±‘U100644 .env.example ý(l«ô ô¡aS"5µ×WÐ100644 .gitignore Ñ9‡1µæ¹oíF‡*Çqse²`
100644 Dockerfile EtkJ”ž•æ>¾ÁW¬dºtY100644 README.md šÑ´aY®çÛâ	ù§ž3ÕN2˜âs40000 cmd s•aÅ{q‹½âù¯0:j®Ehq40000 deploy ñŸ1íÐçùqb8Ö¬O›Â©¾100644 go.mod ‰È§†IùÀ¬ýfÛüj¾ÞL100644 go.sum |$AZmÐP•í™OÍ5³2‚40000 internal ¼xDL¹¢mø#¹*_)Ïã¬ç‰40000 migrations ¨äÚŒéÿÑËµR}à€= =40000 project-plan ›Ù(È/úXI7û[ÄTL¢dá«Ÿ¿xO °ÿ.git
.env
project-plan
README.md
.gitignore
.dockerignore
.idea
.vscode
deploy
&·à´ìxœµYÛnÛ<¾÷SíÅ:»±åØÝ»²¤$j-Ë•ä¤é KŒÍD–ü‹RšÖ0°Wû ‹}‰>GßdŸd‡¤$Ë‡ôO»hQ™Î9Ão|‰z‡üS{‰ÆaJPßóïq ÿýë¿H‰£[2Í/%q‡hc?Á)E]à[‘‡:7u^DQè!Š}&ù¤`JãŒ6aá £Ó£ C·ÄŸœ ,%!¡-—CÓp¯dK—ûmµâ;Á`Èy°|<ÇQ
œêAûMÏ1Å§h£$‹NÑœLaßø=ùó@ÂÑçGóïÿ &ül‚qø€ƒÚKà¤Ì¼?2Œ&	aÿ-p–"œ&áÍã £aì{áT§)1R¹Ügè~LqÁdóà‡‡üS±;W0Hâc”E|Óõ$N¹¯ â“|óÉÁµ™¶sai¶;’mûÚ´Ôž?ó¢)H«YcÛ9·]YQ4Ûv?h7½üÚæ$*ælM±4‡ÏËÎÚš<v.µ¡£ØGÐ˜â3hx0Ž¦\!ž7hšhZ]uM]U\e —œÇZ/CÖ.©L„<`ÌíÞÃY×Pµ¯Æ·gÃ;ÿ•y}NnÚVøùN~4îŒÖÐ¹é˜j8»™ï?_ßôYqô+m‹—««ÀM\kýKÓ„m\Ê@³­IãžÌâø¾AÉ4Ý”´6T\Y5ôáž3…©Ÿmí½îØº+F;¢î¾¤{A¤Í‚Êì°÷H‚¨ýõxÍÐônk²¥\‚ }Ã$ÇpînåðàœU,3ìq˜Å4ÍfdZNïmëmë{œi‚íøa0ââ9Ü.Âø+^£l’ ù¬$±‘#cóë<<)øÀÂÀi“¾ÑN(ÜxŒHÌ _†°¯ïòmÍâ·{=¤öù@0Yì¨GÍUeGîË¶fç$§^–Î žÈýi;òÃ8NÉ|…™¢_”GŸ<¶ ¬{hØbT^˜ fM8†,©nÏIndpè±5è-„9hW’–Ë=¬VÝÊHáü«Õ?Ë%ÕiWW©ýÕê”†,²ôB½IÈÎY{ÄóEX±‹êOèQœ<!6˜4ñ£Ç85ÁúB¸8²Rf‚ÿÈHr”+øUû¨naØ÷>)°½“g9ñŸz(â|%.DºòÂ{üµtÕƒoFœ½À4vü ,˜t_wÞ¼Û˜*án¹ÜX­6èÀ¹[û¬Œ¶å$l6ä2st½“U
¸e($(oNsr·ÙiœxSÈìNÅ¨ »•ÑôÜ>E‰tóÉ×6²;§<„Þ7HÉpê7w¬/–=×	¢¿@±2FHIBÈÉîhC™#™?O:´¡:2!üõÐü–vßµZ­MŠJÊ²\îŒ•¾°›Ä”Ôë±mj€×¶½[/¤xsÊÒ.tsØËh{4mœU<LƒÃBûwC;Moî}‹#ïež¶KZˆN“ïÎæÒqi	—~”ç‘„X
ƒêr	úi ô=ø‚,<!c_$ñ	 -íŽÏ•KÓí6¸uxÂ¦Ûöbä,M ùe¼ƒœ,<ä>(y‹EH|ž·K1ÇyiO:é%›jLD}X–Ý¼¢ Û)ãòÚ¡âb…6bBû÷@óMT¡MJ°Î)W|{éº‹à¥-«ý8J=Y_Å¼ÂàuÈã¢>%kÓ•±ÜjO½ðœÍ¯×Á÷ãÀ¨\Äç'hxÂ³“<<A\‰*{‚ü‹†²¡õJ?©A!¡Ûn5v¬ç Þ`âœË·ŽtŒ;<,24TWò€á>+^Ö„ŒLbæ„˜Ò+»^v>2ž{mËDn½úxÙ,\$k€xŽÂë"»d-†hJ¢Çµ
§(ñ|ðSt'ª|uRjŸe`ŽUòó+^&²Ý·­œõ"›„¼<ë¨ŽˆÁ‚³Äé¤VÝÆý®T-—¢dY­¯¯4ëÚÒÍY¦c*¦ ^WŽÜ?E©Û®'6ñ`w³¸fU0´êð›ÏðŽøÌx*¦à(à@Pè,<
ú îOx“TºóœR¢6d$5µÝ‰<²)Ý†Þ-Hä{à€”ý¦¢Âb-¥¦”—Yy}ÕÈM
uÇV©]@WiWq°¿‡ºÅB¸É
³åMÕàÏ	¥RóÃÆ}ñŽH ‰Tµ[È„Ù·?V>hNo­¾æ0"¡|„ç <'¿ŸÎ‚Ä|ÞiØŸúä$e¾s„Kûž¤`]ãÕ¯%1Û>N0˜z„í¯‚XUò°Þ_;¨8èÃc‘èÑÁ­ã¼	2‡CkÞ±ÝU:G¹£³“Ýê&=Ç³Åš-£›0ÆÄÖ€R1ÏÍ­öÓrù³î8Ôû«þï,±ñvaÁ]³{4Í¢fØœÆñ4/ÊÎÞuZíc8§Î›¨>šÅi¼óé_uÈ|ÙñB¡nºryÿ+¤x% à<Ó-\´É(Äƒ)\±4n&T´ýE/¨Q&e¹~¬YÎœ*GÍvûmP“Ô
j¨¯yR•7–òÑñh`Êª;0Ùaõ”Ö^PLƒ=æa·ÓjuŽá0†G ße@sø:áW
¢»8K(š¬­;_—.zÚŽ#+—Ä3»ˆL“†—‚SÎ˜•© ´o Üù¥»’½ö\Œšc§o~ZŸµX*¡$8`!b Òy$Ù†3BþŒÜÞ&?¾S$kvãB1Pý6Næ^Š ¯eÍü.ûpIÐx¿~?NÅ@{=Òf—ÊÊŸ;ºÈƒ“bM¦(Î 0bä‡?¾‹‹µ¯ï9¡˜ùY«~ÚÕï]·EðÅxSñ ±’~ÁL¤˜U›IÄµàMÉàÇw±a>Æ˜YÉ#š¿ã€{SÖþ ÜçÿêžëÅÇî^ÕùtOJ²HÊHÌP.œ	 ï:‡$åùfùTHª[çJ§Óy‡þ…¨‘2ÛNò{àò'W¾Ðzí³×­Ù“¯*‚^SÁmzíVûu£uV«Ëÿ~Þ÷Øò¼5{ŸNþtén¤…ýNàßÁyç¯)ÚðBjëŠó%Úœ˜cŽ”èÀ ¢òSA¦
Q÷Í›Vk‹²x±Y.÷ŒBŒü?‹;ú;¾xœ5Áj1Dïú
A $Ú?±!ô”Ã†^ƒw-S­l­Ó\òí±]zy#fFÌ±„$q¡¨`(–“(ò <
N!º(ÃÞÐ/ýñUÅ3Wfiç“ÃveýëLYñg)”ÜµýhuªÈªðïš›.ÜÚß½$ÜÊ]ƒDÇ;(Ý±-ü`‚'gÁ”<‹'ÛV÷Î:þj­Óf/£J"8ßÖeÊÆO-dþ¡„Þ©Ã-Ëì‹ðºPÞïÙgË,¼’DSï±xœuPËnÂ0¼û+V9pÛ„Â!å@! Ô6ŽEmU;¤V8²cQõë›ôP©¾¬5;;;³ë”>A¡«Šù?™"Sµ¬rXdprR‰Ü’îc`õ'0! ±ÒÈÿÈ¡p†<7<KÎšÜr éÃj›B`'Kš[q¿Ô¢+Ö•à½\¡¡…¾TJ310}ðûærCß£xqÿ­Â1l(ÍB%+÷ÕMõ¦ •8+VØÐCxñ 5N5R´x)†?!ë.Ýh>õ'ã³üÉÍ·`ƒWí:za´«3è´¯˜³¹ù…pÓW2„A<]†×#ÞÜÎš@iÎTp’ÕÍæ>‹Òa6zNhÁl<k½Fñ.=&tïàÅë©Þù:?†1µúxœÝXÍnÉ¾ÏSÖLÊ$ÇX,äì")™¶(i9”½¹,§5Ó"ÛNOæGc0ö°§=	ÃrñsèMü$ùª{øOÛëÓ"1d€ÓÝUÝ]õÕWU}N£\Ñž.d:Nùƒ&:Ö‘ÊÇ’4é4Ë,OEœS$¬„W¨\ÒÇ÷·$¢\¦±ÈÕ¥¤L—2*–t÷Dõ(’viÃqîÝ£&4á#È‹T:ŽïûÎÇÛ_?Þ¾ÿßùû;Nü3Q<Rñ5UR‰ëf’’T_O©ˆÕ_Y£D§9}÷°Jÿ ùÿÑ—øª¿ÿØðzHÀaŽ-üÄæ|mrE¢ÜËGîD¨¨\1¤ÌH¥Ûkž¸^opBA‘åzRýœ’0eÐ-+±#•¿üƒŽäuDºéµ<k7_U?©&0/R«¦9âu-Ÿ9M ã\yfÕ´f_ŠÒð³§™H™¯Y†GŒš*Ï½x=¨~É¾ÉXç:[ÖRŽ=ÝÉDcjžt«ŸÕ"Â‰Šçgiò—b"È•Ž·«3)ö3%}	2aB!&”Œãæß¦äÖ(¹ÊÖ·xÔÓ`ªœR)Œ…þ_ÂÌ“é¥
dF¹‚e¨Òæk¦_Œ´uÛŸè,¥Òûá};7[{‘æbt÷Aþ-/å"ëÆo	x^Í2 `Ý;[´ôÈûÞº–ã³7È„OÅIâÉç•4Nœ«‹%<JÇÝvËõš½Ã/žd…CàöOzUkæAî.âÖ5K7Õáú}^)˜p~÷!•q°aßu`—!¸¦åÄ©»å.KJnÿh¬~Õß?MžçìÿC¡‚òr@Ð$ÿ3‘{ô¨²L¦$ãK•êx7Ó¹Š¤$ÔÀ`C^‹IŽà¬ï„
¸‘A*á%Í¦9q©’ë„ô¹YF•“copÐïxÃ“¦ç½>î·kÔ?õûÞÐë´úÁðeç/5’yÐ¨Bç1äSº©g¢¯@RûöU³ÿî%‘äXG!¤¼NDÊ÷ŒDãÄzÄ•ÎD‡K_!;Òy$FÙ.&:?Z‡Ç§íaç¨¹wØiŸ§…¼9Q&1ý¢;ðºÛ§º½^·õ|Û&7¬)B(Ú¨èTÒƒùdÌ7	éljORun(“HO‘¨&‰Îd½HÙ˜Š„êáÜGmT4‘NØ	Ë>ê1E‰2š"v¤3:9¨Y‚¨Í"<-âXÅ£gX)°ÀøÁ˜bfIc<fª3Ò¼œn0	]S[ðö
…<wÆ?¨®Ë²cmYÇ8Ánp®Sè5%hè‘Ò¬ÑD«äÚn²^¤:’›QR×En±–ÊLG—2tPÊ¦€ÖŸ+ QXè’îÿtïþêºCºŸ¹?¹ÐÈUŸ{¿ê”æ²›Š¬0œæÈ9=tÛÃöÞð´øŒÆ`jšˆ)±U­ÍŠ³\ŠX2‡ËQ=0ëÒõPä¾’ôÍŸ–õ÷Î|‹c­”«–qÞÓ÷("ÚÙ1#;;|V „¢ïÿ ¤œ.žP“UüÝïúUâÄ“IÚuœj%—	7³äE7ÎM½ü7ÿQÇ ù¦&Øñ±Ö:Ö^e‹‘Ê<·WËY’·2‹$`g¸0²3–“+øïoÆ“?ÓdÝ
,RÁ<XñíÑjT8¡]beÞ}ÕÝzVÞA$‰ŒÀKÊà1	·2TQ¢úã<Ov]7žé4–m9-†S6¹‚á±SQºÇzíîÃ%w^èÃB] Â)ÐWSÏhpè«
”(1Á2ÍÏt^£A*ä¹º¨‘.ÈP¿áOŸ>ñíá«‹;ZDêo@aI®ŽãÁÑ‰È²+" 9d.ä4P˜vx‰×÷¬€Ï’¦6\edŸÃÆo€\8Í†àÙ¨ E¥ò\Ú\‰µKþÛ·Ìýî_ã‰þ6Lá–˜Y8Î3ºTÈ¬cã­œç›\{•Â™=Ü<¦}C(¶êBZ2B¬èëÄn2qb*éu—1ìfAªy]¹¶›”Gôaí:0€â0£3yÎtê7ã×jä8àS[š,
·a!’†¦¬Høp€5õÎp¿{Øñ—Ò^¥Lµ»ä[áÚjØ:ìvŽ3»³Ì÷.Îë–0qµ
ƒa) hhÇ|FU:|…²8€9ÜN“Ü&P˜*·giv¼úA«‡¼Ë×ñ{Íîá»µ±o·yÈ¾ö|ÄÐ7Tá.Ý·OñQk4Mö„•i¶ÝW5Ña·í7‹QðVnÛ—Ml0%Å©Æp¤|V-tÊëöÍA÷øhØkþ8lt|žû¤qÌêN{Ø˜u[î±uÉëÎÞóãã—Cïy‹·)ãÜìq¢7„Ë¸Œ¹Nº¡ú)ôãz4]¦ÝæµÜ;{Ú¹á'GÇO€#ÆªFÉèºF#]Gž˜Ù$O,e¶gYåf­£àIÓ`Æv	•¾UVç8ƒ}&¤_†rFJeh5–e¿W–ý7³Ú¡â=Y‘m&FûãÆC+g*ýåP™—ývÁ>c}µ‚_fù1ÎqäTìk€kzwÞŽ³ŽW*”zžMz¦íF³Mœì
[ŸcIY¾WP©R«ÀàÊ®›eÚÃÙ7³÷"¦è»ßH¼áä™2MQIÓLÎØ&•VÞ³=óŠÙs4Ëì†´sÐ=â|L`ƒÒ i±ò¬Vv¿4§wµÓè€î§$¤¥Õ6=Áˆ¶W¡Å'îõnÅÔcD_dzU~Á©‘y3¨‘y‰©Ñìm¥F³çà†ìŒ)«±wm#~¢l52oCtÖÀ™¶Ð…m±Ó•<k}‘m(œgXw¡p+ÈrØæ‰¸ÌX;Ñü%†F2–¶Û´WtW¯2zùÔv¦ÞYÛŽÁN€ÔfRö•eu¯ý"Šê9®_ÎnÍ^OÜ%¡ÅÛÊ¸8›KÜÎàd2Íê6¥Æ­ÌDKÆ›©«BŒèÅÜ’@™°Wû^nÑWrr¹Ñ¦·mí_/ó}c:‰fïqÈ>¦UÚç&â¸Ù˜zÃÞw7Œ£ŒoÝ¥ËØCs^½LÏP#Ž4½Î¢­_éyM0ÿ@.Õ¤xD »ÿ40000 envexpand -u2Ø& ãÍÒâQ‘¯:Ÿfµ540000 ultid R`¥x=C¿y¿B÷Ge Ã9ó¾X~'£x# Üÿ100644 main.go '«§§Ñpu]èÉç8ØpmØÊÇÈ¶ xùýpackage main

import (
	"flag"
	"fmt"
	"os"

	"github.com/ultisuite/ulti-backend/internal/envexpand"
)

func main() {
	in := flag.String("in", ".env", "input .env file")
	out := flag.String("out", "", "output file (default: stdout)")
	flag.Parse()

	if err := run(*in, *out); err != nil {
		fmt.Fprintf(os.Stderr, "envexpand: %v\n", err)
		os.Exit(1)
	}
}

func run(inPath, outPath string) error {
	if outPath == "" {
		return envexpand.RenderToWriter(inPath, os.Stdout)
	}
	return envexpand.Render(inPath, outPath)
}
gá¤á£x# Üÿ100644 main.go Åßulm´mz«ãC«¿rÈ‡Ù¹§xœkoâHò3üŠ^K7213º;.7ùÀ;Ãn^
dòaµŠŒÝ@oŒÛÛÝ&agùïWUÝ6¶!É’HÁýªg×«+£ÇpÁÙ*i»-V™T†ùí–ÉÔðgãÁp¾¢O"=?8N¹é-Ép,µýíi±HÃ'z££0¡¡+îµa°f™Ï‚H®zy-Eÿ×ÿöïI¥;¿«Q/[<~2)“Æ‘•H…´¿§Ù[ÿç­ý^ö¸èEŠÇ<5"Lš$aChdÉÖÿmJ’'Fè\N£Ó°ÈÓ¸'@w
tÑ3Ñc è½.ŠëL¦š¿ôk¡z(\}™¦2þh¬Ä¹sJ`ÎŽ…G8çÜ¼àÞÁõJÄqÂŸB…¬gKi¤~uy,ýÜ,û™‹Å‘@<]óç,Lcw;£?JP„mxŒX…™Þ¤ÑñxòH9N¯ÌÑpÇ›F
ñ/Jd	÷.;P<Ll¬<
LóPEÇæQ®„Ù„y,@)v{žÃõað;ì{»™ç.‹Â4â	;;g.÷@b@«~±ô#à^(™§±ßé´[1Ÿså }ÀÛJd¥¥kšFóE—q¥V0ãàNÀ^KÌiã‡s–Š™ha²	FJIå{s¸v3#bt°^—y÷=B
HZR£gaüO0ÙAL%E—4‚+þä[ç‹`špj~w{qÀ@Ê#ƒÃØ!x“§baHÍI%*ž!o”a³A"Àµüvá:32À÷~«3â÷¾þˆÓm©o@QAø`å=g”ç¬° w›kóÓd”Æ™Cè²v»  Ü€¤>c¬âÝ=1¡Ñ·U°ô£ˆkœXÚÅ	@C‹ž×éÂ	Ú?«œ¹Ó|2¹€½í1ºß0œY,"ýü«_s%æ‚«òú1Ô¢@ßÜÆÎ®ÇÃÁXës{ãáËŒÞ‡*õ=<Ë
Z,•†…kÌ~³„3¿$Q•à\Úœq¦ò4é¢³/Ã–h!c}£dœGx9Ö'‹¯ìü4Íþúkg·ƒP5®„Ö@ŒíŠ‹˜óÖ™r"1&R–•¤=¼ÆVË»»˜Ž‡xúa<™Ün4Ç;h0ô’Ý\ŒGWÓ˜Ö¡Jv	ï°v‰¨”ºTîùîjbÕ¯ ÌmWüiåqvTëEZEl¿ðmníúVšÐ^ÆÿšÆPãEÓi¦ÜqðöDD-yôèx9`»{¼lO4gïä¨bž/ðÅÚà!„(]€Ë0…×ÁÎ…•z“;BÑá¶å6„m/×û ù5¯í¾æ\…Åd% 1žFjC!‹¼©0ÝƒJmJwrÜ¢,µ,ˆ’Ø-ã3ÆÑ^]€‹:ÌGcÍèà1`^‡àõ‘5evRÖ])ºD5J	’$-á@øp—jpŸ¬2¯}|Q@(Uµ…›PëN¡¾q:—¾W"½UÔR®çƒUÜNG ô%TJN±/É‹ÅÔ`¾`'8t¶”ôga´¨JYœ>'8’ üòt?ËÆÃ.«Î­»-±4iÈö;$ŒUáb:êUp•ÀN¼ªÎÞ¸P[Â—jgÍ¯V"ZV­A;$û´Pý›±ÕyU"A[ìð5 H÷|6‘Pã`»?¶¢°%2ð5ŸùÎ¦!ÃVÖmìIªG®t»µ¬(å)ïÃ÷žö|[EžŒc¬%×!®6ƒE' ˜]‘¤†ÒÓ9Tí„˜V
¤{àÄHqö:73ù¹Y Yœ;Žì©‚§ ó­Ìaj-Š¤K˜íš-Áp&[ÁWx!%ÍpR©úI"Ÿx|­ÄB¤X$±_ÓFAýîxÛîîÈ%7K7Ž|Mñ"o®'ö{g?ýéà+†£‹Ñt„£ë›éøújRÃø•‡ m#VR¹$‡¬ÈSs:ÝdXŠVºÁT…-Â<‚BXÆü: ±´â :‡_Ž[—ásÁWñ÷Ï©Ôë*Þ=´Ô‡¶0c}D7ó…ßë-Ñ–—‚\øRñŸ6Ÿ‚[Çç=„q4ÅNÜú9×¦,›ŠòïÀì«``ß/ðhÙOçO!´Rû„kà\OÀ¼DÄïÒ²ÂëTÎû¿þ6ÛÀÇƒ‚>O-Ç¯CG ”å*ueÆ‹ø¯é´÷ÑÉGB²­êãIƒ*ð¹gíõ~â6Á£3ŸT¤ÈÎ­‘[EìéMÈßUÉ•ôØAt p	ÉawcýÉvgºÌ5w(®8w±nYÁp0.7šŠûÈm›à÷UÜMDV%{cŒÀAÄZ'Á4Ê\5€=Þl[«Ëè[EY€×YÚGPvãðYm‡ïBStæº¬¾ÆU¶E~UPê’t™ë¿Uq;ðƒ¨kyïUü®5Òee—­vA<{„Èþ ­ÂkÓŠZ£O°îŽÉÅiz'Ãß|e‚IÍÌ}ïì±K 7Rz›:šgLum…(0XÚ÷’Á2LÕ“]öÉ¦$r«Î®BµI[i¦1ã¸‚{èUrµ |BC¨î§1ñÝ¨ß?|(f$ÔÁV:zàÛ:ÃñúùO:íP"ƒW©‹ õÇ„ÚòVÛ¢®¤óÇÁQl³>˜Œ¿Œ¯¦µùtt{isx‚Íì…ð*ù|Šgnæû|J\µ›ï!ÒOQšxmT•¹Ìj‘Åò)eßj•†ÁÝ¾ÝËÉÁVÕŠ°¡ƒ½*PÇÇªŽ Ð”i\öRê(‰dýò&î€_áä…X]s©"¸ÀìívÑ!+“Y5a§½u=»j	ö î²e¦^©ž®‘pôh¸m¤È²K@	žl~‚çª¸œ€{ð!ŸåßC.8>2Öl ä åYFö2àØÿ?5™¸„¢xýþ100755 compose-up.sh GCó‘9zq¹gÒIjâ†‹—Þ100644 docker-compose.yml âu‘`á·:ôaI&W´Î2‰40000 immich ®&™çXK—f0fX©ÔDªyê100644 init-db.sh û²ö³I*û‡ìú°Z¯*êQK40000 jitsi ýÝi!†ƒ%›ÆìÊÉ›8sOºuÁ40000 nextcloud OÄ§Ä2XË^ßÎ/ãŒà»˜UCÈ40000 nginx –%8fÒ>9åi2]D×’G‘Rh¼Zxœ­SÝNÛ0¾÷Sk›±$”»ÁJµu¢ ›&UrâáÄQœ”Vm¥=ÄžpO2'iRZ&vÃMäœ¿ïÇ>û{n¦w""£)L˜È>ôg1‹<X,¾Ÿß¬VKÆ1PÒÃDƒˆÀ1¥ 0²$…Å1ž
c¥Ñ!S°1S‹}&$!7××w]zÐâ˜¯'’ˆ…hŽGÔr‡B£ñ“gQRäÕ”áÃh{`û&ŒÇ',@( C¡µˆÊìŸ_¿!É¢ð¸88ca,±ø¡pÚ8Îûf"…6ñE1«0Ì•ÚSxPpêz8u£LJ8>m´k,“2sÁqyèå6ai½¶l•¥%b‚ZÉ)z¥FÓY˜™îL¦Â³7ýãq®ºX]B­ñ+µŸD*_e&Ÿ×lªM/Kæ–~80ˆÌÍ¦E%0É„ô:¹ŽâdÃ6ØŽ´Ê¬Ú. c¼àøŠÆÁ›Ëå?ä¿f_~=©ºŸ(%[,´TœI˜2™¡yF‹vÇ^Q®­8QêCónš÷S„),!M 9êdqŒIgÜÌÏR=g+oçLã¦\”f·—i’árŽz©"kí}¢prRT¼¯¢>3÷¼£fœ¬ˆY ”<@þžÐl"±{Ûk}l—‹ÁˆVYÂqGsž;d„ðr‹î}!Qw[f2µ}
ÔÃXª¹ë»f¯«œy()±ªU1F¬m3ÇÅUÿÇ]ïòúÛÅ}ÿêüÓeÿ¢c„WÔ¢ÐíV¢ž½´-ìÃnk9ÂYÊ¥Ê¼]u¢`cUËõ‚Ï×ÁÝíàm¸ü©»<Šà8†ÃAïËÛa(x°Ë¢Œ>£3äPUóÀÎÁÎ§î¬¡¸…9:¯âÁ%|Ëø¸ÛxœíV[oÚ0~çWX¨K­ºuy£jmé¨š¦)2±I,BœÚ†–Uü÷Ù‰CÃ%Ð®â­B
Îw®þÎ9vásáÔ HBš<é tŠBâÅ)MH†s"$âÒ³$&BXB²4%8“¥ŒK‘›`úEÃ¹hÔ³÷9‹gSRÚ0s1£Y,í€%c[’i#IHd`
LT¨r–ù$Éœr–LI"‹ ÞMëêÖ'ÏfeÅ,@qÄ„\6þ˜Æj›¶mõf«Ý±xn¶“ùÈø¤”´ŠN-g &)I°ðYR(h1.^ Pyb*©’‘“ìgÜ÷  ™ŒT¾tbi9á¯2­­ÅÍh¼
©¬$y’z;Á,˜žï±³Z,äûˆ‰ŠeD$˜ª|*Òïzû¦Sÿê!‘úßzèYú?’2u \•GµÍEæ~þÖÿ'TíŽÏQì€sQø¥SÂfÊõYp"9UÎ*Š”*ÿ!iÅdç¡FeBxô}>r¼?@©šë	™¹[ÍÏÖ+§ï@Ñ¶&°ác$‘çˆÃ˜Ž`?ÄPJK*-<²EäÀ¼±,Õ½|‘2UKK•—ÕÌl¾«_,¯ë^_ë.ICŸ
N^ kNNžïzÞà{ßõü¡çö—ÀÂk`çrùªÖ9ßjsd\û)á”a4B—«Ô¦VäAU(B0—dg•<X­€M§(Qn3+s  ËB©nX–Ä° bwå2S¶UÞ=”y"AL³ÉŒô³yúÅn¨_3£Ÿ&áB5-‡q/£åq1”æ4’·RjÈ|áfóbúÚhœ:êa.§;ÓX³^uŸô‡Þà›ç·Úm×óüî/}µlËumÏm÷ÝÁ†ö¸Ü]á|ão(q­ê61„†QÀmÊ`ÈVjÐ¨ý»U$µ†ƒ®{;¸ú±±ó]ørË¦ÞŸ×¾ßUëuËMé~{}(TÛgGÆ^û»–çÝ÷új…Æ~?·­·Ú‡–nÛ÷ÝÎ•·‹‚’`ÛêÞ½ÔIº€ºÌð(_9G½@×úXçu¼>Î½ôñG£Ëé‰ä–˜SÝ®`Ä)I­V:ü×?ÉŠÕ[ùV¨ýºŒO¥x5 Êÿ100644 docker-compose.immich.yml êõ»Ã¿Z³öÈ{zèEK¸üøó£·Wxwˆúservices:
  immich-postgres:
    image: tensorchord/pgvecto-rs:pg16-v0.3.0
    restart: unless-stopped
    environment:
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
      POSTGRES_DB: ${IMMICH_DB_NAME:-immich}
    volumes:
      - immich_postgres_data:/var/lib/postgresql/data
    networks:
      - ulti-net
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 20s

  immich-server:
    image: ghcr.io/immich-app/immich-server:v1.120.0
    restart: unless-stopped
    environment:
      - DB_HOSTNAME=immich-postgres
      - DB_USERNAME=${POSTGRES_USER}
      - DB_PASSWORD=${POSTGRES_PASSWORD}
      - DB_DATABASE_NAME=${IMMICH_DB_NAME:-immich}
      - REDIS_HOSTNAME=keydb
      - REDIS_PORT=6379
      - IMMICH_MACHINE_LEARNING_URL=http://immich-ml:3003
      - UPLOAD_LOCATION=/upload
    volumes:
      - immich_upload:/upload
    networks:
      - ulti-net
    depends_on:
      immich-postgres:
        condition: service_healthy
      keydb:
        condition: service_started

  immich-ml:
    image: ghcr.io/immich-app/immich-machine-learning:v1.120.0
    restart: unless-stopped
    volumes:
      - immich_model_cache:/cache
    networks:
      - ulti-net

volumes:
  immich_upload:
  immich_model_cache:
  immich_postgres_data:
Ë¤½¹xÉ 6ÿ#!/bin/bash
set -e

psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
    CREATE DATABASE authentik;
    CREATE DATABASE nextcloud;
    CREATE DATABASE immich;
EOSQL
È:8Ó¤x4 Ëÿ100644 docker-compose.jitsi.yml N¯¹åcwð8.âï’ó\™gÝ€w¿ux_ øx-jitsi-env: &jitsi-env
  JWT_APP_ID: ${JITSI_APP_ID:-ulti}
  JWT_APP_SECRET: ${JITSI_APP_SECRET:-changeme-jwt-secret}
  JICOFO_AUTH_PASSWORD: ${JICOFO_AUTH_PASSWORD:-changeme}
  JVB_AUTH_PASSWORD: ${JVB_AUTH_PASSWORD:-changeme}
  TZ: Europe/Paris

services:
  jitsi-web:
    image: jitsi/web:stable-9823
    restart: unless-stopped
    environment:
      <<: *jitsi-env
      ENABLE_AUTH: "1"
      AUTH_TYPE: jwt
      JWT_ACCEPTED_ISSUERS: ulti
      JWT_ACCEPTED_AUDIENCES: ulti
      PUBLIC_URL: https://${DOMAIN:-localhost}/meet
      XMPP_DOMAIN: meet.jitsi
      XMPP_MUC_DOMAIN: muc.meet.jitsi
      XMPP_BOSH_URL_BASE: http://jitsi-prosody:5280
    networks:
      - ulti-net
    depends_on:
      jitsi-prosody:
        condition: service_started

  jitsi-prosody:
    image: jitsi/prosody:stable-9823
    restart: unless-stopped
    environment:
      <<: *jitsi-env
      ENABLE_AUTH: "1"
      AUTH_TYPE: jwt
      JWT_ACCEPTED_ISSUERS: ulti
      JWT_ACCEPTED_AUDIENCES: ulti
      XMPP_DOMAIN: meet.jitsi
      XMPP_MUC_DOMAIN: muc.meet.jitsi
      XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi
    networks:
      - ulti-net

  jitsi-jicofo:
    image: jitsi/jicofo:stable-9823
    restart: unless-stopped
    environment:
      <<: *jitsi-env
      XMPP_DOMAIN: meet.jitsi
      XMPP_MUC_DOMAIN: muc.meet.jitsi
      XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi
    networks:
      - ulti-net
    depends_on:
      - jitsi-prosody

  jitsi-jvb:
    image: jitsi/jvb:stable-9823
    restart: unless-stopped
    ports:
      - "10000:10000/udp"
    environment:
      <<: *jitsi-env
      XMPP_DOMAIN: meet.jitsi
      XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi
      JVB_PORT: "10000"
      JVB_STUN_SERVERS: stun.l.google.com:19302
      PUBLIC_URL: https://${DOMAIN:-localhost}/meet
    networks:
      - ulti-net
    depends_on:
      - jitsi-prosody
µ,þ¡x ~ÿ100644 docker-compose.nextcloud.yml pºJß°iBîæ¶iyyÓ¢ò100755 init.sh ïŠö½õtÌ>•&I«ÿJ¤Ç100644 nginx.conf ¶„œ}Àÿ~Ï¤÷²µU	Å®w2å6Â¹†xœ­UmoÚ0þÞ_a¡iý2Z_2Q	‚·²¦Åam5MQ–bìÌ1ÐjíŸ“ Ú©jò%w÷<ç'wö9%bA’G 0r/ƒ˜ÏC8Nf™ :ó'ÄXGŒV#B?N(#9DTúB`Îb’¦0•<IH˜ÇB’¦gE: žÊ‰(Ö+ž€³Jª  -Äxñc=¬ Sòþþo<a*8›&KC»ß„½KõÑ.5ì†{Ývõ«»ÑFNûÃß-ûi6ì`|c;½Mhé[ÃÔë¯ôä?¸'àmÇmŸ´NÏ«à Ýº¦ez^§wÝ”’æ†m@?œQöt´!°"–>‘Ï&dFöñ]g„]Ôózöu§?À*AñeÀ˜~©Â®iv÷;2]ìÚòpËëŽÌ+äî©ï3\^1Oå8=ÉërÞh4®ÐÒ–‰ýŠ½Ži"Œ3ßAm™ŽÒVQ
ûe
¶Úc?NÉ!€jÅ°ã^zØ½³P[Šùòrnœ¾‹ò}¹ˆ%tèØ®mÚVÑ´Êí•~FR&{ˆ7¨ëØ¶ÛÖžU½Œ›Vä¬ÒG]«ozÊ.ÒšVi*øëÊ½ Üönëzþjg@?mÖõ“ÜÐ›@?Ï¬³Â<ÉùÏgë! ×Æ}éÚÂÚr¹Ô"9‹+P]«`eTÖÓÈÐBL‰€ê¸‹‡„S&aÄù4­‡ZvÌ!ej:Å±ŸŒŠ$xž“¹äbº!cK
•;wS%ˆH0-RÍ:ü¬™×=ˆ/‘eÕ>Z% 
pL‚ˆýË1x|äžJ ×~­xJ–U~l€V£ÜÕ’ÎŸ«tzåD
ªÊ>mŽãíQ<¡ìÞxóüÝ3ã³ç•¡ºÓ¯ÍVäŠê*ÃØÐˆ
[ËlÕ„Œ}UÕ"¼ªûkçþ,'DøÇ†`µ¥õæi¾Uu\(Íã4/>êïÒºÂ‘7ÅKˆ <,¸[7l Êž¼û·›¼ºËãa -[[ƒ7žÄºr´‘íYž£Š‘y²axœT]kÛ0}÷¯ÐÜB¶×-c5ä¡8º¦¤íÆ `dé&‘%Mñ²uÿ}×nšdMÓÂòßsÎ=÷úHGoÒR¨ÔU‘Oˆ¢qž÷cS’.©M›¦I+_ËT3GÑùF…'3m	§ž–ÔAä$€!Úâ@8ZJ A)`àµ+BqÑ1ª¶¿2¾FpêªRSËÉý=ñ6À>¤ê+°…óÔw7ÖaE5â×‹z˜®kPh\hõ‚ v	«‚IÊo`8ÞPuuÀ?ÔÚŒ„g¤×UFeÛßhå)ó‡æV3Ó’ƒ=
×¦g»æs­fb,ñh“··«¼X¼{à³®žµ2m¶I²¤2@?>‹	•R7E¤FBÑJÊ8Õz^f¬^
ôI6È4"øI’‡Õ
Þ·nŠür4¼º-Fƒ,iµ?=“:ð?ñ’fÁ?%ÞóÉð6KXEÕjØ¡á[ez	v¬ØÐ£›|üu8ù^ÜM.³¤òÞdiJ&8R²óÓÓÓ7"ëB“êtã,=i@Êd¡tƒÏ(Á¶ÞqÞñ”ø 	8ñÙvž
Ø")Z°;kì'Ô¼3°x·iEkØƒAM…ìwß{5ÝHºjyýŽ¼‡k°xŠkªþÔüŸ¸•óPwI¨¡fÍžHùÝÄ¡7çÓ/ëÚôâ:½WÐ·¢Ïó:@ÌëBhe–ÿKÄ¶URiç·ô¬xù
Ãh»ÃøøþÓyÿú•¾Pæ`ñ9Ì(Æº0•VPX˜c:¶JŸ'½Ý»#XãhéÝˆ8Ñ¾¦;Ð¤Êñnq‡š¸HðZq×xón: >°J“øê1¼D(á•xe¶QE¹Ï³‡“8ú-r¶:xœ•RKo1¾ï¯ða	¨Ù *Í¡ªPP*è±ŠåØã+¯m<Þ<`ÂoÇyB‘ðÍ3ó=<þÚ€)‚hX˜„³‰pÊBd?
–Bœæ‹ƒy’Ö·êL‡æâM¿ßË¢Øv7£Ö`Ç^çÖÉh€ñA±®Eï«¦"V³Ù¬š¤Ænf¥5àoÄœ½Zp4ß½è¿ÛtµÀ$kÃÇ­Ö‘½:gç¶ŒÖK‘Œw¬ÚºXËÀ,šlÄ*ãÌ{ù]ªå¨ŸlTu./Æ­±Š`B’ÞiS“5czU1-r§	Vä>)‘D7#JªºGŠ
Ü‚	kÿ©òÐ#Ñ&¿’!/%Ä(;4@jÌWÊè-üïÃêi§vvÃ`MâA¤	7N{6êôž_®1ÝNÕ{Ö-{Bbåa²ÜQìKƒö¼›œ™»«û÷|x{óùþÔì×·_†w÷üføñúöêÓ5+•—m³úúU2öš(£	i“qÒ¶
~gÄ¿)!ùtÂ¸QBV€}”wOï7/W"Ò#Nkª¦àjz5éi&°¡¤ó–È×5i+d·<ú\ÈÊ6š£L–¾µ9<—6…”€È­¯™×zçlYüèý'§¡x1 Îÿ100644 default.conf.template 0šM»¤¶L‡¨NyM#RŽè.ö¡H¹‰xœíVËŠÛ0Ýû+./ÚEb{
í4!‹2éc:tQŠu“¨#KB’óèèGôû%½râ&4JWFâžstu>ƒ×bŠàpŽÎ#Xg–+øþõx©§
up+°Fê OZÅKôpÉ…X=í%gpcƒ4š+¨­yå¡&‘)ÐÁèúŽ¤½Q¤Þ€žJ½¸hHr*#jKzÒó±BÑK.² GI}‘šî&Æ4¯ÒÇÑÍûWW×ëAÒÄJ%)iVñ%±b^~A(ò·Û°2%)CÆ­Ì¶òñi¦Î,÷f!Ø~–Õ*HÑ¿ÈÛQw¨`±bQ¨è‡qÍÊÿñÒ}€>v? WÝ«[HV& £»£„7Æ-¸(bÒ‚XlÉ&m(¶þPäÖ™` õå+ÜpÖ‡[ø_®{;uÔ ŠEN½éÁ_­±lòëlÑÿÃ^‡Ùñõ´äCw³_ú/óü´”›âUˆa¿x?©âüE/§·(`Î•Ã"÷ íüùÐL&»hhH?Ëà%k>hºÝŽóÜ÷ä€tr#ºQ*S‹¿¶C—;/4.C£zÔ‹=Fvr‚æ9Üzñ‹¡vžåEëÓoLÜãœpºXXY„@Vdôß õàPô<Ï¡sO×ÜÕ2à'Ýiµ×ÉÍ¤¼¹[xœ}TI–¤ \·§`ÙµÉtÈã€J•ŠÅGÚ¬Ó7šCgÚO(ïñ‡ø½US§Qc|;]°´=™:o`2^¯»ô"ä—T’41Ì³$qú{2N£ßÉ¯š´J;òG_ÀF‚Gá
³Óã´ÒØÔ%IÈPÈ0c˜¾¡t¯;,8Ó‹‘ŽÇÓô¢½Àå.t(ÐÊ)?1Ê)«x™eé¥¬ªºæ\å¢Øç÷~\øü´))žÉÖe……ok~ ¬ƒ¥sŽÙæØ6]t2j9.6ìÏ¨±$c3ß£—zocoß´±$”(”±Éê=ŠÓÊ¬âÞ6áŒÂ9†¢ÉÇîÌ4ŒÂi2Ï­€ö®sT‚Ì "Aú7‚jÜ¾Ì-É ôO°¼(NiÅ3ÊNeV¦çº¤”)ÆE^ïœÀ›UûvêÅ`~ô¢Ål—ñ:¯^ˆF/°ê€³i0$®Uýò Ãý´ ŸÿpB!ºó†”×vXK¡8ÛE?F=
€Út÷v÷ëyàA»`¤¾Qþ9œ´`œæ<K£±©Tu!Êb_‰{¸I©hÇÇ¼÷{ûêÄ£Ý.Ê½ÔË¢?÷S¼pÆè÷g–j—q··ÊS0ýzAØAMÈü¼F”íÄÐ`ë2é®£·ëu®ÃòZÅ™ý?†W”“oùãu8 Âuì8)\×{Ã{ðz^kcçì#ù!7Óð¸xœµšYs£j’†ïçWÔ=a³o1l  !¸cß±Ã¯äª>-¹Ê§ª§{Âá%á'_2óËåÃqÚ'ƒ÷î×%èu%§U×àˆ|‘wy‡¾%ðJµqÑÂFÙÊÁ.o{Lò´f—.'ö«›
G­“ÕýÏÅ¿‚qý^ÖÁƒkL¶·×u¾OW¯¾ïF¨?™þîŽ¬¨°ƒ1zà1W:ÆüŸ¹uÆî·~GÈwøCæªÖ|Bš+íÑ]Ìh¼dSBªh°@n¸³{¬ §„XÌïpO"åEhÁY÷f¯­cJõ’p=]lç×0Â‘‚-Ô!Ð ªvÛ†à<'n—üpÀ‡òÂ9°Ðà6–£Î™¢i¾Â&nÝE¿ì‚eÐh.Ã°?b>É½îoFÏDn¥$S3¡Ã÷	
f(»ë5GÇoÊnûmÆi¯±òë lÁ)ôºÚÏÃþá	êÆHZ(=¤G-õ–<B(4óÃEÛfOF®	(›$9ÒñŸ ŸÄo¨±ž€´jÓ‚XÜ©Æ¹óm¦€(‡1¼8ñÑe<Cåõ3¹ën½Õiàƒ#úmDßaø»s%Uç`jŒ‰„Û‚æ8*OðþÊ©í
;k€‘ÛÅAA­—þú$8P%Î´xW‹)íb~ˆ½ì¯-Ä¤ÈÖ|A-^½%½&CàŽ¡'x×„ÓÃ¯`™´)Û·cštqy­ÁrDf*À.×ŽXªˆ™ÑI€‹(õ{0ü ŽìÝ«‘"Y›.I_hŒ~ïP ÍEÛ†ÑÌ¶ÌMú@üOHÛ­Z¤pVA¸ŽõÐ}¡÷íã¢‚1%ßèˆ„ 8€6³xl¶×#7 â]PŠÊÒ“¢°	ù–N“°@þgl>=®?\®úÍís¿#]*1o^œ[¶ð!®Ytâ/1Ý*}òãÐõiõ°œ¥[¥køp%ô=8û5OlÒÄ¯ÇDÈ':]åx#F7¸MØV'ÝDK>oBÎþ3è“`u€W©#nÓuØ±oU{” ;S÷Å?Ï@¹[òØ¢¯_Øa¶]ZÐÓÒm~”—‡§¼°wßÉ@×Ê¶\|HÔ¶Š+ÃòbåÂ%ÄxöN›‚4-tÀi þ5øÓ°Ž¹;NÊ˜Íw…x÷æ½rË‘¤Òï¦Ô_â)3®³Lþ¥2ì:7¡†©ï>ï#s–êÛÎØé“å:]\Ý˜7œaßØûÕ(9‡§ŒzfáO±O¢o¼($¤LúxG\ª½zâ-ÍOñ!£ W‚ò} 1L¤žÍ|IïÜ®xJNÞ¦Eß<’¢¢AÜ%æêv‡¢	ˆ4ÃªP>Ú¥˜pL€b³_gjÏÑsç#„S}í£?4÷ô©‚ô“ª£Sµ1Ž9õ‰?F²+»÷š¥ón`ƒVéÊ®™Î_[-ûæaÁ¾—ë˜`¢zcP9ZÐ¨O<¨«LPÌZ&Ýîž”Ë’AXó$OÌ'¹N¯ë¹g.r3EŽØr1wf›Q³I€‡©þ(ÎÜ‰»W¹ÑORðñ9âßFüýGgqý«›¶ËI¼Œ¶8&.Ñ	sƒŠÑíNž-A°ÁY~Ë{’ÉwwöD³ÓµÚéáp³/åIöìòWêQ2ãP§Ô/±uÛ}.ßÓ|8êb¢zÑ çÁ:
-¶ë@˜ýõÀNoÏŒzM“ØohO;Ã3ÃÉˆÉY–³È¥ïvFE¡DrWIynâ‚Yëêã?IL«Ü>L‚üîÇ•pZSpî†¥™‹ˆìŠ¸8zÇ˜ÑqOÕŠEÇª Ü-D0¿¡=W…cBIA¨A“¤=$ '¹wN¼BY•Øì;­³@¥°ûIbVwá_ßGìÛ¸¥Ñ;ò€êhæ9t0ái¤³cÁ¯£¤æ-#÷hVÈke9{¨ó?ƒ>	¶®­ìT1Ï×¶¼·Zt*ˆÃð^Q½N²zckR"ûÛ÷—rWW•zGÀƒƒ[5ïÍŒ—ˆxôl?W .„#‘'ÚÏ°e2ˆÐ[ùûg·þø$´¾“aãFÂ$	1ÕàE|Ce+>è™K§xº(ýM!ÔOÜ:.>|à—Ç§<1£;~±»1åt-Æª•ôÊìY2¬XCFf„¿Ÿw)ú9R?óždÂdp)rVssø¼5ŒcÆåR6„·£W‹2<î¥¬þìÏì0¤ÁGZýØy¤Ñ•yUë2‘¡*8cÅˆ×–YXŒ[ 9¶N† í ßÐž$šÒrrBLïcÚ<»µÞïa•»ºš	TÉ|ñµ5g®Ÿû`7n×Eiñ£éè	±¼/0jtÈÊÝ	ä÷T¯Â“ŸTÔš{•‰Ôo:Iýä“XN˜¡ÔÀÝÒ;î_ïçS†Ë‰°3Kz¾àár@…ø—ä.lÇÔ¿ÃÿÙe "`Âômk.D„K¥+å„ª®CòRLÚÙn»„u½“šbîqëvÇ”©¸bþµ{þ5‹OŠ›²c«JOcˆ¢caÙF½·Ã¨Bcå¬¯YÄ‰!ÓÎá×NœÔuòG	&»;±6Ÿ‹|ÞÕqh”ŽƒÏ«™øf¬¯  ážv¿ûîIdHj!-“ã •+÷–UwDJD£u :ìcÉ¼·wQ‰j‡ùu‚-/ÿ±2~T·“NU €ðí•AßešÖ6q©kµ!ò\±dêÿ:?Ÿ¤Žmš
7qÇ\ûp»eÚè¨(}—¡;à®¹³k#AóQñµå…;tMÝõ[*›v¶>ÖÍ~•*bVšÅÒRàÈþv¹X#R÷ðyd³9Œ+Ò­•Ë‹ÿ§Ø'ÑÊçEcT~­«ƒ²	„-Úèèƒ	@­HCñœCNÓúŠÞl§þ¯Éö™½“ªój (‚ŸÓ®p$¾×¤åòÔìBŒªx¿*züläz@£Ÿ¸ÛTÒ§ I…ü´¬ìMZ •>\<LãKÈq·‡ÈœUÿú$XñWªdæ*Kìu§ÞWjÿ #jòÒ;vãªmÝð—é5…Ë­9oa€¿ui|_?rm¤0ïp®j}õ›¼ý¹U,0æÚãì¥í.F±ßŸ·58ð³ÝØkÒ·ó®ö»Ô‰ÀãáÚëd•˜^Í@ ]ý÷ñõíq?E~·yâú(ªH\Ä›°äz`ƒl+=*\÷
$›ulBÇ²èch²üÏ O‚),.¥´poØêŒe­2îÀ–„»óHOÅ'Ÿ#j¹×4kÊpuÛàÑþ‚4ŠŠÔ{êÛö5ñtÜ/çš=ålŸ&ãrª9ÕÒqVX¥ŒàÂñ˜³úgÐç¡ÿ ’d^ï{6pãëU~ÈïÑæ‡Î‹ÉØ9^m¬ÓyÛ_#×†AÚ}ß¼?Œô·‘~ÿ1Š[7í –Ð¶Ì§µ ŠÚ/ Uà«å˜Ïjz<²ªKÄ|’kr“LŽ”/²Tœ„”ÕÌÛ,Ç'%p|†F÷á$‘iµ.ÖëÞvàü2DWœ†OnXê…BÈ‘>ïyáTô$qU,Ñ.9÷k´ ñ|ùô$Œ¼ÕJÜaá8WA—KÜ¾Kj€áëZÕÈä/¹××Àw}ö~Ò‚µ—ÍãÙVÜå6Òh§€T&¿’Z?÷íÜ¶µ×‰ýn&aV…_cû°ëÓhyF_È*nIÍ',	RTí¹é¶÷qÏ‰G¹Ä¾\/±S´ ý–ü#bw§jÝ×q´m‚Võ.gºžÎítC7š@À´¦¬ãß’éÕßéÊs…ƒUSLâ@D(c·€“8 ([{Îc¿1;óOb[$õÁâ®`!ô«BNØN.x†r»ò§ÝQ§(á¾Î•ËðqSS¥Ûæ,ö?ÕÄrQd'N3€Ž,Oñóùê¢ù/-S­}MÏÞ»B~ÜÕ…[Åïuƒ3è·KÓ×ÿq`B!
A`¦Þ|„ÂÐ‚Ú}®“AvŒ}¡…AÂ.áT‰Rù‚Ÿ/ùÞ¢îMÐuL¿±†ÀÀ0ŽÃùQ´¹8Aâðó,¾ÇŒÕõ½L§¾¬èF¼ÅÌª6{ÑñÔñp×`<ÿKkõ=²{–Ÿ:õv=§(6â·-ÇH–Ëã€ù^ßÈ3ÈÉXÎÕ×Ê¬ç–ñ º8ëŽºØP–1²‘4ÈvÏF#/Pc—á™¼|B> o;ÙoA8>6:A ¦…Pê"|„ð¼ç‹îLÆÉV@Ã×#d“§êuÚ~ç/Q(b7šœÖq¯Ø¯¾êOY¯7¸¹±3‚:ödh­žgÙùäìNCÚad_’ô“î®zÜÃ?åñq	Šl‘D=#à0ô)ü9’+ÎéWÓ4KF&HÒ\e /;i’š’b ¾ïe«ÿÖÔ–4BÀäæ+ú-„©Ð÷<‡_Þ´”Ú™i.ø…_ý‚!žZc*¶Lýî¸´ÎJ]£(xÄkj{ší,àÛ¼O¾¹0Nlùê=ßÖé‰æqÖ˜oõ¡²”!.mà;†öEŒ€
é¼Peús~þ0õZÚs Wõ×J<€ÌÕ1®‰95•=Þòxë(¼´Âf_8	ýÑÇß‚ÞQs’š•ÎWº#Ý	ël Oˆ¥Š¢¥)>çÉèYØ´_TOwn'$ù”Â(—äØÃwä°²‡üº[ì]ñ9Ñkwèäù¢î`²ìlÝ/.´ÍE'¥¿t«oeÊTnþÝÎÃn0jãñ(ü-ë9¶É#ÇÞêŠ{Ï¡g¤šXÝ·ÁÌDw²á“"ÜÝ¼äãUÍ3²[*ÿ%‘±íü!Co0ü8‹Û‰ôñç‰VŸÕ8œð«<¯Cˆƒ™l
øfMv-´L×–%!¹ŽHÄUÿÖÖ?ÓÇß(Šˆ<%áðå¸ÿû¶^{ü¿ÏûQKÑãn4;¿ÔjU‚±:Œ/$‹"|¿ sI„ÜÖœÓíü5èùŽ`íé0À1·;þÒWP¶ÇÏ×±‘‰v½Þ[Ü½-=´ç(ÿ‰×½Äoó(Œ!ôVÈƒa/p]ŸrŸ_›'ŠùÅ	÷(Oº¤Ï30Ä¬–îÈ]NAæ§ûäs»|1µƒaz«FL¾Eæ‘4ù!ñœ*	|Ì,?¤oº²?ENÍáÈe{šïW\‡"8ô„ÏÇùÕ0¡8o‡”O¢</†õ)OX•Û„¬.aÃ±~Ž%³F-·Ó±k{^2?×¼WSëhsávÞ<ÙŠ¸¸0äþ¿˜úGþ“o”OGÛ ]üåÙ¿m
É²‡üébÆÉKÜ ¥6L•Ñj†æD7P½VùýšƒR”-¥ãÕ_ƒž„×K6©+«çKƒµ’NóZºÄÕT$;Ó4sçœ.>ó‰×‡mùš”[w|4cäBÚ§¡^2ÅËH#âôžå-ñâÑ]Å§LÈíŽB8×ˆUÎ8W¤›yågíŸl=Æ·-‚‰Áoù†ù[@Ÿmen†¶·;GÃm[mí³?D7/ñ5ÑÕê ö§mOýÂÖk 3•…·ÎúÕ+4ÛY¥àÕþ84è*š{R.÷I}.}8ïk/¼ã]¥„‹v±j›Ñè®Z@ãJPMI
JY3‰=¹,Ã¤}.cÿä=â¸SûàYïWk='ZÏªã]\ùfG¤­F¯45ó~XwÃ>ýš÷üs  $ÖHI¸=«3.Øiä¯„Ê¿¦:!K’™rÑúïu_*[»šD×=ÕåîàœÓ0ŒjXàÛÎ¤¹“i}›u7Þù9ßyðkã…)G;K‡Æ¦ŽòukÞÝAìÍ EaOûž±8x?˜G{5>Ïì]¹93	çí½99@Ò‡TÕpw:ÕüÒ›(½Últ ÈþÜšžIÏïqáÀG‹á:´§R?íA2eƒˆJÆ:èáì7nrK‹õsïëºxn*DÃREÃÈE.A!>âá“±Š<rCà³`%¬óu_*oÙxY¦rg}98D¶Ø£Š•?ê“1úÑVmÙ¦„¦"È÷`Š‚Ÿy "àc'·éæL}åæÎJ„ˆ_ÒuŸCÜDFøéÿÃü?/uÉq/‹—ªÍIâØÜãˆÇ™{‰smˆ%tÕD0¥e¨fû§5ë/âkA»Mq^ÐØúŠë'Â÷m¶0ÞxRªÐ.(]és^ÌaÛ~¼:|êéäc!Å·qìÍ¥)<@1ˆtÝçs"øJÐTWÑ—2CÙ§ÕC[_.ÑeÝÁÊÎwEF´STÚ+‘ºÉã÷m§ö“ÐÏßGøÉÖã~Ÿ‚)E6ïC‚‡aþ<ªÔDê]ef­WÊï•æTÈgÎÙþ<«#Ð÷ŽØÕÂíõÙÖâ–Åû÷úë_FP}¼*Çá7:B"té$ý'SlXrr%YN8ÝB 8³£öÏd¾’­äŒé¥<B,¨_™ú¸ïŽæk	îWf¬»"£ßK4|0è$9–¥¥ÕÖ ÝL[6HŽù’ó•õ¿»VßD¨x¸Gþ40000 api ¢>¤Èf¾zh@ y’k÷ˆPj40000 auth Ž¸|ñ6­‹­ÎÃ›Í¥‘Šïu40000 config ûsUßÄò%ávh±„nêH€.40000 envexpand #„‡lROó¤t}‹¼rO¡ŽLv40000 mail d˜5¸×­©'…?½“Fmñ40000 meet óLxê?hZÎžadìÅ^r:Ñ40000 nextcloud ö†)gª$|oúbóš
†Y—:Ðn40000 permission 	eÃ%ÅPu©ò(ñ"SÙ1@Þ³40000 photos ¨«›CúÔû W^dìA4[¦öþ40000 realtime „U²ïó¨cN
¹Â¡¤|`oôòŽ40000 search [ã¯vÉÙbvbÎ°Ü•_‡õ7q­40000 secrets 1£rö‡Gˆí–„°¯"! ‡u40000 securityaudit >qƒVlnîq}	1Wš¼üÔMÝîÞà´õ©x™fþ40000 admin Ú8cq>õÞ¦h9`„pÙ40000 apiresponse *››Ü–ÎGö¥V‰{â ÷ø€40000 apivalidate SæU‹5’[ì‹ÄáwÈ\—Tps40000 calendar ¨þ ?óNÇåøµ>úŠ-°ýçð40000 contacts VˆÄpoHh]äªžµ^24©]»40000 drive }£Ç6Ê #eíÛ…`ìÖ¸žå–ò40000 mail W¿Ÿ`óÀ¯.ØVÄÈ”Rÿ40000 meet cìˆ?º‘ý(Üiýg“íD¬´40000 middleware 
ç’.¶‘GÏë5›pïSÜot40000 paginate ÒÕ!Q»8ï[Íö+Ã£*m»40000 photos ØHþñþIÏ“† zÃa40000 query {p«Y"dðpþÓî÷vö_—c–«ÿd¬å¤xt ‹ÿ100644 handlers.go ÒYTÍ¹Ó¾ÚÝˆÁ59!€²2i100644 service.go …3é„2ó$‘Q=ªhÐ…û:Ï|100644 validate.go ë"[c<ôÒÂwÃlÖ{z
7c*-°µëxœÝVßoÓ0~nþ
ã‡É©2÷‰—¡=Àl0með€ò¯±–Æ©í¤«¦ýïœí$MD°±!Ä¤®±}÷ÝÝw_®.X|Ã¦Å27,6:Ä¬Ê p&§#ÿ0<çÜŒRc
Àb*LZ^ÑXÎFS¹§bd?ÕËÍÃ23B—Âp÷´ÁxžŒDn¸ÊY6b…°Åu!sÍñ£¼+–‰„™ÇxÏD’d|ÁÔcœç%WËúåüÖÄ™,“ú\Í„ÖBæ8ƒÀ,ŽNXÉ+¤*cƒî‚®bÃ	W•ˆy0€ÞMÁbh›HÏÜ"¸‚ë2Ñ9_ÔVÃ63z”	ž›› €¬¸)UŽöê-Ø±Ál4À©ãNÁ‰z€\Ôc~Í &Ò¯P.ÁP-ôàáFuûÀ'¶¾÷mz$mÑ¥,×$D 3ê>+tpè¶ ¿KB›+KìÁª¹ô’ÏKPÙ¸e‘¬…C-Kó£:™uÏxÅ³K@à…‚=-òW	(OÍ=¤ï¹!xt%å–Rz&´y$ðšè7v3ì·ÝÙ¯ÓãûÖ±	¾ÛIs¦âÔOÜã¶¹+;¤c©{¢ iŠÜò;æ7<‡ÎØ/;Æ^Yjwã7+'d‡eÖMÇŸŠh¼Þ‡·RƒxAqÆÄLoôëÈm¾SrfS ÍE›§ÒqåEˆ+§­”‚Ê·èïºDÈ‡¡“ò
ÜÅµs}qˆr‘Ù$)õ¯}«”Tg †˜GCM‹1·‡ØÅ”AgªQWâi=Èjµž6ûÂ:Ô˜\œ[CÇÈÄ0Sê‹š±âÌ
‘O¿³|y‡ë$~ø$|2÷a#i<{
¦ØlÕ7hé˜)Ím5<Q;ùÞ¢î“õöä[òZŽWZj˜Q;ÚÞ–ÜÓòÈŸÏ—gc›2tìß˜fÈ—ñûªh¦áß„¯º§áëÓàÿk¹o“¥lÿ¨ó!õX´‡?D‚}¸Úôðaì6«0ìˆŸ÷ÀÍqØ'²š{eæCFhþ Yùéþo	kí×â¹u*¦šúQçŽãwZ´ËÄ1eÒV§ìì¼­Sy#“e„öjÈðÕf:tvUƒ7ÈëÅwPª_iú‹_ÁÍ¡+ìj‡²W%y‰­Ç|Ì ë¯vSp±‹Õþ§z[x“¸¯ÀÕ®#2_RÒ£°µ+Æ³O®ºÖ13is]£qXO‘M)ø,­é@<¥¶”°NL¿ÖÒùEÇ‡ùì?—.ÙÜM•Ÿ‘cñå"†<xœÛ*ûA\  19;1=U!91'5/%±h£@>;”=¹©Îf†³s™õê•t2ô|2‹Kœ¡¢Åš\œEzá™%E©‰)šzî©%JúÕ@“=]jõSËRóJŠáº\Á\„–ò¢Ì’TM½€übšœ†–¤‚µtMe‡Hëk¸¤æ¤BL®eQã„;kòCž$ùÄœb…Ô¢"+[ Òâ²dT§OþÀ-1Ù‡U‹3.âÏç0Y—KcòkV~¸¨’( &ó³É²A< 4<qrGád6vI˜Ðnmv°û•4'oäÔåÎÚ¤ q*ÔTo°3 õÞçbË)ä¥V”$çä—¦è%ÿrY³€$&Ûq›ó€MÖP+œ<×gòEn	ˆï¹u¡–é(@hZOdU˜ìÏÃ1À/jò6˜IQ^[£›7f”4DDŠO¦3 'j¹øìShxœµTÝNA•m»[QÂoÄ†FÍn³Ì’øs¡’ VM@‰7Ædéep»ÓÎÌ.L4á
2b|ÀP/ôœ™Ý¥½#^´;gÎwÎùÎžïìÏñ÷SÓ-¿þÎo àMYn¶åÀ¶Ì2¢”PV>›¨ŽìHPÝk5ö¼Î}õhŠù>ïìè—ÕB´‰Ã$R7ÕcŠù¾˜‹Ï}¯f‚MPIcàKùçí•? p‰4ˆŠ¹{f°™bÄ‹œghfâCnån0d7q„h×§®¡vŒ)Z#!²»4 ²TãX–IásÄí²3$»qÁ6\ÂŒo(Ë¹àõÔ£V=Ô0éP(zKÐñ”×Ž	÷5vñUehp…ˆ£'M|IÞnuÝì9·eÉ×ÑËqŸ²Œ×º´¤WÔúoõ«\â»1#–ó'ƒº-›Â'$âhÛâZáîY_Ì;âSa²6%~n>á%N­ÑJr,Ë‚xtääÁÃ9ÐñCø	ÛZÕNá_¬¥YËT†Rà6dzö¾zª;.Hƒ®£oeæDR°ÆlyrÁSJWFâ(pÀeš¦ßÂYUøZje~{×2¢¶Ô…âjšñ˜Fòt(¦ábq]Qœ”æÅÇ‚m(Ã§¹±b6¡Ëu.úŠ‡(j–¦SDL¬gÆzl¾H‚}Ü‘HqVœÈŠÛúFå™2‡º”¾æ'n&5d“¨—ý½uN¨\ËÅ}.³¿)•MYh½ÉÞ¶„È[])]º§b²4ž(Ir9N|Î#=ßé9áPçÿNPþ¶a(¿¢bXâ¨TèOG©Û½Ú»™ÞGÎWå‚æÍä#³‰+åç“µßh«eb«WoU¯|¥lokM© •ÈdÉâZ¿š´¿2¶ÿxœ½XmsÚFþŒ~ÅE“!RFvÚ¤-2C ·tlpn¦ãñÈ‡t% éˆíIüß»»w6vÒòI«»}}voWKîâ3Áx°#ÃË8‘Ì2j¦GR\InEäÇAÍÓ8"B’ÄIŠwóxÖHáïe¸¦7³P~XM\?^4>¿±œ]5¾¼2·¿ÂË2Žç›ÛWs¦«P
º{1-"
!¨–D|ÞàË°ñy%’kóaûRá¯’P^óU‚‰¶a|á	ë%É –ñ*
X‹)#Ý¸´Ì(–lŠt–Êë¥`#‘|	}ÁR™¬|É¾µ`Âð÷\›âÃŸQ#	@-ItãÙL$FmNWx7ñÆ0¦«Èg X±€u‰­ÃÛJ®6{ž)Z%B®’ˆÕ5	( h“4&<ÑV Ð	J§&#ºbÊÁ…–í¾ïZ€
@H$"i:Ì$Ð¼HgÓ†Í7¨=ùçÈéa˜Ê‚‡ˆF¢ÙÙù‚/ÏàÀêœG×D¼@|5Í.3/ŒÚ1Ÿ…—a1
²»&	É³õËœêÄˆùb)¯a{æG+Íb3ÔˆÔ°|yÅ4ÆÝŽº:lÉ¾Hµ4\{L›Y¹=Ž†!hd,ùœ²^ÿlÔÂ)¾eÍKÝ`â¾C>'ñ%
sØÅ¨wØëŒYgx:[Ïmvp2<bdí…íŽ|YuâfÿN\ž´XÎQNÅ\‰¯7¤:B_¦Îm¹Z(ìÖrÃ V]©ðèaÁCÀRÄÂa~"¸ÇeA/Ø<<éöNØÛŠº½Q^öúcötŸF=¸{iÔ.2'‚û –?§ÓT ÁÎÝ´›µ@L!GÐJ·3SaAÖH=4xÁ?	kNÛ1ÓXo€ÙEŒB¦Ñï–\ÀÔv½F[Û–Ëš;†?x³Ž/ñU1CvuÍ¯®Ö•Së9›Û1Ýn3­l1¾\Bé²èÑae3‰f“l2Ñ’VÉ$•ðY©f¢jð¨44×aZ®.‚›Ü¿a3Ië¡ Ý|	èAÕ!5”¸Îïf†Lô,-°À8(²:·ÿ”ÚÕ™2ú]cÈçM¼”“ú„lÈÉÿ]yÈÞÿÙ;éÁN ÄÓ}Ê2eý Vež¢àI×O-¸ƒ|]¹t‚ò©]Âj„|Ç¤Æjñmut*Ò…r·¹öQgØ>„"Ó³²b‰­²i
-KÊ°ü¯a@R<îû(Èœæj‚GN[p®Ê‹pÎó¶{3W{+Ð«L½É8Áfê±¶ZËK´["}ñæÍ3`é¥Šç3»Ùœ„ åW?½þõ—½ßö_b«‘O °J@f†“{ÍËT-ÛW¯³'÷c¡Òšx»<}WuÂýÛë“ùye¨UE‘0A 0u•_W‡ÖhßzàÀ›\K‘¢ª<kÏv4›<ùŠB¨©LÞS–FB¾CE«ë÷Óh5Ù¨PNAÈ[”«ô²U®b¼ò‘ß»þYýÁ¨w2fýÁx¸Æ†¥aQ]ã!ôwûð´7bÖÓ}‡aK5ñ&«pxñä£ð¥UÂ¡§|³‰ºãA^ƒLë‡}ÀqÆßfÝ!;=î¶Ç=ù¸(0™)äÉß¾=D4úNŽeËßCk°†û-ÞÕydÍFêBÛÛÆ^XysôöäªÎaSòd+P6€$S¡Az!€l£XÕ@êŠ¹bû·JÌ$"…f~+pºPÆ½­ÇÎºŽìàGX ¤¹X9ÚÓ)„SÐ„µZl¯¸¡tšÜ€€ <|+•þ¿íVNˆ=LK›
’Øý
(ø_Î'¹vQJfýè9…æCMßqX)ióè…ÂOôÀ¯á<-¶IÙ¸Vý¯3Ë6;«çÒïñcKÉå‰E»‹eæ‘cŒæ_Ïü]Ï¾Ë(Sí
jÉî|šÁ§û†R´J¦RIP7Z®Õ*æš{Â/T{hé7öqî€uÕ„Üg=þ#&‘ä²²@Ü9Û¤¸KÁ¯äú¬‰Åª©¤B¯Ät'ý€F~‡/¹¨zìÇÈË…‹ÇµõYœDr¹Eÿí8QP ÎLBƒ§>ˆCúäNÛX‘™J‹r37ezÑ¢¢N9tiù¸+žÌ[úÚ”WìÄÁÁ©«¾d¶6ý‘E@sƒ÷¥ãŸVêÍøÝ³Ð+8¬üU´M:@}>§&ŠJ[UõQ=D>1˜ªÕ(¼ÊÚ‹Ì¬³ý\-¥ï¢^^¯ ½Y±)Z÷õÛÈ²íoÓ|]Õ±P³*Næñ/6º!±+xœµ‘MO1@ÏÛ_1éi—à¢‰ñ`à¢ÈMbÔx5¥;»íÚNcøïva1„&:™~½™×¶J¿©%‚v–•æ 5­ó¹Èd`Ov¤Hù’x¥vÍ(¦‰q›-m5"Ëè­2#ÕR7>”¡J1ÊÓn[\³6.VRB¤¾C£Öø1ð«¾`W—0ÃÅ¹u´ö¥n=vqç’÷N0øE–ýVƒƒË—]BÎÞyï<|‹ŒjèíËgOÍS«4îå,3W0™€”ÝùÌ#Goá;ÇÏ#r~¸=#4ÕY‘é Ùv~²NôW›ðr÷Búž´ê“?y¬ä0Ý"Ûˆ}MKFlŽ^bŠ¯ò6…^æÞá\;òiš?Ûí]ë,xœÛÈzŒ•· 19;1=U!1%73o¢@h½&Wr~^q‰BnbE`i~IbPjaijq‰S~J¥‚­‚‰‚‚¡WIeAªBqj	²…â’¢Òä…j.NßÄŠà’ü" ÑN•%©Å
™y%f&
	YÅùyVJ@£ã‹!²ñI i¥®Z.®´Ò¼d5…²ÄœÌ”Ä’Ô`¨ÙE©…
Zh6M~Ç¨*”ÐC·ÇFÁ`²“¿¦:
¾©ÅÅ@¾•‚Rn)Ð±I©
yùyºy©é‰%™e©“72ªó†§yºh”‚©ÉÏíØ L[Æ0s£ •ÔoX§xç ÿ100644 codes.go »§&­üùFÆ*§q‰HL0ÑÓ100644 errors.go göÙG	‹#\óT¾„a‰ÅŒå100644 errors_test.go Íf"Á@K÷‚à5],Æcµ100644 response.go –Eºæq/88^jôH·lÆ˜100644 trace.go ì6±Oü¬'vé¤ÓE mYÜôM100644 trace_test.go Æ×‚= {“ô¾€Á^P0™¼”ü$[@´&xœ…’ËnÃ E×å+«v“|AQ¥H‘ÚÊ}­ÑÄL\Â¸cÉýúB±¬F*+¸çÞax´P¡A	­eìZò
±^Ë· Þ ¹©v™‰eM»•¨£'È[qó×›>|~x8ƒu°w(çq/D¶ê/P]"O¶ë¬oÒ”Ø~C°äçÈ)C%-Â;gÍõ°Íð¿ð;Ñÿiv
‡DÕâ„c94×N8Ã"³%Þ[cŠ]ŠÌa‚JäÄØÖK<TÀpJÖ©¯¤ê6ÉjaÅˆâcäÊ“³ª÷d†ÑÿLaK½7‹N<}Hê\4 {p“EýûFgƒ#ˆ—HÀfg¹m¼AÒ.1%îÄ°šËÝ³%xS¬ýpackage apiresponse

import (
	"encoding/json"
	"net/http"
)

type ErrorBody struct {
	Code    string `json:"code"`
	Message string `json:"message"`
	Details any    `json:"details,omitempty"`
	TraceID string `json:"trace_id"`
}

func WriteError(w http.ResponseWriter, r *http.Request, status int, code, message string, details any) {
	traceID := TraceIDFromContext(r.Context())

	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.WriteHeader(status)

	_ = json.NewEncoder(w).Encode(ErrorBody{
		Code:    code,
		Message: message,
		Details: details,
		TraceID: traceID,
	})
}
Ù,Å	µHx…zûpackage apiresponse

import (
	"encoding/json"
	"net/http"
	"net/http/httptest"
	"testing"
)

func TestWriteError(t *testing.T) {
	req := httptest.NewRequest(http.MethodGet, "/test", nil)
	req = req.WithContext(WithTraceID(req.Context(), "trace-123"))

	rec := httptest.NewRecorder()
	WriteError(rec, req, http.StatusUnauthorized, CodeAuthInvalidToken, "invalid token", map[string]string{
		"reason": "expired",
	})

	if rec.Code != http.StatusUnauthorized {
		t.Fatalf("status = %d, want %d", rec.Code, http.StatusUnauthorized)
	}
	if ct := rec.Header().Get("Content-Type"); ct != "application/json; charset=utf-8" {
		t.Fatalf("content-type = %q", ct)
	}

	var body ErrorBody
	if err := json.NewDecoder(rec.Body).Decode(&body); err != nil {
		t.Fatalf("decode body: %v", err)
	}
	if body.Code != CodeAuthInvalidToken {
		t.Fatalf("code = %q", body.Code)
	}
	if body.Message != "invalid token" {
		t.Fatalf("message = %q", body.Message)
	}
	if body.TraceID != "trace-123" {
		t.Fatalf("trace_id = %q", body.TraceID)
	}
	details, ok := body.Details.(map[string]any)
	if !ok || details["reason"] != "expired" {
		t.Fatalf("details = %#v", body.Details)
	}
}
hãs½xý ÿpackage apiresponse

import (
	"encoding/json"
	"net/http"
)

func WriteJSON(w http.ResponseWriter, status int, data any) {
	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.WriteHeader(status)
	_ = json.NewEncoder(w).Encode(data)
}
BÕT¹x¹Fþpackage apiresponse

import (
	"context"

	"github.com/google/uuid"
)

const TraceIDHeader = "X-Trace-Id"

type ctxKey int

const traceIDKey ctxKey = iota

func WithTraceID(ctx context.Context, id string) context.Context {
	return context.WithValue(ctx, traceIDKey, id)
}

func TraceIDFromContext(ctx context.Context) string {
	id, _ := ctx.Value(traceIDKey).(string)
	return id
}

func GenerateTraceID() string {
	return uuid.NewString()
}
ù•¿³&xcœýpackage apiresponse

import (
	"context"
	"testing"
)

func TestTraceIDContext(t *testing.T) {
	ctx := WithTraceID(context.Background(), "abc")
	if got := TraceIDFromContext(ctx); got != "abc" {
		t.Fatalf("TraceIDFromContext() = %q, want abc", got)
	}
	if got := TraceIDFromContext(context.Background()); got != "" {
		t.Fatalf("TraceIDFromContext(empty) = %q, want empty", got)
	}
}

func TestGenerateTraceID(t *testing.T) {
	id := GenerateTraceID()
	if id == "" {
		t.Fatal("GenerateTraceID returned empty string")
	}
	if id == GenerateTraceID() {
		t.Fatal("GenerateTraceID returned duplicate values")
	}
}
.“Ã©xY ¦ÿ100644 apivalidate.go âœo·®QÜi›Ô[•øW#\hA100644 apivalidate_test.go k­-E)kâh_ ÆšËiM{DÖ¸!ú·£x7
Èõpackage apivalidate

import (
	"encoding/json"
	"errors"
	"net/http"

	"github.com/ultisuite/ulti-backend/internal/api/apiresponse"
	"github.com/ultisuite/ulti-backend/internal/api/query"
)

// FieldDetail identifies a single invalid request field.
type FieldDetail struct {
	Field   string `json:"field"`
	Message string `json:"message"`
}

// ValidationError reports invalid request bodies using field-level details.
type ValidationError struct {
	Details []FieldDetail
}

func (e *ValidationError) Error() string {
	return "invalid request body"
}

// NewValidationError builds a validation error from field details.
func NewValidationError(details ...FieldDetail) *ValidationError {
	return &ValidationError{Details: details}
}

// DecodeJSON reads and decodes a JSON body with a size cap.
func DecodeJSON(w http.ResponseWriter, r *http.Request, limit int64, dest any) error {
	r.Body = http.MaxBytesReader(w, r.Body, limit)
	if err := json.NewDecoder(r.Body).Decode(dest); err != nil {
		var maxBytesErr *http.MaxBytesError
		if errors.As(err, &maxBytesErr) {
			apiresponse.WriteError(w, r, http.StatusRequestEntityTooLarge, apiresponse.CodePayloadTooLarge, "request body too large", nil)
			return err
		}
		apiresponse.WriteError(w, r, http.StatusBadRequest, apiresponse.CodeInvalidRequest, "invalid request body", nil)
		return err
	}
	return nil
}

// WriteValidationError writes a standardized validation error response.
func WriteValidationError(w http.ResponseWriter, r *http.Request, err *ValidationError) {
	apiresponse.WriteError(w, r, http.StatusBadRequest, apiresponse.CodeInvalidRequest, "invalid request body", err.Details)
}

// WriteQueryError maps query validation errors to API responses.
func WriteQueryError(w http.ResponseWriter, r *http.Request, err error) bool {
	var qerr *query.ValidationError
	if errors.As(err, &qerr) {
		apiresponse.WriteError(w, r, http.StatusBadRequest, qerr.Code, qerr.Message, qerr.Details)
		return true
	}
	apiresponse.WriteError(w, r, http.StatusBadRequest, apiresponse.CodeInvalidQueryParam, "invalid query parameters", nil)
	return true
}

// WriteNotFound writes a standardized not-found response.
func WriteNotFound(w http.ResponseWriter, r *http.Request, message string) {
	if message == "" {
		message = "not found"
	}
	apiresponse.WriteError(w, r, http.StatusNotFound, apiresponse.CodeNotFound, message, nil)
}

// WriteInternal writes a standardized internal error response.
func WriteInternal(w http.ResponseWriter, r *http.Request) {
	apiresponse.WriteError(w, r, http.StatusInternalServerError, apiresponse.CodeInternal, "internal error", nil)
}
?š»¶Cx6Éûpackage apivalidate

import (
	"bytes"
	"encoding/json"
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/ultisuite/ulti-backend/internal/api/apiresponse"
	"github.com/ultisuite/ulti-backend/internal/api/query"
)

func TestDecodeJSONInvalidBody(t *testing.T) {
	req := httptest.NewRequest(http.MethodPost, "/", bytes.NewBufferString("not-json"))
	rec := httptest.NewRecorder()

	err := DecodeJSON(rec, req, 1024, &struct{}{})
	if err == nil {
		t.Fatal("expected decode error")
	}
	if rec.Code != http.StatusBadRequest {
		t.Fatalf("status = %d", rec.Code)
	}

	var body apiresponse.ErrorBody
	_ = json.NewDecoder(rec.Body).Decode(&body)
	if body.Code != apiresponse.CodeInvalidRequest {
		t.Fatalf("code = %q", body.Code)
	}
}

func TestWriteQueryError(t *testing.T) {
	req := httptest.NewRequest(http.MethodGet, "/?page=0", nil)
	rec := httptest.NewRecorder()

	_, err := query.ParseListRequest(req)
	if err == nil {
		t.Fatal("expected query error")
	}
	WriteQueryError(rec, req, err)

	if rec.Code != http.StatusBadRequest {
		t.Fatalf("status = %d", rec.Code)
	}
}
}Qc¤xt ‹ÿ100644 handlers.go yqÚÏ‡‚{x%‘½ã|ý,G100644 service.go 
(é¡§_v)5[I‚1åïwM100644 validate.go YJD—Írwy¥ñájJâpzÍ++µ¡xœÍVMSÛ0=G¿bëcS×î939´¡a†B˜ôÖéá(‰Š-9’ÌÇ@þ;+Ù²1”´—ž,o´oßî{R\ÒìŠ®dRšM/J©„dØ »5.µQ\¬t@p½âf]]&™,Ò*7\WÜ0·úp‰hL,RŽyJÐ<¥%OKºâ‚ìŸº©˜ºÛ3O ã,—Õ" !æ®d0gêšg°‰*3pOF"ƒÃvc2Í9†l	YVøË)»i2Â¡}z@DRÌTJÀAºÙD¶mÁ.¥¼šQ³+ÍÔñQìÇGP4jž=¤ U¬†%åºLô:¥‹…bZÛ<Zðj<\îµu¯mñP·\#8áÚ|ª±>[¬03·ÐHœLëgìa=½ðÇÏ®ÿ^vL)©¢qˆ,*âA#ËË	2mÜfw÷Tña è—mÂ ¿µãÀ{5¸ £Ym..8³$]à3Ô§”m4–z§(Í¦¿8'Ïäµ=“2†’*Zè†‡E™¹ ±ßor¾ƒñ¤›aŸÀÓ‚fŠ"2âK‡ñn‚çÛËÒ¯}¿u•ÈhKFKžã‰a[¶^w5[ZuKÉ9À²Œ44·)þT'óÜÖ¦œ-—š™0j'ZªCÄ¯£ü®Æ:5ÇÇÊ8nÁŽ°áa%çŒªl½–1lþANíê;!ëû2ù®x1/)NhS‹ä÷L&N§62Ô›ÿö%»ìvùgÃÄžÇß8çu'ì˜çpÂT1dØàîu¨›vžüÔ¡¨Vþù¸Sê-j4U¢aöG,godß Ù*í>Hss£#ôÂ1tQw‡(¼Ç‘É¦ïvy"o˜
‡ŽLmÏMï´4=´ß+Ö²2Öˆ½bá Ÿ1äL´¤-ìGò{µ‰ŠŠÞ'+cOjÃÇ¡p¡Ãç„³äk•ç§´`¨à&‚‡L½!íKAy¾gÎl-Å¾uÎÔªÎ°¹)M€–%~.…ø‚Íãìü¶­50ŒŠ?Ù]oLè:…	xœ…SAkA&ÙdW„¤lÚ×E!Ûn¶ÕƒH `1
… ‚½Ii‡Íl»º»“ÎÎ¶‘Ü½éàÕŸ ôêÁàÁ‹àÍ£¿Bœ7»MVZ1§}o¾÷½ï½ïåÃµ­Ö„ø/ÉŸD4þ®µZ7mÆôlãNåúyú)‡Ý,¥|{è"VWz³štÃ†uÈ_Õ‡­C}­ØÍH.Ù®.Î÷ªKó`¯Ú¾ÿð˜&"…©€TðÌðÚ2ó$àïùnBO…±lìé4&÷_¤,éÛTÅòsu·†²c€¶Œ[Ó9«”sÆ¤8‹¡? œÔ{ÌNºŽ·5‰ ÝMz·]Øt,S°c
HÀ„p§Þ#¤\@FØ!o1˜ÂZéÝ2ß”KvX¹@uÌÐ;±–Iµ|-µ¤^â{8L>V×§.”Œ¹àÖf·‡Ž¨ÇÁÞ×—ò-ý2n^)hôúnÔöÛóm¡¢<êÈõ'yÑYl$D‹Âä@	ÓN¬ýmì7–ïêêÿ+œ	ÔLŽüV_´†4¢‚WjZÞ÷†3½„RW!Ÿc©}YâCF‚òÒhê€.GÅÎ%—¥¦?Rnä tcÄN(—o›^.æKsåœFÝ‚ªèã¨“‡=%ýâ$Qÿ.]²`®›Ô{–Å1á¯ä'³w•zCšú<œˆ%˜±¨7b>ÑáO³S¡ò·ÙþY²1AéÈgxœÛÈ:•C  19;1=U!91'5/%±h¢Àrf#S³‰;¥e\ËRóJ4RA¤‚V^jEIrN~iŠXxò;F%¾²Ä"…”Ô’ÄÌœb…èØÉùŒâ“ù˜ÄÁ:ô‚Kss‹*5lm””ª¹89ajm
€¶i@t€z%´Ü2SsR¬”Š!:•t|S‹‹ŽŠ¥–f¥¦(ÕjrqÖ‚¬1„ZS’XTB¼%pK@úX¡±Â5/…xüa eðÏÅ™™¦ q˜f°`ó‹RKJ‹òò2s@ê&{0ªsCéééiN>Îø
 ~Ø‹Þ 
x  _ÿ100644 handlers.go Û¿žFë‰Ð¾ëu>qxÅ 100644 service.go €Ô´çem<ØAÙ¨žV100644 validate.go 7ï-šyr´•Û©Hxv¬íqf100644 validate_test.go ‚Üt±º¨˜±;ÕcÙCªaÌæ.>»¼xœ•ÁJÄ@†ÏÍSÄ9H+ØÞ…=ˆ°GO‹WÉÎ¤58)3YXúîÎÚÕ“^ÂOß—!ûN£AÉjy‰I±…Æ(g•0¨y}+ÇÞÆy(^%QþJ÷ÇŠàà	Ê)ŸÔúXœ`,Áâ¡’^È‹#å§Ä—¹	[Å»«¦?tx†FFüøõòö‡Û_Wç}ñþ™f~@óèÈ¬Þì0ˆ¿pí÷¤ä[Ã§…­²Û¸ßUMÍú?]åïþâÏ’s-‚c}ë5Ô¿SŠi3­ð	|ú¤xt ‹ÿ100644 handlers.go e´j-eiá«_€fHÍušóAq100644 service.go ç¹Ð/‰W”ªö{óç¹Ûëº(100644 validate.go 9}íÕñPUƒtr„<¡;ÉYq9¯3-i/"ìXìxœTÝJA¦š¬ÙI«(VÙ.’îJ²Z(½°H’Ú"jÔ´”R
Ýf'féfg$H‘\µô¦P˜)^´ïÑ'(}_ Ð33ù3*xµ³g¿óï|çÌþÌžå²‘[ýèbÃ£~#ä7"B™a!Ýô‰yºè%åþeìs²$O³ãÝScü–¦»^Ãù½ñûÌ¦?Ž}:Û¸…ƒ'`#¤SçµÏêÅ®g;Ï1³ÌÕšàxuÅÌugÛÙ¦x·/…z¤ÄõºèR÷u 6ÚÔgØvöH<Jý*P¾ŸXì‡K8À‹š–x˜öðEÐx»*£AZX‚wà0 I— ´¤PqÝ¥8"­ˆ€x'±œ”&ð¿—MÝˆøÖdv	ÐÍ€åL©±¾iq«:pŒŸ¥‘ËêüT/  Â†ì“—§óz¦u NÉ·¦íØŠø·ÉòÒýÚyÞ.Hó‚4oPç)ñŽÅóLS5’"	Yáåq„MÛ~È÷“†ÖT¹ªðò†êÎË7z3ê‡‡ïÔã“3—5csÝ0UöÀST„˜ìfZ[Hõ}©ø¤ÊªJ‹2bR?¿ïÑT®³KØ&i†žÕ†® jHÀ20af:Å¬IC¤Ÿ ÝÃ5LQÄ)$Æ–Øäv×Ëv*œ8'Ø|âIt,*	 Äçµ4X¿ëFeˆN }{*ŸS¯k\KÍf†×óRFþ;½ u¿‡&ÜPcãåÌ„¦–èÞð_™¥„X` yÏÿ mŠâ#C¬ö>jÂ^ýC…¹­JyW½2µ9 ñGéµé>Y2ø}r{þb7² èÈÄ©&­ÂìÄ¹‰~è2ø…(y	Qº×gzèÆôôÍ	}ÕAü2ÜBtÞAº¼œ#[4\$ß2÷ÔÝâE\ížüÐÿrw"'¼MJÎÞ­˜éßŠX]ûôŽâÔ>á=•xœuSMoÓ@U×-!­
‡)‚¸²LU¤œ*E„øºPTŒ=nÜ]ww]Z¡Šß +®ü8sà7pCâÂ•?Ø]“¤QSßvvÞ{3oŸ?®|¹t¡ˆ“×ñ.BÊÉ!¾¿xu°¯76kCy\ l‘Å]"$ÉËDÂ[ß³5°ß³çd’³2LyD3/^	F{LŸÕ·…mÇ\¨V½í±ÜSƒúZ:a9g<0´$Ó ý>t:¦àUGèÜîøÞ‰ïBaÐëƒˆhKÖMäQ¥@>†–çƒÛ¬”ÿÔ×üªÇNÔtvV'úFÅzzõÉ¹OŠœÅ©j×[]+¯×&t7„—,=Â¢‡§ÈCH•Håcm’úµÔ
+ÜÙ1*äL ~¸«!{CÇROOIÐý/3È™0Rã¦Vq”%§•cž³ÒVÇbŽJ­P?—n-Ïolº[,×›M¯·c‰Uùvç;´ÜË‚•<ÁR’ÐXF/7MÃ,xN§`ñÑ^Ì-Ù»ç…)ß´.ò}"„F Tj«Ö§ù³pÀóœªö±móÞiª³}Z(ðO|?+i:>ù4JbnüC8˜¼ä¼{%w›ÄïÖÆµBŽ´"vÆa'„ÌdÇTÿ tÙ[_Ì¢ûñ¾úìEn=0ÿÔoïZ-S½+ÿ TH£åŽsxœmÁJÃ@†±¡`WE/õ<¤õ ¶ÞjQÔ`ô"B»lÖvÕlÒÝM°ˆô®§|ßAú}wC"vOËüÿÌ7ÿ|.£µ“'<¤à	Ódãvº	¸Tàã—s÷êòšŽ#*ÕqàMàö;ÐëA{!5	)øAL •ˆˆ‚WÔpƒH
ÙÓUÆ‡0x”ïÚ2SìjœèÆ±bÿã9èÚ^)içB'ãgæaE/Jä– cØ)wHæ}¤K»9?½_:«ç¿v­³n„
T«§+’ö@:«ÝM³\DPrGX,ˆç`5X/ÔŠ	—5Þ˜A Œ+c,`”¾aŸC…Ï¤ÔxYø6‹Q¥dŽ|5[ÕuòèÿÖLæ­TYÍº	ë¤ïÖÇjõxé‘5û1=¯+¤xt ‹ÿ100644 handlers.go _î½Dˆ¦Šuï£›*5'¨ë100644 service.go °G€Á6áÃF½"»Ï‹šbf100644 validate.go ³:Ñ7Õg²_
q{ÙCª8â€ÆäûÈç.0±ÁxœåÛr£6ôÙ|…ÊÃd¼ðÔ—töa›4Ý´Ùlš4Ý‡N§£€l«‹•„4“ïÑ6Ä—õ­If’€8Gç~ä8ú‚‡1M‡ŽóŒ	ä9=—0–1îÂU’CäuJD8"w¸R1*î‚(‡Ãìm4¢¡ü|ï6Ÿý$¢0ÞÃ#ù/Ï²d¿HåD]½½’Æ!Ma)NBœSùËÏ³”w-ì	NhŒÅ:ØcÇ	™b¶ò×‚°‡ñ¤=Âˆ‘˜¤‚â„¯ˆÎIT0*pSá:¾ãˆ‡œ 81â‚‘@NO"?G7„MhDœzGÒâÁ…ºqžgP¤º$S³ƒß¡#cËà
þô‘"x6e³AÕ’|Ä)V,á³è££’C`Q°½1K°"¹=–ì#†a`Än!â÷GtŒ”@§d€Acž|ez.è
Ü>r¥Îß‚Á\‰÷TIí*¶|t‚pÏGàêºÑ¼¢ãwj	8Ó«è¼Ç‚Ÿ‰ðÜGQV¤‚•QpA¹xo|	s•ñ9 FÀS˜?¿Søh®ÎOŸ<¶¡OIByACT85‰1á´W3ûÑ,øó0á£¹²Ø0àZ´¢:LðI4‘Û\†å…ZX„6HðÐÆ:“÷M‘;™Óµ8bêŽA_XÂü®4¬±‡HSoà¢e3V$–ò®åmæú±¶±°„VÃGù¯dCZÁUr¶€êg´æhJîFYö¥fê³Y°ùj iÖX“j	>š«&í
§
`ÖIvxS$«JpmòûgÈ 2m@š0ëC¹ðe¨E	¦c.ã­NÊÁ‰Z<cÙø$ƒx/<”W>ðŸc†Ç¼ ªIL•‘ƒ+Ì8Q6ÒÛ{ é@}÷¥4‘ôzVåc¿IìŸd}ô¦À£Ú0¼2uHÙ9ä™Šà(€ÔÕˆ|›AH]Šÿà¦€l¦ymeeèlhên"+oèªíVÍ±~n
„b¼ÉsÏª¯ø—›O—P™àF`QðO¿žÍo·j#omÛ¬No‚ðóU¦þš¬Ù¶R ìi+â”DY\	ìŒñ}óÇ,~è£7°±ÿÃ¬	,…Áö³¹yS|³Ãd‘Cý¡ïh–Ú^5iq+Ï¸T“`§O)NÚ<J¯@§œs®úX8©KómŠ'Pñd…0ï&6Ï–«”®&5a
¨lä°B	®kõˆ¤{È¥BPQ3 ~lK•T:‘f˜‹
íe\ì",´béJùŸÐ\Ñtø—þ÷èÒØ=F4~ê˜ºno=	…ÌxÅ@§ûÈÎæöúâJf&Xr«^Âõ—w«ËLœV\;RÓ
åsãKnš	4îb›‰Ø¥ÁeÄeëÔj×F{µuÓÖ™NµI}=»Î¥¾V£Þr"{Å²	å°$^1O@†)Ä(cô_@³	â=<kB¸PDÒ7òšfWjØ¹ÆJñ›rÅ©ù -(L–Ò.3eÑNï³Ûö—×\h"ç. ed”tÎÔ¢Üó,Kb9ñÁ“î¨=aæSÝð@=U3^ï}éîÇmÆˆC×á3m]¥ìÎXÓL¯ÞÞYãØþÛ»z¼ÛºWùp¾R•Ä—ÏhÕxH•Ê0µ+“‚*;ìiOÞ[·¨LÜç§3FjY2!·êY—];¢e*9”˜f“i£
Kè5fuâ ±×ŠßÂœ0Ó4È5”\å¹À‘Iák`Îg–k¶AÚ~¨:@ÚO‰µŽŸ^Yä(™÷8Zí»ŠMmÍ°Ñ”5åùé~‚¦qûâÃ¦}*[ØÃ,ã[àPfÔÙP/³¶KU‡ô[w§Öæ¿&¿|OZ¾eèhIÛ:Fr3€õÚãÅGpYøx-ó…Ojì›–mµoç`™+ûÏ(Û&ÛZW;Z6÷ªyÉŒâh•ü$m¶ËID#ù‚S``CkîôE×¹põîðåßt¢hy7öb¬|Óºÿ”Y¿é}53ªD^#a*GØÐË8¥õ½‰SÔþ_yÒ¼.“ÑràïÊê!^M•È{#Kë»¸»£h®—Ö_¿Èa»]¶}ÍÙ›§o³_E ´ÏØó´Ô€]:Ó¸‘™®÷êFö§b¯¨­DÞX'j}[w(Í¨r×Ÿh²k³&æ’ålLÄ(‹û­a©ƒº5Û~ƒXÒ|öS-X1¾”‡™þÍøØ·pD_iqZèõ©úâöJÔ†oí*Õa“¥\K»†b[ih¥Oœöô…“¥³Y‹0­å@„ó&Yd‘'ç?s¸G\º¼xœÝ[ësâFÿÅDå£`—ÈÙÝdsç+>Œ³¤lì|{W©’°•€D$áµ+åÿ=Ý=O½xø±›Š«0£Ñ<ºý˜î™aå¸¿9×>[:Á¢^–«(NY³^³Ü(Lý»Ô‚¢º‘„×‡¿&QHqÅ	–æKj±ˆ®øgÕáá:HoÖ3Û–‡¿Âèîáêúîðö;«ú~­¢h‘ï¾^¤A²RŸJ_Ï ‹z‡P‡ÎâÐY‡¿¯ýøÞÚ¯2{èÆ¾ç‡ià,’=»'¾»ŽƒôÞY{°ßª×oAëÇñ0JO¢uè±ì_‡qÌì¡ÿ©i…QÊæØÊjQ§ËÄÇŽqt$Aú^I§54bØs¥›‰þ]×…ÑÒüÜÙþoÄò“÷4—¡sÐ8³…Ÿël€Å@âûU
°µî £éýÊgc?¾\Ÿ%i¼vSöG½æÍ4¯„°íøW¯™#¿2ì3'ÅŒë5‚YvÎ`oŸF×ÔdAß²	<É7õú|º˜T5–	mÆ'(ºÍ4I‚ R*[ì•äØýt‡¬!ª 8Òx³6TÃ§ÁD‰ìGXË™ÕÄì±?w@U›-û#h1H+;a8«Í,Tö¯N‰Õ‚*ÍD‘Ýb#?‰·>êâà¸é¦wL¸ »Ç¿Ûþ‘ŽQ¶àZ0Ú\[ZÈ=ÃšF­ê5xÉŽ:,±½™ý4ØQô	§h³«qÿ´ß›°Àc'£ó3ê˜°ú£¾šn
/;ìàÍ•IAË»NØlð™@•ƒ9ÒÀ¾ê°0X ¢ux4¡Ôf w›ŒæOˆØš–X•š"´y¨gšÁPˆ¢¬â´qZD–L@Xdr$©a²÷ó/Kgõ3è'¼'i^¡‡=’¦šXWõÚ…s„Y¹:[Wœù©#»¬Tm;Z‚ëZ®Ò{è^*i$JR²£ :'v–‰ G¸ 
Ð “×¼¤Qê,xÎ÷ßnÔ X(Bïür8i¾jqu@åJ8 WDœ+Esõ)Õ ¢±T„€MÿxPò -¢Ç,[ž´ÃYúÐjsî¡{	@¦7"—,SY`:n¡ÇÂIÒirºS'%oä¤¾e½ˆ{">µóÑqÄ~ø¿1ëŽ{ðætp6˜°ƒ·ìüädÜ‡Ò»œRE@9@›-õ|>Ÿ'>T<âšçÏÁã"Îvo%~Ö˜šâP_:¿ùÍ¼-µÙ70Ù<=‡@d“[;êäi|PÂÀ’ra¼kÒ%±°­]T‡ƒ|”pº)”ÿA*‰®m8{ƒOßó74MAC’€µb^(êéj¾Ö¿ó°nÄ•ü™±ÃœÕ
â›¦¬i³,š4žxÖAg!ñPæ<XÄ<
^,ÉT)¶ø RÓqÅ¥¥´ª5Ç–² l-¹§qLƒ€—Kë¬u¤…½Z¤M9€»o¡Ûjô%ï¡›|ÆuY!	õÚ]Iƒ@¿-Ý®Çjé(ºêq!ÆÞÙWÇþï¥è®#w’–®×€Jb›aX§ †XËCE‚û›¾ÐŒ‘ú<`lY6®¯\sðéÂI’OQìmrÆŠ[ö›‰+*”ÁpÜMØ`89ÏyÉ¦p»xe*bV$Šé"É¸j*ò÷T¤÷÷èUÿÛ=½ìYs/oÜgŸwðù>ßÁç=|¾‡Ï?áó/ø¼ùÿ‘ãõ'—£á`ø#^pÌõPÞçÜþŠc|œu/¸ùÉ§âK>MNÇüa|61â“nˆOÔ4¢¥¼ÞŽ"–U$œ*«øÑOw4‰¶´E3dÍ/Ù¥R-v‰fwXó76Bö¬;<~Ü"þ–9Šé²xgÓ
ôô8:ÄñŒD8>ÓÛœ¨s«ÍSVšM®ôØ_ø;»Ò2½!Wð+=(¤NØ7(¾F"ü-Jöï|WhÕ1ÈÒ/Q¶ImÞf5aC¦”#pŠl”ow>÷]XJ!„‚•á³CFÎb)áé´1º¨Â”:8ÍLÖ}ö "p‰SšÒˆ$uâk—zËÄS^Qœ’&it  µQelg~’@ÞËùI°H¹¹‹´í$Zx|{Aº€nN;òÃä?Y½%ñ[Šf"ñóEêù+üéÄÏÁ<Q¾sì1çààÜ”Aš ™îxæ$>9X4Š+•ñH,—PóÓù`˜³‰¥ÃÎ¡ÎÖZÀ0O°qa~žŸCB_Sòñ3)£á^¼;|ù¶NöÀñ°µÂ€aXÙ…fïu‡Í—©=^†é¼i‘%ç88ø‡ºÍÇÇŸˆÐÁ;<µ“‰vÐãõki ¢Ðé=¨™SrÌH¼„½6'›úg¥a²Æ3Ë7­]¹ã”çY+Ùo ”þXù‹½fŠi39(YØõPDdbÛvvû *0U;“F, "£Û‚¼¥KßÒNÖ³_ÁíbqGË©ãy1>¤1K³=ð©m N¼íÂ¹¦wšû*Ý8K¥©ãÞ,}
6®LÆ¡œ¶Úàã³ãþ¸'d„²”é¿¡òû5šG™à¶nlÙJQXið7¬b—ï%(gòø½%)!†ì–
¯K²K#üNÀkÌîS_¼&ˆùvµæâãÂƒ–™¡@]-G¹Q½Ë kh"‚
(qíi(åiˆÉRuÙ	«wJ§°OÁ«4BÖlÛeÄã®€dÃB6 W2{ä|Ó6%w-¾AF%mÛ |ò-8û–`ç@Ð „T
L,Ž	í7pp¬œYÁ«,\Üw¨teï¡›|Æ}…-ßwðåÑ°7¬zú–$_Ô­A´ h÷äk™\QS:23ìª¹.èŠ=£¨JÕ$â]TEÏÍU£Éá.YÝèÍLñarvš©8A TÕ)·O£êaÇ´p÷îºEW?‹¼û)Z<Ü¤ËE‰ç/FKì‘±’m¦œDbª¢,1áÛø†
cå¼ð	Å,Š“Hz®(sGF/	*¢eoáØ°ÌE÷ÈsëÒÝI¶—— ÊíI\Èí•{=Ž:=×­xÝsyá5ž–R5QÍ±µ”Ò‰jÂ¹n¸Lqí65ô[ÜËå
)áMËŒL¿óÎ¥°l)û–È¿¼8îBŽ-Í…,v"GDõ‡‰‰4:é°áùÇf+·qóžY>Ú›+–+ÏlÞq[Qœ¶™ÏÂgSã*ù|÷)ÈsJ‡øE„#½í_J6|‹kçÕ¹JR{I&³7¥Å“Ù˜zä‹KÈßxG‹3I÷7x‘ofiæ«6³J¶ÉMì;ÞvH©ÝnáÚ®‡ßÛ"žª$öÎÖô¹â˜Z>E¦ò+ß®Û¿™(áË¥§Û3R3öÝ5ß¬Ì0«óHÇçMEâ¸-1d¹¬ðq	Þ.G Jaa.­Tz{X9‚dS(5È6.™[ZâØ8Ñô¡1éQê¤ëD5Fæ´3H£ŸÆçÃ6›"ñ™'7Î‚}!­×\wSCëµÙæ6?¸.Ú„ ¤Ã, oí{–pï¿ƒ.ÞøÞzáw³ÎZµOÄ{ì‚)õÎÇÇÑ:EwÆ¹±v7¸¯#Ó4°ÍtQi ‘º‰[Ncµ€7‘Ä¾%¡Î´´+Å8‡|ÛnçÂåW„–Ž¹.¼ZÑ'Òª]8U–!¢ÝÕGKRüR~J$	 É8ç‰„|ây1‡#Dbb ‘•ê–Óä½ïû‰k¹ë³õÂ…¿ŠóiI¤yŒ4Bó‡?T'7!ªblö‚G9DÆ3Ü÷S,¾Èe?Bá©÷ØwÏO1öÄK~«8ˆ0 Äcƒb@P‚.CŒË}K'uo¦¤}c}t˜"	ú,WùÊP,n8—O»Ä—f£ŠU%"ÈÆ;ewúH.=º./Ôyûe>-õ†9gCÉÝ¼Å§'¨Ž†Š@r¿D¨©ˆ÷»²')¥‹‚hê é.	”ôË±WµoDLUzOì•âc0£ÐxdLUa¹ù—¸¢áƒØçÐ=yCœßÑÃw²\ÕgÓÍ<„|cÐ¤E‚·bÓMm»B,u-•I£òûw€•:^ÚìÇ¥óëÿo0žŒ¥ƒz³ÿUôWW…¸B$øÂÚ8a-mŒ%F£–j²h÷•`§ä®éº_qË°‚Â5Cn å±â„ya¾â-ÀÒû~Æ¯ó>ÆÍ˜­ü5À‹\u„½Ì­=¾s¸ÍNÚd–y{Y«¾Ê^ÔÕYÉî›’Zè¸š¢ˆ;(8)åJPùÁÊR‹½ƒb’ï xõ>f'¿‹Ù9xoÚMçàûº´™2±RH­\nAÈè¿ÐÎeµn”m[fôd÷=ËÂe:3ØÚp“î3¢õ%¯Ñ!›˜òà7ß€ŒWm8RÚóÑŸÝDÑoùÌGVoÉ|>‰f/˜üHJž!ÿ1y}îH 1E†à¾ØožL&Ÿ˜­c<ŸöÓ›È3üà‹ñûÅ~ÃTYyî#UþÉ¿a2ÐÝü[¥­	Ô‚RÙJu‚RÊ0Å]Š;•¦Èšý2 	ˆ0‹F[ŸœÂÊß="¨V÷’÷¨£â3	ÅÚ3ebìÇüÚGt1RN/JSŒßÁ;››b¢¼Ië)qÁÎ¿ÁÉx	A•Ú3åžõ§4{þhærtZ Ooqò]MAå‹Ï<@ÚQ5tŒ$pb˜T”ÞÖhIMüw˜ò¸`Ü$ëÈ¥i6×9[¢…1’øuò/t£·1XCý	‹?ªî±œxœíÛRÉî¾¢ñCb'Ž¹$d	Ä9‡Ü
j!Ka³çPì0Ó@oÆ3Þ¹@(Â¿I­žé¹lç\j]I¹§[#©Õ’Z’ÅÐq¿9Rå/.ªÁ0ŒÑ\\hÈÀ=\,ÿ‡A&j ñ;	-ãKfœF4Œ“Èƒ+Âû1Ó@6xÆ*¹LÏ:n8XNýDÅ©J$^œ/2ð–UÈ(püeg¨ðÿ•ã+ÏIàõÖâ"`‰Ãó}ÛuÃ4Hå_©Œ“÷¡w#ºâåšxûV¬®±¼Œ¿ª÷ÜÔ6$|ºba× ×Å>ÃþKž]†á·"âÕµÆ°ø`0¦¾Œ‹¨»bmýuú³ï\Ä{Î™ôãœ:¦mN²/CÄ à¯_å¸aük‘íéx2Š…Ð¸×VhQÏ~qrO"[\m­þîøi¾Ü«oÖ4½ôìOé&´ÖoÞlÐ,²õYIß#èW,L`êŠRe$ÎpçCo|Ba
¸mæ-ŒCyzi/²¬ÅO³G1*‡ÞEÎÿÇ×aägY %x^4EÔpôêÊ‰„ãûáµôø­}™\†^ gx¬µù¾R7¹½»M>ø­×ol
q{×Æ§#z0OÛý;ðŒOw‹‹çià
PÝÄQAüE^û*ÍXh¤-Rè@É$žŽ;ø…íà¦·Eãkô5h´2|Æ.H¦tMt[8žeÈŸY&Ô!°ÐAìfû‘ô†Ž+›¸ÐZ\PçW·+|Á°ødÒ[o
fd_Æ1¸—MÑˆÀ>T$½ÆÝâÂ!öe ÉˆwÂÖŒi¨$a(ü0¸È©”…®)NCCÎ$†NKX—Q$6»äG;8·„àK’²ÔˆþÇ¡_ì0Ø$\ä‹± ±Š¾ µÔå&&R¬S\Ð›Ô sR"£ÕÅ¸Œùj‹&§U6IZ“Y*p †¨Fp£j-Ú=Ð<lá+E—_4î8ñA$ÏÕwÃâ1°øä‰½ÞKÏ­õÞ‚
I:l/£*œxùmM1Ô±Oh+ü6°í~IÅ¿ôðlÑÅ³øçjU‚¯\nqû^e”Í&ëMäÜñcI >öIô†¾J
˜ÎÃHœ¶"däÅñ›·ú,Ðbh¦…ÔVP­©wâõËÂQ0È½`Ç+'øîÓOémšÊq¼XÍVG!b>£¼É±ag7Þ“	~Íˆ.Ÿþ¨ däÙˆéi¡W(ÉÂQÃu-+ð ‚\Ë²˜Û‚‚_ˆ>ïw‚À5B F~Ç Ìõõ—ëS©ê µ8“ð/¹–àÙV…xïxŸþ|¥å+è²ýÛD—9É«.žPµææÚý;Ãä|ý:S›—gIn†R¸‘\ÅEèø	›”E-þÀDk³n¨ñÇâ…CÕeI9¬Dá•‚½´>äiÙÝß>ØÉšQÎž¢/10¬öHÍ†AÍ60ý½žÐ±“ø1‚ôöûu¤âA’“B˜RcH!L)‚aR&þ/‘JyšdÃÉ@Y6< 5æ“ŸU4T<«;¾’Ùü®*>E8:8UL#<RœXŸŒÐ)RI Ò!X"‹‚ÍÀÌ²%Ø)*«AÝÎp	m“' ä¿_}µ^ÕIv1yè¥k²
Öº6ñLópŸ{öu>š¯g^=ú<µRS0z;S"¹*j"Fc§'’ß&–Ùä;Áå™É&ßÉlˆ”/‘Ü¨4%czt“Xyø(g¶ª)‹&ÊV®ÿ(Êhg<Ï‘QMDÍ¶YÁåQ²xƒ¦Óé´2¿]6³ª×gƒÞý˜9öÌÉ9zéT¡ƒZè‡Â|ŽOŠ~,	àƒ;Àuà½ëŽ8Ó\Ô±n™Üãê%ÂCµ§ïIwNX3p;ýý½Qp—É€n®ÝàPýÜ`N§®ê-öÜKé¥¾ÜNÄ3jøã¥S'©qç½ü´3¯žÉ,]y5XBÍŽÚšïÀ-õ¨¦Z¬·®*°%J ˜5¸½ÓVÕQqÛ
§>¸z	”×H±Íä¨-³yü†àŒí8	qÀXÂ@ŠŒ”(ï
Å®,§Ð›1yOÁ³LºSòžfØ~Žâ¹à
vg7	¦jÁä¸z¿oá¼c$`¯ÓñçºsåÝÅtžÍ†ÃLÛàjÓ^ˆƒ!«=æç6&2\ÈläEïé¸Èçø@;>È9áƒ"šÌyWÂÖl	ù{ófcJ¶ì»`ÍçB/Ü*EKøÏÖ×³ü1ö?¦/‹×0ð_RËYM®ž›þU®´éùJ¥«m5áÇ‘…MÇ5øÇ lrL½[)þŽQåQbBOlDÅ[¨U£6zäÂ¥[ª6ZÌñÅQÖ*.5ÚÅÁ)˜.q=ú®©;ú6•ó[f¤Ðï³U éŠ
œãìH wl°qO|þšò\Ž_³?áé#pñð5g|öU‡/˜Ø·ÆåèåYëmiæª¡‹AøÃñ=…¼Q¥¼jÎW›ñD*ŒT‚Å
Ù(ëO¡Hbá7›-h’>E0Ç50õ%0Ü¢]ÿ²¶<ÿŒI¾f‘,Uª]Å4B€ûÂ
­¬’[Ö0ÿz¥ùv'©cŒ£kéÁ}i"S7z2ÒF·ÆÐsùE{ÚGšêD6¸£Ø®S©"Ÿ:´2_K=Êvhß-[êß–ú¿e©ú†)öÚÕ«U)Ì>%Ë=:Üã¡±K€uk×8àA!|¡£®Øf9‘K•×L¹_o$® h°CgÑÀÖš‘s=QÂ‰puù&Ìë\‹ œR¡ÜÆçšHLsmåÕÆTØÇÿ~K”¦!QÌÓ,M8¥æ³²ÓÙQÄú5¨·Ýmî…×2j¦­iâ‡Å–Ë$RÁ¥4Ow”ÌcÍEžvvÕÊ5fã„;š…L©e"£èRøw¤x|ÏD¡Ï³©­=3²¦išem¤üRÅåçzÞ9bü-}¬æ½²p°½±R`¿t¿=ž¶Eø~¨kj=Ö8N¶Ä@Í€Ú
‹†k—ú­èjÐµ~·QíƒEÅ¿¯CŠ2RÜÜÊ|¿%çcÙóçô‚K†u¬N¸, +ß×¨]Ç¥‹ìû/çÙÃÓæÓ|Ü²Æo­ñ;cž¨ÿi-µ­ñ–5Þ´Æ_¿Z"®ekéØŸXãXã®5¾-¢º³–„M>Ù¡5¦UªØRÞä+®zNTÍ NC¸RÇúl«æ>._-´ÁKDJÆå:‡þy[·MeµŽK‹=ÞF‡¡ÅÆúY×3ê6¡çˆW‘Ý•…*F]WU©Åÿ'2ªÅ9šÓòí®…[S2²Ú¶æÍº¹õZ•ç¥G¦ùþùÜ	Â”Y47Ð§¿RÇÿú^Skw›˜Aÿ_ô!
çþU¾2Nóz½H	íKO9Êâß*GD3ÙíDÛu™qLô~õ†«}Ÿ÷Ü÷vlÞ¤?O™$°ùlåV²Z°Ñâ¨èÜ
¹ÀC¢bzP	èÂ
×–0¥Ð~·y|rvÃ{k=,LMÒý9Ø$í¨¹Àízb1Ûf•4§õS²°ÿ é'÷óÙÉ$örî=¼yÊtuˆ9ŒFÜzØb¦jÏzW,:`xú€Jc¼bŸ6"¨A–y"¹ªÏ÷2.Ý'Û‚gÉ;ôDYÚ“ïÈÈ¦6ªþ7CÐ˜¤xt ‹ÿ100644 handlers.go ªn0yT7ƒ2€Ú'`óþpIT100644 service.go «Ä=mP£714$÷‘´'†IÅf/100644 validate.go ±<VUÆÙv+G²øÙî¬è€}ÓÔñm9.Xæ4€º;xœQMoÓ@U#ê%DáBÄ4X¨²#ã Ä… ¤¤K¡­B+„¸°8ãÅízKõÆ¹hïˆ_€Ô¿ñK`wm‡òqÀÏ¼73ûÞÌ×ÛŸzcê/iˆ"ò‹žµÕ-ydC¥ÇË>ž;WT,.¶û*˜!jÖäY‡âVëÑÕšû­aÕð¡µwæä·Ì!Ëó´0ˆÜ	CÊq.s›ì7~xª~Þt=äù3]þù¡JT1ò’eÀÈš Ì|­ø¨@fù	ÓTJw':±µÆ3-RÕxYÃéfÈNc á$exÓÈ¯šæ¾*ß;Ü£)Ž6 Êº›Ò85¨Î$¼ÞH³"¼ ™øÜj“_ŽÅ÷Î;ñ´2<Ïñ¤Ä‚#€©•rÌø³Gpw”nñƒ<Ùf?dLÁYœ(Â¨-Éh-^_»c¨‰ÖŽ,ç×go‰QJ‡0ÿ¹-»b\¯x™/`œ•H½xG?!["·Xù—.fÉ©Õ
@öŠ/Û7ÅÓNŸ¨«îûÝgâ>¹×­zNßh÷·›KÊ%ÐÝêÐê?ŠÝ£ùì€2*ç;`V”iëu¬j%+šÄ‹Z…7µªeðÍhR ù·ÅF[=ø²½^7DY´ª9¶¼øOíè'±*x¡^ýpackage meet

import (
	"strings"
	"time"

	"github.com/google/uuid"

	meetpkg "github.com/ultisuite/ulti-backend/internal/meet"
)

type Service struct {
	cfg *meetpkg.Config
}

func NewService(cfg *meetpkg.Config) *Service {
	return &Service{cfg: cfg}
}

func (s *Service) CreateRoom(name string, user *meetpkg.UserInfo) (*meetpkg.RoomToken, error) {
	roomID := uuid.New().String()[:8]
	if strings.TrimSpace(name) != "" {
		roomID = strings.TrimSpace(name)
	}
	return s.cfg.GenerateToken(roomID, user, 24*time.Hour)
}

func (s *Service) GetToken(roomID string, user *meetpkg.UserInfo) (*meetpkg.RoomToken, error) {
	return s.cfg.GenerateToken(roomID, user, 4*time.Hour)
}
‡záÖâ€¦,xœeOKAÆÙ d—Š.u¨ËËä†¬ÚIÄÄ:T ÑIÈa}µIwFçO á‡XöX}?A§[Ÿ¡EOžÞçžç7ÏÌj÷³°?£Ñ„ŽbDºÄp‰!–Õ’‹Vò}z[ƒFªÏÓ‹B$‘jì
wqnPiPZšHÃ‡ç>ÐíÊøoJð:áÙxËäçøÌ†ŠçpµIÿ2±^¨‡k‚
ž$‹{YE´¡ÀÂ}Ïe#È}a„ØK]‰ÚHœM=w™lù k8¶…áºÃ{9°hs>4¡z]K+;wy·Ü£RÙ'Ôh!`*ø˜”2ìÒßà6}Ú‚kÊ¸jñEÎ*)÷eŸßâÎ·pŒ¿Ó)BôJ%4J•®œËûìÎMQæ#ýuš{k:Ï+_Ø0ýr‚öƒŠ‘©x¹ Fÿ100644 auth.go î¶ÿ))ƒh0VMµ´tvº4!100644 logging.go ‘‚cd£õ^ÉN: Ó>&„×100644 rbac.go  ~n#Ó½XÒ>s@Ç<8Íì.100644 trace.go É…2Š½ŠêÊká7¥‡5ìÄš×100644 trace_test.go !)Ãƒ•l2	¹j}6Ã>%[´\=D§²§xœÍVKO1>g…ñi¥›;R-‚R$U9»“Äí®½õ#$­òß;~ìvSTZ¨8$²Çóøæûœ‰V|e 5/Ë
î™‚$áu#•!i2 …Ö†âR€-iÜZÅÅBÓ×n–v–²ÙÊpm¹¿z3ÃÜ ÊÇJ°jÄî>
t#…úÄhk–OÑPXÅÍ†Ù’cY’˜M¤0ë°!¡‹$Á&µ!EÅx­=	6lsnEAÞ"€tŠÏ9(rèðä·q;$¾9Ü)™ŸËÅTF\|êØËÏ˜@¢ÑÔß‘É@±JOœ“ÇÝ[ÿ¾ýÔÅú÷Á~™¾CD#¢Žöo´É|¢Ÿ“®«ñ˜^û §UîSœ(%Uz‰†¡ÀµaÆêkP+^À`+Æ+6« éèÅËy;ÔñÂð‚.±¿éÐÈ<˜=è#tô¦
ÓûKšf˜To´ìêð¶p5&¯Ç|Â@9$5k>…;ð™‰ML< 
˜–‚Ú²2ÝÁÖú5ïã!Då7Wçù%n»³ÌR–xªò¿Œ'ÛÐÔÖ¿wßK`%Jp4Æ¨3¿ÎßƒI©£N*þÝóD³(YôFÁ(}¢^¨CLéhØ§Ô×yÙ©ŒìÖÁLXß‘üƒhLH±©¥ÕÏ¤[„9Ý9ma¾˜~ÆÁ’¹´¢t*Æ)™[s©`Î×i€€¿œ´Štb„ ç–ñƒX±Š—¿ËÈƒùµËaþoÃÐPþ·Ø0ê7»={É[]ÀÁßÌÏ?rnX' /ÿŠóx¦±0Ö§sœ›P¾ \û[~ ã m~mgûÆ .h”B½8ì1Ë‰ÛGˆôõP[¡«xçÌÚÝµøÜÊïð‰sË*ûÐãÛ¤]úî±»¿`8›L.ýíò	Ú@Ì9GWo›lãcæØ'8U²îùu ¢-‹¯œàì¨mS×¬ó ³C–åi?$ëÞ5ÁËÿÏlV{¾&xœmQÁNÃ0=7_aõ€ÒiÊî“¸¢!LÛç¨õºˆ-	©KAÓþ'©E\Zû½ä=¿ØëúM·gÓ4't@!ÌÙ»@ EQž\»èøSrm‘G"k2g,E%}y„€w¶Ã×`túšà"Šx\m'¬(:ÒÔw`,‰«‡ÞÖ Ã ³©Jé¿BÝ`µk0Þ¨¢jÔ¨q‘HÈÔEý½\ýx­]ÛÛJ‹ŸiÀ•¶œwÉ©vß±„Œ:r€ÒÍ!ÀlÄß{ìòÀ12?èòâ»©'7ÈŠÑ!hï±‰øÍ4üeªº„a9ò2»îRóüÀ¡Š"&Q;¸Úï7r”åQªÈÆõ©{{p²y¦rÎpQž‘Ž®)ùœzLe†½¦c_¶kµá&ÃÙž‰Q~\A&›>h2Î2îŒ­Q¦ÔU<Ái¯qß¼ðÍÌµXxœíRÁNÃ0=/_azjQÉîH;LchqÎZo‹h“â$l€öï$mBH» 9ö³ý¿FbPË²¬p+“u£ÉBÊ‰B;ÜXÛ$Ì?ÖÒnÜ’ººÊJã¤ÅÖºXú*¨Ê¡TI‰j(¡i´2˜œ–Ý ÕÒ©UÂ2ÆVN0Ç'çëÍu…)ùË çüÈC ƒ Ma>ÊDÄ/xcBëHuH…;?ÃøØ?¹mmçŸ÷s>Šr 8ïýOÍÚBƒ¢²6p9‚IkMI×í‡ÞÙ”øÁÊ²€•+èá£(YuÑŸò¶Ù‘¦të[æ•;+¬3÷J8»Ñ$_±Ì!ÎšèÇ>vŒH\ôLòÐ±¥ÑOÌ}Oë,úô™0cõÒî¤cË¯I»Æx:aE~CÙ‰Ä§š–^Š¨¾g…“ÕÁþoX0¿CzÆÙbqÛ¶¸½¿öl,­Û¹RßW;*bõ¾*|Æ*ÝÇ¿ø~_|ÑÊ¾êïx[[†ïg áW½xÝ"þpackage middleware

import (
	"net/http"

	"github.com/ultisuite/ulti-backend/internal/api/apiresponse"
)

func TraceID(next http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		id := r.Header.Get(apiresponse.TraceIDHeader)
		if id == "" {
			id = apiresponse.GenerateTraceID()
		}

		w.Header().Set(apiresponse.TraceIDHeader, id)
		ctx := apiresponse.WithTraceID(r.Context(), id)
		next.ServeHTTP(w, r.WithContext(ctx))
	})
}
C ž´Yx”kúpackage middleware

import (
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/ultisuite/ulti-backend/internal/api/apiresponse"
)

func TestTraceIDMiddlewareUsesRequestHeader(t *testing.T) {
	var gotTraceID string
	handler := TraceID(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		gotTraceID = apiresponse.TraceIDFromContext(r.Context())
	}))

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	req.Header.Set(apiresponse.TraceIDHeader, "client-trace")
	rec := httptest.NewRecorder()

	handler.ServeHTTP(rec, req)

	if gotTraceID != "client-trace" {
		t.Fatalf("context trace_id = %q, want client-trace", gotTraceID)
	}
	if rec.Header().Get(apiresponse.TraceIDHeader) != "client-trace" {
		t.Fatalf("response header = %q, want client-trace", rec.Header().Get(apiresponse.TraceIDHeader))
	}
}

func TestTraceIDMiddlewareGeneratesWhenMissing(t *testing.T) {
	var gotTraceID string
	handler := TraceID(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		gotTraceID = apiresponse.TraceIDFromContext(r.Context())
	}))

	req := httptest.NewRequest(http.MethodGet, "/", nil)
	rec := httptest.NewRecorder()

	handler.ServeHTTP(rec, req)

	if gotTraceID == "" {
		t.Fatal("expected generated trace id in context")
	}
	if rec.Header().Get(apiresponse.TraceIDHeader) != gotTraceID {
		t.Fatalf("response header = %q, context = %q", rec.Header().Get(apiresponse.TraceIDHeader), gotTraceID)
	}
}
(bÝ×£xS ¬ÿ100644 paginate.go *»ñ{™±üë¹-;µ6„?‘"100644 paginate_test.go ]ùnä¶ AÒ[—¯iÜç4§Ê+¸¯"c¼xL³þpackage paginate

// Slice returns a page of items and the total count before paging.
func Slice[T any](items []T, offset, limit int) ([]T, int64) {
	total := int64(len(items))
	if offset >= len(items) {
		return []T{}, total
	}
	end := offset + limit
	if end > len(items) {
		end = len(items)
	}
	return items[offset:end], total
}
ç¤lx¾ xñýpackage paginate

import "testing"

func TestSlice(t *testing.T) {
	items := []int{1, 2, 3, 4, 5}

	page, total := Slice(items, 0, 2)
	if total != 5 || len(page) != 2 || page[0] != 1 || page[1] != 2 {
		t.Fatalf("first page = %#v total=%d", page, total)
	}

	page, total = Slice(items, 4, 10)
	if total != 5 || len(page) != 1 || page[0] != 5 {
		t.Fatalf("last page = %#v total=%d", page, total)
	}

	page, total = Slice(items, 10, 5)
	if total != 5 || len(page) != 0 {
		t.Fatalf("past end = %#v total=%d", page, total)
	}
}
¡ºš	¤xt ‹ÿ100644 handlers.go >7IËñÍ±%ëvú¥«1p÷100644 service.go óÄs.]cÊ$®ä*›fN{Øðg×100644 validate.go N»ZÅ
sN0ßÂ½©õáàðO-øê@€ë!xœ­RMoÓ@UÒÄ7!*EHR²2Ø!µ%ŽEˆ–”JQh+„coâU¯YoEUÔˆcÑþ Ž=Vñè/€ŸÀzí¦I7N»3ófß¼·ócùdévh;vÁÐ#ŒD à^H(ƒ:P5L´o#’RxÐ…_ŽëJñõŒÅO2ï®:>Fƒµ	ˆ/f*I–ïd­¼,ðÙOù–¼-Îí¦7Î:²£±H«CÏlâˆmÈÐ *5_cæéÙ®a>GL×¬jÊsksl1¯ßk6öeûÞyôn¿ÝïMÉÐÐ'Ø!Åf‹D\½úÄvùË\¥zyYßD>b(œs÷òÂÏJ6ÿ\øÀ•ù›J¢‰ÿ.Vøwõ~Ñì0y‰ï”×ù*xª¤g¥÷Ë@Ån"JáÚ#ñz4pÒ	$Ã¯âÒ
5ŸwT‡Ô|!ô!šl€	ËW÷F!Ò~Z¸Î—Š}Ù+ùøvyC°­Üi_,=;|1ŠƒîÛä8Ô°«­Aìòå†:q4–³•ŠŽÇr<lî¿j¶lj÷tZ‡ZZÓ„õ¸éôÛÇ®x#ªzŠâÇWš5 ¶¥‡]+ÄHü¹0nþ¼õ´p÷h›°g¤¸úPx ÈÂ`'NÄô*E¬O Žê¢¢0æ1>‰n  S×tÃÜýË·xžX1$Åq·Æ túuÖxUQÁÔ§ÿ,µÿ¯7·$pÆ”):±7ªe#—þl—+…kük.Ÿ—‹=»€Ijv“\²€þ u'V¨¾®xœµVKoÓ@>Ç¿bñ¡²+ãr@"å€Z	!ú‚”BíÆÙ¤Kí]g½¦„6ÿ™}Ønœ¤© bïxßÌ÷í:%Íîèœ‘òVjY/J©4‰‚A˜I¡Ù/Â#—ø[iÅÅ¼
xžs}[OÒLGu®yUsÍÌÓë	ddbzÄ!Z	šÑ’•tÎÕ,|yè¢fj	qay7'/É`£Â ½,3õ“gŒ@/u¦ÉC0ÈrÎ„&‡MþôØX‚UÌj‘‘svï¢¢m¾19ô‰!£bºV‚8Óƒ{_abƒå}U1]òJwàX#ÁëÛ÷¶Ž1£ñæG%Å0¤Æ-¼	—HŸ½ kÒ»\ 0Àœ;2Á¥ f²ik8cšvÜ5‘Œ·(õÂýL¢ªé8&Ø…eúqºIí=!Àâ'¶$V>	)©¢Eåªcì¥1Ä$j’¦”T1NÄ¶j,d8"Ujç˜~`ª¾ŠOm±'‹1ÿÍâ`Àg&Ñ«<Çôž®¶øÃÊ«`0ã9(‰M±²}v5=*Wá3¤ÖRÓ‡wo£œ‰È‡Çðº4ˆ®ÑÁo‡tœ£¬¼WBÞ$d=¬0ÛÕÐlò‚›:Ò»C°¯›Cÿ
ÉŽä\ e˜G+Í|R=ic_šhîJÓ¸ýO­™«µ¦Ã'Z3ÖÍZkªú*;ÕÔ¤FM6«¯ÛQ“•K£©­’q!³H"ŠÃ)‡YF]µPAfÕSÐÞ2éSóµÌ%eîÅÍDN—„Ëô£S¦ë/ôêÏú MÞ¹¥ÈuÓP³V¶=0ÿ“¬ñfÜþ¹º­‹‰ <ß…îèûñ¤…èZ8Îe…m<xcÁ^-hOXÎ4{vÊ}œÏ&8kw Ùp ö?R	Y45û_0¨¿ #çP¥WòTÞ35kÅ‹qIAà‹Øn/ð‘0ìî-[Ùl(YkÜ½cÑ$î8µ˜p#¸†Î0HQ_N×¦‡jN“rQEë@iz¡8î’üœvÛ"&<Ø#ôŒÌÑ„aIÓÀ&^Â¿–€`bk«†)0¯SÐ=5ú‡ñV
ÌIýO(0•wS`‘x
LÀ
lûSÐŽþ…3üBª°â€ÙxœÛÈz™‰· 19;1=U¡ #¿$"˜¼&WZi^²BYbNfJbIªcqqj‰§‹F"„žüœÑŽÆ¶eã ³ã3S&ÏaÔ ¤;¿­xM ²ÿ100644 query.go ¦uXQ†'ü\ïL‰×NUj„’#100644 query_test.go ¶ÇÎêøJ¿–
˜ú®Ä˜j÷ÊO6i¸ ¥¹§xœÅXmo7þìûìî2çâ]?xs éÛàlMãŠ¢U|r¢Õ÷RI—5üßGRº×¸hºîÅâ³D‘R$/¥X~>VR_ÊÊB[ˆ‚Q¸Êlˆ_¹´û—Ö–õs¥×ôh¬^ù•Tù…¡G«2qàža5Çr%ªµ}I6è3ƒƒÞâ™úSââ÷“`t">5+Nôp2	‚Q*¬œ‹ë¢²¸âÚÃ½ÉÁÞäíïÃ\T¥Efà²X§òBgbjRXãžóJ‘Vj“öº”ÝsèBµ´pŒ *·îãá_§à?Îã`tF\užê"ã…]b"YàŸ`´(ü±Îâ†‘ÿ²ZiAK[éÜ€½”pv:ßgÐ…ÛK¥VWèÈŠ4—Nä)?¼3,	VU¾„¨ìx{½QL°É)g ¥vobØ÷‹Üópæ*S}4lì€0 `%íò9E±í†YÃ-»·áO•«ŠüDZ>š¥VçÒ¸p•Í.ê£—/’)1¡d¹ÁùíÑ£¯÷¿›"Ÿ†äFø¾ÎÁ6³I2‹ÂŠ5G…>¨e,-tOf¥½FIç
8¯å]³ëfœÀFî
Í”.+­en]:ší4’Òˆ-zñÐå–Üþ®³—SfÁ?ökäù´ZgoYØ9Œ6Þ±§J®ÓcT©Ö RD¬VJRÌô5Qx…w,^.¡îé6<¼Ú\—šÚ­õ'ÒN¸ÞvæVÆ%³ìð­‘T-©d™Ï2PbæÞX¼<B§œT’O›KQJz¨¹þ¸He{Ïë2à.qsü¾PëÅÈÑbàÍÛ.K^.u›ÃLsY"aw€1þÂ+ç­"Xµ‚µÌ#™xC1Ìf0¡:gdâ±R¸GHÒ7A&>ÈèÍ[§i<P#Ja5†”dµÈÑÕf›µ³¢7ê-–ilÉY‰zì*
ï›)Ü7!žLØczð bF0„ßA8…¿|oI~*T±þ1„?@7•DyŒ‚n8?ÃÏÞÉÉÞñ1Pç òzñ„…L¥¹º¸¬kWs6Òâo)†¨)Òc—"1_6”˜5hZeg¥XòÉ˜glOa—çFÕÍfÌ”p°Ž,Ã–±|†¡½ÈçÅ’Cµ-pL–ÆN
ÝrÆéè½ä˜Fw²þ©”K‹M¥¥*ì­ ®.ÅsW˜™â­=Õ5(ÌÐJš.Çt8ºâåŽRÝÖ¼.×WBûêØ)Šn9ÝvuJa,sÜ­ž8*:o7y†ýÐõØqVwx«µÏ@”¥ÌÓ¨¾ŒÝrvÃÏ˜¬l>e§µÂÄ_È1
ríÀß*÷Ü f,K„;ä\Œ¹ÍÑÓÎ-\«ònÔ§¾É§±ã‹×úe_üøV{QûÄû§[oL×›ì…çaêK'
Ñ!,F˜o¯ðÒM¿t„ÙŽ-î$og É­mÜk.6­4Wµ- ^l¹Ž_ÆÛ‰…ìÇ¡ˆš:;g°CGIÂ…‘8—[ø¶Øž…þèHÝ£*.vEr”¦Ñá7?/*Ó)?ÿ,òÂH|HãŽ§8K£Ÿxºçf—~gÚ#·ÖH29ZaáŠv±ø+nAò^C2Zkœ³
«ä¹œ±mžKlžˆ B7Ð©É¦uŸ~ÔoÓmõ£
¾3hýŒßB?þ¼ãÂüŽBúÜ„ää|'ŸÖEvÜR\Ïñ¾Toé¯$*½S‹9<_,^âØÆ'†}Â+Š4ìÒ[gâ¶YPë¥Æ;è}ÿu½¾tÓÜïk÷r„™2<—Ö{›MCx;Ú×ÍS'¯_Í“S2Åq3¶]®7ÁàÔõí³KçÝEÜŠ²© þ_ É‘-T«lû,2éO õåPFY|Ã¥W2y!µD|ƒ†áà.j,Þ#Ïý9¦lÀßbŒ;ë¿Êšëê5s†ý7Ìñûßd®>þºÿŽ¹“¢¬ÀÇû)ey{´ÓP²	þ)ïó»¾xœ½XmoâFþ¿bÏR"“cL8©´´ª’¦ý¶IŽÞ—ªBX«~õÂ5Çñß;3ë7Ö†Ð—(RìÙÙç™™ÙgÉgÿð'ÁVk!_Úí Z&R1»Ý²„”‰L-xŠ…ê=+µÌŸ×2ÄG%RÄOôDÂjwÚíÅ:ž±	,Üq™ŠÛ UÓ¹Xðu¨R[±‹l‹;é°m»µä’G©Ã€‰Æ¬Øbû‘‡k‘nwv+XÊ»1‹ƒ7¶”{Ã¶Unê0²˜ÙÙÆ"PØº£ÝšÈ½CGåZ[D¯&ˆ `î°O<Vð H•ÝNuoü‡à³IA¢:‰Páºcâ˜”÷ÈeYìË—\òO÷9ï{´”>'ëpÎÑR½8ì)Ql5>[±–áoiÅ½S5©odåGRÒO’†c²-TîÁZÉ*–	ùÇb‘
<H€ðó‹µJÈ¼ÒÖ|Ù„¼¢ C<~$¹âÉ–›d×˜÷ózÒo(¯1ß+Y¦XK€´FŒ~¶ÖÀÚ9¹tš,m-˜‰W¹&)3ö,Â0a,[Å£,¡º3)¸ó)WÙúŽ£\÷=ÿ}×ëÃo¶¬’½\èepöpájç¾BÉ*9V­3h€c¼zEÐè8{õ*6šËŠbÚX[Õˆü«yW½Ó‹©šùÃSRxBîS…Ž*tÜP¡âß¥˜K,/U•`™p­LQÃ½IdÄ•=‡0Üò—d­Èöj.^hkØYZ^Ââ>Ü\ƒokžL’×ø5>paÎ_ÆF #5ÄTÅ˜'õJÆ7*ä¿þN•\ÏYóH0P„Wªˆâu‡[ë³	eyºà¶ÐUŸ¸
6…Ý~!Mâi¼Ž„f¸ÀgE. j¦S
ù%¡J´9:ëØVÊE[†~Õ­oµ¦Ç;o~!mˆ¼Øa/nµxš
©>b\Àæ$þKØVVÒ.TÜW¬¿·‹í0—ª$™†\>‘Ø÷Å\«¼uÔ‹ÿÿ‡^o=1þ×PsÙ±àÑO+]d‹@@{7Ž-ÇÍØS¬Œ™abªE#ŸÁª]1ïS[‹n”.»µ£ƒÒL€¨uP¤°‘î²×¨¨çéf×óú=lvh !_øB	É2¥ãÞèKË×—U©ó6|ÌÇ¯™ˆy¾¥'¤è’¯åZãR°ínÈ¶W
¢>y£ÑÐó§›G>ïâe¯‹¸ƒ˜dd¼0<£ŽóNö¸?¥6yyŽª£·ÍÒ@ÐÓôÙÄ˜eBÛã^Åƒ0í°ïa Ù‡Ì–P·Úç€ÑÐj6I¯’9MCyÂOéknJMÏì‹¤‹ã	À››¯‡úy‹û'FjYú»¾o2ÿÑ¦#ó°¸·ÉŒb«ç"šþœ\ha¦D YÔ@Ërˆ=ä£Óù`° f>K4tteÁ´1<>ãÖùŽÖNa:.XæÅ…©/°ÚIýqèÓmÀzº£·-¶Ûó–÷Ýë{• 9ê±zi_ú@,Š²Á‰XÎI±£½D…b<÷qÀ,$ùpÞ7'Y=8¡û}¨âäH:!cË±ö¢"ÎK¿‰S{˜¥Y¹áð­õ  „ðB4+Åª8^üŸˆû»ø”+Ó;Dê9™ÿ" H¬^ D”þˆÎŽýóÂçqß;_¬7ŽÕ‹Åá¯®œL;õË+ßrú˜àÎ¸\ÐßMäXí³Œòx¾Ùãø^ø4›JüµçB_´zÒÐƒ†ZÜ_E¸Ò~›+~TD¬¶¬-Ïé’.[sõæ&0Bë¸7äd³ö‡³j-cìªÚ`SF€tzßÙ*³‹¢K2g¶qþeç£x# Üÿ100644 oidc.go ÓÆ`sê}›Lò.;"…ó…#A{Ø«,½?xœ•RÁNã0=Ç_1äP%(¤‡½eÅ© „„Ú.h%RãCcGŽ@Uÿ}ÇŽí¤ˆäbÏ›ñ›÷&ÓÕôµnÔF?ÂÛN*IR*…fï:%xo¸~6ë’ÊvI¥b²_6òDò'º~-í™’œýÑ1XmkÞöÐke¨†Iþš5à‡ IÎÛšo§ðºnÙ,{¡¤ézxøç½g½gŠo8S3Þ!@ÇV@yyv+_™…öåÆ
×ì-`Õïàm•«ñ,€÷½aêîÏUtË™Ð—g^NÙqx[ SJªÜvî”ø“Ç :' Ýø„m4#ÎIÂ7®öèºGŽD1m”°¡£!	
ž<!ièRFù×…ox³[y­UT½Ç>žuÞìcá¶/lÓ8Ÿl€h2çüñõ TýæF<›Îø³ç³Ñ¶"f(C×rbž˜~0˜Z¡ÏO›u¸Zxy|é¥¨ÒÞ¬ÓGL¬Ú”fvË7„]þÓ6†|ã`[±Ð¬³^Ž#É£Úü÷·ì…ß6>öÖ*ëm¤)1,‚£*¢.,¼‘jª¶aõWCLÄø?M ¥x% Úÿ100644 config.go 6bâkâá¸axÈ˜È/kWtáÊÎ¿÷xœ¥Xms›Hþ¿b–)‘µe­»MØÕÝ!Ab½­@Iö®®TÆ1Œä¸²þïÛóhìºÜº\ôt?ý2Ý==Ú‡Ñ]x‹Q”g7É­®'»}^ÔÓ5E^”<åì³$pÅc’Ý2*IvØÐáá6!ÛÃ¦å»‹CJ’òÌžÎ7 gñE’\dazQâ¨ÀÄM]'{ŒÆL;ØCDÐ7][P#	]sò]˜dˆëÔ5{¿w³cõªkh‘—ä¶ÀþoàI¸	K¼ZNZ<ðƒ3Ò5öeÇqè_…É¨‹°,ïó"nSâÔ†4ß|Á`¥Oò‚F®ç_ƒÓû$››º¶<”ä­ïfñ>™F	§ÛQ„Ë ;tŸÅä”¾*±ïO¨›<O+êß&y&¹À-óœ±®ÑO¯,¸–W€taœ&8#žóÄ·¢:Ã_I”æ‡X×êG7Á×X˜T“iÌeÜÙØŽwI.Hµ@#ÞZ`
ß'¤Lt}UŠ*ïQ$„„ÇÈ¿*rÛ+N^6iu³ÄÛí’h«kü»í&§Ù¹)KMÃÖé§MHmwÉrt€¬'-{(‡ÿE-„c˜¢úVQß9DyÆç²É¿vYŒãÇ 0	SÈž²b”uÚIŽ¸Å‘’9>áÍ6ÏïümL"\m±È	Sö9„ïA×8})ÈÓð«5ñ„µ4Ï$~Û¤‚ > s,ZÖÊìŸÂê†³áö‡ÝYþíf·I†å0á$MJ¶&å„L–JóQ×oY„&y÷LÔ{Éû×b-Ó¤ŒuQkˆ^^t-¹AGú–—ýw˜àìØ3V“ÀsÖ‹ù20Ì_`õ‡!2*I™÷ŠJˆ¦Û·IžôŽÀIéÃ!Ê’”1sEC´‡çGþu¢p(2ô‚E™h7µÀYÊ{ï¼€,†Ìß„Ð¦{†3ŸÚÞÌ8CFšGaº…¦j˜”w\Kx_öƒ|’ßã¢×ç¹³€Ð^±A7b|Äi¾§b˜& SkšŽMT¡:£5¬R€=oõ¥uÁÎ+Ú†Ù-ÞáÕ6[{uuÉãÍ?Ë2Ýå1ÆIIK™ûSŸK<•ÂîïÎúïW?¿‘0ªBÃO´¾Ûl-‡XØ¾ÿi¾t$)gd‰”ÍPßmg*<2í“ÄR›º\ùÁ[ì,æÞ,hüf0pÕÓGi²€²Çc×÷©=²h}@='ê»ã¥tEùf	—GÐM;b+ß]Ø~¦%–DùAg=µOB~é¾óæ,uå9Krþ“ÁCØ†UÐOj²¬=ß_¹Kn´|NZÏÈŒ'ž;ÖžÓã¡RÆIäÁ†vÏV«	ÕÌýŒ'ó­.{4qp&%&ùðUås#,²yKÈª'«ä¬×"C¤ÓÚB*¤ñÚv¦ÞŒîÖ’"…”½%KB!Ëã!!ÔU(U‹8ÈÇ¾%'Ì{/ð=U¤™@‘'\¬ém;ŒIÿ1i6:¨¢Ç¥ió˜±´­´åª½VùÛH‹­–Ü=ÿrOÎy‚H€õTÒmÎj±M¼±¼“´Öå~AqlM0R2yÓ©7¾VÅQžoNzƒÕN%L
<)Ž7——¯¯.Â}"ŒPŽDª8ÃîLÖvØãë)”†¿­ÆxÀ`_Óó°áÑêŽRUusäjäÀþïyÐÝåG›Ú~ù’Ó$;\Ãµ.ëi¸ù*Í?Ë€?8"l|žÅ5b{2«[m!Br8à¶gOhëô•“[77xðÆ÷Ñí ‰¬mð“¥´è“;ºžÏ?¬ýkÛ­J5òYêð‹ó`9ì :ôzj^Ûï\0êÍàåå+µëüPÔ´3Æµ÷•ŽsOwR®¬µîñÓs¤%ã)¶àê¹QÓê@)c×Adal&ÑÓÁÇwí%«ÓwÞÌ•'±™­yÕ’O¨©ëM<!NkµËz„Ë´Â«ãûñŒÎ™õ¸Û‹˜tMä•‹"á¶N·Ùd7$:ŠÙ3¢ã,Q_¼@Q_ÜØaj5öµ¡„ý¦IQm§(`“5Õ Óq$ÀB#µ“M¿;~Ñ9ê«•!¦_‡hÀ@Äû²½D—¯à£ÎL›å÷“Qgù}îùÑGw%¥þç¿Í/Zîpû
¦ŠK‰öH™¿Qn==œ¡¢I³¨¯¨Ç3	G‘Ê]ˆ§‹âIÝ:€Ï•…¤á;†„#L1Ëlèú±0Ò(ô`D"ªâ"ÄÞúµº¾Wþ9äÃ Ø’¾Øô:<&úGµ¿ì‚ÄÕQ¸ßã,î±W¡µO}5››(LqÆYLšdEŠU¯üç±þß÷®üÙ%e	Î5×ä&!$tˆÀ[ˆ*ú±¾E½‡™¾²†Ö·iÖÑêwøÅ)ýMH›â[Dçn	+¥0ù(Û_A*µŠ	æÕ-w“ÿ_;Pîêk¶¤™¶—¦É(Ü¦»:k5TõæäV½‹3µGA×8i.-AÛÈ–Ó[œÒp¸¶™ôã¯˜=õcÀwZœÉ×G´ÒìÖï6fûõ¯¸×®0HþÚ’ïv(–bçoãŒÙ´Úï4¸–ûÆº‚FJ…Ñ=ö¸|;¾ººzs†ž5½X‘K0ÿOíRP"¯xO °ÿ100644 expand.go Xµ>üîožoôÅ·™\!W›ýá100644 expand_test.go d«õ}Œ!‘¾3Òª%eâ9Í3÷¾äxN±épackage envexpand

import (
	"bufio"
	"fmt"
	"os"
	"regexp"
	"strings"
)

var placeholderRE = regexp.MustCompile(`\{\{([A-Za-z_][A-Za-z0-9_]*)\}\}`)

const maxIterations = 32

// ExpandString replaces {{NAME}} placeholders using vars.
func ExpandString(s string, vars map[string]string) string {
	return placeholderRE.ReplaceAllStringFunc(s, func(match string) string {
		name := match[2 : len(match)-2]
		if v, ok := vars[name]; ok {
			return v
		}
		return match
	})
}

// ExpandMap resolves {{VAR}} references until stable or maxIterations is reached.
func ExpandMap(vars map[string]string) (map[string]string, error) {
	out := make(map[string]string, len(vars))
	for k, v := range vars {
		out[k] = v
	}

	for i := 0; i < maxIterations; i++ {
		changed := false
		for k, v := range out {
			next := ExpandString(v, out)
			if next != v {
				changed = true
				out[k] = next
			}
		}
		if !changed {
			if unresolved := findUnresolved(out); len(unresolved) > 0 {
				return nil, fmt.Errorf("envexpand: unresolved placeholders: %s", strings.Join(unresolved, ", "))
			}
			return out, nil
		}
	}

	return nil, fmt.Errorf("envexpand: expansion did not converge after %d iterations", maxIterations)
}

func findUnresolved(vars map[string]string) []string {
	seen := make(map[string]bool)
	for _, v := range vars {
		for _, name := range placeholderRE.FindAllStringSubmatch(v, -1) {
			seen[name[1]] = true
		}
	}
	names := make([]string, 0, len(seen))
	for n := range seen {
		names = append(names, "{{"+n+"}}")
	}
	for i := 0; i < len(names); i++ {
		for j := i + 1; j < len(names); j++ {
			if names[j] < names[i] {
				names[i], names[j] = names[j], names[i]
			}
		}
	}
	return names
}

// ParseLines reads KEY=VALUE pairs from dotenv-style content (no expansion).
func ParseLines(lines []string) (map[string]string, error) {
	vars := make(map[string]string)

	for i, line := range lines {
		line = strings.TrimSpace(line)
		if line == "" || strings.HasPrefix(line, "#") {
			continue
		}

		key, value, ok := strings.Cut(line, "=")
		if !ok {
			return nil, fmt.Errorf("envexpand: invalid line %d: missing '='", i+1)
		}

		key = strings.TrimSpace(key)
		if key == "" {
			return nil, fmt.Errorf("envexpand: invalid line %d: empty key", i+1)
		}

		value = strings.TrimSpace(value)
		if len(value) >= 2 {
			if (value[0] == '"' && value[len(value)-1] == '"') ||
				(value[0] == '\'' && value[len(value)-1] == '\'') {
				value = value[1 : len(value)-1]
			}
		}

		vars[key] = value
	}

	return vars, nil
}

// LoadFile parses a .env file without expanding placeholders.
func LoadFile(path string) (map[string]string, error) {
	data, err := os.ReadFile(path)
	if err != nil {
		return nil, err
	}
	lines := strings.Split(strings.ReplaceAll(string(data), "\r\n", "\n"), "\n")
	return ParseLines(lines)
}

// LoadExpandFile parses and expands a .env file.
func LoadExpandFile(path string) (map[string]string, error) {
	vars, err := LoadFile(path)
	if err != nil {
		return nil, err
	}
	return ExpandMap(vars)
}

// WriteFile writes KEY=VALUE lines (no quoting; values are used as-is).
func WriteFile(path string, vars map[string]string) error {
	var keys []string
	for k := range vars {
		keys = append(keys, k)
	}
	// Stable output: sort keys
	for i := 0; i < len(keys); i++ {
		for j := i + 1; j < len(keys); j++ {
			if keys[j] < keys[i] {
				keys[i], keys[j] = keys[j], keys[i]
			}
		}
	}

	var b strings.Builder
	for _, k := range keys {
		b.WriteString(k)
		b.WriteByte('=')
		b.WriteString(vars[k])
		b.WriteByte('\n')
	}

	return os.WriteFile(path, []byte(b.String()), 0o600)
}

// ApplyFile loads and expands a .env file, then sets variables in the process
// environment. Existing environment variables are not overwritten.
func ApplyFile(path string) error {
	vars, err := LoadExpandFile(path)
	if err != nil {
		return err
	}
	ApplyMap(vars, false)
	return nil
}

// ApplyMap sets variables in the process environment.
// When override is false, existing environment variables are kept.
func ApplyMap(vars map[string]string, override bool) {
	for k, v := range vars {
		if !override {
			if _, exists := os.LookupEnv(k); exists {
				continue
			}
		}
		_ = os.Setenv(k, v)
	}
}

// Render reads an input .env, expands placeholders, and writes the result.
func Render(inPath, outPath string) error {
	vars, err := LoadExpandFile(inPath)
	if err != nil {
		return err
	}
	return WriteFile(outPath, vars)
}

// RenderToWriter expands and writes dotenv format to w.
func RenderToWriter(inPath string, w interface{ Write([]byte) (int, error) }) error {
	vars, err := LoadExpandFile(inPath)
	if err != nil {
		return err
	}

	var keys []string
	for k := range vars {
		keys = append(keys, k)
	}
	for i := 0; i < len(keys); i++ {
		for j := i + 1; j < len(keys); j++ {
			if keys[j] < keys[i] {
				keys[i], keys[j] = keys[j], keys[i]
			}
		}
	}

	for _, k := range keys {
		if _, err := fmt.Fprintf(w, "%s=%s\n", k, vars[k]); err != nil {
			return err
		}
	}
	return nil
}

// ParseReader is a helper for tests and stdin.
func ParseReader(r interface {
	ReadString(byte) (string, error)
}) (map[string]string, error) {
	var lines []string
	for {
		line, err := r.ReadString('\n')
		lines = append(lines, strings.TrimSuffix(line, "\n"))
		if err != nil {
			break
		}
	}
	return ParseLines(lines)
}

// ParseFileLines loads via bufio for large files (alias to LoadFile).
func ParseFile(path string) (map[string]string, error) {
	f, err := os.Open(path)
	if err != nil {
		return nil, err
	}
	defer f.Close()

	var lines []string
	sc := bufio.NewScanner(f)
	for sc.Scan() {
		lines = append(lines, sc.Text())
	}
	if err := sc.Err(); err != nil {
		return nil, err
	}
	return ParseLines(lines)
}
÷D"X»Zx«Túpackage envexpand

import "testing"

func TestExpandMap(t *testing.T) {
	vars := map[string]string{
		"POSTGRES_PASSWORD": "s3cret",
		"POSTGRES_USER":     "ulti",
		"POSTGRES_DB":       "ultidb",
		"ULTID_DB_URL":      "postgres://{{POSTGRES_USER}}:{{POSTGRES_PASSWORD}}@postgres:5432/{{POSTGRES_DB}}?sslmode=disable",
		"RUSTFS_SECRET_KEY": "key123",
		"NC_S3_SECRET":      "{{RUSTFS_SECRET_KEY}}",
	}

	out, err := ExpandMap(vars)
	if err != nil {
		t.Fatal(err)
	}

	want := "postgres://ulti:s3cret@postgres:5432/ultidb?sslmode=disable"
	if out["ULTID_DB_URL"] != want {
		t.Fatalf("ULTID_DB_URL = %q, want %q", out["ULTID_DB_URL"], want)
	}
	if out["NC_S3_SECRET"] != "key123" {
		t.Fatalf("NC_S3_SECRET = %q", out["NC_S3_SECRET"])
	}
}

func TestExpandMap_nested(t *testing.T) {
	vars := map[string]string{
		"A": "1",
		"B": "{{A}}2",
		"C": "x{{B}}y",
	}

	out, err := ExpandMap(vars)
	if err != nil {
		t.Fatal(err)
	}
	if out["C"] != "x12y" {
		t.Fatalf("C = %q", out["C"])
	}
}

func TestExpandMap_cycle(t *testing.T) {
	vars := map[string]string{
		"A": "{{B}}",
		"B": "{{A}}",
	}

	_, err := ExpandMap(vars)
	if err == nil {
		t.Fatal("expected cycle error")
	}
}

func TestParseLines(t *testing.T) {
	lines := []string{
		"# comment",
		"",
		`FOO=bar`,
		`QUOTED="hello"`,
	}
	vars, err := ParseLines(lines)
	if err != nil {
		t.Fatal(err)
	}
	if vars["FOO"] != "bar" || vars["QUOTED"] != "hello" {
		t.Fatalf("vars = %#v", vars)
	}
}
–æªÌ§
x§ Xÿ40000 credentials wÅ$Dos÷Ó‚¥³´f»¥À®}40000 imap ï“‰øWY¤]‘ë ãfñ‡¹çc40000 rules ÂõìAè6“ê\Ùà™žF…•Épy'40000 smtp >™d^À¥lq,é‘çÅ)÷bb40000 webhooks ðÞ néÌpãwƒyÈ,`™áÕjŒI¡xQ ®ÿ100644 manager.go ùvZ®wà\ÖšÛBëüµg©M100644 manager_test.go ·×,Îv¢ðØñ”¶Ùbf\wi"²õxœ¥W[oÛ6~¶~+ 4¸JífÁæÂCšm]‘4˜›§ÀXi‰N8K”JQq½&ÿ½çð"Ñ·4YóHùïÜ>žT4]ÐFRÉ2&§y¼¨J©HôÂT®*UQV‡Ý[Ê«[&½IE†¯L¤eÆÅÍÑŒÖìäxméßºzAÊRj´y¡ð/ñw­$ì‚õ8ÒRÔŠT’Íù2&áÕùéà>µª9§KšT‘¯A¦Šß±÷lõî-10AoÁV5±?­®Íúôz:[)<X¬Š®ò’fÖUÍ¤ ³@äÒ…]?½KZ×ËRf[*»[ ~Þˆ”\°¥e!ŸIÅÒ>Ùf“è'»¯Otxb¤‚Gô;©¬ñPÝ"ÅAÏõçc"xŽGz’©F
|Õ'ƒÞƒÞ•3¡ÏÅd<&¯ví„”$@7

P]5H*‘ìsÃa=ŒUÃú® pjäy)ñ¬o¨¨.‚ßÖr56Ûpy&]ÀÃƒcüOŸ”À£×Þ©éò¾lº µ”œ¡ó(4»7œ <#Ÿ‰(™—”ëZ&¬OñÐfx›Fþ‰>|Cn#We:] ÓGBm	Dq¹É™Ðý¹jê“j½– L…nÔ¢Ht(ŠÄFÐ›åeºhËúÓxªSþÝ*ñ'Ø’˜Þ‘ƒe¨QmdnÒ¢5b¶ ?NÏ#MàÙf oË†(EÊ´«tÁÚ@ÀÎä¿Lø,ŠcW–/“¿Í~oò<BÒoØH-~ódR¸}‹’¤ËK£­AìöäÚñ–æ‘¯N6F¤Ë­Ó‰Q›å‡g…©06œHmq3iPì‹BZ¦	JG{Ó'>}Xií=èe†§¬ê&•\@ÄÍ+’2â{=Bå0ÏñËÁ‹~­ qÁh}2QÙ™ÕúD?°åDãE&OÛÛy›n
ïQqlLQDñ#íö–™vƒ
Ù“Ð`ÆÇ>q»FUµ•I•seh”ØÑ±šªOÄ˜ÌcrOôëõ«).8Œ’“f´q4~æCHk®Ë°w··¯µ|1£"À%W·¤n*¼­á„· Êés+Á†Õ`ª—œ¬Z5YX6TÕ‘ò+²Q.ÅNe…­OImÚžÙ‘vH¤Ý&ÝPNë]„2Bvõ®×Ï¤ñúÿÒè,nõê¨ô.ƒ{…úGtzŸ¡]R]å”‹µØ¢þ|¨ '|ýñs õçÙqÅJß²~G%©\[´˜N›¯DáÔ¹cyXí½
vWúãê‹6«¤Íðƒ
´Óa7=ÒæÖCh^¿áqÜâP¡E•3ÅLC;”Îjß³¶®‚ïê3§ëâ7+KíºÅrõ'­/µ6mhþ·Bk@»™ekÀöUœ’œíÒU=‡}ôOˆîæß‡bkpÀG XYuS¦³„17Ÿ6d¸¢)Ó0ØpºlÌ®6S=øÏCqÑ03ŠÂÀåñÔGÍ¡…2×—ú6´}7;wp{eZ<­Ÿ-³3[ùÞö ÍÀ-c/6Æï½“½•ê”
¼Ef¯¢R«Ð„Yá=ÞOÔÊ=´ÓØÅv½ÙöÃŠ'²;¨m›iŸ\·iva¤…a6L¡Ÿs408!‡‡æqxÜ>¾þN
Œ9R4µÅog“—ƒá/Gƒ_‡GÃŸO¼ËÌ%ÃÝ•«íûMiþU3-øÁ¾Ø`¾,xœ…’MOÂ@†ÏÝ_1lB²URD•„Äƒ˜xÐÜŒ‡ívJÚm³»|EøïNËBøqêìô÷ygÛJª¹œ!(ƒ	j—ÉÜ2–UipÔªL2=ëÆÒâ Ï©åÐ:êp2–.´‚)5ÆZ™Måž°y^MCødÁ70ÁÞ%š¸dì£¦Ài9q†Žâý#Þ8üªw}Ó¿ÜÝ?ÈX%˜žžy² šÂ› 1µý®^÷-Á—½!¿$l¨ä$ÎÒFÖÎò:Sà¢gédž
®qÞlí%oifÇXçe|$xQä÷\æ™ÂG\Ë¢Ê1ReA³ÜÒ5 ûŠ{`=Òz±€‰¨ùáéèºBE/2¨ePL³5÷É–v ’Ö®J“œíqø`äï¸	þ÷À©ç~¸Øn‰¿žÿ…>nåQT}û/	l»mKìó½š(;ö£úãe§xG ¸ÿ100644 parse.go ö¾´µ8…ØAîÚ¶íõ?w‚µO]Ê100644 sync.go †VN4â@wÆØÖ(…³o~™&ÐÖ±txœSQOÛ0~Ž…ç§D
	Úc¥>À4M*CoÓ¸­GìD¶;¨¦þ÷ÝÙNj 0*µµÏçï¾ïîóÀ—|-¨T| Dª¡7Žæ$cÍÎ	Ë`!ô²o¥^×¿m¯1 {üUR‰ñ¿VÛÎÉ‡-\­¸ìpm«€C2¬p½„¥l-ÝfÛTË^ÕB	ce¯ëu‚õŸÏŒ„8È¤_æ¬m°–Ôvéè_’]r%(|8½Gb3¦!ÊîI–ä'§<D!aOÈj«—4F„½î¿ÿúq™ãÞÒ›Û‰g‘
b7°4ìA*Í©â"¿¹M)–ô´¤Ðª(H¶ê½+)Ç†kès¨H#ÔœòaºÍÃ¾|&ó¼Üêå.KŒÅóÄp™ÝCÅ=Éš’ÞaA^-¸±ÞEô¸­Ñ´™ú c³â¼ow¹áQjAs'ž\ìaI7NuqS y¹ò:áBAçszydÆJø"’)—…1¡a²«~
Þ.€8X.÷«.Å#…ñh…ÇÆŸæTË.õ}Ú¡Â²×Nh‡óEìººðpÕ7árö%Ÿà9àéàÎ˜¯ñ,Jª¯‡ŽK=*­äxZbÃ¸²]ð ª+lâbÌÉ´£Šhwœ’ì}SÎº.Gò8ˆâ•fÌOD`|XÕ·WF¬äSž0dÓ{¬Y‘¶ÐÏz1NGM7¬é·ºåfÇn‹Pê¿LËTÙ÷Ó·Ã^º"ãú–ÈgÖ<Ð5#aJ:2lù¾cU˜Õˆ•Úî€_,ÒÆ¤Ãˆä?¹+$Ãy=Ð¬1‚?à$ñòèH_í=K³ÖÝ[Æ‘,c¥[n‚}¹Çæ,<óN‘Dæ»71£7qý|?ëçpöãö…`›ØÐÔaPGýëtMï|êp³Ie’ioÆ¤}êWD§þ5ŸF
°¸xœ•YësÚÆÿÅ–I<’K„¾n¹õpCC¯ÁMg<"¤«’ª]{2þßï9gZŽÝÌ`ÄîÙóøç*E}Wœ%ë°h6“u‘—’yÍF+Ê3ÉdyYæ¥À§åšÒ|ÕðŸ…,“lE»2YóVV‰¼«A”¯;|ÍK‘äYg•¿Cû÷­):ø¥	Ïäñß nÔ)Vûð«Èót‡¤Je"ªDrzz·€<‹;	˜SfaÚY‡IÚ‰J÷$LAs¿Ù”gÓÇ,ú˜—ŸyÉÀª*’ìK³/˜ýw¬%ÀŸfX­ÚB<‚­4$ì>LqQ	úUJ0²Ùp$³cçGpf!~j6—U±1ßÔ
y Æ–ô6³2¶´òÔ¼
ðÙ±c(XXrY•;ªWaìîÖ†Ç‹6,){õ2ÙÛçËPöüà#8Àƒ  ÊÐmmÖB'¾À´åãi£/7?pÃÑ±ëj{Ooãªí³©KéEòé@zêÛG“d¡qÝ3@9£oÉ>¸–/HÑS™DBc(;ƒa¶Ì=²‚¡lcB$ó˜,Ô¼àÙeÜlt:l˜%hE¦ø}ž¦çQ”W™¨:R.sòACð”«€kD¡àì—w@ôLÏïÂâ+ÔÊ‹Ôò‘X¹´æ¥mìiNui Ú_üÀ™ƒÐ—ùF´”DÄ‹à/‘¾Í>”é`4èÍX·©èÌïr!õ#ý(S¡BYGF›˜ø’“‹«É%ÃLž‡Z!Xüøap5`‰€5™ÜsÞ/+ þÆ%KÒé›3–%)Ál`yóZKàÆc&sö*Ìct4UÀ™…@xŸL¡ÑA/Í÷ŒSii¨xKã>,±®6šï°ÏTéÄ5Ä@§•]£JÌt²àB%øl4Å…••9‚HnnLaš"Jõª¬íŸbÓ(Ì¼#«J›)7))Yð@"àÛ²õÿ»äW Æ y ÇP’¡ Ë--uª£*xm•²JW£ªÖôß(Jù£´Eí´€y‚¿i»j¿œ'µÚ»9²g†ö¸²]m,"/ï›¥Ýê3R
í
ã˜ ƒæL`&—^ë­è¾E3j¤001U_eÇu…ÈÅ/µ˜k Ï)ó‘C;)°Íˆ/O”SZU*[´¯RÿŒ9'ú¿@ä¡žm†<Ä'ÆS(M/¤:¿úPBë>†0…8Á~óvc}g3ÖZnr,ñ`Í¬P(ª±SÅŠ°¼WW#¼r°¬Ò‚Gåc!ÙV£ÛRªéD¾ÖF‰$óöµ‚V&PTö¢û€àyì‰‚æ4J ð°|.ò¥Ó>¶wµ B¯…Éq@”œb«ò^k}
,ötÀ
9o³5¥šf0ƒZ-ˆÕn-¸ÈÓ:8•2N.!+qˆÃkjqc¯­ Š¼µ-æ™Ê@_1&kb†£Dš¹	sêŒƒéÆxýGÿ|6Ønil:˜‡9õ¾PÂ¹ñä#4ÝébXxsúÉQÕ·ãˆùjªáÜ/QÏ–ˆ-P&cˆN]Ãœš¤Æ™~(ÃÝˆšÒŽWÖa¥¢ú•1¥§¥·&\n[~]@I½ÏJA©:§–œ.ìø…&–«|S-Ãñtp5cÃñl¢|¤ŽæÕ!†%_ç’ÏÕ*‰a&LâD>Bðp!`²Ó	Œ—?ÏG×ƒ)óÞœ¶Ù›÷úó|¾ÇÝÉ˜õ&ã‹ÑÆ¥-9ŽŸõ'LÍV3W"Ø3ø«7ºîú«PâÐ°¥ŽK»µa¨+ŠèØ	CØ¸Ì®¯ÆÃñoŒ0h=Ð¾l<×ÃþŸg}\­/•\áëùÄøèµaQ¹Þ>Tb‹cggìÄå	"lýÆ%»KVwTgÎÂ´äaüÈîB2±’É»Dh©*¸0i‘¸‚füÝ{Hûç#KÃ½Éùh0í¼Ëó¿<ð•ßf'>Sc®QSe½’3×ÉO [œ4nZ¼¾‰\pÝÕ\2¾Á[ÏLfy¥TEÃ0gÿ™‚±]ÕƒÑOðû¼ÚÎãø
ë´g¶=-çÛS¿mÏx'¾Ï@ªÝÃ9ðK>ª1q'ŠàB/Ñ@X }}éÄÙcï"W¢»³8Èîyš¼ë.þšÇSð/°ëÂ˜t\ËJ¾vv¿|yzjëF„Û½uìT(:á)£[£¶{[[‹M\ú°žóUÓÂ½3§ó, X>«Þ°ÕÓŠ2À':U@ÀÙ)ž|¹¡ivÆÏNS³½ËMÈg:—I*c˜™žë$ûFìwÄm%„¯>¡:Ä‹÷[
§ÚíŠ_`¢@mBÖØ(Ô5C"AüPËˆÒªž¾$Õ®M TÐA õ–[iý9¿ŠM‚92¤üÚÀÃwJ~}£ßE cÍÇ §ëet¬KäK§TVà9e¤>IË/µÉƒÇ-¤šCé×™¸É†| ":?ãË0Ý‚ÊbE`5Õ’?sOáÅ®Í¾?ùùGº.öví–ñR£‘aãJ'WtpëÞÂW’AÖ‹‚g°V-ÛlqÓÍnƒ Pû ¶aãf—£²ÒY)îÎnuâ`f[$÷š”m(è¬©,…c¡¹ÿ¥<óÈ—¾¯¢1l¨‡cåfäixÜ$· …:î-Í`]æës}!Ä+¤³ü÷édìƒ z™#¥ø*é,Â(z™°aD„f”õøôav9ÂCt}Â€ñ¯Èpµ¨áYó…Wsxr‚,çÛo“œ™yw.3nkV²í’f±zÃgQ-þ†" d®n˜2§|û™'|€Zi«L›KkåüN®á¢NÂ×²ó’)ä'<šîàó|~„ÏOðù|~†Ïé	þAÊS$=EÚÓýQpÛ$š Ç“Ù˜Â`øD¶[géê‹vmªÁÀÓA„hœ0ôƒ¥ïïƒ²íy	Fj[G©~ÏáRkY³+„j–C?b-ßo¾êörø2nß‹x&¡Ì7u*Ä¤˜eêò¾7õÑ5·¥éñÝÝÆk­!€‰{uoÙ÷ß¸o×‡bÑ5ŸÇFÀ¼‹4L¨EºÜqž\$1ü¬ål—`¿ºb^Ÿ€:£þ3 Ë%6çe²ªJõ¢øÉâ½%"è«æ-‡q„(ÒDþ
 :©Î‚Las«ÖL¿WIaW!áñm¦ò‰-q‹ºÄS}õ_ È˜Ê±âcë8ý¤´oˆe7¹¥r®øCfß²SSœ_>}[_›iÓZl«’°Ñ´F<Ãu¾^s"œþË™!q<$\¬ÅMWQÜ‚œÿAVº¥x% Úÿ100644 engine.go jÑÈÏBÜ˜Y9—°f.úž’w& E¦´¬xœµXmoÛ6þ,ý
VØR)ÓddÀ¾dÈ7q±i’Åî‚¢+Z¢m52éJTœ èßÝ‘”ä—¤Y±úƒ-îÞËÃãÉKžÞò™`e]ˆÊ÷óÅR•š…¾¤Jjq¯¸2UY.g½O•’(˜.H^¨Y¯‚/¼®t	UàÃõ,×óz’¤jÑûøio9»ïÝýŽ?K¥ŠÀ|_?,ÈY.Û:Õì‹ïe†Ÿ}«™\Â—ïÁ3Q²}\+9£ÿ«ïOk™²s±2(!Ø®ÙElßâp)t]J¶g$ €¥i­lÃYâÑ'bÊëB‡Qr‘„
H‹R1(S¿
Â	"°ýŠ¾P8Wð¨Ìé	s“s}ƒY<ò,¸ñ½s¾ëHxŠZ—e®Ê\?À“\êÕj-íSÔ<V2Ëu®dÅ>|lnœfÚ<EÝ~jáóá£¹é òÔ)ºðZ¸6Æ×¹(²Ž÷ÖxŠâàôzlZªEÌ´ŠYUO>‰TÇl¢²‡˜Íy5æZót¾€ìúÞÅR”\«rMY1 “ç²Š™ø\ó~+ÍK]WP,ÊÌ].¸Nç@kïo^ÔbÛË;w´9h£¡tÃ512ð¤àQÀ2êNÄŒ—é<Ç‹LB\½¼—‚g1›ªrÅK¸X‰É\©[çÑNwd†åGã"ö›±àyÑàŒó¬qþ­¨*ÜÉ;ù·Æ¯5¾†Ú<¡„¥Cµ‘ZÃúðq#)
•†¦ºaÙâ£æ+(ÿºË#šÈŽ1uÐý“Wý†#0G]ö¯sÈò•ZC(\ˆØ “ËµS}ÏlkKŽÍoÌêJ”-ãT®š±}›Ïˆ‰²FbQ+$]Y²Ã#&’l’üU‹ò!cŽzÃÁÙàxÄr(´©V»ß€f?Úë«‹·ë86]×ó®ÿ\È¨(;b?°þù	Ë!2°º ‚ª
Ð¼¸:\±Wï™Ûô¬?<ö½Cä{ù”||qÄd^ ß®ùA×NÌ4>£ç¦ë²ŸWÅa3ó21ºa°Éq¡*B·ö€ÁFt	#‚½ã%ž€0D6“@I××Z&ãÍðâÈ3yÐŒÑ‘¤. H2­8L¹÷Ì1Û3™ÝshpiQ¢?6ãöDbúº	;*€¢ ±‘S]›ÀÉ?KÊ20È„—îl§ö¡­hÓ<AŒ”LÞIØúÕœaÇÉ)ÚÖ³˜XŒŽÉƒí`ýÂ`9.A£OåT…t8Y£ÌV@)¸tù3":XKƒ…¡ºQì„xäQÑÇŽ¹T.¡Ã¸¸ÉNµD"îEZkaÒaö…Q6.oh»Dv±)lGC0:O°Mï((’Ù~AK=•i)°E˜ü@ik<rÐØÉðÜnäw—'ýÑ ³AÙp02Fc2‚ÝØ½û…0³íÞ½q®FD%b“Ý‚xÓžvÖ¶K³ÍFDï‹ïÊ‚FmQ:_w^Ð-Ò¥Žë
p„
ç¨R·Yst‡}ÓIÜ 4tO:ß«àd¦äË,1³è¦¼Ì5‡àIÇìˆèˆg”Ó‚“fKÇÎžÉ•ËF0j w"gåŽžðöØrºxøìVt§–Ó\?zÈ÷,hnœY”ï5¸ 3`Ú™€üïÒ Â¦2™™HýÍ²!·ÈìL­íB—Œ‘"QØ‚FXø}T•ªbU×KÕfMµÜt|rxÇöYØz³vé¦*f~ë"tB9:ê˜4ul'½]CÚ/K1Íï¿¹²AÖÓg H¥Ç»òðâù‰x¢°»Æ˜­»=ËØÚOwíÎf–±Åí4Ð¶´4|R<ãõq§Ó$‘®®QpÓ&É¶úò²äc¾\BªC#¡7F0¨,3Ä2Ø9 v~qR³îvÐßhú9¿±&¡#¸{o!"Ô½i?qµ{dÙ‚Ó.Î¿33x›‰ŒæœvÀcíg´*{ð”…®‘³ê<2Ön­µÐÉ$¢ÐEÃàÙéÛÓ;ÀgÏKàÍ’}yùÞD|¶UsÆìå?}ƒýòYžÏŸ¬¨{¯ú!Þ…Ïtµe©5³T%,ÇÔ§"1oŠ?$Œ‚Îþ·¤ÛNò†©kskûö›¼‚·y™ÁÐÆ&LÏ…{G­ØÒüÇÔââ´«óuÞOjy+ÕJºn†o¸ðžR­Ï|‘i“ÿ ¸Ý¤ªxJ µÿ100644 outbox.go Ò½<¶¦Îúg»6rSùå100644 sender.go Õ¼Ûèß¡‹ÍôÒ$6KF½êxœ¥WÝoÛ6–þ
N©ÓävÀ^¼æ!µÝÖ­kg¶ƒb‡¢èD­,*Õ&(ò¿÷Ž’'ýÀòàœwä}ßÑeé%'õNU¾Ÿï*!	}/`¢TüF@ò’‰,//jQ"PˆËAH«|ÇˆË\]5iÂÄnð.eƒêòfðéOüW	Q~äûê¶âdÑ¨TÜœIÁx]Ij%¦ÈßËRbþžØCÉ|ø^ÍËŒKÄWšò=P~i´#™é¯¾—ƒÍò-Z•ŒIU.JÿÎ÷·MÉÈœ¾§<•{Êbb•YU1yøÎˆ<¹ï8 ¹jdIŽî±€¾­sYÃw£1C!f¼Òz5æ[Ú*Œ’÷ÛRé)y©‚˜B«"<çL¶Æz×ºVÆFd¥¨T!S7Äf:™ÿ:¢rö‚0<1^CàÖ	«Ä©ˆ _|BF6Y)Q…c¯JŒÉ´ÜŠÐJª^¾A3ÏÐ	wÐý‹}okâ	Q*¸©Ñš“ç¿ƒÅÉ¢FC @™¨*P¡°IOw—µ|do²§þnxÃ12Ñ¼bW<k
ž9ÖÝwc|ÿÂC-Åç:&\êhWI–& /oQ>& çül|ºžëÚj²Æª¦&'äk:ó8&M•Qˆê†*Àç‹÷!šøþõd9!yF¦sljÏ[Mf“Ñ‘—ËÅ;{'2Œdwñ5Úœ#k±O–äÅ?„IîTœ®FÈšMßM×äÙS¤_.–Äšºz;=#³Åèíd4d9YŸ/çÓù+PÊ˜hJµAZ‰Í2	!`ÌQiGÖMú* 0‘Ýn0h–¼R»›s#yU GÄDb9Â°âõæŠS='.@y¾ÕÑýå„”y¡K©-š‰”0‚-Í!¯`
¹ÆÐÛ°`rtzÐW@w®ö1yÉ¨5]Ùjh††:½Þ'*Mì!èîFdAŠé¸*ñfµ˜kÉÿKoG±À´C;ÐÆl_mV€¯×ïf{`^.1¤kÑ»Ø‚¢FŸ]|¡zµë+FËðS{Ô:´ñ	c1iKµI>rVZm²µèÎè¯ûy=Hl¶¸ÆãÈ¨‡-™—×ícìuRYs´îÊZ˜×¡q Ï0öˆˆqEÒGeR'RƒyÅQWœl¥Øj¤lÑ 4ÙAiviØþˆXŠÏÝ”p­½Ë®éG
ÚvF®rÈÝ.GÑ7˜še3J Œàp×› kG“<ëÆƒþ
ð¯ÏÈé|ŒÒy½ÉÌ–ö8ïM /Ú^ŸŽ#[­[®x:?ONH˜L>æ©õò¾‹­íÄC+¿£Þf\òkÌÕ.ü%‡	P+mÂ©;
¹«d=êà·ÍÛû4g-†m“ÃHBhÄ:ˆ1½`–Zlez@ã®´¬íd´ÝáØŽ¡{S×-Àé:9Ë¶w†½a»@t\%æQ’`LLä!J?Òp OÌ8í)PKð'ÂA÷mbÒfzrÃY¯ž¿¹÷ìzB³”¼Ýèä Þÿöy¦õÀH†Zøã‘ÙÛ‘X1ˆ\[á¨õ*Ò¥Bx†/ÿÇjˆŽ:Ö/LÕ³â'-û©§ÇÞ£åÁçÇfÿí±ïÎ¥à/i=7jg™®àÌšÌÏg³CæóöÂŸ]äÖÿîºÃÙßEð1.Q»R£vã¡NœÌúmbPûËÅ³'í¨&øSiØ\è'C×_ÈMÎËè½¢…V†ë¯=l2Økx”ÐšTÍK§‚JIoíª0ŒÞbþž*}Àª:éõ³ý£Ù¦Î"Ú	ð§ý—ÃG:1y“‚—¡q"2o!(.ª´„ß˜&l_ôµYç0aÌwNl#«K«6\ÈÖW¤—~½îxœµWÿOã6ÿ¹ù+|Ñ%¬qaÓ¤©§N¥è˜(cmoHç$nÉ]b‡Øá‹&þ÷½g;mZzåØ´
Q÷å}ù¼ïNÉ’ÏlÁ‰*téyYQÊJ“Àëø‰š?hŽ¼ªd¥ð4/!—‹ž‚xVºÊÄÂ<ÕYÁ}‹LßÔ1MdÑã¯T&Eo!#ÅT|‰ÆÈ¹à¡¿®ä€Lzåâ¡w÷~•Ræ,u®3Ugš›Sƒi/'*Áò^Á²¼—T<åBg,¼¡çéÇ’“)ðñŠ€u¢Éß^'Éò³ï¬ÑøçuÀçðÚGzf(^§¥šì·~Ð19ž<o^‹„œó{k1 ;kê»åÿV%!ÙwhfÅu]	²g)@ àýò4îÉvdø˜Ï„(é%D/€<CÎò»ÄÇØGÊ(ôC”oè·áÁ³'tiÁ	¿­¹Ò­0þœ$²úô˜[#^ç¤’…ƒ×fr‰øÏ¿â0ÙB<J’çÄiâ`¯¥ñH¦3¨ÜÒûÙø¬E:^æh¾!MøœW\$\­4YTúÐ¸$ú¸¡CûÝ%¿µl.!1­ƒÑ¸c¹‘6@ÆL³A‰Ú_µâ³³)‰M¥!ãXâGÍ¡­@éˆ¢iL«yõ8‘÷ˆ£K>B¦¦£³ÑpfúøuíM¸£Î•-1—P:™ü:&Ø×ÌfK‘Ë÷£Éˆd)o½ÎGã]&3¤Ó„‰`ÏšØ³ê÷,t8È¡×Éæè:y3 "ËÑÿ¦\a‚Ðeø·èq–ûäí=” H…X[^tBç¼KJ¦Ô½¬RóÔ† d•âÃ•/Á«§<©KMÖª{Í|‡¥©1…bÓR¦Aî­ê¿MË:¾Ãéjœqåé˜+ý@ÌðËó	O²2ãZ`*Øg4ÕÕ%]’sÜt&Ão›ó0Y¡ìÃpSÓ€°²Ä2\#ÛTÍ$¥ôUÃäµ Êˆ€L­oLJ`¶S˜m9ËÄ0GÞÀ‡P=Ï"Jauã˜„Ø1‰s€IkˆÝ»j…
æ¦KÐ²Eƒc~¯Ãt{	1M8ÃyyÂH>ž+¾ÛÊ5áõ»‹¹\õ9§AQ;½é©˜ËÀçØ§Èb&õ ùml¾–~S 8Éí`t$7&ÃåÖ <ËÙ¶Y¸#ÌzÙÌ°xéõŠÁbó:1½¬`óNÍƒ`­c8§®ª+Ñ‚‹AÚ!5“-™ÆÞ/2k:üƒ¿0´ýÞêò90qÞ¡|˜ìR>LZÊŸv¢tAÝp¯	õn™æ-A¼9Ñsç!=‘UÁt`(““áááwßÿ>×æOÇ£èw{mê“Cz`T…¶òÈjÃAýùþKa9‘áÖ‚¿¦È…¤òÕÊüªÐ¯Øw¥`ÅyXfbé×r™·Ü‚’2Ø%›;‚Ïàú‚UúÚîVœ?ˆìáœ	 úõ‚Û]èhW>)ðz	ÛG÷Xn®–:»ãïHƒ`pKâÊw®5Ô-&|—®¦£h¥]ªÖâU¤Wâ~G’Ü“zðavýˆš¾`µ‰+Þ›^À„þ=®]ä¯‡…éþJXQ´Xkäÿß¡ÃBu36¦Ž%ÜzÜ~…q×½XÝ¡ù6{2D'\Ú+\ã9³¸u}ßñ›åøE¦ñöÐ²™ß´ß4NÕH˜ËO/è6ñÂÈµµ“¹¬â,…Ÿ+;Š¶Ï–â6å+	¸:Ù#!5Þ¼çÙ¢†‡N½S±f^uŒ'ÍÝðÉûË„Ùu§x' Øÿ100644 executor.go àîuoð¯€Ö ‹p6FK¬EŽ¨å(6ó²»xœVYoã6~–~ÅTÈ’¡ÒI»»@¸@·I‘8­íí>,ŽÚV"‰ŠHå@‘ÿÞ’’åÀ°-q>ÎñÍAVQr­9<ðx#Ä­tÝ¬¨D­Àw/~R\zøˆRñGE¼LDš•ëá%-¬
½ž	úÍÅz(ñ‡žK®†¥*z–ªÆ=Z—Ê
î¹ø°ÎÔ¦‰Y"Šáz‘«õãðþýUBäž¸®zª8LyÒ(Qjiÿ¹N}ËþÆ×IòŒ—
d•è×AoÖ¼†¹Å.ô‹ûìº«¦L`ÊZå>ªÜQÀ 3Œk®šº„ýv—Ð‹¤qˆOÆòö{¦	á,0ZÑ äð @±³9G:SÚõL?Æ¿hÿNù*jråì+²ã#ñ˜•y!xmŽ¼ ÷=SšžK.%¦ðÄä¨GÒœ—)¯§QÁ‰+“¸¦¼<©eË…ÞuQ–¿å$ÔØ&¾áhÁ|^`Œ`Ç"}ZCoÀb”-uEYàÙâòâ]àFÚði¤8tŸ]`Š2ÂÌx’UÄ¾|©;!Ï"y¤T”l
ª™3Ž,rÉeÔ		mI>?}ÃvadË,Ed[Z>ßÖO`K˜û‰zÛLÌ&,Å‹*GÿQ¹QB!×'ìæ6 ^×¦ï£šZÔiêü%%¸ZpµéËÕ0‘ò¯ùÕàÛwên\užŒ[ÏA[0giÌþixý4@È‡3Ÿ\LN€öÑ[m.k ›_£ÁÌ®.ÛÓ­K|=›Ì&¥0†½C8šžB†Ì'*»ç¸„•Œ»¯ûlžD¥¿¯íî·†÷{¡á[?¤Àu²ñ?¡Äò¦¶´ÍŒ£‹MˆÑ•ïÝQ„¡|xÀ–Ãmµš«Y"62LD]	Âø}3mÊˆ8©" Öí>EÖšwZ­ë!³gÆÑªTÔê6Ã†ß6,¤Â„>nV+^Ïu†´íàGcKjNÉ­¹W±Q-Y¡ˆªo¦¾·µ@EÎ¾”ETËM”û»TÛ7Ô´ÂÂ¼áž¬£Ï”V§ñêŽéwœÊ' ¶Nôd¢ÌÓ\”êçN7/€ñ<ï-%»@QUåY©L”æx²Ö\Vùœ™aÍN…
’6µÞÓ¥lž•	÷uv™åy&õÌ–~`éB™jä‰H9U„Y#+¢”œæY×H$àØü:íê[iÛ‚Æ$2¹£ÂyžK®1=«cmŽÍ»M¬Ž©ZBXêZl†lå¹Y‘©™fÏ×{ÉÏ>üö™
ÉéÖðø’ûíZÒØºïwv,½ËðìšôÆ»í¨8ŸÎ'³œOWÝÀü¶ÝptRÕ·c4´ü.ñªÕz±ŒµÇz†ÐfmYÎ¿G_&sð÷CØû¿¿â÷#~?á÷sðbŒ´íÊº¹örîä2Ü&pkÕ´ž»ŸFfÎs›?o…‡&OA	Â¶ÑS­ê(¼–9Ëäu³mc0ª_t3©è•ÉïcLðÁ{š¬;`Dèæ‡ÔëóÐµÞ‰.u§[ªÝÃ#„ä­“Ë™t“¢2±B3q{‚U‰Nz{æ¶ÁôÅD«bÛkLØG˜ûH¢¯/cï!VlÞŒˆŠˆ‘OvzXL{]éèÞñDWÒw# «‰YÜ^2˜Vº½”LïÂ` Û*¤£·%¼f–šŽâ ð?ÕÚÅ™£x# Üÿ100644 meet.go (o–Ì—aº©V•ÛÂi--QÌÆÕ)­²‡xr÷package meet

import (
	"crypto/hmac"
	"crypto/sha256"
	"encoding/base64"
	"encoding/json"
	"fmt"
	"time"
)

type Config struct {
	AppID     string
	AppSecret string
	Domain    string
}

type RoomToken struct {
	Token   string `json:"token"`
	Room    string `json:"room"`
	Domain  string `json:"domain"`
	MeetURL string `json:"meet_url"`
}

type UserInfo struct {
	ID     string `json:"id"`
	Name   string `json:"name"`
	Email  string `json:"email"`
	Avatar string `json:"avatar,omitempty"`
	IsMod  bool   `json:"is_moderator"`
}

func NewConfig(appID, appSecret, domain string) *Config {
	return &Config{
		AppID:     appID,
		AppSecret: appSecret,
		Domain:    domain,
	}
}

func (c *Config) GenerateToken(room string, user *UserInfo, ttl time.Duration) (*RoomToken, error) {
	now := time.Now()
	exp := now.Add(ttl)

	header := map[string]string{
		"alg": "HS256",
		"typ": "JWT",
	}

	payload := map[string]any{
		"iss":  c.AppID,
		"sub":  "meet.jitsi",
		"aud":  "ulti",
		"iat":  now.Unix(),
		"exp":  exp.Unix(),
		"room": room,
		"context": map[string]any{
			"user": map[string]any{
				"id":        user.ID,
				"name":      user.Name,
				"email":     user.Email,
				"avatar":    user.Avatar,
				"moderator": user.IsMod,
			},
		},
	}

	token, err := signJWT(header, payload, c.AppSecret)
	if err != nil {
		return nil, err
	}

	return &RoomToken{
		Token:   token,
		Room:    room,
		Domain:  "meet.jitsi",
		MeetURL: fmt.Sprintf("https://%s/meet/%s?jwt=%s", c.Domain, room, token),
	}, nil
}

func signJWT(header map[string]string, payload map[string]any, secret string) (string, error) {
	headerJSON, err := json.Marshal(header)
	if err != nil {
		return "", err
	}
	payloadJSON, err := json.Marshal(payload)
	if err != nil {
		return "", err
	}

	headerB64 := base64URLEncode(headerJSON)
	payloadB64 := base64URLEncode(payloadJSON)
	signingInput := headerB64 + "." + payloadB64

	mac := hmac.New(sha256.New, []byte(secret))
	mac.Write([]byte(signingInput))
	signature := base64URLEncode(mac.Sum(nil))

	return signingInput + "." + signature, nil
}

func base64URLEncode(data []byte) string {
	return base64.RawURLEncoding.EncodeToString(data)
}
3•¡§	x— hÿ100644 calendar.go ¦„JìÍ‹&-²Ÿ4Ø_åG±õ100644 client.go ³Õy˜VPsˆéuvF+˜J8M?100644 contacts.go iù5|5üå+V1*†.GERÒÒ“100644 drive.go öÆdþŠvƒß\M·_8ºivŠ‘
9»¿þxœÝX[oã¶~¶K ©u$gÑÚuz²¶·xÛÉ¹lF¢µºU¤6	Šýïgf$Q’/qpŠóròàHä7Ã¹|œ¡˜	ÿwq'Y"µ¥EÐï‡q–æšYý÷ÓDÃ‡G™øi&wîcáû:¦á0Å_¥s˜Rø¨ÃXò¾Ýïë§L²±ˆdˆœ¢ð5û³ß;Ÿ0óWÊ±›ßTšx<øM¿7	U‰§™ˆåÆ|PÎ|N`
‘ã4Jóš|œAÈ\èûÝ‹e0ˆ¯•¡Ó/2Ñ-+¯Zfv‹ÒÌeÇ"ÚPåù"•Ÿ‡™ÓdÓ—f©/µ¥-ªfhM- 1»ŒR8ƒiì±ò€€³(šˆÒlv›¦ü« "Š>‚ì^ˆ‡óñr—–\<|}5HãPË8ÓOe×Eâ3ËgßŽ£i³‹Pé:ùÊòõ#«¸äŒËÿV(™C”Ký6³>~ªLæyšÛ˜ÌóFøæ,3€êµÅÝ\Æ©–NvŸ¹øâúõJî‘ry­Úî÷nÓà	¥oÞþ¼e_d® –#~â9«)=âW«÷Ç?òŸNûo/ËÓlBA Q^0â“³kW¯¾ñ"O¼Pêµ—‰\ÄÊƒ§D¶Ô@‘e‘ñ{­3ÏuéÍñÓØM”Òå§}Æªåð‘^*†#ÁÝj$½ÚÁcb¶kr©Ò"÷%r˜FßºµÊú	}9½é÷{€Í(²ß™¤gê
â„É0>_|˜¿?ŸM zòA•åÌäÃBŠ €L»î€Å"ûX‚>•ÿ [=>‘l,¯æ ?á¦¬'úx†Â,G·Â’ÙTQ ôò®ÉÀoF,	#L?X­!ÞøJ¶¬ßäZæýqÞMÎ8J•´lò‘Ð%k6!-.Ý³÷’–
Á³Œ°:T]Jßl§ñ€é”atVðCœ&}mB×”lúÅôô&üQH(?»Izˆ£»¸w'µÔâ®æVk¥@h±A.¬ÃHË¼Á§qv\Ž1dðˆ_Ï.¦³ÉÙ‚— }°éõt¶2Bas‘Üa€Ú6âG
CÐƒkô¹…•-Ûƒ8T¿Ñt'Š§7eúœ÷imñ×Ãáß†'Ã×«“†ßø7·1³ÏLÛ÷×b:ÿ°Xñ.yþvñ»»Åvo®q.….áÿÅî’ÔŸ¿%q»ÜMh8´"ŒömFt,‹`à!4i§Wz9ùŒƒ£ãœ\¦·n[9
þ^D:„$Ñž¥–í\%áãL$©IÆ°Îù®®t¤Ž”m%–:Lù²ÃhßEÐ}›ÀØšþø†ù÷˜4=*ôJÊ!>¦ˆÒ0Mt¡Æi QÍëá	{õj÷Ì÷í0~SL&„Ï'‚T™^‹0’ÇŽÊ†ž2ewÒm"#ù"º5ù¬O"†]Ï'l2½˜®¦ÝœÑª5ÃË_	îÞØî`@>ÿ•v7’ÙoÕ–ýgù[CÍw—àÆ­ó„K·ø»éÏç3Ï”ÿ_ó_no¡®§‹åù‡™÷ÚîAÀ¡dr>ñŽ]÷
ö%[0çºÓÙxµ,µ“‚á¯« †¯Úý]ÉÎ6 w¤H~ÐÈV»ÿ¹åÕååÙâ_›²Õ‡‚Ý¶¥ý]ð"›&Óåxq>_a¸6ô·tU6šeÌWÅ‹Ö¸ø0>Ûµ@­åp&«åêl±ÚŠ 6p{+]¢À”MAø˜9(+^ÎÁvá^á÷™ž½M ´¡KŸ]€MZWûèÖ©PMÿÛ>‡Òé/L²¢Ø­P²S|ö|á¾‹‹±?)ÚÇ¦²@m‚ÞŽmb"áÄX!œòÍz+ûÍú}¿g¾¢Pe,~—[†àéêâg¨&(g±WT–&J*ÒŒEËù%—klµÆ;œéa	“BÂ3ð¨‡‡?RäÌáL‰NÑƒÓº (õ°iÜ›z³G<ðl™¡¹ IØÙ›—ÊYåa¼,ÖëðÑjÍÁ*i˜»pDu-K=²’FéZ¢^gÓ¹Ú•«ªÕÐ³Nn9Ô.×'°.¹v~TD…—ÿK.Ñn©2d8`à‰Õ¦ýBb•G½}ÀG
 Ê¾8
v2<4ÕNu±1b0Z¶xS¾Wå§“€zf+úÕfÿ–IU «{%ã_&²q±fÛé• µ°¢»uIš	_Z8©‡PûåÎò›ù‹Pu	*±ŸqÛC®Iê‚]­»ÀuÖ½Îè­¯ÃžÓÝÔßîwfv×|n®ðÁµLß3™¾ùÜ*-±Ãî”±‰]äÁ÷É£Î…¯¯ET4‰=¤
zQ„×}{Ô|íÐ×vk˜Ûò „Á#µ6ãB(}žÒ˜^¿!ÐéˆÛe ç?ÂÄw'Þ§¶8nn[»Õ§uíúÏËºøee*ñŠï/x«ûÑ-¥©?ÆúµçÕkë’·jÖ¤fÕºél-xSt\•Ô`žKHV½v—1 fª§Z²Ûr-™éJÜm]ç’hu[C×à­
Øunph¡ÿ ­ð™â¾ZxœíTM‹Û0=[¿bjèb§ŽSè-°‡49t¡lCÒíJŽ=^‹-¯$ow)ùï‘ü‘-½zª1–4š7óôžp›å÷ÙBƒO6?ª®BÖ­Ò"„¹j,m„4-k7HÅßí¢²¶å¹•5†"Â>·ë£ÄÆ‚±ºË-üÁ!3x³ûôPP6w"`dŸ7ãyê"ÈŠZ67õ”ëBÛÌ˜1t¢ìš®ñ‡ÇE}‹F|?u8‹aÖ·$Nm§¸ð
,—0Ô¢ØDs	g<9?øL§Ví¼{3`Ò=’\#OüÉ,Ïxqf¶œHRü4,Ê®1j‡åö	z;Òµ¨ÑVªH ÍlÕ4ƒ*žAªt‡YÁRTn4Pgí7Ÿó}Ð$òúïÐ´ª1˜ j­tÌuúËKÈÓÁÀ7®‹÷àòx×¡Éˆžä­´UÏùNü¨˜ç‹@–ýêyäNƒ´t…Y×†µï3#óUg«(OÏìí¬]ìs?¸S2$
?­÷óÕöªg&ÒuÄ2K¥á>G&¯³†.þ Ž'ò¢'ÆG1O§K‘nTD€ø¾mÔÊ0Ó¿°­#øÕfÜþïâäâï™_ç×ë9—Ùþ¡Õ·xØ¬¾lIÕÈ÷~ákÜg¿ú“¦û–‚¶ŒÂ…ÆZYLÛª]Ùã¢”G4‹×üŽ‡ñ¹û/ìÚ$¶ûxœåXÝoÛ6¶ÿ
Ž@
«³ådÛÃ TéRÛi¤Žá8Ù†4h‰r´êk¢”ýßwGR2e;±»nÛüH¼ï»ï(fÌûÄæœ$ü¡ð¢´ôÛí0ÎÒ¼ v‹ziR Â#O¼Ô“yÿ!Žð=ˆår˜â_Qä@øX„1§m«Ý.3N}?çB¼IÓO˜J¯ ´[ÇCRÿ”(¹þM¤‰CCŸ^·[ÃPd{³˜/Ñ}Eù˜ 	9'¬¸]¯)
p|ÖŽ ÖNœW^4åJåÂQEkì°\Å,ŒV5p\–ÎÝ¦	_ã.#ý4Ÿ¯ó ÍçH²û‹Ëý%jÎî?Þy°ÞMã°àqV<ª0ƒ2ñHÇ#/QÈ“Â"'¡(Œü‹ŽW<]Q{ þwI)x™PF,Ò¹¼2dº„çyš[˜/L(q\…·Ï2à.‚íç<Nng·Yßgw}¦doÐ^U‹þŽèÓÊŒÕnÝ¤þ#ª¹~õDî€%L—îÙ»”T séùì¨÷#}}Ð~å;YžfA˜øáø.^8ô Mˆ¦â£|ÑøÀ
õëEð(-s#äê«~%V=¡úƒëv»¼™Œ}ôìaz(ÎÁuÌ]—ÐÉôtrt<B@˜Ž®N›°Çü~Ê™ŒŸUÅÛ%1Ë.Ó•ú™lÑ!Ï N…\ºG»¸,‹’½8
TÊ²,
=V@‚ä¶¦ÏÂ0~ã’ð‡
s^”y‚¯Òw`k·|ðœ`<öðÉD©àKÆ(¹3–nñÒ©ùU„Ö“ÈÒêYTu	AîQ_ZÒÄÖƒ7€c€­÷{ÉóÇ%€èWäu)Dì„¼›ÅÂš£‰ Üµ`šó‚l^É´ÙóYÁV°´Þ«-p5MN§3ºÈ× YºÌMT­ÇÓ ç¬¨¾P]É‰ý¥·¬ÐyÙ&1ß7eù²™v4;Ä
^ÖB-Ø0dü¸ìº„R¾|k¶¼ÿ§2*B(Ž:{œÞw,û<	Æ,I;–%S¤µNÖõÌ±#ì;/h”Y›ÛÏ9bÄÐ½&2ê8Yf¹/E÷‰w‹õ+Ü²`»m‚ÆfT€¨\>+XQŠAêsTóÝîyñb=åÓ &o„5…Üy)uÑ˜´ÜwÈŽyYÒ¤
±ÀïZäyÄ·DžYÒª›ÕP{¾nÃÑÉh6Z.ÜS•vxùš$?™ã'3éËÈÿ¾Lžq–{·_6ºDµíí†ƒ¹‰þÕƒ¢b	Â¨à¹)„ôžZ&x†qéÑ˜*†Š3Ù‹YáÝB~£H¶p—†ûeBô¼ç1ÐŒÉÓÃ3+Ïñ,L=ØzL-ôhúË(§ž>=ât)7÷°ÿá¨[?Æ´Ò§{W,'7u2Þ /nìŸs8èŸÉõ}3z{<v.‡Óá‡üCB­Ž‹Ñôìøtì|oïV¬1ç0h=ßš¢1ŒÎŽº¦´žpÏHW«ï)«éú„ÚÊŸÑûÃã“ýÙ¯“‘{<ž¦ãÑlÕŒÔ§=4Ì¨/±­ÌÌFÚÈ`tr²j@jZ5€Ÿr[©?¾]U
Òk³JGãa³Ôu7¶æX€líi^¶Î0µÕ¶‚=Íaù8þÄç¢1$Æ³Ž£ Þ3°­a#ávrì9z¿Úê­ó"Öþ›;;|&¢º˜}âË®ìB¸L×0'gÉœƒKŒÈÒDp!ãà³ßå<ÀS[Rä!,LJÏÚ6T©Èž@“Ã˜äƒmÜ6(}’qq\Ö£¼v	4žøùÚ5o:¤ìžåKaÏò0>+ƒ |è˜Kp–T‹*A¤}jaW3¯Dé \E®ÚŒG/[;hî•®ÕÊS“XcgÀûz_˜Ð¨½Ùí’ˆ'ÖvH©?– K7„IÝnUÆ‘Q¦I5nuª^íúzÆ%’¶ Ø¨Vê­Þ(Ì‚ºRÃh½W«+,]¯Z¨ƒÂ„/â¯ vã¯Pª OØFd6$³ÛDfÆ<ÞA*îC<d /ž)jÎwLh¼"'¨ÄAA-Gî9^šZ×1oÔ	#¤VY_Å=§W
lT+gˆV ýÌWÅ~ÂDqœø¼f•û’éÀ%»ª€?jf¹2Ý—@ývÏ¹BÒçæa¶|­q5ÉþŠqœ<uNq^=—NÅ¬žØú:u©×ª¿¼?‘Å"ª¨Gü]ãAšóD^rÖ;ôò
uVïš;×¯ÆEnƒkaVN ã.Õ´y4y«w½ÔQ¿(žL¿.Yª¹–p©¦Òk$©ÑŒÍ›Ó@‹êoôÏèCMó[BšùSï™/¹›xœÅYmo7þlÿ
í€vçœ›aØ¯ÎÐÙI,i‚&ÙdAs½“­÷IÎË†ü÷‘ÔËéb;NÖaó‡æ$R¤ô”H¶NÒOÉ%g%¿Õi^Í³nWu%5ëu;QZ•|ò2­2Q^ÿPUÙš¸-rÏ
âþ«´’ŠºýnWßÕœíŠœï•³ŠežjöW·s”è+æ~f»@é£¨RtÑí¼K
¾‚¥²œ ôå,¨8º`Ã!‹f >b•dQ&$Ou%ï`›ÇâÏf­(õ7_3·V	Åˆ‚{mñ>ÝÎ~¢ôà1<{À—éCaiÈ»s’\®Ø2×É%°Ü[ÔŽ¯ù¶½)[±XôÖå¨’T{(852ºS#ÅŸéˆËB(%ªR=à«
2ž¾ß_±¥¹ÌéÄ·5À®ÞèÅÊ‡DªBh^ÔúÎ 0›—)ë¥ìå$¼Ô}¶/”F7R½Tß2ëšñÄü°¹âro:`xJ«¤ÏzgçÎóŒKYÉ>b˜%×ÓhÌÒøWþqúæ÷Býnçc•Ý!ÏÅëÀÉÙ5—xäq´¿Š˜óÿqtz²»ù]ôÃv÷u6ªeUÏD™1XPªQ6Ž@ö(²Ã*GWZ×£á°º))ÞâJ^FËQ6>$Ëv—1«?ipÉ5ú—s¯aH@gjMf¥Fû.›Ïyy©¯
Ø¥šË”‡üU:ÂXY0±BÃ×C·;÷…Pl_t»U“æÓê:°Ñ”½?<ÚÝ{7Ìšf`M¨âwüæ=O2àEsôCI}f˜ÎÍ0l'šò¼|äÜ1ÚŠ8=1GÜD·j”Ôu.ÒDƒ=é¦{°¸˜Ñ¿³Räè)°q=—%iûÀîÃg\2<Rü#ì)žä•â=¸êp=MëDÏÕ¤Ê8ÊúêÕ·²àºŒwÐ!g½È;Í,l³{‘õQu×É¨©ø‘]÷8!yÏoÉãØ_J§u^%Ù“ãhÀ¬‡0QÅÆ~ŠînaÏ°+’¥mÑš÷g¨ Œ"BÒ.<kÛõœC~Ø£žwz:]Ý `=æÿÜ+¶ØÆÆrÊ×¡‚ÐUæd¹õŽøÚR˜Âýó,€»ÔŸÎ%Þ7ž}­>n‘·;-‹P°80X¤Qäu5ò¯ì²‡¶Z‚ŸYÐž§ADÒçOäOñ[®{mßíVÚj"y¢ùn•g¤'Úë¹Áø¸Y~žîÿSÃ|Nˆ¬„âSZåÿBðÊÿÕéÎþÎÉÎëÊû%#<>×ƒêzªJ¦æÄWúhÄÇ2]‰°•ÐG ”Æ$”8?&ŠãàËå«œºõø‹µlâaVåJ‹’’
È1ì¦(ý8„ÜñFB~K™I´»6ßøO•Œõù&7×ÏÈ,”/F¾»u»æ€Wç¥/‚Â§fVÉbšè-‡G9®AœÆ\
„_¨/wü"Û¤Žé|µI1OKïZÇ8:<Æ'*V©^×WõòI5ÄÌX}@©X'µ^oI‰¢,t1¥uÇX—Ö®I`7onn6QÖ&\T˜@¥9 uoÒ2bŸ·ÖQ)lÿFê{H€`.T«ÃÉq8ìÑÂ‰VAÛ.3MA¿µ&üž\­ÂêQÂ`i=j"˜Xï!ƒ}Ó”ŸÃâÄ½‡|)hÞ)GÈ&!ïÇfª·a1êÿ¸}Ìmø @Î½é¨¬åýäÜVCÐÇw¼7í£•ñÖó)`Ò7ÒD·èhQf@Ef°P³§f{ú6ÀhSc¼}:42W²ßöÉ÷°Ø¡,g:%Å<×BÑ…xðÛÔx±ý¼€ïQ,@+ºJ±³s¯ÁpºaÐ—ñªŸ$Ÿ…þéô\Á<5S VCu¬v†î†tÏôÊ`
fþ4+©ãOM~L4°Pf ¯Õ®j¶Ì¼ð}……¶ÕŠ5¶Õ™UÛ*Þ ,Ù§&„ëÆ-_bÖlÔ¢0Šd8òÆó=+lù-ÓâS¡ê<¹³>³ä™ap}ÈI»Ê9©rH^–ð§–a3EŽ¶35»nL‚ržÒõÒÌþuïDyRÐ*[Þ VPµcrÔJ¶VtÈð6/TVá5GÑÔÜr[\¡žx·ÑsijÿO¼µW`õ
û¸ì÷éÑg’\#“òÂ>à E°GÁÆcf
¼:Œ(ç›Àê“¨™¾‚L‡*)&´âùotØKíHrcŒd+)»Å)÷lcÐì•¿í¹™)Šãùl&n{¸s,äðßïiõ¶ß	É@àÏP¾Ü“jOyT&îá"-™†¶Ù¥ŒÝÝBqqàE9YãvGÜ`1`°hKn…èrå_ÛîÐ$hQ29]Æ	Æòþ¿HJëÝ²¢äƒ³!Z8í^3û>Ú£	57$ÜM».ÿÈjXzl/$¼<GÜ!•ØñÞtfî=\‹¬`ðß£¨ïÒ² 	°Ø˜wño [&a§xW ¨ÿ100644 permission.go cî°arQ#¢#žêš4iôÛ¦100644 permission_test.go ¾?\Ö/Dù™Ûó–ë
ª¤"m¾Žxœ­UMkÜ0=Û¿bâ“M6Nzq $‡]’–J)ŠWöŠõZ®$g»$ýï‘d[ûM¡ÈjæÍ›™§Ñ¸cåŠÕ:®ÖBk!Û8ëN*‰6J´µNâøüeÃAh`Ð5ÌTR­ÏþÂPä(™R‚/@´ðéãÝ-ÔJöÎc³í¸udq\ÊVHãˆ¬7‹5F€C0:'Î÷Es¯Ç³w=qõ"J>º´;'qæJåZöªôåê^k¹èÜ)ixi°Òç-(;Ó¥ìÐ4i0V>0Vï=wJ¼p°uX,hAÖdBÍ—ÒH½ê¬5€ÝÊÖ°Òè]Xé­!5¼]0µôÖA‡{?V„¡Õ GØ³D[Àl‰tö@ª§~½
ž§5AÿÖöHÁÎ[€†Á)|ð¾¯ÄèÛk¦¢ª¾-!m\LOVÕ4óòÂki¬ª\BC¿K¦}rJtG‘â¦W-$Tul¶aÚØ"BÈ0l^±¾1¡«oW­ÜówüÛ—=gJsË”j_p©5ÌàYJìgªß?ü³|®Òñ¬Äú©c%Ou–=º~‚Æ¦g`TÏ˜kjg{ßºÖöVxØõÅ*Öh6mŸø#kWÓ¥áPá>Oi“îžiû$§¢a³äf‰¯ØmüÇ0-PãóhÇEbWHîzŠÔ‡|ûî”›¹5C®ÌŠM%lˆî²ðb§„ÈâáÇjò`BÜmž#¢ŠwÜM!O$*$)
°iÞÞÜ!¡,—É©5ã „S¥£?osrŽÚÜ´Û¿ËÃŠÎð‘É–ƒ¬¬\”SOyžãiÈó|W'¯ˆUpÅa_]Ÿ»ª;hö¯íÍ§Õò¾mküg/._÷1±±nUåD;FÄN´Æ­Ý1­§uV.y¹Ò9Ü‹šòX|Ì]m¡¡û%!ñ¦*è7Ð[u6Õç§ÐôˆhãÍ)·#Št0®>ŽÚšý"‡[.¸'ÿßwŠWÂ²Ûô§\&îÎO†Å¢R”ÀáýÝÓ—G´ÃÅGÛurEtá:r0ù—t‚QÇ8Ñì§ñu`Bi|1$Rá<Ã Ž“¸‡¿.Ëpƒ´¤þ Ö"ñ9½qxœ¥UMoÛ0=Ç¿‚5 Œü€9ìCìPdv†A•éD¨my¢ì.üß'Ê‘Û¸mæl7S~|ä£åZÈ{±E¨Ñ”ŠHé*ŠTYkc!¶HVUÛ8Šò¦’pëÂkA]àÂÂ›ãÛåm‡hÆÁjß5´|8ÛÝÔÔŸ9¬;1. ˜ÄE¢².ºÓºˆfgö3t%²RUq—úŒw¤àø±KOÁSqž´!4#l.
zvàVI„ñµù»(šåÚÀOwdyFTn¤ýH¸)•ÃVû7Ãüì²Ÿ§,Y&yë1Wk>ðsáÌ™]~Vù"©ó6…ù¯ÖÀO9ocÏ3¢L™1|‰£ë¸ØîÔÏ›Áùk…F¹Û?·÷hdð×O'3ªÅÕƒQcëòê„oêÙ éÆHüÈ)|Á‹ŠÌS‡±§Úé¦È€„U”ïÁ8\œpÝ
|c¶)
}ƒÄt¿:ç*ghPé49k€'|¿¯Ñ4ž~"“¸Ùi«éLýu!¬Ûå²¯74rçkr^ô, w(ïé/ÝM/3­)
¬2a.êéÃ1éõÅê>iêŸ6l$öÒ’WmÛer/9v^nÊÚ}&í\gùi&éÊ
iiå7Ñ£cÎëáï¥ÅýÈ—ÿºYÎÇß”Yÿ…nß¡þ6!%Ò°Ø / jŸ¥x% Úÿ100644 client.go ¬nF½Ï,"#Ÿ{æ›ÝôÈÅæ!ä¾¼xœÝUËNÛ@]Ç_qk	d#ãtQ±ˆ„*HDm‘ .ªªLì	™âxŒ=¦I«ü{ï±Cê>T©Í"™Ç¹ÏsÏ$aÁ»åL¥’™e‰Y"SŽÕ²+>W6.yÈPÄ·íÏ™Œé`2ÓçBÒwÌU{ªTBk%fÜ¶\ËR‹„C7<V©4|³Zc–ñë«·€<DV‹,Ü­}³±––5Éã Îùsâ”ÆÆÒ…½Âý¦\åi»æÊH(ž­Bu`·‹ð­f.s¼9x	{@uøCŽ=Ér‰_KJI—u”e¼^Õ «Én¨U[„öÕ‘Õf 9$ÈE*nEÌ¢K¦¦O ²vU‡ž³ß=§k‚¿ÃRª6ÃKÁÉt(¾¸ˆÕÁ+(á|.&ƒx"ýIÄÇ¥­º)gŠ‡Gj=«kÂ²ö€¡ÅKAATWºmÓ|6>cÙtCÛèjŠWˆ«h‰Æùl3-›HÑíÛtÍÈOÙ=ÍuWæ8gØX¥Êª‹'õ?vÔ*/GÚ	ÊÙuá”+"s5‡Bs~×üzÀñ†/
Ÿ$¨U2¢Gµóá£¶ö€§©L]*;O#èJÔ&h¦&Ž½“µu¾Ùkòp¸î’üµ=üR"5÷.iêÞƒOäJKuxÅïsž©÷BM‹)iìÓþa`b[ÿŒ³§("åØó},dÿŽ/ì²$|"•%:s
ø+yú=é t$&úþÅ!9¦êJ©ãV›’.[!ŸðÈ,ÃÊZfÜ¡,S9­²ZD•ÓCyc†NeçúæÈÙ5&nõ°˜½®n+‹45MX4¬º	kÚk¥ÿŠ]íhÆŒ6©1£÷Û™¹N"ÉBÍ|#…1é_éy+ý€Vü•à†¢ûuú./†”YC×@]SÅ¾~äõ»lÛvS²ñ<ê›ô@oz˜—Á¸[‚ÙûƒÞó*%BôÿJÌDôÜDxFôUŽH{1º,Ÿœ‚6®Tùñ»[Dú7¤]c¼Þ|Ãg–E§k³çng§Ç#®ø•ºÎ‹î“öÿ¦÷úoû£þßî{)°uiÕ˜Á¦~^îÔ°¢x" Ýÿ100644 hub.go Ý¯–ÜÊ¶LöoBBü0nù"Ï\9·vxœ•”ßoÓ0ÇŸ“¿ÂøaJªÎå¹ÓØ@iüÚ@{˜¦á9×44µ‹íUUÿwîì¤)ë@¢›cßÏ}ïì•TY³ k_-!M«åÊXÏ²4áÊhžã²6åÄáZkð“¹÷+Z»µV<ÅEYùyó ”YN”)ÀNZxpF- ¸ÿýtÒºÎhžæiê×+`oöÌyÛ(Ï6iò•6ñ‡;•.Ùw²žr2åßÓä³\×FLê5u§«¸‹Û.êEó°sÙ°ð#zquó¡Á2ÓDÕ¦vl)W·1Û-G(ƒ¾‹Î›-›LXãÀ¾ÃŽ_1:å+£]š <%XÆF$”¸_; ²Ü#h] ítçh&]è˜žœgVì#´X@–³Õî|c5;ÂOüêÉ§ˆ¾€ìŸüùí#é Ò70“Mí³\Ü`›2l;Ž€Æ€|ÌxëŽ±sœÜ¶;žlHrv!uQÃÍuÖ2šq]ÜØÊƒ3ËFÝþÏœÏ‰½+qzÊ¬øvu)¾4`×˜üøŒÓá}Uð<MªY/ôé)ãœ\“ì­µÆf-Â-+çh(z¯q¤¸öÒ7îL}ZôŒŠQ$þ˜µ„0èÿZ)Xy
‹ÜGO÷?­B“‰á“­ÊJ–+Ô¨ùí]{ÃG|K2EvJðâ”éªŽä"ŠÞÑó]&CÒèˆ¶§ÈŠ`¨“›sRQœi÷›b
eå+Sè_À§q.½¿¡ücÿ<^ïmgÆÊû1»´qØ7Ydè@8‡5%øl,p±}v8Î,ÞA%Ïþ˜jŒ®x¸èa"æbÙˆ«K”ƒX¨HGùç¢›ëÛè×[~Óu´àA+uo™lm(ƒF2ëž4q†ï^iM£‹,3%ÂH “ƒ*ZçXKÁž´¿†9ŒÄ$[Ršƒ&üM±Á†…[;¨Ó‹Ó7·v*P­ƒVJtjÑµ¦ï™ãáµxòDÛs.·Š¼z³M0ê¤y¯g&(Ó½ˆ@"ìéÑÇÈ‹Þ—æËý3³øs^vÄ'tDPCl?Ù«nžkÐq+'±^Ævw¦»hûð]ãq^ÙðRÄgç£±KYÓYc5àTòoó´\£xs Œÿ100644 handler.go äÿì °Ë F|ŸMö‚W100644 service.go Qv'•¾…9«6ixÉÉúÙöm¶100644 validate.go yÞiíöÇÕâ&š)©·kTl',£é‚•Mxœ½‘¿JA‡¹Ñ[»˜J†ñÖ•Zˆ6*ˆ`¡Q`s7šÅäþìîR[‹¸ObáäA,l|³»–biû›ïÇ|ÌÌ‡ïkÝJdâA£PÙ9®Je ™ÃÎ[¶Ù¯h`_Zö£µ·š2Ïìb£Ó¾ñÁ+ÕpxŠßõ/ùuƒjš¤üMBkš’XÞÃ•rÈDŒd.†f@m/Ù´ûdûéDä}¬Ô†¨¤B]•…F~ZæxQøªo\	%Æ¨Ô.„Ê¥hPiÊü>~†FÈ‘^Ä
M£Š¥7!±™V¨ñí9a?üSúÖ‰ç¬ˆ;ÎÿÅÜFôùçäv±Õ%jÁc¾²Ûß±ŸT}„$ Ë·ŒxœÅWÝs7æþŠ“â»ôr$éÇ-™¤@ZR;vi§“ÉqÈ¶âû²$Œ=ÿ{w%Ýq¤™>$å¤ÝÕj¿~»¢`ñ»à 8“ñ¥ç‰´È¥ßkµã<ÓüV·q©´Ù…j{¸¾úrµˆâ<í~ÀÃq·¸¸íÞü@?Ež'»2«Dµš›ÕãáÙ²+P·ÌXÒe…è^¯¸¼k{çé»‚Ã”Ë£MZ®b÷^k¹€GNt†_ÞÆóÎWYoøÚIû»2<*¡ÉõJfÐq¤ûå¢ËÅ†™;'\¡}µ+gDÅuÞPyÖk“lû½×ö¹bI¼™Ð	ß?ITbO3Q\ï°•¥’Àis3ËîèÇ	,‘æ)2-ôÊmªhQæÐþ"ÏT=hPTf6?N±>ÞkC ˆõö‹ÇyiÅèÄ _eNFdö>îDLb$Æ.DÆ´È30·F[Â	×¬”/*ê®Ã&ç¾ª28ïýXß‚«×h`CÀ/Scãa×!P´Ô„­]4B(˜d©r¦¥Ï! ¿SÔ$e.
*)!Qèõé¼âT'Ê/u(¡làQ@ç³©Ùø×XÛ-–$eŒ‘™²+î—á	=Ï%ÌÑPbK–!,«ëðê–Z_‚ÝÄ“ÝN™HÚ=Ü¶hå´{I‡Š,¬OG!j†ÄZÆ! -âÜœ}Ð‡L$æžV	fLî7æØÐWÍ·>0,åléoi!ÔÌ‹¢(¨ ¤±ËÉ8ávŸòcà„­/×_Çò¦MãùÏJÓ»]™-0ÉØšnuœä«%X2|ùgY®‰qö+<u%
 |gù:òŒ)Xß-k–Ëˆ§¿÷žÕl	ðfÄÖãÜ–Ÿ	wÜ†Ñ60Ñéù¹âÚ*Â±@@ùUãáà )¦*zÁ×!œVC2÷#Í@ß	‘•Dˆ±…t¯¼”°íwŒk$‚ñÇUp>€"‡Ð ûë\h&Ø¡h&E:-6ý
wÐïC»mòî+ÏÞ[„µZ«Ô™°cP¥ÅdyÁ´H0L¥rÛû|¥kÀ-»È“Ð@Ú9[[õdú ë÷l)‚Ÿõ rÂ\VÕ#n¯AY'¥‹H®…±Y®MÃ¶Ãä¦ÐZª*0lt[®)8ÛâökPn]°Šàyê¼fì­ZÂšQg¬FOH­;þ­5Äh$Îó}mDn^R÷ÞÑÞZ}=~WÞvpT4{á¿‹²‰~Tl#¸6ÂvBÔaˆ>7qhœ·Ò?Ã³'Æi»íãÖ¶™¯ëp¹ˆìH1=‡jk::fFb‰}6R«Åk³´
Zšç
»É¬ÕkóÊO]gßà‘\RüæZ7ý#…Á„…ðði STÎW¨ãÕäôR®b^AŠ”×§ã7¦ÅÏYl¦=’œ"-r„¹ T¦Dù¿~MF´[).-ËwnàÆè'Ž+XfÆJ>|G^¾ÂŽýðâÅ'=À3§“áh¿ümáh:@âñød<ƒ‡ßy­÷µ™X/“›«ã*·n¦`u.ù9—@Y‹I®¸o›íçæ¾9@3Ã·µÃ$PB«tªÆ»ÑIPZé¡è¶Æ¯ó$g\¯š‰ÔˆHû4f™ß!¥Jk§ª‘Ž)èlF»ÃtÏU3=åîä”år€ŽRs7£Âub¢‡nx 9F†žÇD*-#¢{*÷Jß‘žÇælYÒÛvœIéï»q(aÍvÒNHý²ßDLáÍpùU[ÇÓfëxú[•DÆRzèR†j ¬°êÆÇãßGpôÍ|üˆ˜¢oÚœNÜÁÃü`‹²geUþglÕ}®`õiÐXñŽ‘ÿRqo”Ï€ÄXÒ@ˆ1êK£aûFdÅJWÏ´í#mËeã%õJðd©¬¼Ë†a½}ÙdY½ï0Tk,÷vïQ»nQ©ñu.2ßÈâ»:€/³÷2bD¸KxœµSMÓ0='¿bð)Ð..…rN€]qY­7™¶£uìÄ-«*ÿ±Ó]…HHh#%±gì÷Þø;YßÊ‚Cië}žSÛë¡È3á¼%½s"çñŽü>Ü,jÓ.ƒòäyL£—7€ºY’öhµTKÙQ|RQ#=Š¼ÌóÚh—@[Ò›Äô5 ½û„ÖðŠÃòç,üúâ"n=HR)sÄf\ry×¡ã|+»«Qâ5ÿBíOÃ‰•¶’”XA|NCÅæö²öŽƒc ¨Ót\1äù6èîO„=Œ%<Ÿ”´ø>ÈèÖÌÛ³¢ó-.-µ›NÖXôežÑ8¹!âºÌ¢VÃî!ÓôGBÕ¼GÏ…E€,ÍW zQÁgtŽíã™Å>ÅFp‰ÙÀ¼C¢V¨Y¼…ùÉ?¥o¸=wÒŸå¼ƒ¹ãO-G½›ª9siRiÔh…ßoòøÏÀUÎá¥œwBõlyû
:É×oµ+u¼–g¤M§È? T *Q&´vÎQ¸Ì(ÆO(³xHŒÇ0¦™ÒÜFù%»ò×oàgÓÖÿ÷æÁœTÇo‘N»¢!ÎáøèU2+J}lØ/ä¬‹¾§x' Øÿ100644 provider.go hè'—G\¸ƒg5§Á~ xÖûÙP¶x¶Iþpackage secrets

import (
	"os"
	"strings"
)

// Env resolves secret from KEY or KEY_FILE.
// KEY_FILE enables runtime secret injection via mounted files.
func Env(key string) string {
	if value := os.Getenv(key); value != "" {
		return value
	}

	filePath := os.Getenv(key + "_FILE")
	if filePath == "" {
		return ""
	}

	content, err := os.ReadFile(filePath)
	if err != nil {
		return ""
	}
	return strings.TrimSpace(string(content))
}
‡öŠ&¥x% Úÿ100644 logger.go ÈÍ…‡Êm½iTÌ¿7OgŒ´‚ßµÿ,ú¿Cx?Àûpackage securityaudit

import (
	"context"
	"encoding/json"
	"log/slog"

	"github.com/jackc/pgx/v5/pgxpool"
)

const (
	ActionLogin            = "login"
	ActionTokenRejected    = "token_rejected"
	ActionAdminAction      = "admin_action"
	ActionCriticalDeletion = "critical_deletion"
)

type Logger struct {
	db     *pgxpool.Pool
	logger *slog.Logger
}

func NewLogger(db *pgxpool.Pool) *Logger {
	return &Logger{
		db:     db,
		logger: slog.Default().With("component", "security-audit"),
	}
}

func (l *Logger) Log(ctx context.Context, actor, action string, details map[string]any) {
	if l == nil || l.db == nil {
		return
	}
	if actor == "" {
		actor = "system"
	}
	if details == nil {
		details = map[string]any{}
	}

	detailsJSON, err := json.Marshal(details)
	if err != nil {
		l.logger.Error("marshal audit details", "error", err)
		return
	}

	if _, err := l.db.Exec(ctx, `
		INSERT INTO audit_logs (actor, action, details) VALUES ($1, $2, $3)
	`, actor, action, detailsJSON); err != nil {
		l.logger.Error("insert audit log", "error", err, "actor", actor, "action", action)
	}
}
mÉWsª!xåý100644 000001_init.down.sql Ñ¸¯Ei¶»î¬œv¹Gg«²8‚Y100644 000001_init.up.sql ±YYQ¾]¦Þ¥Yô×mØ_+æ¤100644 000002_mail.down.sql 9Yß•ùZ7¤»Òñ†c²¦*100644 000002_mail.up.sql åç²õfÞõO>i8Á¨+¿žÄ¦100644 000003_admin.down.sql ¬²"Aå
àz8J„FðS¸L Z100644 000003_admin.up.sql þÙŸw#
¾NÈ”ÕÚZN"õ:100644 000004_mail_credentials_encryption.down.sql Õ›b)Û[ÿøÓË­<i3à'§Ë100644 000004_mail_credentials_encryption.up.sql Y™è~ u¦ìŽÓ->ÃíK~‚,100644 000005_data_integrity.down.sql [ˆtô!ë"Ÿ\â"
ÈÆü4Ì100644 000005_data_integrity.up.sql qÀøÂ¯j§TbDÚï-ú_
À\OÊÉ¶x† yÿDROP TABLE IF EXISTS settings;
DROP TABLE IF EXISTS users;
DROP EXTENSION IF EXISTS "pgcrypto";
DROP EXTENSION IF EXISTS "uuid-ossp";
Jœ';´)xœ½‘ÁN„0†ï<Åd/‰Þ¼yêÂT¡¬´D×!0’]–´ÅhŒïnwY<¨Q{œùþüí×0G¦ðN¡<Àc™r.•„Å8vÍùÞ˜aqé…?°C[ëçÁî:³Š­„Ñ6à{àN×@QðÖ9OY¾kÜ@„1+‡²²¥žte©|¼ðƒ³c†ž,é¾Ú–.¬\=‚ßx,E’œ¨]Õm¿Ù÷ÕŽ¦õ</^.'¤Öäš›²² xŠR±t­î?ó"»ï6Íï#^ðQ!k»¾ý‹ƒÝrž^žcŒ9Šå$ßïš ÜE˜ ë™Y„S~Ðô@šúš\ÉL¬¾ðóòú†Þ ö¹¼x¬SþDROP TRIGGER IF EXISTS messages_search_trigger ON messages;
DROP FUNCTION IF EXISTS messages_search_vector_update();
DROP TABLE IF EXISTS webhook_logs;
DROP TABLE IF EXISTS webhook_templates;
DROP TABLE IF EXISTS outbox;
DROP TABLE IF EXISTS mail_rules;
DROP TABLE IF EXISTS attachments;
DROP TABLE IF EXISTS messages;
DROP TABLE IF EXISTS mail_folders;
DROP TABLE IF EXISTS mail_identities;
DROP TABLE IF EXISTS mail_accounts;
Ž“‡ºëxºEáCREATE TABLE mail_accounts (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
    name TEXT NOT NULL DEFAULT '',
    email TEXT NOT NULL,
    provider TEXT NOT NULL DEFAULT 'imap',
    imap_host TEXT NOT NULL DEFAULT '',
    imap_port INT NOT NULL DEFAULT 993,
    imap_tls BOOLEAN NOT NULL DEFAULT true,
    smtp_host TEXT NOT NULL DEFAULT '',
    smtp_port INT NOT NULL DEFAULT 587,
    smtp_tls BOOLEAN NOT NULL DEFAULT true,
    credentials BYTEA,
    last_sync_at TIMESTAMPTZ,
    sync_state JSONB NOT NULL DEFAULT '{}',
    is_active BOOLEAN NOT NULL DEFAULT true,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_mail_accounts_user ON mail_accounts(user_id);

CREATE TABLE mail_identities (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    account_id UUID NOT NULL REFERENCES mail_accounts(id) ON DELETE CASCADE,
    email TEXT NOT NULL,
    name TEXT NOT NULL DEFAULT '',
    is_default BOOLEAN NOT NULL DEFAULT false,
    signature_html TEXT NOT NULL DEFAULT '',
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_mail_identities_account ON mail_identities(account_id);

CREATE TABLE mail_folders (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    account_id UUID NOT NULL REFERENCES mail_accounts(id) ON DELETE CASCADE,
    name TEXT NOT NULL,
    remote_name TEXT NOT NULL,
    folder_type TEXT NOT NULL DEFAULT 'custom',
    uidvalidity BIGINT NOT NULL DEFAULT 0,
    highest_modseq BIGINT NOT NULL DEFAULT 0,
    message_count INT NOT NULL DEFAULT 0,
    unread_count INT NOT NULL DEFAULT 0,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    UNIQUE(account_id, remote_name)
);

CREATE INDEX idx_mail_folders_account ON mail_folders(account_id);

CREATE TABLE messages (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    account_id UUID NOT NULL REFERENCES mail_accounts(id) ON DELETE CASCADE,
    folder_id UUID NOT NULL REFERENCES mail_folders(id) ON DELETE CASCADE,
    message_id TEXT NOT NULL DEFAULT '',
    thread_id UUID,
    uid BIGINT NOT NULL DEFAULT 0,
    subject TEXT NOT NULL DEFAULT '',
    from_addr JSONB NOT NULL DEFAULT '[]',
    to_addrs JSONB NOT NULL DEFAULT '[]',
    cc_addrs JSONB NOT NULL DEFAULT '[]',
    bcc_addrs JSONB NOT NULL DEFAULT '[]',
    reply_to JSONB NOT NULL DEFAULT '[]',
    date TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    snippet TEXT NOT NULL DEFAULT '',
    body_text TEXT NOT NULL DEFAULT '',
    body_html TEXT NOT NULL DEFAULT '',
    flags TEXT[] NOT NULL DEFAULT '{}',
    labels TEXT[] NOT NULL DEFAULT '{}',
    has_attachments BOOLEAN NOT NULL DEFAULT false,
    raw_size INT NOT NULL DEFAULT 0,
    in_reply_to TEXT NOT NULL DEFAULT '',
    references_header TEXT[] NOT NULL DEFAULT '{}',
    search_vector tsvector,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_messages_account_folder ON messages(account_id, folder_id);
CREATE INDEX idx_messages_thread ON messages(thread_id);
CREATE INDEX idx_messages_date ON messages(date DESC);
CREATE INDEX idx_messages_message_id ON messages(message_id);
CREATE INDEX idx_messages_flags ON messages USING GIN(flags);
CREATE INDEX idx_messages_labels ON messages USING GIN(labels);
CREATE INDEX idx_messages_search ON messages USING GIN(search_vector);
CREATE UNIQUE INDEX idx_messages_uid ON messages(folder_id, uid);

-- Auto-update search_vector on insert/update
CREATE FUNCTION messages_search_vector_update() RETURNS trigger AS $$
BEGIN
    NEW.search_vector := 
        setweight(to_tsvector('simple', COALESCE(NEW.subject, '')), 'A') ||
        setweight(to_tsvector('simple', COALESCE(NEW.from_addr::text, '')), 'B') ||
        setweight(to_tsvector('simple', COALESCE(NEW.to_addrs::text, '')), 'B') ||
        setweight(to_tsvector('simple', COALESCE(NEW.body_text, '')), 'C');
    RETURN NEW;
END;
$$ LANGUAGE plpgsql;

CREATE TRIGGER messages_search_trigger
    BEFORE INSERT OR UPDATE OF subject, from_addr, to_addrs, body_text
    ON messages
    FOR EACH ROW
    EXECUTE FUNCTION messages_search_vector_update();

CREATE TABLE attachments (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    message_id UUID NOT NULL REFERENCES messages(id) ON DELETE CASCADE,
    filename TEXT NOT NULL DEFAULT '',
    content_type TEXT NOT NULL DEFAULT 'application/octet-stream',
    size BIGINT NOT NULL DEFAULT 0,
    s3_bucket TEXT NOT NULL DEFAULT 'mail-attachments',
    s3_key TEXT NOT NULL DEFAULT '',
    content_id TEXT NOT NULL DEFAULT '',
    is_inline BOOLEAN NOT NULL DEFAULT false,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_attachments_message ON attachments(message_id);

CREATE TABLE mail_rules (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
    account_id UUID REFERENCES mail_accounts(id) ON DELETE CASCADE,
    name TEXT NOT NULL DEFAULT '',
    priority INT NOT NULL DEFAULT 0,
    is_active BOOLEAN NOT NULL DEFAULT true,
    conditions JSONB NOT NULL DEFAULT '[]',
    actions JSONB NOT NULL DEFAULT '[]',
    llm_config JSONB,
    match_count BIGINT NOT NULL DEFAULT 0,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_mail_rules_user ON mail_rules(user_id);
CREATE INDEX idx_mail_rules_priority ON mail_rules(user_id, priority);

CREATE TABLE webhook_templates (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
    name TEXT NOT NULL,
    url TEXT NOT NULL,
    method TEXT NOT NULL DEFAULT 'POST',
    headers JSONB NOT NULL DEFAULT '{}',
    body_template TEXT NOT NULL DEFAULT '',
    is_active BOOLEAN NOT NULL DEFAULT true,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_webhook_templates_user ON webhook_templates(user_id);

CREATE TABLE webhook_logs (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    template_id UUID NOT NULL REFERENCES webhook_templates(id) ON DELETE CASCADE,
    message_id UUID REFERENCES messages(id) ON DELETE SET NULL,
    status_code INT,
    response_body TEXT NOT NULL DEFAULT '',
    error TEXT NOT NULL DEFAULT '',
    duration_ms INT NOT NULL DEFAULT 0,
    executed_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_webhook_logs_template ON webhook_logs(template_id);
CREATE INDEX idx_webhook_logs_executed ON webhook_logs(executed_at DESC);

CREATE TABLE outbox (
    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
    user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
    account_id UUID NOT NULL REFERENCES mail_accounts(id) ON DELETE CASCADE,
    identity_id UUID REFERENCES mail_identities(id) ON DELETE SET NULL,
    to_addrs JSONB NOT NULL DEFAULT '[]',
    cc_addrs JSONB NOT NULL DEFAULT '[]',
    bcc_addrs JSONB NOT NULL DEFAULT '[]',
    subject TEXT NOT NULL DEFAULT '',
    body_text TEXT NOT NULL DEFAULT '',
    body_html TEXT NOT NULL DEFAULT '',
    in_reply_to TEXT NOT NULL DEFAULT '',
    references_header TEXT[] NOT NULL DEFAULT '{}',
    attachments JSONB NOT NULL DEFAULT '[]',
    scheduled_at TIMESTAMPTZ,
    sent_at TIMESTAMPTZ,
    status TEXT NOT NULL DEFAULT 'draft',
    error TEXT NOT NULL DEFAULT '',
    retry_count INT NOT NULL DEFAULT 0,
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
    updated_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_outbox_user ON outbox(user_id);
CREATE INDEX idx_outbox_status ON outbox(status) WHERE status IN ('queued', 'sending');
CREATE INDEX idx_outbox_scheduled ON outbox(scheduled_at) WHERE scheduled_at IS NOT NULL AND status = 'queued';
p i±x! ÞÿDROP TABLE IF EXISTS audit_logs;
Ÿ¸	ýµx•jþCREATE TABLE audit_logs (
    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
    actor TEXT NOT NULL,
    action TEXT NOT NULL,
    details JSONB NOT NULL DEFAULT '{}',
    created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

CREATE INDEX idx_audit_logs_actor ON audit_logs(actor);
CREATE INDEX idx_audit_logs_action ON audit_logs(action);
CREATE INDEX idx_audit_logs_created ON audit_logs(created_at DESC);
G}±xa žÿALTER TABLE mail_accounts
    DROP CONSTRAINT IF EXISTS mail_accounts_credentials_encrypted_chk;
Öi Œ¾xÎ 1ÿALTER TABLE mail_accounts
    ADD CONSTRAINT mail_accounts_credentials_encrypted_chk
    CHECK (
        credentials IS NULL
        OR substring(credentials from 1 for 5) = 'UMC1|'::bytea
    ) NOT VALID;
X=ö·AxèûALTER TABLE outbox
    DROP CONSTRAINT IF EXISTS outbox_retry_count_nonnegative_chk;

ALTER TABLE webhook_logs
    DROP CONSTRAINT IF EXISTS webhook_logs_duration_nonnegative_chk;

ALTER TABLE messages
    DROP CONSTRAINT IF EXISTS messages_raw_size_nonnegative_chk;

ALTER TABLE attachments
    DROP CONSTRAINT IF EXISTS attachments_size_nonnegative_chk;

ALTER TABLE mail_rules
    DROP CONSTRAINT IF EXISTS mail_rules_account_user_fk;

ALTER TABLE outbox
    DROP CONSTRAINT IF EXISTS outbox_account_user_fk;

ALTER TABLE messages
    DROP CONSTRAINT IF EXISTS messages_folder_account_fk;

DROP INDEX IF EXISTS uq_mail_folders_id_account;
DROP INDEX IF EXISTS uq_mail_accounts_id_user;
DROP INDEX IF EXISTS idx_outbox_account_status;
DROP INDEX IF EXISTS idx_outbox_status_created;
DROP INDEX IF EXISTS idx_webhook_templates_user_active;
DROP INDEX IF EXISTS idx_mail_rules_user_active_priority;
DROP INDEX IF EXISTS idx_messages_folder_date;
DROP INDEX IF EXISTS idx_messages_account_date;
DROP INDEX IF EXISTS idx_mail_accounts_user_created;
²QZ€°wxpøCREATE INDEX IF NOT EXISTS idx_mail_accounts_user_created
    ON mail_accounts(user_id, created_at DESC);

CREATE INDEX IF NOT EXISTS idx_messages_account_date
    ON messages(account_id, date DESC);

CREATE INDEX IF NOT EXISTS idx_messages_folder_date
    ON messages(folder_id, date DESC);

CREATE INDEX IF NOT EXISTS idx_mail_rules_user_active_priority
    ON mail_rules(user_id, is_active, priority);

CREATE INDEX IF NOT EXISTS idx_webhook_templates_user_active
    ON webhook_templates(user_id, is_active);

CREATE INDEX IF NOT EXISTS idx_outbox_status_created
    ON outbox(status, created_at DESC);

CREATE INDEX IF NOT EXISTS idx_outbox_account_status
    ON outbox(account_id, status);

CREATE UNIQUE INDEX IF NOT EXISTS uq_mail_accounts_id_user
    ON mail_accounts(id, user_id);

CREATE UNIQUE INDEX IF NOT EXISTS uq_mail_folders_id_account
    ON mail_folders(id, account_id);

ALTER TABLE messages
    ADD CONSTRAINT messages_folder_account_fk
    FOREIGN KEY (folder_id, account_id)
    REFERENCES mail_folders(id, account_id)
    ON DELETE CASCADE
    NOT VALID;

ALTER TABLE outbox
    ADD CONSTRAINT outbox_account_user_fk
    FOREIGN KEY (account_id, user_id)
    REFERENCES mail_accounts(id, user_id)
    ON DELETE CASCADE
    NOT VALID;

ALTER TABLE mail_rules
    ADD CONSTRAINT mail_rules_account_user_fk
    FOREIGN KEY (account_id, user_id)
    REFERENCES mail_accounts(id, user_id)
    ON DELETE CASCADE
    NOT VALID;

ALTER TABLE attachments
    ADD CONSTRAINT attachments_size_nonnegative_chk
    CHECK (size >= 0) NOT VALID;

ALTER TABLE messages
    ADD CONSTRAINT messages_raw_size_nonnegative_chk
    CHECK (raw_size >= 0) NOT VALID;

ALTER TABLE webhook_logs
    ADD CONSTRAINT webhook_logs_duration_nonnegative_chk
    CHECK (duration_ms >= 0) NOT VALID;

ALTER TABLE outbox
    ADD CONSTRAINT outbox_retry_count_nonnegative_chk
    CHECK (retry_count >= 0) NOT VALID;
ø«V°¦xö	þ100644 README.md ãâ˜]Ýõyœèö°@°µn…,,100644 administration.md Ê}¨ëg¼[êg…-7IÍø‡à100644 agenda.md Áæ¡‚`› Ùñzô¡Niê_çÓ100644 checklist-execution.md 3šk£‰Aíp9G¶?™;o2‹100644 contacts.md >M[N¡‹K…À%`øä^)ù’100644 definition-of-done.md –rÛÙ¦­%Ä?nG\VŽ† \100644 roadmap-3-phases.md 0,ÔK4ÔÉå¨Æê<«çËžB100644 ultidrive.md ý%«F(9s,º!x‰+Yî‡þ100644 ultimail.md n”ƒíÂ£Eú‰¦×OúNe+
100644 ultimaps.md sŠKHšÒŒ…rƒëP6vÄ100644 ultimeet.md H(jùÜ%¨pSx¯ã©fõ‚100644 ultiphotos.md ÓH»Åá¡k¡ç-ÔGÉt-ì4ÜÃQ¸èxˆwñ# Ulti Suite â€” Plan projet

Alternative souveraine et open-source Ã  Google Suite. Chaque service est conÃ§u pour Ãªtre aussi fonctionnel et compatible avec les outils Google existants, en s'appuyant sur des technologies open-source Ã©prouvÃ©es quand un acteur fiable existe dÃ©jÃ  (ex: Nextcloud pour le stockage).

## Principes directeurs

- **ParitÃ© fonctionnelle** avec Google Suite, puis dÃ©passement sur les features avancÃ©es (IA, webhooks, automatisations)
- **CompatibilitÃ©** â€” import/export natif des formats Google, migration progressive sans friction
- **SouverainetÃ©** â€” hÃ©bergeable en propre, donnÃ©es sous contrÃ´le de l'utilisateur
- **UX uniforme** â€” mÃªme expÃ©rience web, desktop (Tauri) et mobile
- **InteropÃ©rabilitÃ© interne** â€” tous les services communiquent entre eux nativement
- **Open-source first** â€” s'appuyer sur des briques existantes fiables plutÃ´t que tout rÃ©inventer

## Services

| Service | Ã‰quivalent Google | Fichier plan | Statut |
|---------|-------------------|--------------|--------|
| Ultimail | Gmail | [ultimail.md](ultimail.md) | Partiel (backend avancÃ©, incomplet) |
| Contacts | Google Contacts | [contacts.md](contacts.md) | Partiel (API proxy CardDAV) |
| Agenda | Google Calendar | [agenda.md](agenda.md) | Partiel (API proxy CalDAV) |
| Ultidrive | Google Drive | [ultidrive.md](ultidrive.md) | Partiel (API proxy WebDAV/OCS) |
| Ultimeet | Google Meet | [ultimeet.md](ultimeet.md) | Partiel (JWT Jitsi minimal) |
| Administration | Google Admin | [administration.md](administration.md) | Partiel (squelette API) |
| Ultiphotos | Google Photos | [ultiphotos.md](ultiphotos.md) | Partiel (proxy Immich minimal) |
| Ultimaps | Google Maps | [ultimaps.md](ultimaps.md) | Non commencÃ© |

## Architecture commune

```
â”Œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”
â”‚  Clients (web / Tauri / mobile)             â”‚
â”œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”¤
â”‚  API Gateway / Auth unifiÃ©e                 â”‚
â”œâ”€â”€â”€â”€â”€â”€â”¬â”€â”€â”€â”€â”€â”€â”¬â”€â”€â”€â”€â”€â”€â”¬â”€â”€â”€â”€â”€â”€â”¬â”€â”€â”€â”€â”€â”€â”¬â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”¤
â”‚ Mail â”‚Drive â”‚Meet  â”‚Agendaâ”‚Photosâ”‚ ...      â”‚
â”‚      â”‚      â”‚      â”‚      â”‚      â”‚          â”‚
â”œâ”€â”€â”€â”€â”€â”€â”´â”€â”€â”€â”€â”€â”€â”´â”€â”€â”€â”€â”€â”€â”´â”€â”€â”€â”€â”€â”€â”´â”€â”€â”€â”€â”€â”€â”´â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”¤
â”‚  Services partagÃ©s                          â”‚
â”‚  â”œâ”€ Auth & comptes (SSO, 2FA, OIDC)        â”‚
â”‚  â”œâ”€ Contacts (carnet unifiÃ©)               â”‚
â”‚  â”œâ”€ Notifications (push, mail, webhooks)   â”‚
â”‚  â”œâ”€ Recherche transversale                 â”‚
â”‚  â””â”€ Administration & quotas                â”‚
â”œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”¤
â”‚  Stockage                                   â”‚
â”‚  â”œâ”€ PostgreSQL (mÃ©tadonnÃ©es, config, auth) â”‚
â”‚  â”œâ”€ Object storage (fichiers, mÃ©dias)      â”‚
â”‚  â””â”€ Cache (Redis)                          â”‚
â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜
```

## ExÃ©cution

- Checklist opÃ©rationnelle complÃ¨te: [checklist-execution.md](checklist-execution.md)
- Roadmap officielle 3 phases: [roadmap-3-phases.md](roadmap-3-phases.md)
- Definition of Done (backend/frontend/sÃ©curitÃ©/tests/observabilitÃ©): [definition-of-done.md](definition-of-done.md)
A+ï¹šx©	Vö# Administration

**Ã‰quivalent** : Google Admin Console
**Statut** : Partiel (squelette API)

---

## RÃ©sumÃ©

Console d'administration centralisÃ©e pour gÃ©rer utilisateurs, organisations, quotas, sÃ©curitÃ© et politiques de tous les services Ulti Suite.

## Ã‰tat d'implÃ©mentation rÃ©el (mai 2026)

### DÃ©jÃ  implÃ©mentÃ©

- API backend montÃ©e sous `/api/v1/admin`.
- Endpoints list/get users, set quota, delete user, list audit, stats globales.
- Table `audit_logs` et logs de base disponibles.

### Partiel / incomplet

- RBAC admin strict non finalisÃ©.
- Gestion utilisateurs limitÃ©e (pas de create/invite/disable/reactivate).
- Quotas essentiellement orientÃ©s mail, pas multi-service complet.

### Non commencÃ©

- Groupes, unitÃ©s organisationnelles et politiques avancÃ©es.
- Provisioning SCIM.
- Gouvernance sÃ©curitÃ© complÃ¨te (sessions actives, revocation, politiques avancÃ©es).

## Points de diffÃ©renciation vs Google Admin

- Interface unifiÃ©e pour tous les services (pas de consoles sÃ©parÃ©es)
- Politiques granulaires par groupe/utilisateur/service
- Audit log complet avec export et alertes
- Auto-hÃ©bergeable avec support multi-tenant
- API admin complÃ¨te (automatisation de la gestion)

## FonctionnalitÃ©s

### Utilisateurs & organisations
- [ ] CRUD utilisateurs
- [ ] Groupes et unitÃ©s organisationnelles
- [ ] RÃ´les et permissions (RBAC)
- [ ] SSO (SAML, OIDC)
- [ ] 2FA obligatoire / optionnel par groupe
- [ ] Provisioning SCIM

### Quotas & stockage
- [ ] Quotas par utilisateur / groupe / service
- [ ] Dashboard utilisation (mail, drive, meet)
- [ ] Alertes de dÃ©passement
- [ ] Politiques de rÃ©tention

### SÃ©curitÃ©
- [ ] Audit log (qui a fait quoi, quand)
- [ ] Alertes sÃ©curitÃ© (connexions suspectes, brute force)
- [ ] Sessions actives et rÃ©vocation
- [ ] Politiques de mot de passe
- [ ] IP whitelist / blacklist

### Services
- [ ] Activation / dÃ©sactivation de services par groupe
- [ ] Configuration globale par service
- [ ] Domaines mail et DNS (SPF, DKIM, DMARC)
- [ ] Gestion des tokens API et webhooks
- [ ] Monitoring et health checks

### Multi-tenant
- [ ] Organisations isolÃ©es
- [ ] Branding personnalisÃ© par organisation
- [ ] Facturation et plans

## Briques technologiques envisagÃ©es

| Besoin | Option open-source |
|--------|--------------------|
| Auth / SSO | Keycloak, Authentik, Zitadel |
| RBAC | Casbin, OPA |
| Audit | Temporal, custom event store |
| Monitoring | Prometheus + Grafana |
þgõ¼ÿxœ­XËŽÇÝ÷W¬Åc’+…€,¨Ê¡1bf$L±»H–ÔìjUu13Z0EA–^Š^ùþ‰¾$çVU¿Æced„Ad÷­[÷yî©zÄÆK‘§<Š÷ß¿¶rÃ3‘—‡‡ì	ûR©e&Ø=I¹†ÄeÉKë_Î¸.¥ÈXo<›²B«›[<¿èGÑp8Œ¢GØÅ~gìz¿‹"¯CK¡™N­4</™–Keµ°F¬±+Ãn‰ZJ—þ·À£™—B/x"X*îÚ4`…*!	K2¿ë×‚-´Âª<Åk«YÆ™Q™-¥Êƒ‘¤êLÜ”I¦l:rÆî¿‡s,=ë"ÛïHwô~Gn®¹dóø}~ÄŽ÷»—ûX#L^cÎ“W´õZÑS­­a×1/d¼ù"N‚å×¬gdcãI)7û]-“<-Ü6,“.ÕÁ3ÿd¿ƒhîÆ£D^ŠöÃüËD÷)>Ê$Å(Ä Ù\’¥KxÊ’ýOøÊŒÐaõÈ;[å:† åªÉÙ7ˆ—-Ò;»3¾	[
ãâ7¹âËxºžò2Yªe”"!â¹5·,—µ°Ó¾}2ßHŸÃ°ÿÃ
²$‘jÇ®‘¬„Æ?¶ÌÔqbbCA aÆjÁæšçÉ
™Þœù}`i’fKµÆVÆo×‰.ëýUÌWJ½2,xŽ€S®H…¼Ô|
Æ'î¦Øï¨ÅÊ]_5•—]á»µQu¹¸:#%SŸ_}|ÃÉLÁÖB”2_ÆZ”N„‰GÑ_½ãÊ)%"’Ë×VDÑéþG´B¦–ô“½¶Ï³R¢Ž6ýK•:‘šìù7w[‹¡¼Ñ|)uÖ:ÀP‡V7eÉ
aQ”?–ˆvºß¡#–v¿á>/œ#ŸÕ¨Ëî³(:9à•áhÒ"C§ê)²Ðû#;<¬×&Ö W¡«Sîij)³©ñÚ¯åþ=ìÄj¨J^!M·yôà7J­U€N ùI¬Ö”[ª™Ê¸êPQäî³·vÉ0%,f$ƒ—Heé@¶GDŸ#á%ŒB œjEÅçw]U*D:é´1tÒ)ë]­lž
=—:PEt€R”É(€×Ó6žaƒ>.¢èR²¹0@2IL”ÅzÝ‰©‹è¥‡†:æû]*½žJ*‰ÔËW<0ÃçZÄ)ß_¾	« ¿´ä¾Íë,¦r±€³pÍ•ôÌC ™S½H¤ïŠùÙpòó°TÈª»0ƒ:Tºž$+ƒS.&¬÷¿PE¾@dˆ†ž½$VyNÐà'@‚ÖûŸ2ªž#M Ãí÷Î Ýä\f’ — Ž/19Yaç9á0µgÊÛÚ‹ì¶ìþ}öÕT‚·îA¼V!²ãœNî¸ËUY‹™Ðk¤~–ñ¼YÏÁ"L‚©l:†ivY8üIjçZM_ŒÈðnÅç²´)°Òå÷™Ê]Üsî7¾6 ÙØòÏì/˜Èm3K	x¡Áf-¦Ð0vÐ
ƒvŸöƒ¢Sàz@†¦ƒTM´+Ù	{IøÃl`^.ðm­€}1 Šç9P8ÈNˆ ªÒŒ©OQ x`ŽX€ÝQFFV[] ûDæ–v"^?Ã:
ÞJi.U|²ŒÏ•/à 9ž5¥ÓËDR‚XÁf„CËð§k™WÛ´©ôè™£2àpmr=o;‰Î$:.M€v:Â²K7©\ŒêñåÝé;‚÷%?…uÃÇÐBÈz-tf#²4¥V¦GmCÑ†!L ÄEÿziŒÕ <“û÷‰K>õ}½i=4+èc ˜fÛ[äÛx³óâœ¼ÓžAÑ×±¸·[cc1­Ÿ·l•õ{Xëi_TÀû|£¤K­BxˆG¸
µyeW7öÈøîŠ†µM&œ³©©q?å¤l[H½&0ŠE Ü`«¢™!d¦3AFìÄ•NEyŸDÑ¤@×¶ÅèØ•+s¶53fÛh;l>Û{¾!ÂN€Tb-%³‹óÙ³éÙ1¾^ƒO­q‚«‚,¬é¹‰ßPÛ~_³–žpnÙÅdv~q÷Ã¢!"¥oûÒû¦zRmAµÚÝ‚L}~EÚF£ÑG5¼±2ý–ÚÀ«:upÿÊü î¹aVÑrt&_öÝÚK*;´ÅÝÅÇ““ÉÕ¤^ïD‰2áD Ãq)­˜Ÿ& +á‡+^½žfK…yïTtº} ò.5D¿œ8¿c”n¼yì¢ˆº6.”á å‰~lÊ{þ¬>TÀÝóË«¥}®n\\™×ƒÉÙEÌ‚*´“{£Üø$´å–-”F‡3Ù°JáÚÀ)ž´çHÓÅó“IÐ&›8Q_]MÎŽ'ö9“§Ó^‡¦f½ã“ñÅ©SÛÒ±a
ì
49€Ì¼ˆMÚ‘ŽØž½äÄ@“_	Œ˜¶âùÒûè¿(ì[-´A"Ï.™²ŒNDúêx["J0¼ŠáGÑ#pùi—TI®¼Îí
ÖNðsËý8¹…ÄÍï1?4ÃH%Ó>2ReÑ7È{èfô˜¬	‡ÑêÔ:Ó ÀŽFµ7`‹;Ã¹›Â'Þp"œ6vÚ³º£ßÒÖg¶@1ìÕ€haÍê1§S—E8[Hò±>*å´=ƒ•Ý]F¿£M}÷Êœ¨k"°›óšnO\;^G4‡Åû'Ñt#lVsuD‡¸QIý2Z€ñíiGBƒ!Š®¯¯£ïþþáÝwþû£O•t&‚®A€ ¾øT­0ã-–…c›×ðöS4ü?þþõgE“\g…7­W%®ï:©ÇzÀ…›«Ð²DÉXìÍþ4>›ökuï>Å¬³}>Ukô0µ¿¸ÛÛ_© [àTÞ¿R‘oŠ´¹4qÕ´Z,TzÛxølN Usz×C¡ï.4ñ–‰&ÒjPÏ§=³‚#ah¤`_]:\Z¯qö¬›Õ™ [ãç	»¦Óøè%(`úº4ÀkP•¨^ÝâÒ§úþé©&Œ'~* "±³æÊ’&±³§þ¢`[ÝíhpXšþãêFaƒU-ŽÖ&k÷= Ùý´{™³mõIÃ Ã=J+¿M‚ˆcÜ½…ðÔª;I¾º$IŒ•&xb†É»Ä‹Â})Á,4Ô†MŒñ­m’ºhM÷-ÓÚf‚zâ'ÇåÃ«OD¿µ§„Û†™K™¥1KÎB XYï|z|äÀøì¨½®3Gâj&àù‘Ÿ»+	ƒ¾Vú•ÐõÒÿ²æØ·²ýxœ}ZËr#GvÝó+2Ø¡ÐPê—l)Æ
³	¶ÄRdd·‡¨J ©.TUgV¤B¯1ûù€	oÜôÂ+í¼ÄŸÌ—øÜ›*-¬Båó>Î=÷f>×y­Å¤Ñµû¿ˆ£¥J?æÚÖ"ûRÝnîÓ¦Öe!ÒrUå›ÏµÚÛ;Ÿý¬ÒZÏ¿µ‘…—f¥ŒØÜ×²2­•‹^%M­Už«•*j¡©ï==nîûb­Œ•)3Ì)æe‘ÒzÍÊ¦ªàÿ£½½'OÄW}ñ}Ù C!‹T‰§BæzQ¸A³2µ{{Cño·ÿ.ÎT]%6?—Kij+2,OL1-xXå²H.ÇgÇ£U6VåØ˜ÙÜcP,[Ì”èJTycÅJšOöµnz®7÷ûKøÔh¡n!%²ÍýÏ˜>¼8éüR&›{lÓ\jÃK¸…¤K‰Å”&Ä± ègÏüP]9={6À/G÷R8=à{JßÃŒãÍý\ÚSÊl%+QÎç:eéÓâ^Šj)­²ßŠ³÷]yÄRšLºX`…z>ßÜ­%+üä0‘M]®øÍ†¹!ßš¤2V4'·,çb\j_`±ªYkì­7“éGUd17eQó“%k2$ë¨±q;åŒ:È™fôYëOÄùMA6R”+]Èææ¤ó²–ÕßÛûUL j¹¿ºf¾UŽ÷7˜²©Ä¯{¿‡Ãø‡ÞØ˜.¶n‹¿Šé?_œOùÿ©’0	jüÆ-’†E­¤Îùû›ãá~˜†XEM–ïúœÆÆÉJXv¦ÞGÉumur²ZétÙ]ÑX…¶Ó­Á1Ö[//q£füõíñÐ¯Î½V•k9‰òäOÅowws#!‚±ZŸWçdÏÜ77ÀäòØu|wˆÆ¬/¡^(þöîp{5ì®ÏûâmYd^ŒäìÊŠ^9ƒçÊº„K¹–ðß¹‚“eûNç‡M½{¬…TÊ¬´µ4Tpó“UUbÍ†¹ç'ã#ˆÚˆšLÒÂúù4¼ÞÜ+Ø–%§[‘S[“a+˜‚ 'ØóÜ®t–åê~+ÐÜl~ËiÍð&]$fL¼Y÷…ªEþ¥¬ª\3:ÐüÓDV:Y?O¸ý4}†V NZÃìßþó/ñ6-uo*ð&×*ÅÄŸ4sÉö¿ÔÌè­·ý`ŽŒ>ûR6,»u-ÑËË….àa%ÌXõ³bqJv{Ák„lšª‚ì-C;úÑnú;€ám>E:ª` j
ÑƒfÉº*·ï>!)bB‡œ¡ÏzPÉÅ²¬K›Á¤± ›.`ÙÒ»yÇ~­J‚=ÅjÛ€Ì£Ú– '†Ôö›89;¼H&gW°ì†!z‡Ç“á÷Ggâ@|Tw0ˆÚùy¼Ý"ù ÉÈm]¦-ÔJã×Û:.†Q{ü&Ú
¦6ˆd¸šNGªXOÓ`u+ŒEQ(Së¤kkAwU™;·+ÃôÈ¨‚¶5 ÿ_–åGaÓ*múÛÃ­±¤Ìã¬Eè¢¢ð×»¾<£À*y—#BÀ~Qqvrv<€9§£€ºï=tïmM”–MºTá]|$…HRÀ€Ù?\A#Šˆ@ºùÜ•Þ5TP’a$eŒjÐqSô(ìÄ
Æ- ©ŽåBÖ˜Eg¿³a÷é‰ °*²ª„Jwœ§’p ™ëó,È°„C
b(´.g³Ò›Ä4&\‘Ö*zõKÞÕÈJÇP0~?/>5 <Â&2‹™²X•%wQ°ãž.2uKãÒ„†m¦÷¥v!ÅaáÛ?u†‰Qò!~?˜Ty©I±òD»&£`p¶ê,A`3*çVxuVÌpbêtYÒ²SKt¥ê¥‚T{è	0…¦¼ £Ä~W¤P»FÿYyÛ±à&M!,©xìL³T2œ§Ä;-‘*Ò?h¦¿ˆK•i›üIÝÑËpÏ4/	T‚CìÎ ™´ËYIúüÞÈ¹,$Œ|O*´Œ 'a·58è1"Ó>Ä,/?5ÐÏÀo¥óC°Ý×··B°hô*¹â(ùTù¾Ì1Â­e¾äâjT7ke{3®ÍMi>â…qÏ®êÊ/˜ƒ$ÁÍï‹ ’láèäñ¦âec_Â*áùØqê”’kÏ‹ ‹b]Þ)3KFA“†þ¢RÞðÈ ”!OÓ~¦VˆË²“9Öÿ¢IØª,-;½iƒ:ôØ4õ¬áÅè9£È©®G1–•è[¹FO (Rë	`MÐe[£X EÎOÑ~Å¾Å62ˆ7Ûk+öÙ¸ñÌnL{×mh	{}Í’èq"	×0KÊœôß¿¿Íå‚_Ç*Wµ:sÒ~¿Äìíç‡oœÊ§£ímÌs”Ö·Ê5Ì6¢ˆè9æ!óŸ L¥$à†ß±:ÀF,@tH¸±ù‚$âA?8î˜M…¦œ5”™¼;…ÒLycG“T´îã[•Na!ªt¹Å±1ÓþÎFÒrér%ê%vÓ©{ÆZhL£æŠ›°uñ¸@~÷S]N½S>!ÚèÓ*'¥Á Ž½sŠH$À‡»‡h™%ë!ÉXä	%Æq±[¥7Ÿ±  ¡Cï^SQTJ2Ø ?è‚ 'I!k$h¶±;HV‚aÁb’œmDôŽ.¯Ç 2¾;>T{Iæež¡åîÑù˜c#K„ßpˆÃ¢6÷àŠP%¤5°LÖˆpK—¢ò¬DáìÅ#{ôÌ\31ÎµÄ*–ö°.‹Äœ	=Ãš#¹Q?„D3HüT¯4ca½BÆŸÝ%íj"ŠM$å˜¿ áWg§"ÝüF‘.‡/c¢ÐÁ©VžÝb‰C9ãàOîÙ£ˆ#ršŒ©6wHnµI))œAÏ¬Dºâ¶O2…\ƒÝsI<~pç…˜P¤`­<…T]Ã&/ #ª„â‡]g²1æ`Ì•{×'ã÷‡§'ã“«3;OŽß‘F,qQ`5>Ç•MÀÜKSw¼õFêH1=„cÕ„âKÇ­‘&7kEÉt -aÀïÉÅL4?aa&©æ´{‚þÉÌýÊ ¤&‡0.âõ“J®úÀt‚ã®a&šÌ-Ñ¢†µc×”±µºuõŸ’‹HôèWèzJe
i÷‚$ºù+Q¥TU¬aŒÉÄÐÐ„#²µ„ô”=¸@¤½±Êã2«•¬Ó%¥‡Ñx$¦DI™ãÁFdÎþÃDÈÊ…%­E­¿d3¡äÙ…ˆDL\ŒèØöL
˜è†B”(½iFÂ$ r±„žbáD-å¹åå>¦$œ^Z;ÐÆ|ÍyzY·Œ øËlôªyAä‹»GûïÓì0”›ýØ‡mù…Ñ››Z´1°ù3Â8gUŽÀG™Uz›dG¢Çæ ny}Òß²A“Œ…Ò±¢ÐOÄ,æVe	tD±«†%FÍ¼—l5O…‹mxßüœÌ8ÂíbÊ&6:f›ºÕFnÍmô{CDÊEa­!cU5Úú\ÛºZÞvÐ´{r)‘¡H!w$×´8Aùœ„z¢l÷w	>³ß¢M®EÅ="jà:j­Õì¢È¤M†Ñæ‘µxänÇéýpvxÔÇ3jâi|ún{€‡E<ìšL0TŽw3†6­Á3‰V÷£_ƒï{ìM“K<ÏMvÉ›%ÇŸz&2¥l«ƒaÈ• â¨ÝüóUW r“íånî×›{WD¶¢¾«˜Õn\ÈGrÁoT³´ï>3?ŒF£Ç’SÏ0ZB±;?.¶l¡šª°·\A÷” ÁA+r$ŽZŽ¶Âeìâ’_šâ Eø5Ü”}÷–ª£ŒF-;ðh×så®j…t¼Áz|ø¾ïÉ\æ9iŸ'£D1•ùönÛÙS‡œÒ:™„q8{>p3÷]½ËrµyÈ £Yºª¨(B#€­6„fXèR/–9þ(gÛî¸´
ÊF¼Íó™–+„ò|éâÉ™"rÌK®Ðh;ðšœ%JõÄY™1Àøê®«o!û£ºA[á:Sªe¯C.ŒyÄ¶ÓrGÁ…›â£ÊÄ›@Œ…¬w¥\ÈHdYÝ1¥@ˆáS˜F¨weÛN	lªÜÀ¨KyI‚¬ˆ•> Sc’ÉŸS—*±wlõ©)kÉ:ŸJð  DFÝRÙÝ-é¤ë€°ù?_ÉEr2žQˆÞžZk_Ø°	©ÿ]]ë‘¡C£)¥0Á»ˆ­Û-Ú‰ÜOâ8Ê€âlªqK^¿gKÞÊ±ÚÆŽ)o?å¢á!j<æ×e³Ü„Ï€®÷v³¶¤ 
C6cm`|øb9!‰^FÂkËí‹vöôž
kþäjeÅ?\¹êŠèaèÄ6³D6”Ô`È¢ï‰Ueä¥vsxÜ^fHª3Sb0®)ß—:[DæX®\Mïv„½©¬Ý{‰[v¨ÇŠV2ãH¾ê	²?ô¦‚ô§1\Ì¡²WLRœÓîBþEeWtBn¸Dd†„&ç?"Ôù*¡÷	ª€îì¢SrGKNùœyÇxe>k Î ¹´©v9˜¶\ôuòHØ=°R!$3‘=ŒDÛ¶{ùæðÈøÊñö<§|`ÃbbvÌ~	¨uE`‘CÎGÊ|<\€ˆ§„l¼Ò¤bñ?&9R$ñüXà$K žkÈge®rô²ÿðø¬7]ÐCöˆ9ØÃ0…ÑªP=z9zÞXQN,hùÆ‘ëY¢x$j4ªíÔv–IUðO§dØÕèñB$LVPX;¤9å_|¨òc“¹ù2Vd¡î°Ê³j §&×êQqóúòtàˆx‡¡R\@ÖX¨%^©úTxGÔ¾ÀÏ¬*I%=÷&.ÁÄ•,&5±€wô1öŒETW»®…Ð	2‚ªfp–ðA¶H¿ÄÍ«sÛå©û½DFÍU¼ë¨€7Fºd.çóö•;ðÙÿÀÕB|á‚|š+4Oä¨K¬ÅáÈˆK«Jw’˜ÒpÏPî}(øØ³%:×'Ü>lË1Ñ‹l‰y’KÒõŠîÖPÎÂa`86ÀÚÖÝhÃP”j>ç2æîhé@ŠÎ²Ï6½%WŠ<Ýª\=‚¯RÄzá¿Œî1Pš®ZŠH;§†v%BkÂ%'zèÔ+à:Ü”¾x_'MŽ&ïw¹|(¬,á÷á`ÿ€‹e®®sd&6îõ•p¼7q®ÃØ:{÷Îf—Hø<qYÜUý]Ž€c,ÞB®éˆÛM²ÜGm*åÏóòÆÒ•Œo] c#O¶
‡¿R÷Ña®ã%ÇW<SáqàXw ˆDáh–•*í5ú(ì¦.%ßÈ nÊØÎñÉOdŸ;gÃä¾Üò[äÎ/»IÝõ¿´ñ©LJ#|˜„ãkÛf—rnäæAV¼û'î`ÐêÅ´™ª¸YHf‚+‚ëu‡½ú|Ù+×`}Þ•‚1+ã
 I[Ít›vf:u\óòA5uj+œq_‹C>ãÒ>ýü¾Å0q—êåóçw¢×5–Ï„×” ‡c@Û	¡Ý£Ó·—Éñ<vG·Y£¹îê²j¾—ðá“UaAý)¹£ÌtM9s¼‰3œ)ø"|róœïe]º5×·®ð±ÕFj_õÝ0‡†Y<}@`Æ\þKâ"O¸½‹t3•ø«TŒ¡"¡7Õ»(ÿ§|âÇO+Ø<?Pœ›öéKëÇyçÕéDôNUý¥Ç ÞwI%Ýà)‚WBÎ4ÝIc§Ž‡õXeÞÖ'j‰ ¾»ÌdU3ÑüÝÄ9ùÇÃç2µð¬¢Åœ]º´Ô+Ç‹Ð“Ù§lâMËËñû?ØZ¢ƒ—ƒ­+~ˆg§aytXI‡1µlüÉ`E)3s´3	„\SQ‘ò%Ðf>äÌëÁe"¬s’ä)*"ô\-¡(‹!¸?°,••+Qù|Tó©ê€î<Ì:vÊ÷ül*±nò‚2	ïp|t\XÒYP‚\C~ä óhr‘À2®v·Ëö§ñðóÀiÙ™ûë¾ ëTŠo;BÕÌ¼†”ýX—•è]A’:V¬Nœ²ÛÞwˆ[l!s¶ÌÑ"¡"L¦
VP!åóü-JüJ å®žÝÙzóyõµÇËîª•pEÔp`b&ðq,$—tXËMƒ%ž•u«ÖÀý¸¦ŒÑ5(·½‹‡í	ÔÚ
lÞOõxåšn&ú¾|~Ûsï©^€WÈØM-Ü‘=| ^Ø°â
¥jìÒiñë¾Krö7ÿ-;"÷Ý./Âyw÷Ü´s}ÍîF0„»¼“z–î~ãíÄ»J±ÆÐ‘Lw°
|á²!t%Tï"Ÿ…Xs:%]ÌèOÛ:>ƒwõjEˆ&áRë]œžtkòÑÉÃñ½;ã¢ü s¢¯ÚÈ1dÛÏs$Wã¦:/˜8Ví«Èýî":W‰}½Í’Â…W«ð¤2á°j1-ñ^äåL¶½CNä:¹Ì†o“ëS5gè®ÝÇ[Ì0¤­ÎÝz”t|ëÀÕ„(Þà¹­>¹ÊpˆË®xça_pK¨Á¤JñOÏ=¬E. ú\}óZüA¼üê+¤úËÒtn,a“Å@²ù³;';g=ÿA<ÿ‚éó‹W±TvEGvtÓ†­B!ÿ;ñÍ7_øÁ}}"ã Stk[;‡ò}à´‡møqJÔH|÷Okôúli8²;›fKŒjµ£ÚçÎøÞÞó‘xöì¥BG¸îñìÙ·P·s§ï€±01ðe:sh!‹IÚhïÉxA‚`[âãa¬?S=}ˆ–Î8¯ 4Š	ÇKè±‹»œFŒézj¼NÁa(ÛÞŒq¸¾¢1·îe¸ë.4äøqI5¶A{A‰.”ùH£½×Ô¼u›z†óË ªvÐžpÆc 89íý?’ÎàÀ½ÜxÍ2ò# Contacts

**Ã‰quivalent** : Google Contacts
**Statut** : Partiel (API proxy CardDAV)

---

## RÃ©sumÃ©

Carnet d'adresses unifiÃ© partagÃ© entre tous les services Ulti Suite. GÃ¨re les contacts personnels, professionnels, groupes, et synchronisation avec sources externes (CardDAV, Google, etc.).

## Ã‰tat d'implÃ©mentation rÃ©el (mai 2026)

### DÃ©jÃ  implÃ©mentÃ©

- API backend montÃ©e sous `/api/v1/contacts` (si Nextcloud activÃ©).
- Endpoints list carnets, list contacts, create contact, delete contact, search.
- Client CardDAV Nextcloud intÃ©grÃ© cÃ´tÃ© serveur.

### Partiel / incomplet

- Pas d'update contact avec ETag.
- Pas de sync incrÃ©mentale via sync-token.
- Recherche globale suite ne s'appuie pas encore pleinement sur CardDAV.

### Non commencÃ©

- Import/export vCard et CSV cÃ´tÃ© API produit final.
- Fusion de doublons cÃ´tÃ© backend.
- Enrichissement interactions (mails/rÃ©unions/fichiers) en API contact.

## Points de diffÃ©renciation vs Google Contacts

- Carnet unifiÃ© cross-services natif (mail, agenda, meet, drive)
- Import/export CardDAV bidirectionnel
- Champs personnalisÃ©s illimitÃ©s et typÃ©s
- Fusion intelligente de doublons (IA-assistÃ©e)
- Tags et groupes dynamiques (filtres auto-mis Ã  jour)

## FonctionnalitÃ©s

### Core
- [ ] CRUD contacts (nom, emails, tÃ©lÃ©phones, adresses, organisations)
- [ ] Groupes / Ã©tiquettes
- [ ] Photo de profil
- [ ] Champs personnalisÃ©s
- [ ] Historique d'interactions (derniers mails, rÃ©unions, fichiers partagÃ©s)

### Sync & import
- [ ] Import/export vCard, CSV
- [ ] Sync CardDAV bidirectionnelle
- [ ] Import depuis Google Contacts
- [ ] DÃ©tection et fusion de doublons
- [ ] Auto-complÃ©tion depuis l'historique mail

### IntÃ©gration suite
- [ ] Suggestions dans Ultimail (compose, destinataires)
- [ ] DisponibilitÃ© agenda dans la fiche contact
- [ ] Fichiers partagÃ©s (Ultidrive) dans la fiche
- [ ] Lien direct vers Ultimeet

## IntÃ©gration Nextcloud â€” Ã©tude technique

### APIs CardDAV disponibles (confirmÃ©)

MÃªme instance Nextcloud qu'Ultidrive et Agenda. Endpoints :

| OpÃ©ration | MÃ©thode | Endpoint |
|-----------|---------|----------|
| Lister carnets | PROPFIND | `/remote.php/dav/addressbooks/users/{user}/` |
| Lister contacts | REPORT (addressbook-query) | `.../addressbooks/users/{user}/{book}/` |
| CrÃ©er contact | PUT | `.../addressbooks/users/{user}/{book}/{uid}.vcf` |
| Modifier contact | PUT | MÃªme (avec If-Match etag) |
| Supprimer contact | DELETE | MÃªme |
| Sync incrÃ©mentale | REPORT (sync-collection) | Via sync-token |
| Recherche | REPORT (addressbook-query) | Filtres sur FN, EMAIL, TEL, ORG, etc. |

### Champs indexÃ©s (recherche rapide)

BDAY, UID, N, FN, TITLE, ROLE, NOTE, NICKNAME, ORG, CATEGORIES, EMAIL, TEL, IMPP, ADR, URL, GEO, CLOUD, X-SOCIALPROFILE

### Avantages

- Carnet d'adresses systÃ¨me auto-populÃ© avec tous les utilisateurs NC
- Partage de carnets entre utilisateurs
- InteropÃ©rable avec clients CardDAV (Apple Contacts, DAVx5, Thunderbird)
- MÃªme backend que fichiers et calendrier â†’ une seule instance Ã  maintenir

## Briques technologiques envisagÃ©es

| Besoin | Option retenue | Alternatives |
|--------|----------------|--------------|
| Backend CardDAV | Nextcloud sabre/dav (mÃªme instance) | Radicale, Baikal |
| Client CardDAV (JS) | tsdav (TypeScript) | fetch + XML custom |
| Parsing vCard | vcard4 ou ical.js | â€” |
| Recherche avancÃ©e | Meilisearch (indexation custom) | NC search intÃ©grÃ© |
| Auth | PartagÃ©e via Ulti Suite (OIDC â†’ NC) | â€” |
Jæ×äº}xÚ%ø# Definition of Done (DoD)

Ce document dÃ©finit le minimum Ã  atteindre avant de considÃ©rer une livraison "done".

## Backend

- [ ] SpÃ©cification API et contrat DTO Ã  jour.
- [ ] Validation payload + gestion erreurs normalisÃ©e.
- [ ] Ownership et permissions vÃ©rifiÃ©s sur mutations.
- [ ] Logs et mÃ©triques ajoutÃ©s pour endpoint/worker concernÃ©.
- [ ] Migrations DB fournies si modÃ¨le impactÃ©.
- [ ] Tests d'intÃ©gration ajoutÃ©s sur cas nominal + erreurs clÃ©s.
- [ ] Documentation d'exploitation mise Ã  jour (config, limites, dÃ©pendances).

## Frontend

- [ ] Flux UI branchÃ© sur backend rÃ©el (pas de mock en fallback silencieux).
- [ ] Ã‰tats loading/empty/error gÃ©rÃ©s proprement.
- [ ] Navigation URL/state cohÃ©rente, sans rÃ©gression UX majeure.
- [ ] AccessibilitÃ© minimale respectÃ©e (clavier, libellÃ©s, focus).
- [ ] Tracking erreurs front en place (console propre, fallback utilisateur).
- [ ] Tests e2e ou tests ciblÃ©s ajoutÃ©s sur parcours modifiÃ©.

## SÃ©curitÃ©

- [ ] Aucune donnÃ©e sensible en clair (credentials/tokens) dans DB, logs, rÃ©ponses API.
- [ ] ContrÃ´les authn/authz testÃ©s (accÃ¨s autorisÃ©/refusÃ©).
- [ ] Inputs externes validÃ©s et bornÃ©s (taille, type, format).
- [ ] Endpoints sensibles protÃ©gÃ©s contre abus (rate limit/idempotency si nÃ©cessaire).
- [ ] Surface WS/Webhook durcie (signature, token, origine, timeout).

## Tests

- [ ] Tests unitaires/intÃ©gration ajoutÃ©s pour la logique crÃ©Ã©e/modifiÃ©e.
- [ ] Cas d'Ã©chec et cas limites couverts.
- [ ] CI exÃ©cute automatiquement les tests pertinents.
- [ ] Aucune rÃ©gression sur les parcours critiques connus.

## ObservabilitÃ©

- [ ] request-id/correlation-id prÃ©sent dans logs serveur.
- [ ] MÃ©triques mÃ©tier ajoutÃ©es (succÃ¨s, erreurs, latence, queue depth selon besoin).
- [ ] Alertes pertinentes dÃ©finies pour incidents probables.
- [ ] Healthcheck du composant concernÃ© vÃ©rifiable en environnement cible.
- [ ] Dashboard ou vue de suivi disponible pour le run en production.
ær¾ÌxÎ1ó# Roadmap officielle â€” 3 phases

Cette roadmap aligne les travaux backend + frontend avec l'Ã©tat rÃ©el du projet.

## Cadre temporel (Ã©chelle relative)

- `duration+` = court
- `duration++` = moyen
- `duration+++` = long

## Owners nominaux par phase

| Phase | DurÃ©e relative | Owner nominal | Co-owners |
|---|---|---|---|
| Phase 1 â€” MVP fonctionnel | `duration++` | `@BE-Core` | `@FE-Lead`, `@PO` |
| Phase 2 â€” Hardening | `duration+` | `@DevOps` | `@Security`, `@BE-Platform`, `@QA` |
| Phase 3 â€” DiffÃ©renciation | `duration+++` | `@PO` | `@BE-Integrations`, `@FE-Lead` |

## Phase 1 â€” MVP fonctionnel (prioritÃ© immÃ©diate, `duration++`)

### Objectif

Rendre Ultimail utilisable de bout en bout avec un backend rÃ©el (plus de mock pour les parcours mail critiques).

### Livrables

- Corriger les blocants backend mail (ownership endpoints, bug outbox planifiÃ©, provisioning user OIDC).
- Finaliser pipeline IMAP/SMTP minimum viable (sync inbox, envoi immÃ©diat, envoi planifiÃ© cohÃ©rent).
- CÃ¢bler rules + webhooks dans le flux de rÃ©ception.
- Exposer endpoints manquants MVP (brouillons, piÃ¨ces jointes, labels/dossiers de base).
- Brancher frontend mail sur API backend (lecture, actions, compose, recherche backend).
- Brancher multi-comptes rÃ©el cÃ´tÃ© frontend.

### CritÃ¨res de sortie

- Parcours validÃ©s: connexion -> sync inbox -> lecture -> envoi immÃ©diat -> planifiÃ©/replanifiÃ©/send-now.
- RÃ¨gle simple + webhook exÃ©cutÃ©s rÃ©ellement sur mail entrant.
- Frontend principal mail ne dÃ©pend plus des mocks pour ces parcours.

## Phase 2 â€” Hardening (production-ready, `duration+`)

### Objectif

SÃ©curiser, fiabiliser et observer la plateforme pour exploitation continue.

### Livrables

- Chiffrement credentials au repos, validation inputs stricte, RBAC admin.
- WS sÃ©curisÃ© par token (suppression `user_id` en query).
- Retries/backoff + DLQ pour outbox et webhooks.
- ObservabilitÃ© complÃ¨te (request-id, mÃ©triques, dashboards, alerting).
- Normalisation erreurs API + pagination cross endpoints.
- Couverture tests backend/CI (intÃ©gration handlers, workers, migrations) + tests e2e front parcours critiques.

### CritÃ¨res de sortie

- SLO minimaux atteints en staging.
- CI bloque les regressions sur flux critiques.
- Aucun secret sensible en clair en base.

## Phase 3 â€” DiffÃ©renciation (IA + automatisations avancÃ©es, `duration+++`)

### Objectif

DÃ©passer la paritÃ© Gmail/Google par les fonctions diffÃ©renciantes Ulti Suite.

### Livrables

- Rules engine avancÃ© (simulation, prioritÃ©s, conflits, actions composables).
- Webhooks templates versionnÃ©s (preview, signature HMAC, retries et observabilitÃ© fine).
- Tri IA configurable par rÃ¨gle (provider, prompt, garde-fous coÃ»t/latence).
- Recherche globale multi-services (mail + contacts + agenda + drive).
- APIs fine-grained pour agents externes (tokens/scopes).

### CritÃ¨res de sortie

- Un utilisateur peut configurer automatisations et IA sans code.
- RÃ©sultats traÃ§ables et monitorÃ©s en production.
- Recherche cross-services opÃ©rationnelle avec pertinence acceptable.

## RÃ¨gle de priorisation

1. Corriger ce qui casse le produit (blocants/sÃ©curitÃ©/cohÃ©rence).
2. Stabiliser le coeur Ultimail en rÃ©el.
3. Ã‰tendre puis diffÃ©rencier.
TXžˆ³Ûx³Lâ# Ultidrive

**Ã‰quivalent** : Google Drive
**Statut** : Partiel (API proxy WebDAV/OCS)

---

## RÃ©sumÃ©

Frontend reproduisant Ã  l'identique le comportement et l'interface de Google Drive, potentiellement comme frontend pour Nextcloud ou solution similaire dÃ©jÃ  fonctionnelle.

## Ã‰tat d'implÃ©mentation rÃ©el (mai 2026)

### DÃ©jÃ  implÃ©mentÃ©

- API backend montÃ©e sous `/api/v1/drive` (si Nextcloud activÃ©).
- Endpoints list/upload/download/delete, create folder, move, create share.
- Client Nextcloud WebDAV/OCS intÃ©grÃ© cÃ´tÃ© serveur.

### Partiel / incomplet

- Pas d'upload chunked gros fichiers.
- Couverture incomplÃ¨te des cas drive (copy, corbeille, favoris, rÃ©cents).
- Gestion quotas/permissions simplifiÃ©e non finalisÃ©e.

### Non commencÃ©

- UX frontend Drive de production branchÃ©e backend rÃ©el.
- Ã‰dition collaborative docs/feuilles/prÃ©sentations.
- Sync offline-first complÃ¨te (rÃ©solution de conflits).

## Approche technique

L'idÃ©e est simple : on ne rÃ©invente pas le stockage. On fournit une UX identique Ã  Google Drive mais le backend de stockage est interchangeable :

| Mode de stockage | Description |
|------------------|-------------|
| **WebDAV** | ConnectÃ© Ã  un serveur WebDAV (Nextcloud, ownCloud, etc.) |
| **S3-compatible** | Bucket S3, MinIO, Backblaze, etc. |
| **Nextcloud natif** | Ultidrive = frontend custom pour Nextcloud (API OCS/WebDAV) |

### Contrainte clÃ© : montage local

Peu importe le backend, le stockage **doit pouvoir Ãªtre montÃ© comme un disque local** sur l'appareil de l'utilisateur (comme Google Drive ou Dropbox le permettent). Cela implique un client sync desktop (via Tauri ou en exploitant le client Nextcloud existant).

### Gestion des permissions

Les permissions doivent Ãªtre **simples Ã  gÃ©rer** â€” pas d'ACL complexes. ModÃ¨le inspirÃ© de Google Drive :
- PropriÃ©taire / Ã‰diteur / Lecteur
- Partage par lien (public, restreint, expiration)
- HÃ©ritage des permissions parent (dossier â†’ contenu)

### Option "frontend Nextcloud"

Si c'est plus simple, Ultidrive peut Ãªtre **purement un frontend** pour Nextcloud :
- Nextcloud gÃ¨re le stockage, la sync, les permissions, le versioning
- Ultidrive = interface custom (mÃªme codebase/stack que le reste de la suite)
- Avantage : on profite de l'Ã©cosystÃ¨me Nextcloud (apps, clients, WebDAV) sans tout recoder

## Points de diffÃ©renciation vs Google Drive

- Auto-hÃ©bergeable, stockage sous contrÃ´le total
- Backend interchangeable (WebDAV / S3 / Nextcloud)
- Montage local natif comme un vrai disque
- Interface identique Ã  Google Drive (migration sans friction)
- Chiffrement cÃ´tÃ© client optionnel (zero-knowledge)
- Automatisations Ã  l'upload (OCR, classification IA, webhooks)

## FonctionnalitÃ©s

### Core
- [ ] Upload / download fichiers et dossiers
- [ ] Arborescence, favoris, rÃ©cents, corbeille
- [ ] Recherche full-text (contenu des documents)
- [ ] PrÃ©visualisation (images, PDF, vidÃ©os, docs)
- [ ] Versioning (historique des versions)

### Partage & collaboration
- [ ] Partage par lien (public, protÃ©gÃ© par mot de passe, expiration)
- [ ] Partage avec utilisateurs/groupes (lecture / Ã©criture / admin)
- [ ] Ã‰dition collaborative temps rÃ©el (docs, tableurs, prÃ©sentations)
- [ ] Commentaires sur fichiers

### Sync & montage
- [ ] Montage local comme disque (type Google Drive / Dropbox)
- [ ] Client desktop sync (Tauri ou Nextcloud client natif)
- [ ] WebDAV natif
- [ ] Sync sÃ©lective (dossiers choisis)
- [ ] Offline-first avec rÃ©solution de conflits

### IntÃ©gration suite
- [ ] PiÃ¨ces jointes Ultimail sauvegardÃ©es dans Drive
- [ ] Fichiers joints aux Ã©vÃ©nements Agenda
- [ ] Stockage mÃ©dias Ultiphotos
- [ ] Partage dans Ultimeet (prÃ©sentation)

## IntÃ©gration Nextcloud â€” Ã©tude technique

### APIs disponibles (confirmÃ©)

| OpÃ©ration | API Nextcloud | Endpoint |
|-----------|---------------|----------|
| Lister fichiers | WebDAV PROPFIND | `/remote.php/dav/files/{user}/` |
| Upload | WebDAV PUT | `/remote.php/dav/files/{user}/{path}` |
| Upload gros fichiers | Chunked v2 | `/remote.php/dav/uploads/{user}/` (chunks 5MB-5GB) |
| Download | WebDAV GET | `/remote.php/dav/files/{user}/{path}` |
| CrÃ©er dossier | WebDAV MKCOL | `/remote.php/dav/files/{user}/{path}` |
| DÃ©placer/copier | WebDAV MOVE/COPY | Headers Destination |
| Supprimer | WebDAV DELETE | Standard |
| CrÃ©er un partage | OCS POST | `/ocs/v2.php/apps/files_sharing/api/v1/shares` |
| Modifier partage | OCS PUT | `.../shares/{id}` |
| Partage public | WebDAV | `/public.php/dav` (depuis NC 29) |

### Permissions â€” mapping simple confirmÃ©

Nextcloud utilise un systÃ¨me bitwise simple qui mappe directement sur notre modÃ¨le :

| Permission | Bit | Mapping Ultidrive |
|------------|-----|-------------------|
| Read | 1 | Lecteur |
| Update | 2 | Ã‰diteur |
| Create | 4 | Ã‰diteur |
| Delete | 8 | Ã‰diteur |
| Share | 16 | PropriÃ©taire |
| All | 31 | PropriÃ©taire |

Types de partage supportÃ©s : user (0), group (1), public link (3), email (4), federated (6).
Options : `password`, `expireDate` (YYYY-MM-DD), `publicUpload`.

### Montage local â€” solution retenue : rclone

| Plateforme | MÃ©thode | DÃ©pendance |
|------------|---------|------------|
| Linux | `rclone mount` via FUSE | libfuse3 |
| macOS | `rclone mount` via macFUSE | macFUSE |
| Windows | `rclone mount` via WinFsp | WinFsp |

Avantages de rclone vs client Nextcloud Desktop :
- Plus stable (le VFS Nextcloud est expÃ©rimental sur Linux)
- Supporte WebDAV ET S3 avec la mÃªme commande
- VFS caching configurable (mode off/minimal/writes/full)
- Bundlable dans l'app Tauri comme sidecar

StratÃ©gie pour Tauri : rclone embarquÃ© en sidecar, lancÃ©/arrÃªtÃ© par l'app, configuration gÃ©rÃ©e programmatiquement.

### DÃ©ploiement Nextcloud headless (API-only)

Nextcloud peut tourner en mode backend pur :
- Image Docker FPM (pas d'interface web servie directement)
- Reverse proxy qui route uniquement `/remote.php/dav`, `/ocs/`, `/public.php/dav`
- L'UI Nextcloud n'est jamais exposÃ©e aux utilisateurs â€” seul Ultidrive est le frontend

```
â”Œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”     â”Œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”     â”Œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”
â”‚  Ultidrive   â”‚â”€â”€â”€â”€â–¶â”‚  Reverse Proxy   â”‚â”€â”€â”€â”€â–¶â”‚  Nextcloud   â”‚
â”‚  (frontend)  â”‚     â”‚  (nginx)         â”‚     â”‚  (PHP-FPM)   â”‚
â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜     â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜     â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜
                            â”‚                         â”‚
                            â”‚                    â”Œâ”€â”€â”€â”€â”´â”€â”€â”€â”€â”
                     Routes exposÃ©es :           â”‚ Storage â”‚
                     /remote.php/dav/*           â”‚ (S3/local)
                     /ocs/v2.php/*               â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜
                     /public.php/dav/*
```

## Briques technologiques envisagÃ©es

| Besoin | Option retenue | Alternatives |
|--------|----------------|--------------|
| Backend fichiers | Nextcloud (PHP-FPM headless) | ownCloud Infinite Scale |
| Protocole sync | WebDAV (natif NC) | â€” |
| Object storage | MinIO / S3-compatible (via NC external storage) | Stockage local |
| Montage local | rclone (sidecar Tauri) | client NC Desktop |
| Ã‰dition collaborative | OnlyOffice, Collabora Online | â€” |
| Recherche contenu | Meilisearch (indexation custom) | NC full-text search app |
| Auth | PartagÃ©e via Ulti Suite (OIDC â†’ NC) | â€” |
G£Ât¼“x<Ãæ# Ultimail

**Ã‰quivalent** : Gmail
**Statut** : Partiel (backend avancÃ©, incomplet)

---

## RÃ©sumÃ©

Client mail unifiÃ© multi-comptes avec backend de synchronisation. Un compte Ultimail gÃ¨re plusieurs comptes mail (SMTP/IMAP/POP3) avec identitÃ©s d'envoi/rÃ©ception distinctes, catch-all, et libellÃ©s unifiÃ©s.

## Ã‰tat d'implÃ©mentation rÃ©el (mai 2026)

### DÃ©jÃ  implÃ©mentÃ©

- API `/api/v1/mail` avec endpoints comptes, messages, threads, envoi, rÃ¨gles, webhooks.
- Workers backend IMAP sync et SMTP outbox dÃ©marrÃ©s au boot.
- SchÃ©ma SQL principal mail en place (accounts, messages, folders, rules, outbox, webhooks, attachments).

### Partiel / incomplet

- Outbox planifiÃ©e: incohÃ©rence de statuts `scheduled`/`queued`.
- RÃ¨gles et webhooks: briques prÃ©sentes mais pas entiÃ¨rement branchÃ©es au pipeline rÃ©el de rÃ©ception.
- Threading, piÃ¨ces jointes et identitÃ©s d'envoi encore incomplets.
- Realtime WS non finalisÃ© cÃ´tÃ© auth/events.

### Non commencÃ©

- Tri IA en production.
- Tokens API fine-grained pour agents externes.
- ExpÃ©rience desktop Tauri/mobile branchÃ©e au backend rÃ©el.

## Points de diffÃ©renciation vs Gmail

- Webhooks avancÃ©s avec systÃ¨me de templates personnalisables (Slack, Discord, custom)
- ConnectivitÃ© contrÃ´lÃ©e avec agents IA via tokens API fine-grained
- Tri intelligent par LLM (fournisseurs OpenAI-compatibles, prompt personnalisÃ© par rÃ¨gle)
- HÃ©bergement souverain, donnÃ©es sous contrÃ´le
- Multi-comptes natif avec unification complÃ¨te (libellÃ©s, dossiers, recherche cross-comptes)

## FonctionnalitÃ©s

### Core
- [ ] RÃ©ception / envoi de mails (IMAP/SMTP)
- [ ] Multi-comptes avec identitÃ©s d'envoi/rÃ©ception
- [ ] Catch-all (envoi et rÃ©ception)
- [ ] Conversations / threads
- [ ] LibellÃ©s et dossiers unifiÃ©s
- [ ] Recherche avancÃ©e
- [ ] PiÃ¨ces jointes
- [ ] Brouillons, envoi programmÃ©
- [ ] Contacts intÃ©grÃ©s

### Automatisations
- [ ] RÃ¨gles de tri Ã  la rÃ©ception
- [ ] Forward automatique
- [ ] RÃ©ponses automatiques
- [ ] Webhooks avec templates
- [ ] Tri IA (LLM + prompt personnalisÃ©)
- [ ] Tokens API fine-grained pour agents

### UX
- [ ] Interface inspirÃ©e Gmail (migration sans friction)
- [ ] Desktop web + Tauri + mobile â€” UX uniforme
- [ ] ThÃ¨mes, densitÃ©, prÃ©fÃ©rences par compte
- [ ] Raccourcis clavier complets
- [ ] Offline-first avec sync backend

## IntÃ©gration avec la suite (Nextcloud)

Ultimail utilise sa **propre stack mail** (pas le module mail de Nextcloud qui est insuffisant) mais s'intÃ¨gre avec l'instance Nextcloud partagÃ©e pour les services complÃ©mentaires :

### Ce qu'Ultimail utilise de Nextcloud

| Service | Usage dans Ultimail | API |
|---------|--------------------|----|
| **Ultidrive (WebDAV)** | Sauvegarder les piÃ¨ces jointes dans Drive | PUT `/remote.php/dav/files/{user}/` |
| **Ultidrive (WebDAV)** | InsÃ©rer des fichiers Drive dans un mail | GET + lien de partage OCS |
| **Agenda (CalDAV)** | DÃ©tecter les invitations .ics et crÃ©er des Ã©vÃ©nements | PUT `.../calendars/{user}/{cal}/{uid}.ics` |
| **Agenda (CalDAV)** | Afficher les Ã©vÃ©nements du jour dans la sidebar mail | REPORT calendar-query |
| **Contacts (CardDAV)** | AutocomplÃ©tion destinataires depuis le carnet | REPORT addressbook-query |
| **Contacts (CardDAV)** | Enrichir les fiches contact avec l'historique mail | Sync bidirectionnelle |

### Ce qu'Ultimail NE dÃ©lÃ¨gue PAS Ã  Nextcloud

- **IMAP/SMTP** â€” client mail custom (stalwart-mail, maddy, ou implÃ©mentation propre)
- **Stockage des mails** â€” PostgreSQL + object storage propre (pas la DB Nextcloud)
- **RÃ¨gles de tri, automatisations, webhooks** â€” moteur custom dans le backend Ultimail
- **Recherche mail** â€” index dÃ©diÃ© (Meilisearch/Typesense) distinct de la recherche NC
- **Auth mail** â€” OAuth2/App passwords gÃ©rÃ©s par le backend Ultimail, pas par NC

### Flux d'interaction

```
â”Œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”
â”‚                    Frontend Ultimail                       â”‚
â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”¬â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”¬â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜
             â”‚                             â”‚
             â–¼                             â–¼
â”Œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”    â”Œâ”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”
â”‚   Backend Ultimail     â”‚    â”‚   Nextcloud (headless)     â”‚
â”‚   â”œâ”€ IMAP/SMTP client  â”‚    â”‚   â”œâ”€ WebDAV (piÃ¨ces jointes)
â”‚   â”œâ”€ Moteur de rÃ¨gles  â”‚â”€â”€â”€â–¶â”‚   â”œâ”€ CalDAV (invitations)  â”‚
â”‚   â”œâ”€ Stockage mails    â”‚    â”‚   â””â”€ CardDAV (contacts)    â”‚
â”‚   â”œâ”€ Webhooks/IA       â”‚    â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜
â”‚   â””â”€ API sync clients  â”‚
â””â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”€â”˜
```

Le backend Ultimail communique avec Nextcloud **cÃ´tÃ© serveur** pour :
- CrÃ©er un Ã©vÃ©nement quand un mail contient une invitation .ics
- RÃ©soudre les contacts pour l'affichage (photo, nom complet)
- Proposer "Sauvegarder dans Drive" pour les piÃ¨ces jointes

## Briques technologiques envisagÃ©es

| Besoin | Option retenue | Alternatives |
|--------|----------------|--------------|
| IMAP/SMTP | stalwart-mail, maddy, ou client custom | â€” |
| Recherche full-text | Meilisearch, Typesense | â€” |
| Stockage mails | PostgreSQL + object storage (attachments) | â€” |
| Push/sync temps rÃ©el | WebSocket, SSE | â€” |
| PiÃ¨ces jointes â†’ Drive | Nextcloud WebDAV (mÃªme instance) | â€” |
| Calendrier (invitations) | Nextcloud CalDAV (mÃªme instance) | â€” |
| Contacts (autocomplÃ©tion) | Nextcloud CardDAV (mÃªme instance) | â€” |
| Auth | OIDC partagÃ© Ulti Suite | â€” |

## Voir aussi

- [CLAUDE.md](../CLAUDE.md) â€” contexte technique dÃ©taillÃ© du frontend actuel
- [ultidrive.md](ultidrive.md) â€” dÃ©tails intÃ©gration Nextcloud fichiers
- [agenda.md](agenda.md) â€” dÃ©tails intÃ©gration Nextcloud calendrier
- [contacts.md](contacts.md) â€” dÃ©tails intÃ©gration Nextcloud contacts
- `components/gmail/README.md` â€” arborescence composants
- `lib/stores/README.md` â€” architecture stores
Þ¹¾zx®Qø# Ultimaps

**Ã‰quivalent** : Google Maps
**Statut** : Non commencÃ©

---

## RÃ©sumÃ©

Service de cartographie et navigation avec donnÃ©es OpenStreetMap, itinÃ©raires, points d'intÃ©rÃªt et intÃ©gration avec les autres services (agenda, contacts, drive).

## Ã‰tat d'implÃ©mentation rÃ©el (mai 2026)

### DÃ©jÃ  implÃ©mentÃ©

- Aucun composant backend/service dÃ©diÃ© dans ce repository.

### Partiel / incomplet

- N/A Ã  ce stade (pas de base de code maps existante).

### Non commencÃ©

- API gÃ©ocodage.
- API routing.
- IntÃ©grations Agenda/Contacts/Photos.
- UI maps et capacitÃ© offline.

## Points de diffÃ©renciation vs Google Maps

- BasÃ© sur OpenStreetMap (donnÃ©es libres, contributives)
- Aucun tracking publicitaire ou profiling de dÃ©placements
- Cartes offline complÃ¨tes
- POI personnalisÃ©s et listes partagÃ©es entre utilisateurs
- API de gÃ©ocodage auto-hÃ©bergeable

## FonctionnalitÃ©s

### Core
- [ ] Carte interactive (tuiles OSM)
- [ ] Recherche d'adresses et POI (gÃ©ocodage)
- [ ] ItinÃ©raires (voiture, transports, vÃ©lo, piÃ©ton)
- [ ] Navigation turn-by-turn
- [ ] Vue satellite (si source disponible)

### Organisation
- [ ] Lieux enregistrÃ©s / favoris
- [ ] Listes de lieux personnalisÃ©es
- [ ] Historique des lieux visitÃ©s (opt-in)
- [ ] Partage de position temps rÃ©el (opt-in)

### Offline
- [ ] TÃ©lÃ©chargement de zones pour usage hors-ligne
- [ ] Navigation offline
- [ ] Sync des lieux sauvegardÃ©s

### IntÃ©gration suite
- [ ] Lieu des Ã©vÃ©nements Agenda (carte intÃ©grÃ©e)
- [ ] Adresses des Contacts sur la carte
- [ ] GÃ©olocalisation des photos (Ultiphotos)
- [ ] Partage de lieu via Ultimail / Ultimeet

## Briques technologiques envisagÃ©es

| Besoin | Option open-source |
|--------|--------------------|
| DonnÃ©es cartographiques | OpenStreetMap |
| Rendu tuiles | MapLibre GL, Protomaps |
| GÃ©ocodage | Nominatim, Pelias |
| Routing | OSRM, Valhalla, GraphHopper |
| Tuiles serveur | Tileserver GL, Martin |
\’½3µ‡xuŠ÷# Ultimeet

**Ã‰quivalent** : Google Meet
**Statut** : Partiel (JWT Jitsi minimal)

---

## RÃ©sumÃ©

VisioconfÃ©rence et appels audio/vidÃ©o intÃ©grÃ©s Ã  la suite, avec partage d'Ã©cran, chat, enregistrement et transcription.

## Ã‰tat d'implÃ©mentation rÃ©el (mai 2026)

### DÃ©jÃ  implÃ©mentÃ©

- API backend montÃ©e sous `/api/v1/meet` (si Jitsi activÃ©).
- Endpoints create room + token d'accÃ¨s salle.
- GÃ©nÃ©ration JWT cÃ´tÃ© serveur pour Jitsi.

### Partiel / incomplet

- Gestion modÃ©rateur basique seulement.
- Pas de persistance sessions/participants.
- Pas d'intÃ©gration complÃ¨te agenda/mail sur le cycle de vie des rÃ©unions.

### Non commencÃ©

- Enregistrement et stockage automatique dans Drive.
- Transcription et rÃ©sumÃ© IA.
- Tableau blanc, sondages et collaboration avancÃ©e.

## Points de diffÃ©renciation vs Google Meet

- BasÃ© sur Jitsi ou LiveKit (open-source, auto-hÃ©bergeable)
- Transcription et rÃ©sumÃ© automatique par IA
- Enregistrement stockÃ© dans Ultidrive
- Salles persistantes avec historique
- IntÃ©gration profonde agenda + mail (rappels, notes, follow-up auto)

## FonctionnalitÃ©s

### Core
- [ ] Appels audio/vidÃ©o (1:1 et groupe)
- [ ] Partage d'Ã©cran
- [ ] Chat en rÃ©union
- [ ] RÃ©actions et lever la main
- [ ] ArriÃ¨re-plans virtuels
- [ ] RÃ©duction de bruit

### Enregistrement & IA
- [ ] Enregistrement vidÃ©o (stockÃ© dans Ultidrive)
- [ ] Transcription temps rÃ©el
- [ ] RÃ©sumÃ© automatique post-rÃ©union
- [ ] DÃ©tection des actions items

### Collaboration
- [ ] Tableau blanc partagÃ©
- [ ] Notes collaboratives en rÃ©union
- [ ] Sondages en direct
- [ ] Sous-titres multi-langues

### IntÃ©gration suite
- [ ] Lien auto dans les Ã©vÃ©nements Agenda
- [ ] Invitation par Ultimail
- [ ] Fichiers partagÃ©s depuis Ultidrive pendant l'appel
- [ ] RÃ©sumÃ© envoyÃ© par mail post-rÃ©union
- [ ] Participants depuis Contacts

## Briques technologiques envisagÃ©es

| Besoin | Option open-source |
|--------|--------------------|
| WebRTC / SFU | Jitsi, LiveKit, mediasoup |
| Transcription | Whisper (OpenAI), Vosk |
| RÃ©sumÃ© IA | LLM OpenAI-compatible |
| Stockage enregistrements | Ultidrive / MinIO |
Ç
x±™x‘	nö# Ultiphotos

**Ã‰quivalent** : Google Photos
**Statut** : Partiel (proxy Immich minimal)

---

## RÃ©sumÃ©

Gestion de photos et vidÃ©os avec stockage cloud, organisation intelligente (IA), partage et albums collaboratifs. Stockage sur Ultidrive.

## Ã‰tat d'implÃ©mentation rÃ©el (mai 2026)

### DÃ©jÃ  implÃ©mentÃ©

- API backend montÃ©e sous `/api/v1/photos` (si Immich activÃ©).
- Endpoints list assets, upload, thumbnail, delete asset, list albums.
- Client Immich cÃ´tÃ© serveur intÃ©grÃ©.

### Partiel / incomplet

- Gestion albums incomplÃ¨te (list seulement).
- Mapping auth/api key Ã  fiabiliser selon intÃ©gration Immich cible.
- Pas de chaÃ®nage complet quota/storage avec Drive.

### Non commencÃ©

- Fonctions IA photos (visages, scÃ¨nes, souvenirs) cÃ´tÃ© produit Ulti.
- Partage avancÃ© albums avec permissions granulaires finalisÃ©es.
- ExpÃ©rience frontend photos de production branchÃ©e backend rÃ©el.

## Points de diffÃ©renciation vs Google Photos

- Stockage sur infrastructure propre (pas de compression forcÃ©e)
- Classification IA auto-hÃ©bergeable (pas d'envoi Ã  un tiers)
- Albums partagÃ©s avec permissions granulaires
- Export complet sans perte (original toujours conservÃ©)
- IntÃ©gration native Ultidrive (mÃªme quota, mÃªme stockage)

## FonctionnalitÃ©s

### Core
- [ ] Upload photos / vidÃ©os (originaux conservÃ©s)
- [ ] Galerie chronologique
- [ ] Albums manuels et albums intelligents (auto-gÃ©nÃ©rÃ©s)
- [ ] Recherche par date, lieu, personnes, objets
- [ ] Favoris, archive, corbeille

### Organisation IA
- [ ] DÃ©tection de visages et regroupement par personne
- [ ] Classification par scÃ¨ne / objet
- [ ] GÃ©olocalisation et carte
- [ ] Souvenirs / "Ce jour-lÃ " automatiques
- [ ] Suggestions de partage

### Ã‰dition
- [ ] Retouche basique (crop, rotation, filtres, luminositÃ©)
- [ ] Suggestions d'amÃ©lioration IA

### Partage
- [ ] Albums partagÃ©s (lecture / contribution)
- [ ] Lien de partage (public, protÃ©gÃ©, expiration)
- [ ] Partage vers Ultimail, Ultimeet

### Sync
- [ ] Sync automatique depuis mobile (app)
- [ ] Sync depuis desktop
- [ ] Dossiers Ultidrive comme source

## Briques technologiques envisagÃ©es

| Besoin | Option open-source |
|--------|--------------------|
| Gestion photos | Immich, LibrePhotos, PhotoPrism |
| Reconnaissance faciale | InsightFace, dlib |
| Classification | CLIP, BLIP |
| Stockage | Ultidrive / MinIO |
| MÃ©tadonnÃ©es | PostgreSQL + EXIF parsing |
ÏämWfÃq¿ŒBÌ¿q2ª¿ +ÑÂž9Ýí