@budibase/backend-core 3.28.1 → 3.28.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/package.json +2 -2
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -34,6 +34,6 @@ attempted value: ${o}
|
|
|
34
34
|
emit(doc.ssoId, doc._id)
|
|
35
35
|
}
|
|
36
36
|
}`,"platform_users_lowercase_2")},"createPlatformUserView"),Bs=s(async(t,e)=>{let r={account_by_email:JT,platform_users_lowercase_2:ZT};return je(fe.PLATFORM_INFO.name,async n=>{let i=r[t];return Mf(t,e,n,i,{arrayResponse:!0})})},"queryPlatformView"),XT={by_email2:jT,by_api_key:HT,by_app:YT},Vt=s(async(t,e,r,n)=>{r||(r=H());let i=XT[t];return Mf(t,e,r,i,n)},"queryGlobalView");async function Ws(t,e,r){let n=H(),i=XT[t];return Fs(t,e,n,i,r)}s(Ws,"queryGlobalViewRaw");var Lx=B(require("pouchdb"));var eS=require("dd-trace");var kf=class{static{s(this,"Replication")}constructor({source:e,target:r}){this.source=nt(e),this.target=nt(r),e.startsWith("app_dev")&&r.startsWith("app")?this.direction="toProduction":e.startsWith("app")&&r.startsWith("app_dev")&&(this.direction="toDev")}async close(){await Promise.all([Cs(this.source),Cs(this.target)])}replicate(e={}){return new Promise(r=>{this.source.replicate.to(this.target,e).on("denied",function(n){throw new Error(`Denied: Document failed to replicate ${n}`)}).on("complete",function(n){return r(n)}).on("error",function(n){throw n})})}async resolveInconsistencies(e){for(let r of e)try{let[n,i]=await Promise.all([this.source.get(r),this.target.get(r)]),o=this.replicationDelta(n,i);if(o<0||o===0&&n._rev===i._rev)continue;let a=o+1;await eS.tracer.trace("Replication.resolveInconsistencies",async u=>{u.addTags({versionsToJump:a,toFix:!0,id:r,sourceRev:n._rev,targetRev:i._rev});for(let c=0;c<a;c++){let l=await this.source.get(i._id);await this.source.put(l)}})}catch{console.warn("Cannot resolve inconsistencies for document",r)}}replicationDelta(e,r){let n=this.getRevisionNumber(e);return this.getRevisionNumber(r)-n}getRevisionNumber(e){return parseInt(e._rev?.split("-")[0]||"0")}appReplicateOpts(e={}){if(typeof e.filter=="string")return e;let r=e.filter,n=this.direction,i=n==="toDev";delete e.filter;let o=e.isCreation,a=e.tablesToSync;delete e.isCreation,delete e.tablesToSync;let u=!1,c;typeof a=="string"&&a==="all"?u=!0:a&&(c=a);let l=s((f,h)=>f?.startsWith(h+C),"startsWithID"),d=s(f=>l(f,"ro")||l(f,"li"),"isData");return{...e,filter:(f,h)=>!o&&f._id==="_design/migrations"||i&&f._id.startsWith("_design")?!1:f._deleted||l(f._id,As)?!0:n==="toProduction"&&!o&&l(f._id,"autocolumn_state")?!1:d(f._id)?!!c?.find(p=>f._id.includes(p))||u:l(f._id,"log_au")||f._id==="app_metadata"?!1:r?r(f,h):!0}}async rollback(){await this.target.destroy(),this.target=nt(this.target.name),await this.replicate()}},tS=kf;var nS=B(require("node-fetch"));var $s=fr.removeKeyNumbering;function sn(t){return t==null||t===""}s(sn,"isEmpty");var qt=class t{static{s(this,"QueryBuilder")}#l;#d;#e;#r;#n;#i;#s;#o;#t;#f;#a;#u=!1;#c;static{this.maxLimit=200}constructor(e,r,n){this.#l=e,this.#d=r,this.#e={allOr:!1,onEmptyFilter:"all",string:{},fuzzy:{},range:{},equal:{},notEqual:{},empty:{},notEmpty:{},oneOf:{},contains:{},notContains:{},containsAny:{},...n},this.#r=50,this.#s="ascending",this.#o="string",this.#t=!0}disableEscaping(){return this.#u=!0,this}setIndexBuilder(e){return this.#a=e,this}setVersion(e){return e!=null&&(this.#f=e),this}setTable(e){return this.#e.equal.tableId=e,this}setLimit(e){return e!=null&&(this.#r=e),this}setSort(e){return e!=null&&(this.#n=e),this}setSortOrder(e){return e!=null&&(this.#s=e),this}setSortType(e){return e!=null&&(this.#o=e),this}setBookmark(e){return e!=null&&(this.#i=e),this}setSkip(e){return this.#c=e,this}excludeDocs(){return this.#t=!1,this}includeDocs(){return this.#t=!0,this}addString(e,r){return this.#e.string[e]=r,this}addFuzzy(e,r){return this.#e.fuzzy[e]=r,this}addRange(e,r,n){return this.#e.range[e]={low:r,high:n},this}addEqual(e,r){return this.#e.equal[e]=r,this}addNotEqual(e,r){return this.#e.notEqual[e]=r,this}addEmpty(e,r){return this.#e.empty[e]=r,this}addNotEmpty(e,r){return this.#e.notEmpty[e]=r,this}addOneOf(e,r){return this.#e.oneOf[e]=r,this}addContains(e,r){return this.#e.contains[e]=r,this}addNotContains(e,r){return this.#e.notContains[e]=r,this}addContainsAny(e,r){return this.#e.containsAny[e]=r,this}setAllOr(){this.#e.allOr=!0}setOnEmptyFilter(e){this.#e.onEmptyFilter=e}handleSpaces(e){return this.#u?e:e.replace(/ /g,"_")}preprocess(e,{escape:r,lowercase:n,wrap:i,type:o}={}){let a=!!this.#f,u=typeof e;return e&&n&&(e=e.toLowerCase?e.toLowerCase():e),!this.#u&&r&&u==="string"&&(e=`${e}`.replace(/[ /#+\-&|!(){}\]^"~*?:\\]/g,"\\$&")),u==="string"&&!isNaN(e)&&!o?e=`"${e}"`:a&&i&&(e=u==="number"?e:`"${e}"`),e}isMultiCondition(){let e=0;for(let r of Object.values(this.#e))typeof r=="object"&&(e+=Object.keys(r).length);return e>1}compressFilters(e){let r={};for(let o of Object.keys(e)){let a=$s(o);r[a]?r[a]=r[a].concat(e[o]):r[a]=e[o]}let n={},i=1;for(let[o,a]of Object.entries(r))n[`${i++}:${o}`]=a;return n}buildSearchQuery(){let e=this,r=this.#e&&this.#e.allOr,n=r?"":"*:*",i=!0,o={escape:!0,lowercase:!0,wrap:!0},a="";this.#e.equal.tableId&&(a=this.#e.equal.tableId,delete this.#e.equal.tableId);let u=s((S,m)=>sn(m)?null:`${S}:${e.preprocess(m,o)}`,"equal"),c=s((S,m,E="AND")=>{if(sn(m))return null;if(!Array.isArray(m))return`${S}:${m}`;let y=`${e.preprocess(m[0],{escape:!0})}`;for(let I=1;I<m.length;I++)y+=` ${E} ${e.preprocess(m[I],{escape:!0})}`;return`${S}:(${y})`},"contains"),l=s((S,m)=>sn(m)?null:(m=e.preprocess(m,{escape:!0,lowercase:!0,type:"fuzzy"}),`${S}:/.*${m}.*/`),"fuzzy"),d=s((S,m)=>{let E=r?"*:* AND ":"",y=r?"AND":void 0;return E+"NOT "+c(S,m,y)},"notContains"),f=s((S,m)=>c(S,m,"OR"),"containsAny"),h=s((S,m)=>{if(sn(m))return"*:*";if(!Array.isArray(m))if(typeof m=="string")m=m.split(",");else return"";let E=`${e.preprocess(m[0],o)}`;for(let y=1;y<m.length;y++)E+=` OR ${e.preprocess(m[y],o)}`;return`${S}:(${E})`},"oneOf");function p(S,m,E){let y="";for(let[I,O]of Object.entries(S)){I=$s(I),I=e.preprocess(e.handleSpaces(I),{escape:!0});let w=m(I,O);if(w!=null){if(y.length>0||n.length>0){let T=E?.mode?E.mode:r?"OR":"AND";y+=` ${T} `}y+=w,(typeof O!="string"&&O!=null||typeof O=="string"&&O!==a&&O!=="")&&(i=!1)}}if(E?.returnBuilt)return y;n+=y}if(s(p,"build"),this.#e.string&&p(this.#e.string,(S,m)=>sn(m)?null:(m=e.preprocess(m,{escape:!0,lowercase:!0,type:"string"}),`${S}:${m}*`)),this.#e.range&&p(this.#e.range,(S,m)=>{if(sn(m)||m.low==null||m.low===""||m.high==null||m.high==="")return null;let E=e.preprocess(m.low,o),y=e.preprocess(m.high,o);return`${S}:[${E} TO ${y}]`}),this.#e.fuzzy&&p(this.#e.fuzzy,l),this.#e.equal&&p(this.#e.equal,u),this.#e.notEqual&&p(this.#e.notEqual,(S,m)=>sn(m)?null:typeof m=="boolean"?`(*:* AND !${S}:${m})`:`!${S}:${e.preprocess(m,o)}`),this.#e.empty&&p(this.#e.empty,S=>(i=!1,`(*:* -${S}:["" TO *])`)),this.#e.notEmpty&&p(this.#e.notEmpty,S=>(i=!1,`${S}:["" TO *]`)),this.#e.oneOf&&p(this.#e.oneOf,h),this.#e.contains&&p(this.#e.contains,c),this.#e.notContains&&p(this.compressFilters(this.#e.notContains),d),this.#e.containsAny&&p(this.#e.containsAny,f),a&&(n=this.isMultiCondition()?`(${n})`:n,r=!1,p({tableId:a},u)),i){if(this.#e.onEmptyFilter==="none")return"";if(this.#e?.allOr)return n.replace("()","(*:*)")}return n}buildSearchBody(){let e={q:this.buildSearchQuery(),limit:Math.min(this.#r,t.maxLimit),include_docs:this.#t};if(this.#i&&(e.bookmark=this.#i),this.#n){let r=this.#s==="descending"?"-":"",n=`<${this.#o}>`;e.sort=`${r}${this.handleSpaces(this.#n)}${n}`}return e}async run(){return this.#c&&await this.#m(this.#c),await this.#p()}async#m(e){let r=this.#t,n=this.#r;this.excludeDocs();let i=e,o=0;do{let a=Math.min(t.maxLimit,i);this.setLimit(a);let{bookmark:u,rows:c}=await this.#p();this.setBookmark(u),o=c.length,i-=c.length}while(i>0&&o>0);this.#t=r,this.#r=n}async#p(){let{url:e,cookie:r}=mt(),n=`${e}/${this.#l}/_design/database/_search/${this.#d}`,i=this.buildSearchBody();try{return await rS(n,i,r)}catch(o){if(o.status===404&&this.#a)return await this.#a(),await rS(n,i,r);throw o}}};async function rS(t,e,r){let n=await(0,nS.default)(t,{body:JSON.stringify(e),method:"POST",headers:{Authorization:r}});if(n.status===404)throw n;let i=await n.json(),o={rows:[],totalRows:0};return i.rows!=null&&i.rows.length>0&&(o.rows=i.rows.map(a=>a.doc)),i.bookmark&&(o.bookmark=i.bookmark),i.total_rows&&(o.totalRows=i.total_rows),o}s(rS,"runQuery");async function iS(t,e,r,n){let i=n.bookmark,o=n.rows||[];if(n.limit&&o.length>=n.limit)return o;let a=qt.maxLimit;n.limit&&o.length>n.limit-qt.maxLimit&&(a=n.limit-o.length);let u=new qt(t,e,r);u.setVersion(n.version).setBookmark(i).setLimit(a).setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.tableId&&u.setTable(n.tableId);let c=await u.run();if(!c.rows.length)return o;if(c.rows.length<qt.maxLimit)return[...o,...c.rows];let l={...n,bookmark:c.bookmark,rows:[...o,...c.rows]};return await iS(t,e,r,l)}s(iS,"recursiveSearch");async function Mx(t,e,r,n){let i=n.limit;(i==null||isNaN(i)||i<0)&&(i=50),i=Math.min(i,qt.maxLimit);let o=new qt(t,e,r);n.version&&o.setVersion(n.version),n.tableId&&o.setTable(n.tableId),n.sort&&o.setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.indexer&&o.setIndexBuilder(n.indexer),n.disableEscaping&&o.disableEscaping();let a=await o.setBookmark(n.bookmark).setLimit(i).run();o.setBookmark(a.bookmark).setLimit(1),n.tableId&&o.setTable(n.tableId);let u=await o.run();return{...a,hasNextPage:u.rows&&u.rows.length>0}}s(Mx,"paginatedSearch");async function kx(t,e,r,n){let i=n.limit;return(i==null||isNaN(i)||i<0)&&(i=1e3),n.limit=Math.min(i,1e3),{rows:await iS(t,e,r,n)}}s(kx,"fullSearch");var Ff={};P(Ff,{createUserIndex:()=>Fx});async function Fx(){let t=H(),e;try{e=await t.get("_design/database")}catch(n){n.status===404&&(e={_id:"_design/database"})}let r=s(function(n){if(n._id&&!n._id.startsWith("us_"))return;let i=["_id","_rev","password","account","license","budibaseAccess","accountPortalAccess","csrfToken"];function o(a,u){for(let c of Object.keys(a)){if(i.includes(c))continue;let l=u!=null?`${u}.${c}`:c;typeof a[c]=="string"?index(l,a[c].toLowerCase(),{facet:!0}):typeof a[c]!="object"?index(l,a[c],{facet:!0}):o(a[c],l)}}s(o,"idx"),o(n)},"fn");e.indexes={user:{index:r.toString(),analyzer:{default:"keyword",name:"perfield"}}},await t.put(e)}s(Fx,"createUserIndex");function sS(t,e){let r=e.toString();if(typeof t=="object")return t.status===e||t.message?.includes(r);if(typeof t=="number")return t===e;if(typeof t=="string")return t.includes(r)}s(sS,"checkErrorCode");function Bx(t){return sS(t,409)}s(Bx,"isDocumentConflictError");var Vs={};P(Vs,{addTenantToUrl:()=>Wx,getTenantDB:()=>Bf,getTenantIDFromCtx:()=>Gs,isUserInWorkspaceTenant:()=>$x});function Bf(t){return Re(tn(t))}s(Bf,"getTenantDB");function Wx(t){let e=$();if(hr()){let r=t.indexOf("?")===-1?"?":"&";t+=`${r}tenantId=${e}`}return t}s(Wx,"addTenantToUrl");var $x=s((t,e)=>{let r;return e?r=e.tenantId||ae:r=$(),(Xn(t)||ae)===r},"isUserInWorkspaceTenant"),Gx=Object.values(Ri),Gs=s((t,e)=>{if(!hr())return ae;e.allowNoTenant===void 0&&(e.allowNoTenant=!1),e.includeStrategies||(e.includeStrategies=Gx),e.excludeStrategies||(e.excludeStrategies=[]);let r=s(n=>{if(e.excludeStrategies?.includes(n))return!1;if(e.includeStrategies?.includes(n))return!0},"isAllowed");if(r("user")){let n=t.user?.tenantId;if(n)return n}if(r("header")){let n=t.request.headers["x-budibase-tenant-id"];if(n)return n}if(r("query")){let n=t.request.query.tenantId;if(n)return n}if(r("subdomain")){let n;try{n=new URL(gf()).host.split(":")[0]}catch(o){if(o.code!=="ERR_INVALID_URL")throw o}let i=t.host;if(n&&i.includes(n)){let o=i.substring(0,i.indexOf(`.${n}`));if(o)return o}}if(r("path")){let n=t.matched.find(a=>!!a.paramNames.find(u=>u.name==="tenantId")),i=t.originalUrl,o;if(i.includes("?")?o=i.split("?")[0]:o=i,n){let a=n.params(o,n.captures(o),{});if(a.tenantId)return a.tenantId}}e.allowNoTenant||t.throw(403,"Tenant id not set")},"getTenantIDFromCtx");var Wf="app"+C,oS="/app/";async function Vx(t){let r=`/${t.path.split("/")[2].toLowerCase()}`,n=$();!g.isDev()&&g.MULTI_TENANCY&&(n=Gs(t,{includeStrategies:["subdomain"]}));let o=(await Ce(n,()=>ks({dev:!1}))).filter(a=>a.url&&a.url.toLowerCase()===r)[0];return o&&o.appId?o.appId:void 0}s(Vx,"resolveAppUrl");function qx(t){return t.path.startsWith(`/${Wf}`)?!0:t.path.startsWith(oS)}s(qx,"isServingApp");function Kx(t){return t.path.startsWith("/builder/workspace/")}s(Kx,"isServingBuilder");function Qx(t){return aS(t.path)}s(Qx,"isServingBuilderPreview");function aS(t){return new RegExp(/^\/app\/app_\w+\/preview$/).test(t)}s(aS,"isBuilderPreviewUrl");function jx(t){return t.path.startsWith("/api/public/v")}s(jx,"isPublicApiRequest");async function on(t){let e;function r(u){u&&u.startsWith(Wf)&&(e&&e!==u&&t.throw("App id conflict",403),e=u)}s(r,"setWorkspaceIdIfValid");function n(u){if(u){typeof u=="string"&&(u=[u]);for(let c of u)r(c)}}s(n,"checkPossibleValues"),n(t.request.headers["x-budibase-app-id"]),r(t.request.body?.appId);let i=Yx(t.path);r(i),n(t.query?.appId);let o=aS(t.path);return t.path.startsWith(oS)&&!o&&r(await Vx(t)),e}s(on,"getWorkspaceIdFromCtx");function Yx(t){if(t)return t.split("?")[0].split("/").find(e=>e.startsWith(Wf))}s(Yx,"parseWorkspaceIdFromUrlPath");function yu(t){if(t)try{return Eu.default.verify(t,g.JWT_SECRET)}catch(e){if(g.JWT_SECRET_FALLBACK)return Eu.default.verify(t,g.JWT_SECRET_FALLBACK);throw e}}s(yu,"openJwt");function qs(t){return g.INTERNAL_API_KEY&&g.INTERNAL_API_KEY===t?!0:!!(g.INTERNAL_API_KEY_FALLBACK&&g.INTERNAL_API_KEY_FALLBACK===t)}s(qs,"isValidInternalAPIKey");function Kt(t,e){let r=t.cookies.get(e);if(r)return yu(r)}s(Kt,"getCookie");function uS(t,e,r="builder",n={sign:!0}){e&&n&&n.sign&&(e=Eu.default.sign(e,g.JWT_SECRET));let i={expires:$a,path:"/",httpOnly:!1,overwrite:!0};g.COOKIE_DOMAIN&&(i.domain=g.COOKIE_DOMAIN),t.cookies.set(r,e,i)}s(uS,"setCookie");function Tr(t,e){uS(t,null,e)}s(Tr,"clearCookie");function Hx(t){return t.headers["x-budibase-type"]==="client"}s(Hx,"isClient");function $f(t){return new Promise(e=>setTimeout(e,t))}s($f,"timeout");function Gf(t){return!!jm[t]}s(Gf,"isAudited");function zx(t){if(typeof t!="object")return!1;try{JSON.stringify(t)}catch(e){if(e instanceof Error&&e?.message.includes("circular structure"))return!0}return!1}s(zx,"hasCircularStructure");function Jx(t){return!!t.match(/^.+:\/\/.+$/)}s(Jx,"urlHasProtocol");function Vf(t){return t&&!!t.match(/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/)}s(Vf,"validEmail");var qf=(o=>(o.MILLISECONDS="milliseconds",o.SECONDS="seconds",o.MINUTES="minutes",o.HOURS="hours",o.DAYS="days",o))(qf||{}),Tu={milliseconds:1,seconds:1e3,minutes:6e4,hours:36e5,days:864e5},pe=class t{constructor(e){this.ms=e}static{s(this,"Duration")}to(e){return this.ms/Tu[e]}toMs(){return this.ms}toSeconds(){return this.to("seconds")}static convert(e,r,n){return n*Tu[e]/Tu[r]}static from(e,r){return new t(r*Tu[e])}static fromSeconds(e){return t.from("seconds",e)}static fromMinutes(e){return t.from("minutes",e)}static fromHours(e){return t.from("hours",e)}static fromDays(e){return t.from("days",e)}static fromMilliseconds(e){return t.from("milliseconds",e)}};async function Zx(t){let e=performance.now();return[await t(),pe.fromMilliseconds(performance.now()-e)]}s(Zx,"time");var Su=require("undici");function Xx(t,e){let r,n=null;try{let o=new URL(t);r=o.hostname,n=o.port||null}catch{return!1}let i=e.split(/[\s,]+/).filter(o=>o.length>0);for(let o of i){let u=o.replace(/^\./,"*").match(/^(.+?)(?::(\d+))?$/);if(!u||!u[1])continue;let c=u[1].toLowerCase(),l=u[2]||null,d=!1;if(c==="*")d=!0;else if(c.startsWith("*")){let h=c.slice(1);d=r===h.slice(1)||r.endsWith(h)}else d=r===c;if(d&&(!l||n===l))return!0}return!1}s(Xx,"isUrlMatchingNoProxy");function ev(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e;if(!n||!n.trim())return!0;try{new URL(n.trim())}catch{return console.log("[fetch] Invalid proxy URL format:",n),!0}if(t){let i=process.env.GLOBAL_AGENT_NO_PROXY||process.env.NO_PROXY||"";if(i&&Xx(t,i))return console.log("[fetch] URL matches NO_PROXY pattern, bypassing proxy",{url:t,noProxy:i}),!0}return!1}s(ev,"shouldBypassProxy");function tv(t){return new Su.Agent({connect:{rejectUnauthorized:t}})}s(tv,"createDirectAgent");function rv(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=(process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e).trim();console.log("[fetch] Creating ProxyAgent",{proxyUrl:n,rejectUnauthorized:t});let i={uri:n,requestTls:{rejectUnauthorized:t}};return n.startsWith("https://")&&(i.proxyTls={rejectUnauthorized:t}),new Su.ProxyAgent(i)}s(rv,"createProxyAgent");function nv(t){let e=t?.rejectUnauthorized??!0;return ev(t?.url)?tv(e):rv(e)}s(nv,"createDispatcher");function iv(t){return nv(t)}s(iv,"getDispatcher");var Kf=require("util"),Qf=B(require("zlib"));var sv=(0,Kf.promisify)(Qf.default.gzip),ov=(0,Kf.promisify)(Qf.default.gunzip),Au="gzip:",av=s(async t=>{let e=await sv(t);return`${Au}${e.toString("base64")}`},"gzipToBase64"),uv=s(async t=>{let e=t.startsWith(Au)?t.slice(Au.length):t,r=Buffer.from(e,"base64");return(await ov(new Uint8Array(r))).toString("utf8")},"gunzipFromBase64");function cv(t){let e=t.get("authorization");if(!e)return null;let r=e.match(/^Bearer\s+(.+)$/i);return r?r[1]:null}s(cv,"getBearerToken");function lv(t){let e="",r=-1,n,i,o=t.opts?.repeat;return o&&(i=o.endDate?new Date(o.endDate).getTime():Date.now(),n=o.tz,"cron"in o?e=o.cron:r=o.every),{id:t.id.toString(),name:"",key:t.id.toString(),tz:n,endDate:i,cron:e,every:r,next:0}}s(lv,"jobToJobInformation");var _u=class{static{s(this,"InMemoryQueue")}constructor(e,r){this._name=e,this._opts=r,this._messages=[],this._emitter=new cS.default.EventEmitter,this._runCount=0,this._addCount=0,this._queuedJobIds=new Set,this._attempts=r?.defaultJobOptions?.attempts||1}async process(e,r){r=typeof e=="number"?r:e,this._emitter.on("message",async n=>{if(!n.manualTrigger&&n.opts?.repeat!=null)return;function i(){return r.length===1?r(n):new Promise((c,l)=>{r(n,s((f,h)=>{f?l(f):c(h)},"done"))})}s(i,"execute");let o=this._attempts;async function a(c,l=0){try{return await c}catch(d){if(l++,l<o&&!n._isDiscarded)return await Le.wait(100*l),await a(i(),l);throw d}}s(a,"retryFunc");try{let c=await a(i());this._emitter.emit("completed",n,c);let l=this._messages.indexOf(n);if(l===-1)throw"Failed deleting a processed message";this._messages.splice(l,1)}catch(c){console.error(c),this._emitter.emit("error",n,c)}this._runCount++;let u=n.opts?.jobId?.toString();u&&n.opts?.removeOnComplete&&this._queuedJobIds.delete(u)})}async isReady(){return this}async add(e,r){if(typeof e=="string")throw new Error("doesn't support named jobs");let n=r,i=n?.jobId?.toString();if(i&&this._queuedJobIds.has(i)){console.log(`Ignoring already queued job ${i}`);return}if(typeof e!="object")throw"Queue only supports carrying JSON.";i&&this._queuedJobIds.add(i);let o=ee(),a=s(()=>{let c={id:o,timestamp:Date.now(),queue:this,data:e,opts:n,discard:async()=>{c._isDiscarded=!0}};this._messages.push(c),this._messages.length>1e3&&this._messages.shift(),this._addCount++,this._emitter.emit("message",c)},"pushMessage"),u=n?.delay;return u?setTimeout(a,u):a(),{id:i,finished:()=>new Promise((c,l)=>{let d=s((h,p)=>{h.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),l(p))},"errorHandler"),f=s((h,p)=>{h.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),c(p))},"completedHandler");this._emitter.on("error",d),this._emitter.on("completed",f)})}}async close(){}async removeRepeatableByKey(e){for(let[r,n]of this._messages.entries())if(n.id===e){this._messages.splice(r,1),this._emitter.emit("removed",n);return}}async removeJobs(e){}async clean(){return[]}async getJob(e){for(let r of this._messages)if(r.id===e)return r;return null}manualTrigger(e){for(let r of this._messages)if(r.id===e){this._emitter.emit("message",{...r,manualTrigger:!0});return}throw new Error(`Job with id ${e} not found`)}on(e,r){return this._emitter.on(e,r),this}off(e,r){return this._emitter.off(e,r),this}async count(){return this._messages.length}async getCompletedCount(){return this._runCount}async getRepeatableJobs(){return this._messages.filter(e=>e.opts?.repeat!=null).map(e=>lv(e))}async whenCurrentJobsFinished(){do await $f(50);while(this.hasRunningJobs())}hasRunningJobs(){return this._addCount>this._runCount}},lS=_u;var Hf=B(require("bull"));var ai=(l=>(l.AUTOMATION="automationQueue",l.APP_BACKUP="appBackupQueue",l.AUDIT_LOG="auditLogQueue",l.SYSTEM_EVENT_QUEUE="systemEventQueue",l.APP_MIGRATION="appMigration",l.DOC_WRITETHROUGH_QUEUE="docWritethroughQueue",l.DEV_REVERT_PROCESSOR="devRevertProcessorQueue",l.BATCH_USER_SYNC_PROCESSOR="batchUserSyncProcessorQueue",l.RAG_INGESTION="ragIngestionQueue",l))(ai||{});function dS(t,e,r){pv(t,e),r&&dv(t,r)}s(dS,"addListeners");function dv(t,e){t.on("stalled",async r=>{if(e)await e(r);else if(r.opts.repeat){let n=r.id,i=await t.getRepeatableJobs();for(let o of i)o.id===n&&await t.removeRepeatableByKey(o.key);console.log(`jobId=${n} disabled`)}})}s(dv,"handleStalled");function it(t,e,r={},n={}){let i=`[BULL] ${t}=${e}`,o=r.error,a={_logKey:"bull",eventType:t,event:e,job:r.job,jobId:r.jobId||r.job?.id,...n},u;return r.job?.data?.automation&&(u={_logKey:"automation",trigger:r.job?r.job.data.automation.definition.trigger.event:void 0}),[i,o,a,u]}s(it,"getLogParams");var fv={automationQueue:"automation-event",appBackupQueue:"app-backup-event",auditLogQueue:"audit-log-event",systemEventQueue:"system-event",appMigration:"app-migration",docWritethroughQueue:"doc-writethrough",devRevertProcessorQueue:"dev-revert-event",batchUserSyncProcessorQueue:"batch-user-sync-processor",ragIngestionQueue:"rag-ingestion-processor"};function pv(t,e){let r=fv[e];function n(i,o){let a=i.data.event?.appId;if(a)return Ef(a,o);o()}s(n,"doInJobContext"),t.on("stalled",async i=>{await n(i,()=>{console.error(...it(r,"stalled",{job:i}))})}).on("error",i=>{console.error(...it(r,"error",{error:i}))}),process.env.NODE_DEBUG?.includes("bull")&&t.on("waiting",i=>{console.info(...it(r,"waiting",{jobId:i}))}).on("active",async i=>{await n(i,()=>{console.info(...it(r,"active",{job:i}))})}).on("progress",async(i,o)=>{await n(i,()=>{console.info(...it(r,"progress",{job:i},{progress:o}))})}).on("completed",async(i,o)=>{await n(i,()=>{console.info(...it(r,"completed",{job:i},{result:o}))})}).on("failed",async(i,o)=>{await n(i,()=>{console.error(...it(r,"failed",{job:i,error:o}))})}).on("paused",()=>{console.info(...it(r,"paused"))}).on("resumed",()=>{console.info(...it(r,"resumed"))}).on("cleaned",(i,o)=>{console.info(...it(r,"cleaned",{},{length:i.length,type:o}))}).on("drained",()=>{console.info(...it(r,"drained"))}).on("removed",i=>{console.info(...it(r,"removed",{job:i}))})}s(pv,"logging");var Ou={};P(Ou,{cleanup:()=>mv,clear:()=>Yf,set:()=>jf});var Ks=[];function jf(t,e){let r=setInterval(t,e);return Ks.push(r),r}s(jf,"set");function Yf(t){let e=Ks.indexOf(t);e!==-1&&Ks.splice(e,1),clearInterval(t)}s(Yf,"clear");function mv(){for(let t of Ks)clearInterval(t);Ks=[]}s(mv,"cleanup");var Qt=B(require("dd-trace")),Qs=B(require("object-sizeof"));var hv=pe.fromMinutes(5).toMs(),gv=pe.fromSeconds(30).toMs(),zf=pe.fromSeconds(60).toMs(),js=[],Iu;async function fS(){for(let t of js)await t.clean(zf,"completed"),await t.clean(zf,"failed")}s(fS,"cleanup");async function Ev(t,e,r){let n=performance.now();try{let i=await e();return Qt.default.dogstatsd.increment(`${t}.success`,1,r),i}catch(i){throw Qt.default.dogstatsd.increment(`${t}.error`,1,r),i}finally{let i=performance.now()-n;Qt.default.dogstatsd.distribution(`${t}.duration.ms`,i,r),Qt.default.dogstatsd.increment(t,1,r)}}s(Ev,"withMetrics");function pS(t){return{"job.opts.attempts":t.attempts,"job.opts.backoff":t.backoff,"job.opts.delay":t.delay,"job.opts.jobId":t.jobId,"job.opts.lifo":t.lifo,"job.opts.preventParsingData":t.preventParsingData,"job.opts.priority":t.priority,"job.opts.removeOnComplete":t.removeOnComplete,"job.opts.removeOnFail":t.removeOnFail,"job.opts.repeat":t.repeat,"job.opts.stackTraceLimit":t.stackTraceLimit,"job.opts.timeout":t.timeout}}s(pS,"jobOptsTags");function yv(t){return{"job.id":t.id,"job.attemptsMade":t.attemptsMade,"job.timestamp":t.timestamp,"job.data.sizeBytes":(0,Qs.default)(t.data),...pS(t.opts||{})}}s(yv,"jobTags");var Et=class{static{s(this,"BudibaseQueue")}constructor(e,r={}){this.opts=r,this.jobQueue=e,this.queue=this.initQueue()}get name(){return this.queue.name}initQueue(){let r={redis:Xr(),settings:{maxStalledCount:this.opts.maxStalledCount?this.opts.maxStalledCount:0,lockDuration:hv,lockRenewTime:gv}};this.opts.jobOptions&&(r.defaultJobOptions=this.opts.jobOptions);let n;return g.isTest()?process.env.BULL_TEST_REDIS_PORT&&!isNaN(+process.env.BULL_TEST_REDIS_PORT)?n=new Hf.default(this.jobQueue,{...r,redis:{host:"localhost",port:+process.env.BULL_TEST_REDIS_PORT}}):n=new lS(this.jobQueue,r):n=new Hf.default(this.jobQueue,r),dS(n,this.jobQueue,this.opts.removeStalledCb),js.push(n),!Iu&&!g.isTest()&&(Iu=jf(fS,zf),fS().catch(i=>{console.error(`Unable to cleanup ${this.jobQueue} initially - ${i}`)})),n}getBullQueue(){return this.queue}process(...e){let r,n;e.length===2?(r=e[0],n=e[1]):n=e[0];let i=s(async(a,u)=>{await Qt.default.trace("queue.process",async c=>{if(a.data._parentSpanContext){let l=a.data._parentSpanContext,d={traceId:l.traceId,spanId:l.spanId,toTraceId:()=>l.traceId,toSpanId:()=>l.spanId,toTraceparent:()=>""};c.addLink(d)}c.addTags({"queue.name":this.jobQueue,...yv(a)}),this.opts.jobTags&&c.addTags(this.opts.jobTags(a.data)),Qt.default.dogstatsd.distribution("queue.process.sizeBytes",(0,Qs.default)(a.data),this.metricTags()),await this.withMetrics("queue.process",()=>u?n(a,u):n(a))})},"processCallback"),o;return n.length===1?o=s(a=>i(a),"wrappedCb"):o=i,r?this.queue.process(r,o):this.queue.process(o)}async add(e,r){return await Qt.default.trace("queue.add",async n=>(n.addTags({"queue.name":this.jobQueue,"job.data.sizeBytes":(0,Qs.default)(e),...pS(r||{})}),this.opts.jobTags&&n.addTags(this.opts.jobTags(e)),e._parentSpanContext={traceId:n.context().toTraceId(),spanId:n.context().toSpanId()},Qt.default.dogstatsd.distribution("queue.add.sizeBytes",(0,Qs.default)(e),this.metricTags()),await this.withMetrics("queue.add",()=>this.queue.add(e,r))))}withMetrics(e,r){return Ev(e,r,this.metricTags())}metricTags(){return{queueName:this.jobQueue}}close(e){return this.queue.close(e)}whenCurrentJobsFinished(){return this.queue.whenCurrentJobsFinished()}};async function Tv(){Iu&&Yf(Iu),console.log("Waiting for current queue jobs to finish...");for(let t of js)await t.whenCurrentJobsFinished();console.log("Closing queue Redis connections...");for(let t of js)await t.close();js=[],console.log("Queues shutdown")}s(Tv,"shutdown");var eo={};P(eo,{correlation:()=>Ys,logAlert:()=>cn,logAlertWithInfo:()=>nP,logWarn:()=>li,logger:()=>Pu,system:()=>dp});var Ys={};P(Ys,{getId:()=>Jf,setHeader:()=>Sv});var mS=require("correlation-id"),Sv=s(t=>{let e=mS.getId();e&&(t["x-budibase-correlation-id"]=e)},"setHeader");function Jf(){return mS.getId()}s(Jf,"getId");var vu=B(require("pino")),qS=B(require("pino-pretty")),fp=B(require("dd-trace")),KS=require("dd-trace/ext");var dp={};P(dp,{getLogReadStream:()=>Jv,getSingleFileMaxSizeInfo:()=>VS,localFileDestination:()=>lp});var Xs=B(require("fs")),cp=B(require("path")),BS=B(require("rotating-file-stream"));var up={};P(up,{ObjectStore:()=>st,ObjectStoreBuckets:()=>_v,SIGNED_FILE_PREFIX:()=>ip,bucketTTLConfig:()=>wu,budibaseTempDir:()=>an,client3rdPartyLibrary:()=>qv,clientLibraryPath:()=>Vv,clientLibraryUrl:()=>Kv,createBucketIfNotExists:()=>Zs,deleteFile:()=>Uv,deleteFiles:()=>Lv,deleteFolder:()=>RS,downloadTarball:()=>kv,downloadTarballDirect:()=>Mv,enrichPWAImages:()=>Qv,enrichPluginURLs:()=>Yv,extractBucketAndPath:()=>Zf,getAllFiles:()=>vv,getAppFileUrl:()=>vS,getClientCacheKey:()=>xS,getGlobalFileS3Key:()=>PS,getGlobalFileUrl:()=>jv,getObjectMetadata:()=>Fv,getPluginIconKey:()=>LS,getPluginJSKey:()=>US,getPluginS3Dir:()=>kS,getPresignedUrl:()=>un,getReadStream:()=>Du,listAllObjects:()=>sp,objectExists:()=>Bv,processAutomationAttachment:()=>Iv,processObjectStoreAttachment:()=>TS,retrieve:()=>DS,retrieveDirectory:()=>Nv,retrieveToTmp:()=>Pv,sanitizeBucket:()=>xe,sanitizeKey:()=>ge,streamUpload:()=>wS,streamUploadMany:()=>xv,upload:()=>bv,uploadDirectory:()=>op});var Cu=require("@aws-sdk/client-s3"),Xf=require("@aws-sdk/lib-storage"),SS=require("@aws-sdk/s3-request-presigner"),AS=require("@smithy/node-http-handler");var jt=B(require("dd-trace")),ui=B(require("fs")),zs=B(require("fs/promises")),_S=B(require("https")),ep=B(require("node-fetch")),Ar=require("path"),bu=B(require("stream")),Js=require("stream/promises"),tp=B(require("tar-fs")),rp=require("uuid"),np=B(require("zlib"));var hS=B(require("fs")),gS=require("os"),Hs=B(require("path")),ES=B(require("stream"));var _v={BACKUPS:g.BACKUPS_BUCKET_NAME,APPS:g.APPS_BUCKET_NAME,TEMPLATES:g.TEMPLATES_BUCKET_NAME,GLOBAL:g.GLOBAL_BUCKET_NAME,PLUGINS:g.PLUGIN_BUCKET_NAME,TEMP:g.TEMP_BUCKET_NAME},yS=(0,Hs.join)((0,gS.tmpdir)(),".budibase");try{hS.default.mkdirSync(yS)}catch(t){if(t.code!=="EEXIST")throw t}function an(){return yS}s(an,"budibaseTempDir");var wu=s((t,e)=>{let n={Rules:[{ID:`${t}-ExpireAfter${e}days`,Prefix:"",Status:"Enabled",Expiration:{Days:e}}]};return{Bucket:t,LifecycleConfiguration:n}},"bucketTTLConfig");async function Ov(t){let e=await fetch(t.url);if(!e.ok||!e.body)throw new Error(`Unexpected response ${e.statusText}`);let r=Hs.default.basename(new URL(t.url).pathname);if(!e.body)throw new Error("No response received for attachment");return{filename:t.filename||r,content:ES.default.Readable.fromWeb(e.body)}}s(Ov,"processUrlAttachment");async function TS(t){let e=Zf(t.url);if(e===null)throw new Error("Invalid signed URL");let{bucket:r,path:n}=e,{stream:i}=await Du(r,n),o=Hs.default.basename(n);return{bucket:r,path:n,filename:t.filename||o,content:i}}s(TS,"processObjectStoreAttachment");async function Iv(t){return t.url?.startsWith("http://")||t.url?.startsWith("https://")?await Ov(t):await TS(t)}s(Iv,"processAutomationAttachment");var wv=require("sanitize-s3-objectkey"),Dv={bucketCreationPromises:{}},ip="/files/signed",Sr={txt:"text/plain",html:"text/html",css:"text/css",js:"application/javascript",json:"application/json",gz:"application/gzip",svg:"image/svg+xml",form:"multipart/form-data"},Rv=[Sr.html,Sr.css,Sr.js,Sr.json];function ge(t){return wv(xe(t)).replace(/\\/g,"/")}s(ge,"sanitizeKey");function xe(t){return t.replace(new RegExp(rt,"g"),tt)}s(xe,"sanitizeBucket");function st(t={presigning:!1}){let e={forcePathStyle:!0,credentials:{accessKeyId:g.MINIO_ACCESS_KEY,secretAccessKey:g.MINIO_SECRET_KEY},region:g.AWS_REGION};if(!g.MINIO_ENABLED&&g.AWS_SESSION_TOKEN&&(e.credentials={accessKeyId:g.MINIO_ACCESS_KEY,secretAccessKey:g.MINIO_SECRET_KEY,sessionToken:g.AWS_SESSION_TOKEN}),g.MINIO_URL&&(t.presigning&&g.MINIO_ENABLED?e.endpoint="http://minio-service":e.endpoint=g.MINIO_URL),g.S3_IGNORE_SELF_SIGNED==="true"){let r=new _S.default.Agent({rejectUnauthorized:!1});e.requestHandler=new AS.NodeHttpHandler({httpsAgent:r})}return new Cu.S3(e)}s(st,"ObjectStore");async function Zs(t,e){e=xe(e);try{return await t.headBucket({Bucket:e}),{created:!1,exists:!0}}catch(r){let n=r.statusCode||r.$response?.statusCode,i=Dv.bucketCreationPromises,o=n===404,a=n===403;if(i[e])return await i[e],{created:!1,exists:!0};if(o||a){if(o)return i[e]=t.createBucket({Bucket:e}).catch(u=>{if(u.Code!=="BucketAlreadyOwnedByYou")throw u}),await i[e],delete i[e],{created:!0,exists:!1};throw new Error("Access denied to object store bucket."+r)}else throw new Error("Unable to write to object store bucket.")}}s(Zs,"createBucketIfNotExists");var Cv=s((t,e)=>{if(e)return e;let r=t.split(".").pop();return r?Sr[r.toLowerCase()]:Sr.txt},"resolveContentType"),OS=s(async(t,e,r)=>{let n=xe(t),i=st(),o=await Zs(i,n);if(r.addTags({bucketCreated:o.created,bucketExists:o.exists}),e&&o.created){let a=wu(n,e);await i.putBucketLifecycleConfiguration(a)}return{bucket:n,client:i,bucketCreated:o}},"initialiseBucket"),IS=s(async({client:t,bucket:e,filename:r,stream:n,type:i,extra:o})=>{if(!n)throw new Error("Stream to upload is invalid/undefined");let a=Cv(r,i),u=ge(r),c={Bucket:e,Key:u,Body:n,ContentType:a,...o??{}};return{details:await new Xf.Upload({client:t,params:c}).done(),contentType:a}},"streamUploadInternal");async function bv({bucket:t,filename:e,path:r,type:n,metadata:i,body:o,ttl:a}){let u=e.split(".").pop(),c=r?(await zs.default.open(r)).createReadStream():o,l=st(),d=await Zs(l,t);if(a&&d.created){let m=wu(t,a);await l.putBucketLifecycleConfiguration(m)}let f=n,h=f||(u?Sr[u.toLowerCase()]:Sr.txt),p={Bucket:xe(t),Key:ge(e),Body:c,ContentType:h};if(i&&typeof i=="object"){for(let m of Object.keys(i))(!i[m]||typeof i[m]!="string")&&delete i[m];p.Metadata=i}return new Xf.Upload({client:l,params:p}).done()}s(bv,"upload");async function wS({bucket:t,stream:e,filename:r,type:n,extra:i,ttl:o}){return await jt.default.trace("streamUpload",async a=>{a.addTags({bucketName:t,filename:r,type:n,ttl:o});let u=r.split(".").pop();a.addTags({extension:u});let{bucket:c,client:l}=await OS(t,o,a),{details:d,contentType:f}=await IS({client:l,bucket:c,filename:r,stream:e,type:n,extra:i}),h=await l.headObject({Bucket:c,Key:ge(r)});return a.addTags({contentType:f,contentLength:h.ContentLength}),{...d,ContentLength:h.ContentLength}})}s(wS,"streamUpload");async function xv({bucket:t,files:e,ttl:r}){return await jt.default.trace("streamUploadMany",async i=>{if(i.addTags({bucketName:t,ttl:r,fileCount:e.length}),!e.length)return[];let{bucket:o,client:a}=await OS(t,r,i),u=e.map((l,d)=>({...l,index:d})),c=new Array(e.length);return await _t.parallelForeach(u,async l=>{let{details:d}=await IS({client:a,bucket:o,filename:l.filename,stream:l.stream,type:l.type,extra:l.extra});c[l.index]=d},10),c})}s(xv,"streamUploadMany");async function DS(t,e){return await jt.default.trace("retrieve",async r=>{r.addTags({bucketName:t,filepath:e});let n=st(),i={Bucket:xe(t),Key:ge(e)},o=await n.getObject(i);if(!o.Body)throw new Error("Unable to retrieve object");if(r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),Rv.includes(o.ContentType))return r.addTags({string:!0}),o.Body.transformToString();{r.addTags({string:!1});let a=o.Body.transformToWebStream();return bu.default.Readable.fromWeb(a)}})}s(DS,"retrieve");async function*sp(t,e){let r=st(),n=s((a={})=>r.listObjectsV2({...a,Bucket:xe(t),Prefix:ge(e)}),"list"),i=!1,o;do{let a={};o&&(a.ContinuationToken=o);let u=await n(a);if(u.Contents)for(let c of u.Contents)yield c;i=!!u.IsTruncated,o=u.NextContinuationToken}while(i&&o)}s(sp,"listAllObjects");async function vv(t,e){let r={};return await _t.parallelForeach(sp(t,e),async n=>{if(!n.Key)throw new Error("file.Key must be defined");r[n.Key]=n},5),r}s(vv,"getAllFiles");async function un(t,e,r=3600){let n=st({presigning:!0}),i={Bucket:xe(t),Key:ge(e)},o=await(0,SS.getSignedUrl)(n,new Cu.GetObjectCommand(i),{expiresIn:r});if(g.MINIO_ENABLED){let a=new URL(o),u=a.pathname,c=a.search;return`${ip}${u}${c}`}else return o}s(un,"getPresignedUrl");async function Pv(t,e){return await jt.default.trace("retrieveToTmp",async r=>{r.addTags({bucketName:t,filepath:e}),t=xe(t),e=ge(e);let n=await DS(t,e),i=(0,Ar.join)(an(),(0,rp.v4)());return r.addTags({outputPath:i}),n instanceof bu.default.Readable?(r.addTags({stream:!0}),await(0,Js.pipeline)(n,ui.default.createWriteStream(i))):(r.addTags({stream:!1}),ui.default.writeFileSync(i,n)),i})}s(Pv,"retrieveToTmp");async function Nv(t,e,r){return await jt.default.trace("retrieveDirectory",async n=>{n.addTags({bucketName:t,path:e});let i=(0,Ar.join)(an(),(0,rp.v4)());await zs.default.mkdir(i,{recursive:!0});let o=0;return await _t.parallelForeach(sp(t,e),async a=>{let{Key:u}=a;!u||r?.some(c=>c.test(u))||(o++,await jt.default.trace("retrieveDirectory.object",async c=>{let l=a.Key;c.addTags({filename:l});let{stream:d}=await Du(t,l),f=l.split("/"),h=f.slice(0,f.length-1),p=(0,Ar.join)(i,...h);f.length>1&&!ui.default.existsSync(p)&&await zs.default.mkdir(p,{recursive:!0}),await(0,Js.pipeline)(d,ui.default.createWriteStream((0,Ar.join)(i,...f),{mode:420}))}))},5),n.addTags({numObjects:o}),i})}s(Nv,"retrieveDirectory");async function Uv(t,e){let r=st();await Zs(r,t);let n={Bucket:t,Key:ge(e)};return r.deleteObject(n)}s(Uv,"deleteFile");async function Lv(t,e){let r=st();await Zs(r,t);let n={Bucket:t,Delete:{Objects:e.map(i=>({Key:ge(i)}))}};return r.deleteObjects(n)}s(Lv,"deleteFiles");async function RS(t,e){t=xe(t),e=ge(e);let r=st(),n={Bucket:t,Prefix:e},i=await r.listObjects(n);if(i.Contents?.length===0)return;let o={Bucket:t,Delete:{Objects:[]}};if(i.Contents?.forEach(a=>{o.Delete.Objects.push({Key:a.Key})}),o.Delete.Objects.length&&(await r.deleteObjects(o)).Deleted?.length===1e3)return RS(t,e)}s(RS,"deleteFolder");async function op(t,e,r){return await jt.default.trace("uploadDirectory",async n=>{n.addTags({bucketName:t,localPath:e,bucketPath:r}),t=xe(t);let i=await zs.default.readdir(e,{withFileTypes:!0});n.addTags({numFiles:i.length});for(let o of i){let a=ge((0,Ar.join)(r,o.name)),u=(0,Ar.join)(e,o.name);o.isDirectory()?await op(t,u,a):await wS({bucket:t,filename:a,stream:ui.default.createReadStream(u)})}return i})}s(op,"uploadDirectory");async function Mv(t,e,r={}){e=ge(e);let n=await(0,ep.default)(t,{headers:r});if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);await(0,Js.pipeline)(n.body,np.default.createUnzip(),tp.default.extract(e))}s(Mv,"downloadTarballDirect");async function kv(t,e,r){e=xe(e),r=ge(r);let n=await(0,ep.default)(t);if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);let i=(0,Ar.join)(an(),r);return await(0,Js.pipeline)(n.body,np.default.createUnzip(),tp.default.extract(i)),!g.isTest()&&g.SELF_HOSTED&&await op(e,i,r),i}s(kv,"downloadTarball");async function Du(t,e){return await jt.default.trace("getReadStream",async r=>{t=xe(t),e=ge(e),r.addTags({bucketName:t,path:e});let n=st(),i={Bucket:t,Key:e},o=await n.getObject(i);if(!o.Body||!(o.Body instanceof bu.default.Readable))throw new Error("Unable to retrieve stream - invalid response");return r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),{stream:o.Body,contentLength:o.ContentLength,contentType:o.ContentType}})}s(Du,"getReadStream");async function Fv(t,e){t=xe(t),e=ge(e);let r=st(),n={Bucket:t,Key:e};try{return await r.headObject(n)}catch{throw new Error("Unable to retrieve metadata from object")}}s(Fv,"getObjectMetadata");async function Bv(t,e){t=xe(t),e=ge(e);let r=st(),n={Bucket:t,Key:e};try{return await r.headObject(n),!0}catch(i){if((i.statusCode||i.$response?.statusCode)===404)return!1;throw i}}s(Bv,"objectExists");function Zf(t){let e=t.split("?")[0],r=new RegExp(`^${ip}/(?<bucket>[^/]+)/(?<path>.+)$`),n=e.match(r);if(n&&n.groups){let{bucket:i,path:o}=n.groups;return{bucket:i,path:o}}return null}s(Zf,"extractBucketAndPath");var bS=B(require("querystring"));var CS=B(require("aws-cloudfront-sign"));var xu;function Wv(){if(!g.CLOUDFRONT_PRIVATE_KEY_64)throw new Error("CLOUDFRONT_PRIVATE_KEY_64 is not set");return xu||(xu=Buffer.from(g.CLOUDFRONT_PRIVATE_KEY_64,"base64").toString("utf-8"),xu)}s(Wv,"getPrivateKey");var $v=s(()=>({keypairId:g.CLOUDFRONT_PUBLIC_KEY_ID,privateKeyString:Wv(),expireTime:new Date().getTime()+1e3*60*60*24}),"getCloudfrontSignParams"),ci=s(t=>{let e=Gv(t);return CS.getSignedUrl(e,$v())},"getPresignedUrl"),Gv=s(t=>{let e="/";return t.startsWith("/")&&(e=""),`${g.CLOUDFRONT_CDN}${e}${t}`},"getUrl");function Vv(t){return`${ge(t)}/budibase-client.js`}s(Vv,"clientLibraryPath");function qv(t,e){return`${ge(t)}/${e}`}s(qv,"client3rdPartyLibrary");async function Kv(t,e){return`/api/assets/${t}/client?${await xS(e)}`}s(Kv,"clientLibraryUrl");async function xS(t){let e,r;try{e=$()}finally{r={version:t}}return e&&e!==ae&&(r.tenantId=e),bS.default.encode(r)}s(xS,"getClientCacheKey");async function vS(t){return g.CLOUDFRONT_CDN?ci(t):await un(g.APPS_BUCKET_NAME,t)}s(vS,"getAppFileUrl");async function Qv(t){if(t.length===0)return[];try{return await Promise.all(t.map(async e=>({...e,src:await vS(e.src),type:e.type||"image/png"})))}catch(e){return console.error("Error enriching PWA images:",e),t}}s(Qv,"enrichPWAImages");var jv=s(async(t,e,r)=>{let n=PS(t,e);return g.CLOUDFRONT_CDN?(r&&(n=`${n}?etag=${r}`),ci(n)):await un(g.GLOBAL_BUCKET_NAME,n)},"getGlobalFileUrl"),PS=s((t,e)=>{let r=`${t}/${e}`;return g.MULTI_TENANCY&&(r=`${$()}/${r}`),r},"getGlobalFileS3Key");async function Yv(t){return!t||!t.length?[]:await Promise.all(t.map(async e=>{let r=await Hv(e),n=await zv(e);return{...e,jsUrl:r,iconUrl:n}}))}s(Yv,"enrichPluginURLs");async function Hv(t){let e=US(t);return NS(e)}s(Hv,"getPluginJSUrl");async function zv(t){let e=LS(t);if(e)return NS(e)}s(zv,"getPluginIconUrl");async function NS(t){return g.CLOUDFRONT_CDN?ci(t):await un(g.PLUGIN_BUCKET_NAME,t)}s(NS,"getPluginUrl");function US(t){return MS(t,"plugin.min.js")}s(US,"getPluginJSKey");function LS(t){let e=t.iconUrl?"icon.svg":t.iconFileName;if(e)return MS(t,e)}s(LS,"getPluginIconKey");function MS(t,e){return`${kS(t.name)}/${e}`}s(MS,"getPluginS3Key");function kS(t){let e=`${t}`;return g.MULTI_TENANCY&&(e=`${$()}/${e}`),g.CLOUDFRONT_CDN&&(e=`plugins/${e}`),e}s(kS,"getPluginS3Dir");var WS="budibase.log",$S="budibase-logs-history.txt",GS=cp.default.join(an(),"systemlogs");function FS(t){return cp.default.join(GS,t)}s(FS,"getFullPath");function VS(t){let e=/(\d+)([A-Za-z])/,r=t?.match(e);if(!r){console.warn("totalMaxSize does not have a valid value",{totalMaxSize:t});return}let n=+r[1],i=r[2];if(n===1)switch(i){case"B":return{size:`${n}B`,totalHistoryFiles:1};case"K":return{size:`${n*1e3/2}B`,totalHistoryFiles:1};case"M":return{size:`${n*1e3/2}K`,totalHistoryFiles:1};case"G":return{size:`${n*1e3/2}M`,totalHistoryFiles:1};default:return}return n%2===0?{size:`${n/2}${i}`,totalHistoryFiles:1}:{size:`1${i}`,totalHistoryFiles:n-1}}s(VS,"getSingleFileMaxSizeInfo");function lp(){let t=VS(g.ROLLING_LOG_MAX_SIZE);return BS.createStream(WS,{size:t?.size,path:GS,maxFiles:t?.totalHistoryFiles||1,immutable:!0,history:$S,initialRotation:!1})}s(lp,"localFileDestination");function Jv(){let t=[],e=FS($S);if(Xs.default.existsSync(e)){let i=Xs.default.readFileSync(e,"utf-8").split(`
|
|
37
|
-
`);for(let o of i.filter(a=>a))t.push(Xs.default.readFileSync(o))}return t.push(Xs.default.readFileSync(FS(WS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(Jv,"getLogReadStream");function Zv(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(Zv,"isPlainObject");function Xv(t){return t instanceof Error}s(Xv,"isError");function eP(t){return typeof t=="string"}s(eP,"isMessage");var _r;if(!g.DISABLE_PINO_LOGGER){let t=g.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>g.SELF_HOSTED?{service:g.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(g.isDev()?{stream:(0,qS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),g.SELF_HOSTED&&r.push({stream:lp(),level:t}),_r=r.length?(0,vu.default)(e,vu.default.multistream(r)):(0,vu.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(E=>{eP(E)&&(f=`${f} ${E}`.trimStart()),Zv(E)&&d.push(E),Xv(E)&&(l=E)});let h=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:h?._id,identityType:h?.type,correlationId:Jf()};let S=fp.default.scope().active();S&&fp.default.inject(S.context(),KS.formats.LOG,p);let m={err:l,pid:process.pid,...p};if(d.length){let E={},y=0;for(let I=0;I<d.length;I++){let O=d[I],w=O._logKey;w?(delete O._logKey,m[w]=O):(E[y]=O,y++)}Object.keys(E).length&&(m.data=E)}return[m,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);_r?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);_r?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),_r?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);_r?.debug(l,d)};let i=s(()=>{let c;try{c=$()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=be()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=yf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Wt()}catch{}return c},"getIdentity")}var Pu=_r;var tP=["AccountError"];function rP(t){return t&&t.suppressAlert}s(rP,"isSuppressed");function cn(t,e){e&&tP.includes(e.name)&&rP(e)||console.error(`bb-alert: ${t}`,e)}s(cn,"logAlert");function nP(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,cn(t,n)}s(nP,"logAlertWithInfo");function li(t,e){console.warn(`bb-warn: ${t}`,e)}s(li,"logWarn");var Nu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},pp=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new Et(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Nu&&await u.discard(),cn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Le.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var iP=100,Uu,to=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new Et("docWritethroughQueue",{jobOptions:{attempts:iP}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=Re(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},hp=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await to.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function QS(){return Uu=new to().init(),Uu}s(QS,"init");function sP(){return Uu||QS()}s(sP,"getProcessor");var no={};P(no,{CacheKey:()=>ye,TTL:()=>fn,bustCache:()=>di,destroy:()=>ro,get:()=>pn,keys:()=>Lu,store:()=>Yt,withCache:()=>Or,withCacheWithDynamicTTL:()=>jS});function Ct(t){let e=$();return`${t}:${e}`}s(Ct,"generateTenantKey");var ln=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await Df()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?Ct(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[Ct(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(Ct(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?Ct(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var dn=new ln,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},fn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(fn||{}),Lu=s((...t)=>dn.keys(...t),"keys"),pn=s((...t)=>dn.get(...t),"get"),Yt=s((...t)=>dn.store(...t),"store"),ro=s((...t)=>dn.delete(...t),"destroy"),Or=s((...t)=>dn.withCache(...t),"withCache"),jS=s((...t)=>dn.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),di=s((...t)=>dn.bustCache(...t),"bustCache");var Sp={};P(Sp,{createCode:()=>pP,deleteCode:()=>hP,getCode:()=>mP,getExistingInvites:()=>Tp,getInviteCodes:()=>XS,updateCode:()=>fP});var hn={};P(hn,{AUTO_EXTEND_POLLING_MS:()=>zS,doWithLock:()=>io,newRedlock:()=>mn});var HS=B(require("redlock"));async function oP(t,e){if(t==="custom")return mn(e);switch(t){case"try_once":return mn(fi.TRY_ONCE);case"try_twice":return mn(fi.TRY_TWICE);case"default":return mn(fi.DEFAULT);case"delay_500":return mn(fi.DELAY_500);case"auto_extend":return mn(fi.AUTO_EXTEND);default:throw _t.unreachable(t)}}s(oP,"getClient");var fi={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function mn(t={}){let e={...fi.DEFAULT,...t},n=(await Cf()).client;return new HS.default([n],e)}s(mn,"newRedlock");function aP(t){let r=`lock:${t.systemLock?"system":$()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(aP,"getLockName");var zS=pe.fromSeconds(10).toMs();async function io(t,e){let r=await oP(t.type,t.customOptions),n,i;try{let o=aP(t),a=t.type==="auto_extend"?zS:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(io,"doWithLock");var Ep=pe.fromDays(7).toSeconds(),cP=pe.fromSeconds(10).toMs(),Mu="Invitation is not valid or has expired, please request a new one.";function JS(t,e){if(!t)return null;let r=t.tenantId||e;return r?{tenantId:r,invites:t.invites||{}}:null}s(JS,"normaliseInviteList");function lP(t){let e=!1,r=Date.now();for(let[n,i]of Object.entries(t.invites))(!i?.expiresAt||i.expiresAt<=r)&&(delete t.invites[n],e=!0);return{list:t,changed:e}}s(lP,"pruneExpiredInvites");async function yp(t){let r=await(await Ns()).get(t);return JS(r,t)}s(yp,"loadInviteList");async function so(t,e){await(await Ns()).store(t,e)}s(so,"saveInviteList");async function oo(t,e){let{result:r}=await io({type:"default",name:"process_user_invite",systemLock:!0,resource:t,ttl:cP},e);return r}s(oo,"withInviteListLock");function dP(t,e){return{code:t,email:e.email,info:e.info}}s(dP,"toInviteWithCode");async function ZS(t,e){let r=await Ns(),n=JS(await r.get(e),e);if(!n)throw new Error(Mu);if(!Object.keys(n.invites).includes(t))throw new Error(Mu);return{list:n,invite:n.invites[t]}}s(ZS,"findInviteInList");async function fP(t,e){let r=await ri();await r.exists(t)&&await r.store(t,e,Ep);let i={...e.info},o=i.tenantId||$();i.tenantId=o,await oo(o,async()=>{let a=await yp(o)||{tenantId:o,invites:{}};a.invites[t]={email:e.email,info:i,expiresAt:Date.now()+Ep*1e3},await so(o,a)})}s(fP,"updateCode");async function pP(t,e){let r=ee(),n={...e||{}},i=n.tenantId||$();return n.tenantId=i,await oo(i,async()=>{let o=await yp(i)||{tenantId:i,invites:{}};o.invites[r]={email:t,info:n,expiresAt:Date.now()+Ep*1e3},await so(i,o)}),r}s(pP,"createCode");async function mP(t,e){let n=await(await ri()).get(t);if(n)return n;let i=e||$();return await oo(i,async()=>{let o=await ZS(t,i),{list:a,invite:u}=o;if(u.expiresAt<=Date.now())throw delete a.invites[t],await so(a.tenantId,a),new Error(Mu);return{email:u.email,info:u.info}})}s(mP,"getCode");async function hP(t,e){await(await ri()).delete(t);let n=e||$();try{await oo(n,async()=>{let i=await ZS(t,n);delete i.list.invites[t],await so(i.list.tenantId,i.list)})}catch(i){if(i instanceof Error&&i.message===Mu)return;throw i}}s(hP,"deleteCode");async function XS(){let t=$(),e=await oo(t,async()=>{let o=await yp(t)||{tenantId:t,invites:{}},a=lP(o);return o=a.list,a.changed&&await so(t,o),o}),r=new Map;for(let[o,a]of Object.entries(e.invites))r.set(o,dP(o,a));let i=await(await ri()).scan();for(let o of i)o?.value?.info&&(g.MULTI_TENANCY&&o.value.info.tenantId!==t||r.has(o.key)||r.set(o.key,{...o.value,code:o.key}));return Array.from(r.values())}s(XS,"getInviteCodes");async function Tp(t){return(await XS()).filter(e=>t.includes(e.email))}s(Tp,"getExistingInvites");var Ap={};P(Ap,{createCode:()=>EP,getCode:()=>yP,invalidateCode:()=>TP});var gP=pe.fromHours(1).toSeconds();async function EP(t,e){let r=ee();return await(await Us()).store(r,{userId:t,info:e},gP),r}s(EP,"createCode");async function yP(t){let r=await(await Us()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(yP,"getCode");async function TP(t){await(await Us()).delete(t)}s(TP,"invalidateCode");var Rr={};P(Rr,{getUser:()=>Co,getUsers:()=>YL,invalidateUser:()=>bo});var ao={};P(ao,{getPlatformDB:()=>Ir,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>tA,addUser:()=>wP,getUserDoc:()=>eA,lookupTenantId:()=>SP,removeUser:()=>DP,updateUserDoc:()=>AP});function Ir(){return Re(fe.PLATFORM_INFO.name)}s(Ir,"getPlatformDB");async function SP(t){return g.MULTI_TENANCY?(await eA(t)).tenantId:ae}s(SP,"lookupTenantId");async function eA(t){return Ir().get(t)}s(eA,"getUserDoc");async function AP(t){await Ir().put(t)}s(AP,"updateUserDoc");function _P(t,e){return{_id:t,tenantId:e}}s(_P,"newUserIdDoc");function OP(t,e,r){return{_id:e,userId:t,tenantId:r}}s(OP,"newUserEmailDoc");function IP(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(IP,"newUserSsoIdDoc");async function _p(t,e){let r=Ir(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(_p,"addUserDoc");async function tA(t,e,r,n){return _p(t,()=>IP(t,e,r,n))}s(tA,"addSsoUser");async function wP(t,e,r,n){let i=[_p(e,()=>_P(e,t)),_p(r,()=>OP(e,r,t))];n&&i.push(tA(n,r,e,t)),await Promise.all(i)}s(wP,"addUser");async function DP(t){let e=Ir(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(DP,"removeUser");var gn={};P(gn,{getAccount:()=>wr,getAccountByTenantId:()=>pi,getStatus:()=>RP});var rA=B(require("node-fetch"));var uo=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Ys.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,rA.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var Op=new uo(g.INTERNAL_ACCOUNT_PORTAL_URL),Ip=g.SELF_HOSTED||g.DISABLE_ACCOUNT_PORTAL,wr=s(async t=>{if(Ip)return;let e={email:t},r=await Op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),pi=s(async t=>{if(Ip)return;let e={tenantId:t},r=await Op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),RP=s(async()=>{if(Ip)return;let t=await Op.get("/api/status",{headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var yi={};P(yi,{UserDB:()=>xt,addAppBuilder:()=>qL,bulkGetGlobalUsersById:()=>oc,bulkUpdateGlobalUsers:()=>wo,cleanseUserObject:()=>Qp,creatorsInList:()=>Tn,doesUserExist:()=>BL,getAccountHolderFromUsers:()=>sc,getAllUserIds:()=>kL,getAllUsers:()=>FL,getById:()=>Sn,getCreatorCount:()=>GL,getExistingAccounts:()=>Ei,getExistingPlatformUsers:()=>qA,getExistingTenantUsers:()=>VA,getFirstPlatformUser:()=>Oo,getGlobalUserByAppPage:()=>JA,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>tc,getUserCount:()=>$L,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>jA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>QA,isAdminOrWorkspaceBuilder:()=>rc,isBuilder:()=>Ai,isCreatorAsync:()=>Io,isCreatorSync:()=>nc,isGlobalBuilder:()=>KA,paginatedUsers:()=>XA,removeAppBuilder:()=>KL,removePortalUserPermissions:()=>VL,searchExistingEmails:()=>$p,searchGlobalUsersByApp:()=>zA,searchGlobalUsersByAppAccess:()=>Kp,searchGlobalUsersByEmail:()=>ZA,validateUniqueUser:()=>ic});var Ku={};P(Ku,{ActiveContentFileError:()=>Bu,BadRequestError:()=>lo,BudibaseError:()=>co,EmailUnavailableError:()=>Ht,FeatureDisabledError:()=>Gu,ForbiddenError:()=>Wu,HTTPError:()=>ke,NotFoundError:()=>Fu,NotImplementedError:()=>$u,UnexpectedError:()=>ku,UsageLimitError:()=>Vu,getErrorMessage:()=>nA,getPublicError:()=>qu});var co=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}};function nA(t){if(t==null)return"No error provided.";if(t instanceof Error)return t.message;if(typeof t=="string")return t;if(typeof t=="object"&&"message"in t)return String(t.message);try{let r=JSON.stringify(t);if(r!=="{}")return r}catch{}let e=String(t);return e!=="[object Object]"?e:"An unknown error occurred"}s(nA,"getErrorMessage");var qu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),ke=class t extends co{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.message,o=u.status,a=u.error?.code}catch{}return new t(i,o,a)}},ku=class extends ke{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Fu=class extends ke{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},lo=class extends ke{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},Bu=class extends lo{static{s(this,"ActiveContentFileError")}constructor(e){super(`File "${e}" contains active content which is not permitted`)}},Wu=class extends ke{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},$u=class extends ke{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},Gu=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},Vu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Ht=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var Cp={};P(Cp,{PASSWORD_MAX_LENGTH:()=>Dp,PASSWORD_MIN_LENGTH:()=>wp,validatePassword:()=>Rp});var wp=+(g.PASSWORD_MIN_LENGTH||12),Dp=+(g.PASSWORD_MAX_LENGTH||512);function Rp(t){return!t||t.length<wp?{valid:!1,error:`Password invalid. Minimum ${wp} characters.`}:t.length>Dp?{valid:!1,error:`Password invalid. Maximum ${Dp} characters.`}:{valid:!0}}s(Rp,"validatePassword");var Qu={};P(Qu,{createASession:()=>CP,endSession:()=>bP,getSession:()=>xp,getSessionsForUser:()=>fo,invalidateSessions:()=>En,updateSessionTTL:()=>bp});var sA=require("uuid");var oA=g.SESSION_EXPIRY_SECONDS?parseInt(g.SESSION_EXPIRY_SECONDS):pe.fromDays(7).toSeconds();function mi(t,e){return`${t}/${e}`}s(mi,"makeSessionID");async function fo(t){return t?(await(await gr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(fo,"getSessionsForUser");async function En(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await fo(t)).map(a=>({key:mi(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:mi(t,o)}))),i&&i.length>0){let o=await gr(),a=[];for(let u of i)a.push(o.delete(u.key));g.isTest()||li(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(En,"invalidateSessions");async function CP(t,e){let r=await fo(t),n=0;if(r.length>=3){let l=r.sort((h,p)=>new Date(h.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(h=>h.sessionId);n=f.length,await En(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await gr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,sA.v4)(),u=mi(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,oA),{session:c,invalidatedSessionCount:n}}s(CP,"createASession");async function bp(t){let e=await gr(),r=mi(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,oA)}s(bp,"updateSessionTTL");async function bP(t,e){await(await gr()).delete(mi(t,e))}s(bP,"endSession");async function xp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await gr()).get(mi(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(xp,"getSession");var gi={};P(gi,{account:()=>yA,action:()=>TA,ai:()=>SA,analytics:()=>Yu,app:()=>AA,asyncEventQueue:()=>Tt,auditLog:()=>_A,auth:()=>ec,automation:()=>OA,backfill:()=>IA,backfillCache:()=>Ju,backup:()=>wA,datasource:()=>DA,email:()=>RA,environmentVariable:()=>CA,group:()=>bA,identification:()=>St,initAsyncEvents:()=>IL,installation:()=>Eo,layout:()=>xA,license:()=>vA,org:()=>PA,plugin:()=>NA,processors:()=>Mp,publishEvent:()=>A,query:()=>UA,resource:()=>LA,role:()=>_o,rowAction:()=>MA,rows:()=>kA,screen:()=>FA,serve:()=>BA,shutdown:()=>wL,table:()=>WA,user:()=>Be,view:()=>$A,workspace:()=>GA});var Yu={};P(Yu,{enabled:()=>ju});var ju=s(async()=>Hu(),"enabled");var Tt;function zu(){Tt=new Et("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(zu,"init");async function aA(){Tt&&await Tt.close()}s(aA,"shutdown");async function uA(t){Tt||zu();let{event:e,identity:r}=t;Qm.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(uA,"publishAsyncEvent");var Ju={};P(Ju,{end:()=>vP,isAlreadySent:()=>Np,isBackfillingEvent:()=>Pp,recordEvent:()=>vp,start:()=>xP});var xP=s(async t=>NP({eventWhitelist:t}),"start"),vp=s(async(t,e)=>{let r=Up(t,e);await Yt(r,e,void 0,{useTenancy:!1})},"recordEvent"),vP=s(async()=>{await UP(),await LP()},"end"),PP=s(async()=>pn(ye.BACKFILL_METADATA),"getBackfillMetadata"),NP=s(async t=>Yt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),UP=s(async()=>{await ro(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),LP=s(async()=>{let t=Up(),e=await Lu(t);for(let r of e)await ro(r,{useTenancy:!1})},"clearEvents"),Pp=s(async t=>{let r=(await PP())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),Np=s(async(t,e)=>{let r=Up(t,e);return!!await pn(r,{useTenancy:!1})},"isAlreadySent"),MP={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},Up=s((t,e)=>{let r,n=$();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=MP[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Mp={};P(Mp,{analyticsProcessor:()=>hA,init:()=>QP,processors:()=>Jt});var pA=require("posthog-node");var kP=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),FP=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var lA={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},dA=s(async t=>{if(!kP(t))return!1;let e=await BP(t);if(e){let r=new Date(e.timestamp);switch(lA[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await cA(t,{timestamp:Date.now()}),!1):!0}}else return await cA(t,{timestamp:Date.now()}),!1},"limited"),fA=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return FP(t)&&(e=e+":"+be()),e},"eventKey"),BP=s(async t=>{let e=fA(t);return await pn(e)},"readEvent"),cA=s(async(t,e)=>{let r=fA(t),n=lA[t],i;switch(n){case"calendarDay":i=86400}await Yt(r,e,i)},"recordEvent");var $P=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],po=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new pA.PostHog(e)}async processEvent(e,r,n,i){if($P.includes(e)||await dA(e))return;n=this.clearPIIProperties(n),n.version=g.VERSION,n.service=g.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=be();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var mA=po;var GP=["installation:version:upgraded","installation:version:downgraded"],VP=["installation","tenant"],mo=class{static{s(this,"AnalyticsProcessor")}constructor(){g.POSTHOG_TOKEN&&!g.isTest()&&(this.posthog=new mA(g.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!GP.includes(e)&&!await ju()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!VP.includes(e.type)&&!await ju()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Lp=g.SELF_HOSTED&&!g.isDev(),ho=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Lp||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Lp||console.log("[audit] identified",e)}async identifyGroup(e){Lp||console.log("[audit] group identified",e)}async shutdown(){}};var hi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new Et("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Ce(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};g.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Gf(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:be(),hostInfo:r.hostInfo},tenantId:$()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var go=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var hA=new mo,qP=new ho,KP=new hi;function QP(t){return hi.init(t)}s(QP,"init");var Jt=new go([hA,qP,KP]);var Zu={};P(Zu,{checkInstallVersion:()=>HP,getInstall:()=>yo,getInstallFromDB:()=>Fp});var kp=B(require("semver"));var yo=s(async()=>Or(ye.INSTALLATION,86400,Fp,{useTenancy:!1}),"getInstall");async function jP(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:g.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return Fp();throw r}}s(jP,"createInstallDoc");var Fp=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await jP(t);else throw r}return e}),"getInstallFromDB"),YP=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await yo();r.version=t,await e.put(r),await di(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),HP=s(async()=>{let t=await yo(),e=t.version,r=g.VERSION;try{if(e!==r){let n=kp.default.gt(r,e),i=kp.default.lt(r,e);await YP(r)&&(await Ds({_id:t.installId,type:"installation"},async()=>{n?await Eo.upgraded(e,r):i&&await Eo.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?cn(`Invalid version "${r}" - is it semver?`):cn("Failed to retrieve version",n)}},"checkInstallVersion");var zP=s(async()=>{let t=Xd(),e=Ao(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await yn(),i=To();return{id:gA(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await yn(),i=await Xu($()),o=To();return{id:gA(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:$(),environment:e}}else if(r==="user"){let n=t,i=await Xu($()),o=await yn(),a=n.account,u;return a?u=a.hosting:u=To(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:$(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),JP=s(async(t,e)=>{let r=t,n="installation",i=To(),o=g.VERSION,a=Ao(),u={id:r,type:n,hosting:i,version:o,environment:a};await Bp(u,e),await So({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),ZP=s(async(t,e,r,n=g.VERSION)=>{let i=await Xu(t),o="tenant",a=await yn(),u=Ao(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await Bp(c,r),await So({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),XP=s(async(t,e,r)=>{let n=t._id,i=await Xu(t.tenantId),o="user",a=Fe(t),u=Dr(t),c;Qo(t)&&(c=t.providerType);let d=(await Ei([t.email])).length>0,f=!!e&&d&&e.verified,h=await yn(),p=e?e.hosting:To(),S=Ao();await So({id:n,type:o,hosting:p,installationId:h,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:S},r)},"identifyUser"),eN=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Ko(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await yn(),l=Ao();if(qo(t)){let f=await At(t.email);f?._id&&(e=f._id)}await So({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),So=s(async(t,e)=>{await Jt.identify(t,e)},"identify"),Bp=s(async(t,e)=>{await Jt.identifyGroup(t,e)},"identifyGroup"),Ao=s(()=>g.isDev()?"development":g.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),To=s(()=>g.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),yn=s(async()=>tN()?"account-portal":(await yo()).installId,"getInstallationId"),Xu=s(async t=>g.SELF_HOSTED?EA(t):t,"getEventTenantId"),EA=s(async t=>Ce(t,()=>Or(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=H(),r=await Ti(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=g.VERSION,await e.put(r),n)})),"getUniqueTenantId"),tN=s(()=>g.SERVICE==="account-portal","isAccountPortal"),gA=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:zP,identifyInstallationGroup:JP,identifyTenantGroup:ZP,identifyUser:XP,identifyAccount:eN,identify:So,identifyGroup:Bp,getInstallationId:yn,getUniqueTenantId:EA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Pp(t))){await uA({event:t,identity:i,properties:e,timestamp:r}),await Jt.processEvent(t,i,e,r);return}await Np(t,e)||(await Jt.processEvent(t,i,e,r),await vp(t,e))},"publishEvent");async function rN(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(rN,"created");async function nN(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(nN,"deleted");async function iN(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(iN,"verified");var yA={created:rN,deleted:nN,verified:iN};async function sN(t,e){console.info("action:automation_step:executed",`disabled. Action step ${t.stepId} not published at ${e}`)}s(sN,"automationStepExecuted");async function oN(t,e){console.info("action:automation_step:executed",`disabled. Action type ${t.type} not published at ${e}`)}s(oN,"crudExecuted");async function aN(t,e){console.info("action:automation_step:executed",`disabled. Execution for ai agent ${t.agentId} not published at ${e}`)}s(aN,"aiAgentExecuted");var TA={aiAgentExecuted:aN,automationStepExecuted:sN,crudExecuted:oN};async function uN(t){let e={};await A("ai:config:created",e,t)}s(uN,"AIConfigCreated");async function cN(){let t={};await A("ai:config:updated",t)}s(cN,"AIConfigUpdated");var SA={AIConfigCreated:uN,AIConfigUpdated:cN};var lN=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function dN(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(dN,"updated");async function fN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(fN,"deleted");async function pN(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(pN,"published");async function mN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(mN,"unpublished");async function hN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(hN,"fileImported");async function gN(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(gN,"duplicated");async function EN(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(EN,"templateImported");async function yN(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(yN,"versionUpdated");async function TN(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(TN,"versionReverted");async function SN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(SN,"reverted");async function AN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(AN,"exported");var AA={created:lN,updated:dN,deleted:fN,published:pN,unpublished:mN,fileImported:hN,duplicated:gN,templateImported:EN,versionUpdated:yN,versionReverted:TN,reverted:SN,exported:AN};async function _N(t){let e={filters:t};await A("audit_log:filtered",e)}s(_N,"filtered");async function ON(t){let e={filters:t};await A("audit_log:downloaded",e)}s(ON,"downloaded");var _A={filtered:_N,downloaded:ON};async function IN(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(IN,"login");async function wN(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(wN,"logout");async function DN(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(DN,"SSOCreated");async function RN(t){let e={type:t};await A("auth:sso:updated",e)}s(RN,"SSOUpdated");async function CN(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(CN,"SSOActivated");async function bN(t){let e={type:t};await A("auth:sso:deactivated",e)}s(bN,"SSODeactivated");var ec={login:IN,logout:wN,SSOCreated:DN,SSOUpdated:RN,SSOActivated:CN,SSODeactivated:bN};async function xN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(xN,"created");async function vN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(vN,"triggerUpdated");async function PN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(PN,"deleted");async function NN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(NN,"tested");var UN=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function LN(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(LN,"stepCreated");async function MN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(MN,"stepDeleted");var OA={created:xN,triggerUpdated:vN,deleted:PN,tested:NN,run:UN,stepCreated:LN,stepDeleted:MN};var Si=!g.SELF_HOSTED&&!g.isDev();async function kN(t){Si||await A("app:backfill:succeeded",t)}s(kN,"appSucceeded");async function FN(t){if(Si)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(FN,"appFailed");async function BN(t){Si||await A("tenant:backfill:succeeded",t)}s(BN,"tenantSucceeded");async function WN(t){if(Si)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(WN,"tenantFailed");async function $N(){if(Si)return;let t={};await A("installation:backfill:succeeded",t)}s($N,"installationSucceeded");async function GN(t){if(Si)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(GN,"installationFailed");var IA={appSucceeded:kN,appFailed:FN,tenantSucceeded:BN,tenantFailed:WN,installationSucceeded:$N,installationFailed:GN};async function VN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(VN,"appBackupRestored");async function qN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(qN,"appBackupTriggered");var wA={appBackupRestored:VN,appBackupTriggered:qN};function Wp(t){return!Object.values(Wo).includes(t.source)}s(Wp,"isCustom");async function KN(t,e){let r={datasourceId:t._id,source:t.source,custom:Wp(t)};await A("datasource:created",r,e)}s(KN,"created");async function QN(t){let e={datasourceId:t._id,source:t.source,custom:Wp(t)};await A("datasource:updated",e)}s(QN,"updated");async function jN(t){let e={datasourceId:t._id,source:t.source,custom:Wp(t)};await A("datasource:deleted",e)}s(jN,"deleted");var DA={created:KN,updated:QN,deleted:jN};async function YN(t){let e={};await A("email:smtp:created",e,t)}s(YN,"SMTPCreated");async function HN(){let t={};await A("email:smtp:updated",t)}s(HN,"SMTPUpdated");var RA={SMTPCreated:YN,SMTPUpdated:HN};async function zN(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(zN,"created");async function JN(t){let e={name:t};await A("environment_variable:deleted",e)}s(JN,"deleted");async function ZN(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(ZN,"upgradePanelOpened");var CA={created:zN,deleted:JN,upgradePanelOpened:ZN};async function XN(t,e){let r={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:created",r,e)}s(XN,"created");async function eU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:updated",e)}s(eU,"updated");async function tU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:deleted",e)}s(tU,"deleted");async function rU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:user_added",n)}s(rU,"usersAdded");async function nU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(nU,"usersDeleted");async function iU(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(iU,"createdOnboarding");async function sU(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(sU,"permissionsEdited");var bA={created:XN,updated:eU,deleted:tU,usersAdded:rU,usersDeleted:nU,createdOnboarding:iU,permissionsEdited:sU};async function oU(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(oU,"versionChecked");async function aU(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(aU,"upgraded");async function uU(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(uU,"downgraded");async function cU(){let t={};await A("installation:firstStartup",t)}s(cU,"firstStartup");var Eo={versionChecked:oU,upgraded:aU,downgraded:uU,firstStartup:cU};async function lU(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(lU,"created");async function dU(t){let e={layoutId:t};await A("layout:deleted",e)}s(dU,"deleted");var xA={created:lU,deleted:dU};async function fU(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(fU,"planChanged");async function pU(t){let e={accountId:t.accountId};await A("license:activated",e)}s(pU,"activated");async function mU(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(mU,"checkoutOpened");async function hU(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(hU,"checkoutSuccess");async function gU(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(gU,"portalOpened");async function EU(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(EU,"paymentFailed");async function yU(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(yU,"paymentRecovered");var vA={planChanged:fU,activated:pU,checkoutOpened:mU,checkoutSuccess:hU,portalOpened:gU,paymentFailed:EU,paymentRecovered:yU};async function TU(t){let e={};await A("org:info:name:updated",e,t)}s(TU,"nameUpdated");async function SU(t){let e={};await A("org:info:logo:updated",e,t)}s(SU,"logoUpdated");async function AU(t){let e={};await A("org:platformurl:updated",e,t)}s(AU,"platformURLUpdated");async function _U(){let t={};await A("analytics:opt:out",t)}s(_U,"analyticsOptOut");async function OU(){let t={};await A("analytics:opt:out",t)}s(OU,"analyticsOptIn");var PA={nameUpdated:TU,logoUpdated:SU,platformURLUpdated:AU,analyticsOptOut:_U,analyticsOptIn:OU};async function IU(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(IU,"init");async function wU(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(wU,"imported");async function DU(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(DU,"deleted");var NA={init:IU,imported:wU,deleted:DU};var RU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),CU=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),bU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),xU=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),vU=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),PU=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),UA={created:RU,updated:CU,deleted:bU,imported:xU,run:vU,previewed:PU};async function NU({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(NU,"duplicatedToWorkspace");var LA={duplicatedToWorkspace:NU};async function UU(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(UU,"created");async function LU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(LU,"updated");async function MU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(MU,"deleted");async function kU(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(kU,"assigned");async function FU(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(FU,"unassigned");var _o={created:UU,updated:LU,deleted:MU,assigned:kU,unassigned:FU};async function BU(t,e){await A("row_action:created",t,e)}s(BU,"created");var MA={created:BU};var WU=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),$U=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),kA={created:WU,imported:$U};async function GU(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(GU,"created");async function VU(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(VU,"deleted");var FA={created:GU,deleted:VU};async function qU(t){let e={timezone:t};await A("served:builder",e)}s(qU,"servedBuilder");async function KU(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(KU,"servedApp");async function QU(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(QU,"servedAppPreview");var BA={servedBuilder:qU,servedApp:KU,servedAppPreview:QU};async function jU(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(jU,"created");async function YU(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(YU,"updated");async function HU(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(HU,"deleted");async function zU(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(zU,"exported");async function JU(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(JU,"imported");var WA={created:jU,updated:YU,deleted:HU,exported:zU,imported:JU};async function ZU(t,e){let r={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:created",r,e)}s(ZU,"created");async function XU(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:updated",e)}s(XU,"updated");async function eL(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:deleted",e)}s(eL,"deleted");async function tL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(tL,"permissionAdminAssigned");async function rL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(rL,"permissionAdminRemoved");async function nL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(nL,"permissionBuilderAssigned");async function iL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(iL,"permissionBuilderRemoved");async function sL(t){let e={audited:{email:t}};await A("user:invited",e)}s(sL,"invited");async function oL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(oL,"inviteAccepted");async function aL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(aL,"passwordForceReset");async function uL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(uL,"passwordUpdated");async function cL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(cL,"passwordResetRequested");async function lL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(lL,"passwordReset");async function dL(t){let e={users:t};await A("user:data:collaboration",e)}s(dL,"dataCollaboration");var Be={created:ZU,updated:XU,deleted:eL,permissionAdminAssigned:tL,permissionAdminRemoved:rL,permissionBuilderAssigned:nL,permissionBuilderRemoved:iL,invited:sL,inviteAccepted:oL,passwordForceReset:aL,passwordUpdated:uL,passwordResetRequested:cL,passwordReset:lL,dataCollaboration:dL};async function fL(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(fL,"created");async function pL(t){let e={tableId:t.tableId};await A("view:updated",e)}s(pL,"updated");async function mL(t,e){let r={...Le.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(mL,"deleted");async function hL(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(hL,"exported");async function gL({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(gL,"filterCreated");async function EL({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(EL,"filterUpdated");async function yL(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(yL,"filterDeleted");async function TL({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(TL,"calculationCreated");async function SL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(SL,"calculationUpdated");async function AL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(AL,"calculationDeleted");async function _L(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(_L,"viewJoinCreated");var $A={created:fL,updated:pL,deleted:mL,exported:hL,filterCreated:gL,filterUpdated:EL,filterDeleted:yL,calculationCreated:TL,calculationUpdated:SL,calculationDeleted:AL,viewJoinCreated:_L};async function OL(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(OL,"deleted");var GA={deleted:OL};function IL(){}s(IL,"initAsyncEvents");var wL=s(async()=>{await Jt.shutdown(),console.log("Events shutdown")},"shutdown");var Gp={};P(Gp,{creatorsInList:()=>Tn,getAccountHolderFromUsers:()=>sc,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>jA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>QA,isAdminOrWorkspaceBuilder:()=>rc,isBuilder:()=>Ai,isCreatorAsync:()=>Io,isCreatorSync:()=>nc,isGlobalBuilder:()=>KA,validateUniqueUser:()=>ic});async function $p(t){let e=[],r=await VA(t);e.push(...r.map(a=>a.email));let n=await qA(t);e.push(...n.map(a=>a._id));let i=await Ei(t);e.push(...i.map(a=>a.email));let o=await Tp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s($p,"searchExistingEmails");async function tc(t){return await Bs("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(tc,"getPlatformUsers");async function Oo(t){return(await tc(t))[0]??null}s(Oo,"getFirstPlatformUser");async function VA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Vt("by_email2",r,void 0,n)}s(VA,"getExistingTenantUsers");async function qA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Bs("platform_users_lowercase_2",r)}s(qA,"getExistingPlatformUsers");async function Ei(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Bs("account_by_email",r)}s(Ei,"getExistingAccounts");var Ai=Me.users.isBuilder,bt=Me.users.isAdmin,KA=Me.users.isGlobalBuilder,QA=Me.users.isAdminOrBuilder,Dr=Me.users.hasAdminPermissions,Fe=Me.users.hasBuilderPermissions,jA=Me.users.hasAppBuilderPermissions,rc=Me.users.isAdminOrWorkspaceBuilder;async function Tn(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await H().getMultiple(r,{allowMissing:!0}),t.map(i=>nc(i,e))}s(Tn,"creatorsInList");async function Io(t){let e=[];return t.userGroups&&(e=await H().getMultiple(t.userGroups)),nc(t,e)}s(Io,"isCreatorAsync");function nc(t,e){let r=Me.users.isCreator(t);return!r&&t?DL(t,e):r}s(nc,"isCreatorSync");function DL(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(DL,"isCreatorByGroupMembership");async function ic(t,e){if(g.MULTI_TENANCY){let r=await Oo(t);if(r!=null&&r.tenantId!==e)throw new Ht(t)}if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let r=await wr(t);if(r&&r.verified&&r.tenantId!==e)throw new Ht(t)}}s(ic,"validateUniqueUser");async function sc(t){if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let e=await Ei(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(sc,"getAccountHolderFromUsers");var Vp=s(async t=>{await Be.deleted(t),Fe(t)&&await Be.permissionBuilderRemoved(t),Dr(t)&&await Be.permissionAdminRemoved(t)},"handleDeleteEvents"),RL=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await _o.assigned(t,i)},"assignAppRoleEvents"),CL=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await _o.unassigned(t,i)},"unassignAppRoleEvents"),bL=s(async(t,e)=>{let r=t.roles,n=e?.roles;await RL(t,r,n),await CL(t,r,n)},"handleAppRoleEvents"),qp=s(async(t,e)=>{let r=$(),n;!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL&&(n=await pi(r)),await St.identifyUser(t,n),e?(await Be.updated(t),vL(t,e)&&await Be.permissionBuilderRemoved(t),NL(t,e)&&await Be.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Be.passwordForceReset(t),t.password!==e.password&&await Be.passwordUpdated(t)):await Be.created(t),xL(t,e)&&await Be.permissionBuilderAssigned(t),PL(t,e)&&await Be.permissionAdminAssigned(t),await bL(t,e)},"handleSaveEvents"),xL=s((t,e)=>YA(t,e,Fe),"isAddingBuilder"),vL=s((t,e)=>HA(t,e,Fe),"isRemovingBuilder"),PL=s((t,e)=>YA(t,e,Dr),"isAddingAdmin"),NL=s((t,e)=>HA(t,e,Dr),"isRemovingAdmin"),YA=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),HA=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var LL=s(async t=>{let e=t._id;await yt.removeUser(t),await Vp(t),await Rr.invalidateUser(e),await En(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),xt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return g.ENABLE_SSO_MAINTENANCE_MODE&&bt(e)?!1:await t.features.isSSOEnforced()||Qo(e)?!0:(r||(r=await pi($())),!!(r&&r.email===e.email&&Ko(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new ke("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Rp(a);if(!f.valid)throw new ke(f.error,400)}c=r.hashPassword?await Jd(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ni();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await H().allDocs(nn(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByWorkspace(e){if(typeof e!="string"||!e)throw new Error("Must provide a string based workspace ID");return{userCount:(await Ws("by_app",ii(e,{include_docs:!1}))).rows.length}}static async getUsersByAppAccess(e){return await Kp(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await Sn(e);return r&&delete r.password,r}static async bulkGet(e){return await oc(e)}static async bulkUpdate(e){return await wo(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=$(),i=H(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await Sn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(m){if(m.status!==404)throw m}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Ht(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[m,E]=await Tn([l,e]);f=m!==E?1:0}let h=!l,p=!!l&&!!o&&l.email!==o,S=!r.isAccountHolder&&!!o&&(h||p);return t.quotas.addUsers(d,f,async()=>{S&&await ic(o,n);let m=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(m=Qp(m,l)),!l&&c?.length&&(m.roles={...c});let E=[];if(!a&&u.length>0)for(let y of u)E.push(t.groups.addUsers(y,[m._id]));try{let y=await i.put(m);return m._rev=y.rev,await qp(m,l),l&&m.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,m._id,m.email,m.ssoId),await Rr.invalidateUser(y.id),await Promise.all(E),i.get(m._id)}catch(y){throw y.status===409?"User exists already":y}})}static async bulkCreate(e,r){let n=$(),i=[],o=[],a=[],u=e.map(h=>h.email),c=await $p(u),l=[];for(let h of e){let p=o.find(m=>m.email.toLowerCase()===h.email.toLowerCase()),S=c.includes(h.email.toLowerCase());if(p||S){l.push({email:h.email,reason:"Unavailable"});continue}h.userGroups=r||[],o.push(h),await Io(h)&&a.push(h)}let d=await pi(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let S of o)f&&delete S.password,i.push(t.buildUser(S,{hashPassword:!0,requirePassword:!f},n,void 0,d));let h=await Promise.all(i);await wo(h);for(let S of h)await yt.addUser(n,S._id,S.email),await qp(S,void 0);let p=h.map(S=>({_id:S._id,email:S.email}));if(Array.isArray(p)&&r){let S=[],m=p.map(E=>E._id);for(let E of r)S.push(t.groups.addUsers(E,m));await Promise.all(S)}return{successful:p,unsuccessful:l}})}static async bulkDelete(e){let r=H(),n={successful:[],unsuccessful:[]},i=await sc(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await wo(u),d=(await Tn(a)).filter(p=>p).length,f=[];for(let p of a){let m=(await Oo(p._id)).ssoId;m&&(await tc(m)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await LL(p)}await Ir().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let h={};return a.reduce((p,S)=>(p[S._id]=S,p),h),c.forEach(p=>{let S=h[p.id].email;p.ok?n.successful.push({_id:p.id,email:S}):n.unsuccessful.push({_id:p.id,email:S,reason:"Database error"})}),n}static async destroy(e){let r=H(),n=await r.get(e),i=n._id;if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await wr(a))throw n.userId===Wt()._id?new ke('Please visit "Account" to delete this user',400):new ke("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await Io(n)?1:0;await t.quotas.removeUsers(1,o),await Vp(n),await Rr.invalidateUser(i),await En(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await di(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Ro(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Ro,"removeUserPassword");async function oc(t,e){let n=(await H().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Ro(n)),n}s(oc,"bulkGetGlobalUsersById");async function kL(){let t=H(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Ne}`})).rows.map(n=>n.id)}s(kL,"getAllUserIds");async function FL(){let t=H(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Ne}`,include_docs:!0})).rows.map(n=>n.doc)}s(FL,"getAllUsers");async function wo(t){return await H().bulkDocs(t)}s(wo,"bulkUpdateGlobalUsers");async function Sn(t,e){let n=await H().get(t);return e?.cleanup&&(n=Ro(n)),n}s(Sn,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Vt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Ro(n)),n}s(At,"getGlobalUserByEmail");async function BL(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(BL,"doesUserExist");async function zA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=ii(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Vt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Ro(o)),o}s(zA,"searchGlobalUsersByApp");async function Kp(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await H().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(Kp,"searchGlobalUsersByAppAccess");function JA(t,e){if(e)return hu(Ye(t),e._id)}s(JA,"getGlobalUserByAppPage");async function ZA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Vt("by_email2",{...e,startkey:i,endkey:`${n}${Ne}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Ro(a)),a}s(ZA,"searchGlobalUsersByEmail");var WL=8;async function XA({bookmark:t,query:e,appId:r,limit:n}={}){let i=H(),o=n??WL,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await Sn(e.equal._id)]:r?(c=await zA(r,u),d=s(f=>JA(r,f),"getKey")):e?.string?.email?(c=await ZA(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await oc(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(nn(null,{...u,limit:void 0}))).rows.map(h=>h.doc),c=fr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(nn(null,u))).rows.map(h=>h.doc),Uf(c,o,{paginate:!0,property:l,getKey:d})}s(XA,"paginatedUsers");async function $L(){return(await Ws("by_email2",{limit:0,include_docs:!1})).total_rows}s($L,"getUserCount");async function GL(){let t=0;async function e(r){let n=await XA({bookmark:r}),i=await Tn(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(GL,"getCreatorCount");function VL(t){return delete t.admin,delete t.builder,t}s(VL,"removePortalUserPermissions");function Qp(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(Qp,"cleanseUserObject");async function qL(t,e){let r=Ye(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await xt.save(t,{hashPassword:!1})}s(qL,"addAppBuilder");async function KL(t,e){let r=Ye(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await xt.save(t,{hashPassword:!1})}s(KL,"removeAppBuilder");var e_=3600;async function QL(t,e){let n=await Bf(e).get(t);if(n.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let i=await wr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(QL,"populateFromDB");async function jL(t){let e=await xt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let o=await wr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(jL,"populateUsersFromDB");async function Co({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=QL),!e)try{e=$()}catch{e=await yt.lookupTenantId(t)}let i=await Ps(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,e_)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Me.users.isGlobalBuilder(o)&&await Ce(e,async()=>{let a=await xt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(Co,"getUser");async function YL(t){let e=await Ps(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await jL(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,e_);i.push(...a.users)}return{users:i,notFoundIds:o}}s(YL,"getUsers");async function bo(t){await(await Ps()).delete(t)}s(bo,"invalidateUser");var zp={};P(zp,{Writethrough:()=>Yp});var t_=1e4,jp=null;async function ac(){if(!jp){let t=await Rf();jp=new ln(t)}return jp}s(ac,"getCache");function xo(t,e){return t.name+e}s(xo,"makeCacheKey");function Hp(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(Hp,"makeCacheItem");async function HL(t,e,r=t_){let n=await ac(),i=e._id,o;i&&(o=await n.get(xo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await io({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;li("Ignoring conflict in write-through cache")}})).executed||li("Ignoring redlock conflict in write-through cache")),o=Hp(u,a?null:o?.lastWrite),u._id&&await n.store(xo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(HL,"put");async function zL(t,e){let r=await ac(),n=xo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=Hp(o),await r.store(n,i)}return i.doc}s(zL,"get");async function JL(t,e){let r=await ac(),n=xo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=Hp(o),await r.store(n,i)}return i.doc}s(JL,"tryGet");async function ZL(t,e,r){let n=await ac();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(xo(t,i))}finally{await t.remove(i,r)}}s(ZL,"remove");var Yp=class{static{s(this,"Writethrough")}constructor(e,r=t_){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return HL(this.db,e,r)}async get(e){return zL(this.db,e)}async tryGet(e){return JL(this.db,e)}async remove(e,r){return ZL(this.db,e,r)}};function vo(t){return`config${C}${t}`}s(vo,"generateConfigID");var uc="en";function XL(){return{_id:vo("translations"),type:"translations",config:{defaultLocale:uc,locales:{[uc]:{label:"English",overrides:{}}}}}}s(XL,"createDefaultTranslationsConfig");function e0(t){let e=t?.defaultLocale||uc,r={...t?.locales??{}};r[e]||(r[e]={label:e===uc?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s(e0,"prepareTranslationsConfig");async function ve(t){let e=H();try{return await e.get(vo(t))}catch(r){if(r.status===404)return;throw r}}s(ve,"getConfig");async function t0(t){return t._id||(t._id=vo(t.type)),H().put(t)}s(t0,"save");async function r_(){let t=await ve("translations");return t?(t.config=e0(t.config),t):XL()}s(r_,"getTranslationsConfigDoc");async function r0(){return(await r_()).config}s(r0,"getTranslationsConfig");async function Ti(){let t=await ve("settings");return t||(t={_id:vo("settings"),type:"settings",config:{}}),t.config.platformUrl=await Po({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await Hu({config:t.config}),t}s(Ti,"getSettingsConfigDoc");async function Zp(){return(await Ti()).config}s(Zp,"getSettingsConfig");async function Po(t={tenantAware:!0}){let e=g.PLATFORM_URL||"http://localhost:10000";if(!g.SELF_HOSTED&&g.MULTI_TENANCY&&t.tenantAware){let r=$();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(g.SELF_HOSTED){let r=t?.config?t.config:(await ve("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(Po,"getPlatformUrl");var Hu=s(async t=>{if(!g.SELF_HOSTED)return!!g.ENABLE_ANALYTICS;let e=await Or(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await ve("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=g.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function n0(){return await ve("google")}s(n0,"getGoogleConfigDoc");async function lc(){return(await n0())?.config}s(lc,"getGoogleConfig");async function Xp(){if(!g.SELF_HOSTED)return Jp();let t=await lc();return(!t||!t.activated)&&(t=Jp()),t}s(Xp,"getGoogleDatasourceConfig");function Jp(){if(g.GOOGLE_CLIENT_ID&&g.GOOGLE_CLIENT_SECRET)return{clientID:g.GOOGLE_CLIENT_ID,clientSecret:g.GOOGLE_CLIENT_SECRET,activated:!0}}s(Jp,"getDefaultGoogleConfig");async function i0(){return ve("logos_oidc")}s(i0,"getOIDCLogosDoc");async function s0(){return ve("oidc")}s(s0,"getOIDCConfigDoc");async function o0(){let t=(await s0())?.config;return t?.configs&&t.configs[0]}s(o0,"getOIDCConfig");async function em(t){let e=(await ve("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(em,"getOIDCConfigById");async function n_(){return ve("smtp")}s(n_,"getSMTPConfigDoc");async function a0(t){let e=await n_();if(e)return e.config;let r=g.SELF_HOSTED||!t;if(g.SMTP_FALLBACK_ENABLED&&r)return{port:g.SMTP_PORT,host:g.SMTP_HOST,secure:!1,from:g.SMTP_FROM_ADDRESS,auth:{user:g.SMTP_USER,pass:g.SMTP_PASSWORD},fallback:!0}}s(a0,"getSMTPConfig");async function u0(){return(await ve("scim"))?.config}s(u0,"getSCIMConfig");async function c0(){return ve("ai")}s(c0,"getAIConfig");async function l0(){return ve("recaptcha")}s(l0,"getRecaptchaConfig");var lm={};P(lm,{AccessController:()=>nm,BUILTIN_ROLE_IDS:()=>im,Role:()=>Cr,RoleHierarchyTraversal:()=>dc,RoleIDVersion:()=>sm,builtinRoleToNumber:()=>No,checkForRoleResourceArray:()=>a_,externalRole:()=>g0,findRole:()=>Uo,getAllRoleIds:()=>S0,getAllRoles:()=>cm,getBuiltinRole:()=>s_,getBuiltinRoles:()=>am,getDBRoleID:()=>u_,getExternalRoleID:()=>br,getExternalRoleIDs:()=>c_,getRole:()=>E0,getUserRoleHierarchy:()=>um,getUserRoleIdHierarchy:()=>o_,isBuiltin:()=>An,lowerBuiltinRoleID:()=>h0,prefixRoleIDNoBuiltin:()=>rm,roleIDsAreEqual:()=>ot,roleToNumber:()=>m0,saveRoles:()=>y0,validInherits:()=>p0});var i_=require("lodash"),fc=B(require("lodash/fp/cloneDeep")),tm=B(require("semver"));var im={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...im,BUILDER:"BUILDER"},sm={UUID:void 0,NAME:"name"};function f0(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(f0,"rolesInList");var Cr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=sm.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=rm(e):e&&Array.isArray(e)&&(e=e.map(rm)),this.inherits=e,this}},dc=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Uo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!f0(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Uo(a.inherits,n,r),a&&i.push(a),Le.roles.checkForRoleInheritanceLoops(i))break}}return(0,i_.uniqBy)(i,o=>o._id)}},om={ADMIN:new Cr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"Admin user",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new Cr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new Cr(ie.BASIC,ie.BASIC,"write",{displayName:"Basic user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new Cr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Cr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function am(){return(0,fc.default)(om)}s(am,"getBuiltinRoles");function An(t){return Object.values(im).includes(t)}s(An,"isBuiltin");function rm(t){return An(t)?t:$t(t)}s(rm,"prefixRoleIDNoBuiltin");function s_(t){let e=Object.values(om).find(r=>t.includes(r._id));if(e)return(0,fc.default)(e)}s(s_,"getBuiltinRole");function p0(t,e){if(!e)return!1;let r=s(n=>t.find(i=>ot(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(p0,"validInherits");function No(t){let e=am(),r=Object.values(e).length+1;if(ot(t,ie.ADMIN)||ot(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(No,"builtinRoleToNumber");async function m0(t){if(An(t))return No(t);let e=await um(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>ot(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(An(n.inherits))return No(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(m0,"roleToNumber");function h0(t,e){return t?e&&No(t)>No(e)?e:t:e}s(h0,"lowerBuiltinRoleID");function ot(t,e){return $t(t)===$t(e)}s(ot,"roleIDsAreEqual");function g0(t){let e;return t._id&&(e=br(t._id)),{...t,_id:e,inherits:c_(t.inherits,t.version)}}s(g0,"externalRole");function Uo(t,e,r){let n=s_(t);n||(t=$t(t));let i=e.find(o=>o._id&&ot(o._id,t));return!i&&!An(t)&&r?.defaultPublic?(0,fc.default)(om.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=br(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Uo,"findRole");async function E0(t,e){let r=ei(),n=[];if(!An(t)){let i=await r.tryGet(u_(t));i&&n.push(i)}return Uo(t,n,e)}s(E0,"getRole");async function y0(t){await ei().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:$t(r._id)})))}s(y0,"saveRoles");async function T0(t,e){let r=await cm();if(ot(t,ie.ADMIN))return r;let n=Uo(t,r,e),i=[];return n&&(i=new dc(r,e).walk(n)),i}s(T0,"getAllUserRoles");async function o_(t){return(await um(t)).map(r=>r._id)}s(o_,"getUserRoleIdHierarchy");async function um(t,e){return T0(t,e)}s(um,"getUserRoleHierarchy");function a_(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(a_,"checkForRoleResourceArray");async function S0(t){return(await cm(t)).map(r=>r._id)}s(S0,"getAllRoleIds");async function cm(t){if(t)return je(t,e);{let r;try{r=ei()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(gu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=br(u._id,u.version)));let i=am(),o=[];!r||await A0(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>ot(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=br(u._id,c.version),n.push({...u,...c,name:u.name,_id:br(u._id,u.version),uiMetadata:{...c.uiMetadata,...u.uiMetadata}}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=a_(a.permissions,u);return n}s(e,"internal")}s(cm,"getAllRoles");async function A0(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!tm.default.valid(r)?!0:!tm.default.gte(r,g.MIN_VERSION_WITHOUT_POWER_ROLE)}s(A0,"shouldIncludePowerRole");var nm=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||ot(e,ie.BUILDER)||ot(r,e)||ot(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await o_(r),this.userHierarchies[r]=n),n?.find(i=>ot(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function u_(t){return t?.startsWith("role")?t:$t(t)}s(u_,"getDBRoleID");function br(t,e){if(t.startsWith(`role${C}`)&&(An(t)||e===sm.NAME)){let r=t.split(C);return r.shift(),r.join(C)}return t}s(br,"getExternalRoleID");function c_(t,e){return t&&(typeof t=="string"?br(t,e):t.map(r=>br(r,e)))}s(c_,"getExternalRoleIDs");var dm={};P(dm,{BUILDER:()=>D0,BUILTIN_PERMISSIONS:()=>pc,CREATOR:()=>R0,GLOBAL_BUILDER:()=>C0,PermissionImpl:()=>se,PermissionLevel:()=>Ci,PermissionType:()=>Vo,doesHaveBasePermission:()=>I0,getAllowedLevels:()=>p_,getBuiltinPermissionByID:()=>O0,getBuiltinPermissions:()=>_0,isPermissionLevelHigherThanRead:()=>w0,levelToNumber:()=>f_});var l_=B(require("lodash/flatten")),d_=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function f_(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(f_,"levelToNumber");function p_(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(p_,"getAllowedLevels");var pc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function _0(){return(0,d_.default)(pc)}s(_0,"getBuiltinPermissions");function O0(t){return Object.values(pc).find(r=>r._id===t)}s(O0,"getBuiltinPermissionByID");function I0(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(pc),o=(0,l_.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&p_(a.level).indexOf(e)!==-1)return!0;return!1}s(I0,"doesHaveBasePermission");function w0(t){return f_(t)>1}s(w0,"isPermissionLevelHigherThanRead");var D0="builder",R0="creator",C0="globalBuilder";var mm={};P(mm,{FlagSet:()=>hc,all:()=>N0,flags:()=>fm,getEnvFlags:()=>E_,init:()=>b0,isEnabled:()=>P0,parseEnvFlags:()=>Ec,shutdown:()=>x0,testutils:()=>pm});var gc=B(require("crypto")),m_=B(require("dd-trace")),h_=require("lodash"),g_=require("posthog-node");var mc;function b0(t){g.POSTHOG_TOKEN&&g.POSTHOG_API_HOST&&!g.SELF_HOSTED&&g.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),mc=new g_.PostHog(g.POSTHOG_TOKEN,{host:g.POSTHOG_API_HOST,personalApiKey:g.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:pe.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(b0,"init");function x0(){mc?.shutdown()}s(x0,"shutdown");function Ec(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(Ec,"parseEnvFlags");function E_(){return Ec(g.TENANT_FEATURE_FLAGS||"")}s(E_,"getEnvFlags");var hc=class{constructor(e){this.flagSchema=e;this.setId=gc.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,h_.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await m_.default.trace("features.fetch",async e=>{let r=Af(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=$(),a=new Set;if(eu())return i;for(let{tenantId:f,key:h,value:p}of E_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(h),!!this.isFlagName(h))){if(typeof i[h]!="boolean")throw new Error(`Feature: ${h} is not a boolean`);i[h]=p,n[`flags.${h}.source`]="environment"}let u=Wt(),c=u?._id;if(!c){let f=Tf();f&&(c=gc.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,mc&&c){n.readFromPostHog=!0;let f=await Ti(),h={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let S=await mc.getAllFlags(c,{personProperties:h,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[m,E]of Object.entries(S))if(this.isFlagName(m)){if(typeof E!="boolean"){console.warn(`Invalid value for posthog flag "${m}": ${E}`);continue}if(!(i[m]===!0||a.has(m)))try{i[m]=E,n[`flags.${m}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${m}": ${E}`,y)}}}let d=Of();for(let[f,h]of Object.entries(d))this.isFlagName(f)&&typeof h=="boolean"&&(i[f]=h,n[`flags.${f}.source`]="override");_f(this.setId,i);for(let[f,h]of Object.entries(i))n[`flags.${f}.value`]=h;return e?.addTags(n),i})}},v0={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!1,WORKSPACE_HOME:!1,DEBUG_UI:g.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1},fm=new hc(v0);async function P0(t){return await fm.isEnabled(t)}s(P0,"isEnabled");async function N0(){return await fm.fetch()}s(N0,"all");var pm={};P(pm,{setFeatureFlags:()=>y_,withFeatureFlags:()=>M0});function U0(){let t={};for(let{tenantId:e,key:r,value:n}of Ec(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(U0,"getCurrentFlags");function L0(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(L0,"buildFlagString");function y_(t,e){let r=U0();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=L0(r);return Is({TENANT_FEATURE_FLAGS:n})}s(y_,"setFeatureFlags");function M0(t,e,r){let n=y_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(M0,"withFeatureFlags");var Rm={};P(Rm,{adminOnly:()=>yc,auditLog:()=>Tc,authError:()=>Ie,buildAuthMiddleware:()=>SM,buildCsrfMiddleware:()=>_M,buildTenancyMiddleware:()=>AM,builderOnly:()=>Rc,builderOrAdmin:()=>Cc,google:()=>Xt,internalApi:()=>xc,joiValidator:()=>Lo,oidc:()=>er,passport:()=>OM,platformLogout:()=>CM,refreshOAuthToken:()=>DM,ssoCallbackUrl:()=>vr,updateUserOAuth:()=>RM,workspaceBuilderOrAdmin:()=>Nc});var Dm={};P(Dm,{activeTenant:()=>V_,adminOnly:()=>yc,auditLog:()=>Tc,authError:()=>Ie,authenticated:()=>Dc,builderOnly:()=>Rc,builderOrAdmin:()=>Cc,correlation:()=>S_,csp:()=>x_,csrf:()=>bc,datasource:()=>yM,errorHandling:()=>P_,featureFlagCookie:()=>N_,google:()=>Xt,internalApi:()=>xc,ip:()=>U_,joiValidator:()=>Lo,local:()=>Oi,oidc:()=>er,pino:()=>A_,querystringToBody:()=>G_,ssoCallbackUrl:()=>vr,tenancy:()=>Pc,workspaceBuilderOrAdmin:()=>Nc});var T_=require("uuid");var k0=require("correlation-id"),S_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,T_.v4)()),k0.withId(r,()=>e())},"correlationMiddleware");var F0=require("koa-pino-logger"),B0=require("correlation-id");function W0(){return{logger:Pu,genReqId:B0.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(W0,"pinoSettings");function $0(){return g.HTTP_LOGGING?F0(W0()):(t,e)=>e()}s($0,"getMiddleware");var A_=$0();var yc=s(async(t,e)=>(!t.internal&&!bt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var Tc=s(async(t,e)=>e(),"auditLog");var G0=/\/:(.*?)(\/.*)?$/g,_n=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(G0);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),On=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var Sm={};P(Sm,{SecretOption:()=>I_,decrypt:()=>Tm,decryptFile:()=>Y0,encrypt:()=>K0,encryptFile:()=>Q0,getSecret:()=>ym});var Zt=B(require("crypto")),xr=B(require("fs")),hm=require("path"),gm=B(require("zlib"));var Sc="aes-256-ctr",O_="-",V0=1e4,q0=32,Ac=16,Em=16,I_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(I_||{});function ym(t){let e,r;switch(t){case"encryption":e=g.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=g.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(ym,"getSecret");function _c(t,e){return Zt.default.pbkdf2Sync(t,new Uint8Array(e),V0,q0,"sha512")}s(_c,"stretchString");function K0(t,e="api"){let r=Zt.default.randomBytes(Ac),n=_c(ym(e),r),i=Zt.default.createCipheriv(Sc,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${O_}${u}`}s(K0,"encrypt");function Tm(t,e="api"){let[r,n]=t.split(O_),i=Buffer.from(r,"hex"),o=_c(ym(e),i),a=Zt.default.createDecipheriv(Sc,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(Tm,"decrypt");async function Q0({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,hm.join)(t,e);if(xr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=xr.default.createReadStream(i),a=xr.default.createWriteStream((0,hm.join)(t,n)),u=Zt.default.randomBytes(Ac),c=Zt.default.randomBytes(Em),l=_c(r,u),d=Zt.default.createCipheriv(Sc,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(gm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(Q0,"encryptFile");async function j0(t){let e=xr.default.createReadStream(t),r=await __(e,Ac),n=await __(e,Em);return e.close(),{salt:r,iv:n}}s(j0,"getSaltAndIV");async function Y0(t,e,r){if(xr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await j0(t),o=xr.default.createReadStream(t,{start:Ac+Em}),a=xr.default.createWriteStream(e),u=_c(r,n),c=Zt.default.createDecipheriv(Sc,new Uint8Array(u),new Uint8Array(i)),l=gm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",h=>{a.close(),f(h)}),c.on("error",h=>{a.close(),f(h)}),l.on("error",h=>{a.close(),f(h)}),a.on("error",h=>{a.close(),f(h)})})}s(Y0,"decryptFile");function __(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(__,"readBytes");var Am={};P(Am,{APIWarning:()=>In,FeatureDisabledWarning:()=>Ic,InvalidAPIKeyWarning:()=>_i,UsageLimitWarning:()=>Oc});var In=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},_i=class extends In{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},Oc=class extends In{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},Ic=class extends In{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var D_=B(require("dd-trace"));var z0=g.SESSION_UPDATE_PERIOD?parseInt(g.SESSION_UPDATE_PERIOD):60*1e3;function J0(){return new Date(Date.now()-z0).toISOString()}s(J0,"timeMinusOneMinute");function w_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(w_,"finalise");async function Z0(t,e){if(qs(t))return{valid:!0,user:void 0};let n=Tm(t).split(C)[0];return Ce(n,async()=>{let i;try{let o=H();i=await Vt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await Co({userId:i,tenantId:n,populateUser:e})};throw new _i})}s(Z0,"checkApiKey");function wc(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(wc,"getHeader");function Dc(t=[],e={publicAllowed:!1}){let r=t?_n(t):[];return async(n,i)=>{let o=!1,a=wc(n,"x-budibase-api-version");On(n,r)&&(o=!0);try{let c=wc(n,"x-budibase-token"),l=Kt(n,"budibase:auth")||yu(c),d=wc(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=wc(n,"x-budibase-tenant-id"),h=!1,p,S=!1,m;if(l&&!d){let y=l.sessionId,I=l.userId,O;try{O=await xp(I,y),e&&e.populateUser?p=await Co({userId:I,tenantId:O.tenantId,email:O.email,populateUser:e.populateUser(n)}):p=await Co({userId:I,tenantId:O.tenantId,email:O.email}),p.csrfToken=O.csrfToken,m="cookie",O?.lastAccessedAt<J0()&&await bp(O),h=!0}catch(w){h=!1,console.warn(`Auth Error: ${w.message}`),Tr(n,"budibase:auth")}}if(!h&&d){let y=e.populateUser?e.populateUser(n):null,{valid:I,user:O}=await Z0(d,y);I&&(h=!0,m="api_key",p=O,S=!O)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,h||(h=!1);let E=s(y=>y&&y.email,"isUser");return E(p)&&D_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),w_(n,{authenticated:h,user:p,internal:S,version:a,publicEndpoint:o,loginMethod:m}),E(p)?tf(p,n,i):i()}catch(c){if(console.warn(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Tr(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return w_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(Dc,"authenticated");async function Rc(t,e){if(t.internal)return e();let r=await on(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Builder user only endpoint."):r&&!Ai(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(Rc,"builderOnly");async function Cc(t,e){if(t.internal||bt(t.user))return e();let r=await on(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!Ai(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(Cc,"builderOrAdmin");var b_=B(require("crypto"));var R_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},C_=/^[A-Za-z0-9-*:/.]+$/,x_=s(async(t,e)=>{let r=b_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...R_};n["script-src"]=[...R_["script-src"],`'nonce-${r}'`];let i={"media-src":g.CUSTOM_CSP_MEDIA_SRC,"script-src":g.CUSTOM_CSP_SCRIPT_SRC,"connect-src":g.CUSTOM_CSP_CONNECT_SRC,"img-src":g.CUSTOM_CSP_IMG_SRC,"font-src":g.CUSTOM_CSP_FONT_SRC,"frame-src":g.CUSTOM_CSP_FRAME_SRC};for(let[u,c]of Object.entries(i))if(c){let l=c.split(",").map(d=>d.trim()).filter(d=>C_.test(d));n[u]=[...n[u]||[],...l]}if(t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let u=await Ls.getWorkspaceMetadata(t.appId);if("name"in u)for(let c of u.scripts||[]){let l=(c.cspWhitelist||"").split(`
|
|
37
|
+
`);for(let o of i.filter(a=>a))t.push(Xs.default.readFileSync(o))}return t.push(Xs.default.readFileSync(FS(WS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(Jv,"getLogReadStream");function Zv(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(Zv,"isPlainObject");function Xv(t){return t instanceof Error}s(Xv,"isError");function eP(t){return typeof t=="string"}s(eP,"isMessage");var _r;if(!g.DISABLE_PINO_LOGGER){let t=g.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>g.SELF_HOSTED?{service:g.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(g.isDev()?{stream:(0,qS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),g.SELF_HOSTED&&r.push({stream:lp(),level:t}),_r=r.length?(0,vu.default)(e,vu.default.multistream(r)):(0,vu.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(E=>{eP(E)&&(f=`${f} ${E}`.trimStart()),Zv(E)&&d.push(E),Xv(E)&&(l=E)});let h=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:h?._id,identityType:h?.type,correlationId:Jf()};let S=fp.default.scope().active();S&&fp.default.inject(S.context(),KS.formats.LOG,p);let m={err:l,pid:process.pid,...p};if(d.length){let E={},y=0;for(let I=0;I<d.length;I++){let O=d[I],w=O._logKey;w?(delete O._logKey,m[w]=O):(E[y]=O,y++)}Object.keys(E).length&&(m.data=E)}return[m,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);_r?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);_r?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);_r?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),_r?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);_r?.debug(l,d)};let i=s(()=>{let c;try{c=$()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=be()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=yf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Wt()}catch{}return c},"getIdentity")}var Pu=_r;var tP=["AccountError"];function rP(t){return t&&t.suppressAlert}s(rP,"isSuppressed");function cn(t,e){e&&tP.includes(e.name)&&rP(e)||console.error(`bb-alert: ${t}`,e)}s(cn,"logAlert");function nP(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,cn(t,n)}s(nP,"logAlertWithInfo");function li(t,e){console.warn(`bb-warn: ${t}`,e)}s(li,"logWarn");var Nu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},pp=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new Et(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Nu&&await u.discard(),cn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Le.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var iP=100,Uu,to=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new Et("docWritethroughQueue",{jobOptions:{attempts:iP}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=Re(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},hp=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await to.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function QS(){return Uu=new to().init(),Uu}s(QS,"init");function sP(){return Uu||QS()}s(sP,"getProcessor");var no={};P(no,{CacheKey:()=>ye,TTL:()=>fn,bustCache:()=>di,destroy:()=>ro,get:()=>pn,keys:()=>Lu,store:()=>Yt,withCache:()=>Or,withCacheWithDynamicTTL:()=>jS});function Ct(t){let e=$();return`${t}:${e}`}s(Ct,"generateTenantKey");var ln=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await Df()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?Ct(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[Ct(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(Ct(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?Ct(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var dn=new ln,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},fn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(fn||{}),Lu=s((...t)=>dn.keys(...t),"keys"),pn=s((...t)=>dn.get(...t),"get"),Yt=s((...t)=>dn.store(...t),"store"),ro=s((...t)=>dn.delete(...t),"destroy"),Or=s((...t)=>dn.withCache(...t),"withCache"),jS=s((...t)=>dn.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),di=s((...t)=>dn.bustCache(...t),"bustCache");var Sp={};P(Sp,{createCode:()=>pP,deleteCode:()=>hP,getCode:()=>mP,getExistingInvites:()=>Tp,getInviteCodes:()=>XS,updateCode:()=>fP});var hn={};P(hn,{AUTO_EXTEND_POLLING_MS:()=>zS,doWithLock:()=>io,newRedlock:()=>mn});var HS=B(require("redlock"));async function oP(t,e){if(t==="custom")return mn(e);switch(t){case"try_once":return mn(fi.TRY_ONCE);case"try_twice":return mn(fi.TRY_TWICE);case"default":return mn(fi.DEFAULT);case"delay_500":return mn(fi.DELAY_500);case"auto_extend":return mn(fi.AUTO_EXTEND);default:throw _t.unreachable(t)}}s(oP,"getClient");var fi={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function mn(t={}){let e={...fi.DEFAULT,...t},n=(await Cf()).client;return new HS.default([n],e)}s(mn,"newRedlock");function aP(t){let r=`lock:${t.systemLock?"system":$()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(aP,"getLockName");var zS=pe.fromSeconds(10).toMs();async function io(t,e){let r=await oP(t.type,t.customOptions),n,i;try{let o=aP(t),a=t.type==="auto_extend"?zS:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(io,"doWithLock");var Ep=pe.fromDays(7).toSeconds(),cP=pe.fromSeconds(10).toMs(),Mu="Invitation is not valid or has expired, please request a new one.";function JS(t,e){if(!t)return null;let r=t.tenantId||e;return r?{tenantId:r,invites:t.invites||{}}:null}s(JS,"normaliseInviteList");function lP(t){let e=!1,r=Date.now();for(let[n,i]of Object.entries(t.invites))(!i?.expiresAt||i.expiresAt<=r)&&(delete t.invites[n],e=!0);return{list:t,changed:e}}s(lP,"pruneExpiredInvites");async function yp(t){let r=await(await Ns()).get(t);return JS(r,t)}s(yp,"loadInviteList");async function so(t,e){await(await Ns()).store(t,e)}s(so,"saveInviteList");async function oo(t,e){let{result:r}=await io({type:"default",name:"process_user_invite",systemLock:!0,resource:t,ttl:cP},e);return r}s(oo,"withInviteListLock");function dP(t,e){return{code:t,email:e.email,info:e.info}}s(dP,"toInviteWithCode");async function ZS(t,e){let r=await Ns(),n=JS(await r.get(e),e);if(!n)throw new Error(Mu);if(!Object.keys(n.invites).includes(t))throw new Error(Mu);return{list:n,invite:n.invites[t]}}s(ZS,"findInviteInList");async function fP(t,e){let r=await ri();await r.exists(t)&&await r.store(t,e,Ep);let i={...e.info},o=i.tenantId||$();i.tenantId=o,await oo(o,async()=>{let a=await yp(o)||{tenantId:o,invites:{}};a.invites[t]={email:e.email,info:i,expiresAt:Date.now()+Ep*1e3},await so(o,a)})}s(fP,"updateCode");async function pP(t,e){let r=ee(),n={...e||{}},i=n.tenantId||$();return n.tenantId=i,await oo(i,async()=>{let o=await yp(i)||{tenantId:i,invites:{}};o.invites[r]={email:t,info:n,expiresAt:Date.now()+Ep*1e3},await so(i,o)}),r}s(pP,"createCode");async function mP(t,e){let n=await(await ri()).get(t);if(n)return n;let i=e||$();return await oo(i,async()=>{let o=await ZS(t,i),{list:a,invite:u}=o;if(u.expiresAt<=Date.now())throw delete a.invites[t],await so(a.tenantId,a),new Error(Mu);return{email:u.email,info:u.info}})}s(mP,"getCode");async function hP(t,e){await(await ri()).delete(t);let n=e||$();try{await oo(n,async()=>{let i=await ZS(t,n);delete i.list.invites[t],await so(i.list.tenantId,i.list)})}catch(i){if(i instanceof Error&&i.message===Mu)return;throw i}}s(hP,"deleteCode");async function XS(){let t=$(),e=await oo(t,async()=>{let o=await yp(t)||{tenantId:t,invites:{}},a=lP(o);return o=a.list,a.changed&&await so(t,o),o}),r=new Map;for(let[o,a]of Object.entries(e.invites))r.set(o,dP(o,a));let i=await(await ri()).scan();for(let o of i)o?.value?.info&&(g.MULTI_TENANCY&&o.value.info.tenantId!==t||r.has(o.key)||r.set(o.key,{...o.value,code:o.key}));return Array.from(r.values())}s(XS,"getInviteCodes");async function Tp(t){return(await XS()).filter(e=>t.includes(e.email))}s(Tp,"getExistingInvites");var Ap={};P(Ap,{createCode:()=>EP,getCode:()=>yP,invalidateCode:()=>TP});var gP=pe.fromHours(1).toSeconds();async function EP(t,e){let r=ee();return await(await Us()).store(r,{userId:t,info:e},gP),r}s(EP,"createCode");async function yP(t){let r=await(await Us()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(yP,"getCode");async function TP(t){await(await Us()).delete(t)}s(TP,"invalidateCode");var Rr={};P(Rr,{getUser:()=>Co,getUsers:()=>YL,invalidateUser:()=>bo});var ao={};P(ao,{getPlatformDB:()=>Ir,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>tA,addUser:()=>wP,getUserDoc:()=>eA,lookupTenantId:()=>SP,removeUser:()=>DP,updateUserDoc:()=>AP});function Ir(){return Re(fe.PLATFORM_INFO.name)}s(Ir,"getPlatformDB");async function SP(t){return g.MULTI_TENANCY?(await eA(t)).tenantId:ae}s(SP,"lookupTenantId");async function eA(t){return Ir().get(t)}s(eA,"getUserDoc");async function AP(t){await Ir().put(t)}s(AP,"updateUserDoc");function _P(t,e){return{_id:t,tenantId:e}}s(_P,"newUserIdDoc");function OP(t,e,r){return{_id:e,userId:t,tenantId:r}}s(OP,"newUserEmailDoc");function IP(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(IP,"newUserSsoIdDoc");async function _p(t,e){let r=Ir(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(_p,"addUserDoc");async function tA(t,e,r,n){return _p(t,()=>IP(t,e,r,n))}s(tA,"addSsoUser");async function wP(t,e,r,n){let i=[_p(e,()=>_P(e,t)),_p(r,()=>OP(e,r,t))];n&&i.push(tA(n,r,e,t)),await Promise.all(i)}s(wP,"addUser");async function DP(t){let e=Ir(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(DP,"removeUser");var gn={};P(gn,{getAccount:()=>wr,getAccountByTenantId:()=>pi,getStatus:()=>RP});var rA=B(require("node-fetch"));var uo=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Ys.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,rA.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var Op=new uo(g.INTERNAL_ACCOUNT_PORTAL_URL),Ip=g.SELF_HOSTED||g.DISABLE_ACCOUNT_PORTAL,wr=s(async t=>{if(Ip)return;let e={email:t},r=await Op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),pi=s(async t=>{if(Ip)return;let e={tenantId:t},r=await Op.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),RP=s(async()=>{if(Ip)return;let t=await Op.get("/api/status",{headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var yi={};P(yi,{UserDB:()=>xt,addAppBuilder:()=>qL,bulkGetGlobalUsersById:()=>oc,bulkUpdateGlobalUsers:()=>wo,cleanseUserObject:()=>Qp,creatorsInList:()=>Tn,doesUserExist:()=>BL,getAccountHolderFromUsers:()=>sc,getAllUserIds:()=>kL,getAllUsers:()=>FL,getById:()=>Sn,getCreatorCount:()=>GL,getExistingAccounts:()=>Ei,getExistingPlatformUsers:()=>qA,getExistingTenantUsers:()=>VA,getFirstPlatformUser:()=>Oo,getGlobalUserByAppPage:()=>JA,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>tc,getUserCount:()=>$L,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>jA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>QA,isAdminOrWorkspaceBuilder:()=>rc,isBuilder:()=>Ai,isCreatorAsync:()=>Io,isCreatorSync:()=>nc,isGlobalBuilder:()=>KA,paginatedUsers:()=>XA,removeAppBuilder:()=>KL,removePortalUserPermissions:()=>VL,searchExistingEmails:()=>$p,searchGlobalUsersByApp:()=>zA,searchGlobalUsersByAppAccess:()=>Kp,searchGlobalUsersByEmail:()=>ZA,validateUniqueUser:()=>ic});var Ku={};P(Ku,{ActiveContentFileError:()=>Bu,BadRequestError:()=>lo,BudibaseError:()=>co,EmailUnavailableError:()=>Ht,FeatureDisabledError:()=>Gu,ForbiddenError:()=>Wu,HTTPError:()=>ke,NotFoundError:()=>Fu,NotImplementedError:()=>$u,UnexpectedError:()=>ku,UsageLimitError:()=>Vu,getErrorMessage:()=>nA,getPublicError:()=>qu});var co=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}};function nA(t){if(t==null)return"No error provided.";if(t instanceof Error)return t.message;if(typeof t=="string")return t;if(typeof t=="object"&&"message"in t)return String(t.message);try{let r=JSON.stringify(t);if(r!=="{}")return r}catch{}let e=String(t);return e!=="[object Object]"?e:"An unknown error occurred"}s(nA,"getErrorMessage");var qu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),ke=class t extends co{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.message,o=u.status,a=u.error?.code}catch{}return new t(i,o,a)}},ku=class extends ke{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Fu=class extends ke{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},lo=class extends ke{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},Bu=class extends lo{static{s(this,"ActiveContentFileError")}constructor(e){super(`File "${e}" contains active content which is not permitted`)}},Wu=class extends ke{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},$u=class extends ke{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},Gu=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},Vu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Ht=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var Cp={};P(Cp,{PASSWORD_MAX_LENGTH:()=>Dp,PASSWORD_MIN_LENGTH:()=>wp,validatePassword:()=>Rp});var wp=+(g.PASSWORD_MIN_LENGTH||12),Dp=+(g.PASSWORD_MAX_LENGTH||512);function Rp(t){return!t||t.length<wp?{valid:!1,error:`Password invalid. Minimum ${wp} characters.`}:t.length>Dp?{valid:!1,error:`Password invalid. Maximum ${Dp} characters.`}:{valid:!0}}s(Rp,"validatePassword");var Qu={};P(Qu,{createASession:()=>CP,endSession:()=>bP,getSession:()=>xp,getSessionsForUser:()=>fo,invalidateSessions:()=>En,updateSessionTTL:()=>bp});var sA=require("uuid");var oA=g.SESSION_EXPIRY_SECONDS?parseInt(g.SESSION_EXPIRY_SECONDS):pe.fromDays(7).toSeconds();function mi(t,e){return`${t}/${e}`}s(mi,"makeSessionID");async function fo(t){return t?(await(await gr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(fo,"getSessionsForUser");async function En(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await fo(t)).map(a=>({key:mi(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:mi(t,o)}))),i&&i.length>0){let o=await gr(),a=[];for(let u of i)a.push(o.delete(u.key));g.isTest()||li(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(En,"invalidateSessions");async function CP(t,e){let r=await fo(t),n=0;if(r.length>=3){let l=r.sort((h,p)=>new Date(h.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(h=>h.sessionId);n=f.length,await En(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await gr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,sA.v4)(),u=mi(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,oA),{session:c,invalidatedSessionCount:n}}s(CP,"createASession");async function bp(t){let e=await gr(),r=mi(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,oA)}s(bp,"updateSessionTTL");async function bP(t,e){await(await gr()).delete(mi(t,e))}s(bP,"endSession");async function xp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await gr()).get(mi(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(xp,"getSession");var gi={};P(gi,{account:()=>yA,action:()=>TA,ai:()=>SA,analytics:()=>Yu,app:()=>AA,asyncEventQueue:()=>Tt,auditLog:()=>_A,auth:()=>ec,automation:()=>OA,backfill:()=>IA,backfillCache:()=>Ju,backup:()=>wA,datasource:()=>DA,email:()=>RA,environmentVariable:()=>CA,group:()=>bA,identification:()=>St,initAsyncEvents:()=>IL,installation:()=>Eo,layout:()=>xA,license:()=>vA,org:()=>PA,plugin:()=>NA,processors:()=>Mp,publishEvent:()=>A,query:()=>UA,resource:()=>LA,role:()=>_o,rowAction:()=>MA,rows:()=>kA,screen:()=>FA,serve:()=>BA,shutdown:()=>wL,table:()=>WA,user:()=>Be,view:()=>$A,workspace:()=>GA});var Yu={};P(Yu,{enabled:()=>ju});var ju=s(async()=>Hu(),"enabled");var Tt;function zu(){Tt=new Et("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(zu,"init");async function aA(){Tt&&await Tt.close()}s(aA,"shutdown");async function uA(t){Tt||zu();let{event:e,identity:r}=t;Qm.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(uA,"publishAsyncEvent");var Ju={};P(Ju,{end:()=>vP,isAlreadySent:()=>Np,isBackfillingEvent:()=>Pp,recordEvent:()=>vp,start:()=>xP});var xP=s(async t=>NP({eventWhitelist:t}),"start"),vp=s(async(t,e)=>{let r=Up(t,e);await Yt(r,e,void 0,{useTenancy:!1})},"recordEvent"),vP=s(async()=>{await UP(),await LP()},"end"),PP=s(async()=>pn(ye.BACKFILL_METADATA),"getBackfillMetadata"),NP=s(async t=>Yt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),UP=s(async()=>{await ro(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),LP=s(async()=>{let t=Up(),e=await Lu(t);for(let r of e)await ro(r,{useTenancy:!1})},"clearEvents"),Pp=s(async t=>{let r=(await PP())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),Np=s(async(t,e)=>{let r=Up(t,e);return!!await pn(r,{useTenancy:!1})},"isAlreadySent"),MP={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},Up=s((t,e)=>{let r,n=$();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=MP[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Mp={};P(Mp,{analyticsProcessor:()=>hA,init:()=>QP,processors:()=>Jt});var pA=require("posthog-node");var kP=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),FP=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var lA={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},dA=s(async t=>{if(!kP(t))return!1;let e=await BP(t);if(e){let r=new Date(e.timestamp);switch(lA[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await cA(t,{timestamp:Date.now()}),!1):!0}}else return await cA(t,{timestamp:Date.now()}),!1},"limited"),fA=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return FP(t)&&(e=e+":"+be()),e},"eventKey"),BP=s(async t=>{let e=fA(t);return await pn(e)},"readEvent"),cA=s(async(t,e)=>{let r=fA(t),n=lA[t],i;switch(n){case"calendarDay":i=86400}await Yt(r,e,i)},"recordEvent");var $P=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],po=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new pA.PostHog(e)}async processEvent(e,r,n,i){if($P.includes(e)||await dA(e))return;n=this.clearPIIProperties(n),n.version=g.VERSION,n.service=g.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=be();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var mA=po;var GP=["installation:version:upgraded","installation:version:downgraded"],VP=["installation","tenant"],mo=class{static{s(this,"AnalyticsProcessor")}constructor(){g.POSTHOG_TOKEN&&!g.isTest()&&(this.posthog=new mA(g.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!GP.includes(e)&&!await ju()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!VP.includes(e.type)&&!await ju()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Lp=g.SELF_HOSTED&&!g.isDev(),ho=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Lp||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Lp||console.log("[audit] identified",e)}async identifyGroup(e){Lp||console.log("[audit] group identified",e)}async shutdown(){}};var hi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new Et("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Ce(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};g.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Gf(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:be(),hostInfo:r.hostInfo},tenantId:$()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var go=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var hA=new mo,qP=new ho,KP=new hi;function QP(t){return hi.init(t)}s(QP,"init");var Jt=new go([hA,qP,KP]);var Zu={};P(Zu,{checkInstallVersion:()=>HP,getInstall:()=>yo,getInstallFromDB:()=>Fp});var kp=B(require("semver"));var yo=s(async()=>Or(ye.INSTALLATION,86400,Fp,{useTenancy:!1}),"getInstall");async function jP(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:g.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return Fp();throw r}}s(jP,"createInstallDoc");var Fp=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await jP(t);else throw r}return e}),"getInstallFromDB"),YP=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await yo();r.version=t,await e.put(r),await di(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),HP=s(async()=>{let t=await yo(),e=t.version,r=g.VERSION;try{if(e!==r){let n=kp.default.gt(r,e),i=kp.default.lt(r,e);await YP(r)&&(await Ds({_id:t.installId,type:"installation"},async()=>{n?await Eo.upgraded(e,r):i&&await Eo.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?cn(`Invalid version "${r}" - is it semver?`):cn("Failed to retrieve version",n)}},"checkInstallVersion");var zP=s(async()=>{let t=Xd(),e=Ao(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await yn(),i=To();return{id:gA(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await yn(),i=await Xu($()),o=To();return{id:gA(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:$(),environment:e}}else if(r==="user"){let n=t,i=await Xu($()),o=await yn(),a=n.account,u;return a?u=a.hosting:u=To(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:$(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),JP=s(async(t,e)=>{let r=t,n="installation",i=To(),o=g.VERSION,a=Ao(),u={id:r,type:n,hosting:i,version:o,environment:a};await Bp(u,e),await So({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),ZP=s(async(t,e,r,n=g.VERSION)=>{let i=await Xu(t),o="tenant",a=await yn(),u=Ao(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await Bp(c,r),await So({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),XP=s(async(t,e,r)=>{let n=t._id,i=await Xu(t.tenantId),o="user",a=Fe(t),u=Dr(t),c;Qo(t)&&(c=t.providerType);let d=(await Ei([t.email])).length>0,f=!!e&&d&&e.verified,h=await yn(),p=e?e.hosting:To(),S=Ao();await So({id:n,type:o,hosting:p,installationId:h,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:S},r)},"identifyUser"),eN=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Ko(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await yn(),l=Ao();if(qo(t)){let f=await At(t.email);f?._id&&(e=f._id)}await So({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),So=s(async(t,e)=>{await Jt.identify(t,e)},"identify"),Bp=s(async(t,e)=>{await Jt.identifyGroup(t,e)},"identifyGroup"),Ao=s(()=>g.isDev()?"development":g.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),To=s(()=>g.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),yn=s(async()=>tN()?"account-portal":(await yo()).installId,"getInstallationId"),Xu=s(async t=>g.SELF_HOSTED?EA(t):t,"getEventTenantId"),EA=s(async t=>Ce(t,()=>Or(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=H(),r=await Ti(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=g.VERSION,await e.put(r),n)})),"getUniqueTenantId"),tN=s(()=>g.SERVICE==="account-portal","isAccountPortal"),gA=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:zP,identifyInstallationGroup:JP,identifyTenantGroup:ZP,identifyUser:XP,identifyAccount:eN,identify:So,identifyGroup:Bp,getInstallationId:yn,getUniqueTenantId:EA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Pp(t))){await uA({event:t,identity:i,properties:e,timestamp:r}),await Jt.processEvent(t,i,e,r);return}await Np(t,e)||(await Jt.processEvent(t,i,e,r),await vp(t,e))},"publishEvent");async function rN(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(rN,"created");async function nN(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(nN,"deleted");async function iN(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(iN,"verified");var yA={created:rN,deleted:nN,verified:iN};async function sN(t,e){console.info("action:automation_step:executed",`disabled. Action step ${t.stepId} not published at ${e}`)}s(sN,"automationStepExecuted");async function oN(t,e){console.info("action:automation_step:executed",`disabled. Action type ${t.type} not published at ${e}`)}s(oN,"crudExecuted");async function aN(t,e){console.info("action:automation_step:executed",`disabled. Execution for ai agent ${t.agentId} not published at ${e}`)}s(aN,"aiAgentExecuted");var TA={aiAgentExecuted:aN,automationStepExecuted:sN,crudExecuted:oN};async function uN(t){let e={};await A("ai:config:created",e,t)}s(uN,"AIConfigCreated");async function cN(){let t={};await A("ai:config:updated",t)}s(cN,"AIConfigUpdated");var SA={AIConfigCreated:uN,AIConfigUpdated:cN};var lN=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function dN(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(dN,"updated");async function fN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(fN,"deleted");async function pN(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(pN,"published");async function mN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(mN,"unpublished");async function hN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(hN,"fileImported");async function gN(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(gN,"duplicated");async function EN(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(EN,"templateImported");async function yN(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(yN,"versionUpdated");async function TN(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(TN,"versionReverted");async function SN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(SN,"reverted");async function AN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(AN,"exported");var AA={created:lN,updated:dN,deleted:fN,published:pN,unpublished:mN,fileImported:hN,duplicated:gN,templateImported:EN,versionUpdated:yN,versionReverted:TN,reverted:SN,exported:AN};async function _N(t){let e={filters:t};await A("audit_log:filtered",e)}s(_N,"filtered");async function ON(t){let e={filters:t};await A("audit_log:downloaded",e)}s(ON,"downloaded");var _A={filtered:_N,downloaded:ON};async function IN(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(IN,"login");async function wN(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(wN,"logout");async function DN(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(DN,"SSOCreated");async function RN(t){let e={type:t};await A("auth:sso:updated",e)}s(RN,"SSOUpdated");async function CN(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(CN,"SSOActivated");async function bN(t){let e={type:t};await A("auth:sso:deactivated",e)}s(bN,"SSODeactivated");var ec={login:IN,logout:wN,SSOCreated:DN,SSOUpdated:RN,SSOActivated:CN,SSODeactivated:bN};async function xN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(xN,"created");async function vN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(vN,"triggerUpdated");async function PN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(PN,"deleted");async function NN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(NN,"tested");var UN=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function LN(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(LN,"stepCreated");async function MN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(MN,"stepDeleted");var OA={created:xN,triggerUpdated:vN,deleted:PN,tested:NN,run:UN,stepCreated:LN,stepDeleted:MN};var Si=!g.SELF_HOSTED&&!g.isDev();async function kN(t){Si||await A("app:backfill:succeeded",t)}s(kN,"appSucceeded");async function FN(t){if(Si)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(FN,"appFailed");async function BN(t){Si||await A("tenant:backfill:succeeded",t)}s(BN,"tenantSucceeded");async function WN(t){if(Si)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(WN,"tenantFailed");async function $N(){if(Si)return;let t={};await A("installation:backfill:succeeded",t)}s($N,"installationSucceeded");async function GN(t){if(Si)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(GN,"installationFailed");var IA={appSucceeded:kN,appFailed:FN,tenantSucceeded:BN,tenantFailed:WN,installationSucceeded:$N,installationFailed:GN};async function VN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(VN,"appBackupRestored");async function qN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(qN,"appBackupTriggered");var wA={appBackupRestored:VN,appBackupTriggered:qN};function Wp(t){return!Object.values(Wo).includes(t.source)}s(Wp,"isCustom");async function KN(t,e){let r={datasourceId:t._id,source:t.source,custom:Wp(t)};await A("datasource:created",r,e)}s(KN,"created");async function QN(t){let e={datasourceId:t._id,source:t.source,custom:Wp(t)};await A("datasource:updated",e)}s(QN,"updated");async function jN(t){let e={datasourceId:t._id,source:t.source,custom:Wp(t)};await A("datasource:deleted",e)}s(jN,"deleted");var DA={created:KN,updated:QN,deleted:jN};async function YN(t){let e={};await A("email:smtp:created",e,t)}s(YN,"SMTPCreated");async function HN(){let t={};await A("email:smtp:updated",t)}s(HN,"SMTPUpdated");var RA={SMTPCreated:YN,SMTPUpdated:HN};async function zN(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(zN,"created");async function JN(t){let e={name:t};await A("environment_variable:deleted",e)}s(JN,"deleted");async function ZN(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(ZN,"upgradePanelOpened");var CA={created:zN,deleted:JN,upgradePanelOpened:ZN};async function XN(t,e){let r={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:created",r,e)}s(XN,"created");async function eU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:updated",e)}s(eU,"updated");async function tU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:deleted",e)}s(tU,"deleted");async function rU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:user_added",n)}s(rU,"usersAdded");async function nU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(nU,"usersDeleted");async function iU(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(iU,"createdOnboarding");async function sU(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(sU,"permissionsEdited");var bA={created:XN,updated:eU,deleted:tU,usersAdded:rU,usersDeleted:nU,createdOnboarding:iU,permissionsEdited:sU};async function oU(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(oU,"versionChecked");async function aU(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(aU,"upgraded");async function uU(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(uU,"downgraded");async function cU(){let t={};await A("installation:firstStartup",t)}s(cU,"firstStartup");var Eo={versionChecked:oU,upgraded:aU,downgraded:uU,firstStartup:cU};async function lU(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(lU,"created");async function dU(t){let e={layoutId:t};await A("layout:deleted",e)}s(dU,"deleted");var xA={created:lU,deleted:dU};async function fU(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(fU,"planChanged");async function pU(t){let e={accountId:t.accountId};await A("license:activated",e)}s(pU,"activated");async function mU(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(mU,"checkoutOpened");async function hU(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(hU,"checkoutSuccess");async function gU(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(gU,"portalOpened");async function EU(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(EU,"paymentFailed");async function yU(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(yU,"paymentRecovered");var vA={planChanged:fU,activated:pU,checkoutOpened:mU,checkoutSuccess:hU,portalOpened:gU,paymentFailed:EU,paymentRecovered:yU};async function TU(t){let e={};await A("org:info:name:updated",e,t)}s(TU,"nameUpdated");async function SU(t){let e={};await A("org:info:logo:updated",e,t)}s(SU,"logoUpdated");async function AU(t){let e={};await A("org:platformurl:updated",e,t)}s(AU,"platformURLUpdated");async function _U(){let t={};await A("analytics:opt:out",t)}s(_U,"analyticsOptOut");async function OU(){let t={};await A("analytics:opt:out",t)}s(OU,"analyticsOptIn");var PA={nameUpdated:TU,logoUpdated:SU,platformURLUpdated:AU,analyticsOptOut:_U,analyticsOptIn:OU};async function IU(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(IU,"init");async function wU(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(wU,"imported");async function DU(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(DU,"deleted");var NA={init:IU,imported:wU,deleted:DU};var RU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),CU=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),bU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),xU=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),vU=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),PU=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),UA={created:RU,updated:CU,deleted:bU,imported:xU,run:vU,previewed:PU};async function NU({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(NU,"duplicatedToWorkspace");var LA={duplicatedToWorkspace:NU};async function UU(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(UU,"created");async function LU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(LU,"updated");async function MU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(MU,"deleted");async function kU(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(kU,"assigned");async function FU(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(FU,"unassigned");var _o={created:UU,updated:LU,deleted:MU,assigned:kU,unassigned:FU};async function BU(t,e){await A("row_action:created",t,e)}s(BU,"created");var MA={created:BU};var WU=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),$U=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),kA={created:WU,imported:$U};async function GU(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(GU,"created");async function VU(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(VU,"deleted");var FA={created:GU,deleted:VU};async function qU(t){let e={timezone:t};await A("served:builder",e)}s(qU,"servedBuilder");async function KU(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(KU,"servedApp");async function QU(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(QU,"servedAppPreview");var BA={servedBuilder:qU,servedApp:KU,servedAppPreview:QU};async function jU(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(jU,"created");async function YU(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(YU,"updated");async function HU(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(HU,"deleted");async function zU(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(zU,"exported");async function JU(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(JU,"imported");var WA={created:jU,updated:YU,deleted:HU,exported:zU,imported:JU};async function ZU(t,e){let r={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:created",r,e)}s(ZU,"created");async function XU(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:updated",e)}s(XU,"updated");async function eL(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:deleted",e)}s(eL,"deleted");async function tL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(tL,"permissionAdminAssigned");async function rL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(rL,"permissionAdminRemoved");async function nL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(nL,"permissionBuilderAssigned");async function iL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(iL,"permissionBuilderRemoved");async function sL(t){let e={audited:{email:t}};await A("user:invited",e)}s(sL,"invited");async function oL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(oL,"inviteAccepted");async function aL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(aL,"passwordForceReset");async function uL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(uL,"passwordUpdated");async function cL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(cL,"passwordResetRequested");async function lL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(lL,"passwordReset");async function dL(t){let e={users:t};await A("user:data:collaboration",e)}s(dL,"dataCollaboration");var Be={created:ZU,updated:XU,deleted:eL,permissionAdminAssigned:tL,permissionAdminRemoved:rL,permissionBuilderAssigned:nL,permissionBuilderRemoved:iL,invited:sL,inviteAccepted:oL,passwordForceReset:aL,passwordUpdated:uL,passwordResetRequested:cL,passwordReset:lL,dataCollaboration:dL};async function fL(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(fL,"created");async function pL(t){let e={tableId:t.tableId};await A("view:updated",e)}s(pL,"updated");async function mL(t,e){let r={...Le.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(mL,"deleted");async function hL(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(hL,"exported");async function gL({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(gL,"filterCreated");async function EL({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(EL,"filterUpdated");async function yL(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(yL,"filterDeleted");async function TL({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(TL,"calculationCreated");async function SL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(SL,"calculationUpdated");async function AL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(AL,"calculationDeleted");async function _L(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(_L,"viewJoinCreated");var $A={created:fL,updated:pL,deleted:mL,exported:hL,filterCreated:gL,filterUpdated:EL,filterDeleted:yL,calculationCreated:TL,calculationUpdated:SL,calculationDeleted:AL,viewJoinCreated:_L};async function OL(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(OL,"deleted");var GA={deleted:OL};function IL(){}s(IL,"initAsyncEvents");var wL=s(async()=>{await Jt.shutdown(),console.log("Events shutdown")},"shutdown");var Gp={};P(Gp,{creatorsInList:()=>Tn,getAccountHolderFromUsers:()=>sc,hasAdminPermissions:()=>Dr,hasAppBuilderPermissions:()=>jA,hasBuilderPermissions:()=>Fe,isAdmin:()=>bt,isAdminOrBuilder:()=>QA,isAdminOrWorkspaceBuilder:()=>rc,isBuilder:()=>Ai,isCreatorAsync:()=>Io,isCreatorSync:()=>nc,isGlobalBuilder:()=>KA,validateUniqueUser:()=>ic});async function $p(t){let e=[],r=await VA(t);e.push(...r.map(a=>a.email));let n=await qA(t);e.push(...n.map(a=>a._id));let i=await Ei(t);e.push(...i.map(a=>a.email));let o=await Tp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s($p,"searchExistingEmails");async function tc(t){return await Bs("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(tc,"getPlatformUsers");async function Oo(t){return(await tc(t))[0]??null}s(Oo,"getFirstPlatformUser");async function VA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Vt("by_email2",r,void 0,n)}s(VA,"getExistingTenantUsers");async function qA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Bs("platform_users_lowercase_2",r)}s(qA,"getExistingPlatformUsers");async function Ei(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Bs("account_by_email",r)}s(Ei,"getExistingAccounts");var Ai=Me.users.isBuilder,bt=Me.users.isAdmin,KA=Me.users.isGlobalBuilder,QA=Me.users.isAdminOrBuilder,Dr=Me.users.hasAdminPermissions,Fe=Me.users.hasBuilderPermissions,jA=Me.users.hasAppBuilderPermissions,rc=Me.users.isAdminOrWorkspaceBuilder;async function Tn(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await H().getMultiple(r,{allowMissing:!0}),t.map(i=>nc(i,e))}s(Tn,"creatorsInList");async function Io(t){let e=[];return t.userGroups&&(e=await H().getMultiple(t.userGroups)),nc(t,e)}s(Io,"isCreatorAsync");function nc(t,e){let r=Me.users.isCreator(t);return!r&&t?DL(t,e):r}s(nc,"isCreatorSync");function DL(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(DL,"isCreatorByGroupMembership");async function ic(t,e){if(g.MULTI_TENANCY){let r=await Oo(t);if(r!=null&&r.tenantId!==e)throw new Ht(t)}if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let r=await wr(t);if(r&&r.verified&&r.tenantId!==e)throw new Ht(t)}}s(ic,"validateUniqueUser");async function sc(t){if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let e=await Ei(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(sc,"getAccountHolderFromUsers");var Vp=s(async t=>{await Be.deleted(t),Fe(t)&&await Be.permissionBuilderRemoved(t),Dr(t)&&await Be.permissionAdminRemoved(t)},"handleDeleteEvents"),RL=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await _o.assigned(t,i)},"assignAppRoleEvents"),CL=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await _o.unassigned(t,i)},"unassignAppRoleEvents"),bL=s(async(t,e)=>{let r=t.roles,n=e?.roles;await RL(t,r,n),await CL(t,r,n)},"handleAppRoleEvents"),qp=s(async(t,e)=>{let r=$(),n;!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL&&(n=await pi(r)),await St.identifyUser(t,n),e?(await Be.updated(t),vL(t,e)&&await Be.permissionBuilderRemoved(t),NL(t,e)&&await Be.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Be.passwordForceReset(t),t.password!==e.password&&await Be.passwordUpdated(t)):await Be.created(t),xL(t,e)&&await Be.permissionBuilderAssigned(t),PL(t,e)&&await Be.permissionAdminAssigned(t),await bL(t,e)},"handleSaveEvents"),xL=s((t,e)=>YA(t,e,Fe),"isAddingBuilder"),vL=s((t,e)=>HA(t,e,Fe),"isRemovingBuilder"),PL=s((t,e)=>YA(t,e,Dr),"isAddingAdmin"),NL=s((t,e)=>HA(t,e,Dr),"isRemovingAdmin"),YA=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),HA=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var LL=s(async t=>{let e=t._id;await yt.removeUser(t),await Vp(t),await Rr.invalidateUser(e),await En(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),xt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return g.ENABLE_SSO_MAINTENANCE_MODE&&bt(e)?!1:await t.features.isSSOEnforced()||Qo(e)?!0:(r||(r=await pi($())),!!(r&&r.email===e.email&&Ko(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new ke("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Rp(a);if(!f.valid)throw new ke(f.error,400)}c=r.hashPassword?await Jd(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ni();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await H().allDocs(nn(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByWorkspace(e){if(typeof e!="string"||!e)throw new Error("Must provide a string based workspace ID");return{userCount:(await Ws("by_app",ii(e,{include_docs:!1}))).rows.length}}static async getUsersByAppAccess(e){return await Kp(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await Sn(e);return r&&delete r.password,r}static async bulkGet(e){return await oc(e)}static async bulkUpdate(e){return await wo(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=$(),i=H(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await Sn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(m){if(m.status!==404)throw m}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Ht(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[m,E]=await Tn([l,e]);f=m!==E?1:0}let h=!l,p=!!l&&!!o&&l.email!==o,S=!r.isAccountHolder&&!!o&&(h||p);return t.quotas.addUsers(d,f,async()=>{S&&await ic(o,n);let m=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(m=Qp(m,l)),!l&&c?.length&&(m.roles={...c});let E=[];if(!a&&u.length>0)for(let y of u)E.push(t.groups.addUsers(y,[m._id]));try{let y=await i.put(m);return m._rev=y.rev,await qp(m,l),l&&m.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,m._id,m.email,m.ssoId),await Rr.invalidateUser(y.id),await Promise.all(E),i.get(m._id)}catch(y){throw y.status===409?"User exists already":y}})}static async bulkCreate(e,r){let n=$(),i=[],o=[],a=[],u=e.map(h=>h.email),c=await $p(u),l=[];for(let h of e){let p=o.find(m=>m.email.toLowerCase()===h.email.toLowerCase()),S=c.includes(h.email.toLowerCase());if(p||S){l.push({email:h.email,reason:"Unavailable"});continue}h.userGroups=r||[],o.push(h),await Io(h)&&a.push(h)}let d=await pi(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let S of o)f&&delete S.password,i.push(t.buildUser(S,{hashPassword:!0,requirePassword:!f},n,void 0,d));let h=await Promise.all(i);await wo(h);for(let S of h)await yt.addUser(n,S._id,S.email),await qp(S,void 0);let p=h.map(S=>({_id:S._id,email:S.email}));if(Array.isArray(p)&&r){let S=[],m=p.map(E=>E._id);for(let E of r)S.push(t.groups.addUsers(E,m));await Promise.all(S)}return{successful:p,unsuccessful:l}})}static async bulkDelete(e){let r=H(),n={successful:[],unsuccessful:[]},i=await sc(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await wo(u),d=(await Tn(a)).filter(p=>p).length,f=[];for(let p of a){let m=(await Oo(p._id)).ssoId;m&&(await tc(m)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await LL(p)}await Ir().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let h={};return a.reduce((p,S)=>(p[S._id]=S,p),h),c.forEach(p=>{let S=h[p.id].email;p.ok?n.successful.push({_id:p.id,email:S}):n.unsuccessful.push({_id:p.id,email:S,reason:"Database error"})}),n}static async destroy(e){let r=H(),n=await r.get(e),i=n._id;if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await wr(a))throw n.userId===Wt()._id?new ke('Please visit "Account" to delete this user',400):new ke("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await Io(n)?1:0;await t.quotas.removeUsers(1,o),await Vp(n),await Rr.invalidateUser(i),await En(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await di(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Ro(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Ro,"removeUserPassword");async function oc(t,e){let n=(await H().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Ro(n)),n}s(oc,"bulkGetGlobalUsersById");async function kL(){let t=H(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Ne}`})).rows.map(n=>n.id)}s(kL,"getAllUserIds");async function FL(){let t=H(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Ne}`,include_docs:!0})).rows.map(n=>n.doc)}s(FL,"getAllUsers");async function wo(t){return await H().bulkDocs(t)}s(wo,"bulkUpdateGlobalUsers");async function Sn(t,e){let n=await H().get(t);return e?.cleanup&&(n=Ro(n)),n}s(Sn,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Vt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Ro(n)),n}s(At,"getGlobalUserByEmail");async function BL(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(BL,"doesUserExist");async function zA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=ii(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Vt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Ro(o)),o}s(zA,"searchGlobalUsersByApp");async function Kp(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await H().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(Kp,"searchGlobalUsersByAppAccess");function JA(t,e){if(e)return hu(Ye(t),e._id)}s(JA,"getGlobalUserByAppPage");async function ZA(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Vt("by_email2",{...e,startkey:i,endkey:`${n}${Ne}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Ro(a)),a}s(ZA,"searchGlobalUsersByEmail");var WL=8;async function XA({bookmark:t,query:e,appId:r,limit:n}={}){let i=H(),o=n??WL,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await Sn(e.equal._id)]:r?(c=await zA(r,u),d=s(f=>JA(r,f),"getKey")):e?.string?.email?(c=await ZA(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await oc(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(nn(null,{...u,limit:void 0}))).rows.map(h=>h.doc),c=fr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(nn(null,u))).rows.map(h=>h.doc),Uf(c,o,{paginate:!0,property:l,getKey:d})}s(XA,"paginatedUsers");async function $L(){return(await Ws("by_email2",{limit:0,include_docs:!1})).total_rows}s($L,"getUserCount");async function GL(){let t=0;async function e(r){let n=await XA({bookmark:r}),i=await Tn(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(GL,"getCreatorCount");function VL(t){return delete t.admin,delete t.builder,t}s(VL,"removePortalUserPermissions");function Qp(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(Qp,"cleanseUserObject");async function qL(t,e){let r=Ye(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await xt.save(t,{hashPassword:!1})}s(qL,"addAppBuilder");async function KL(t,e){let r=Ye(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await xt.save(t,{hashPassword:!1})}s(KL,"removeAppBuilder");var e_=3600;async function QL(t,e){let n=await Bf(e).get(t);if(n.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let i=await wr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(QL,"populateFromDB");async function jL(t){let e=await xt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let o=await wr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(jL,"populateUsersFromDB");async function Co({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=QL),!e)try{e=$()}catch{e=await yt.lookupTenantId(t)}let i=await Ps(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,e_)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Me.users.isGlobalBuilder(o)&&await Ce(e,async()=>{let a=await xt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(Co,"getUser");async function YL(t){let e=await Ps(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await jL(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,e_);i.push(...a.users)}return{users:i,notFoundIds:o}}s(YL,"getUsers");async function bo(t){await(await Ps()).delete(t)}s(bo,"invalidateUser");var zp={};P(zp,{Writethrough:()=>Yp});var t_=1e4,jp=null;async function ac(){if(!jp){let t=await Rf();jp=new ln(t)}return jp}s(ac,"getCache");function xo(t,e){return t.name+e}s(xo,"makeCacheKey");function Hp(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(Hp,"makeCacheItem");async function HL(t,e,r=t_){let n=await ac(),i=e._id,o;i&&(o=await n.get(xo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await io({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;li("Ignoring conflict in write-through cache")}})).executed||li("Ignoring redlock conflict in write-through cache")),o=Hp(u,a?null:o?.lastWrite),u._id&&await n.store(xo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(HL,"put");async function zL(t,e){let r=await ac(),n=xo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=Hp(o),await r.store(n,i)}return i.doc}s(zL,"get");async function JL(t,e){let r=await ac(),n=xo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=Hp(o),await r.store(n,i)}return i.doc}s(JL,"tryGet");async function ZL(t,e,r){let n=await ac();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(xo(t,i))}finally{await t.remove(i,r)}}s(ZL,"remove");var Yp=class{static{s(this,"Writethrough")}constructor(e,r=t_){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return HL(this.db,e,r)}async get(e){return zL(this.db,e)}async tryGet(e){return JL(this.db,e)}async remove(e,r){return ZL(this.db,e,r)}};function vo(t){return`config${C}${t}`}s(vo,"generateConfigID");var uc="en";function XL(){return{_id:vo("translations"),type:"translations",config:{defaultLocale:uc,locales:{[uc]:{label:"English",overrides:{}}}}}}s(XL,"createDefaultTranslationsConfig");function e0(t){let e=t?.defaultLocale||uc,r={...t?.locales??{}};r[e]||(r[e]={label:e===uc?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s(e0,"prepareTranslationsConfig");async function ve(t){let e=H();try{return await e.get(vo(t))}catch(r){if(r.status===404)return;throw r}}s(ve,"getConfig");async function t0(t){return t._id||(t._id=vo(t.type)),H().put(t)}s(t0,"save");async function r_(){let t=await ve("translations");return t?(t.config=e0(t.config),t):XL()}s(r_,"getTranslationsConfigDoc");async function r0(){return(await r_()).config}s(r0,"getTranslationsConfig");async function Ti(){let t=await ve("settings");return t||(t={_id:vo("settings"),type:"settings",config:{}}),t.config.platformUrl=await Po({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await Hu({config:t.config}),t}s(Ti,"getSettingsConfigDoc");async function Zp(){return(await Ti()).config}s(Zp,"getSettingsConfig");async function Po(t={tenantAware:!0}){let e=g.PLATFORM_URL||"http://localhost:10000";if(!g.SELF_HOSTED&&g.MULTI_TENANCY&&t.tenantAware){let r=$();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(g.SELF_HOSTED){let r=t?.config?t.config:(await ve("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(Po,"getPlatformUrl");var Hu=s(async t=>{if(!g.SELF_HOSTED)return!!g.ENABLE_ANALYTICS;let e=await Or(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await ve("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=g.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function n0(){return await ve("google")}s(n0,"getGoogleConfigDoc");async function lc(){return(await n0())?.config}s(lc,"getGoogleConfig");async function Xp(){if(!g.SELF_HOSTED)return Jp();let t=await lc();return(!t||!t.activated)&&(t=Jp()),t}s(Xp,"getGoogleDatasourceConfig");function Jp(){if(g.GOOGLE_CLIENT_ID&&g.GOOGLE_CLIENT_SECRET)return{clientID:g.GOOGLE_CLIENT_ID,clientSecret:g.GOOGLE_CLIENT_SECRET,activated:!0}}s(Jp,"getDefaultGoogleConfig");async function i0(){return ve("logos_oidc")}s(i0,"getOIDCLogosDoc");async function s0(){return ve("oidc")}s(s0,"getOIDCConfigDoc");async function o0(){let t=(await s0())?.config;return t?.configs&&t.configs[0]}s(o0,"getOIDCConfig");async function em(t){let e=(await ve("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(em,"getOIDCConfigById");async function n_(){return ve("smtp")}s(n_,"getSMTPConfigDoc");async function a0(t){let e=await n_();if(e)return e.config;let r=g.SELF_HOSTED||!t;if(g.SMTP_FALLBACK_ENABLED&&r)return{port:g.SMTP_PORT,host:g.SMTP_HOST,secure:!1,from:g.SMTP_FROM_ADDRESS,auth:{user:g.SMTP_USER,pass:g.SMTP_PASSWORD},fallback:!0}}s(a0,"getSMTPConfig");async function u0(){return(await ve("scim"))?.config}s(u0,"getSCIMConfig");async function c0(){return ve("ai")}s(c0,"getAIConfig");async function l0(){return ve("recaptcha")}s(l0,"getRecaptchaConfig");var lm={};P(lm,{AccessController:()=>nm,BUILTIN_ROLE_IDS:()=>im,Role:()=>Cr,RoleHierarchyTraversal:()=>dc,RoleIDVersion:()=>sm,builtinRoleToNumber:()=>No,checkForRoleResourceArray:()=>a_,externalRole:()=>g0,findRole:()=>Uo,getAllRoleIds:()=>S0,getAllRoles:()=>cm,getBuiltinRole:()=>s_,getBuiltinRoles:()=>am,getDBRoleID:()=>u_,getExternalRoleID:()=>br,getExternalRoleIDs:()=>c_,getRole:()=>E0,getUserRoleHierarchy:()=>um,getUserRoleIdHierarchy:()=>o_,isBuiltin:()=>An,lowerBuiltinRoleID:()=>h0,prefixRoleIDNoBuiltin:()=>rm,roleIDsAreEqual:()=>ot,roleToNumber:()=>m0,saveRoles:()=>y0,validInherits:()=>p0});var i_=require("lodash"),fc=B(require("lodash/fp/cloneDeep")),tm=B(require("semver"));var im={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...im,BUILDER:"BUILDER"},sm={UUID:void 0,NAME:"name"};function f0(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(f0,"rolesInList");var Cr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=sm.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=rm(e):e&&Array.isArray(e)&&(e=e.map(rm)),this.inherits=e,this}},dc=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Uo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!f0(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Uo(a.inherits,n,r),a&&i.push(a),Le.roles.checkForRoleInheritanceLoops(i))break}}return(0,i_.uniqBy)(i,o=>o._id)}},om={ADMIN:new Cr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"Admin user",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new Cr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new Cr(ie.BASIC,ie.BASIC,"write",{displayName:"Basic user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new Cr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Cr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function am(){return(0,fc.default)(om)}s(am,"getBuiltinRoles");function An(t){return Object.values(im).includes(t)}s(An,"isBuiltin");function rm(t){return An(t)?t:$t(t)}s(rm,"prefixRoleIDNoBuiltin");function s_(t){let e=Object.values(om).find(r=>t.includes(r._id));if(e)return(0,fc.default)(e)}s(s_,"getBuiltinRole");function p0(t,e){if(!e)return!1;let r=s(n=>t.find(i=>ot(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(p0,"validInherits");function No(t){let e=am(),r=Object.values(e).length+1;if(ot(t,ie.ADMIN)||ot(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(No,"builtinRoleToNumber");async function m0(t){if(An(t))return No(t);let e=await um(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>ot(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(An(n.inherits))return No(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(m0,"roleToNumber");function h0(t,e){return t?e&&No(t)>No(e)?e:t:e}s(h0,"lowerBuiltinRoleID");function ot(t,e){return $t(t)===$t(e)}s(ot,"roleIDsAreEqual");function g0(t){let e;return t._id&&(e=br(t._id)),{...t,_id:e,inherits:c_(t.inherits,t.version)}}s(g0,"externalRole");function Uo(t,e,r){let n=s_(t);n||(t=$t(t));let i=e.find(o=>o._id&&ot(o._id,t));return!i&&!An(t)&&r?.defaultPublic?(0,fc.default)(om.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=br(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Uo,"findRole");async function E0(t,e){let r=ei(),n=[];if(!An(t)){let i=await r.tryGet(u_(t));i&&n.push(i)}return Uo(t,n,e)}s(E0,"getRole");async function y0(t){await ei().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:$t(r._id)})))}s(y0,"saveRoles");async function T0(t,e){let r=await cm();if(ot(t,ie.ADMIN))return r;let n=Uo(t,r,e),i=[];return n&&(i=new dc(r,e).walk(n)),i}s(T0,"getAllUserRoles");async function o_(t){return(await um(t)).map(r=>r._id)}s(o_,"getUserRoleIdHierarchy");async function um(t,e){return T0(t,e)}s(um,"getUserRoleHierarchy");function a_(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(a_,"checkForRoleResourceArray");async function S0(t){return(await cm(t)).map(r=>r._id)}s(S0,"getAllRoleIds");async function cm(t){if(t)return je(t,e);{let r;try{r=ei()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(gu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=br(u._id,u.version)));let i=am(),o=[];!r||await A0(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>ot(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=br(u._id,c.version),n.push({...u,...c,name:u.name,_id:br(u._id,u.version),uiMetadata:{...c.uiMetadata,...u.uiMetadata}}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=a_(a.permissions,u);return n}s(e,"internal")}s(cm,"getAllRoles");async function A0(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!tm.default.valid(r)?!0:!tm.default.gte(r,g.MIN_VERSION_WITHOUT_POWER_ROLE)}s(A0,"shouldIncludePowerRole");var nm=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||ot(e,ie.BUILDER)||ot(r,e)||ot(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await o_(r),this.userHierarchies[r]=n),n?.find(i=>ot(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function u_(t){return t?.startsWith("role")?t:$t(t)}s(u_,"getDBRoleID");function br(t,e){if(t.startsWith(`role${C}`)&&(An(t)||e===sm.NAME)){let r=t.split(C);return r.shift(),r.join(C)}return t}s(br,"getExternalRoleID");function c_(t,e){return t&&(typeof t=="string"?br(t,e):t.map(r=>br(r,e)))}s(c_,"getExternalRoleIDs");var dm={};P(dm,{BUILDER:()=>D0,BUILTIN_PERMISSIONS:()=>pc,CREATOR:()=>R0,GLOBAL_BUILDER:()=>C0,PermissionImpl:()=>se,PermissionLevel:()=>Ci,PermissionType:()=>Vo,doesHaveBasePermission:()=>I0,getAllowedLevels:()=>p_,getBuiltinPermissionByID:()=>O0,getBuiltinPermissions:()=>_0,isPermissionLevelHigherThanRead:()=>w0,levelToNumber:()=>f_});var l_=B(require("lodash/flatten")),d_=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function f_(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(f_,"levelToNumber");function p_(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(p_,"getAllowedLevels");var pc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function _0(){return(0,d_.default)(pc)}s(_0,"getBuiltinPermissions");function O0(t){return Object.values(pc).find(r=>r._id===t)}s(O0,"getBuiltinPermissionByID");function I0(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(pc),o=(0,l_.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&p_(a.level).indexOf(e)!==-1)return!0;return!1}s(I0,"doesHaveBasePermission");function w0(t){return f_(t)>1}s(w0,"isPermissionLevelHigherThanRead");var D0="builder",R0="creator",C0="globalBuilder";var mm={};P(mm,{FlagSet:()=>hc,all:()=>N0,flags:()=>fm,getEnvFlags:()=>E_,init:()=>b0,isEnabled:()=>P0,parseEnvFlags:()=>Ec,shutdown:()=>x0,testutils:()=>pm});var gc=B(require("crypto")),m_=B(require("dd-trace")),h_=require("lodash"),g_=require("posthog-node");var mc;function b0(t){g.POSTHOG_TOKEN&&g.POSTHOG_API_HOST&&!g.SELF_HOSTED&&g.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),mc=new g_.PostHog(g.POSTHOG_TOKEN,{host:g.POSTHOG_API_HOST,personalApiKey:g.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:pe.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(b0,"init");function x0(){mc?.shutdown()}s(x0,"shutdown");function Ec(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(Ec,"parseEnvFlags");function E_(){return Ec(g.TENANT_FEATURE_FLAGS||"")}s(E_,"getEnvFlags");var hc=class{constructor(e){this.flagSchema=e;this.setId=gc.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,h_.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await m_.default.trace("features.fetch",async e=>{let r=Af(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=$(),a=new Set;if(eu())return i;for(let{tenantId:f,key:h,value:p}of E_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(h),!!this.isFlagName(h))){if(typeof i[h]!="boolean")throw new Error(`Feature: ${h} is not a boolean`);i[h]=p,n[`flags.${h}.source`]="environment"}let u=Wt(),c=u?._id;if(!c){let f=Tf();f&&(c=gc.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,mc&&c){n.readFromPostHog=!0;let f=await Ti(),h={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let S=await mc.getAllFlags(c,{personProperties:h,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[m,E]of Object.entries(S))if(this.isFlagName(m)){if(typeof E!="boolean"){console.warn(`Invalid value for posthog flag "${m}": ${E}`);continue}if(!(i[m]===!0||a.has(m)))try{i[m]=E,n[`flags.${m}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${m}": ${E}`,y)}}}let d=Of();for(let[f,h]of Object.entries(d))this.isFlagName(f)&&typeof h=="boolean"&&(i[f]=h,n[`flags.${f}.source`]="override");_f(this.setId,i);for(let[f,h]of Object.entries(i))n[`flags.${f}.value`]=h;return e?.addTags(n),i})}},v0={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!1,WORKSPACE_HOME:!1,DEBUG_UI:g.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1},fm=new hc(v0);async function P0(t){return await fm.isEnabled(t)}s(P0,"isEnabled");async function N0(){return await fm.fetch()}s(N0,"all");var pm={};P(pm,{setFeatureFlags:()=>y_,withFeatureFlags:()=>M0});function U0(){let t={};for(let{tenantId:e,key:r,value:n}of Ec(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(U0,"getCurrentFlags");function L0(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(L0,"buildFlagString");function y_(t,e){let r=U0();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=L0(r);return Is({TENANT_FEATURE_FLAGS:n})}s(y_,"setFeatureFlags");function M0(t,e,r){let n=y_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(M0,"withFeatureFlags");var Rm={};P(Rm,{adminOnly:()=>yc,auditLog:()=>Tc,authError:()=>Ie,buildAuthMiddleware:()=>SM,buildCsrfMiddleware:()=>_M,buildTenancyMiddleware:()=>AM,builderOnly:()=>Rc,builderOrAdmin:()=>Cc,google:()=>Xt,internalApi:()=>xc,joiValidator:()=>Lo,oidc:()=>er,passport:()=>OM,platformLogout:()=>CM,refreshOAuthToken:()=>DM,ssoCallbackUrl:()=>vr,updateUserOAuth:()=>RM,workspaceBuilderOrAdmin:()=>Nc});var Dm={};P(Dm,{activeTenant:()=>V_,adminOnly:()=>yc,auditLog:()=>Tc,authError:()=>Ie,authenticated:()=>Dc,builderOnly:()=>Rc,builderOrAdmin:()=>Cc,correlation:()=>S_,csp:()=>x_,csrf:()=>bc,datasource:()=>yM,errorHandling:()=>P_,featureFlagCookie:()=>N_,google:()=>Xt,internalApi:()=>xc,ip:()=>U_,joiValidator:()=>Lo,local:()=>Oi,oidc:()=>er,pino:()=>A_,querystringToBody:()=>G_,ssoCallbackUrl:()=>vr,tenancy:()=>Pc,workspaceBuilderOrAdmin:()=>Nc});var T_=require("uuid");var k0=require("correlation-id"),S_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,T_.v4)()),k0.withId(r,()=>e())},"correlationMiddleware");var F0=require("koa-pino-logger"),B0=require("correlation-id");function W0(){return{logger:Pu,genReqId:B0.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(W0,"pinoSettings");function $0(){return g.HTTP_LOGGING?F0(W0()):(t,e)=>e()}s($0,"getMiddleware");var A_=$0();var yc=s(async(t,e)=>(!t.internal&&!bt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var Tc=s(async(t,e)=>e(),"auditLog");var G0=/\/:(.*?)(\/.*)?$/g,_n=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(G0);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),On=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var Sm={};P(Sm,{SecretOption:()=>I_,decrypt:()=>Tm,decryptFile:()=>Y0,encrypt:()=>K0,encryptFile:()=>Q0,getSecret:()=>ym});var Zt=B(require("crypto")),xr=B(require("fs")),hm=require("path"),gm=B(require("zlib"));var Sc="aes-256-ctr",O_="-",V0=1e4,q0=32,Ac=16,Em=16,I_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(I_||{});function ym(t){let e,r;switch(t){case"encryption":e=g.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=g.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(ym,"getSecret");function _c(t,e){return Zt.default.pbkdf2Sync(t,new Uint8Array(e),V0,q0,"sha512")}s(_c,"stretchString");function K0(t,e="api"){let r=Zt.default.randomBytes(Ac),n=_c(ym(e),r),i=Zt.default.createCipheriv(Sc,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${O_}${u}`}s(K0,"encrypt");function Tm(t,e="api"){let[r,n]=t.split(O_),i=Buffer.from(r,"hex"),o=_c(ym(e),i),a=Zt.default.createDecipheriv(Sc,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(Tm,"decrypt");async function Q0({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,hm.join)(t,e);if(xr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=xr.default.createReadStream(i),a=xr.default.createWriteStream((0,hm.join)(t,n)),u=Zt.default.randomBytes(Ac),c=Zt.default.randomBytes(Em),l=_c(r,u),d=Zt.default.createCipheriv(Sc,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(gm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(Q0,"encryptFile");async function j0(t){let e=xr.default.createReadStream(t),r=await __(e,Ac),n=await __(e,Em);return e.close(),{salt:r,iv:n}}s(j0,"getSaltAndIV");async function Y0(t,e,r){if(xr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await j0(t),o=xr.default.createReadStream(t,{start:Ac+Em}),a=xr.default.createWriteStream(e),u=_c(r,n),c=Zt.default.createDecipheriv(Sc,new Uint8Array(u),new Uint8Array(i)),l=gm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",h=>{a.close(),f(h)}),c.on("error",h=>{a.close(),f(h)}),l.on("error",h=>{a.close(),f(h)}),a.on("error",h=>{a.close(),f(h)})})}s(Y0,"decryptFile");function __(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(__,"readBytes");var Am={};P(Am,{APIWarning:()=>In,FeatureDisabledWarning:()=>Ic,InvalidAPIKeyWarning:()=>_i,UsageLimitWarning:()=>Oc});var In=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},_i=class extends In{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},Oc=class extends In{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},Ic=class extends In{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var D_=B(require("dd-trace"));var z0=g.SESSION_UPDATE_PERIOD?parseInt(g.SESSION_UPDATE_PERIOD):60*1e3;function J0(){return new Date(Date.now()-z0).toISOString()}s(J0,"timeMinusOneMinute");function w_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(w_,"finalise");async function Z0(t,e){if(qs(t))return{valid:!0,user:void 0};let n=Tm(t).split(C)[0];return Ce(n,async()=>{let i;try{let o=H();i=await Vt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await Co({userId:i,tenantId:n,populateUser:e})};throw new _i})}s(Z0,"checkApiKey");function wc(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(wc,"getHeader");function Dc(t=[],e={publicAllowed:!1}){let r=t?_n(t):[];return async(n,i)=>{let o=!1,a=wc(n,"x-budibase-api-version");On(n,r)&&(o=!0);try{let c=wc(n,"x-budibase-token"),l=Kt(n,"budibase:auth")||yu(c),d=wc(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=wc(n,"x-budibase-tenant-id"),h=!1,p,S=!1,m;if(l&&!d){let y=l.sessionId,I=l.userId,O;try{O=await xp(I,y),e&&e.populateUser?p=await Co({userId:I,tenantId:O.tenantId,email:O.email,populateUser:e.populateUser(n)}):p=await Co({userId:I,tenantId:O.tenantId,email:O.email}),p.csrfToken=O.csrfToken,m="cookie",O?.lastAccessedAt<J0()&&await bp(O),h=!0}catch(w){h=!1,console.warn(`Auth Error: ${w.message}`),Tr(n,"budibase:auth")}}if(!h&&d){let y=e.populateUser?e.populateUser(n):null,{valid:I,user:O}=await Z0(d,y);I&&(h=!0,m="api_key",p=O,S=!O)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,h||(h=!1);let E=s(y=>y&&y.email,"isUser");return E(p)&&D_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),w_(n,{authenticated:h,user:p,internal:S,version:a,publicEndpoint:o,loginMethod:m}),E(p)?tf(p,n,i):i()}catch(c){if(console.warn(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Tr(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return w_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(Dc,"authenticated");async function Rc(t,e){if(t.internal)return e();let r=await on(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Builder user only endpoint."):r&&!Ai(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(Rc,"builderOnly");async function Cc(t,e){if(t.internal||bt(t.user))return e();let r=await on(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!Ai(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(Cc,"builderOrAdmin");var b_=B(require("crypto"));var R_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com","https://d2l5prqdbvm3op.cloudfront.net"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},C_=/^[A-Za-z0-9-*:/.]+$/,x_=s(async(t,e)=>{let r=b_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...R_};n["script-src"]=[...R_["script-src"],`'nonce-${r}'`];let i={"media-src":g.CUSTOM_CSP_MEDIA_SRC,"script-src":g.CUSTOM_CSP_SCRIPT_SRC,"connect-src":g.CUSTOM_CSP_CONNECT_SRC,"img-src":g.CUSTOM_CSP_IMG_SRC,"font-src":g.CUSTOM_CSP_FONT_SRC,"frame-src":g.CUSTOM_CSP_FRAME_SRC};for(let[u,c]of Object.entries(i))if(c){let l=c.split(",").map(d=>d.trim()).filter(d=>C_.test(d));n[u]=[...n[u]||[],...l]}if(t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let u=await Ls.getWorkspaceMetadata(t.appId);if("name"in u)for(let c of u.scripts||[]){let l=(c.cspWhitelist||"").split(`
|
|
38
38
|
`).filter(f=>C_.test(f)),d=["default-src","script-src","connect-src","media-src","img-src","font-src","frame-src"];for(let f of d)n[f]=[...n[f]||[],...l]}}catch(u){console.error(`Error occurred in Content-Security-Policy middleware: ${u}`)}let a=Object.entries(n).map(([u,c])=>`${u} ${c.join(" ")}`).join("; ");t.set("Content-Security-Policy",a),await e()},"contentSecurityPolicy");var X0=["GET","HEAD","OPTIONS"],eM=["application/x-www-form-urlencoded","multipart/form-data","text/plain"];function bc(t={noCsrfPatterns:[]}){let e=_n(t.noCsrfPatterns);return async(r,n)=>{if(On(r,e)||X0.indexOf(r.method)!==-1)return n();let o=r.get("content-type")?r.get("content-type").toLowerCase():"";if(!eM.filter(c=>o.includes(c)).length||r.internal)return n();let a=r.user?.csrfToken;if(!a)return n();let u=r.get("x-csrf-token");return(!u||u!==a)&&r.throw(403,"Invalid CSRF token"),n()}}s(bc,"csrf");function v_(t){if(t.includes("-----BEGIN PRIVATE KEY-----"))return!0;for(let e of zy){let r=g[e];if(!(typeof r!="string"||r==="")&&t.includes(r))return!0}return!1}s(v_,"stringContainsSecret");async function P_(t,e){try{await e()}catch(r){let n=r.status||r.statusCode||500;t.status=n,n>=400&&n<500?console.warn(r):console.error("Got 400 response code",r);let i={message:r.message,status:n,validationErrors:r.validation,error:qu(r)};if(v_(JSON.stringify(i))&&(i={message:"Unexpected error",status:n,error:"Unexpected error"}),g.isTest()&&t.headers["x-budibase-include-stacktrace"]){let o=r;for(;o.cause;)o=o.cause;i.stack=o.stack}t.body=i}}s(P_,"errorHandling");var N_=s(async(t,e)=>{let n=Kt(t,"budibase:featureflags")?.flags||{};await If(n,async()=>{await e()})},"featureFlagCookie");async function xc(t,e){let r=t.request.headers["x-budibase-api-key"];return r||t.throw(403,"Unauthorized"),Array.isArray(r)&&t.throw(403,"Unauthorized"),qs(r)||t.throw(403,"Unauthorized"),e()}s(xc,"internalApi");async function U_(t,e){return t.ip?await Sf(t.ip,()=>e()):e()}s(U_,"ip");var Lo={};P(Lo,{body:()=>tM,params:()=>rM});var _m=B(require("joi"));function L_(t,e,r){let n=r?.errorPrefix??`Invalid ${e}`;return(i,o)=>{if(!t)return o();let a=null,u=i.request?.[e];i[e]!=null?a=i[e]:u!=null&&(a=u),t.append&&(t=t.append({createdAt:_m.default.any().optional(),updatedAt:_m.default.any().optional()}));let{error:c}=t.validate(a,{allowUnknown:r?.allowUnknown});if(c){let l=c.message;n&&(l=`Invalid ${e} - ${l}`),i.throw(400,l)}return o()}}s(L_,"validate");function tM(t,e){return L_(t,"body",e)}s(tM,"body");function rM(t,e){return L_(t,"params",e)}s(rM,"params");var Oi={};P(Oi,{authenticate:()=>sM,options:()=>iM});function Ie(t,e,r){return t(r,null,{message:e})}s(Ie,"authError");async function vr(t,e){if(e&&e.callbackURL)return e.callbackURL;let r=await Zp(),n="/api/global/auth";return hr()&&(n+=`/${$()}`),n+=`/${t}/callback`,`${r.platformUrl}${n}`}s(vr,"ssoCallbackUrl");var Om="Invalid credentials",nM="This account has expired. Please reset your password",iM={passReqToCallback:!0};async function sM(t,e,r,n){if(!e)return Ie(n,"Email Required");if(!r)return Ie(n,"Password Required");let i=await At(e);return i==null?(console.info(`user=${e} could not be found`),Ie(n,Om)):i.status==="inactive"?(console.info(`user=${e} is inactive`,i),Ie(n,Om)):i.password?await Zd(r,i.password)?(delete i.password,n(null,i)):Ie(n,Om):(console.info(`user=${e} has no password set`,i),Ie(n,nM))}s(sM,"authenticate");var Xt={};P(Xt,{buildVerifyFn:()=>F_,getCallbackUrl:()=>uM,strategyFactory:()=>Im});var Mo=s(t=>Promise.resolve(t),"ssoSaveUserNoOp");async function vc(t,e=!0,r,n){if(!n)throw new Error("Save user function must be provided");if(!t.userId)return Ie(r,"sso user id required");if(!t.email)return Ie(r,"sso user email required");let i=ni(t.userId),o;try{o=await Sn(i)}catch(u){if(!u.status||u.status!==404)return Ie(r,"Unexpected error when retrieving existing user",u)}if(o||(o=await At(t.email)),!o&&e)return Ie(r,"Email does not yet exist. You must set up your local budibase account first.");o||(o={_id:i,email:t.email,roles:{},tenantId:$()});let a=await oM(o,t);a.forceResetPassword=!1;try{delete a.password,a=await n(a,{hashPassword:!1,requirePassword:!1})}catch(u){return Ie(r,"Error saving user",u)}return r(null,a)}s(vc,"authenticate");async function oM(t,e){let r,n,i;if(e.profile){let o=e.profile;if(o.name){let a=o.name;a.givenName&&(r=a.givenName),a.familyName&&(n=a.familyName)}}return e.oauth2&&(i={...e.oauth2}),{...t,provider:e.provider,providerType:e.providerType,firstName:r,lastName:n,oauth2:i}}s(oM,"syncUser");var aM=require("passport-google-oauth").OAuth2Strategy;function F_(t){return(e,r,n,i)=>{let o={provider:"google",providerType:"google",userId:n.id,profile:n,email:n._json.email,oauth2:{accessToken:e,refreshToken:r}};return vc(o,!0,i,t)}}s(F_,"buildVerifyFn");async function Im(t,e,r){try{let{clientID:n,clientSecret:i}=t;if(!n||!i)throw new Error("Configuration invalid. Must contain google clientID and clientSecret");let o=F_(r);return new aM({clientID:t.clientID,clientSecret:t.clientSecret,callbackURL:e},o)}catch(n){throw new Error(`Error constructing google authentication strategy: ${n}`)}}s(Im,"strategyFactory");async function uM(t){return vr("google",t)}s(uM,"getCallbackUrl");var er={};P(er,{buildVerifyFn:()=>$_,fetchStrategyConfig:()=>pM,getCallbackUrl:()=>mM,strategyFactory:()=>fM});var B_=B(require("node-fetch"));var W_=require("@govtechsg/passport-openidconnect");function $_(t){return async(e,r,n,i,o,a,u,c,l)=>{let d=cM(r,n),f=lM(r,n),h={provider:e,providerType:"oidc",userId:d.id,profile:d,email:dM(d,f),oauth2:{accessToken:a,refreshToken:u}};return vc(h,!1,l,t)}}s($_,"buildVerifyFn");function cM(t,e){let r={...t?._json||{}};!r.email&&e.emails?.length&&(r.email=e.emails[0].value);let n=t?.displayName||e.displayName;return{id:t?.id||e.id,name:t?.name||e.name||!!n&&{givenName:n,familyName:""}||void 0,_json:r,provider:t?.provider}}s(cM,"normalizeProfile");function lM(t,e){return{email:t?._json?.email||e.emails?.[0]?.value,preferred_username:e.username}}s(lM,"buildJwtClaims");function dM(t,e){if(t._json.email)return t._json.email;if(e.email)return e.email;let r=e.preferred_username;if(r&&Vf(r))return r;throw new Error(`Could not determine user email from profile ${JSON.stringify(t)} and claims ${JSON.stringify(e)}`)}s(dM,"getEmail");async function fM(t,e){try{let r=$_(e),n=new W_.Strategy(t,r);return n.name="oidc",n}catch(r){throw new Error(`Error constructing OIDC authentication strategy - ${r}`)}}s(fM,"strategyFactory");async function pM(t,e){try{let{clientID:r,clientSecret:n,configUrl:i,pkce:o}=t;if(!r||!n||!e||!i)throw new Error("Configuration invalid. Must contain clientID, clientSecret, callbackUrl and configUrl");let a=await(0,B_.default)(i);if(!a.ok)throw new Error(`Unexpected response when fetching openid-configuration: ${a.statusText}`);let u=await a.json();return{issuer:u.issuer,authorizationURL:u.authorization_endpoint,tokenURL:u.token_endpoint,userInfoURL:u.userinfo_endpoint,clientID:r,clientSecret:n,callbackURL:e,pkce:o}}catch(r){throw new Error(`Error constructing OIDC authentication configuration - ${r}`)}}s(pM,"fetchStrategyConfig");async function mM(){return vr("oidc")}s(mM,"getCallbackUrl");function G_(t,e){let r=t.request.query?.query;if(t.request.method.toLowerCase()!=="get"&&t.throw(500,"Query to download middleware can only be used for get requests."),!r)return e();let n=decodeURIComponent(r),i;try{i=JSON.parse(n)}catch{return e()}return t.request.body=i,e()}s(G_,"querystringToBody");function Pc(t,e,r={noTenancyRequired:!1}){let n=_n(t),i=_n(e);return async function(o,a){let c={allowNoTenant:r.noTenancyRequired||!!On(o,i)};!!On(o,n)||(c.excludeStrategies=["query"]);let d=Gs(o,c);return o.set("x-budibase-tenant-id",d),Ce(d,a)}}s(Pc,"tenancy");function V_(){return async function(t,e){try{if((await ve("settings"))?.config?.active===!1){t.status=404,t.body={message:"Tenant not found"};return}}catch(r){if(r.message==="Global DB not found")return e();throw r}return e()}}s(V_,"activeTenant");async function Nc(t,e){if(t.internal||bt(t.user))return e();let r=await on(t);return r&&!rc(t.user,r)?t.throw(403,"Workspace Admin/Builder user only endpoint."):!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)&&t.throw(403,"Admin/Builder user only endpoint."),e()}s(Nc,"workspaceBuilderOrAdmin");var wm={};P(wm,{postAuth:()=>EM,preAuth:()=>gM});var hM=require("passport-google-oauth").OAuth2Strategy;async function q_(){let t=await Xp();if(!t)throw new Error("No google configuration found");return t}s(q_,"fetchGoogleCreds");async function gM(t,e,r){let n=await q_(),o=`${await Po({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=await Im(n,o,Mo);return e.query.appId||e.throw(400,"appId query param not present."),t.authenticate(a,{scope:["profile","email","https://www.googleapis.com/auth/spreadsheets"],accessType:"offline",prompt:"consent"})(e,r)}s(gM,"preAuth");async function EM(t,e,r){let n=await q_(),o=`${await Po({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=Kt(e,"budibase:datasourceauth");if(!a)throw new Error("Unable to fetch datasource auth cookie");return t.authenticate(new hM({clientID:n.clientID,clientSecret:n.clientSecret,callbackURL:o},(u,c,l,d)=>{Tr(e,"budibase:datasourceauth"),d(null,{accessToken:u,refreshToken:c})}),{successRedirect:"/",failureRedirect:"/error"},async(u,c)=>{let l=`/builder/workspace/${a.appId}/data`,d=ee();await Yt(`datasource:creation:${a.appId}:google:${d}`,{tokens:c}),e.redirect(`${l}/new?continue_google_setup=${d}`)})(e,r)}s(EM,"postAuth");var yM={google:wm};var K_=require("koa-passport"),TM=require("passport-local").Strategy,Uc=require("passport-oauth2-refresh"),SM=Dc,AM=Pc,_M=bc,OM=K_;K_.use(new TM(Oi.options,Oi.authenticate));async function IM(t,e){let r=await er.getCallbackUrl(),n,i;try{if(n=await er.fetchStrategyConfig(t,r),!n)throw new Error("OIDC Config contents invalid");i=await er.strategyFactory(n,Mo)}catch{throw new Error("Could not refresh OAuth Token")}return Uc.use(i,{setRefreshOAuth2(){return i._getOAuth2Client(n)}}),new Promise(o=>{Uc.requestNewAccessToken("oidc",e,(a,u,c,l)=>{o({err:a,accessToken:u,refreshToken:c,params:l})})})}s(IM,"refreshOIDCAccessToken");async function wM(t,e){let r=await Xt.getCallbackUrl(t),n;try{n=await Xt.strategyFactory(t,r,Mo)}catch(i){throw new Error(`Error constructing OIDC refresh strategy: message=${i.message}`)}return Uc.use(n),new Promise(i=>{Uc.requestNewAccessToken("google",e,(o,a,u,c)=>{i({err:o,accessToken:a,refreshToken:u,params:c})})})}s(wM,"refreshGoogleAccessToken");async function DM(t,e,r){switch(e){case"oidc":{if(!r)return{err:{data:"OIDC config id not provided"}};let n=await em(r);return n?IM(n,t):{err:{data:"OIDC configuration not found"}}}case"google":{let n=await lc();return n?wM(n,t):{err:{data:"Google configuration not found"}}}}}s(DM,"refreshOAuthToken");async function RM(t,e){let r={accessToken:e.accessToken,refreshToken:e.refreshToken};try{let n=H(),i=await n.get(t);typeof r.refreshToken!="string"&&delete r.refreshToken,i.oauth2={...i.oauth2,...r},await n.put(i),await bo(t)}catch(n){console.error("Could not update OAuth details for current user",n)}}s(RM,"updateUserOAuth");async function CM(t){let e=t.ctx,r=t.userId,n=t.keepActiveSession;if(!e)throw new Error("Koa context must be supplied to logout.");let i=Kt(e,"budibase:auth"),o=await fo(r);i&&n?o=o.filter(u=>u.sessionId!==i.sessionId):Tr(e,"budibase:auth");let a=o.map(({sessionId:u})=>u);await En(r,{sessionIds:a,reason:"logout"}),await ec.logout(e.user?.email),await bo(r)}s(CM,"platformLogout");var bm={};P(bm,{validate:()=>NM});var x=B(require("joi"));var bM=["Relational","Non-relational","Spreadsheet","Object store","Graph","API"];function Cm(t,e){let{error:r}=t.validate(e);if(r)throw r}s(Cm,"runJoi");function xM(t){let e=x.default.object({type:x.default.string().allow("component").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),settings:x.default.array().items(x.default.object().unknown(!0)).required()}).unknown(!0)});Cm(e,t)}s(xM,"validateComponent");function vM(t){let e=x.default.object({type:x.default.string().allow(...Object.values(Wc)).required(),required:x.default.boolean().required(),default:x.default.any(),display:x.default.string()}),r=x.default.object({type:x.default.string().allow(...Object.values(Bc)),readable:x.default.boolean(),displayName:x.default.string(),fields:x.default.object().pattern(x.default.string(),e)}).required(),n=x.default.object({type:x.default.string().allow("datasource").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({docs:x.default.string(),plus:x.default.boolean().optional(),isSQL:x.default.boolean().optional(),auth:x.default.object({type:x.default.string().required()}).optional(),features:x.default.object(Object.fromEntries(Object.values($c).map(i=>[i,x.default.boolean().optional()]))).optional(),relationships:x.default.boolean().optional(),description:x.default.string().required(),friendlyName:x.default.string().required(),type:x.default.string().allow(...bM),datasource:x.default.object().pattern(x.default.string(),e).required(),query:x.default.object().pattern(x.default.string(),r).unknown(!0).required(),extra:x.default.object().pattern(x.default.string(),x.default.object({type:x.default.string().required(),displayName:x.default.string().required(),required:x.default.boolean(),data:x.default.object()}))})});Cm(n,t)}s(vM,"validateDatasource");function PM(t){let e=x.default.object().pattern(x.default.string(),{type:x.default.string().allow(...Object.values(Gc)).required(),customType:x.default.string().allow(...Object.values(Vc)),title:x.default.string(),description:x.default.string(),enum:x.default.array().items(x.default.string()),pretty:x.default.array().items(x.default.string())}),r=x.default.object({properties:e,required:x.default.array().items(x.default.string())}).concat(e).required(),n=x.default.object({type:x.default.string().allow("automation").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),tagline:x.default.string().required(),icon:x.default.string().required(),description:x.default.string().required(),type:x.default.string().allow("ACTION","LOGIC").required(),stepId:x.default.string().disallow(...Jm).required(),inputs:x.default.object().optional(),schema:x.default.object({inputs:r,outputs:r}).required()})});Cm(n,t)}s(PM,"validateAutomation");function NM(t){switch(t?.type){case"component":xM(t);break;case"datasource":vM(t);break;case"automation":PM(t);break;default:throw new Error(`Unknown plugin type - check schema.json: ${t.type}`)}}s(NM,"validate");var xm={};P(xm,{Client:()=>Oe,clients:()=>Er,locks:()=>hn,utils:()=>Qa});var vm={};P(vm,{isBlacklisted:()=>LM,refreshBlacklist:()=>H_});var Q_=B(require("dns")),Mc=B(require("net"));var j_=require("util");var Lc,UM=(0,j_.promisify)(Q_.default.lookup);async function Y_(t){return Mc.default.isIP(t)||(t.startsWith("http")||(t=`https://${t}`),t=new URL(t).hostname),(await UM(t,{all:!0})).map(r=>r.address)}s(Y_,"lookup");async function H_(){let e=g.BLACKLIST_IPS?.split(",")||[],r=[];for(let n of e){let i=n.trim();if(Mc.default.isIP(i))r.push(i);else{let o=await Y_(i);r=r.concat(o)}}Lc=r}s(H_,"refreshBlacklist");async function LM(t){if(Lc||await H_(),Lc?.length===0)return!1;let e;return Mc.default.isIP(t)?e=[t]:e=await Y_(t),!!Lc?.find(r=>e.includes(r))}s(LM,"isBlacklisted");var Nm={};P(Nm,{init:()=>kM});var MM={"user:created":t=>t.userId,"user:updated":t=>t.userId,"user:deleted":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:admin:removed":t=>t.userId,"user:builder:assigned":t=>t.userId,"user:builder:removed":t=>t.userId,"user_group:created":t=>t.groupId,"user_group:updated":t=>t.groupId,"user_group:deleted":t=>t.groupId,"user_group:user_added":t=>t.groupId,"user_group:users_deleted":t=>t.groupId,"user_group:permissions_edited":t=>t.groupId,"automation:deleted":t=>t.automationId,"datasource:deleted":t=>t.datasourceId,"table:deleted":t=>t.tableId,"query:deleted":t=>t.queryId,"workspace_app:deleted":t=>t.workspaceAppId,"view:deleted":t=>t.id};function z_(t,e){let r=MM[t];if(!r)throw new Error("Event does not have a method of document ID extraction");return r(e)}s(z_,"getDocumentId");var ko=class{constructor(e){this.processors=[];this.processors=e}static{s(this,"DocumentUpdateProcessor")}async processEvent(e,r,n){let i=r.realTenantId,o=z_(e,n);if(!(!i||!o))for(let{events:a,processor:u}of this.processors)a.includes(e)&&await Ce(i,async()=>{await u({id:o,tenantId:i,appId:n.appId,properties:n})})}shutdown(){return aA()}};var J_,Pm;function kM(t){Tt||zu(),Pm||(Pm=new ko(t)),J_||(J_=Tt.process(async e=>{let{event:r,identity:n,properties:i}=e.data;await Pm.processEvent(r,n,i)}))}s(kM,"init");var Gm={};P(Gm,{COUNT_FIELD_NAME:()=>Wm,Sql:()=>sO,SqlTable:()=>kc,designDoc:()=>$m,utils:()=>pf});var tO=require("knex");var FM=require("knex");function Um(t){return["link","formula","ai"].indexOf(t)!==-1}s(Um,"isIgnoredType");function Z_(t,e,r,n,i){let o=e&&e.primary?e.primary:[],a=Object.values(e.schema),u=a.filter(h=>h.meta),c=u.length===a.length,l=[];n||(c?t.primary(u.map(h=>h.name)):o.length===1?(t.increments(o[0]).primary(),l.push(o[0])):t.primary(o));let d=Object.values(e.schema).map(h=>h.foreignKey);for(let[h,p]of Object.entries(e.schema)){let S=n?.schema[h];if(S&&S.type||l.includes(h)||i?.updated===h)continue;let m=p.type;switch(m){case"string":case"options":case"longform":case"barcodeqr":case"bb_reference_single":o.includes(h)?t.string(h,255):t.text(h);break;case"number":if(p.meta&&p.meta.toKey&&p.meta.toTable){let{toKey:E,toTable:y}=p.meta;t.integer(h).unsigned(),t.foreign(h).references(`${y}.${E}`)}else d.indexOf(h)===-1&&t.float(h);break;case"bigint":t.bigint(h);break;case"boolean":t.boolean(h);break;case"datetime":p.timeOnly?t.time(h):t.datetime(h,{useTz:!p.ignoreTimezones});break;case"array":case"bb_reference":Le.schema.isDeprecatedSingleUserColumn(p)?t.text(h):t.json(h);break;case"link":if(p.relationshipType!=="many-to-one"&&p.relationshipType!=="many-to-many"){if(!p.foreignKey||!p.tableId)throw new Error("Invalid relationship schema");let{tableName:E}=uf(p.tableId),y=r[E];if(!y||!y.primary)throw new Error("Referenced table doesn't exist or has no primary keys");let I=y.primary[0],O=y.schema[I].externalType;O?t.specificType(p.foreignKey,O):t.integer(p.foreignKey).unsigned(),t.foreign(p.foreignKey).references(`${E}.${I}`)}break;case"signature_single":case"attachment":case"attachment_single":t.json(h);break;case"formula":break;case"ai":break;case"auto":case"json":case"internal":throw new Error(`${p.type} is not a valid SQL type`);default:_t.unreachable(m)}}let f=i?n?.schema[i.old].type:void 0;return i&&f&&!Um(f)&&t.renameColumn(i.old,i.updated),n&&Object.entries(n.schema).filter(([p,S])=>!Um(S.type)&&e.schema[p]==null).forEach(([p,S])=>{i?.old===p||Um(S.type)||(n.constrained&&n.constrained.indexOf(p)!==-1&&t.dropForeign(p),t.dropColumn(p))}),t}s(Z_,"generateSchema");function WM(t,e,r){return t.createTable(e.name,n=>{Z_(n,e,r)})}s(WM,"buildCreateTable");function $M(t,e,r,n,i){return t.alterTable(e.name,o=>{Z_(o,e,r,n,i)})}s($M,"buildUpdateTable");function GM(t,e){return t.dropTable(e.name)}s(GM,"buildDeleteTable");var Lm=class{static{s(this,"SqlTableQueryBuilder")}constructor(e){this.sqlClient=e}getBaseSqlClient(){return this.sqlClient}getSqlClient(){return this.extendedSqlClient||this.sqlClient}setExtendedSqlClient(e){this.extendedSqlClient=e}_operation(e){return e.operation}_tableQuery(e){let r=(0,FM.knex)({client:this.sqlClient}).schema;e?.schema&&(r=r.withSchema(e.schema));let n;if(!e.table||!e.tables)throw new Error("Cannot execute without table being specified");if(e.table.sourceType==="internal")throw new Error("Cannot perform table actions for SQS.");switch(this._operation(e)){case"CREATE_TABLE":n=WM(r,e.table,e.tables);break;case"UPDATE_TABLE":if(!e.table)throw new Error("Must specify old table for update");if(this.sqlClient==="mysql2"&&e.meta?.renamed){let i=e.meta.renamed.updated;return{sql:`alter table ${e?.schema?`\`${e.schema}\`.\`${e.table.name}\``:`\`${e.table.name}\``} rename column \`${e.meta.renamed.old}\` to \`${i}\`;`,bindings:[]}}if(n=$M(r,e.table,e.tables,e.meta?.oldTable,e.meta?.renamed),this.sqlClient==="mssql"&&e.meta?.renamed){let i=e.meta.renamed.old,o=e.meta.renamed.updated,a=e?.schema?`${e.schema}.${e.table.name}`:`${e.table.name}`,u=Jn(n);if(Array.isArray(u))for(let c of u)c.sql.startsWith("exec sp_rename")&&(c.sql=`exec sp_rename '${a}.${i}', '${o}', 'COLUMN'`,c.bindings=[]);return u}break;case"DELETE_TABLE":n=GM(r,e.table);break;default:throw new Error("Table operation is of unknown type")}return Jn(n)}},kc=Lm;var rO=require("lodash");var Wm="__bb_total";function X_(){return(g.SQL_MAX_ROWS?parseInt(g.SQL_MAX_ROWS):null)||5e3}s(X_,"getBaseLimit");function Mm(){return(g.SQL_MAX_RELATED_ROWS?parseInt(g.SQL_MAX_RELATED_ROWS):null)||500}s(Mm,"getRelationshipLimit");function VM(t,e){return t.sort((r,n)=>{let i=e.find(a=>a&&r.endsWith(a)),o=e.find(a=>a&&n.endsWith(a));return i&&!o?-1:!i&&o?1:r.localeCompare(n)})}s(VM,"prioritisedArraySort");function nO(t){return Array.isArray(t)?t.map(e=>nO(e)):(t.bindings&&(t.bindings=t.bindings.map(e=>typeof e=="boolean"?e?1:0:e)),t)}s(nO,"convertBooleans");function eO(t){return t.sourceType==="internal"||t.sourceId===Qc}s(eO,"isSqs");function qM(t,e='"'){return t.replace(new RegExp(e,"g"),`${e}${e}`)}s(qM,"escapeQuotes");function KM(t,e='"'){return`${e}${qM(t,e)}${e}`}s(KM,"wrap");function QM(t,e='"'){for(let r in t)typeof t[r]=="string"&&(t[r]=KM(t[r],e));return`[${t.join(",")}]`}s(QM,"stringifyArray");function km(t){return`{${(Array.isArray(t)?t:t==null?[]:[t]).map(n=>{if(typeof n=="string"&&n.length>1){let i=n[0],o=n[n.length-1];if(i==='"'&&o==='"'||i==="'"&&o==="'")return n.substring(1,n.length-1)}return`${n}`}).join(",")}}`}s(km,"toPgArrayLiteral");function iO(t){return Xm.includes(t.type)&&!Le.schema.isDeprecatedSingleUserColumn(t)}s(iO,"isJsonColumn");var jM={equal:!1,notEqual:!0,empty:!1,notEmpty:!0,fuzzy:!1,string:!1,range:!1,contains:!1,notContains:!0,containsAny:!1,oneOf:!1,$and:!1,$or:!1},Fm=class{constructor(e,r,n){this.SPECIAL_SELECT_CASES={POSTGRES_ARRAY:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="array",POSTGRES_MONEY:e=>this.client==="pg"&&e?.externalType?.includes("money"),POSTGRES_ENUM:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="user-defined"&&e?.type==="options",MSSQL_DATES:e=>this.client==="mssql"&&e?.type==="datetime"&&e.timeOnly};this.client=e,this.query=n,this.knex=r,this.splitter=new fr.ColumnSplitter([this.table],{aliases:this.query.tableAliases,columnPrefix:this.query.meta?.columnPrefix})}static{s(this,"InternalBuilder")}get table(){return this.query.table}get knexClient(){return this.knex.client}getFieldSchema(e){let{column:r}=this.splitter.run(e);return this.table.schema[r]}requiresJsonAsStringClient(){return["mssql","mysql2","mariadb","oracledb"].includes(this.client)}quoteChars(){let e=this.knexClient.wrapIdentifier("foo",{});return[e[0],e[e.length-1]]}quote(e){return this.knexClient.wrapIdentifier(e,{})}isQuoted(e){let[r,n]=this.quoteChars();return e.startsWith(r)&&e.endsWith(n)}quotedIdentifier(e){return Array.isArray(e)||(e=this.splitIdentifier(e)),e.map(r=>this.quote(r)).join(".")}castIntToString(e){switch(this.client){case"oracledb":return this.knex.raw("to_char(??)",[e]);case"pg":return this.knex.raw("??::TEXT",[e]);case"mysql2":case"mariadb":return this.knex.raw("CAST(?? AS CHAR)",[e]);case"sqlite3":return this.knex.raw("printf('%d', ??)",[e]);case"mssql":return this.knex.raw("CONVERT(NVARCHAR, ??)",[e])}}rawQuotedIdentifier(e){return this.knex.raw(this.quotedIdentifier(e))}splitIdentifier(e){let[r,n]=this.quoteChars();return this.isQuoted(e)?e.slice(1,-1).split(`${n}.${r}`):e.split(".")}qualifyIdentifier(e){let r=this.getTableName(),n=this.splitIdentifier(e);return n[0]!==r&&n.unshift(r),this.isQuoted(e)?this.quotedIdentifier(n):n.join(".")}generateSelectStatement(){let{table:e,resource:r}=this.query;if(!r||!r.fields||r.fields.length===0)return"*";let n=this.getTableName(e),i=this.table.schema;return r.fields.map(a=>{let u=a.split(/\./g),c,l=u[0];return u.length>1&&(c=u[0],l=u.slice(1).join(".")),{table:c,column:l,field:a}}).filter(({table:a})=>!a||a===n).map(({table:a,column:u,field:c})=>{let l=i[u];return this.SPECIAL_SELECT_CASES.POSTGRES_MONEY(l)?this.knex.raw("??::money::numeric as ??",[this.rawQuotedIdentifier([a,u].join(".")),this.knex.raw(this.quote(c))]):this.SPECIAL_SELECT_CASES.MSSQL_DATES(l)?this.knex.raw("CONVERT(varchar, ??, 108) as ??",[this.rawQuotedIdentifier(c),this.knex.raw(this.quote(c))]):a?this.rawQuotedIdentifier(`${a}.${u}`):this.rawQuotedIdentifier(c)})}convertClobs(e,r){if(this.client!=="oracledb")throw new Error("you've called convertClobs on a DB that's not Oracle, this is a mistake");let i=this.splitIdentifier(e).pop(),o=this.table.schema[i],a=this.rawQuotedIdentifier(e);return(o.type==="string"||o.type==="longform"||o.type==="bb_reference_single"||o.type==="bb_reference"||o.type==="options"||o.type==="barcodeqr")&&(r?.forSelect?a=this.knex.raw("to_char(??) as ??",[a,this.rawQuotedIdentifier(i)]):a=this.knex.raw("to_char(??)",[a])),a}parse(e,r){if(Array.isArray(e))return JSON.stringify(e);if(e==null)return null;if(this.requiresJsonAsStringClient()&&iO(r)&&typeof e=="object")return JSON.stringify(e);if(this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(r))return`{${e}}`;if(this.client==="oracledb"&&r.type==="datetime"&&r.timeOnly){if(e instanceof Date){let n=e.getHours().toString().padStart(2,"0"),i=e.getMinutes().toString().padStart(2,"0"),o=e.getSeconds().toString().padStart(2,"0");return`${n}:${i}:${o}`}if(typeof e=="string")return new Date(`1970-01-01T${e}Z`)}if(typeof e=="string"&&r.type==="datetime")if(r.timeOnly){if(!df(e))return null}else if(r.dateOnly){let n=lf(e);return n?new Date(n):null}else return r.ignoreTimezones?Ja(e)?new Date(e):cf(e)?new Date(e+"Z"):null:Ja(e)?new Date(e.trim()):null;return e}parseBody(e){for(let[r,n]of Object.entries(e)){let{column:i}=this.splitter.run(r),o=this.table.schema[i];o&&(e[r]=this.parse(n,o))}return e}parseFilters(e){e=(0,rO.cloneDeep)(e);for(let r of Object.values(Ur)){let n=e[r];if(n)for(let i of Object.keys(n)){if(Array.isArray(n[i])){n[i]=JSON.stringify(n[i]);continue}let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=this.parse(n[i],a))}}for(let r of Object.values(rr)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=n[i].map(u=>this.parse(u,a)))}}for(let r of Object.values(Rn)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];if(!a)continue;let u=n[i];"low"in u&&(u.low=this.parse(u.low,a)),"high"in u&&(u.high=this.parse(u.high,a))}}return e}addJoinFieldCheck(e,r){let n=r.from?.split(".")[0]||"";return e.andWhere(`${n}.fieldName`,"=",r.column)}addRelationshipForFilter(e,r,n,i,o){let{relationships:a,schema:u,tableAliases:c,table:l}=this.query,d=c?.[l.name]||l.name,f=s(h=>n.match(new RegExp(`^${h}\\.`)),"matches");if(!a)return e;for(let h of a){let p=h.tableName,S=c?.[p]||p,m=f(p)||f(S),E=f(h.column),y=h.column===this.splitter.run(n).column&&!this.splitter.run(n).tableName;if((m||E||y)&&h.to&&h.tableName){let I=this.knex.select(this.knex.raw(1)).from({[S]:p}),O=I.clone(),w=ff(h),T;if(m?T=n:T=n.replace(new RegExp(`^${h.column}.`),`${c?.[h.tableName]||h.tableName}.`),w){let _=c?.[w.through]||h.through,U=this.tableNameWithSchema(w.through,{alias:_,schema:u});O=O.innerJoin(U,function(){this.on(`${S}.${w.toPrimary}`,"=",`${_}.${w.to}`)}).where(`${_}.${w.from}`,"=",this.rawQuotedIdentifier(`${d}.${w.fromPrimary}`)),this.client==="sqlite3"&&(O=this.addJoinFieldCheck(O,w)),y&&i==="empty"?e=e.whereNotExists(O):y&&i==="notEmpty"?e=e.whereExists(O):e=e.where(R=>{R.whereExists(o(T,O)),r&&R.orWhereNotExists(I.clone().innerJoin(U,function(){this.on(`${d}.${w.fromPrimary}`,"=",`${_}.${w.from}`)}))})}else{let _=`${S}.${h.to}`,U=`${d}.${h.from}`;O=O.where(_,"=",this.rawQuotedIdentifier(U)),y&&i==="empty"?e=e.whereNotExists(O):y&&i==="notEmpty"?e=e.whereExists(O):e=e.where(R=>{R.whereExists(o(T,O.clone())),r&&R.orWhereNotExists(O)})}}}return e}addFilters(e,r,n){if(!r)return e;let i=this;r=this.parseFilters({...r});let o=this.query.tableAliases,a=r.allOr,c=this.client==="sqlite3"?this.table._id:this.table.name;function l(m){return o?.[m]||m}s(l,"getTableAlias");function d(m,E,y,I){let O=s((w,T,_)=>{let[U,...R]=T.split("."),k=R.join("."),Y=l(U);return w.andWhere(we=>y(we,Y?`${Y}.${k}`:k,_))},"handleRelationship");for(let w in m){let T=m[w],_=$s(w),U=_.includes(".")||i.getFieldSchema(_)?.type==="link",R=n?.relationship&&U,k;if(w==="_complexIdOperator"&&(k=m[w])&&I){let Y=l(c);e=I(e,k.id.map(we=>Y?`${Y}.${we}`:we),k.values)}else if(U)R&&(a&&(e=e.or),e=i.addRelationshipForFilter(e,jM[E],_,E,(Y,we)=>O(we,Y,T)));else{let Y=l(c);e=y(e,Y?`${Y}.${_}`:_,T)}}}s(d,"iterate");let f=this.client==="sqlite3"&&this.query.meta?.sqliteUseLikeWithoutLower,h=s((m,E,y)=>((r?.fuzzyOr||a)&&(m=m.or),f?m.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(E),`%${y}%`]):this.client==="oracledb"||this.client==="sqlite3"?m.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(E),`%${y.toLowerCase()}%`]):m.whereILike(this.rawQuotedIdentifier(E),this.knex.raw("?",[`%${y}%`]))),"like"),p=s((m,E=!1)=>{function y(I){return(a||m===r?.containsAny)&&(I=I.or),m===r?.notContains&&(I=I.not),I}s(y,"addModifiers"),this.client==="pg"?d(m,"contains",(I,O,w)=>{I=y(I);let T=this.getFieldSchema(O),_=this.rawQuotedIdentifier(O),U=Array.isArray(w)?[...w]:[w],R=this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(T);return E?R?I.whereRaw("COALESCE(?? && ?::text[], FALSE)",[_,km(U)]):I.whereRaw("COALESCE(??::jsonb \\?| ?::text[], FALSE)",[_,km(U)]):R?I.whereRaw("COALESCE(?? @> ?::text[], FALSE)",[_,km(U)]):I.whereRaw("COALESCE(??::jsonb @> ?::jsonb, FALSE)",[_,QM(U)])}):this.client==="mysql2"||this.client==="mariadb"?d(m,"contains",(I,O,w)=>{let T=Array.isArray(w)?w:[w];return y(I).whereRaw("COALESCE(?(??, ?), FALSE)",[this.knex.raw(E?"JSON_OVERLAPS":"JSON_CONTAINS"),this.rawQuotedIdentifier(O),JSON.stringify(T)])}):d(m,"contains",(I,O,w)=>(w.length===0||(I=I.where(T=>(m===r?.notContains&&(T=T.not),T=T.where(_=>{for(let U of w){m===r?.containsAny?_=_.or:_=_.and;let R=!f,k=typeof U=="string"?`"${R?U.toLowerCase():U}"`:U,Y=R?"COALESCE(LOWER(??), '')":"COALESCE(??, '')";_=_.whereLike(this.knex.raw(Y,[this.rawQuotedIdentifier(O)]),`%${k}%`)}}),m===r?.notContains&&(T=T.or.whereNull(this.rawQuotedIdentifier(O))),T))),I))},"contains");if(r.$and){let{$and:m}=r;for(let E of m.conditions)e=e.where(y=>{this.addFilters(y,E,n)})}if(r.$or){let{$or:m}=r;e=e.where(E=>{for(let y of m.conditions)E.orWhere(I=>this.addFilters(I,{...y,allOr:!0},n))})}r.oneOf&&d(r.oneOf,"oneOf",(m,E,y)=>{let I=this.getFieldSchema(E),O=Array.isArray(y)?y:[y];if(a&&(m=m.or),this.client==="oracledb")E=this.convertClobs(E);else if(this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly){for(let w of O)w!=null?m=m.or.whereLike(E,`${w.toISOString().slice(0,10)}%`):m=m.or.whereNull(E);return m}return m.whereIn(E,O)},(m,E,y)=>(a&&(m=m.or),this.client==="oracledb"&&(E=E.map(I=>this.convertClobs(I))),m.whereIn(E,Array.isArray(y)?y:[y]))),r.string&&d(r.string,"string",(m,E,y)=>{if(a&&(m=m.or),f)return m.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(E),`${y}%`]);if(this.client==="oracledb"||this.client==="sqlite3")return m.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(E),`${y.toLowerCase()}%`]);{let I=this.getFieldSchema(E);return this.SPECIAL_SELECT_CASES.POSTGRES_ENUM(I)?m.whereRaw("??::text ilike ?",[this.knex.raw(this.quote(I.name)),`${y}%`]):m.whereILike(E,`${y}%`)}}),r.fuzzy&&d(r.fuzzy,"fuzzy",h),r.range&&d(r.range,"range",(m,E,y)=>{let I=s(k=>k&&Object.keys(k).length===0&&Object.getPrototypeOf(k)===Object.prototype,"isEmptyObject");I(y.low)&&(y.low=""),I(y.high)&&(y.high="");let O=Za(y.low),w=Za(y.high),T=this.getFieldSchema(E),_=E,U=y.high,R=y.low;return this.client==="sqlite3"&&T?.type==="datetime"&&T.dateOnly&&(U!=null&&(U=`${U.toISOString().slice(0,10)}T23:59:59.999Z`),R!=null&&(R=R.toISOString().slice(0,10))),this.client==="oracledb"?_=this.convertClobs(E):this.client==="sqlite3"&&T?.type==="bigint"&&(_=this.knex.raw("CAST(?? AS INTEGER)",[this.rawQuotedIdentifier(E)]),U=this.knex.raw("CAST(? AS INTEGER)",[y.high]),R=this.knex.raw("CAST(? AS INTEGER)",[y.low])),a&&(m=m.or),O&&w?m.whereBetween(_,[R,U]):O?m.where(_,">=",R):w?m.where(_,"<=",U):m}),r.equal&&d(r.equal,"equal",(m,E,y)=>{let I=this.getFieldSchema(E);if(a&&(m=m.or),this.client==="mssql")return m.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 1",[this.rawQuotedIdentifier(E),y]);if(this.client==="oracledb"){let O=this.convertClobs(E);return m.where(w=>w.whereNotNull(O).andWhere(O,y))}else return this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly?y!=null?m.whereLike(E,`${y.toISOString().slice(0,10)}%`):m.whereNull(E):m.whereRaw("COALESCE(?? = ?, FALSE)",[this.rawQuotedIdentifier(E),y])}),r.notEqual&&d(r.notEqual,"notEqual",(m,E,y)=>{let I=this.getFieldSchema(E);if(a&&(m=m.or),this.client==="mssql")return m.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 0",[this.rawQuotedIdentifier(E),y]);if(this.client==="oracledb"){let O=this.convertClobs(E);return m.where(w=>w.not.whereNull(O).and.where(O,"!=",y)).or.whereNull(O)}else return this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly?y!=null?m.not.whereLike(E,`${y.toISOString().slice(0,10)}%`).or.whereNull(E):m.not.whereNull(E):m.whereRaw("COALESCE(?? != ?, TRUE)",[this.rawQuotedIdentifier(E),y])}),r.empty&&d(r.empty,"empty",(m,E)=>(a&&(m=m.or),m.whereNull(E))),r.notEmpty&&d(r.notEmpty,"notEmpty",(m,E)=>(a&&(m=m.or),m.whereNotNull(E))),r.contains&&p(r.contains),r.notContains&&p(r.notContains),r.containsAny&&p(r.containsAny,!0);let S=o?.[this.table._id]||this.table._id;return r.documentType&&!af(this.table)&&S&&e.andWhereLike(`${S}._id`,`${nr(r.documentType)}%`),e}isSqs(){return eO(this.table)}getTableName(e){e||(e=this.table);let r=e.name;eO(e)&&e._id&&(r=e._id);let n=this.query.tableAliases||{};return n[r]?n[r]:r}addDistinctCount(e){if(!this.table.primary)throw new Error("SQL counting requires primary key to be supplied");return e.countDistinct(`${this.getTableName()}.${this.table.primary[0]} as ${Wm}`)}addAggregations(e,r){let n=this.query.resource?.fields||[],i=this.getTableName();if(n.length>0){let o=n.map(a=>this.qualifyIdentifier(a));if(this.client==="oracledb"){let a=o.map(c=>this.convertClobs(c)),u=o.map(c=>this.convertClobs(c,{forSelect:!0}));e=e.groupBy(a).select(u)}else e=e.groupBy(o).select(o)}for(let o of r){let a=o.calculationType;if(a==="count")if("distinct"in o&&o.distinct)if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(DISTINCT ??) as ??",[u,o.name]))}else e=e.countDistinct(`${i}.${o.field} as ${o.name}`);else if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(??) as ??",[u,o.name]))}else e=e.count(`${o.field} as ${o.name}`);else{let u=this.getFieldSchema(o.field);if(!u)throw new Error(`field schema missing for aggregation target: ${o.field}`);let c=this.knex.raw("??(??)",[this.knex.raw(a),this.rawQuotedIdentifier(`${i}.${o.field}`)]);u.type==="bigint"&&(c=this.castIntToString(c)),e=e.select(this.knex.raw("?? as ??",[c,o.name]))}}return e}isAggregateField(e){return!!this.query.resource?.aggregations?.find(n=>n.name===e)}addSorting(e){let{sort:r,resource:n}=this.query,i=this.table.primary,o=this.getTableName();if(!Array.isArray(i))throw new Error("Sorting requires primary key to be specified for table");if(r&&Object.keys(r||{}).length>0)for(let[u,c]of Object.entries(r)){let l=this.getFieldSchema(u);if(this.isUnsortableField(l))continue;let d=c.direction==="ascending"?"asc":"desc",f;(this.client==="pg"||this.client==="oracledb")&&(f=c.direction==="ascending"?"first":"last");let h=`${o}.${u}`,p;this.isAggregateField(u)?p=this.rawQuotedIdentifier(u):this.client==="oracledb"?p=this.convertClobs(h):p=this.rawQuotedIdentifier(h),e=e.orderByRaw(`?? ?? ${f?"nulls ??":""}`,[p,this.knex.raw(d),...f?[this.knex.raw(f)]:[]])}if(!((n?.aggregations?.length??0)>0)){let u=this.findSortablePrimaryKey(i);if(u&&(!r||r[u]===void 0))e=e.orderBy(`${o}.${u}`);else if(!u&&(!r||Object.keys(r).length===0))throw new Error(`Primary key not found for table ${this.table.name}`)}return e}isUnsortableField(e){return e?.type==="json"}findSortablePrimaryKey(e){return e.find(r=>{if(r==null)return!1;let n=this.getFieldSchema(r);return!this.isUnsortableField(n)})}tableNameWithSchema(e,r){let n=r?.schema?`${r.schema}.${e}`:e;return r?.alias&&(n+=` as ${r.alias}`),n}buildJsonField(e,r){let n=r.split("."),i=n[n.length-1],o,a;if(n.length>1){let l=n.shift();o=n.join("."),a=`${l}.${o}`}else o=n.join("."),a=o;this.query.meta?.columnPrefix&&(i=i.replace(this.query.meta.columnPrefix,""));let u=this.rawQuotedIdentifier(a),c=e.schema[i];return c&&c.type==="bigint"&&(u=this.castIntToString(u)),[o,u]}maxFunctionParameters(){switch(this.client){case"sqlite3":return 127;case"pg":return 100;default:return 200}}addJsonRelationships(e,r,n){let i=this.client,o=this.knex,{resource:a,tableAliases:u,schema:c,tables:l}=this.query,d=a?.fields||[];for(let f of n){let{tableName:h,through:p,to:S,from:m,fromPrimary:E,toPrimary:y}=f;if(!h||!r)continue;let I=l[h];if(!I)throw new Error(`related table "${h}" not found in datasource`);let O=u?.[h]||h,w=u?.[r]||r,T=p&&u?.[p]||p,_=this.tableNameWithSchema(h,{alias:O,schema:c}),U=[...I?.primary||[],I?.primaryDisplay].filter(D=>D),R=VM(d.filter(D=>D.split(".")[0]===O),U);R=R.slice(0,Math.floor(this.maxFunctionParameters()/2));let k=R.map(D=>this.buildJsonField(I,D));if(!k.length)continue;let Y=k.map(D=>{let J=this.client==="oracledb"?" VALUE ":",";return this.knex.raw(`?${J}??`,[D[0],D[1]]).toString()}).join(","),we=`${O}.${y||S}`,W=o.from(_).orderBy(we),F=p&&y&&E,N=F?`${T}.${m}`:`${O}.${S}`,G=F?`${w}.${E}`:`${w}.${m}`;if(F){let D=this.tableNameWithSchema(p,{alias:T,schema:c});W=W.join(D,function(){this.on(`${O}.${y}`,"=",`${T}.${S}`)})}W=W.where(this.rawQuotedIdentifier(N),"=",this.rawQuotedIdentifier(G));let M=s(D=>(W=W.select(R.map(J=>this.rawQuotedIdentifier(J))).limit(Mm()),o.select(D).from({[O]:W})),"standardWrap"),K;switch(i){case"sqlite3":W=this.addJoinFieldCheck(W,f),K=M(this.knex.raw(`json_group_array(json_object(${Y}))`));break;case"pg":K=M(this.knex.raw(`json_agg(json_build_object(${Y}))`));break;case"mariadb":K=W.select(o.raw(`json_arrayagg(json_object(${Y}) LIMIT ${Mm()})`));break;case"mysql2":case"oracledb":K=M(this.knex.raw(`json_arrayagg(json_object(${Y}))`));break;case"mssql":{let D=o.select("*").from({[w]:W.select(k.map(J=>o.ref(J[1]).as(J[0]))).limit(Mm())});K=o.raw(`(SELECT ?? = (${D} FOR JSON PATH))`,[this.rawQuotedIdentifier(O)]);break}default:throw new Error(`JSON relationships not implement for ${i}`)}e=e.select({[f.column]:K})}return e}addJoin(e,r,n){let{tableAliases:i,schema:o}=this.query,a=r.to,u=r.from,c=r.through,l=i?.[a]||a,d=c&&i?.[c]||c,f=i?.[u]||u,h=this.tableNameWithSchema(a,{alias:l,schema:o}),p=c?this.tableNameWithSchema(c,{alias:d,schema:o}):void 0;return c?e=e.leftJoin(p,function(){for(let S of n){let m=S.fromPrimary,E=S.from;this.orOn(`${f}.${m}`,"=",`${d}.${E}`)}}).leftJoin(h,function(){for(let S of n){let m=S.toPrimary,E=S.to;this.orOn(`${l}.${m}`,`${d}.${E}`)}}):e=e.leftJoin(h,function(){for(let S of n){let m=S.from,E=S.to;this.orOn(`${f}.${m}`,"=",`${l}.${E}`)}}),e}qualifiedKnex(e){let r=this.query.tableAliases?.[this.query.table.name];return e?.alias===!1?r=void 0:typeof e?.alias=="string"&&(r=e.alias),this.knex(this.tableNameWithSchema(this.query.table.name,{alias:r,schema:this.query.schema}))}create(e){let{body:r}=this.query;if(!r)throw new Error("Cannot create without row body");let n=this.qualifiedKnex({alias:!1}),i=this.parseBody(r);if(this.client==="oracledb")for(let[o,a]of Object.entries(this.query.table.schema)){if(a.constraints?.presence===!0||a.type==="formula"||a.type==="auto"||a.type==="link"||a.type==="ai")continue;i[o]==null&&(i[o]=null)}else for(let[o,a]of Object.entries(i))a==null&&delete i[o];return e.disableReturning?n.insert(i):n.insert(i).returning("*")}bulkCreate(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));return r.insert(n)}bulkUpsert(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));if(this.client==="pg"||this.client==="sqlite3"||this.client==="mysql2"||this.client==="mariadb"){let i=this.table.primary;if(!i)throw new Error("Primary key is required for upsert");return r.insert(n).onConflict(i).merge()}else if(this.client==="mssql"||this.client==="oracledb")return r.insert(n);return r.upsert(n)}read(e={}){let{operation:r,filters:n,paginate:i,relationships:o,table:a}=this.query,{limits:u}=e,c=this.qualifiedKnex(),l=null,d=u?.query||u?.base;if(i&&i.page&&i.limit){let p=(i.page<=1?0:i.page-1)*i.limit;d=i.limit,l=p}else i&&i.offset&&i.limit?(d=i.limit,l=i.offset):i&&i.limit&&(d=i.limit);r!=="COUNT"&&(d!=null&&(c=c.limit(d)),l!=null&&(c=c.offset(l)));let f=this.query.resource?.aggregations||[];if(r==="COUNT"?c=this.addDistinctCount(c):f.length>0?c=this.addAggregations(c,f):c=c.select(this.generateSelectStatement()),r!=="COUNT"&&(c=this.addSorting(c)),c=this.addFilters(c,n,{relationship:!0}),o?.length&&f.length===0){let h=this.query.tableAliases?.[a.name]||a.name,p=this.addSorting(this.knex.with("paginated",c.clone().clearSelect().select("*")).select(this.generateSelectStatement()).from({[h]:"paginated"}));return this.addJsonRelationships(p,a.name,o)}return c}update(e){let{body:r,filters:n}=this.query;if(!r)throw new Error("Cannot update without row body");let i=this.qualifiedKnex(),o=this.parseBody(r);return i=this.addFilters(i,n,{relationship:!0}),e.disableReturning?i.update(o):i.update(o).returning("*")}delete(e){let{filters:r}=this.query,n=this.qualifiedKnex();return n=this.addFilters(n,r,{relationship:!0}),e.disableReturning?n.delete():n.delete().returning(this.generateSelectStatement())}},Bm=class extends kc{constructor(r,n=X_()){super(r);this.limit=n}static{s(this,"SqlQueryBuilder")}convertToNative(r,n={}){let i=this.getSqlClient();if(n?.disableBindings)return{sql:r.toString()};{let o=Jn(r);return i==="sqlite3"&&(o=nO(o)),o}}_query(r,n={}){let i=this.getSqlClient(),o={client:this.getBaseSqlClient()};(i==="sqlite3"||i==="oracledb")&&(o.useNullAsDefault=!0);let a=(0,tO.knex)(o),u,c=new Fm(i,a,r);switch(this._operation(r)){case"CREATE":u=c.create(n);break;case"READ":u=c.read({limits:{query:this.limit,base:X_()}});break;case"COUNT":u=c.read();break;case"UPDATE":u=c.update(n);break;case"DELETE":u=c.delete(n);break;case"BULK_CREATE":u=c.bulkCreate();break;case"BULK_UPSERT":u=c.bulkUpsert();break;case"CREATE_TABLE":case"UPDATE_TABLE":case"DELETE_TABLE":return this._tableQuery(r);default:throw"Operation type is not supported by SQL query builder"}return this.convertToNative(u,n)}async getReturningRow(r,n){if(!n.extra||!n.extra.idFilter)return{};let i=this._query({operation:"READ",datasource:n.datasource,schema:n.schema,table:n.table,tables:n.tables,resource:{fields:[]},filters:n.extra?.idFilter,paginate:{limit:1}});return r(i,"READ")}checkLookupKeys(r,n){if(!r||!n.table.primary)return n;let i=n.table.primary[0];return n.extra={idFilter:{equal:{[i]:r}}},n}async queryWithReturning(r,n,i=o=>o){let o=this.getSqlClient(),a=this._operation(r),u=this._query(r,{disableReturning:!0});if(Array.isArray(u)){let f=[];for(let h of u)f.push(await n(h,a));return f}let c;a==="DELETE"&&(c=i(await this.getReturningRow(n,r)));let l=await n(u,a),d=i(l);if(a==="CREATE"||a==="UPDATE"){let f;o==="mssql"?f=d?.[0].id:(o==="mysql2"||o==="mariadb")&&(f=d?.insertId),c=i(await this.getReturningRow(n,this.checkLookupKeys(f,r)))}return a==="COUNT"?d:a!=="READ"?c:d.length?d:[{[a.toLowerCase()]:!0}]}getTableName(r,n){let i=r.name;if(r.sourceType==="internal"||r.sourceId===Qc){if(!r._id)return;i=r._id}return n?.[i]||i}convertJsonStringColumns(r,n,i){let o=this.getTableName(r,i);for(let[a,u]of Object.entries(r.schema)){if(!iO(u))continue;let c=`${o}.${a}`;for(let l of n)typeof l[c]=="string"&&(l[c]=JSON.parse(l[c])),typeof l[a]=="string"&&(l[a]=JSON.parse(l[a]))}return n}log(r,n){bs(this.getSqlClient(),r,n)}},sO=Bm;var $m={};P($m,{base:()=>YM});function YM(t){return{_id:Rt,language:"sqlite",sql:{tables:{},options:{table_name:t}}}}s(YM,"base");var Vm={};P(Vm,{jsonFromCsvString:()=>HM});var oO=B(require("csvtojson"));async function HM(t,e){let{ignoreEmpty:r=!1,allowSingleColumn:n=!1,possibleDelimiters:i=[",",";",":","|","~"," "," "]}=e||{};for(let o of i){let a,u=!1;try{let c=await(0,oO.default)({ignoreEmpty:r,delimiter:o}).fromString(t);for(let[,l]of c.entries()){let d=Object.keys(l);if(a==null&&(a=d),!n&&d.length===1){u=!0;break}if(a.length!==d.length){u=!0;break}for(let f of a)(l[f]===void 0||l[f]==="")&&(l[f]=null)}if(u)continue;return c}catch{continue}}throw new Error("Unable to determine delimiter")}s(HM,"jsonFromCsvString");var qm=class{static{s(this,"Endpoint")}constructor(e,r,n){this.method=e,this.url=r,this.controller=n,this.middlewares=[],this.outputMiddlewares=[]}addMiddleware(e,r){return r?.first?this.middlewares.unshift(e):this.middlewares.push(e),this}addOutputMiddleware(e,r){return r?.first?this.outputMiddlewares.unshift(e):this.outputMiddlewares.push(e),this}apply(e){let r=this.method,n=this.url,i=this.middlewares,o=this.controller,a=this.outputMiddlewares,u=s(()=>{},"complete"),c=[n,...i,o,...a,u];e[r](...c)}},Fc=qm;var aO=B(require("@koa/router"));var wn=class{constructor(){this.endpoints=[];this.middlewares=[];this.outputMiddlewares=[];this.applied=!1;this.locked=!1}static{s(this,"EndpointGroup")}addGroupMiddleware(e,r={first:!0}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.middlewares.push({fn:e,first:r.first}),this}addGroupMiddlewareOutput(e,r={first:!1}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.outputMiddlewares.push({fn:e,first:r.first}),this}addEndpoint(e,r,...n){let i=n.pop(),o=new Fc(e,r,i);if(n.length!==0)for(let a of n)o.addMiddleware(a);return this.endpoints.push(o),this}lockMiddleware(){this.locked=!0}post(e,...r){return this.addEndpoint("post",e,...r)}patch(e,...r){return this.addEndpoint("patch",e,...r)}put(e,...r){return this.addEndpoint("put",e,...r)}get(e,...r){return this.addEndpoint("get",e,...r)}delete(e,...r){return this.addEndpoint("delete",e,...r)}head(e,...r){return this.addEndpoint("head",e,...r)}apply(e){let r=this.endpointList();e||(e=new aO.default);for(let n of r)n.apply(e);return e}endpointList(){if(this.applied)throw new Error("Already applied to router");this.applied=!0;for(let e of this.endpoints)this.middlewares.forEach(({fn:r,first:n})=>e.addMiddleware(r,{first:n})),this.outputMiddlewares.forEach(({fn:r,first:n})=>e.addOutputMiddleware(r,{first:n}));return this.endpoints}};var Fo=class{constructor(){this.groups=[]}static{s(this,"EndpointGroupList")}group(...e){let r=new wn;return e.length&&e.forEach(n=>{"first"in n?r.addGroupMiddleware(n.middleware,{first:n.first}):r.addGroupMiddleware(n)}),this.groups.push(r),r}listAllEndpoints(){let e=this.groups.flatMap(i=>i.endpointList()),r=[],n=[];for(let i of e)i.url.includes(":")?n.push(i):r.push(i);return[...r,...n]}};var zM={...Vs,...ue},JM=s((t={})=>{Ha(t.db)},"init");0&&(module.exports={APIWarning,ActiveContentFileError,AutomationViewMode,BUDIBASE_DATASOURCE_TYPE,BadRequestError,BudibaseError,Config,Cookie,DEFAULT_BB_DATASOURCE_ID,DEFAULT_EMPLOYEE_TABLE_ID,DEFAULT_EXPENSES_TABLE_ID,DEFAULT_INVENTORY_TABLE_ID,DEFAULT_JOBS_TABLE_ID,DEFAULT_TENANT_ID,DeprecatedViews,DesignDocuments,DocumentType,Duration,DurationType,EmailUnavailableError,Endpoint,EndpointGroup,EndpointGroupList,FeatureDisabledError,FeatureDisabledWarning,ForbiddenError,GlobalRole,HTTPError,Header,InternalTable,InvalidAPIKeyWarning,MAX_VALID_DATE,MIN_VALID_DATE,NotFoundError,NotImplementedError,RedisClient,SEPARATOR,SQLITE_DESIGN_DOC_ID,SQS_DATASOURCE_INTERNAL,StaticDatabases,UNICODE_MAX,USER_METADATA_PREFIX,UnexpectedError,UsageLimitError,UsageLimitWarning,UserStatus,ViewName,WORKSPACE_DEV,WORKSPACE_DEV_PREFIX,WORKSPACE_PREFIX,accounts,auth,blacklist,cache,configs,constants,context,csv,db,docIds,docUpdates,encryption,env,errors,events,features,getErrorMessage,getPublicError,init,installation,locks,logging,middleware,objectStore,permissions,platform,plugins,queue,redis,roles,security,sessions,setEnv,sql,tenancy,timers,userUtils,users,utils,warnings,withEnv});
|
|
39
39
|
//# sourceMappingURL=index.js.map
|