@budibase/backend-core 3.24.3 → 3.24.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/package.json +2 -2
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -34,6 +34,6 @@ attempted value: ${o}
|
|
|
34
34
|
emit(doc.ssoId, doc._id)
|
|
35
35
|
}
|
|
36
36
|
}`,"platform_users_lowercase_2")},"createPlatformUserView"),Ks=s(async(t,e)=>{let r={account_by_email:BT,platform_users_lowercase_2:WT};return je(fe.PLATFORM_INFO.name,async n=>{let i=r[t];return Cf(t,e,n,i,{arrayResponse:!0})})},"queryPlatformView"),$T={by_email2:LT,by_api_key:MT,by_app:kT},Gt=s(async(t,e,r,n)=>{r||(r=H());let i=$T[t];return Cf(t,e,r,i,n)},"queryGlobalView");async function bf(t,e,r){let n=H(),i=$T[t];return qs(t,e,n,i,r)}s(bf,"queryGlobalViewRaw");var px=B(require("pouchdb"));var GT=require("dd-trace");var xf=class{static{s(this,"Replication")}constructor({source:e,target:r}){this.source=rt(e),this.target=rt(r),e.startsWith("app_dev")&&r.startsWith("app")?this.direction="toProduction":e.startsWith("app")&&r.startsWith("app_dev")&&(this.direction="toDev")}async close(){await Promise.all([Rs(this.source),Rs(this.target)])}replicate(e={}){return new Promise(r=>{this.source.replicate.to(this.target,e).on("denied",function(n){throw new Error(`Denied: Document failed to replicate ${n}`)}).on("complete",function(n){return r(n)}).on("error",function(n){throw n})})}async resolveInconsistencies(e){for(let r of e)try{let[n,i]=await Promise.all([this.source.get(r),this.target.get(r)]),o=this.replicationDelta(n,i);if(o<0||o===0&&n._rev===i._rev)continue;let a=o+1;await GT.tracer.trace("Replication.resolveInconsistencies",async u=>{u.addTags({versionsToJump:a,toFix:!0,id:r,sourceRev:n._rev,targetRev:i._rev});for(let c=0;c<a;c++){let l=await this.source.get(i._id);await this.source.put(l)}})}catch{console.warn("Cannot resolve inconsistencies for document",r)}}replicationDelta(e,r){let n=this.getRevisionNumber(e);return this.getRevisionNumber(r)-n}getRevisionNumber(e){return parseInt(e._rev?.split("-")[0]||"0")}appReplicateOpts(e={}){if(typeof e.filter=="string")return e;let r=e.filter,n=this.direction,i=n==="toDev";delete e.filter;let o=e.isCreation,a=e.tablesToSync;delete e.isCreation,delete e.tablesToSync;let u=!1,c;typeof a=="string"&&a==="all"?u=!0:a&&(c=a);let l=s((f,m)=>f?.startsWith(m+D),"startsWithID"),d=s(f=>l(f,"ro")||l(f,"li"),"isData");return{...e,filter:(f,m)=>!o&&f._id==="_design/migrations"||i&&f._id.startsWith("_design")?!1:f._deleted||l(f._id,Ss)?!0:n==="toProduction"&&!o&&l(f._id,"autocolumn_state")?!1:d(f._id)?!!c?.find(p=>f._id.includes(p))||u:l(f._id,"log_au")||f._id==="app_metadata"?!1:r?r(f,m):!0}}async rollback(){await this.target.destroy(),this.target=rt(this.target.name),await this.replicate()}},VT=xf;var KT=B(require("node-fetch"));var Qs=dr.removeKeyNumbering;function an(t){return t==null||t===""}s(an,"isEmpty");var Vt=class t{static{s(this,"QueryBuilder")}#l;#d;#e;#r;#n;#i;#s;#o;#t;#f;#a;#u=!1;#c;static{this.maxLimit=200}constructor(e,r,n){this.#l=e,this.#d=r,this.#e={allOr:!1,onEmptyFilter:"all",string:{},fuzzy:{},range:{},equal:{},notEqual:{},empty:{},notEmpty:{},oneOf:{},contains:{},notContains:{},containsAny:{},...n},this.#r=50,this.#s="ascending",this.#o="string",this.#t=!0}disableEscaping(){return this.#u=!0,this}setIndexBuilder(e){return this.#a=e,this}setVersion(e){return e!=null&&(this.#f=e),this}setTable(e){return this.#e.equal.tableId=e,this}setLimit(e){return e!=null&&(this.#r=e),this}setSort(e){return e!=null&&(this.#n=e),this}setSortOrder(e){return e!=null&&(this.#s=e),this}setSortType(e){return e!=null&&(this.#o=e),this}setBookmark(e){return e!=null&&(this.#i=e),this}setSkip(e){return this.#c=e,this}excludeDocs(){return this.#t=!1,this}includeDocs(){return this.#t=!0,this}addString(e,r){return this.#e.string[e]=r,this}addFuzzy(e,r){return this.#e.fuzzy[e]=r,this}addRange(e,r,n){return this.#e.range[e]={low:r,high:n},this}addEqual(e,r){return this.#e.equal[e]=r,this}addNotEqual(e,r){return this.#e.notEqual[e]=r,this}addEmpty(e,r){return this.#e.empty[e]=r,this}addNotEmpty(e,r){return this.#e.notEmpty[e]=r,this}addOneOf(e,r){return this.#e.oneOf[e]=r,this}addContains(e,r){return this.#e.contains[e]=r,this}addNotContains(e,r){return this.#e.notContains[e]=r,this}addContainsAny(e,r){return this.#e.containsAny[e]=r,this}setAllOr(){this.#e.allOr=!0}setOnEmptyFilter(e){this.#e.onEmptyFilter=e}handleSpaces(e){return this.#u?e:e.replace(/ /g,"_")}preprocess(e,{escape:r,lowercase:n,wrap:i,type:o}={}){let a=!!this.#f,u=typeof e;return e&&n&&(e=e.toLowerCase?e.toLowerCase():e),!this.#u&&r&&u==="string"&&(e=`${e}`.replace(/[ /#+\-&|!(){}\]^"~*?:\\]/g,"\\$&")),u==="string"&&!isNaN(e)&&!o?e=`"${e}"`:a&&i&&(e=u==="number"?e:`"${e}"`),e}isMultiCondition(){let e=0;for(let r of Object.values(this.#e))typeof r=="object"&&(e+=Object.keys(r).length);return e>1}compressFilters(e){let r={};for(let o of Object.keys(e)){let a=Qs(o);r[a]?r[a]=r[a].concat(e[o]):r[a]=e[o]}let n={},i=1;for(let[o,a]of Object.entries(r))n[`${i++}:${o}`]=a;return n}buildSearchQuery(){let e=this,r=this.#e&&this.#e.allOr,n=r?"":"*:*",i=!0,o={escape:!0,lowercase:!0,wrap:!0},a="";this.#e.equal.tableId&&(a=this.#e.equal.tableId,delete this.#e.equal.tableId);let u=s((T,h)=>an(h)?null:`${T}:${e.preprocess(h,o)}`,"equal"),c=s((T,h,g="AND")=>{if(an(h))return null;if(!Array.isArray(h))return`${T}:${h}`;let y=`${e.preprocess(h[0],{escape:!0})}`;for(let O=1;O<h.length;O++)y+=` ${g} ${e.preprocess(h[O],{escape:!0})}`;return`${T}:(${y})`},"contains"),l=s((T,h)=>an(h)?null:(h=e.preprocess(h,{escape:!0,lowercase:!0,type:"fuzzy"}),`${T}:/.*${h}.*/`),"fuzzy"),d=s((T,h)=>{let g=r?"*:* AND ":"",y=r?"AND":void 0;return g+"NOT "+c(T,h,y)},"notContains"),f=s((T,h)=>c(T,h,"OR"),"containsAny"),m=s((T,h)=>{if(an(h))return"*:*";if(!Array.isArray(h))if(typeof h=="string")h=h.split(",");else return"";let g=`${e.preprocess(h[0],o)}`;for(let y=1;y<h.length;y++)g+=` OR ${e.preprocess(h[y],o)}`;return`${T}:(${g})`},"oneOf");function p(T,h,g){let y="";for(let[O,I]of Object.entries(T)){O=Qs(O),O=e.preprocess(e.handleSpaces(O),{escape:!0});let R=h(O,I);if(R!=null){if(y.length>0||n.length>0){let S=g?.mode?g.mode:r?"OR":"AND";y+=` ${S} `}y+=R,(typeof I!="string"&&I!=null||typeof I=="string"&&I!==a&&I!=="")&&(i=!1)}}if(g?.returnBuilt)return y;n+=y}if(s(p,"build"),this.#e.string&&p(this.#e.string,(T,h)=>an(h)?null:(h=e.preprocess(h,{escape:!0,lowercase:!0,type:"string"}),`${T}:${h}*`)),this.#e.range&&p(this.#e.range,(T,h)=>{if(an(h)||h.low==null||h.low===""||h.high==null||h.high==="")return null;let g=e.preprocess(h.low,o),y=e.preprocess(h.high,o);return`${T}:[${g} TO ${y}]`}),this.#e.fuzzy&&p(this.#e.fuzzy,l),this.#e.equal&&p(this.#e.equal,u),this.#e.notEqual&&p(this.#e.notEqual,(T,h)=>an(h)?null:typeof h=="boolean"?`(*:* AND !${T}:${h})`:`!${T}:${e.preprocess(h,o)}`),this.#e.empty&&p(this.#e.empty,T=>(i=!1,`(*:* -${T}:["" TO *])`)),this.#e.notEmpty&&p(this.#e.notEmpty,T=>(i=!1,`${T}:["" TO *]`)),this.#e.oneOf&&p(this.#e.oneOf,m),this.#e.contains&&p(this.#e.contains,c),this.#e.notContains&&p(this.compressFilters(this.#e.notContains),d),this.#e.containsAny&&p(this.#e.containsAny,f),a&&(n=this.isMultiCondition()?`(${n})`:n,r=!1,p({tableId:a},u)),i){if(this.#e.onEmptyFilter==="none")return"";if(this.#e?.allOr)return n.replace("()","(*:*)")}return n}buildSearchBody(){let e={q:this.buildSearchQuery(),limit:Math.min(this.#r,t.maxLimit),include_docs:this.#t};if(this.#i&&(e.bookmark=this.#i),this.#n){let r=this.#s==="descending"?"-":"",n=`<${this.#o}>`;e.sort=`${r}${this.handleSpaces(this.#n)}${n}`}return e}async run(){return this.#c&&await this.#m(this.#c),await this.#p()}async#m(e){let r=this.#t,n=this.#r;this.excludeDocs();let i=e,o=0;do{let a=Math.min(t.maxLimit,i);this.setLimit(a);let{bookmark:u,rows:c}=await this.#p();this.setBookmark(u),o=c.length,i-=c.length}while(i>0&&o>0);this.#t=r,this.#r=n}async#p(){let{url:e,cookie:r}=pt(),n=`${e}/${this.#l}/_design/database/_search/${this.#d}`,i=this.buildSearchBody();try{return await qT(n,i,r)}catch(o){if(o.status===404&&this.#a)return await this.#a(),await qT(n,i,r);throw o}}};async function qT(t,e,r){let n=await(0,KT.default)(t,{body:JSON.stringify(e),method:"POST",headers:{Authorization:r}});if(n.status===404)throw n;let i=await n.json(),o={rows:[],totalRows:0};return i.rows!=null&&i.rows.length>0&&(o.rows=i.rows.map(a=>a.doc)),i.bookmark&&(o.bookmark=i.bookmark),i.total_rows&&(o.totalRows=i.total_rows),o}s(qT,"runQuery");async function QT(t,e,r,n){let i=n.bookmark,o=n.rows||[];if(n.limit&&o.length>=n.limit)return o;let a=Vt.maxLimit;n.limit&&o.length>n.limit-Vt.maxLimit&&(a=n.limit-o.length);let u=new Vt(t,e,r);u.setVersion(n.version).setBookmark(i).setLimit(a).setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.tableId&&u.setTable(n.tableId);let c=await u.run();if(!c.rows.length)return o;if(c.rows.length<Vt.maxLimit)return[...o,...c.rows];let l={...n,bookmark:c.bookmark,rows:[...o,...c.rows]};return await QT(t,e,r,l)}s(QT,"recursiveSearch");async function mx(t,e,r,n){let i=n.limit;(i==null||isNaN(i)||i<0)&&(i=50),i=Math.min(i,Vt.maxLimit);let o=new Vt(t,e,r);n.version&&o.setVersion(n.version),n.tableId&&o.setTable(n.tableId),n.sort&&o.setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.indexer&&o.setIndexBuilder(n.indexer),n.disableEscaping&&o.disableEscaping();let a=await o.setBookmark(n.bookmark).setLimit(i).run();o.setBookmark(a.bookmark).setLimit(1),n.tableId&&o.setTable(n.tableId);let u=await o.run();return{...a,hasNextPage:u.rows&&u.rows.length>0}}s(mx,"paginatedSearch");async function hx(t,e,r,n){let i=n.limit;return(i==null||isNaN(i)||i<0)&&(i=1e3),n.limit=Math.min(i,1e3),{rows:await QT(t,e,r,n)}}s(hx,"fullSearch");var vf={};P(vf,{createUserIndex:()=>Ex});async function Ex(){let t=H(),e;try{e=await t.get("_design/database")}catch(n){n.status===404&&(e={_id:"_design/database"})}let r=s(function(n){if(n._id&&!n._id.startsWith("us_"))return;let i=["_id","_rev","password","account","license","budibaseAccess","accountPortalAccess","csrfToken"];function o(a,u){for(let c of Object.keys(a)){if(i.includes(c))continue;let l=u!=null?`${u}.${c}`:c;typeof a[c]=="string"?index(l,a[c].toLowerCase(),{facet:!0}):typeof a[c]!="object"?index(l,a[c],{facet:!0}):o(a[c],l)}}s(o,"idx"),o(n)},"fn");e.indexes={user:{index:r.toString(),analyzer:{default:"keyword",name:"perfield"}}},await t.put(e)}s(Ex,"createUserIndex");function jT(t,e){let r=e.toString();if(typeof t=="object")return t.status===e||t.message?.includes(r);if(typeof t=="number")return t===e;if(typeof t=="string")return t.includes(r)}s(jT,"checkErrorCode");function gx(t){return jT(t,409)}s(gx,"isDocumentConflictError");var Ys={};P(Ys,{addTenantToUrl:()=>yx,getTenantDB:()=>Pf,getTenantIDFromCtx:()=>js,isUserInWorkspaceTenant:()=>Tx});function Pf(t){return De(tn(t))}s(Pf,"getTenantDB");function yx(t){let e=V();if(hr()){let r=t.indexOf("?")===-1?"?":"&";t+=`${r}tenantId=${e}`}return t}s(yx,"addTenantToUrl");var Tx=s((t,e)=>{let r;return e?r=e.tenantId||ae:r=V(),(ei(t)||ae)===r},"isUserInWorkspaceTenant"),Sx=Object.values(Di),js=s((t,e)=>{if(!hr())return ae;e.allowNoTenant===void 0&&(e.allowNoTenant=!1),e.includeStrategies||(e.includeStrategies=Sx),e.excludeStrategies||(e.excludeStrategies=[]);let r=s(n=>{if(e.excludeStrategies?.includes(n))return!1;if(e.includeStrategies?.includes(n))return!0},"isAllowed");if(r("user")){let n=t.user?.tenantId;if(n)return n}if(r("header")){let n=t.request.headers["x-budibase-tenant-id"];if(n)return n}if(r("query")){let n=t.request.query.tenantId;if(n)return n}if(r("subdomain")){let n;try{n=new URL(af()).host.split(":")[0]}catch(o){if(o.code!=="ERR_INVALID_URL")throw o}let i=t.host;if(n&&i.includes(n)){let o=i.substring(0,i.indexOf(`.${n}`));if(o)return o}}if(r("path")){let n=t.matched.find(a=>!!a.paramNames.find(u=>u.name==="tenantId")),i=t.originalUrl,o;if(i.includes("?")?o=i.split("?")[0]:o=i,n){let a=n.params(o,n.captures(o),{});if(a.tenantId)return a.tenantId}}e.allowNoTenant||t.throw(403,"Tenant id not set")},"getTenantIDFromCtx");var Nf="app"+D,YT="/app/";async function Ax(t){let r=`/${t.path.split("/")[2].toLowerCase()}`,n=V();!E.isDev()&&E.MULTI_TENANCY&&(n=js(t,{includeStrategies:["subdomain"]}));let o=(await Re(n,()=>Vs({dev:!1}))).filter(a=>a.url&&a.url.toLowerCase()===r)[0];return o&&o.appId?o.appId:void 0}s(Ax,"resolveAppUrl");function _x(t){return t.path.startsWith(`/${Nf}`)?!0:t.path.startsWith(YT)}s(_x,"isServingApp");function Ox(t){return t.path.startsWith("/builder/workspace/")}s(Ox,"isServingBuilder");function Ix(t){return HT(t.path)}s(Ix,"isServingBuilderPreview");function HT(t){return new RegExp(/^\/app\/app_\w+\/preview$/).test(t)}s(HT,"isBuilderPreviewUrl");function wx(t){return t.path.startsWith("/api/public/v")}s(wx,"isPublicApiRequest");async function un(t){let e;function r(u){u&&u.startsWith(Nf)&&(e&&e!==u&&t.throw("App id conflict",403),e=u)}s(r,"setWorkspaceIdIfValid");function n(u){if(u){typeof u=="string"&&(u=[u]);for(let c of u)r(c)}}s(n,"checkPossibleValues"),n(t.request.headers["x-budibase-app-id"]),r(t.request.body?.appId);let i=Dx(t.path);r(i),n(t.query?.appId);let o=HT(t.path);return t.path.startsWith(YT)&&!o&&r(await Ax(t)),e}s(un,"getWorkspaceIdFromCtx");function Dx(t){if(t)return t.split("?")[0].split("/").find(e=>e.startsWith(Nf))}s(Dx,"parseWorkspaceIdFromUrlPath");function lu(t){if(t)try{return cu.default.verify(t,E.JWT_SECRET)}catch(e){if(E.JWT_SECRET_FALLBACK)return cu.default.verify(t,E.JWT_SECRET_FALLBACK);throw e}}s(lu,"openJwt");function Hs(t){return E.INTERNAL_API_KEY&&E.INTERNAL_API_KEY===t?!0:!!(E.INTERNAL_API_KEY_FALLBACK&&E.INTERNAL_API_KEY_FALLBACK===t)}s(Hs,"isValidInternalAPIKey");function qt(t,e){let r=t.cookies.get(e);if(r)return lu(r)}s(qt,"getCookie");function zT(t,e,r="builder",n={sign:!0}){e&&n&&n.sign&&(e=cu.default.sign(e,E.JWT_SECRET));let i={expires:Ga,path:"/",httpOnly:!1,overwrite:!0};E.COOKIE_DOMAIN&&(i.domain=E.COOKIE_DOMAIN),t.cookies.set(r,e,i)}s(zT,"setCookie");function Tr(t,e){zT(t,null,e)}s(Tr,"clearCookie");function Rx(t){return t.headers["x-budibase-type"]==="client"}s(Rx,"isClient");function Uf(t){return new Promise(e=>setTimeout(e,t))}s(Uf,"timeout");function Lf(t){return!!Mm[t]}s(Lf,"isAudited");function Cx(t){if(typeof t!="object")return!1;try{JSON.stringify(t)}catch(e){if(e instanceof Error&&e?.message.includes("circular structure"))return!0}return!1}s(Cx,"hasCircularStructure");function bx(t){return!!t.match(/^.+:\/\/.+$/)}s(bx,"urlHasProtocol");function kf(t){return t&&!!t.match(/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/)}s(kf,"validEmail");var Mf=(o=>(o.MILLISECONDS="milliseconds",o.SECONDS="seconds",o.MINUTES="minutes",o.HOURS="hours",o.DAYS="days",o))(Mf||{}),du={milliseconds:1,seconds:1e3,minutes:6e4,hours:36e5,days:864e5},he=class t{constructor(e){this.ms=e}static{s(this,"Duration")}to(e){return this.ms/du[e]}toMs(){return this.ms}toSeconds(){return this.to("seconds")}static convert(e,r,n){return n*du[e]/du[r]}static from(e,r){return new t(r*du[e])}static fromSeconds(e){return t.from("seconds",e)}static fromMinutes(e){return t.from("minutes",e)}static fromHours(e){return t.from("hours",e)}static fromDays(e){return t.from("days",e)}static fromMilliseconds(e){return t.from("milliseconds",e)}};async function xx(t){let e=performance.now();return[await t(),he.fromMilliseconds(performance.now()-e)]}s(xx,"time");var fu=require("undici");function vx(t,e){let r,n=null;try{let o=new URL(t);r=o.hostname,n=o.port||null}catch{return!1}let i=e.split(/[\s,]+/).filter(o=>o.length>0);for(let o of i){let u=o.replace(/^\./,"*").match(/^(.+?)(?::(\d+))?$/);if(!u||!u[1])continue;let c=u[1].toLowerCase(),l=u[2]||null,d=!1;if(c==="*")d=!0;else if(c.startsWith("*")){let m=c.slice(1);d=r===m.slice(1)||r.endsWith(m)}else d=r===c;if(d&&(!l||n===l))return!0}return!1}s(vx,"isUrlMatchingNoProxy");function Px(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e;if(!n||!n.trim())return!0;try{new URL(n.trim())}catch{return console.log("[fetch] Invalid proxy URL format:",n),!0}if(t){let i=process.env.GLOBAL_AGENT_NO_PROXY||process.env.NO_PROXY||"";if(i&&vx(t,i))return console.log("[fetch] URL matches NO_PROXY pattern, bypassing proxy",{url:t,noProxy:i}),!0}return!1}s(Px,"shouldBypassProxy");function Nx(t){return new fu.Agent({connect:{rejectUnauthorized:t}})}s(Nx,"createDirectAgent");function Ux(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=(process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e).trim();console.log("[fetch] Creating ProxyAgent",{proxyUrl:n,rejectUnauthorized:t});let i={uri:n,requestTls:{rejectUnauthorized:t}};return n.startsWith("https://")&&(i.proxyTls={rejectUnauthorized:t}),new fu.ProxyAgent(i)}s(Ux,"createProxyAgent");function Lx(t){let e=t?.rejectUnauthorized??!0;return Px(t?.url)?Nx(e):Ux(e)}s(Lx,"createDispatcher");function kx(t){return Lx(t)}s(kx,"getDispatcher");function Mx(t){let e="",r=-1,n,i,o=t.opts?.repeat;return o&&(i=o.endDate?new Date(o.endDate).getTime():Date.now(),n=o.tz,"cron"in o?e=o.cron:r=o.every),{id:t.id.toString(),name:"",key:t.id.toString(),tz:n,endDate:i,cron:e,every:r,next:0}}s(Mx,"jobToJobInformation");var pu=class{static{s(this,"InMemoryQueue")}constructor(e,r){this._name=e,this._opts=r,this._messages=[],this._emitter=new JT.default.EventEmitter,this._runCount=0,this._addCount=0,this._queuedJobIds=new Set,this._attempts=r?.defaultJobOptions?.attempts||1}async process(e,r){r=typeof e=="number"?r:e,this._emitter.on("message",async n=>{if(!n.manualTrigger&&n.opts?.repeat!=null)return;function i(){return r.length===1?r(n):new Promise((c,l)=>{r(n,s((f,m)=>{f?l(f):c(m)},"done"))})}s(i,"execute");let o=this._attempts;async function a(c,l=0){try{return await c}catch(d){if(l++,l<o&&!n._isDiscarded)return await Ue.wait(100*l),await a(i(),l);throw d}}s(a,"retryFunc");try{let c=await a(i());this._emitter.emit("completed",n,c);let l=this._messages.indexOf(n);if(l===-1)throw"Failed deleting a processed message";this._messages.splice(l,1)}catch(c){console.error(c),this._emitter.emit("error",n,c)}this._runCount++;let u=n.opts?.jobId?.toString();u&&n.opts?.removeOnComplete&&this._queuedJobIds.delete(u)})}async isReady(){return this}async add(e,r){if(typeof e=="string")throw new Error("doesn't support named jobs");let n=r,i=n?.jobId?.toString();if(i&&this._queuedJobIds.has(i)){console.log(`Ignoring already queued job ${i}`);return}if(typeof e!="object")throw"Queue only supports carrying JSON.";i&&this._queuedJobIds.add(i);let o=ee(),a=s(()=>{let c={id:o,timestamp:Date.now(),queue:this,data:e,opts:n,discard:async()=>{c._isDiscarded=!0}};this._messages.push(c),this._messages.length>1e3&&this._messages.shift(),this._addCount++,this._emitter.emit("message",c)},"pushMessage"),u=n?.delay;return u?setTimeout(a,u):a(),{id:i,finished:()=>new Promise((c,l)=>{let d=s((m,p)=>{m.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),l(p))},"errorHandler"),f=s((m,p)=>{m.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),c(p))},"completedHandler");this._emitter.on("error",d),this._emitter.on("completed",f)})}}async close(){}async removeRepeatableByKey(e){for(let[r,n]of this._messages.entries())if(n.id===e){this._messages.splice(r,1),this._emitter.emit("removed",n);return}}async removeJobs(e){}async clean(){return[]}async getJob(e){for(let r of this._messages)if(r.id===e)return r;return null}manualTrigger(e){for(let r of this._messages)if(r.id===e){this._emitter.emit("message",{...r,manualTrigger:!0});return}throw new Error(`Job with id ${e} not found`)}on(e,r){return this._emitter.on(e,r),this}off(e,r){return this._emitter.off(e,r),this}async count(){return this._messages.length}async getCompletedCount(){return this._runCount}async getRepeatableJobs(){return this._messages.filter(e=>e.opts?.repeat!=null).map(e=>Mx(e))}async whenCurrentJobsFinished(){do await Uf(50);while(this.hasRunningJobs())}hasRunningJobs(){return this._addCount>this._runCount}},ZT=pu;var Wf=B(require("bull"));var si=(c=>(c.AUTOMATION="automationQueue",c.APP_BACKUP="appBackupQueue",c.AUDIT_LOG="auditLogQueue",c.SYSTEM_EVENT_QUEUE="systemEventQueue",c.APP_MIGRATION="appMigration",c.DOC_WRITETHROUGH_QUEUE="docWritethroughQueue",c.DEV_REVERT_PROCESSOR="devRevertProcessorQueue",c.BATCH_USER_SYNC_PROCESSOR="batchUserSyncProcessorQueue",c))(si||{});function XT(t,e,r){Wx(t,e),r&&Fx(t,r)}s(XT,"addListeners");function Fx(t,e){t.on("stalled",async r=>{if(e)await e(r);else if(r.opts.repeat){let n=r.id,i=await t.getRepeatableJobs();for(let o of i)o.id===n&&await t.removeRepeatableByKey(o.key);console.log(`jobId=${n} disabled`)}})}s(Fx,"handleStalled");function nt(t,e,r={},n={}){let i=`[BULL] ${t}=${e}`,o=r.error,a={_logKey:"bull",eventType:t,event:e,job:r.job,jobId:r.jobId||r.job?.id,...n},u;return r.job?.data?.automation&&(u={_logKey:"automation",trigger:r.job?r.job.data.automation.definition.trigger.event:void 0}),[i,o,a,u]}s(nt,"getLogParams");var Bx={automationQueue:"automation-event",appBackupQueue:"app-backup-event",auditLogQueue:"audit-log-event",systemEventQueue:"system-event",appMigration:"app-migration",docWritethroughQueue:"doc-writethrough",devRevertProcessorQueue:"dev-revert-event",batchUserSyncProcessorQueue:"batch-user-sync-processor"};function Wx(t,e){let r=Bx[e];function n(i,o){let a=i.data.event?.appId;if(a)return uf(a,o);o()}s(n,"doInJobContext"),t.on("stalled",async i=>{await n(i,()=>{console.error(...nt(r,"stalled",{job:i}))})}).on("error",i=>{console.error(...nt(r,"error",{error:i}))}),process.env.NODE_DEBUG?.includes("bull")&&t.on("waiting",i=>{console.info(...nt(r,"waiting",{jobId:i}))}).on("active",async i=>{await n(i,()=>{console.info(...nt(r,"active",{job:i}))})}).on("progress",async(i,o)=>{await n(i,()=>{console.info(...nt(r,"progress",{job:i},{progress:o}))})}).on("completed",async(i,o)=>{await n(i,()=>{console.info(...nt(r,"completed",{job:i},{result:o}))})}).on("failed",async(i,o)=>{await n(i,()=>{console.error(...nt(r,"failed",{job:i,error:o}))})}).on("paused",()=>{console.info(...nt(r,"paused"))}).on("resumed",()=>{console.info(...nt(r,"resumed"))}).on("cleaned",(i,o)=>{console.info(...nt(r,"cleaned",{},{length:i.length,type:o}))}).on("drained",()=>{console.info(...nt(r,"drained"))}).on("removed",i=>{console.info(...nt(r,"removed",{job:i}))})}s(Wx,"logging");var mu={};P(mu,{cleanup:()=>$x,clear:()=>Bf,set:()=>Ff});var zs=[];function Ff(t,e){let r=setInterval(t,e);return zs.push(r),r}s(Ff,"set");function Bf(t){let e=zs.indexOf(t);e!==-1&&zs.splice(e,1),clearInterval(t)}s(Bf,"clear");function $x(){for(let t of zs)clearInterval(t);zs=[]}s($x,"cleanup");var Kt=B(require("dd-trace")),Js=B(require("object-sizeof"));var Gx=he.fromMinutes(5).toMs(),Vx=he.fromSeconds(30).toMs(),$f=he.fromSeconds(60).toMs(),Zs=[],hu;async function eS(){for(let t of Zs)await t.clean($f,"completed"),await t.clean($f,"failed")}s(eS,"cleanup");async function qx(t,e,r){let n=performance.now();try{let i=await e();return Kt.default.dogstatsd.increment(`${t}.success`,1,r),i}catch(i){throw Kt.default.dogstatsd.increment(`${t}.error`,1,r),i}finally{let i=performance.now()-n;Kt.default.dogstatsd.distribution(`${t}.duration.ms`,i,r),Kt.default.dogstatsd.increment(t,1,r)}}s(qx,"withMetrics");function tS(t){return{"job.opts.attempts":t.attempts,"job.opts.backoff":t.backoff,"job.opts.delay":t.delay,"job.opts.jobId":t.jobId,"job.opts.lifo":t.lifo,"job.opts.preventParsingData":t.preventParsingData,"job.opts.priority":t.priority,"job.opts.removeOnComplete":t.removeOnComplete,"job.opts.removeOnFail":t.removeOnFail,"job.opts.repeat":t.repeat,"job.opts.stackTraceLimit":t.stackTraceLimit,"job.opts.timeout":t.timeout}}s(tS,"jobOptsTags");function Kx(t){return{"job.id":t.id,"job.attemptsMade":t.attemptsMade,"job.timestamp":t.timestamp,"job.data.sizeBytes":(0,Js.default)(t.data),...tS(t.opts||{})}}s(Kx,"jobTags");var gt=class{static{s(this,"BudibaseQueue")}constructor(e,r={}){this.opts=r,this.jobQueue=e,this.queue=this.initQueue()}get name(){return this.queue.name}initQueue(){let r={redis:Xr(),settings:{maxStalledCount:this.opts.maxStalledCount?this.opts.maxStalledCount:0,lockDuration:Gx,lockRenewTime:Vx}};this.opts.jobOptions&&(r.defaultJobOptions=this.opts.jobOptions);let n;return E.isTest()?process.env.BULL_TEST_REDIS_PORT&&!isNaN(+process.env.BULL_TEST_REDIS_PORT)?n=new Wf.default(this.jobQueue,{...r,redis:{host:"localhost",port:+process.env.BULL_TEST_REDIS_PORT}}):n=new ZT(this.jobQueue,r):n=new Wf.default(this.jobQueue,r),XT(n,this.jobQueue,this.opts.removeStalledCb),Zs.push(n),!hu&&!E.isTest()&&(hu=Ff(eS,$f),eS().catch(i=>{console.error(`Unable to cleanup ${this.jobQueue} initially - ${i}`)})),n}getBullQueue(){return this.queue}process(...e){let r,n;e.length===2?(r=e[0],n=e[1]):n=e[0];let i=s(async(a,u)=>{await Kt.default.trace("queue.process",async c=>{if(a.data._parentSpanContext){let l=a.data._parentSpanContext,d={traceId:l.traceId,spanId:l.spanId,toTraceId:()=>l.traceId,toSpanId:()=>l.spanId,toTraceparent:()=>""};c.addLink(d)}c.addTags({"queue.name":this.jobQueue,...Kx(a)}),this.opts.jobTags&&c.addTags(this.opts.jobTags(a.data)),Kt.default.dogstatsd.distribution("queue.process.sizeBytes",(0,Js.default)(a.data),this.metricTags()),await this.withMetrics("queue.process",()=>u?n(a,u):n(a))})},"processCallback"),o;return n.length===1?o=s(a=>i(a),"wrappedCb"):o=i,r?this.queue.process(r,o):this.queue.process(o)}async add(e,r){return await Kt.default.trace("queue.add",async n=>(n.addTags({"queue.name":this.jobQueue,"job.data.sizeBytes":(0,Js.default)(e),...tS(r||{})}),this.opts.jobTags&&n.addTags(this.opts.jobTags(e)),e._parentSpanContext={traceId:n.context().toTraceId(),spanId:n.context().toSpanId()},Kt.default.dogstatsd.distribution("queue.add.sizeBytes",(0,Js.default)(e),this.metricTags()),await this.withMetrics("queue.add",()=>this.queue.add(e,r))))}withMetrics(e,r){return qx(e,r,this.metricTags())}metricTags(){return{queueName:this.jobQueue}}close(e){return this.queue.close(e)}whenCurrentJobsFinished(){return this.queue.whenCurrentJobsFinished()}};async function Qx(){hu&&Bf(hu),console.log("Waiting for current queue jobs to finish...");for(let t of Zs)await t.whenCurrentJobsFinished();console.log("Closing queue Redis connections...");for(let t of Zs)await t.close();Zs=[],console.log("Queues shutdown")}s(Qx,"shutdown");var so={};P(so,{correlation:()=>Xs,logAlert:()=>dn,logAlertWithInfo:()=>xv,logWarn:()=>ui,logger:()=>Ou,system:()=>rp});var Xs={};P(Xs,{getId:()=>Gf,setHeader:()=>jx});var rS=require("correlation-id"),jx=s(t=>{let e=rS.getId();e&&(t["x-budibase-correlation-id"]=e)},"setHeader");function Gf(){return rS.getId()}s(Gf,"getId");var _u=B(require("pino")),PS=B(require("pino-pretty")),np=B(require("dd-trace")),NS=require("dd-trace/ext");var rp={};P(rp,{getLogReadStream:()=>Iv,getSingleFileMaxSizeInfo:()=>vS,localFileDestination:()=>tp});var io=B(require("fs")),ep=B(require("path")),RS=B(require("rotating-file-stream"));var Xf={};P(Xf,{ObjectStore:()=>it,ObjectStoreBuckets:()=>Hx,SIGNED_FILE_PREFIX:()=>Hf,bucketTTLConfig:()=>Eu,budibaseTempDir:()=>cn,client3rdPartyLibrary:()=>gv,clientLibraryPath:()=>Ev,clientLibraryUrl:()=>yv,createBucketIfNotExists:()=>no,deleteFile:()=>av,deleteFiles:()=>uv,deleteFolder:()=>hS,downloadTarball:()=>lv,downloadTarballDirect:()=>cv,enrichPWAImages:()=>Tv,enrichPluginURLs:()=>Av,extractBucketAndPath:()=>Vf,getAllFiles:()=>iv,getAppFileUrl:()=>TS,getClientCacheKey:()=>yS,getGlobalFileS3Key:()=>SS,getGlobalFileUrl:()=>Sv,getObjectMetadata:()=>dv,getPluginIconKey:()=>OS,getPluginJSKey:()=>_S,getPluginS3Dir:()=>wS,getPresignedUrl:()=>ln,getReadStream:()=>gu,listAllObjects:()=>zf,objectExists:()=>fv,processAutomationAttachment:()=>Jx,processObjectStoreAttachment:()=>aS,retrieve:()=>mS,retrieveDirectory:()=>ov,retrieveToTmp:()=>sv,sanitizeBucket:()=>be,sanitizeKey:()=>Ee,streamUpload:()=>pS,streamUploadMany:()=>nv,upload:()=>rv,uploadDirectory:()=>Jf});var Tu=require("@aws-sdk/client-s3"),qf=require("@aws-sdk/lib-storage"),uS=require("@aws-sdk/s3-request-presigner"),cS=require("@smithy/node-http-handler");var Qt=B(require("dd-trace")),oi=B(require("fs")),to=B(require("fs/promises")),lS=B(require("https")),Kf=B(require("node-fetch")),Ar=require("path"),Su=B(require("stream")),ro=require("stream/promises"),Qf=B(require("tar-fs")),jf=require("uuid"),Yf=B(require("zlib"));var nS=B(require("fs")),iS=require("os"),eo=B(require("path")),sS=B(require("stream"));var Hx={BACKUPS:E.BACKUPS_BUCKET_NAME,APPS:E.APPS_BUCKET_NAME,TEMPLATES:E.TEMPLATES_BUCKET_NAME,GLOBAL:E.GLOBAL_BUCKET_NAME,PLUGINS:E.PLUGIN_BUCKET_NAME,TEMP:E.TEMP_BUCKET_NAME},oS=(0,eo.join)((0,iS.tmpdir)(),".budibase");try{nS.default.mkdirSync(oS)}catch(t){if(t.code!=="EEXIST")throw t}function cn(){return oS}s(cn,"budibaseTempDir");var Eu=s((t,e)=>{let n={Rules:[{ID:`${t}-ExpireAfter${e}days`,Prefix:"",Status:"Enabled",Expiration:{Days:e}}]};return{Bucket:t,LifecycleConfiguration:n}},"bucketTTLConfig");async function zx(t){let e=await fetch(t.url);if(!e.ok||!e.body)throw new Error(`Unexpected response ${e.statusText}`);let r=eo.default.basename(new URL(t.url).pathname);if(!e.body)throw new Error("No response received for attachment");return{filename:t.filename||r,content:sS.default.Readable.fromWeb(e.body)}}s(zx,"processUrlAttachment");async function aS(t){let e=Vf(t.url);if(e===null)throw new Error("Invalid signed URL");let{bucket:r,path:n}=e,{stream:i}=await gu(r,n),o=eo.default.basename(n);return{bucket:r,path:n,filename:t.filename||o,content:i}}s(aS,"processObjectStoreAttachment");async function Jx(t){return t.url?.startsWith("http://")||t.url?.startsWith("https://")?await zx(t):await aS(t)}s(Jx,"processAutomationAttachment");var Zx=require("sanitize-s3-objectkey"),Xx={bucketCreationPromises:{}},Hf="/files/signed",Sr={txt:"text/plain",html:"text/html",css:"text/css",js:"application/javascript",json:"application/json",gz:"application/gzip",svg:"image/svg+xml",form:"multipart/form-data"},ev=[Sr.html,Sr.css,Sr.js,Sr.json];function Ee(t){return Zx(be(t)).replace(/\\/g,"/")}s(Ee,"sanitizeKey");function be(t){return t.replace(new RegExp(tt,"g"),et)}s(be,"sanitizeBucket");function it(t={presigning:!1}){let e={forcePathStyle:!0,credentials:{accessKeyId:E.MINIO_ACCESS_KEY,secretAccessKey:E.MINIO_SECRET_KEY},region:E.AWS_REGION};if(!E.MINIO_ENABLED&&E.AWS_SESSION_TOKEN&&(e.credentials={accessKeyId:E.MINIO_ACCESS_KEY,secretAccessKey:E.MINIO_SECRET_KEY,sessionToken:E.AWS_SESSION_TOKEN}),E.MINIO_URL&&(t.presigning&&E.MINIO_ENABLED?e.endpoint="http://minio-service":e.endpoint=E.MINIO_URL),E.S3_IGNORE_SELF_SIGNED==="true"){let r=new lS.default.Agent({rejectUnauthorized:!1});e.requestHandler=new cS.NodeHttpHandler({httpsAgent:r})}return new Tu.S3(e)}s(it,"ObjectStore");async function no(t,e){e=be(e);try{return await t.headBucket({Bucket:e}),{created:!1,exists:!0}}catch(r){let n=r.statusCode||r.$response?.statusCode,i=Xx.bucketCreationPromises,o=n===404,a=n===403;if(i[e])return await i[e],{created:!1,exists:!0};if(o||a){if(o)return i[e]=t.createBucket({Bucket:e}).catch(u=>{if(u.Code!=="BucketAlreadyOwnedByYou")throw u}),await i[e],delete i[e],{created:!0,exists:!1};throw new Error("Access denied to object store bucket."+r)}else throw new Error("Unable to write to object store bucket.")}}s(no,"createBucketIfNotExists");var tv=s((t,e)=>{if(e)return e;let r=t.split(".").pop();return r?Sr[r.toLowerCase()]:Sr.txt},"resolveContentType"),dS=s(async(t,e,r)=>{let n=be(t),i=it(),o=await no(i,n);if(r.addTags({bucketCreated:o.created,bucketExists:o.exists}),e&&o.created){let a=Eu(n,e);await i.putBucketLifecycleConfiguration(a)}return{bucket:n,client:i,bucketCreated:o}},"initialiseBucket"),fS=s(async({client:t,bucket:e,filename:r,stream:n,type:i,extra:o})=>{if(!n)throw new Error("Stream to upload is invalid/undefined");let a=tv(r,i),u=Ee(r),c={Bucket:e,Key:u,Body:n,ContentType:a,...o??{}};return{details:await new qf.Upload({client:t,params:c}).done(),contentType:a}},"streamUploadInternal");async function rv({bucket:t,filename:e,path:r,type:n,metadata:i,body:o,ttl:a}){let u=e.split(".").pop(),c=r?(await to.default.open(r)).createReadStream():o,l=it(),d=await no(l,t);if(a&&d.created){let h=Eu(t,a);await l.putBucketLifecycleConfiguration(h)}let f=n,m=f||(u?Sr[u.toLowerCase()]:Sr.txt),p={Bucket:be(t),Key:Ee(e),Body:c,ContentType:m};if(i&&typeof i=="object"){for(let h of Object.keys(i))(!i[h]||typeof i[h]!="string")&&delete i[h];p.Metadata=i}return new qf.Upload({client:l,params:p}).done()}s(rv,"upload");async function pS({bucket:t,stream:e,filename:r,type:n,extra:i,ttl:o}){return await Qt.default.trace("streamUpload",async a=>{a.addTags({bucketName:t,filename:r,type:n,ttl:o});let u=r.split(".").pop();a.addTags({extension:u});let{bucket:c,client:l}=await dS(t,o,a),{details:d,contentType:f}=await fS({client:l,bucket:c,filename:r,stream:e,type:n,extra:i}),m=await l.headObject({Bucket:c,Key:Ee(r)});return a.addTags({contentType:f,contentLength:m.ContentLength}),{...d,ContentLength:m.ContentLength}})}s(pS,"streamUpload");async function nv({bucket:t,files:e,ttl:r}){return await Qt.default.trace("streamUploadMany",async i=>{if(i.addTags({bucketName:t,ttl:r,fileCount:e.length}),!e.length)return[];let{bucket:o,client:a}=await dS(t,r,i),u=e.map((l,d)=>({...l,index:d})),c=new Array(e.length);return await _t.parallelForeach(u,async l=>{let{details:d}=await fS({client:a,bucket:o,filename:l.filename,stream:l.stream,type:l.type,extra:l.extra});c[l.index]=d},10),c})}s(nv,"streamUploadMany");async function mS(t,e){return await Qt.default.trace("retrieve",async r=>{r.addTags({bucketName:t,filepath:e});let n=it(),i={Bucket:be(t),Key:Ee(e)},o=await n.getObject(i);if(!o.Body)throw new Error("Unable to retrieve object");if(r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),ev.includes(o.ContentType))return r.addTags({string:!0}),o.Body.transformToString();{r.addTags({string:!1});let a=o.Body.transformToWebStream();return Su.default.Readable.fromWeb(a)}})}s(mS,"retrieve");async function*zf(t,e){let r=it(),n=s((a={})=>r.listObjectsV2({...a,Bucket:be(t),Prefix:Ee(e)}),"list"),i=!1,o;do{let a={};o&&(a.ContinuationToken=o);let u=await n(a);if(u.Contents)for(let c of u.Contents)yield c;i=!!u.IsTruncated,o=u.NextContinuationToken}while(i&&o)}s(zf,"listAllObjects");async function iv(t,e){let r={};return await _t.parallelForeach(zf(t,e),async n=>{if(!n.Key)throw new Error("file.Key must be defined");r[n.Key]=n},5),r}s(iv,"getAllFiles");async function ln(t,e,r=3600){let n=it({presigning:!0}),i={Bucket:be(t),Key:Ee(e)},o=await(0,uS.getSignedUrl)(n,new Tu.GetObjectCommand(i),{expiresIn:r});if(E.MINIO_ENABLED){let a=new URL(o),u=a.pathname,c=a.search;return`${Hf}${u}${c}`}else return o}s(ln,"getPresignedUrl");async function sv(t,e){return await Qt.default.trace("retrieveToTmp",async r=>{r.addTags({bucketName:t,filepath:e}),t=be(t),e=Ee(e);let n=await mS(t,e),i=(0,Ar.join)(cn(),(0,jf.v4)());return r.addTags({outputPath:i}),n instanceof Su.default.Readable?(r.addTags({stream:!0}),await(0,ro.pipeline)(n,oi.default.createWriteStream(i))):(r.addTags({stream:!1}),oi.default.writeFileSync(i,n)),i})}s(sv,"retrieveToTmp");async function ov(t,e,r){return await Qt.default.trace("retrieveDirectory",async n=>{n.addTags({bucketName:t,path:e});let i=(0,Ar.join)(cn(),(0,jf.v4)());await to.default.mkdir(i,{recursive:!0});let o=0;return await _t.parallelForeach(zf(t,e),async a=>{let{Key:u}=a;!u||r?.some(c=>c.test(u))||(o++,await Qt.default.trace("retrieveDirectory.object",async c=>{let l=a.Key;c.addTags({filename:l});let{stream:d}=await gu(t,l),f=l.split("/"),m=f.slice(0,f.length-1),p=(0,Ar.join)(i,...m);f.length>1&&!oi.default.existsSync(p)&&await to.default.mkdir(p,{recursive:!0}),await(0,ro.pipeline)(d,oi.default.createWriteStream((0,Ar.join)(i,...f),{mode:420}))}))},5),n.addTags({numObjects:o}),i})}s(ov,"retrieveDirectory");async function av(t,e){let r=it();await no(r,t);let n={Bucket:t,Key:Ee(e)};return r.deleteObject(n)}s(av,"deleteFile");async function uv(t,e){let r=it();await no(r,t);let n={Bucket:t,Delete:{Objects:e.map(i=>({Key:Ee(i)}))}};return r.deleteObjects(n)}s(uv,"deleteFiles");async function hS(t,e){t=be(t),e=Ee(e);let r=it(),n={Bucket:t,Prefix:e},i=await r.listObjects(n);if(i.Contents?.length===0)return;let o={Bucket:t,Delete:{Objects:[]}};if(i.Contents?.forEach(a=>{o.Delete.Objects.push({Key:a.Key})}),o.Delete.Objects.length&&(await r.deleteObjects(o)).Deleted?.length===1e3)return hS(t,e)}s(hS,"deleteFolder");async function Jf(t,e,r){return await Qt.default.trace("uploadDirectory",async n=>{n.addTags({bucketName:t,localPath:e,bucketPath:r}),t=be(t);let i=await to.default.readdir(e,{withFileTypes:!0});n.addTags({numFiles:i.length});for(let o of i){let a=Ee((0,Ar.join)(r,o.name)),u=(0,Ar.join)(e,o.name);o.isDirectory()?await Jf(t,u,a):await pS({bucket:t,filename:a,stream:oi.default.createReadStream(u)})}return i})}s(Jf,"uploadDirectory");async function cv(t,e,r={}){e=Ee(e);let n=await(0,Kf.default)(t,{headers:r});if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);await(0,ro.pipeline)(n.body,Yf.default.createUnzip(),Qf.default.extract(e))}s(cv,"downloadTarballDirect");async function lv(t,e,r){e=be(e),r=Ee(r);let n=await(0,Kf.default)(t);if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);let i=(0,Ar.join)(cn(),r);return await(0,ro.pipeline)(n.body,Yf.default.createUnzip(),Qf.default.extract(i)),!E.isTest()&&E.SELF_HOSTED&&await Jf(e,i,r),i}s(lv,"downloadTarball");async function gu(t,e){return await Qt.default.trace("getReadStream",async r=>{t=be(t),e=Ee(e),r.addTags({bucketName:t,path:e});let n=it(),i={Bucket:t,Key:e},o=await n.getObject(i);if(!o.Body||!(o.Body instanceof Su.default.Readable))throw new Error("Unable to retrieve stream - invalid response");return r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),{stream:o.Body,contentLength:o.ContentLength,contentType:o.ContentType}})}s(gu,"getReadStream");async function dv(t,e){t=be(t),e=Ee(e);let r=it(),n={Bucket:t,Key:e};try{return await r.headObject(n)}catch{throw new Error("Unable to retrieve metadata from object")}}s(dv,"getObjectMetadata");async function fv(t,e){t=be(t),e=Ee(e);let r=it(),n={Bucket:t,Key:e};try{return await r.headObject(n),!0}catch(i){if((i.statusCode||i.$response?.statusCode)===404)return!1;throw i}}s(fv,"objectExists");function Vf(t){let e=t.split("?")[0],r=new RegExp(`^${Hf}/(?<bucket>[^/]+)/(?<path>.+)$`),n=e.match(r);if(n&&n.groups){let{bucket:i,path:o}=n.groups;return{bucket:i,path:o}}return null}s(Vf,"extractBucketAndPath");var gS=B(require("querystring"));var ES=B(require("aws-cloudfront-sign"));var Au;function pv(){if(!E.CLOUDFRONT_PRIVATE_KEY_64)throw new Error("CLOUDFRONT_PRIVATE_KEY_64 is not set");return Au||(Au=Buffer.from(E.CLOUDFRONT_PRIVATE_KEY_64,"base64").toString("utf-8"),Au)}s(pv,"getPrivateKey");var mv=s(()=>({keypairId:E.CLOUDFRONT_PUBLIC_KEY_ID,privateKeyString:pv(),expireTime:new Date().getTime()+1e3*60*60*24}),"getCloudfrontSignParams"),ai=s(t=>{let e=hv(t);return ES.getSignedUrl(e,mv())},"getPresignedUrl"),hv=s(t=>{let e="/";return t.startsWith("/")&&(e=""),`${E.CLOUDFRONT_CDN}${e}${t}`},"getUrl");function Ev(t){return`${Ee(t)}/budibase-client.js`}s(Ev,"clientLibraryPath");function gv(t,e){return`${Ee(t)}/${e}`}s(gv,"client3rdPartyLibrary");async function yv(t,e){return`/api/assets/${t}/client?${await yS(e)}`}s(yv,"clientLibraryUrl");async function yS(t){let e,r;try{e=V()}finally{r={version:t}}return e&&e!==ae&&(r.tenantId=e),gS.default.encode(r)}s(yS,"getClientCacheKey");async function TS(t){return E.CLOUDFRONT_CDN?ai(t):await ln(E.APPS_BUCKET_NAME,t)}s(TS,"getAppFileUrl");async function Tv(t){if(t.length===0)return[];try{return await Promise.all(t.map(async e=>({...e,src:await TS(e.src),type:e.type||"image/png"})))}catch(e){return console.error("Error enriching PWA images:",e),t}}s(Tv,"enrichPWAImages");var Sv=s(async(t,e,r)=>{let n=SS(t,e);return E.CLOUDFRONT_CDN?(r&&(n=`${n}?etag=${r}`),ai(n)):await ln(E.GLOBAL_BUCKET_NAME,n)},"getGlobalFileUrl"),SS=s((t,e)=>{let r=`${t}/${e}`;return E.MULTI_TENANCY&&(r=`${V()}/${r}`),r},"getGlobalFileS3Key");async function Av(t){return!t||!t.length?[]:await Promise.all(t.map(async e=>{let r=await _v(e),n=await Ov(e);return{...e,jsUrl:r,iconUrl:n}}))}s(Av,"enrichPluginURLs");async function _v(t){let e=_S(t);return AS(e)}s(_v,"getPluginJSUrl");async function Ov(t){let e=OS(t);if(e)return AS(e)}s(Ov,"getPluginIconUrl");async function AS(t){return E.CLOUDFRONT_CDN?ai(t):await ln(E.PLUGIN_BUCKET_NAME,t)}s(AS,"getPluginUrl");function _S(t){return IS(t,"plugin.min.js")}s(_S,"getPluginJSKey");function OS(t){let e=t.iconUrl?"icon.svg":t.iconFileName;if(e)return IS(t,e)}s(OS,"getPluginIconKey");function IS(t,e){return`${wS(t.name)}/${e}`}s(IS,"getPluginS3Key");function wS(t){let e=`${t}`;return E.MULTI_TENANCY&&(e=`${V()}/${e}`),E.CLOUDFRONT_CDN&&(e=`plugins/${e}`),e}s(wS,"getPluginS3Dir");var CS="budibase.log",bS="budibase-logs-history.txt",xS=ep.default.join(cn(),"systemlogs");function DS(t){return ep.default.join(xS,t)}s(DS,"getFullPath");function vS(t){let e=/(\d+)([A-Za-z])/,r=t?.match(e);if(!r){console.warn("totalMaxSize does not have a valid value",{totalMaxSize:t});return}let n=+r[1],i=r[2];if(n===1)switch(i){case"B":return{size:`${n}B`,totalHistoryFiles:1};case"K":return{size:`${n*1e3/2}B`,totalHistoryFiles:1};case"M":return{size:`${n*1e3/2}K`,totalHistoryFiles:1};case"G":return{size:`${n*1e3/2}M`,totalHistoryFiles:1};default:return}return n%2===0?{size:`${n/2}${i}`,totalHistoryFiles:1}:{size:`1${i}`,totalHistoryFiles:n-1}}s(vS,"getSingleFileMaxSizeInfo");function tp(){let t=vS(E.ROLLING_LOG_MAX_SIZE);return RS.createStream(CS,{size:t?.size,path:xS,maxFiles:t?.totalHistoryFiles||1,immutable:!0,history:bS,initialRotation:!1})}s(tp,"localFileDestination");function Iv(){let t=[],e=DS(bS);if(io.default.existsSync(e)){let i=io.default.readFileSync(e,"utf-8").split(`
|
|
37
|
-
`);for(let o of i.filter(a=>a))t.push(io.default.readFileSync(o))}return t.push(io.default.readFileSync(DS(CS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(Iv,"getLogReadStream");function wv(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(wv,"isPlainObject");function Dv(t){return t instanceof Error}s(Dv,"isError");function Rv(t){return typeof t=="string"}s(Rv,"isMessage");var _r;if(!E.DISABLE_PINO_LOGGER){let t=E.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>E.SELF_HOSTED?{service:E.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(E.isDev()?{stream:(0,PS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),E.SELF_HOSTED&&r.push({stream:tp(),level:t}),_r=r.length?(0,_u.default)(e,_u.default.multistream(r)):(0,_u.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(g=>{Rv(g)&&(f=`${f} ${g}`.trimStart()),wv(g)&&d.push(g),Dv(g)&&(l=g)});let m=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:m?._id,identityType:m?.type,correlationId:Gf()};let T=np.default.scope().active();T&&np.default.inject(T.context(),NS.formats.LOG,p);let h={err:l,pid:process.pid,...p};if(d.length){let g={},y=0;for(let O=0;O<d.length;O++){let I=d[O],R=I._logKey;R?(delete I._logKey,h[R]=I):(g[y]=I,y++)}Object.keys(g).length&&(h.data=g)}return[h,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);_r?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);_r?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),_r?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);_r?.debug(l,d)};let i=s(()=>{let c;try{c=V()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=ke()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=cf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Bt()}catch{}return c},"getIdentity")}var Ou=_r;var Cv=["AccountError"];function bv(t){return t&&t.suppressAlert}s(bv,"isSuppressed");function dn(t,e){e&&Cv.includes(e.name)&&bv(e)||console.error(`bb-alert: ${t}`,e)}s(dn,"logAlert");function xv(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,dn(t,n)}s(xv,"logAlertWithInfo");function ui(t,e){console.warn(`bb-warn: ${t}`,e)}s(ui,"logWarn");var Iu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},ip=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new gt(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Iu&&await u.discard(),dn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Ue.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var vv=100,wu,oo=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new gt("docWritethroughQueue",{jobOptions:{attempts:vv}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=De(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},op=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await oo.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function US(){return wu=new oo().init(),wu}s(US,"init");function Pv(){return wu||US()}s(Pv,"getProcessor");var uo={};P(uo,{CacheKey:()=>ye,TTL:()=>mn,bustCache:()=>ci,destroy:()=>ao,get:()=>hn,keys:()=>Du,store:()=>jt,withCache:()=>Or,withCacheWithDynamicTTL:()=>LS});function Ct(t){let e=V();return`${t}:${e}`}s(Ct,"generateTenantKey");var fn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await yf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?Ct(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[Ct(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(Ct(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?Ct(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var pn=new fn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},mn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(mn||{}),Du=s((...t)=>pn.keys(...t),"keys"),hn=s((...t)=>pn.get(...t),"get"),jt=s((...t)=>pn.store(...t),"store"),ao=s((...t)=>pn.delete(...t),"destroy"),Or=s((...t)=>pn.withCache(...t),"withCache"),LS=s((...t)=>pn.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),ci=s((...t)=>pn.bustCache(...t),"bustCache");var cp={};P(cp,{createCode:()=>Uv,deleteCode:()=>kv,getCode:()=>Lv,getExistingInvites:()=>up,getInviteCodes:()=>MS,updateCode:()=>Nv});var kS=he.fromDays(7).toSeconds();async function Nv(t,e){await(await sn()).store(t,e,kS)}s(Nv,"updateCode");async function Uv(t,e){let r=ee();return await(await sn()).store(r,{email:t,info:e},kS),r}s(Uv,"createCode");async function Lv(t){let r=await(await sn()).get(t);if(!r)throw"Invitation is not valid or has expired, please request a new one.";return r}s(Lv,"getCode");async function kv(t){await(await sn()).delete(t)}s(kv,"deleteCode");async function MS(){let r=(await(await sn()).scan()).map(i=>({...i.value,code:i.key}));if(!E.MULTI_TENANCY)return r;let n=V();return r.filter(i=>n===i.info.tenantId)}s(MS,"getInviteCodes");async function up(t){return(await MS()).filter(e=>t.includes(e.email))}s(up,"getExistingInvites");var lp={};P(lp,{createCode:()=>Fv,getCode:()=>Bv,invalidateCode:()=>Wv});var Mv=he.fromHours(1).toSeconds();async function Fv(t,e){let r=ee();return await(await Ws()).store(r,{userId:t,info:e},Mv),r}s(Fv,"createCode");async function Bv(t){let r=await(await Ws()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(Bv,"getCode");async function Wv(t){await(await Ws()).delete(t)}s(Wv,"invalidateCode");var Rr={};P(Rr,{getUser:()=>bo,getUsers:()=>hL,invalidateUser:()=>xo});var co={};P(co,{getPlatformDB:()=>Ir,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>BS,addUser:()=>Qv,getUserDoc:()=>FS,lookupTenantId:()=>$v,removeUser:()=>jv,updateUserDoc:()=>Gv});function Ir(){return De(fe.PLATFORM_INFO.name)}s(Ir,"getPlatformDB");async function $v(t){return E.MULTI_TENANCY?(await FS(t)).tenantId:ae}s($v,"lookupTenantId");async function FS(t){return Ir().get(t)}s(FS,"getUserDoc");async function Gv(t){await Ir().put(t)}s(Gv,"updateUserDoc");function Vv(t,e){return{_id:t,tenantId:e}}s(Vv,"newUserIdDoc");function qv(t,e,r){return{_id:e,userId:t,tenantId:r}}s(qv,"newUserEmailDoc");function Kv(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(Kv,"newUserSsoIdDoc");async function dp(t,e){let r=Ir(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(dp,"addUserDoc");async function BS(t,e,r,n){return dp(t,()=>Kv(t,e,r,n))}s(BS,"addSsoUser");async function Qv(t,e,r,n){let i=[dp(e,()=>Vv(e,t)),dp(r,()=>qv(e,r,t))];n&&i.push(BS(n,r,e,t)),await Promise.all(i)}s(Qv,"addUser");async function jv(t){let e=Ir(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(jv,"removeUser");var En={};P(En,{getAccount:()=>wr,getAccountByTenantId:()=>li,getStatus:()=>Yv});var WS=B(require("node-fetch"));var lo=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Xs.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,WS.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var fp=new lo(E.INTERNAL_ACCOUNT_PORTAL_URL),pp=E.SELF_HOSTED||E.DISABLE_ACCOUNT_PORTAL,wr=s(async t=>{if(pp)return;let e={email:t},r=await fp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),li=s(async t=>{if(pp)return;let e={tenantId:t},r=await fp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),Yv=s(async()=>{if(pp)return;let t=await fp.get("/api/status",{headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var hi={};P(hi,{UserDB:()=>xt,addAppBuilder:()=>dL,bulkGetGlobalUsersById:()=>zu,bulkUpdateGlobalUsers:()=>Do,cleanseUserObject:()=>Lp,creatorsInList:()=>Tn,doesUserExist:()=>oL,getAccountHolderFromUsers:()=>Hu,getAllUserIds:()=>iL,getAllUsers:()=>sL,getById:()=>Sn,getCreatorCount:()=>cL,getExistingAccounts:()=>mi,getExistingPlatformUsers:()=>RA,getExistingTenantUsers:()=>DA,getFirstPlatformUser:()=>Io,getGlobalUserByAppPage:()=>NA,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>Ku,getUserCount:()=>uL,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>xA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>bA,isAdminOrWorkspaceBuilder:()=>Qu,isBuilder:()=>yi,isCreatorAsync:()=>wo,isCreatorSync:()=>ju,isGlobalBuilder:()=>CA,paginatedUsers:()=>LA,removeAppBuilder:()=>fL,removePortalUserPermissions:()=>lL,searchExistingEmails:()=>xp,searchGlobalUsersByApp:()=>Ju,searchGlobalUsersByAppAccess:()=>Up,searchGlobalUsersByEmail:()=>UA,validateUniqueUser:()=>Yu});var Lu={};P(Lu,{BadRequestError:()=>bu,BudibaseError:()=>fo,EmailUnavailableError:()=>Yt,FeatureDisabledError:()=>Pu,ForbiddenError:()=>xu,HTTPError:()=>Me,NotFoundError:()=>Cu,NotImplementedError:()=>vu,UnexpectedError:()=>Ru,UsageLimitError:()=>Nu,getPublicError:()=>Uu});var fo=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}},Uu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),Me=class t extends fo{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.message,o=u.status,a=u.error?.code}catch{}return new t(i,o,a)}},Ru=class extends Me{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Cu=class extends Me{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},bu=class extends Me{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},xu=class extends Me{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},vu=class extends Me{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},Pu=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},Nu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Yt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var gp={};P(gp,{PASSWORD_MAX_LENGTH:()=>hp,PASSWORD_MIN_LENGTH:()=>mp,validatePassword:()=>Ep});var mp=+(E.PASSWORD_MIN_LENGTH||12),hp=+(E.PASSWORD_MAX_LENGTH||512);function Ep(t){return!t||t.length<mp?{valid:!1,error:`Password invalid. Minimum ${mp} characters.`}:t.length>hp?{valid:!1,error:`Password invalid. Maximum ${hp} characters.`}:{valid:!0}}s(Ep,"validatePassword");var ku={};P(ku,{createASession:()=>Hv,endSession:()=>zv,getSession:()=>Tp,getSessionsForUser:()=>po,invalidateSessions:()=>gn,updateSessionTTL:()=>yp});var GS=require("uuid");var VS=E.SESSION_EXPIRY_SECONDS?parseInt(E.SESSION_EXPIRY_SECONDS):he.fromDays(7).toSeconds();function di(t,e){return`${t}/${e}`}s(di,"makeSessionID");async function po(t){return t?(await(await Er()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(po,"getSessionsForUser");async function gn(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await po(t)).map(a=>({key:di(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:di(t,o)}))),i&&i.length>0){let o=await Er(),a=[];for(let u of i)a.push(o.delete(u.key));E.isTest()||ui(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(gn,"invalidateSessions");async function Hv(t,e){let r=await po(t),n=0;if(r.length>=3){let l=r.sort((m,p)=>new Date(m.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(m=>m.sessionId);n=f.length,await gn(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await Er(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,GS.v4)(),u=di(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,VS),{session:c,invalidatedSessionCount:n}}s(Hv,"createASession");async function yp(t){let e=await Er(),r=di(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,VS)}s(yp,"updateSessionTTL");async function zv(t,e){await(await Er()).delete(di(t,e))}s(zv,"endSession");async function Tp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await Er()).get(di(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Tp,"getSession");var pi={};P(pi,{account:()=>tA,action:()=>rA,ai:()=>nA,analytics:()=>Fu,app:()=>iA,asyncEventQueue:()=>Tt,auditLog:()=>sA,auth:()=>qu,automation:()=>oA,backfill:()=>aA,backfillCache:()=>$u,backup:()=>uA,datasource:()=>cA,email:()=>lA,environmentVariable:()=>dA,group:()=>fA,identification:()=>St,initAsyncEvents:()=>KU,installation:()=>yo,layout:()=>pA,license:()=>mA,org:()=>hA,plugin:()=>EA,processors:()=>wp,publishEvent:()=>A,query:()=>gA,resource:()=>yA,role:()=>Oo,rowAction:()=>TA,rows:()=>SA,screen:()=>AA,serve:()=>_A,shutdown:()=>QU,table:()=>OA,user:()=>Be,view:()=>IA,workspace:()=>wA});var Fu={};P(Fu,{enabled:()=>Mu});var Mu=s(async()=>Bu(),"enabled");var Tt;function Wu(){Tt=new gt("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(Wu,"init");async function qS(){Tt&&await Tt.close()}s(qS,"shutdown");async function KS(t){Tt||Wu();let{event:e,identity:r}=t;km.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(KS,"publishAsyncEvent");var $u={};P($u,{end:()=>Zv,isAlreadySent:()=>_p,isBackfillingEvent:()=>Ap,recordEvent:()=>Sp,start:()=>Jv});var Jv=s(async t=>eP({eventWhitelist:t}),"start"),Sp=s(async(t,e)=>{let r=Op(t,e);await jt(r,e,void 0,{useTenancy:!1})},"recordEvent"),Zv=s(async()=>{await tP(),await rP()},"end"),Xv=s(async()=>hn(ye.BACKFILL_METADATA),"getBackfillMetadata"),eP=s(async t=>jt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),tP=s(async()=>{await ao(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),rP=s(async()=>{let t=Op(),e=await Du(t);for(let r of e)await ao(r,{useTenancy:!1})},"clearEvents"),Ap=s(async t=>{let r=(await Xv())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),_p=s(async(t,e)=>{let r=Op(t,e);return!!await hn(r,{useTenancy:!1})},"isAlreadySent"),nP={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},Op=s((t,e)=>{let r,n=V();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=nP[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var wp={};P(wp,{analyticsProcessor:()=>ZS,init:()=>pP,processors:()=>zt});var zS=require("posthog-node");var iP=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),sP=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var jS={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},YS=s(async t=>{if(!iP(t))return!1;let e=await oP(t);if(e){let r=new Date(e.timestamp);switch(jS[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await QS(t,{timestamp:Date.now()}),!1):!0}}else return await QS(t,{timestamp:Date.now()}),!1},"limited"),HS=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return sP(t)&&(e=e+":"+ke()),e},"eventKey"),oP=s(async t=>{let e=HS(t);return await hn(e)},"readEvent"),QS=s(async(t,e)=>{let r=HS(t),n=jS[t],i;switch(n){case"calendarDay":i=86400}await jt(r,e,i)},"recordEvent");var uP=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],mo=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new zS.PostHog(e)}async processEvent(e,r,n,i){if(uP.includes(e)||await YS(e))return;n=this.clearPIIProperties(n),n.version=E.VERSION,n.service=E.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=ke();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var JS=mo;var cP=["installation:version:upgraded","installation:version:downgraded"],lP=["installation","tenant"],ho=class{static{s(this,"AnalyticsProcessor")}constructor(){E.POSTHOG_TOKEN&&!E.isTest()&&(this.posthog=new JS(E.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!cP.includes(e)&&!await Mu()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!lP.includes(e.type)&&!await Mu()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Ip=E.SELF_HOSTED&&!E.isDev(),Eo=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Ip||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Ip||console.log("[audit] identified",e)}async identifyGroup(e){Ip||console.log("[audit] group identified",e)}async shutdown(){}};var fi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new gt("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Re(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};E.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Lf(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:ke(),hostInfo:r.hostInfo},tenantId:V()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var go=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var ZS=new ho,dP=new Eo,fP=new fi;function pP(t){return fi.init(t)}s(pP,"init");var zt=new go([ZS,dP,fP]);var Gu={};P(Gu,{checkInstallVersion:()=>EP,getInstall:()=>To,getInstallFromDB:()=>Rp});var Dp=B(require("semver"));var To=s(async()=>Or(ye.INSTALLATION,86400,Rp,{useTenancy:!1}),"getInstall");async function mP(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:E.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return Rp();throw r}}s(mP,"createInstallDoc");var Rp=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await mP(t);else throw r}return e}),"getInstallFromDB"),hP=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await To();r.version=t,await e.put(r),await ci(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),EP=s(async()=>{let t=await To(),e=t.version,r=E.VERSION;try{if(e!==r){let n=Dp.default.gt(r,e),i=Dp.default.lt(r,e);await hP(r)&&(await ws({_id:t.installId,type:"installation"},async()=>{n?await yo.upgraded(e,r):i&&await yo.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?dn(`Invalid version "${r}" - is it semver?`):dn("Failed to retrieve version",n)}},"checkInstallVersion");var gP=s(async()=>{let t=qd(),e=_o(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await yn(),i=So();return{id:XS(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await yn(),i=await Vu(V()),o=So();return{id:XS(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:V(),environment:e}}else if(r==="user"){let n=t,i=await Vu(V()),o=await yn(),a=n.account,u;return a?u=a.hosting:u=So(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:V(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),yP=s(async(t,e)=>{let r=t,n="installation",i=So(),o=E.VERSION,a=_o(),u={id:r,type:n,hosting:i,version:o,environment:a};await Cp(u,e),await Ao({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),TP=s(async(t,e,r,n=E.VERSION)=>{let i=await Vu(t),o="tenant",a=await yn(),u=_o(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await Cp(c,r),await Ao({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),SP=s(async(t,e,r)=>{let n=t._id,i=await Vu(t.tenantId),o="user",a=Fe(t),u=Dr(t),c;jo(t)&&(c=t.providerType);let d=(await mi([t.email])).length>0,f=!!e&&d&&e.verified,m=await yn(),p=e?e.hosting:So(),T=_o();await Ao({id:n,type:o,hosting:p,installationId:m,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:T},r)},"identifyUser"),AP=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Qo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await yn(),l=_o();if(Ko(t)){let f=await At(t.email);f?._id&&(e=f._id)}await Ao({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),Ao=s(async(t,e)=>{await zt.identify(t,e)},"identify"),Cp=s(async(t,e)=>{await zt.identifyGroup(t,e)},"identifyGroup"),_o=s(()=>E.isDev()?"development":E.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),So=s(()=>E.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),yn=s(async()=>_P()?"account-portal":(await To()).installId,"getInstallationId"),Vu=s(async t=>E.SELF_HOSTED?eA(t):t,"getEventTenantId"),eA=s(async t=>Re(t,()=>Or(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=H(),r=await Ei(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=E.VERSION,await e.put(r),n)})),"getUniqueTenantId"),_P=s(()=>E.SERVICE==="account-portal","isAccountPortal"),XS=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:gP,identifyInstallationGroup:yP,identifyTenantGroup:TP,identifyUser:SP,identifyAccount:AP,identify:Ao,identifyGroup:Cp,getInstallationId:yn,getUniqueTenantId:eA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Ap(t))){await KS({event:t,identity:i,properties:e,timestamp:r}),await zt.processEvent(t,i,e,r);return}await _p(t,e)||(await zt.processEvent(t,i,e,r),await Sp(t,e))},"publishEvent");async function OP(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(OP,"created");async function IP(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(IP,"deleted");async function wP(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(wP,"verified");var tA={created:OP,deleted:IP,verified:wP};async function DP(t,e){console.info("action:automation_step:executed",`disabled. Action step ${t.stepId} not published at ${e}`)}s(DP,"automationStepExecuted");async function RP(t,e){console.info("action:automation_step:executed",`disabled. Action type ${t.type} not published at ${e}`)}s(RP,"crudExecuted");async function CP(t,e){console.info("action:automation_step:executed",`disabled. Execution for ai agent ${t.agentId} not published at ${e}`)}s(CP,"aiAgentExecuted");var rA={aiAgentExecuted:CP,automationStepExecuted:DP,crudExecuted:RP};async function bP(t){let e={};await A("ai:config:created",e,t)}s(bP,"AIConfigCreated");async function xP(){let t={};await A("ai:config:updated",t)}s(xP,"AIConfigUpdated");var nA={AIConfigCreated:bP,AIConfigUpdated:xP};var vP=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function PP(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(PP,"updated");async function NP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(NP,"deleted");async function UP(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(UP,"published");async function LP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(LP,"unpublished");async function kP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(kP,"fileImported");async function MP(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(MP,"duplicated");async function FP(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(FP,"templateImported");async function BP(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(BP,"versionUpdated");async function WP(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(WP,"versionReverted");async function $P(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s($P,"reverted");async function GP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(GP,"exported");var iA={created:vP,updated:PP,deleted:NP,published:UP,unpublished:LP,fileImported:kP,duplicated:MP,templateImported:FP,versionUpdated:BP,versionReverted:WP,reverted:$P,exported:GP};async function VP(t){let e={filters:t};await A("audit_log:filtered",e)}s(VP,"filtered");async function qP(t){let e={filters:t};await A("audit_log:downloaded",e)}s(qP,"downloaded");var sA={filtered:VP,downloaded:qP};async function KP(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(KP,"login");async function QP(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(QP,"logout");async function jP(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(jP,"SSOCreated");async function YP(t){let e={type:t};await A("auth:sso:updated",e)}s(YP,"SSOUpdated");async function HP(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(HP,"SSOActivated");async function zP(t){let e={type:t};await A("auth:sso:deactivated",e)}s(zP,"SSODeactivated");var qu={login:KP,logout:QP,SSOCreated:jP,SSOUpdated:YP,SSOActivated:HP,SSODeactivated:zP};async function JP(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(JP,"created");async function ZP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(ZP,"triggerUpdated");async function XP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(XP,"deleted");async function eN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(eN,"tested");var tN=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function rN(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(rN,"stepCreated");async function nN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(nN,"stepDeleted");var oA={created:JP,triggerUpdated:ZP,deleted:XP,tested:eN,run:tN,stepCreated:rN,stepDeleted:nN};var gi=!E.SELF_HOSTED&&!E.isDev();async function iN(t){gi||await A("app:backfill:succeeded",t)}s(iN,"appSucceeded");async function sN(t){if(gi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(sN,"appFailed");async function oN(t){gi||await A("tenant:backfill:succeeded",t)}s(oN,"tenantSucceeded");async function aN(t){if(gi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(aN,"tenantFailed");async function uN(){if(gi)return;let t={};await A("installation:backfill:succeeded",t)}s(uN,"installationSucceeded");async function cN(t){if(gi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(cN,"installationFailed");var aA={appSucceeded:iN,appFailed:sN,tenantSucceeded:oN,tenantFailed:aN,installationSucceeded:uN,installationFailed:cN};async function lN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(lN,"appBackupRestored");async function dN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(dN,"appBackupTriggered");var uA={appBackupRestored:lN,appBackupTriggered:dN};function bp(t){return!Object.values($o).includes(t.source)}s(bp,"isCustom");async function fN(t,e){let r={datasourceId:t._id,source:t.source,custom:bp(t)};await A("datasource:created",r,e)}s(fN,"created");async function pN(t){let e={datasourceId:t._id,source:t.source,custom:bp(t)};await A("datasource:updated",e)}s(pN,"updated");async function mN(t){let e={datasourceId:t._id,source:t.source,custom:bp(t)};await A("datasource:deleted",e)}s(mN,"deleted");var cA={created:fN,updated:pN,deleted:mN};async function hN(t){let e={};await A("email:smtp:created",e,t)}s(hN,"SMTPCreated");async function EN(){let t={};await A("email:smtp:updated",t)}s(EN,"SMTPUpdated");var lA={SMTPCreated:hN,SMTPUpdated:EN};async function gN(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(gN,"created");async function yN(t){let e={name:t};await A("environment_variable:deleted",e)}s(yN,"deleted");async function TN(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(TN,"upgradePanelOpened");var dA={created:gN,deleted:yN,upgradePanelOpened:TN};async function SN(t,e){let r={groupId:t._id,viaScim:ht(),audited:{name:t.name}};await A("user_group:created",r,e)}s(SN,"created");async function AN(t){let e={groupId:t._id,viaScim:ht(),audited:{name:t.name}};await A("user_group:updated",e)}s(AN,"updated");async function _N(t){let e={groupId:t._id,viaScim:ht(),audited:{name:t.name}};await A("user_group:deleted",e)}s(_N,"deleted");async function ON(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:ht(),audited:{name:e.name}};await A("user_group:user_added",n)}s(ON,"usersAdded");async function IN(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:ht(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(IN,"usersDeleted");async function wN(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(wN,"createdOnboarding");async function DN(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(DN,"permissionsEdited");var fA={created:SN,updated:AN,deleted:_N,usersAdded:ON,usersDeleted:IN,createdOnboarding:wN,permissionsEdited:DN};async function RN(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(RN,"versionChecked");async function CN(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(CN,"upgraded");async function bN(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(bN,"downgraded");async function xN(){let t={};await A("installation:firstStartup",t)}s(xN,"firstStartup");var yo={versionChecked:RN,upgraded:CN,downgraded:bN,firstStartup:xN};async function vN(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(vN,"created");async function PN(t){let e={layoutId:t};await A("layout:deleted",e)}s(PN,"deleted");var pA={created:vN,deleted:PN};async function NN(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(NN,"planChanged");async function UN(t){let e={accountId:t.accountId};await A("license:activated",e)}s(UN,"activated");async function LN(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(LN,"checkoutOpened");async function kN(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(kN,"checkoutSuccess");async function MN(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(MN,"portalOpened");async function FN(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(FN,"paymentFailed");async function BN(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(BN,"paymentRecovered");var mA={planChanged:NN,activated:UN,checkoutOpened:LN,checkoutSuccess:kN,portalOpened:MN,paymentFailed:FN,paymentRecovered:BN};async function WN(t){let e={};await A("org:info:name:updated",e,t)}s(WN,"nameUpdated");async function $N(t){let e={};await A("org:info:logo:updated",e,t)}s($N,"logoUpdated");async function GN(t){let e={};await A("org:platformurl:updated",e,t)}s(GN,"platformURLUpdated");async function VN(){let t={};await A("analytics:opt:out",t)}s(VN,"analyticsOptOut");async function qN(){let t={};await A("analytics:opt:out",t)}s(qN,"analyticsOptIn");var hA={nameUpdated:WN,logoUpdated:$N,platformURLUpdated:GN,analyticsOptOut:VN,analyticsOptIn:qN};async function KN(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(KN,"init");async function QN(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(QN,"imported");async function jN(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(jN,"deleted");var EA={init:KN,imported:QN,deleted:jN};var YN=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),HN=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),zN=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),JN=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),ZN=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),XN=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),gA={created:YN,updated:HN,deleted:zN,imported:JN,run:ZN,previewed:XN};async function eU({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(eU,"duplicatedToWorkspace");var yA={duplicatedToWorkspace:eU};async function tU(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(tU,"created");async function rU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(rU,"updated");async function nU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(nU,"deleted");async function iU(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(iU,"assigned");async function sU(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(sU,"unassigned");var Oo={created:tU,updated:rU,deleted:nU,assigned:iU,unassigned:sU};async function oU(t,e){await A("row_action:created",t,e)}s(oU,"created");var TA={created:oU};var aU=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),uU=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),SA={created:aU,imported:uU};async function cU(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(cU,"created");async function lU(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(lU,"deleted");var AA={created:cU,deleted:lU};async function dU(t){let e={timezone:t};await A("served:builder",e)}s(dU,"servedBuilder");async function fU(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(fU,"servedApp");async function pU(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(pU,"servedAppPreview");var _A={servedBuilder:dU,servedApp:fU,servedAppPreview:pU};async function mU(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(mU,"created");async function hU(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(hU,"updated");async function EU(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(EU,"deleted");async function gU(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(gU,"exported");async function yU(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(yU,"imported");var OA={created:mU,updated:hU,deleted:EU,exported:gU,imported:yU};async function TU(t,e){let r={userId:t._id,viaScim:ht(),audited:{email:t.email}};await A("user:created",r,e)}s(TU,"created");async function SU(t){let e={userId:t._id,viaScim:ht(),audited:{email:t.email}};await A("user:updated",e)}s(SU,"updated");async function AU(t){let e={userId:t._id,viaScim:ht(),audited:{email:t.email}};await A("user:deleted",e)}s(AU,"deleted");async function _U(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(_U,"permissionAdminAssigned");async function OU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(OU,"permissionAdminRemoved");async function IU(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(IU,"permissionBuilderAssigned");async function wU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(wU,"permissionBuilderRemoved");async function DU(t){let e={audited:{email:t}};await A("user:invited",e)}s(DU,"invited");async function RU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(RU,"inviteAccepted");async function CU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(CU,"passwordForceReset");async function bU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(bU,"passwordUpdated");async function xU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(xU,"passwordResetRequested");async function vU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(vU,"passwordReset");async function PU(t){let e={users:t};await A("user:data:collaboration",e)}s(PU,"dataCollaboration");var Be={created:TU,updated:SU,deleted:AU,permissionAdminAssigned:_U,permissionAdminRemoved:OU,permissionBuilderAssigned:IU,permissionBuilderRemoved:wU,invited:DU,inviteAccepted:RU,passwordForceReset:CU,passwordUpdated:bU,passwordResetRequested:xU,passwordReset:vU,dataCollaboration:PU};async function NU(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(NU,"created");async function UU(t){let e={tableId:t.tableId};await A("view:updated",e)}s(UU,"updated");async function LU(t,e){let r={...Ue.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(LU,"deleted");async function kU(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(kU,"exported");async function MU({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(MU,"filterCreated");async function FU({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(FU,"filterUpdated");async function BU(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(BU,"filterDeleted");async function WU({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(WU,"calculationCreated");async function $U(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s($U,"calculationUpdated");async function GU(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(GU,"calculationDeleted");async function VU(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(VU,"viewJoinCreated");var IA={created:NU,updated:UU,deleted:LU,exported:kU,filterCreated:MU,filterUpdated:FU,filterDeleted:BU,calculationCreated:WU,calculationUpdated:$U,calculationDeleted:GU,viewJoinCreated:VU};async function qU(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(qU,"deleted");var wA={deleted:qU};function KU(){}s(KU,"initAsyncEvents");var QU=s(async()=>{await zt.shutdown(),console.log("Events shutdown")},"shutdown");var vp={};P(vp,{creatorsInList:()=>Tn,getAccountHolderFromUsers:()=>Hu,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>xA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>bA,isAdminOrWorkspaceBuilder:()=>Qu,isBuilder:()=>yi,isCreatorAsync:()=>wo,isCreatorSync:()=>ju,isGlobalBuilder:()=>CA,validateUniqueUser:()=>Yu});async function xp(t){let e=[],r=await DA(t);e.push(...r.map(a=>a.email));let n=await RA(t);e.push(...n.map(a=>a._id));let i=await mi(t);e.push(...i.map(a=>a.email));let o=await up(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(xp,"searchExistingEmails");async function Ku(t){return await Ks("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(Ku,"getPlatformUsers");async function Io(t){return(await Ku(t))[0]??null}s(Io,"getFirstPlatformUser");async function DA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Gt("by_email2",r,void 0,n)}s(DA,"getExistingTenantUsers");async function RA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ks("platform_users_lowercase_2",r)}s(RA,"getExistingPlatformUsers");async function mi(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ks("account_by_email",r)}s(mi,"getExistingAccounts");var yi=Le.users.isBuilder,bt=Le.users.isAdmin,CA=Le.users.isGlobalBuilder,bA=Le.users.isAdminOrBuilder,Dr=Le.users.hasAdminPermissions,Fe=Le.users.hasBuilderPermissions,xA=Le.users.hasAppBuilderPermissions,Qu=Le.users.isAdminOrWorkspaceBuilder;async function Tn(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await H().getMultiple(r,{allowMissing:!0}),t.map(i=>ju(i,e))}s(Tn,"creatorsInList");async function wo(t){let e=[];return t.userGroups&&(e=await H().getMultiple(t.userGroups)),ju(t,e)}s(wo,"isCreatorAsync");function ju(t,e){let r=Le.users.isCreator(t);return!r&&t?jU(t,e):r}s(ju,"isCreatorSync");function jU(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(jU,"isCreatorByGroupMembership");async function Yu(t,e){if(E.MULTI_TENANCY){let r=await Io(t);if(r!=null&&r.tenantId!==e)throw new Yt(t)}if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let r=await wr(t);if(r&&r.verified&&r.tenantId!==e)throw new Yt(t)}}s(Yu,"validateUniqueUser");async function Hu(t){if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let e=await mi(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(Hu,"getAccountHolderFromUsers");var Pp=s(async t=>{await Be.deleted(t),Fe(t)&&await Be.permissionBuilderRemoved(t),Dr(t)&&await Be.permissionAdminRemoved(t)},"handleDeleteEvents"),YU=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await Oo.assigned(t,i)},"assignAppRoleEvents"),HU=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await Oo.unassigned(t,i)},"unassignAppRoleEvents"),zU=s(async(t,e)=>{let r=t.roles,n=e?.roles;await YU(t,r,n),await HU(t,r,n)},"handleAppRoleEvents"),Np=s(async(t,e)=>{let r=V(),n;!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL&&(n=await li(r)),await St.identifyUser(t,n),e?(await Be.updated(t),ZU(t,e)&&await Be.permissionBuilderRemoved(t),eL(t,e)&&await Be.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Be.passwordForceReset(t),t.password!==e.password&&await Be.passwordUpdated(t)):await Be.created(t),JU(t,e)&&await Be.permissionBuilderAssigned(t),XU(t,e)&&await Be.permissionAdminAssigned(t),await zU(t,e)},"handleSaveEvents"),JU=s((t,e)=>vA(t,e,Fe),"isAddingBuilder"),ZU=s((t,e)=>PA(t,e,Fe),"isRemovingBuilder"),XU=s((t,e)=>vA(t,e,Dr),"isAddingAdmin"),eL=s((t,e)=>PA(t,e,Dr),"isRemovingAdmin"),vA=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),PA=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var rL=s(async t=>{let e=t._id;await yt.removeUser(t),await Pp(t),await Rr.invalidateUser(e),await gn(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),xt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return E.ENABLE_SSO_MAINTENANCE_MODE&&bt(e)?!1:await t.features.isSSOEnforced()||jo(e)?!0:(r||(r=await li(V())),!!(r&&r.email===e.email&&Qo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new Me("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Ep(a);if(!f.valid)throw new Me(f.error,400)}c=r.hashPassword?await Gd(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ri();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await H().allDocs(on(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByApp(e){return{userCount:(await Ju(e,{})).length}}static async getUsersByAppAccess(e){return await Up(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await Sn(e);return r&&delete r.password,r}static async bulkGet(e){return await zu(e)}static async bulkUpdate(e){return await Do(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=V(),i=H(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await Sn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(m){if(m.status!==404)throw m}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Yt(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[m,p]=await Tn([l,e]);f=m!==p?1:0}return t.quotas.addUsers(d,f,async()=>{r.isAccountHolder||await Yu(o,n);let m=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(m=Lp(m,l)),!l&&c?.length&&(m.roles={...c});let p=[];if(!a&&u.length>0)for(let T of u)p.push(t.groups.addUsers(T,[m._id]));try{let T=await i.put(m);return m._rev=T.rev,await Np(m,l),l&&m.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,m._id,m.email,m.ssoId),await Rr.invalidateUser(T.id),await Promise.all(p),i.get(m._id)}catch(T){throw T.status===409?"User exists already":T}})}static async bulkCreate(e,r){let n=V(),i=[],o=[],a=[],u=e.map(m=>m.email),c=await xp(u),l=[];for(let m of e){let p=o.find(h=>h.email.toLowerCase()===m.email.toLowerCase()),T=c.includes(m.email.toLowerCase());if(p||T){l.push({email:m.email,reason:"Unavailable"});continue}m.userGroups=r||[],o.push(m),await wo(m)&&a.push(m)}let d=await li(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let T of o)f&&delete T.password,i.push(t.buildUser(T,{hashPassword:!0,requirePassword:!f},n,void 0,d));let m=await Promise.all(i);await Do(m);for(let T of m)await yt.addUser(n,T._id,T.email),await Np(T,void 0);let p=m.map(T=>({_id:T._id,email:T.email}));if(Array.isArray(p)&&r){let T=[],h=p.map(g=>g._id);for(let g of r)T.push(t.groups.addUsers(g,h));await Promise.all(T)}return{successful:p,unsuccessful:l}})}static async bulkDelete(e){let r=H(),n={successful:[],unsuccessful:[]},i=await Hu(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await Do(u),d=(await Tn(a)).filter(p=>p).length,f=[];for(let p of a){let h=(await Io(p._id)).ssoId;h&&(await Ku(h)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await rL(p)}await Ir().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let m={};return a.reduce((p,T)=>(p[T._id]=T,p),m),c.forEach(p=>{let T=m[p.id].email;p.ok?n.successful.push({_id:p.id,email:T}):n.unsuccessful.push({_id:p.id,email:T,reason:"Database error"})}),n}static async destroy(e){let r=H(),n=await r.get(e),i=n._id;if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await wr(a))throw n.userId===Bt()._id?new Me('Please visit "Account" to delete this user',400):new Me("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await wo(n)?1:0;await t.quotas.removeUsers(1,o),await Pp(n),await Rr.invalidateUser(i),await gn(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await ci(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Co(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Co,"removeUserPassword");async function zu(t,e){let n=(await H().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Co(n)),n}s(zu,"bulkGetGlobalUsersById");async function iL(){let t=H(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`})).rows.map(n=>n.id)}s(iL,"getAllUserIds");async function sL(){let t=H(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`,include_docs:!0})).rows.map(n=>n.doc)}s(sL,"getAllUsers");async function Do(t){return await H().bulkDocs(t)}s(Do,"bulkUpdateGlobalUsers");async function Sn(t,e){let n=await H().get(t);return e?.cleanup&&(n=Co(n)),n}s(Sn,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Gt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Co(n)),n}s(At,"getGlobalUserByEmail");async function oL(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(oL,"doesUserExist");async function Ju(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=au(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Gt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Co(o)),o}s(Ju,"searchGlobalUsersByApp");async function Up(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await H().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(Up,"searchGlobalUsersByAppAccess");function NA(t,e){if(e)return ou(Ye(t),e._id)}s(NA,"getGlobalUserByAppPage");async function UA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Gt("by_email2",{...e,startkey:i,endkey:`${n}${Pe}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Co(a)),a}s(UA,"searchGlobalUsersByEmail");var aL=8;async function LA({bookmark:t,query:e,appId:r,limit:n}={}){let i=H(),o=n??aL,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await Sn(e.equal._id)]:r?(c=await Ju(r,u),d=s(f=>NA(r,f),"getKey")):e?.string?.email?(c=await UA(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await zu(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(on(null,{...u,limit:void 0}))).rows.map(m=>m.doc),c=dr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(on(null,u))).rows.map(m=>m.doc),Df(c,o,{paginate:!0,property:l,getKey:d})}s(LA,"paginatedUsers");async function uL(){return(await bf("by_email2",{limit:0,include_docs:!1})).total_rows}s(uL,"getUserCount");async function cL(){let t=0;async function e(r){let n=await LA({bookmark:r}),i=await Tn(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(cL,"getCreatorCount");function lL(t){return delete t.admin,delete t.builder,t}s(lL,"removePortalUserPermissions");function Lp(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(Lp,"cleanseUserObject");async function dL(t,e){let r=Ye(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await xt.save(t,{hashPassword:!1})}s(dL,"addAppBuilder");async function fL(t,e){let r=Ye(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await xt.save(t,{hashPassword:!1})}s(fL,"removeAppBuilder");var kA=3600;async function pL(t,e){let n=await Pf(e).get(t);if(n.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let i=await wr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(pL,"populateFromDB");async function mL(t){let e=await xt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let o=await wr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(mL,"populateUsersFromDB");async function bo({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=pL),!e)try{e=V()}catch{e=await yt.lookupTenantId(t)}let i=await Bs(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,kA)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Le.users.isGlobalBuilder(o)&&await Re(e,async()=>{let a=await xt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(bo,"getUser");async function hL(t){let e=await Bs(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await mL(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,kA);i.push(...a.users)}return{users:i,notFoundIds:o}}s(hL,"getUsers");async function xo(t){await(await Bs()).delete(t)}s(xo,"invalidateUser");var Wp={};P(Wp,{Writethrough:()=>Fp});var Si={};P(Si,{AUTO_EXTEND_POLLING_MS:()=>FA,doWithLock:()=>kp,newRedlock:()=>An});var MA=B(require("redlock"));async function gL(t,e){if(t==="custom")return An(e);switch(t){case"try_once":return An(Ti.TRY_ONCE);case"try_twice":return An(Ti.TRY_TWICE);case"default":return An(Ti.DEFAULT);case"delay_500":return An(Ti.DELAY_500);case"auto_extend":return An(Ti.AUTO_EXTEND);default:throw _t.unreachable(t)}}s(gL,"getClient");var Ti={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function An(t={}){let e={...Ti.DEFAULT,...t},n=(await Sf()).client;return new MA.default([n],e)}s(An,"newRedlock");function yL(t){let r=`lock:${t.systemLock?"system":V()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(yL,"getLockName");var FA=he.fromSeconds(10).toMs();async function kp(t,e){let r=await gL(t.type,t.customOptions),n,i;try{let o=yL(t),a=t.type==="auto_extend"?FA:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(kp,"doWithLock");var BA=1e4,Mp=null;async function Zu(){if(!Mp){let t=await Tf();Mp=new fn(t)}return Mp}s(Zu,"getCache");function vo(t,e){return t.name+e}s(vo,"makeCacheKey");function Bp(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(Bp,"makeCacheItem");async function TL(t,e,r=BA){let n=await Zu(),i=e._id,o;i&&(o=await n.get(vo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await kp({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;ui("Ignoring conflict in write-through cache")}})).executed||ui("Ignoring redlock conflict in write-through cache")),o=Bp(u,a?null:o?.lastWrite),u._id&&await n.store(vo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(TL,"put");async function SL(t,e){let r=await Zu(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=Bp(o),await r.store(n,i)}return i.doc}s(SL,"get");async function AL(t,e){let r=await Zu(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=Bp(o),await r.store(n,i)}return i.doc}s(AL,"tryGet");async function _L(t,e,r){let n=await Zu();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(vo(t,i))}finally{await t.remove(i,r)}}s(_L,"remove");var Fp=class{static{s(this,"Writethrough")}constructor(e,r=BA){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return TL(this.db,e,r)}async get(e){return SL(this.db,e)}async tryGet(e){return AL(this.db,e)}async remove(e,r){return _L(this.db,e,r)}};function Po(t){return`config${D}${t}`}s(Po,"generateConfigID");var Xu="en";function OL(){return{_id:Po("translations"),type:"translations",config:{defaultLocale:Xu,locales:{[Xu]:{label:"English",overrides:{}}}}}}s(OL,"createDefaultTranslationsConfig");function IL(t){let e=t?.defaultLocale||Xu,r={...t?.locales??{}};r[e]||(r[e]={label:e===Xu?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s(IL,"prepareTranslationsConfig");async function xe(t){let e=H();try{return await e.get(Po(t))}catch(r){if(r.status===404)return;throw r}}s(xe,"getConfig");async function wL(t){return t._id||(t._id=Po(t.type)),H().put(t)}s(wL,"save");async function WA(){let t=await xe("translations");return t?(t.config=IL(t.config),t):OL()}s(WA,"getTranslationsConfigDoc");async function DL(){return(await WA()).config}s(DL,"getTranslationsConfig");async function Ei(){let t=await xe("settings");return t||(t={_id:Po("settings"),type:"settings",config:{}}),t.config.platformUrl=await No({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await Bu({config:t.config}),t}s(Ei,"getSettingsConfigDoc");async function Gp(){return(await Ei()).config}s(Gp,"getSettingsConfig");async function No(t={tenantAware:!0}){let e=E.PLATFORM_URL||"http://localhost:10000";if(!E.SELF_HOSTED&&E.MULTI_TENANCY&&t.tenantAware){let r=V();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(E.SELF_HOSTED){let r=t?.config?t.config:(await xe("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(No,"getPlatformUrl");var Bu=s(async t=>{if(!E.SELF_HOSTED)return!!E.ENABLE_ANALYTICS;let e=await Or(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await xe("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=E.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function RL(){return await xe("google")}s(RL,"getGoogleConfigDoc");async function tc(){return(await RL())?.config}s(tc,"getGoogleConfig");async function Vp(){if(!E.SELF_HOSTED)return $p();let t=await tc();return(!t||!t.activated)&&(t=$p()),t}s(Vp,"getGoogleDatasourceConfig");function $p(){if(E.GOOGLE_CLIENT_ID&&E.GOOGLE_CLIENT_SECRET)return{clientID:E.GOOGLE_CLIENT_ID,clientSecret:E.GOOGLE_CLIENT_SECRET,activated:!0}}s($p,"getDefaultGoogleConfig");async function CL(){return xe("logos_oidc")}s(CL,"getOIDCLogosDoc");async function bL(){return xe("oidc")}s(bL,"getOIDCConfigDoc");async function xL(){let t=(await bL())?.config;return t?.configs&&t.configs[0]}s(xL,"getOIDCConfig");async function qp(t){let e=(await xe("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(qp,"getOIDCConfigById");async function $A(){return xe("smtp")}s($A,"getSMTPConfigDoc");async function vL(t){let e=await $A();if(e)return e.config;let r=E.SELF_HOSTED||!t;if(E.SMTP_FALLBACK_ENABLED&&r)return{port:E.SMTP_PORT,host:E.SMTP_HOST,secure:!1,from:E.SMTP_FROM_ADDRESS,auth:{user:E.SMTP_USER,pass:E.SMTP_PASSWORD},fallback:!0}}s(vL,"getSMTPConfig");async function PL(){return(await xe("scim"))?.config}s(PL,"getSCIMConfig");async function NL(){return xe("ai")}s(NL,"getAIConfig");async function UL(){return xe("recaptcha")}s(UL,"getRecaptchaConfig");var em={};P(em,{AccessController:()=>jp,BUILTIN_ROLE_IDS:()=>Yp,Role:()=>Cr,RoleHierarchyTraversal:()=>rc,RoleIDVersion:()=>Hp,builtinRoleToNumber:()=>Uo,checkForRoleResourceArray:()=>KA,externalRole:()=>WL,findRole:()=>Lo,getAllRoleIds:()=>qL,getAllRoles:()=>Xp,getBuiltinRole:()=>VA,getBuiltinRoles:()=>Jp,getDBRoleID:()=>QA,getExternalRoleID:()=>br,getExternalRoleIDs:()=>jA,getRole:()=>$L,getUserRoleHierarchy:()=>Zp,getUserRoleIdHierarchy:()=>qA,isBuiltin:()=>_n,lowerBuiltinRoleID:()=>BL,prefixRoleIDNoBuiltin:()=>Qp,roleIDsAreEqual:()=>st,roleToNumber:()=>FL,saveRoles:()=>GL,validInherits:()=>ML});var GA=require("lodash"),nc=B(require("lodash/fp/cloneDeep")),Kp=B(require("semver"));var Yp={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...Yp,BUILDER:"BUILDER"},Hp={UUID:void 0,NAME:"name"};function kL(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(kL,"rolesInList");var Cr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=Hp.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=Qp(e):e&&Array.isArray(e)&&(e=e.map(Qp)),this.inherits=e,this}},rc=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Lo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!kL(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Lo(a.inherits,n,r),a&&i.push(a),Ue.roles.checkForRoleInheritanceLoops(i))break}}return(0,GA.uniqBy)(i,o=>o._id)}},zp={ADMIN:new Cr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"App admin",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new Cr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new Cr(ie.BASIC,ie.BASIC,"write",{displayName:"App user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new Cr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Cr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Jp(){return(0,nc.default)(zp)}s(Jp,"getBuiltinRoles");function _n(t){return Object.values(Yp).includes(t)}s(_n,"isBuiltin");function Qp(t){return _n(t)?t:Wt(t)}s(Qp,"prefixRoleIDNoBuiltin");function VA(t){let e=Object.values(zp).find(r=>t.includes(r._id));if(e)return(0,nc.default)(e)}s(VA,"getBuiltinRole");function ML(t,e){if(!e)return!1;let r=s(n=>t.find(i=>st(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(ML,"validInherits");function Uo(t){let e=Jp(),r=Object.values(e).length+1;if(st(t,ie.ADMIN)||st(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Uo,"builtinRoleToNumber");async function FL(t){if(_n(t))return Uo(t);let e=await Zp(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>st(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(_n(n.inherits))return Uo(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(FL,"roleToNumber");function BL(t,e){return t?e&&Uo(t)>Uo(e)?e:t:e}s(BL,"lowerBuiltinRoleID");function st(t,e){return Wt(t)===Wt(e)}s(st,"roleIDsAreEqual");function WL(t){let e;return t._id&&(e=br(t._id)),{...t,_id:e,inherits:jA(t.inherits,t.version)}}s(WL,"externalRole");function Lo(t,e,r){let n=VA(t);n||(t=Wt(t));let i=e.find(o=>o._id&&st(o._id,t));return!i&&!_n(t)&&r?.defaultPublic?(0,nc.default)(zp.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=br(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Lo,"findRole");async function $L(t,e){let r=ti(),n=[];if(!_n(t)){let i=await r.tryGet(QA(t));i&&n.push(i)}return Lo(t,n,e)}s($L,"getRole");async function GL(t){await ti().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:Wt(r._id)})))}s(GL,"saveRoles");async function VL(t,e){let r=await Xp();if(st(t,ie.ADMIN))return r;let n=Lo(t,r,e),i=[];return n&&(i=new rc(r,e).walk(n)),i}s(VL,"getAllUserRoles");async function qA(t){return(await Zp(t)).map(r=>r._id)}s(qA,"getUserRoleIdHierarchy");async function Zp(t,e){return VL(t,e)}s(Zp,"getUserRoleHierarchy");function KA(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(KA,"checkForRoleResourceArray");async function qL(t){return(await Xp(t)).map(r=>r._id)}s(qL,"getAllRoleIds");async function Xp(t){if(t)return je(t,e);{let r;try{r=ti()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(uu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=br(u._id,u.version)));let i=Jp(),o=[];!r||await KL(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>st(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=br(u._id,c.version),n.push({...u,...c,name:u.name,_id:br(u._id,u.version)}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=KA(a.permissions,u);return n}s(e,"internal")}s(Xp,"getAllRoles");async function KL(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!Kp.default.valid(r)?!0:!Kp.default.gte(r,E.MIN_VERSION_WITHOUT_POWER_ROLE)}s(KL,"shouldIncludePowerRole");var jp=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||st(e,ie.BUILDER)||st(r,e)||st(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await qA(r),this.userHierarchies[r]=n),n?.find(i=>st(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function QA(t){return t?.startsWith("role")?t:Wt(t)}s(QA,"getDBRoleID");function br(t,e){if(t.startsWith(`role${D}`)&&(_n(t)||e===Hp.NAME)){let r=t.split(D);return r.shift(),r.join(D)}return t}s(br,"getExternalRoleID");function jA(t,e){return t&&(typeof t=="string"?br(t,e):t.map(r=>br(r,e)))}s(jA,"getExternalRoleIDs");var tm={};P(tm,{BUILDER:()=>zL,BUILTIN_PERMISSIONS:()=>ic,CREATOR:()=>JL,GLOBAL_BUILDER:()=>ZL,PermissionImpl:()=>se,PermissionLevel:()=>Ri,PermissionType:()=>qo,doesHaveBasePermission:()=>YL,getAllowedLevels:()=>JA,getBuiltinPermissionByID:()=>jL,getBuiltinPermissions:()=>QL,isPermissionLevelHigherThanRead:()=>HL,levelToNumber:()=>zA});var YA=B(require("lodash/flatten")),HA=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function zA(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(zA,"levelToNumber");function JA(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(JA,"getAllowedLevels");var ic={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function QL(){return(0,HA.default)(ic)}s(QL,"getBuiltinPermissions");function jL(t){return Object.values(ic).find(r=>r._id===t)}s(jL,"getBuiltinPermissionByID");function YL(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(ic),o=(0,YA.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&JA(a.level).indexOf(e)!==-1)return!0;return!1}s(YL,"doesHaveBasePermission");function HL(t){return zA(t)>1}s(HL,"isPermissionLevelHigherThanRead");var zL="builder",JL="creator",ZL="globalBuilder";var im={};P(im,{FlagSet:()=>oc,all:()=>n0,flags:()=>rm,getEnvFlags:()=>t_,init:()=>XL,isEnabled:()=>r0,parseEnvFlags:()=>uc,shutdown:()=>e0,testutils:()=>nm});var ac=B(require("crypto")),ZA=B(require("dd-trace")),XA=require("lodash"),e_=require("posthog-node");var sc;function XL(t){E.POSTHOG_TOKEN&&E.POSTHOG_API_HOST&&!E.SELF_HOSTED&&E.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),sc=new e_.PostHog(E.POSTHOG_TOKEN,{host:E.POSTHOG_API_HOST,personalApiKey:E.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:he.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(XL,"init");function e0(){sc?.shutdown()}s(e0,"shutdown");function uc(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(uc,"parseEnvFlags");function t_(){return uc(E.TENANT_FEATURE_FLAGS||"")}s(t_,"getEnvFlags");var oc=class{constructor(e){this.flagSchema=e;this.setId=ac.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,XA.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await ZA.default.trace("features.fetch",async e=>{let r=ff(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=V(),a=new Set;if(tu())return i;for(let{tenantId:f,key:m,value:p}of t_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(m),!!this.isFlagName(m))){if(typeof i[m]!="boolean")throw new Error(`Feature: ${m} is not a boolean`);i[m]=p,n[`flags.${m}.source`]="environment"}let u=Bt(),c=u?._id;if(!c){let f=lf();f&&(c=ac.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,sc&&c){n.readFromPostHog=!0;let f=await Ei(),m={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let T=await sc.getAllFlags(c,{personProperties:m,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[h,g]of Object.entries(T))if(this.isFlagName(h)){if(typeof g!="boolean"){console.warn(`Invalid value for posthog flag "${h}": ${g}`);continue}if(!(i[h]===!0||a.has(h)))try{i[h]=g,n[`flags.${h}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${h}": ${g}`,y)}}}let d=mf();for(let[f,m]of Object.entries(d))this.isFlagName(f)&&typeof m=="boolean"&&(i[f]=m,n[`flags.${f}.source`]="override");pf(this.setId,i);for(let[f,m]of Object.entries(i))n[`flags.${f}.value`]=m;return e?.addTags(n),i})}},t0={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!1,DEBUG_UI:E.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1,DUPLICATE_APP:!1,COPY_RESOURCES_BETWEEN_WORKSPACES:!1,PRIVATE_LLMS:!1},rm=new oc(t0);async function r0(t){return await rm.isEnabled(t)}s(r0,"isEnabled");async function n0(){return await rm.fetch()}s(n0,"all");var nm={};P(nm,{setFeatureFlags:()=>r_,withFeatureFlags:()=>o0});function i0(){let t={};for(let{tenantId:e,key:r,value:n}of uc(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(i0,"getCurrentFlags");function s0(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(s0,"buildFlagString");function r_(t,e){let r=i0();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=s0(r);return Os({TENANT_FEATURE_FLAGS:n})}s(r_,"setFeatureFlags");function o0(t,e,r){let n=r_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(o0,"withFeatureFlags");var gm={};P(gm,{adminOnly:()=>cc,auditLog:()=>lc,authError:()=>Oe,buildAuthMiddleware:()=>q0,buildCsrfMiddleware:()=>Q0,buildTenancyMiddleware:()=>K0,builderOnly:()=>yc,builderOrAdmin:()=>Tc,google:()=>Zt,internalApi:()=>Ac,joiValidator:()=>ko,oidc:()=>Xt,passport:()=>j0,platformLogout:()=>Z0,refreshOAuthToken:()=>z0,ssoCallbackUrl:()=>vr,updateUserOAuth:()=>J0,workspaceBuilderOrAdmin:()=>Ic});var Em={};P(Em,{activeTenant:()=>w_,adminOnly:()=>cc,auditLog:()=>lc,authError:()=>Oe,authenticated:()=>gc,builderOnly:()=>yc,builderOrAdmin:()=>Tc,correlation:()=>i_,csp:()=>p_,csrf:()=>Sc,datasource:()=>G0,errorHandling:()=>h_,featureFlagCookie:()=>E_,google:()=>Zt,internalApi:()=>Ac,ip:()=>g_,joiValidator:()=>ko,local:()=>_i,oidc:()=>Xt,pino:()=>s_,querystringToBody:()=>I_,ssoCallbackUrl:()=>vr,tenancy:()=>Oc,workspaceBuilderOrAdmin:()=>Ic});var n_=require("uuid");var a0=require("correlation-id"),i_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,n_.v4)()),a0.withId(r,()=>e())},"correlationMiddleware");var u0=require("koa-pino-logger"),c0=require("correlation-id");function l0(){return{logger:Ou,genReqId:c0.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(l0,"pinoSettings");function d0(){return E.HTTP_LOGGING?u0(l0()):(t,e)=>e()}s(d0,"getMiddleware");var s_=d0();var cc=s(async(t,e)=>(!t.internal&&!bt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var lc=s(async(t,e)=>e(),"auditLog");var f0=/\/:(.*?)(\/.*)?$/g,On=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(f0);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),In=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var lm={};P(lm,{SecretOption:()=>u_,decrypt:()=>cm,decryptFile:()=>y0,encrypt:()=>h0,encryptFile:()=>E0,getSecret:()=>um});var Jt=B(require("crypto")),xr=B(require("fs")),sm=require("path"),om=B(require("zlib"));var dc="aes-256-ctr",a_="-",p0=1e4,m0=32,fc=16,am=16,u_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(u_||{});function um(t){let e,r;switch(t){case"encryption":e=E.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=E.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(um,"getSecret");function pc(t,e){return Jt.default.pbkdf2Sync(t,new Uint8Array(e),p0,m0,"sha512")}s(pc,"stretchString");function h0(t,e="api"){let r=Jt.default.randomBytes(fc),n=pc(um(e),r),i=Jt.default.createCipheriv(dc,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${a_}${u}`}s(h0,"encrypt");function cm(t,e="api"){let[r,n]=t.split(a_),i=Buffer.from(r,"hex"),o=pc(um(e),i),a=Jt.default.createDecipheriv(dc,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(cm,"decrypt");async function E0({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,sm.join)(t,e);if(xr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=xr.default.createReadStream(i),a=xr.default.createWriteStream((0,sm.join)(t,n)),u=Jt.default.randomBytes(fc),c=Jt.default.randomBytes(am),l=pc(r,u),d=Jt.default.createCipheriv(dc,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(om.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(E0,"encryptFile");async function g0(t){let e=xr.default.createReadStream(t),r=await o_(e,fc),n=await o_(e,am);return e.close(),{salt:r,iv:n}}s(g0,"getSaltAndIV");async function y0(t,e,r){if(xr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await g0(t),o=xr.default.createReadStream(t,{start:fc+am}),a=xr.default.createWriteStream(e),u=pc(r,n),c=Jt.default.createDecipheriv(dc,new Uint8Array(u),new Uint8Array(i)),l=om.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",m=>{a.close(),f(m)}),c.on("error",m=>{a.close(),f(m)}),l.on("error",m=>{a.close(),f(m)}),a.on("error",m=>{a.close(),f(m)})})}s(y0,"decryptFile");function o_(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(o_,"readBytes");var dm={};P(dm,{APIWarning:()=>wn,FeatureDisabledWarning:()=>hc,InvalidAPIKeyWarning:()=>Ai,UsageLimitWarning:()=>mc});var wn=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},Ai=class extends wn{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},mc=class extends wn{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},hc=class extends wn{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var l_=B(require("dd-trace"));var S0=E.SESSION_UPDATE_PERIOD?parseInt(E.SESSION_UPDATE_PERIOD):60*1e3;function A0(){return new Date(Date.now()-S0).toISOString()}s(A0,"timeMinusOneMinute");function c_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(c_,"finalise");async function _0(t,e){if(Hs(t))return{valid:!0,user:void 0};let n=cm(t).split(D)[0];return Re(n,async()=>{let i;try{let o=H();i=await Gt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await bo({userId:i,tenantId:n,populateUser:e})};throw new Ai})}s(_0,"checkApiKey");function Ec(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(Ec,"getHeader");function gc(t=[],e={publicAllowed:!1}){let r=t?On(t):[];return async(n,i)=>{let o=!1,a=Ec(n,"x-budibase-api-version");In(n,r)&&(o=!0);try{let c=Ec(n,"x-budibase-token"),l=qt(n,"budibase:auth")||lu(c),d=Ec(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=Ec(n,"x-budibase-tenant-id"),m=!1,p,T=!1,h;if(l&&!d){let y=l.sessionId,O=l.userId,I;try{I=await Tp(O,y),e&&e.populateUser?p=await bo({userId:O,tenantId:I.tenantId,email:I.email,populateUser:e.populateUser(n)}):p=await bo({userId:O,tenantId:I.tenantId,email:I.email}),p.csrfToken=I.csrfToken,h="cookie",I?.lastAccessedAt<A0()&&await yp(I),m=!0}catch(R){m=!1,console.error(`Auth Error: ${R.message}`),Tr(n,"budibase:auth")}}if(!m&&d){let y=e.populateUser?e.populateUser(n):null,{valid:O,user:I}=await _0(d,y);O&&(m=!0,h="api_key",p=I,T=!I)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,m||(m=!1);let g=s(y=>y&&y.email,"isUser");return g(p)&&l_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),c_(n,{authenticated:m,user:p,internal:T,version:a,publicEndpoint:o,loginMethod:h}),g(p)?Qd(p,n,i):i()}catch(c){if(console.error(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Tr(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return c_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(gc,"authenticated");async function yc(t,e){if(t.internal)return e();let r=await un(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Builder user only endpoint."):r&&!yi(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(yc,"builderOnly");async function Tc(t,e){if(t.internal||bt(t.user))return e();let r=await un(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!yi(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(Tc,"builderOrAdmin");var f_=B(require("crypto"));var d_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},O0=/^[A-Za-z0-9-*:/.]+$/,p_=s(async(t,e)=>{let r=f_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...d_};if(n["script-src"]=[...d_["script-src"],`'nonce-${r}'`],t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let a=await $s.getWorkspaceMetadata(t.appId);if("name"in a)for(let u of a.scripts||[]){let c=(u.cspWhitelist||"").split(`
|
|
37
|
+
`);for(let o of i.filter(a=>a))t.push(io.default.readFileSync(o))}return t.push(io.default.readFileSync(DS(CS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(Iv,"getLogReadStream");function wv(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(wv,"isPlainObject");function Dv(t){return t instanceof Error}s(Dv,"isError");function Rv(t){return typeof t=="string"}s(Rv,"isMessage");var _r;if(!E.DISABLE_PINO_LOGGER){let t=E.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>E.SELF_HOSTED?{service:E.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(E.isDev()?{stream:(0,PS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),E.SELF_HOSTED&&r.push({stream:tp(),level:t}),_r=r.length?(0,_u.default)(e,_u.default.multistream(r)):(0,_u.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(g=>{Rv(g)&&(f=`${f} ${g}`.trimStart()),wv(g)&&d.push(g),Dv(g)&&(l=g)});let m=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:m?._id,identityType:m?.type,correlationId:Gf()};let T=np.default.scope().active();T&&np.default.inject(T.context(),NS.formats.LOG,p);let h={err:l,pid:process.pid,...p};if(d.length){let g={},y=0;for(let O=0;O<d.length;O++){let I=d[O],R=I._logKey;R?(delete I._logKey,h[R]=I):(g[y]=I,y++)}Object.keys(g).length&&(h.data=g)}return[h,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);_r?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);_r?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),_r?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);_r?.debug(l,d)};let i=s(()=>{let c;try{c=V()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=ke()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=cf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Bt()}catch{}return c},"getIdentity")}var Ou=_r;var Cv=["AccountError"];function bv(t){return t&&t.suppressAlert}s(bv,"isSuppressed");function dn(t,e){e&&Cv.includes(e.name)&&bv(e)||console.error(`bb-alert: ${t}`,e)}s(dn,"logAlert");function xv(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,dn(t,n)}s(xv,"logAlertWithInfo");function ui(t,e){console.warn(`bb-warn: ${t}`,e)}s(ui,"logWarn");var Iu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},ip=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new gt(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Iu&&await u.discard(),dn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Ue.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var vv=100,wu,oo=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new gt("docWritethroughQueue",{jobOptions:{attempts:vv}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=De(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},op=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await oo.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function US(){return wu=new oo().init(),wu}s(US,"init");function Pv(){return wu||US()}s(Pv,"getProcessor");var uo={};P(uo,{CacheKey:()=>ye,TTL:()=>mn,bustCache:()=>ci,destroy:()=>ao,get:()=>hn,keys:()=>Du,store:()=>jt,withCache:()=>Or,withCacheWithDynamicTTL:()=>LS});function Ct(t){let e=V();return`${t}:${e}`}s(Ct,"generateTenantKey");var fn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await yf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?Ct(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[Ct(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(Ct(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?Ct(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var pn=new fn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},mn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(mn||{}),Du=s((...t)=>pn.keys(...t),"keys"),hn=s((...t)=>pn.get(...t),"get"),jt=s((...t)=>pn.store(...t),"store"),ao=s((...t)=>pn.delete(...t),"destroy"),Or=s((...t)=>pn.withCache(...t),"withCache"),LS=s((...t)=>pn.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),ci=s((...t)=>pn.bustCache(...t),"bustCache");var cp={};P(cp,{createCode:()=>Uv,deleteCode:()=>kv,getCode:()=>Lv,getExistingInvites:()=>up,getInviteCodes:()=>MS,updateCode:()=>Nv});var kS=he.fromDays(7).toSeconds();async function Nv(t,e){await(await sn()).store(t,e,kS)}s(Nv,"updateCode");async function Uv(t,e){let r=ee();return await(await sn()).store(r,{email:t,info:e},kS),r}s(Uv,"createCode");async function Lv(t){let r=await(await sn()).get(t);if(!r)throw"Invitation is not valid or has expired, please request a new one.";return r}s(Lv,"getCode");async function kv(t){await(await sn()).delete(t)}s(kv,"deleteCode");async function MS(){let r=(await(await sn()).scan()).map(i=>({...i.value,code:i.key}));if(!E.MULTI_TENANCY)return r;let n=V();return r.filter(i=>n===i.info.tenantId)}s(MS,"getInviteCodes");async function up(t){return(await MS()).filter(e=>t.includes(e.email))}s(up,"getExistingInvites");var lp={};P(lp,{createCode:()=>Fv,getCode:()=>Bv,invalidateCode:()=>Wv});var Mv=he.fromHours(1).toSeconds();async function Fv(t,e){let r=ee();return await(await Ws()).store(r,{userId:t,info:e},Mv),r}s(Fv,"createCode");async function Bv(t){let r=await(await Ws()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(Bv,"getCode");async function Wv(t){await(await Ws()).delete(t)}s(Wv,"invalidateCode");var Rr={};P(Rr,{getUser:()=>bo,getUsers:()=>hL,invalidateUser:()=>xo});var co={};P(co,{getPlatformDB:()=>Ir,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>BS,addUser:()=>Qv,getUserDoc:()=>FS,lookupTenantId:()=>$v,removeUser:()=>jv,updateUserDoc:()=>Gv});function Ir(){return De(fe.PLATFORM_INFO.name)}s(Ir,"getPlatformDB");async function $v(t){return E.MULTI_TENANCY?(await FS(t)).tenantId:ae}s($v,"lookupTenantId");async function FS(t){return Ir().get(t)}s(FS,"getUserDoc");async function Gv(t){await Ir().put(t)}s(Gv,"updateUserDoc");function Vv(t,e){return{_id:t,tenantId:e}}s(Vv,"newUserIdDoc");function qv(t,e,r){return{_id:e,userId:t,tenantId:r}}s(qv,"newUserEmailDoc");function Kv(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(Kv,"newUserSsoIdDoc");async function dp(t,e){let r=Ir(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(dp,"addUserDoc");async function BS(t,e,r,n){return dp(t,()=>Kv(t,e,r,n))}s(BS,"addSsoUser");async function Qv(t,e,r,n){let i=[dp(e,()=>Vv(e,t)),dp(r,()=>qv(e,r,t))];n&&i.push(BS(n,r,e,t)),await Promise.all(i)}s(Qv,"addUser");async function jv(t){let e=Ir(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(jv,"removeUser");var En={};P(En,{getAccount:()=>wr,getAccountByTenantId:()=>li,getStatus:()=>Yv});var WS=B(require("node-fetch"));var lo=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Xs.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,WS.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var fp=new lo(E.INTERNAL_ACCOUNT_PORTAL_URL),pp=E.SELF_HOSTED||E.DISABLE_ACCOUNT_PORTAL,wr=s(async t=>{if(pp)return;let e={email:t},r=await fp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),li=s(async t=>{if(pp)return;let e={tenantId:t},r=await fp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),Yv=s(async()=>{if(pp)return;let t=await fp.get("/api/status",{headers:{"x-budibase-api-key":E.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var hi={};P(hi,{UserDB:()=>xt,addAppBuilder:()=>dL,bulkGetGlobalUsersById:()=>zu,bulkUpdateGlobalUsers:()=>Do,cleanseUserObject:()=>Lp,creatorsInList:()=>Tn,doesUserExist:()=>oL,getAccountHolderFromUsers:()=>Hu,getAllUserIds:()=>iL,getAllUsers:()=>sL,getById:()=>Sn,getCreatorCount:()=>cL,getExistingAccounts:()=>mi,getExistingPlatformUsers:()=>RA,getExistingTenantUsers:()=>DA,getFirstPlatformUser:()=>Io,getGlobalUserByAppPage:()=>NA,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>Ku,getUserCount:()=>uL,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>xA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>bA,isAdminOrWorkspaceBuilder:()=>Qu,isBuilder:()=>yi,isCreatorAsync:()=>wo,isCreatorSync:()=>ju,isGlobalBuilder:()=>CA,paginatedUsers:()=>LA,removeAppBuilder:()=>fL,removePortalUserPermissions:()=>lL,searchExistingEmails:()=>xp,searchGlobalUsersByApp:()=>Ju,searchGlobalUsersByAppAccess:()=>Up,searchGlobalUsersByEmail:()=>UA,validateUniqueUser:()=>Yu});var Lu={};P(Lu,{BadRequestError:()=>bu,BudibaseError:()=>fo,EmailUnavailableError:()=>Yt,FeatureDisabledError:()=>Pu,ForbiddenError:()=>xu,HTTPError:()=>Me,NotFoundError:()=>Cu,NotImplementedError:()=>vu,UnexpectedError:()=>Ru,UsageLimitError:()=>Nu,getPublicError:()=>Uu});var fo=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}},Uu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),Me=class t extends fo{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.message,o=u.status,a=u.error?.code}catch{}return new t(i,o,a)}},Ru=class extends Me{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Cu=class extends Me{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},bu=class extends Me{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},xu=class extends Me{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},vu=class extends Me{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},Pu=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},Nu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Yt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var gp={};P(gp,{PASSWORD_MAX_LENGTH:()=>hp,PASSWORD_MIN_LENGTH:()=>mp,validatePassword:()=>Ep});var mp=+(E.PASSWORD_MIN_LENGTH||12),hp=+(E.PASSWORD_MAX_LENGTH||512);function Ep(t){return!t||t.length<mp?{valid:!1,error:`Password invalid. Minimum ${mp} characters.`}:t.length>hp?{valid:!1,error:`Password invalid. Maximum ${hp} characters.`}:{valid:!0}}s(Ep,"validatePassword");var ku={};P(ku,{createASession:()=>Hv,endSession:()=>zv,getSession:()=>Tp,getSessionsForUser:()=>po,invalidateSessions:()=>gn,updateSessionTTL:()=>yp});var GS=require("uuid");var VS=E.SESSION_EXPIRY_SECONDS?parseInt(E.SESSION_EXPIRY_SECONDS):he.fromDays(7).toSeconds();function di(t,e){return`${t}/${e}`}s(di,"makeSessionID");async function po(t){return t?(await(await Er()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(po,"getSessionsForUser");async function gn(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await po(t)).map(a=>({key:di(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:di(t,o)}))),i&&i.length>0){let o=await Er(),a=[];for(let u of i)a.push(o.delete(u.key));E.isTest()||ui(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(gn,"invalidateSessions");async function Hv(t,e){let r=await po(t),n=0;if(r.length>=3){let l=r.sort((m,p)=>new Date(m.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(m=>m.sessionId);n=f.length,await gn(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await Er(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,GS.v4)(),u=di(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,VS),{session:c,invalidatedSessionCount:n}}s(Hv,"createASession");async function yp(t){let e=await Er(),r=di(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,VS)}s(yp,"updateSessionTTL");async function zv(t,e){await(await Er()).delete(di(t,e))}s(zv,"endSession");async function Tp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await Er()).get(di(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Tp,"getSession");var pi={};P(pi,{account:()=>tA,action:()=>rA,ai:()=>nA,analytics:()=>Fu,app:()=>iA,asyncEventQueue:()=>Tt,auditLog:()=>sA,auth:()=>qu,automation:()=>oA,backfill:()=>aA,backfillCache:()=>$u,backup:()=>uA,datasource:()=>cA,email:()=>lA,environmentVariable:()=>dA,group:()=>fA,identification:()=>St,initAsyncEvents:()=>KU,installation:()=>yo,layout:()=>pA,license:()=>mA,org:()=>hA,plugin:()=>EA,processors:()=>wp,publishEvent:()=>A,query:()=>gA,resource:()=>yA,role:()=>Oo,rowAction:()=>TA,rows:()=>SA,screen:()=>AA,serve:()=>_A,shutdown:()=>QU,table:()=>OA,user:()=>Be,view:()=>IA,workspace:()=>wA});var Fu={};P(Fu,{enabled:()=>Mu});var Mu=s(async()=>Bu(),"enabled");var Tt;function Wu(){Tt=new gt("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(Wu,"init");async function qS(){Tt&&await Tt.close()}s(qS,"shutdown");async function KS(t){Tt||Wu();let{event:e,identity:r}=t;km.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(KS,"publishAsyncEvent");var $u={};P($u,{end:()=>Zv,isAlreadySent:()=>_p,isBackfillingEvent:()=>Ap,recordEvent:()=>Sp,start:()=>Jv});var Jv=s(async t=>eP({eventWhitelist:t}),"start"),Sp=s(async(t,e)=>{let r=Op(t,e);await jt(r,e,void 0,{useTenancy:!1})},"recordEvent"),Zv=s(async()=>{await tP(),await rP()},"end"),Xv=s(async()=>hn(ye.BACKFILL_METADATA),"getBackfillMetadata"),eP=s(async t=>jt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),tP=s(async()=>{await ao(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),rP=s(async()=>{let t=Op(),e=await Du(t);for(let r of e)await ao(r,{useTenancy:!1})},"clearEvents"),Ap=s(async t=>{let r=(await Xv())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),_p=s(async(t,e)=>{let r=Op(t,e);return!!await hn(r,{useTenancy:!1})},"isAlreadySent"),nP={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},Op=s((t,e)=>{let r,n=V();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=nP[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var wp={};P(wp,{analyticsProcessor:()=>ZS,init:()=>pP,processors:()=>zt});var zS=require("posthog-node");var iP=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),sP=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var jS={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},YS=s(async t=>{if(!iP(t))return!1;let e=await oP(t);if(e){let r=new Date(e.timestamp);switch(jS[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await QS(t,{timestamp:Date.now()}),!1):!0}}else return await QS(t,{timestamp:Date.now()}),!1},"limited"),HS=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return sP(t)&&(e=e+":"+ke()),e},"eventKey"),oP=s(async t=>{let e=HS(t);return await hn(e)},"readEvent"),QS=s(async(t,e)=>{let r=HS(t),n=jS[t],i;switch(n){case"calendarDay":i=86400}await jt(r,e,i)},"recordEvent");var uP=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],mo=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new zS.PostHog(e)}async processEvent(e,r,n,i){if(uP.includes(e)||await YS(e))return;n=this.clearPIIProperties(n),n.version=E.VERSION,n.service=E.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=ke();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var JS=mo;var cP=["installation:version:upgraded","installation:version:downgraded"],lP=["installation","tenant"],ho=class{static{s(this,"AnalyticsProcessor")}constructor(){E.POSTHOG_TOKEN&&!E.isTest()&&(this.posthog=new JS(E.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!cP.includes(e)&&!await Mu()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!lP.includes(e.type)&&!await Mu()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Ip=E.SELF_HOSTED&&!E.isDev(),Eo=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Ip||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Ip||console.log("[audit] identified",e)}async identifyGroup(e){Ip||console.log("[audit] group identified",e)}async shutdown(){}};var fi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new gt("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Re(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};E.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Lf(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:ke(),hostInfo:r.hostInfo},tenantId:V()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var go=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var ZS=new ho,dP=new Eo,fP=new fi;function pP(t){return fi.init(t)}s(pP,"init");var zt=new go([ZS,dP,fP]);var Gu={};P(Gu,{checkInstallVersion:()=>EP,getInstall:()=>To,getInstallFromDB:()=>Rp});var Dp=B(require("semver"));var To=s(async()=>Or(ye.INSTALLATION,86400,Rp,{useTenancy:!1}),"getInstall");async function mP(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:E.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return Rp();throw r}}s(mP,"createInstallDoc");var Rp=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await mP(t);else throw r}return e}),"getInstallFromDB"),hP=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await To();r.version=t,await e.put(r),await ci(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),EP=s(async()=>{let t=await To(),e=t.version,r=E.VERSION;try{if(e!==r){let n=Dp.default.gt(r,e),i=Dp.default.lt(r,e);await hP(r)&&(await ws({_id:t.installId,type:"installation"},async()=>{n?await yo.upgraded(e,r):i&&await yo.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?dn(`Invalid version "${r}" - is it semver?`):dn("Failed to retrieve version",n)}},"checkInstallVersion");var gP=s(async()=>{let t=qd(),e=_o(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await yn(),i=So();return{id:XS(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await yn(),i=await Vu(V()),o=So();return{id:XS(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:V(),environment:e}}else if(r==="user"){let n=t,i=await Vu(V()),o=await yn(),a=n.account,u;return a?u=a.hosting:u=So(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:V(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),yP=s(async(t,e)=>{let r=t,n="installation",i=So(),o=E.VERSION,a=_o(),u={id:r,type:n,hosting:i,version:o,environment:a};await Cp(u,e),await Ao({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),TP=s(async(t,e,r,n=E.VERSION)=>{let i=await Vu(t),o="tenant",a=await yn(),u=_o(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await Cp(c,r),await Ao({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),SP=s(async(t,e,r)=>{let n=t._id,i=await Vu(t.tenantId),o="user",a=Fe(t),u=Dr(t),c;jo(t)&&(c=t.providerType);let d=(await mi([t.email])).length>0,f=!!e&&d&&e.verified,m=await yn(),p=e?e.hosting:So(),T=_o();await Ao({id:n,type:o,hosting:p,installationId:m,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:T},r)},"identifyUser"),AP=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Qo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await yn(),l=_o();if(Ko(t)){let f=await At(t.email);f?._id&&(e=f._id)}await Ao({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),Ao=s(async(t,e)=>{await zt.identify(t,e)},"identify"),Cp=s(async(t,e)=>{await zt.identifyGroup(t,e)},"identifyGroup"),_o=s(()=>E.isDev()?"development":E.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),So=s(()=>E.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),yn=s(async()=>_P()?"account-portal":(await To()).installId,"getInstallationId"),Vu=s(async t=>E.SELF_HOSTED?eA(t):t,"getEventTenantId"),eA=s(async t=>Re(t,()=>Or(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=H(),r=await Ei(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=E.VERSION,await e.put(r),n)})),"getUniqueTenantId"),_P=s(()=>E.SERVICE==="account-portal","isAccountPortal"),XS=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:gP,identifyInstallationGroup:yP,identifyTenantGroup:TP,identifyUser:SP,identifyAccount:AP,identify:Ao,identifyGroup:Cp,getInstallationId:yn,getUniqueTenantId:eA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Ap(t))){await KS({event:t,identity:i,properties:e,timestamp:r}),await zt.processEvent(t,i,e,r);return}await _p(t,e)||(await zt.processEvent(t,i,e,r),await Sp(t,e))},"publishEvent");async function OP(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(OP,"created");async function IP(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(IP,"deleted");async function wP(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(wP,"verified");var tA={created:OP,deleted:IP,verified:wP};async function DP(t,e){console.info("action:automation_step:executed",`disabled. Action step ${t.stepId} not published at ${e}`)}s(DP,"automationStepExecuted");async function RP(t,e){console.info("action:automation_step:executed",`disabled. Action type ${t.type} not published at ${e}`)}s(RP,"crudExecuted");async function CP(t,e){console.info("action:automation_step:executed",`disabled. Execution for ai agent ${t.agentId} not published at ${e}`)}s(CP,"aiAgentExecuted");var rA={aiAgentExecuted:CP,automationStepExecuted:DP,crudExecuted:RP};async function bP(t){let e={};await A("ai:config:created",e,t)}s(bP,"AIConfigCreated");async function xP(){let t={};await A("ai:config:updated",t)}s(xP,"AIConfigUpdated");var nA={AIConfigCreated:bP,AIConfigUpdated:xP};var vP=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function PP(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(PP,"updated");async function NP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(NP,"deleted");async function UP(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(UP,"published");async function LP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(LP,"unpublished");async function kP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(kP,"fileImported");async function MP(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(MP,"duplicated");async function FP(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(FP,"templateImported");async function BP(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(BP,"versionUpdated");async function WP(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(WP,"versionReverted");async function $P(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s($P,"reverted");async function GP(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(GP,"exported");var iA={created:vP,updated:PP,deleted:NP,published:UP,unpublished:LP,fileImported:kP,duplicated:MP,templateImported:FP,versionUpdated:BP,versionReverted:WP,reverted:$P,exported:GP};async function VP(t){let e={filters:t};await A("audit_log:filtered",e)}s(VP,"filtered");async function qP(t){let e={filters:t};await A("audit_log:downloaded",e)}s(qP,"downloaded");var sA={filtered:VP,downloaded:qP};async function KP(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(KP,"login");async function QP(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(QP,"logout");async function jP(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(jP,"SSOCreated");async function YP(t){let e={type:t};await A("auth:sso:updated",e)}s(YP,"SSOUpdated");async function HP(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(HP,"SSOActivated");async function zP(t){let e={type:t};await A("auth:sso:deactivated",e)}s(zP,"SSODeactivated");var qu={login:KP,logout:QP,SSOCreated:jP,SSOUpdated:YP,SSOActivated:HP,SSODeactivated:zP};async function JP(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(JP,"created");async function ZP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(ZP,"triggerUpdated");async function XP(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(XP,"deleted");async function eN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(eN,"tested");var tN=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function rN(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(rN,"stepCreated");async function nN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(nN,"stepDeleted");var oA={created:JP,triggerUpdated:ZP,deleted:XP,tested:eN,run:tN,stepCreated:rN,stepDeleted:nN};var gi=!E.SELF_HOSTED&&!E.isDev();async function iN(t){gi||await A("app:backfill:succeeded",t)}s(iN,"appSucceeded");async function sN(t){if(gi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(sN,"appFailed");async function oN(t){gi||await A("tenant:backfill:succeeded",t)}s(oN,"tenantSucceeded");async function aN(t){if(gi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(aN,"tenantFailed");async function uN(){if(gi)return;let t={};await A("installation:backfill:succeeded",t)}s(uN,"installationSucceeded");async function cN(t){if(gi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(cN,"installationFailed");var aA={appSucceeded:iN,appFailed:sN,tenantSucceeded:oN,tenantFailed:aN,installationSucceeded:uN,installationFailed:cN};async function lN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(lN,"appBackupRestored");async function dN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(dN,"appBackupTriggered");var uA={appBackupRestored:lN,appBackupTriggered:dN};function bp(t){return!Object.values($o).includes(t.source)}s(bp,"isCustom");async function fN(t,e){let r={datasourceId:t._id,source:t.source,custom:bp(t)};await A("datasource:created",r,e)}s(fN,"created");async function pN(t){let e={datasourceId:t._id,source:t.source,custom:bp(t)};await A("datasource:updated",e)}s(pN,"updated");async function mN(t){let e={datasourceId:t._id,source:t.source,custom:bp(t)};await A("datasource:deleted",e)}s(mN,"deleted");var cA={created:fN,updated:pN,deleted:mN};async function hN(t){let e={};await A("email:smtp:created",e,t)}s(hN,"SMTPCreated");async function EN(){let t={};await A("email:smtp:updated",t)}s(EN,"SMTPUpdated");var lA={SMTPCreated:hN,SMTPUpdated:EN};async function gN(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(gN,"created");async function yN(t){let e={name:t};await A("environment_variable:deleted",e)}s(yN,"deleted");async function TN(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(TN,"upgradePanelOpened");var dA={created:gN,deleted:yN,upgradePanelOpened:TN};async function SN(t,e){let r={groupId:t._id,viaScim:ht(),audited:{name:t.name}};await A("user_group:created",r,e)}s(SN,"created");async function AN(t){let e={groupId:t._id,viaScim:ht(),audited:{name:t.name}};await A("user_group:updated",e)}s(AN,"updated");async function _N(t){let e={groupId:t._id,viaScim:ht(),audited:{name:t.name}};await A("user_group:deleted",e)}s(_N,"deleted");async function ON(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:ht(),audited:{name:e.name}};await A("user_group:user_added",n)}s(ON,"usersAdded");async function IN(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:ht(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(IN,"usersDeleted");async function wN(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(wN,"createdOnboarding");async function DN(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(DN,"permissionsEdited");var fA={created:SN,updated:AN,deleted:_N,usersAdded:ON,usersDeleted:IN,createdOnboarding:wN,permissionsEdited:DN};async function RN(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(RN,"versionChecked");async function CN(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(CN,"upgraded");async function bN(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(bN,"downgraded");async function xN(){let t={};await A("installation:firstStartup",t)}s(xN,"firstStartup");var yo={versionChecked:RN,upgraded:CN,downgraded:bN,firstStartup:xN};async function vN(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(vN,"created");async function PN(t){let e={layoutId:t};await A("layout:deleted",e)}s(PN,"deleted");var pA={created:vN,deleted:PN};async function NN(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(NN,"planChanged");async function UN(t){let e={accountId:t.accountId};await A("license:activated",e)}s(UN,"activated");async function LN(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(LN,"checkoutOpened");async function kN(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(kN,"checkoutSuccess");async function MN(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(MN,"portalOpened");async function FN(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(FN,"paymentFailed");async function BN(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(BN,"paymentRecovered");var mA={planChanged:NN,activated:UN,checkoutOpened:LN,checkoutSuccess:kN,portalOpened:MN,paymentFailed:FN,paymentRecovered:BN};async function WN(t){let e={};await A("org:info:name:updated",e,t)}s(WN,"nameUpdated");async function $N(t){let e={};await A("org:info:logo:updated",e,t)}s($N,"logoUpdated");async function GN(t){let e={};await A("org:platformurl:updated",e,t)}s(GN,"platformURLUpdated");async function VN(){let t={};await A("analytics:opt:out",t)}s(VN,"analyticsOptOut");async function qN(){let t={};await A("analytics:opt:out",t)}s(qN,"analyticsOptIn");var hA={nameUpdated:WN,logoUpdated:$N,platformURLUpdated:GN,analyticsOptOut:VN,analyticsOptIn:qN};async function KN(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(KN,"init");async function QN(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(QN,"imported");async function jN(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(jN,"deleted");var EA={init:KN,imported:QN,deleted:jN};var YN=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),HN=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),zN=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),JN=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),ZN=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),XN=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),gA={created:YN,updated:HN,deleted:zN,imported:JN,run:ZN,previewed:XN};async function eU({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(eU,"duplicatedToWorkspace");var yA={duplicatedToWorkspace:eU};async function tU(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(tU,"created");async function rU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(rU,"updated");async function nU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(nU,"deleted");async function iU(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(iU,"assigned");async function sU(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(sU,"unassigned");var Oo={created:tU,updated:rU,deleted:nU,assigned:iU,unassigned:sU};async function oU(t,e){await A("row_action:created",t,e)}s(oU,"created");var TA={created:oU};var aU=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),uU=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),SA={created:aU,imported:uU};async function cU(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(cU,"created");async function lU(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(lU,"deleted");var AA={created:cU,deleted:lU};async function dU(t){let e={timezone:t};await A("served:builder",e)}s(dU,"servedBuilder");async function fU(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(fU,"servedApp");async function pU(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(pU,"servedAppPreview");var _A={servedBuilder:dU,servedApp:fU,servedAppPreview:pU};async function mU(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(mU,"created");async function hU(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(hU,"updated");async function EU(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(EU,"deleted");async function gU(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(gU,"exported");async function yU(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(yU,"imported");var OA={created:mU,updated:hU,deleted:EU,exported:gU,imported:yU};async function TU(t,e){let r={userId:t._id,viaScim:ht(),audited:{email:t.email}};await A("user:created",r,e)}s(TU,"created");async function SU(t){let e={userId:t._id,viaScim:ht(),audited:{email:t.email}};await A("user:updated",e)}s(SU,"updated");async function AU(t){let e={userId:t._id,viaScim:ht(),audited:{email:t.email}};await A("user:deleted",e)}s(AU,"deleted");async function _U(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(_U,"permissionAdminAssigned");async function OU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(OU,"permissionAdminRemoved");async function IU(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(IU,"permissionBuilderAssigned");async function wU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(wU,"permissionBuilderRemoved");async function DU(t){let e={audited:{email:t}};await A("user:invited",e)}s(DU,"invited");async function RU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(RU,"inviteAccepted");async function CU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(CU,"passwordForceReset");async function bU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(bU,"passwordUpdated");async function xU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(xU,"passwordResetRequested");async function vU(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(vU,"passwordReset");async function PU(t){let e={users:t};await A("user:data:collaboration",e)}s(PU,"dataCollaboration");var Be={created:TU,updated:SU,deleted:AU,permissionAdminAssigned:_U,permissionAdminRemoved:OU,permissionBuilderAssigned:IU,permissionBuilderRemoved:wU,invited:DU,inviteAccepted:RU,passwordForceReset:CU,passwordUpdated:bU,passwordResetRequested:xU,passwordReset:vU,dataCollaboration:PU};async function NU(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(NU,"created");async function UU(t){let e={tableId:t.tableId};await A("view:updated",e)}s(UU,"updated");async function LU(t,e){let r={...Ue.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(LU,"deleted");async function kU(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(kU,"exported");async function MU({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(MU,"filterCreated");async function FU({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(FU,"filterUpdated");async function BU(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(BU,"filterDeleted");async function WU({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(WU,"calculationCreated");async function $U(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s($U,"calculationUpdated");async function GU(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(GU,"calculationDeleted");async function VU(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(VU,"viewJoinCreated");var IA={created:NU,updated:UU,deleted:LU,exported:kU,filterCreated:MU,filterUpdated:FU,filterDeleted:BU,calculationCreated:WU,calculationUpdated:$U,calculationDeleted:GU,viewJoinCreated:VU};async function qU(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(qU,"deleted");var wA={deleted:qU};function KU(){}s(KU,"initAsyncEvents");var QU=s(async()=>{await zt.shutdown(),console.log("Events shutdown")},"shutdown");var vp={};P(vp,{creatorsInList:()=>Tn,getAccountHolderFromUsers:()=>Hu,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>xA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>bA,isAdminOrWorkspaceBuilder:()=>Qu,isBuilder:()=>yi,isCreatorAsync:()=>wo,isCreatorSync:()=>ju,isGlobalBuilder:()=>CA,validateUniqueUser:()=>Yu});async function xp(t){let e=[],r=await DA(t);e.push(...r.map(a=>a.email));let n=await RA(t);e.push(...n.map(a=>a._id));let i=await mi(t);e.push(...i.map(a=>a.email));let o=await up(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(xp,"searchExistingEmails");async function Ku(t){return await Ks("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(Ku,"getPlatformUsers");async function Io(t){return(await Ku(t))[0]??null}s(Io,"getFirstPlatformUser");async function DA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Gt("by_email2",r,void 0,n)}s(DA,"getExistingTenantUsers");async function RA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ks("platform_users_lowercase_2",r)}s(RA,"getExistingPlatformUsers");async function mi(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ks("account_by_email",r)}s(mi,"getExistingAccounts");var yi=Le.users.isBuilder,bt=Le.users.isAdmin,CA=Le.users.isGlobalBuilder,bA=Le.users.isAdminOrBuilder,Dr=Le.users.hasAdminPermissions,Fe=Le.users.hasBuilderPermissions,xA=Le.users.hasAppBuilderPermissions,Qu=Le.users.isAdminOrWorkspaceBuilder;async function Tn(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await H().getMultiple(r,{allowMissing:!0}),t.map(i=>ju(i,e))}s(Tn,"creatorsInList");async function wo(t){let e=[];return t.userGroups&&(e=await H().getMultiple(t.userGroups)),ju(t,e)}s(wo,"isCreatorAsync");function ju(t,e){let r=Le.users.isCreator(t);return!r&&t?jU(t,e):r}s(ju,"isCreatorSync");function jU(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(jU,"isCreatorByGroupMembership");async function Yu(t,e){if(E.MULTI_TENANCY){let r=await Io(t);if(r!=null&&r.tenantId!==e)throw new Yt(t)}if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let r=await wr(t);if(r&&r.verified&&r.tenantId!==e)throw new Yt(t)}}s(Yu,"validateUniqueUser");async function Hu(t){if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let e=await mi(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(Hu,"getAccountHolderFromUsers");var Pp=s(async t=>{await Be.deleted(t),Fe(t)&&await Be.permissionBuilderRemoved(t),Dr(t)&&await Be.permissionAdminRemoved(t)},"handleDeleteEvents"),YU=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await Oo.assigned(t,i)},"assignAppRoleEvents"),HU=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await Oo.unassigned(t,i)},"unassignAppRoleEvents"),zU=s(async(t,e)=>{let r=t.roles,n=e?.roles;await YU(t,r,n),await HU(t,r,n)},"handleAppRoleEvents"),Np=s(async(t,e)=>{let r=V(),n;!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL&&(n=await li(r)),await St.identifyUser(t,n),e?(await Be.updated(t),ZU(t,e)&&await Be.permissionBuilderRemoved(t),eL(t,e)&&await Be.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Be.passwordForceReset(t),t.password!==e.password&&await Be.passwordUpdated(t)):await Be.created(t),JU(t,e)&&await Be.permissionBuilderAssigned(t),XU(t,e)&&await Be.permissionAdminAssigned(t),await zU(t,e)},"handleSaveEvents"),JU=s((t,e)=>vA(t,e,Fe),"isAddingBuilder"),ZU=s((t,e)=>PA(t,e,Fe),"isRemovingBuilder"),XU=s((t,e)=>vA(t,e,Dr),"isAddingAdmin"),eL=s((t,e)=>PA(t,e,Dr),"isRemovingAdmin"),vA=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),PA=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var rL=s(async t=>{let e=t._id;await yt.removeUser(t),await Pp(t),await Rr.invalidateUser(e),await gn(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),xt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return E.ENABLE_SSO_MAINTENANCE_MODE&&bt(e)?!1:await t.features.isSSOEnforced()||jo(e)?!0:(r||(r=await li(V())),!!(r&&r.email===e.email&&Qo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new Me("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Ep(a);if(!f.valid)throw new Me(f.error,400)}c=r.hashPassword?await Gd(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ri();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await H().allDocs(on(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByApp(e){return{userCount:(await Ju(e,{})).length}}static async getUsersByAppAccess(e){return await Up(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await Sn(e);return r&&delete r.password,r}static async bulkGet(e){return await zu(e)}static async bulkUpdate(e){return await Do(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=V(),i=H(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await Sn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(m){if(m.status!==404)throw m}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Yt(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[m,p]=await Tn([l,e]);f=m!==p?1:0}return t.quotas.addUsers(d,f,async()=>{r.isAccountHolder||await Yu(o,n);let m=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(m=Lp(m,l)),!l&&c?.length&&(m.roles={...c});let p=[];if(!a&&u.length>0)for(let T of u)p.push(t.groups.addUsers(T,[m._id]));try{let T=await i.put(m);return m._rev=T.rev,await Np(m,l),l&&m.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,m._id,m.email,m.ssoId),await Rr.invalidateUser(T.id),await Promise.all(p),i.get(m._id)}catch(T){throw T.status===409?"User exists already":T}})}static async bulkCreate(e,r){let n=V(),i=[],o=[],a=[],u=e.map(m=>m.email),c=await xp(u),l=[];for(let m of e){let p=o.find(h=>h.email.toLowerCase()===m.email.toLowerCase()),T=c.includes(m.email.toLowerCase());if(p||T){l.push({email:m.email,reason:"Unavailable"});continue}m.userGroups=r||[],o.push(m),await wo(m)&&a.push(m)}let d=await li(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let T of o)f&&delete T.password,i.push(t.buildUser(T,{hashPassword:!0,requirePassword:!f},n,void 0,d));let m=await Promise.all(i);await Do(m);for(let T of m)await yt.addUser(n,T._id,T.email),await Np(T,void 0);let p=m.map(T=>({_id:T._id,email:T.email}));if(Array.isArray(p)&&r){let T=[],h=p.map(g=>g._id);for(let g of r)T.push(t.groups.addUsers(g,h));await Promise.all(T)}return{successful:p,unsuccessful:l}})}static async bulkDelete(e){let r=H(),n={successful:[],unsuccessful:[]},i=await Hu(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await Do(u),d=(await Tn(a)).filter(p=>p).length,f=[];for(let p of a){let h=(await Io(p._id)).ssoId;h&&(await Ku(h)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await rL(p)}await Ir().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let m={};return a.reduce((p,T)=>(p[T._id]=T,p),m),c.forEach(p=>{let T=m[p.id].email;p.ok?n.successful.push({_id:p.id,email:T}):n.unsuccessful.push({_id:p.id,email:T,reason:"Database error"})}),n}static async destroy(e){let r=H(),n=await r.get(e),i=n._id;if(!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await wr(a))throw n.userId===Bt()._id?new Me('Please visit "Account" to delete this user',400):new Me("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await wo(n)?1:0;await t.quotas.removeUsers(1,o),await Pp(n),await Rr.invalidateUser(i),await gn(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await ci(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Co(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Co,"removeUserPassword");async function zu(t,e){let n=(await H().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Co(n)),n}s(zu,"bulkGetGlobalUsersById");async function iL(){let t=H(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`})).rows.map(n=>n.id)}s(iL,"getAllUserIds");async function sL(){let t=H(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`,include_docs:!0})).rows.map(n=>n.doc)}s(sL,"getAllUsers");async function Do(t){return await H().bulkDocs(t)}s(Do,"bulkUpdateGlobalUsers");async function Sn(t,e){let n=await H().get(t);return e?.cleanup&&(n=Co(n)),n}s(Sn,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Gt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Co(n)),n}s(At,"getGlobalUserByEmail");async function oL(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(oL,"doesUserExist");async function Ju(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=au(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Gt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Co(o)),o}s(Ju,"searchGlobalUsersByApp");async function Up(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await H().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(Up,"searchGlobalUsersByAppAccess");function NA(t,e){if(e)return ou(Ye(t),e._id)}s(NA,"getGlobalUserByAppPage");async function UA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Gt("by_email2",{...e,startkey:i,endkey:`${n}${Pe}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Co(a)),a}s(UA,"searchGlobalUsersByEmail");var aL=8;async function LA({bookmark:t,query:e,appId:r,limit:n}={}){let i=H(),o=n??aL,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await Sn(e.equal._id)]:r?(c=await Ju(r,u),d=s(f=>NA(r,f),"getKey")):e?.string?.email?(c=await UA(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await zu(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(on(null,{...u,limit:void 0}))).rows.map(m=>m.doc),c=dr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(on(null,u))).rows.map(m=>m.doc),Df(c,o,{paginate:!0,property:l,getKey:d})}s(LA,"paginatedUsers");async function uL(){return(await bf("by_email2",{limit:0,include_docs:!1})).total_rows}s(uL,"getUserCount");async function cL(){let t=0;async function e(r){let n=await LA({bookmark:r}),i=await Tn(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(cL,"getCreatorCount");function lL(t){return delete t.admin,delete t.builder,t}s(lL,"removePortalUserPermissions");function Lp(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(Lp,"cleanseUserObject");async function dL(t,e){let r=Ye(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await xt.save(t,{hashPassword:!1})}s(dL,"addAppBuilder");async function fL(t,e){let r=Ye(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await xt.save(t,{hashPassword:!1})}s(fL,"removeAppBuilder");var kA=3600;async function pL(t,e){let n=await Pf(e).get(t);if(n.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let i=await wr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(pL,"populateFromDB");async function mL(t){let e=await xt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!E.SELF_HOSTED&&!E.DISABLE_ACCOUNT_PORTAL){let o=await wr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(mL,"populateUsersFromDB");async function bo({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=pL),!e)try{e=V()}catch{e=await yt.lookupTenantId(t)}let i=await Bs(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,kA)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Le.users.isGlobalBuilder(o)&&await Re(e,async()=>{let a=await xt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(bo,"getUser");async function hL(t){let e=await Bs(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await mL(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,kA);i.push(...a.users)}return{users:i,notFoundIds:o}}s(hL,"getUsers");async function xo(t){await(await Bs()).delete(t)}s(xo,"invalidateUser");var Wp={};P(Wp,{Writethrough:()=>Fp});var Si={};P(Si,{AUTO_EXTEND_POLLING_MS:()=>FA,doWithLock:()=>kp,newRedlock:()=>An});var MA=B(require("redlock"));async function gL(t,e){if(t==="custom")return An(e);switch(t){case"try_once":return An(Ti.TRY_ONCE);case"try_twice":return An(Ti.TRY_TWICE);case"default":return An(Ti.DEFAULT);case"delay_500":return An(Ti.DELAY_500);case"auto_extend":return An(Ti.AUTO_EXTEND);default:throw _t.unreachable(t)}}s(gL,"getClient");var Ti={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function An(t={}){let e={...Ti.DEFAULT,...t},n=(await Sf()).client;return new MA.default([n],e)}s(An,"newRedlock");function yL(t){let r=`lock:${t.systemLock?"system":V()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(yL,"getLockName");var FA=he.fromSeconds(10).toMs();async function kp(t,e){let r=await gL(t.type,t.customOptions),n,i;try{let o=yL(t),a=t.type==="auto_extend"?FA:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(kp,"doWithLock");var BA=1e4,Mp=null;async function Zu(){if(!Mp){let t=await Tf();Mp=new fn(t)}return Mp}s(Zu,"getCache");function vo(t,e){return t.name+e}s(vo,"makeCacheKey");function Bp(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(Bp,"makeCacheItem");async function TL(t,e,r=BA){let n=await Zu(),i=e._id,o;i&&(o=await n.get(vo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await kp({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;ui("Ignoring conflict in write-through cache")}})).executed||ui("Ignoring redlock conflict in write-through cache")),o=Bp(u,a?null:o?.lastWrite),u._id&&await n.store(vo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(TL,"put");async function SL(t,e){let r=await Zu(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=Bp(o),await r.store(n,i)}return i.doc}s(SL,"get");async function AL(t,e){let r=await Zu(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=Bp(o),await r.store(n,i)}return i.doc}s(AL,"tryGet");async function _L(t,e,r){let n=await Zu();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(vo(t,i))}finally{await t.remove(i,r)}}s(_L,"remove");var Fp=class{static{s(this,"Writethrough")}constructor(e,r=BA){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return TL(this.db,e,r)}async get(e){return SL(this.db,e)}async tryGet(e){return AL(this.db,e)}async remove(e,r){return _L(this.db,e,r)}};function Po(t){return`config${D}${t}`}s(Po,"generateConfigID");var Xu="en";function OL(){return{_id:Po("translations"),type:"translations",config:{defaultLocale:Xu,locales:{[Xu]:{label:"English",overrides:{}}}}}}s(OL,"createDefaultTranslationsConfig");function IL(t){let e=t?.defaultLocale||Xu,r={...t?.locales??{}};r[e]||(r[e]={label:e===Xu?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s(IL,"prepareTranslationsConfig");async function xe(t){let e=H();try{return await e.get(Po(t))}catch(r){if(r.status===404)return;throw r}}s(xe,"getConfig");async function wL(t){return t._id||(t._id=Po(t.type)),H().put(t)}s(wL,"save");async function WA(){let t=await xe("translations");return t?(t.config=IL(t.config),t):OL()}s(WA,"getTranslationsConfigDoc");async function DL(){return(await WA()).config}s(DL,"getTranslationsConfig");async function Ei(){let t=await xe("settings");return t||(t={_id:Po("settings"),type:"settings",config:{}}),t.config.platformUrl=await No({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await Bu({config:t.config}),t}s(Ei,"getSettingsConfigDoc");async function Gp(){return(await Ei()).config}s(Gp,"getSettingsConfig");async function No(t={tenantAware:!0}){let e=E.PLATFORM_URL||"http://localhost:10000";if(!E.SELF_HOSTED&&E.MULTI_TENANCY&&t.tenantAware){let r=V();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(E.SELF_HOSTED){let r=t?.config?t.config:(await xe("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(No,"getPlatformUrl");var Bu=s(async t=>{if(!E.SELF_HOSTED)return!!E.ENABLE_ANALYTICS;let e=await Or(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await xe("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=E.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function RL(){return await xe("google")}s(RL,"getGoogleConfigDoc");async function tc(){return(await RL())?.config}s(tc,"getGoogleConfig");async function Vp(){if(!E.SELF_HOSTED)return $p();let t=await tc();return(!t||!t.activated)&&(t=$p()),t}s(Vp,"getGoogleDatasourceConfig");function $p(){if(E.GOOGLE_CLIENT_ID&&E.GOOGLE_CLIENT_SECRET)return{clientID:E.GOOGLE_CLIENT_ID,clientSecret:E.GOOGLE_CLIENT_SECRET,activated:!0}}s($p,"getDefaultGoogleConfig");async function CL(){return xe("logos_oidc")}s(CL,"getOIDCLogosDoc");async function bL(){return xe("oidc")}s(bL,"getOIDCConfigDoc");async function xL(){let t=(await bL())?.config;return t?.configs&&t.configs[0]}s(xL,"getOIDCConfig");async function qp(t){let e=(await xe("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(qp,"getOIDCConfigById");async function $A(){return xe("smtp")}s($A,"getSMTPConfigDoc");async function vL(t){let e=await $A();if(e)return e.config;let r=E.SELF_HOSTED||!t;if(E.SMTP_FALLBACK_ENABLED&&r)return{port:E.SMTP_PORT,host:E.SMTP_HOST,secure:!1,from:E.SMTP_FROM_ADDRESS,auth:{user:E.SMTP_USER,pass:E.SMTP_PASSWORD},fallback:!0}}s(vL,"getSMTPConfig");async function PL(){return(await xe("scim"))?.config}s(PL,"getSCIMConfig");async function NL(){return xe("ai")}s(NL,"getAIConfig");async function UL(){return xe("recaptcha")}s(UL,"getRecaptchaConfig");var em={};P(em,{AccessController:()=>jp,BUILTIN_ROLE_IDS:()=>Yp,Role:()=>Cr,RoleHierarchyTraversal:()=>rc,RoleIDVersion:()=>Hp,builtinRoleToNumber:()=>Uo,checkForRoleResourceArray:()=>KA,externalRole:()=>WL,findRole:()=>Lo,getAllRoleIds:()=>qL,getAllRoles:()=>Xp,getBuiltinRole:()=>VA,getBuiltinRoles:()=>Jp,getDBRoleID:()=>QA,getExternalRoleID:()=>br,getExternalRoleIDs:()=>jA,getRole:()=>$L,getUserRoleHierarchy:()=>Zp,getUserRoleIdHierarchy:()=>qA,isBuiltin:()=>_n,lowerBuiltinRoleID:()=>BL,prefixRoleIDNoBuiltin:()=>Qp,roleIDsAreEqual:()=>st,roleToNumber:()=>FL,saveRoles:()=>GL,validInherits:()=>ML});var GA=require("lodash"),nc=B(require("lodash/fp/cloneDeep")),Kp=B(require("semver"));var Yp={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...Yp,BUILDER:"BUILDER"},Hp={UUID:void 0,NAME:"name"};function kL(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(kL,"rolesInList");var Cr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=Hp.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=Qp(e):e&&Array.isArray(e)&&(e=e.map(Qp)),this.inherits=e,this}},rc=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Lo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!kL(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Lo(a.inherits,n,r),a&&i.push(a),Ue.roles.checkForRoleInheritanceLoops(i))break}}return(0,GA.uniqBy)(i,o=>o._id)}},zp={ADMIN:new Cr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"App admin",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new Cr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new Cr(ie.BASIC,ie.BASIC,"write",{displayName:"App user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new Cr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Cr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Jp(){return(0,nc.default)(zp)}s(Jp,"getBuiltinRoles");function _n(t){return Object.values(Yp).includes(t)}s(_n,"isBuiltin");function Qp(t){return _n(t)?t:Wt(t)}s(Qp,"prefixRoleIDNoBuiltin");function VA(t){let e=Object.values(zp).find(r=>t.includes(r._id));if(e)return(0,nc.default)(e)}s(VA,"getBuiltinRole");function ML(t,e){if(!e)return!1;let r=s(n=>t.find(i=>st(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(ML,"validInherits");function Uo(t){let e=Jp(),r=Object.values(e).length+1;if(st(t,ie.ADMIN)||st(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Uo,"builtinRoleToNumber");async function FL(t){if(_n(t))return Uo(t);let e=await Zp(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>st(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(_n(n.inherits))return Uo(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(FL,"roleToNumber");function BL(t,e){return t?e&&Uo(t)>Uo(e)?e:t:e}s(BL,"lowerBuiltinRoleID");function st(t,e){return Wt(t)===Wt(e)}s(st,"roleIDsAreEqual");function WL(t){let e;return t._id&&(e=br(t._id)),{...t,_id:e,inherits:jA(t.inherits,t.version)}}s(WL,"externalRole");function Lo(t,e,r){let n=VA(t);n||(t=Wt(t));let i=e.find(o=>o._id&&st(o._id,t));return!i&&!_n(t)&&r?.defaultPublic?(0,nc.default)(zp.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=br(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Lo,"findRole");async function $L(t,e){let r=ti(),n=[];if(!_n(t)){let i=await r.tryGet(QA(t));i&&n.push(i)}return Lo(t,n,e)}s($L,"getRole");async function GL(t){await ti().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:Wt(r._id)})))}s(GL,"saveRoles");async function VL(t,e){let r=await Xp();if(st(t,ie.ADMIN))return r;let n=Lo(t,r,e),i=[];return n&&(i=new rc(r,e).walk(n)),i}s(VL,"getAllUserRoles");async function qA(t){return(await Zp(t)).map(r=>r._id)}s(qA,"getUserRoleIdHierarchy");async function Zp(t,e){return VL(t,e)}s(Zp,"getUserRoleHierarchy");function KA(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(KA,"checkForRoleResourceArray");async function qL(t){return(await Xp(t)).map(r=>r._id)}s(qL,"getAllRoleIds");async function Xp(t){if(t)return je(t,e);{let r;try{r=ti()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(uu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=br(u._id,u.version)));let i=Jp(),o=[];!r||await KL(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>st(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=br(u._id,c.version),n.push({...u,...c,name:u.name,_id:br(u._id,u.version)}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=KA(a.permissions,u);return n}s(e,"internal")}s(Xp,"getAllRoles");async function KL(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!Kp.default.valid(r)?!0:!Kp.default.gte(r,E.MIN_VERSION_WITHOUT_POWER_ROLE)}s(KL,"shouldIncludePowerRole");var jp=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||st(e,ie.BUILDER)||st(r,e)||st(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await qA(r),this.userHierarchies[r]=n),n?.find(i=>st(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function QA(t){return t?.startsWith("role")?t:Wt(t)}s(QA,"getDBRoleID");function br(t,e){if(t.startsWith(`role${D}`)&&(_n(t)||e===Hp.NAME)){let r=t.split(D);return r.shift(),r.join(D)}return t}s(br,"getExternalRoleID");function jA(t,e){return t&&(typeof t=="string"?br(t,e):t.map(r=>br(r,e)))}s(jA,"getExternalRoleIDs");var tm={};P(tm,{BUILDER:()=>zL,BUILTIN_PERMISSIONS:()=>ic,CREATOR:()=>JL,GLOBAL_BUILDER:()=>ZL,PermissionImpl:()=>se,PermissionLevel:()=>Ri,PermissionType:()=>qo,doesHaveBasePermission:()=>YL,getAllowedLevels:()=>JA,getBuiltinPermissionByID:()=>jL,getBuiltinPermissions:()=>QL,isPermissionLevelHigherThanRead:()=>HL,levelToNumber:()=>zA});var YA=B(require("lodash/flatten")),HA=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function zA(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(zA,"levelToNumber");function JA(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(JA,"getAllowedLevels");var ic={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function QL(){return(0,HA.default)(ic)}s(QL,"getBuiltinPermissions");function jL(t){return Object.values(ic).find(r=>r._id===t)}s(jL,"getBuiltinPermissionByID");function YL(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(ic),o=(0,YA.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&JA(a.level).indexOf(e)!==-1)return!0;return!1}s(YL,"doesHaveBasePermission");function HL(t){return zA(t)>1}s(HL,"isPermissionLevelHigherThanRead");var zL="builder",JL="creator",ZL="globalBuilder";var im={};P(im,{FlagSet:()=>oc,all:()=>n0,flags:()=>rm,getEnvFlags:()=>t_,init:()=>XL,isEnabled:()=>r0,parseEnvFlags:()=>uc,shutdown:()=>e0,testutils:()=>nm});var ac=B(require("crypto")),ZA=B(require("dd-trace")),XA=require("lodash"),e_=require("posthog-node");var sc;function XL(t){E.POSTHOG_TOKEN&&E.POSTHOG_API_HOST&&!E.SELF_HOSTED&&E.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),sc=new e_.PostHog(E.POSTHOG_TOKEN,{host:E.POSTHOG_API_HOST,personalApiKey:E.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:he.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(XL,"init");function e0(){sc?.shutdown()}s(e0,"shutdown");function uc(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(uc,"parseEnvFlags");function t_(){return uc(E.TENANT_FEATURE_FLAGS||"")}s(t_,"getEnvFlags");var oc=class{constructor(e){this.flagSchema=e;this.setId=ac.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,XA.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await ZA.default.trace("features.fetch",async e=>{let r=ff(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=V(),a=new Set;if(tu())return i;for(let{tenantId:f,key:m,value:p}of t_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(m),!!this.isFlagName(m))){if(typeof i[m]!="boolean")throw new Error(`Feature: ${m} is not a boolean`);i[m]=p,n[`flags.${m}.source`]="environment"}let u=Bt(),c=u?._id;if(!c){let f=lf();f&&(c=ac.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,sc&&c){n.readFromPostHog=!0;let f=await Ei(),m={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let T=await sc.getAllFlags(c,{personProperties:m,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[h,g]of Object.entries(T))if(this.isFlagName(h)){if(typeof g!="boolean"){console.warn(`Invalid value for posthog flag "${h}": ${g}`);continue}if(!(i[h]===!0||a.has(h)))try{i[h]=g,n[`flags.${h}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${h}": ${g}`,y)}}}let d=mf();for(let[f,m]of Object.entries(d))this.isFlagName(f)&&typeof m=="boolean"&&(i[f]=m,n[`flags.${f}.source`]="override");pf(this.setId,i);for(let[f,m]of Object.entries(i))n[`flags.${f}.value`]=m;return e?.addTags(n),i})}},t0={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!1,DEBUG_UI:E.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1},rm=new oc(t0);async function r0(t){return await rm.isEnabled(t)}s(r0,"isEnabled");async function n0(){return await rm.fetch()}s(n0,"all");var nm={};P(nm,{setFeatureFlags:()=>r_,withFeatureFlags:()=>o0});function i0(){let t={};for(let{tenantId:e,key:r,value:n}of uc(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(i0,"getCurrentFlags");function s0(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(s0,"buildFlagString");function r_(t,e){let r=i0();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=s0(r);return Os({TENANT_FEATURE_FLAGS:n})}s(r_,"setFeatureFlags");function o0(t,e,r){let n=r_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(o0,"withFeatureFlags");var gm={};P(gm,{adminOnly:()=>cc,auditLog:()=>lc,authError:()=>Oe,buildAuthMiddleware:()=>q0,buildCsrfMiddleware:()=>Q0,buildTenancyMiddleware:()=>K0,builderOnly:()=>yc,builderOrAdmin:()=>Tc,google:()=>Zt,internalApi:()=>Ac,joiValidator:()=>ko,oidc:()=>Xt,passport:()=>j0,platformLogout:()=>Z0,refreshOAuthToken:()=>z0,ssoCallbackUrl:()=>vr,updateUserOAuth:()=>J0,workspaceBuilderOrAdmin:()=>Ic});var Em={};P(Em,{activeTenant:()=>w_,adminOnly:()=>cc,auditLog:()=>lc,authError:()=>Oe,authenticated:()=>gc,builderOnly:()=>yc,builderOrAdmin:()=>Tc,correlation:()=>i_,csp:()=>p_,csrf:()=>Sc,datasource:()=>G0,errorHandling:()=>h_,featureFlagCookie:()=>E_,google:()=>Zt,internalApi:()=>Ac,ip:()=>g_,joiValidator:()=>ko,local:()=>_i,oidc:()=>Xt,pino:()=>s_,querystringToBody:()=>I_,ssoCallbackUrl:()=>vr,tenancy:()=>Oc,workspaceBuilderOrAdmin:()=>Ic});var n_=require("uuid");var a0=require("correlation-id"),i_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,n_.v4)()),a0.withId(r,()=>e())},"correlationMiddleware");var u0=require("koa-pino-logger"),c0=require("correlation-id");function l0(){return{logger:Ou,genReqId:c0.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(l0,"pinoSettings");function d0(){return E.HTTP_LOGGING?u0(l0()):(t,e)=>e()}s(d0,"getMiddleware");var s_=d0();var cc=s(async(t,e)=>(!t.internal&&!bt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var lc=s(async(t,e)=>e(),"auditLog");var f0=/\/:(.*?)(\/.*)?$/g,On=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(f0);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),In=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var lm={};P(lm,{SecretOption:()=>u_,decrypt:()=>cm,decryptFile:()=>y0,encrypt:()=>h0,encryptFile:()=>E0,getSecret:()=>um});var Jt=B(require("crypto")),xr=B(require("fs")),sm=require("path"),om=B(require("zlib"));var dc="aes-256-ctr",a_="-",p0=1e4,m0=32,fc=16,am=16,u_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(u_||{});function um(t){let e,r;switch(t){case"encryption":e=E.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=E.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(um,"getSecret");function pc(t,e){return Jt.default.pbkdf2Sync(t,new Uint8Array(e),p0,m0,"sha512")}s(pc,"stretchString");function h0(t,e="api"){let r=Jt.default.randomBytes(fc),n=pc(um(e),r),i=Jt.default.createCipheriv(dc,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${a_}${u}`}s(h0,"encrypt");function cm(t,e="api"){let[r,n]=t.split(a_),i=Buffer.from(r,"hex"),o=pc(um(e),i),a=Jt.default.createDecipheriv(dc,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(cm,"decrypt");async function E0({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,sm.join)(t,e);if(xr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=xr.default.createReadStream(i),a=xr.default.createWriteStream((0,sm.join)(t,n)),u=Jt.default.randomBytes(fc),c=Jt.default.randomBytes(am),l=pc(r,u),d=Jt.default.createCipheriv(dc,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(om.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(E0,"encryptFile");async function g0(t){let e=xr.default.createReadStream(t),r=await o_(e,fc),n=await o_(e,am);return e.close(),{salt:r,iv:n}}s(g0,"getSaltAndIV");async function y0(t,e,r){if(xr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await g0(t),o=xr.default.createReadStream(t,{start:fc+am}),a=xr.default.createWriteStream(e),u=pc(r,n),c=Jt.default.createDecipheriv(dc,new Uint8Array(u),new Uint8Array(i)),l=om.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",m=>{a.close(),f(m)}),c.on("error",m=>{a.close(),f(m)}),l.on("error",m=>{a.close(),f(m)}),a.on("error",m=>{a.close(),f(m)})})}s(y0,"decryptFile");function o_(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(o_,"readBytes");var dm={};P(dm,{APIWarning:()=>wn,FeatureDisabledWarning:()=>hc,InvalidAPIKeyWarning:()=>Ai,UsageLimitWarning:()=>mc});var wn=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},Ai=class extends wn{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},mc=class extends wn{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},hc=class extends wn{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var l_=B(require("dd-trace"));var S0=E.SESSION_UPDATE_PERIOD?parseInt(E.SESSION_UPDATE_PERIOD):60*1e3;function A0(){return new Date(Date.now()-S0).toISOString()}s(A0,"timeMinusOneMinute");function c_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(c_,"finalise");async function _0(t,e){if(Hs(t))return{valid:!0,user:void 0};let n=cm(t).split(D)[0];return Re(n,async()=>{let i;try{let o=H();i=await Gt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await bo({userId:i,tenantId:n,populateUser:e})};throw new Ai})}s(_0,"checkApiKey");function Ec(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(Ec,"getHeader");function gc(t=[],e={publicAllowed:!1}){let r=t?On(t):[];return async(n,i)=>{let o=!1,a=Ec(n,"x-budibase-api-version");In(n,r)&&(o=!0);try{let c=Ec(n,"x-budibase-token"),l=qt(n,"budibase:auth")||lu(c),d=Ec(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=Ec(n,"x-budibase-tenant-id"),m=!1,p,T=!1,h;if(l&&!d){let y=l.sessionId,O=l.userId,I;try{I=await Tp(O,y),e&&e.populateUser?p=await bo({userId:O,tenantId:I.tenantId,email:I.email,populateUser:e.populateUser(n)}):p=await bo({userId:O,tenantId:I.tenantId,email:I.email}),p.csrfToken=I.csrfToken,h="cookie",I?.lastAccessedAt<A0()&&await yp(I),m=!0}catch(R){m=!1,console.error(`Auth Error: ${R.message}`),Tr(n,"budibase:auth")}}if(!m&&d){let y=e.populateUser?e.populateUser(n):null,{valid:O,user:I}=await _0(d,y);O&&(m=!0,h="api_key",p=I,T=!I)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,m||(m=!1);let g=s(y=>y&&y.email,"isUser");return g(p)&&l_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),c_(n,{authenticated:m,user:p,internal:T,version:a,publicEndpoint:o,loginMethod:h}),g(p)?Qd(p,n,i):i()}catch(c){if(console.error(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Tr(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return c_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(gc,"authenticated");async function yc(t,e){if(t.internal)return e();let r=await un(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Builder user only endpoint."):r&&!yi(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(yc,"builderOnly");async function Tc(t,e){if(t.internal||bt(t.user))return e();let r=await un(t);return!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!yi(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(Tc,"builderOrAdmin");var f_=B(require("crypto"));var d_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},O0=/^[A-Za-z0-9-*:/.]+$/,p_=s(async(t,e)=>{let r=f_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...d_};if(n["script-src"]=[...d_["script-src"],`'nonce-${r}'`],t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let a=await $s.getWorkspaceMetadata(t.appId);if("name"in a)for(let u of a.scripts||[]){let c=(u.cspWhitelist||"").split(`
|
|
38
38
|
`).filter(l=>O0.test(l));n["default-src"]=[...n["default-src"],...c]}}catch(a){console.error(`Error occurred in Content-Security-Policy middleware: ${a}`)}let o=Object.entries(n).map(([a,u])=>`${a} ${u.join(" ")}`).join("; ");t.set("Content-Security-Policy",o),await e()},"contentSecurityPolicy");var I0=["GET","HEAD","OPTIONS"],w0=["application/x-www-form-urlencoded","multipart/form-data","text/plain"];function Sc(t={noCsrfPatterns:[]}){let e=On(t.noCsrfPatterns);return async(r,n)=>{if(In(r,e)||I0.indexOf(r.method)!==-1)return n();let o=r.get("content-type")?r.get("content-type").toLowerCase():"";if(!w0.filter(c=>o.includes(c)).length||r.internal)return n();let a=r.user?.csrfToken;if(!a)return n();let u=r.get("x-csrf-token");return(!u||u!==a)&&r.throw(403,"Invalid CSRF token"),n()}}s(Sc,"csrf");function m_(t){if(t.includes("-----BEGIN PRIVATE KEY-----"))return!0;for(let e of Wy){let r=E[e];if(!(typeof r!="string"||r==="")&&t.includes(r))return!0}return!1}s(m_,"stringContainsSecret");async function h_(t,e){try{await e()}catch(r){let n=r.status||r.statusCode||500;t.status=n,n>=400&&n<500?console.warn(r):console.error("Got 400 response code",r);let i={message:r.message,status:n,validationErrors:r.validation,error:Uu(r)};if(m_(JSON.stringify(i))&&(i={message:"Unexpected error",status:n,error:"Unexpected error"}),E.isTest()&&t.headers["x-budibase-include-stacktrace"]){let o=r;for(;o.cause;)o=o.cause;i.stack=o.stack}t.body=i}}s(h_,"errorHandling");var E_=s(async(t,e)=>{let n=qt(t,"budibase:featureflags")?.flags||{};await hf(n,async()=>{await e()})},"featureFlagCookie");async function Ac(t,e){let r=t.request.headers["x-budibase-api-key"];return r||t.throw(403,"Unauthorized"),Array.isArray(r)&&t.throw(403,"Unauthorized"),Hs(r)||t.throw(403,"Unauthorized"),e()}s(Ac,"internalApi");async function g_(t,e){return t.ip?await df(t.ip,()=>e()):e()}s(g_,"ip");var ko={};P(ko,{body:()=>D0,params:()=>R0});var fm=B(require("joi"));function y_(t,e,r){let n=r?.errorPrefix??`Invalid ${e}`;return(i,o)=>{if(!t)return o();let a=null,u=i.request?.[e];i[e]!=null?a=i[e]:u!=null&&(a=u),t.append&&(t=t.append({createdAt:fm.default.any().optional(),updatedAt:fm.default.any().optional()}));let{error:c}=t.validate(a,{allowUnknown:r?.allowUnknown});if(c){let l=c.message;n&&(l=`Invalid ${e} - ${l}`),i.throw(400,l)}return o()}}s(y_,"validate");function D0(t,e){return y_(t,"body",e)}s(D0,"body");function R0(t,e){return y_(t,"params",e)}s(R0,"params");var _i={};P(_i,{authenticate:()=>x0,options:()=>b0});function Oe(t,e,r){return t(r,null,{message:e})}s(Oe,"authError");async function vr(t,e){if(e&&e.callbackURL)return e.callbackURL;let r=await Gp(),n="/api/global/auth";return hr()&&(n+=`/${V()}`),n+=`/${t}/callback`,`${r.platformUrl}${n}`}s(vr,"ssoCallbackUrl");var pm="Invalid credentials",C0="This account has expired. Please reset your password",b0={passReqToCallback:!0};async function x0(t,e,r,n){if(!e)return Oe(n,"Email Required");if(!r)return Oe(n,"Password Required");let i=await At(e);return i==null?(console.info(`user=${e} could not be found`),Oe(n,pm)):i.status==="inactive"?(console.info(`user=${e} is inactive`,i),Oe(n,pm)):i.password?await Vd(r,i.password)?(delete i.password,n(null,i)):Oe(n,pm):(console.info(`user=${e} has no password set`,i),Oe(n,C0))}s(x0,"authenticate");var Zt={};P(Zt,{buildVerifyFn:()=>A_,getCallbackUrl:()=>N0,strategyFactory:()=>mm});var Mo=s(t=>Promise.resolve(t),"ssoSaveUserNoOp");async function _c(t,e=!0,r,n){if(!n)throw new Error("Save user function must be provided");if(!t.userId)return Oe(r,"sso user id required");if(!t.email)return Oe(r,"sso user email required");let i=ri(t.userId),o;try{o=await Sn(i)}catch(u){if(!u.status||u.status!==404)return Oe(r,"Unexpected error when retrieving existing user",u)}if(o||(o=await At(t.email)),!o&&e)return Oe(r,"Email does not yet exist. You must set up your local budibase account first.");o||(o={_id:i,email:t.email,roles:{},tenantId:V()});let a=await v0(o,t);a.forceResetPassword=!1;try{delete a.password,a=await n(a,{hashPassword:!1,requirePassword:!1})}catch(u){return Oe(r,"Error saving user",u)}return r(null,a)}s(_c,"authenticate");async function v0(t,e){let r,n,i;if(e.profile){let o=e.profile;if(o.name){let a=o.name;a.givenName&&(r=a.givenName),a.familyName&&(n=a.familyName)}}return e.oauth2&&(i={...e.oauth2}),{...t,provider:e.provider,providerType:e.providerType,firstName:r,lastName:n,oauth2:i}}s(v0,"syncUser");var P0=require("passport-google-oauth").OAuth2Strategy;function A_(t){return(e,r,n,i)=>{let o={provider:"google",providerType:"google",userId:n.id,profile:n,email:n._json.email,oauth2:{accessToken:e,refreshToken:r}};return _c(o,!0,i,t)}}s(A_,"buildVerifyFn");async function mm(t,e,r){try{let{clientID:n,clientSecret:i}=t;if(!n||!i)throw new Error("Configuration invalid. Must contain google clientID and clientSecret");let o=A_(r);return new P0({clientID:t.clientID,clientSecret:t.clientSecret,callbackURL:e},o)}catch(n){throw new Error(`Error constructing google authentication strategy: ${n}`)}}s(mm,"strategyFactory");async function N0(t){return vr("google",t)}s(N0,"getCallbackUrl");var Xt={};P(Xt,{buildVerifyFn:()=>O_,fetchStrategyConfig:()=>M0,getCallbackUrl:()=>F0,strategyFactory:()=>k0});var __=B(require("node-fetch"));var U0=require("@techpass/passport-openidconnect").Strategy;function O_(t){return async(e,r,n,i,o,a,u,c,l)=>{let d={provider:e,providerType:"oidc",userId:n.id,profile:n,email:L0(n,i),oauth2:{accessToken:o,refreshToken:a}};return _c(d,!1,l,t)}}s(O_,"buildVerifyFn");function L0(t,e){if(t._json.email)return t._json.email;if(e.email)return e.email;let r=e.preferred_username;if(r&&kf(r))return r;throw new Error(`Could not determine user email from profile ${JSON.stringify(t)} and claims ${JSON.stringify(e)}`)}s(L0,"getEmail");async function k0(t,e){try{let r=O_(e),n=new U0(t,r);return n.name="oidc",n}catch(r){throw new Error(`Error constructing OIDC authentication strategy - ${r}`)}}s(k0,"strategyFactory");async function M0(t,e){try{let{clientID:r,clientSecret:n,configUrl:i,pkce:o}=t;if(!r||!n||!e||!i)throw new Error("Configuration invalid. Must contain clientID, clientSecret, callbackUrl and configUrl");let a=await(0,__.default)(i);if(!a.ok)throw new Error(`Unexpected response when fetching openid-configuration: ${a.statusText}`);let u=await a.json();return{issuer:u.issuer,authorizationURL:u.authorization_endpoint,tokenURL:u.token_endpoint,userInfoURL:u.userinfo_endpoint,clientID:r,clientSecret:n,callbackURL:e,pkce:o}}catch(r){throw new Error(`Error constructing OIDC authentication configuration - ${r}`)}}s(M0,"fetchStrategyConfig");async function F0(){return vr("oidc")}s(F0,"getCallbackUrl");function I_(t,e){let r=t.request.query?.query;if(t.request.method.toLowerCase()!=="get"&&t.throw(500,"Query to download middleware can only be used for get requests."),!r)return e();let n=decodeURIComponent(r),i;try{i=JSON.parse(n)}catch{return e()}return t.request.body=i,e()}s(I_,"querystringToBody");function Oc(t,e,r={noTenancyRequired:!1}){let n=On(t),i=On(e);return async function(o,a){let c={allowNoTenant:r.noTenancyRequired||!!In(o,i)};!!In(o,n)||(c.excludeStrategies=["query"]);let d=js(o,c);return o.set("x-budibase-tenant-id",d),Re(d,a)}}s(Oc,"tenancy");function w_(){return async function(t,e){try{if((await xe("settings"))?.config?.active===!1){t.status=404,t.body={message:"Tenant not found"};return}}catch(r){if(r.message==="Global DB not found")return e();throw r}return e()}}s(w_,"activeTenant");async function Ic(t,e){if(t.internal||bt(t.user))return e();let r=await un(t);return r&&!Qu(t.user,r)?t.throw(403,"Workspace Admin/Builder user only endpoint."):!r&&!E.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)&&t.throw(403,"Admin/Builder user only endpoint."),e()}s(Ic,"workspaceBuilderOrAdmin");var hm={};P(hm,{postAuth:()=>$0,preAuth:()=>W0});var B0=require("passport-google-oauth").OAuth2Strategy;async function D_(){let t=await Vp();if(!t)throw new Error("No google configuration found");return t}s(D_,"fetchGoogleCreds");async function W0(t,e,r){let n=await D_(),o=`${await No({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=await mm(n,o,Mo);return e.query.appId||e.throw(400,"appId query param not present."),t.authenticate(a,{scope:["profile","email","https://www.googleapis.com/auth/spreadsheets"],accessType:"offline",prompt:"consent"})(e,r)}s(W0,"preAuth");async function $0(t,e,r){let n=await D_(),o=`${await No({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=qt(e,"budibase:datasourceauth");if(!a)throw new Error("Unable to fetch datasource auth cookie");return t.authenticate(new B0({clientID:n.clientID,clientSecret:n.clientSecret,callbackURL:o},(u,c,l,d)=>{Tr(e,"budibase:datasourceauth"),d(null,{accessToken:u,refreshToken:c})}),{successRedirect:"/",failureRedirect:"/error"},async(u,c)=>{let l=`/builder/workspace/${a.appId}/data`,d=ee();await jt(`datasource:creation:${a.appId}:google:${d}`,{tokens:c}),e.redirect(`${l}/new?continue_google_setup=${d}`)})(e,r)}s($0,"postAuth");var G0={google:hm};var R_=require("koa-passport"),V0=require("passport-local").Strategy,wc=require("passport-oauth2-refresh"),q0=gc,K0=Oc,Q0=Sc,j0=R_;R_.use(new V0(_i.options,_i.authenticate));async function Y0(t,e){let r=await Xt.getCallbackUrl(),n,i;try{if(n=await Xt.fetchStrategyConfig(t,r),!n)throw new Error("OIDC Config contents invalid");i=await Xt.strategyFactory(n,Mo)}catch{throw new Error("Could not refresh OAuth Token")}return wc.use(i,{setRefreshOAuth2(){return i._getOAuth2Client(n)}}),new Promise(o=>{wc.requestNewAccessToken("oidc",e,(a,u,c,l)=>{o({err:a,accessToken:u,refreshToken:c,params:l})})})}s(Y0,"refreshOIDCAccessToken");async function H0(t,e){let r=await Zt.getCallbackUrl(t),n;try{n=await Zt.strategyFactory(t,r,Mo)}catch(i){throw new Error(`Error constructing OIDC refresh strategy: message=${i.message}`)}return wc.use(n),new Promise(i=>{wc.requestNewAccessToken("google",e,(o,a,u,c)=>{i({err:o,accessToken:a,refreshToken:u,params:c})})})}s(H0,"refreshGoogleAccessToken");async function z0(t,e,r){switch(e){case"oidc":{if(!r)return{err:{data:"OIDC config id not provided"}};let n=await qp(r);return n?Y0(n,t):{err:{data:"OIDC configuration not found"}}}case"google":{let n=await tc();return n?H0(n,t):{err:{data:"Google configuration not found"}}}}}s(z0,"refreshOAuthToken");async function J0(t,e){let r={accessToken:e.accessToken,refreshToken:e.refreshToken};try{let n=H(),i=await n.get(t);typeof r.refreshToken!="string"&&delete r.refreshToken,i.oauth2={...i.oauth2,...r},await n.put(i),await xo(t)}catch(n){console.error("Could not update OAuth details for current user",n)}}s(J0,"updateUserOAuth");async function Z0(t){let e=t.ctx,r=t.userId,n=t.keepActiveSession;if(!e)throw new Error("Koa context must be supplied to logout.");let i=qt(e,"budibase:auth"),o=await po(r);i&&n?o=o.filter(u=>u.sessionId!==i.sessionId):Tr(e,"budibase:auth");let a=o.map(({sessionId:u})=>u);await gn(r,{sessionIds:a,reason:"logout"}),await qu.logout(e.user?.email),await xo(r)}s(Z0,"platformLogout");var Tm={};P(Tm,{validate:()=>nk});var x=B(require("joi"));var X0=["Relational","Non-relational","Spreadsheet","Object store","Graph","API"];function ym(t,e){let{error:r}=t.validate(e);if(r)throw r}s(ym,"runJoi");function ek(t){let e=x.default.object({type:x.default.string().allow("component").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),settings:x.default.array().items(x.default.object().unknown(!0)).required()}).unknown(!0)});ym(e,t)}s(ek,"validateComponent");function tk(t){let e=x.default.object({type:x.default.string().allow(...Object.values(vc)).required(),required:x.default.boolean().required(),default:x.default.any(),display:x.default.string()}),r=x.default.object({type:x.default.string().allow(...Object.values(xc)),readable:x.default.boolean(),displayName:x.default.string(),fields:x.default.object().pattern(x.default.string(),e)}).required(),n=x.default.object({type:x.default.string().allow("datasource").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({docs:x.default.string(),plus:x.default.boolean().optional(),isSQL:x.default.boolean().optional(),auth:x.default.object({type:x.default.string().required()}).optional(),features:x.default.object(Object.fromEntries(Object.values(Pc).map(i=>[i,x.default.boolean().optional()]))).optional(),relationships:x.default.boolean().optional(),description:x.default.string().required(),friendlyName:x.default.string().required(),type:x.default.string().allow(...X0),datasource:x.default.object().pattern(x.default.string(),e).required(),query:x.default.object().pattern(x.default.string(),r).unknown(!0).required(),extra:x.default.object().pattern(x.default.string(),x.default.object({type:x.default.string().required(),displayName:x.default.string().required(),required:x.default.boolean(),data:x.default.object()}))})});ym(n,t)}s(tk,"validateDatasource");function rk(t){let e=x.default.object().pattern(x.default.string(),{type:x.default.string().allow(...Object.values(Nc)).required(),customType:x.default.string().allow(...Object.values(Uc)),title:x.default.string(),description:x.default.string(),enum:x.default.array().items(x.default.string()),pretty:x.default.array().items(x.default.string())}),r=x.default.object({properties:e,required:x.default.array().items(x.default.string())}).concat(e).required(),n=x.default.object({type:x.default.string().allow("automation").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),tagline:x.default.string().required(),icon:x.default.string().required(),description:x.default.string().required(),type:x.default.string().allow("ACTION","LOGIC").required(),stepId:x.default.string().disallow(...$m).required(),inputs:x.default.object().optional(),schema:x.default.object({inputs:r,outputs:r}).required()})});ym(n,t)}s(rk,"validateAutomation");function nk(t){switch(t?.type){case"component":ek(t);break;case"datasource":tk(t);break;case"automation":rk(t);break;default:throw new Error(`Unknown plugin type - check schema.json: ${t.type}`)}}s(nk,"validate");var Sm={};P(Sm,{Client:()=>Ce,clients:()=>gr,locks:()=>Si,utils:()=>ja});var Am={};P(Am,{isBlacklisted:()=>sk,refreshBlacklist:()=>v_});var C_=B(require("dns")),Rc=B(require("net"));var b_=require("util");var Dc,ik=(0,b_.promisify)(C_.default.lookup);async function x_(t){return Rc.default.isIP(t)||(t.startsWith("http")||(t=`https://${t}`),t=new URL(t).hostname),(await ik(t,{all:!0})).map(r=>r.address)}s(x_,"lookup");async function v_(){let e=E.BLACKLIST_IPS?.split(",")||[],r=[];for(let n of e){let i=n.trim();if(Rc.default.isIP(i))r.push(i);else{let o=await x_(i);r=r.concat(o)}}Dc=r}s(v_,"refreshBlacklist");async function sk(t){if(Dc||await v_(),Dc?.length===0)return!1;let e;return Rc.default.isIP(t)?e=[t]:e=await x_(t),!!Dc?.find(r=>e.includes(r))}s(sk,"isBlacklisted");var Om={};P(Om,{init:()=>ak});var ok={"user:created":t=>t.userId,"user:updated":t=>t.userId,"user:deleted":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:admin:removed":t=>t.userId,"user:builder:assigned":t=>t.userId,"user:builder:removed":t=>t.userId,"user_group:created":t=>t.groupId,"user_group:updated":t=>t.groupId,"user_group:deleted":t=>t.groupId,"user_group:user_added":t=>t.groupId,"user_group:users_deleted":t=>t.groupId,"user_group:permissions_edited":t=>t.groupId,"automation:deleted":t=>t.automationId,"datasource:deleted":t=>t.datasourceId,"table:deleted":t=>t.tableId,"query:deleted":t=>t.queryId,"workspace_app:deleted":t=>t.workspaceAppId,"view:deleted":t=>t.id};function P_(t,e){let r=ok[t];if(!r)throw new Error("Event does not have a method of document ID extraction");return r(e)}s(P_,"getDocumentId");var Fo=class{constructor(e){this.processors=[];this.processors=e}static{s(this,"DocumentUpdateProcessor")}async processEvent(e,r,n){let i=r.realTenantId,o=P_(e,n);if(!(!i||!o))for(let{events:a,processor:u}of this.processors)a.includes(e)&&await Re(i,async()=>{await u({id:o,tenantId:i,appId:n.appId,properties:n})})}shutdown(){return qS()}};var N_,_m;function ak(t){Tt||Wu(),_m||(_m=new Fo(t)),N_||(N_=Tt.process(async e=>{let{event:r,identity:n,properties:i}=e.data;await _m.processEvent(r,n,i)}))}s(ak,"init");var Pm={};P(Pm,{COUNT_FIELD_NAME:()=>xm,Sql:()=>$_,SqlTable:()=>Cc,designDoc:()=>vm,utils:()=>nf});var M_=require("knex");var uk=require("knex");function Im(t){return["link","formula","ai"].indexOf(t)!==-1}s(Im,"isIgnoredType");function U_(t,e,r,n,i){let o=e&&e.primary?e.primary:[],a=Object.values(e.schema),u=a.filter(m=>m.meta),c=u.length===a.length,l=[];n||(c?t.primary(u.map(m=>m.name)):o.length===1?(t.increments(o[0]).primary(),l.push(o[0])):t.primary(o));let d=Object.values(e.schema).map(m=>m.foreignKey);for(let[m,p]of Object.entries(e.schema)){let T=n?.schema[m];if(T&&T.type||l.includes(m)||i?.updated===m)continue;let h=p.type;switch(h){case"string":case"options":case"longform":case"barcodeqr":case"bb_reference_single":o.includes(m)?t.string(m,255):t.text(m);break;case"number":if(p.meta&&p.meta.toKey&&p.meta.toTable){let{toKey:g,toTable:y}=p.meta;t.integer(m).unsigned(),t.foreign(m).references(`${y}.${g}`)}else d.indexOf(m)===-1&&t.float(m);break;case"bigint":t.bigint(m);break;case"boolean":t.boolean(m);break;case"datetime":p.timeOnly?t.time(m):t.datetime(m,{useTz:!p.ignoreTimezones});break;case"array":case"bb_reference":Ue.schema.isDeprecatedSingleUserColumn(p)?t.text(m):t.json(m);break;case"link":if(p.relationshipType!=="many-to-one"&&p.relationshipType!=="many-to-many"){if(!p.foreignKey||!p.tableId)throw new Error("Invalid relationship schema");let{tableName:g}=Zd(p.tableId),y=r[g];if(!y||!y.primary)throw new Error("Referenced table doesn't exist or has no primary keys");let O=y.primary[0],I=y.schema[O].externalType;I?t.specificType(p.foreignKey,I):t.integer(p.foreignKey).unsigned(),t.foreign(p.foreignKey).references(`${g}.${O}`)}break;case"signature_single":case"attachment":case"attachment_single":t.json(m);break;case"formula":break;case"ai":break;case"auto":case"json":case"internal":throw new Error(`${p.type} is not a valid SQL type`);default:_t.unreachable(h)}}let f=i?n?.schema[i.old].type:void 0;return i&&f&&!Im(f)&&t.renameColumn(i.old,i.updated),n&&Object.entries(n.schema).filter(([p,T])=>!Im(T.type)&&e.schema[p]==null).forEach(([p,T])=>{i?.old===p||Im(T.type)||(n.constrained&&n.constrained.indexOf(p)!==-1&&t.dropForeign(p),t.dropColumn(p))}),t}s(U_,"generateSchema");function lk(t,e,r){return t.createTable(e.name,n=>{U_(n,e,r)})}s(lk,"buildCreateTable");function dk(t,e,r,n,i){return t.alterTable(e.name,o=>{U_(o,e,r,n,i)})}s(dk,"buildUpdateTable");function fk(t,e){return t.dropTable(e.name)}s(fk,"buildDeleteTable");var wm=class{static{s(this,"SqlTableQueryBuilder")}constructor(e){this.sqlClient=e}getBaseSqlClient(){return this.sqlClient}getSqlClient(){return this.extendedSqlClient||this.sqlClient}setExtendedSqlClient(e){this.extendedSqlClient=e}_operation(e){return e.operation}_tableQuery(e){let r=(0,uk.knex)({client:this.sqlClient}).schema;e?.schema&&(r=r.withSchema(e.schema));let n;if(!e.table||!e.tables)throw new Error("Cannot execute without table being specified");if(e.table.sourceType==="internal")throw new Error("Cannot perform table actions for SQS.");switch(this._operation(e)){case"CREATE_TABLE":n=lk(r,e.table,e.tables);break;case"UPDATE_TABLE":if(!e.table)throw new Error("Must specify old table for update");if(this.sqlClient==="mysql2"&&e.meta?.renamed){let i=e.meta.renamed.updated;return{sql:`alter table ${e?.schema?`\`${e.schema}\`.\`${e.table.name}\``:`\`${e.table.name}\``} rename column \`${e.meta.renamed.old}\` to \`${i}\`;`,bindings:[]}}if(n=dk(r,e.table,e.tables,e.meta?.oldTable,e.meta?.renamed),this.sqlClient==="mssql"&&e.meta?.renamed){let i=e.meta.renamed.old,o=e.meta.renamed.updated,a=e?.schema?`${e.schema}.${e.table.name}`:`${e.table.name}`,u=Zn(n);if(Array.isArray(u))for(let c of u)c.sql.startsWith("exec sp_rename")&&(c.sql=`exec sp_rename '${a}.${i}', '${o}', 'COLUMN'`,c.bindings=[]);return u}break;case"DELETE_TABLE":n=fk(r,e.table);break;default:throw new Error("Table operation is of unknown type")}return Zn(n)}},Cc=wm;var F_=require("lodash");var xm="__bb_total";function L_(){return(E.SQL_MAX_ROWS?parseInt(E.SQL_MAX_ROWS):null)||5e3}s(L_,"getBaseLimit");function Dm(){return(E.SQL_MAX_RELATED_ROWS?parseInt(E.SQL_MAX_RELATED_ROWS):null)||500}s(Dm,"getRelationshipLimit");function pk(t,e){return t.sort((r,n)=>{let i=e.find(a=>a&&r.endsWith(a)),o=e.find(a=>a&&n.endsWith(a));return i&&!o?-1:!i&&o?1:r.localeCompare(n)})}s(pk,"prioritisedArraySort");function B_(t){return Array.isArray(t)?t.map(e=>B_(e)):(t.bindings&&(t.bindings=t.bindings.map(e=>typeof e=="boolean"?e?1:0:e)),t)}s(B_,"convertBooleans");function k_(t){return t.sourceType==="internal"||t.sourceId===Mc}s(k_,"isSqs");function mk(t,e='"'){return t.replace(new RegExp(e,"g"),`${e}${e}`)}s(mk,"escapeQuotes");function hk(t,e='"'){return`${e}${mk(t,e)}${e}`}s(hk,"wrap");function Ek(t,e='"'){for(let r in t)typeof t[r]=="string"&&(t[r]=hk(t[r],e));return`[${t.join(",")}]`}s(Ek,"stringifyArray");function Rm(t){return`{${(Array.isArray(t)?t:t==null?[]:[t]).map(n=>{if(typeof n=="string"&&n.length>1){let i=n[0],o=n[n.length-1];if(i==='"'&&o==='"'||i==="'"&&o==="'")return n.substring(1,n.length-1)}return`${n}`}).join(",")}}`}s(Rm,"toPgArrayLiteral");function W_(t){return Vm.includes(t.type)&&!Ue.schema.isDeprecatedSingleUserColumn(t)}s(W_,"isJsonColumn");var gk={equal:!1,notEqual:!0,empty:!1,notEmpty:!0,fuzzy:!1,string:!1,range:!1,contains:!1,notContains:!0,containsAny:!1,oneOf:!1,$and:!1,$or:!1},Cm=class{constructor(e,r,n){this.SPECIAL_SELECT_CASES={POSTGRES_ARRAY:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="array",POSTGRES_MONEY:e=>this.client==="pg"&&e?.externalType?.includes("money"),POSTGRES_ENUM:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="user-defined"&&e?.type==="options",MSSQL_DATES:e=>this.client==="mssql"&&e?.type==="datetime"&&e.timeOnly};this.client=e,this.query=n,this.knex=r,this.splitter=new dr.ColumnSplitter([this.table],{aliases:this.query.tableAliases,columnPrefix:this.query.meta?.columnPrefix})}static{s(this,"InternalBuilder")}get table(){return this.query.table}get knexClient(){return this.knex.client}getFieldSchema(e){let{column:r}=this.splitter.run(e);return this.table.schema[r]}requiresJsonAsStringClient(){return["mssql","mysql2","mariadb","oracledb"].includes(this.client)}quoteChars(){let e=this.knexClient.wrapIdentifier("foo",{});return[e[0],e[e.length-1]]}quote(e){return this.knexClient.wrapIdentifier(e,{})}isQuoted(e){let[r,n]=this.quoteChars();return e.startsWith(r)&&e.endsWith(n)}quotedIdentifier(e){return Array.isArray(e)||(e=this.splitIdentifier(e)),e.map(r=>this.quote(r)).join(".")}castIntToString(e){switch(this.client){case"oracledb":return this.knex.raw("to_char(??)",[e]);case"pg":return this.knex.raw("??::TEXT",[e]);case"mysql2":case"mariadb":return this.knex.raw("CAST(?? AS CHAR)",[e]);case"sqlite3":return this.knex.raw("printf('%d', ??)",[e]);case"mssql":return this.knex.raw("CONVERT(NVARCHAR, ??)",[e])}}rawQuotedIdentifier(e){return this.knex.raw(this.quotedIdentifier(e))}splitIdentifier(e){let[r,n]=this.quoteChars();return this.isQuoted(e)?e.slice(1,-1).split(`${n}.${r}`):e.split(".")}qualifyIdentifier(e){let r=this.getTableName(),n=this.splitIdentifier(e);return n[0]!==r&&n.unshift(r),this.isQuoted(e)?this.quotedIdentifier(n):n.join(".")}generateSelectStatement(){let{table:e,resource:r}=this.query;if(!r||!r.fields||r.fields.length===0)return"*";let n=this.getTableName(e),i=this.table.schema;return r.fields.map(a=>{let u=a.split(/\./g),c,l=u[0];return u.length>1&&(c=u[0],l=u.slice(1).join(".")),{table:c,column:l,field:a}}).filter(({table:a})=>!a||a===n).map(({table:a,column:u,field:c})=>{let l=i[u];return this.SPECIAL_SELECT_CASES.POSTGRES_MONEY(l)?this.knex.raw("??::money::numeric as ??",[this.rawQuotedIdentifier([a,u].join(".")),this.knex.raw(this.quote(c))]):this.SPECIAL_SELECT_CASES.MSSQL_DATES(l)?this.knex.raw("CONVERT(varchar, ??, 108) as ??",[this.rawQuotedIdentifier(c),this.knex.raw(this.quote(c))]):a?this.rawQuotedIdentifier(`${a}.${u}`):this.rawQuotedIdentifier(c)})}convertClobs(e,r){if(this.client!=="oracledb")throw new Error("you've called convertClobs on a DB that's not Oracle, this is a mistake");let i=this.splitIdentifier(e).pop(),o=this.table.schema[i],a=this.rawQuotedIdentifier(e);return(o.type==="string"||o.type==="longform"||o.type==="bb_reference_single"||o.type==="bb_reference"||o.type==="options"||o.type==="barcodeqr")&&(r?.forSelect?a=this.knex.raw("to_char(??) as ??",[a,this.rawQuotedIdentifier(i)]):a=this.knex.raw("to_char(??)",[a])),a}parse(e,r){if(Array.isArray(e))return JSON.stringify(e);if(e==null)return null;if(this.requiresJsonAsStringClient()&&W_(r)&&typeof e=="object")return JSON.stringify(e);if(this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(r))return`{${e}}`;if(this.client==="oracledb"&&r.type==="datetime"&&r.timeOnly){if(e instanceof Date){let n=e.getHours().toString().padStart(2,"0"),i=e.getMinutes().toString().padStart(2,"0"),o=e.getSeconds().toString().padStart(2,"0");return`${n}:${i}:${o}`}if(typeof e=="string")return new Date(`1970-01-01T${e}Z`)}if(typeof e=="string"&&r.type==="datetime")if(r.timeOnly){if(!tf(e))return null}else if(r.dateOnly){let n=ef(e);return n?new Date(n):null}else return r.ignoreTimezones?Za(e)?new Date(e):Xd(e)?new Date(e+"Z"):null:Za(e)?new Date(e.trim()):null;return e}parseBody(e){for(let[r,n]of Object.entries(e)){let{column:i}=this.splitter.run(r),o=this.table.schema[i];o&&(e[r]=this.parse(n,o))}return e}parseFilters(e){e=(0,F_.cloneDeep)(e);for(let r of Object.values(Ur)){let n=e[r];if(n)for(let i of Object.keys(n)){if(Array.isArray(n[i])){n[i]=JSON.stringify(n[i]);continue}let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=this.parse(n[i],a))}}for(let r of Object.values(tr)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=n[i].map(u=>this.parse(u,a)))}}for(let r of Object.values(Cn)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];if(!a)continue;let u=n[i];"low"in u&&(u.low=this.parse(u.low,a)),"high"in u&&(u.high=this.parse(u.high,a))}}return e}addJoinFieldCheck(e,r){let n=r.from?.split(".")[0]||"";return e.andWhere(`${n}.fieldName`,"=",r.column)}addRelationshipForFilter(e,r,n,i){let{relationships:o,schema:a,tableAliases:u,table:c}=this.query,l=u?.[c.name]||c.name,d=s(f=>n.match(new RegExp(`^${f}\\.`)),"matches");if(!o)return e;for(let f of o){let m=f.tableName,p=u?.[m]||m,T=d(m)||d(p),h=d(f.column);if((T||h)&&f.to&&f.tableName){let g=this.knex.select(this.knex.raw(1)).from({[p]:m}),y=g.clone(),O=rf(f),I;if(T?I=n:I=n.replace(new RegExp(`^${f.column}.`),`${u?.[f.tableName]||f.tableName}.`),O){let R=u?.[O.through]||f.through,S=this.tableNameWithSchema(O.through,{alias:R,schema:a});y=y.innerJoin(S,function(){this.on(`${p}.${O.toPrimary}`,"=",`${R}.${O.to}`)}).where(`${R}.${O.from}`,"=",this.rawQuotedIdentifier(`${l}.${O.fromPrimary}`)),this.client==="sqlite3"&&(y=this.addJoinFieldCheck(y,O)),e=e.where(_=>{_.whereExists(i(I,y)),r&&_.orWhereNotExists(g.clone().innerJoin(S,function(){this.on(`${l}.${O.fromPrimary}`,"=",`${R}.${O.from}`)}))})}else{let R=`${p}.${f.to}`,S=`${l}.${f.from}`;y=y.where(R,"=",this.rawQuotedIdentifier(S)),e=e.where(_=>{_.whereExists(i(I,y.clone())),r&&_.orWhereNotExists(y)})}}}return e}addFilters(e,r,n){if(!r)return e;let i=this;r=this.parseFilters({...r});let o=this.query.tableAliases,a=r.allOr,c=this.client==="sqlite3"?this.table._id:this.table.name;function l(h){return o?.[h]||h}s(l,"getTableAlias");function d(h,g,y,O){let I=s((R,S,_)=>{let[F,...b]=S.split("."),k=b.join("."),Y=l(F);return R.andWhere(Ie=>y(Ie,Y?`${Y}.${k}`:k,_))},"handleRelationship");for(let R in h){let S=h[R],_=Qs(R),F=_.includes("."),b=n?.relationship&&F,k;if(R==="_complexIdOperator"&&(k=h[R])&&O){let Y=l(c);e=O(e,k.id.map(Ie=>Y?`${Y}.${Ie}`:Ie),k.values)}else if(F)b&&(a&&(e=e.or),e=i.addRelationshipForFilter(e,gk[g],_,(Y,Ie)=>I(Ie,Y,S)));else{let Y=l(c);e=y(e,Y?`${Y}.${_}`:_,S)}}}s(d,"iterate");let f=this.client==="sqlite3"&&this.query.meta?.sqliteUseLikeWithoutLower,m=s((h,g,y)=>((r?.fuzzyOr||a)&&(h=h.or),f?h.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(g),`%${y}%`]):this.client==="oracledb"||this.client==="sqlite3"?h.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(g),`%${y.toLowerCase()}%`]):h.whereILike(this.rawQuotedIdentifier(g),this.knex.raw("?",[`%${y}%`]))),"like"),p=s((h,g=!1)=>{function y(O){return(a||h===r?.containsAny)&&(O=O.or),h===r?.notContains&&(O=O.not),O}s(y,"addModifiers"),this.client==="pg"?d(h,"contains",(O,I,R)=>{O=y(O);let S=this.getFieldSchema(I),_=this.rawQuotedIdentifier(I),F=Array.isArray(R)?[...R]:[R],b=this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(S);return g?b?O.whereRaw("COALESCE(?? && ?::text[], FALSE)",[_,Rm(F)]):O.whereRaw("COALESCE(??::jsonb \\?| ?::text[], FALSE)",[_,Rm(F)]):b?O.whereRaw("COALESCE(?? @> ?::text[], FALSE)",[_,Rm(F)]):O.whereRaw("COALESCE(??::jsonb @> ?::jsonb, FALSE)",[_,Ek(F)])}):this.client==="mysql2"||this.client==="mariadb"?d(h,"contains",(O,I,R)=>{let S=Array.isArray(R)?R:[R];return y(O).whereRaw("COALESCE(?(??, ?), FALSE)",[this.knex.raw(g?"JSON_OVERLAPS":"JSON_CONTAINS"),this.rawQuotedIdentifier(I),JSON.stringify(S)])}):d(h,"contains",(O,I,R)=>(R.length===0||(O=O.where(S=>(h===r?.notContains&&(S=S.not),S=S.where(_=>{for(let F of R){h===r?.containsAny?_=_.or:_=_.and;let b=!f,k=typeof F=="string"?`"${b?F.toLowerCase():F}"`:F,Y=b?"COALESCE(LOWER(??), '')":"COALESCE(??, '')";_=_.whereLike(this.knex.raw(Y,[this.rawQuotedIdentifier(I)]),`%${k}%`)}}),h===r?.notContains&&(S=S.or.whereNull(this.rawQuotedIdentifier(I))),S))),O))},"contains");if(r.$and){let{$and:h}=r;for(let g of h.conditions)e=e.where(y=>{this.addFilters(y,g,n)})}if(r.$or){let{$or:h}=r;e=e.where(g=>{for(let y of h.conditions)g.orWhere(O=>this.addFilters(O,{...y,allOr:!0},n))})}r.oneOf&&d(r.oneOf,"oneOf",(h,g,y)=>{let O=this.getFieldSchema(g),I=Array.isArray(y)?y:[y];if(a&&(h=h.or),this.client==="oracledb")g=this.convertClobs(g);else if(this.client==="sqlite3"&&O?.type==="datetime"&&O.dateOnly){for(let R of I)R!=null?h=h.or.whereLike(g,`${R.toISOString().slice(0,10)}%`):h=h.or.whereNull(g);return h}return h.whereIn(g,I)},(h,g,y)=>(a&&(h=h.or),this.client==="oracledb"&&(g=g.map(O=>this.convertClobs(O))),h.whereIn(g,Array.isArray(y)?y:[y]))),r.string&&d(r.string,"string",(h,g,y)=>{if(a&&(h=h.or),f)return h.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(g),`${y}%`]);if(this.client==="oracledb"||this.client==="sqlite3")return h.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(g),`${y.toLowerCase()}%`]);{let O=this.getFieldSchema(g);return this.SPECIAL_SELECT_CASES.POSTGRES_ENUM(O)?h.whereRaw("??::text ilike ?",[this.knex.raw(this.quote(O.name)),`${y}%`]):h.whereILike(g,`${y}%`)}}),r.fuzzy&&d(r.fuzzy,"fuzzy",m),r.range&&d(r.range,"range",(h,g,y)=>{let O=s(k=>k&&Object.keys(k).length===0&&Object.getPrototypeOf(k)===Object.prototype,"isEmptyObject");O(y.low)&&(y.low=""),O(y.high)&&(y.high="");let I=Xa(y.low),R=Xa(y.high),S=this.getFieldSchema(g),_=g,F=y.high,b=y.low;return this.client==="sqlite3"&&S?.type==="datetime"&&S.dateOnly&&(F!=null&&(F=`${F.toISOString().slice(0,10)}T23:59:59.999Z`),b!=null&&(b=b.toISOString().slice(0,10))),this.client==="oracledb"?_=this.convertClobs(g):this.client==="sqlite3"&&S?.type==="bigint"&&(_=this.knex.raw("CAST(?? AS INTEGER)",[this.rawQuotedIdentifier(g)]),F=this.knex.raw("CAST(? AS INTEGER)",[y.high]),b=this.knex.raw("CAST(? AS INTEGER)",[y.low])),a&&(h=h.or),I&&R?h.whereBetween(_,[b,F]):I?h.where(_,">=",b):R?h.where(_,"<=",F):h}),r.equal&&d(r.equal,"equal",(h,g,y)=>{let O=this.getFieldSchema(g);if(a&&(h=h.or),this.client==="mssql")return h.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 1",[this.rawQuotedIdentifier(g),y]);if(this.client==="oracledb"){let I=this.convertClobs(g);return h.where(R=>R.whereNotNull(I).andWhere(I,y))}else return this.client==="sqlite3"&&O?.type==="datetime"&&O.dateOnly?y!=null?h.whereLike(g,`${y.toISOString().slice(0,10)}%`):h.whereNull(g):h.whereRaw("COALESCE(?? = ?, FALSE)",[this.rawQuotedIdentifier(g),y])}),r.notEqual&&d(r.notEqual,"notEqual",(h,g,y)=>{let O=this.getFieldSchema(g);if(a&&(h=h.or),this.client==="mssql")return h.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 0",[this.rawQuotedIdentifier(g),y]);if(this.client==="oracledb"){let I=this.convertClobs(g);return h.where(R=>R.not.whereNull(I).and.where(I,"!=",y)).or.whereNull(I)}else return this.client==="sqlite3"&&O?.type==="datetime"&&O.dateOnly?y!=null?h.not.whereLike(g,`${y.toISOString().slice(0,10)}%`).or.whereNull(g):h.not.whereNull(g):h.whereRaw("COALESCE(?? != ?, TRUE)",[this.rawQuotedIdentifier(g),y])}),r.empty&&d(r.empty,"empty",(h,g)=>(a&&(h=h.or),h.whereNull(g))),r.notEmpty&&d(r.notEmpty,"notEmpty",(h,g)=>(a&&(h=h.or),h.whereNotNull(g))),r.contains&&p(r.contains),r.notContains&&p(r.notContains),r.containsAny&&p(r.containsAny,!0);let T=o?.[this.table._id]||this.table._id;return r.documentType&&!Jd(this.table)&&T&&e.andWhereLike(`${T}._id`,`${rr(r.documentType)}%`),e}isSqs(){return k_(this.table)}getTableName(e){e||(e=this.table);let r=e.name;k_(e)&&e._id&&(r=e._id);let n=this.query.tableAliases||{};return n[r]?n[r]:r}addDistinctCount(e){if(!this.table.primary)throw new Error("SQL counting requires primary key to be supplied");return e.countDistinct(`${this.getTableName()}.${this.table.primary[0]} as ${xm}`)}addAggregations(e,r){let n=this.query.resource?.fields||[],i=this.getTableName();if(n.length>0){let o=n.map(a=>this.qualifyIdentifier(a));if(this.client==="oracledb"){let a=o.map(c=>this.convertClobs(c)),u=o.map(c=>this.convertClobs(c,{forSelect:!0}));e=e.groupBy(a).select(u)}else e=e.groupBy(o).select(o)}for(let o of r){let a=o.calculationType;if(a==="count")if("distinct"in o&&o.distinct)if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(DISTINCT ??) as ??",[u,o.name]))}else e=e.countDistinct(`${i}.${o.field} as ${o.name}`);else if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(??) as ??",[u,o.name]))}else e=e.count(`${o.field} as ${o.name}`);else{let u=this.getFieldSchema(o.field);if(!u)throw new Error(`field schema missing for aggregation target: ${o.field}`);let c=this.knex.raw("??(??)",[this.knex.raw(a),this.rawQuotedIdentifier(`${i}.${o.field}`)]);u.type==="bigint"&&(c=this.castIntToString(c)),e=e.select(this.knex.raw("?? as ??",[c,o.name]))}}return e}isAggregateField(e){return!!this.query.resource?.aggregations?.find(n=>n.name===e)}addSorting(e){let{sort:r,resource:n}=this.query,i=this.table.primary,o=this.getTableName();if(!Array.isArray(i))throw new Error("Sorting requires primary key to be specified for table");if(r&&Object.keys(r||{}).length>0)for(let[u,c]of Object.entries(r)){let l=this.getFieldSchema(u);if(this.isUnsortableField(l))continue;let d=c.direction==="ascending"?"asc":"desc",f;(this.client==="pg"||this.client==="oracledb")&&(f=c.direction==="ascending"?"first":"last");let m=`${o}.${u}`,p;this.isAggregateField(u)?p=this.rawQuotedIdentifier(u):this.client==="oracledb"?p=this.convertClobs(m):p=this.rawQuotedIdentifier(m),e=e.orderByRaw(`?? ?? ${f?"nulls ??":""}`,[p,this.knex.raw(d),...f?[this.knex.raw(f)]:[]])}if(!((n?.aggregations?.length??0)>0)){let u=this.findSortablePrimaryKey(i);if(u&&(!r||r[u]===void 0))e=e.orderBy(`${o}.${u}`);else if(!u&&(!r||Object.keys(r).length===0))throw new Error(`Primary key not found for table ${this.table.name}`)}return e}isUnsortableField(e){return e?.type==="json"}findSortablePrimaryKey(e){return e.find(r=>{if(r==null)return!1;let n=this.getFieldSchema(r);return!this.isUnsortableField(n)})}tableNameWithSchema(e,r){let n=r?.schema?`${r.schema}.${e}`:e;return r?.alias&&(n+=` as ${r.alias}`),n}buildJsonField(e,r){let n=r.split("."),i=n[n.length-1],o,a;if(n.length>1){let l=n.shift();o=n.join("."),a=`${l}.${o}`}else o=n.join("."),a=o;this.query.meta?.columnPrefix&&(i=i.replace(this.query.meta.columnPrefix,""));let u=this.rawQuotedIdentifier(a),c=e.schema[i];return c&&c.type==="bigint"&&(u=this.castIntToString(u)),[o,u]}maxFunctionParameters(){switch(this.client){case"sqlite3":return 127;case"pg":return 100;default:return 200}}addJsonRelationships(e,r,n){let i=this.client,o=this.knex,{resource:a,tableAliases:u,schema:c,tables:l}=this.query,d=a?.fields||[];for(let f of n){let{tableName:m,through:p,to:T,from:h,fromPrimary:g,toPrimary:y}=f;if(!m||!r)continue;let O=l[m];if(!O)throw new Error(`related table "${m}" not found in datasource`);let I=u?.[m]||m,R=u?.[r]||r,S=p&&u?.[p]||p,_=this.tableNameWithSchema(m,{alias:I,schema:c}),F=[...O?.primary||[],O?.primaryDisplay].filter(w=>w),b=pk(d.filter(w=>w.split(".")[0]===I),F);b=b.slice(0,Math.floor(this.maxFunctionParameters()/2));let k=b.map(w=>this.buildJsonField(O,w));if(!k.length)continue;let Y=k.map(w=>{let J=this.client==="oracledb"?" VALUE ":",";return this.knex.raw(`?${J}??`,[w[0],w[1]]).toString()}).join(","),Ie=`${I}.${y||T}`,W=o.from(_).orderBy(Ie),M=p&&y&&g,N=M?`${S}.${h}`:`${I}.${T}`,$=M?`${R}.${g}`:`${R}.${h}`;if(M){let w=this.tableNameWithSchema(p,{alias:S,schema:c});W=W.join(w,function(){this.on(`${I}.${y}`,"=",`${S}.${T}`)})}W=W.where(this.rawQuotedIdentifier(N),"=",this.rawQuotedIdentifier($));let L=s(w=>(W=W.select(b.map(J=>this.rawQuotedIdentifier(J))).limit(Dm()),o.select(w).from({[I]:W})),"standardWrap"),K;switch(i){case"sqlite3":W=this.addJoinFieldCheck(W,f),K=L(this.knex.raw(`json_group_array(json_object(${Y}))`));break;case"pg":K=L(this.knex.raw(`json_agg(json_build_object(${Y}))`));break;case"mariadb":K=W.select(o.raw(`json_arrayagg(json_object(${Y}) LIMIT ${Dm()})`));break;case"mysql2":case"oracledb":K=L(this.knex.raw(`json_arrayagg(json_object(${Y}))`));break;case"mssql":{let w=o.select("*").from({[R]:W.select(k.map(J=>o.ref(J[1]).as(J[0]))).limit(Dm())});K=o.raw(`(SELECT ?? = (${w} FOR JSON PATH))`,[this.rawQuotedIdentifier(I)]);break}default:throw new Error(`JSON relationships not implement for ${i}`)}e=e.select({[f.column]:K})}return e}addJoin(e,r,n){let{tableAliases:i,schema:o}=this.query,a=r.to,u=r.from,c=r.through,l=i?.[a]||a,d=c&&i?.[c]||c,f=i?.[u]||u,m=this.tableNameWithSchema(a,{alias:l,schema:o}),p=c?this.tableNameWithSchema(c,{alias:d,schema:o}):void 0;return c?e=e.leftJoin(p,function(){for(let T of n){let h=T.fromPrimary,g=T.from;this.orOn(`${f}.${h}`,"=",`${d}.${g}`)}}).leftJoin(m,function(){for(let T of n){let h=T.toPrimary,g=T.to;this.orOn(`${l}.${h}`,`${d}.${g}`)}}):e=e.leftJoin(m,function(){for(let T of n){let h=T.from,g=T.to;this.orOn(`${f}.${h}`,"=",`${l}.${g}`)}}),e}qualifiedKnex(e){let r=this.query.tableAliases?.[this.query.table.name];return e?.alias===!1?r=void 0:typeof e?.alias=="string"&&(r=e.alias),this.knex(this.tableNameWithSchema(this.query.table.name,{alias:r,schema:this.query.schema}))}create(e){let{body:r}=this.query;if(!r)throw new Error("Cannot create without row body");let n=this.qualifiedKnex({alias:!1}),i=this.parseBody(r);if(this.client==="oracledb")for(let[o,a]of Object.entries(this.query.table.schema)){if(a.constraints?.presence===!0||a.type==="formula"||a.type==="auto"||a.type==="link"||a.type==="ai")continue;i[o]==null&&(i[o]=null)}else for(let[o,a]of Object.entries(i))a==null&&delete i[o];return e.disableReturning?n.insert(i):n.insert(i).returning("*")}bulkCreate(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));return r.insert(n)}bulkUpsert(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));if(this.client==="pg"||this.client==="sqlite3"||this.client==="mysql2"||this.client==="mariadb"){let i=this.table.primary;if(!i)throw new Error("Primary key is required for upsert");return r.insert(n).onConflict(i).merge()}else if(this.client==="mssql"||this.client==="oracledb")return r.insert(n);return r.upsert(n)}read(e={}){let{operation:r,filters:n,paginate:i,relationships:o,table:a}=this.query,{limits:u}=e,c=this.qualifiedKnex(),l=null,d=u?.query||u?.base;if(i&&i.page&&i.limit){let p=(i.page<=1?0:i.page-1)*i.limit;d=i.limit,l=p}else i&&i.offset&&i.limit?(d=i.limit,l=i.offset):i&&i.limit&&(d=i.limit);r!=="COUNT"&&(d!=null&&(c=c.limit(d)),l!=null&&(c=c.offset(l)));let f=this.query.resource?.aggregations||[];if(r==="COUNT"?c=this.addDistinctCount(c):f.length>0?c=this.addAggregations(c,f):c=c.select(this.generateSelectStatement()),r!=="COUNT"&&(c=this.addSorting(c)),c=this.addFilters(c,n,{relationship:!0}),o?.length&&f.length===0){let m=this.query.tableAliases?.[a.name]||a.name,p=this.addSorting(this.knex.with("paginated",c.clone().clearSelect().select("*")).select(this.generateSelectStatement()).from({[m]:"paginated"}));return this.addJsonRelationships(p,a.name,o)}return c}update(e){let{body:r,filters:n}=this.query;if(!r)throw new Error("Cannot update without row body");let i=this.qualifiedKnex(),o=this.parseBody(r);return i=this.addFilters(i,n),e.disableReturning?i.update(o):i.update(o).returning("*")}delete(e){let{filters:r}=this.query,n=this.qualifiedKnex();return n=this.addFilters(n,r),e.disableReturning?n.delete():n.delete().returning(this.generateSelectStatement())}},bm=class extends Cc{constructor(r,n=L_()){super(r);this.limit=n}static{s(this,"SqlQueryBuilder")}convertToNative(r,n={}){let i=this.getSqlClient();if(n?.disableBindings)return{sql:r.toString()};{let o=Zn(r);return i==="sqlite3"&&(o=B_(o)),o}}_query(r,n={}){let i=this.getSqlClient(),o={client:this.getBaseSqlClient()};(i==="sqlite3"||i==="oracledb")&&(o.useNullAsDefault=!0);let a=(0,M_.knex)(o),u,c=new Cm(i,a,r);switch(this._operation(r)){case"CREATE":u=c.create(n);break;case"READ":u=c.read({limits:{query:this.limit,base:L_()}});break;case"COUNT":u=c.read();break;case"UPDATE":u=c.update(n);break;case"DELETE":u=c.delete(n);break;case"BULK_CREATE":u=c.bulkCreate();break;case"BULK_UPSERT":u=c.bulkUpsert();break;case"CREATE_TABLE":case"UPDATE_TABLE":case"DELETE_TABLE":return this._tableQuery(r);default:throw"Operation type is not supported by SQL query builder"}return this.convertToNative(u,n)}async getReturningRow(r,n){if(!n.extra||!n.extra.idFilter)return{};let i=this._query({operation:"READ",datasource:n.datasource,schema:n.schema,table:n.table,tables:n.tables,resource:{fields:[]},filters:n.extra?.idFilter,paginate:{limit:1}});return r(i,"READ")}checkLookupKeys(r,n){if(!r||!n.table.primary)return n;let i=n.table.primary[0];return n.extra={idFilter:{equal:{[i]:r}}},n}async queryWithReturning(r,n,i=o=>o){let o=this.getSqlClient(),a=this._operation(r),u=this._query(r,{disableReturning:!0});if(Array.isArray(u)){let f=[];for(let m of u)f.push(await n(m,a));return f}let c;a==="DELETE"&&(c=i(await this.getReturningRow(n,r)));let l=await n(u,a),d=i(l);if(a==="CREATE"||a==="UPDATE"){let f;o==="mssql"?f=d?.[0].id:(o==="mysql2"||o==="mariadb")&&(f=d?.insertId),c=i(await this.getReturningRow(n,this.checkLookupKeys(f,r)))}return a==="COUNT"?d:a!=="READ"?c:d.length?d:[{[a.toLowerCase()]:!0}]}getTableName(r,n){let i=r.name;if(r.sourceType==="internal"||r.sourceId===Mc){if(!r._id)return;i=r._id}return n?.[i]||i}convertJsonStringColumns(r,n,i){let o=this.getTableName(r,i);for(let[a,u]of Object.entries(r.schema)){if(!W_(u))continue;let c=`${o}.${a}`;for(let l of n)typeof l[c]=="string"&&(l[c]=JSON.parse(l[c])),typeof l[a]=="string"&&(l[a]=JSON.parse(l[a]))}return n}log(r,n){Cs(this.getSqlClient(),r,n)}},$_=bm;var vm={};P(vm,{base:()=>yk});function yk(t){return{_id:Rt,language:"sqlite",sql:{tables:{},options:{table_name:t}}}}s(yk,"base");var Nm={};P(Nm,{jsonFromCsvString:()=>Tk});var G_=B(require("csvtojson"));async function Tk(t,e){let{ignoreEmpty:r=!1,allowSingleColumn:n=!1,possibleDelimiters:i=[",",";",":","|","~"," "," "]}=e||{};for(let o of i){let a,u=!1;try{let c=await(0,G_.default)({ignoreEmpty:r,delimiter:o}).fromString(t);for(let[,l]of c.entries()){let d=Object.keys(l);if(a==null&&(a=d),!n&&d.length===1){u=!0;break}if(a.length!==d.length){u=!0;break}for(let f of a)(l[f]===void 0||l[f]==="")&&(l[f]=null)}if(u)continue;return c}catch{continue}}throw new Error("Unable to determine delimiter")}s(Tk,"jsonFromCsvString");var Um=class{static{s(this,"Endpoint")}constructor(e,r,n){this.method=e,this.url=r,this.controller=n,this.middlewares=[],this.outputMiddlewares=[]}addMiddleware(e,r){return r?.first?this.middlewares.unshift(e):this.middlewares.push(e),this}addOutputMiddleware(e,r){return r?.first?this.outputMiddlewares.unshift(e):this.outputMiddlewares.push(e),this}apply(e){let r=this.method,n=this.url,i=this.middlewares,o=this.controller,a=this.outputMiddlewares,u=s(()=>{},"complete"),c=[n,...i,o,...a,u];e[r](...c)}},bc=Um;var V_=B(require("@koa/router"));var Dn=class{constructor(){this.endpoints=[];this.middlewares=[];this.outputMiddlewares=[];this.applied=!1;this.locked=!1}static{s(this,"EndpointGroup")}addGroupMiddleware(e,r={first:!0}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.middlewares.push({fn:e,first:r.first}),this}addGroupMiddlewareOutput(e,r={first:!1}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.outputMiddlewares.push({fn:e,first:r.first}),this}addEndpoint(e,r,...n){let i=n.pop(),o=new bc(e,r,i);if(n.length!==0)for(let a of n)o.addMiddleware(a);return this.endpoints.push(o),this}lockMiddleware(){this.locked=!0}post(e,...r){return this.addEndpoint("post",e,...r)}patch(e,...r){return this.addEndpoint("patch",e,...r)}put(e,...r){return this.addEndpoint("put",e,...r)}get(e,...r){return this.addEndpoint("get",e,...r)}delete(e,...r){return this.addEndpoint("delete",e,...r)}head(e,...r){return this.addEndpoint("head",e,...r)}apply(e){let r=this.endpointList();e||(e=new V_.default);for(let n of r)n.apply(e);return e}endpointList(){if(this.applied)throw new Error("Already applied to router");this.applied=!0;for(let e of this.endpoints)this.middlewares.forEach(({fn:r,first:n})=>e.addMiddleware(r,{first:n})),this.outputMiddlewares.forEach(({fn:r,first:n})=>e.addOutputMiddleware(r,{first:n}));return this.endpoints}};var Bo=class{constructor(){this.groups=[]}static{s(this,"EndpointGroupList")}group(...e){let r=new Dn;return e.length&&e.forEach(n=>{"first"in n?r.addGroupMiddleware(n.middleware,{first:n.first}):r.addGroupMiddleware(n)}),this.groups.push(r),r}listAllEndpoints(){let e=this.groups.flatMap(i=>i.endpointList()),r=[],n=[];for(let i of e)i.url.includes(":")?n.push(i):r.push(i);return[...r,...n]}};var Sk={...Ys,...ue},Ak=s((t={})=>{za(t.db)},"init");0&&(module.exports={APIWarning,AutomationViewMode,BUDIBASE_DATASOURCE_TYPE,BadRequestError,BudibaseError,Config,Cookie,DEFAULT_BB_DATASOURCE_ID,DEFAULT_EMPLOYEE_TABLE_ID,DEFAULT_EXPENSES_TABLE_ID,DEFAULT_INVENTORY_TABLE_ID,DEFAULT_JOBS_TABLE_ID,DEFAULT_TENANT_ID,DeprecatedViews,DesignDocuments,DocumentType,Duration,DurationType,EmailUnavailableError,Endpoint,EndpointGroup,EndpointGroupList,FeatureDisabledError,FeatureDisabledWarning,ForbiddenError,GlobalRole,HTTPError,Header,InternalTable,InvalidAPIKeyWarning,MAX_VALID_DATE,MIN_VALID_DATE,NotFoundError,NotImplementedError,RedisClient,SEPARATOR,SQLITE_DESIGN_DOC_ID,SQS_DATASOURCE_INTERNAL,StaticDatabases,UNICODE_MAX,USER_METADATA_PREFIX,UnexpectedError,UsageLimitError,UsageLimitWarning,UserStatus,ViewName,WORKSPACE_DEV,WORKSPACE_DEV_PREFIX,WORKSPACE_PREFIX,accounts,auth,blacklist,cache,configs,constants,context,csv,db,docIds,docUpdates,encryption,env,errors,events,features,getPublicError,init,installation,locks,logging,middleware,objectStore,permissions,platform,plugins,queue,redis,roles,security,sessions,setEnv,sql,tenancy,timers,userUtils,users,utils,warnings,withEnv});
|
|
39
39
|
//# sourceMappingURL=index.js.map
|