@budibase/backend-core 2.13.15 → 2.13.17

package/dist/index.js

@@ -691,6 +691,7 @@ var init_permissions = __esm({
       PermissionType2["AUTOMATION"] = "automation";
       PermissionType2["WEBHOOK"] = "webhook";
       PermissionType2["BUILDER"] = "builder";
+      PermissionType2["CREATOR"] = "creator";
       PermissionType2["GLOBAL_BUILDER"] = "globalBuilder";
       PermissionType2["QUERY"] = "query";
       PermissionType2["VIEW"] = "view";
@@ -6672,6 +6673,7 @@ var getStatus = async () => {
 var users_exports3 = {};
 __export(users_exports3, {
   UserDB: () => UserDB,
+  addAppBuilder: () => addAppBuilder,
   bulkGetGlobalUsersById: () => bulkGetGlobalUsersById,
   bulkUpdateGlobalUsers: () => bulkUpdateGlobalUsers,
   cleanseUserObject: () => cleanseUserObject,
@@ -6697,6 +6699,7 @@ __export(users_exports3, {
   isGlobalBuilder: () => isGlobalBuilder2,
   isSupportedUserSearch: () => isSupportedUserSearch,
   paginatedUsers: () => paginatedUsers,
+  removeAppBuilder: () => removeAppBuilder,
   removePortalUserPermissions: () => removePortalUserPermissions,
   searchExistingEmails: () => searchExistingEmails,
   searchGlobalUsersByApp: () => searchGlobalUsersByApp,
@@ -7307,12 +7310,14 @@ function getProdAppID2(appId) {
 // ../shared-core/src/sdk/documents/users.ts
 var users_exports2 = {};
 __export(users_exports2, {
+  canCreateApps: () => canCreateApps,
   containsUserID: () => containsUserID,
   getGlobalUserID: () => getGlobalUserID,
   hasAdminPermissions: () => hasAdminPermissions,
   hasAppBuilderPermissions: () => hasAppBuilderPermissions,
   hasAppCreatorPermissions: () => hasAppCreatorPermissions,
   hasBuilderPermissions: () => hasBuilderPermissions,
+  hasCreatorPermissions: () => hasCreatorPermissions,
   isAdmin: () => isAdmin,
   isAdminOrBuilder: () => isAdminOrBuilder,
   isAdminOrGlobalBuilder: () => isAdminOrGlobalBuilder,
@@ -7336,6 +7341,9 @@ function isBuilder(user, appId) {
 function isGlobalBuilder(user) {
   return isBuilder(user) && !hasAppBuilderPermissions(user) || isAdmin(user);
 }
+function canCreateApps(user) {
+  return isGlobalBuilder(user) || hasCreatorPermissions(user);
+}
 function isAdmin(user) {
   if (!user) {
     return false;
@@ -7363,7 +7371,7 @@ function hasAppCreatorPermissions(user) {
   return _.flow(
     _.get("roles"),
     _.values,
-    _.find((x) => ["CREATOR", "ADMIN"].includes(x)),
+    _.find((x) => x === "CREATOR"),
     (x) => !!x
   )(user);
 }
@@ -7371,7 +7379,7 @@ function hasBuilderPermissions(user) {
   if (!user) {
     return false;
   }
-  return user.builder?.global || hasAppBuilderPermissions(user);
+  return user.builder?.global || hasAppBuilderPermissions(user) || hasCreatorPermissions(user);
 }
 function hasAdminPermissions(user) {
   if (!user) {
@@ -7379,11 +7387,17 @@ function hasAdminPermissions(user) {
   }
   return !!user.admin?.global;
 }
+function hasCreatorPermissions(user) {
+  if (!user) {
+    return false;
+  }
+  return !!user.builder?.creator;
+}
 function isCreator(user) {
   if (!user) {
     return false;
   }
-  return isGlobalBuilder(user) || hasAdminPermissions(user) || hasAppBuilderPermissions(user) || hasAppCreatorPermissions(user);
+  return isGlobalBuilder(user) || hasAdminPermissions(user) || hasCreatorPermissions(user) || hasAppBuilderPermissions(user) || hasAppCreatorPermissions(user);
 }
 function getGlobalUserID(userId) {
   if (typeof userId !== "string") {
@@ -7478,250 +7492,6 @@ async function getAccountHolderFromUserIds(userIds) {
   }
 }
 
-// src/users/users.ts
-function removeUserPassword(users) {
-  if (Array.isArray(users)) {
-    return users.map((user) => {
-      if (user) {
-        delete user.password;
-        return user;
-      }
-    });
-  } else if (users) {
-    delete users.password;
-    return users;
-  }
-  return users;
-}
-function isSupportedUserSearch(query) {
-  const allowed = [
-    { op: "string" /* STRING */, key: "email" },
-    { op: "equal" /* EQUAL */, key: "_id" }
-  ];
-  for (let [key, operation] of Object.entries(query)) {
-    if (typeof operation !== "object") {
-      return false;
-    }
-    const fields = Object.keys(operation || {});
-    if (fields.length === 0) {
-      continue;
-    }
-    const allowedOperation = allowed.find(
-      (allow) => allow.op === key && fields.length === 1 && fields[0] === allow.key
-    );
-    if (!allowedOperation) {
-      return false;
-    }
-  }
-  return true;
-}
-async function bulkGetGlobalUsersById(userIds, opts) {
-  const db = getGlobalDB();
-  let users = (await db.allDocs({
-    keys: userIds,
-    include_docs: true
-  })).rows.map((row) => row.doc);
-  if (opts?.cleanup) {
-    users = removeUserPassword(users);
-  }
-  return users;
-}
-async function getAllUserIds() {
-  const db = getGlobalDB();
-  const startKey = `${"us" /* USER */}${SEPARATOR}`;
-  const response = await db.allDocs({
-    startkey: startKey,
-    endkey: `${startKey}${UNICODE_MAX}`
-  });
-  return response.rows.map((row) => row.id);
-}
-async function bulkUpdateGlobalUsers(users) {
-  const db = getGlobalDB();
-  return await db.bulkDocs(users);
-}
-async function getById(id, opts) {
-  const db = getGlobalDB();
-  let user = await db.get(id);
-  if (opts?.cleanup) {
-    user = removeUserPassword(user);
-  }
-  return user;
-}
-async function getGlobalUserByEmail(email, opts) {
-  if (email == null) {
-    throw "Must supply an email address to view";
-  }
-  const response = await queryGlobalView("by_email2" /* USER_BY_EMAIL */, {
-    key: email.toLowerCase(),
-    include_docs: true
-  });
-  if (Array.isArray(response)) {
-    throw new Error(`Multiple users found with email address: ${email}`);
-  }
-  let user = response;
-  if (opts?.cleanup) {
-    user = removeUserPassword(user);
-  }
-  return user;
-}
-async function doesUserExist(email) {
-  try {
-    const user = await getGlobalUserByEmail(email);
-    if (Array.isArray(user) || user != null) {
-      return true;
-    }
-  } catch (err) {
-    return false;
-  }
-  return false;
-}
-async function searchGlobalUsersByApp(appId, opts, getOpts) {
-  if (typeof appId !== "string") {
-    throw new Error("Must provide a string based app ID");
-  }
-  const params2 = getUsersByAppParams(appId, {
-    include_docs: true
-  });
-  params2.startkey = opts && opts.startkey ? opts.startkey : params2.startkey;
-  let response = await queryGlobalView("by_app" /* USER_BY_APP */, params2);
-  if (!response) {
-    response = [];
-  }
-  let users = Array.isArray(response) ? response : [response];
-  if (getOpts?.cleanup) {
-    users = removeUserPassword(users);
-  }
-  return users;
-}
-async function searchGlobalUsersByAppAccess(appId, opts) {
-  const roleSelector = `roles.${appId}`;
-  let orQuery = [
-    {
-      "builder.global": true
-    },
-    {
-      "admin.global": true
-    }
-  ];
-  if (appId) {
-    const roleCheck = {
-      [roleSelector]: {
-        $exists: true
-      }
-    };
-    orQuery.push(roleCheck);
-  }
-  let searchOptions = {
-    selector: {
-      $or: orQuery,
-      _id: {
-        $regex: "^us_"
-      }
-    },
-    limit: opts?.limit || 50
-  };
-  const resp = await directCouchFind(getGlobalDBName(), searchOptions);
-  return resp.rows;
-}
-function getGlobalUserByAppPage(appId, user) {
-  if (!user) {
-    return;
-  }
-  return generateAppUserID(getProdAppID(appId), user._id);
-}
-async function searchGlobalUsersByEmail(email, opts, getOpts) {
-  if (typeof email !== "string") {
-    throw new Error("Must provide a string to search by");
-  }
-  const lcEmail = email.toLowerCase();
-  const startkey = opts && opts.startkey ? opts.startkey : lcEmail;
-  let response = await queryGlobalView("by_email2" /* USER_BY_EMAIL */, {
-    ...opts,
-    startkey,
-    endkey: `${lcEmail}${UNICODE_MAX}`
-  });
-  if (!response) {
-    response = [];
-  }
-  let users = Array.isArray(response) ? response : [response];
-  if (getOpts?.cleanup) {
-    users = removeUserPassword(users);
-  }
-  return users;
-}
-var PAGE_LIMIT = 8;
-async function paginatedUsers({
-  bookmark,
-  query,
-  appId,
-  limit
-} = {}) {
-  const db = getGlobalDB();
-  const pageSize = limit ?? PAGE_LIMIT;
-  const pageLimit = pageSize + 1;
-  const opts = {
-    include_docs: true,
-    limit: pageLimit
-  };
-  if (bookmark) {
-    opts.startkey = bookmark;
-  }
-  let userList, property = "_id", getKey;
-  if (query?.equal?._id) {
-    userList = [await getById(query.equal._id)];
-  } else if (appId) {
-    userList = await searchGlobalUsersByApp(appId, opts);
-    getKey = (doc) => getGlobalUserByAppPage(appId, doc);
-  } else if (query?.string?.email) {
-    userList = await searchGlobalUsersByEmail(query?.string?.email, opts);
-    property = "email";
-  } else {
-    const response = await db.allDocs(getGlobalUserParams(null, opts));
-    userList = response.rows.map((row) => row.doc);
-  }
-  return pagination(userList, pageSize, {
-    paginate: true,
-    property,
-    getKey
-  });
-}
-async function getUserCount() {
-  const response = await queryGlobalViewRaw("by_email2" /* USER_BY_EMAIL */, {
-    limit: 0,
-    // to be as fast as possible - we just want the total rows count
-    include_docs: false
-  });
-  return response.total_rows;
-}
-async function getCreatorCount() {
-  let creators = 0;
-  async function iterate(startPage) {
-    const page = await paginatedUsers({ bookmark: startPage });
-    creators += page.data.filter(isCreator2).length;
-    if (page.hasNextPage) {
-      await iterate(page.nextPage);
-    }
-  }
-  await iterate();
-  return creators;
-}
-function removePortalUserPermissions(user) {
-  delete user.admin;
-  delete user.builder;
-  return user;
-}
-function cleanseUserObject(user, base) {
-  delete user.admin;
-  delete user.builder;
-  delete user.roles;
-  if (base) {
-    user.admin = base.admin;
-    user.builder = base.builder;
-    user.roles = base.roles;
-  }
-  return user;
-}
-
 // src/users/db.ts
 init_environment2();
 
@@ -10497,9 +10267,6 @@ var UserDB = class _UserDB {
     if (!email && !_id) {
       throw new Error("_id or email is required");
     }
-    if (user.builder?.apps?.length && !await _UserDB.features.isAppBuildersEnabled()) {
-      throw new Error("Unable to update app builders, please check license");
-    }
     let dbUser;
     if (_id) {
       try {
@@ -10739,6 +10506,265 @@ var UserDB = class _UserDB {
   }
 };
 
+// src/users/users.ts
+function removeUserPassword(users) {
+  if (Array.isArray(users)) {
+    return users.map((user) => {
+      if (user) {
+        delete user.password;
+        return user;
+      }
+    });
+  } else if (users) {
+    delete users.password;
+    return users;
+  }
+  return users;
+}
+function isSupportedUserSearch(query) {
+  const allowed = [
+    { op: "string" /* STRING */, key: "email" },
+    { op: "equal" /* EQUAL */, key: "_id" }
+  ];
+  for (let [key, operation] of Object.entries(query)) {
+    if (typeof operation !== "object") {
+      return false;
+    }
+    const fields = Object.keys(operation || {});
+    if (fields.length === 0) {
+      continue;
+    }
+    const allowedOperation = allowed.find(
+      (allow) => allow.op === key && fields.length === 1 && fields[0] === allow.key
+    );
+    if (!allowedOperation) {
+      return false;
+    }
+  }
+  return true;
+}
+async function bulkGetGlobalUsersById(userIds, opts) {
+  const db = getGlobalDB();
+  let users = (await db.allDocs({
+    keys: userIds,
+    include_docs: true
+  })).rows.map((row) => row.doc);
+  if (opts?.cleanup) {
+    users = removeUserPassword(users);
+  }
+  return users;
+}
+async function getAllUserIds() {
+  const db = getGlobalDB();
+  const startKey = `${"us" /* USER */}${SEPARATOR}`;
+  const response = await db.allDocs({
+    startkey: startKey,
+    endkey: `${startKey}${UNICODE_MAX}`
+  });
+  return response.rows.map((row) => row.id);
+}
+async function bulkUpdateGlobalUsers(users) {
+  const db = getGlobalDB();
+  return await db.bulkDocs(users);
+}
+async function getById(id, opts) {
+  const db = getGlobalDB();
+  let user = await db.get(id);
+  if (opts?.cleanup) {
+    user = removeUserPassword(user);
+  }
+  return user;
+}
+async function getGlobalUserByEmail(email, opts) {
+  if (email == null) {
+    throw "Must supply an email address to view";
+  }
+  const response = await queryGlobalView("by_email2" /* USER_BY_EMAIL */, {
+    key: email.toLowerCase(),
+    include_docs: true
+  });
+  if (Array.isArray(response)) {
+    throw new Error(`Multiple users found with email address: ${email}`);
+  }
+  let user = response;
+  if (opts?.cleanup) {
+    user = removeUserPassword(user);
+  }
+  return user;
+}
+async function doesUserExist(email) {
+  try {
+    const user = await getGlobalUserByEmail(email);
+    if (Array.isArray(user) || user != null) {
+      return true;
+    }
+  } catch (err) {
+    return false;
+  }
+  return false;
+}
+async function searchGlobalUsersByApp(appId, opts, getOpts) {
+  if (typeof appId !== "string") {
+    throw new Error("Must provide a string based app ID");
+  }
+  const params2 = getUsersByAppParams(appId, {
+    include_docs: true
+  });
+  params2.startkey = opts && opts.startkey ? opts.startkey : params2.startkey;
+  let response = await queryGlobalView("by_app" /* USER_BY_APP */, params2);
+  if (!response) {
+    response = [];
+  }
+  let users = Array.isArray(response) ? response : [response];
+  if (getOpts?.cleanup) {
+    users = removeUserPassword(users);
+  }
+  return users;
+}
+async function searchGlobalUsersByAppAccess(appId, opts) {
+  const roleSelector = `roles.${appId}`;
+  let orQuery = [
+    {
+      "builder.global": true
+    },
+    {
+      "admin.global": true
+    }
+  ];
+  if (appId) {
+    const roleCheck = {
+      [roleSelector]: {
+        $exists: true
+      }
+    };
+    orQuery.push(roleCheck);
+  }
+  let searchOptions = {
+    selector: {
+      $or: orQuery,
+      _id: {
+        $regex: "^us_"
+      }
+    },
+    limit: opts?.limit || 50
+  };
+  const resp = await directCouchFind(getGlobalDBName(), searchOptions);
+  return resp.rows;
+}
+function getGlobalUserByAppPage(appId, user) {
+  if (!user) {
+    return;
+  }
+  return generateAppUserID(getProdAppID(appId), user._id);
+}
+async function searchGlobalUsersByEmail(email, opts, getOpts) {
+  if (typeof email !== "string") {
+    throw new Error("Must provide a string to search by");
+  }
+  const lcEmail = email.toLowerCase();
+  const startkey = opts && opts.startkey ? opts.startkey : lcEmail;
+  let response = await queryGlobalView("by_email2" /* USER_BY_EMAIL */, {
+    ...opts,
+    startkey,
+    endkey: `${lcEmail}${UNICODE_MAX}`
+  });
+  if (!response) {
+    response = [];
+  }
+  let users = Array.isArray(response) ? response : [response];
+  if (getOpts?.cleanup) {
+    users = removeUserPassword(users);
+  }
+  return users;
+}
+var PAGE_LIMIT = 8;
+async function paginatedUsers({
+  bookmark,
+  query,
+  appId,
+  limit
+} = {}) {
+  const db = getGlobalDB();
+  const pageSize = limit ?? PAGE_LIMIT;
+  const pageLimit = pageSize + 1;
+  const opts = {
+    include_docs: true,
+    limit: pageLimit
+  };
+  if (bookmark) {
+    opts.startkey = bookmark;
+  }
+  let userList, property = "_id", getKey;
+  if (query?.equal?._id) {
+    userList = [await getById(query.equal._id)];
+  } else if (appId) {
+    userList = await searchGlobalUsersByApp(appId, opts);
+    getKey = (doc) => getGlobalUserByAppPage(appId, doc);
+  } else if (query?.string?.email) {
+    userList = await searchGlobalUsersByEmail(query?.string?.email, opts);
+    property = "email";
+  } else {
+    const response = await db.allDocs(getGlobalUserParams(null, opts));
+    userList = response.rows.map((row) => row.doc);
+  }
+  return pagination(userList, pageSize, {
+    paginate: true,
+    property,
+    getKey
+  });
+}
+async function getUserCount() {
+  const response = await queryGlobalViewRaw("by_email2" /* USER_BY_EMAIL */, {
+    limit: 0,
+    // to be as fast as possible - we just want the total rows count
+    include_docs: false
+  });
+  return response.total_rows;
+}
+async function getCreatorCount() {
+  let creators = 0;
+  async function iterate(startPage) {
+    const page = await paginatedUsers({ bookmark: startPage });
+    creators += page.data.filter(isCreator2).length;
+    if (page.hasNextPage) {
+      await iterate(page.nextPage);
+    }
+  }
+  await iterate();
+  return creators;
+}
+function removePortalUserPermissions(user) {
+  delete user.admin;
+  delete user.builder;
+  return user;
+}
+function cleanseUserObject(user, base) {
+  delete user.admin;
+  delete user.builder;
+  delete user.roles;
+  if (base) {
+    user.admin = base.admin;
+    user.builder = base.builder;
+    user.roles = base.roles;
+  }
+  return user;
+}
+async function addAppBuilder(user, appId) {
+  const prodAppId = getProdAppID(appId);
+  user.builder ??= {};
+  user.builder.creator = true;
+  user.builder.apps ??= [];
+  user.builder.apps.push(prodAppId);
+  await UserDB.save(user, { hashPassword: false });
+}
+async function removeAppBuilder(user, appId) {
+  const prodAppId = getProdAppID(appId);
+  if (user.builder && user.builder.apps?.includes(prodAppId)) {
+    user.builder.apps = user.builder.apps.filter((id) => id !== prodAppId);
+  }
+  await UserDB.save(user, { hashPassword: false });
+}
+
 // src/cache/user.ts
 var EXPIRY_SECONDS3 = 3600;
 async function populateFromDB2(userId, tenantId) {
@@ -11334,6 +11360,7 @@ __export(permissions_exports, {
   BUILDER: () => BUILDER,
   BUILTIN_PERMISSIONS: () => BUILTIN_PERMISSIONS,
   BuiltinPermissionID: () => BuiltinPermissionID,
+  CREATOR: () => CREATOR,
   GLOBAL_BUILDER: () => GLOBAL_BUILDER,
   Permission: () => Permission,
   PermissionLevel: () => PermissionLevel,
@@ -11474,6 +11501,7 @@ function isPermissionLevelHigherThanRead(level) {
   return levelToNumber(level) > 1;
 }
 var BUILDER = "builder" /* BUILDER */;
+var CREATOR = "creator" /* CREATOR */;
 var GLOBAL_BUILDER = "globalBuilder" /* GLOBAL_BUILDER */;
 
 // src/security/roles.ts