@budibase/backend-core 3.32.6 → 3.33.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/index.js +1 -1
  2. package/dist/index.js.map +1 -1
  3. package/dist/package.json +2 -2
  4. package/package.json +2 -2
package/dist/index.js CHANGED
@@ -34,6 +34,6 @@ attempted value: ${o}
34
34
  emit(doc.ssoId, doc._id)
35
35
  }
36
36
  }`,"platform_users_lowercase_2")},"createPlatformUserView"),Ws=s(async(t,e)=>{let r={account_by_email:rS,platform_users_lowercase_2:nS};return je(fe.PLATFORM_INFO.name,async n=>{let i=r[t];return jf(t,e,n,i,{arrayResponse:!0})})},"queryPlatformView"),iS={by_email2:XT,by_api_key:eS,by_app:ZT},Kt=s(async(t,e,r,n)=>{r||(r=Y());let i=iS[t];return jf(t,e,r,i,n)},"queryGlobalView");async function $s(t,e,r){let n=Y(),i=iS[t];return Bs(t,e,n,i,r)}s($s,"queryGlobalViewRaw");var $x=B(require("pouchdb"));var sS=require("dd-trace");var Hf=class{static{s(this,"Replication")}constructor({source:e,target:r}){this.source=rt(e),this.target=rt(r),e.startsWith("app_dev")&&r.startsWith("app")?this.direction="toProduction":e.startsWith("app")&&r.startsWith("app_dev")&&(this.direction="toDev")}async close(){await Promise.all([bs(this.source),bs(this.target)])}replicate(e={}){return new Promise(r=>{this.source.replicate.to(this.target,e).on("denied",function(n){throw new Error(`Denied: Document failed to replicate ${n}`)}).on("complete",function(n){return r(n)}).on("error",function(n){throw n})})}async resolveInconsistencies(e){for(let r of e)try{let[n,i]=await Promise.all([this.source.get(r),this.target.get(r)]),o=this.replicationDelta(n,i);if(o<0||o===0&&n._rev===i._rev)continue;let a=o+1;await sS.tracer.trace("Replication.resolveInconsistencies",async u=>{u.addTags({versionsToJump:a,toFix:!0,id:r,sourceRev:n._rev,targetRev:i._rev});for(let c=0;c<a;c++){let l=await this.source.get(i._id);await this.source.put(l)}})}catch{console.warn("Cannot resolve inconsistencies for document",r)}}replicationDelta(e,r){let n=this.getRevisionNumber(e);return this.getRevisionNumber(r)-n}getRevisionNumber(e){return parseInt(e._rev?.split("-")[0]||"0")}appReplicateOpts(e={}){if(typeof e.filter=="string")return e;let r=e.filter,n=this.direction,i=n==="toDev";delete e.filter;let o=e.isCreation,a=e.tablesToSync;delete e.isCreation,delete e.tablesToSync;let u=!1,c;typeof a=="string"&&a==="all"?u=!0:a&&(c=a);let l=s((f,h)=>f?.startsWith(h+C),"startsWithID"),d=s(f=>l(f,"ro")||l(f,"li"),"isData");return{...e,filter:(f,h)=>!o&&f._id==="_design/migrations"||i&&f._id.startsWith("_design")?!1:f._deleted||l(f._id,_s)?!0:n==="toProduction"&&!o&&l(f._id,"autocolumn_state")?!1:d(f._id)?!!c?.find(p=>f._id.includes(p))||u:l(f._id,"log_au")||l(f._id,"agentlogsession")||f._id==="app_metadata"?!1:r?r(f,h):!0}}async rollback(){await this.target.destroy(),this.target=rt(this.target.name),await this.replicate()}},oS=Hf;var uS=B(require("node-fetch"));var Gs=mr.removeKeyNumbering;function an(t){return t==null||t===""}s(an,"isEmpty");var Qt=class t{static{s(this,"QueryBuilder")}#l;#d;#e;#r;#n;#i;#s;#o;#t;#f;#a;#u=!1;#c;static{this.maxLimit=200}constructor(e,r,n){this.#l=e,this.#d=r,this.#e={allOr:!1,onEmptyFilter:"all",string:{},fuzzy:{},range:{},equal:{},notEqual:{},empty:{},notEmpty:{},oneOf:{},contains:{},notContains:{},containsAny:{},...n},this.#r=50,this.#s="ascending",this.#o="string",this.#t=!0}disableEscaping(){return this.#u=!0,this}setIndexBuilder(e){return this.#a=e,this}setVersion(e){return e!=null&&(this.#f=e),this}setTable(e){return this.#e.equal.tableId=e,this}setLimit(e){return e!=null&&(this.#r=e),this}setSort(e){return e!=null&&(this.#n=e),this}setSortOrder(e){return e!=null&&(this.#s=e),this}setSortType(e){return e!=null&&(this.#o=e),this}setBookmark(e){return e!=null&&(this.#i=e),this}setSkip(e){return this.#c=e,this}excludeDocs(){return this.#t=!1,this}includeDocs(){return this.#t=!0,this}addString(e,r){return this.#e.string[e]=r,this}addFuzzy(e,r){return this.#e.fuzzy[e]=r,this}addRange(e,r,n){return this.#e.range[e]={low:r,high:n},this}addEqual(e,r){return this.#e.equal[e]=r,this}addNotEqual(e,r){return this.#e.notEqual[e]=r,this}addEmpty(e,r){return this.#e.empty[e]=r,this}addNotEmpty(e,r){return this.#e.notEmpty[e]=r,this}addOneOf(e,r){return this.#e.oneOf[e]=r,this}addContains(e,r){return this.#e.contains[e]=r,this}addNotContains(e,r){return this.#e.notContains[e]=r,this}addContainsAny(e,r){return this.#e.containsAny[e]=r,this}setAllOr(){this.#e.allOr=!0}setOnEmptyFilter(e){this.#e.onEmptyFilter=e}handleSpaces(e){return this.#u?e:e.replace(/ /g,"_")}preprocess(e,{escape:r,lowercase:n,wrap:i,type:o}={}){let a=!!this.#f,u=typeof e;return e&&n&&(e=e.toLowerCase?e.toLowerCase():e),!this.#u&&r&&u==="string"&&(e=`${e}`.replace(/[ /#+\-&|!(){}\]^"~*?:\\]/g,"\\$&")),u==="string"&&!isNaN(e)&&!o?e=`"${e}"`:a&&i&&(e=u==="number"?e:`"${e}"`),e}isMultiCondition(){let e=0;for(let r of Object.values(this.#e))typeof r=="object"&&(e+=Object.keys(r).length);return e>1}compressFilters(e){let r={};for(let o of Object.keys(e)){let a=Gs(o);r[a]?r[a]=r[a].concat(e[o]):r[a]=e[o]}let n={},i=1;for(let[o,a]of Object.entries(r))n[`${i++}:${o}`]=a;return n}buildSearchQuery(){let e=this,r=this.#e&&this.#e.allOr,n=r?"":"*:*",i=!0,o={escape:!0,lowercase:!0,wrap:!0},a="";this.#e.equal.tableId&&(a=this.#e.equal.tableId,delete this.#e.equal.tableId);let u=s((S,m)=>an(m)?null:`${S}:${e.preprocess(m,o)}`,"equal"),c=s((S,m,E="AND")=>{if(an(m))return null;if(!Array.isArray(m))return`${S}:${m}`;let y=`${e.preprocess(m[0],{escape:!0})}`;for(let I=1;I<m.length;I++)y+=` ${E} ${e.preprocess(m[I],{escape:!0})}`;return`${S}:(${y})`},"contains"),l=s((S,m)=>an(m)?null:(m=e.preprocess(m,{escape:!0,lowercase:!0,type:"fuzzy"}),`${S}:/.*${m}.*/`),"fuzzy"),d=s((S,m)=>{let E=r?"*:* AND ":"",y=r?"AND":void 0;return E+"NOT "+c(S,m,y)},"notContains"),f=s((S,m)=>c(S,m,"OR"),"containsAny"),h=s((S,m)=>{if(an(m))return"*:*";if(!Array.isArray(m))if(typeof m=="string")m=m.split(",");else return"";let E=`${e.preprocess(m[0],o)}`;for(let y=1;y<m.length;y++)E+=` OR ${e.preprocess(m[y],o)}`;return`${S}:(${E})`},"oneOf");function p(S,m,E){let y="";for(let[I,O]of Object.entries(S)){I=Gs(I),I=e.preprocess(e.handleSpaces(I),{escape:!0});let w=m(I,O);if(w!=null){if(y.length>0||n.length>0){let T=E?.mode?E.mode:r?"OR":"AND";y+=` ${T} `}y+=w,(typeof O!="string"&&O!=null||typeof O=="string"&&O!==a&&O!=="")&&(i=!1)}}if(E?.returnBuilt)return y;n+=y}if(s(p,"build"),this.#e.string&&p(this.#e.string,(S,m)=>an(m)?null:(m=e.preprocess(m,{escape:!0,lowercase:!0,type:"string"}),`${S}:${m}*`)),this.#e.range&&p(this.#e.range,(S,m)=>{if(an(m)||m.low==null||m.low===""||m.high==null||m.high==="")return null;let E=e.preprocess(m.low,o),y=e.preprocess(m.high,o);return`${S}:[${E} TO ${y}]`}),this.#e.fuzzy&&p(this.#e.fuzzy,l),this.#e.equal&&p(this.#e.equal,u),this.#e.notEqual&&p(this.#e.notEqual,(S,m)=>an(m)?null:typeof m=="boolean"?`(*:* AND !${S}:${m})`:`!${S}:${e.preprocess(m,o)}`),this.#e.empty&&p(this.#e.empty,S=>(i=!1,`(*:* -${S}:["" TO *])`)),this.#e.notEmpty&&p(this.#e.notEmpty,S=>(i=!1,`${S}:["" TO *]`)),this.#e.oneOf&&p(this.#e.oneOf,h),this.#e.contains&&p(this.#e.contains,c),this.#e.notContains&&p(this.compressFilters(this.#e.notContains),d),this.#e.containsAny&&p(this.#e.containsAny,f),a&&(n=this.isMultiCondition()?`(${n})`:n,r=!1,p({tableId:a},u)),i){if(this.#e.onEmptyFilter==="none")return"";if(this.#e?.allOr)return n.replace("()","(*:*)")}return n}buildSearchBody(){let e={q:this.buildSearchQuery(),limit:Math.min(this.#r,t.maxLimit),include_docs:this.#t};if(this.#i&&(e.bookmark=this.#i),this.#n){let r=this.#s==="descending"?"-":"",n=`<${this.#o}>`;e.sort=`${r}${this.handleSpaces(this.#n)}${n}`}return e}async run(){return this.#c&&await this.#m(this.#c),await this.#p()}async#m(e){let r=this.#t,n=this.#r;this.excludeDocs();let i=e,o=0;do{let a=Math.min(t.maxLimit,i);this.setLimit(a);let{bookmark:u,rows:c}=await this.#p();this.setBookmark(u),o=c.length,i-=c.length}while(i>0&&o>0);this.#t=r,this.#r=n}async#p(){let{url:e,cookie:r}=mt(),n=`${e}/${this.#l}/_design/database/_search/${this.#d}`,i=this.buildSearchBody();try{return await aS(n,i,r)}catch(o){if(o.status===404&&this.#a)return await this.#a(),await aS(n,i,r);throw o}}};async function aS(t,e,r){let n=await(0,uS.default)(t,{body:JSON.stringify(e),method:"POST",headers:{Authorization:r}});if(n.status===404)throw n;let i=await n.json(),o={rows:[],totalRows:0};return i.rows!=null&&i.rows.length>0&&(o.rows=i.rows.map(a=>a.doc)),i.bookmark&&(o.bookmark=i.bookmark),i.total_rows&&(o.totalRows=i.total_rows),o}s(aS,"runQuery");async function cS(t,e,r,n){let i=n.bookmark,o=n.rows||[];if(n.limit&&o.length>=n.limit)return o;let a=Qt.maxLimit;n.limit&&o.length>n.limit-Qt.maxLimit&&(a=n.limit-o.length);let u=new Qt(t,e,r);u.setVersion(n.version).setBookmark(i).setLimit(a).setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.tableId&&u.setTable(n.tableId);let c=await u.run();if(!c.rows.length)return o;if(c.rows.length<Qt.maxLimit)return[...o,...c.rows];let l={...n,bookmark:c.bookmark,rows:[...o,...c.rows]};return await cS(t,e,r,l)}s(cS,"recursiveSearch");async function Gx(t,e,r,n){let i=n.limit;(i==null||isNaN(i)||i<0)&&(i=50),i=Math.min(i,Qt.maxLimit);let o=new Qt(t,e,r);n.version&&o.setVersion(n.version),n.tableId&&o.setTable(n.tableId),n.sort&&o.setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.indexer&&o.setIndexBuilder(n.indexer),n.disableEscaping&&o.disableEscaping();let a=await o.setBookmark(n.bookmark).setLimit(i).run();o.setBookmark(a.bookmark).setLimit(1),n.tableId&&o.setTable(n.tableId);let u=await o.run();return{...a,hasNextPage:u.rows&&u.rows.length>0}}s(Gx,"paginatedSearch");async function Vx(t,e,r,n){let i=n.limit;return(i==null||isNaN(i)||i<0)&&(i=1e3),n.limit=Math.min(i,1e3),{rows:await cS(t,e,r,n)}}s(Vx,"fullSearch");var Yf={};P(Yf,{createUserIndex:()=>qx});async function qx(){let t=Y(),e;try{e=await t.get("_design/database")}catch(n){n.status===404&&(e={_id:"_design/database"})}let r=s(function(n){if(n._id&&!n._id.startsWith("us_"))return;let i=["_id","_rev","password","account","license","budibaseAccess","accountPortalAccess","csrfToken"];function o(a,u){for(let c of Object.keys(a)){if(i.includes(c))continue;let l=u!=null?`${u}.${c}`:c;typeof a[c]=="string"?index(l,a[c].toLowerCase(),{facet:!0}):typeof a[c]!="object"?index(l,a[c],{facet:!0}):o(a[c],l)}}s(o,"idx"),o(n)},"fn");e.indexes={user:{index:r.toString(),analyzer:{default:"keyword",name:"perfield"}}},await t.put(e)}s(qx,"createUserIndex");function lS(t,e){let r=e.toString();if(typeof t=="object")return t.status===e||t.message?.includes(r);if(typeof t=="number")return t===e;if(typeof t=="string")return t.includes(r)}s(lS,"checkErrorCode");function Kx(t){return lS(t,409)}s(Kx,"isDocumentConflictError");var qs={};P(qs,{addTenantToUrl:()=>Qx,getTenantDB:()=>zf,getTenantIDFromCtx:()=>Vs,isUserInWorkspaceTenant:()=>jx});function zf(t){return Re(nn(t))}s(zf,"getTenantDB");function Qx(t){let e=$();if(Er()){let r=t.indexOf("?")===-1?"?":"&";t+=`${r}tenantId=${e}`}return t}s(Qx,"addTenantToUrl");var jx=s((t,e)=>{let r;return e?r=e.tenantId||ae:r=$(),(Zn(t)||ae)===r},"isUserInWorkspaceTenant"),Hx=Object.values(Ri),Vs=s((t,e)=>{if(!Er())return ae;e.allowNoTenant===void 0&&(e.allowNoTenant=!1),e.includeStrategies||(e.includeStrategies=Hx),e.excludeStrategies||(e.excludeStrategies=[]);let r=s(n=>{if(e.excludeStrategies?.includes(n))return!1;if(e.includeStrategies?.includes(n))return!0},"isAllowed");if(r("user")){let n=t.user?.tenantId;if(n)return n}if(r("header")){let n=t.request.headers["x-budibase-tenant-id"];if(n)return n}if(r("query")){let n=t.request.query.tenantId;if(n)return n}if(r("subdomain")){let n;try{n=new URL(Rf()).host.split(":")[0]}catch(o){if(o.code!=="ERR_INVALID_URL")throw o}let i=t.host;if(n&&i.includes(n)){let o=i.substring(0,i.indexOf(`.${n}`));if(o)return o}}if(r("path")){let n=t.matched.find(a=>!!a.paramNames.find(u=>u.name==="tenantId")),i=t.originalUrl,o;if(i.includes("?")?o=i.split("?")[0]:o=i,n){let a=n.params(o,n.captures(o),{});if(a.tenantId)return a.tenantId}}e.allowNoTenant||t.throw(403,"Tenant id not set")},"getTenantIDFromCtx");var Jf="app"+C,dS="/app/",fS="/app-chat/";async function Yx(t){let r=t.path.split("/")[2];if(!r)return;let n=`/${r.toLowerCase()}`,i=$();!g.isDev()&&g.MULTI_TENANCY&&(i=Vs(t,{includeStrategies:["subdomain"]}));let a=(await Ce(i,()=>Fs({dev:!1}))).filter(u=>u.url&&u.url.toLowerCase()===n)[0];return a&&a.appId?a.appId:void 0}s(Yx,"resolveAppUrl");function zx(t){return t.path.startsWith(`/${Jf}`)?!0:t.path.startsWith(dS)||t.path.startsWith(fS)}s(zx,"isServingApp");function Jx(t){return t.path.startsWith("/builder/workspace/")}s(Jx,"isServingBuilder");function Xx(t){return pS(t.path)}s(Xx,"isServingBuilderPreview");function pS(t){return new RegExp(/^\/app\/app_\w+\/preview$/).test(t)}s(pS,"isBuilderPreviewUrl");function Zx(t){return t.path.startsWith("/api/public/v")}s(Zx,"isPublicApiRequest");async function un(t){let e;function r(u){u&&u.startsWith(Jf)&&(e&&e!==u&&t.throw("App id conflict",403),e=u)}s(r,"setWorkspaceIdIfValid");function n(u){if(u){typeof u=="string"&&(u=[u]);for(let c of u)r(c)}}s(n,"checkPossibleValues"),n(t.request.headers["x-budibase-app-id"]),r(t.request.body?.appId);let i=ev(t.path);r(i),n(t.query?.appId);let o=pS(t.path);return(t.path.startsWith(dS)||t.path.startsWith(fS))&&!o&&r(await Yx(t)),e}s(un,"getWorkspaceIdFromCtx");function ev(t){if(t)return t.split("?")[0].split("/").find(e=>e.startsWith(Jf))}s(ev,"parseWorkspaceIdFromUrlPath");function Tu(t){if(t)try{return yu.default.verify(t,g.JWT_SECRET)}catch(e){if(g.JWT_SECRET_FALLBACK)return yu.default.verify(t,g.JWT_SECRET_FALLBACK);throw e}}s(Tu,"openJwt");function Ks(t){return g.INTERNAL_API_KEY&&g.INTERNAL_API_KEY===t?!0:!!(g.INTERNAL_API_KEY_FALLBACK&&g.INTERNAL_API_KEY_FALLBACK===t)}s(Ks,"isValidInternalAPIKey");function jt(t,e){let r=t.cookies.get(e);if(r)return Tu(r)}s(jt,"getCookie");function mS(t,e,r="builder",n={sign:!0}){e&&n&&n.sign&&(e=yu.default.sign(e,g.JWT_SECRET));let i={expires:Va,path:"/",httpOnly:!1,overwrite:!0};g.COOKIE_DOMAIN&&(i.domain=g.COOKIE_DOMAIN),t.cookies.set(r,e,i)}s(mS,"setCookie");function Ar(t,e){mS(t,null,e)}s(Ar,"clearCookie");function tv(t){return t.headers["x-budibase-type"]==="client"}s(tv,"isClient");function Xf(t){return new Promise(e=>setTimeout(e,t))}s(Xf,"timeout");function Zf(t){return!!rh[t]}s(Zf,"isAudited");function rv(t){if(typeof t!="object")return!1;try{JSON.stringify(t)}catch(e){if(e instanceof Error&&e?.message.includes("circular structure"))return!0}return!1}s(rv,"hasCircularStructure");function nv(t){return!!t.match(/^.+:\/\/.+$/)}s(nv,"urlHasProtocol");function ep(t){return t&&!!t.match(/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/)}s(ep,"validEmail");var tp=(o=>(o.MILLISECONDS="milliseconds",o.SECONDS="seconds",o.MINUTES="minutes",o.HOURS="hours",o.DAYS="days",o))(tp||{}),Su={milliseconds:1,seconds:1e3,minutes:6e4,hours:36e5,days:864e5},pe=class t{constructor(e){this.ms=e}static{s(this,"Duration")}to(e){return this.ms/Su[e]}toMs(){return this.ms}toSeconds(){return this.to("seconds")}static convert(e,r,n){return n*Su[e]/Su[r]}static from(e,r){return new t(r*Su[e])}static fromSeconds(e){return t.from("seconds",e)}static fromMinutes(e){return t.from("minutes",e)}static fromHours(e){return t.from("hours",e)}static fromDays(e){return t.from("days",e)}static fromMilliseconds(e){return t.from("milliseconds",e)}};async function iv(t){let e=performance.now();return[await t(),pe.fromMilliseconds(performance.now()-e)]}s(iv,"time");var Au=require("undici");function sv(t,e){let r,n=null;try{let o=new URL(t);r=o.hostname,n=o.port||null}catch{return!1}let i=e.split(/[\s,]+/).filter(o=>o.length>0);for(let o of i){let u=o.replace(/^\./,"*").match(/^(.+?)(?::(\d+))?$/);if(!u||!u[1])continue;let c=u[1].toLowerCase(),l=u[2]||null,d=!1;if(c==="*")d=!0;else if(c.startsWith("*")){let h=c.slice(1);d=r===h.slice(1)||r.endsWith(h)}else d=r===c;if(d&&(!l||n===l))return!0}return!1}s(sv,"isUrlMatchingNoProxy");function ov(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e;if(!n||!n.trim())return!0;try{new URL(n.trim())}catch{return console.log("[fetch] Invalid proxy URL format:",n),!0}if(t){let i=process.env.GLOBAL_AGENT_NO_PROXY||process.env.NO_PROXY||"";if(i&&sv(t,i))return console.log("[fetch] URL matches NO_PROXY pattern, bypassing proxy",{url:t,noProxy:i}),!0}return!1}s(ov,"shouldBypassProxy");function av(t){return new Au.Agent({connect:{rejectUnauthorized:t}})}s(av,"createDirectAgent");function uv(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=(process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e).trim();console.log("[fetch] Creating ProxyAgent",{proxyUrl:n,rejectUnauthorized:t});let i={uri:n,requestTls:{rejectUnauthorized:t}};return n.startsWith("https://")&&(i.proxyTls={rejectUnauthorized:t}),new Au.ProxyAgent(i)}s(uv,"createProxyAgent");function cv(t){let e=t?.rejectUnauthorized??!0;return ov(t?.url)?av(e):uv(e)}s(cv,"createDispatcher");function lv(t){return cv(t)}s(lv,"getDispatcher");var rp=require("util"),np=B(require("zlib"));var dv=(0,rp.promisify)(np.default.gzip),fv=(0,rp.promisify)(np.default.gunzip),_u="gzip:",pv=s(async t=>{let e=await dv(t);return`${_u}${e.toString("base64")}`},"gzipToBase64"),mv=s(async t=>{let e=t.startsWith(_u)?t.slice(_u.length):t,r=Buffer.from(e,"base64");return(await fv(new Uint8Array(r))).toString("utf8")},"gunzipFromBase64");function hv(t){let e=t.get("authorization");if(!e)return null;let r=e.match(/^Bearer\s+(.+)$/i);return r?r[1]:null}s(hv,"getBearerToken");function gv(t){let e="",r=-1,n,i,o=t.opts?.repeat;return o&&(i=o.endDate?new Date(o.endDate).getTime():Date.now(),n=o.tz,"cron"in o?e=o.cron:r=o.every),{id:t.id.toString(),name:"",key:t.id.toString(),tz:n,endDate:i,cron:e,every:r,next:0}}s(gv,"jobToJobInformation");var Ou=class{static{s(this,"InMemoryQueue")}constructor(e,r){this._name=e,this._opts=r,this._messages=[],this._emitter=new hS.default.EventEmitter,this._runCount=0,this._addCount=0,this._queuedJobIds=new Set,this._attempts=r?.defaultJobOptions?.attempts||1}async process(e,r){r=typeof e=="number"?r:e,this._emitter.on("message",async n=>{if(!n.manualTrigger&&n.opts?.repeat!=null)return;function i(){return r.length===1?r(n):new Promise((c,l)=>{r(n,s((f,h)=>{f?l(f):c(h)},"done"))})}s(i,"execute");let o=this._attempts;async function a(c,l=0){try{return await c}catch(d){if(l++,l<o&&!n._isDiscarded)return await Ue.wait(100*l),await a(i(),l);throw d}}s(a,"retryFunc");try{let c=await a(i());this._emitter.emit("completed",n,c);let l=this._messages.indexOf(n);if(l===-1)throw"Failed deleting a processed message";this._messages.splice(l,1)}catch(c){console.error(c),this._emitter.emit("error",n,c)}this._runCount++;let u=n.opts?.jobId?.toString();u&&n.opts?.removeOnComplete&&this._queuedJobIds.delete(u)})}async isReady(){return this}async add(e,r){if(typeof e=="string")throw new Error("doesn't support named jobs");let n=r,i=n?.jobId?.toString();if(i&&this._queuedJobIds.has(i)){console.log(`Ignoring already queued job ${i}`);return}if(typeof e!="object")throw"Queue only supports carrying JSON.";i&&this._queuedJobIds.add(i);let o=ee(),a=s(()=>{let c={id:o,timestamp:Date.now(),queue:this,data:e,opts:n,discard:async()=>{c._isDiscarded=!0}};this._messages.push(c),this._messages.length>1e3&&this._messages.shift(),this._addCount++,this._emitter.emit("message",c)},"pushMessage"),u=n?.delay;return u?setTimeout(a,u):a(),{id:i,finished:()=>new Promise((c,l)=>{let d=s((h,p)=>{h.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),l(p))},"errorHandler"),f=s((h,p)=>{h.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),c(p))},"completedHandler");this._emitter.on("error",d),this._emitter.on("completed",f)})}}async close(){}async removeRepeatableByKey(e){for(let[r,n]of this._messages.entries())if(n.id===e){this._messages.splice(r,1),this._emitter.emit("removed",n);return}}async removeJobs(e){}async clean(){return[]}async getJob(e){for(let r of this._messages)if(r.id===e)return r;return null}manualTrigger(e){for(let r of this._messages)if(r.id===e){this._emitter.emit("message",{...r,manualTrigger:!0});return}throw new Error(`Job with id ${e} not found`)}on(e,r){return this._emitter.on(e,r),this}off(e,r){return this._emitter.off(e,r),this}async count(){return this._messages.length}async getCompletedCount(){return this._runCount}async getRepeatableJobs(){return this._messages.filter(e=>e.opts?.repeat!=null).map(e=>gv(e))}async whenCurrentJobsFinished(){do await Xf(50);while(this.hasRunningJobs())}hasRunningJobs(){return this._addCount>this._runCount}},gS=Ou;var op=B(require("bull"));var oi=(d=>(d.AUTOMATION="automationQueue",d.APP_BACKUP="appBackupQueue",d.AUDIT_LOG="auditLogQueue",d.SYSTEM_EVENT_QUEUE="systemEventQueue",d.APP_MIGRATION="appMigration",d.DOC_WRITETHROUGH_QUEUE="docWritethroughQueue",d.DEV_REVERT_PROCESSOR="devRevertProcessorQueue",d.BATCH_USER_SYNC_PROCESSOR="batchUserSyncProcessorQueue",d.RAG_INGESTION="ragIngestionQueue",d.AGENT_LOG_INDEXING="agentLogIndexingQueue",d))(oi||{});function ES(t,e,r){Tv(t,e),r&&Ev(t,r)}s(ES,"addListeners");function Ev(t,e){t.on("stalled",async r=>{if(e)await e(r);else if(r.opts.repeat){let n=r.id,i=await t.getRepeatableJobs();for(let o of i)o.id===n&&await t.removeRepeatableByKey(o.key);console.log(`jobId=${n} disabled`)}})}s(Ev,"handleStalled");function it(t,e,r={},n={}){let i=`[BULL] ${t}=${e}`,o=r.error,a={_logKey:"bull",eventType:t,event:e,job:r.job,jobId:r.jobId||r.job?.id,...n},u;return r.job?.data?.automation&&(u={_logKey:"automation",trigger:r.job?r.job.data.automation.definition.trigger.event:void 0}),[i,o,a,u]}s(it,"getLogParams");var yv={automationQueue:"automation-event",appBackupQueue:"app-backup-event",auditLogQueue:"audit-log-event",systemEventQueue:"system-event",appMigration:"app-migration",docWritethroughQueue:"doc-writethrough",devRevertProcessorQueue:"dev-revert-event",batchUserSyncProcessorQueue:"batch-user-sync-processor",ragIngestionQueue:"rag-ingestion-processor",agentLogIndexingQueue:"agent-log-indexing-processor"};function Tv(t,e){let r=yv[e];function n(i,o){let a=i.data.event?.appId;if(a)return Cf(a,o);o()}s(n,"doInJobContext"),t.on("stalled",async i=>{await n(i,()=>{console.error(...it(r,"stalled",{job:i}))})}).on("error",i=>{console.error(...it(r,"error",{error:i}))}),process.env.NODE_DEBUG?.includes("bull")&&t.on("waiting",i=>{console.info(...it(r,"waiting",{jobId:i}))}).on("active",async i=>{await n(i,()=>{console.info(...it(r,"active",{job:i}))})}).on("progress",async(i,o)=>{await n(i,()=>{console.info(...it(r,"progress",{job:i},{progress:o}))})}).on("completed",async(i,o)=>{await n(i,()=>{console.info(...it(r,"completed",{job:i},{result:o}))})}).on("failed",async(i,o)=>{await n(i,()=>{console.error(...it(r,"failed",{job:i,error:o}))})}).on("paused",()=>{console.info(...it(r,"paused"))}).on("resumed",()=>{console.info(...it(r,"resumed"))}).on("cleaned",(i,o)=>{console.info(...it(r,"cleaned",{},{length:i.length,type:o}))}).on("drained",()=>{console.info(...it(r,"drained"))}).on("removed",i=>{console.info(...it(r,"removed",{job:i}))})}s(Tv,"logging");var Iu={};P(Iu,{cleanup:()=>Sv,clear:()=>sp,set:()=>ip});var Qs=[];function ip(t,e){let r=setInterval(t,e);return Qs.push(r),r}s(ip,"set");function sp(t){let e=Qs.indexOf(t);e!==-1&&Qs.splice(e,1),clearInterval(t)}s(sp,"clear");function Sv(){for(let t of Qs)clearInterval(t);Qs=[]}s(Sv,"cleanup");var Ht=B(require("dd-trace")),js=B(require("object-sizeof"));var Av=pe.fromMinutes(5).toMs(),_v=pe.fromSeconds(30).toMs(),ap=pe.fromSeconds(60).toMs(),Hs=[],wu;async function yS(){for(let t of Hs)await t.clean(ap,"completed"),await t.clean(ap,"failed")}s(yS,"cleanup");async function Ov(t,e,r){let n=performance.now();try{let i=await e();return Ht.default.dogstatsd.increment(`${t}.success`,1,r),i}catch(i){throw Ht.default.dogstatsd.increment(`${t}.error`,1,r),i}finally{let i=performance.now()-n;Ht.default.dogstatsd.distribution(`${t}.duration.ms`,i,r),Ht.default.dogstatsd.increment(t,1,r)}}s(Ov,"withMetrics");function TS(t){return{"job.opts.attempts":t.attempts,"job.opts.backoff":t.backoff,"job.opts.delay":t.delay,"job.opts.jobId":t.jobId,"job.opts.lifo":t.lifo,"job.opts.preventParsingData":t.preventParsingData,"job.opts.priority":t.priority,"job.opts.removeOnComplete":t.removeOnComplete,"job.opts.removeOnFail":t.removeOnFail,"job.opts.repeat":t.repeat,"job.opts.stackTraceLimit":t.stackTraceLimit,"job.opts.timeout":t.timeout}}s(TS,"jobOptsTags");function Iv(t){return{"job.id":t.id,"job.attemptsMade":t.attemptsMade,"job.timestamp":t.timestamp,"job.data.sizeBytes":(0,js.default)(t.data),...TS(t.opts||{})}}s(Iv,"jobTags");var Et=class{static{s(this,"BudibaseQueue")}constructor(e,r={}){this.opts=r,this.jobQueue=e,this.queue=this.initQueue()}get name(){return this.queue.name}initQueue(){let r={redis:tn(),settings:{maxStalledCount:this.opts.maxStalledCount?this.opts.maxStalledCount:0,lockDuration:Av,lockRenewTime:_v}};this.opts.jobOptions&&(r.defaultJobOptions=this.opts.jobOptions);let n;return g.isTest()?process.env.BULL_TEST_REDIS_PORT&&!isNaN(+process.env.BULL_TEST_REDIS_PORT)?n=new op.default(this.jobQueue,{...r,redis:{host:"localhost",port:+process.env.BULL_TEST_REDIS_PORT}}):n=new gS(this.jobQueue,r):n=new op.default(this.jobQueue,r),ES(n,this.jobQueue,this.opts.removeStalledCb),Hs.push(n),!wu&&!g.isTest()&&(wu=ip(yS,ap),yS().catch(i=>{console.error(`Unable to cleanup ${this.jobQueue} initially - ${i}`)})),n}getBullQueue(){return this.queue}process(...e){let r,n;e.length===2?(r=e[0],n=e[1]):n=e[0];let i=s(async(a,u)=>{await Ht.default.trace("queue.process",async c=>{if(a.data._parentSpanContext){let l=a.data._parentSpanContext,d={traceId:l.traceId,spanId:l.spanId,toTraceId:()=>l.traceId,toSpanId:()=>l.spanId,toTraceparent:()=>""};c.addLink(d)}c.addTags({"queue.name":this.jobQueue,...Iv(a)}),this.opts.jobTags&&c.addTags(this.opts.jobTags(a.data)),Ht.default.dogstatsd.distribution("queue.process.sizeBytes",(0,js.default)(a.data),this.metricTags()),await this.withMetrics("queue.process",()=>u?n(a,u):n(a))})},"processCallback"),o;return n.length===1?o=s(a=>i(a),"wrappedCb"):o=i,r?this.queue.process(r,o):this.queue.process(o)}async add(e,r){return await Ht.default.trace("queue.add",async n=>(n.addTags({"queue.name":this.jobQueue,"job.data.sizeBytes":(0,js.default)(e),...TS(r||{})}),this.opts.jobTags&&n.addTags(this.opts.jobTags(e)),e._parentSpanContext={traceId:n.context().toTraceId(),spanId:n.context().toSpanId()},Ht.default.dogstatsd.distribution("queue.add.sizeBytes",(0,js.default)(e),this.metricTags()),await this.withMetrics("queue.add",()=>this.queue.add(e,r))))}withMetrics(e,r){return Ov(e,r,this.metricTags())}metricTags(){return{queueName:this.jobQueue}}close(e){return this.queue.close(e)}whenCurrentJobsFinished(){return this.queue.whenCurrentJobsFinished()}};async function wv(){wu&&sp(wu),console.log("Waiting for current queue jobs to finish...");for(let t of Hs)await t.whenCurrentJobsFinished();console.log("Closing queue Redis connections...");for(let t of Hs)await t.close();Hs=[],console.log("Queues shutdown")}s(wv,"shutdown");var to={};P(to,{correlation:()=>Ys,logAlert:()=>dn,logAlertWithInfo:()=>cP,logWarn:()=>ci,logger:()=>Nu,system:()=>_p});var Ys={};P(Ys,{getId:()=>up,setHeader:()=>Dv});var SS=require("correlation-id"),Dv=s(t=>{let e=SS.getId();e&&(t["x-budibase-correlation-id"]=e)},"setHeader");function up(){return SS.getId()}s(up,"getId");var Pu=B(require("pino")),zS=B(require("pino-pretty")),Op=B(require("dd-trace")),JS=require("dd-trace/ext");var _p={};P(_p,{getLogReadStream:()=>nP,getSingleFileMaxSizeInfo:()=>YS,localFileDestination:()=>Ap});var eo=B(require("fs")),Sp=B(require("path")),KS=B(require("rotating-file-stream"));var Tp={};P(Tp,{ObjectStore:()=>st,ObjectStoreBuckets:()=>Cv,SIGNED_FILE_PREFIX:()=>hp,bucketTTLConfig:()=>Du,budibaseTempDir:()=>cn,client3rdPartyLibrary:()=>zv,clientLibraryPath:()=>Yv,clientLibraryUrl:()=>Jv,createBucketIfNotExists:()=>Zs,deleteFile:()=>Wv,deleteFiles:()=>$v,deleteFolder:()=>NS,downloadTarball:()=>Vv,downloadTarballDirect:()=>Gv,enrichPWAImages:()=>Xv,enrichPluginURLs:()=>eP,extractBucketAndPath:()=>cp,getAllFiles:()=>kv,getAppFileUrl:()=>kS,getClientCacheKey:()=>MS,getGlobalFileS3Key:()=>FS,getGlobalFileUrl:()=>Zv,getObjectMetadata:()=>qv,getPluginIconKey:()=>$S,getPluginJSKey:()=>WS,getPluginS3Dir:()=>VS,getPresignedUrl:()=>ln,getReadStream:()=>Ru,listAllObjects:()=>gp,objectExists:()=>Kv,processAutomationAttachment:()=>xv,processObjectStoreAttachment:()=>wS,retrieve:()=>PS,retrieveDirectory:()=>Bv,retrieveToTmp:()=>Fv,sanitizeBucket:()=>xe,sanitizeKey:()=>ge,streamUpload:()=>vS,streamUploadMany:()=>Mv,upload:()=>Lv,uploadDirectory:()=>Ep});var bu=require("@aws-sdk/client-s3"),lp=require("@aws-sdk/lib-storage"),DS=require("@aws-sdk/s3-request-presigner"),RS=require("@smithy/node-http-handler");var Yt=B(require("dd-trace")),ai=B(require("fs")),Js=B(require("fs/promises")),CS=B(require("https")),dp=B(require("node-fetch")),Or=require("path"),xu=B(require("stream")),Xs=require("stream/promises"),fp=B(require("tar-fs")),pp=require("uuid"),mp=B(require("zlib"));var AS=B(require("fs")),_S=require("os"),zs=B(require("path")),OS=B(require("stream"));var Cv={BACKUPS:g.BACKUPS_BUCKET_NAME,APPS:g.APPS_BUCKET_NAME,TEMPLATES:g.TEMPLATES_BUCKET_NAME,GLOBAL:g.GLOBAL_BUCKET_NAME,PLUGINS:g.PLUGIN_BUCKET_NAME,TEMP:g.TEMP_BUCKET_NAME},IS=(0,zs.join)((0,_S.tmpdir)(),".budibase");try{AS.default.mkdirSync(IS)}catch(t){if(t.code!=="EEXIST")throw t}function cn(){return IS}s(cn,"budibaseTempDir");var Du=s((t,e)=>{let n={Rules:[{ID:`${t}-ExpireAfter${e}days`,Prefix:"",Status:"Enabled",Expiration:{Days:e}}]};return{Bucket:t,LifecycleConfiguration:n}},"bucketTTLConfig");async function bv(t){let e=await fetch(t.url);if(!e.ok||!e.body)throw new Error(`Unexpected response ${e.statusText}`);let r=zs.default.basename(new URL(t.url).pathname);if(!e.body)throw new Error("No response received for attachment");return{filename:t.filename||r,content:OS.default.Readable.fromWeb(e.body)}}s(bv,"processUrlAttachment");async function wS(t){let e=cp(t.url);if(e===null)throw new Error("Invalid signed URL");let{bucket:r,path:n}=e,{stream:i}=await Ru(r,n),o=zs.default.basename(n);return{bucket:r,path:n,filename:t.filename||o,content:i}}s(wS,"processObjectStoreAttachment");async function xv(t){return t.url?.startsWith("http://")||t.url?.startsWith("https://")?await bv(t):await wS(t)}s(xv,"processAutomationAttachment");var vv=require("sanitize-s3-objectkey"),Pv={bucketCreationPromises:{}},hp="/files/signed",_r={txt:"text/plain",html:"text/html",css:"text/css",js:"application/javascript",json:"application/json",gz:"application/gzip",svg:"image/svg+xml",form:"multipart/form-data"},Nv=[_r.html,_r.css,_r.js,_r.json];function ge(t){return vv(xe(t)).replace(/\\/g,"/")}s(ge,"sanitizeKey");function xe(t){return t.replace(new RegExp(tt,"g"),et)}s(xe,"sanitizeBucket");function st(t={presigning:!1}){let e={forcePathStyle:!0,credentials:{accessKeyId:g.MINIO_ACCESS_KEY,secretAccessKey:g.MINIO_SECRET_KEY},region:g.AWS_REGION};if(!g.MINIO_ENABLED&&g.AWS_SESSION_TOKEN&&(e.credentials={accessKeyId:g.MINIO_ACCESS_KEY,secretAccessKey:g.MINIO_SECRET_KEY,sessionToken:g.AWS_SESSION_TOKEN}),g.MINIO_URL&&(t.presigning&&g.MINIO_ENABLED?e.endpoint="http://minio-service":e.endpoint=g.MINIO_URL),g.S3_IGNORE_SELF_SIGNED==="true"){let r=new CS.default.Agent({rejectUnauthorized:!1});e.requestHandler=new RS.NodeHttpHandler({httpsAgent:r})}return new bu.S3(e)}s(st,"ObjectStore");async function Zs(t,e){e=xe(e);try{return await t.headBucket({Bucket:e}),{created:!1,exists:!0}}catch(r){let n=r.statusCode||r.$response?.statusCode,i=Pv.bucketCreationPromises,o=n===404,a=n===403;if(i[e])return await i[e],{created:!1,exists:!0};if(o||a){if(o)return i[e]=t.createBucket({Bucket:e}).catch(u=>{if(u.Code!=="BucketAlreadyOwnedByYou")throw u}),await i[e],delete i[e],{created:!0,exists:!1};throw new Error("Access denied to object store bucket."+r)}else throw new Error("Unable to write to object store bucket.")}}s(Zs,"createBucketIfNotExists");var Uv=s((t,e)=>{if(e)return e;let r=t.split(".").pop();return r?_r[r.toLowerCase()]:_r.txt},"resolveContentType"),bS=s(async(t,e,r)=>{let n=xe(t),i=st(),o=await Zs(i,n);if(r.addTags({bucketCreated:o.created,bucketExists:o.exists}),e&&o.created){let a=Du(n,e);await i.putBucketLifecycleConfiguration(a)}return{bucket:n,client:i,bucketCreated:o}},"initialiseBucket"),xS=s(async({client:t,bucket:e,filename:r,stream:n,type:i,extra:o})=>{if(!n)throw new Error("Stream to upload is invalid/undefined");let a=Uv(r,i),u=ge(r),c={Bucket:e,Key:u,Body:n,ContentType:a,...o??{}};return{details:await new lp.Upload({client:t,params:c}).done(),contentType:a}},"streamUploadInternal");async function Lv({bucket:t,filename:e,path:r,type:n,metadata:i,body:o,ttl:a}){let u=e.split(".").pop(),c=r?(await Js.default.open(r)).createReadStream():o,l=st(),d=await Zs(l,t);if(a&&d.created){let m=Du(t,a);await l.putBucketLifecycleConfiguration(m)}let f=n,h=f||(u?_r[u.toLowerCase()]:_r.txt),p={Bucket:xe(t),Key:ge(e),Body:c,ContentType:h};if(i&&typeof i=="object"){for(let m of Object.keys(i))(!i[m]||typeof i[m]!="string")&&delete i[m];p.Metadata=i}return new lp.Upload({client:l,params:p}).done()}s(Lv,"upload");async function vS({bucket:t,stream:e,filename:r,type:n,extra:i,ttl:o}){return await Yt.default.trace("streamUpload",async a=>{a.addTags({bucketName:t,filename:r,type:n,ttl:o});let u=r.split(".").pop();a.addTags({extension:u});let{bucket:c,client:l}=await bS(t,o,a),{details:d,contentType:f}=await xS({client:l,bucket:c,filename:r,stream:e,type:n,extra:i}),h=await l.headObject({Bucket:c,Key:ge(r)});return a.addTags({contentType:f,contentLength:h.ContentLength}),{...d,ContentLength:h.ContentLength}})}s(vS,"streamUpload");async function Mv({bucket:t,files:e,ttl:r}){return await Yt.default.trace("streamUploadMany",async i=>{if(i.addTags({bucketName:t,ttl:r,fileCount:e.length}),!e.length)return[];let{bucket:o,client:a}=await bS(t,r,i),u=e.map((l,d)=>({...l,index:d})),c=new Array(e.length);return await _t.parallelForeach(u,async l=>{let{details:d}=await xS({client:a,bucket:o,filename:l.filename,stream:l.stream,type:l.type,extra:l.extra});c[l.index]=d},10),c})}s(Mv,"streamUploadMany");async function PS(t,e){return await Yt.default.trace("retrieve",async r=>{r.addTags({bucketName:t,filepath:e});let n=st(),i={Bucket:xe(t),Key:ge(e)},o=await n.getObject(i);if(!o.Body)throw new Error("Unable to retrieve object");if(r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),Nv.includes(o.ContentType))return r.addTags({string:!0}),o.Body.transformToString();{r.addTags({string:!1});let a=o.Body.transformToWebStream();return xu.default.Readable.fromWeb(a)}})}s(PS,"retrieve");async function*gp(t,e){let r=st(),n=s((a={})=>r.listObjectsV2({...a,Bucket:xe(t),Prefix:ge(e)}),"list"),i=!1,o;do{let a={};o&&(a.ContinuationToken=o);let u=await n(a);if(u.Contents)for(let c of u.Contents)yield c;i=!!u.IsTruncated,o=u.NextContinuationToken}while(i&&o)}s(gp,"listAllObjects");async function kv(t,e){let r={};return await _t.parallelForeach(gp(t,e),async n=>{if(!n.Key)throw new Error("file.Key must be defined");r[n.Key]=n},5),r}s(kv,"getAllFiles");async function ln(t,e,r=3600){let n=st({presigning:!0}),i={Bucket:xe(t),Key:ge(e)},o=await(0,DS.getSignedUrl)(n,new bu.GetObjectCommand(i),{expiresIn:r});if(g.MINIO_ENABLED){let a=new URL(o),u=a.pathname,c=a.search;return`${hp}${u}${c}`}else return o}s(ln,"getPresignedUrl");async function Fv(t,e){return await Yt.default.trace("retrieveToTmp",async r=>{r.addTags({bucketName:t,filepath:e}),t=xe(t),e=ge(e);let n=await PS(t,e),i=(0,Or.join)(cn(),(0,pp.v4)());return r.addTags({outputPath:i}),n instanceof xu.default.Readable?(r.addTags({stream:!0}),await(0,Xs.pipeline)(n,ai.default.createWriteStream(i))):(r.addTags({stream:!1}),ai.default.writeFileSync(i,n)),i})}s(Fv,"retrieveToTmp");async function Bv(t,e,r){return await Yt.default.trace("retrieveDirectory",async n=>{n.addTags({bucketName:t,path:e});let i=(0,Or.join)(cn(),(0,pp.v4)());await Js.default.mkdir(i,{recursive:!0});let o=0;return await _t.parallelForeach(gp(t,e),async a=>{let{Key:u}=a;!u||r?.some(c=>c.test(u))||(o++,await Yt.default.trace("retrieveDirectory.object",async c=>{let l=a.Key;c.addTags({filename:l});let{stream:d}=await Ru(t,l),f=l.split("/"),h=f.slice(0,f.length-1),p=(0,Or.join)(i,...h);f.length>1&&!ai.default.existsSync(p)&&await Js.default.mkdir(p,{recursive:!0}),await(0,Xs.pipeline)(d,ai.default.createWriteStream((0,Or.join)(i,...f),{mode:420}))}))},5),n.addTags({numObjects:o}),i})}s(Bv,"retrieveDirectory");async function Wv(t,e){let r=st();await Zs(r,t);let n={Bucket:t,Key:ge(e)};return r.deleteObject(n)}s(Wv,"deleteFile");async function $v(t,e){let r=st();await Zs(r,t);let n={Bucket:t,Delete:{Objects:e.map(i=>({Key:ge(i)}))}};return r.deleteObjects(n)}s($v,"deleteFiles");async function NS(t,e){t=xe(t),e=ge(e);let r=st(),n={Bucket:t,Prefix:e},i=await r.listObjects(n);if(i.Contents?.length===0)return;let o={Bucket:t,Delete:{Objects:[]}};if(i.Contents?.forEach(a=>{o.Delete.Objects.push({Key:a.Key})}),o.Delete.Objects.length&&(await r.deleteObjects(o)).Deleted?.length===1e3)return NS(t,e)}s(NS,"deleteFolder");async function Ep(t,e,r){return await Yt.default.trace("uploadDirectory",async n=>{n.addTags({bucketName:t,localPath:e,bucketPath:r}),t=xe(t);let i=await Js.default.readdir(e,{withFileTypes:!0});n.addTags({numFiles:i.length});for(let o of i){let a=ge((0,Or.join)(r,o.name)),u=(0,Or.join)(e,o.name);o.isDirectory()?await Ep(t,u,a):await vS({bucket:t,filename:a,stream:ai.default.createReadStream(u)})}return i})}s(Ep,"uploadDirectory");async function Gv(t,e,r={}){e=ge(e);let n=await(0,dp.default)(t,{headers:r});if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);await(0,Xs.pipeline)(n.body,mp.default.createUnzip(),fp.default.extract(e))}s(Gv,"downloadTarballDirect");async function Vv(t,e,r){e=xe(e),r=ge(r);let n=await(0,dp.default)(t);if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);let i=(0,Or.join)(cn(),r);return await(0,Xs.pipeline)(n.body,mp.default.createUnzip(),fp.default.extract(i)),!g.isTest()&&g.SELF_HOSTED&&await Ep(e,i,r),i}s(Vv,"downloadTarball");async function Ru(t,e){return await Yt.default.trace("getReadStream",async r=>{t=xe(t),e=ge(e),r.addTags({bucketName:t,path:e});let n=st(),i={Bucket:t,Key:e},o=await n.getObject(i);if(!o.Body||!(o.Body instanceof xu.default.Readable))throw new Error("Unable to retrieve stream - invalid response");return r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),{stream:o.Body,contentLength:o.ContentLength,contentType:o.ContentType}})}s(Ru,"getReadStream");async function qv(t,e){t=xe(t),e=ge(e);let r=st(),n={Bucket:t,Key:e};try{return await r.headObject(n)}catch{throw new Error("Unable to retrieve metadata from object")}}s(qv,"getObjectMetadata");async function Kv(t,e){t=xe(t),e=ge(e);let r=st(),n={Bucket:t,Key:e};try{return await r.headObject(n),!0}catch(i){if((i.statusCode||i.$response?.statusCode)===404)return!1;throw i}}s(Kv,"objectExists");function cp(t){let e=t.split("?")[0],r=new RegExp(`^${hp}/(?<bucket>[^/]+)/(?<path>.+)$`),n=e.match(r);if(n&&n.groups){let{bucket:i,path:o}=n.groups;return{bucket:i,path:o}}return null}s(cp,"extractBucketAndPath");var LS=B(require("querystring"));var US=B(require("aws-cloudfront-sign"));var vu;function Qv(){if(!g.CLOUDFRONT_PRIVATE_KEY_64)throw new Error("CLOUDFRONT_PRIVATE_KEY_64 is not set");return vu||(vu=Buffer.from(g.CLOUDFRONT_PRIVATE_KEY_64,"base64").toString("utf-8"),vu)}s(Qv,"getPrivateKey");var jv=s(()=>({keypairId:g.CLOUDFRONT_PUBLIC_KEY_ID,privateKeyString:Qv(),expireTime:new Date().getTime()+1e3*60*60*24}),"getCloudfrontSignParams"),ui=s(t=>{let e=Hv(t);return US.getSignedUrl(e,jv())},"getPresignedUrl"),Hv=s(t=>{let e="/";return t.startsWith("/")&&(e=""),`${g.CLOUDFRONT_CDN}${e}${t}`},"getUrl");function Yv(t){return`${ge(t)}/budibase-client.js`}s(Yv,"clientLibraryPath");function zv(t,e){return`${ge(t)}/${e}`}s(zv,"client3rdPartyLibrary");async function Jv(t,e){return`/api/assets/${t}/client?${await MS(e)}`}s(Jv,"clientLibraryUrl");async function MS(t){let e,r;try{e=$()}finally{r={version:t}}return e&&e!==ae&&(r.tenantId=e),LS.default.encode(r)}s(MS,"getClientCacheKey");async function kS(t){return g.CLOUDFRONT_CDN?ui(t):await ln(g.APPS_BUCKET_NAME,t)}s(kS,"getAppFileUrl");async function Xv(t){if(t.length===0)return[];try{return await Promise.all(t.map(async e=>({...e,src:await kS(e.src),type:e.type||"image/png"})))}catch(e){return console.error("Error enriching PWA images:",e),t}}s(Xv,"enrichPWAImages");var Zv=s(async(t,e,r)=>{let n=FS(t,e);return g.CLOUDFRONT_CDN?(r&&(n=`${n}?etag=${r}`),ui(n)):await ln(g.GLOBAL_BUCKET_NAME,n)},"getGlobalFileUrl"),FS=s((t,e)=>{let r=`${t}/${e}`;return g.MULTI_TENANCY&&(r=`${$()}/${r}`),r},"getGlobalFileS3Key");async function eP(t){return!t||!t.length?[]:await Promise.all(t.map(async e=>{let r=await tP(e),n=await rP(e);return{...e,jsUrl:r,iconUrl:n}}))}s(eP,"enrichPluginURLs");async function tP(t){let e=WS(t);return BS(e)}s(tP,"getPluginJSUrl");async function rP(t){let e=$S(t);if(e)return BS(e)}s(rP,"getPluginIconUrl");async function BS(t){return g.CLOUDFRONT_CDN?ui(t):await ln(g.PLUGIN_BUCKET_NAME,t)}s(BS,"getPluginUrl");function WS(t){return GS(t,"plugin.min.js")}s(WS,"getPluginJSKey");function $S(t){let e=t.iconUrl?"icon.svg":t.iconFileName;if(e)return GS(t,e)}s($S,"getPluginIconKey");function GS(t,e){return`${VS(t.name)}/${e}`}s(GS,"getPluginS3Key");function VS(t){let e=`${t}`;return g.MULTI_TENANCY&&(e=`${$()}/${e}`),g.CLOUDFRONT_CDN&&(e=`plugins/${e}`),e}s(VS,"getPluginS3Dir");var QS="budibase.log",jS="budibase-logs-history.txt",HS=Sp.default.join(cn(),"systemlogs");function qS(t){return Sp.default.join(HS,t)}s(qS,"getFullPath");function YS(t){let e=/(\d+)([A-Za-z])/,r=t?.match(e);if(!r){console.warn("totalMaxSize does not have a valid value",{totalMaxSize:t});return}let n=+r[1],i=r[2];if(n===1)switch(i){case"B":return{size:`${n}B`,totalHistoryFiles:1};case"K":return{size:`${n*1e3/2}B`,totalHistoryFiles:1};case"M":return{size:`${n*1e3/2}K`,totalHistoryFiles:1};case"G":return{size:`${n*1e3/2}M`,totalHistoryFiles:1};default:return}return n%2===0?{size:`${n/2}${i}`,totalHistoryFiles:1}:{size:`1${i}`,totalHistoryFiles:n-1}}s(YS,"getSingleFileMaxSizeInfo");function Ap(){let t=YS(g.ROLLING_LOG_MAX_SIZE);return KS.createStream(QS,{size:t?.size,path:HS,maxFiles:t?.totalHistoryFiles||1,immutable:!0,history:jS,initialRotation:!1})}s(Ap,"localFileDestination");function nP(){let t=[],e=qS(jS);if(eo.default.existsSync(e)){let i=eo.default.readFileSync(e,"utf-8").split(`
37
- `);for(let o of i.filter(a=>a))t.push(eo.default.readFileSync(o))}return t.push(eo.default.readFileSync(qS(QS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(nP,"getLogReadStream");function iP(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(iP,"isPlainObject");function sP(t){return t instanceof Error}s(sP,"isError");function oP(t){return typeof t=="string"}s(oP,"isMessage");var Ir;if(!g.DISABLE_PINO_LOGGER){let t=g.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>g.SELF_HOSTED?{service:g.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(g.isDev()?{stream:(0,zS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),g.SELF_HOSTED&&r.push({stream:Ap(),level:t}),Ir=r.length?(0,Pu.default)(e,Pu.default.multistream(r)):(0,Pu.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(E=>{oP(E)&&(f=`${f} ${E}`.trimStart()),iP(E)&&d.push(E),sP(E)&&(l=E)});let h=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:h?._id,identityType:h?.type,correlationId:up()};let S=Op.default.scope().active();S&&Op.default.inject(S.context(),JS.formats.LOG,p);let m={err:l,pid:process.pid,...p};if(d.length){let E={},y=0;for(let I=0;I<d.length;I++){let O=d[I],w=O._logKey;w?(delete O._logKey,m[w]=O):(E[y]=O,y++)}Object.keys(E).length&&(m.data=E)}return[m,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);Ir?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);Ir?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);Ir?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);Ir?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),Ir?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);Ir?.debug(l,d)};let i=s(()=>{let c;try{c=$()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=be()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=bf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Gt()}catch{}return c},"getIdentity")}var Nu=Ir;var aP=["AccountError"];function uP(t){return t&&t.suppressAlert}s(uP,"isSuppressed");function dn(t,e){e&&aP.includes(e.name)&&uP(e)||console.error(`bb-alert: ${t}`,e)}s(dn,"logAlert");function cP(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,dn(t,n)}s(cP,"logAlertWithInfo");function ci(t,e){console.warn(`bb-warn: ${t}`,e)}s(ci,"logWarn");var Uu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},Ip=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new Et(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Uu&&await u.discard(),dn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Ue.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var lP=100,Lu,ro=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new Et("docWritethroughQueue",{jobOptions:{attempts:lP}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=Re(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},Dp=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await ro.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function XS(){return Lu=new ro().init(),Lu}s(XS,"init");function dP(){return Lu||XS()}s(dP,"getProcessor");var io={};P(io,{CacheKey:()=>ye,TTL:()=>mn,bustCache:()=>li,destroy:()=>no,get:()=>hn,keys:()=>Mu,store:()=>zt,withCache:()=>wr,withCacheWithDynamicTTL:()=>ZS});function Ct(t){let e=$();return`${t}:${e}`}s(Ct,"generateTenantKey");var fn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await kf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?Ct(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[Ct(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(Ct(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?Ct(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var pn=new fn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},mn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(mn||{}),Mu=s((...t)=>pn.keys(...t),"keys"),hn=s((...t)=>pn.get(...t),"get"),zt=s((...t)=>pn.store(...t),"store"),no=s((...t)=>pn.delete(...t),"destroy"),wr=s((...t)=>pn.withCache(...t),"withCache"),ZS=s((...t)=>pn.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),li=s((...t)=>pn.bustCache(...t),"bustCache");var xp={};P(xp,{createCode:()=>TP,deleteCode:()=>AP,getCode:()=>SP,getExistingInvites:()=>bp,getInviteCodes:()=>oA,updateCode:()=>yP});var En={};P(En,{AUTO_EXTEND_POLLING_MS:()=>rA,doWithLock:()=>so,newRedlock:()=>gn});var tA=B(require("redlock"));async function fP(t,e){if(t==="custom")return gn(e);switch(t){case"try_once":return gn(di.TRY_ONCE);case"try_twice":return gn(di.TRY_TWICE);case"default":return gn(di.DEFAULT);case"delay_500":return gn(di.DELAY_500);case"auto_extend":return gn(di.AUTO_EXTEND);default:throw _t.unreachable(t)}}s(fP,"getClient");var di={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function gn(t={}){let e={...di.DEFAULT,...t},n=(await Bf()).client;return new tA.default([n],e)}s(gn,"newRedlock");function pP(t){let r=`lock:${t.systemLock?"system":$()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(pP,"getLockName");var rA=pe.fromSeconds(10).toMs();async function so(t,e){let r=await fP(t.type,t.customOptions),n,i;try{let o=pP(t),a=t.type==="auto_extend"?rA:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(so,"doWithLock");var nA=pe.fromDays(7).toSeconds(),hP=pe.fromSeconds(10).toMs(),ku="Invitation is not valid or has expired, please request a new one.";function iA(t,e){if(!t)return null;let r=t.tenantId||e;return r?{tenantId:r,invites:t.invites||{}}:null}s(iA,"normaliseInviteList");function gP(t){let e=!1,r=Date.now();for(let[n,i]of Object.entries(t.invites))(!i?.expiresAt||i.expiresAt<=r)&&(delete t.invites[n],e=!0);return{list:t,changed:e}}s(gP,"pruneExpiredInvites");async function Cp(t){let r=await(await Us()).get(t);return iA(r,t)}s(Cp,"loadInviteList");async function oo(t,e){await(await Us()).store(t,e)}s(oo,"saveInviteList");async function ao(t,e){let{result:r}=await so({type:"default",name:"process_user_invite",systemLock:!0,resource:t,ttl:hP},e);return r}s(ao,"withInviteListLock");function EP(t,e){return{code:t,email:e.email,info:e.info}}s(EP,"toInviteWithCode");async function sA(t,e){let r=await Us(),n=iA(await r.get(e),e);if(!n)throw new Error(ku);if(!Object.keys(n.invites).includes(t))throw new Error(ku);return{list:n,invite:n.invites[t]}}s(sA,"findInviteInList");async function yP(t,e){let r={...e.info},n=r.tenantId||$();r.tenantId=n,await ao(n,async()=>{let i=await Cp(n)||{tenantId:n,invites:{}};i.invites[t]={email:e.email,info:r,expiresAt:Date.now()+nA*1e3},await oo(n,i)})}s(yP,"updateCode");async function TP(t,e){let r=ee(),n={...e||{}},i=n.tenantId||$();return n.tenantId=i,await ao(i,async()=>{let o=await Cp(i)||{tenantId:i,invites:{}};o.invites[r]={email:t,info:n,expiresAt:Date.now()+nA*1e3},await oo(i,o)}),r}s(TP,"createCode");async function SP(t,e){let r=e||$();return await ao(r,async()=>{let n=await sA(t,r),{list:i,invite:o}=n;if(o.expiresAt<=Date.now())throw delete i.invites[t],await oo(i.tenantId,i),new Error(ku);return{email:o.email,info:o.info}})}s(SP,"getCode");async function AP(t,e){let r=e||$();try{await ao(r,async()=>{let n=await sA(t,r);delete n.list.invites[t],await oo(n.list.tenantId,n.list)})}catch(n){if(n instanceof Error&&n.message===ku)return;throw n}}s(AP,"deleteCode");async function oA(){let t=$(),e=await ao(t,async()=>{let n=await Cp(t)||{tenantId:t,invites:{}},i=gP(n);return n=i.list,i.changed&&await oo(t,n),n}),r=new Map;for(let[n,i]of Object.entries(e.invites))r.set(n,EP(n,i));return Array.from(r.values())}s(oA,"getInviteCodes");async function bp(t){let e=new Set(t.map(r=>r.toLowerCase()));return(await oA()).filter(r=>e.has(r.email.toLowerCase()))}s(bp,"getExistingInvites");var vp={};P(vp,{createCode:()=>OP,getCode:()=>IP,invalidateCode:()=>wP});var _P=pe.fromHours(1).toSeconds();async function OP(t,e){let r=ee();return await(await Ls()).store(r,{userId:t,info:e},_P),r}s(OP,"createCode");async function IP(t){let r=await(await Ls()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(IP,"getCode");async function wP(t){await(await Ls()).delete(t)}s(wP,"invalidateCode");var br={};P(br,{getUser:()=>bo,getUsers:()=>e0,invalidateUser:()=>xo});var uo={};P(uo,{getPlatformDB:()=>Dr,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>uA,addUser:()=>vP,getUserDoc:()=>aA,lookupTenantId:()=>DP,removeUser:()=>PP,updateUserDoc:()=>RP});function Dr(){return Re(fe.PLATFORM_INFO.name)}s(Dr,"getPlatformDB");async function DP(t){return g.MULTI_TENANCY?(await aA(t)).tenantId:ae}s(DP,"lookupTenantId");async function aA(t){return Dr().get(t)}s(aA,"getUserDoc");async function RP(t){await Dr().put(t)}s(RP,"updateUserDoc");function CP(t,e){return{_id:t,tenantId:e}}s(CP,"newUserIdDoc");function bP(t,e,r){return{_id:e,userId:t,tenantId:r}}s(bP,"newUserEmailDoc");function xP(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(xP,"newUserSsoIdDoc");async function Pp(t,e){let r=Dr(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(Pp,"addUserDoc");async function uA(t,e,r,n){return Pp(t,()=>xP(t,e,r,n))}s(uA,"addSsoUser");async function vP(t,e,r,n){let i=[Pp(e,()=>CP(e,t)),Pp(r,()=>bP(e,r,t))];n&&i.push(uA(n,r,e,t)),await Promise.all(i)}s(vP,"addUser");async function PP(t){let e=Dr(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(PP,"removeUser");var yn={};P(yn,{getAccount:()=>Rr,getAccountByTenantId:()=>fi,getStatus:()=>NP});var cA=B(require("node-fetch"));var co=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Ys.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,cA.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var Np=new co(g.INTERNAL_ACCOUNT_PORTAL_URL),Up=g.SELF_HOSTED||g.DISABLE_ACCOUNT_PORTAL,Rr=s(async t=>{if(Up)return;let e={email:t},r=await Np.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),fi=s(async t=>{if(Up)return;let e={tenantId:t},r=await Np.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),NP=s(async()=>{if(Up)return;let t=await Np.get("/api/status",{headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var Ei={};P(Ei,{UserDB:()=>xt,addAppBuilder:()=>zL,bulkGetGlobalUsersById:()=>ac,bulkUpdateGlobalUsers:()=>Do,cleanseUserObject:()=>rm,creatorsInList:()=>An,doesUserExist:()=>KL,getAccountHolderFromUsers:()=>oc,getAllUserIds:()=>VL,getAllUsers:()=>qL,getById:()=>_n,getCreatorCount:()=>HL,getExistingAccounts:()=>gi,getExistingPlatformUsers:()=>JA,getExistingTenantUsers:()=>zA,getFirstPlatformUser:()=>Io,getGlobalUserByAppPage:()=>i_,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>rc,getUserCount:()=>jL,hasAdminPermissions:()=>Cr,hasAppBuilderPermissions:()=>e_,hasBuilderPermissions:()=>ke,isAdmin:()=>bt,isAdminOrBuilder:()=>ZA,isAdminOrWorkspaceBuilder:()=>nc,isBuilder:()=>Si,isCreatorAsync:()=>wo,isCreatorSync:()=>ic,isGlobalBuilder:()=>XA,paginatedUsers:()=>o_,removeAppBuilder:()=>JL,removePortalUserPermissions:()=>YL,searchExistingEmails:()=>Jp,searchGlobalUsersByApp:()=>n_,searchGlobalUsersByAppAccess:()=>tm,searchGlobalUsersByEmail:()=>s_,validateUniqueUser:()=>sc});var Qu={};P(Qu,{ActiveContentFileError:()=>Wu,BadRequestError:()=>fo,BudibaseError:()=>lo,EmailUnavailableError:()=>Jt,FeatureDisabledError:()=>Vu,ForbiddenError:()=>$u,HTTPError:()=>Me,NotFoundError:()=>Bu,NotImplementedError:()=>Gu,UnexpectedError:()=>Fu,UsageLimitError:()=>qu,getErrorMessage:()=>lA,getPublicError:()=>Ku});var lo=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}};function lA(t){if(t==null)return"No error provided.";if(t instanceof Error)return t.message;if(typeof t=="string")return t;if(typeof t=="object"&&"message"in t)return String(t.message);try{let r=JSON.stringify(t);if(r!=="{}")return r}catch{}let e=String(t);return e!=="[object Object]"?e:"An unknown error occurred"}s(lA,"getErrorMessage");var Ku=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),Me=class t extends lo{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.error?.message||u.message,o=u.status??r.status,a=u.error?.code??r.statusText}catch{}return new t(i,o,a)}},Fu=class extends Me{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Bu=class extends Me{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},fo=class extends Me{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},Wu=class extends fo{static{s(this,"ActiveContentFileError")}constructor(e){super(`File "${e}" contains active content which is not permitted`)}},$u=class extends Me{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},Gu=class extends Me{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},Vu=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},qu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Jt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var Fp={};P(Fp,{PASSWORD_MAX_LENGTH:()=>Mp,PASSWORD_MIN_LENGTH:()=>Lp,validatePassword:()=>kp});var Lp=+(g.PASSWORD_MIN_LENGTH||12),Mp=+(g.PASSWORD_MAX_LENGTH||512);function kp(t){return!t||t.length<Lp?{valid:!1,error:`Password invalid. Minimum ${Lp} characters.`}:t.length>Mp?{valid:!1,error:`Password invalid. Maximum ${Mp} characters.`}:{valid:!0}}s(kp,"validatePassword");var ju={};P(ju,{createASession:()=>UP,endSession:()=>LP,getSession:()=>Wp,getSessionsForUser:()=>po,invalidateSessions:()=>Tn,updateSessionTTL:()=>Bp});var fA=require("uuid");var pA=g.SESSION_EXPIRY_SECONDS?parseInt(g.SESSION_EXPIRY_SECONDS):pe.fromDays(7).toSeconds();function pi(t,e){return`${t}/${e}`}s(pi,"makeSessionID");async function po(t){return t?(await(await yr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(po,"getSessionsForUser");async function Tn(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await po(t)).map(a=>({key:pi(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:pi(t,o)}))),i&&i.length>0){let o=await yr(),a=[];for(let u of i)a.push(o.delete(u.key));g.isTest()||ci(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(Tn,"invalidateSessions");async function UP(t,e){let r=await po(t),n=0;if(r.length>=3){let l=r.sort((h,p)=>new Date(h.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(h=>h.sessionId);n=f.length,await Tn(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await yr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,fA.v4)(),u=pi(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,pA),{session:c,invalidatedSessionCount:n}}s(UP,"createASession");async function Bp(t){let e=await yr(),r=pi(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,pA)}s(Bp,"updateSessionTTL");async function LP(t,e){await(await yr()).delete(pi(t,e))}s(LP,"endSession");async function Wp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await yr()).get(pi(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Wp,"getSession");var hi={};P(hi,{account:()=>wA,action:()=>DA,ai:()=>RA,analytics:()=>Yu,app:()=>CA,asyncEventQueue:()=>Tt,auditLog:()=>bA,auth:()=>tc,automation:()=>xA,backfill:()=>vA,backfillCache:()=>Xu,backup:()=>PA,datasource:()=>NA,email:()=>UA,environmentVariable:()=>LA,group:()=>MA,identification:()=>St,initAsyncEvents:()=>xL,installation:()=>yo,layout:()=>kA,license:()=>FA,org:()=>BA,plugin:()=>WA,processors:()=>Qp,publishEvent:()=>A,query:()=>$A,resource:()=>GA,role:()=>Oo,rowAction:()=>VA,rows:()=>qA,screen:()=>KA,serve:()=>QA,shutdown:()=>vL,table:()=>jA,user:()=>Fe,view:()=>HA,workspace:()=>YA});var Yu={};P(Yu,{enabled:()=>Hu});var Hu=s(async()=>zu(),"enabled");var Tt;function Ju(){Tt=new Et("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(Ju,"init");async function mA(){Tt&&await Tt.close()}s(mA,"shutdown");async function hA(t){Tt||Ju();let{event:e,identity:r}=t;th.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(hA,"publishAsyncEvent");var Xu={};P(Xu,{end:()=>kP,isAlreadySent:()=>Vp,isBackfillingEvent:()=>Gp,recordEvent:()=>$p,start:()=>MP});var MP=s(async t=>BP({eventWhitelist:t}),"start"),$p=s(async(t,e)=>{let r=qp(t,e);await zt(r,e,void 0,{useTenancy:!1})},"recordEvent"),kP=s(async()=>{await WP(),await $P()},"end"),FP=s(async()=>hn(ye.BACKFILL_METADATA),"getBackfillMetadata"),BP=s(async t=>zt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),WP=s(async()=>{await no(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),$P=s(async()=>{let t=qp(),e=await Mu(t);for(let r of e)await no(r,{useTenancy:!1})},"clearEvents"),Gp=s(async t=>{let r=(await FP())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),Vp=s(async(t,e)=>{let r=qp(t,e);return!!await hn(r,{useTenancy:!1})},"isAlreadySent"),GP={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},qp=s((t,e)=>{let r,n=$();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=GP[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Qp={};P(Qp,{analyticsProcessor:()=>_A,init:()=>XP,processors:()=>Zt});var SA=require("posthog-node");var VP=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),qP=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var EA={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},yA=s(async t=>{if(!VP(t))return!1;let e=await KP(t);if(e){let r=new Date(e.timestamp);switch(EA[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await gA(t,{timestamp:Date.now()}),!1):!0}}else return await gA(t,{timestamp:Date.now()}),!1},"limited"),TA=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return qP(t)&&(e=e+":"+be()),e},"eventKey"),KP=s(async t=>{let e=TA(t);return await hn(e)},"readEvent"),gA=s(async(t,e)=>{let r=TA(t),n=EA[t],i;switch(n){case"calendarDay":i=86400}await zt(r,e,i)},"recordEvent");var jP=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],mo=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new SA.PostHog(e)}async processEvent(e,r,n,i){if(jP.includes(e)||await yA(e))return;n=this.clearPIIProperties(n),n.version=g.VERSION,n.service=g.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=be();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var AA=mo;var HP=["installation:version:upgraded","installation:version:downgraded"],YP=["installation","tenant"],ho=class{static{s(this,"AnalyticsProcessor")}constructor(){g.POSTHOG_TOKEN&&!g.isTest()&&(this.posthog=new AA(g.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!HP.includes(e)&&!await Hu()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!YP.includes(e.type)&&!await Hu()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Kp=g.SELF_HOSTED&&!g.isDev(),go=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Kp||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Kp||console.log("[audit] identified",e)}async identifyGroup(e){Kp||console.log("[audit] group identified",e)}async shutdown(){}};var mi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new Et("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Ce(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};g.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Zf(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:be(),hostInfo:r.hostInfo},tenantId:$()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var Eo=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var _A=new ho,zP=new go,JP=new mi;function XP(t){return mi.init(t)}s(XP,"init");var Zt=new Eo([_A,zP,JP]);var Zu={};P(Zu,{checkInstallVersion:()=>tN,getInstall:()=>To,getInstallFromDB:()=>Hp});var jp=B(require("semver"));var To=s(async()=>wr(ye.INSTALLATION,86400,Hp,{useTenancy:!1}),"getInstall");async function ZP(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:g.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return Hp();throw r}}s(ZP,"createInstallDoc");var Hp=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await ZP(t);else throw r}return e}),"getInstallFromDB"),eN=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await To();r.version=t,await e.put(r),await li(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),tN=s(async()=>{let t=await To(),e=t.version,r=g.VERSION;try{if(e!==r){let n=jp.default.gt(r,e),i=jp.default.lt(r,e);await eN(r)&&(await Rs({_id:t.installId,type:"installation"},async()=>{n?await yo.upgraded(e,r):i&&await yo.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?dn(`Invalid version "${r}" - is it semver?`):dn("Failed to retrieve version",n)}},"checkInstallVersion");var rN=s(async()=>{let t=df(),e=_o(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await Sn(),i=So();return{id:OA(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await Sn(),i=await ec($()),o=So();return{id:OA(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:$(),environment:e}}else if(r==="user"){let n=t,i=await ec($()),o=await Sn(),a=n.account,u;return a?u=a.hosting:u=So(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:$(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),nN=s(async(t,e)=>{let r=t,n="installation",i=So(),o=g.VERSION,a=_o(),u={id:r,type:n,hosting:i,version:o,environment:a};await Yp(u,e),await Ao({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),iN=s(async(t,e,r,n=g.VERSION)=>{let i=await ec(t),o="tenant",a=await Sn(),u=_o(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await Yp(c,r),await Ao({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),sN=s(async(t,e,r)=>{let n=t._id,i=await ec(t.tenantId),o="user",a=ke(t),u=Cr(t),c;jo(t)&&(c=t.providerType);let d=(await gi([t.email])).length>0,f=!!e&&d&&e.verified,h=await Sn(),p=e?e.hosting:So(),S=_o();await Ao({id:n,type:o,hosting:p,installationId:h,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:S},r)},"identifyUser"),oN=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Qo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await Sn(),l=_o();if(Ko(t)){let f=await At(t.email);f?._id&&(e=f._id)}await Ao({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),Ao=s(async(t,e)=>{await Zt.identify(t,e)},"identify"),Yp=s(async(t,e)=>{await Zt.identifyGroup(t,e)},"identifyGroup"),_o=s(()=>g.isDev()?"development":g.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),So=s(()=>g.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),Sn=s(async()=>aN()?"account-portal":(await To()).installId,"getInstallationId"),ec=s(async t=>g.SELF_HOSTED?IA(t):t,"getEventTenantId"),IA=s(async t=>Ce(t,()=>wr(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=Y(),r=await yi(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=g.VERSION,await e.put(r),n)})),"getUniqueTenantId"),aN=s(()=>g.SERVICE==="account-portal","isAccountPortal"),OA=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:rN,identifyInstallationGroup:nN,identifyTenantGroup:iN,identifyUser:sN,identifyAccount:oN,identify:Ao,identifyGroup:Yp,getInstallationId:Sn,getUniqueTenantId:IA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Gp(t))){await hA({event:t,identity:i,properties:e,timestamp:r}),await Zt.processEvent(t,i,e,r);return}await Vp(t,e)||(await Zt.processEvent(t,i,e,r),await $p(t,e))},"publishEvent");async function uN(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(uN,"created");async function cN(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(cN,"deleted");async function lN(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(lN,"verified");var wA={created:uN,deleted:cN,verified:lN};async function dN(t,e){console.info("action:automation_step:executed",`disabled. Action step ${t.stepId} not published at ${e}`)}s(dN,"automationStepExecuted");async function fN(t,e){console.info("action:automation_step:executed",`disabled. Action type ${t.type} not published at ${e}`)}s(fN,"crudExecuted");async function pN(t,e){console.info("action:automation_step:executed",`disabled. Execution for ai agent ${t.agentId} not published at ${e}`)}s(pN,"aiAgentExecuted");var DA={aiAgentExecuted:pN,automationStepExecuted:dN,crudExecuted:fN};async function mN(t){let e={};await A("ai:config:created",e,t)}s(mN,"AIConfigCreated");async function hN(){let t={};await A("ai:config:updated",t)}s(hN,"AIConfigUpdated");var RA={AIConfigCreated:mN,AIConfigUpdated:hN};var gN=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function EN(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(EN,"updated");async function yN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(yN,"deleted");async function TN(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(TN,"published");async function SN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(SN,"unpublished");async function AN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(AN,"fileImported");async function _N(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(_N,"duplicated");async function ON(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(ON,"templateImported");async function IN(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(IN,"versionUpdated");async function wN(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(wN,"versionReverted");async function DN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(DN,"reverted");async function RN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(RN,"exported");var CA={created:gN,updated:EN,deleted:yN,published:TN,unpublished:SN,fileImported:AN,duplicated:_N,templateImported:ON,versionUpdated:IN,versionReverted:wN,reverted:DN,exported:RN};async function CN(t){let e={filters:t};await A("audit_log:filtered",e)}s(CN,"filtered");async function bN(t){let e={filters:t};await A("audit_log:downloaded",e)}s(bN,"downloaded");var bA={filtered:CN,downloaded:bN};async function xN(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(xN,"login");async function vN(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(vN,"logout");async function PN(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(PN,"SSOCreated");async function NN(t){let e={type:t};await A("auth:sso:updated",e)}s(NN,"SSOUpdated");async function UN(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(UN,"SSOActivated");async function LN(t){let e={type:t};await A("auth:sso:deactivated",e)}s(LN,"SSODeactivated");var tc={login:xN,logout:vN,SSOCreated:PN,SSOUpdated:NN,SSOActivated:UN,SSODeactivated:LN};async function MN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(MN,"created");async function kN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(kN,"triggerUpdated");async function FN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(FN,"deleted");async function BN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(BN,"tested");var WN=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function $N(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s($N,"stepCreated");async function GN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(GN,"stepDeleted");var xA={created:MN,triggerUpdated:kN,deleted:FN,tested:BN,run:WN,stepCreated:$N,stepDeleted:GN};var Ti=!g.SELF_HOSTED&&!g.isDev();async function VN(t){Ti||await A("app:backfill:succeeded",t)}s(VN,"appSucceeded");async function qN(t){if(Ti)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(qN,"appFailed");async function KN(t){Ti||await A("tenant:backfill:succeeded",t)}s(KN,"tenantSucceeded");async function QN(t){if(Ti)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(QN,"tenantFailed");async function jN(){if(Ti)return;let t={};await A("installation:backfill:succeeded",t)}s(jN,"installationSucceeded");async function HN(t){if(Ti)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(HN,"installationFailed");var vA={appSucceeded:VN,appFailed:qN,tenantSucceeded:KN,tenantFailed:QN,installationSucceeded:jN,installationFailed:HN};async function YN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(YN,"appBackupRestored");async function zN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(zN,"appBackupTriggered");var PA={appBackupRestored:YN,appBackupTriggered:zN};function zp(t){return!Object.values($o).includes(t.source)}s(zp,"isCustom");async function JN(t,e){let r={datasourceId:t._id,source:t.source,custom:zp(t)};await A("datasource:created",r,e)}s(JN,"created");async function XN(t){let e={datasourceId:t._id,source:t.source,custom:zp(t)};await A("datasource:updated",e)}s(XN,"updated");async function ZN(t){let e={datasourceId:t._id,source:t.source,custom:zp(t)};await A("datasource:deleted",e)}s(ZN,"deleted");var NA={created:JN,updated:XN,deleted:ZN};async function eU(t){let e={};await A("email:smtp:created",e,t)}s(eU,"SMTPCreated");async function tU(){let t={};await A("email:smtp:updated",t)}s(tU,"SMTPUpdated");var UA={SMTPCreated:eU,SMTPUpdated:tU};async function rU(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(rU,"created");async function nU(t){let e={name:t};await A("environment_variable:deleted",e)}s(nU,"deleted");async function iU(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(iU,"upgradePanelOpened");var LA={created:rU,deleted:nU,upgradePanelOpened:iU};async function sU(t,e){let r={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:created",r,e)}s(sU,"created");async function oU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:updated",e)}s(oU,"updated");async function aU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:deleted",e)}s(aU,"deleted");async function uU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:user_added",n)}s(uU,"usersAdded");async function cU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(cU,"usersDeleted");async function lU(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(lU,"createdOnboarding");async function dU(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(dU,"permissionsEdited");var MA={created:sU,updated:oU,deleted:aU,usersAdded:uU,usersDeleted:cU,createdOnboarding:lU,permissionsEdited:dU};async function fU(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(fU,"versionChecked");async function pU(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(pU,"upgraded");async function mU(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(mU,"downgraded");async function hU(){let t={};await A("installation:firstStartup",t)}s(hU,"firstStartup");var yo={versionChecked:fU,upgraded:pU,downgraded:mU,firstStartup:hU};async function gU(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(gU,"created");async function EU(t){let e={layoutId:t};await A("layout:deleted",e)}s(EU,"deleted");var kA={created:gU,deleted:EU};async function yU(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(yU,"planChanged");async function TU(t){let e={accountId:t.accountId};await A("license:activated",e)}s(TU,"activated");async function SU(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(SU,"checkoutOpened");async function AU(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(AU,"checkoutSuccess");async function _U(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(_U,"portalOpened");async function OU(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(OU,"paymentFailed");async function IU(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(IU,"paymentRecovered");var FA={planChanged:yU,activated:TU,checkoutOpened:SU,checkoutSuccess:AU,portalOpened:_U,paymentFailed:OU,paymentRecovered:IU};async function wU(t){let e={};await A("org:info:name:updated",e,t)}s(wU,"nameUpdated");async function DU(t){let e={};await A("org:info:logo:updated",e,t)}s(DU,"logoUpdated");async function RU(t){let e={};await A("org:platformurl:updated",e,t)}s(RU,"platformURLUpdated");async function CU(){let t={};await A("analytics:opt:out",t)}s(CU,"analyticsOptOut");async function bU(){let t={};await A("analytics:opt:out",t)}s(bU,"analyticsOptIn");var BA={nameUpdated:wU,logoUpdated:DU,platformURLUpdated:RU,analyticsOptOut:CU,analyticsOptIn:bU};async function xU(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(xU,"init");async function vU(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(vU,"imported");async function PU(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(PU,"deleted");var WA={init:xU,imported:vU,deleted:PU};var NU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),UU=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),LU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),MU=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),kU=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),FU=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),$A={created:NU,updated:UU,deleted:LU,imported:MU,run:kU,previewed:FU};async function BU({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(BU,"duplicatedToWorkspace");var GA={duplicatedToWorkspace:BU};async function WU(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(WU,"created");async function $U(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s($U,"updated");async function GU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(GU,"deleted");async function VU(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(VU,"assigned");async function qU(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(qU,"unassigned");var Oo={created:WU,updated:$U,deleted:GU,assigned:VU,unassigned:qU};async function KU(t,e){await A("row_action:created",t,e)}s(KU,"created");var VA={created:KU};var QU=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),jU=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),qA={created:QU,imported:jU};async function HU(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(HU,"created");async function YU(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(YU,"deleted");var KA={created:HU,deleted:YU};async function zU(t){let e={timezone:t};await A("served:builder",e)}s(zU,"servedBuilder");async function JU(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(JU,"servedApp");async function XU(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(XU,"servedAppPreview");var QA={servedBuilder:zU,servedApp:JU,servedAppPreview:XU};async function ZU(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(ZU,"created");async function eL(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(eL,"updated");async function tL(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(tL,"deleted");async function rL(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(rL,"exported");async function nL(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(nL,"imported");var jA={created:ZU,updated:eL,deleted:tL,exported:rL,imported:nL};async function iL(t,e){let r={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:created",r,e)}s(iL,"created");async function sL(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:updated",e)}s(sL,"updated");async function oL(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:deleted",e)}s(oL,"deleted");async function aL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(aL,"permissionAdminAssigned");async function uL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(uL,"permissionAdminRemoved");async function cL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(cL,"permissionBuilderAssigned");async function lL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(lL,"permissionBuilderRemoved");async function dL(t){let e={audited:{email:t}};await A("user:invited",e)}s(dL,"invited");async function fL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(fL,"inviteAccepted");async function pL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(pL,"passwordForceReset");async function mL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(mL,"passwordUpdated");async function hL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(hL,"passwordResetRequested");async function gL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(gL,"passwordReset");async function EL(t){let e={users:t};await A("user:data:collaboration",e)}s(EL,"dataCollaboration");var Fe={created:iL,updated:sL,deleted:oL,permissionAdminAssigned:aL,permissionAdminRemoved:uL,permissionBuilderAssigned:cL,permissionBuilderRemoved:lL,invited:dL,inviteAccepted:fL,passwordForceReset:pL,passwordUpdated:mL,passwordResetRequested:hL,passwordReset:gL,dataCollaboration:EL};async function yL(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(yL,"created");async function TL(t){let e={tableId:t.tableId};await A("view:updated",e)}s(TL,"updated");async function SL(t,e){let r={...Ue.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(SL,"deleted");async function AL(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(AL,"exported");async function _L({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(_L,"filterCreated");async function OL({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(OL,"filterUpdated");async function IL(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(IL,"filterDeleted");async function wL({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(wL,"calculationCreated");async function DL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(DL,"calculationUpdated");async function RL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(RL,"calculationDeleted");async function CL(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(CL,"viewJoinCreated");var HA={created:yL,updated:TL,deleted:SL,exported:AL,filterCreated:_L,filterUpdated:OL,filterDeleted:IL,calculationCreated:wL,calculationUpdated:DL,calculationDeleted:RL,viewJoinCreated:CL};async function bL(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(bL,"deleted");var YA={deleted:bL};function xL(){}s(xL,"initAsyncEvents");var vL=s(async()=>{await Zt.shutdown(),console.log("Events shutdown")},"shutdown");var Xp={};P(Xp,{creatorsInList:()=>An,getAccountHolderFromUsers:()=>oc,hasAdminPermissions:()=>Cr,hasAppBuilderPermissions:()=>e_,hasBuilderPermissions:()=>ke,isAdmin:()=>bt,isAdminOrBuilder:()=>ZA,isAdminOrWorkspaceBuilder:()=>nc,isBuilder:()=>Si,isCreatorAsync:()=>wo,isCreatorSync:()=>ic,isGlobalBuilder:()=>XA,validateUniqueUser:()=>sc});async function Jp(t){let e=[],r=await zA(t);e.push(...r.map(a=>a.email));let n=await JA(t);e.push(...n.map(a=>a._id));let i=await gi(t);e.push(...i.map(a=>a.email));let o=await bp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(Jp,"searchExistingEmails");async function rc(t){return await Ws("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(rc,"getPlatformUsers");async function Io(t){return(await rc(t))[0]??null}s(Io,"getFirstPlatformUser");async function zA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Kt("by_email2",r,void 0,n)}s(zA,"getExistingTenantUsers");async function JA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("platform_users_lowercase_2",r)}s(JA,"getExistingPlatformUsers");async function gi(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("account_by_email",r)}s(gi,"getExistingAccounts");var Si=Le.users.isBuilder,bt=Le.users.isAdmin,XA=Le.users.isGlobalBuilder,ZA=Le.users.isAdminOrBuilder,Cr=Le.users.hasAdminPermissions,ke=Le.users.hasBuilderPermissions,e_=Le.users.hasAppBuilderPermissions,nc=Le.users.isAdminOrWorkspaceBuilder;async function An(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await Y().getMultiple(r,{allowMissing:!0}),t.map(i=>ic(i,e))}s(An,"creatorsInList");async function wo(t){let e=[];return t.userGroups&&(e=await Y().getMultiple(t.userGroups)),ic(t,e)}s(wo,"isCreatorAsync");function ic(t,e){let r=Le.users.isCreator(t);return!r&&t?PL(t,e):r}s(ic,"isCreatorSync");function PL(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(PL,"isCreatorByGroupMembership");async function sc(t,e){if(g.MULTI_TENANCY){let r=await Io(t);if(r!=null&&r.tenantId!==e)throw new Jt(t)}if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let r=await Rr(t);if(r&&r.verified&&r.tenantId!==e)throw new Jt(t)}}s(sc,"validateUniqueUser");async function oc(t){if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let e=await gi(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(oc,"getAccountHolderFromUsers");var Zp=s(async t=>{await Fe.deleted(t),ke(t)&&await Fe.permissionBuilderRemoved(t),Cr(t)&&await Fe.permissionAdminRemoved(t)},"handleDeleteEvents"),NL=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await Oo.assigned(t,i)},"assignAppRoleEvents"),UL=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await Oo.unassigned(t,i)},"unassignAppRoleEvents"),LL=s(async(t,e)=>{let r=t.roles,n=e?.roles;await NL(t,r,n),await UL(t,r,n)},"handleAppRoleEvents"),em=s(async(t,e,r)=>{let n=r;!n&&!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL&&(n=await fi($())),await St.identifyUser(t,n),e?(await Fe.updated(t),kL(t,e)&&await Fe.permissionBuilderRemoved(t),BL(t,e)&&await Fe.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Fe.passwordForceReset(t),t.password!==e.password&&await Fe.passwordUpdated(t)):await Fe.created(t),ML(t,e)&&await Fe.permissionBuilderAssigned(t),FL(t,e)&&await Fe.permissionAdminAssigned(t),await LL(t,e)},"handleSaveEvents"),ML=s((t,e)=>t_(t,e,ke),"isAddingBuilder"),kL=s((t,e)=>r_(t,e,ke),"isRemovingBuilder"),FL=s((t,e)=>t_(t,e,Cr),"isAddingAdmin"),BL=s((t,e)=>r_(t,e,Cr),"isRemovingAdmin"),t_=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),r_=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var $L=s(async t=>{let e=t._id;await yt.removeUser(t),await Zp(t),await br.invalidateUser(e),await Tn(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),xt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return g.ENABLE_SSO_MAINTENANCE_MODE&&bt(e)?!1:await t.features.isSSOEnforced()||jo(e)?!0:(r||(r=await fi($())),!!(r&&r.email===e.email&&Qo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new Me("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=kp(a);if(!f.valid)throw new Me(f.error,400)}c=r.hashPassword?await cf(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ri();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await Y().allDocs(on(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByWorkspace(e){if(typeof e!="string"||!e)throw new Error("Must provide a string based workspace ID");return{userCount:(await $s("by_app",ni(e,{include_docs:!1}))).rows.length}}static async getUsersByAppAccess(e){return await tm(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await _n(e);return r&&delete r.password,r}static async bulkGet(e){return await ac(e)}static async bulkUpdate(e){return await Do(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=$(),i=Y(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await _n(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(m){if(m.status!==404)throw m}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Jt(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[m,E]=await An([l,e]);f=m!==E?1:0}let h=!l,p=!!l&&!!o&&l.email!==o,S=!r.isAccountHolder&&!!o&&(h||p);return t.quotas.addUsers(d,f,async()=>{S&&await sc(o,n);let m=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(m=rm(m,l)),!l&&c?.length&&(m.roles={...c});let E=[];if(!a&&u.length>0)for(let y of u)E.push(t.groups.addUsers(y,[m._id]));try{let y=await i.put(m);return m._rev=y.rev,await em(m,l),l&&m.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,m._id,m.email,m.ssoId),await br.invalidateUser(y.id),await Promise.all(E),i.get(m._id)}catch(y){throw y.status===409?"User exists already":y}})}static async bulkCreate(e,r){let n=$(),i=[],o=[],a=[],u=e.map(h=>h.email),c=await Jp(u),l=[];for(let h of e){let p=o.find(m=>m.email.toLowerCase()===h.email.toLowerCase()),S=c.includes(h.email.toLowerCase());if(p||S){l.push({email:h.email,reason:"Unavailable"});continue}h.userGroups=r||[],o.push(h),await wo(h)&&a.push(h)}let d=await fi(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let S of o)f&&delete S.password,i.push(t.buildUser(S,{hashPassword:!0,requirePassword:!f},n,void 0,d));let h=await Promise.all(i);await Do(h);for(let S of h)await yt.addUser(n,S._id,S.email),await em(S,void 0,d);let p=h.map(S=>({_id:S._id,email:S.email}));if(Array.isArray(p)&&r){let S=[],m=p.map(E=>E._id);for(let E of r)S.push(t.groups.addUsers(E,m));await Promise.all(S)}return{successful:p,unsuccessful:l}})}static async bulkDelete(e){let r=Y(),n={successful:[],unsuccessful:[]},i=await oc(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await Do(u),d=(await An(a)).filter(p=>p).length,f=[];for(let p of a){let m=(await Io(p._id)).ssoId;m&&(await rc(m)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await $L(p)}await Dr().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let h={};return a.reduce((p,S)=>(p[S._id]=S,p),h),c.forEach(p=>{let S=h[p.id].email;p.ok?n.successful.push({_id:p.id,email:S}):n.unsuccessful.push({_id:p.id,email:S,reason:"Database error"})}),n}static async destroy(e){let r=Y(),n=await r.get(e),i=n._id;if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await Rr(a))throw n.userId===Gt()._id?new Me('Please visit "Account" to delete this user',400):new Me("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await wo(n)?1:0;await t.quotas.removeUsers(1,o),await Zp(n),await br.invalidateUser(i),await Tn(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await li(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Co(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Co,"removeUserPassword");async function ac(t,e){let n=(await Y().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Co(n)),n}s(ac,"bulkGetGlobalUsersById");async function VL(){let t=Y(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`})).rows.map(n=>n.id)}s(VL,"getAllUserIds");async function qL(){let t=Y(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`,include_docs:!0})).rows.map(n=>n.doc)}s(qL,"getAllUsers");async function Do(t){return await Y().bulkDocs(t)}s(Do,"bulkUpdateGlobalUsers");async function _n(t,e){let n=await Y().get(t);return e?.cleanup&&(n=Co(n)),n}s(_n,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Kt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Co(n)),n}s(At,"getGlobalUserByEmail");async function KL(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(KL,"doesUserExist");async function n_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=ni(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Kt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Co(o)),o}s(n_,"searchGlobalUsersByApp");async function tm(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await Y().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(tm,"searchGlobalUsersByAppAccess");function i_(t,e){if(e)return gu(He(t),e._id)}s(i_,"getGlobalUserByAppPage");async function s_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Kt("by_email2",{...e,startkey:i,endkey:`${n}${Pe}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Co(a)),a}s(s_,"searchGlobalUsersByEmail");var QL=8;async function o_({bookmark:t,query:e,appId:r,limit:n}={}){let i=Y(),o=n??QL,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await _n(e.equal._id)]:r?(c=await n_(r,u),d=s(f=>i_(r,f),"getKey")):e?.string?.email?(c=await s_(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await ac(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(on(null,{...u,limit:void 0}))).rows.map(h=>h.doc),c=mr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(on(null,u))).rows.map(h=>h.doc),Kf(c,o,{paginate:!0,property:l,getKey:d})}s(o_,"paginatedUsers");async function jL(){return(await $s("by_email2",{limit:0,include_docs:!1})).total_rows}s(jL,"getUserCount");async function HL(){let t=0;async function e(r){let n=await o_({bookmark:r}),i=await An(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(HL,"getCreatorCount");function YL(t){return delete t.admin,delete t.builder,t}s(YL,"removePortalUserPermissions");function rm(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(rm,"cleanseUserObject");async function zL(t,e){let r=He(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await xt.save(t,{hashPassword:!1})}s(zL,"addAppBuilder");async function JL(t,e){let r=He(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await xt.save(t,{hashPassword:!1})}s(JL,"removeAppBuilder");var a_=3600;async function XL(t,e){let n=await zf(e).get(t);if(n.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let i=await Rr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(XL,"populateFromDB");async function ZL(t){let e=await xt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let o=await Rr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(ZL,"populateUsersFromDB");async function bo({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=XL),!e)try{e=$()}catch{e=await yt.lookupTenantId(t)}let i=await Ns(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,a_)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Le.users.isGlobalBuilder(o)&&await Ce(e,async()=>{let a=await xt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(bo,"getUser");async function e0(t){let e=await Ns(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await ZL(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,a_);i.push(...a.users)}return{users:i,notFoundIds:o}}s(e0,"getUsers");async function xo(t){await(await Ns()).delete(t)}s(xo,"invalidateUser");var om={};P(om,{Writethrough:()=>im});var u_=1e4,nm=null;async function uc(){if(!nm){let t=await Ff();nm=new fn(t)}return nm}s(uc,"getCache");function vo(t,e){return t.name+e}s(vo,"makeCacheKey");function sm(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(sm,"makeCacheItem");async function t0(t,e,r=u_){let n=await uc(),i=e._id,o;i&&(o=await n.get(vo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await so({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;ci("Ignoring conflict in write-through cache")}})).executed||ci("Ignoring redlock conflict in write-through cache")),o=sm(u,a?null:o?.lastWrite),u._id&&await n.store(vo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(t0,"put");async function r0(t,e){let r=await uc(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=sm(o),await r.store(n,i)}return i.doc}s(r0,"get");async function n0(t,e){let r=await uc(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=sm(o),await r.store(n,i)}return i.doc}s(n0,"tryGet");async function i0(t,e,r){let n=await uc();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(vo(t,i))}finally{await t.remove(i,r)}}s(i0,"remove");var im=class{static{s(this,"Writethrough")}constructor(e,r=u_){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return t0(this.db,e,r)}async get(e){return r0(this.db,e)}async tryGet(e){return n0(this.db,e)}async remove(e,r){return i0(this.db,e,r)}};function Po(t){return`config${C}${t}`}s(Po,"generateConfigID");var cc="en";function s0(){return{_id:Po("translations"),type:"translations",config:{defaultLocale:cc,locales:{[cc]:{label:"English",overrides:{}}}}}}s(s0,"createDefaultTranslationsConfig");function o0(t){let e=t?.defaultLocale||cc,r={...t?.locales??{}};r[e]||(r[e]={label:e===cc?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s(o0,"prepareTranslationsConfig");async function Be(t){let e=Y();try{return await e.get(Po(t))}catch(r){if(r.status===404)return;throw r}}s(Be,"getConfig");async function a0(t){return t._id||(t._id=Po(t.type)),Y().put(t)}s(a0,"save");async function c_(){let t=await Be("translations");return t?(t.config=o0(t.config),t):s0()}s(c_,"getTranslationsConfigDoc");async function u0(){return(await c_()).config}s(u0,"getTranslationsConfig");async function yi(){let t=await Be("settings");return t||(t={_id:Po("settings"),type:"settings",config:{}}),t.config.platformUrl=await No({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await zu({config:t.config}),t}s(yi,"getSettingsConfigDoc");async function um(){return(await yi()).config}s(um,"getSettingsConfig");async function No(t={tenantAware:!0}){let e=g.PLATFORM_URL||"http://localhost:10000";if(!g.SELF_HOSTED&&g.MULTI_TENANCY&&t.tenantAware){let r=$();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(g.SELF_HOSTED){let r=t?.config?t.config:(await Be("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(No,"getPlatformUrl");var zu=s(async t=>{if(!g.SELF_HOSTED)return!!g.ENABLE_ANALYTICS;let e=await wr(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await Be("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=g.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function c0(){return await Be("google")}s(c0,"getGoogleConfigDoc");async function dc(){return(await c0())?.config}s(dc,"getGoogleConfig");async function cm(){if(!g.SELF_HOSTED)return am();let t=await dc();return(!t||!t.activated)&&(t=am()),t}s(cm,"getGoogleDatasourceConfig");function am(){if(g.GOOGLE_CLIENT_ID&&g.GOOGLE_CLIENT_SECRET)return{clientID:g.GOOGLE_CLIENT_ID,clientSecret:g.GOOGLE_CLIENT_SECRET,activated:!0}}s(am,"getDefaultGoogleConfig");async function l0(){return Be("logos_oidc")}s(l0,"getOIDCLogosDoc");async function d0(){return Be("oidc")}s(d0,"getOIDCConfigDoc");async function f0(){let t=(await d0())?.config;return t?.configs&&t.configs[0]}s(f0,"getOIDCConfig");async function lm(t){let e=(await Be("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(lm,"getOIDCConfigById");async function l_(){return Be("smtp")}s(l_,"getSMTPConfigDoc");async function p0(t){let e=await l_();if(e)return e.config;let r=g.SELF_HOSTED||!t;if(g.SMTP_FALLBACK_ENABLED&&r)return{port:g.SMTP_PORT,host:g.SMTP_HOST,secure:!1,from:g.SMTP_FROM_ADDRESS,auth:{user:g.SMTP_USER,pass:g.SMTP_PASSWORD},fallback:!0}}s(p0,"getSMTPConfig");async function m0(){return(await Be("scim"))?.config}s(m0,"getSCIMConfig");async function h0(){return Be("recaptcha")}s(h0,"getRecaptchaConfig");var Sm={};P(Sm,{AccessController:()=>pm,BUILTIN_ROLE_IDS:()=>mm,Role:()=>xr,RoleHierarchyTraversal:()=>fc,RoleIDVersion:()=>hm,builtinRoleToNumber:()=>Uo,checkForRoleResourceArray:()=>m_,externalRole:()=>A0,findRole:()=>Lo,getAllRoleIds:()=>w0,getAllRoles:()=>Tm,getBuiltinRole:()=>f_,getBuiltinRoles:()=>Em,getDBRoleID:()=>h_,getExternalRoleID:()=>vr,getExternalRoleIDs:()=>g_,getRole:()=>_0,getUserRoleHierarchy:()=>ym,getUserRoleIdHierarchy:()=>p_,isBuiltin:()=>On,lowerBuiltinRoleID:()=>S0,prefixRoleIDNoBuiltin:()=>fm,roleIDsAreEqual:()=>ot,roleToNumber:()=>T0,saveRoles:()=>O0,validInherits:()=>y0});var d_=require("lodash"),pc=B(require("lodash/fp/cloneDeep")),dm=B(require("semver"));var mm={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...mm,BUILDER:"BUILDER"},hm={UUID:void 0,NAME:"name"};function E0(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(E0,"rolesInList");var xr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=hm.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=fm(e):e&&Array.isArray(e)&&(e=e.map(fm)),this.inherits=e,this}},fc=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Lo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!E0(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Lo(a.inherits,n,r),a&&i.push(a),Ue.roles.checkForRoleInheritanceLoops(i))break}}return(0,d_.uniqBy)(i,o=>o._id)}},gm={ADMIN:new xr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"Admin user",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new xr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new xr(ie.BASIC,ie.BASIC,"write",{displayName:"Basic user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new xr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new xr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Em(){return(0,pc.default)(gm)}s(Em,"getBuiltinRoles");function On(t){return Object.values(mm).includes(t)}s(On,"isBuiltin");function fm(t){return On(t)?t:Vt(t)}s(fm,"prefixRoleIDNoBuiltin");function f_(t){let e=Object.values(gm).find(r=>t.includes(r._id));if(e)return(0,pc.default)(e)}s(f_,"getBuiltinRole");function y0(t,e){if(!e)return!1;let r=s(n=>t.find(i=>ot(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(y0,"validInherits");function Uo(t){let e=Em(),r=Object.values(e).length+1;if(ot(t,ie.ADMIN)||ot(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Uo,"builtinRoleToNumber");async function T0(t){if(On(t))return Uo(t);let e=await ym(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>ot(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(On(n.inherits))return Uo(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(T0,"roleToNumber");function S0(t,e){return t?e&&Uo(t)>Uo(e)?e:t:e}s(S0,"lowerBuiltinRoleID");function ot(t,e){return Vt(t)===Vt(e)}s(ot,"roleIDsAreEqual");function A0(t){let e;return t._id&&(e=vr(t._id)),{...t,_id:e,inherits:g_(t.inherits,t.version)}}s(A0,"externalRole");function Lo(t,e,r){let n=f_(t);n||(t=Vt(t));let i=e.find(o=>o._id&&ot(o._id,t));return!i&&!On(t)&&r?.defaultPublic?(0,pc.default)(gm.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=vr(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Lo,"findRole");async function _0(t,e){let r=ei(),n=[];if(!On(t)){let i=await r.tryGet(h_(t));i&&n.push(i)}return Lo(t,n,e)}s(_0,"getRole");async function O0(t){await ei().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:Vt(r._id)})))}s(O0,"saveRoles");async function I0(t,e){let r=await Tm();if(ot(t,ie.ADMIN))return r;let n=Lo(t,r,e),i=[];return n&&(i=new fc(r,e).walk(n)),i}s(I0,"getAllUserRoles");async function p_(t){return(await ym(t)).map(r=>r._id)}s(p_,"getUserRoleIdHierarchy");async function ym(t,e){return I0(t,e)}s(ym,"getUserRoleHierarchy");function m_(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(m_,"checkForRoleResourceArray");async function w0(t){return(await Tm(t)).map(r=>r._id)}s(w0,"getAllRoleIds");async function Tm(t){if(t)return je(t,e);{let r;try{r=ei()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(Eu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=vr(u._id,u.version)));let i=Em(),o=[];!r||await D0(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>ot(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=vr(u._id,c.version),n.push({...u,...c,name:u.name,_id:vr(u._id,u.version),uiMetadata:{...c.uiMetadata,...u.uiMetadata}}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=m_(a.permissions,u);return n}s(e,"internal")}s(Tm,"getAllRoles");async function D0(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!dm.default.valid(r)?!0:!dm.default.gte(r,g.MIN_VERSION_WITHOUT_POWER_ROLE)}s(D0,"shouldIncludePowerRole");var pm=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||ot(e,ie.BUILDER)||ot(r,e)||ot(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await p_(r),this.userHierarchies[r]=n),n?.find(i=>ot(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function h_(t){return t?.startsWith("role")?t:Vt(t)}s(h_,"getDBRoleID");function vr(t,e){if(t.startsWith(`role${C}`)&&(On(t)||e===hm.NAME)){let r=t.split(C);return r.shift(),r.join(C)}return t}s(vr,"getExternalRoleID");function g_(t,e){return t&&(typeof t=="string"?vr(t,e):t.map(r=>vr(r,e)))}s(g_,"getExternalRoleIDs");var Am={};P(Am,{BUILDER:()=>v0,BUILTIN_PERMISSIONS:()=>mc,CREATOR:()=>P0,GLOBAL_BUILDER:()=>N0,PermissionImpl:()=>se,PermissionLevel:()=>Ci,PermissionType:()=>qo,doesHaveBasePermission:()=>b0,getAllowedLevels:()=>S_,getBuiltinPermissionByID:()=>C0,getBuiltinPermissions:()=>R0,isPermissionLevelHigherThanRead:()=>x0,levelToNumber:()=>T_});var E_=B(require("lodash/flatten")),y_=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function T_(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(T_,"levelToNumber");function S_(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(S_,"getAllowedLevels");var mc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function R0(){return(0,y_.default)(mc)}s(R0,"getBuiltinPermissions");function C0(t){return Object.values(mc).find(r=>r._id===t)}s(C0,"getBuiltinPermissionByID");function b0(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(mc),o=(0,E_.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&S_(a.level).indexOf(e)!==-1)return!0;return!1}s(b0,"doesHaveBasePermission");function x0(t){return T_(t)>1}s(x0,"isPermissionLevelHigherThanRead");var v0="builder",P0="creator",N0="globalBuilder";var Im={};P(Im,{FlagSet:()=>gc,all:()=>F0,flags:()=>_m,getEnvFlags:()=>I_,init:()=>U0,isEnabled:()=>k0,parseEnvFlags:()=>yc,shutdown:()=>L0,testutils:()=>Om});var Ec=B(require("crypto")),A_=B(require("dd-trace")),__=require("lodash"),O_=require("posthog-node");var hc;function U0(t){g.POSTHOG_TOKEN&&g.POSTHOG_API_HOST&&!g.SELF_HOSTED&&g.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),hc=new O_.PostHog(g.POSTHOG_TOKEN,{host:g.POSTHOG_API_HOST,personalApiKey:g.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:pe.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(U0,"init");function L0(){hc?.shutdown()}s(L0,"shutdown");function yc(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(yc,"parseEnvFlags");function I_(){return yc(g.TENANT_FEATURE_FLAGS||"")}s(I_,"getEnvFlags");var gc=class{constructor(e){this.flagSchema=e;this.setId=Ec.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,__.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await A_.default.trace("features.fetch",async e=>{let r=Pf(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=$(),a=new Set;if(ru())return i;for(let{tenantId:f,key:h,value:p}of I_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(h),!!this.isFlagName(h))){if(typeof i[h]!="boolean")throw new Error(`Feature: ${h} is not a boolean`);i[h]=p,n[`flags.${h}.source`]="environment"}let u=Gt(),c=u?._id;if(!c){let f=xf();f&&(c=Ec.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,hc&&c){n.readFromPostHog=!0;let f=await yi(),h={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let S=await hc.getAllFlags(c,{personProperties:h,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[m,E]of Object.entries(S))if(this.isFlagName(m)){if(typeof E!="boolean"){console.warn(`Invalid value for posthog flag "${m}": ${E}`);continue}if(!(i[m]===!0||a.has(m)))try{i[m]=E,n[`flags.${m}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${m}": ${E}`,y)}}}let d=Uf();for(let[f,h]of Object.entries(d))this.isFlagName(f)&&typeof h=="boolean"&&(i[f]=h,n[`flags.${f}.source`]="override");Nf(this.setId,i);for(let[f,h]of Object.entries(i))n[`flags.${f}.value`]=h;return e?.addTags(n),i})}},M0={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!1,AI_CHAT:!1,AI_RAG:!1,WORKSPACE_HOME:!1,DEBUG_UI:g.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1},_m=new gc(M0);async function k0(t){return await _m.isEnabled(t)}s(k0,"isEnabled");async function F0(){return await _m.fetch()}s(F0,"all");var Om={};P(Om,{setFeatureFlags:()=>w_,withFeatureFlags:()=>$0});function B0(){let t={};for(let{tenantId:e,key:r,value:n}of yc(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(B0,"getCurrentFlags");function W0(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(W0,"buildFlagString");function w_(t,e){let r=B0();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=W0(r);return ws({TENANT_FEATURE_FLAGS:n})}s(w_,"setFeatureFlags");function $0(t,e,r){let n=w_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s($0,"withFeatureFlags");var Mm={};P(Mm,{adminOnly:()=>Tc,auditLog:()=>Sc,authError:()=>Oe,buildAuthMiddleware:()=>DM,buildCsrfMiddleware:()=>CM,buildTenancyMiddleware:()=>RM,builderOnly:()=>bc,builderOrAdmin:()=>xc,google:()=>rr,internalApi:()=>Pc,joiValidator:()=>Mo,oidc:()=>nr,passport:()=>bM,platformLogout:()=>UM,refreshOAuthToken:()=>PM,ssoCallbackUrl:()=>Nr,updateUserOAuth:()=>NM,workspaceBuilderOrAdmin:()=>Lc});var Lm={};P(Lm,{activeTenant:()=>z_,adminOnly:()=>Tc,auditLog:()=>Sc,authError:()=>Oe,authenticated:()=>Cc,builderOnly:()=>bc,builderOrAdmin:()=>xc,correlation:()=>R_,csp:()=>k_,csrf:()=>vc,datasource:()=>IM,errorHandling:()=>B_,featureFlagCookie:()=>W_,google:()=>rr,internalApi:()=>Pc,ip:()=>$_,joiValidator:()=>Mo,local:()=>_i,oidc:()=>nr,pino:()=>C_,querystringToBody:()=>Y_,ssoCallbackUrl:()=>Nr,tenancy:()=>Uc,workspaceBuilderOrAdmin:()=>Lc});var D_=require("uuid");var G0=require("correlation-id"),R_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,D_.v4)()),G0.withId(r,()=>e())},"correlationMiddleware");var V0=require("koa-pino-logger"),q0=require("correlation-id");function K0(){return{logger:Nu,genReqId:q0.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(K0,"pinoSettings");function Q0(){return g.HTTP_LOGGING?V0(K0()):(t,e)=>e()}s(Q0,"getMiddleware");var C_=Q0();var Tc=s(async(t,e)=>(!t.internal&&!bt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var Sc=s(async(t,e)=>e(),"auditLog");var j0=/\/:(.*?)(\/.*)?$/g,er=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(j0);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),tr=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var bm={};P(bm,{SecretOption:()=>v_,compare:()=>J0,decrypt:()=>Ic,decryptFile:()=>eM,encrypt:()=>z0,encryptFile:()=>X0,getSecret:()=>Cm});var vt=B(require("crypto")),Pr=B(require("fs")),wm=require("path"),Dm=B(require("zlib"));var Ac="aes-256-ctr",x_="-",H0=1e4,Y0=32,_c=16,Rm=16,v_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(v_||{});function Cm(t){let e,r;switch(t){case"encryption":e=g.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=g.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(Cm,"getSecret");function Oc(t,e){return vt.default.pbkdf2Sync(t,new Uint8Array(e),H0,Y0,"sha512")}s(Oc,"stretchString");function z0(t,e="api"){let r=vt.default.randomBytes(_c),n=Oc(Cm(e),r),i=vt.default.createCipheriv(Ac,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${x_}${u}`}s(z0,"encrypt");function Ic(t,e="api"){let[r,n]=t.split(x_),i=Buffer.from(r,"hex"),o=Oc(Cm(e),i),a=vt.default.createDecipheriv(Ac,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(Ic,"decrypt");function J0(t,e,r="api"){try{let n=new TextEncoder,i=n.encode(Ic(e,r)),o=n.encode(t);return i.length!==o.length?!1:vt.default.timingSafeEqual(i,o)}catch{return!1}}s(J0,"compare");async function X0({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,wm.join)(t,e);if(Pr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=Pr.default.createReadStream(i),a=Pr.default.createWriteStream((0,wm.join)(t,n)),u=vt.default.randomBytes(_c),c=vt.default.randomBytes(Rm),l=Oc(r,u),d=vt.default.createCipheriv(Ac,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(Dm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(X0,"encryptFile");async function Z0(t){let e=Pr.default.createReadStream(t),r=await b_(e,_c),n=await b_(e,Rm);return e.close(),{salt:r,iv:n}}s(Z0,"getSaltAndIV");async function eM(t,e,r){if(Pr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await Z0(t),o=Pr.default.createReadStream(t,{start:_c+Rm}),a=Pr.default.createWriteStream(e),u=Oc(r,n),c=vt.default.createDecipheriv(Ac,new Uint8Array(u),new Uint8Array(i)),l=Dm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",h=>{a.close(),f(h)}),c.on("error",h=>{a.close(),f(h)}),l.on("error",h=>{a.close(),f(h)}),a.on("error",h=>{a.close(),f(h)})})}s(eM,"decryptFile");function b_(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(b_,"readBytes");var xm={};P(xm,{APIWarning:()=>In,FeatureDisabledWarning:()=>Dc,InvalidAPIKeyWarning:()=>Ai,UsageLimitWarning:()=>wc});var In=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},Ai=class extends In{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},wc=class extends In{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},Dc=class extends In{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var N_=B(require("dd-trace"));var rM=g.SESSION_UPDATE_PERIOD?parseInt(g.SESSION_UPDATE_PERIOD):60*1e3;function nM(){return new Date(Date.now()-rM).toISOString()}s(nM,"timeMinusOneMinute");function P_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(P_,"finalise");async function iM(t,e){if(Ks(t))return{valid:!0,user:void 0};let n=Ic(t).split(C)[0];return Ce(n,async()=>{let i;try{let o=Y();i=await Kt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await bo({userId:i,tenantId:n,populateUser:e})};throw new Ai})}s(iM,"checkApiKey");function Rc(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(Rc,"getHeader");function Cc(t=[],e={publicAllowed:!1}){let r=t?er(t):[];return async(n,i)=>{let o=!1,a=Rc(n,"x-budibase-api-version");tr(n,r)&&(o=!0);try{let c=Rc(n,"x-budibase-token"),l=jt(n,"budibase:auth")||Tu(c),d=Rc(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=Rc(n,"x-budibase-tenant-id"),h=!1,p,S=!1,m;if(l&&!d){let y=l.sessionId,I=l.userId,O;try{O=await Wp(I,y),e&&e.populateUser?p=await bo({userId:I,tenantId:O.tenantId,email:O.email,populateUser:e.populateUser(n)}):p=await bo({userId:I,tenantId:O.tenantId,email:O.email}),p.csrfToken=O.csrfToken,m="cookie",O?.lastAccessedAt<nM()&&await Bp(O),h=!0}catch(w){h=!1,console.warn(`Auth Error: ${w.message}`),Ar(n,"budibase:auth")}}if(!h&&d){let y=e.populateUser?e.populateUser(n):null,{valid:I,user:O}=await iM(d,y);I&&(h=!0,m="api_key",p=O,S=!O)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,h||(h=!1);let E=s(y=>y&&y.email,"isUser");return E(p)&&N_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),P_(n,{authenticated:h,user:p,internal:S,version:a,publicEndpoint:o,loginMethod:m}),E(p)?pf(p,n,i):i()}catch(c){if(console.warn(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Ar(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return P_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(Cc,"authenticated");async function bc(t,e){if(t.internal)return e();let r=await un(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!ke(t.user)?t.throw(403,"Builder user only endpoint."):r&&!Si(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(bc,"builderOnly");async function xc(t,e){if(t.internal||bt(t.user))return e();let r=await un(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!ke(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!Si(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(xc,"builderOrAdmin");var M_=B(require("crypto"));var U_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com","https://d2l5prqdbvm3op.cloudfront.net"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},L_=/^[A-Za-z0-9-*:/.]+$/,k_=s(async(t,e)=>{let r=M_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...U_};n["script-src"]=[...U_["script-src"],`'nonce-${r}'`];let i={"media-src":g.CUSTOM_CSP_MEDIA_SRC,"script-src":g.CUSTOM_CSP_SCRIPT_SRC,"connect-src":g.CUSTOM_CSP_CONNECT_SRC,"img-src":g.CUSTOM_CSP_IMG_SRC,"font-src":g.CUSTOM_CSP_FONT_SRC,"frame-src":g.CUSTOM_CSP_FRAME_SRC};for(let[u,c]of Object.entries(i))if(c){let l=c.split(",").map(d=>d.trim()).filter(d=>L_.test(d));n[u]=[...n[u]||[],...l]}if(t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let u=await Ms.getWorkspaceMetadata(t.appId);if("name"in u)for(let c of u.scripts||[]){let l=(c.cspWhitelist||"").split(`
37
+ `);for(let o of i.filter(a=>a))t.push(eo.default.readFileSync(o))}return t.push(eo.default.readFileSync(qS(QS))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(nP,"getLogReadStream");function iP(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(iP,"isPlainObject");function sP(t){return t instanceof Error}s(sP,"isError");function oP(t){return typeof t=="string"}s(oP,"isMessage");var Ir;if(!g.DISABLE_PINO_LOGGER){let t=g.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>g.SELF_HOSTED?{service:g.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(g.isDev()?{stream:(0,zS.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),g.SELF_HOSTED&&r.push({stream:Ap(),level:t}),Ir=r.length?(0,Pu.default)(e,Pu.default.multistream(r)):(0,Pu.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(E=>{oP(E)&&(f=`${f} ${E}`.trimStart()),iP(E)&&d.push(E),sP(E)&&(l=E)});let h=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:h?._id,identityType:h?.type,correlationId:up()};let S=Op.default.scope().active();S&&Op.default.inject(S.context(),JS.formats.LOG,p);let m={err:l,pid:process.pid,...p};if(d.length){let E={},y=0;for(let I=0;I<d.length;I++){let O=d[I],w=O._logKey;w?(delete O._logKey,m[w]=O):(E[y]=O,y++)}Object.keys(E).length&&(m.data=E)}return[m,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);Ir?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);Ir?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);Ir?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);Ir?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),Ir?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);Ir?.debug(l,d)};let i=s(()=>{let c;try{c=$()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=be()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=bf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=Gt()}catch{}return c},"getIdentity")}var Nu=Ir;var aP=["AccountError"];function uP(t){return t&&t.suppressAlert}s(uP,"isSuppressed");function dn(t,e){e&&aP.includes(e.name)&&uP(e)||console.error(`bb-alert: ${t}`,e)}s(dn,"logAlert");function cP(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,dn(t,n)}s(cP,"logAlertWithInfo");function ci(t,e){console.warn(`bb-warn: ${t}`,e)}s(ci,"logWarn");var Uu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},Ip=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new Et(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Uu&&await u.discard(),dn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Ue.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var lP=100,Lu,ro=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new Et("docWritethroughQueue",{jobOptions:{attempts:lP}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=Re(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},Dp=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await ro.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function XS(){return Lu=new ro().init(),Lu}s(XS,"init");function dP(){return Lu||XS()}s(dP,"getProcessor");var io={};P(io,{CacheKey:()=>ye,TTL:()=>mn,bustCache:()=>li,destroy:()=>no,get:()=>hn,keys:()=>Mu,store:()=>zt,withCache:()=>wr,withCacheWithDynamicTTL:()=>ZS});function Ct(t){let e=$();return`${t}:${e}`}s(Ct,"generateTenantKey");var fn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await kf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?Ct(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[Ct(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?Ct(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>Ct(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(Ct(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?Ct(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var pn=new fn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},mn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(mn||{}),Mu=s((...t)=>pn.keys(...t),"keys"),hn=s((...t)=>pn.get(...t),"get"),zt=s((...t)=>pn.store(...t),"store"),no=s((...t)=>pn.delete(...t),"destroy"),wr=s((...t)=>pn.withCache(...t),"withCache"),ZS=s((...t)=>pn.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),li=s((...t)=>pn.bustCache(...t),"bustCache");var xp={};P(xp,{createCode:()=>TP,deleteCode:()=>AP,getCode:()=>SP,getExistingInvites:()=>bp,getInviteCodes:()=>oA,updateCode:()=>yP});var En={};P(En,{AUTO_EXTEND_POLLING_MS:()=>rA,doWithLock:()=>so,newRedlock:()=>gn});var tA=B(require("redlock"));async function fP(t,e){if(t==="custom")return gn(e);switch(t){case"try_once":return gn(di.TRY_ONCE);case"try_twice":return gn(di.TRY_TWICE);case"default":return gn(di.DEFAULT);case"delay_500":return gn(di.DELAY_500);case"auto_extend":return gn(di.AUTO_EXTEND);default:throw _t.unreachable(t)}}s(fP,"getClient");var di={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function gn(t={}){let e={...di.DEFAULT,...t},n=(await Bf()).client;return new tA.default([n],e)}s(gn,"newRedlock");function pP(t){let r=`lock:${t.systemLock?"system":$()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(pP,"getLockName");var rA=pe.fromSeconds(10).toMs();async function so(t,e){let r=await fP(t.type,t.customOptions),n,i;try{let o=pP(t),a=t.type==="auto_extend"?rA:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(so,"doWithLock");var nA=pe.fromDays(7).toSeconds(),hP=pe.fromSeconds(10).toMs(),ku="Invitation is not valid or has expired, please request a new one.";function iA(t,e){if(!t)return null;let r=t.tenantId||e;return r?{tenantId:r,invites:t.invites||{}}:null}s(iA,"normaliseInviteList");function gP(t){let e=!1,r=Date.now();for(let[n,i]of Object.entries(t.invites))(!i?.expiresAt||i.expiresAt<=r)&&(delete t.invites[n],e=!0);return{list:t,changed:e}}s(gP,"pruneExpiredInvites");async function Cp(t){let r=await(await Us()).get(t);return iA(r,t)}s(Cp,"loadInviteList");async function oo(t,e){await(await Us()).store(t,e)}s(oo,"saveInviteList");async function ao(t,e){let{result:r}=await so({type:"default",name:"process_user_invite",systemLock:!0,resource:t,ttl:hP},e);return r}s(ao,"withInviteListLock");function EP(t,e){return{code:t,email:e.email,info:e.info}}s(EP,"toInviteWithCode");async function sA(t,e){let r=await Us(),n=iA(await r.get(e),e);if(!n)throw new Error(ku);if(!Object.keys(n.invites).includes(t))throw new Error(ku);return{list:n,invite:n.invites[t]}}s(sA,"findInviteInList");async function yP(t,e){let r={...e.info},n=r.tenantId||$();r.tenantId=n,await ao(n,async()=>{let i=await Cp(n)||{tenantId:n,invites:{}};i.invites[t]={email:e.email,info:r,expiresAt:Date.now()+nA*1e3},await oo(n,i)})}s(yP,"updateCode");async function TP(t,e){let r=ee(),n={...e||{}},i=n.tenantId||$();return n.tenantId=i,await ao(i,async()=>{let o=await Cp(i)||{tenantId:i,invites:{}};o.invites[r]={email:t,info:n,expiresAt:Date.now()+nA*1e3},await oo(i,o)}),r}s(TP,"createCode");async function SP(t,e){let r=e||$();return await ao(r,async()=>{let n=await sA(t,r),{list:i,invite:o}=n;if(o.expiresAt<=Date.now())throw delete i.invites[t],await oo(i.tenantId,i),new Error(ku);return{email:o.email,info:o.info}})}s(SP,"getCode");async function AP(t,e){let r=e||$();try{await ao(r,async()=>{let n=await sA(t,r);delete n.list.invites[t],await oo(n.list.tenantId,n.list)})}catch(n){if(n instanceof Error&&n.message===ku)return;throw n}}s(AP,"deleteCode");async function oA(){let t=$(),e=await ao(t,async()=>{let n=await Cp(t)||{tenantId:t,invites:{}},i=gP(n);return n=i.list,i.changed&&await oo(t,n),n}),r=new Map;for(let[n,i]of Object.entries(e.invites))r.set(n,EP(n,i));return Array.from(r.values())}s(oA,"getInviteCodes");async function bp(t){let e=new Set(t.map(r=>r.toLowerCase()));return(await oA()).filter(r=>e.has(r.email.toLowerCase()))}s(bp,"getExistingInvites");var vp={};P(vp,{createCode:()=>OP,getCode:()=>IP,invalidateCode:()=>wP});var _P=pe.fromHours(1).toSeconds();async function OP(t,e){let r=ee();return await(await Ls()).store(r,{userId:t,info:e},_P),r}s(OP,"createCode");async function IP(t){let r=await(await Ls()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(IP,"getCode");async function wP(t){await(await Ls()).delete(t)}s(wP,"invalidateCode");var br={};P(br,{getUser:()=>bo,getUsers:()=>e0,invalidateUser:()=>xo});var uo={};P(uo,{getPlatformDB:()=>Dr,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>uA,addUser:()=>vP,getUserDoc:()=>aA,lookupTenantId:()=>DP,removeUser:()=>PP,updateUserDoc:()=>RP});function Dr(){return Re(fe.PLATFORM_INFO.name)}s(Dr,"getPlatformDB");async function DP(t){return g.MULTI_TENANCY?(await aA(t)).tenantId:ae}s(DP,"lookupTenantId");async function aA(t){return Dr().get(t)}s(aA,"getUserDoc");async function RP(t){await Dr().put(t)}s(RP,"updateUserDoc");function CP(t,e){return{_id:t,tenantId:e}}s(CP,"newUserIdDoc");function bP(t,e,r){return{_id:e,userId:t,tenantId:r}}s(bP,"newUserEmailDoc");function xP(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(xP,"newUserSsoIdDoc");async function Pp(t,e){let r=Dr(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(Pp,"addUserDoc");async function uA(t,e,r,n){return Pp(t,()=>xP(t,e,r,n))}s(uA,"addSsoUser");async function vP(t,e,r,n){let i=[Pp(e,()=>CP(e,t)),Pp(r,()=>bP(e,r,t))];n&&i.push(uA(n,r,e,t)),await Promise.all(i)}s(vP,"addUser");async function PP(t){let e=Dr(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(PP,"removeUser");var yn={};P(yn,{getAccount:()=>Rr,getAccountByTenantId:()=>fi,getStatus:()=>NP});var cA=B(require("node-fetch"));var co=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Ys.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,cA.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var Np=new co(g.INTERNAL_ACCOUNT_PORTAL_URL),Up=g.SELF_HOSTED||g.DISABLE_ACCOUNT_PORTAL,Rr=s(async t=>{if(Up)return;let e={email:t},r=await Np.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),fi=s(async t=>{if(Up)return;let e={tenantId:t},r=await Np.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),NP=s(async()=>{if(Up)return;let t=await Np.get("/api/status",{headers:{"x-budibase-api-key":g.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var Ei={};P(Ei,{UserDB:()=>xt,addAppBuilder:()=>zL,bulkGetGlobalUsersById:()=>ac,bulkUpdateGlobalUsers:()=>Do,cleanseUserObject:()=>rm,creatorsInList:()=>An,doesUserExist:()=>KL,getAccountHolderFromUsers:()=>oc,getAllUserIds:()=>VL,getAllUsers:()=>qL,getById:()=>_n,getCreatorCount:()=>HL,getExistingAccounts:()=>gi,getExistingPlatformUsers:()=>JA,getExistingTenantUsers:()=>zA,getFirstPlatformUser:()=>Io,getGlobalUserByAppPage:()=>i_,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>rc,getUserCount:()=>jL,hasAdminPermissions:()=>Cr,hasAppBuilderPermissions:()=>e_,hasBuilderPermissions:()=>ke,isAdmin:()=>bt,isAdminOrBuilder:()=>ZA,isAdminOrWorkspaceBuilder:()=>nc,isBuilder:()=>Si,isCreatorAsync:()=>wo,isCreatorSync:()=>ic,isGlobalBuilder:()=>XA,paginatedUsers:()=>o_,removeAppBuilder:()=>JL,removePortalUserPermissions:()=>YL,searchExistingEmails:()=>Jp,searchGlobalUsersByApp:()=>n_,searchGlobalUsersByAppAccess:()=>tm,searchGlobalUsersByEmail:()=>s_,validateUniqueUser:()=>sc});var Qu={};P(Qu,{ActiveContentFileError:()=>Wu,BadRequestError:()=>fo,BudibaseError:()=>lo,EmailUnavailableError:()=>Jt,FeatureDisabledError:()=>Vu,ForbiddenError:()=>$u,HTTPError:()=>Me,NotFoundError:()=>Bu,NotImplementedError:()=>Gu,UnexpectedError:()=>Fu,UsageLimitError:()=>qu,getErrorMessage:()=>lA,getPublicError:()=>Ku});var lo=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}};function lA(t){if(t==null)return"No error provided.";if(t instanceof Error)return t.message;if(typeof t=="string")return t;if(typeof t=="object"&&"message"in t)return String(t.message);try{let r=JSON.stringify(t);if(r!=="{}")return r}catch{}let e=String(t);return e!=="[object Object]"?e:"An unknown error occurred"}s(lA,"getErrorMessage");var Ku=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),Me=class t extends lo{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.error?.message||u.message,o=u.status??r.status,a=u.error?.code??r.statusText}catch{}return new t(i,o,a)}},Fu=class extends Me{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Bu=class extends Me{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},fo=class extends Me{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},Wu=class extends fo{static{s(this,"ActiveContentFileError")}constructor(e){super(`File "${e}" contains active content which is not permitted`)}},$u=class extends Me{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},Gu=class extends Me{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},Vu=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},qu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Jt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var Fp={};P(Fp,{PASSWORD_MAX_LENGTH:()=>Mp,PASSWORD_MIN_LENGTH:()=>Lp,validatePassword:()=>kp});var Lp=+(g.PASSWORD_MIN_LENGTH||12),Mp=+(g.PASSWORD_MAX_LENGTH||512);function kp(t){return!t||t.length<Lp?{valid:!1,error:`Password invalid. Minimum ${Lp} characters.`}:t.length>Mp?{valid:!1,error:`Password invalid. Maximum ${Mp} characters.`}:{valid:!0}}s(kp,"validatePassword");var ju={};P(ju,{createASession:()=>UP,endSession:()=>LP,getSession:()=>Wp,getSessionsForUser:()=>po,invalidateSessions:()=>Tn,updateSessionTTL:()=>Bp});var fA=require("uuid");var pA=g.SESSION_EXPIRY_SECONDS?parseInt(g.SESSION_EXPIRY_SECONDS):pe.fromDays(7).toSeconds();function pi(t,e){return`${t}/${e}`}s(pi,"makeSessionID");async function po(t){return t?(await(await yr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(po,"getSessionsForUser");async function Tn(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await po(t)).map(a=>({key:pi(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:pi(t,o)}))),i&&i.length>0){let o=await yr(),a=[];for(let u of i)a.push(o.delete(u.key));g.isTest()||ci(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(Tn,"invalidateSessions");async function UP(t,e){let r=await po(t),n=0;if(r.length>=3){let l=r.sort((h,p)=>new Date(h.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(h=>h.sessionId);n=f.length,await Tn(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await yr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,fA.v4)(),u=pi(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,pA),{session:c,invalidatedSessionCount:n}}s(UP,"createASession");async function Bp(t){let e=await yr(),r=pi(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,pA)}s(Bp,"updateSessionTTL");async function LP(t,e){await(await yr()).delete(pi(t,e))}s(LP,"endSession");async function Wp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await yr()).get(pi(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Wp,"getSession");var hi={};P(hi,{account:()=>wA,action:()=>DA,ai:()=>RA,analytics:()=>Yu,app:()=>CA,asyncEventQueue:()=>Tt,auditLog:()=>bA,auth:()=>tc,automation:()=>xA,backfill:()=>vA,backfillCache:()=>Xu,backup:()=>PA,datasource:()=>NA,email:()=>UA,environmentVariable:()=>LA,group:()=>MA,identification:()=>St,initAsyncEvents:()=>xL,installation:()=>yo,layout:()=>kA,license:()=>FA,org:()=>BA,plugin:()=>WA,processors:()=>Qp,publishEvent:()=>A,query:()=>$A,resource:()=>GA,role:()=>Oo,rowAction:()=>VA,rows:()=>qA,screen:()=>KA,serve:()=>QA,shutdown:()=>vL,table:()=>jA,user:()=>Fe,view:()=>HA,workspace:()=>YA});var Yu={};P(Yu,{enabled:()=>Hu});var Hu=s(async()=>zu(),"enabled");var Tt;function Ju(){Tt=new Et("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(Ju,"init");async function mA(){Tt&&await Tt.close()}s(mA,"shutdown");async function hA(t){Tt||Ju();let{event:e,identity:r}=t;th.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(hA,"publishAsyncEvent");var Xu={};P(Xu,{end:()=>kP,isAlreadySent:()=>Vp,isBackfillingEvent:()=>Gp,recordEvent:()=>$p,start:()=>MP});var MP=s(async t=>BP({eventWhitelist:t}),"start"),$p=s(async(t,e)=>{let r=qp(t,e);await zt(r,e,void 0,{useTenancy:!1})},"recordEvent"),kP=s(async()=>{await WP(),await $P()},"end"),FP=s(async()=>hn(ye.BACKFILL_METADATA),"getBackfillMetadata"),BP=s(async t=>zt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),WP=s(async()=>{await no(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),$P=s(async()=>{let t=qp(),e=await Mu(t);for(let r of e)await no(r,{useTenancy:!1})},"clearEvents"),Gp=s(async t=>{let r=(await FP())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),Vp=s(async(t,e)=>{let r=qp(t,e);return!!await hn(r,{useTenancy:!1})},"isAlreadySent"),GP={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},qp=s((t,e)=>{let r,n=$();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=GP[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Qp={};P(Qp,{analyticsProcessor:()=>_A,init:()=>XP,processors:()=>Zt});var SA=require("posthog-node");var VP=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),qP=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var EA={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},yA=s(async t=>{if(!VP(t))return!1;let e=await KP(t);if(e){let r=new Date(e.timestamp);switch(EA[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await gA(t,{timestamp:Date.now()}),!1):!0}}else return await gA(t,{timestamp:Date.now()}),!1},"limited"),TA=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return qP(t)&&(e=e+":"+be()),e},"eventKey"),KP=s(async t=>{let e=TA(t);return await hn(e)},"readEvent"),gA=s(async(t,e)=>{let r=TA(t),n=EA[t],i;switch(n){case"calendarDay":i=86400}await zt(r,e,i)},"recordEvent");var jP=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated"],mo=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new SA.PostHog(e)}async processEvent(e,r,n,i){if(jP.includes(e)||await yA(e))return;n=this.clearPIIProperties(n),n.version=g.VERSION,n.service=g.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=be();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var AA=mo;var HP=["installation:version:upgraded","installation:version:downgraded"],YP=["installation","tenant"],ho=class{static{s(this,"AnalyticsProcessor")}constructor(){g.POSTHOG_TOKEN&&!g.isTest()&&(this.posthog=new AA(g.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!HP.includes(e)&&!await Hu()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!YP.includes(e.type)&&!await Hu()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Kp=g.SELF_HOSTED&&!g.isDev(),go=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Kp||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Kp||console.log("[audit] identified",e)}async identifyGroup(e){Kp||console.log("[audit] group identified",e)}async shutdown(){}};var mi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new Et("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await Ce(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};g.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&Zf(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:be(),hostInfo:r.hostInfo},tenantId:$()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var Eo=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var _A=new ho,zP=new go,JP=new mi;function XP(t){return mi.init(t)}s(XP,"init");var Zt=new Eo([_A,zP,JP]);var Zu={};P(Zu,{checkInstallVersion:()=>tN,getInstall:()=>To,getInstallFromDB:()=>Hp});var jp=B(require("semver"));var To=s(async()=>wr(ye.INSTALLATION,86400,Hp,{useTenancy:!1}),"getInstall");async function ZP(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:g.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return Hp();throw r}}s(ZP,"createInstallDoc");var Hp=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await ZP(t);else throw r}return e}),"getInstallFromDB"),eN=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await To();r.version=t,await e.put(r),await li(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),tN=s(async()=>{let t=await To(),e=t.version,r=g.VERSION;try{if(e!==r){let n=jp.default.gt(r,e),i=jp.default.lt(r,e);await eN(r)&&(await Rs({_id:t.installId,type:"installation"},async()=>{n?await yo.upgraded(e,r):i&&await yo.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?dn(`Invalid version "${r}" - is it semver?`):dn("Failed to retrieve version",n)}},"checkInstallVersion");var rN=s(async()=>{let t=df(),e=_o(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await Sn(),i=So();return{id:OA(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await Sn(),i=await ec($()),o=So();return{id:OA(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:$(),environment:e}}else if(r==="user"){let n=t,i=await ec($()),o=await Sn(),a=n.account,u;return a?u=a.hosting:u=So(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:$(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),nN=s(async(t,e)=>{let r=t,n="installation",i=So(),o=g.VERSION,a=_o(),u={id:r,type:n,hosting:i,version:o,environment:a};await Yp(u,e),await Ao({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),iN=s(async(t,e,r,n=g.VERSION)=>{let i=await ec(t),o="tenant",a=await Sn(),u=_o(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await Yp(c,r),await Ao({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),sN=s(async(t,e,r)=>{let n=t._id,i=await ec(t.tenantId),o="user",a=ke(t),u=Cr(t),c;jo(t)&&(c=t.providerType);let d=(await gi([t.email])).length>0,f=!!e&&d&&e.verified,h=await Sn(),p=e?e.hosting:So(),S=_o();await Ao({id:n,type:o,hosting:p,installationId:h,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:S},r)},"identifyUser"),oN=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Qo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await Sn(),l=_o();if(Ko(t)){let f=await At(t.email);f?._id&&(e=f._id)}await Ao({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),Ao=s(async(t,e)=>{await Zt.identify(t,e)},"identify"),Yp=s(async(t,e)=>{await Zt.identifyGroup(t,e)},"identifyGroup"),_o=s(()=>g.isDev()?"development":g.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),So=s(()=>g.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),Sn=s(async()=>aN()?"account-portal":(await To()).installId,"getInstallationId"),ec=s(async t=>g.SELF_HOSTED?IA(t):t,"getEventTenantId"),IA=s(async t=>Ce(t,()=>wr(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=Y(),r=await yi(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=g.VERSION,await e.put(r),n)})),"getUniqueTenantId"),aN=s(()=>g.SERVICE==="account-portal","isAccountPortal"),OA=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:rN,identifyInstallationGroup:nN,identifyTenantGroup:iN,identifyUser:sN,identifyAccount:oN,identify:Ao,identifyGroup:Yp,getInstallationId:Sn,getUniqueTenantId:IA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Gp(t))){await hA({event:t,identity:i,properties:e,timestamp:r}),await Zt.processEvent(t,i,e,r);return}await Vp(t,e)||(await Zt.processEvent(t,i,e,r),await $p(t,e))},"publishEvent");async function uN(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(uN,"created");async function cN(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(cN,"deleted");async function lN(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(lN,"verified");var wA={created:uN,deleted:cN,verified:lN};async function dN(t,e){console.info("action:automation_step:executed",`disabled. Action step ${t.stepId} not published at ${e}`)}s(dN,"automationStepExecuted");async function fN(t,e){console.info("action:automation_step:executed",`disabled. Action type ${t.type} not published at ${e}`)}s(fN,"crudExecuted");async function pN(t,e){console.info("action:automation_step:executed",`disabled. Execution for ai agent ${t.agentId} not published at ${e}`)}s(pN,"aiAgentExecuted");var DA={aiAgentExecuted:pN,automationStepExecuted:dN,crudExecuted:fN};async function mN(t){let e={};await A("ai:config:created",e,t)}s(mN,"AIConfigCreated");async function hN(){let t={};await A("ai:config:updated",t)}s(hN,"AIConfigUpdated");var RA={AIConfigCreated:mN,AIConfigUpdated:hN};var gN=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function EN(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(EN,"updated");async function yN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(yN,"deleted");async function TN(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(TN,"published");async function SN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(SN,"unpublished");async function AN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(AN,"fileImported");async function _N(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(_N,"duplicated");async function ON(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(ON,"templateImported");async function IN(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(IN,"versionUpdated");async function wN(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(wN,"versionReverted");async function DN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(DN,"reverted");async function RN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(RN,"exported");var CA={created:gN,updated:EN,deleted:yN,published:TN,unpublished:SN,fileImported:AN,duplicated:_N,templateImported:ON,versionUpdated:IN,versionReverted:wN,reverted:DN,exported:RN};async function CN(t){let e={filters:t};await A("audit_log:filtered",e)}s(CN,"filtered");async function bN(t){let e={filters:t};await A("audit_log:downloaded",e)}s(bN,"downloaded");var bA={filtered:CN,downloaded:bN};async function xN(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(xN,"login");async function vN(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(vN,"logout");async function PN(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(PN,"SSOCreated");async function NN(t){let e={type:t};await A("auth:sso:updated",e)}s(NN,"SSOUpdated");async function UN(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(UN,"SSOActivated");async function LN(t){let e={type:t};await A("auth:sso:deactivated",e)}s(LN,"SSODeactivated");var tc={login:xN,logout:vN,SSOCreated:PN,SSOUpdated:NN,SSOActivated:UN,SSODeactivated:LN};async function MN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(MN,"created");async function kN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(kN,"triggerUpdated");async function FN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(FN,"deleted");async function BN(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(BN,"tested");var WN=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function $N(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s($N,"stepCreated");async function GN(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(GN,"stepDeleted");var xA={created:MN,triggerUpdated:kN,deleted:FN,tested:BN,run:WN,stepCreated:$N,stepDeleted:GN};var Ti=!g.SELF_HOSTED&&!g.isDev();async function VN(t){Ti||await A("app:backfill:succeeded",t)}s(VN,"appSucceeded");async function qN(t){if(Ti)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(qN,"appFailed");async function KN(t){Ti||await A("tenant:backfill:succeeded",t)}s(KN,"tenantSucceeded");async function QN(t){if(Ti)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(QN,"tenantFailed");async function jN(){if(Ti)return;let t={};await A("installation:backfill:succeeded",t)}s(jN,"installationSucceeded");async function HN(t){if(Ti)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(HN,"installationFailed");var vA={appSucceeded:VN,appFailed:qN,tenantSucceeded:KN,tenantFailed:QN,installationSucceeded:jN,installationFailed:HN};async function YN(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(YN,"appBackupRestored");async function zN(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(zN,"appBackupTriggered");var PA={appBackupRestored:YN,appBackupTriggered:zN};function zp(t){return!Object.values($o).includes(t.source)}s(zp,"isCustom");async function JN(t,e){let r={datasourceId:t._id,source:t.source,custom:zp(t)};await A("datasource:created",r,e)}s(JN,"created");async function XN(t){let e={datasourceId:t._id,source:t.source,custom:zp(t)};await A("datasource:updated",e)}s(XN,"updated");async function ZN(t){let e={datasourceId:t._id,source:t.source,custom:zp(t)};await A("datasource:deleted",e)}s(ZN,"deleted");var NA={created:JN,updated:XN,deleted:ZN};async function eU(t){let e={};await A("email:smtp:created",e,t)}s(eU,"SMTPCreated");async function tU(){let t={};await A("email:smtp:updated",t)}s(tU,"SMTPUpdated");var UA={SMTPCreated:eU,SMTPUpdated:tU};async function rU(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(rU,"created");async function nU(t){let e={name:t};await A("environment_variable:deleted",e)}s(nU,"deleted");async function iU(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(iU,"upgradePanelOpened");var LA={created:rU,deleted:nU,upgradePanelOpened:iU};async function sU(t,e){let r={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:created",r,e)}s(sU,"created");async function oU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:updated",e)}s(oU,"updated");async function aU(t){let e={groupId:t._id,viaScim:gt(),audited:{name:t.name}};await A("user_group:deleted",e)}s(aU,"deleted");async function uU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:user_added",n)}s(uU,"usersAdded");async function cU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:gt(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(cU,"usersDeleted");async function lU(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(lU,"createdOnboarding");async function dU(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(dU,"permissionsEdited");var MA={created:sU,updated:oU,deleted:aU,usersAdded:uU,usersDeleted:cU,createdOnboarding:lU,permissionsEdited:dU};async function fU(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(fU,"versionChecked");async function pU(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(pU,"upgraded");async function mU(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(mU,"downgraded");async function hU(){let t={};await A("installation:firstStartup",t)}s(hU,"firstStartup");var yo={versionChecked:fU,upgraded:pU,downgraded:mU,firstStartup:hU};async function gU(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(gU,"created");async function EU(t){let e={layoutId:t};await A("layout:deleted",e)}s(EU,"deleted");var kA={created:gU,deleted:EU};async function yU(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(yU,"planChanged");async function TU(t){let e={accountId:t.accountId};await A("license:activated",e)}s(TU,"activated");async function SU(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(SU,"checkoutOpened");async function AU(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(AU,"checkoutSuccess");async function _U(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(_U,"portalOpened");async function OU(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(OU,"paymentFailed");async function IU(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(IU,"paymentRecovered");var FA={planChanged:yU,activated:TU,checkoutOpened:SU,checkoutSuccess:AU,portalOpened:_U,paymentFailed:OU,paymentRecovered:IU};async function wU(t){let e={};await A("org:info:name:updated",e,t)}s(wU,"nameUpdated");async function DU(t){let e={};await A("org:info:logo:updated",e,t)}s(DU,"logoUpdated");async function RU(t){let e={};await A("org:platformurl:updated",e,t)}s(RU,"platformURLUpdated");async function CU(){let t={};await A("analytics:opt:out",t)}s(CU,"analyticsOptOut");async function bU(){let t={};await A("analytics:opt:out",t)}s(bU,"analyticsOptIn");var BA={nameUpdated:wU,logoUpdated:DU,platformURLUpdated:RU,analyticsOptOut:CU,analyticsOptIn:bU};async function xU(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(xU,"init");async function vU(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(vU,"imported");async function PU(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(PU,"deleted");var WA={init:xU,imported:vU,deleted:PU};var NU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),UU=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),LU=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),MU=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),kU=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),FU=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),$A={created:NU,updated:UU,deleted:LU,imported:MU,run:kU,previewed:FU};async function BU({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(BU,"duplicatedToWorkspace");var GA={duplicatedToWorkspace:BU};async function WU(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(WU,"created");async function $U(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s($U,"updated");async function GU(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(GU,"deleted");async function VU(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(VU,"assigned");async function qU(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(qU,"unassigned");var Oo={created:WU,updated:$U,deleted:GU,assigned:VU,unassigned:qU};async function KU(t,e){await A("row_action:created",t,e)}s(KU,"created");var VA={created:KU};var QU=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),jU=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),qA={created:QU,imported:jU};async function HU(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(HU,"created");async function YU(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(YU,"deleted");var KA={created:HU,deleted:YU};async function zU(t){let e={timezone:t};await A("served:builder",e)}s(zU,"servedBuilder");async function JU(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(JU,"servedApp");async function XU(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(XU,"servedAppPreview");var QA={servedBuilder:zU,servedApp:JU,servedAppPreview:XU};async function ZU(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(ZU,"created");async function eL(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(eL,"updated");async function tL(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(tL,"deleted");async function rL(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(rL,"exported");async function nL(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(nL,"imported");var jA={created:ZU,updated:eL,deleted:tL,exported:rL,imported:nL};async function iL(t,e){let r={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:created",r,e)}s(iL,"created");async function sL(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:updated",e)}s(sL,"updated");async function oL(t){let e={userId:t._id,viaScim:gt(),audited:{email:t.email}};await A("user:deleted",e)}s(oL,"deleted");async function aL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(aL,"permissionAdminAssigned");async function uL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s(uL,"permissionAdminRemoved");async function cL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(cL,"permissionBuilderAssigned");async function lL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(lL,"permissionBuilderRemoved");async function dL(t){let e={audited:{email:t}};await A("user:invited",e)}s(dL,"invited");async function fL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(fL,"inviteAccepted");async function pL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(pL,"passwordForceReset");async function mL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(mL,"passwordUpdated");async function hL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(hL,"passwordResetRequested");async function gL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(gL,"passwordReset");async function EL(t){let e={users:t};await A("user:data:collaboration",e)}s(EL,"dataCollaboration");var Fe={created:iL,updated:sL,deleted:oL,permissionAdminAssigned:aL,permissionAdminRemoved:uL,permissionBuilderAssigned:cL,permissionBuilderRemoved:lL,invited:dL,inviteAccepted:fL,passwordForceReset:pL,passwordUpdated:mL,passwordResetRequested:hL,passwordReset:gL,dataCollaboration:EL};async function yL(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(yL,"created");async function TL(t){let e={tableId:t.tableId};await A("view:updated",e)}s(TL,"updated");async function SL(t,e){let r={...Ue.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(SL,"deleted");async function AL(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(AL,"exported");async function _L({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(_L,"filterCreated");async function OL({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(OL,"filterUpdated");async function IL(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(IL,"filterDeleted");async function wL({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(wL,"calculationCreated");async function DL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(DL,"calculationUpdated");async function RL(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(RL,"calculationDeleted");async function CL(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(CL,"viewJoinCreated");var HA={created:yL,updated:TL,deleted:SL,exported:AL,filterCreated:_L,filterUpdated:OL,filterDeleted:IL,calculationCreated:wL,calculationUpdated:DL,calculationDeleted:RL,viewJoinCreated:CL};async function bL(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};await A("workspace_app:deleted",r)}s(bL,"deleted");var YA={deleted:bL};function xL(){}s(xL,"initAsyncEvents");var vL=s(async()=>{await Zt.shutdown(),console.log("Events shutdown")},"shutdown");var Xp={};P(Xp,{creatorsInList:()=>An,getAccountHolderFromUsers:()=>oc,hasAdminPermissions:()=>Cr,hasAppBuilderPermissions:()=>e_,hasBuilderPermissions:()=>ke,isAdmin:()=>bt,isAdminOrBuilder:()=>ZA,isAdminOrWorkspaceBuilder:()=>nc,isBuilder:()=>Si,isCreatorAsync:()=>wo,isCreatorSync:()=>ic,isGlobalBuilder:()=>XA,validateUniqueUser:()=>sc});async function Jp(t){let e=[],r=await zA(t);e.push(...r.map(a=>a.email));let n=await JA(t);e.push(...n.map(a=>a._id));let i=await gi(t);e.push(...i.map(a=>a.email));let o=await bp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(Jp,"searchExistingEmails");async function rc(t){return await Ws("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(rc,"getPlatformUsers");async function Io(t){return(await rc(t))[0]??null}s(Io,"getFirstPlatformUser");async function zA(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Kt("by_email2",r,void 0,n)}s(zA,"getExistingTenantUsers");async function JA(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("platform_users_lowercase_2",r)}s(JA,"getExistingPlatformUsers");async function gi(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await Ws("account_by_email",r)}s(gi,"getExistingAccounts");var Si=Le.users.isBuilder,bt=Le.users.isAdmin,XA=Le.users.isGlobalBuilder,ZA=Le.users.isAdminOrBuilder,Cr=Le.users.hasAdminPermissions,ke=Le.users.hasBuilderPermissions,e_=Le.users.hasAppBuilderPermissions,nc=Le.users.isAdminOrWorkspaceBuilder;async function An(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await Y().getMultiple(r,{allowMissing:!0}),t.map(i=>ic(i,e))}s(An,"creatorsInList");async function wo(t){let e=[];return t.userGroups&&(e=await Y().getMultiple(t.userGroups)),ic(t,e)}s(wo,"isCreatorAsync");function ic(t,e){let r=Le.users.isCreator(t);return!r&&t?PL(t,e):r}s(ic,"isCreatorSync");function PL(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(PL,"isCreatorByGroupMembership");async function sc(t,e){if(g.MULTI_TENANCY){let r=await Io(t);if(r!=null&&r.tenantId!==e)throw new Jt(t)}if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let r=await Rr(t);if(r&&r.verified&&r.tenantId!==e)throw new Jt(t)}}s(sc,"validateUniqueUser");async function oc(t){if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let e=await gi(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(oc,"getAccountHolderFromUsers");var Zp=s(async t=>{await Fe.deleted(t),ke(t)&&await Fe.permissionBuilderRemoved(t),Cr(t)&&await Fe.permissionAdminRemoved(t)},"handleDeleteEvents"),NL=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await Oo.assigned(t,i)},"assignAppRoleEvents"),UL=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await Oo.unassigned(t,i)},"unassignAppRoleEvents"),LL=s(async(t,e)=>{let r=t.roles,n=e?.roles;await NL(t,r,n),await UL(t,r,n)},"handleAppRoleEvents"),em=s(async(t,e,r)=>{let n=r;!n&&!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL&&(n=await fi($())),await St.identifyUser(t,n),e?(await Fe.updated(t),kL(t,e)&&await Fe.permissionBuilderRemoved(t),BL(t,e)&&await Fe.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Fe.passwordForceReset(t),t.password!==e.password&&await Fe.passwordUpdated(t)):await Fe.created(t),ML(t,e)&&await Fe.permissionBuilderAssigned(t),FL(t,e)&&await Fe.permissionAdminAssigned(t),await LL(t,e)},"handleSaveEvents"),ML=s((t,e)=>t_(t,e,ke),"isAddingBuilder"),kL=s((t,e)=>r_(t,e,ke),"isRemovingBuilder"),FL=s((t,e)=>t_(t,e,Cr),"isAddingAdmin"),BL=s((t,e)=>r_(t,e,Cr),"isRemovingAdmin"),t_=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),r_=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var $L=s(async t=>{let e=t._id;await yt.removeUser(t),await Zp(t),await br.invalidateUser(e),await Tn(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),xt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return g.ENABLE_SSO_MAINTENANCE_MODE&&bt(e)?!1:await t.features.isSSOEnforced()||jo(e)?!0:(r||(r=await fi($())),!!(r&&r.email===e.email&&Qo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new Me("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=kp(a);if(!f.valid)throw new Me(f.error,400)}c=r.hashPassword?await cf(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ri();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await Y().allDocs(on(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByWorkspace(e){if(typeof e!="string"||!e)throw new Error("Must provide a string based workspace ID");return{userCount:(await $s("by_app",ni(e,{include_docs:!1}))).rows.length}}static async getUsersByAppAccess(e){return await tm(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await _n(e);return r&&delete r.password,r}static async bulkGet(e){return await ac(e)}static async bulkUpdate(e){return await Do(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=$(),i=Y(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await _n(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(m){if(m.status!==404)throw m}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Jt(o);let d=1,f=0;if((r.isAccountHolder||l)&&(d=0,f=1),l){let[m,E]=await An([l,e]);f=m!==E?1:0}let h=!l,p=!!l&&!!o&&l.email!==o,S=!r.isAccountHolder&&!!o&&(h||p);return t.quotas.addUsers(d,f,async()=>{S&&await sc(o,n);let m=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(m=rm(m,l)),!l&&c?.length&&(m.roles={...c});let E=[];if(!a&&u.length>0)for(let y of u)E.push(t.groups.addUsers(y,[m._id]));try{let y=await i.put(m);return m._rev=y.rev,await em(m,l),l&&m.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,m._id,m.email,m.ssoId),await br.invalidateUser(y.id),await Promise.all(E),i.get(m._id)}catch(y){throw y.status===409?"User exists already":y}})}static async bulkCreate(e,r){let n=$(),i=[],o=[],a=[],u=e.map(h=>h.email),c=await Jp(u),l=[];for(let h of e){let p=o.find(m=>m.email.toLowerCase()===h.email.toLowerCase()),S=c.includes(h.email.toLowerCase());if(p||S){l.push({email:h.email,reason:"Unavailable"});continue}h.userGroups=r||[],o.push(h),await wo(h)&&a.push(h)}let d=await fi(n),f=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let S of o)f&&delete S.password,i.push(t.buildUser(S,{hashPassword:!0,requirePassword:!f},n,void 0,d));let h=await Promise.all(i);await Do(h);for(let S of h)await yt.addUser(n,S._id,S.email),await em(S,void 0,d);let p=h.map(S=>({_id:S._id,email:S.email}));if(Array.isArray(p)&&r){let S=[],m=p.map(E=>E._id);for(let E of r)S.push(t.groups.addUsers(E,m));await Promise.all(S)}return{successful:p,unsuccessful:l}})}static async bulkDelete(e){let r=Y(),n={successful:[],unsuccessful:[]},i=await oc(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await Do(u),d=(await An(a)).filter(p=>p).length,f=[];for(let p of a){let m=(await Io(p._id)).ssoId;m&&(await rc(m)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await $L(p)}await Dr().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let h={};return a.reduce((p,S)=>(p[S._id]=S,p),h),c.forEach(p=>{let S=h[p.id].email;p.ok?n.successful.push({_id:p.id,email:S}):n.unsuccessful.push({_id:p.id,email:S,reason:"Database error"})}),n}static async destroy(e){let r=Y(),n=await r.get(e),i=n._id;if(!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await Rr(a))throw n.userId===Gt()._id?new Me('Please visit "Account" to delete this user',400):new Me("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await wo(n)?1:0;await t.quotas.removeUsers(1,o),await Zp(n),await br.invalidateUser(i),await Tn(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await li(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function Co(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(Co,"removeUserPassword");async function ac(t,e){let n=(await Y().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=Co(n)),n}s(ac,"bulkGetGlobalUsersById");async function VL(){let t=Y(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`})).rows.map(n=>n.id)}s(VL,"getAllUserIds");async function qL(){let t=Y(),e=`us${C}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`,include_docs:!0})).rows.map(n=>n.doc)}s(qL,"getAllUsers");async function Do(t){return await Y().bulkDocs(t)}s(Do,"bulkUpdateGlobalUsers");async function _n(t,e){let n=await Y().get(t);return e?.cleanup&&(n=Co(n)),n}s(_n,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Kt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=Co(n)),n}s(At,"getGlobalUserByEmail");async function KL(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(KL,"doesUserExist");async function n_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=ni(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Kt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=Co(o)),o}s(n_,"searchGlobalUsersByApp");async function tm(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await Y().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(tm,"searchGlobalUsersByAppAccess");function i_(t,e){if(e)return gu(He(t),e._id)}s(i_,"getGlobalUserByAppPage");async function s_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Kt("by_email2",{...e,startkey:i,endkey:`${n}${Pe}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=Co(a)),a}s(s_,"searchGlobalUsersByEmail");var QL=8;async function o_({bookmark:t,query:e,appId:r,limit:n}={}){let i=Y(),o=n??QL,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await _n(e.equal._id)]:r?(c=await n_(r,u),d=s(f=>i_(r,f),"getKey")):e?.string?.email?(c=await s_(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await ac(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(on(null,{...u,limit:void 0}))).rows.map(h=>h.doc),c=mr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(on(null,u))).rows.map(h=>h.doc),Kf(c,o,{paginate:!0,property:l,getKey:d})}s(o_,"paginatedUsers");async function jL(){return(await $s("by_email2",{limit:0,include_docs:!1})).total_rows}s(jL,"getUserCount");async function HL(){let t=0;async function e(r){let n=await o_({bookmark:r}),i=await An(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(HL,"getCreatorCount");function YL(t){return delete t.admin,delete t.builder,t}s(YL,"removePortalUserPermissions");function rm(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(rm,"cleanseUserObject");async function zL(t,e){let r=He(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await xt.save(t,{hashPassword:!1})}s(zL,"addAppBuilder");async function JL(t,e){let r=He(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await xt.save(t,{hashPassword:!1})}s(JL,"removeAppBuilder");var a_=3600;async function XL(t,e){let n=await zf(e).get(t);if(n.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let i=await Rr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(XL,"populateFromDB");async function ZL(t){let e=await xt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!g.SELF_HOSTED&&!g.DISABLE_ACCOUNT_PORTAL){let o=await Rr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(ZL,"populateUsersFromDB");async function bo({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=XL),!e)try{e=$()}catch{e=await yt.lookupTenantId(t)}let i=await Ns(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,a_)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!Le.users.isGlobalBuilder(o)&&await Ce(e,async()=>{let a=await xt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(bo,"getUser");async function e0(t){let e=await Ns(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await ZL(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,a_);i.push(...a.users)}return{users:i,notFoundIds:o}}s(e0,"getUsers");async function xo(t){await(await Ns()).delete(t)}s(xo,"invalidateUser");var om={};P(om,{Writethrough:()=>im});var u_=1e4,nm=null;async function uc(){if(!nm){let t=await Ff();nm=new fn(t)}return nm}s(uc,"getCache");function vo(t,e){return t.name+e}s(vo,"makeCacheKey");function sm(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(sm,"makeCacheItem");async function t0(t,e,r=u_){let n=await uc(),i=e._id,o;i&&(o=await n.get(vo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await so({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;ci("Ignoring conflict in write-through cache")}})).executed||ci("Ignoring redlock conflict in write-through cache")),o=sm(u,a?null:o?.lastWrite),u._id&&await n.store(vo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(t0,"put");async function r0(t,e){let r=await uc(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=sm(o),await r.store(n,i)}return i.doc}s(r0,"get");async function n0(t,e){let r=await uc(),n=vo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=sm(o),await r.store(n,i)}return i.doc}s(n0,"tryGet");async function i0(t,e,r){let n=await uc();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(vo(t,i))}finally{await t.remove(i,r)}}s(i0,"remove");var im=class{static{s(this,"Writethrough")}constructor(e,r=u_){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return t0(this.db,e,r)}async get(e){return r0(this.db,e)}async tryGet(e){return n0(this.db,e)}async remove(e,r){return i0(this.db,e,r)}};function Po(t){return`config${C}${t}`}s(Po,"generateConfigID");var cc="en";function s0(){return{_id:Po("translations"),type:"translations",config:{defaultLocale:cc,locales:{[cc]:{label:"English",overrides:{}}}}}}s(s0,"createDefaultTranslationsConfig");function o0(t){let e=t?.defaultLocale||cc,r={...t?.locales??{}};r[e]||(r[e]={label:e===cc?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s(o0,"prepareTranslationsConfig");async function Be(t){let e=Y();try{return await e.get(Po(t))}catch(r){if(r.status===404)return;throw r}}s(Be,"getConfig");async function a0(t){return t._id||(t._id=Po(t.type)),Y().put(t)}s(a0,"save");async function c_(){let t=await Be("translations");return t?(t.config=o0(t.config),t):s0()}s(c_,"getTranslationsConfigDoc");async function u0(){return(await c_()).config}s(u0,"getTranslationsConfig");async function yi(){let t=await Be("settings");return t||(t={_id:Po("settings"),type:"settings",config:{}}),t.config.platformUrl=await No({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await zu({config:t.config}),t}s(yi,"getSettingsConfigDoc");async function um(){return(await yi()).config}s(um,"getSettingsConfig");async function No(t={tenantAware:!0}){let e=g.PLATFORM_URL||"http://localhost:10000";if(!g.SELF_HOSTED&&g.MULTI_TENANCY&&t.tenantAware){let r=$();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(g.SELF_HOSTED){let r=t?.config?t.config:(await Be("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(No,"getPlatformUrl");var zu=s(async t=>{if(!g.SELF_HOSTED)return!!g.ENABLE_ANALYTICS;let e=await wr(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await Be("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=g.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function c0(){return await Be("google")}s(c0,"getGoogleConfigDoc");async function dc(){return(await c0())?.config}s(dc,"getGoogleConfig");async function cm(){if(!g.SELF_HOSTED)return am();let t=await dc();return(!t||!t.activated)&&(t=am()),t}s(cm,"getGoogleDatasourceConfig");function am(){if(g.GOOGLE_CLIENT_ID&&g.GOOGLE_CLIENT_SECRET)return{clientID:g.GOOGLE_CLIENT_ID,clientSecret:g.GOOGLE_CLIENT_SECRET,activated:!0}}s(am,"getDefaultGoogleConfig");async function l0(){return Be("logos_oidc")}s(l0,"getOIDCLogosDoc");async function d0(){return Be("oidc")}s(d0,"getOIDCConfigDoc");async function f0(){let t=(await d0())?.config;return t?.configs&&t.configs[0]}s(f0,"getOIDCConfig");async function lm(t){let e=(await Be("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(lm,"getOIDCConfigById");async function l_(){return Be("smtp")}s(l_,"getSMTPConfigDoc");async function p0(t){let e=await l_();if(e)return e.config;let r=g.SELF_HOSTED||!t;if(g.SMTP_FALLBACK_ENABLED&&r)return{port:g.SMTP_PORT,host:g.SMTP_HOST,secure:!1,from:g.SMTP_FROM_ADDRESS,auth:{user:g.SMTP_USER,pass:g.SMTP_PASSWORD},fallback:!0}}s(p0,"getSMTPConfig");async function m0(){return(await Be("scim"))?.config}s(m0,"getSCIMConfig");async function h0(){return Be("recaptcha")}s(h0,"getRecaptchaConfig");var Sm={};P(Sm,{AccessController:()=>pm,BUILTIN_ROLE_IDS:()=>mm,Role:()=>xr,RoleHierarchyTraversal:()=>fc,RoleIDVersion:()=>hm,builtinRoleToNumber:()=>Uo,checkForRoleResourceArray:()=>m_,externalRole:()=>A0,findRole:()=>Lo,getAllRoleIds:()=>w0,getAllRoles:()=>Tm,getBuiltinRole:()=>f_,getBuiltinRoles:()=>Em,getDBRoleID:()=>h_,getExternalRoleID:()=>vr,getExternalRoleIDs:()=>g_,getRole:()=>_0,getUserRoleHierarchy:()=>ym,getUserRoleIdHierarchy:()=>p_,isBuiltin:()=>On,lowerBuiltinRoleID:()=>S0,prefixRoleIDNoBuiltin:()=>fm,roleIDsAreEqual:()=>ot,roleToNumber:()=>T0,saveRoles:()=>O0,validInherits:()=>y0});var d_=require("lodash"),pc=B(require("lodash/fp/cloneDeep")),dm=B(require("semver"));var mm={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},ie={...mm,BUILDER:"BUILDER"},hm={UUID:void 0,NAME:"name"};function E0(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(E0,"rolesInList");var xr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=hm.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=fm(e):e&&Array.isArray(e)&&(e=e.map(fm)),this.inherits=e,this}},fc=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Lo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!E0(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Lo(a.inherits,n,r),a&&i.push(a),Ue.roles.checkForRoleInheritanceLoops(i))break}}return(0,d_.uniqBy)(i,o=>o._id)}},gm={ADMIN:new xr(ie.ADMIN,ie.ADMIN,"admin",{displayName:"Admin user",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(ie.POWER),POWER:new xr(ie.POWER,ie.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(ie.BASIC),BASIC:new xr(ie.BASIC,ie.BASIC,"write",{displayName:"Basic user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(ie.PUBLIC),PUBLIC:new xr(ie.PUBLIC,ie.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new xr(ie.BUILDER,ie.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Em(){return(0,pc.default)(gm)}s(Em,"getBuiltinRoles");function On(t){return Object.values(mm).includes(t)}s(On,"isBuiltin");function fm(t){return On(t)?t:Vt(t)}s(fm,"prefixRoleIDNoBuiltin");function f_(t){let e=Object.values(gm).find(r=>t.includes(r._id));if(e)return(0,pc.default)(e)}s(f_,"getBuiltinRole");function y0(t,e){if(!e)return!1;let r=s(n=>t.find(i=>ot(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(y0,"validInherits");function Uo(t){let e=Em(),r=Object.values(e).length+1;if(ot(t,ie.ADMIN)||ot(t,ie.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Uo,"builtinRoleToNumber");async function T0(t){if(On(t))return Uo(t);let e=await ym(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>ot(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(On(n.inherits))return Uo(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(T0,"roleToNumber");function S0(t,e){return t?e&&Uo(t)>Uo(e)?e:t:e}s(S0,"lowerBuiltinRoleID");function ot(t,e){return Vt(t)===Vt(e)}s(ot,"roleIDsAreEqual");function A0(t){let e;return t._id&&(e=vr(t._id)),{...t,_id:e,inherits:g_(t.inherits,t.version)}}s(A0,"externalRole");function Lo(t,e,r){let n=f_(t);n||(t=Vt(t));let i=e.find(o=>o._id&&ot(o._id,t));return!i&&!On(t)&&r?.defaultPublic?(0,pc.default)(gm.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=vr(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Lo,"findRole");async function _0(t,e){let r=ei(),n=[];if(!On(t)){let i=await r.tryGet(h_(t));i&&n.push(i)}return Lo(t,n,e)}s(_0,"getRole");async function O0(t){await ei().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:Vt(r._id)})))}s(O0,"saveRoles");async function I0(t,e){let r=await Tm();if(ot(t,ie.ADMIN))return r;let n=Lo(t,r,e),i=[];return n&&(i=new fc(r,e).walk(n)),i}s(I0,"getAllUserRoles");async function p_(t){return(await ym(t)).map(r=>r._id)}s(p_,"getUserRoleIdHierarchy");async function ym(t,e){return I0(t,e)}s(ym,"getUserRoleHierarchy");function m_(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(m_,"checkForRoleResourceArray");async function w0(t){return(await Tm(t)).map(r=>r._id)}s(w0,"getAllRoleIds");async function Tm(t){if(t)return je(t,e);{let r;try{r=ei()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(Eu(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=vr(u._id,u.version)));let i=Em(),o=[];!r||await D0(r)?o=[ie.ADMIN,ie.POWER,ie.BASIC,ie.PUBLIC]:o=[ie.ADMIN,ie.BASIC,ie.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>ot(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=vr(u._id,c.version),n.push({...u,...c,name:u.name,_id:vr(u._id,u.version),uiMetadata:{...c.uiMetadata,...u.uiMetadata}}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=m_(a.permissions,u);return n}s(e,"internal")}s(Tm,"getAllRoles");async function D0(t){let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!dm.default.valid(r)?!0:!dm.default.gte(r,g.MIN_VERSION_WITHOUT_POWER_ROLE)}s(D0,"shouldIncludePowerRole");var pm=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||ot(e,ie.BUILDER)||ot(r,e)||ot(r,ie.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await p_(r),this.userHierarchies[r]=n),n?.find(i=>ot(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function h_(t){return t?.startsWith("role")?t:Vt(t)}s(h_,"getDBRoleID");function vr(t,e){if(t.startsWith(`role${C}`)&&(On(t)||e===hm.NAME)){let r=t.split(C);return r.shift(),r.join(C)}return t}s(vr,"getExternalRoleID");function g_(t,e){return t&&(typeof t=="string"?vr(t,e):t.map(r=>vr(r,e)))}s(g_,"getExternalRoleIDs");var Am={};P(Am,{BUILDER:()=>v0,BUILTIN_PERMISSIONS:()=>mc,CREATOR:()=>P0,GLOBAL_BUILDER:()=>N0,PermissionImpl:()=>se,PermissionLevel:()=>Ci,PermissionType:()=>qo,doesHaveBasePermission:()=>b0,getAllowedLevels:()=>S_,getBuiltinPermissionByID:()=>C0,getBuiltinPermissions:()=>R0,isPermissionLevelHigherThanRead:()=>x0,levelToNumber:()=>T_});var E_=B(require("lodash/flatten")),y_=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function T_(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(T_,"levelToNumber");function S_(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(S_,"getAllowedLevels");var mc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function R0(){return(0,y_.default)(mc)}s(R0,"getBuiltinPermissions");function C0(t){return Object.values(mc).find(r=>r._id===t)}s(C0,"getBuiltinPermissionByID");function b0(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(mc),o=(0,E_.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&S_(a.level).indexOf(e)!==-1)return!0;return!1}s(b0,"doesHaveBasePermission");function x0(t){return T_(t)>1}s(x0,"isPermissionLevelHigherThanRead");var v0="builder",P0="creator",N0="globalBuilder";var Im={};P(Im,{FlagSet:()=>gc,all:()=>F0,flags:()=>_m,getEnvFlags:()=>I_,init:()=>U0,isEnabled:()=>k0,parseEnvFlags:()=>yc,shutdown:()=>L0,testutils:()=>Om});var Ec=B(require("crypto")),A_=B(require("dd-trace")),__=require("lodash"),O_=require("posthog-node");var hc;function U0(t){g.POSTHOG_TOKEN&&g.POSTHOG_API_HOST&&!g.SELF_HOSTED&&g.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),hc=new O_.PostHog(g.POSTHOG_TOKEN,{host:g.POSTHOG_API_HOST,personalApiKey:g.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:pe.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(U0,"init");function L0(){hc?.shutdown()}s(L0,"shutdown");function yc(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(yc,"parseEnvFlags");function I_(){return yc(g.TENANT_FEATURE_FLAGS||"")}s(I_,"getEnvFlags");var gc=class{constructor(e){this.flagSchema=e;this.setId=Ec.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,__.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await A_.default.trace("features.fetch",async e=>{let r=Pf(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=$(),a=new Set;if(ru())return i;for(let{tenantId:f,key:h,value:p}of I_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(h),!!this.isFlagName(h))){if(typeof i[h]!="boolean")throw new Error(`Feature: ${h} is not a boolean`);i[h]=p,n[`flags.${h}.source`]="environment"}let u=Gt(),c=u?._id;if(!c){let f=xf();f&&(c=Ec.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,hc&&c){n.readFromPostHog=!0;let f=await yi(),h={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let S=await hc.getAllFlags(c,{personProperties:h,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[m,E]of Object.entries(S))if(this.isFlagName(m)){if(typeof E!="boolean"){console.warn(`Invalid value for posthog flag "${m}": ${E}`);continue}if(!(i[m]===!0||a.has(m)))try{i[m]=E,n[`flags.${m}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${m}": ${E}`,y)}}}let d=Uf();for(let[f,h]of Object.entries(d))this.isFlagName(f)&&typeof h=="boolean"&&(i[f]=h,n[`flags.${f}.source`]="override");Nf(this.setId,i);for(let[f,h]of Object.entries(i))n[`flags.${f}.value`]=h;return e?.addTags(n),i})}},M0={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!1,AI_RAG:!1,DEBUG_UI:g.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1},_m=new gc(M0);async function k0(t){return await _m.isEnabled(t)}s(k0,"isEnabled");async function F0(){return await _m.fetch()}s(F0,"all");var Om={};P(Om,{setFeatureFlags:()=>w_,withFeatureFlags:()=>$0});function B0(){let t={};for(let{tenantId:e,key:r,value:n}of yc(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(B0,"getCurrentFlags");function W0(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(W0,"buildFlagString");function w_(t,e){let r=B0();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=W0(r);return ws({TENANT_FEATURE_FLAGS:n})}s(w_,"setFeatureFlags");function $0(t,e,r){let n=w_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s($0,"withFeatureFlags");var Mm={};P(Mm,{adminOnly:()=>Tc,auditLog:()=>Sc,authError:()=>Oe,buildAuthMiddleware:()=>DM,buildCsrfMiddleware:()=>CM,buildTenancyMiddleware:()=>RM,builderOnly:()=>bc,builderOrAdmin:()=>xc,google:()=>rr,internalApi:()=>Pc,joiValidator:()=>Mo,oidc:()=>nr,passport:()=>bM,platformLogout:()=>UM,refreshOAuthToken:()=>PM,ssoCallbackUrl:()=>Nr,updateUserOAuth:()=>NM,workspaceBuilderOrAdmin:()=>Lc});var Lm={};P(Lm,{activeTenant:()=>z_,adminOnly:()=>Tc,auditLog:()=>Sc,authError:()=>Oe,authenticated:()=>Cc,builderOnly:()=>bc,builderOrAdmin:()=>xc,correlation:()=>R_,csp:()=>k_,csrf:()=>vc,datasource:()=>IM,errorHandling:()=>B_,featureFlagCookie:()=>W_,google:()=>rr,internalApi:()=>Pc,ip:()=>$_,joiValidator:()=>Mo,local:()=>_i,oidc:()=>nr,pino:()=>C_,querystringToBody:()=>Y_,ssoCallbackUrl:()=>Nr,tenancy:()=>Uc,workspaceBuilderOrAdmin:()=>Lc});var D_=require("uuid");var G0=require("correlation-id"),R_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,D_.v4)()),G0.withId(r,()=>e())},"correlationMiddleware");var V0=require("koa-pino-logger"),q0=require("correlation-id");function K0(){return{logger:Nu,genReqId:q0.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(K0,"pinoSettings");function Q0(){return g.HTTP_LOGGING?V0(K0()):(t,e)=>e()}s(Q0,"getMiddleware");var C_=Q0();var Tc=s(async(t,e)=>(!t.internal&&!bt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var Sc=s(async(t,e)=>e(),"auditLog");var j0=/\/:(.*?)(\/.*)?$/g,er=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(j0);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(r),method:n,route:r}}):[],"buildMatcherRegex"),tr=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.request.url),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var bm={};P(bm,{SecretOption:()=>v_,compare:()=>J0,decrypt:()=>Ic,decryptFile:()=>eM,encrypt:()=>z0,encryptFile:()=>X0,getSecret:()=>Cm});var vt=B(require("crypto")),Pr=B(require("fs")),wm=require("path"),Dm=B(require("zlib"));var Ac="aes-256-ctr",x_="-",H0=1e4,Y0=32,_c=16,Rm=16,v_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(v_||{});function Cm(t){let e,r;switch(t){case"encryption":e=g.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=g.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(Cm,"getSecret");function Oc(t,e){return vt.default.pbkdf2Sync(t,new Uint8Array(e),H0,Y0,"sha512")}s(Oc,"stretchString");function z0(t,e="api"){let r=vt.default.randomBytes(_c),n=Oc(Cm(e),r),i=vt.default.createCipheriv(Ac,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${x_}${u}`}s(z0,"encrypt");function Ic(t,e="api"){let[r,n]=t.split(x_),i=Buffer.from(r,"hex"),o=Oc(Cm(e),i),a=vt.default.createDecipheriv(Ac,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(Ic,"decrypt");function J0(t,e,r="api"){try{let n=new TextEncoder,i=n.encode(Ic(e,r)),o=n.encode(t);return i.length!==o.length?!1:vt.default.timingSafeEqual(i,o)}catch{return!1}}s(J0,"compare");async function X0({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,wm.join)(t,e);if(Pr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=Pr.default.createReadStream(i),a=Pr.default.createWriteStream((0,wm.join)(t,n)),u=vt.default.randomBytes(_c),c=vt.default.randomBytes(Rm),l=Oc(r,u),d=vt.default.createCipheriv(Ac,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(Dm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(X0,"encryptFile");async function Z0(t){let e=Pr.default.createReadStream(t),r=await b_(e,_c),n=await b_(e,Rm);return e.close(),{salt:r,iv:n}}s(Z0,"getSaltAndIV");async function eM(t,e,r){if(Pr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await Z0(t),o=Pr.default.createReadStream(t,{start:_c+Rm}),a=Pr.default.createWriteStream(e),u=Oc(r,n),c=vt.default.createDecipheriv(Ac,new Uint8Array(u),new Uint8Array(i)),l=Dm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",h=>{a.close(),f(h)}),c.on("error",h=>{a.close(),f(h)}),l.on("error",h=>{a.close(),f(h)}),a.on("error",h=>{a.close(),f(h)})})}s(eM,"decryptFile");function b_(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(b_,"readBytes");var xm={};P(xm,{APIWarning:()=>In,FeatureDisabledWarning:()=>Dc,InvalidAPIKeyWarning:()=>Ai,UsageLimitWarning:()=>wc});var In=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},Ai=class extends In{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},wc=class extends In{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},Dc=class extends In{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var N_=B(require("dd-trace"));var rM=g.SESSION_UPDATE_PERIOD?parseInt(g.SESSION_UPDATE_PERIOD):60*1e3;function nM(){return new Date(Date.now()-rM).toISOString()}s(nM,"timeMinusOneMinute");function P_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(P_,"finalise");async function iM(t,e){if(Ks(t))return{valid:!0,user:void 0};let n=Ic(t).split(C)[0];return Ce(n,async()=>{let i;try{let o=Y();i=await Kt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await bo({userId:i,tenantId:n,populateUser:e})};throw new Ai})}s(iM,"checkApiKey");function Rc(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(Rc,"getHeader");function Cc(t=[],e={publicAllowed:!1}){let r=t?er(t):[];return async(n,i)=>{let o=!1,a=Rc(n,"x-budibase-api-version");tr(n,r)&&(o=!0);try{let c=Rc(n,"x-budibase-token"),l=jt(n,"budibase:auth")||Tu(c),d=Rc(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=Rc(n,"x-budibase-tenant-id"),h=!1,p,S=!1,m;if(l&&!d){let y=l.sessionId,I=l.userId,O;try{O=await Wp(I,y),e&&e.populateUser?p=await bo({userId:I,tenantId:O.tenantId,email:O.email,populateUser:e.populateUser(n)}):p=await bo({userId:I,tenantId:O.tenantId,email:O.email}),p.csrfToken=O.csrfToken,m="cookie",O?.lastAccessedAt<nM()&&await Bp(O),h=!0}catch(w){h=!1,console.warn(`Auth Error: ${w.message}`),Ar(n,"budibase:auth")}}if(!h&&d){let y=e.populateUser?e.populateUser(n):null,{valid:I,user:O}=await iM(d,y);I&&(h=!0,m="api_key",p=O,S=!O)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,h||(h=!1);let E=s(y=>y&&y.email,"isUser");return E(p)&&N_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),P_(n,{authenticated:h,user:p,internal:S,version:a,publicEndpoint:o,loginMethod:m}),E(p)?pf(p,n,i):i()}catch(c){if(console.warn(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Ar(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return P_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c)}}}s(Cc,"authenticated");async function bc(t,e){if(t.internal)return e();let r=await un(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!ke(t.user)?t.throw(403,"Builder user only endpoint."):r&&!Si(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(bc,"builderOnly");async function xc(t,e){if(t.internal||bt(t.user))return e();let r=await un(t);return!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!ke(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!Si(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(xc,"builderOrAdmin");var M_=B(require("crypto"));var U_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com","https://d2l5prqdbvm3op.cloudfront.net"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},L_=/^[A-Za-z0-9-*:/.]+$/,k_=s(async(t,e)=>{let r=M_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...U_};n["script-src"]=[...U_["script-src"],`'nonce-${r}'`];let i={"media-src":g.CUSTOM_CSP_MEDIA_SRC,"script-src":g.CUSTOM_CSP_SCRIPT_SRC,"connect-src":g.CUSTOM_CSP_CONNECT_SRC,"img-src":g.CUSTOM_CSP_IMG_SRC,"font-src":g.CUSTOM_CSP_FONT_SRC,"frame-src":g.CUSTOM_CSP_FRAME_SRC};for(let[u,c]of Object.entries(i))if(c){let l=c.split(",").map(d=>d.trim()).filter(d=>L_.test(d));n[u]=[...n[u]||[],...l]}if(t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let u=await Ms.getWorkspaceMetadata(t.appId);if("name"in u)for(let c of u.scripts||[]){let l=(c.cspWhitelist||"").split(`
38
38
  `).filter(f=>L_.test(f)),d=["default-src","script-src","connect-src","media-src","img-src","font-src","frame-src"];for(let f of d)n[f]=[...n[f]||[],...l]}}catch(u){console.error(`Error occurred in Content-Security-Policy middleware: ${u}`)}let a=Object.entries(n).map(([u,c])=>`${u} ${c.join(" ")}`).join("; ");t.set("Content-Security-Policy",a),await e()},"contentSecurityPolicy");var sM=["GET","HEAD","OPTIONS"],oM=["application/x-www-form-urlencoded","multipart/form-data","text/plain"];function vc(t={noCsrfPatterns:[]}){let e=er(t.noCsrfPatterns);return async(r,n)=>{if(tr(r,e)||sM.indexOf(r.method)!==-1)return n();let o=r.get("content-type")?r.get("content-type").toLowerCase():"";if(!oM.filter(c=>o.includes(c)).length||r.internal)return n();let a=r.user?.csrfToken;if(!a)return n();let u=r.get("x-csrf-token");return(!u||u!==a)&&r.throw(403,"Invalid CSRF token"),n()}}s(vc,"csrf");function F_(t){if(t.includes("-----BEGIN PRIVATE KEY-----"))return!0;for(let e of eT){let r=g[e];if(!(typeof r!="string"||r==="")&&t.includes(r))return!0}return!1}s(F_,"stringContainsSecret");async function B_(t,e){try{await e()}catch(r){let n=r.status||r.statusCode||500;t.status=n,n>=400&&n<500?console.warn(r):console.error("Got 400 response code",r);let i={message:r.message,status:n,validationErrors:r.validation,error:Ku(r)};if(F_(JSON.stringify(i))&&(i={message:"Unexpected error",status:n,error:"Unexpected error"}),g.isTest()&&t.headers["x-budibase-include-stacktrace"]){let o=r;for(;o.cause;)o=o.cause;i.stack=o.stack}t.body=i}}s(B_,"errorHandling");var W_=s(async(t,e)=>{let n=jt(t,"budibase:featureflags")?.flags||{};await Lf(n,async()=>{await e()})},"featureFlagCookie");async function Pc(t,e){let r=t.request.headers["x-budibase-api-key"];return r||t.throw(403,"Unauthorized"),Array.isArray(r)&&t.throw(403,"Unauthorized"),Ks(r)||t.throw(403,"Unauthorized"),e()}s(Pc,"internalApi");async function $_(t,e){return t.ip?await vf(t.ip,()=>e()):e()}s($_,"ip");var Mo={};P(Mo,{body:()=>aM,params:()=>uM});var vm=B(require("joi"));function G_(t,e,r){let n=r?.errorPrefix??`Invalid ${e}`;return(i,o)=>{if(!t)return o();let a=null,u=i.request?.[e];i[e]!=null?a=i[e]:u!=null&&(a=u),t.append&&(t=t.append({createdAt:vm.default.any().optional(),updatedAt:vm.default.any().optional()}));let{error:c}=t.validate(a,{allowUnknown:r?.allowUnknown});if(c){let l=c.message;n&&(l=`Invalid ${e} - ${l}`),i.throw(400,l)}return o()}}s(G_,"validate");function aM(t,e){return G_(t,"body",e)}s(aM,"body");function uM(t,e){return G_(t,"params",e)}s(uM,"params");var _i={};P(_i,{authenticate:()=>dM,options:()=>lM});function Oe(t,e,r){return t(r,null,{message:e})}s(Oe,"authError");async function Nr(t,e){if(e&&e.callbackURL)return e.callbackURL;let r=await um(),n="/api/global/auth";return Er()&&(n+=`/${$()}`),n+=`/${t}/callback`,`${r.platformUrl}${n}`}s(Nr,"ssoCallbackUrl");var Pm="Invalid credentials",cM="This account has expired. Please reset your password",lM={passReqToCallback:!0};async function dM(t,e,r,n){if(!e)return Oe(n,"Email Required");if(!r)return Oe(n,"Password Required");let i=await At(e);return i==null?(console.info(`user=${e} could not be found`),Oe(n,Pm)):i.status==="inactive"?(console.info(`user=${e} is inactive`,i),Oe(n,Pm)):i.password?await lf(r,i.password)?(delete i.password,n(null,i)):Oe(n,Pm):(console.info(`user=${e} has no password set`,i),Oe(n,cM))}s(dM,"authenticate");var rr={};P(rr,{buildVerifyFn:()=>K_,getCallbackUrl:()=>mM,strategyFactory:()=>Nm});var ko=s(t=>Promise.resolve(t),"ssoSaveUserNoOp");async function Nc(t,e=!0,r,n){if(!n)throw new Error("Save user function must be provided");if(!t.userId)return Oe(r,"sso user id required");if(!t.email)return Oe(r,"sso user email required");let i=ri(t.userId),o;try{o=await _n(i)}catch(u){if(!u.status||u.status!==404)return Oe(r,"Unexpected error when retrieving existing user",u)}if(o||(o=await At(t.email)),!o&&e)return Oe(r,"Email does not yet exist. You must set up your local budibase account first.");o||(o={_id:i,email:t.email,roles:{},tenantId:$()});let a=await fM(o,t);a.forceResetPassword=!1;try{delete a.password,a=await n(a,{hashPassword:!1,requirePassword:!1})}catch(u){return Oe(r,"Error saving user",u)}return r(null,a)}s(Nc,"authenticate");async function fM(t,e){let r,n,i;if(e.profile){let o=e.profile;if(o.name){let a=o.name;a.givenName&&(r=a.givenName),a.familyName&&(n=a.familyName)}}return e.oauth2&&(i={...e.oauth2}),{...t,provider:e.provider,providerType:e.providerType,firstName:r,lastName:n,oauth2:i}}s(fM,"syncUser");var pM=require("passport-google-oauth").OAuth2Strategy;function K_(t){return(e,r,n,i)=>{let o={provider:"google",providerType:"google",userId:n.id,profile:n,email:n._json.email,oauth2:{accessToken:e,refreshToken:r}};return Nc(o,!0,i,t)}}s(K_,"buildVerifyFn");async function Nm(t,e,r){try{let{clientID:n,clientSecret:i}=t;if(!n||!i)throw new Error("Configuration invalid. Must contain google clientID and clientSecret");let o=K_(r);return new pM({clientID:t.clientID,clientSecret:t.clientSecret,callbackURL:e},o)}catch(n){throw new Error(`Error constructing google authentication strategy: ${n}`)}}s(Nm,"strategyFactory");async function mM(t){return Nr("google",t)}s(mM,"getCallbackUrl");var nr={};P(nr,{buildVerifyFn:()=>H_,fetchStrategyConfig:()=>TM,getCallbackUrl:()=>SM,strategyFactory:()=>yM});var Q_=B(require("node-fetch"));var j_=require("@govtechsg/passport-openidconnect");function H_(t){return async(e,r,n,i,o,a,u,c,l)=>{let d=hM(r,n),f=gM(r,n),h={provider:e,providerType:"oidc",userId:d.id,profile:d,email:EM(d,f),oauth2:{accessToken:a,refreshToken:u}};return Nc(h,!1,l,t)}}s(H_,"buildVerifyFn");function hM(t,e){let r={...t?._json||{}};!r.email&&e.emails?.length&&(r.email=e.emails[0].value);let n=t?.displayName||e.displayName;return{id:t?.id||e.id,name:t?.name||e.name||!!n&&{givenName:n,familyName:""}||void 0,_json:r,provider:t?.provider}}s(hM,"normalizeProfile");function gM(t,e){return{email:t?._json?.email||e.emails?.[0]?.value,preferred_username:e.username}}s(gM,"buildJwtClaims");function EM(t,e){if(t._json.email)return t._json.email.toLowerCase();if(e.email)return e.email.toLowerCase();let r=e.preferred_username;if(r&&ep(r))return r.toLowerCase();throw new Error(`Could not determine user email from profile ${JSON.stringify(t)} and claims ${JSON.stringify(e)}`)}s(EM,"getEmail");async function yM(t,e){try{let r=H_(e),n=new j_.Strategy(t,r);return n.name="oidc",n}catch(r){throw new Error(`Error constructing OIDC authentication strategy - ${r}`)}}s(yM,"strategyFactory");async function TM(t,e){try{let{clientID:r,clientSecret:n,configUrl:i,pkce:o}=t;if(!r||!n||!e||!i)throw new Error("Configuration invalid. Must contain clientID, clientSecret, callbackUrl and configUrl");let a=await(0,Q_.default)(i);if(!a.ok)throw new Error(`Unexpected response when fetching openid-configuration: ${a.statusText}`);let u=await a.json();return{issuer:u.issuer,authorizationURL:u.authorization_endpoint,tokenURL:u.token_endpoint,userInfoURL:u.userinfo_endpoint,clientID:r,clientSecret:n,callbackURL:e,pkce:o}}catch(r){throw new Error(`Error constructing OIDC authentication configuration - ${r}`)}}s(TM,"fetchStrategyConfig");async function SM(){return Nr("oidc")}s(SM,"getCallbackUrl");function Y_(t,e){let r=t.request.query?.query;if(t.request.method.toLowerCase()!=="get"&&t.throw(500,"Query to download middleware can only be used for get requests."),!r)return e();let n=decodeURIComponent(r),i;try{i=JSON.parse(n)}catch{return e()}return t.request.body=i,e()}s(Y_,"querystringToBody");function Uc(t,e,r={noTenancyRequired:!1}){let n=er(t),i=er(e);return async function(o,a){let c={allowNoTenant:r.noTenancyRequired||!!tr(o,i)};!!tr(o,n)||(c.excludeStrategies=["query"]);let d=Vs(o,c);return o.set("x-budibase-tenant-id",d),Ce(d,a)}}s(Uc,"tenancy");function z_(t=[]){let e=er(t);return async function(r,n){if(tr(r,e))return n();try{if((await Be("settings"))?.config?.active===!1){r.status=404,r.body={message:"Tenant not found"};return}}catch(i){if(i.message==="Global DB not found")return n();throw i}return n()}}s(z_,"activeTenant");async function Lc(t,e){if(t.internal||bt(t.user))return e();let r=await un(t);return r&&!nc(t.user,r)?t.throw(403,"Workspace Admin/Builder user only endpoint."):!r&&!g.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!ke(t.user)&&t.throw(403,"Admin/Builder user only endpoint."),e()}s(Lc,"workspaceBuilderOrAdmin");var Um={};P(Um,{postAuth:()=>OM,preAuth:()=>_M});var AM=require("passport-google-oauth").OAuth2Strategy;async function J_(){let t=await cm();if(!t)throw new Error("No google configuration found");return t}s(J_,"fetchGoogleCreds");async function _M(t,e,r){let n=await J_(),o=`${await No({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=await Nm(n,o,ko);return e.query.appId||e.throw(400,"appId query param not present."),t.authenticate(a,{scope:["profile","email","https://www.googleapis.com/auth/spreadsheets"],accessType:"offline",prompt:"consent"})(e,r)}s(_M,"preAuth");async function OM(t,e,r){let n=await J_(),o=`${await No({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=jt(e,"budibase:datasourceauth");if(!a)throw new Error("Unable to fetch datasource auth cookie");return t.authenticate(new AM({clientID:n.clientID,clientSecret:n.clientSecret,callbackURL:o},(u,c,l,d)=>{Ar(e,"budibase:datasourceauth"),d(null,{accessToken:u,refreshToken:c})}),{successRedirect:"/",failureRedirect:"/error"},async(u,c)=>{let l=`/builder/workspace/${a.appId}/data`,d=ee();await zt(`datasource:creation:${a.appId}:google:${d}`,{tokens:c}),e.redirect(`${l}/new?continue_google_setup=${d}`)})(e,r)}s(OM,"postAuth");var IM={google:Um};var X_=require("koa-passport"),wM=require("passport-local").Strategy,Mc=require("passport-oauth2-refresh"),DM=Cc,RM=Uc,CM=vc,bM=X_;X_.use(new wM(_i.options,_i.authenticate));async function xM(t,e){let r=await nr.getCallbackUrl(),n,i;try{if(n=await nr.fetchStrategyConfig(t,r),!n)throw new Error("OIDC Config contents invalid");i=await nr.strategyFactory(n,ko)}catch{throw new Error("Could not refresh OAuth Token")}return Mc.use(i),new Promise(o=>{Mc.requestNewAccessToken("oidc",e,(a,u,c,l)=>{o({err:a,accessToken:u,refreshToken:c,params:l})})})}s(xM,"refreshOIDCAccessToken");async function vM(t,e){let r=await rr.getCallbackUrl(t),n;try{n=await rr.strategyFactory(t,r,ko)}catch(i){throw new Error(`Error constructing OIDC refresh strategy: message=${i.message}`)}return Mc.use(n),new Promise(i=>{Mc.requestNewAccessToken("google",e,(o,a,u,c)=>{i({err:o,accessToken:a,refreshToken:u,params:c})})})}s(vM,"refreshGoogleAccessToken");async function PM(t,e,r){switch(e){case"oidc":{if(!r)return{err:{data:"OIDC config id not provided"}};let n=await lm(r);return n?xM(n,t):{err:{data:"OIDC configuration not found"}}}case"google":{let n=await dc();return n?vM(n,t):{err:{data:"Google configuration not found"}}}}}s(PM,"refreshOAuthToken");async function NM(t,e){let r={accessToken:e.accessToken,refreshToken:e.refreshToken};try{let n=Y(),i=await n.get(t);typeof r.refreshToken!="string"&&delete r.refreshToken,i.oauth2={...i.oauth2,...r},await n.put(i),await xo(t)}catch(n){console.error("Could not update OAuth details for current user",n)}}s(NM,"updateUserOAuth");async function UM(t){let e=t.ctx,r=t.userId,n=t.keepActiveSession;if(!e)throw new Error("Koa context must be supplied to logout.");let i=jt(e,"budibase:auth"),o=await po(r);i&&n?o=o.filter(u=>u.sessionId!==i.sessionId):Ar(e,"budibase:auth");let a=o.map(({sessionId:u})=>u);await Tn(r,{sessionIds:a,reason:"logout"}),await tc.logout(e.user?.email),await xo(r)}s(UM,"platformLogout");var Fm={};P(Fm,{validate:()=>BM});var x=B(require("joi"));var LM=["Relational","Non-relational","Spreadsheet","Object store","Graph","API"];function km(t,e){let{error:r}=t.validate(e);if(r)throw r}s(km,"runJoi");function MM(t){let e=x.default.object({type:x.default.string().allow("component").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),settings:x.default.array().items(x.default.object().unknown(!0)).required()}).unknown(!0)});km(e,t)}s(MM,"validateComponent");function kM(t){let e=x.default.object({type:x.default.string().allow(...Object.values(Gc)).required(),required:x.default.boolean().required(),default:x.default.any(),display:x.default.string()}),r=x.default.object({type:x.default.string().allow(...Object.values($c)),readable:x.default.boolean(),displayName:x.default.string(),fields:x.default.object().pattern(x.default.string(),e)}).required(),n=x.default.object({type:x.default.string().allow("datasource").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({docs:x.default.string(),plus:x.default.boolean().optional(),isSQL:x.default.boolean().optional(),auth:x.default.object({type:x.default.string().required()}).optional(),features:x.default.object(Object.fromEntries(Object.values(Vc).map(i=>[i,x.default.boolean().optional()]))).optional(),relationships:x.default.boolean().optional(),description:x.default.string().required(),friendlyName:x.default.string().required(),type:x.default.string().allow(...LM),datasource:x.default.object().pattern(x.default.string(),e).required(),query:x.default.object().pattern(x.default.string(),r).unknown(!0).required(),extra:x.default.object().pattern(x.default.string(),x.default.object({type:x.default.string().required(),displayName:x.default.string().required(),required:x.default.boolean(),data:x.default.object()}))})});km(n,t)}s(kM,"validateDatasource");function FM(t){let e=x.default.object().pattern(x.default.string(),{type:x.default.string().allow(...Object.values(qc)).required(),customType:x.default.string().allow(...Object.values(Kc)),title:x.default.string(),description:x.default.string(),enum:x.default.array().items(x.default.string()),pretty:x.default.array().items(x.default.string())}),r=x.default.object({properties:e,required:x.default.array().items(x.default.string())}).concat(e).required(),n=x.default.object({type:x.default.string().allow("automation").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),tagline:x.default.string().required(),icon:x.default.string().required(),description:x.default.string().required(),type:x.default.string().allow("ACTION","LOGIC").required(),stepId:x.default.string().disallow(...oh).required(),inputs:x.default.object().optional(),schema:x.default.object({inputs:r,outputs:r}).required()})});km(n,t)}s(FM,"validateAutomation");function BM(t){switch(t?.type){case"component":MM(t);break;case"datasource":kM(t);break;case"automation":FM(t);break;default:throw new Error(`Unknown plugin type - check schema.json: ${t.type}`)}}s(BM,"validate");var Bm={};P(Bm,{Client:()=>De,clients:()=>Tr,locks:()=>En,utils:()=>Ha});var Wm={};P(Wm,{isBlacklisted:()=>$M,refreshBlacklist:()=>rO});var Z_=B(require("dns")),Fc=B(require("net"));var eO=require("util");var kc,WM=(0,eO.promisify)(Z_.default.lookup);async function tO(t){return Fc.default.isIP(t)||(t.startsWith("http")||(t=`https://${t}`),t=new URL(t).hostname),(await WM(t,{all:!0})).map(r=>r.address)}s(tO,"lookup");async function rO(){let e=g.BLACKLIST_IPS?.split(",")||[],r=[];for(let n of e){let i=n.trim();if(Fc.default.isIP(i))r.push(i);else{let o=await tO(i);r=r.concat(o)}}kc=r}s(rO,"refreshBlacklist");async function $M(t){if(kc||await rO(),kc?.length===0)return!1;let e;return Fc.default.isIP(t)?e=[t]:e=await tO(t),!!kc?.find(r=>e.includes(r))}s($M,"isBlacklisted");var Gm={};P(Gm,{init:()=>VM});var GM={"user:created":t=>t.userId,"user:updated":t=>t.userId,"user:deleted":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:admin:removed":t=>t.userId,"user:builder:assigned":t=>t.userId,"user:builder:removed":t=>t.userId,"user_group:created":t=>t.groupId,"user_group:updated":t=>t.groupId,"user_group:deleted":t=>t.groupId,"user_group:user_added":t=>t.groupId,"user_group:users_deleted":t=>t.groupId,"user_group:permissions_edited":t=>t.groupId,"automation:deleted":t=>t.automationId,"datasource:deleted":t=>t.datasourceId,"table:deleted":t=>t.tableId,"query:deleted":t=>t.queryId,"workspace_app:deleted":t=>t.workspaceAppId,"view:deleted":t=>t.id};function nO(t,e){let r=GM[t];if(!r)throw new Error("Event does not have a method of document ID extraction");return r(e)}s(nO,"getDocumentId");var Fo=class{constructor(e){this.processors=[];this.processors=e}static{s(this,"DocumentUpdateProcessor")}async processEvent(e,r,n){let i=r.realTenantId,o=nO(e,n);if(!(!i||!o))for(let{events:a,processor:u}of this.processors)a.includes(e)&&await Ce(i,async()=>{await u({id:o,tenantId:i,appId:n.appId,properties:n})})}shutdown(){return mA()}};var iO,$m;function VM(t){Tt||Ju(),$m||($m=new Fo(t)),iO||(iO=Tt.process(async e=>{let{event:r,identity:n,properties:i}=e.data;await $m.processEvent(r,n,i)}))}s(VM,"init");var Jm={};P(Jm,{COUNT_FIELD_NAME:()=>Ym,Sql:()=>fO,SqlTable:()=>Bc,designDoc:()=>zm,utils:()=>If});var uO=require("knex");var qM=require("knex");function Vm(t){return["link","formula","ai"].indexOf(t)!==-1}s(Vm,"isIgnoredType");function sO(t,e,r,n,i){let o=e&&e.primary?e.primary:[],a=Object.values(e.schema),u=a.filter(h=>h.meta),c=u.length===a.length,l=[];n||(c?t.primary(u.map(h=>h.name)):o.length===1?(t.increments(o[0]).primary(),l.push(o[0])):t.primary(o));let d=Object.values(e.schema).map(h=>h.foreignKey);for(let[h,p]of Object.entries(e.schema)){let S=n?.schema[h];if(S&&S.type||l.includes(h)||i?.updated===h)continue;let m=p.type;switch(m){case"string":case"options":case"longform":case"barcodeqr":case"bb_reference_single":o.includes(h)?t.string(h,255):t.text(h);break;case"number":if(p.meta&&p.meta.toKey&&p.meta.toTable){let{toKey:E,toTable:y}=p.meta;t.integer(h).unsigned(),t.foreign(h).references(`${y}.${E}`)}else d.indexOf(h)===-1&&t.float(h);break;case"bigint":t.bigint(h);break;case"boolean":t.boolean(h);break;case"datetime":p.timeOnly?t.time(h):t.datetime(h,{useTz:!p.ignoreTimezones});break;case"array":case"bb_reference":Ue.schema.isDeprecatedSingleUserColumn(p)?t.text(h):t.json(h);break;case"link":if(p.relationshipType!=="many-to-one"&&p.relationshipType!=="many-to-many"){if(!p.foreignKey||!p.tableId)throw new Error("Invalid relationship schema");let{tableName:E}=Tf(p.tableId),y=r[E];if(!y||!y.primary)throw new Error("Referenced table doesn't exist or has no primary keys");let I=y.primary[0],O=y.schema[I].externalType;O?t.specificType(p.foreignKey,O):t.integer(p.foreignKey).unsigned(),t.foreign(p.foreignKey).references(`${E}.${I}`)}break;case"signature_single":case"attachment":case"attachment_single":t.json(h);break;case"formula":break;case"ai":break;case"auto":case"json":case"internal":throw new Error(`${p.type} is not a valid SQL type`);default:_t.unreachable(m)}}let f=i?n?.schema[i.old].type:void 0;return i&&f&&!Vm(f)&&t.renameColumn(i.old,i.updated),n&&Object.entries(n.schema).filter(([p,S])=>!Vm(S.type)&&e.schema[p]==null).forEach(([p,S])=>{i?.old===p||Vm(S.type)||(n.constrained&&n.constrained.indexOf(p)!==-1&&t.dropForeign(p),t.dropColumn(p))}),t}s(sO,"generateSchema");function QM(t,e,r){return t.createTable(e.name,n=>{sO(n,e,r)})}s(QM,"buildCreateTable");function jM(t,e,r,n,i){return t.alterTable(e.name,o=>{sO(o,e,r,n,i)})}s(jM,"buildUpdateTable");function HM(t,e){return t.dropTable(e.name)}s(HM,"buildDeleteTable");var qm=class{static{s(this,"SqlTableQueryBuilder")}constructor(e){this.sqlClient=e}getBaseSqlClient(){return this.sqlClient}getSqlClient(){return this.extendedSqlClient||this.sqlClient}setExtendedSqlClient(e){this.extendedSqlClient=e}_operation(e){return e.operation}_tableQuery(e){let r=(0,qM.knex)({client:this.sqlClient}).schema;e?.schema&&(r=r.withSchema(e.schema));let n;if(!e.table||!e.tables)throw new Error("Cannot execute without table being specified");if(e.table.sourceType==="internal")throw new Error("Cannot perform table actions for SQS.");switch(this._operation(e)){case"CREATE_TABLE":n=QM(r,e.table,e.tables);break;case"UPDATE_TABLE":if(!e.table)throw new Error("Must specify old table for update");if(this.sqlClient==="mysql2"&&e.meta?.renamed){let i=e.meta.renamed.updated;return{sql:`alter table ${e?.schema?`\`${e.schema}\`.\`${e.table.name}\``:`\`${e.table.name}\``} rename column \`${e.meta.renamed.old}\` to \`${i}\`;`,bindings:[]}}if(n=jM(r,e.table,e.tables,e.meta?.oldTable,e.meta?.renamed),this.sqlClient==="mssql"&&e.meta?.renamed){let i=e.meta.renamed.old,o=e.meta.renamed.updated,a=e?.schema?`${e.schema}.${e.table.name}`:`${e.table.name}`,u=Jn(n);if(Array.isArray(u))for(let c of u)c.sql.startsWith("exec sp_rename")&&(c.sql=`exec sp_rename '${a}.${i}', '${o}', 'COLUMN'`,c.bindings=[]);return u}break;case"DELETE_TABLE":n=HM(r,e.table);break;default:throw new Error("Table operation is of unknown type")}return Jn(n)}},Bc=qm;var cO=require("lodash");var Ym="__bb_total";function oO(){return(g.SQL_MAX_ROWS?parseInt(g.SQL_MAX_ROWS):null)||5e3}s(oO,"getBaseLimit");function Km(){return(g.SQL_MAX_RELATED_ROWS?parseInt(g.SQL_MAX_RELATED_ROWS):null)||500}s(Km,"getRelationshipLimit");function YM(t,e){return t.sort((r,n)=>{let i=e.find(a=>a&&r.endsWith(a)),o=e.find(a=>a&&n.endsWith(a));return i&&!o?-1:!i&&o?1:r.localeCompare(n)})}s(YM,"prioritisedArraySort");function lO(t){return Array.isArray(t)?t.map(e=>lO(e)):(t.bindings&&(t.bindings=t.bindings.map(e=>typeof e=="boolean"?e?1:0:e)),t)}s(lO,"convertBooleans");function aO(t){return t.sourceType==="internal"||t.sourceId===Hc}s(aO,"isSqs");function zM(t,e='"'){return t.replace(new RegExp(e,"g"),`${e}${e}`)}s(zM,"escapeQuotes");function JM(t,e='"'){return`${e}${zM(t,e)}${e}`}s(JM,"wrap");function XM(t,e='"'){for(let r in t)typeof t[r]=="string"&&(t[r]=JM(t[r],e));return`[${t.join(",")}]`}s(XM,"stringifyArray");function Qm(t){return`{${(Array.isArray(t)?t:t==null?[]:[t]).map(n=>{if(typeof n=="string"&&n.length>1){let i=n[0],o=n[n.length-1];if(i==='"'&&o==='"'||i==="'"&&o==="'")return n.substring(1,n.length-1)}return`${n}`}).join(",")}}`}s(Qm,"toPgArrayLiteral");function dO(t){return uh.includes(t.type)&&!Ue.schema.isDeprecatedSingleUserColumn(t)}s(dO,"isJsonColumn");var ZM={equal:!1,notEqual:!0,empty:!1,notEmpty:!0,fuzzy:!1,string:!1,range:!1,contains:!1,notContains:!0,containsAny:!1,oneOf:!1,$and:!1,$or:!1},jm=class{constructor(e,r,n){this.SPECIAL_SELECT_CASES={POSTGRES_ARRAY:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="array",POSTGRES_MONEY:e=>this.client==="pg"&&e?.externalType?.includes("money"),POSTGRES_ENUM:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="user-defined"&&e?.type==="options",MSSQL_DATES:e=>this.client==="mssql"&&e?.type==="datetime"&&e.timeOnly};this.client=e,this.query=n,this.knex=r,this.splitter=new mr.ColumnSplitter([this.table],{aliases:this.query.tableAliases,columnPrefix:this.query.meta?.columnPrefix})}static{s(this,"InternalBuilder")}get table(){return this.query.table}get knexClient(){return this.knex.client}getFieldSchema(e){let{column:r}=this.splitter.run(e);return this.table.schema[r]}requiresJsonAsStringClient(){return["mssql","mysql2","mariadb","oracledb"].includes(this.client)}quoteChars(){let e=this.knexClient.wrapIdentifier("foo",{});return[e[0],e[e.length-1]]}quote(e){return this.knexClient.wrapIdentifier(e,{})}isQuoted(e){let[r,n]=this.quoteChars();return e.startsWith(r)&&e.endsWith(n)}quotedIdentifier(e){return Array.isArray(e)||(e=this.splitIdentifier(e)),e.map(r=>this.quote(r)).join(".")}castIntToString(e){switch(this.client){case"oracledb":return this.knex.raw("to_char(??)",[e]);case"pg":return this.knex.raw("??::TEXT",[e]);case"mysql2":case"mariadb":return this.knex.raw("CAST(?? AS CHAR)",[e]);case"sqlite3":return this.knex.raw("printf('%d', ??)",[e]);case"mssql":return this.knex.raw("CONVERT(NVARCHAR, ??)",[e])}}rawQuotedIdentifier(e){return this.knex.raw(this.quotedIdentifier(e))}splitIdentifier(e){let[r,n]=this.quoteChars();return this.isQuoted(e)?e.slice(1,-1).split(`${n}.${r}`):e.split(".")}qualifyIdentifier(e){let r=this.getTableName(),n=this.splitIdentifier(e);return n[0]!==r&&n.unshift(r),this.isQuoted(e)?this.quotedIdentifier(n):n.join(".")}generateSelectStatement(){let{table:e,resource:r}=this.query;if(!r||!r.fields||r.fields.length===0)return"*";let n=this.getTableName(e),i=this.table.schema;return r.fields.map(a=>{let u=a.split(/\./g),c,l=u[0];return u.length>1&&(c=u[0],l=u.slice(1).join(".")),{table:c,column:l,field:a}}).filter(({table:a})=>!a||a===n).map(({table:a,column:u,field:c})=>{let l=i[u];return this.SPECIAL_SELECT_CASES.POSTGRES_MONEY(l)?this.knex.raw("??::money::numeric as ??",[this.rawQuotedIdentifier([a,u].join(".")),this.knex.raw(this.quote(c))]):this.SPECIAL_SELECT_CASES.MSSQL_DATES(l)?this.knex.raw("CONVERT(varchar, ??, 108) as ??",[this.rawQuotedIdentifier(c),this.knex.raw(this.quote(c))]):a?this.rawQuotedIdentifier(`${a}.${u}`):this.rawQuotedIdentifier(c)})}convertClobs(e,r){if(this.client!=="oracledb")throw new Error("you've called convertClobs on a DB that's not Oracle, this is a mistake");let i=this.splitIdentifier(e).pop(),o=this.table.schema[i],a=this.rawQuotedIdentifier(e);return(o.type==="string"||o.type==="longform"||o.type==="bb_reference_single"||o.type==="bb_reference"||o.type==="options"||o.type==="barcodeqr")&&(r?.forSelect?a=this.knex.raw("to_char(??) as ??",[a,this.rawQuotedIdentifier(i)]):a=this.knex.raw("to_char(??)",[a])),a}parse(e,r){if(Array.isArray(e))return JSON.stringify(e);if(e==null)return null;if(this.requiresJsonAsStringClient()&&dO(r)&&typeof e=="object")return JSON.stringify(e);if(this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(r))return`{${e}}`;if(this.client==="oracledb"&&r.type==="datetime"&&r.timeOnly){if(e instanceof Date){let n=e.getHours().toString().padStart(2,"0"),i=e.getMinutes().toString().padStart(2,"0"),o=e.getSeconds().toString().padStart(2,"0");return`${n}:${i}:${o}`}if(typeof e=="string")return new Date(`1970-01-01T${e}Z`)}if(typeof e=="string"&&r.type==="datetime")if(r.timeOnly){if(!_f(e))return null}else if(r.dateOnly){let n=Af(e);return n?new Date(n):null}else return r.ignoreTimezones?Za(e)?new Date(e):Sf(e)?new Date(e+"Z"):null:Za(e)?new Date(e.trim()):null;return e}parseBody(e){for(let[r,n]of Object.entries(e)){let{column:i}=this.splitter.run(r),o=this.table.schema[i];o&&(e[r]=this.parse(n,o))}return e}parseFilters(e){e=(0,cO.cloneDeep)(e);for(let r of Object.values(Mr)){let n=e[r];if(n)for(let i of Object.keys(n)){if(Array.isArray(n[i])){n[i]=JSON.stringify(n[i]);continue}let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=this.parse(n[i],a))}}for(let r of Object.values(sr)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=n[i].map(u=>this.parse(u,a)))}}for(let r of Object.values(Rn)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];if(!a)continue;let u=n[i];"low"in u&&(u.low=this.parse(u.low,a)),"high"in u&&(u.high=this.parse(u.high,a))}}return e}addJoinFieldCheck(e,r){let n=r.from?.split(".")[0]||"";return e.andWhere(`${n}.fieldName`,"=",r.column)}addRelationshipForFilter(e,r,n,i,o){let{relationships:a,schema:u,tableAliases:c,table:l}=this.query,d=c?.[l.name]||l.name,f=s(h=>n.match(new RegExp(`^${h}\\.`)),"matches");if(!a)return e;for(let h of a){let p=h.tableName,S=c?.[p]||p,m=f(p)||f(S),E=f(h.column),y=h.column===this.splitter.run(n).column&&!this.splitter.run(n).tableName;if((m||E||y)&&h.to&&h.tableName){let I=this.knex.select(this.knex.raw(1)).from({[S]:p}),O=I.clone(),w=Of(h),T;if(m?T=n:T=n.replace(new RegExp(`^${h.column}.`),`${c?.[h.tableName]||h.tableName}.`),w){let _=c?.[w.through]||h.through,U=this.tableNameWithSchema(w.through,{alias:_,schema:u});O=O.innerJoin(U,function(){this.on(`${S}.${w.toPrimary}`,"=",`${_}.${w.to}`)}).where(`${_}.${w.from}`,"=",this.rawQuotedIdentifier(`${d}.${w.fromPrimary}`)),this.client==="sqlite3"&&(O=this.addJoinFieldCheck(O,w)),y&&i==="empty"?e=e.whereNotExists(O):y&&i==="notEmpty"?e=e.whereExists(O):e=e.where(R=>{R.whereExists(o(T,O)),r&&R.orWhereNotExists(I.clone().innerJoin(U,function(){this.on(`${d}.${w.fromPrimary}`,"=",`${_}.${w.from}`)}))})}else{let _=`${S}.${h.to}`,U=`${d}.${h.from}`;O=O.where(_,"=",this.rawQuotedIdentifier(U)),y&&i==="empty"?e=e.whereNotExists(O):y&&i==="notEmpty"?e=e.whereExists(O):e=e.where(R=>{R.whereExists(o(T,O.clone())),r&&R.orWhereNotExists(O)})}}}return e}addFilters(e,r,n){if(!r)return e;let i=this;r=this.parseFilters({...r});let o=this.query.tableAliases,a=r.allOr,c=this.client==="sqlite3"?this.table._id:this.table.name;function l(m){return o?.[m]||m}s(l,"getTableAlias");function d(m,E,y,I){let O=s((w,T,_)=>{let[U,...R]=T.split("."),k=R.join("."),H=l(U);return w.andWhere(Ie=>y(Ie,H?`${H}.${k}`:k,_))},"handleRelationship");for(let w in m){let T=m[w],_=Gs(w),U=_.includes(".")||i.getFieldSchema(_)?.type==="link",R=n?.relationship&&U,k;if(w==="_complexIdOperator"&&(k=m[w])&&I){let H=l(c);e=I(e,k.id.map(Ie=>H?`${H}.${Ie}`:Ie),k.values)}else if(U)R&&(a&&(e=e.or),e=i.addRelationshipForFilter(e,ZM[E],_,E,(H,Ie)=>O(Ie,H,T)));else{let H=l(c);e=y(e,H?`${H}.${_}`:_,T)}}}s(d,"iterate");let f=this.client==="sqlite3"&&this.query.meta?.sqliteUseLikeWithoutLower,h=s((m,E,y)=>((r?.fuzzyOr||a)&&(m=m.or),f?m.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(E),`%${y}%`]):this.client==="oracledb"||this.client==="sqlite3"?m.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(E),`%${y.toLowerCase()}%`]):m.whereILike(this.rawQuotedIdentifier(E),this.knex.raw("?",[`%${y}%`]))),"like"),p=s((m,E=!1)=>{function y(I){return(a||m===r?.containsAny)&&(I=I.or),m===r?.notContains&&(I=I.not),I}s(y,"addModifiers"),this.client==="pg"?d(m,"contains",(I,O,w)=>{I=y(I);let T=this.getFieldSchema(O),_=this.rawQuotedIdentifier(O),U=Array.isArray(w)?[...w]:[w],R=this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(T);return E?R?I.whereRaw("COALESCE(?? && ?::text[], FALSE)",[_,Qm(U)]):I.whereRaw("COALESCE(??::jsonb \\?| ?::text[], FALSE)",[_,Qm(U)]):R?I.whereRaw("COALESCE(?? @> ?::text[], FALSE)",[_,Qm(U)]):I.whereRaw("COALESCE(??::jsonb @> ?::jsonb, FALSE)",[_,XM(U)])}):this.client==="mysql2"||this.client==="mariadb"?d(m,"contains",(I,O,w)=>{let T=Array.isArray(w)?w:[w];return y(I).whereRaw("COALESCE(?(??, ?), FALSE)",[this.knex.raw(E?"JSON_OVERLAPS":"JSON_CONTAINS"),this.rawQuotedIdentifier(O),JSON.stringify(T)])}):d(m,"contains",(I,O,w)=>(w.length===0||(I=I.where(T=>(m===r?.notContains&&(T=T.not),T=T.where(_=>{for(let U of w){m===r?.containsAny?_=_.or:_=_.and;let R=!f,k=typeof U=="string"?`"${R?U.toLowerCase():U}"`:U,H=R?"COALESCE(LOWER(??), '')":"COALESCE(??, '')";_=_.whereLike(this.knex.raw(H,[this.rawQuotedIdentifier(O)]),`%${k}%`)}}),m===r?.notContains&&(T=T.or.whereNull(this.rawQuotedIdentifier(O))),T))),I))},"contains");if(r.$and){let{$and:m}=r;for(let E of m.conditions)e=e.where(y=>{this.addFilters(y,E,n)})}if(r.$or){let{$or:m}=r;e=e.where(E=>{for(let y of m.conditions)E.orWhere(I=>this.addFilters(I,{...y,allOr:!0},n))})}r.oneOf&&d(r.oneOf,"oneOf",(m,E,y)=>{let I=this.getFieldSchema(E),O=Array.isArray(y)?y:[y];if(a&&(m=m.or),this.client==="oracledb")E=this.convertClobs(E);else if(this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly){for(let w of O)w!=null?m=m.or.whereLike(E,`${w.toISOString().slice(0,10)}%`):m=m.or.whereNull(E);return m}return m.whereIn(E,O)},(m,E,y)=>(a&&(m=m.or),this.client==="oracledb"&&(E=E.map(I=>this.convertClobs(I))),m.whereIn(E,Array.isArray(y)?y:[y]))),r.string&&d(r.string,"string",(m,E,y)=>{if(a&&(m=m.or),f)return m.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(E),`${y}%`]);if(this.client==="oracledb"||this.client==="sqlite3")return m.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(E),`${y.toLowerCase()}%`]);{let I=this.getFieldSchema(E);return this.SPECIAL_SELECT_CASES.POSTGRES_ENUM(I)?m.whereRaw("??::text ilike ?",[this.knex.raw(this.quote(I.name)),`${y}%`]):m.whereILike(E,`${y}%`)}}),r.fuzzy&&d(r.fuzzy,"fuzzy",h),r.range&&d(r.range,"range",(m,E,y)=>{let I=s(k=>k&&Object.keys(k).length===0&&Object.getPrototypeOf(k)===Object.prototype,"isEmptyObject");I(y.low)&&(y.low=""),I(y.high)&&(y.high="");let O=eu(y.low),w=eu(y.high),T=this.getFieldSchema(E),_=E,U=y.high,R=y.low;return this.client==="sqlite3"&&T?.type==="datetime"&&T.dateOnly&&(U!=null&&(U=`${U.toISOString().slice(0,10)}T23:59:59.999Z`),R!=null&&(R=R.toISOString().slice(0,10))),this.client==="oracledb"?_=this.convertClobs(E):this.client==="sqlite3"&&T?.type==="bigint"&&(_=this.knex.raw("CAST(?? AS INTEGER)",[this.rawQuotedIdentifier(E)]),U=this.knex.raw("CAST(? AS INTEGER)",[y.high]),R=this.knex.raw("CAST(? AS INTEGER)",[y.low])),a&&(m=m.or),O&&w?m.whereBetween(_,[R,U]):O?m.where(_,">=",R):w?m.where(_,"<=",U):m}),r.equal&&d(r.equal,"equal",(m,E,y)=>{let I=this.getFieldSchema(E);if(a&&(m=m.or),this.client==="mssql")return m.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 1",[this.rawQuotedIdentifier(E),y]);if(this.client==="oracledb"){let O=this.convertClobs(E);return m.where(w=>w.whereNotNull(O).andWhere(O,y))}else return this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly?y!=null?m.whereLike(E,`${y.toISOString().slice(0,10)}%`):m.whereNull(E):m.whereRaw("COALESCE(?? = ?, FALSE)",[this.rawQuotedIdentifier(E),y])}),r.notEqual&&d(r.notEqual,"notEqual",(m,E,y)=>{let I=this.getFieldSchema(E);if(a&&(m=m.or),this.client==="mssql")return m.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 0",[this.rawQuotedIdentifier(E),y]);if(this.client==="oracledb"){let O=this.convertClobs(E);return m.where(w=>w.not.whereNull(O).and.where(O,"!=",y)).or.whereNull(O)}else return this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly?y!=null?m.not.whereLike(E,`${y.toISOString().slice(0,10)}%`).or.whereNull(E):m.not.whereNull(E):m.whereRaw("COALESCE(?? != ?, TRUE)",[this.rawQuotedIdentifier(E),y])}),r.empty&&d(r.empty,"empty",(m,E)=>(a&&(m=m.or),m.whereNull(E))),r.notEmpty&&d(r.notEmpty,"notEmpty",(m,E)=>(a&&(m=m.or),m.whereNotNull(E))),r.contains&&p(r.contains),r.notContains&&p(r.notContains),r.containsAny&&p(r.containsAny,!0);let S=o?.[this.table._id]||this.table._id;return r.documentType&&!yf(this.table)&&S&&e.andWhereLike(`${S}._id`,`${or(r.documentType)}%`),e}isSqs(){return aO(this.table)}getTableName(e){e||(e=this.table);let r=e.name;aO(e)&&e._id&&(r=e._id);let n=this.query.tableAliases||{};return n[r]?n[r]:r}addDistinctCount(e){if(!this.table.primary)throw new Error("SQL counting requires primary key to be supplied");return e.countDistinct(`${this.getTableName()}.${this.table.primary[0]} as ${Ym}`)}addAggregations(e,r){let n=this.query.resource?.fields||[],i=this.getTableName();if(n.length>0){let o=n.map(a=>this.qualifyIdentifier(a));if(this.client==="oracledb"){let a=o.map(c=>this.convertClobs(c)),u=o.map(c=>this.convertClobs(c,{forSelect:!0}));e=e.groupBy(a).select(u)}else e=e.groupBy(o).select(o)}for(let o of r){let a=o.calculationType;if(a==="count")if("distinct"in o&&o.distinct)if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(DISTINCT ??) as ??",[u,o.name]))}else e=e.countDistinct(`${i}.${o.field} as ${o.name}`);else if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(??) as ??",[u,o.name]))}else e=e.count(`${o.field} as ${o.name}`);else{let u=this.getFieldSchema(o.field);if(!u)throw new Error(`field schema missing for aggregation target: ${o.field}`);let c=this.knex.raw("??(??)",[this.knex.raw(a),this.rawQuotedIdentifier(`${i}.${o.field}`)]);u.type==="bigint"&&(c=this.castIntToString(c)),e=e.select(this.knex.raw("?? as ??",[c,o.name]))}}return e}isAggregateField(e){return!!this.query.resource?.aggregations?.find(n=>n.name===e)}addSorting(e){let{sort:r,resource:n}=this.query,i=this.table.primary,o=this.getTableName();if(!Array.isArray(i))throw new Error("Sorting requires primary key to be specified for table");if(r&&Object.keys(r||{}).length>0)for(let[u,c]of Object.entries(r)){let l=this.getFieldSchema(u);if(this.isUnsortableField(l))continue;let d=c.direction==="ascending"?"asc":"desc",f;(this.client==="pg"||this.client==="oracledb")&&(f=c.direction==="ascending"?"first":"last");let h=`${o}.${u}`,p;this.isAggregateField(u)?p=this.rawQuotedIdentifier(u):this.client==="oracledb"?p=this.convertClobs(h):p=this.rawQuotedIdentifier(h),e=e.orderByRaw(`?? ?? ${f?"nulls ??":""}`,[p,this.knex.raw(d),...f?[this.knex.raw(f)]:[]])}if(!((n?.aggregations?.length??0)>0)){let u=this.findSortablePrimaryKey(i);if(u&&(!r||r[u]===void 0))e=e.orderBy(`${o}.${u}`);else if(!u&&(!r||Object.keys(r).length===0))throw new Error(`Primary key not found for table ${this.table.name}`)}return e}isUnsortableField(e){return e?.type==="json"}findSortablePrimaryKey(e){return e.find(r=>{if(r==null)return!1;let n=this.getFieldSchema(r);return!this.isUnsortableField(n)})}tableNameWithSchema(e,r){let n=r?.schema?`${r.schema}.${e}`:e;return r?.alias&&(n+=` as ${r.alias}`),n}buildJsonField(e,r){let n=r.split("."),i=n[n.length-1],o,a;if(n.length>1){let l=n.shift();o=n.join("."),a=`${l}.${o}`}else o=n.join("."),a=o;this.query.meta?.columnPrefix&&(i=i.replace(this.query.meta.columnPrefix,""));let u=this.rawQuotedIdentifier(a),c=e.schema[i];return c&&c.type==="bigint"&&(u=this.castIntToString(u)),[o,u]}maxFunctionParameters(){switch(this.client){case"sqlite3":return 127;case"pg":return 100;default:return 200}}addJsonRelationships(e,r,n){let i=this.client,o=this.knex,{resource:a,tableAliases:u,schema:c,tables:l}=this.query,d=a?.fields||[];for(let f of n){let{tableName:h,through:p,to:S,from:m,fromPrimary:E,toPrimary:y}=f;if(!h||!r)continue;let I=l[h];if(!I)throw new Error(`related table "${h}" not found in datasource`);let O=u?.[h]||h,w=u?.[r]||r,T=p&&u?.[p]||p,_=this.tableNameWithSchema(h,{alias:O,schema:c}),U=[...I?.primary||[],I?.primaryDisplay].filter(D=>D),R=YM(d.filter(D=>D.split(".")[0]===O),U);R=R.slice(0,Math.floor(this.maxFunctionParameters()/2));let k=R.map(D=>this.buildJsonField(I,D));if(!k.length)continue;let H=k.map(D=>{let J=this.client==="oracledb"?" VALUE ":",";return this.knex.raw(`?${J}??`,[D[0],D[1]]).toString()}).join(","),Ie=`${O}.${y||S}`,W=o.from(_).orderBy(Ie),F=p&&y&&E,N=F?`${T}.${m}`:`${O}.${S}`,G=F?`${w}.${E}`:`${w}.${m}`;if(F){let D=this.tableNameWithSchema(p,{alias:T,schema:c});W=W.join(D,function(){this.on(`${O}.${y}`,"=",`${T}.${S}`)})}W=W.where(this.rawQuotedIdentifier(N),"=",this.rawQuotedIdentifier(G));let M=s(D=>(W=W.select(R.map(J=>this.rawQuotedIdentifier(J))).limit(Km()),o.select(D).from({[O]:W})),"standardWrap"),K;switch(i){case"sqlite3":W=this.addJoinFieldCheck(W,f),K=M(this.knex.raw(`json_group_array(json_object(${H}))`));break;case"pg":K=M(this.knex.raw(`json_agg(json_build_object(${H}))`));break;case"mariadb":K=W.select(o.raw(`json_arrayagg(json_object(${H}) LIMIT ${Km()})`));break;case"mysql2":case"oracledb":K=M(this.knex.raw(`json_arrayagg(json_object(${H}))`));break;case"mssql":{let D=o.select("*").from({[w]:W.select(k.map(J=>o.ref(J[1]).as(J[0]))).limit(Km())});K=o.raw(`(SELECT ?? = (${D} FOR JSON PATH))`,[this.rawQuotedIdentifier(O)]);break}default:throw new Error(`JSON relationships not implement for ${i}`)}e=e.select({[f.column]:K})}return e}addJoin(e,r,n){let{tableAliases:i,schema:o}=this.query,a=r.to,u=r.from,c=r.through,l=i?.[a]||a,d=c&&i?.[c]||c,f=i?.[u]||u,h=this.tableNameWithSchema(a,{alias:l,schema:o}),p=c?this.tableNameWithSchema(c,{alias:d,schema:o}):void 0;return c?e=e.leftJoin(p,function(){for(let S of n){let m=S.fromPrimary,E=S.from;this.orOn(`${f}.${m}`,"=",`${d}.${E}`)}}).leftJoin(h,function(){for(let S of n){let m=S.toPrimary,E=S.to;this.orOn(`${l}.${m}`,`${d}.${E}`)}}):e=e.leftJoin(h,function(){for(let S of n){let m=S.from,E=S.to;this.orOn(`${f}.${m}`,"=",`${l}.${E}`)}}),e}qualifiedKnex(e){let r=this.query.tableAliases?.[this.query.table.name];return e?.alias===!1?r=void 0:typeof e?.alias=="string"&&(r=e.alias),this.knex(this.tableNameWithSchema(this.query.table.name,{alias:r,schema:this.query.schema}))}create(e){let{body:r}=this.query;if(!r)throw new Error("Cannot create without row body");let n=this.qualifiedKnex({alias:!1}),i=this.parseBody(r);if(this.client==="oracledb")for(let[o,a]of Object.entries(this.query.table.schema)){if(a.constraints?.presence===!0||a.type==="formula"||a.type==="auto"||a.type==="link"||a.type==="ai")continue;i[o]==null&&(i[o]=null)}else for(let[o,a]of Object.entries(i))a==null&&delete i[o];return e.disableReturning?n.insert(i):n.insert(i).returning("*")}bulkCreate(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));return r.insert(n)}bulkUpsert(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));if(this.client==="pg"||this.client==="sqlite3"||this.client==="mysql2"||this.client==="mariadb"){let i=this.table.primary;if(!i)throw new Error("Primary key is required for upsert");return r.insert(n).onConflict(i).merge()}else if(this.client==="mssql"||this.client==="oracledb")return r.insert(n);return r.upsert(n)}read(e={}){let{operation:r,filters:n,paginate:i,relationships:o,table:a}=this.query,{limits:u}=e,c=this.qualifiedKnex(),l=null,d=u?.query||u?.base;if(i&&i.page&&i.limit){let p=(i.page<=1?0:i.page-1)*i.limit;d=i.limit,l=p}else i&&i.offset&&i.limit?(d=i.limit,l=i.offset):i&&i.limit&&(d=i.limit);r!=="COUNT"&&(d!=null&&(c=c.limit(d)),l!=null&&(c=c.offset(l)));let f=this.query.resource?.aggregations||[];if(r==="COUNT"?c=this.addDistinctCount(c):f.length>0?c=this.addAggregations(c,f):c=c.select(this.generateSelectStatement()),r!=="COUNT"&&(c=this.addSorting(c)),c=this.addFilters(c,n,{relationship:!0}),o?.length&&f.length===0){let h=this.query.tableAliases?.[a.name]||a.name,p=this.addSorting(this.knex.with("paginated",c.clone().clearSelect().select("*")).select(this.generateSelectStatement()).from({[h]:"paginated"}));return this.addJsonRelationships(p,a.name,o)}return c}update(e){let{body:r,filters:n}=this.query;if(!r)throw new Error("Cannot update without row body");let i=this.qualifiedKnex(),o=this.parseBody(r);return i=this.addFilters(i,n,{relationship:!0}),e.disableReturning?i.update(o):i.update(o).returning("*")}delete(e){let{filters:r}=this.query,n=this.qualifiedKnex();return n=this.addFilters(n,r,{relationship:!0}),e.disableReturning?n.delete():n.delete().returning(this.generateSelectStatement())}},Hm=class extends Bc{constructor(r,n=oO()){super(r);this.limit=n}static{s(this,"SqlQueryBuilder")}convertToNative(r,n={}){let i=this.getSqlClient();if(n?.disableBindings)return{sql:r.toString()};{let o=Jn(r);return i==="sqlite3"&&(o=lO(o)),o}}_query(r,n={}){let i=this.getSqlClient(),o={client:this.getBaseSqlClient()};(i==="sqlite3"||i==="oracledb")&&(o.useNullAsDefault=!0);let a=(0,uO.knex)(o),u,c=new jm(i,a,r);switch(this._operation(r)){case"CREATE":u=c.create(n);break;case"READ":u=c.read({limits:{query:this.limit,base:oO()}});break;case"COUNT":u=c.read();break;case"UPDATE":u=c.update(n);break;case"DELETE":u=c.delete(n);break;case"BULK_CREATE":u=c.bulkCreate();break;case"BULK_UPSERT":u=c.bulkUpsert();break;case"CREATE_TABLE":case"UPDATE_TABLE":case"DELETE_TABLE":return this._tableQuery(r);default:throw"Operation type is not supported by SQL query builder"}return this.convertToNative(u,n)}async getReturningRow(r,n){if(!n.extra||!n.extra.idFilter)return{};let i=this._query({operation:"READ",datasource:n.datasource,schema:n.schema,table:n.table,tables:n.tables,resource:{fields:[]},filters:n.extra?.idFilter,paginate:{limit:1}});return r(i,"READ")}checkLookupKeys(r,n){if(!r||!n.table.primary)return n;let i=n.table.primary[0];return n.extra={idFilter:{equal:{[i]:r}}},n}async queryWithReturning(r,n,i=o=>o){let o=this.getSqlClient(),a=this._operation(r),u=this._query(r,{disableReturning:!0});if(Array.isArray(u)){let f=[];for(let h of u)f.push(await n(h,a));return f}let c;a==="DELETE"&&(c=i(await this.getReturningRow(n,r)));let l=await n(u,a),d=i(l);if(a==="CREATE"||a==="UPDATE"){let f;o==="mssql"?f=d?.[0].id:(o==="mysql2"||o==="mariadb")&&(f=d?.insertId),c=i(await this.getReturningRow(n,this.checkLookupKeys(f,r)))}return a==="COUNT"?d:a!=="READ"?c:d.length?d:[{[a.toLowerCase()]:!0}]}getTableName(r,n){let i=r.name;if(r.sourceType==="internal"||r.sourceId===Hc){if(!r._id)return;i=r._id}return n?.[i]||i}convertJsonStringColumns(r,n,i){let o=this.getTableName(r,i);for(let[a,u]of Object.entries(r.schema)){if(!dO(u))continue;let c=`${o}.${a}`;for(let l of n)typeof l[c]=="string"&&(l[c]=JSON.parse(l[c])),typeof l[a]=="string"&&(l[a]=JSON.parse(l[a]))}return n}log(r,n){xs(this.getSqlClient(),r,n)}},fO=Hm;var zm={};P(zm,{base:()=>ek});function ek(t){return{_id:Rt,language:"sqlite",sql:{tables:{},options:{table_name:t}}}}s(ek,"base");var Xm={};P(Xm,{jsonFromCsvString:()=>tk});var pO=B(require("csvtojson"));async function tk(t,e){let{ignoreEmpty:r=!1,allowSingleColumn:n=!1,possibleDelimiters:i=[",",";",":","|","~"," "," "]}=e||{};for(let o of i){let a,u=!1;try{let c=await(0,pO.default)({ignoreEmpty:r,delimiter:o}).fromString(t);for(let[,l]of c.entries()){let d=Object.keys(l);if(a==null&&(a=d),!n&&d.length===1){u=!0;break}if(a.length!==d.length){u=!0;break}for(let f of a)(l[f]===void 0||l[f]==="")&&(l[f]=null)}if(u)continue;return c}catch{continue}}throw new Error("Unable to determine delimiter")}s(tk,"jsonFromCsvString");var Zm=class{static{s(this,"Endpoint")}constructor(e,r,n){this.method=e,this.url=r,this.controller=n,this.middlewares=[],this.outputMiddlewares=[]}addMiddleware(e,r){return r?.first?this.middlewares.unshift(e):this.middlewares.push(e),this}addOutputMiddleware(e,r){return r?.first?this.outputMiddlewares.unshift(e):this.outputMiddlewares.push(e),this}apply(e){let r=this.method,n=this.url,i=this.middlewares,o=this.controller,a=this.outputMiddlewares,u=s(()=>{},"complete"),c=[n,...i,o,...a,u];e[r](...c)}},Wc=Zm;var mO=B(require("@koa/router"));var wn=class{constructor(){this.endpoints=[];this.middlewares=[];this.outputMiddlewares=[];this.applied=!1;this.locked=!1}static{s(this,"EndpointGroup")}addGroupMiddleware(e,r={first:!0}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.middlewares.push({fn:e,first:r.first}),this}addGroupMiddlewareOutput(e,r={first:!1}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.outputMiddlewares.push({fn:e,first:r.first}),this}addEndpoint(e,r,...n){let i=n.pop(),o=new Wc(e,r,i);if(n.length!==0)for(let a of n)o.addMiddleware(a);return this.endpoints.push(o),this}lockMiddleware(){this.locked=!0}post(e,...r){return this.addEndpoint("post",e,...r)}patch(e,...r){return this.addEndpoint("patch",e,...r)}put(e,...r){return this.addEndpoint("put",e,...r)}get(e,...r){return this.addEndpoint("get",e,...r)}delete(e,...r){return this.addEndpoint("delete",e,...r)}head(e,...r){return this.addEndpoint("head",e,...r)}apply(e){let r=this.endpointList();e||(e=new mO.default);for(let n of r)n.apply(e);return e}endpointList(){if(this.applied)throw new Error("Already applied to router");this.applied=!0;for(let e of this.endpoints)this.middlewares.forEach(({fn:r,first:n})=>e.addMiddleware(r,{first:n})),this.outputMiddlewares.forEach(({fn:r,first:n})=>e.addOutputMiddleware(r,{first:n}));return this.endpoints}};var Bo=class{constructor(){this.groups=[]}static{s(this,"EndpointGroupList")}group(...e){let r=new wn;return e.length&&e.forEach(n=>{"first"in n?r.addGroupMiddleware(n.middleware,{first:n.first}):r.addGroupMiddleware(n)}),this.groups.push(r),r}listAllEndpoints(){let e=this.groups.flatMap(i=>i.endpointList()),r=[],n=[];for(let i of e)i.url.includes(":")?n.push(i):r.push(i);return[...r,...n]}};var rk={...qs,...ue},nk=s((t={})=>{Ja(t.db)},"init");0&&(module.exports={APIWarning,ActiveContentFileError,AutomationViewMode,BUDIBASE_DATASOURCE_TYPE,BadRequestError,BudibaseError,Config,Cookie,DEFAULT_BB_DATASOURCE_ID,DEFAULT_EMPLOYEE_TABLE_ID,DEFAULT_EXPENSES_TABLE_ID,DEFAULT_INVENTORY_TABLE_ID,DEFAULT_JOBS_TABLE_ID,DEFAULT_TENANT_ID,DeprecatedViews,DesignDocuments,DocumentType,Duration,DurationType,EmailUnavailableError,Endpoint,EndpointGroup,EndpointGroupList,FeatureDisabledError,FeatureDisabledWarning,ForbiddenError,GlobalRole,HTTPError,Header,InternalTable,InvalidAPIKeyWarning,MAX_VALID_DATE,MIN_VALID_DATE,NotFoundError,NotImplementedError,RedisClient,SEPARATOR,SQLITE_DESIGN_DOC_ID,SQS_DATASOURCE_INTERNAL,StaticDatabases,UNICODE_MAX,USER_METADATA_PREFIX,UnexpectedError,UsageLimitError,UsageLimitWarning,UserStatus,ViewName,WORKSPACE_DEV,WORKSPACE_DEV_PREFIX,WORKSPACE_PREFIX,accounts,auth,blacklist,cache,configs,constants,context,csv,db,docIds,docUpdates,encryption,env,errors,events,features,getErrorMessage,getPublicError,init,installation,locks,logging,middleware,objectStore,permissions,platform,plugins,queue,redis,roles,security,sessions,setEnv,sql,tenancy,timers,userUtils,users,utils,warnings,withEnv});
39
39
  //# sourceMappingURL=index.js.map