npm - @budibase/backend-core - Versions diffs - 3.19.1 → 3.19.2 - Mend

@budibase/backend-core 3.19.1 → 3.19.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/index.js +2 -2
package/dist/index.js.map +2 -2
package/dist/package.json +2 -2
package/dist/src/objectStore/objectStore.d.ts +1 -1
package/dist/src/objectStore/objectStore.js +5 -1
package/dist/src/objectStore/objectStore.js.map +1 -1
package/package.json +2 -2

package/dist/index.js CHANGED Viewed

@@ -33,7 +33,7 @@ attempted value: ${o}
     if (doc.ssoId) {
       emit(doc.ssoId, doc._id)
     }
-  }`,"platform_users_lowercase_2")},"createPlatformUserView"),Ws=s(async(t,e)=>{let r={account_by_email:ET,platform_users_lowercase_2:gT};return qe(fe.PLATFORM_INFO.name,async n=>{let i=r[t];return Tf(t,e,n,i,{arrayResponse:!0})})},"queryPlatformView"),yT={by_email2:fT,by_api_key:mT,by_app:pT},Ft=s(async(t,e,r,n)=>{r||(r=H());let i=yT[t];return Tf(t,e,r,i,n)},"queryGlobalView");async function Sf(t,e,r){let n=H(),i=yT[t];return Bs(t,e,n,i,r)}s(Sf,"queryGlobalViewRaw");var bb=F(require("pouchdb"));var Af=class{static{s(this,"Replication")}constructor({source:e,target:r}){this.source=Ze(e),this.target=Ze(r),e.startsWith("app_dev")&&r.startsWith("app")?this.direction="toProduction":e.startsWith("app")&&r.startsWith("app_dev")&&(this.direction="toDev")}async close(){await Promise.all([_s(this.source),_s(this.target)])}replicate(e={}){return new Promise(r=>{this.source.replicate.to(this.target,e).on("denied",function(n){throw new Error(`Denied: Document failed to replicate ${n}`)}).on("complete",function(n){return r(n)}).on("error",function(n){throw n})})}appReplicateOpts(e={}){if(typeof e.filter=="string")return e;let r=e.filter,i=this.direction==="toDev";delete e.filter;let o=e.isCreation,a=e.tablesToSync;delete e.isCreation,delete e.tablesToSync;let u=!1,c;typeof a=="string"&&a==="all"?u=!0:a&&(c=a);let l=s((f,p)=>f?.startsWith(p+b),"startsWithID"),d=s(f=>l(f,"ro")||l(f,"li"),"isData");return{...e,filter:(f,p)=>!o&&f._id==="_design/migrations"||i&&f._id.startsWith("_design")?!1:f._deleted||l(f._id,hs)?!0:d(f._id)?!!c?.find(h=>f._id.includes(h))||u:l(f._id,"log_au")||f._id==="app_metadata"?!1:r?r(f,p):!0}}async rollback(){await this.target.destroy(),this.target=Ze(this.target.name),await this.replicate()}},TT=Af;var AT=F(require("node-fetch"));var $s=ar.removeKeyNumbering;function on(t){return t==null||t===""}s(on,"isEmpty");var Bt=class t{static{s(this,"QueryBuilder")}#l;#d;#e;#r;#n;#i;#s;#o;#t;#f;#a;#u=!1;#c;static{this.maxLimit=200}constructor(e,r,n){this.#l=e,this.#d=r,this.#e={allOr:!1,onEmptyFilter:"all",string:{},fuzzy:{},range:{},equal:{},notEqual:{},empty:{},notEmpty:{},oneOf:{},contains:{},notContains:{},containsAny:{},...n},this.#r=50,this.#s="ascending",this.#o="string",this.#t=!0}disableEscaping(){return this.#u=!0,this}setIndexBuilder(e){return this.#a=e,this}setVersion(e){return e!=null&&(this.#f=e),this}setTable(e){return this.#e.equal.tableId=e,this}setLimit(e){return e!=null&&(this.#r=e),this}setSort(e){return e!=null&&(this.#n=e),this}setSortOrder(e){return e!=null&&(this.#s=e),this}setSortType(e){return e!=null&&(this.#o=e),this}setBookmark(e){return e!=null&&(this.#i=e),this}setSkip(e){return this.#c=e,this}excludeDocs(){return this.#t=!1,this}includeDocs(){return this.#t=!0,this}addString(e,r){return this.#e.string[e]=r,this}addFuzzy(e,r){return this.#e.fuzzy[e]=r,this}addRange(e,r,n){return this.#e.range[e]={low:r,high:n},this}addEqual(e,r){return this.#e.equal[e]=r,this}addNotEqual(e,r){return this.#e.notEqual[e]=r,this}addEmpty(e,r){return this.#e.empty[e]=r,this}addNotEmpty(e,r){return this.#e.notEmpty[e]=r,this}addOneOf(e,r){return this.#e.oneOf[e]=r,this}addContains(e,r){return this.#e.contains[e]=r,this}addNotContains(e,r){return this.#e.notContains[e]=r,this}addContainsAny(e,r){return this.#e.containsAny[e]=r,this}setAllOr(){this.#e.allOr=!0}setOnEmptyFilter(e){this.#e.onEmptyFilter=e}handleSpaces(e){return this.#u?e:e.replace(/ /g,"_")}preprocess(e,{escape:r,lowercase:n,wrap:i,type:o}={}){let a=!!this.#f,u=typeof e;return e&&n&&(e=e.toLowerCase?e.toLowerCase():e),!this.#u&&r&&u==="string"&&(e=`${e}`.replace(/[ /#+\-&|!(){}\]^"~*?:\\]/g,"\\$&")),u==="string"&&!isNaN(e)&&!o?e=`"${e}"`:a&&i&&(e=u==="number"?e:`"${e}"`),e}isMultiCondition(){let e=0;for(let r of Object.values(this.#e))typeof r=="object"&&(e+=Object.keys(r).length);return e>1}compressFilters(e){let r={};for(let o of Object.keys(e)){let a=$s(o);r[a]?r[a]=r[a].concat(e[o]):r[a]=e[o]}let n={},i=1;for(let[o,a]of Object.entries(r))n[`${i++}:${o}`]=a;return n}buildSearchQuery(){let e=this,r=this.#e&&this.#e.allOr,n=r?"":"*:*",i=!0,o={escape:!0,lowercase:!0,wrap:!0},a="";this.#e.equal.tableId&&(a=this.#e.equal.tableId,delete this.#e.equal.tableId);let u=s((m,g)=>on(g)?null:`${m}:${e.preprocess(g,o)}`,"equal"),c=s((m,g,y="AND")=>{if(on(g))return null;if(!Array.isArray(g))return`${m}:${g}`;let S=`${e.preprocess(g[0],{escape:!0})}`;for(let O=1;O<g.length;O++)S+=` ${y} ${e.preprocess(g[O],{escape:!0})}`;return`${m}:(${S})`},"contains"),l=s((m,g)=>on(g)?null:(g=e.preprocess(g,{escape:!0,lowercase:!0,type:"fuzzy"}),`${m}:/.*${g}.*/`),"fuzzy"),d=s((m,g)=>{let y=r?"*:* AND ":"",S=r?"AND":void 0;return y+"NOT "+c(m,g,S)},"notContains"),f=s((m,g)=>c(m,g,"OR"),"containsAny"),p=s((m,g)=>{if(on(g))return"*:*";if(!Array.isArray(g))if(typeof g=="string")g=g.split(",");else return"";let y=`${e.preprocess(g[0],o)}`;for(let S=1;S<g.length;S++)y+=` OR ${e.preprocess(g[S],o)}`;return`${m}:(${y})`},"oneOf");function h(m,g,y){let S="";for(let[O,_]of Object.entries(m)){O=$s(O),O=e.preprocess(e.handleSpaces(O),{escape:!0});let D=g(O,_);if(D!=null){if(S.length>0||n.length>0){let T=y?.mode?y.mode:r?"OR":"AND";S+=` ${T} `}S+=D,(typeof _!="string"&&_!=null||typeof _=="string"&&_!==a&&_!=="")&&(i=!1)}}if(y?.returnBuilt)return S;n+=S}if(s(h,"build"),this.#e.string&&h(this.#e.string,(m,g)=>on(g)?null:(g=e.preprocess(g,{escape:!0,lowercase:!0,type:"string"}),`${m}:${g}*`)),this.#e.range&&h(this.#e.range,(m,g)=>{if(on(g)||g.low==null||g.low===""||g.high==null||g.high==="")return null;let y=e.preprocess(g.low,o),S=e.preprocess(g.high,o);return`${m}:[${y} TO ${S}]`}),this.#e.fuzzy&&h(this.#e.fuzzy,l),this.#e.equal&&h(this.#e.equal,u),this.#e.notEqual&&h(this.#e.notEqual,(m,g)=>on(g)?null:typeof g=="boolean"?`(*:* AND !${m}:${g})`:`!${m}:${e.preprocess(g,o)}`),this.#e.empty&&h(this.#e.empty,m=>(i=!1,`(*:* -${m}:["" TO *])`)),this.#e.notEmpty&&h(this.#e.notEmpty,m=>(i=!1,`${m}:["" TO *]`)),this.#e.oneOf&&h(this.#e.oneOf,p),this.#e.contains&&h(this.#e.contains,c),this.#e.notContains&&h(this.compressFilters(this.#e.notContains),d),this.#e.containsAny&&h(this.#e.containsAny,f),a&&(n=this.isMultiCondition()?`(${n})`:n,r=!1,h({tableId:a},u)),i){if(this.#e.onEmptyFilter==="none")return"";if(this.#e?.allOr)return n.replace("()","(*:*)")}return n}buildSearchBody(){let e={q:this.buildSearchQuery(),limit:Math.min(this.#r,t.maxLimit),include_docs:this.#t};if(this.#i&&(e.bookmark=this.#i),this.#n){let r=this.#s==="descending"?"-":"",n=`<${this.#o}>`;e.sort=`${r}${this.handleSpaces(this.#n)}${n}`}return e}async run(){return this.#c&&await this.#m(this.#c),await this.#p()}async#m(e){let r=this.#t,n=this.#r;this.excludeDocs();let i=e,o=0;do{let a=Math.min(t.maxLimit,i);this.setLimit(a);let{bookmark:u,rows:c}=await this.#p();this.setBookmark(u),o=c.length,i-=c.length}while(i>0&&o>0);this.#t=r,this.#r=n}async#p(){let{url:e,cookie:r}=dt(),n=`${e}/${this.#l}/_design/database/_search/${this.#d}`,i=this.buildSearchBody();try{return await ST(n,i,r)}catch(o){if(o.status===404&&this.#a)return await this.#a(),await ST(n,i,r);throw o}}};async function ST(t,e,r){let n=await(0,AT.default)(t,{body:JSON.stringify(e),method:"POST",headers:{Authorization:r}});if(n.status===404)throw n;let i=await n.json(),o={rows:[],totalRows:0};return i.rows!=null&&i.rows.length>0&&(o.rows=i.rows.map(a=>a.doc)),i.bookmark&&(o.bookmark=i.bookmark),i.total_rows&&(o.totalRows=i.total_rows),o}s(ST,"runQuery");async function _T(t,e,r,n){let i=n.bookmark,o=n.rows||[];if(n.limit&&o.length>=n.limit)return o;let a=Bt.maxLimit;n.limit&&o.length>n.limit-Bt.maxLimit&&(a=n.limit-o.length);let u=new Bt(t,e,r);u.setVersion(n.version).setBookmark(i).setLimit(a).setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.tableId&&u.setTable(n.tableId);let c=await u.run();if(!c.rows.length)return o;if(c.rows.length<Bt.maxLimit)return[...o,...c.rows];let l={...n,bookmark:c.bookmark,rows:[...o,...c.rows]};return await _T(t,e,r,l)}s(_T,"recursiveSearch");async function xb(t,e,r,n){let i=n.limit;(i==null||isNaN(i)||i<0)&&(i=50),i=Math.min(i,Bt.maxLimit);let o=new Bt(t,e,r);n.version&&o.setVersion(n.version),n.tableId&&o.setTable(n.tableId),n.sort&&o.setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.indexer&&o.setIndexBuilder(n.indexer),n.disableEscaping&&o.disableEscaping();let a=await o.setBookmark(n.bookmark).setLimit(i).run();o.setBookmark(a.bookmark).setLimit(1),n.tableId&&o.setTable(n.tableId);let u=await o.run();return{...a,hasNextPage:u.rows&&u.rows.length>0}}s(xb,"paginatedSearch");async function vb(t,e,r,n){let i=n.limit;return(i==null||isNaN(i)||i<0)&&(i=1e3),n.limit=Math.min(i,1e3),{rows:await _T(t,e,r,n)}}s(vb,"fullSearch");var _f={};N(_f,{createUserIndex:()=>Pb});async function Pb(){let t=H(),e;try{e=await t.get("_design/database")}catch(n){n.status===404&&(e={_id:"_design/database"})}let r=s(function(n){if(n._id&&!n._id.startsWith("us_"))return;let i=["_id","_rev","password","account","license","budibaseAccess","accountPortalAccess","csrfToken"];function o(a,u){for(let c of Object.keys(a)){if(i.includes(c))continue;let l=u!=null?`${u}.${c}`:c;typeof a[c]=="string"?index(l,a[c].toLowerCase(),{facet:!0}):typeof a[c]!="object"?index(l,a[c],{facet:!0}):o(a[c],l)}}s(o,"idx"),o(n)},"fn");e.indexes={user:{index:r.toString(),analyzer:{default:"keyword",name:"perfield"}}},await t.put(e)}s(Pb,"createUserIndex");function OT(t,e){let r=e.toString();if(typeof t=="object")return t.status===e||t.message?.includes(r);if(typeof t=="number")return t===e;if(typeof t=="string")return t.includes(r)}s(OT,"checkErrorCode");function Nb(t){return OT(t,409)}s(Nb,"isDocumentConflictError");var Vs={};N(Vs,{addTenantToUrl:()=>Ub,getTenantDB:()=>Of,getTenantIDFromCtx:()=>Gs,isUserInAppTenant:()=>Lb});function Of(t){return De(en(t))}s(Of,"getTenantDB");function Ub(t){let e=V();if(dr()){let r=t.indexOf("?")===-1?"?":"&";t+=`${r}tenantId=${e}`}return t}s(Ub,"addTenantToUrl");var Lb=s((t,e)=>{let r;return e?r=e.tenantId||ae:r=V(),(Hn(t)||ae)===r},"isUserInAppTenant"),kb=Object.values(Oi),Gs=s((t,e)=>{if(!dr())return ae;e.allowNoTenant===void 0&&(e.allowNoTenant=!1),e.includeStrategies||(e.includeStrategies=kb),e.excludeStrategies||(e.excludeStrategies=[]);let r=s(n=>{if(e.excludeStrategies?.includes(n))return!1;if(e.includeStrategies?.includes(n))return!0},"isAllowed");if(r("user")){let n=t.user?.tenantId;if(n)return n}if(r("header")){let n=t.request.headers["x-budibase-tenant-id"];if(n)return n}if(r("query")){let n=t.request.query.tenantId;if(n)return n}if(r("subdomain")){let n;try{n=new URL(Jd()).host.split(":")[0]}catch(o){if(o.code!=="ERR_INVALID_URL")throw o}let i=t.host;if(n&&i.includes(n)){let o=i.substring(0,i.indexOf(`.${n}`));if(o)return o}}if(r("path")){let n=t.matched.find(a=>!!a.paramNames.find(u=>u.name==="tenantId")),i=t.originalUrl,o;if(i.includes("?")?o=i.split("?")[0]:o=i,n){let a=n.params(o,n.captures(o),{});if(a.tenantId)return a.tenantId}}e.allowNoTenant||t.throw(403,"Tenant id not set")},"getTenantIDFromCtx");var If="app"+b,IT="/app/",Mb="/builder",Fb=`${Mb}/workspace/`,Bb="/api/public/v";async function Wb(t){let r=`/${t.path.split("/")[2].toLowerCase()}`,n=V();!E.isDev()&&E.MULTI_TENANCY&&(n=Gs(t,{includeStrategies:["subdomain"]}));let o=(await Re(n,()=>Fs({dev:!1}))).filter(a=>a.url&&a.url.toLowerCase()===r)[0];return o&&o.appId?o.appId:void 0}s(Wb,"resolveAppUrl");function $b(t){return t.path.startsWith(`/${If}`)?!0:t.path.startsWith(IT)}s($b,"isServingApp");function Gb(t){return t.path.startsWith(Fb)}s(Gb,"isServingBuilder");function Vb(t){return wT(t.path)}s(Vb,"isServingBuilderPreview");function wT(t){return new RegExp(/^\/app\/app_\w+\/preview$/).test(t)}s(wT,"isBuilderPreviewUrl");function qb(t){return t.path.startsWith(Bb)}s(qb,"isPublicApiRequest");async function qs(t){let e;function r(u){return!u||!u.startsWith(If)?e:(e&&e!==u&&t.throw("App id conflict",403),e??u)}s(r,"confirmAppId");let n=t.request.headers["x-budibase-app-id"]||[];typeof n=="string"&&(n=[n]);for(let u of n)e=r(u);t.request.body&&t.request.body.appId&&(e=r(t.request.body.appId));let i=Kb(t.path);i&&(e=r(i)),t.query?.appId&&(e=r(t.query?.appId));let o=wT(t.path);return t.path.startsWith(IT)&&!o&&(e=r(await Wb(t))),e}s(qs,"getAppIdFromCtx");function Kb(t){if(t)return t.split("?")[0].split("/").find(e=>e.startsWith(If))}s(Kb,"parseAppIdFromUrlPath");function su(t){if(t)try{return iu.default.verify(t,E.JWT_SECRET)}catch(e){if(E.JWT_SECRET_FALLBACK)return iu.default.verify(t,E.JWT_SECRET_FALLBACK);throw e}}s(su,"openJwt");function Ks(t){return E.INTERNAL_API_KEY&&E.INTERNAL_API_KEY===t?!0:!!(E.INTERNAL_API_KEY_FALLBACK&&E.INTERNAL_API_KEY_FALLBACK===t)}s(Ks,"isValidInternalAPIKey");function Wt(t,e){let r=t.cookies.get(e);if(r)return su(r)}s(Wt,"getCookie");function DT(t,e,r="builder",n={sign:!0}){e&&n&&n.sign&&(e=iu.default.sign(e,E.JWT_SECRET));let i={expires:Ma,path:"/",httpOnly:!1,overwrite:!0};E.COOKIE_DOMAIN&&(i.domain=E.COOKIE_DOMAIN),t.cookies.set(r,e,i)}s(DT,"setCookie");function hr(t,e){DT(t,null,e)}s(hr,"clearCookie");function Qb(t){return t.headers["x-budibase-type"]==="client"}s(Qb,"isClient");function wf(t){return new Promise(e=>setTimeout(e,t))}s(wf,"timeout");function Df(t){return!!Cm[t]}s(Df,"isAudited");function jb(t){if(typeof t!="object")return!1;try{JSON.stringify(t)}catch(e){if(e instanceof Error&&e?.message.includes("circular structure"))return!0}return!1}s(jb,"hasCircularStructure");function Yb(t){return!!t.match(/^.+:\/\/.+$/)}s(Yb,"urlHasProtocol");function Rf(t){return t&&!!t.match(/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/)}s(Rf,"validEmail");var Cf=(o=>(o.MILLISECONDS="milliseconds",o.SECONDS="seconds",o.MINUTES="minutes",o.HOURS="hours",o.DAYS="days",o))(Cf||{}),ou={milliseconds:1,seconds:1e3,minutes:6e4,hours:36e5,days:864e5},he=class t{constructor(e){this.ms=e}static{s(this,"Duration")}to(e){return this.ms/ou[e]}toMs(){return this.ms}toSeconds(){return this.to("seconds")}static convert(e,r,n){return n*ou[e]/ou[r]}static from(e,r){return new t(r*ou[e])}static fromSeconds(e){return t.from("seconds",e)}static fromMinutes(e){return t.from("minutes",e)}static fromHours(e){return t.from("hours",e)}static fromDays(e){return t.from("days",e)}static fromMilliseconds(e){return t.from("milliseconds",e)}};async function Hb(t){let e=performance.now();return[await t(),he.fromMilliseconds(performance.now()-e)]}s(Hb,"time");function zb(t){let e="",r=-1,n,i,o=t.opts?.repeat;return o&&(i=o.endDate?new Date(o.endDate).getTime():Date.now(),n=o.tz,"cron"in o?e=o.cron:r=o.every),{id:t.id.toString(),name:"",key:t.id.toString(),tz:n,endDate:i,cron:e,every:r,next:0}}s(zb,"jobToJobInformation");var au=class{static{s(this,"InMemoryQueue")}constructor(e,r){this._name=e,this._opts=r,this._messages=[],this._emitter=new RT.default.EventEmitter,this._runCount=0,this._addCount=0,this._queuedJobIds=new Set,this._attempts=r?.defaultJobOptions?.attempts||1}async process(e,r){r=typeof e=="number"?r:e,this._emitter.on("message",async n=>{if(!n.manualTrigger&&n.opts?.repeat!=null)return;function i(){return r.length===1?r(n):new Promise((c,l)=>{r(n,s((f,p)=>{f?l(f):c(p)},"done"))})}s(i,"execute");let o=this._attempts;async function a(c,l=0){try{return await c}catch(d){if(l++,l<o&&!n._isDiscarded)return await Ne.wait(100*l),await a(i(),l);throw d}}s(a,"retryFunc");try{let c=await a(i());this._emitter.emit("completed",n,c);let l=this._messages.indexOf(n);if(l===-1)throw"Failed deleting a processed message";this._messages.splice(l,1)}catch(c){console.error(c),this._emitter.emit("error",n,c)}this._runCount++;let u=n.opts?.jobId?.toString();u&&n.opts?.removeOnComplete&&this._queuedJobIds.delete(u)})}async isReady(){return this}async add(e,r){if(typeof e=="string")throw new Error("doesn't support named jobs");let n=r,i=n?.jobId?.toString();if(i&&this._queuedJobIds.has(i)){console.log(`Ignoring already queued job ${i}`);return}if(typeof e!="object")throw"Queue only supports carrying JSON.";i&&this._queuedJobIds.add(i);let o=ne(),a=s(()=>{let c={id:o,timestamp:Date.now(),queue:this,data:e,opts:n,discard:async()=>{c._isDiscarded=!0}};this._messages.push(c),this._messages.length>1e3&&this._messages.shift(),this._addCount++,this._emitter.emit("message",c)},"pushMessage"),u=n?.delay;return u?setTimeout(a,u):a(),{id:i,finished:()=>new Promise((c,l)=>{let d=s((p,h)=>{p.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),l(h))},"errorHandler"),f=s((p,h)=>{p.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),c(h))},"completedHandler");this._emitter.on("error",d),this._emitter.on("completed",f)})}}async close(){}async removeRepeatableByKey(e){for(let[r,n]of this._messages.entries())if(n.id===e){this._messages.splice(r,1),this._emitter.emit("removed",n);return}}async removeJobs(e){}async clean(){return[]}async getJob(e){for(let r of this._messages)if(r.id===e)return r;return null}manualTrigger(e){for(let r of this._messages)if(r.id===e){this._emitter.emit("message",{...r,manualTrigger:!0});return}throw new Error(`Job with id ${e} not found`)}on(e,r){return this._emitter.on(e,r),this}off(e,r){return this._emitter.off(e,r),this}async count(){return this._messages.length}async getCompletedCount(){return this._runCount}async getRepeatableJobs(){return this._messages.filter(e=>e.opts?.repeat!=null).map(e=>zb(e))}async whenCurrentJobsFinished(){do await wf(50);while(this.hasRunningJobs())}hasRunningJobs(){return this._addCount>this._runCount}},CT=au;var vf=F(require("bull"));var ei=(u=>(u.AUTOMATION="automationQueue",u.APP_BACKUP="appBackupQueue",u.AUDIT_LOG="auditLogQueue",u.SYSTEM_EVENT_QUEUE="systemEventQueue",u.APP_MIGRATION="appMigration",u.DOC_WRITETHROUGH_QUEUE="docWritethroughQueue",u.DEV_REVERT_PROCESSOR="devRevertProcessorQueue",u))(ei||{});function bT(t,e,r){Xb(t,e),r&&Jb(t,r)}s(bT,"addListeners");function Jb(t,e){t.on("stalled",async r=>{if(e)await e(r);else if(r.opts.repeat){let n=r.id,i=await t.getRepeatableJobs();for(let o of i)o.id===n&&await t.removeRepeatableByKey(o.key);console.log(`jobId=${n} disabled`)}})}s(Jb,"handleStalled");function Xe(t,e,r={},n={}){let i=`[BULL] ${t}=${e}`,o=r.error,a={_logKey:"bull",eventType:t,event:e,job:r.job,jobId:r.jobId||r.job?.id,...n},u;return r.job?.data?.automation&&(u={_logKey:"automation",trigger:r.job?r.job.data.automation.definition.trigger.event:void 0}),[i,o,a,u]}s(Xe,"getLogParams");var Zb={automationQueue:"automation-event",appBackupQueue:"app-backup-event",auditLogQueue:"audit-log-event",systemEventQueue:"system-event",appMigration:"app-migration",docWritethroughQueue:"doc-writethrough",devRevertProcessorQueue:"dev-revert-event"};function Xb(t,e){let r=Zb[e];function n(i,o){let a=i.data.event?.appId;if(a)return Zd(a,o);o()}s(n,"doInJobContext"),t.on("stalled",async i=>{await n(i,()=>{console.error(...Xe(r,"stalled",{job:i}))})}).on("error",i=>{console.error(...Xe(r,"error",{error:i}))}),process.env.NODE_DEBUG?.includes("bull")&&t.on("waiting",i=>{console.info(...Xe(r,"waiting",{jobId:i}))}).on("active",async i=>{await n(i,()=>{console.info(...Xe(r,"active",{job:i}))})}).on("progress",async(i,o)=>{await n(i,()=>{console.info(...Xe(r,"progress",{job:i},{progress:o}))})}).on("completed",async(i,o)=>{await n(i,()=>{console.info(...Xe(r,"completed",{job:i},{result:o}))})}).on("failed",async(i,o)=>{await n(i,()=>{console.error(...Xe(r,"failed",{job:i,error:o}))})}).on("paused",()=>{console.info(...Xe(r,"paused"))}).on("resumed",()=>{console.info(...Xe(r,"resumed"))}).on("cleaned",(i,o)=>{console.info(...Xe(r,"cleaned",{},{length:i.length,type:o}))}).on("drained",()=>{console.info(...Xe(r,"drained"))}).on("removed",i=>{console.info(...Xe(r,"removed",{job:i}))})}s(Xb,"logging");var uu={};N(uu,{cleanup:()=>ex,clear:()=>xf,set:()=>bf});var Qs=[];function bf(t,e){let r=setInterval(t,e);return Qs.push(r),r}s(bf,"set");function xf(t){let e=Qs.indexOf(t);e!==-1&&Qs.splice(e,1),clearInterval(t)}s(xf,"clear");function ex(){for(let t of Qs)clearInterval(t);Qs=[]}s(ex,"cleanup");var $t=F(require("dd-trace")),js=F(require("object-sizeof"));var tx=he.fromMinutes(5).toMs(),rx=he.fromSeconds(30).toMs(),Pf=he.fromSeconds(60).toMs(),Ys=[],cu;async function xT(){for(let t of Ys)await t.clean(Pf,"completed"),await t.clean(Pf,"failed")}s(xT,"cleanup");async function nx(t,e,r){let n=performance.now();try{let i=await e();return $t.default.dogstatsd.increment(`${t}.success`,1,r),i}catch(i){throw $t.default.dogstatsd.increment(`${t}.error`,1,r),i}finally{let i=performance.now()-n;$t.default.dogstatsd.distribution(`${t}.duration.ms`,i,r),$t.default.dogstatsd.increment(t,1,r)}}s(nx,"withMetrics");function vT(t){return{"job.opts.attempts":t.attempts,"job.opts.backoff":t.backoff,"job.opts.delay":t.delay,"job.opts.jobId":t.jobId,"job.opts.lifo":t.lifo,"job.opts.preventParsingData":t.preventParsingData,"job.opts.priority":t.priority,"job.opts.removeOnComplete":t.removeOnComplete,"job.opts.removeOnFail":t.removeOnFail,"job.opts.repeat":t.repeat,"job.opts.stackTraceLimit":t.stackTraceLimit,"job.opts.timeout":t.timeout}}s(vT,"jobOptsTags");function ix(t){return{"job.id":t.id,"job.attemptsMade":t.attemptsMade,"job.timestamp":t.timestamp,"job.data.sizeBytes":(0,js.default)(t.data),...vT(t.opts||{})}}s(ix,"jobTags");var ht=class{static{s(this,"BudibaseQueue")}constructor(e,r={}){this.opts=r,this.jobQueue=e,this.queue=this.initQueue()}get name(){return this.queue.name}initQueue(){let r={redis:Zr(),settings:{maxStalledCount:this.opts.maxStalledCount?this.opts.maxStalledCount:0,lockDuration:tx,lockRenewTime:rx}};this.opts.jobOptions&&(r.defaultJobOptions=this.opts.jobOptions);let n;return E.isTest()?process.env.BULL_TEST_REDIS_PORT&&!isNaN(+process.env.BULL_TEST_REDIS_PORT)?n=new vf.default(this.jobQueue,{...r,redis:{host:"localhost",port:+process.env.BULL_TEST_REDIS_PORT}}):n=new CT(this.jobQueue,r):n=new vf.default(this.jobQueue,r),bT(n,this.jobQueue,this.opts.removeStalledCb),Ys.push(n),!cu&&!E.isTest()&&(cu=bf(xT,Pf),xT().catch(i=>{console.error(`Unable to cleanup ${this.jobQueue} initially - ${i}`)})),n}getBullQueue(){return this.queue}process(...e){let r,n;e.length===2?(r=e[0],n=e[1]):n=e[0];let i=s(async(a,u)=>{await $t.default.trace("queue.process",async c=>{if(a.data._parentSpanContext){let l=a.data._parentSpanContext,d={traceId:l.traceId,spanId:l.spanId,toTraceId:()=>l.traceId,toSpanId:()=>l.spanId,toTraceparent:()=>""};c.addLink(d)}c.addTags({"queue.name":this.jobQueue,...ix(a)}),this.opts.jobTags&&c.addTags(this.opts.jobTags(a.data)),$t.default.dogstatsd.distribution("queue.process.sizeBytes",(0,js.default)(a.data),this.metricTags()),await this.withMetrics("queue.process",()=>u?n(a,u):n(a))})},"processCallback"),o;return n.length===1?o=s(a=>i(a),"wrappedCb"):o=i,r?this.queue.process(r,o):this.queue.process(o)}async add(e,r){return await $t.default.trace("queue.add",async n=>(n.addTags({"queue.name":this.jobQueue,"job.data.sizeBytes":(0,js.default)(e),...vT(r||{})}),this.opts.jobTags&&n.addTags(this.opts.jobTags(e)),e._parentSpanContext={traceId:n.context().toTraceId(),spanId:n.context().toSpanId()},$t.default.dogstatsd.distribution("queue.add.sizeBytes",(0,js.default)(e),this.metricTags()),await this.withMetrics("queue.add",()=>this.queue.add(e,r))))}withMetrics(e,r){return nx(e,r,this.metricTags())}metricTags(){return{queueName:this.jobQueue}}close(e){return this.queue.close(e)}whenCurrentJobsFinished(){return this.queue.whenCurrentJobsFinished()}};async function sx(){cu&&xf(cu),console.log("Waiting for current queue jobs to finish...");for(let t of Ys)await t.whenCurrentJobsFinished();console.log("Closing queue Redis connections...");for(let t of Ys)await t.close();Ys=[],console.log("Queues shutdown")}s(sx,"shutdown");var to={};N(to,{correlation:()=>Hs,logAlert:()=>un,logAlertWithInfo:()=>qx,logWarn:()=>ii,logger:()=>Ou,system:()=>zf});var Hs={};N(Hs,{getId:()=>Nf,setHeader:()=>ox});var PT=require("correlation-id"),ox=s(t=>{let e=PT.getId();e&&(t["x-budibase-correlation-id"]=e)},"setHeader");function Nf(){return PT.getId()}s(Nf,"getId");var _u=F(require("pino")),dS=F(require("pino-pretty")),Jf=F(require("dd-trace")),fS=require("dd-trace/ext");var zf={};N(zf,{getLogReadStream:()=>Fx,getSingleFileMaxSizeInfo:()=>lS,localFileDestination:()=>Hf});var eo=F(require("fs")),Yf=F(require("path")),oS=F(require("rotating-file-stream"));var jf={};N(jf,{ObjectStore:()=>et,ObjectStoreBuckets:()=>ux,SIGNED_FILE_PREFIX:()=>Wf,bucketTTLConfig:()=>lu,budibaseTempDir:()=>an,client3rdPartyLibrary:()=>xx,clientLibraryCDNUrl:()=>vx,clientLibraryPath:()=>zT,clientLibraryUrl:()=>Px,createBucketIfNotExists:()=>Xs,deleteFile:()=>gx,deleteFiles:()=>yx,deleteFolder:()=>GT,downloadTarball:()=>Sx,downloadTarballDirect:()=>Tx,enrichPWAImages:()=>Nx,enrichPluginURLs:()=>Lx,extractBucketAndPath:()=>Uf,getAppFileUrl:()=>ZT,getClientCacheKey:()=>JT,getGlobalFileS3Key:()=>XT,getGlobalFileUrl:()=>Ux,getObjectMetadata:()=>Ax,getPluginIconKey:()=>rS,getPluginJSKey:()=>tS,getPluginS3Dir:()=>iS,getPresignedUrl:()=>Tr,getReadStream:()=>du,listAllObjects:()=>$T,objectExists:()=>Gf,processAutomationAttachment:()=>lx,processObjectStoreAttachment:()=>MT,retrieve:()=>WT,retrieveDirectory:()=>Ex,retrieveToTmp:()=>hx,sanitizeBucket:()=>be,sanitizeKey:()=>Ee,streamUpload:()=>BT,upload:()=>mx,uploadDirectory:()=>$f});var pu=require("@aws-sdk/client-s3"),Lf=require("@aws-sdk/lib-storage"),FT=require("@aws-sdk/s3-request-presigner");var yr=F(require("dd-trace")),ti=F(require("fs")),Js=F(require("fs/promises")),kf=F(require("node-fetch")),gr=require("path"),mu=F(require("stream")),Zs=require("stream/promises"),Mf=F(require("tar-fs")),Ff=require("uuid"),Bf=F(require("zlib"));var NT=F(require("fs")),UT=require("os"),zs=F(require("path")),LT=F(require("stream"));var ux={BACKUPS:E.BACKUPS_BUCKET_NAME,APPS:E.APPS_BUCKET_NAME,TEMPLATES:E.TEMPLATES_BUCKET_NAME,GLOBAL:E.GLOBAL_BUCKET_NAME,PLUGINS:E.PLUGIN_BUCKET_NAME,TEMP:E.TEMP_BUCKET_NAME},kT=(0,zs.join)((0,UT.tmpdir)(),".budibase");try{NT.default.mkdirSync(kT)}catch(t){if(t.code!=="EEXIST")throw t}function an(){return kT}s(an,"budibaseTempDir");var lu=s((t,e)=>{let n={Rules:[{ID:`${t}-ExpireAfter${e}days`,Prefix:"",Status:"Enabled",Expiration:{Days:e}}]};return{Bucket:t,LifecycleConfiguration:n}},"bucketTTLConfig");async function cx(t){let e=await fetch(t.url);if(!e.ok||!e.body)throw new Error(`Unexpected response ${e.statusText}`);let r=zs.default.basename(new URL(t.url).pathname);if(!e.body)throw new Error("No response received for attachment");return{filename:t.filename||r,content:LT.default.Readable.fromWeb(e.body)}}s(cx,"processUrlAttachment");async function MT(t){let e=Uf(t.url);if(e===null)throw new Error("Invalid signed URL");let{bucket:r,path:n}=e,{stream:i}=await du(r,n),o=zs.default.basename(n);return{bucket:r,path:n,filename:t.filename||o,content:i}}s(MT,"processObjectStoreAttachment");async function lx(t){return t.url?.startsWith("http://")||t.url?.startsWith("https://")?await cx(t):await MT(t)}s(lx,"processAutomationAttachment");var dx=require("sanitize-s3-objectkey"),fx={bucketCreationPromises:{}},Wf="/files/signed",Er={txt:"text/plain",html:"text/html",css:"text/css",js:"application/javascript",json:"application/json",gz:"application/gzip",svg:"image/svg+xml",form:"multipart/form-data"},px=[Er.html,Er.css,Er.js,Er.json];function Ee(t){return dx(be(t)).replace(/\\/g,"/")}s(Ee,"sanitizeKey");function be(t){return t.replace(new RegExp(Je,"g"),ze)}s(be,"sanitizeBucket");function et(t={presigning:!1}){let e={forcePathStyle:!0,credentials:{accessKeyId:E.MINIO_ACCESS_KEY,secretAccessKey:E.MINIO_SECRET_KEY},region:E.AWS_REGION};return!E.MINIO_ENABLED&&E.AWS_SESSION_TOKEN&&(e.credentials={accessKeyId:E.MINIO_ACCESS_KEY,secretAccessKey:E.MINIO_SECRET_KEY,sessionToken:E.AWS_SESSION_TOKEN}),E.MINIO_URL&&(t.presigning&&E.MINIO_ENABLED?e.endpoint="http://minio-service":e.endpoint=E.MINIO_URL),new pu.S3(e)}s(et,"ObjectStore");async function Xs(t,e){e=be(e);try{return await t.headBucket({Bucket:e}),{created:!1,exists:!0}}catch(r){let n=r.statusCode||r.$response?.statusCode,i=fx.bucketCreationPromises,o=n===404,a=n===403;if(i[e])return await i[e],{created:!1,exists:!0};if(o||a){if(o)return i[e]=t.createBucket({Bucket:e}).catch(u=>{if(u.Code!=="BucketAlreadyOwnedByYou")throw u}),await i[e],delete i[e],{created:!0,exists:!1};throw new Error("Access denied to object store bucket."+r)}else throw new Error("Unable to write to object store bucket.")}}s(Xs,"createBucketIfNotExists");async function mx({bucket:t,filename:e,path:r,type:n,metadata:i,body:o,ttl:a}){let u=e.split(".").pop(),c=r?(await Js.default.open(r)).createReadStream():o,l=et(),d=await Xs(l,t);if(a&&d.created){let g=lu(t,a);await l.putBucketLifecycleConfiguration(g)}let f=n,p=f||(u?Er[u.toLowerCase()]:Er.txt),h={Bucket:be(t),Key:Ee(e),Body:c,ContentType:p};if(i&&typeof i=="object"){for(let g of Object.keys(i))(!i[g]||typeof i[g]!="string")&&delete i[g];h.Metadata=i}return new Lf.Upload({client:l,params:h}).done()}s(mx,"upload");async function BT({bucket:t,stream:e,filename:r,type:n,extra:i,ttl:o}){return await yr.default.trace("streamUpload",async a=>{if(a.addTags({bucketName:t,filename:r,type:n,ttl:o}),!e)throw new Error("Stream to upload is invalid/undefined");let u=r.split(".").pop(),c=et(),l=await Xs(c,t);if(a.addTags({bucketCreated:l.created,bucketExists:l.exists,extension:u}),o&&l.created){let S=lu(t,o);await c.putBucketLifecycleConfiguration(S)}let d=n;d||(d=u?Er[u.toLowerCase()]:Er.txt),a.addTags({contentType:d});let f=be(t),p=Ee(r),h={Bucket:f,Key:p,Body:e,ContentType:d,...i},g=await new Lf.Upload({client:c,params:h}).done(),y=await c.headObject({Bucket:f,Key:p});return a.addTags({contentLength:y.ContentLength}),{...g,ContentLength:y.ContentLength}})}s(BT,"streamUpload");async function WT(t,e){return await yr.default.trace("retrieve",async r=>{r.addTags({bucketName:t,filepath:e});let n=et(),i={Bucket:be(t),Key:Ee(e)},o=await n.getObject(i);if(!o.Body)throw new Error("Unable to retrieve object");if(r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),px.includes(o.ContentType))return r.addTags({string:!0}),o.Body.transformToString();{r.addTags({string:!1});let a=o.Body.transformToWebStream();return mu.default.Readable.fromWeb(a)}})}s(WT,"retrieve");async function*$T(t,e){let r=et(),n=s((a={})=>r.listObjectsV2({...a,Bucket:be(t),Prefix:Ee(e)}),"list"),i=!1,o;do{let a={};o&&(a.ContinuationToken=o);let u=await n(a);if(u.Contents)for(let c of u.Contents)yield c;i=!!u.IsTruncated,o=u.NextContinuationToken}while(i&&o)}s($T,"listAllObjects");async function Tr(t,e,r=3600){let n=et({presigning:!0}),i={Bucket:be(t),Key:Ee(e)},o=await(0,FT.getSignedUrl)(n,new pu.GetObjectCommand(i),{expiresIn:r});if(E.MINIO_ENABLED){let a=new URL(o),u=a.pathname,c=a.search;return`${Wf}${u}${c}`}else return o}s(Tr,"getPresignedUrl");async function hx(t,e){return await yr.default.trace("retrieveToTmp",async r=>{r.addTags({bucketName:t,filepath:e}),t=be(t),e=Ee(e);let n=await WT(t,e),i=(0,gr.join)(an(),(0,Ff.v4)());return r.addTags({outputPath:i}),n instanceof mu.default.Readable?(r.addTags({stream:!0}),await(0,Zs.pipeline)(n,ti.default.createWriteStream(i))):(r.addTags({stream:!1}),ti.default.writeFileSync(i,n)),i})}s(hx,"retrieveToTmp");async function Ex(t,e){return await yr.default.trace("retrieveDirectory",async r=>{r.addTags({bucketName:t,path:e});let n=(0,gr.join)(an(),(0,Ff.v4)());await Js.default.mkdir(n,{recursive:!0});let i=0;return await Xt.parallelForeach($T(t,e),async o=>{i++,await yr.default.trace("retrieveDirectory.object",async a=>{let u=o.Key;a.addTags({filename:u});let{stream:c}=await du(t,u),l=u.split("/"),d=l.slice(0,l.length-1),f=(0,gr.join)(n,...d);l.length>1&&!ti.default.existsSync(f)&&await Js.default.mkdir(f,{recursive:!0}),await(0,Zs.pipeline)(c,ti.default.createWriteStream((0,gr.join)(n,...l),{mode:420}))})},5),r.addTags({numObjects:i}),n})}s(Ex,"retrieveDirectory");async function gx(t,e){let r=et();await Xs(r,t);let n={Bucket:t,Key:Ee(e)};return r.deleteObject(n)}s(gx,"deleteFile");async function yx(t,e){let r=et();await Xs(r,t);let n={Bucket:t,Delete:{Objects:e.map(i=>({Key:Ee(i)}))}};return r.deleteObjects(n)}s(yx,"deleteFiles");async function GT(t,e){t=be(t),e=Ee(e);let r=et(),n={Bucket:t,Prefix:e},i=await r.listObjects(n);if(i.Contents?.length===0)return;let o={Bucket:t,Delete:{Objects:[]}};if(i.Contents?.forEach(a=>{o.Delete.Objects.push({Key:a.Key})}),o.Delete.Objects.length&&(await r.deleteObjects(o)).Deleted?.length===1e3)return GT(t,e)}s(GT,"deleteFolder");async function $f(t,e,r){return await yr.default.trace("uploadDirectory",async n=>{n.addTags({bucketName:t,localPath:e,bucketPath:r}),t=be(t);let i=await Js.default.readdir(e,{withFileTypes:!0});n.addTags({numFiles:i.length});for(let o of i){let a=Ee((0,gr.join)(r,o.name)),u=(0,gr.join)(e,o.name);o.isDirectory()?await $f(t,u,a):await BT({bucket:t,filename:a,stream:ti.default.createReadStream(u)})}return i})}s($f,"uploadDirectory");async function Tx(t,e,r={}){e=Ee(e);let n=await(0,kf.default)(t,{headers:r});if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);await(0,Zs.pipeline)(n.body,Bf.default.createUnzip(),Mf.default.extract(e))}s(Tx,"downloadTarballDirect");async function Sx(t,e,r){e=be(e),r=Ee(r);let n=await(0,kf.default)(t);if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);let i=(0,gr.join)(an(),r);return await(0,Zs.pipeline)(n.body,Bf.default.createUnzip(),Mf.default.extract(i)),!E.isTest()&&E.SELF_HOSTED&&await $f(e,i,r),i}s(Sx,"downloadTarball");async function du(t,e){return await yr.default.trace("getReadStream",async r=>{t=be(t),e=Ee(e),r.addTags({bucketName:t,path:e});let n=et(),i={Bucket:t,Key:e},o=await n.getObject(i);if(!o.Body||!(o.Body instanceof mu.default.Readable))throw new Error("Unable to retrieve stream - invalid response");return r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),{stream:o.Body,contentLength:o.ContentLength,contentType:o.ContentType}})}s(du,"getReadStream");async function Ax(t,e){t=be(t),e=Ee(e);let r=et(),n={Bucket:t,Key:e};try{return await r.headObject(n)}catch{throw new Error("Unable to retrieve metadata from object")}}s(Ax,"getObjectMetadata");async function Gf(t,e){t=be(t),e=Ee(e);let r=et(),n={Bucket:t,Key:e};try{return await r.headObject(n),!0}catch(i){if((i.statusCode||i.$response?.statusCode)===404)return!1;throw i}}s(Gf,"objectExists");function Uf(t){let e=t.split("?")[0],r=new RegExp(`^${Wf}/(?<bucket>[^/]+)/(?<path>.+)$`),n=e.match(r);if(n&&n.groups){let{bucket:i,path:o}=n.groups;return{bucket:i,path:o}}return null}s(Uf,"extractBucketAndPath");var HT=F(require("querystring"));var Su={};N(Su,{FlagSet:()=>Eu,all:()=>Ix,flags:()=>Vf,getEnvFlags:()=>QT,init:()=>_x,isEnabled:()=>Tu,parseEnvFlags:()=>yu,shutdown:()=>Ox,testutils:()=>qf});var gu=F(require("crypto"));var VT=require("posthog-node"),qT=F(require("dd-trace"));var KT=require("lodash");var hu;function _x(t){E.POSTHOG_TOKEN&&E.POSTHOG_API_HOST&&!E.SELF_HOSTED&&E.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),hu=new VT.PostHog(E.POSTHOG_TOKEN,{host:E.POSTHOG_API_HOST,personalApiKey:E.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:he.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(_x,"init");function Ox(){hu?.shutdown()}s(Ox,"shutdown");function yu(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(yu,"parseEnvFlags");function QT(){return yu(E.TENANT_FEATURE_FLAGS||"")}s(QT,"getEnvFlags");var Eu=class{constructor(e){this.flagSchema=e;this.setId=gu.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,KT.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await qT.default.trace("features.fetch",async e=>{let r=rf(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=V(),a=new Set;if(za())return i;for(let{tenantId:f,key:p,value:h}of QT())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,h===!1&&a.add(p),!!this.isFlagName(p))){if(typeof i[p]!="boolean")throw new Error(`Feature: ${p} is not a boolean`);i[p]=h,n[`flags.${p}.source`]="environment"}let u=Lt(),c=u?._id;if(!c){let f=ef();f&&(c=gu.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,hu&&c){n.readFromPostHog=!0;let f=await ri(),p={tenantId:l},h={tenant:{id:l}};f.config.createdVersion&&(h.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(h.tenant.createdAt=`${f.createdAt}`);let m=await hu.getAllFlags(c,{personProperties:p,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:h});for(let[g,y]of Object.entries(m))if(this.isFlagName(g)){if(typeof y!="boolean"){console.warn(`Invalid value for posthog flag "${g}": ${y}`);continue}if(!(i[g]===!0||a.has(g)))try{i[g]=y,n[`flags.${g}.source`]="posthog"}catch(S){console.warn(`Error parsing posthog flag "${g}": ${y}`,S)}}}let d=sf();for(let[f,p]of Object.entries(d))this.isFlagName(f)&&typeof p=="boolean"&&(i[f]=p,n[`flags.${f}.source`]="override");nf(this.setId,i);for(let[f,p]of Object.entries(i))n[`flags.${f}.value`]=p;return e?.addTags(n),i})}},Vf=new Eu(Pm);async function Tu(t){return await Vf.isEnabled(t)}s(Tu,"isEnabled");async function Ix(){return await Vf.fetch()}s(Ix,"all");var qf={};N(qf,{setFeatureFlags:()=>jT,withFeatureFlags:()=>Rx});function wx(){let t={};for(let{tenantId:e,key:r,value:n}of yu(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(wx,"getCurrentFlags");function Dx(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(Dx,"buildFlagString");function jT(t,e){let r=wx();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=Dx(r);return ys({TENANT_FEATURE_FLAGS:n})}s(jT,"setFeatureFlags");function Rx(t,e,r){let n=jT(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(Rx,"withFeatureFlags");var YT=F(require("aws-cloudfront-sign"));var Au;function Cx(){if(!E.CLOUDFRONT_PRIVATE_KEY_64)throw new Error("CLOUDFRONT_PRIVATE_KEY_64 is not set");return Au||(Au=Buffer.from(E.CLOUDFRONT_PRIVATE_KEY_64,"base64").toString("utf-8"),Au)}s(Cx,"getPrivateKey");var bx=s(()=>({keypairId:E.CLOUDFRONT_PUBLIC_KEY_ID,privateKeyString:Cx(),expireTime:new Date().getTime()+1e3*60*60*24}),"getCloudfrontSignParams"),ni=s(t=>{let e=Kf(t);return YT.getSignedUrl(e,bx())},"getPresignedUrl"),Kf=s(t=>{let e="/";return t.startsWith("/")&&(e=""),`${E.CLOUDFRONT_CDN}${e}${t}`},"getUrl");async function zT(t){let e=`${Ee(t)}/budibase-client.js`,r=`${Ee(t)}/budibase-client.new.js`;return await Tu("USE_DYNAMIC_LOADING")&&await Gf(E.APPS_BUCKET_NAME,r)?r:e}s(zT,"clientLibraryPath");function xx(t,e){return`${Ee(t)}/_dependencies/${e}`}s(xx,"client3rdPartyLibrary");async function vx(t,e){let r=await zT(t);return E.CLOUDFRONT_CDN?(e&&(r+=`?v=${e}`),Kf(r)):await Tr(E.APPS_BUCKET_NAME,r)}s(vx,"clientLibraryCDNUrl");async function Px(t,e){return`/api/assets/client?${await JT(t,e)}`}s(Px,"clientLibraryUrl");async function JT(t,e){let r,n;try{r=V()}finally{n={appId:t,version:e}}return r&&r!==ae&&(n.tenantId=r),n.dynamic=await Tu("USE_DYNAMIC_LOADING"),HT.default.encode(n)}s(JT,"getClientCacheKey");async function ZT(t){return E.CLOUDFRONT_CDN?ni(t):await Tr(E.APPS_BUCKET_NAME,t)}s(ZT,"getAppFileUrl");async function Nx(t){if(t.length===0)return[];try{return await Promise.all(t.map(async e=>({...e,src:await ZT(e.src),type:e.type||"image/png"})))}catch(e){return console.error("Error enriching PWA images:",e),t}}s(Nx,"enrichPWAImages");var Ux=s(async(t,e,r)=>{let n=XT(t,e);return E.CLOUDFRONT_CDN?(r&&(n=`${n}?etag=${r}`),ni(n)):await Tr(E.GLOBAL_BUCKET_NAME,n)},"getGlobalFileUrl"),XT=s((t,e)=>{let r=`${t}/${e}`;return E.MULTI_TENANCY&&(r=`${V()}/${r}`),r},"getGlobalFileS3Key");async function Lx(t){return!t||!t.length?[]:await Promise.all(t.map(async e=>{let r=await kx(e),n=await Mx(e);return{...e,jsUrl:r,iconUrl:n}}))}s(Lx,"enrichPluginURLs");async function kx(t){let e=tS(t);return eS(e)}s(kx,"getPluginJSUrl");async function Mx(t){let e=rS(t);if(e)return eS(e)}s(Mx,"getPluginIconUrl");async function eS(t){return E.CLOUDFRONT_CDN?ni(t):await Tr(E.PLUGIN_BUCKET_NAME,t)}s(eS,"getPluginUrl");function tS(t){return nS(t,"plugin.min.js")}s(tS,"getPluginJSKey");function rS(t){let e=t.iconUrl?"icon.svg":t.iconFileName;if(e)return nS(t,e)}s(rS,"getPluginIconKey");function nS(t,e){return`${iS(t.name)}/${e}`}s(nS,"getPluginS3Key");function iS(t){let e=`${t}`;return E.MULTI_TENANCY&&(e=`${V()}/${e}`),E.CLOUDFRONT_CDN&&(e=`plugins/${e}`),e}s(iS,"getPluginS3Dir");var aS="budibase.log",uS="budibase-logs-history.txt",cS=Yf.default.join(an(),"systemlogs");function sS(t){return Yf.default.join(cS,t)}s(sS,"getFullPath");function lS(t){let e=/(\d+)([A-Za-z])/,r=t?.match(e);if(!r){console.warn("totalMaxSize does not have a valid value",{totalMaxSize:t});return}let n=+r[1],i=r[2];if(n===1)switch(i){case"B":return{size:`${n}B`,totalHistoryFiles:1};case"K":return{size:`${n*1e3/2}B`,totalHistoryFiles:1};case"M":return{size:`${n*1e3/2}K`,totalHistoryFiles:1};case"G":return{size:`${n*1e3/2}M`,totalHistoryFiles:1};default:return}return n%2===0?{size:`${n/2}${i}`,totalHistoryFiles:1}:{size:`1${i}`,totalHistoryFiles:n-1}}s(lS,"getSingleFileMaxSizeInfo");function Hf(){let t=lS(E.ROLLING_LOG_MAX_SIZE);return oS.createStream(aS,{size:t?.size,path:cS,maxFiles:t?.totalHistoryFiles||1,immutable:!0,history:uS,initialRotation:!1})}s(Hf,"localFileDestination");function Fx(){let t=[],e=sS(uS);if(eo.default.existsSync(e)){let i=eo.default.readFileSync(e,"utf-8").split(`
-`);for(let o of i.filter(a=>a))t.push(eo.default.readFileSync(o))}return t.push(eo.default.readFileSync(sS(aS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(Fx,"getLogReadStream");function Bx(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(Bx,"isPlainObject");function Wx(t){return t instanceof Error}s(Wx,"isError");function $x(t){return typeof t=="string"}s($x,"isMessage");var Sr;if(!E.DISABLE_PINO_LOGGER){let t=E.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>E.SELF_HOSTED?{service:E.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(E.isDev()?{stream:(0,dS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),E.SELF_HOSTED&&r.push({stream:Hf(),level:t}),Sr=r.length?(0,_u.default)(e,_u.default.multistream(r)):(0,_u.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(y=>{$x(y)&&(f=`${f} ${y}`.trimStart()),Bx(y)&&d.push(y),Wx(y)&&(l=y)});let p=u(),h={};h={tenantId:i(),appId:o(),automationId:a(),identityId:p?._id,identityType:p?.type,correlationId:Nf()};let m=Jf.default.scope().active();m&&Jf.default.inject(m.context(),fS.formats.LOG,h);let g={err:l,pid:process.pid,...h};if(d.length){let y={},S=0;for(let O=0;O<d.length;O++){let _=d[O],D=_._logKey;D?(delete _._logKey,g[D]=_):(y[S]=_,S++)}Object.keys(y).length&&(g.data=y)}return[g,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);Sr?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);Sr?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);Sr?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);Sr?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),Sr?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);Sr?.debug(l,d)};let i=s(()=>{let c;try{c=V()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=Ue()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=Xd()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Lt()}catch{}return c},"getIdentity")}var Ou=Sr;var Gx=["AccountError"];function Vx(t){return t&&t.suppressAlert}s(Vx,"isSuppressed");function un(t,e){e&&Gx.includes(e.name)&&Vx(e)||console.error(`bb-alert: ${t}`,e)}s(un,"logAlert");function qx(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,un(t,n)}s(qx,"logAlertWithInfo");function ii(t,e){console.warn(`bb-warn: ${t}`,e)}s(ii,"logWarn");var Iu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},Zf=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new ht(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Iu&&await u.discard(),un(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Ne.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var Kx=100,wu,ro=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new ht("docWritethroughQueue",{jobOptions:{attempts:Kx}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=De(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},ep=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await ro.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function pS(){return wu=new ro().init(),wu}s(pS,"init");function Qx(){return wu||pS()}s(Qx,"getProcessor");var io={};N(io,{CacheKey:()=>ye,TTL:()=>dn,bustCache:()=>si,destroy:()=>no,get:()=>fn,keys:()=>Du,store:()=>Vt,withCache:()=>Ar,withCacheWithDynamicTTL:()=>mS});function It(t){let e=V();return`${t}:${e}`}s(It,"generateTenantKey");var cn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await cf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>It(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?It(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[It(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>It(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(It(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?It(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var ln=new cn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},dn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(dn||{}),Du=s((...t)=>ln.keys(...t),"keys"),fn=s((...t)=>ln.get(...t),"get"),Vt=s((...t)=>ln.store(...t),"store"),no=s((...t)=>ln.delete(...t),"destroy"),Ar=s((...t)=>ln.withCache(...t),"withCache"),mS=s((...t)=>ln.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),si=s((...t)=>ln.bustCache(...t),"bustCache");var np={};N(np,{createCode:()=>Yx,deleteCode:()=>zx,getCode:()=>Hx,getExistingInvites:()=>rp,getInviteCodes:()=>ES,updateCode:()=>jx});var hS=he.fromDays(7).toSeconds();async function jx(t,e){await(await nn()).store(t,e,hS)}s(jx,"updateCode");async function Yx(t,e){let r=ne();return await(await nn()).store(r,{email:t,info:e},hS),r}s(Yx,"createCode");async function Hx(t){let r=await(await nn()).get(t);if(!r)throw"Invitation is not valid or has expired, please request a new one.";return r}s(Hx,"getCode");async function zx(t){await(await nn()).delete(t)}s(zx,"deleteCode");async function ES(){let r=(await(await nn()).scan()).map(i=>({...i.value,code:i.key}));if(!E.MULTI_TENANCY)return r;let n=V();return r.filter(i=>n===i.info.tenantId)}s(ES,"getInviteCodes");async function rp(t){return(await ES()).filter(e=>t.includes(e.email))}s(rp,"getExistingInvites");var ip={};N(ip,{createCode:()=>Zx,getCode:()=>Xx,invalidateCode:()=>ev});var Jx=he.fromHours(1).toSeconds();async function Zx(t,e){let r=ne();return await(await Ls()).store(r,{userId:t,info:e},Jx),r}s(Zx,"createCode");async function Xx(t){let r=await(await Ls()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(Xx,"getCode");async function ev(t){await(await Ls()).delete(t)}s(ev,"invalidateCode");var Dr={};N(Dr,{getUser:()=>Io,getUsers:()=>bU,invalidateUser:()=>wo});var so={};N(so,{getPlatformDB:()=>_r,users:()=>Et});var Et={};N(Et,{addSsoUser:()=>yS,addUser:()=>ov,getUserDoc:()=>gS,lookupTenantId:()=>tv,removeUser:()=>av,updateUserDoc:()=>rv});function _r(){return De(fe.PLATFORM_INFO.name)}s(_r,"getPlatformDB");async function tv(t){return E.MULTI_TENANCY?(await gS(t)).tenantId:ae}s(tv,"lookupTenantId");async function gS(t){return _r().get(t)}s(gS,"getUserDoc");async function rv(t){await _r().put(t)}s(rv,"updateUserDoc");function nv(t,e){return{_id:t,tenantId:e}}s(nv,"newUserIdDoc");function iv(t,e,r){return{_id:e,userId:t,tenantId:r}}s(iv,"newUserEmailDoc");function sv(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(sv,"newUserSsoIdDoc");async function sp(t,e){let r=_r(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(sp,"addUserDoc");async function yS(t,e,r,n){return sp(t,()=>sv(t,e,r,n))}s(yS,"addSsoUser");async function ov(t,e,r,n){let i=[sp(e,()=>nv(e,t)),sp(r,()=>iv(e,r,t))];n&&i.push(yS(n,r,e,t)),await Promise.all(i)}s(ov,"addUser");async function av(t){let e=_r(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(av,"removeUser");var pn={};N(pn,{getAccount:()=>Or,getAccountByTenantId:()=>oi,getStatus:()=>uv});var TS=F(require("node-fetch"));var oo=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Hs.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,TS.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var op=new oo(E.INTERNAL_ACCOUNT_PORTAL_URL),ap=E.SELF_HOSTED||E.DISABLE_ACCOUNT_PORTAL,Or=s(async t=>{if(ap)return;let e={email:t},r=await op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),oi=s(async t=>{if(ap)return;let e={tenantId:t},r=await op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),uv=s(async()=>{if(ap)return;let t=await op.get("/api/status",{headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var li={};N(li,{UserDB:()=>wt,addAppBuilder:()=>wU,bulkGetGlobalUsersById:()=>Hu,bulkUpdateGlobalUsers:()=>Ao,cleanseUserObject:()=>bp,creatorsInList:()=>hn,doesUserExist:()=>SU,getAccountHolderFromUsers:()=>ju,getAllUserIds:()=>yU,getAllUsers:()=>TU,getById:()=>gn,getCreatorCount:()=>OU,getExistingAccounts:()=>ci,getExistingPlatformUsers:()=>rA,getExistingTenantUsers:()=>tA,getFirstPlatformUser:()=>yo,getGlobalUserByAppPage:()=>dA,getGlobalUserByEmail:()=>yt,getPlatformUsers:()=>Lu,getUserCount:()=>_U,hasAdminPermissions:()=>Ir,hasAppBuilderPermissions:()=>sA,hasBuilderPermissions:()=>tt,isAdmin:()=>wr,isAdminOrBuilder:()=>iA,isBuilder:()=>mi,isCreatorAsync:()=>To,isCreatorSync:()=>Ku,isGlobalBuilder:()=>nA,paginatedUsers:()=>pA,removeAppBuilder:()=>DU,removePortalUserPermissions:()=>IU,searchExistingEmails:()=>yp,searchGlobalUsersByApp:()=>zu,searchGlobalUsersByAppAccess:()=>Cp,searchGlobalUsersByEmail:()=>fA,validateUniqueUser:()=>Qu});var ui={};N(ui,{account:()=>vS,action:()=>PS,ai:()=>MS,analytics:()=>Cu,app:()=>NS,auditLog:()=>ZS,auth:()=>Uu,automation:()=>US,backfill:()=>jS,backfillCache:()=>Pu,backup:()=>zS,datasource:()=>LS,email:()=>kS,environmentVariable:()=>JS,group:()=>YS,identification:()=>gt,initAsyncEvents:()=>rU,installation:()=>fo,layout:()=>BS,license:()=>FS,org:()=>WS,plugin:()=>HS,processors:()=>cp,publishEvent:()=>A,query:()=>$S,role:()=>go,rowAction:()=>XS,rows:()=>VS,screen:()=>GS,serve:()=>KS,shutdown:()=>nU,table:()=>qS,user:()=>Le,view:()=>QS,workspace:()=>eA});var cp={};N(cp,{analyticsProcessor:()=>DS,init:()=>yv,processors:()=>qt});var Cu={};N(Cu,{enabled:()=>Ru});var Ru=s(async()=>bu(),"enabled");var IS=require("posthog-node");var cv=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),lv=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var AS={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},_S=s(async t=>{if(!cv(t))return!1;let e=await dv(t);if(e){let r=new Date(e.timestamp);switch(AS[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await SS(t,{timestamp:Date.now()}),!1):!0}}else return await SS(t,{timestamp:Date.now()}),!1},"limited"),OS=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return lv(t)&&(e=e+":"+Ue()),e},"eventKey"),dv=s(async t=>{let e=OS(t);return await fn(e)},"readEvent"),SS=s(async(t,e)=>{let r=OS(t),n=AS[t],i;switch(n){case"calendarDay":i=86400}await Vt(r,e,i)},"recordEvent");var pv=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],ao=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new IS.PostHog(e)}async processEvent(e,r,n,i){if(pv.includes(e)||await _S(e))return;n=this.clearPIIProperties(n),n.version=E.VERSION,n.service=E.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=Ue();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var wS=ao;var mv=["installation:version:upgraded","installation:version:downgraded"],hv=["installation","tenant"],uo=class{static{s(this,"AnalyticsProcessor")}constructor(){E.POSTHOG_TOKEN&&!E.isTest()&&(this.posthog=new wS(E.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!mv.includes(e)&&!await Ru()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!hv.includes(e.type)&&!await Ru()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var up=E.SELF_HOSTED&&!E.isDev(),co=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){up||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){up||console.log("[audit] identified",e)}async identifyGroup(e){up||console.log("[audit] group identified",e)}async shutdown(){}};var ai=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new ht("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Re(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};E.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Df(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:Ue(),hostInfo:r.hostInfo},tenantId:V()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var lo=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var DS=new uo,Ev=new co,gv=new ai;function yv(t){return ai.init(t)}s(yv,"init");var qt=new lo([DS,Ev,gv]);var xu={};N(xu,{checkInstallVersion:()=>Av,getInstall:()=>po,getInstallFromDB:()=>dp});var lp=F(require("semver"));var po=s(async()=>Ar(ye.INSTALLATION,86400,dp,{useTenancy:!1}),"getInstall");async function Tv(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ne(),version:E.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return dp();throw r}}s(Tv,"createInstallDoc");var dp=s(async()=>qe(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await Tv(t);else throw r}return e}),"getInstallFromDB"),Sv=s(async t=>{try{await qe(fe.PLATFORM_INFO.name,async e=>{let r=await po();r.version=t,await e.put(r),await si(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),Av=s(async()=>{let t=await po(),e=t.version,r=E.VERSION;try{if(e!==r){let n=lp.default.gt(r,e),i=lp.default.lt(r,e);await Sv(r)&&(await Ss({_id:t.installId,type:"installation"},async()=>{n?await fo.upgraded(e,r):i&&await fo.downgraded(e,r)}),await gt.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?un(`Invalid version "${r}" - is it semver?`):un("Failed to retrieve version",n)}},"checkInstallVersion");var _v=s(async()=>{let t=Ld(),e=Eo(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await mn(),i=mo();return{id:RS(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await mn(),i=await vu(V()),o=mo();return{id:RS(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:V(),environment:e}}else if(r==="user"){let n=t,i=await vu(V()),o=await mn(),a=n.account,u;return a?u=a.hosting:u=mo(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:V(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),Ov=s(async(t,e)=>{let r=t,n="installation",i=mo(),o=E.VERSION,a=Eo(),u={id:r,type:n,hosting:i,version:o,environment:a};await fp(u,e),await ho({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),Iv=s(async(t,e,r,n=E.VERSION)=>{let i=await vu(t),o="tenant",a=await mn(),u=Eo(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await fp(c,r),await ho({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),wv=s(async(t,e,r)=>{let n=t._id,i=await vu(t.tenantId),o="user",a=tt(t),u=Ir(t),c;$o(t)&&(c=t.providerType);let d=(await ci([t.email])).length>0,f=!!e&&d&&e.verified,p=await mn(),h=e?e.hosting:mo(),m=Eo();await ho({id:n,type:o,hosting:h,installationId:p,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:m},r)},"identifyUser"),Dv=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Wo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await mn(),l=Eo();if(Bo(t)){let f=await yt(t.email);f?._id&&(e=f._id)}await ho({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),ho=s(async(t,e)=>{await qt.identify(t,e)},"identify"),fp=s(async(t,e)=>{await qt.identifyGroup(t,e)},"identifyGroup"),Eo=s(()=>E.isDev()?"development":E.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),mo=s(()=>E.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),mn=s(async()=>Rv()?"account-portal":(await po()).installId,"getInstallationId"),vu=s(async t=>E.SELF_HOSTED?CS(t):t,"getEventTenantId"),CS=s(async t=>Re(t,()=>Ar(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=H(),r=await ri(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ne()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=E.VERSION,await e.put(r),n)})),"getUniqueTenantId"),Rv=s(()=>E.SERVICE==="account-portal","isAccountPortal"),RS=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),gt={getCurrentIdentity:_v,identifyInstallationGroup:Ov,identifyTenantGroup:Iv,identifyUser:wv,identifyAccount:Dv,identify:ho,identifyGroup:fp,getInstallationId:mn,getUniqueTenantId:CS};var Pu={};N(Pu,{end:()=>bv,isAlreadySent:()=>hp,isBackfillingEvent:()=>mp,recordEvent:()=>pp,start:()=>Cv});var Cv=s(async t=>vv({eventWhitelist:t}),"start"),pp=s(async(t,e)=>{let r=Ep(t,e);await Vt(r,e,void 0,{useTenancy:!1})},"recordEvent"),bv=s(async()=>{await Pv(),await Nv()},"end"),xv=s(async()=>fn(ye.BACKFILL_METADATA),"getBackfillMetadata"),vv=s(async t=>Vt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),Pv=s(async()=>{await no(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),Nv=s(async()=>{let t=Ep(),e=await Du(t);for(let r of e)await no(r,{useTenancy:!1})},"clearEvents"),mp=s(async t=>{let r=(await xv())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),hp=s(async(t,e)=>{let r=Ep(t,e);return!!await fn(r,{useTenancy:!1})},"isAlreadySent"),Uv={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},Ep=s((t,e)=>{let r,n=V();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=Uv[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Kt;function Nu(){Kt=new ht("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(Nu,"init");async function bS(){Kt&&await Kt.close()}s(bS,"shutdown");async function xS(t){Kt||Nu();let{event:e,identity:r}=t;Rm.indexOf(e)!==-1&&r.tenantId&&await Kt.add(t)}s(xS,"publishAsyncEvent");var A=s(async(t,e,r,n)=>{let i=n||await gt.getCurrentIdentity();if(!(n?!1:await mp(t))){await xS({event:t,identity:i,properties:e,timestamp:r}),await qt.processEvent(t,i,e,r);return}await hp(t,e)||(await qt.processEvent(t,i,e,r),await pp(t,e))},"publishEvent");async function Lv(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(Lv,"created");async function kv(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(kv,"deleted");async function Mv(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(Mv,"verified");var vS={created:Lv,deleted:kv,verified:Mv};async function Fv(t,e){await A("action:automation_step:executed",t,e)}s(Fv,"automationStepExecuted");async function Bv(t,e){await A("action:crud:executed",t,e)}s(Bv,"crudExecuted");async function Wv(t,e){await A("action:ai_agent:executed",t,e)}s(Wv,"aiAgentExecuted");var PS={aiAgentExecuted:Wv,automationStepExecuted:Fv,crudExecuted:Bv};var $v=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function Gv(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(Gv,"updated");async function Vv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(Vv,"deleted");async function qv(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(qv,"published");async function Kv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(Kv,"unpublished");async function Qv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(Qv,"fileImported");async function jv(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(jv,"duplicated");async function Yv(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(Yv,"templateImported");async function Hv(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(Hv,"versionUpdated");async function zv(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(zv,"versionReverted");async function Jv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(Jv,"reverted");async function Zv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(Zv,"exported");var NS={created:$v,updated:Gv,deleted:Vv,published:qv,unpublished:Kv,fileImported:Qv,duplicated:jv,templateImported:Yv,versionUpdated:Hv,versionReverted:zv,reverted:Jv,exported:Zv};async function Xv(t,e){let n={userId:(await gt.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(Xv,"login");async function eP(t){let r={userId:(await gt.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(eP,"logout");async function tP(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(tP,"SSOCreated");async function rP(t){let e={type:t};await A("auth:sso:updated",e)}s(rP,"SSOUpdated");async function nP(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(nP,"SSOActivated");async function iP(t){let e={type:t};await A("auth:sso:deactivated",e)}s(iP,"SSODeactivated");var Uu={login:Xv,logout:eP,SSOCreated:tP,SSOUpdated:rP,SSOActivated:nP,SSODeactivated:iP};async function sP(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(sP,"created");async function oP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(oP,"triggerUpdated");async function aP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(aP,"deleted");async function uP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(uP,"tested");var cP=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function lP(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(lP,"stepCreated");async function dP(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(dP,"stepDeleted");var US={created:sP,triggerUpdated:oP,deleted:aP,tested:uP,run:cP,stepCreated:lP,stepDeleted:dP};function gp(t){return!Object.values(Lo).includes(t.source)}s(gp,"isCustom");async function fP(t,e){let r={datasourceId:t._id,source:t.source,custom:gp(t)};await A("datasource:created",r,e)}s(fP,"created");async function pP(t){let e={datasourceId:t._id,source:t.source,custom:gp(t)};await A("datasource:updated",e)}s(pP,"updated");async function mP(t){let e={datasourceId:t._id,source:t.source,custom:gp(t)};await A("datasource:deleted",e)}s(mP,"deleted");var LS={created:fP,updated:pP,deleted:mP};async function hP(t){let e={};await A("email:smtp:created",e,t)}s(hP,"SMTPCreated");async function EP(){let t={};await A("email:smtp:updated",t)}s(EP,"SMTPUpdated");var kS={SMTPCreated:hP,SMTPUpdated:EP};async function gP(t){let e={};await A("ai:config:created",e,t)}s(gP,"AIConfigCreated");async function yP(){let t={};await A("ai:config:updated",t)}s(yP,"AIConfigUpdated");var MS={AIConfigCreated:gP,AIConfigUpdated:yP};async function TP(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(TP,"planChanged");async function SP(t){let e={accountId:t.accountId};await A("license:activated",e)}s(SP,"activated");async function AP(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(AP,"checkoutOpened");async function _P(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(_P,"checkoutSuccess");async function OP(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(OP,"portalOpened");async function IP(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(IP,"paymentFailed");async function wP(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(wP,"paymentRecovered");var FS={planChanged:TP,activated:SP,checkoutOpened:AP,checkoutSuccess:_P,portalOpened:OP,paymentFailed:IP,paymentRecovered:wP};async function DP(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(DP,"created");async function RP(t){let e={layoutId:t};await A("layout:deleted",e)}s(RP,"deleted");var BS={created:DP,deleted:RP};async function CP(t){let e={};await A("org:info:name:updated",e,t)}s(CP,"nameUpdated");async function bP(t){let e={};await A("org:info:logo:updated",e,t)}s(bP,"logoUpdated");async function xP(t){let e={};await A("org:platformurl:updated",e,t)}s(xP,"platformURLUpdated");async function vP(){let t={};await A("analytics:opt:out",t)}s(vP,"analyticsOptOut");async function PP(){let t={};await A("analytics:opt:out",t)}s(PP,"analyticsOptIn");var WS={nameUpdated:CP,logoUpdated:bP,platformURLUpdated:xP,analyticsOptOut:vP,analyticsOptIn:PP};var NP=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),UP=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),LP=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),kP=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),MP=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),FP=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),$S={created:NP,updated:UP,deleted:LP,imported:kP,run:MP,previewed:FP};async function BP(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(BP,"created");async function WP(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(WP,"updated");async function $P(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s($P,"deleted");async function GP(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(GP,"assigned");async function VP(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(VP,"unassigned");var go={created:BP,updated:WP,deleted:$P,assigned:GP,unassigned:VP};async function qP(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(qP,"created");async function KP(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(KP,"deleted");var GS={created:qP,deleted:KP};var QP=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),jP=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),VS={created:QP,imported:jP};async function YP(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(YP,"created");async function HP(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(HP,"updated");async function zP(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(zP,"deleted");async function JP(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(JP,"exported");async function ZP(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(ZP,"imported");var qS={created:YP,updated:HP,deleted:zP,exported:JP,imported:ZP};async function XP(t){let e={timezone:t};await A("served:builder",e)}s(XP,"servedBuilder");async function eN(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(eN,"servedApp");async function tN(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(tN,"servedAppPreview");var KS={servedBuilder:XP,servedApp:eN,servedAppPreview:tN};async function rN(t,e){let r={userId:t._id,viaScim:pt(),audited:{email:t.email}};await A("user:created",r,e)}s(rN,"created");async function nN(t){let e={userId:t._id,viaScim:pt(),audited:{email:t.email}};await A("user:updated",e)}s(nN,"updated");async function iN(t){let e={userId:t._id,viaScim:pt(),audited:{email:t.email}};await A("user:deleted",e)}s(iN,"deleted");async function sN(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(sN,"permissionAdminAssigned");async function oN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(oN,"permissionAdminRemoved");async function aN(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(aN,"permissionBuilderAssigned");async function uN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(uN,"permissionBuilderRemoved");async function cN(t){let e={audited:{email:t}};await A("user:invited",e)}s(cN,"invited");async function lN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(lN,"inviteAccepted");async function dN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(dN,"passwordForceReset");async function fN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(fN,"passwordUpdated");async function pN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(pN,"passwordResetRequested");async function mN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(mN,"passwordReset");async function hN(t){let e={users:t};await A("user:data:collaboration",e)}s(hN,"dataCollaboration");var Le={created:rN,updated:nN,deleted:iN,permissionAdminAssigned:sN,permissionAdminRemoved:oN,permissionBuilderAssigned:aN,permissionBuilderRemoved:uN,invited:cN,inviteAccepted:lN,passwordForceReset:dN,passwordUpdated:fN,passwordResetRequested:pN,passwordReset:mN,dataCollaboration:hN};async function EN(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(EN,"created");async function gN(t){let e={tableId:t.tableId};await A("view:updated",e)}s(gN,"updated");async function yN(t,e){let r={...Ne.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(yN,"deleted");async function TN(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(TN,"exported");async function SN({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(SN,"filterCreated");async function AN({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(AN,"filterUpdated");async function _N(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(_N,"filterDeleted");async function ON({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(ON,"calculationCreated");async function IN(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(IN,"calculationUpdated");async function wN(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(wN,"calculationDeleted");async function DN(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(DN,"viewJoinCreated");var QS={created:EN,updated:gN,deleted:yN,exported:TN,filterCreated:SN,filterUpdated:AN,filterDeleted:_N,calculationCreated:ON,calculationUpdated:IN,calculationDeleted:wN,viewJoinCreated:DN};async function RN(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(RN,"versionChecked");async function CN(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(CN,"upgraded");async function bN(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(bN,"downgraded");async function xN(){let t={};await A("installation:firstStartup",t)}s(xN,"firstStartup");var fo={versionChecked:RN,upgraded:CN,downgraded:bN,firstStartup:xN};var di=!E.SELF_HOSTED&&!E.isDev();async function vN(t){di||await A("app:backfill:succeeded",t)}s(vN,"appSucceeded");async function PN(t){if(di)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(PN,"appFailed");async function NN(t){di||await A("tenant:backfill:succeeded",t)}s(NN,"tenantSucceeded");async function UN(t){if(di)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(UN,"tenantFailed");async function LN(){if(di)return;let t={};await A("installation:backfill:succeeded",t)}s(LN,"installationSucceeded");async function kN(t){if(di)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(kN,"installationFailed");var jS={appSucceeded:vN,appFailed:PN,tenantSucceeded:NN,tenantFailed:UN,installationSucceeded:LN,installationFailed:kN};async function MN(t,e){let r={groupId:t._id,viaScim:pt(),audited:{name:t.name}};await A("user_group:created",r,e)}s(MN,"created");async function FN(t){let e={groupId:t._id,viaScim:pt(),audited:{name:t.name}};await A("user_group:updated",e)}s(FN,"updated");async function BN(t){let e={groupId:t._id,viaScim:pt(),audited:{name:t.name}};await A("user_group:deleted",e)}s(BN,"deleted");async function WN(t,e){let r={count:t,groupId:e._id,viaScim:pt(),audited:{name:e.name}};await A("user_group:user_added",r)}s(WN,"usersAdded");async function $N(t,e){let r={count:t,groupId:e._id,viaScim:pt(),audited:{name:e.name}};await A("user_group:users_deleted",r)}s($N,"usersDeleted");async function GN(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(GN,"createdOnboarding");async function VN(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(VN,"permissionsEdited");var YS={created:MN,updated:FN,deleted:BN,usersAdded:WN,usersDeleted:$N,createdOnboarding:GN,permissionsEdited:VN};async function qN(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(qN,"init");async function KN(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(KN,"imported");async function QN(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(QN,"deleted");var HS={init:qN,imported:KN,deleted:QN};async function jN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(jN,"appBackupRestored");async function YN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(YN,"appBackupTriggered");var zS={appBackupRestored:jN,appBackupTriggered:YN};async function HN(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(HN,"created");async function zN(t){let e={name:t};await A("environment_variable:deleted",e)}s(zN,"deleted");async function JN(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(JN,"upgradePanelOpened");var JS={created:HN,deleted:zN,upgradePanelOpened:JN};async function ZN(t){let e={filters:t};await A("audit_log:filtered",e)}s(ZN,"filtered");async function XN(t){let e={filters:t};await A("audit_log:downloaded",e)}s(XN,"downloaded");var ZS={filtered:ZN,downloaded:XN};async function eU(t,e){await A("row_action:created",t,e)}s(eU,"created");var XS={created:eU};async function tU(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(tU,"deleted");var eA={deleted:tU};function rU(){}s(rU,"initAsyncEvents");var nU=s(async()=>{await qt.shutdown(),console.log("Events shutdown")},"shutdown");var Tp={};N(Tp,{creatorsInList:()=>hn,getAccountHolderFromUsers:()=>ju,hasAdminPermissions:()=>Ir,hasAppBuilderPermissions:()=>sA,hasBuilderPermissions:()=>tt,isAdmin:()=>wr,isAdminOrBuilder:()=>iA,isBuilder:()=>mi,isCreatorAsync:()=>To,isCreatorSync:()=>Ku,isGlobalBuilder:()=>nA,validateUniqueUser:()=>Qu});async function yp(t){let e=[],r=await tA(t);e.push(...r.map(a=>a.email));let n=await rA(t);e.push(...n.map(a=>a._id));let i=await ci(t);e.push(...i.map(a=>a.email));let o=await rp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(yp,"searchExistingEmails");async function Lu(t){return await Ws("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(Lu,"getPlatformUsers");async function yo(t){return(await Lu(t))[0]??null}s(yo,"getFirstPlatformUser");async function tA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Ft("by_email2",r,void 0,n)}s(tA,"getExistingTenantUsers");async function rA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("platform_users_lowercase_2",r)}s(rA,"getExistingPlatformUsers");async function ci(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("account_by_email",r)}s(ci,"getExistingAccounts");var qu={};N(qu,{BadRequestError:()=>Fu,BudibaseError:()=>fi,EmailUnavailableError:()=>Qt,FeatureDisabledError:()=>Gu,ForbiddenError:()=>Bu,HTTPError:()=>we,InvalidAPIKeyError:()=>pi,NotFoundError:()=>Mu,NotImplementedError:()=>Wu,UnexpectedError:()=>ku,UsageLimitError:()=>$u,getPublicError:()=>Vu});var fi=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}},Vu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),we=class t extends fi{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.message,o=u.status,a=u.error?.code}catch{}return new t(i,o,a)}},ku=class extends we{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Mu=class extends we{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},Fu=class extends we{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},Bu=class extends we{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},Wu=class extends we{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},$u=class extends we{constructor(r,n){super(r,400,"usage_limit_exceeded");this.limitName=n}static{s(this,"UsageLimitError")}getPublicError(){return{limitName:this.limitName}}},Gu=class extends we{constructor(r,n){super(r,400,"feature_disabled");this.featureName=n}static{s(this,"FeatureDisabledError")}getPublicError(){return{featureName:this.featureName}}},pi=class extends fi{static{s(this,"InvalidAPIKeyError")}constructor(){super("Invalid API key - may need re-generated, or user doesn't exist","invalid_api_key")}},Qt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var mi=Ve.users.isBuilder,wr=Ve.users.isAdmin,nA=Ve.users.isGlobalBuilder,iA=Ve.users.isAdminOrBuilder,Ir=Ve.users.hasAdminPermissions,tt=Ve.users.hasBuilderPermissions,sA=Ve.users.hasAppBuilderPermissions;async function hn(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await H().getMultiple(r,{allowMissing:!0}),t.map(i=>Ku(i,e))}s(hn,"creatorsInList");async function To(t){let e=[];return t.userGroups&&(e=await H().getMultiple(t.userGroups)),Ku(t,e)}s(To,"isCreatorAsync");function Ku(t,e){let r=Ve.users.isCreator(t);return!r&&t?sU(t,e):r}s(Ku,"isCreatorSync");function sU(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(sU,"isCreatorByGroupMembership");async function Qu(t,e){if(E.MULTI_TENANCY){let r=await yo(t);if(r!=null&&r.tenantId!==e)throw new Qt(t)}if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let r=await Or(t);if(r&&r.verified&&r.tenantId!==e)throw new Qt(t)}}s(Qu,"validateUniqueUser");async function ju(t){if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let e=await ci(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(ju,"getAccountHolderFromUsers");var Sp=s(async t=>{await Le.deleted(t),tt(t)&&await Le.permissionBuilderRemoved(t),Ir(t)&&await Le.permissionAdminRemoved(t)},"handleDeleteEvents"),oU=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await go.assigned(t,i)},"assignAppRoleEvents"),aU=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await go.unassigned(t,i)},"unassignAppRoleEvents"),uU=s(async(t,e)=>{let r=t.roles,n=e?.roles;await oU(t,r,n),await aU(t,r,n)},"handleAppRoleEvents"),Ap=s(async(t,e)=>{let r=V(),n;!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL&&(n=await oi(r)),await gt.identifyUser(t,n),e?(await Le.updated(t),lU(t,e)&&await Le.permissionBuilderRemoved(t),fU(t,e)&&await Le.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Le.passwordForceReset(t),t.password!==e.password&&await Le.passwordUpdated(t)):await Le.created(t),cU(t,e)&&await Le.permissionBuilderAssigned(t),dU(t,e)&&await Le.permissionAdminAssigned(t),await uU(t,e)},"handleSaveEvents"),cU=s((t,e)=>oA(t,e,tt),"isAddingBuilder"),lU=s((t,e)=>aA(t,e,tt),"isRemovingBuilder"),dU=s((t,e)=>oA(t,e,Ir),"isAddingAdmin"),fU=s((t,e)=>aA(t,e,Ir),"isRemovingAdmin"),oA=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),aA=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var Yu={};N(Yu,{createASession:()=>mU,endSession:()=>hU,getSession:()=>Op,getSessionsForUser:()=>So,invalidateSessions:()=>En,updateSessionTTL:()=>_p});var cA=require("uuid");var lA=E.SESSION_EXPIRY_SECONDS?parseInt(E.SESSION_EXPIRY_SECONDS):he.fromDays(7).toSeconds();function hi(t,e){return`${t}/${e}`}s(hi,"makeSessionID");async function So(t){return t?(await(await fr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(So,"getSessionsForUser");async function En(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await So(t)).map(a=>({key:hi(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:hi(t,o)}))),i&&i.length>0){let o=await fr(),a=[];for(let u of i)a.push(o.delete(u.key));E.isTest()||ii(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(En,"invalidateSessions");async function mU(t,e){let r=await So(t),n=0;if(r.length>=3){let l=r.sort((p,h)=>new Date(p.createdAt).getTime()-new Date(h.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(p=>p.sessionId);n=f.length,await En(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await fr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,cA.v4)(),u=hi(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,lA),{session:c,invalidatedSessionCount:n}}s(mU,"createASession");async function _p(t){let e=await fr(),r=hi(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,lA)}s(_p,"updateSessionTTL");async function hU(t,e){await(await fr()).delete(hi(t,e))}s(hU,"endSession");async function Op(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await fr()).get(hi(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Op,"getSession");var Rp={};N(Rp,{PASSWORD_MAX_LENGTH:()=>wp,PASSWORD_MIN_LENGTH:()=>Ip,validatePassword:()=>Dp});var Ip=+(E.PASSWORD_MIN_LENGTH||12),wp=+(E.PASSWORD_MAX_LENGTH||512);function Dp(t){return!t||t.length<Ip?{valid:!1,error:`Password invalid. Minimum ${Ip} characters.`}:t.length>wp?{valid:!1,error:`Password invalid. Maximum ${wp} characters.`}:{valid:!0}}s(Dp,"validatePassword");var EU=s(async t=>{let e=t._id;await Et.removeUser(t),await Sp(t),await Dr.invalidateUser(e),await En(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),wt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return E.ENABLE_SSO_MAINTENANCE_MODE&&wr(e)?!1:await t.features.isSSOEnforced()||$o(e)?!0:(r||(r=await oi(V())),!!(r&&r.email===e.email&&Wo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a){if(await t.isPreventPasswordActions(e,o))throw new we("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Dp(a);if(!f.valid)throw new we(f.error,400)}c=r.hashPassword?await Nd(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||Jn();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await H().allDocs(sn(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByApp(e){return{userCount:(await zu(e,{})).length}}static async getUsersByAppAccess(e){return await Cp(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return yt(e)}static async getUser(e){let r=await gn(e);return r&&delete r.password,r}static async bulkGet(e){return await Hu(e)}static async bulkUpdate(e){return await Ao(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=V(),i=H(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await gn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(p){if(p.status!==404)throw p}if(!l&&o&&(l=await yt(o),l&&l._id!==a))throw new Qt(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[p,h]=await hn([l,e]);f=p!==h?1:0}return t.quotas.addUsers(d,f,async()=>{r.isAccountHolder||await Qu(o,n);let p=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(p=bp(p,l)),!l&&c?.length&&(p.roles={...c});let h=[];if(!a&&u.length>0)for(let m of u)h.push(t.groups.addUsers(m,[p._id]));try{let m=await i.put(p);return p._rev=m.rev,await Ap(p,l),l&&p.email!==l.email&&await Et.removeUser({email:l.email}),await Et.addUser(n,p._id,p.email,p.ssoId),await Dr.invalidateUser(m.id),await Promise.all(h),i.get(p._id)}catch(m){throw m.status===409?"User exists already":m}})}static async bulkCreate(e,r){let n=V(),i=[],o=[],a=[],u=e.map(p=>p.email),c=await yp(u),l=[];for(let p of e){let h=o.find(g=>g.email.toLowerCase()===p.email.toLowerCase()),m=c.includes(p.email.toLowerCase());if(h||m){l.push({email:p.email,reason:"Unavailable"});continue}p.userGroups=r||[],o.push(p),await To(p)&&a.push(p)}let d=await oi(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let m of o)f&&delete m.password,i.push(t.buildUser(m,{hashPassword:!0,requirePassword:!f},n,void 0,d));let p=await Promise.all(i);await Ao(p);for(let m of p)await Et.addUser(n,m._id,m.email),await Ap(m,void 0);let h=p.map(m=>({_id:m._id,email:m.email}));if(Array.isArray(h)&&r){let m=[],g=h.map(y=>y._id);for(let y of r)m.push(t.groups.addUsers(y,g));await Promise.all(m)}return{successful:h,unsuccessful:l}})}static async bulkDelete(e){let r=H(),n={successful:[],unsuccessful:[]},i=await ju(e);i&&(e=e.filter(h=>h.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(h=>h.userId)})).rows.map(h=>h.doc),u=a.map(h=>({...h,_deleted:!0})),c=await Ao(u),d=(await hn(a)).filter(h=>h).length,f=[];for(let h of a){let g=(await yo(h._id)).ssoId;g&&(await Lu(g)).filter(S=>S.ssoId==null).forEach(S=>{f.push({...S,_deleted:!0})}),await EU(h)}await _r().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let p={};return a.reduce((h,m)=>(h[m._id]=m,h),p),c.forEach(h=>{let m=p[h.id].email;h.ok?n.successful.push({_id:h.id,email:m}):n.unsuccessful.push({_id:h.id,email:m,reason:"Database error"})}),n}static async destroy(e){let r=H(),n=await r.get(e),i=n._id;if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await Or(a))throw n.userId===Lt()._id?new we('Please visit "Account" to delete this user',400):new we("Account holder cannot be deleted",400)}await Et.removeUser(n),await r.remove(i,n._rev);let o=await To(n)?1:0;await t.quotas.removeUsers(1,o),await Sp(n),await Dr.invalidateUser(i),await En(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await si(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Oo(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Oo,"removeUserPassword");async function Hu(t,e){let n=(await H().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Oo(n)),n}s(Hu,"bulkGetGlobalUsersById");async function yU(){let t=H(),e=`us${b}`;return(await t.allDocs({startkey:e,endkey:`${e}${ve}`})).rows.map(n=>n.id)}s(yU,"getAllUserIds");async function TU(){let t=H(),e=`us${b}`;return(await t.allDocs({startkey:e,endkey:`${e}${ve}`,include_docs:!0})).rows.map(n=>n.doc)}s(TU,"getAllUsers");async function Ao(t){return await H().bulkDocs(t)}s(Ao,"bulkUpdateGlobalUsers");async function gn(t,e){let n=await H().get(t);return e?.cleanup&&(n=Oo(n)),n}s(gn,"getById");async function yt(t,e){if(t==null)throw"Must supply an email address to view";let r=await Ft("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Oo(n)),n}s(yt,"getGlobalUserByEmail");async function SU(t){try{let e=await yt(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(SU,"doesUserExist");async function zu(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=ru(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Ft("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Oo(o)),o}s(zu,"searchGlobalUsersByApp");async function Cp(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await H().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(Cp,"searchGlobalUsersByAppAccess");function dA(t,e){if(e)return tu(Ke(t),e._id)}s(dA,"getGlobalUserByAppPage");async function fA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Ft("by_email2",{...e,startkey:i,endkey:`${n}${ve}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Oo(a)),a}s(fA,"searchGlobalUsersByEmail");var AU=8;async function pA({bookmark:t,query:e,appId:r,limit:n}={}){let i=H(),o=n??AU,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await gn(e.equal._id)]:r?(c=await zu(r,u),d=s(f=>dA(r,f),"getKey")):e?.string?.email?(c=await fA(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await Hu(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(sn(null,{...u,limit:void 0}))).rows.map(p=>p.doc),c=ar.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(sn(null,u))).rows.map(p=>p.doc),gf(c,o,{paginate:!0,property:l,getKey:d})}s(pA,"paginatedUsers");async function _U(){return(await Sf("by_email2",{limit:0,include_docs:!1})).total_rows}s(_U,"getUserCount");async function OU(){let t=0;async function e(r){let n=await pA({bookmark:r}),i=await hn(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(OU,"getCreatorCount");function IU(t){return delete t.admin,delete t.builder,t}s(IU,"removePortalUserPermissions");function bp(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(bp,"cleanseUserObject");async function wU(t,e){let r=Ke(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await wt.save(t,{hashPassword:!1})}s(wU,"addAppBuilder");async function DU(t,e){let r=Ke(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await wt.save(t,{hashPassword:!1})}s(DU,"removeAppBuilder");var mA=3600;async function RU(t,e){let n=await Of(e).get(t);if(n.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let i=await Or(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(RU,"populateFromDB");async function CU(t){let e=await wt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let o=await Or(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(CU,"populateUsersFromDB");async function Io({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=RU),!e)try{e=V()}catch{e=await Et.lookupTenantId(t)}let i=await Us(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,mA)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Ve.users.isGlobalBuilder(o)&&await Re(e,async()=>{let a=await wt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(Io,"getUser");async function bU(t){let e=await Us(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await CU(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,mA);i.push(...a.users)}return{users:i,notFoundIds:o}}s(bU,"getUsers");async function wo(t){await(await Us()).delete(t)}s(wo,"invalidateUser");var Up={};N(Up,{Writethrough:()=>Pp});var gi={};N(gi,{AUTO_EXTEND_POLLING_MS:()=>EA,doWithLock:()=>xp,newRedlock:()=>yn});var hA=F(require("redlock"));async function vU(t,e){if(t==="custom")return yn(e);switch(t){case"try_once":return yn(Ei.TRY_ONCE);case"try_twice":return yn(Ei.TRY_TWICE);case"default":return yn(Ei.DEFAULT);case"delay_500":return yn(Ei.DELAY_500);case"auto_extend":return yn(Ei.AUTO_EXTEND);default:throw Xt.unreachable(t)}}s(vU,"getClient");var Ei={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function yn(t={}){let e={...Ei.DEFAULT,...t},n=(await df()).client;return new hA.default([n],e)}s(yn,"newRedlock");function PU(t){let r=`lock:${t.systemLock?"system":V()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(PU,"getLockName");var EA=he.fromSeconds(10).toMs();async function xp(t,e){let r=await vU(t.type,t.customOptions),n,i;try{let o=PU(t),a=t.type==="auto_extend"?EA:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(xp,"doWithLock");var gA=1e4,vp=null;async function Ju(){if(!vp){let t=await lf();vp=new cn(t)}return vp}s(Ju,"getCache");function Do(t,e){return t.name+e}s(Do,"makeCacheKey");function Np(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(Np,"makeCacheItem");async function NU(t,e,r=gA){let n=await Ju(),i=e._id,o;i&&(o=await n.get(Do(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await xp({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;ii("Ignoring conflict in write-through cache")}})).executed||ii("Ignoring redlock conflict in write-through cache")),o=Np(u,a?null:o?.lastWrite),u._id&&await n.store(Do(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(NU,"put");async function UU(t,e){let r=await Ju(),n=Do(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=Np(o),await r.store(n,i)}return i.doc}s(UU,"get");async function LU(t,e){let r=await Ju(),n=Do(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=Np(o),await r.store(n,i)}return i.doc}s(LU,"tryGet");async function kU(t,e,r){let n=await Ju();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(Do(t,i))}finally{await t.remove(i,r)}}s(kU,"remove");var Pp=class{static{s(this,"Writethrough")}constructor(e,r=gA){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return NU(this.db,e,r)}async get(e){return UU(this.db,e)}async tryGet(e){return LU(this.db,e)}async remove(e,r){return kU(this.db,e,r)}};function Zu(t){return`config${b}${t}`}s(Zu,"generateConfigID");async function rt(t){let e=H();try{return await e.get(Zu(t))}catch(r){if(r.status===404)return;throw r}}s(rt,"getConfig");async function MU(t){return t._id||(t._id=Zu(t.type)),H().put(t)}s(MU,"save");async function ri(){let t=await rt("settings");return t||(t={_id:Zu("settings"),type:"settings",config:{}}),t.config.platformUrl=await Ro({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await bu({config:t.config}),t}s(ri,"getSettingsConfigDoc");async function Mp(){return(await ri()).config}s(Mp,"getSettingsConfig");async function Ro(t={tenantAware:!0}){let e=E.PLATFORM_URL||"http://localhost:10000";if(!E.SELF_HOSTED&&E.MULTI_TENANCY&&t.tenantAware){let r=V();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(E.SELF_HOSTED){let r=t?.config?t.config:(await rt("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(Ro,"getPlatformUrl");var bu=s(async t=>{if(!E.SELF_HOSTED)return!!E.ENABLE_ANALYTICS;let e=await Ar(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await rt("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=E.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function FU(){return await rt("google")}s(FU,"getGoogleConfigDoc");async function Xu(){return(await FU())?.config}s(Xu,"getGoogleConfig");async function Fp(){if(!E.SELF_HOSTED)return Lp();let t=await Xu();return(!t||!t.activated)&&(t=Lp()),t}s(Fp,"getGoogleDatasourceConfig");function Lp(){if(E.GOOGLE_CLIENT_ID&&E.GOOGLE_CLIENT_SECRET)return{clientID:E.GOOGLE_CLIENT_ID,clientSecret:E.GOOGLE_CLIENT_SECRET,activated:!0}}s(Lp,"getDefaultGoogleConfig");async function BU(){return rt("logos_oidc")}s(BU,"getOIDCLogosDoc");async function WU(){return rt("oidc")}s(WU,"getOIDCConfigDoc");async function $U(){let t=(await WU())?.config;return t?.configs&&t.configs[0]}s($U,"getOIDCConfig");async function Bp(t){let e=(await rt("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(Bp,"getOIDCConfigById");async function yA(){return rt("smtp")}s(yA,"getSMTPConfigDoc");async function GU(t){let e=await yA();if(e)return e.config;let r=E.SELF_HOSTED||!t;if(E.SMTP_FALLBACK_ENABLED&&r)return{port:E.SMTP_PORT,host:E.SMTP_HOST,secure:!1,from:E.SMTP_FROM_ADDRESS,auth:{user:E.SMTP_USER,pass:E.SMTP_PASSWORD},fallback:!0}}s(GU,"getSMTPConfig");async function VU(){return(await rt("scim"))?.config}s(VU,"getSCIMConfig");async function qU(){return rt("ai")}s(qU,"getAIConfig");async function KU(){return rt("recaptcha")}s(KU,"getRecaptchaConfig");var Hp={};N(Hp,{AccessController:()=>Gp,BUILTIN_ROLE_IDS:()=>Vp,Role:()=>Rr,RoleHierarchyTraversal:()=>ec,RoleIDVersion:()=>qp,builtinRoleToNumber:()=>Co,checkForRoleResourceArray:()=>_A,externalRole:()=>JU,findRole:()=>bo,getAllRoleIds:()=>tL,getAllRoles:()=>Yp,getBuiltinRole:()=>SA,getBuiltinRoles:()=>Qp,getDBRoleID:()=>OA,getExternalRoleID:()=>Cr,getExternalRoleIDs:()=>IA,getRole:()=>ZU,getUserRoleHierarchy:()=>jp,getUserRoleIdHierarchy:()=>AA,isBuiltin:()=>Tn,lowerBuiltinRoleID:()=>zU,prefixRoleIDNoBuiltin:()=>$p,roleIDsAreEqual:()=>nt,roleToNumber:()=>HU,saveRoles:()=>XU,validInherits:()=>YU});var TA=require("lodash"),tc=F(require("lodash/fp/cloneDeep")),Wp=F(require("semver"));var Vp={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...Vp,BUILDER:"BUILDER"},qp={UUID:void 0,NAME:"name"};function jU(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(jU,"rolesInList");var Rr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=qp.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=$p(e):e&&Array.isArray(e)&&(e=e.map($p)),this.inherits=e,this}},ec=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=bo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!jU(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=bo(a.inherits,n,r),a&&i.push(a),Ne.roles.checkForRoleInheritanceLoops(i))break}}return(0,TA.uniqBy)(i,o=>o._id)}},Kp={ADMIN:new Rr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"App admin",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new Rr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new Rr(ie.BASIC,ie.BASIC,"write",{displayName:"App user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new Rr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Rr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Qp(){return(0,tc.default)(Kp)}s(Qp,"getBuiltinRoles");function Tn(t){return Object.values(Vp).includes(t)}s(Tn,"isBuiltin");function $p(t){return Tn(t)?t:kt(t)}s($p,"prefixRoleIDNoBuiltin");function SA(t){let e=Object.values(Kp).find(r=>t.includes(r._id));if(e)return(0,tc.default)(e)}s(SA,"getBuiltinRole");function YU(t,e){if(!e)return!1;let r=s(n=>t.find(i=>nt(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(YU,"validInherits");function Co(t){let e=Qp(),r=Object.values(e).length+1;if(nt(t,ie.ADMIN)||nt(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Co,"builtinRoleToNumber");async function HU(t){if(Tn(t))return Co(t);let e=await jp(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>nt(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(Tn(n.inherits))return Co(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(HU,"roleToNumber");function zU(t,e){return t?e&&Co(t)>Co(e)?e:t:e}s(zU,"lowerBuiltinRoleID");function nt(t,e){return kt(t)===kt(e)}s(nt,"roleIDsAreEqual");function JU(t){let e;return t._id&&(e=Cr(t._id)),{...t,_id:e,inherits:IA(t.inherits,t.version)}}s(JU,"externalRole");function bo(t,e,r){let n=SA(t);n||(t=kt(t));let i=e.find(o=>o._id&&nt(o._id,t));return!i&&!Tn(t)&&r?.defaultPublic?(0,tc.default)(Kp.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=Cr(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(bo,"findRole");async function ZU(t,e){let r=zn(),n=[];if(!Tn(t)){let i=await r.tryGet(OA(t));i&&n.push(i)}return bo(t,n,e)}s(ZU,"getRole");async function XU(t){await zn().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:kt(r._id)})))}s(XU,"saveRoles");async function eL(t,e){let r=await Yp();if(nt(t,ie.ADMIN))return r;let n=bo(t,r,e),i=[];return n&&(i=new ec(r,e).walk(n)),i}s(eL,"getAllUserRoles");async function AA(t){return(await jp(t)).map(r=>r._id)}s(AA,"getUserRoleIdHierarchy");async function jp(t,e){return eL(t,e)}s(jp,"getUserRoleHierarchy");function _A(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(_A,"checkForRoleResourceArray");async function tL(t){return(await Yp(t)).map(r=>r._id)}s(tL,"getAllRoleIds");async function Yp(t){if(t)return qe(t,e);{let r;try{r=zn()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(nu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=Cr(u._id,u.version)));let i=Qp(),o=[];!r||await rL(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>nt(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=Cr(u._id,c.version),n.push({...u,...c,name:u.name,_id:Cr(u._id,u.version)}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=_A(a.permissions,u);return n}s(e,"internal")}s(Yp,"getAllRoles");async function rL(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!Wp.default.valid(r)?!0:!Wp.default.gte(r,E.MIN_VERSION_WITHOUT_POWER_ROLE)}s(rL,"shouldIncludePowerRole");var Gp=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||nt(e,ie.BUILDER)||nt(r,e)||nt(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await AA(r),this.userHierarchies[r]=n),n?.find(i=>nt(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function OA(t){return t?.startsWith("role")?t:kt(t)}s(OA,"getDBRoleID");function Cr(t,e){if(t.startsWith(`role${b}`)&&(Tn(t)||e===qp.NAME)){let r=t.split(b);return r.shift(),r.join(b)}return t}s(Cr,"getExternalRoleID");function IA(t,e){return t&&(typeof t=="string"?Cr(t,e):t.map(r=>Cr(r,e)))}s(IA,"getExternalRoleIDs");var zp={};N(zp,{BUILDER:()=>aL,BUILTIN_PERMISSIONS:()=>rc,CREATOR:()=>uL,GLOBAL_BUILDER:()=>cL,PermissionImpl:()=>se,PermissionLevel:()=>Ii,PermissionType:()=>Fo,doesHaveBasePermission:()=>sL,getAllowedLevels:()=>CA,getBuiltinPermissionByID:()=>iL,getBuiltinPermissions:()=>nL,isPermissionLevelHigherThanRead:()=>oL,levelToNumber:()=>RA});var wA=F(require("lodash/flatten")),DA=F(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function RA(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(RA,"levelToNumber");function CA(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(CA,"getAllowedLevels");var rc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function nL(){return(0,DA.default)(rc)}s(nL,"getBuiltinPermissions");function iL(t){return Object.values(rc).find(r=>r._id===t)}s(iL,"getBuiltinPermissionByID");function sL(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(rc),o=(0,wA.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&CA(a.level).indexOf(e)!==-1)return!0;return!1}s(sL,"doesHaveBasePermission");function oL(t){return RA(t)>1}s(oL,"isPermissionLevelHigherThanRead");var aL="builder",uL="creator",cL="globalBuilder";var um={};N(um,{adminOnly:()=>pc,auditLog:()=>cc,authError:()=>Oe,buildAuthMiddleware:()=>QL,buildCsrfMiddleware:()=>YL,buildTenancyMiddleware:()=>jL,builderOnly:()=>hc,builderOrAdmin:()=>mc,google:()=>jt,internalApi:()=>dc,joiValidator:()=>vo,oidc:()=>Yt,passport:()=>HL,platformLogout:()=>e0,refreshOAuthToken:()=>ZL,ssoCallbackUrl:()=>br,updateUserOAuth:()=>XL});var am={};N(am,{adminOnly:()=>pc,auditLog:()=>cc,authError:()=>Oe,authenticated:()=>uc,builderOnly:()=>hc,builderOrAdmin:()=>mc,correlation:()=>GA,csp:()=>YA,csrf:()=>fc,datasource:()=>qL,errorHandling:()=>qA,featureFlagCookie:()=>HA,google:()=>jt,internalApi:()=>dc,ip:()=>JA,joiValidator:()=>vo,local:()=>yi,oidc:()=>Yt,pino:()=>WA,querystringToBody:()=>KA,ssoCallbackUrl:()=>br,tenancy:()=>lc});var yi={};N(yi,{authenticate:()=>fL,options:()=>dL});function Oe(t,e,r){return t(r,null,{message:e})}s(Oe,"authError");async function br(t,e){if(e&&e.callbackURL)return e.callbackURL;let r=await Mp(),n="/api/global/auth";return dr()&&(n+=`/${V()}`),n+=`/${t}/callback`,`${r.platformUrl}${n}`}s(br,"ssoCallbackUrl");var Jp="Invalid credentials",lL="This account has expired. Please reset your password",dL={passReqToCallback:!0};async function fL(t,e,r,n){if(!e)return Oe(n,"Email Required");if(!r)return Oe(n,"Password Required");let i=await yt(e);return i==null?(console.info(`user=${e} could not be found`),Oe(n,Jp)):i.status==="inactive"?(console.info(`user=${e} is inactive`,i),Oe(n,Jp)):i.password?await Ud(r,i.password)?(delete i.password,n(null,i)):Oe(n,Jp):(console.info(`user=${e} has no password set`,i),Oe(n,lL))}s(fL,"authenticate");var jt={};N(jt,{buildVerifyFn:()=>vA,getCallbackUrl:()=>hL,strategyFactory:()=>Zp});var xo=s(t=>Promise.resolve(t),"ssoSaveUserNoOp");async function nc(t,e=!0,r,n){if(!n)throw new Error("Save user function must be provided");if(!t.userId)return Oe(r,"sso user id required");if(!t.email)return Oe(r,"sso user email required");let i=Jn(t.userId),o;try{o=await gn(i)}catch(u){if(!u.status||u.status!==404)return Oe(r,"Unexpected error when retrieving existing user",u)}if(o||(o=await yt(t.email)),!o&&e)return Oe(r,"Email does not yet exist. You must set up your local budibase account first.");o||(o={_id:i,email:t.email,roles:{},tenantId:V()});let a=await pL(o,t);a.forceResetPassword=!1;try{delete a.password,a=await n(a,{hashPassword:!1,requirePassword:!1})}catch(u){return Oe(r,"Error saving user",u)}return r(null,a)}s(nc,"authenticate");async function pL(t,e){let r,n,i;if(e.profile){let o=e.profile;if(o.name){let a=o.name;a.givenName&&(r=a.givenName),a.familyName&&(n=a.familyName)}}return e.oauth2&&(i={...e.oauth2}),{...t,provider:e.provider,providerType:e.providerType,firstName:r,lastName:n,oauth2:i}}s(pL,"syncUser");var mL=require("passport-google-oauth").OAuth2Strategy;function vA(t){return(e,r,n,i)=>{let o={provider:"google",providerType:"google",userId:n.id,profile:n,email:n._json.email,oauth2:{accessToken:e,refreshToken:r}};return nc(o,!0,i,t)}}s(vA,"buildVerifyFn");async function Zp(t,e,r){try{let{clientID:n,clientSecret:i}=t;if(!n||!i)throw new Error("Configuration invalid. Must contain google clientID and clientSecret");let o=vA(r);return new mL({clientID:t.clientID,clientSecret:t.clientSecret,callbackURL:e},o)}catch(n){throw new Error(`Error constructing google authentication strategy: ${n}`)}}s(Zp,"strategyFactory");async function hL(t){return br("google",t)}s(hL,"getCallbackUrl");var Yt={};N(Yt,{buildVerifyFn:()=>NA,fetchStrategyConfig:()=>TL,getCallbackUrl:()=>SL,strategyFactory:()=>yL});var PA=F(require("node-fetch"));var EL=require("@techpass/passport-openidconnect").Strategy;function NA(t){return async(e,r,n,i,o,a,u,c,l)=>{let d={provider:e,providerType:"oidc",userId:n.id,profile:n,email:gL(n,i),oauth2:{accessToken:o,refreshToken:a}};return nc(d,!1,l,t)}}s(NA,"buildVerifyFn");function gL(t,e){if(t._json.email)return t._json.email;if(e.email)return e.email;let r=e.preferred_username;if(r&&Rf(r))return r;throw new Error(`Could not determine user email from profile ${JSON.stringify(t)} and claims ${JSON.stringify(e)}`)}s(gL,"getEmail");async function yL(t,e){try{let r=NA(e),n=new EL(t,r);return n.name="oidc",n}catch(r){throw new Error(`Error constructing OIDC authentication strategy - ${r}`)}}s(yL,"strategyFactory");async function TL(t,e){try{let{clientID:r,clientSecret:n,configUrl:i,pkce:o}=t;if(!r||!n||!e||!i)throw new Error("Configuration invalid. Must contain clientID, clientSecret, callbackUrl and configUrl");let a=await(0,PA.default)(i);if(!a.ok)throw new Error(`Unexpected response when fetching openid-configuration: ${a.statusText}`);let u=await a.json();return{issuer:u.issuer,authorizationURL:u.authorization_endpoint,tokenURL:u.token_endpoint,userInfoURL:u.userinfo_endpoint,clientID:r,clientSecret:n,callbackURL:e,pkce:o}}catch(r){throw new Error(`Error constructing OIDC authentication configuration - ${r}`)}}s(TL,"fetchStrategyConfig");async function SL(){return br("oidc")}s(SL,"getCallbackUrl");var Xp={};N(Xp,{postAuth:()=>OL,preAuth:()=>_L});var AL=require("passport-google-oauth").OAuth2Strategy;async function UA(){let t=await Fp();if(!t)throw new Error("No google configuration found");return t}s(UA,"fetchGoogleCreds");async function _L(t,e,r){let n=await UA(),o=`${await Ro({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=await Zp(n,o,xo);return e.query.appId||e.throw(400,"appId query param not present."),t.authenticate(a,{scope:["profile","email","https://www.googleapis.com/auth/spreadsheets"],accessType:"offline",prompt:"consent"})(e,r)}s(_L,"preAuth");async function OL(t,e,r){let n=await UA(),o=`${await Ro({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=Wt(e,"budibase:datasourceauth");if(!a)throw new Error("Unable to fetch datasource auth cookie");return t.authenticate(new AL({clientID:n.clientID,clientSecret:n.clientSecret,callbackURL:o},(u,c,l,d)=>{hr(e,"budibase:datasourceauth"),d(null,{accessToken:u,refreshToken:c})}),{successRedirect:"/",failureRedirect:"/error"},async(u,c)=>{let l=`/builder/workspace/${a.appId}/data`,d=ne();await Vt(`datasource:creation:${a.appId}:google:${d}`,{tokens:c}),e.redirect(`${l}/new?continue_google_setup=${d}`)})(e,r)}s(OL,"postAuth");var IL=/\/:(.*?)(\/.*)?$/g,Sn=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(IL);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),An=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var sm={};N(sm,{SecretOption:()=>MA,decrypt:()=>im,decryptFile:()=>xL,encrypt:()=>RL,encryptFile:()=>CL,getSecret:()=>nm});var Ht=F(require("crypto")),xr=F(require("fs")),tm=F(require("zlib"));var em=require("path");var ic="aes-256-ctr",kA="-",wL=1e4,DL=32,sc=16,rm=16,MA=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(MA||{});function nm(t){let e,r;switch(t){case"encryption":e=E.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=E.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(nm,"getSecret");function oc(t,e){return Ht.default.pbkdf2Sync(t,new Uint8Array(e),wL,DL,"sha512")}s(oc,"stretchString");function RL(t,e="api"){let r=Ht.default.randomBytes(sc),n=oc(nm(e),r),i=Ht.default.createCipheriv(ic,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${kA}${u}`}s(RL,"encrypt");function im(t,e="api"){let[r,n]=t.split(kA),i=Buffer.from(r,"hex"),o=oc(nm(e),i),a=Ht.default.createDecipheriv(ic,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(im,"decrypt");async function CL({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,em.join)(t,e);if(xr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=xr.default.createReadStream(i),a=xr.default.createWriteStream((0,em.join)(t,n)),u=Ht.default.randomBytes(sc),c=Ht.default.randomBytes(rm),l=oc(r,u),d=Ht.default.createCipheriv(ic,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(tm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(CL,"encryptFile");async function bL(t){let e=xr.default.createReadStream(t),r=await LA(e,sc),n=await LA(e,rm);return e.close(),{salt:r,iv:n}}s(bL,"getSaltAndIV");async function xL(t,e,r){if(xr.default.lstatSync(t).isDirectory())throw new Error("Unable to encrypt directory");let{salt:n,iv:i}=await bL(t),o=xr.default.createReadStream(t,{start:sc+rm}),a=xr.default.createWriteStream(e),u=oc(r,n),c=Ht.default.createDecipheriv(ic,new Uint8Array(u),new Uint8Array(i)),l=tm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",p=>{a.close(),f(p)}),c.on("error",p=>{a.close(),f(p)}),l.on("error",p=>{a.close(),f(p)}),a.on("error",p=>{a.close(),f(p)})})}s(xL,"decryptFile");function LA(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(LA,"readBytes");var BA=F(require("dd-trace"));var vL=E.SESSION_UPDATE_PERIOD?parseInt(E.SESSION_UPDATE_PERIOD):60*1e3;function PL(){return new Date(Date.now()-vL).toISOString()}s(PL,"timeMinusOneMinute");function FA(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(FA,"finalise");async function NL(t,e){if(Ks(t))return{valid:!0,user:void 0};let n=im(t).split(b)[0];return Re(n,async()=>{let i;try{let o=H();i=await Ft("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await Io({userId:i,tenantId:n,populateUser:e})};throw new pi})}s(NL,"checkApiKey");function ac(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(ac,"getHeader");function uc(t=[],e={publicAllowed:!1}){let r=t?Sn(t):[];return async(n,i)=>{let o=!1,a=ac(n,"x-budibase-api-version");An(n,r)&&(o=!0);try{let c=ac(n,"x-budibase-token"),l=Wt(n,"budibase:auth")||su(c),d=ac(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=ac(n,"x-budibase-tenant-id"),p=!1,h,m=!1,g;if(l&&!d){let S=l.sessionId,O=l.userId,_;try{_=await Op(O,S),e&&e.populateUser?h=await Io({userId:O,tenantId:_.tenantId,email:_.email,populateUser:e.populateUser(n)}):h=await Io({userId:O,tenantId:_.tenantId,email:_.email}),h.csrfToken=_.csrfToken,g="cookie",_?.lastAccessedAt<PL()&&await _p(_),p=!0}catch(D){p=!1,console.error(`Auth Error: ${D.message}`),hr(n,"budibase:auth")}}if(!p&&d){let S=e.populateUser?e.populateUser(n):null,{valid:O,user:_}=await NL(d,S);O&&(p=!0,g="api_key",h=_,m=!_)}!h&&f?h={tenantId:f}:h&&"password"in h&&delete h.password,p||(p=!1);let y=s(S=>S&&S.email,"isUser");return y(h)&&BA.default.setUser({id:h._id,tenantId:h.tenantId,budibaseAccess:h.budibaseAccess,status:h.status}),FA(n,{authenticated:p,user:h,internal:m,version:a,publicEndpoint:o,loginMethod:g}),y(h)?Md(h,n,i):i()}catch(c){if(console.error(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?hr(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return FA(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(uc,"authenticated");var cc=s(async(t,e)=>e(),"auditLog");function lc(t,e,r={noTenancyRequired:!1}){let n=Sn(t),i=Sn(e);return async function(o,a){let c={allowNoTenant:r.noTenancyRequired||!!An(o,i)};!!An(o,n)||(c.excludeStrategies=["query"]);let d=Gs(o,c);return o.set("x-budibase-tenant-id",d),Re(d,a)}}s(lc,"tenancy");async function dc(t,e){let r=t.request.headers["x-budibase-api-key"];return r||t.throw(403,"Unauthorized"),Array.isArray(r)&&t.throw(403,"Unauthorized"),Ks(r)||t.throw(403,"Unauthorized"),e()}s(dc,"internalApi");var UL=["GET","HEAD","OPTIONS"],LL=["application/x-www-form-urlencoded","multipart/form-data","text/plain"];function fc(t={noCsrfPatterns:[]}){let e=Sn(t.noCsrfPatterns);return async(r,n)=>{if(An(r,e)||UL.indexOf(r.method)!==-1)return n();let o=r.get("content-type")?r.get("content-type").toLowerCase():"";if(!LL.filter(c=>o.includes(c)).length||r.internal)return n();let a=r.user?.csrfToken;if(!a)return n();let u=r.get("x-csrf-token");return(!u||u!==a)&&r.throw(403,"Invalid CSRF token"),n()}}s(fc,"csrf");var pc=s(async(t,e)=>(!t.internal&&!wr(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");async function mc(t,e){if(t.internal||wr(t.user))return e();let r=await qs(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!tt(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!mi(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(mc,"builderOrAdmin");async function hc(t,e){if(t.internal)return e();let r=await qs(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!tt(t.user)?t.throw(403,"Builder user only endpoint."):r&&!mi(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(hc,"builderOnly");var kL=require("koa-pino-logger"),ML=require("correlation-id");function FL(){return{logger:Ou,genReqId:ML.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(FL,"pinoSettings");function BL(){return E.HTTP_LOGGING?kL(FL()):(t,e)=>e()}s(BL,"getMiddleware");var WA=BL();var $A=require("uuid");var WL=require("correlation-id"),GA=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,$A.v4)()),WL.withId(r,()=>e())},"correlationMiddleware");function VA(t){if(t.includes("-----BEGIN PRIVATE KEY-----"))return!0;for(let e of Oy){let r=E[e];if(!(typeof r!="string"||r==="")&&t.includes(r))return!0}return!1}s(VA,"stringContainsSecret");async function qA(t,e){try{await e()}catch(r){let n=r.status||r.statusCode||500;t.status=n,n>=400&&n<500?console.warn(r):console.error("Got 400 response code",r);let i={message:r.message,status:n,validationErrors:r.validation,error:Vu(r)};if(VA(JSON.stringify(i))&&(i={message:"Unexpected error",status:n,error:"Unexpected error"}),E.isTest()&&t.headers["x-budibase-include-stacktrace"]){let o=r;for(;o.cause;)o=o.cause;i.stack=o.stack}t.body=i}}s(qA,"errorHandling");function KA(t,e){let r=t.request.query?.query;if(t.request.method.toLowerCase()!=="get"&&t.throw(500,"Query to download middleware can only be used for get requests."),!r)return e();let n=decodeURIComponent(r),i;try{i=JSON.parse(n)}catch{return e()}return t.request.body=i,e()}s(KA,"querystringToBody");var jA=F(require("crypto"));var QA={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},$L=/^[A-Za-z0-9-*:/.]+$/,YA=s(async(t,e)=>{let r=jA.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...QA};if(n["script-src"]=[...QA["script-src"],`'nonce-${r}'`],t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let a=await ks.getWorkspaceMetadata(t.appId);if("name"in a)for(let u of a.scripts||[]){let c=(u.cspWhitelist||"").split(`
+  }`,"platform_users_lowercase_2")},"createPlatformUserView"),Ws=s(async(t,e)=>{let r={account_by_email:ET,platform_users_lowercase_2:gT};return qe(fe.PLATFORM_INFO.name,async n=>{let i=r[t];return Tf(t,e,n,i,{arrayResponse:!0})})},"queryPlatformView"),yT={by_email2:fT,by_api_key:mT,by_app:pT},Ft=s(async(t,e,r,n)=>{r||(r=H());let i=yT[t];return Tf(t,e,r,i,n)},"queryGlobalView");async function Sf(t,e,r){let n=H(),i=yT[t];return Bs(t,e,n,i,r)}s(Sf,"queryGlobalViewRaw");var bb=F(require("pouchdb"));var Af=class{static{s(this,"Replication")}constructor({source:e,target:r}){this.source=Ze(e),this.target=Ze(r),e.startsWith("app_dev")&&r.startsWith("app")?this.direction="toProduction":e.startsWith("app")&&r.startsWith("app_dev")&&(this.direction="toDev")}async close(){await Promise.all([_s(this.source),_s(this.target)])}replicate(e={}){return new Promise(r=>{this.source.replicate.to(this.target,e).on("denied",function(n){throw new Error(`Denied: Document failed to replicate ${n}`)}).on("complete",function(n){return r(n)}).on("error",function(n){throw n})})}appReplicateOpts(e={}){if(typeof e.filter=="string")return e;let r=e.filter,i=this.direction==="toDev";delete e.filter;let o=e.isCreation,a=e.tablesToSync;delete e.isCreation,delete e.tablesToSync;let u=!1,c;typeof a=="string"&&a==="all"?u=!0:a&&(c=a);let l=s((f,p)=>f?.startsWith(p+b),"startsWithID"),d=s(f=>l(f,"ro")||l(f,"li"),"isData");return{...e,filter:(f,p)=>!o&&f._id==="_design/migrations"||i&&f._id.startsWith("_design")?!1:f._deleted||l(f._id,hs)?!0:d(f._id)?!!c?.find(h=>f._id.includes(h))||u:l(f._id,"log_au")||f._id==="app_metadata"?!1:r?r(f,p):!0}}async rollback(){await this.target.destroy(),this.target=Ze(this.target.name),await this.replicate()}},TT=Af;var AT=F(require("node-fetch"));var $s=ar.removeKeyNumbering;function on(t){return t==null||t===""}s(on,"isEmpty");var Bt=class t{static{s(this,"QueryBuilder")}#l;#d;#e;#r;#n;#i;#s;#o;#t;#f;#a;#u=!1;#c;static{this.maxLimit=200}constructor(e,r,n){this.#l=e,this.#d=r,this.#e={allOr:!1,onEmptyFilter:"all",string:{},fuzzy:{},range:{},equal:{},notEqual:{},empty:{},notEmpty:{},oneOf:{},contains:{},notContains:{},containsAny:{},...n},this.#r=50,this.#s="ascending",this.#o="string",this.#t=!0}disableEscaping(){return this.#u=!0,this}setIndexBuilder(e){return this.#a=e,this}setVersion(e){return e!=null&&(this.#f=e),this}setTable(e){return this.#e.equal.tableId=e,this}setLimit(e){return e!=null&&(this.#r=e),this}setSort(e){return e!=null&&(this.#n=e),this}setSortOrder(e){return e!=null&&(this.#s=e),this}setSortType(e){return e!=null&&(this.#o=e),this}setBookmark(e){return e!=null&&(this.#i=e),this}setSkip(e){return this.#c=e,this}excludeDocs(){return this.#t=!1,this}includeDocs(){return this.#t=!0,this}addString(e,r){return this.#e.string[e]=r,this}addFuzzy(e,r){return this.#e.fuzzy[e]=r,this}addRange(e,r,n){return this.#e.range[e]={low:r,high:n},this}addEqual(e,r){return this.#e.equal[e]=r,this}addNotEqual(e,r){return this.#e.notEqual[e]=r,this}addEmpty(e,r){return this.#e.empty[e]=r,this}addNotEmpty(e,r){return this.#e.notEmpty[e]=r,this}addOneOf(e,r){return this.#e.oneOf[e]=r,this}addContains(e,r){return this.#e.contains[e]=r,this}addNotContains(e,r){return this.#e.notContains[e]=r,this}addContainsAny(e,r){return this.#e.containsAny[e]=r,this}setAllOr(){this.#e.allOr=!0}setOnEmptyFilter(e){this.#e.onEmptyFilter=e}handleSpaces(e){return this.#u?e:e.replace(/ /g,"_")}preprocess(e,{escape:r,lowercase:n,wrap:i,type:o}={}){let a=!!this.#f,u=typeof e;return e&&n&&(e=e.toLowerCase?e.toLowerCase():e),!this.#u&&r&&u==="string"&&(e=`${e}`.replace(/[ /#+\-&|!(){}\]^"~*?:\\]/g,"\\$&")),u==="string"&&!isNaN(e)&&!o?e=`"${e}"`:a&&i&&(e=u==="number"?e:`"${e}"`),e}isMultiCondition(){let e=0;for(let r of Object.values(this.#e))typeof r=="object"&&(e+=Object.keys(r).length);return e>1}compressFilters(e){let r={};for(let o of Object.keys(e)){let a=$s(o);r[a]?r[a]=r[a].concat(e[o]):r[a]=e[o]}let n={},i=1;for(let[o,a]of Object.entries(r))n[`${i++}:${o}`]=a;return n}buildSearchQuery(){let e=this,r=this.#e&&this.#e.allOr,n=r?"":"*:*",i=!0,o={escape:!0,lowercase:!0,wrap:!0},a="";this.#e.equal.tableId&&(a=this.#e.equal.tableId,delete this.#e.equal.tableId);let u=s((m,g)=>on(g)?null:`${m}:${e.preprocess(g,o)}`,"equal"),c=s((m,g,y="AND")=>{if(on(g))return null;if(!Array.isArray(g))return`${m}:${g}`;let S=`${e.preprocess(g[0],{escape:!0})}`;for(let O=1;O<g.length;O++)S+=` ${y} ${e.preprocess(g[O],{escape:!0})}`;return`${m}:(${S})`},"contains"),l=s((m,g)=>on(g)?null:(g=e.preprocess(g,{escape:!0,lowercase:!0,type:"fuzzy"}),`${m}:/.*${g}.*/`),"fuzzy"),d=s((m,g)=>{let y=r?"*:* AND ":"",S=r?"AND":void 0;return y+"NOT "+c(m,g,S)},"notContains"),f=s((m,g)=>c(m,g,"OR"),"containsAny"),p=s((m,g)=>{if(on(g))return"*:*";if(!Array.isArray(g))if(typeof g=="string")g=g.split(",");else return"";let y=`${e.preprocess(g[0],o)}`;for(let S=1;S<g.length;S++)y+=` OR ${e.preprocess(g[S],o)}`;return`${m}:(${y})`},"oneOf");function h(m,g,y){let S="";for(let[O,_]of Object.entries(m)){O=$s(O),O=e.preprocess(e.handleSpaces(O),{escape:!0});let D=g(O,_);if(D!=null){if(S.length>0||n.length>0){let T=y?.mode?y.mode:r?"OR":"AND";S+=` ${T} `}S+=D,(typeof _!="string"&&_!=null||typeof _=="string"&&_!==a&&_!=="")&&(i=!1)}}if(y?.returnBuilt)return S;n+=S}if(s(h,"build"),this.#e.string&&h(this.#e.string,(m,g)=>on(g)?null:(g=e.preprocess(g,{escape:!0,lowercase:!0,type:"string"}),`${m}:${g}*`)),this.#e.range&&h(this.#e.range,(m,g)=>{if(on(g)||g.low==null||g.low===""||g.high==null||g.high==="")return null;let y=e.preprocess(g.low,o),S=e.preprocess(g.high,o);return`${m}:[${y} TO ${S}]`}),this.#e.fuzzy&&h(this.#e.fuzzy,l),this.#e.equal&&h(this.#e.equal,u),this.#e.notEqual&&h(this.#e.notEqual,(m,g)=>on(g)?null:typeof g=="boolean"?`(*:* AND !${m}:${g})`:`!${m}:${e.preprocess(g,o)}`),this.#e.empty&&h(this.#e.empty,m=>(i=!1,`(*:* -${m}:["" TO *])`)),this.#e.notEmpty&&h(this.#e.notEmpty,m=>(i=!1,`${m}:["" TO *]`)),this.#e.oneOf&&h(this.#e.oneOf,p),this.#e.contains&&h(this.#e.contains,c),this.#e.notContains&&h(this.compressFilters(this.#e.notContains),d),this.#e.containsAny&&h(this.#e.containsAny,f),a&&(n=this.isMultiCondition()?`(${n})`:n,r=!1,h({tableId:a},u)),i){if(this.#e.onEmptyFilter==="none")return"";if(this.#e?.allOr)return n.replace("()","(*:*)")}return n}buildSearchBody(){let e={q:this.buildSearchQuery(),limit:Math.min(this.#r,t.maxLimit),include_docs:this.#t};if(this.#i&&(e.bookmark=this.#i),this.#n){let r=this.#s==="descending"?"-":"",n=`<${this.#o}>`;e.sort=`${r}${this.handleSpaces(this.#n)}${n}`}return e}async run(){return this.#c&&await this.#m(this.#c),await this.#p()}async#m(e){let r=this.#t,n=this.#r;this.excludeDocs();let i=e,o=0;do{let a=Math.min(t.maxLimit,i);this.setLimit(a);let{bookmark:u,rows:c}=await this.#p();this.setBookmark(u),o=c.length,i-=c.length}while(i>0&&o>0);this.#t=r,this.#r=n}async#p(){let{url:e,cookie:r}=dt(),n=`${e}/${this.#l}/_design/database/_search/${this.#d}`,i=this.buildSearchBody();try{return await ST(n,i,r)}catch(o){if(o.status===404&&this.#a)return await this.#a(),await ST(n,i,r);throw o}}};async function ST(t,e,r){let n=await(0,AT.default)(t,{body:JSON.stringify(e),method:"POST",headers:{Authorization:r}});if(n.status===404)throw n;let i=await n.json(),o={rows:[],totalRows:0};return i.rows!=null&&i.rows.length>0&&(o.rows=i.rows.map(a=>a.doc)),i.bookmark&&(o.bookmark=i.bookmark),i.total_rows&&(o.totalRows=i.total_rows),o}s(ST,"runQuery");async function _T(t,e,r,n){let i=n.bookmark,o=n.rows||[];if(n.limit&&o.length>=n.limit)return o;let a=Bt.maxLimit;n.limit&&o.length>n.limit-Bt.maxLimit&&(a=n.limit-o.length);let u=new Bt(t,e,r);u.setVersion(n.version).setBookmark(i).setLimit(a).setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.tableId&&u.setTable(n.tableId);let c=await u.run();if(!c.rows.length)return o;if(c.rows.length<Bt.maxLimit)return[...o,...c.rows];let l={...n,bookmark:c.bookmark,rows:[...o,...c.rows]};return await _T(t,e,r,l)}s(_T,"recursiveSearch");async function xb(t,e,r,n){let i=n.limit;(i==null||isNaN(i)||i<0)&&(i=50),i=Math.min(i,Bt.maxLimit);let o=new Bt(t,e,r);n.version&&o.setVersion(n.version),n.tableId&&o.setTable(n.tableId),n.sort&&o.setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.indexer&&o.setIndexBuilder(n.indexer),n.disableEscaping&&o.disableEscaping();let a=await o.setBookmark(n.bookmark).setLimit(i).run();o.setBookmark(a.bookmark).setLimit(1),n.tableId&&o.setTable(n.tableId);let u=await o.run();return{...a,hasNextPage:u.rows&&u.rows.length>0}}s(xb,"paginatedSearch");async function vb(t,e,r,n){let i=n.limit;return(i==null||isNaN(i)||i<0)&&(i=1e3),n.limit=Math.min(i,1e3),{rows:await _T(t,e,r,n)}}s(vb,"fullSearch");var _f={};N(_f,{createUserIndex:()=>Pb});async function Pb(){let t=H(),e;try{e=await t.get("_design/database")}catch(n){n.status===404&&(e={_id:"_design/database"})}let r=s(function(n){if(n._id&&!n._id.startsWith("us_"))return;let i=["_id","_rev","password","account","license","budibaseAccess","accountPortalAccess","csrfToken"];function o(a,u){for(let c of Object.keys(a)){if(i.includes(c))continue;let l=u!=null?`${u}.${c}`:c;typeof a[c]=="string"?index(l,a[c].toLowerCase(),{facet:!0}):typeof a[c]!="object"?index(l,a[c],{facet:!0}):o(a[c],l)}}s(o,"idx"),o(n)},"fn");e.indexes={user:{index:r.toString(),analyzer:{default:"keyword",name:"perfield"}}},await t.put(e)}s(Pb,"createUserIndex");function OT(t,e){let r=e.toString();if(typeof t=="object")return t.status===e||t.message?.includes(r);if(typeof t=="number")return t===e;if(typeof t=="string")return t.includes(r)}s(OT,"checkErrorCode");function Nb(t){return OT(t,409)}s(Nb,"isDocumentConflictError");var Vs={};N(Vs,{addTenantToUrl:()=>Ub,getTenantDB:()=>Of,getTenantIDFromCtx:()=>Gs,isUserInAppTenant:()=>Lb});function Of(t){return De(en(t))}s(Of,"getTenantDB");function Ub(t){let e=V();if(dr()){let r=t.indexOf("?")===-1?"?":"&";t+=`${r}tenantId=${e}`}return t}s(Ub,"addTenantToUrl");var Lb=s((t,e)=>{let r;return e?r=e.tenantId||ae:r=V(),(Hn(t)||ae)===r},"isUserInAppTenant"),kb=Object.values(Oi),Gs=s((t,e)=>{if(!dr())return ae;e.allowNoTenant===void 0&&(e.allowNoTenant=!1),e.includeStrategies||(e.includeStrategies=kb),e.excludeStrategies||(e.excludeStrategies=[]);let r=s(n=>{if(e.excludeStrategies?.includes(n))return!1;if(e.includeStrategies?.includes(n))return!0},"isAllowed");if(r("user")){let n=t.user?.tenantId;if(n)return n}if(r("header")){let n=t.request.headers["x-budibase-tenant-id"];if(n)return n}if(r("query")){let n=t.request.query.tenantId;if(n)return n}if(r("subdomain")){let n;try{n=new URL(Jd()).host.split(":")[0]}catch(o){if(o.code!=="ERR_INVALID_URL")throw o}let i=t.host;if(n&&i.includes(n)){let o=i.substring(0,i.indexOf(`.${n}`));if(o)return o}}if(r("path")){let n=t.matched.find(a=>!!a.paramNames.find(u=>u.name==="tenantId")),i=t.originalUrl,o;if(i.includes("?")?o=i.split("?")[0]:o=i,n){let a=n.params(o,n.captures(o),{});if(a.tenantId)return a.tenantId}}e.allowNoTenant||t.throw(403,"Tenant id not set")},"getTenantIDFromCtx");var If="app"+b,IT="/app/",Mb="/builder",Fb=`${Mb}/workspace/`,Bb="/api/public/v";async function Wb(t){let r=`/${t.path.split("/")[2].toLowerCase()}`,n=V();!E.isDev()&&E.MULTI_TENANCY&&(n=Gs(t,{includeStrategies:["subdomain"]}));let o=(await Re(n,()=>Fs({dev:!1}))).filter(a=>a.url&&a.url.toLowerCase()===r)[0];return o&&o.appId?o.appId:void 0}s(Wb,"resolveAppUrl");function $b(t){return t.path.startsWith(`/${If}`)?!0:t.path.startsWith(IT)}s($b,"isServingApp");function Gb(t){return t.path.startsWith(Fb)}s(Gb,"isServingBuilder");function Vb(t){return wT(t.path)}s(Vb,"isServingBuilderPreview");function wT(t){return new RegExp(/^\/app\/app_\w+\/preview$/).test(t)}s(wT,"isBuilderPreviewUrl");function qb(t){return t.path.startsWith(Bb)}s(qb,"isPublicApiRequest");async function qs(t){let e;function r(u){return!u||!u.startsWith(If)?e:(e&&e!==u&&t.throw("App id conflict",403),e??u)}s(r,"confirmAppId");let n=t.request.headers["x-budibase-app-id"]||[];typeof n=="string"&&(n=[n]);for(let u of n)e=r(u);t.request.body&&t.request.body.appId&&(e=r(t.request.body.appId));let i=Kb(t.path);i&&(e=r(i)),t.query?.appId&&(e=r(t.query?.appId));let o=wT(t.path);return t.path.startsWith(IT)&&!o&&(e=r(await Wb(t))),e}s(qs,"getAppIdFromCtx");function Kb(t){if(t)return t.split("?")[0].split("/").find(e=>e.startsWith(If))}s(Kb,"parseAppIdFromUrlPath");function su(t){if(t)try{return iu.default.verify(t,E.JWT_SECRET)}catch(e){if(E.JWT_SECRET_FALLBACK)return iu.default.verify(t,E.JWT_SECRET_FALLBACK);throw e}}s(su,"openJwt");function Ks(t){return E.INTERNAL_API_KEY&&E.INTERNAL_API_KEY===t?!0:!!(E.INTERNAL_API_KEY_FALLBACK&&E.INTERNAL_API_KEY_FALLBACK===t)}s(Ks,"isValidInternalAPIKey");function Wt(t,e){let r=t.cookies.get(e);if(r)return su(r)}s(Wt,"getCookie");function DT(t,e,r="builder",n={sign:!0}){e&&n&&n.sign&&(e=iu.default.sign(e,E.JWT_SECRET));let i={expires:Ma,path:"/",httpOnly:!1,overwrite:!0};E.COOKIE_DOMAIN&&(i.domain=E.COOKIE_DOMAIN),t.cookies.set(r,e,i)}s(DT,"setCookie");function hr(t,e){DT(t,null,e)}s(hr,"clearCookie");function Qb(t){return t.headers["x-budibase-type"]==="client"}s(Qb,"isClient");function wf(t){return new Promise(e=>setTimeout(e,t))}s(wf,"timeout");function Df(t){return!!Cm[t]}s(Df,"isAudited");function jb(t){if(typeof t!="object")return!1;try{JSON.stringify(t)}catch(e){if(e instanceof Error&&e?.message.includes("circular structure"))return!0}return!1}s(jb,"hasCircularStructure");function Yb(t){return!!t.match(/^.+:\/\/.+$/)}s(Yb,"urlHasProtocol");function Rf(t){return t&&!!t.match(/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/)}s(Rf,"validEmail");var Cf=(o=>(o.MILLISECONDS="milliseconds",o.SECONDS="seconds",o.MINUTES="minutes",o.HOURS="hours",o.DAYS="days",o))(Cf||{}),ou={milliseconds:1,seconds:1e3,minutes:6e4,hours:36e5,days:864e5},he=class t{constructor(e){this.ms=e}static{s(this,"Duration")}to(e){return this.ms/ou[e]}toMs(){return this.ms}toSeconds(){return this.to("seconds")}static convert(e,r,n){return n*ou[e]/ou[r]}static from(e,r){return new t(r*ou[e])}static fromSeconds(e){return t.from("seconds",e)}static fromMinutes(e){return t.from("minutes",e)}static fromHours(e){return t.from("hours",e)}static fromDays(e){return t.from("days",e)}static fromMilliseconds(e){return t.from("milliseconds",e)}};async function Hb(t){let e=performance.now();return[await t(),he.fromMilliseconds(performance.now()-e)]}s(Hb,"time");function zb(t){let e="",r=-1,n,i,o=t.opts?.repeat;return o&&(i=o.endDate?new Date(o.endDate).getTime():Date.now(),n=o.tz,"cron"in o?e=o.cron:r=o.every),{id:t.id.toString(),name:"",key:t.id.toString(),tz:n,endDate:i,cron:e,every:r,next:0}}s(zb,"jobToJobInformation");var au=class{static{s(this,"InMemoryQueue")}constructor(e,r){this._name=e,this._opts=r,this._messages=[],this._emitter=new RT.default.EventEmitter,this._runCount=0,this._addCount=0,this._queuedJobIds=new Set,this._attempts=r?.defaultJobOptions?.attempts||1}async process(e,r){r=typeof e=="number"?r:e,this._emitter.on("message",async n=>{if(!n.manualTrigger&&n.opts?.repeat!=null)return;function i(){return r.length===1?r(n):new Promise((c,l)=>{r(n,s((f,p)=>{f?l(f):c(p)},"done"))})}s(i,"execute");let o=this._attempts;async function a(c,l=0){try{return await c}catch(d){if(l++,l<o&&!n._isDiscarded)return await Ne.wait(100*l),await a(i(),l);throw d}}s(a,"retryFunc");try{let c=await a(i());this._emitter.emit("completed",n,c);let l=this._messages.indexOf(n);if(l===-1)throw"Failed deleting a processed message";this._messages.splice(l,1)}catch(c){console.error(c),this._emitter.emit("error",n,c)}this._runCount++;let u=n.opts?.jobId?.toString();u&&n.opts?.removeOnComplete&&this._queuedJobIds.delete(u)})}async isReady(){return this}async add(e,r){if(typeof e=="string")throw new Error("doesn't support named jobs");let n=r,i=n?.jobId?.toString();if(i&&this._queuedJobIds.has(i)){console.log(`Ignoring already queued job ${i}`);return}if(typeof e!="object")throw"Queue only supports carrying JSON.";i&&this._queuedJobIds.add(i);let o=ne(),a=s(()=>{let c={id:o,timestamp:Date.now(),queue:this,data:e,opts:n,discard:async()=>{c._isDiscarded=!0}};this._messages.push(c),this._messages.length>1e3&&this._messages.shift(),this._addCount++,this._emitter.emit("message",c)},"pushMessage"),u=n?.delay;return u?setTimeout(a,u):a(),{id:i,finished:()=>new Promise((c,l)=>{let d=s((p,h)=>{p.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),l(h))},"errorHandler"),f=s((p,h)=>{p.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),c(h))},"completedHandler");this._emitter.on("error",d),this._emitter.on("completed",f)})}}async close(){}async removeRepeatableByKey(e){for(let[r,n]of this._messages.entries())if(n.id===e){this._messages.splice(r,1),this._emitter.emit("removed",n);return}}async removeJobs(e){}async clean(){return[]}async getJob(e){for(let r of this._messages)if(r.id===e)return r;return null}manualTrigger(e){for(let r of this._messages)if(r.id===e){this._emitter.emit("message",{...r,manualTrigger:!0});return}throw new Error(`Job with id ${e} not found`)}on(e,r){return this._emitter.on(e,r),this}off(e,r){return this._emitter.off(e,r),this}async count(){return this._messages.length}async getCompletedCount(){return this._runCount}async getRepeatableJobs(){return this._messages.filter(e=>e.opts?.repeat!=null).map(e=>zb(e))}async whenCurrentJobsFinished(){do await wf(50);while(this.hasRunningJobs())}hasRunningJobs(){return this._addCount>this._runCount}},CT=au;var vf=F(require("bull"));var ei=(u=>(u.AUTOMATION="automationQueue",u.APP_BACKUP="appBackupQueue",u.AUDIT_LOG="auditLogQueue",u.SYSTEM_EVENT_QUEUE="systemEventQueue",u.APP_MIGRATION="appMigration",u.DOC_WRITETHROUGH_QUEUE="docWritethroughQueue",u.DEV_REVERT_PROCESSOR="devRevertProcessorQueue",u))(ei||{});function bT(t,e,r){Xb(t,e),r&&Jb(t,r)}s(bT,"addListeners");function Jb(t,e){t.on("stalled",async r=>{if(e)await e(r);else if(r.opts.repeat){let n=r.id,i=await t.getRepeatableJobs();for(let o of i)o.id===n&&await t.removeRepeatableByKey(o.key);console.log(`jobId=${n} disabled`)}})}s(Jb,"handleStalled");function Xe(t,e,r={},n={}){let i=`[BULL] ${t}=${e}`,o=r.error,a={_logKey:"bull",eventType:t,event:e,job:r.job,jobId:r.jobId||r.job?.id,...n},u;return r.job?.data?.automation&&(u={_logKey:"automation",trigger:r.job?r.job.data.automation.definition.trigger.event:void 0}),[i,o,a,u]}s(Xe,"getLogParams");var Zb={automationQueue:"automation-event",appBackupQueue:"app-backup-event",auditLogQueue:"audit-log-event",systemEventQueue:"system-event",appMigration:"app-migration",docWritethroughQueue:"doc-writethrough",devRevertProcessorQueue:"dev-revert-event"};function Xb(t,e){let r=Zb[e];function n(i,o){let a=i.data.event?.appId;if(a)return Zd(a,o);o()}s(n,"doInJobContext"),t.on("stalled",async i=>{await n(i,()=>{console.error(...Xe(r,"stalled",{job:i}))})}).on("error",i=>{console.error(...Xe(r,"error",{error:i}))}),process.env.NODE_DEBUG?.includes("bull")&&t.on("waiting",i=>{console.info(...Xe(r,"waiting",{jobId:i}))}).on("active",async i=>{await n(i,()=>{console.info(...Xe(r,"active",{job:i}))})}).on("progress",async(i,o)=>{await n(i,()=>{console.info(...Xe(r,"progress",{job:i},{progress:o}))})}).on("completed",async(i,o)=>{await n(i,()=>{console.info(...Xe(r,"completed",{job:i},{result:o}))})}).on("failed",async(i,o)=>{await n(i,()=>{console.error(...Xe(r,"failed",{job:i,error:o}))})}).on("paused",()=>{console.info(...Xe(r,"paused"))}).on("resumed",()=>{console.info(...Xe(r,"resumed"))}).on("cleaned",(i,o)=>{console.info(...Xe(r,"cleaned",{},{length:i.length,type:o}))}).on("drained",()=>{console.info(...Xe(r,"drained"))}).on("removed",i=>{console.info(...Xe(r,"removed",{job:i}))})}s(Xb,"logging");var uu={};N(uu,{cleanup:()=>ex,clear:()=>xf,set:()=>bf});var Qs=[];function bf(t,e){let r=setInterval(t,e);return Qs.push(r),r}s(bf,"set");function xf(t){let e=Qs.indexOf(t);e!==-1&&Qs.splice(e,1),clearInterval(t)}s(xf,"clear");function ex(){for(let t of Qs)clearInterval(t);Qs=[]}s(ex,"cleanup");var $t=F(require("dd-trace")),js=F(require("object-sizeof"));var tx=he.fromMinutes(5).toMs(),rx=he.fromSeconds(30).toMs(),Pf=he.fromSeconds(60).toMs(),Ys=[],cu;async function xT(){for(let t of Ys)await t.clean(Pf,"completed"),await t.clean(Pf,"failed")}s(xT,"cleanup");async function nx(t,e,r){let n=performance.now();try{let i=await e();return $t.default.dogstatsd.increment(`${t}.success`,1,r),i}catch(i){throw $t.default.dogstatsd.increment(`${t}.error`,1,r),i}finally{let i=performance.now()-n;$t.default.dogstatsd.distribution(`${t}.duration.ms`,i,r),$t.default.dogstatsd.increment(t,1,r)}}s(nx,"withMetrics");function vT(t){return{"job.opts.attempts":t.attempts,"job.opts.backoff":t.backoff,"job.opts.delay":t.delay,"job.opts.jobId":t.jobId,"job.opts.lifo":t.lifo,"job.opts.preventParsingData":t.preventParsingData,"job.opts.priority":t.priority,"job.opts.removeOnComplete":t.removeOnComplete,"job.opts.removeOnFail":t.removeOnFail,"job.opts.repeat":t.repeat,"job.opts.stackTraceLimit":t.stackTraceLimit,"job.opts.timeout":t.timeout}}s(vT,"jobOptsTags");function ix(t){return{"job.id":t.id,"job.attemptsMade":t.attemptsMade,"job.timestamp":t.timestamp,"job.data.sizeBytes":(0,js.default)(t.data),...vT(t.opts||{})}}s(ix,"jobTags");var ht=class{static{s(this,"BudibaseQueue")}constructor(e,r={}){this.opts=r,this.jobQueue=e,this.queue=this.initQueue()}get name(){return this.queue.name}initQueue(){let r={redis:Zr(),settings:{maxStalledCount:this.opts.maxStalledCount?this.opts.maxStalledCount:0,lockDuration:tx,lockRenewTime:rx}};this.opts.jobOptions&&(r.defaultJobOptions=this.opts.jobOptions);let n;return E.isTest()?process.env.BULL_TEST_REDIS_PORT&&!isNaN(+process.env.BULL_TEST_REDIS_PORT)?n=new vf.default(this.jobQueue,{...r,redis:{host:"localhost",port:+process.env.BULL_TEST_REDIS_PORT}}):n=new CT(this.jobQueue,r):n=new vf.default(this.jobQueue,r),bT(n,this.jobQueue,this.opts.removeStalledCb),Ys.push(n),!cu&&!E.isTest()&&(cu=bf(xT,Pf),xT().catch(i=>{console.error(`Unable to cleanup ${this.jobQueue} initially - ${i}`)})),n}getBullQueue(){return this.queue}process(...e){let r,n;e.length===2?(r=e[0],n=e[1]):n=e[0];let i=s(async(a,u)=>{await $t.default.trace("queue.process",async c=>{if(a.data._parentSpanContext){let l=a.data._parentSpanContext,d={traceId:l.traceId,spanId:l.spanId,toTraceId:()=>l.traceId,toSpanId:()=>l.spanId,toTraceparent:()=>""};c.addLink(d)}c.addTags({"queue.name":this.jobQueue,...ix(a)}),this.opts.jobTags&&c.addTags(this.opts.jobTags(a.data)),$t.default.dogstatsd.distribution("queue.process.sizeBytes",(0,js.default)(a.data),this.metricTags()),await this.withMetrics("queue.process",()=>u?n(a,u):n(a))})},"processCallback"),o;return n.length===1?o=s(a=>i(a),"wrappedCb"):o=i,r?this.queue.process(r,o):this.queue.process(o)}async add(e,r){return await $t.default.trace("queue.add",async n=>(n.addTags({"queue.name":this.jobQueue,"job.data.sizeBytes":(0,js.default)(e),...vT(r||{})}),this.opts.jobTags&&n.addTags(this.opts.jobTags(e)),e._parentSpanContext={traceId:n.context().toTraceId(),spanId:n.context().toSpanId()},$t.default.dogstatsd.distribution("queue.add.sizeBytes",(0,js.default)(e),this.metricTags()),await this.withMetrics("queue.add",()=>this.queue.add(e,r))))}withMetrics(e,r){return nx(e,r,this.metricTags())}metricTags(){return{queueName:this.jobQueue}}close(e){return this.queue.close(e)}whenCurrentJobsFinished(){return this.queue.whenCurrentJobsFinished()}};async function sx(){cu&&xf(cu),console.log("Waiting for current queue jobs to finish...");for(let t of Ys)await t.whenCurrentJobsFinished();console.log("Closing queue Redis connections...");for(let t of Ys)await t.close();Ys=[],console.log("Queues shutdown")}s(sx,"shutdown");var to={};N(to,{correlation:()=>Hs,logAlert:()=>un,logAlertWithInfo:()=>qx,logWarn:()=>ii,logger:()=>Ou,system:()=>zf});var Hs={};N(Hs,{getId:()=>Nf,setHeader:()=>ox});var PT=require("correlation-id"),ox=s(t=>{let e=PT.getId();e&&(t["x-budibase-correlation-id"]=e)},"setHeader");function Nf(){return PT.getId()}s(Nf,"getId");var _u=F(require("pino")),dS=F(require("pino-pretty")),Jf=F(require("dd-trace")),fS=require("dd-trace/ext");var zf={};N(zf,{getLogReadStream:()=>Fx,getSingleFileMaxSizeInfo:()=>lS,localFileDestination:()=>Hf});var eo=F(require("fs")),Yf=F(require("path")),oS=F(require("rotating-file-stream"));var jf={};N(jf,{ObjectStore:()=>et,ObjectStoreBuckets:()=>ux,SIGNED_FILE_PREFIX:()=>Wf,bucketTTLConfig:()=>lu,budibaseTempDir:()=>an,client3rdPartyLibrary:()=>xx,clientLibraryCDNUrl:()=>vx,clientLibraryPath:()=>zT,clientLibraryUrl:()=>Px,createBucketIfNotExists:()=>Xs,deleteFile:()=>gx,deleteFiles:()=>yx,deleteFolder:()=>GT,downloadTarball:()=>Sx,downloadTarballDirect:()=>Tx,enrichPWAImages:()=>Nx,enrichPluginURLs:()=>Lx,extractBucketAndPath:()=>Uf,getAppFileUrl:()=>ZT,getClientCacheKey:()=>JT,getGlobalFileS3Key:()=>XT,getGlobalFileUrl:()=>Ux,getObjectMetadata:()=>Ax,getPluginIconKey:()=>rS,getPluginJSKey:()=>tS,getPluginS3Dir:()=>iS,getPresignedUrl:()=>Tr,getReadStream:()=>du,listAllObjects:()=>$T,objectExists:()=>Gf,processAutomationAttachment:()=>lx,processObjectStoreAttachment:()=>MT,retrieve:()=>WT,retrieveDirectory:()=>Ex,retrieveToTmp:()=>hx,sanitizeBucket:()=>be,sanitizeKey:()=>Ee,streamUpload:()=>BT,upload:()=>mx,uploadDirectory:()=>$f});var pu=require("@aws-sdk/client-s3"),Lf=require("@aws-sdk/lib-storage"),FT=require("@aws-sdk/s3-request-presigner");var yr=F(require("dd-trace")),ti=F(require("fs")),Js=F(require("fs/promises")),kf=F(require("node-fetch")),gr=require("path"),mu=F(require("stream")),Zs=require("stream/promises"),Mf=F(require("tar-fs")),Ff=require("uuid"),Bf=F(require("zlib"));var NT=F(require("fs")),UT=require("os"),zs=F(require("path")),LT=F(require("stream"));var ux={BACKUPS:E.BACKUPS_BUCKET_NAME,APPS:E.APPS_BUCKET_NAME,TEMPLATES:E.TEMPLATES_BUCKET_NAME,GLOBAL:E.GLOBAL_BUCKET_NAME,PLUGINS:E.PLUGIN_BUCKET_NAME,TEMP:E.TEMP_BUCKET_NAME},kT=(0,zs.join)((0,UT.tmpdir)(),".budibase");try{NT.default.mkdirSync(kT)}catch(t){if(t.code!=="EEXIST")throw t}function an(){return kT}s(an,"budibaseTempDir");var lu=s((t,e)=>{let n={Rules:[{ID:`${t}-ExpireAfter${e}days`,Prefix:"",Status:"Enabled",Expiration:{Days:e}}]};return{Bucket:t,LifecycleConfiguration:n}},"bucketTTLConfig");async function cx(t){let e=await fetch(t.url);if(!e.ok||!e.body)throw new Error(`Unexpected response ${e.statusText}`);let r=zs.default.basename(new URL(t.url).pathname);if(!e.body)throw new Error("No response received for attachment");return{filename:t.filename||r,content:LT.default.Readable.fromWeb(e.body)}}s(cx,"processUrlAttachment");async function MT(t){let e=Uf(t.url);if(e===null)throw new Error("Invalid signed URL");let{bucket:r,path:n}=e,{stream:i}=await du(r,n),o=zs.default.basename(n);return{bucket:r,path:n,filename:t.filename||o,content:i}}s(MT,"processObjectStoreAttachment");async function lx(t){return t.url?.startsWith("http://")||t.url?.startsWith("https://")?await cx(t):await MT(t)}s(lx,"processAutomationAttachment");var dx=require("sanitize-s3-objectkey"),fx={bucketCreationPromises:{}},Wf="/files/signed",Er={txt:"text/plain",html:"text/html",css:"text/css",js:"application/javascript",json:"application/json",gz:"application/gzip",svg:"image/svg+xml",form:"multipart/form-data"},px=[Er.html,Er.css,Er.js,Er.json];function Ee(t){return dx(be(t)).replace(/\\/g,"/")}s(Ee,"sanitizeKey");function be(t){return t.replace(new RegExp(Je,"g"),ze)}s(be,"sanitizeBucket");function et(t={presigning:!1}){let e={forcePathStyle:!0,credentials:{accessKeyId:E.MINIO_ACCESS_KEY,secretAccessKey:E.MINIO_SECRET_KEY},region:E.AWS_REGION};return!E.MINIO_ENABLED&&E.AWS_SESSION_TOKEN&&(e.credentials={accessKeyId:E.MINIO_ACCESS_KEY,secretAccessKey:E.MINIO_SECRET_KEY,sessionToken:E.AWS_SESSION_TOKEN}),E.MINIO_URL&&(t.presigning&&E.MINIO_ENABLED?e.endpoint="http://minio-service":e.endpoint=E.MINIO_URL),new pu.S3(e)}s(et,"ObjectStore");async function Xs(t,e){e=be(e);try{return await t.headBucket({Bucket:e}),{created:!1,exists:!0}}catch(r){let n=r.statusCode||r.$response?.statusCode,i=fx.bucketCreationPromises,o=n===404,a=n===403;if(i[e])return await i[e],{created:!1,exists:!0};if(o||a){if(o)return i[e]=t.createBucket({Bucket:e}).catch(u=>{if(u.Code!=="BucketAlreadyOwnedByYou")throw u}),await i[e],delete i[e],{created:!0,exists:!1};throw new Error("Access denied to object store bucket."+r)}else throw new Error("Unable to write to object store bucket.")}}s(Xs,"createBucketIfNotExists");async function mx({bucket:t,filename:e,path:r,type:n,metadata:i,body:o,ttl:a}){let u=e.split(".").pop(),c=r?(await Js.default.open(r)).createReadStream():o,l=et(),d=await Xs(l,t);if(a&&d.created){let g=lu(t,a);await l.putBucketLifecycleConfiguration(g)}let f=n,p=f||(u?Er[u.toLowerCase()]:Er.txt),h={Bucket:be(t),Key:Ee(e),Body:c,ContentType:p};if(i&&typeof i=="object"){for(let g of Object.keys(i))(!i[g]||typeof i[g]!="string")&&delete i[g];h.Metadata=i}return new Lf.Upload({client:l,params:h}).done()}s(mx,"upload");async function BT({bucket:t,stream:e,filename:r,type:n,extra:i,ttl:o}){return await yr.default.trace("streamUpload",async a=>{if(a.addTags({bucketName:t,filename:r,type:n,ttl:o}),!e)throw new Error("Stream to upload is invalid/undefined");let u=r.split(".").pop(),c=et(),l=await Xs(c,t);if(a.addTags({bucketCreated:l.created,bucketExists:l.exists,extension:u}),o&&l.created){let S=lu(t,o);await c.putBucketLifecycleConfiguration(S)}let d=n;d||(d=u?Er[u.toLowerCase()]:Er.txt),a.addTags({contentType:d});let f=be(t),p=Ee(r),h={Bucket:f,Key:p,Body:e,ContentType:d,...i},g=await new Lf.Upload({client:c,params:h}).done(),y=await c.headObject({Bucket:f,Key:p});return a.addTags({contentLength:y.ContentLength}),{...g,ContentLength:y.ContentLength}})}s(BT,"streamUpload");async function WT(t,e){return await yr.default.trace("retrieve",async r=>{r.addTags({bucketName:t,filepath:e});let n=et(),i={Bucket:be(t),Key:Ee(e)},o=await n.getObject(i);if(!o.Body)throw new Error("Unable to retrieve object");if(r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),px.includes(o.ContentType))return r.addTags({string:!0}),o.Body.transformToString();{r.addTags({string:!1});let a=o.Body.transformToWebStream();return mu.default.Readable.fromWeb(a)}})}s(WT,"retrieve");async function*$T(t,e){let r=et(),n=s((a={})=>r.listObjectsV2({...a,Bucket:be(t),Prefix:Ee(e)}),"list"),i=!1,o;do{let a={};o&&(a.ContinuationToken=o);let u=await n(a);if(u.Contents)for(let c of u.Contents)yield c;i=!!u.IsTruncated,o=u.NextContinuationToken}while(i&&o)}s($T,"listAllObjects");async function Tr(t,e,r=3600){let n=et({presigning:!0}),i={Bucket:be(t),Key:Ee(e)},o=await(0,FT.getSignedUrl)(n,new pu.GetObjectCommand(i),{expiresIn:r});if(E.MINIO_ENABLED){let a=new URL(o),u=a.pathname,c=a.search;return`${Wf}${u}${c}`}else return o}s(Tr,"getPresignedUrl");async function hx(t,e){return await yr.default.trace("retrieveToTmp",async r=>{r.addTags({bucketName:t,filepath:e}),t=be(t),e=Ee(e);let n=await WT(t,e),i=(0,gr.join)(an(),(0,Ff.v4)());return r.addTags({outputPath:i}),n instanceof mu.default.Readable?(r.addTags({stream:!0}),await(0,Zs.pipeline)(n,ti.default.createWriteStream(i))):(r.addTags({stream:!1}),ti.default.writeFileSync(i,n)),i})}s(hx,"retrieveToTmp");async function Ex(t,e,r){return await yr.default.trace("retrieveDirectory",async n=>{n.addTags({bucketName:t,path:e});let i=(0,gr.join)(an(),(0,Ff.v4)());await Js.default.mkdir(i,{recursive:!0});let o=0;return await Xt.parallelForeach($T(t,e),async a=>{let{Key:u}=a;!u||r?.some(c=>c.test(u))||(o++,await yr.default.trace("retrieveDirectory.object",async c=>{let l=a.Key;c.addTags({filename:l});let{stream:d}=await du(t,l),f=l.split("/"),p=f.slice(0,f.length-1),h=(0,gr.join)(i,...p);f.length>1&&!ti.default.existsSync(h)&&await Js.default.mkdir(h,{recursive:!0}),await(0,Zs.pipeline)(d,ti.default.createWriteStream((0,gr.join)(i,...f),{mode:420}))}))},5),n.addTags({numObjects:o}),i})}s(Ex,"retrieveDirectory");async function gx(t,e){let r=et();await Xs(r,t);let n={Bucket:t,Key:Ee(e)};return r.deleteObject(n)}s(gx,"deleteFile");async function yx(t,e){let r=et();await Xs(r,t);let n={Bucket:t,Delete:{Objects:e.map(i=>({Key:Ee(i)}))}};return r.deleteObjects(n)}s(yx,"deleteFiles");async function GT(t,e){t=be(t),e=Ee(e);let r=et(),n={Bucket:t,Prefix:e},i=await r.listObjects(n);if(i.Contents?.length===0)return;let o={Bucket:t,Delete:{Objects:[]}};if(i.Contents?.forEach(a=>{o.Delete.Objects.push({Key:a.Key})}),o.Delete.Objects.length&&(await r.deleteObjects(o)).Deleted?.length===1e3)return GT(t,e)}s(GT,"deleteFolder");async function $f(t,e,r){return await yr.default.trace("uploadDirectory",async n=>{n.addTags({bucketName:t,localPath:e,bucketPath:r}),t=be(t);let i=await Js.default.readdir(e,{withFileTypes:!0});n.addTags({numFiles:i.length});for(let o of i){let a=Ee((0,gr.join)(r,o.name)),u=(0,gr.join)(e,o.name);o.isDirectory()?await $f(t,u,a):await BT({bucket:t,filename:a,stream:ti.default.createReadStream(u)})}return i})}s($f,"uploadDirectory");async function Tx(t,e,r={}){e=Ee(e);let n=await(0,kf.default)(t,{headers:r});if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);await(0,Zs.pipeline)(n.body,Bf.default.createUnzip(),Mf.default.extract(e))}s(Tx,"downloadTarballDirect");async function Sx(t,e,r){e=be(e),r=Ee(r);let n=await(0,kf.default)(t);if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);let i=(0,gr.join)(an(),r);return await(0,Zs.pipeline)(n.body,Bf.default.createUnzip(),Mf.default.extract(i)),!E.isTest()&&E.SELF_HOSTED&&await $f(e,i,r),i}s(Sx,"downloadTarball");async function du(t,e){return await yr.default.trace("getReadStream",async r=>{t=be(t),e=Ee(e),r.addTags({bucketName:t,path:e});let n=et(),i={Bucket:t,Key:e},o=await n.getObject(i);if(!o.Body||!(o.Body instanceof mu.default.Readable))throw new Error("Unable to retrieve stream - invalid response");return r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),{stream:o.Body,contentLength:o.ContentLength,contentType:o.ContentType}})}s(du,"getReadStream");async function Ax(t,e){t=be(t),e=Ee(e);let r=et(),n={Bucket:t,Key:e};try{return await r.headObject(n)}catch{throw new Error("Unable to retrieve metadata from object")}}s(Ax,"getObjectMetadata");async function Gf(t,e){t=be(t),e=Ee(e);let r=et(),n={Bucket:t,Key:e};try{return await r.headObject(n),!0}catch(i){if((i.statusCode||i.$response?.statusCode)===404)return!1;throw i}}s(Gf,"objectExists");function Uf(t){let e=t.split("?")[0],r=new RegExp(`^${Wf}/(?<bucket>[^/]+)/(?<path>.+)$`),n=e.match(r);if(n&&n.groups){let{bucket:i,path:o}=n.groups;return{bucket:i,path:o}}return null}s(Uf,"extractBucketAndPath");var HT=F(require("querystring"));var Su={};N(Su,{FlagSet:()=>Eu,all:()=>Ix,flags:()=>Vf,getEnvFlags:()=>QT,init:()=>_x,isEnabled:()=>Tu,parseEnvFlags:()=>yu,shutdown:()=>Ox,testutils:()=>qf});var gu=F(require("crypto"));var VT=require("posthog-node"),qT=F(require("dd-trace"));var KT=require("lodash");var hu;function _x(t){E.POSTHOG_TOKEN&&E.POSTHOG_API_HOST&&!E.SELF_HOSTED&&E.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),hu=new VT.PostHog(E.POSTHOG_TOKEN,{host:E.POSTHOG_API_HOST,personalApiKey:E.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:he.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(_x,"init");function Ox(){hu?.shutdown()}s(Ox,"shutdown");function yu(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(yu,"parseEnvFlags");function QT(){return yu(E.TENANT_FEATURE_FLAGS||"")}s(QT,"getEnvFlags");var Eu=class{constructor(e){this.flagSchema=e;this.setId=gu.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,KT.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await qT.default.trace("features.fetch",async e=>{let r=rf(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=V(),a=new Set;if(za())return i;for(let{tenantId:f,key:p,value:h}of QT())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,h===!1&&a.add(p),!!this.isFlagName(p))){if(typeof i[p]!="boolean")throw new Error(`Feature: ${p} is not a boolean`);i[p]=h,n[`flags.${p}.source`]="environment"}let u=Lt(),c=u?._id;if(!c){let f=ef();f&&(c=gu.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,hu&&c){n.readFromPostHog=!0;let f=await ri(),p={tenantId:l},h={tenant:{id:l}};f.config.createdVersion&&(h.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(h.tenant.createdAt=`${f.createdAt}`);let m=await hu.getAllFlags(c,{personProperties:p,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:h});for(let[g,y]of Object.entries(m))if(this.isFlagName(g)){if(typeof y!="boolean"){console.warn(`Invalid value for posthog flag "${g}": ${y}`);continue}if(!(i[g]===!0||a.has(g)))try{i[g]=y,n[`flags.${g}.source`]="posthog"}catch(S){console.warn(`Error parsing posthog flag "${g}": ${y}`,S)}}}let d=sf();for(let[f,p]of Object.entries(d))this.isFlagName(f)&&typeof p=="boolean"&&(i[f]=p,n[`flags.${f}.source`]="override");nf(this.setId,i);for(let[f,p]of Object.entries(i))n[`flags.${f}.value`]=p;return e?.addTags(n),i})}},Vf=new Eu(Pm);async function Tu(t){return await Vf.isEnabled(t)}s(Tu,"isEnabled");async function Ix(){return await Vf.fetch()}s(Ix,"all");var qf={};N(qf,{setFeatureFlags:()=>jT,withFeatureFlags:()=>Rx});function wx(){let t={};for(let{tenantId:e,key:r,value:n}of yu(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(wx,"getCurrentFlags");function Dx(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(Dx,"buildFlagString");function jT(t,e){let r=wx();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=Dx(r);return ys({TENANT_FEATURE_FLAGS:n})}s(jT,"setFeatureFlags");function Rx(t,e,r){let n=jT(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(Rx,"withFeatureFlags");var YT=F(require("aws-cloudfront-sign"));var Au;function Cx(){if(!E.CLOUDFRONT_PRIVATE_KEY_64)throw new Error("CLOUDFRONT_PRIVATE_KEY_64 is not set");return Au||(Au=Buffer.from(E.CLOUDFRONT_PRIVATE_KEY_64,"base64").toString("utf-8"),Au)}s(Cx,"getPrivateKey");var bx=s(()=>({keypairId:E.CLOUDFRONT_PUBLIC_KEY_ID,privateKeyString:Cx(),expireTime:new Date().getTime()+1e3*60*60*24}),"getCloudfrontSignParams"),ni=s(t=>{let e=Kf(t);return YT.getSignedUrl(e,bx())},"getPresignedUrl"),Kf=s(t=>{let e="/";return t.startsWith("/")&&(e=""),`${E.CLOUDFRONT_CDN}${e}${t}`},"getUrl");async function zT(t){let e=`${Ee(t)}/budibase-client.js`,r=`${Ee(t)}/budibase-client.new.js`;return await Tu("USE_DYNAMIC_LOADING")&&await Gf(E.APPS_BUCKET_NAME,r)?r:e}s(zT,"clientLibraryPath");function xx(t,e){return`${Ee(t)}/_dependencies/${e}`}s(xx,"client3rdPartyLibrary");async function vx(t,e){let r=await zT(t);return E.CLOUDFRONT_CDN?(e&&(r+=`?v=${e}`),Kf(r)):await Tr(E.APPS_BUCKET_NAME,r)}s(vx,"clientLibraryCDNUrl");async function Px(t,e){return`/api/assets/client?${await JT(t,e)}`}s(Px,"clientLibraryUrl");async function JT(t,e){let r,n;try{r=V()}finally{n={appId:t,version:e}}return r&&r!==ae&&(n.tenantId=r),n.dynamic=await Tu("USE_DYNAMIC_LOADING"),HT.default.encode(n)}s(JT,"getClientCacheKey");async function ZT(t){return E.CLOUDFRONT_CDN?ni(t):await Tr(E.APPS_BUCKET_NAME,t)}s(ZT,"getAppFileUrl");async function Nx(t){if(t.length===0)return[];try{return await Promise.all(t.map(async e=>({...e,src:await ZT(e.src),type:e.type||"image/png"})))}catch(e){return console.error("Error enriching PWA images:",e),t}}s(Nx,"enrichPWAImages");var Ux=s(async(t,e,r)=>{let n=XT(t,e);return E.CLOUDFRONT_CDN?(r&&(n=`${n}?etag=${r}`),ni(n)):await Tr(E.GLOBAL_BUCKET_NAME,n)},"getGlobalFileUrl"),XT=s((t,e)=>{let r=`${t}/${e}`;return E.MULTI_TENANCY&&(r=`${V()}/${r}`),r},"getGlobalFileS3Key");async function Lx(t){return!t||!t.length?[]:await Promise.all(t.map(async e=>{let r=await kx(e),n=await Mx(e);return{...e,jsUrl:r,iconUrl:n}}))}s(Lx,"enrichPluginURLs");async function kx(t){let e=tS(t);return eS(e)}s(kx,"getPluginJSUrl");async function Mx(t){let e=rS(t);if(e)return eS(e)}s(Mx,"getPluginIconUrl");async function eS(t){return E.CLOUDFRONT_CDN?ni(t):await Tr(E.PLUGIN_BUCKET_NAME,t)}s(eS,"getPluginUrl");function tS(t){return nS(t,"plugin.min.js")}s(tS,"getPluginJSKey");function rS(t){let e=t.iconUrl?"icon.svg":t.iconFileName;if(e)return nS(t,e)}s(rS,"getPluginIconKey");function nS(t,e){return`${iS(t.name)}/${e}`}s(nS,"getPluginS3Key");function iS(t){let e=`${t}`;return E.MULTI_TENANCY&&(e=`${V()}/${e}`),E.CLOUDFRONT_CDN&&(e=`plugins/${e}`),e}s(iS,"getPluginS3Dir");var aS="budibase.log",uS="budibase-logs-history.txt",cS=Yf.default.join(an(),"systemlogs");function sS(t){return Yf.default.join(cS,t)}s(sS,"getFullPath");function lS(t){let e=/(\d+)([A-Za-z])/,r=t?.match(e);if(!r){console.warn("totalMaxSize does not have a valid value",{totalMaxSize:t});return}let n=+r[1],i=r[2];if(n===1)switch(i){case"B":return{size:`${n}B`,totalHistoryFiles:1};case"K":return{size:`${n*1e3/2}B`,totalHistoryFiles:1};case"M":return{size:`${n*1e3/2}K`,totalHistoryFiles:1};case"G":return{size:`${n*1e3/2}M`,totalHistoryFiles:1};default:return}return n%2===0?{size:`${n/2}${i}`,totalHistoryFiles:1}:{size:`1${i}`,totalHistoryFiles:n-1}}s(lS,"getSingleFileMaxSizeInfo");function Hf(){let t=lS(E.ROLLING_LOG_MAX_SIZE);return oS.createStream(aS,{size:t?.size,path:cS,maxFiles:t?.totalHistoryFiles||1,immutable:!0,history:uS,initialRotation:!1})}s(Hf,"localFileDestination");function Fx(){let t=[],e=sS(uS);if(eo.default.existsSync(e)){let i=eo.default.readFileSync(e,"utf-8").split(`
+`);for(let o of i.filter(a=>a))t.push(eo.default.readFileSync(o))}return t.push(eo.default.readFileSync(sS(aS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(Fx,"getLogReadStream");function Bx(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(Bx,"isPlainObject");function Wx(t){return t instanceof Error}s(Wx,"isError");function $x(t){return typeof t=="string"}s($x,"isMessage");var Sr;if(!E.DISABLE_PINO_LOGGER){let t=E.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>E.SELF_HOSTED?{service:E.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(E.isDev()?{stream:(0,dS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),E.SELF_HOSTED&&r.push({stream:Hf(),level:t}),Sr=r.length?(0,_u.default)(e,_u.default.multistream(r)):(0,_u.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(y=>{$x(y)&&(f=`${f} ${y}`.trimStart()),Bx(y)&&d.push(y),Wx(y)&&(l=y)});let p=u(),h={};h={tenantId:i(),appId:o(),automationId:a(),identityId:p?._id,identityType:p?.type,correlationId:Nf()};let m=Jf.default.scope().active();m&&Jf.default.inject(m.context(),fS.formats.LOG,h);let g={err:l,pid:process.pid,...h};if(d.length){let y={},S=0;for(let O=0;O<d.length;O++){let _=d[O],D=_._logKey;D?(delete _._logKey,g[D]=_):(y[S]=_,S++)}Object.keys(y).length&&(g.data=y)}return[g,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);Sr?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);Sr?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);Sr?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);Sr?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),Sr?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);Sr?.debug(l,d)};let i=s(()=>{let c;try{c=V()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=Ue()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=Xd()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Lt()}catch{}return c},"getIdentity")}var Ou=Sr;var Gx=["AccountError"];function Vx(t){return t&&t.suppressAlert}s(Vx,"isSuppressed");function un(t,e){e&&Gx.includes(e.name)&&Vx(e)||console.error(`bb-alert: ${t}`,e)}s(un,"logAlert");function qx(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,un(t,n)}s(qx,"logAlertWithInfo");function ii(t,e){console.warn(`bb-warn: ${t}`,e)}s(ii,"logWarn");var Iu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},Zf=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new ht(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Iu&&await u.discard(),un(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Ne.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var Kx=100,wu,ro=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new ht("docWritethroughQueue",{jobOptions:{attempts:Kx}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=De(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},ep=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await ro.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function pS(){return wu=new ro().init(),wu}s(pS,"init");function Qx(){return wu||pS()}s(Qx,"getProcessor");var io={};N(io,{CacheKey:()=>ye,TTL:()=>dn,bustCache:()=>si,destroy:()=>no,get:()=>fn,keys:()=>Du,store:()=>Vt,withCache:()=>Ar,withCacheWithDynamicTTL:()=>mS});function It(t){let e=V();return`${t}:${e}`}s(It,"generateTenantKey");var cn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await cf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>It(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?It(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[It(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?It(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>It(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(It(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?It(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var ln=new cn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},dn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(dn||{}),Du=s((...t)=>ln.keys(...t),"keys"),fn=s((...t)=>ln.get(...t),"get"),Vt=s((...t)=>ln.store(...t),"store"),no=s((...t)=>ln.delete(...t),"destroy"),Ar=s((...t)=>ln.withCache(...t),"withCache"),mS=s((...t)=>ln.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),si=s((...t)=>ln.bustCache(...t),"bustCache");var np={};N(np,{createCode:()=>Yx,deleteCode:()=>zx,getCode:()=>Hx,getExistingInvites:()=>rp,getInviteCodes:()=>ES,updateCode:()=>jx});var hS=he.fromDays(7).toSeconds();async function jx(t,e){await(await nn()).store(t,e,hS)}s(jx,"updateCode");async function Yx(t,e){let r=ne();return await(await nn()).store(r,{email:t,info:e},hS),r}s(Yx,"createCode");async function Hx(t){let r=await(await nn()).get(t);if(!r)throw"Invitation is not valid or has expired, please request a new one.";return r}s(Hx,"getCode");async function zx(t){await(await nn()).delete(t)}s(zx,"deleteCode");async function ES(){let r=(await(await nn()).scan()).map(i=>({...i.value,code:i.key}));if(!E.MULTI_TENANCY)return r;let n=V();return r.filter(i=>n===i.info.tenantId)}s(ES,"getInviteCodes");async function rp(t){return(await ES()).filter(e=>t.includes(e.email))}s(rp,"getExistingInvites");var ip={};N(ip,{createCode:()=>Zx,getCode:()=>Xx,invalidateCode:()=>ev});var Jx=he.fromHours(1).toSeconds();async function Zx(t,e){let r=ne();return await(await Ls()).store(r,{userId:t,info:e},Jx),r}s(Zx,"createCode");async function Xx(t){let r=await(await Ls()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(Xx,"getCode");async function ev(t){await(await Ls()).delete(t)}s(ev,"invalidateCode");var Dr={};N(Dr,{getUser:()=>Io,getUsers:()=>bU,invalidateUser:()=>wo});var so={};N(so,{getPlatformDB:()=>_r,users:()=>Et});var Et={};N(Et,{addSsoUser:()=>yS,addUser:()=>ov,getUserDoc:()=>gS,lookupTenantId:()=>tv,removeUser:()=>av,updateUserDoc:()=>rv});function _r(){return De(fe.PLATFORM_INFO.name)}s(_r,"getPlatformDB");async function tv(t){return E.MULTI_TENANCY?(await gS(t)).tenantId:ae}s(tv,"lookupTenantId");async function gS(t){return _r().get(t)}s(gS,"getUserDoc");async function rv(t){await _r().put(t)}s(rv,"updateUserDoc");function nv(t,e){return{_id:t,tenantId:e}}s(nv,"newUserIdDoc");function iv(t,e,r){return{_id:e,userId:t,tenantId:r}}s(iv,"newUserEmailDoc");function sv(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(sv,"newUserSsoIdDoc");async function sp(t,e){let r=_r(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(sp,"addUserDoc");async function yS(t,e,r,n){return sp(t,()=>sv(t,e,r,n))}s(yS,"addSsoUser");async function ov(t,e,r,n){let i=[sp(e,()=>nv(e,t)),sp(r,()=>iv(e,r,t))];n&&i.push(yS(n,r,e,t)),await Promise.all(i)}s(ov,"addUser");async function av(t){let e=_r(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(av,"removeUser");var pn={};N(pn,{getAccount:()=>Or,getAccountByTenantId:()=>oi,getStatus:()=>uv});var TS=F(require("node-fetch"));var oo=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Hs.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,TS.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var op=new oo(E.INTERNAL_ACCOUNT_PORTAL_URL),ap=E.SELF_HOSTED||E.DISABLE_ACCOUNT_PORTAL,Or=s(async t=>{if(ap)return;let e={email:t},r=await op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),oi=s(async t=>{if(ap)return;let e={tenantId:t},r=await op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),uv=s(async()=>{if(ap)return;let t=await op.get("/api/status",{headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var li={};N(li,{UserDB:()=>wt,addAppBuilder:()=>wU,bulkGetGlobalUsersById:()=>Hu,bulkUpdateGlobalUsers:()=>Ao,cleanseUserObject:()=>bp,creatorsInList:()=>hn,doesUserExist:()=>SU,getAccountHolderFromUsers:()=>ju,getAllUserIds:()=>yU,getAllUsers:()=>TU,getById:()=>gn,getCreatorCount:()=>OU,getExistingAccounts:()=>ci,getExistingPlatformUsers:()=>rA,getExistingTenantUsers:()=>tA,getFirstPlatformUser:()=>yo,getGlobalUserByAppPage:()=>dA,getGlobalUserByEmail:()=>yt,getPlatformUsers:()=>Lu,getUserCount:()=>_U,hasAdminPermissions:()=>Ir,hasAppBuilderPermissions:()=>sA,hasBuilderPermissions:()=>tt,isAdmin:()=>wr,isAdminOrBuilder:()=>iA,isBuilder:()=>mi,isCreatorAsync:()=>To,isCreatorSync:()=>Ku,isGlobalBuilder:()=>nA,paginatedUsers:()=>pA,removeAppBuilder:()=>DU,removePortalUserPermissions:()=>IU,searchExistingEmails:()=>yp,searchGlobalUsersByApp:()=>zu,searchGlobalUsersByAppAccess:()=>Cp,searchGlobalUsersByEmail:()=>fA,validateUniqueUser:()=>Qu});var ui={};N(ui,{account:()=>vS,action:()=>PS,ai:()=>MS,analytics:()=>Cu,app:()=>NS,auditLog:()=>ZS,auth:()=>Uu,automation:()=>US,backfill:()=>jS,backfillCache:()=>Pu,backup:()=>zS,datasource:()=>LS,email:()=>kS,environmentVariable:()=>JS,group:()=>YS,identification:()=>gt,initAsyncEvents:()=>rU,installation:()=>fo,layout:()=>BS,license:()=>FS,org:()=>WS,plugin:()=>HS,processors:()=>cp,publishEvent:()=>A,query:()=>$S,role:()=>go,rowAction:()=>XS,rows:()=>VS,screen:()=>GS,serve:()=>KS,shutdown:()=>nU,table:()=>qS,user:()=>Le,view:()=>QS,workspace:()=>eA});var cp={};N(cp,{analyticsProcessor:()=>DS,init:()=>yv,processors:()=>qt});var Cu={};N(Cu,{enabled:()=>Ru});var Ru=s(async()=>bu(),"enabled");var IS=require("posthog-node");var cv=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),lv=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var AS={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},_S=s(async t=>{if(!cv(t))return!1;let e=await dv(t);if(e){let r=new Date(e.timestamp);switch(AS[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await SS(t,{timestamp:Date.now()}),!1):!0}}else return await SS(t,{timestamp:Date.now()}),!1},"limited"),OS=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return lv(t)&&(e=e+":"+Ue()),e},"eventKey"),dv=s(async t=>{let e=OS(t);return await fn(e)},"readEvent"),SS=s(async(t,e)=>{let r=OS(t),n=AS[t],i;switch(n){case"calendarDay":i=86400}await Vt(r,e,i)},"recordEvent");var pv=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],ao=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new IS.PostHog(e)}async processEvent(e,r,n,i){if(pv.includes(e)||await _S(e))return;n=this.clearPIIProperties(n),n.version=E.VERSION,n.service=E.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=Ue();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var wS=ao;var mv=["installation:version:upgraded","installation:version:downgraded"],hv=["installation","tenant"],uo=class{static{s(this,"AnalyticsProcessor")}constructor(){E.POSTHOG_TOKEN&&!E.isTest()&&(this.posthog=new wS(E.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!mv.includes(e)&&!await Ru()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!hv.includes(e.type)&&!await Ru()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var up=E.SELF_HOSTED&&!E.isDev(),co=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){up||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){up||console.log("[audit] identified",e)}async identifyGroup(e){up||console.log("[audit] group identified",e)}async shutdown(){}};var ai=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new ht("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Re(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};E.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Df(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:Ue(),hostInfo:r.hostInfo},tenantId:V()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var lo=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var DS=new uo,Ev=new co,gv=new ai;function yv(t){return ai.init(t)}s(yv,"init");var qt=new lo([DS,Ev,gv]);var xu={};N(xu,{checkInstallVersion:()=>Av,getInstall:()=>po,getInstallFromDB:()=>dp});var lp=F(require("semver"));var po=s(async()=>Ar(ye.INSTALLATION,86400,dp,{useTenancy:!1}),"getInstall");async function Tv(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ne(),version:E.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return dp();throw r}}s(Tv,"createInstallDoc");var dp=s(async()=>qe(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await Tv(t);else throw r}return e}),"getInstallFromDB"),Sv=s(async t=>{try{await qe(fe.PLATFORM_INFO.name,async e=>{let r=await po();r.version=t,await e.put(r),await si(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),Av=s(async()=>{let t=await po(),e=t.version,r=E.VERSION;try{if(e!==r){let n=lp.default.gt(r,e),i=lp.default.lt(r,e);await Sv(r)&&(await Ss({_id:t.installId,type:"installation"},async()=>{n?await fo.upgraded(e,r):i&&await fo.downgraded(e,r)}),await gt.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?un(`Invalid version "${r}" - is it semver?`):un("Failed to retrieve version",n)}},"checkInstallVersion");var _v=s(async()=>{let t=Ld(),e=Eo(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await mn(),i=mo();return{id:RS(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await mn(),i=await vu(V()),o=mo();return{id:RS(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:V(),environment:e}}else if(r==="user"){let n=t,i=await vu(V()),o=await mn(),a=n.account,u;return a?u=a.hosting:u=mo(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:V(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),Ov=s(async(t,e)=>{let r=t,n="installation",i=mo(),o=E.VERSION,a=Eo(),u={id:r,type:n,hosting:i,version:o,environment:a};await fp(u,e),await ho({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),Iv=s(async(t,e,r,n=E.VERSION)=>{let i=await vu(t),o="tenant",a=await mn(),u=Eo(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await fp(c,r),await ho({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),wv=s(async(t,e,r)=>{let n=t._id,i=await vu(t.tenantId),o="user",a=tt(t),u=Ir(t),c;$o(t)&&(c=t.providerType);let d=(await ci([t.email])).length>0,f=!!e&&d&&e.verified,p=await mn(),h=e?e.hosting:mo(),m=Eo();await ho({id:n,type:o,hosting:h,installationId:p,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:m},r)},"identifyUser"),Dv=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Wo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await mn(),l=Eo();if(Bo(t)){let f=await yt(t.email);f?._id&&(e=f._id)}await ho({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),ho=s(async(t,e)=>{await qt.identify(t,e)},"identify"),fp=s(async(t,e)=>{await qt.identifyGroup(t,e)},"identifyGroup"),Eo=s(()=>E.isDev()?"development":E.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),mo=s(()=>E.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),mn=s(async()=>Rv()?"account-portal":(await po()).installId,"getInstallationId"),vu=s(async t=>E.SELF_HOSTED?CS(t):t,"getEventTenantId"),CS=s(async t=>Re(t,()=>Ar(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=H(),r=await ri(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ne()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=E.VERSION,await e.put(r),n)})),"getUniqueTenantId"),Rv=s(()=>E.SERVICE==="account-portal","isAccountPortal"),RS=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),gt={getCurrentIdentity:_v,identifyInstallationGroup:Ov,identifyTenantGroup:Iv,identifyUser:wv,identifyAccount:Dv,identify:ho,identifyGroup:fp,getInstallationId:mn,getUniqueTenantId:CS};var Pu={};N(Pu,{end:()=>bv,isAlreadySent:()=>hp,isBackfillingEvent:()=>mp,recordEvent:()=>pp,start:()=>Cv});var Cv=s(async t=>vv({eventWhitelist:t}),"start"),pp=s(async(t,e)=>{let r=Ep(t,e);await Vt(r,e,void 0,{useTenancy:!1})},"recordEvent"),bv=s(async()=>{await Pv(),await Nv()},"end"),xv=s(async()=>fn(ye.BACKFILL_METADATA),"getBackfillMetadata"),vv=s(async t=>Vt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),Pv=s(async()=>{await no(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),Nv=s(async()=>{let t=Ep(),e=await Du(t);for(let r of e)await no(r,{useTenancy:!1})},"clearEvents"),mp=s(async t=>{let r=(await xv())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),hp=s(async(t,e)=>{let r=Ep(t,e);return!!await fn(r,{useTenancy:!1})},"isAlreadySent"),Uv={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},Ep=s((t,e)=>{let r,n=V();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=Uv[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Kt;function Nu(){Kt=new ht("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(Nu,"init");async function bS(){Kt&&await Kt.close()}s(bS,"shutdown");async function xS(t){Kt||Nu();let{event:e,identity:r}=t;Rm.indexOf(e)!==-1&&r.tenantId&&await Kt.add(t)}s(xS,"publishAsyncEvent");var A=s(async(t,e,r,n)=>{let i=n||await gt.getCurrentIdentity();if(!(n?!1:await mp(t))){await xS({event:t,identity:i,properties:e,timestamp:r}),await qt.processEvent(t,i,e,r);return}await hp(t,e)||(await qt.processEvent(t,i,e,r),await pp(t,e))},"publishEvent");async function Lv(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(Lv,"created");async function kv(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(kv,"deleted");async function Mv(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(Mv,"verified");var vS={created:Lv,deleted:kv,verified:Mv};async function Fv(t,e){await A("action:automation_step:executed",t,e)}s(Fv,"automationStepExecuted");async function Bv(t,e){await A("action:crud:executed",t,e)}s(Bv,"crudExecuted");async function Wv(t,e){await A("action:ai_agent:executed",t,e)}s(Wv,"aiAgentExecuted");var PS={aiAgentExecuted:Wv,automationStepExecuted:Fv,crudExecuted:Bv};var $v=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function Gv(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(Gv,"updated");async function Vv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(Vv,"deleted");async function qv(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(qv,"published");async function Kv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(Kv,"unpublished");async function Qv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(Qv,"fileImported");async function jv(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(jv,"duplicated");async function Yv(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(Yv,"templateImported");async function Hv(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(Hv,"versionUpdated");async function zv(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(zv,"versionReverted");async function Jv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(Jv,"reverted");async function Zv(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(Zv,"exported");var NS={created:$v,updated:Gv,deleted:Vv,published:qv,unpublished:Kv,fileImported:Qv,duplicated:jv,templateImported:Yv,versionUpdated:Hv,versionReverted:zv,reverted:Jv,exported:Zv};async function Xv(t,e){let n={userId:(await gt.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(Xv,"login");async function eP(t){let r={userId:(await gt.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(eP,"logout");async function tP(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(tP,"SSOCreated");async function rP(t){let e={type:t};await A("auth:sso:updated",e)}s(rP,"SSOUpdated");async function nP(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(nP,"SSOActivated");async function iP(t){let e={type:t};await A("auth:sso:deactivated",e)}s(iP,"SSODeactivated");var Uu={login:Xv,logout:eP,SSOCreated:tP,SSOUpdated:rP,SSOActivated:nP,SSODeactivated:iP};async function sP(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(sP,"created");async function oP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(oP,"triggerUpdated");async function aP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(aP,"deleted");async function uP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(uP,"tested");var cP=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function lP(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(lP,"stepCreated");async function dP(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(dP,"stepDeleted");var US={created:sP,triggerUpdated:oP,deleted:aP,tested:uP,run:cP,stepCreated:lP,stepDeleted:dP};function gp(t){return!Object.values(Lo).includes(t.source)}s(gp,"isCustom");async function fP(t,e){let r={datasourceId:t._id,source:t.source,custom:gp(t)};await A("datasource:created",r,e)}s(fP,"created");async function pP(t){let e={datasourceId:t._id,source:t.source,custom:gp(t)};await A("datasource:updated",e)}s(pP,"updated");async function mP(t){let e={datasourceId:t._id,source:t.source,custom:gp(t)};await A("datasource:deleted",e)}s(mP,"deleted");var LS={created:fP,updated:pP,deleted:mP};async function hP(t){let e={};await A("email:smtp:created",e,t)}s(hP,"SMTPCreated");async function EP(){let t={};await A("email:smtp:updated",t)}s(EP,"SMTPUpdated");var kS={SMTPCreated:hP,SMTPUpdated:EP};async function gP(t){let e={};await A("ai:config:created",e,t)}s(gP,"AIConfigCreated");async function yP(){let t={};await A("ai:config:updated",t)}s(yP,"AIConfigUpdated");var MS={AIConfigCreated:gP,AIConfigUpdated:yP};async function TP(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(TP,"planChanged");async function SP(t){let e={accountId:t.accountId};await A("license:activated",e)}s(SP,"activated");async function AP(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(AP,"checkoutOpened");async function _P(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(_P,"checkoutSuccess");async function OP(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(OP,"portalOpened");async function IP(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(IP,"paymentFailed");async function wP(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(wP,"paymentRecovered");var FS={planChanged:TP,activated:SP,checkoutOpened:AP,checkoutSuccess:_P,portalOpened:OP,paymentFailed:IP,paymentRecovered:wP};async function DP(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(DP,"created");async function RP(t){let e={layoutId:t};await A("layout:deleted",e)}s(RP,"deleted");var BS={created:DP,deleted:RP};async function CP(t){let e={};await A("org:info:name:updated",e,t)}s(CP,"nameUpdated");async function bP(t){let e={};await A("org:info:logo:updated",e,t)}s(bP,"logoUpdated");async function xP(t){let e={};await A("org:platformurl:updated",e,t)}s(xP,"platformURLUpdated");async function vP(){let t={};await A("analytics:opt:out",t)}s(vP,"analyticsOptOut");async function PP(){let t={};await A("analytics:opt:out",t)}s(PP,"analyticsOptIn");var WS={nameUpdated:CP,logoUpdated:bP,platformURLUpdated:xP,analyticsOptOut:vP,analyticsOptIn:PP};var NP=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),UP=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),LP=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),kP=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),MP=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),FP=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),$S={created:NP,updated:UP,deleted:LP,imported:kP,run:MP,previewed:FP};async function BP(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(BP,"created");async function WP(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(WP,"updated");async function $P(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s($P,"deleted");async function GP(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(GP,"assigned");async function VP(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(VP,"unassigned");var go={created:BP,updated:WP,deleted:$P,assigned:GP,unassigned:VP};async function qP(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(qP,"created");async function KP(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(KP,"deleted");var GS={created:qP,deleted:KP};var QP=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),jP=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),VS={created:QP,imported:jP};async function YP(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(YP,"created");async function HP(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(HP,"updated");async function zP(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(zP,"deleted");async function JP(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(JP,"exported");async function ZP(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(ZP,"imported");var qS={created:YP,updated:HP,deleted:zP,exported:JP,imported:ZP};async function XP(t){let e={timezone:t};await A("served:builder",e)}s(XP,"servedBuilder");async function eN(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(eN,"servedApp");async function tN(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(tN,"servedAppPreview");var KS={servedBuilder:XP,servedApp:eN,servedAppPreview:tN};async function rN(t,e){let r={userId:t._id,viaScim:pt(),audited:{email:t.email}};await A("user:created",r,e)}s(rN,"created");async function nN(t){let e={userId:t._id,viaScim:pt(),audited:{email:t.email}};await A("user:updated",e)}s(nN,"updated");async function iN(t){let e={userId:t._id,viaScim:pt(),audited:{email:t.email}};await A("user:deleted",e)}s(iN,"deleted");async function sN(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(sN,"permissionAdminAssigned");async function oN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(oN,"permissionAdminRemoved");async function aN(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(aN,"permissionBuilderAssigned");async function uN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(uN,"permissionBuilderRemoved");async function cN(t){let e={audited:{email:t}};await A("user:invited",e)}s(cN,"invited");async function lN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(lN,"inviteAccepted");async function dN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(dN,"passwordForceReset");async function fN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(fN,"passwordUpdated");async function pN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(pN,"passwordResetRequested");async function mN(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(mN,"passwordReset");async function hN(t){let e={users:t};await A("user:data:collaboration",e)}s(hN,"dataCollaboration");var Le={created:rN,updated:nN,deleted:iN,permissionAdminAssigned:sN,permissionAdminRemoved:oN,permissionBuilderAssigned:aN,permissionBuilderRemoved:uN,invited:cN,inviteAccepted:lN,passwordForceReset:dN,passwordUpdated:fN,passwordResetRequested:pN,passwordReset:mN,dataCollaboration:hN};async function EN(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(EN,"created");async function gN(t){let e={tableId:t.tableId};await A("view:updated",e)}s(gN,"updated");async function yN(t,e){let r={...Ne.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(yN,"deleted");async function TN(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(TN,"exported");async function SN({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(SN,"filterCreated");async function AN({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(AN,"filterUpdated");async function _N(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(_N,"filterDeleted");async function ON({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(ON,"calculationCreated");async function IN(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(IN,"calculationUpdated");async function wN(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(wN,"calculationDeleted");async function DN(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(DN,"viewJoinCreated");var QS={created:EN,updated:gN,deleted:yN,exported:TN,filterCreated:SN,filterUpdated:AN,filterDeleted:_N,calculationCreated:ON,calculationUpdated:IN,calculationDeleted:wN,viewJoinCreated:DN};async function RN(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(RN,"versionChecked");async function CN(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(CN,"upgraded");async function bN(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(bN,"downgraded");async function xN(){let t={};await A("installation:firstStartup",t)}s(xN,"firstStartup");var fo={versionChecked:RN,upgraded:CN,downgraded:bN,firstStartup:xN};var di=!E.SELF_HOSTED&&!E.isDev();async function vN(t){di||await A("app:backfill:succeeded",t)}s(vN,"appSucceeded");async function PN(t){if(di)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(PN,"appFailed");async function NN(t){di||await A("tenant:backfill:succeeded",t)}s(NN,"tenantSucceeded");async function UN(t){if(di)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(UN,"tenantFailed");async function LN(){if(di)return;let t={};await A("installation:backfill:succeeded",t)}s(LN,"installationSucceeded");async function kN(t){if(di)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(kN,"installationFailed");var jS={appSucceeded:vN,appFailed:PN,tenantSucceeded:NN,tenantFailed:UN,installationSucceeded:LN,installationFailed:kN};async function MN(t,e){let r={groupId:t._id,viaScim:pt(),audited:{name:t.name}};await A("user_group:created",r,e)}s(MN,"created");async function FN(t){let e={groupId:t._id,viaScim:pt(),audited:{name:t.name}};await A("user_group:updated",e)}s(FN,"updated");async function BN(t){let e={groupId:t._id,viaScim:pt(),audited:{name:t.name}};await A("user_group:deleted",e)}s(BN,"deleted");async function WN(t,e){let r={count:t,groupId:e._id,viaScim:pt(),audited:{name:e.name}};await A("user_group:user_added",r)}s(WN,"usersAdded");async function $N(t,e){let r={count:t,groupId:e._id,viaScim:pt(),audited:{name:e.name}};await A("user_group:users_deleted",r)}s($N,"usersDeleted");async function GN(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(GN,"createdOnboarding");async function VN(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(VN,"permissionsEdited");var YS={created:MN,updated:FN,deleted:BN,usersAdded:WN,usersDeleted:$N,createdOnboarding:GN,permissionsEdited:VN};async function qN(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(qN,"init");async function KN(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(KN,"imported");async function QN(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(QN,"deleted");var HS={init:qN,imported:KN,deleted:QN};async function jN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(jN,"appBackupRestored");async function YN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(YN,"appBackupTriggered");var zS={appBackupRestored:jN,appBackupTriggered:YN};async function HN(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(HN,"created");async function zN(t){let e={name:t};await A("environment_variable:deleted",e)}s(zN,"deleted");async function JN(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(JN,"upgradePanelOpened");var JS={created:HN,deleted:zN,upgradePanelOpened:JN};async function ZN(t){let e={filters:t};await A("audit_log:filtered",e)}s(ZN,"filtered");async function XN(t){let e={filters:t};await A("audit_log:downloaded",e)}s(XN,"downloaded");var ZS={filtered:ZN,downloaded:XN};async function eU(t,e){await A("row_action:created",t,e)}s(eU,"created");var XS={created:eU};async function tU(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(tU,"deleted");var eA={deleted:tU};function rU(){}s(rU,"initAsyncEvents");var nU=s(async()=>{await qt.shutdown(),console.log("Events shutdown")},"shutdown");var Tp={};N(Tp,{creatorsInList:()=>hn,getAccountHolderFromUsers:()=>ju,hasAdminPermissions:()=>Ir,hasAppBuilderPermissions:()=>sA,hasBuilderPermissions:()=>tt,isAdmin:()=>wr,isAdminOrBuilder:()=>iA,isBuilder:()=>mi,isCreatorAsync:()=>To,isCreatorSync:()=>Ku,isGlobalBuilder:()=>nA,validateUniqueUser:()=>Qu});async function yp(t){let e=[],r=await tA(t);e.push(...r.map(a=>a.email));let n=await rA(t);e.push(...n.map(a=>a._id));let i=await ci(t);e.push(...i.map(a=>a.email));let o=await rp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(yp,"searchExistingEmails");async function Lu(t){return await Ws("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(Lu,"getPlatformUsers");async function yo(t){return(await Lu(t))[0]??null}s(yo,"getFirstPlatformUser");async function tA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Ft("by_email2",r,void 0,n)}s(tA,"getExistingTenantUsers");async function rA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("platform_users_lowercase_2",r)}s(rA,"getExistingPlatformUsers");async function ci(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("account_by_email",r)}s(ci,"getExistingAccounts");var qu={};N(qu,{BadRequestError:()=>Fu,BudibaseError:()=>fi,EmailUnavailableError:()=>Qt,FeatureDisabledError:()=>Gu,ForbiddenError:()=>Bu,HTTPError:()=>we,InvalidAPIKeyError:()=>pi,NotFoundError:()=>Mu,NotImplementedError:()=>Wu,UnexpectedError:()=>ku,UsageLimitError:()=>$u,getPublicError:()=>Vu});var fi=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}},Vu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),we=class t extends fi{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.message,o=u.status,a=u.error?.code}catch{}return new t(i,o,a)}},ku=class extends we{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Mu=class extends we{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},Fu=class extends we{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},Bu=class extends we{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},Wu=class extends we{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},$u=class extends we{constructor(r,n){super(r,400,"usage_limit_exceeded");this.limitName=n}static{s(this,"UsageLimitError")}getPublicError(){return{limitName:this.limitName}}},Gu=class extends we{constructor(r,n){super(r,400,"feature_disabled");this.featureName=n}static{s(this,"FeatureDisabledError")}getPublicError(){return{featureName:this.featureName}}},pi=class extends fi{static{s(this,"InvalidAPIKeyError")}constructor(){super("Invalid API key - may need re-generated, or user doesn't exist","invalid_api_key")}},Qt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var mi=Ve.users.isBuilder,wr=Ve.users.isAdmin,nA=Ve.users.isGlobalBuilder,iA=Ve.users.isAdminOrBuilder,Ir=Ve.users.hasAdminPermissions,tt=Ve.users.hasBuilderPermissions,sA=Ve.users.hasAppBuilderPermissions;async function hn(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await H().getMultiple(r,{allowMissing:!0}),t.map(i=>Ku(i,e))}s(hn,"creatorsInList");async function To(t){let e=[];return t.userGroups&&(e=await H().getMultiple(t.userGroups)),Ku(t,e)}s(To,"isCreatorAsync");function Ku(t,e){let r=Ve.users.isCreator(t);return!r&&t?sU(t,e):r}s(Ku,"isCreatorSync");function sU(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(sU,"isCreatorByGroupMembership");async function Qu(t,e){if(E.MULTI_TENANCY){let r=await yo(t);if(r!=null&&r.tenantId!==e)throw new Qt(t)}if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let r=await Or(t);if(r&&r.verified&&r.tenantId!==e)throw new Qt(t)}}s(Qu,"validateUniqueUser");async function ju(t){if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let e=await ci(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(ju,"getAccountHolderFromUsers");var Sp=s(async t=>{await Le.deleted(t),tt(t)&&await Le.permissionBuilderRemoved(t),Ir(t)&&await Le.permissionAdminRemoved(t)},"handleDeleteEvents"),oU=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await go.assigned(t,i)},"assignAppRoleEvents"),aU=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await go.unassigned(t,i)},"unassignAppRoleEvents"),uU=s(async(t,e)=>{let r=t.roles,n=e?.roles;await oU(t,r,n),await aU(t,r,n)},"handleAppRoleEvents"),Ap=s(async(t,e)=>{let r=V(),n;!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL&&(n=await oi(r)),await gt.identifyUser(t,n),e?(await Le.updated(t),lU(t,e)&&await Le.permissionBuilderRemoved(t),fU(t,e)&&await Le.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Le.passwordForceReset(t),t.password!==e.password&&await Le.passwordUpdated(t)):await Le.created(t),cU(t,e)&&await Le.permissionBuilderAssigned(t),dU(t,e)&&await Le.permissionAdminAssigned(t),await uU(t,e)},"handleSaveEvents"),cU=s((t,e)=>oA(t,e,tt),"isAddingBuilder"),lU=s((t,e)=>aA(t,e,tt),"isRemovingBuilder"),dU=s((t,e)=>oA(t,e,Ir),"isAddingAdmin"),fU=s((t,e)=>aA(t,e,Ir),"isRemovingAdmin"),oA=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),aA=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var Yu={};N(Yu,{createASession:()=>mU,endSession:()=>hU,getSession:()=>Op,getSessionsForUser:()=>So,invalidateSessions:()=>En,updateSessionTTL:()=>_p});var cA=require("uuid");var lA=E.SESSION_EXPIRY_SECONDS?parseInt(E.SESSION_EXPIRY_SECONDS):he.fromDays(7).toSeconds();function hi(t,e){return`${t}/${e}`}s(hi,"makeSessionID");async function So(t){return t?(await(await fr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(So,"getSessionsForUser");async function En(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await So(t)).map(a=>({key:hi(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:hi(t,o)}))),i&&i.length>0){let o=await fr(),a=[];for(let u of i)a.push(o.delete(u.key));E.isTest()||ii(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(En,"invalidateSessions");async function mU(t,e){let r=await So(t),n=0;if(r.length>=3){let l=r.sort((p,h)=>new Date(p.createdAt).getTime()-new Date(h.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(p=>p.sessionId);n=f.length,await En(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await fr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,cA.v4)(),u=hi(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,lA),{session:c,invalidatedSessionCount:n}}s(mU,"createASession");async function _p(t){let e=await fr(),r=hi(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,lA)}s(_p,"updateSessionTTL");async function hU(t,e){await(await fr()).delete(hi(t,e))}s(hU,"endSession");async function Op(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await fr()).get(hi(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Op,"getSession");var Rp={};N(Rp,{PASSWORD_MAX_LENGTH:()=>wp,PASSWORD_MIN_LENGTH:()=>Ip,validatePassword:()=>Dp});var Ip=+(E.PASSWORD_MIN_LENGTH||12),wp=+(E.PASSWORD_MAX_LENGTH||512);function Dp(t){return!t||t.length<Ip?{valid:!1,error:`Password invalid. Minimum ${Ip} characters.`}:t.length>wp?{valid:!1,error:`Password invalid. Maximum ${wp} characters.`}:{valid:!0}}s(Dp,"validatePassword");var EU=s(async t=>{let e=t._id;await Et.removeUser(t),await Sp(t),await Dr.invalidateUser(e),await En(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),wt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return E.ENABLE_SSO_MAINTENANCE_MODE&&wr(e)?!1:await t.features.isSSOEnforced()||$o(e)?!0:(r||(r=await oi(V())),!!(r&&r.email===e.email&&Wo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a){if(await t.isPreventPasswordActions(e,o))throw new we("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Dp(a);if(!f.valid)throw new we(f.error,400)}c=r.hashPassword?await Nd(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||Jn();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await H().allDocs(sn(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByApp(e){return{userCount:(await zu(e,{})).length}}static async getUsersByAppAccess(e){return await Cp(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return yt(e)}static async getUser(e){let r=await gn(e);return r&&delete r.password,r}static async bulkGet(e){return await Hu(e)}static async bulkUpdate(e){return await Ao(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=V(),i=H(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await gn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(p){if(p.status!==404)throw p}if(!l&&o&&(l=await yt(o),l&&l._id!==a))throw new Qt(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[p,h]=await hn([l,e]);f=p!==h?1:0}return t.quotas.addUsers(d,f,async()=>{r.isAccountHolder||await Qu(o,n);let p=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(p=bp(p,l)),!l&&c?.length&&(p.roles={...c});let h=[];if(!a&&u.length>0)for(let m of u)h.push(t.groups.addUsers(m,[p._id]));try{let m=await i.put(p);return p._rev=m.rev,await Ap(p,l),l&&p.email!==l.email&&await Et.removeUser({email:l.email}),await Et.addUser(n,p._id,p.email,p.ssoId),await Dr.invalidateUser(m.id),await Promise.all(h),i.get(p._id)}catch(m){throw m.status===409?"User exists already":m}})}static async bulkCreate(e,r){let n=V(),i=[],o=[],a=[],u=e.map(p=>p.email),c=await yp(u),l=[];for(let p of e){let h=o.find(g=>g.email.toLowerCase()===p.email.toLowerCase()),m=c.includes(p.email.toLowerCase());if(h||m){l.push({email:p.email,reason:"Unavailable"});continue}p.userGroups=r||[],o.push(p),await To(p)&&a.push(p)}let d=await oi(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let m of o)f&&delete m.password,i.push(t.buildUser(m,{hashPassword:!0,requirePassword:!f},n,void 0,d));let p=await Promise.all(i);await Ao(p);for(let m of p)await Et.addUser(n,m._id,m.email),await Ap(m,void 0);let h=p.map(m=>({_id:m._id,email:m.email}));if(Array.isArray(h)&&r){let m=[],g=h.map(y=>y._id);for(let y of r)m.push(t.groups.addUsers(y,g));await Promise.all(m)}return{successful:h,unsuccessful:l}})}static async bulkDelete(e){let r=H(),n={successful:[],unsuccessful:[]},i=await ju(e);i&&(e=e.filter(h=>h.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(h=>h.userId)})).rows.map(h=>h.doc),u=a.map(h=>({...h,_deleted:!0})),c=await Ao(u),d=(await hn(a)).filter(h=>h).length,f=[];for(let h of a){let g=(await yo(h._id)).ssoId;g&&(await Lu(g)).filter(S=>S.ssoId==null).forEach(S=>{f.push({...S,_deleted:!0})}),await EU(h)}await _r().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let p={};return a.reduce((h,m)=>(h[m._id]=m,h),p),c.forEach(h=>{let m=p[h.id].email;h.ok?n.successful.push({_id:h.id,email:m}):n.unsuccessful.push({_id:h.id,email:m,reason:"Database error"})}),n}static async destroy(e){let r=H(),n=await r.get(e),i=n._id;if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await Or(a))throw n.userId===Lt()._id?new we('Please visit "Account" to delete this user',400):new we("Account holder cannot be deleted",400)}await Et.removeUser(n),await r.remove(i,n._rev);let o=await To(n)?1:0;await t.quotas.removeUsers(1,o),await Sp(n),await Dr.invalidateUser(i),await En(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await si(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Oo(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Oo,"removeUserPassword");async function Hu(t,e){let n=(await H().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Oo(n)),n}s(Hu,"bulkGetGlobalUsersById");async function yU(){let t=H(),e=`us${b}`;return(await t.allDocs({startkey:e,endkey:`${e}${ve}`})).rows.map(n=>n.id)}s(yU,"getAllUserIds");async function TU(){let t=H(),e=`us${b}`;return(await t.allDocs({startkey:e,endkey:`${e}${ve}`,include_docs:!0})).rows.map(n=>n.doc)}s(TU,"getAllUsers");async function Ao(t){return await H().bulkDocs(t)}s(Ao,"bulkUpdateGlobalUsers");async function gn(t,e){let n=await H().get(t);return e?.cleanup&&(n=Oo(n)),n}s(gn,"getById");async function yt(t,e){if(t==null)throw"Must supply an email address to view";let r=await Ft("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Oo(n)),n}s(yt,"getGlobalUserByEmail");async function SU(t){try{let e=await yt(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(SU,"doesUserExist");async function zu(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=ru(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Ft("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Oo(o)),o}s(zu,"searchGlobalUsersByApp");async function Cp(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await H().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(Cp,"searchGlobalUsersByAppAccess");function dA(t,e){if(e)return tu(Ke(t),e._id)}s(dA,"getGlobalUserByAppPage");async function fA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Ft("by_email2",{...e,startkey:i,endkey:`${n}${ve}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Oo(a)),a}s(fA,"searchGlobalUsersByEmail");var AU=8;async function pA({bookmark:t,query:e,appId:r,limit:n}={}){let i=H(),o=n??AU,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await gn(e.equal._id)]:r?(c=await zu(r,u),d=s(f=>dA(r,f),"getKey")):e?.string?.email?(c=await fA(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await Hu(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(sn(null,{...u,limit:void 0}))).rows.map(p=>p.doc),c=ar.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(sn(null,u))).rows.map(p=>p.doc),gf(c,o,{paginate:!0,property:l,getKey:d})}s(pA,"paginatedUsers");async function _U(){return(await Sf("by_email2",{limit:0,include_docs:!1})).total_rows}s(_U,"getUserCount");async function OU(){let t=0;async function e(r){let n=await pA({bookmark:r}),i=await hn(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(OU,"getCreatorCount");function IU(t){return delete t.admin,delete t.builder,t}s(IU,"removePortalUserPermissions");function bp(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(bp,"cleanseUserObject");async function wU(t,e){let r=Ke(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await wt.save(t,{hashPassword:!1})}s(wU,"addAppBuilder");async function DU(t,e){let r=Ke(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await wt.save(t,{hashPassword:!1})}s(DU,"removeAppBuilder");var mA=3600;async function RU(t,e){let n=await Of(e).get(t);if(n.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let i=await Or(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(RU,"populateFromDB");async function CU(t){let e=await wt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let o=await Or(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(CU,"populateUsersFromDB");async function Io({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=RU),!e)try{e=V()}catch{e=await Et.lookupTenantId(t)}let i=await Us(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,mA)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Ve.users.isGlobalBuilder(o)&&await Re(e,async()=>{let a=await wt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(Io,"getUser");async function bU(t){let e=await Us(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await CU(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,mA);i.push(...a.users)}return{users:i,notFoundIds:o}}s(bU,"getUsers");async function wo(t){await(await Us()).delete(t)}s(wo,"invalidateUser");var Up={};N(Up,{Writethrough:()=>Pp});var gi={};N(gi,{AUTO_EXTEND_POLLING_MS:()=>EA,doWithLock:()=>xp,newRedlock:()=>yn});var hA=F(require("redlock"));async function vU(t,e){if(t==="custom")return yn(e);switch(t){case"try_once":return yn(Ei.TRY_ONCE);case"try_twice":return yn(Ei.TRY_TWICE);case"default":return yn(Ei.DEFAULT);case"delay_500":return yn(Ei.DELAY_500);case"auto_extend":return yn(Ei.AUTO_EXTEND);default:throw Xt.unreachable(t)}}s(vU,"getClient");var Ei={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function yn(t={}){let e={...Ei.DEFAULT,...t},n=(await df()).client;return new hA.default([n],e)}s(yn,"newRedlock");function PU(t){let r=`lock:${t.systemLock?"system":V()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(PU,"getLockName");var EA=he.fromSeconds(10).toMs();async function xp(t,e){let r=await vU(t.type,t.customOptions),n,i;try{let o=PU(t),a=t.type==="auto_extend"?EA:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(xp,"doWithLock");var gA=1e4,vp=null;async function Ju(){if(!vp){let t=await lf();vp=new cn(t)}return vp}s(Ju,"getCache");function Do(t,e){return t.name+e}s(Do,"makeCacheKey");function Np(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(Np,"makeCacheItem");async function NU(t,e,r=gA){let n=await Ju(),i=e._id,o;i&&(o=await n.get(Do(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await xp({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;ii("Ignoring conflict in write-through cache")}})).executed||ii("Ignoring redlock conflict in write-through cache")),o=Np(u,a?null:o?.lastWrite),u._id&&await n.store(Do(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(NU,"put");async function UU(t,e){let r=await Ju(),n=Do(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=Np(o),await r.store(n,i)}return i.doc}s(UU,"get");async function LU(t,e){let r=await Ju(),n=Do(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=Np(o),await r.store(n,i)}return i.doc}s(LU,"tryGet");async function kU(t,e,r){let n=await Ju();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(Do(t,i))}finally{await t.remove(i,r)}}s(kU,"remove");var Pp=class{static{s(this,"Writethrough")}constructor(e,r=gA){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return NU(this.db,e,r)}async get(e){return UU(this.db,e)}async tryGet(e){return LU(this.db,e)}async remove(e,r){return kU(this.db,e,r)}};function Zu(t){return`config${b}${t}`}s(Zu,"generateConfigID");async function rt(t){let e=H();try{return await e.get(Zu(t))}catch(r){if(r.status===404)return;throw r}}s(rt,"getConfig");async function MU(t){return t._id||(t._id=Zu(t.type)),H().put(t)}s(MU,"save");async function ri(){let t=await rt("settings");return t||(t={_id:Zu("settings"),type:"settings",config:{}}),t.config.platformUrl=await Ro({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await bu({config:t.config}),t}s(ri,"getSettingsConfigDoc");async function Mp(){return(await ri()).config}s(Mp,"getSettingsConfig");async function Ro(t={tenantAware:!0}){let e=E.PLATFORM_URL||"http://localhost:10000";if(!E.SELF_HOSTED&&E.MULTI_TENANCY&&t.tenantAware){let r=V();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(E.SELF_HOSTED){let r=t?.config?t.config:(await rt("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(Ro,"getPlatformUrl");var bu=s(async t=>{if(!E.SELF_HOSTED)return!!E.ENABLE_ANALYTICS;let e=await Ar(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await rt("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=E.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function FU(){return await rt("google")}s(FU,"getGoogleConfigDoc");async function Xu(){return(await FU())?.config}s(Xu,"getGoogleConfig");async function Fp(){if(!E.SELF_HOSTED)return Lp();let t=await Xu();return(!t||!t.activated)&&(t=Lp()),t}s(Fp,"getGoogleDatasourceConfig");function Lp(){if(E.GOOGLE_CLIENT_ID&&E.GOOGLE_CLIENT_SECRET)return{clientID:E.GOOGLE_CLIENT_ID,clientSecret:E.GOOGLE_CLIENT_SECRET,activated:!0}}s(Lp,"getDefaultGoogleConfig");async function BU(){return rt("logos_oidc")}s(BU,"getOIDCLogosDoc");async function WU(){return rt("oidc")}s(WU,"getOIDCConfigDoc");async function $U(){let t=(await WU())?.config;return t?.configs&&t.configs[0]}s($U,"getOIDCConfig");async function Bp(t){let e=(await rt("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(Bp,"getOIDCConfigById");async function yA(){return rt("smtp")}s(yA,"getSMTPConfigDoc");async function GU(t){let e=await yA();if(e)return e.config;let r=E.SELF_HOSTED||!t;if(E.SMTP_FALLBACK_ENABLED&&r)return{port:E.SMTP_PORT,host:E.SMTP_HOST,secure:!1,from:E.SMTP_FROM_ADDRESS,auth:{user:E.SMTP_USER,pass:E.SMTP_PASSWORD},fallback:!0}}s(GU,"getSMTPConfig");async function VU(){return(await rt("scim"))?.config}s(VU,"getSCIMConfig");async function qU(){return rt("ai")}s(qU,"getAIConfig");async function KU(){return rt("recaptcha")}s(KU,"getRecaptchaConfig");var Hp={};N(Hp,{AccessController:()=>Gp,BUILTIN_ROLE_IDS:()=>Vp,Role:()=>Rr,RoleHierarchyTraversal:()=>ec,RoleIDVersion:()=>qp,builtinRoleToNumber:()=>Co,checkForRoleResourceArray:()=>_A,externalRole:()=>JU,findRole:()=>bo,getAllRoleIds:()=>tL,getAllRoles:()=>Yp,getBuiltinRole:()=>SA,getBuiltinRoles:()=>Qp,getDBRoleID:()=>OA,getExternalRoleID:()=>Cr,getExternalRoleIDs:()=>IA,getRole:()=>ZU,getUserRoleHierarchy:()=>jp,getUserRoleIdHierarchy:()=>AA,isBuiltin:()=>Tn,lowerBuiltinRoleID:()=>zU,prefixRoleIDNoBuiltin:()=>$p,roleIDsAreEqual:()=>nt,roleToNumber:()=>HU,saveRoles:()=>XU,validInherits:()=>YU});var TA=require("lodash"),tc=F(require("lodash/fp/cloneDeep")),Wp=F(require("semver"));var Vp={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...Vp,BUILDER:"BUILDER"},qp={UUID:void 0,NAME:"name"};function jU(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(jU,"rolesInList");var Rr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=qp.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=$p(e):e&&Array.isArray(e)&&(e=e.map($p)),this.inherits=e,this}},ec=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=bo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!jU(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=bo(a.inherits,n,r),a&&i.push(a),Ne.roles.checkForRoleInheritanceLoops(i))break}}return(0,TA.uniqBy)(i,o=>o._id)}},Kp={ADMIN:new Rr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"App admin",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new Rr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new Rr(ie.BASIC,ie.BASIC,"write",{displayName:"App user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new Rr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Rr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Qp(){return(0,tc.default)(Kp)}s(Qp,"getBuiltinRoles");function Tn(t){return Object.values(Vp).includes(t)}s(Tn,"isBuiltin");function $p(t){return Tn(t)?t:kt(t)}s($p,"prefixRoleIDNoBuiltin");function SA(t){let e=Object.values(Kp).find(r=>t.includes(r._id));if(e)return(0,tc.default)(e)}s(SA,"getBuiltinRole");function YU(t,e){if(!e)return!1;let r=s(n=>t.find(i=>nt(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(YU,"validInherits");function Co(t){let e=Qp(),r=Object.values(e).length+1;if(nt(t,ie.ADMIN)||nt(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Co,"builtinRoleToNumber");async function HU(t){if(Tn(t))return Co(t);let e=await jp(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>nt(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(Tn(n.inherits))return Co(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(HU,"roleToNumber");function zU(t,e){return t?e&&Co(t)>Co(e)?e:t:e}s(zU,"lowerBuiltinRoleID");function nt(t,e){return kt(t)===kt(e)}s(nt,"roleIDsAreEqual");function JU(t){let e;return t._id&&(e=Cr(t._id)),{...t,_id:e,inherits:IA(t.inherits,t.version)}}s(JU,"externalRole");function bo(t,e,r){let n=SA(t);n||(t=kt(t));let i=e.find(o=>o._id&&nt(o._id,t));return!i&&!Tn(t)&&r?.defaultPublic?(0,tc.default)(Kp.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=Cr(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(bo,"findRole");async function ZU(t,e){let r=zn(),n=[];if(!Tn(t)){let i=await r.tryGet(OA(t));i&&n.push(i)}return bo(t,n,e)}s(ZU,"getRole");async function XU(t){await zn().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:kt(r._id)})))}s(XU,"saveRoles");async function eL(t,e){let r=await Yp();if(nt(t,ie.ADMIN))return r;let n=bo(t,r,e),i=[];return n&&(i=new ec(r,e).walk(n)),i}s(eL,"getAllUserRoles");async function AA(t){return(await jp(t)).map(r=>r._id)}s(AA,"getUserRoleIdHierarchy");async function jp(t,e){return eL(t,e)}s(jp,"getUserRoleHierarchy");function _A(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(_A,"checkForRoleResourceArray");async function tL(t){return(await Yp(t)).map(r=>r._id)}s(tL,"getAllRoleIds");async function Yp(t){if(t)return qe(t,e);{let r;try{r=zn()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(nu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=Cr(u._id,u.version)));let i=Qp(),o=[];!r||await rL(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>nt(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=Cr(u._id,c.version),n.push({...u,...c,name:u.name,_id:Cr(u._id,u.version)}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=_A(a.permissions,u);return n}s(e,"internal")}s(Yp,"getAllRoles");async function rL(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!Wp.default.valid(r)?!0:!Wp.default.gte(r,E.MIN_VERSION_WITHOUT_POWER_ROLE)}s(rL,"shouldIncludePowerRole");var Gp=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||nt(e,ie.BUILDER)||nt(r,e)||nt(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await AA(r),this.userHierarchies[r]=n),n?.find(i=>nt(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function OA(t){return t?.startsWith("role")?t:kt(t)}s(OA,"getDBRoleID");function Cr(t,e){if(t.startsWith(`role${b}`)&&(Tn(t)||e===qp.NAME)){let r=t.split(b);return r.shift(),r.join(b)}return t}s(Cr,"getExternalRoleID");function IA(t,e){return t&&(typeof t=="string"?Cr(t,e):t.map(r=>Cr(r,e)))}s(IA,"getExternalRoleIDs");var zp={};N(zp,{BUILDER:()=>aL,BUILTIN_PERMISSIONS:()=>rc,CREATOR:()=>uL,GLOBAL_BUILDER:()=>cL,PermissionImpl:()=>se,PermissionLevel:()=>Ii,PermissionType:()=>Fo,doesHaveBasePermission:()=>sL,getAllowedLevels:()=>CA,getBuiltinPermissionByID:()=>iL,getBuiltinPermissions:()=>nL,isPermissionLevelHigherThanRead:()=>oL,levelToNumber:()=>RA});var wA=F(require("lodash/flatten")),DA=F(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function RA(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(RA,"levelToNumber");function CA(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(CA,"getAllowedLevels");var rc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function nL(){return(0,DA.default)(rc)}s(nL,"getBuiltinPermissions");function iL(t){return Object.values(rc).find(r=>r._id===t)}s(iL,"getBuiltinPermissionByID");function sL(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(rc),o=(0,wA.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&CA(a.level).indexOf(e)!==-1)return!0;return!1}s(sL,"doesHaveBasePermission");function oL(t){return RA(t)>1}s(oL,"isPermissionLevelHigherThanRead");var aL="builder",uL="creator",cL="globalBuilder";var um={};N(um,{adminOnly:()=>pc,auditLog:()=>cc,authError:()=>Oe,buildAuthMiddleware:()=>QL,buildCsrfMiddleware:()=>YL,buildTenancyMiddleware:()=>jL,builderOnly:()=>hc,builderOrAdmin:()=>mc,google:()=>jt,internalApi:()=>dc,joiValidator:()=>vo,oidc:()=>Yt,passport:()=>HL,platformLogout:()=>e0,refreshOAuthToken:()=>ZL,ssoCallbackUrl:()=>br,updateUserOAuth:()=>XL});var am={};N(am,{adminOnly:()=>pc,auditLog:()=>cc,authError:()=>Oe,authenticated:()=>uc,builderOnly:()=>hc,builderOrAdmin:()=>mc,correlation:()=>GA,csp:()=>YA,csrf:()=>fc,datasource:()=>qL,errorHandling:()=>qA,featureFlagCookie:()=>HA,google:()=>jt,internalApi:()=>dc,ip:()=>JA,joiValidator:()=>vo,local:()=>yi,oidc:()=>Yt,pino:()=>WA,querystringToBody:()=>KA,ssoCallbackUrl:()=>br,tenancy:()=>lc});var yi={};N(yi,{authenticate:()=>fL,options:()=>dL});function Oe(t,e,r){return t(r,null,{message:e})}s(Oe,"authError");async function br(t,e){if(e&&e.callbackURL)return e.callbackURL;let r=await Mp(),n="/api/global/auth";return dr()&&(n+=`/${V()}`),n+=`/${t}/callback`,`${r.platformUrl}${n}`}s(br,"ssoCallbackUrl");var Jp="Invalid credentials",lL="This account has expired. Please reset your password",dL={passReqToCallback:!0};async function fL(t,e,r,n){if(!e)return Oe(n,"Email Required");if(!r)return Oe(n,"Password Required");let i=await yt(e);return i==null?(console.info(`user=${e} could not be found`),Oe(n,Jp)):i.status==="inactive"?(console.info(`user=${e} is inactive`,i),Oe(n,Jp)):i.password?await Ud(r,i.password)?(delete i.password,n(null,i)):Oe(n,Jp):(console.info(`user=${e} has no password set`,i),Oe(n,lL))}s(fL,"authenticate");var jt={};N(jt,{buildVerifyFn:()=>vA,getCallbackUrl:()=>hL,strategyFactory:()=>Zp});var xo=s(t=>Promise.resolve(t),"ssoSaveUserNoOp");async function nc(t,e=!0,r,n){if(!n)throw new Error("Save user function must be provided");if(!t.userId)return Oe(r,"sso user id required");if(!t.email)return Oe(r,"sso user email required");let i=Jn(t.userId),o;try{o=await gn(i)}catch(u){if(!u.status||u.status!==404)return Oe(r,"Unexpected error when retrieving existing user",u)}if(o||(o=await yt(t.email)),!o&&e)return Oe(r,"Email does not yet exist. You must set up your local budibase account first.");o||(o={_id:i,email:t.email,roles:{},tenantId:V()});let a=await pL(o,t);a.forceResetPassword=!1;try{delete a.password,a=await n(a,{hashPassword:!1,requirePassword:!1})}catch(u){return Oe(r,"Error saving user",u)}return r(null,a)}s(nc,"authenticate");async function pL(t,e){let r,n,i;if(e.profile){let o=e.profile;if(o.name){let a=o.name;a.givenName&&(r=a.givenName),a.familyName&&(n=a.familyName)}}return e.oauth2&&(i={...e.oauth2}),{...t,provider:e.provider,providerType:e.providerType,firstName:r,lastName:n,oauth2:i}}s(pL,"syncUser");var mL=require("passport-google-oauth").OAuth2Strategy;function vA(t){return(e,r,n,i)=>{let o={provider:"google",providerType:"google",userId:n.id,profile:n,email:n._json.email,oauth2:{accessToken:e,refreshToken:r}};return nc(o,!0,i,t)}}s(vA,"buildVerifyFn");async function Zp(t,e,r){try{let{clientID:n,clientSecret:i}=t;if(!n||!i)throw new Error("Configuration invalid. Must contain google clientID and clientSecret");let o=vA(r);return new mL({clientID:t.clientID,clientSecret:t.clientSecret,callbackURL:e},o)}catch(n){throw new Error(`Error constructing google authentication strategy: ${n}`)}}s(Zp,"strategyFactory");async function hL(t){return br("google",t)}s(hL,"getCallbackUrl");var Yt={};N(Yt,{buildVerifyFn:()=>NA,fetchStrategyConfig:()=>TL,getCallbackUrl:()=>SL,strategyFactory:()=>yL});var PA=F(require("node-fetch"));var EL=require("@techpass/passport-openidconnect").Strategy;function NA(t){return async(e,r,n,i,o,a,u,c,l)=>{let d={provider:e,providerType:"oidc",userId:n.id,profile:n,email:gL(n,i),oauth2:{accessToken:o,refreshToken:a}};return nc(d,!1,l,t)}}s(NA,"buildVerifyFn");function gL(t,e){if(t._json.email)return t._json.email;if(e.email)return e.email;let r=e.preferred_username;if(r&&Rf(r))return r;throw new Error(`Could not determine user email from profile ${JSON.stringify(t)} and claims ${JSON.stringify(e)}`)}s(gL,"getEmail");async function yL(t,e){try{let r=NA(e),n=new EL(t,r);return n.name="oidc",n}catch(r){throw new Error(`Error constructing OIDC authentication strategy - ${r}`)}}s(yL,"strategyFactory");async function TL(t,e){try{let{clientID:r,clientSecret:n,configUrl:i,pkce:o}=t;if(!r||!n||!e||!i)throw new Error("Configuration invalid. Must contain clientID, clientSecret, callbackUrl and configUrl");let a=await(0,PA.default)(i);if(!a.ok)throw new Error(`Unexpected response when fetching openid-configuration: ${a.statusText}`);let u=await a.json();return{issuer:u.issuer,authorizationURL:u.authorization_endpoint,tokenURL:u.token_endpoint,userInfoURL:u.userinfo_endpoint,clientID:r,clientSecret:n,callbackURL:e,pkce:o}}catch(r){throw new Error(`Error constructing OIDC authentication configuration - ${r}`)}}s(TL,"fetchStrategyConfig");async function SL(){return br("oidc")}s(SL,"getCallbackUrl");var Xp={};N(Xp,{postAuth:()=>OL,preAuth:()=>_L});var AL=require("passport-google-oauth").OAuth2Strategy;async function UA(){let t=await Fp();if(!t)throw new Error("No google configuration found");return t}s(UA,"fetchGoogleCreds");async function _L(t,e,r){let n=await UA(),o=`${await Ro({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=await Zp(n,o,xo);return e.query.appId||e.throw(400,"appId query param not present."),t.authenticate(a,{scope:["profile","email","https://www.googleapis.com/auth/spreadsheets"],accessType:"offline",prompt:"consent"})(e,r)}s(_L,"preAuth");async function OL(t,e,r){let n=await UA(),o=`${await Ro({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=Wt(e,"budibase:datasourceauth");if(!a)throw new Error("Unable to fetch datasource auth cookie");return t.authenticate(new AL({clientID:n.clientID,clientSecret:n.clientSecret,callbackURL:o},(u,c,l,d)=>{hr(e,"budibase:datasourceauth"),d(null,{accessToken:u,refreshToken:c})}),{successRedirect:"/",failureRedirect:"/error"},async(u,c)=>{let l=`/builder/workspace/${a.appId}/data`,d=ne();await Vt(`datasource:creation:${a.appId}:google:${d}`,{tokens:c}),e.redirect(`${l}/new?continue_google_setup=${d}`)})(e,r)}s(OL,"postAuth");var IL=/\/:(.*?)(\/.*)?$/g,Sn=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(IL);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),An=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var sm={};N(sm,{SecretOption:()=>MA,decrypt:()=>im,decryptFile:()=>xL,encrypt:()=>RL,encryptFile:()=>CL,getSecret:()=>nm});var Ht=F(require("crypto")),xr=F(require("fs")),em=require("path"),tm=F(require("zlib"));var ic="aes-256-ctr",kA="-",wL=1e4,DL=32,sc=16,rm=16,MA=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(MA||{});function nm(t){let e,r;switch(t){case"encryption":e=E.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=E.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(nm,"getSecret");function oc(t,e){return Ht.default.pbkdf2Sync(t,new Uint8Array(e),wL,DL,"sha512")}s(oc,"stretchString");function RL(t,e="api"){let r=Ht.default.randomBytes(sc),n=oc(nm(e),r),i=Ht.default.createCipheriv(ic,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${kA}${u}`}s(RL,"encrypt");function im(t,e="api"){let[r,n]=t.split(kA),i=Buffer.from(r,"hex"),o=oc(nm(e),i),a=Ht.default.createDecipheriv(ic,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(im,"decrypt");async function CL({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,em.join)(t,e);if(xr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=xr.default.createReadStream(i),a=xr.default.createWriteStream((0,em.join)(t,n)),u=Ht.default.randomBytes(sc),c=Ht.default.randomBytes(rm),l=oc(r,u),d=Ht.default.createCipheriv(ic,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(tm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(CL,"encryptFile");async function bL(t){let e=xr.default.createReadStream(t),r=await LA(e,sc),n=await LA(e,rm);return e.close(),{salt:r,iv:n}}s(bL,"getSaltAndIV");async function xL(t,e,r){if(xr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await bL(t),o=xr.default.createReadStream(t,{start:sc+rm}),a=xr.default.createWriteStream(e),u=oc(r,n),c=Ht.default.createDecipheriv(ic,new Uint8Array(u),new Uint8Array(i)),l=tm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",p=>{a.close(),f(p)}),c.on("error",p=>{a.close(),f(p)}),l.on("error",p=>{a.close(),f(p)}),a.on("error",p=>{a.close(),f(p)})})}s(xL,"decryptFile");function LA(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(LA,"readBytes");var BA=F(require("dd-trace"));var vL=E.SESSION_UPDATE_PERIOD?parseInt(E.SESSION_UPDATE_PERIOD):60*1e3;function PL(){return new Date(Date.now()-vL).toISOString()}s(PL,"timeMinusOneMinute");function FA(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(FA,"finalise");async function NL(t,e){if(Ks(t))return{valid:!0,user:void 0};let n=im(t).split(b)[0];return Re(n,async()=>{let i;try{let o=H();i=await Ft("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await Io({userId:i,tenantId:n,populateUser:e})};throw new pi})}s(NL,"checkApiKey");function ac(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(ac,"getHeader");function uc(t=[],e={publicAllowed:!1}){let r=t?Sn(t):[];return async(n,i)=>{let o=!1,a=ac(n,"x-budibase-api-version");An(n,r)&&(o=!0);try{let c=ac(n,"x-budibase-token"),l=Wt(n,"budibase:auth")||su(c),d=ac(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=ac(n,"x-budibase-tenant-id"),p=!1,h,m=!1,g;if(l&&!d){let S=l.sessionId,O=l.userId,_;try{_=await Op(O,S),e&&e.populateUser?h=await Io({userId:O,tenantId:_.tenantId,email:_.email,populateUser:e.populateUser(n)}):h=await Io({userId:O,tenantId:_.tenantId,email:_.email}),h.csrfToken=_.csrfToken,g="cookie",_?.lastAccessedAt<PL()&&await _p(_),p=!0}catch(D){p=!1,console.error(`Auth Error: ${D.message}`),hr(n,"budibase:auth")}}if(!p&&d){let S=e.populateUser?e.populateUser(n):null,{valid:O,user:_}=await NL(d,S);O&&(p=!0,g="api_key",h=_,m=!_)}!h&&f?h={tenantId:f}:h&&"password"in h&&delete h.password,p||(p=!1);let y=s(S=>S&&S.email,"isUser");return y(h)&&BA.default.setUser({id:h._id,tenantId:h.tenantId,budibaseAccess:h.budibaseAccess,status:h.status}),FA(n,{authenticated:p,user:h,internal:m,version:a,publicEndpoint:o,loginMethod:g}),y(h)?Md(h,n,i):i()}catch(c){if(console.error(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?hr(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return FA(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(uc,"authenticated");var cc=s(async(t,e)=>e(),"auditLog");function lc(t,e,r={noTenancyRequired:!1}){let n=Sn(t),i=Sn(e);return async function(o,a){let c={allowNoTenant:r.noTenancyRequired||!!An(o,i)};!!An(o,n)||(c.excludeStrategies=["query"]);let d=Gs(o,c);return o.set("x-budibase-tenant-id",d),Re(d,a)}}s(lc,"tenancy");async function dc(t,e){let r=t.request.headers["x-budibase-api-key"];return r||t.throw(403,"Unauthorized"),Array.isArray(r)&&t.throw(403,"Unauthorized"),Ks(r)||t.throw(403,"Unauthorized"),e()}s(dc,"internalApi");var UL=["GET","HEAD","OPTIONS"],LL=["application/x-www-form-urlencoded","multipart/form-data","text/plain"];function fc(t={noCsrfPatterns:[]}){let e=Sn(t.noCsrfPatterns);return async(r,n)=>{if(An(r,e)||UL.indexOf(r.method)!==-1)return n();let o=r.get("content-type")?r.get("content-type").toLowerCase():"";if(!LL.filter(c=>o.includes(c)).length||r.internal)return n();let a=r.user?.csrfToken;if(!a)return n();let u=r.get("x-csrf-token");return(!u||u!==a)&&r.throw(403,"Invalid CSRF token"),n()}}s(fc,"csrf");var pc=s(async(t,e)=>(!t.internal&&!wr(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");async function mc(t,e){if(t.internal||wr(t.user))return e();let r=await qs(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!tt(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!mi(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(mc,"builderOrAdmin");async function hc(t,e){if(t.internal)return e();let r=await qs(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!tt(t.user)?t.throw(403,"Builder user only endpoint."):r&&!mi(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(hc,"builderOnly");var kL=require("koa-pino-logger"),ML=require("correlation-id");function FL(){return{logger:Ou,genReqId:ML.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(FL,"pinoSettings");function BL(){return E.HTTP_LOGGING?kL(FL()):(t,e)=>e()}s(BL,"getMiddleware");var WA=BL();var $A=require("uuid");var WL=require("correlation-id"),GA=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,$A.v4)()),WL.withId(r,()=>e())},"correlationMiddleware");function VA(t){if(t.includes("-----BEGIN PRIVATE KEY-----"))return!0;for(let e of Oy){let r=E[e];if(!(typeof r!="string"||r==="")&&t.includes(r))return!0}return!1}s(VA,"stringContainsSecret");async function qA(t,e){try{await e()}catch(r){let n=r.status||r.statusCode||500;t.status=n,n>=400&&n<500?console.warn(r):console.error("Got 400 response code",r);let i={message:r.message,status:n,validationErrors:r.validation,error:Vu(r)};if(VA(JSON.stringify(i))&&(i={message:"Unexpected error",status:n,error:"Unexpected error"}),E.isTest()&&t.headers["x-budibase-include-stacktrace"]){let o=r;for(;o.cause;)o=o.cause;i.stack=o.stack}t.body=i}}s(qA,"errorHandling");function KA(t,e){let r=t.request.query?.query;if(t.request.method.toLowerCase()!=="get"&&t.throw(500,"Query to download middleware can only be used for get requests."),!r)return e();let n=decodeURIComponent(r),i;try{i=JSON.parse(n)}catch{return e()}return t.request.body=i,e()}s(KA,"querystringToBody");var jA=F(require("crypto"));var QA={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},$L=/^[A-Za-z0-9-*:/.]+$/,YA=s(async(t,e)=>{let r=jA.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...QA};if(n["script-src"]=[...QA["script-src"],`'nonce-${r}'`],t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let a=await ks.getWorkspaceMetadata(t.appId);if("name"in a)for(let u of a.scripts||[]){let c=(u.cspWhitelist||"").split(`
 `).filter(l=>$L.test(l));n["default-src"]=[...n["default-src"],...c]}}catch(a){console.error(`Error occurred in Content-Security-Policy middleware: ${a}`)}let o=Object.entries(n).map(([a,u])=>`${a} ${u.join(" ")}`).join("; ");t.set("Content-Security-Policy",o),await e()},"contentSecurityPolicy");var HA=s(async(t,e)=>{let n=Wt(t,"budibase:featureflags")?.flags||{};await of(n,async()=>{await e()})},"featureFlagCookie");var vo={};N(vo,{body:()=>GL,params:()=>VL});var om=F(require("joi"));function zA(t,e,r){let n=r?.errorPrefix??`Invalid ${e}`;return(i,o)=>{if(!t)return o();let a=null,u=i.request?.[e];i[e]!=null?a=i[e]:u!=null&&(a=u),t.append&&(t=t.append({createdAt:om.default.any().optional(),updatedAt:om.default.any().optional()}));let{error:c}=t.validate(a,{allowUnknown:r?.allowUnknown});if(c){let l=c.message;n&&(l=`Invalid ${e} - ${l}`),i.throw(400,l)}return o()}}s(zA,"validate");function GL(t,e){return zA(t,"body",e)}s(GL,"body");function VL(t,e){return zA(t,"params",e)}s(VL,"params");async function JA(t,e){return t.ip?await tf(t.ip,()=>e()):e()}s(JA,"ip");var qL={google:Xp};var ZA=require("koa-passport"),KL=require("passport-local").Strategy,Ec=require("passport-oauth2-refresh"),QL=uc,jL=lc,YL=fc,HL=ZA;ZA.use(new KL(yi.options,yi.authenticate));async function zL(t,e){let r=await Yt.getCallbackUrl(),n,i;try{if(n=await Yt.fetchStrategyConfig(t,r),!n)throw new Error("OIDC Config contents invalid");i=await Yt.strategyFactory(n,xo)}catch{throw new Error("Could not refresh OAuth Token")}return Ec.use(i,{setRefreshOAuth2(){return i._getOAuth2Client(n)}}),new Promise(o=>{Ec.requestNewAccessToken("oidc",e,(a,u,c,l)=>{o({err:a,accessToken:u,refreshToken:c,params:l})})})}s(zL,"refreshOIDCAccessToken");async function JL(t,e){let r=await jt.getCallbackUrl(t),n;try{n=await jt.strategyFactory(t,r,xo)}catch(i){throw new Error(`Error constructing OIDC refresh strategy: message=${i.message}`)}return Ec.use(n),new Promise(i=>{Ec.requestNewAccessToken("google",e,(o,a,u,c)=>{i({err:o,accessToken:a,refreshToken:u,params:c})})})}s(JL,"refreshGoogleAccessToken");async function ZL(t,e,r){switch(e){case"oidc":{if(!r)return{err:{data:"OIDC config id not provided"}};let n=await Bp(r);return n?zL(n,t):{err:{data:"OIDC configuration not found"}}}case"google":{let n=await Xu();return n?JL(n,t):{err:{data:"Google configuration not found"}}}}}s(ZL,"refreshOAuthToken");async function XL(t,e){let r={accessToken:e.accessToken,refreshToken:e.refreshToken};try{let n=H(),i=await n.get(t);typeof r.refreshToken!="string"&&delete r.refreshToken,i.oauth2={...i.oauth2,...r},await n.put(i),await wo(t)}catch(n){console.error("Could not update OAuth details for current user",n)}}s(XL,"updateUserOAuth");async function e0(t){let e=t.ctx,r=t.userId,n=t.keepActiveSession;if(!e)throw new Error("Koa context must be supplied to logout.");let i=Wt(e,"budibase:auth"),o=await So(r);i&&n?o=o.filter(u=>u.sessionId!==i.sessionId):hr(e,"budibase:auth");let a=o.map(({sessionId:u})=>u);await En(r,{sessionIds:a,reason:"logout"}),await Uu.logout(e.user?.email),await wo(r)}s(e0,"platformLogout");var lm={};N(lm,{validate:()=>s0});var C=F(require("joi"));var t0=["Relational","Non-relational","Spreadsheet","Object store","Graph","API"];function cm(t,e){let{error:r}=t.validate(e);if(r)throw r}s(cm,"runJoi");function r0(t){let e=C.default.object({type:C.default.string().allow("component").required(),metadata:C.default.object().unknown(!0).required(),hash:C.default.string().optional(),version:C.default.string().optional(),schema:C.default.object({name:C.default.string().required(),settings:C.default.array().items(C.default.object().unknown(!0)).required()}).unknown(!0)});cm(e,t)}s(r0,"validateComponent");function n0(t){let e=C.default.object({type:C.default.string().allow(...Object.values(_c)).required(),required:C.default.boolean().required(),default:C.default.any(),display:C.default.string()}),r=C.default.object({type:C.default.string().allow(...Object.values(Ac)),readable:C.default.boolean(),displayName:C.default.string(),fields:C.default.object().pattern(C.default.string(),e)}).required(),n=C.default.object({type:C.default.string().allow("datasource").required(),metadata:C.default.object().unknown(!0).required(),hash:C.default.string().optional(),version:C.default.string().optional(),schema:C.default.object({docs:C.default.string(),plus:C.default.boolean().optional(),isSQL:C.default.boolean().optional(),auth:C.default.object({type:C.default.string().required()}).optional(),features:C.default.object(Object.fromEntries(Object.values(Oc).map(i=>[i,C.default.boolean().optional()]))).optional(),relationships:C.default.boolean().optional(),description:C.default.string().required(),friendlyName:C.default.string().required(),type:C.default.string().allow(...t0),datasource:C.default.object().pattern(C.default.string(),e).required(),query:C.default.object().pattern(C.default.string(),r).unknown(!0).required(),extra:C.default.object().pattern(C.default.string(),C.default.object({type:C.default.string().required(),displayName:C.default.string().required(),required:C.default.boolean(),data:C.default.object()}))})});cm(n,t)}s(n0,"validateDatasource");function i0(t){let e=C.default.object().pattern(C.default.string(),{type:C.default.string().allow(...Object.values(Ic)).required(),customType:C.default.string().allow(...Object.values(wc)),title:C.default.string(),description:C.default.string(),enum:C.default.array().items(C.default.string()),pretty:C.default.array().items(C.default.string())}),r=C.default.object({properties:e,required:C.default.array().items(C.default.string())}).concat(e).required(),n=C.default.object({type:C.default.string().allow("automation").required(),metadata:C.default.object().unknown(!0).required(),hash:C.default.string().optional(),version:C.default.string().optional(),schema:C.default.object({name:C.default.string().required(),tagline:C.default.string().required(),icon:C.default.string().required(),description:C.default.string().required(),type:C.default.string().allow("ACTION","LOGIC").required(),stepId:C.default.string().disallow(...Nm).required(),inputs:C.default.object().optional(),schema:C.default.object({inputs:r,outputs:r}).required()})});cm(n,t)}s(i0,"validateAutomation");function s0(t){switch(t?.type){case"component":r0(t);break;case"datasource":n0(t);break;case"automation":i0(t);break;default:throw new Error(`Unknown plugin type - check schema.json: ${t.type}`)}}s(s0,"validate");var dm={};N(dm,{Client:()=>Ce,clients:()=>pr,locks:()=>gi,utils:()=>Ga});var fm={};N(fm,{isBlacklisted:()=>a0,refreshBlacklist:()=>r_});var XA=F(require("dns")),yc=F(require("net"));var e_=require("util");var gc,o0=(0,e_.promisify)(XA.default.lookup);async function t_(t){return yc.default.isIP(t)||(t.startsWith("http")||(t=`https://${t}`),t=new URL(t).hostname),(await o0(t,{all:!0})).map(r=>r.address)}s(t_,"lookup");async function r_(){let e=E.BLACKLIST_IPS?.split(",")||[],r=[];for(let n of e){let i=n.trim();if(yc.default.isIP(i))r.push(i);else{let o=await t_(i);r=r.concat(o)}}gc=r}s(r_,"refreshBlacklist");async function a0(t){if(gc||await r_(),gc?.length===0)return!1;let e;return yc.default.isIP(t)?e=[t]:e=await t_(t),!!gc?.find(r=>e.includes(r))}s(a0,"isBlacklisted");var mm={};N(mm,{init:()=>c0});var u0={"user:created":t=>t.userId,"user:updated":t=>t.userId,"user:deleted":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:admin:removed":t=>t.userId,"user:builder:assigned":t=>t.userId,"user:builder:removed":t=>t.userId,"user_group:created":t=>t.groupId,"user_group:updated":t=>t.groupId,"user_group:deleted":t=>t.groupId,"user_group:user_added":t=>t.groupId,"user_group:users_deleted":t=>t.groupId,"user_group:permissions_edited":t=>t.groupId,"automation:deleted":t=>t.automationId,"datasource:deleted":t=>t.datasourceId,"table:deleted":t=>t.tableId,"query:deleted":t=>t.queryId,"workspace_app:deleted":t=>t.workspaceAppId,"view:deleted":t=>t.id};function n_(t,e){let r=u0[t];if(!r)throw new Error("Event does not have a method of document ID extraction");return r(e)}s(n_,"getDocumentId");var Po=class{constructor(e){this.processors=[];this.processors=e}static{s(this,"DocumentUpdateProcessor")}async processEvent(e,r,n){let i=r.realTenantId,o=n_(e,n);if(!(!i||!o))for(let{events:a,processor:u}of this.processors)a.includes(e)&&await Re(i,async()=>{await u({id:o,tenantId:i,appId:n.appId})})}shutdown(){return bS()}};var i_,pm;function c0(t){Kt||Nu(),pm||(pm=new Po(t)),i_||(i_=Kt.process(async e=>{let{event:r,identity:n,properties:i}=e.data;await pm.processEvent(r,n,i)}))}s(c0,"init");var Om={};N(Om,{COUNT_FIELD_NAME:()=>Am,Sql:()=>p_,SqlTable:()=>Tc,designDoc:()=>_m,utils:()=>Yd});var u_=require("knex");var l0=require("knex");function hm(t){return["link","formula","ai"].indexOf(t)!==-1}s(hm,"isIgnoredType");function s_(t,e,r,n,i){let o=e&&e.primary?e.primary:[],a=Object.values(e.schema),u=a.filter(p=>p.meta),c=u.length===a.length,l=[];n||(c?t.primary(u.map(p=>p.name)):o.length===1?(t.increments(o[0]).primary(),l.push(o[0])):t.primary(o));let d=Object.values(e.schema).map(p=>p.foreignKey);for(let[p,h]of Object.entries(e.schema)){let m=n?.schema[p];if(m&&m.type||l.includes(p)||i?.updated===p)continue;let g=h.type;switch(g){case"string":case"options":case"longform":case"barcodeqr":case"bb_reference_single":o.includes(p)?t.string(p,255):t.text(p);break;case"number":if(h.meta&&h.meta.toKey&&h.meta.toTable){let{toKey:y,toTable:S}=h.meta;t.integer(p).unsigned(),t.foreign(p).references(`${S}.${y}`)}else d.indexOf(p)===-1&&t.float(p);break;case"bigint":t.bigint(p);break;case"boolean":t.boolean(p);break;case"datetime":h.timeOnly?t.time(p):t.datetime(p,{useTz:!h.ignoreTimezones});break;case"array":case"bb_reference":Ne.schema.isDeprecatedSingleUserColumn(h)?t.text(p):t.json(p);break;case"link":if(h.relationshipType!=="many-to-one"&&h.relationshipType!=="many-to-many"){if(!h.foreignKey||!h.tableId)throw new Error("Invalid relationship schema");let{tableName:y}=Vd(h.tableId),S=r[y];if(!S||!S.primary)throw new Error("Referenced table doesn't exist or has no primary keys");let O=S.primary[0],_=S.schema[O].externalType;_?t.specificType(h.foreignKey,_):t.integer(h.foreignKey).unsigned(),t.foreign(h.foreignKey).references(`${y}.${O}`)}break;case"signature_single":case"attachment":case"attachment_single":t.json(p);break;case"formula":break;case"ai":break;case"auto":case"json":case"internal":throw new Error(`${h.type} is not a valid SQL type`);default:Xt.unreachable(g)}}let f=i?n?.schema[i.old].type:void 0;return i&&f&&!hm(f)&&t.renameColumn(i.old,i.updated),n&&Object.entries(n.schema).filter(([h,m])=>!hm(m.type)&&e.schema[h]==null).forEach(([h,m])=>{i?.old===h||hm(m.type)||(n.constrained&&n.constrained.indexOf(h)!==-1&&t.dropForeign(h),t.dropColumn(h))}),t}s(s_,"generateSchema");function f0(t,e,r){return t.createTable(e.name,n=>{s_(n,e,r)})}s(f0,"buildCreateTable");function p0(t,e,r,n,i){return t.alterTable(e.name,o=>{s_(o,e,r,n,i)})}s(p0,"buildUpdateTable");function m0(t,e){return t.dropTable(e.name)}s(m0,"buildDeleteTable");var Em=class{static{s(this,"SqlTableQueryBuilder")}constructor(e){this.sqlClient=e}getBaseSqlClient(){return this.sqlClient}getSqlClient(){return this.extendedSqlClient||this.sqlClient}setExtendedSqlClient(e){this.extendedSqlClient=e}_operation(e){return e.operation}_tableQuery(e){let r=(0,l0.knex)({client:this.sqlClient}).schema;e?.schema&&(r=r.withSchema(e.schema));let n;if(!e.table||!e.tables)throw new Error("Cannot execute without table being specified");if(e.table.sourceType==="internal")throw new Error("Cannot perform table actions for SQS.");switch(this._operation(e)){case"CREATE_TABLE":n=f0(r,e.table,e.tables);break;case"UPDATE_TABLE":if(!e.table)throw new Error("Must specify old table for update");if(this.sqlClient==="mysql2"&&e.meta?.renamed){let i=e.meta.renamed.updated;return{sql:`alter table ${e?.schema?`\`${e.schema}\`.\`${e.table.name}\``:`\`${e.table.name}\``} rename column \`${e.meta.renamed.old}\` to \`${i}\`;`,bindings:[]}}if(n=p0(r,e.table,e.tables,e.meta?.oldTable,e.meta?.renamed),this.sqlClient==="mssql"&&e.meta?.renamed){let i=e.meta.renamed.old,o=e.meta.renamed.updated,a=e?.schema?`${e.schema}.${e.table.name}`:`${e.table.name}`,u=jn(n);if(Array.isArray(u))for(let c of u)c.sql.startsWith("exec sp_rename")&&(c.sql=`exec sp_rename '${a}.${i}', '${o}', 'COLUMN'`,c.bindings=[]);return u}break;case"DELETE_TABLE":n=m0(r,e.table);break;default:throw new Error("Table operation is of unknown type")}return jn(n)}},Tc=Em;var c_=require("lodash");var Am="__bb_total";function o_(){return(E.SQL_MAX_ROWS?parseInt(E.SQL_MAX_ROWS):null)||5e3}s(o_,"getBaseLimit");function gm(){return(E.SQL_MAX_RELATED_ROWS?parseInt(E.SQL_MAX_RELATED_ROWS):null)||500}s(gm,"getRelationshipLimit");function h0(t,e){return t.sort((r,n)=>{let i=e.find(a=>a&&r.endsWith(a)),o=e.find(a=>a&&n.endsWith(a));return i&&!o?-1:!i&&o?1:r.localeCompare(n)})}s(h0,"prioritisedArraySort");function l_(t){return Array.isArray(t)?t.map(e=>l_(e)):(t.bindings&&(t.bindings=t.bindings.map(e=>typeof e=="boolean"?e?1:0:e)),t)}s(l_,"convertBooleans");function a_(t){return t.sourceType==="internal"||t.sourceId===Cc}s(a_,"isSqs");function E0(t,e='"'){return t.replace(new RegExp(e,"g"),`${e}${e}`)}s(E0,"escapeQuotes");function d_(t,e='"'){return`${e}${E0(t,e)}${e}`}s(d_,"wrap");function ym(t,e='"'){for(let r in t)typeof t[r]=="string"&&(t[r]=d_(t[r],e));return`[${t.join(",")}]`}s(ym,"stringifyArray");function f_(t){return Lm.includes(t.type)&&!Ne.schema.isDeprecatedSingleUserColumn(t)}s(f_,"isJsonColumn");var g0={equal:!1,notEqual:!0,empty:!1,notEmpty:!0,fuzzy:!1,string:!1,range:!1,contains:!1,notContains:!0,containsAny:!1,oneOf:!1,$and:!1,$or:!1},Tm=class{constructor(e,r,n){this.SPECIAL_SELECT_CASES={POSTGRES_ARRAY:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="array",POSTGRES_MONEY:e=>this.client==="pg"&&e?.externalType?.includes("money"),POSTGRES_ENUM:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="user-defined"&&e?.type==="options",MSSQL_DATES:e=>this.client==="mssql"&&e?.type==="datetime"&&e.timeOnly};this.client=e,this.query=n,this.knex=r,this.splitter=new ar.ColumnSplitter([this.table],{aliases:this.query.tableAliases,columnPrefix:this.query.meta?.columnPrefix})}static{s(this,"InternalBuilder")}get table(){return this.query.table}get knexClient(){return this.knex.client}getFieldSchema(e){let{column:r}=this.splitter.run(e);return this.table.schema[r]}requiresJsonAsStringClient(){return["mssql","mysql2","mariadb","oracledb"].includes(this.client)}quoteChars(){let e=this.knexClient.wrapIdentifier("foo",{});return[e[0],e[e.length-1]]}quote(e){return this.knexClient.wrapIdentifier(e,{})}isQuoted(e){let[r,n]=this.quoteChars();return e.startsWith(r)&&e.endsWith(n)}quotedIdentifier(e){return Array.isArray(e)||(e=this.splitIdentifier(e)),e.map(r=>this.quote(r)).join(".")}castIntToString(e){switch(this.client){case"oracledb":return this.knex.raw("to_char(??)",[e]);case"pg":return this.knex.raw("??::TEXT",[e]);case"mysql2":case"mariadb":return this.knex.raw("CAST(?? AS CHAR)",[e]);case"sqlite3":return this.knex.raw("printf('%d', ??)",[e]);case"mssql":return this.knex.raw("CONVERT(NVARCHAR, ??)",[e])}}rawQuotedIdentifier(e){return this.knex.raw(this.quotedIdentifier(e))}splitIdentifier(e){let[r,n]=this.quoteChars();return this.isQuoted(e)?e.slice(1,-1).split(`${n}.${r}`):e.split(".")}qualifyIdentifier(e){let r=this.getTableName(),n=this.splitIdentifier(e);return n[0]!==r&&n.unshift(r),this.isQuoted(e)?this.quotedIdentifier(n):n.join(".")}generateSelectStatement(){let{table:e,resource:r}=this.query;if(!r||!r.fields||r.fields.length===0)return"*";let n=this.getTableName(e),i=this.table.schema;return r.fields.map(a=>{let u=a.split(/\./g),c,l=u[0];return u.length>1&&(c=u[0],l=u.slice(1).join(".")),{table:c,column:l,field:a}}).filter(({table:a})=>!a||a===n).map(({table:a,column:u,field:c})=>{let l=i[u];return this.SPECIAL_SELECT_CASES.POSTGRES_MONEY(l)?this.knex.raw("??::money::numeric as ??",[this.rawQuotedIdentifier([a,u].join(".")),this.knex.raw(this.quote(c))]):this.SPECIAL_SELECT_CASES.MSSQL_DATES(l)?this.knex.raw("CONVERT(varchar, ??, 108) as ??",[this.rawQuotedIdentifier(c),this.knex.raw(this.quote(c))]):a?this.rawQuotedIdentifier(`${a}.${u}`):this.rawQuotedIdentifier(c)})}convertClobs(e,r){if(this.client!=="oracledb")throw new Error("you've called convertClobs on a DB that's not Oracle, this is a mistake");let i=this.splitIdentifier(e).pop(),o=this.table.schema[i],a=this.rawQuotedIdentifier(e);return(o.type==="string"||o.type==="longform"||o.type==="bb_reference_single"||o.type==="bb_reference"||o.type==="options"||o.type==="barcodeqr")&&(r?.forSelect?a=this.knex.raw("to_char(??) as ??",[a,this.rawQuotedIdentifier(i)]):a=this.knex.raw("to_char(??)",[a])),a}parse(e,r){if(Array.isArray(e))return JSON.stringify(e);if(e==null)return null;if(this.requiresJsonAsStringClient()&&f_(r)&&typeof e=="object")return JSON.stringify(e);if(this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(r))return`{${e}}`;if(this.client==="oracledb"&&r.type==="datetime"&&r.timeOnly){if(e instanceof Date){let n=e.getHours().toString().padStart(2,"0"),i=e.getMinutes().toString().padStart(2,"0"),o=e.getSeconds().toString().padStart(2,"0");return`${n}:${i}:${o}`}if(typeof e=="string")return new Date(`1970-01-01T${e}Z`)}if(typeof e=="string"&&r.type==="datetime")if(r.timeOnly){if(!Qd(e))return null}else if(r.dateOnly){let n=Kd(e);return n?new Date(n):null}else return r.ignoreTimezones?ja(e)?new Date(e):qd(e)?new Date(e+"Z"):null:ja(e)?new Date(e.trim()):null;return e}parseBody(e){for(let[r,n]of Object.entries(e)){let{column:i}=this.splitter.run(r),o=this.table.schema[i];o&&(e[r]=this.parse(n,o))}return e}parseFilters(e){e=(0,c_.cloneDeep)(e);for(let r of Object.values(Nr)){let n=e[r];if(n)for(let i of Object.keys(n)){if(Array.isArray(n[i])){n[i]=JSON.stringify(n[i]);continue}let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=this.parse(n[i],a))}}for(let r of Object.values(Jt)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=n[i].map(u=>this.parse(u,a)))}}for(let r of Object.values(In)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];if(!a)continue;let u=n[i];"low"in u&&(u.low=this.parse(u.low,a)),"high"in u&&(u.high=this.parse(u.high,a))}}return e}addJoinFieldCheck(e,r){let n=r.from?.split(".")[0]||"";return e.andWhere(`${n}.fieldName`,"=",r.column)}addRelationshipForFilter(e,r,n,i){let{relationships:o,schema:a,tableAliases:u,table:c}=this.query,l=u?.[c.name]||c.name,d=s(f=>n.match(new RegExp(`^${f}\\.`)),"matches");if(!o)return e;for(let f of o){let p=f.tableName,h=u?.[p]||p,m=d(p)||d(h),g=d(f.column);if((m||g)&&f.to&&f.tableName){let y=this.knex.select(this.knex.raw(1)).from({[h]:p}),S=y.clone(),O=jd(f),_;if(m?_=n:_=n.replace(new RegExp(`^${f.column}.`),`${u?.[f.tableName]||f.tableName}.`),O){let D=u?.[O.through]||f.through,T=this.tableNameWithSchema(O.through,{alias:D,schema:a});S=S.innerJoin(T,function(){this.on(`${h}.${O.toPrimary}`,"=",`${D}.${O.to}`)}).where(`${D}.${O.from}`,"=",this.rawQuotedIdentifier(`${l}.${O.fromPrimary}`)),this.client==="sqlite3"&&(S=this.addJoinFieldCheck(S,O)),e=e.where(I=>{I.whereExists(i(_,S)),r&&I.orWhereNotExists(y.clone().innerJoin(T,function(){this.on(`${l}.${O.fromPrimary}`,"=",`${D}.${O.from}`)}))})}else{let D=`${h}.${f.to}`,T=`${l}.${f.from}`;S=S.where(D,"=",this.rawQuotedIdentifier(T)),e=e.where(I=>{I.whereExists(i(_,S.clone())),r&&I.orWhereNotExists(S)})}}}return e}addFilters(e,r,n){if(!r)return e;let i=this;r=this.parseFilters({...r});let o=this.query.tableAliases,a=r.allOr,c=this.client==="sqlite3"?this.table._id:this.table.name;function l(m){return o?.[m]||m}s(l,"getTableAlias");function d(m,g,y,S){let O=s((_,D,T)=>{let[I,...M]=D.split("."),P=M.join("."),k=l(I);return _.andWhere(Y=>y(Y,k?`${k}.${P}`:P,T))},"handleRelationship");for(let _ in m){let D=m[_],T=$s(_),I=T.includes("."),M=n?.relationship&&I,P;if(_==="_complexIdOperator"&&(P=m[_])&&S){let k=l(c);e=S(e,P.id.map(Y=>k?`${k}.${Y}`:Y),P.values)}else if(I)M&&(a&&(e=e.or),e=i.addRelationshipForFilter(e,g0[g],T,(k,Y)=>O(Y,k,D)));else{let k=l(c);e=y(e,k?`${k}.${T}`:T,D)}}}s(d,"iterate");let f=s((m,g,y)=>((r?.fuzzyOr||a)&&(m=m.or),this.client==="oracledb"||this.client==="sqlite3"?m.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(g),`%${y.toLowerCase()}%`]):m.whereILike(this.rawQuotedIdentifier(g),this.knex.raw("?",[`%${y}%`]))),"like"),p=s((m,g=!1)=>{function y(S){return(a||m===r?.containsAny)&&(S=S.or),m===r?.notContains&&(S=S.not),S}s(y,"addModifiers"),this.client==="pg"?d(m,"contains",(S,O,_)=>{S=y(S);let D=this.getFieldSchema(O),T="::jsonb";return this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(D)&&(T="",_=`{${_.map(M=>M.substring(1,M.length-1))}}`),g?S.whereRaw(T?"COALESCE(??::jsonb \\?| array??, FALSE)":"COALESCE(?? && '??', FALSE)",[this.rawQuotedIdentifier(O),T?this.knex.raw(ym(_,"'")):this.knex.raw(_)]):S.whereRaw(`COALESCE(??${T} @> '??', FALSE)`,[this.rawQuotedIdentifier(O),T?this.knex.raw(ym(_)):this.knex.raw(_)])}):this.client==="mysql2"||this.client==="mariadb"?d(m,"contains",(S,O,_)=>y(S).whereRaw("COALESCE(?(??, ?), FALSE)",[this.knex.raw(g?"JSON_OVERLAPS":"JSON_CONTAINS"),this.rawQuotedIdentifier(O),this.knex.raw(d_(ym(_)))])):d(m,"contains",(S,O,_)=>(_.length===0||(S=S.where(D=>(m===r?.notContains&&(D=D.not),D=D.where(T=>{for(let I of _){m===r?.containsAny?T=T.or:T=T.and;let M=typeof I=="string"?`"${I.toLowerCase()}"`:I;T=T.whereLike(this.knex.raw("COALESCE(LOWER(??), '')",[this.rawQuotedIdentifier(O)]),`%${M}%`)}}),m===r?.notContains&&(D=D.or.whereNull(this.rawQuotedIdentifier(O))),D))),S))},"contains");if(r.$and){let{$and:m}=r;for(let g of m.conditions)e=e.where(y=>{this.addFilters(y,g,n)})}if(r.$or){let{$or:m}=r;e=e.where(g=>{for(let y of m.conditions)g.orWhere(S=>this.addFilters(S,{...y,allOr:!0},n))})}r.oneOf&&d(r.oneOf,"oneOf",(m,g,y)=>{let S=this.getFieldSchema(g),O=Array.isArray(y)?y:[y];if(a&&(m=m.or),this.client==="oracledb")g=this.convertClobs(g);else if(this.client==="sqlite3"&&S?.type==="datetime"&&S.dateOnly){for(let _ of O)_!=null?m=m.or.whereLike(g,`${_.toISOString().slice(0,10)}%`):m=m.or.whereNull(g);return m}return m.whereIn(g,O)},(m,g,y)=>(a&&(m=m.or),this.client==="oracledb"&&(g=g.map(S=>this.convertClobs(S))),m.whereIn(g,Array.isArray(y)?y:[y]))),r.string&&d(r.string,"string",(m,g,y)=>{if(a&&(m=m.or),this.client==="oracledb"||this.client==="sqlite3")return m.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(g),`${y.toLowerCase()}%`]);{let S=this.getFieldSchema(g);return this.SPECIAL_SELECT_CASES.POSTGRES_ENUM(S)?m.whereRaw(`??::text ilike '${y}%'`,[this.knex.raw(this.quote(S.name))]):m.whereILike(g,`${y}%`)}}),r.fuzzy&&d(r.fuzzy,"fuzzy",f),r.range&&d(r.range,"range",(m,g,y)=>{let S=s(P=>P&&Object.keys(P).length===0&&Object.getPrototypeOf(P)===Object.prototype,"isEmptyObject");S(y.low)&&(y.low=""),S(y.high)&&(y.high="");let O=Ya(y.low),_=Ya(y.high),D=this.getFieldSchema(g),T=g,I=y.high,M=y.low;return this.client==="sqlite3"&&D?.type==="datetime"&&D.dateOnly&&(I!=null&&(I=`${I.toISOString().slice(0,10)}T23:59:59.999Z`),M!=null&&(M=M.toISOString().slice(0,10))),this.client==="oracledb"?T=this.convertClobs(g):this.client==="sqlite3"&&D?.type==="bigint"&&(T=this.knex.raw("CAST(?? AS INTEGER)",[this.rawQuotedIdentifier(g)]),I=this.knex.raw("CAST(? AS INTEGER)",[y.high]),M=this.knex.raw("CAST(? AS INTEGER)",[y.low])),a&&(m=m.or),O&&_?m.whereBetween(T,[M,I]):O?m.where(T,">=",M):_?m.where(T,"<=",I):m}),r.equal&&d(r.equal,"equal",(m,g,y)=>{let S=this.getFieldSchema(g);if(a&&(m=m.or),this.client==="mssql")return m.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 1",[this.rawQuotedIdentifier(g),y]);if(this.client==="oracledb"){let O=this.convertClobs(g);return m.where(_=>_.whereNotNull(O).andWhere(O,y))}else return this.client==="sqlite3"&&S?.type==="datetime"&&S.dateOnly?y!=null?m.whereLike(g,`${y.toISOString().slice(0,10)}%`):m.whereNull(g):m.whereRaw("COALESCE(?? = ?, FALSE)",[this.rawQuotedIdentifier(g),y])}),r.notEqual&&d(r.notEqual,"notEqual",(m,g,y)=>{let S=this.getFieldSchema(g);if(a&&(m=m.or),this.client==="mssql")return m.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 0",[this.rawQuotedIdentifier(g),y]);if(this.client==="oracledb"){let O=this.convertClobs(g);return m.where(_=>_.not.whereNull(O).and.where(O,"!=",y)).or.whereNull(O)}else return this.client==="sqlite3"&&S?.type==="datetime"&&S.dateOnly?y!=null?m.not.whereLike(g,`${y.toISOString().slice(0,10)}%`).or.whereNull(g):m.not.whereNull(g):m.whereRaw("COALESCE(?? != ?, TRUE)",[this.rawQuotedIdentifier(g),y])}),r.empty&&d(r.empty,"empty",(m,g)=>(a&&(m=m.or),m.whereNull(g))),r.notEmpty&&d(r.notEmpty,"notEmpty",(m,g)=>(a&&(m=m.or),m.whereNotNull(g))),r.contains&&p(r.contains),r.notContains&&p(r.notContains),r.containsAny&&p(r.containsAny,!0);let h=o?.[this.table._id]||this.table._id;return r.documentType&&!Gd(this.table)&&h&&e.andWhereLike(`${h}._id`,`${Zt(r.documentType)}%`),e}isSqs(){return a_(this.table)}getTableName(e){e||(e=this.table);let r=e.name;a_(e)&&e._id&&(r=e._id);let n=this.query.tableAliases||{};return n[r]?n[r]:r}addDistinctCount(e){if(!this.table.primary)throw new Error("SQL counting requires primary key to be supplied");return e.countDistinct(`${this.getTableName()}.${this.table.primary[0]} as ${Am}`)}addAggregations(e,r){let n=this.query.resource?.fields||[],i=this.getTableName();if(n.length>0){let o=n.map(a=>this.qualifyIdentifier(a));if(this.client==="oracledb"){let a=o.map(c=>this.convertClobs(c)),u=o.map(c=>this.convertClobs(c,{forSelect:!0}));e=e.groupBy(a).select(u)}else e=e.groupBy(o).select(o)}for(let o of r){let a=o.calculationType;if(a==="count")if("distinct"in o&&o.distinct)if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(DISTINCT ??) as ??",[u,o.name]))}else e=e.countDistinct(`${i}.${o.field} as ${o.name}`);else if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(??) as ??",[u,o.name]))}else e=e.count(`${o.field} as ${o.name}`);else{let u=this.getFieldSchema(o.field);if(!u)throw new Error(`field schema missing for aggregation target: ${o.field}`);let c=this.knex.raw("??(??)",[this.knex.raw(a),this.rawQuotedIdentifier(`${i}.${o.field}`)]);u.type==="bigint"&&(c=this.castIntToString(c)),e=e.select(this.knex.raw("?? as ??",[c,o.name]))}}return e}isAggregateField(e){return!!this.query.resource?.aggregations?.find(n=>n.name===e)}addSorting(e){let{sort:r,resource:n}=this.query,i=this.table.primary,o=this.getTableName();if(!Array.isArray(i))throw new Error("Sorting requires primary key to be specified for table");if(r&&Object.keys(r||{}).length>0)for(let[u,c]of Object.entries(r)){let l=c.direction==="ascending"?"asc":"desc",d;(this.client==="pg"||this.client==="oracledb")&&(d=c.direction==="ascending"?"first":"last");let f=`${o}.${u}`,p;this.isAggregateField(u)?p=this.rawQuotedIdentifier(u):this.client==="oracledb"?p=this.convertClobs(f):p=this.rawQuotedIdentifier(f),e=e.orderByRaw(`?? ?? ${d?"nulls ??":""}`,[p,this.knex.raw(l),...d?[this.knex.raw(d)]:[]])}if(!((n?.aggregations?.length??0)>0)&&(!r||r[i[0]]===void 0)){if(i[0]===void 0)throw new Error(`Primary key not found for table ${this.table.name}`);e=e.orderBy(`${o}.${i[0]}`)}return e}tableNameWithSchema(e,r){let n=r?.schema?`${r.schema}.${e}`:e;return r?.alias&&(n+=` as ${r.alias}`),n}buildJsonField(e,r){let n=r.split("."),i=n[n.length-1],o,a;if(n.length>1){let l=n.shift();o=n.join("."),a=`${l}.${o}`}else o=n.join("."),a=o;this.query.meta?.columnPrefix&&(i=i.replace(this.query.meta.columnPrefix,""));let u=this.rawQuotedIdentifier(a),c=e.schema[i];return c&&c.type==="bigint"&&(u=this.castIntToString(u)),[o,u]}maxFunctionParameters(){switch(this.client){case"sqlite3":return 127;case"pg":return 100;default:return 200}}addJsonRelationships(e,r,n){let i=this.client,o=this.knex,{resource:a,tableAliases:u,schema:c,tables:l}=this.query,d=a?.fields||[];for(let f of n){let{tableName:p,through:h,to:m,from:g,fromPrimary:y,toPrimary:S}=f;if(!p||!r)continue;let O=l[p];if(!O)throw new Error(`related table "${p}" not found in datasource`);let _=u?.[p]||p,D=u?.[r]||r,T=h&&u?.[h]||h,I=this.tableNameWithSchema(p,{alias:_,schema:c}),M=[...O?.primary||[],O?.primaryDisplay].filter(W=>W),P=h0(d.filter(W=>W.split(".")[0]===_),M);P=P.slice(0,Math.floor(this.maxFunctionParameters()/2));let k=P.map(W=>this.buildJsonField(O,W));if(!k.length)continue;let Y=k.map(W=>{let J=this.client==="oracledb"?" VALUE ":",";return this.knex.raw(`?${J}??`,[W[0],W[1]]).toString()}).join(","),Dt=`${_}.${S||m}`,B=o.from(I).orderBy(Dt),L=h&&S&&y,v=L?`${T}.${g}`:`${_}.${m}`,$=L?`${D}.${y}`:`${D}.${g}`;if(L){let W=this.tableNameWithSchema(h,{alias:T,schema:c});B=B.join(W,function(){this.on(`${_}.${S}`,"=",`${T}.${m}`)})}B=B.where(this.rawQuotedIdentifier(v),"=",this.rawQuotedIdentifier($));let w=s(W=>(B=B.select(P.map(J=>this.rawQuotedIdentifier(J))).limit(gm()),o.select(W).from({[_]:B})),"standardWrap"),K;switch(i){case"sqlite3":B=this.addJoinFieldCheck(B,f),K=w(this.knex.raw(`json_group_array(json_object(${Y}))`));break;case"pg":K=w(this.knex.raw(`json_agg(json_build_object(${Y}))`));break;case"mariadb":K=B.select(o.raw(`json_arrayagg(json_object(${Y}) LIMIT ${gm()})`));break;case"mysql2":case"oracledb":K=w(this.knex.raw(`json_arrayagg(json_object(${Y}))`));break;case"mssql":{let W=o.select("*").from({[D]:B.select(k.map(J=>o.ref(J[1]).as(J[0]))).limit(gm())});K=o.raw(`(SELECT ?? = (${W} FOR JSON PATH))`,[this.rawQuotedIdentifier(_)]);break}default:throw new Error(`JSON relationships not implement for ${i}`)}e=e.select({[f.column]:K})}return e}addJoin(e,r,n){let{tableAliases:i,schema:o}=this.query,a=r.to,u=r.from,c=r.through,l=i?.[a]||a,d=c&&i?.[c]||c,f=i?.[u]||u,p=this.tableNameWithSchema(a,{alias:l,schema:o}),h=c?this.tableNameWithSchema(c,{alias:d,schema:o}):void 0;return c?e=e.leftJoin(h,function(){for(let m of n){let g=m.fromPrimary,y=m.from;this.orOn(`${f}.${g}`,"=",`${d}.${y}`)}}).leftJoin(p,function(){for(let m of n){let g=m.toPrimary,y=m.to;this.orOn(`${l}.${g}`,`${d}.${y}`)}}):e=e.leftJoin(p,function(){for(let m of n){let g=m.from,y=m.to;this.orOn(`${f}.${g}`,"=",`${l}.${y}`)}}),e}qualifiedKnex(e){let r=this.query.tableAliases?.[this.query.table.name];return e?.alias===!1?r=void 0:typeof e?.alias=="string"&&(r=e.alias),this.knex(this.tableNameWithSchema(this.query.table.name,{alias:r,schema:this.query.schema}))}create(e){let{body:r}=this.query;if(!r)throw new Error("Cannot create without row body");let n=this.qualifiedKnex({alias:!1}),i=this.parseBody(r);if(this.client==="oracledb")for(let[o,a]of Object.entries(this.query.table.schema)){if(a.constraints?.presence===!0||a.type==="formula"||a.type==="auto"||a.type==="link"||a.type==="ai")continue;i[o]==null&&(i[o]=null)}else for(let[o,a]of Object.entries(i))a==null&&delete i[o];return e.disableReturning?n.insert(i):n.insert(i).returning("*")}bulkCreate(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));return r.insert(n)}bulkUpsert(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));if(this.client==="pg"||this.client==="sqlite3"||this.client==="mysql2"||this.client==="mariadb"){let i=this.table.primary;if(!i)throw new Error("Primary key is required for upsert");return r.insert(n).onConflict(i).merge()}else if(this.client==="mssql"||this.client==="oracledb")return r.insert(n);return r.upsert(n)}read(e={}){let{operation:r,filters:n,paginate:i,relationships:o,table:a}=this.query,{limits:u}=e,c=this.qualifiedKnex(),l=null,d=u?.query||u?.base;if(i&&i.page&&i.limit){let h=(i.page<=1?0:i.page-1)*i.limit;d=i.limit,l=h}else i&&i.offset&&i.limit?(d=i.limit,l=i.offset):i&&i.limit&&(d=i.limit);r!=="COUNT"&&(d!=null&&(c=c.limit(d)),l!=null&&(c=c.offset(l)));let f=this.query.resource?.aggregations||[];if(r==="COUNT"?c=this.addDistinctCount(c):f.length>0?c=this.addAggregations(c,f):c=c.select(this.generateSelectStatement()),r!=="COUNT"&&(c=this.addSorting(c)),c=this.addFilters(c,n,{relationship:!0}),o?.length&&f.length===0){let p=this.query.tableAliases?.[a.name]||a.name,h=this.addSorting(this.knex.with("paginated",c.clone().clearSelect().select("*")).select(this.generateSelectStatement()).from({[p]:"paginated"}));return this.addJsonRelationships(h,a.name,o)}return c}update(e){let{body:r,filters:n}=this.query;if(!r)throw new Error("Cannot update without row body");let i=this.qualifiedKnex(),o=this.parseBody(r);return i=this.addFilters(i,n),e.disableReturning?i.update(o):i.update(o).returning("*")}delete(e){let{filters:r}=this.query,n=this.qualifiedKnex();return n=this.addFilters(n,r),e.disableReturning?n.delete():n.delete().returning(this.generateSelectStatement())}},Sm=class extends Tc{constructor(r,n=o_()){super(r);this.limit=n}static{s(this,"SqlQueryBuilder")}convertToNative(r,n={}){let i=this.getSqlClient();if(n?.disableBindings)return{sql:r.toString()};{let o=jn(r);return i==="sqlite3"&&(o=l_(o)),o}}_query(r,n={}){let i=this.getSqlClient(),o={client:this.getBaseSqlClient()};(i==="sqlite3"||i==="oracledb")&&(o.useNullAsDefault=!0);let a=(0,u_.knex)(o),u,c=new Tm(i,a,r);switch(this._operation(r)){case"CREATE":u=c.create(n);break;case"READ":u=c.read({limits:{query:this.limit,base:o_()}});break;case"COUNT":u=c.read();break;case"UPDATE":u=c.update(n);break;case"DELETE":u=c.delete(n);break;case"BULK_CREATE":u=c.bulkCreate();break;case"BULK_UPSERT":u=c.bulkUpsert();break;case"CREATE_TABLE":case"UPDATE_TABLE":case"DELETE_TABLE":return this._tableQuery(r);default:throw"Operation type is not supported by SQL query builder"}return this.convertToNative(u,n)}async getReturningRow(r,n){if(!n.extra||!n.extra.idFilter)return{};let i=this._query({operation:"READ",datasource:n.datasource,schema:n.schema,table:n.table,tables:n.tables,resource:{fields:[]},filters:n.extra?.idFilter,paginate:{limit:1}});return r(i,"READ")}checkLookupKeys(r,n){if(!r||!n.table.primary)return n;let i=n.table.primary[0];return n.extra={idFilter:{equal:{[i]:r}}},n}async queryWithReturning(r,n,i=o=>o){let o=this.getSqlClient(),a=this._operation(r),u=this._query(r,{disableReturning:!0});if(Array.isArray(u)){let f=[];for(let p of u)f.push(await n(p,a));return f}let c;a==="DELETE"&&(c=i(await this.getReturningRow(n,r)));let l=await n(u,a),d=i(l);if(a==="CREATE"||a==="UPDATE"){let f;o==="mssql"?f=d?.[0].id:(o==="mysql2"||o==="mariadb")&&(f=d?.insertId),c=i(await this.getReturningRow(n,this.checkLookupKeys(f,r)))}return a==="COUNT"?d:a!=="READ"?c:d.length?d:[{[a.toLowerCase()]:!0}]}getTableName(r,n){let i=r.name;if(r.sourceType==="internal"||r.sourceId===Cc){if(!r._id)return;i=r._id}return n?.[i]||i}convertJsonStringColumns(r,n,i){let o=this.getTableName(r,i);for(let[a,u]of Object.entries(r.schema)){if(!f_(u))continue;let c=`${o}.${a}`;for(let l of n)typeof l[c]=="string"&&(l[c]=JSON.parse(l[c])),typeof l[a]=="string"&&(l[a]=JSON.parse(l[a]))}return n}log(r,n){Os(this.getSqlClient(),r,n)}},p_=Sm;var _m={};N(_m,{base:()=>y0});function y0(t){return{_id:Ot,language:"sqlite",sql:{tables:{},options:{table_name:t}}}}s(y0,"base");var Im={};N(Im,{jsonFromCsvString:()=>T0});var m_=F(require("csvtojson"));async function T0(t,e){let{ignoreEmpty:r=!1,allowSingleColumn:n=!1,possibleDelimiters:i=[",",";",":","|","~","	"," "]}=e||{};for(let o of i){let a,u=!1;try{let c=await(0,m_.default)({ignoreEmpty:r,delimiter:o}).fromString(t);for(let[,l]of c.entries()){let d=Object.keys(l);if(a==null&&(a=d),!n&&d.length===1){u=!0;break}if(a.length!==d.length){u=!0;break}for(let f of a)(l[f]===void 0||l[f]==="")&&(l[f]=null)}if(u)continue;return c}catch{continue}}throw new Error("Unable to determine delimiter")}s(T0,"jsonFromCsvString");var wm=class{static{s(this,"Endpoint")}constructor(e,r,n){this.method=e,this.url=r,this.controller=n,this.middlewares=[],this.outputMiddlewares=[]}addMiddleware(e,r){return r?.first?this.middlewares.unshift(e):this.middlewares.push(e),this}addOutputMiddleware(e,r){return r?.first?this.outputMiddlewares.unshift(e):this.outputMiddlewares.push(e),this}apply(e){let r=this.method,n=this.url,i=this.middlewares,o=this.controller,a=this.outputMiddlewares,u=s(()=>{},"complete"),c=[n,...i,o,...a,u];e[r](...c)}},Sc=wm;var h_=F(require("@koa/router"));var _n=class{constructor(){this.endpoints=[];this.middlewares=[];this.outputMiddlewares=[];this.applied=!1;this.locked=!1}static{s(this,"EndpointGroup")}addGroupMiddleware(e,r={first:!0}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.middlewares.push({fn:e,first:r.first}),this}addGroupMiddlewareOutput(e,r={first:!1}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.outputMiddlewares.push({fn:e,first:r.first}),this}addEndpoint(e,r,...n){let i=n.pop(),o=new Sc(e,r,i);if(n.length!==0)for(let a of n)o.addMiddleware(a);return this.endpoints.push(o),this}lockMiddleware(){this.locked=!0}post(e,...r){return this.addEndpoint("post",e,...r)}patch(e,...r){return this.addEndpoint("patch",e,...r)}put(e,...r){return this.addEndpoint("put",e,...r)}get(e,...r){return this.addEndpoint("get",e,...r)}delete(e,...r){return this.addEndpoint("delete",e,...r)}head(e,...r){return this.addEndpoint("head",e,...r)}apply(e){let r=this.endpointList();e||(e=new h_.default);for(let n of r)n.apply(e);return e}endpointList(){if(this.applied)throw new Error("Already applied to router");this.applied=!0;for(let e of this.endpoints)this.middlewares.forEach(({fn:r,first:n})=>e.addMiddleware(r,{first:n})),this.outputMiddlewares.forEach(({fn:r,first:n})=>e.addOutputMiddleware(r,{first:n}));return this.endpoints}};var No=class{constructor(){this.groups=[]}static{s(this,"EndpointGroupList")}group(...e){let r=new _n;return e.length&&e.forEach(n=>{"first"in n?r.addGroupMiddleware(n.middleware,{first:n.first}):r.addGroupMiddleware(n)}),this.groups.push(r),r}listAllEndpoints(){let e=this.groups.flatMap(i=>i.endpointList()),r=[],n=[];for(let i of e)i.url.includes(":")?n.push(i):r.push(i);return[...r,...n]}};var S0={...Vs,...ue},A0=s((t={})=>{Ka(t.db)},"init");0&&(module.exports={AutomationViewMode,BUDIBASE_DATASOURCE_TYPE,BadRequestError,BudibaseError,Config,Cookie,DEFAULT_BB_DATASOURCE_ID,DEFAULT_EMPLOYEE_TABLE_ID,DEFAULT_EXPENSES_TABLE_ID,DEFAULT_INVENTORY_TABLE_ID,DEFAULT_JOBS_TABLE_ID,DEFAULT_TENANT_ID,DeprecatedViews,DesignDocuments,DocumentType,Duration,DurationType,EmailUnavailableError,Endpoint,EndpointGroup,EndpointGroupList,FeatureDisabledError,ForbiddenError,GlobalRole,HTTPError,Header,InternalTable,InvalidAPIKeyError,MAX_VALID_DATE,MIN_VALID_DATE,NotFoundError,NotImplementedError,RedisClient,SEPARATOR,SQLITE_DESIGN_DOC_ID,SQS_DATASOURCE_INTERNAL,StaticDatabases,UNICODE_MAX,USER_METADATA_PREFIX,UnexpectedError,UsageLimitError,UserStatus,ViewName,WORKSPACE_DEV,WORKSPACE_DEV_PREFIX,WORKSPACE_PREFIX,accounts,auth,blacklist,cache,configs,constants,context,csv,db,docIds,docUpdates,encryption,env,errors,events,features,getPublicError,init,installation,locks,logging,middleware,objectStore,permissions,platform,plugins,queue,redis,roles,security,sessions,setEnv,sql,tenancy,timers,userUtils,users,utils,withEnv});
 //# sourceMappingURL=index.js.map