npm - @budibase/backend-core - Versions diffs - 3.36.1 → 3.36.3 - Mend

@budibase/backend-core 3.36.1 → 3.36.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.js +1 -1
package/dist/index.js.map +2 -2
package/dist/package.json +2 -2
package/dist/src/redis/redlockImpl.js +15 -1
package/dist/src/redis/redlockImpl.js.map +1 -1
package/package.json +2 -2

package/dist/index.js CHANGED Viewed

@@ -34,6 +34,6 @@ attempted value: ${o}
       emit(doc.ssoId, doc._id)
     }
   }`,"platform_users_lowercase_2")},"createPlatformUserView"),qs=s(async(t,e)=>{let r={account_by_email:lS,platform_users_lowercase_2:dS};return je(fe.PLATFORM_INFO.name,async n=>{let i=r[t];return Yf(t,e,n,i,{arrayResponse:!0})})},"queryPlatformView"),fS={by_email2:oS,by_api_key:uS,by_app:aS},Kt=s(async(t,e,r,n)=>{r||(r=Y());let i=fS[t];return Yf(t,e,r,i,n)},"queryGlobalView");async function Ks(t,e,r){let n=Y(),i=fS[t];return Vs(t,e,n,i,r)}s(Ks,"queryGlobalViewRaw");var tv=B(require("pouchdb"));var pS=require("dd-trace");var zf=class{static{s(this,"Replication")}constructor({source:e,target:r}){this.source=nt(e),this.target=nt(r),e.startsWith("app_dev")&&r.startsWith("app")?this.direction="toProduction":e.startsWith("app")&&r.startsWith("app_dev")&&(this.direction="toDev")}async close(){await Promise.all([Ns(this.source),Ns(this.target)])}replicate(e={}){return new Promise(r=>{this.source.replicate.to(this.target,e).on("denied",function(n){throw new Error(`Denied: Document failed to replicate ${n}`)}).on("complete",function(n){return r(n)}).on("error",function(n){throw n})})}async resolveInconsistencies(e){for(let r of e)try{let[n,i]=await Promise.all([this.source.get(r),this.target.get(r)]),o=this.replicationDelta(n,i);if(o<0||o===0&&n._rev===i._rev)continue;let a=o+1;await pS.tracer.trace("Replication.resolveInconsistencies",async u=>{u.addTags({versionsToJump:a,toFix:!0,id:r,sourceRev:n._rev,targetRev:i._rev});for(let c=0;c<a;c++){let l=await this.source.get(i._id);await this.source.put(l)}})}catch{console.warn("Cannot resolve inconsistencies for document",r)}}replicationDelta(e,r){let n=this.getRevisionNumber(e);return this.getRevisionNumber(r)-n}getRevisionNumber(e){return parseInt(e._rev?.split("-")[0]||"0")}appReplicateOpts(e={}){if(typeof e.filter=="string")return e;let r=e.filter,n=this.direction,i=n==="toDev";delete e.filter;let o=e.isCreation,a=e.tablesToSync;delete e.isCreation,delete e.tablesToSync;let u=!1,c;typeof a=="string"&&a==="all"?u=!0:a&&(c=a);let l=s((f,E)=>f?.startsWith(E+D),"startsWithID"),d=s(f=>l(f,"ro")||l(f,"li"),"isData");return{...e,filter:(f,E)=>!o&&f._id==="_design/migrations"||i&&f._id.startsWith("_design")?!1:f._deleted||l(f._id,Rs)?!0:n==="toProduction"&&!o&&l(f._id,"autocolumn_state")?!1:d(f._id)?!!c?.find(p=>f._id.includes(p))||u:l(f._id,"log_au")||l(f._id,"agentlogsession")||f._id==="app_metadata"?!1:r?r(f,E):!0}}async rollback(){await this.target.destroy(),this.target=nt(this.target.name),await this.replicate()}},mS=zf;var ES=B(require("node-fetch"));var Qs=mr.removeKeyNumbering;function ln(t){return t==null||t===""}s(ln,"isEmpty");var Qt=class t{static{s(this,"QueryBuilder")}#l;#d;#e;#r;#n;#i;#s;#o;#t;#f;#a;#u=!1;#c;static{this.maxLimit=200}constructor(e,r,n){this.#l=e,this.#d=r,this.#e={allOr:!1,onEmptyFilter:"all",string:{},fuzzy:{},range:{},equal:{},notEqual:{},empty:{},notEmpty:{},oneOf:{},contains:{},notContains:{},containsAny:{},...n},this.#r=50,this.#s="ascending",this.#o="string",this.#t=!0}disableEscaping(){return this.#u=!0,this}setIndexBuilder(e){return this.#a=e,this}setVersion(e){return e!=null&&(this.#f=e),this}setTable(e){return this.#e.equal.tableId=e,this}setLimit(e){return e!=null&&(this.#r=e),this}setSort(e){return e!=null&&(this.#n=e),this}setSortOrder(e){return e!=null&&(this.#s=e),this}setSortType(e){return e!=null&&(this.#o=e),this}setBookmark(e){return e!=null&&(this.#i=e),this}setSkip(e){return this.#c=e,this}excludeDocs(){return this.#t=!1,this}includeDocs(){return this.#t=!0,this}addString(e,r){return this.#e.string[e]=r,this}addFuzzy(e,r){return this.#e.fuzzy[e]=r,this}addRange(e,r,n){return this.#e.range[e]={low:r,high:n},this}addEqual(e,r){return this.#e.equal[e]=r,this}addNotEqual(e,r){return this.#e.notEqual[e]=r,this}addEmpty(e,r){return this.#e.empty[e]=r,this}addNotEmpty(e,r){return this.#e.notEmpty[e]=r,this}addOneOf(e,r){return this.#e.oneOf[e]=r,this}addContains(e,r){return this.#e.contains[e]=r,this}addNotContains(e,r){return this.#e.notContains[e]=r,this}addContainsAny(e,r){return this.#e.containsAny[e]=r,this}setAllOr(){this.#e.allOr=!0}setOnEmptyFilter(e){this.#e.onEmptyFilter=e}handleSpaces(e){return this.#u?e:e.replace(/ /g,"_")}preprocess(e,{escape:r,lowercase:n,wrap:i,type:o}={}){let a=!!this.#f,u=typeof e;return e&&n&&(e=e.toLowerCase?e.toLowerCase():e),!this.#u&&r&&u==="string"&&(e=`${e}`.replace(/[ /#+\-&|!(){}\]^"~*?:\\]/g,"\\$&")),u==="string"&&!isNaN(e)&&!o?e=`"${e}"`:a&&i&&(e=u==="number"?e:`"${e}"`),e}isMultiCondition(){let e=0;for(let r of Object.values(this.#e))typeof r=="object"&&(e+=Object.keys(r).length);return e>1}compressFilters(e){let r={};for(let o of Object.keys(e)){let a=Qs(o);r[a]?r[a]=r[a].concat(e[o]):r[a]=e[o]}let n={},i=1;for(let[o,a]of Object.entries(r))n[`${i++}:${o}`]=a;return n}buildSearchQuery(){let e=this,r=this.#e&&this.#e.allOr,n=r?"":"*:*",i=!0,o={escape:!0,lowercase:!0,wrap:!0},a="";this.#e.equal.tableId&&(a=this.#e.equal.tableId,delete this.#e.equal.tableId);let u=s((T,h)=>ln(h)?null:`${T}:${e.preprocess(h,o)}`,"equal"),c=s((T,h,g="AND")=>{if(ln(h))return null;if(!Array.isArray(h))return`${T}:${h}`;let y=`${e.preprocess(h[0],{escape:!0})}`;for(let I=1;I<h.length;I++)y+=` ${g} ${e.preprocess(h[I],{escape:!0})}`;return`${T}:(${y})`},"contains"),l=s((T,h)=>ln(h)?null:(h=e.preprocess(h,{escape:!0,lowercase:!0,type:"fuzzy"}),`${T}:/.*${h}.*/`),"fuzzy"),d=s((T,h)=>{let g=r?"*:* AND ":"",y=r?"AND":void 0;return g+"NOT "+c(T,h,y)},"notContains"),f=s((T,h)=>c(T,h,"OR"),"containsAny"),E=s((T,h)=>{if(ln(h))return"*:*";if(!Array.isArray(h))if(typeof h=="string")h=h.split(",");else return"";let g=`${e.preprocess(h[0],o)}`;for(let y=1;y<h.length;y++)g+=` OR ${e.preprocess(h[y],o)}`;return`${T}:(${g})`},"oneOf");function p(T,h,g){let y="";for(let[I,O]of Object.entries(T)){I=Qs(I),I=e.preprocess(e.handleSpaces(I),{escape:!0});let w=h(I,O);if(w!=null){if(y.length>0||n.length>0){let S=g?.mode?g.mode:r?"OR":"AND";y+=` ${S} `}y+=w,(typeof O!="string"&&O!=null||typeof O=="string"&&O!==a&&O!=="")&&(i=!1)}}if(g?.returnBuilt)return y;n+=y}if(s(p,"build"),this.#e.string&&p(this.#e.string,(T,h)=>ln(h)?null:(h=e.preprocess(h,{escape:!0,lowercase:!0,type:"string"}),`${T}:${h}*`)),this.#e.range&&p(this.#e.range,(T,h)=>{if(ln(h)||h.low==null||h.low===""||h.high==null||h.high==="")return null;let g=e.preprocess(h.low,o),y=e.preprocess(h.high,o);return`${T}:[${g} TO ${y}]`}),this.#e.fuzzy&&p(this.#e.fuzzy,l),this.#e.equal&&p(this.#e.equal,u),this.#e.notEqual&&p(this.#e.notEqual,(T,h)=>ln(h)?null:typeof h=="boolean"?`(*:* AND !${T}:${h})`:`!${T}:${e.preprocess(h,o)}`),this.#e.empty&&p(this.#e.empty,T=>(i=!1,`(*:* -${T}:["" TO *])`)),this.#e.notEmpty&&p(this.#e.notEmpty,T=>(i=!1,`${T}:["" TO *]`)),this.#e.oneOf&&p(this.#e.oneOf,E),this.#e.contains&&p(this.#e.contains,c),this.#e.notContains&&p(this.compressFilters(this.#e.notContains),d),this.#e.containsAny&&p(this.#e.containsAny,f),a&&(n=this.isMultiCondition()?`(${n})`:n,r=!1,p({tableId:a},u)),i){if(this.#e.onEmptyFilter==="none")return"";if(this.#e?.allOr)return n.replace("()","(*:*)")}return n}buildSearchBody(){let e={q:this.buildSearchQuery(),limit:Math.min(this.#r,t.maxLimit),include_docs:this.#t};if(this.#i&&(e.bookmark=this.#i),this.#n){let r=this.#s==="descending"?"-":"",n=`<${this.#o}>`;e.sort=`${r}${this.handleSpaces(this.#n)}${n}`}return e}async run(){return this.#c&&await this.#m(this.#c),await this.#p()}async#m(e){let r=this.#t,n=this.#r;this.excludeDocs();let i=e,o=0;do{let a=Math.min(t.maxLimit,i);this.setLimit(a);let{bookmark:u,rows:c}=await this.#p();this.setBookmark(u),o=c.length,i-=c.length}while(i>0&&o>0);this.#t=r,this.#r=n}async#p(){let{url:e,cookie:r}=mt(),n=`${e}/${this.#l}/_design/database/_search/${this.#d}`,i=this.buildSearchBody();try{return await hS(n,i,r)}catch(o){if(o.status===404&&this.#a)return await this.#a(),await hS(n,i,r);throw o}}};async function hS(t,e,r){let n=await(0,ES.default)(t,{body:JSON.stringify(e),method:"POST",headers:{Authorization:r}});if(n.status===404)throw n;let i=await n.json(),o={rows:[],totalRows:0};return i.rows!=null&&i.rows.length>0&&(o.rows=i.rows.map(a=>a.doc)),i.bookmark&&(o.bookmark=i.bookmark),i.total_rows&&(o.totalRows=i.total_rows),o}s(hS,"runQuery");async function gS(t,e,r,n){let i=n.bookmark,o=n.rows||[];if(n.limit&&o.length>=n.limit)return o;let a=Qt.maxLimit;n.limit&&o.length>n.limit-Qt.maxLimit&&(a=n.limit-o.length);let u=new Qt(t,e,r);u.setVersion(n.version).setBookmark(i).setLimit(a).setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.tableId&&u.setTable(n.tableId);let c=await u.run();if(!c.rows.length)return o;if(c.rows.length<Qt.maxLimit)return[...o,...c.rows];let l={...n,bookmark:c.bookmark,rows:[...o,...c.rows]};return await gS(t,e,r,l)}s(gS,"recursiveSearch");async function rv(t,e,r,n){let i=n.limit;(i==null||isNaN(i)||i<0)&&(i=50),i=Math.min(i,Qt.maxLimit);let o=new Qt(t,e,r);n.version&&o.setVersion(n.version),n.tableId&&o.setTable(n.tableId),n.sort&&o.setSort(n.sort).setSortOrder(n.sortOrder).setSortType(n.sortType),n.indexer&&o.setIndexBuilder(n.indexer),n.disableEscaping&&o.disableEscaping();let a=await o.setBookmark(n.bookmark).setLimit(i).run();o.setBookmark(a.bookmark).setLimit(1),n.tableId&&o.setTable(n.tableId);let u=await o.run();return{...a,hasNextPage:u.rows&&u.rows.length>0}}s(rv,"paginatedSearch");async function nv(t,e,r,n){let i=n.limit;return(i==null||isNaN(i)||i<0)&&(i=1e3),n.limit=Math.min(i,1e3),{rows:await gS(t,e,r,n)}}s(nv,"fullSearch");var Jf={};P(Jf,{createUserIndex:()=>iv});async function iv(){let t=Y(),e;try{e=await t.get("_design/database")}catch(n){n.status===404&&(e={_id:"_design/database"})}let r=s(function(n){if(n._id&&!n._id.startsWith("us_"))return;let i=["_id","_rev","password","account","license","budibaseAccess","accountPortalAccess","csrfToken"];function o(a,u){for(let c of Object.keys(a)){if(i.includes(c))continue;let l=u!=null?`${u}.${c}`:c;typeof a[c]=="string"?index(l,a[c].toLowerCase(),{facet:!0}):typeof a[c]!="object"?index(l,a[c],{facet:!0}):o(a[c],l)}}s(o,"idx"),o(n)},"fn");e.indexes={user:{index:r.toString(),analyzer:{default:"keyword",name:"perfield"}}},await t.put(e)}s(iv,"createUserIndex");function yS(t,e){let r=e.toString();if(typeof t=="object")return t.status===e||t.message?.includes(r);if(typeof t=="number")return t===e;if(typeof t=="string")return t.includes(r)}s(yS,"checkErrorCode");function sv(t){return yS(t,409)}s(sv,"isDocumentConflictError");var Hs={};P(Hs,{addTenantToUrl:()=>ov,getTenantDB:()=>Xf,getTenantIDFromCtx:()=>js,isUserInWorkspaceTenant:()=>av});function Xf(t){return Ce(an(t))}s(Xf,"getTenantDB");function ov(t){let e=G();if(gr()){let r=t.indexOf("?")===-1?"?":"&";t+=`${r}tenantId=${e}`}return t}s(ov,"addTenantToUrl");var av=s((t,e)=>{let r;return e?r=e.tenantId||ue:r=G(),(ti(t)||ue)===r},"isUserInWorkspaceTenant"),uv=Object.values(vi),js=s((t,e)=>{if(!gr())return ue;e.allowNoTenant===void 0&&(e.allowNoTenant=!1),e.includeStrategies||(e.includeStrategies=uv),e.excludeStrategies||(e.excludeStrategies=[]);let r=s(n=>{if(e.excludeStrategies?.includes(n))return!1;if(e.includeStrategies?.includes(n))return!0},"isAllowed");if(r("user")){let n=t.user?.tenantId;if(n)return n}if(r("header")){let n=t.request.headers["x-budibase-tenant-id"];if(n)return n}if(r("query")){let n=t.request.query.tenantId;if(n)return n}if(r("subdomain")){let n;try{n=new URL(bf()).host.split(":")[0]}catch(o){if(o.code!=="ERR_INVALID_URL")throw o}let i=t.host;if(n&&i.includes(n)){let o=i.substring(0,i.indexOf(`.${n}`));if(o)return o}}if(r("path")){let n=t.matched.find(a=>!!a.paramNames.find(u=>u.name==="tenantId")),i=t.originalUrl,o;if(i.includes("?")?o=i.split("?")[0]:o=i,n){let a=n.params(o,n.captures(o),{});if(a.tenantId)return a.tenantId}}e.allowNoTenant||t.throw(403,"Tenant id not set")},"getTenantIDFromCtx");var Zf="app"+D,TS="/app/",SS="/app-chat/";async function cv(t){let r=t.path.split("/")[2];if(!r)return;let n=`/${r.toLowerCase()}`,i=G();!m.isDev()&&m.MULTI_TENANCY&&(i=js(t,{includeStrategies:["subdomain"]}));let a=(await be(i,()=>$s({dev:!1}))).filter(u=>u.url&&u.url.toLowerCase()===n)[0];return a&&a.appId?a.appId:void 0}s(cv,"resolveAppUrl");function lv(t){return t.path.startsWith(`/${Zf}`)?!0:t.path.startsWith(TS)||t.path.startsWith(SS)}s(lv,"isServingApp");function dv(t){return t.path.startsWith("/builder/workspace/")}s(dv,"isServingBuilder");function fv(t){return AS(t.path)}s(fv,"isServingBuilderPreview");function AS(t){return new RegExp(/^\/app\/app_\w+\/preview$/).test(t)}s(AS,"isBuilderPreviewUrl");function pv(t){return t.path.startsWith("/api/public/v")}s(pv,"isPublicApiRequest");async function dn(t){let e;function r(u){u&&u.startsWith(Zf)&&(e&&e!==u&&t.throw(403,"App id conflict"),e=u)}s(r,"setWorkspaceIdIfValid");function n(u){if(u){typeof u=="string"&&(u=[u]);for(let c of u)r(c)}}s(n,"checkPossibleValues"),n(t.request.headers["x-budibase-app-id"]),r(t.request.body?.appId);let i=mv(t.path);r(i),n(t.query?.appId);let o=AS(t.path);return(t.path.startsWith(TS)||t.path.startsWith(SS))&&!o&&r(await cv(t)),e}s(dn,"getWorkspaceIdFromCtx");function mv(t){if(t)return t.split("?")[0].split("/").find(e=>e.startsWith(Zf))}s(mv,"parseWorkspaceIdFromUrlPath");function _u(t){if(t)try{return Au.default.verify(t,m.JWT_SECRET)}catch(e){if(m.JWT_SECRET_FALLBACK)return Au.default.verify(t,m.JWT_SECRET_FALLBACK);throw e}}s(_u,"openJwt");function Ys(t){return m.INTERNAL_API_KEY&&m.INTERNAL_API_KEY===t?!0:!!(m.INTERNAL_API_KEY_FALLBACK&&m.INTERNAL_API_KEY_FALLBACK===t)}s(Ys,"isValidInternalAPIKey");function jt(t,e){let r=t.cookies.get(e);if(r)return _u(r)}s(jt,"getCookie");function _S(t,e,r="builder",n={sign:!0}){e&&n&&n.sign&&(e=Au.default.sign(e,m.JWT_SECRET));let i={expires:Qa,path:"/",httpOnly:n.httpOnly??!1,secure:t.secure,overwrite:!0};m.COOKIE_DOMAIN&&(i.domain=m.COOKIE_DOMAIN),t.cookies.set(r,e,i)}s(_S,"setCookie");function Ar(t,e){_S(t,null,e)}s(Ar,"clearCookie");function hv(t){return t.headers["x-budibase-type"]==="client"}s(hv,"isClient");function ep(t){return new Promise(e=>setTimeout(e,t))}s(ep,"timeout");function tp(t){return!!ah[t]}s(tp,"isAudited");function Ev(t){if(typeof t!="object")return!1;try{JSON.stringify(t)}catch(e){if(e instanceof Error&&e?.message.includes("circular structure"))return!0}return!1}s(Ev,"hasCircularStructure");function gv(t){return!!t.match(/^.+:\/\/.+$/)}s(gv,"urlHasProtocol");function rp(t){return t&&!!t.match(/^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/)}s(rp,"validEmail");var np=(o=>(o.MILLISECONDS="milliseconds",o.SECONDS="seconds",o.MINUTES="minutes",o.HOURS="hours",o.DAYS="days",o))(np||{}),Ou={milliseconds:1,seconds:1e3,minutes:6e4,hours:36e5,days:864e5},pe=class t{constructor(e){this.ms=e}static{s(this,"Duration")}to(e){return this.ms/Ou[e]}toMs(){return this.ms}toSeconds(){return this.to("seconds")}static convert(e,r,n){return n*Ou[e]/Ou[r]}static from(e,r){return new t(r*Ou[e])}static fromSeconds(e){return t.from("seconds",e)}static fromMinutes(e){return t.from("minutes",e)}static fromHours(e){return t.from("hours",e)}static fromDays(e){return t.from("days",e)}static fromMilliseconds(e){return t.from("milliseconds",e)}};async function yv(t){let e=performance.now();return[await t(),pe.fromMilliseconds(performance.now()-e)]}s(yv,"time");var Iu=require("undici");function Tv(t,e){let r,n=null;try{let o=new URL(t);r=o.hostname,n=o.port||null}catch{return!1}let i=e.split(/[\s,]+/).filter(o=>o.length>0);for(let o of i){let u=o.replace(/^\./,"*").match(/^(.+?)(?::(\d+))?$/);if(!u||!u[1])continue;let c=u[1].toLowerCase(),l=u[2]||null,d=!1;if(c==="*")d=!0;else if(c.startsWith("*")){let E=c.slice(1);d=r===E.slice(1)||r.endsWith(E)}else d=r===c;if(d&&(!l||n===l))return!0}return!1}s(Tv,"isUrlMatchingNoProxy");function Sv(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e;if(!n||!n.trim())return!0;try{new URL(n.trim())}catch{return console.log("[fetch] Invalid proxy URL format:",n),!0}if(t){let i=process.env.GLOBAL_AGENT_NO_PROXY||process.env.NO_PROXY||"";if(i&&Tv(t,i))return console.log("[fetch] URL matches NO_PROXY pattern, bypassing proxy",{url:t,noProxy:i}),!0}return!1}s(Sv,"shouldBypassProxy");function Av(t){return new Iu.Agent({connect:{rejectUnauthorized:t}})}s(Av,"createDirectAgent");function _v(t){let e=process.env.GLOBAL_AGENT_HTTP_PROXY||process.env.HTTP_PROXY,n=(process.env.GLOBAL_AGENT_HTTPS_PROXY||process.env.HTTPS_PROXY||e).trim();console.log("[fetch] Creating ProxyAgent",{proxyUrl:n,rejectUnauthorized:t});let i={uri:n,requestTls:{rejectUnauthorized:t}};return n.startsWith("https://")&&(i.proxyTls={rejectUnauthorized:t}),new Iu.ProxyAgent(i)}s(_v,"createProxyAgent");function Ov(t){let e=t?.rejectUnauthorized??!0;return Sv(t?.url)?Av(e):_v(e)}s(Ov,"createDispatcher");function Iv(t){return Ov(t)}s(Iv,"getDispatcher");var ip=require("util"),sp=B(require("zlib"));var wv=(0,ip.promisify)(sp.default.gzip),Rv=(0,ip.promisify)(sp.default.gunzip),wu="gzip:",Dv=s(async t=>{let e=await wv(t);return`${wu}${e.toString("base64")}`},"gzipToBase64"),Cv=s(async t=>{let e=t.startsWith(wu)?t.slice(wu.length):t,r=Buffer.from(e,"base64");return(await Rv(new Uint8Array(r))).toString("utf8")},"gunzipFromBase64");function bv(t){let e=t.get("authorization");if(!e)return null;let r=e.match(/^Bearer\s+(.+)$/i);return r?r[1]:null}s(bv,"getBearerToken");var lp={};P(lp,{isBlacklisted:()=>cp,refreshBlacklist:()=>DS});var OS=B(require("dns")),_r=B(require("net"));var IS=require("util");var xv=["127.0.0.0/8","10.0.0.0/8","172.16.0.0/12","192.168.0.0/16","169.254.0.0/16","0.0.0.0/8","::1/128","fc00::/7","fe80::/10"],ap,vv=(0,IS.promisify)(OS.default.lookup);function wS(){return!(m.SELF_HOSTED&&m.BLACKLIST_IPS!==void 0)}s(wS,"shouldApplyDefaultBlacklist");function up(t){return _r.default.isIP(t)===6?"ipv6":"ipv4"}s(up,"getIpVersion");function Pv(t){let e=_r.default.isIP(t);return e===4?32:e===6?128:null}s(Pv,"getMaxPrefixLength");function Nv(t,e){if(!/^\d+$/.test(e))return null;let r=Number.parseInt(e,10),n=Pv(t);return n==null||r>n?null:r}s(Nv,"getValidSubnetPrefix");function Uv(t){return _r.default.isIP(t)?t:(t.startsWith("http")||(t=`https://${t}`),new URL(t).hostname.replace(/^\[|\]$/g,""))}s(Uv,"parseAddress");async function RS(t){return t=Uv(t),(await vv(t,{all:!0})).map(r=>r.address)}s(RS,"lookup");function op(t,e){let r=e.trim();if(!r)return;let n=r.split("/");if(n.length>2){console.log(`Ignoring invalid blacklist entry: ${r}`);return}let[i,o]=n,a=_r.default.isIP(i);if(n.length===2){let u=Nv(i,o);if(a&&u!==null){t.addSubnet(i,u,up(i));return}console.log(`Ignoring invalid blacklist entry: ${r}`);return}a&&t.addAddress(i,up(i))}s(op,"addEntryToBlacklist");async function DS(){let t=new _r.default.BlockList;if(wS())for(let r of xv)op(t,r);let e=m.BLACKLIST_IPS?.split(",")||[];for(let r of e){let n=r.trim();if(!n)continue;let[i]=n.split("/");if(_r.default.isIP(i)){op(t,n);continue}let o=await RS(n);for(let a of o)op(t,a)}ap=t}s(DS,"refreshBlacklist");async function cp(t){ap||await DS();let e;if(_r.default.isIP(t))e=[t];else try{e=await RS(t)}catch{return wS()}return e.some(r=>ap.check(r,up(r)))}s(cp,"isBlacklisted");var Ru=B(require("node-fetch"));var CS=5,Lv=new Set(["http:","https:"]),kv=["authorization","cookie","cookie2","proxy-authorization"];function bS(t){let e;try{e=new URL(t)}catch{throw new Error("Invalid URL.")}if(!Lv.has(e.protocol))throw new Error("Only HTTP(S) URLs are allowed.");if(e.username||e.password)throw new Error("URL must not include credentials.");return e}s(bS,"parseUrl");function Mv(t){return[301,302,303,307,308].includes(t)}s(Mv,"isRedirect");async function Fv(t){let e=bS(t);if(await cp(e.hostname))throw new Error("URL is blocked or could not be resolved safely.")}s(Fv,"throwIfUnsafe");function Bv(t,e){let r=t.method?.toUpperCase()||"GET";return e===303||(e===301||e===302)&&r==="POST"?{...t,body:void 0,method:"GET",redirect:"manual"}:t}s(Bv,"nextRequestForRedirect");function Wv(t,e){return new URL(t).origin!==new URL(e).origin}s(Wv,"shouldStripSensitiveHeadersForRedirect");function Gv(t){if(!t.headers)return t;let e=new Ru.Headers(t.headers);return kv.forEach(r=>e.delete(r)),{...t,headers:e}}s(Gv,"stripSensitiveHeadersForRedirect");function $v(t){t.body?.resume()}s($v,"releaseResponseBody");async function ai(t,e={},{followRedirects:r=!0}={}){let n=t,i={...e,redirect:"manual"};for(let o=0;o<=CS;o++){await Fv(n);let a=await(0,Ru.default)(n,i);if(!Mv(a.status))return a;if($v(a),!r)throw new Error("Redirects are not permitted.");if(o===CS)break;let u=a.headers.get("location");if(!u)throw new Error("Maximum redirect reached.");let c=bS(new URL(u,n).toString()).toString();i=Bv(i,a.status),Wv(n,c)&&(i=Gv(i)),n=c}throw new Error("Maximum redirect reached.")}s(ai,"fetchWithBlacklist");var Vv=s((t,e)=>`datasource:creation:${t}:microsoft:${e}`,"microsoftDatasourceCreationCacheKey");function qv(t){let e="",r=-1,n,i,o=t.opts?.repeat;return o&&(i=o.endDate?new Date(o.endDate).getTime():Date.now(),n=o.tz,"cron"in o?e=o.cron:r=o.every),{id:t.id.toString(),name:"",key:t.id.toString(),tz:n,endDate:i,cron:e,every:r,next:0}}s(qv,"jobToJobInformation");var Du=class{static{s(this,"InMemoryQueue")}constructor(e,r){this._name=e,this._opts=r,this._messages=[],this._emitter=new xS.default.EventEmitter,this._runCount=0,this._addCount=0,this._queuedJobIds=new Set,this._attempts=r?.defaultJobOptions?.attempts||1}async process(e,r){r=typeof e=="number"?r:e,this._emitter.on("message",async n=>{if(!n.manualTrigger&&n.opts?.repeat!=null)return;function i(){return r.length===1?r(n):new Promise((c,l)=>{r(n,s((f,E)=>{f?l(f):c(E)},"done"))})}s(i,"execute");let o=this._attempts;async function a(c,l=0){try{return await c}catch(d){if(l++,l<o&&!n._isDiscarded)return await Le.wait(100*l),await a(i(),l);throw d}}s(a,"retryFunc");try{let c=await a(i());this._emitter.emit("completed",n,c);let l=this._messages.indexOf(n);if(l===-1)throw"Failed deleting a processed message";this._messages.splice(l,1)}catch(c){console.error(c),this._emitter.emit("error",n,c)}this._runCount++;let u=n.opts?.jobId?.toString();u&&n.opts?.removeOnComplete&&this._queuedJobIds.delete(u)})}async isReady(){return this}async add(e,r){if(typeof e=="string")throw new Error("doesn't support named jobs");let n=r,i=n?.jobId?.toString();if(i&&this._queuedJobIds.has(i)){console.log(`Ignoring already queued job ${i}`);return}if(typeof e!="object")throw"Queue only supports carrying JSON.";i&&this._queuedJobIds.add(i);let o=ee(),a=s(()=>{let c={id:o,timestamp:Date.now(),queue:this,data:e,opts:n,discard:async()=>{c._isDiscarded=!0}};this._messages.push(c),this._messages.length>1e3&&this._messages.shift(),this._addCount++,this._emitter.emit("message",c)},"pushMessage"),u=n?.delay;return u?setTimeout(a,u):a(),{id:i,finished:()=>new Promise((c,l)=>{let d=s((E,p)=>{E.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),l(p))},"errorHandler"),f=s((E,p)=>{E.id===o&&(this._emitter.off("error",d),this._emitter.off("completed",f),c(p))},"completedHandler");this._emitter.on("error",d),this._emitter.on("completed",f)})}}async close(){}async removeRepeatableByKey(e){for(let[r,n]of this._messages.entries())if(n.id===e){this._messages.splice(r,1),this._emitter.emit("removed",n);return}}async removeJobs(e){}async clean(){return[]}async getJob(e){for(let r of this._messages)if(r.id===e)return r;return null}manualTrigger(e){for(let r of this._messages)if(r.id===e){this._emitter.emit("message",{...r,manualTrigger:!0});return}throw new Error(`Job with id ${e} not found`)}on(e,r){return this._emitter.on(e,r),this}off(e,r){return this._emitter.off(e,r),this}async count(){return this._messages.length}async getCompletedCount(){return this._runCount}async getRepeatableJobs(){return this._messages.filter(e=>e.opts?.repeat!=null).map(e=>qv(e))}async whenCurrentJobsFinished(){do await ep(50);while(this.hasRunningJobs())}hasRunningJobs(){return this._addCount>this._runCount}},vS=Du;var pp=B(require("bull"));var ci=(f=>(f.AUTOMATION="automationQueue",f.APP_BACKUP="appBackupQueue",f.AUDIT_LOG="auditLogQueue",f.SYSTEM_EVENT_QUEUE="systemEventQueue",f.APP_MIGRATION="appMigration",f.DOC_WRITETHROUGH_QUEUE="docWritethroughQueue",f.DEV_REVERT_PROCESSOR="devRevertProcessorQueue",f.BATCH_USER_SYNC_PROCESSOR="batchUserSyncProcessorQueue",f.RAG_INGESTION="ragIngestionQueue",f.KNOWLEDGE_SOURCE_SYNC="knowledgeSourceSyncQueue",f.AGENT_LOG_INDEXING="agentLogIndexingQueue",f))(ci||{});function PS(t,e,r){jv(t,e),r&&Kv(t,r)}s(PS,"addListeners");function Kv(t,e){t.on("stalled",async r=>{if(e)await e(r);else if(r.opts.repeat){let n=r.id,i=await t.getRepeatableJobs();for(let o of i)o.id===n&&await t.removeRepeatableByKey(o.key);console.log(`jobId=${n} disabled`)}})}s(Kv,"handleStalled");function st(t,e,r={},n={}){let i=`[BULL] ${t}=${e}`,o=r.error,a={_logKey:"bull",eventType:t,event:e,job:r.job,jobId:r.jobId||r.job?.id,...n},u;return r.job?.data?.automation&&(u={_logKey:"automation",trigger:r.job?r.job.data.automation.definition.trigger.event:void 0}),[i,o,a,u]}s(st,"getLogParams");var Qv={automationQueue:"automation-event",appBackupQueue:"app-backup-event",auditLogQueue:"audit-log-event",systemEventQueue:"system-event",appMigration:"app-migration",docWritethroughQueue:"doc-writethrough",devRevertProcessorQueue:"dev-revert-event",batchUserSyncProcessorQueue:"batch-user-sync-processor",ragIngestionQueue:"rag-ingestion-processor",agentLogIndexingQueue:"agent-log-indexing-processor",knowledgeSourceSyncQueue:"knowledge-source-sync-processor"};function jv(t,e){let r=Qv[e];function n(i,o){let a=i.data.event?.appId;if(a)return xf(a,o);o()}s(n,"doInJobContext"),t.on("stalled",async i=>{await n(i,()=>{console.error(...st(r,"stalled",{job:i}))})}).on("error",i=>{console.error(...st(r,"error",{error:i}))}),process.env.NODE_DEBUG?.includes("bull")&&t.on("waiting",i=>{console.info(...st(r,"waiting",{jobId:i}))}).on("active",async i=>{await n(i,()=>{console.info(...st(r,"active",{job:i}))})}).on("progress",async(i,o)=>{await n(i,()=>{console.info(...st(r,"progress",{job:i},{progress:o}))})}).on("completed",async(i,o)=>{await n(i,()=>{console.info(...st(r,"completed",{job:i},{result:o}))})}).on("failed",async(i,o)=>{await n(i,()=>{console.error(...st(r,"failed",{job:i,error:o}))})}).on("paused",()=>{console.info(...st(r,"paused"))}).on("resumed",()=>{console.info(...st(r,"resumed"))}).on("cleaned",(i,o)=>{console.info(...st(r,"cleaned",{},{length:i.length,type:o}))}).on("drained",()=>{console.info(...st(r,"drained"))}).on("removed",i=>{console.info(...st(r,"removed",{job:i}))})}s(jv,"logging");var Cu={};P(Cu,{cleanup:()=>Hv,clear:()=>fp,set:()=>dp});var zs=[];function dp(t,e){let r=setInterval(t,e);return zs.push(r),r}s(dp,"set");function fp(t){let e=zs.indexOf(t);e!==-1&&zs.splice(e,1),clearInterval(t)}s(fp,"clear");function Hv(){for(let t of zs)clearInterval(t);zs=[]}s(Hv,"cleanup");var Ht=B(require("dd-trace")),Js=B(require("object-sizeof"));var Yv=pe.fromMinutes(5).toMs(),zv=pe.fromSeconds(30).toMs(),mp=pe.fromSeconds(60).toMs(),Xs=[],bu;async function NS(){for(let t of Xs)await t.clean(mp,"completed"),await t.clean(mp,"failed")}s(NS,"cleanup");async function Jv(t,e,r){let n=performance.now();try{let i=await e();return Ht.default.dogstatsd.increment(`${t}.success`,1,r),i}catch(i){throw Ht.default.dogstatsd.increment(`${t}.error`,1,r),i}finally{let i=performance.now()-n;Ht.default.dogstatsd.distribution(`${t}.duration.ms`,i,r),Ht.default.dogstatsd.increment(t,1,r)}}s(Jv,"withMetrics");function US(t){return{"job.opts.attempts":t.attempts,"job.opts.backoff":t.backoff,"job.opts.delay":t.delay,"job.opts.jobId":t.jobId,"job.opts.lifo":t.lifo,"job.opts.preventParsingData":t.preventParsingData,"job.opts.priority":t.priority,"job.opts.removeOnComplete":t.removeOnComplete,"job.opts.removeOnFail":t.removeOnFail,"job.opts.repeat":t.repeat,"job.opts.stackTraceLimit":t.stackTraceLimit,"job.opts.timeout":t.timeout}}s(US,"jobOptsTags");function Xv(t){return{"job.id":t.id,"job.attemptsMade":t.attemptsMade,"job.timestamp":t.timestamp,"job.data.sizeBytes":(0,Js.default)(t.data),...US(t.opts||{})}}s(Xv,"jobTags");var gt=class{static{s(this,"BudibaseQueue")}constructor(e,r={}){this.opts=r,this.jobQueue=e,this.queue=this.initQueue()}get name(){return this.queue.name}initQueue(){let r={redis:sn(),settings:{maxStalledCount:this.opts.maxStalledCount?this.opts.maxStalledCount:0,lockDuration:Yv,lockRenewTime:zv}};this.opts.jobOptions&&(r.defaultJobOptions=this.opts.jobOptions);let n;return m.isTest()?process.env.BULL_TEST_REDIS_PORT&&!isNaN(+process.env.BULL_TEST_REDIS_PORT)?n=new pp.default(this.jobQueue,{...r,redis:{host:"localhost",port:+process.env.BULL_TEST_REDIS_PORT}}):n=new vS(this.jobQueue,r):n=new pp.default(this.jobQueue,r),PS(n,this.jobQueue,this.opts.removeStalledCb),Xs.push(n),!bu&&!m.isTest()&&(bu=dp(NS,mp),NS().catch(i=>{console.error(`Unable to cleanup ${this.jobQueue} initially - ${i}`)})),n}getBullQueue(){return this.queue}process(...e){let r,n;e.length===2?(r=e[0],n=e[1]):n=e[0];let i=s(async(a,u)=>{await Ht.default.trace("queue.process",async c=>{if(a.data._parentSpanContext){let l=a.data._parentSpanContext,d={traceId:l.traceId,spanId:l.spanId,toTraceId:()=>l.traceId,toSpanId:()=>l.spanId,toTraceparent:()=>""};c.addLink(d)}c.addTags({"queue.name":this.jobQueue,...Xv(a)}),this.opts.jobTags&&c.addTags(this.opts.jobTags(a.data)),Ht.default.dogstatsd.distribution("queue.process.sizeBytes",(0,Js.default)(a.data),this.metricTags()),await this.withMetrics("queue.process",()=>u?n(a,u):n(a))})},"processCallback"),o;return n.length===1?o=s(a=>i(a),"wrappedCb"):o=i,r?this.queue.process(r,o):this.queue.process(o)}async add(e,r){return await Ht.default.trace("queue.add",async n=>(n.addTags({"queue.name":this.jobQueue,"job.data.sizeBytes":(0,Js.default)(e),...US(r||{})}),this.opts.jobTags&&n.addTags(this.opts.jobTags(e)),e._parentSpanContext={traceId:n.context().toTraceId(),spanId:n.context().toSpanId()},Ht.default.dogstatsd.distribution("queue.add.sizeBytes",(0,Js.default)(e),this.metricTags()),await this.withMetrics("queue.add",()=>this.queue.add(e,r))))}withMetrics(e,r){return Jv(e,r,this.metricTags())}metricTags(){return{queueName:this.jobQueue}}close(e){return this.queue.close(e)}whenCurrentJobsFinished(){return this.queue.whenCurrentJobsFinished()}};async function Zv(){bu&&fp(bu),console.log("Waiting for current queue jobs to finish...");for(let t of Xs)await t.whenCurrentJobsFinished();console.log("Closing queue Redis connections...");for(let t of Xs)await t.close();Xs=[],console.log("Queues shutdown")}s(Zv,"shutdown");var so={};P(so,{correlation:()=>Zs,logAlert:()=>mn,logAlertWithInfo:()=>MP,logWarn:()=>fi,logger:()=>Mu,system:()=>Cp});var Zs={};P(Zs,{getId:()=>hp,setHeader:()=>eP});var LS=require("correlation-id"),eP=s(t=>{let e=LS.getId();e&&(t["x-budibase-correlation-id"]=e)},"setHeader");function hp(){return LS.getId()}s(hp,"getId");var ku=B(require("pino")),dA=B(require("pino-pretty")),bp=B(require("dd-trace")),fA=require("dd-trace/ext");var Cp={};P(Cp,{getLogReadStream:()=>vP,getSingleFileMaxSizeInfo:()=>lA,localFileDestination:()=>Dp});var io=B(require("fs")),Rp=B(require("path")),oA=B(require("rotating-file-stream"));var wp={};P(wp,{ObjectStore:()=>ot,ObjectStoreBuckets:()=>rP,SIGNED_FILE_PREFIX:()=>Ap,bucketTTLConfig:()=>xu,budibaseTempDir:()=>fn,client3rdPartyLibrary:()=>IP,clientLibraryPath:()=>OP,clientLibraryUrl:()=>wP,createBucketIfNotExists:()=>no,deleteFile:()=>mP,deleteFiles:()=>hP,deleteFolder:()=>HS,downloadTarball:()=>gP,downloadTarballDirect:()=>EP,enrichPWAImages:()=>RP,enrichPluginURLs:()=>CP,extractBucketAndPath:()=>Ep,getAllFiles:()=>dP,getAppFileUrl:()=>XS,getClientCacheKey:()=>JS,getGlobalFileS3Key:()=>ZS,getGlobalFileUrl:()=>DP,getObjectMetadata:()=>yP,getPluginIconKey:()=>rA,getPluginJSKey:()=>tA,getPluginS3Dir:()=>iA,getPresignedUrl:()=>pn,getReadStream:()=>vu,listAllObjects:()=>_p,objectExists:()=>TP,processAutomationAttachment:()=>iP,processObjectStoreAttachment:()=>WS,retrieve:()=>jS,retrieveDirectory:()=>pP,retrieveToTmp:()=>fP,sanitizeBucket:()=>xe,sanitizeKey:()=>Ee,streamUpload:()=>QS,streamUploadMany:()=>lP,upload:()=>cP,uploadDirectory:()=>Op});var Nu=require("@aws-sdk/client-s3"),gp=require("@aws-sdk/lib-storage"),GS=require("@aws-sdk/s3-request-presigner"),$S=require("@smithy/node-http-handler");var Yt=B(require("dd-trace")),li=B(require("fs")),to=B(require("fs/promises")),VS=B(require("https")),Ir=require("path"),Uu=B(require("stream")),ro=require("stream/promises"),yp=B(require("tar-fs")),Tp=require("uuid"),Sp=B(require("zlib"));var kS=B(require("fs")),MS=require("os"),eo=B(require("path")),FS=B(require("stream"));var rP={BACKUPS:m.BACKUPS_BUCKET_NAME,APPS:m.APPS_BUCKET_NAME,TEMPLATES:m.TEMPLATES_BUCKET_NAME,GLOBAL:m.GLOBAL_BUCKET_NAME,PLUGINS:m.PLUGIN_BUCKET_NAME,TEMP:m.TEMP_BUCKET_NAME},BS=(0,eo.join)((0,MS.tmpdir)(),".budibase");try{kS.default.mkdirSync(BS)}catch(t){if(t.code!=="EEXIST")throw t}function fn(){return BS}s(fn,"budibaseTempDir");var xu=s((t,e)=>{let n={Rules:[{ID:`${t}-ExpireAfter${e}days`,Prefix:"",Status:"Enabled",Expiration:{Days:e}}]};return{Bucket:t,LifecycleConfiguration:n}},"bucketTTLConfig");async function nP(t){let e=await ai(t.url);if(!e.ok||!e.body)throw new Error(`Unexpected response ${e.statusText}`);let r=eo.default.basename(new URL(t.url).pathname);if(!e.body)throw new Error("No response received for attachment");if(!(e.body instanceof FS.default.Readable))throw new Error("Unexpected response body stream type");return{filename:t.filename||r,content:e.body}}s(nP,"processUrlAttachment");async function WS(t){let e=Ep(t.url);if(e===null)throw new Error("Invalid signed URL");let{bucket:r,path:n}=e,{stream:i}=await vu(r,n),o=eo.default.basename(n);return{bucket:r,path:n,filename:t.filename||o,content:i}}s(WS,"processObjectStoreAttachment");async function iP(t){return t.url?.startsWith("http://")||t.url?.startsWith("https://")?await nP(t):await WS(t)}s(iP,"processAutomationAttachment");var sP=require("sanitize-s3-objectkey"),oP={bucketCreationPromises:{}},Ap="/files/signed",Or={txt:"text/plain",html:"text/html",css:"text/css",js:"application/javascript",json:"application/json",gz:"application/gzip",svg:"image/svg+xml",form:"multipart/form-data"},aP=[Or.html,Or.css,Or.js,Or.json];function Ee(t){return sP(xe(t)).replace(/\\/g,"/")}s(Ee,"sanitizeKey");function xe(t){return t.replace(new RegExp(rt,"g"),tt)}s(xe,"sanitizeBucket");function ot(t={presigning:!1}){let e={forcePathStyle:!0,credentials:{accessKeyId:m.MINIO_ACCESS_KEY,secretAccessKey:m.MINIO_SECRET_KEY},region:m.AWS_REGION};if(!m.MINIO_ENABLED&&m.AWS_SESSION_TOKEN&&(e.credentials={accessKeyId:m.MINIO_ACCESS_KEY,secretAccessKey:m.MINIO_SECRET_KEY,sessionToken:m.AWS_SESSION_TOKEN}),m.MINIO_URL&&(t.presigning&&m.MINIO_ENABLED?e.endpoint="http://minio-service":e.endpoint=m.MINIO_URL),m.S3_IGNORE_SELF_SIGNED==="true"){let r=new VS.default.Agent({rejectUnauthorized:!1});e.requestHandler=new $S.NodeHttpHandler({httpsAgent:r})}return new Nu.S3(e)}s(ot,"ObjectStore");async function no(t,e){e=xe(e);try{return await t.headBucket({Bucket:e}),{created:!1,exists:!0}}catch(r){let n=r.statusCode||r.$response?.statusCode||r.$metadata?.httpStatusCode,i=oP.bucketCreationPromises;if(n===403)throw new Error("Access denied to object store bucket."+r);if(i[e])return await i[e],{created:!1,exists:!0};i[e]=t.createBucket({Bucket:e}).catch(o=>{if(o.Code!=="BucketAlreadyOwnedByYou"&&o.name!=="BucketAlreadyOwnedByYou")throw o});try{return await i[e],{created:!0,exists:!1}}finally{delete i[e]}}}s(no,"createBucketIfNotExists");var uP=s((t,e)=>{if(e)return e;let r=t.split(".").pop();return r?Or[r.toLowerCase()]:Or.txt},"resolveContentType"),qS=s(async(t,e,r)=>{let n=xe(t),i=ot(),o=await no(i,n);if(r.addTags({bucketCreated:o.created,bucketExists:o.exists}),e&&o.created){let a=xu(n,e);await i.putBucketLifecycleConfiguration(a)}return{bucket:n,client:i,bucketCreated:o}},"initialiseBucket"),KS=s(async({client:t,bucket:e,filename:r,stream:n,type:i,extra:o})=>{if(!n)throw new Error("Stream to upload is invalid/undefined");let a=uP(r,i),u=Ee(r),c={Bucket:e,Key:u,Body:n,ContentType:a,...o??{}};return{details:await new gp.Upload({client:t,params:c}).done(),contentType:a}},"streamUploadInternal");async function cP({bucket:t,filename:e,path:r,type:n,metadata:i,body:o,ttl:a}){let u=e.split(".").pop(),c=r?(await to.default.open(r)).createReadStream():o,l=ot(),d=await no(l,t);if(a&&d.created){let h=xu(t,a);await l.putBucketLifecycleConfiguration(h)}let f=n,E=f||(u?Or[u.toLowerCase()]:Or.txt),p={Bucket:xe(t),Key:Ee(e),Body:c,ContentType:E};if(i&&typeof i=="object"){for(let h of Object.keys(i))(!i[h]||typeof i[h]!="string")&&delete i[h];p.Metadata=i}return new gp.Upload({client:l,params:p}).done()}s(cP,"upload");async function QS({bucket:t,stream:e,filename:r,type:n,extra:i,ttl:o}){return await Yt.default.trace("streamUpload",async a=>{a.addTags({bucketName:t,filename:r,type:n,ttl:o});let u=r.split(".").pop();a.addTags({extension:u});let{bucket:c,client:l}=await qS(t,o,a),{details:d,contentType:f}=await KS({client:l,bucket:c,filename:r,stream:e,type:n,extra:i}),E=await l.headObject({Bucket:c,Key:Ee(r)});return a.addTags({contentType:f,contentLength:E.ContentLength}),{...d,ContentLength:E.ContentLength}})}s(QS,"streamUpload");async function lP({bucket:t,files:e,ttl:r}){return await Yt.default.trace("streamUploadMany",async i=>{if(i.addTags({bucketName:t,ttl:r,fileCount:e.length}),!e.length)return[];let{bucket:o,client:a}=await qS(t,r,i),u=e.map((l,d)=>({...l,index:d})),c=new Array(e.length);return await Ot.parallelForeach(u,async l=>{let{details:d}=await KS({client:a,bucket:o,filename:l.filename,stream:l.stream,type:l.type,extra:l.extra});c[l.index]=d},10),c})}s(lP,"streamUploadMany");async function jS(t,e){return await Yt.default.trace("retrieve",async r=>{r.addTags({bucketName:t,filepath:e});let n=ot(),i={Bucket:xe(t),Key:Ee(e)},o=await n.getObject(i);if(!o.Body)throw new Error("Unable to retrieve object");if(r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),aP.includes(o.ContentType))return r.addTags({string:!0}),o.Body.transformToString();{r.addTags({string:!1});let a=o.Body.transformToWebStream();return Uu.default.Readable.fromWeb(a)}})}s(jS,"retrieve");async function*_p(t,e){let r=ot(),n=s((a={})=>r.listObjectsV2({...a,Bucket:xe(t),Prefix:Ee(e)}),"list"),i=!1,o;do{let a={};o&&(a.ContinuationToken=o);let u=await n(a);if(u.Contents)for(let c of u.Contents)yield c;i=!!u.IsTruncated,o=u.NextContinuationToken}while(i&&o)}s(_p,"listAllObjects");async function dP(t,e){let r={};return await Ot.parallelForeach(_p(t,e),async n=>{if(!n.Key)throw new Error("file.Key must be defined");r[n.Key]=n},5),r}s(dP,"getAllFiles");async function pn(t,e,r=3600){let n=ot({presigning:!0}),i={Bucket:xe(t),Key:Ee(e)},o=await(0,GS.getSignedUrl)(n,new Nu.GetObjectCommand(i),{expiresIn:r});if(m.MINIO_ENABLED){let a=new URL(o),u=a.pathname,c=a.search;return`${Ap}${u}${c}`}else return o}s(pn,"getPresignedUrl");async function fP(t,e){return await Yt.default.trace("retrieveToTmp",async r=>{r.addTags({bucketName:t,filepath:e}),t=xe(t),e=Ee(e);let n=await jS(t,e),i=(0,Ir.join)(fn(),(0,Tp.v4)());return r.addTags({outputPath:i}),n instanceof Uu.default.Readable?(r.addTags({stream:!0}),await(0,ro.pipeline)(n,li.default.createWriteStream(i))):(r.addTags({stream:!1}),li.default.writeFileSync(i,n)),i})}s(fP,"retrieveToTmp");async function pP(t,e,r){return await Yt.default.trace("retrieveDirectory",async n=>{n.addTags({bucketName:t,path:e});let i=(0,Ir.join)(fn(),(0,Tp.v4)());await to.default.mkdir(i,{recursive:!0});let o=0;return await Ot.parallelForeach(_p(t,e),async a=>{let{Key:u}=a;!u||r?.some(c=>c.test(u))||(o++,await Yt.default.trace("retrieveDirectory.object",async c=>{let l=a.Key;c.addTags({filename:l});let{stream:d}=await vu(t,l),f=l.split("/"),E=f.slice(0,f.length-1),p=(0,Ir.join)(i,...E);f.length>1&&!li.default.existsSync(p)&&await to.default.mkdir(p,{recursive:!0}),await(0,ro.pipeline)(d,li.default.createWriteStream((0,Ir.join)(i,...f),{mode:420}))}))},5),n.addTags({numObjects:o}),i})}s(pP,"retrieveDirectory");async function mP(t,e){let r=ot();await no(r,t);let n={Bucket:t,Key:Ee(e)};return r.deleteObject(n)}s(mP,"deleteFile");async function hP(t,e){let r=ot();await no(r,t);let n={Bucket:t,Delete:{Objects:e.map(i=>({Key:Ee(i)}))}};return r.deleteObjects(n)}s(hP,"deleteFiles");async function HS(t,e){t=xe(t),e=Ee(e);let r=ot(),n={Bucket:t,Prefix:e},i=await r.listObjects(n);if(i.Contents?.length===0)return;let o={Bucket:t,Delete:{Objects:[]}};if(i.Contents?.forEach(a=>{o.Delete.Objects.push({Key:a.Key})}),o.Delete.Objects.length&&(await r.deleteObjects(o)).Deleted?.length===1e3)return HS(t,e)}s(HS,"deleteFolder");async function Op(t,e,r){return await Yt.default.trace("uploadDirectory",async n=>{n.addTags({bucketName:t,localPath:e,bucketPath:r}),t=xe(t);let i=await to.default.readdir(e,{withFileTypes:!0});n.addTags({numFiles:i.length});for(let o of i){let a=Ee((0,Ir.join)(r,o.name)),u=(0,Ir.join)(e,o.name);o.isDirectory()?await Op(t,u,a):await QS({bucket:t,filename:a,stream:li.default.createReadStream(u)})}return i})}s(Op,"uploadDirectory");async function EP(t,e,r={},{followRedirects:n=!0}={}){e=Ee(e);let i=await ai(t,{headers:r},{followRedirects:n});if(!i.ok)throw new Error(`unexpected response ${i.statusText}`);await(0,ro.pipeline)(i.body,Sp.default.createUnzip(),yp.default.extract(e))}s(EP,"downloadTarballDirect");async function gP(t,e,r){e=xe(e),r=Ee(r);let n=await ai(t);if(!n.ok)throw new Error(`unexpected response ${n.statusText}`);let i=(0,Ir.join)(fn(),r);return await(0,ro.pipeline)(n.body,Sp.default.createUnzip(),yp.default.extract(i)),!m.isTest()&&m.SELF_HOSTED&&await Op(e,i,r),i}s(gP,"downloadTarball");async function vu(t,e){return await Yt.default.trace("getReadStream",async r=>{t=xe(t),e=Ee(e),r.addTags({bucketName:t,path:e});let n=ot(),i={Bucket:t,Key:e},o=await n.getObject(i);if(!o.Body||!(o.Body instanceof Uu.default.Readable))throw new Error("Unable to retrieve stream - invalid response");return r.addTags({contentLength:o.ContentLength,contentType:o.ContentType}),{stream:o.Body,contentLength:o.ContentLength,contentType:o.ContentType}})}s(vu,"getReadStream");async function yP(t,e){t=xe(t),e=Ee(e);let r=ot(),n={Bucket:t,Key:e};try{return await r.headObject(n)}catch{throw new Error("Unable to retrieve metadata from object")}}s(yP,"getObjectMetadata");async function TP(t,e){t=xe(t),e=Ee(e);let r=ot(),n={Bucket:t,Key:e};try{return await r.headObject(n),!0}catch(i){if((i.statusCode||i.$response?.statusCode||i.$metadata?.httpStatusCode)===404)return!1;throw i}}s(TP,"objectExists");function Ep(t){let e=t.split("?")[0],r=new RegExp(`^${Ap}/(?<bucket>[^/]+)/(?<path>.+)$`),n=e.match(r);if(n&&n.groups){let{bucket:i,path:o}=n.groups;return{bucket:i,path:o}}return null}s(Ep,"extractBucketAndPath");var zS=B(require("querystring"));var YS=B(require("aws-cloudfront-sign"));var Lu;function SP(){if(!m.CLOUDFRONT_PRIVATE_KEY_64)throw new Error("CLOUDFRONT_PRIVATE_KEY_64 is not set");return Lu||(Lu=Buffer.from(m.CLOUDFRONT_PRIVATE_KEY_64,"base64").toString("utf-8"),Lu)}s(SP,"getPrivateKey");var AP=s(()=>({keypairId:m.CLOUDFRONT_PUBLIC_KEY_ID,privateKeyString:SP(),expireTime:new Date().getTime()+1e3*60*60*24}),"getCloudfrontSignParams"),di=s(t=>{let e=_P(t);return YS.getSignedUrl(e,AP())},"getPresignedUrl"),_P=s(t=>{let e="/";return t.startsWith("/")&&(e=""),`${m.CLOUDFRONT_CDN}${e}${t}`},"getUrl");function OP(t){return`${Ee(t)}/budibase-client.js`}s(OP,"clientLibraryPath");function IP(t,e){return`${Ee(t)}/${e}`}s(IP,"client3rdPartyLibrary");async function wP(t,e){return`/api/assets/${t}/client?${await JS(e)}`}s(wP,"clientLibraryUrl");async function JS(t){let e,r;try{e=G()}finally{r={version:t}}return e&&e!==ue&&(r.tenantId=e),zS.default.encode(r)}s(JS,"getClientCacheKey");async function XS(t){return m.CLOUDFRONT_CDN?di(t):await pn(m.APPS_BUCKET_NAME,t)}s(XS,"getAppFileUrl");async function RP(t){if(t.length===0)return[];try{return await Promise.all(t.map(async e=>({...e,src:await XS(e.src),type:e.type||"image/png"})))}catch(e){return console.error("Error enriching PWA images:",e),t}}s(RP,"enrichPWAImages");var DP=s(async(t,e,r)=>{let n=ZS(t,e);return m.CLOUDFRONT_CDN?(r&&(n=`${n}?etag=${r}`),di(n)):await pn(m.GLOBAL_BUCKET_NAME,n)},"getGlobalFileUrl"),ZS=s((t,e)=>{let r=`${t}/${e}`;return m.MULTI_TENANCY&&(r=`${G()}/${r}`),r},"getGlobalFileS3Key");async function CP(t){return!t||!t.length?[]:await Promise.all(t.map(async e=>{let r=await bP(e),n=await xP(e);return{...e,jsUrl:r,iconUrl:n}}))}s(CP,"enrichPluginURLs");async function bP(t){let e=tA(t);return eA(e)}s(bP,"getPluginJSUrl");async function xP(t){let e=rA(t);if(e)return eA(e)}s(xP,"getPluginIconUrl");async function eA(t){return m.CLOUDFRONT_CDN?di(t):await pn(m.PLUGIN_BUCKET_NAME,t)}s(eA,"getPluginUrl");function tA(t){return nA(t,"plugin.min.js")}s(tA,"getPluginJSKey");function rA(t){let e=t.iconUrl?"icon.svg":t.iconFileName;if(e)return nA(t,e)}s(rA,"getPluginIconKey");function nA(t,e){return`${iA(t.name)}/${e}`}s(nA,"getPluginS3Key");function iA(t){let e=`${t}`;return m.MULTI_TENANCY&&(e=`${G()}/${e}`),m.CLOUDFRONT_CDN&&(e=`plugins/${e}`),e}s(iA,"getPluginS3Dir");var aA="budibase.log",uA="budibase-logs-history.txt",cA=Rp.default.join(fn(),"systemlogs");function sA(t){return Rp.default.join(cA,t)}s(sA,"getFullPath");function lA(t){let e=/(\d+)([A-Za-z])/,r=t?.match(e);if(!r){console.warn("totalMaxSize does not have a valid value",{totalMaxSize:t});return}let n=+r[1],i=r[2];if(n===1)switch(i){case"B":return{size:`${n}B`,totalHistoryFiles:1};case"K":return{size:`${n*1e3/2}B`,totalHistoryFiles:1};case"M":return{size:`${n*1e3/2}K`,totalHistoryFiles:1};case"G":return{size:`${n*1e3/2}M`,totalHistoryFiles:1};default:return}return n%2===0?{size:`${n/2}${i}`,totalHistoryFiles:1}:{size:`1${i}`,totalHistoryFiles:n-1}}s(lA,"getSingleFileMaxSizeInfo");function Dp(){let t=lA(m.ROLLING_LOG_MAX_SIZE);return oA.createStream(aA,{size:t?.size,path:cA,maxFiles:t?.totalHistoryFiles||1,immutable:!0,history:uA,initialRotation:!1})}s(Dp,"localFileDestination");function vP(){let t=[],e=sA(uA);if(io.default.existsSync(e)){let i=io.default.readFileSync(e,"utf-8").split(`
-`);for(let o of i.filter(a=>a))t.push(io.default.readFileSync(o))}return t.push(io.default.readFileSync(sA(aA))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(vP,"getLogReadStream");function PP(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(PP,"isPlainObject");function NP(t){return t instanceof Error}s(NP,"isError");function UP(t){return typeof t=="string"}s(UP,"isMessage");var wr;if(!m.DISABLE_PINO_LOGGER){let t=m.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>m.SELF_HOSTED?{service:m.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(m.isDev()?{stream:(0,dA.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),m.SELF_HOSTED&&r.push({stream:Dp(),level:t}),wr=r.length?(0,ku.default)(e,ku.default.multistream(r)):(0,ku.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(g=>{UP(g)&&(f=`${f} ${g}`.trimStart()),PP(g)&&d.push(g),NP(g)&&(l=g)});let E=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:E?._id,identityType:E?.type,correlationId:hp()};let T=bp.default.scope().active();T&&bp.default.inject(T.context(),fA.formats.LOG,p);let h={err:l,pid:process.pid,...p};if(d.length){let g={},y=0;for(let I=0;I<d.length;I++){let O=d[I],w=O._logKey;w?(delete O._logKey,h[w]=O):(g[y]=O,y++)}Object.keys(g).length&&(h.data=g)}return[h,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);wr?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);wr?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);wr?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);wr?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),wr?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);wr?.debug(l,d)};let i=s(()=>{let c;try{c=G()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=Oe()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=vf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=$t()}catch{}return c},"getIdentity")}var Mu=wr;var LP=["AccountError"];function kP(t){return t&&t.suppressAlert}s(kP,"isSuppressed");function mn(t,e){e&&LP.includes(e.name)&&kP(e)||console.error(`bb-alert: ${t}`,e)}s(mn,"logAlert");function MP(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,mn(t,n)}s(MP,"logAlertWithInfo");function fi(t,e){console.warn(`bb-warn: ${t}`,e)}s(fi,"logWarn");var Fu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},xp=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new gt(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Fu&&await u.discard(),mn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Le.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var FP=100,Bu,oo=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new gt("docWritethroughQueue",{jobOptions:{attempts:FP}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=Ce(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},Pp=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await oo.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function pA(){return Bu=new oo().init(),Bu}s(pA,"init");function BP(){return Bu||pA()}s(BP,"getProcessor");var uo={};P(uo,{CacheKey:()=>ye,TTL:()=>gn,bustCache:()=>pi,destroy:()=>ao,get:()=>yn,keys:()=>Wu,store:()=>zt,withCache:()=>Rr,withCacheWithDynamicTTL:()=>mA});function bt(t){let e=G();return`${t}:${e}`}s(bt,"generateTenantKey");var hn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await Bf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>bt(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?bt(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[bt(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>bt(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(bt(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?bt(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var En=new hn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},gn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(gn||{}),Wu=s((...t)=>En.keys(...t),"keys"),yn=s((...t)=>En.get(...t),"get"),zt=s((...t)=>En.store(...t),"store"),ao=s((...t)=>En.delete(...t),"destroy"),Rr=s((...t)=>En.withCache(...t),"withCache"),mA=s((...t)=>En.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),pi=s((...t)=>En.bustCache(...t),"bustCache");var kp={};P(kp,{createCode:()=>jP,deleteCode:()=>YP,getCode:()=>HP,getExistingInvites:()=>Lp,getInviteCodes:()=>AA,updateCode:()=>QP});var Sn={};P(Sn,{AUTO_EXTEND_POLLING_MS:()=>gA,doWithLock:()=>co,newRedlock:()=>Tn});var EA=B(require("redlock"));async function WP(t,e){if(t==="custom")return Tn(e);switch(t){case"try_once":return Tn(mi.TRY_ONCE);case"try_twice":return Tn(mi.TRY_TWICE);case"default":return Tn(mi.DEFAULT);case"delay_500":return Tn(mi.DELAY_500);case"auto_extend":return Tn(mi.AUTO_EXTEND);default:throw Ot.unreachable(t)}}s(WP,"getClient");var mi={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function Tn(t={}){let e={...mi.DEFAULT,...t},n=(await Gf()).client;return new EA.default([n],e)}s(Tn,"newRedlock");function GP(t){let r=`lock:${t.systemLock?"system":G()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(GP,"getLockName");var gA=pe.fromSeconds(10).toMs();async function co(t,e){let r=await WP(t.type,t.customOptions),n,i;try{let o=GP(t),a=t.type==="auto_extend"?gA:t.ttl;if(n=await r.lock(o,a),t.type==="auto_extend"){let c=s(()=>{i=setTimeout(async()=>{n=await n.extend(a,()=>t.onExtend&&t.onExtend()),c()},a/2)},"extendInIntervals");c()}return{executed:!0,result:await e()}}catch(o){if(o.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw o}else throw o}finally{clearTimeout(i),await n?.unlock()}}s(co,"doWithLock");var yA=pe.fromDays(7).toSeconds(),VP=pe.fromSeconds(10).toMs(),Gu="Invitation is not valid or has expired, please request a new one.";function TA(t,e){if(!t)return null;let r=t.tenantId||e;return r?{tenantId:r,invites:t.invites||{}}:null}s(TA,"normaliseInviteList");function qP(t){let e=!1,r=Date.now();for(let[n,i]of Object.entries(t.invites))(!i?.expiresAt||i.expiresAt<=r)&&(delete t.invites[n],e=!0);return{list:t,changed:e}}s(qP,"pruneExpiredInvites");async function Up(t){let r=await(await Fs()).get(t);return TA(r,t)}s(Up,"loadInviteList");async function lo(t,e){await(await Fs()).store(t,e)}s(lo,"saveInviteList");async function fo(t,e){let{result:r}=await co({type:"default",name:"process_user_invite",systemLock:!0,resource:t,ttl:VP},e);return r}s(fo,"withInviteListLock");function KP(t,e){return{code:t,email:e.email,info:e.info}}s(KP,"toInviteWithCode");async function SA(t,e){let r=await Fs(),n=TA(await r.get(e),e);if(!n)throw new Error(Gu);if(!Object.keys(n.invites).includes(t))throw new Error(Gu);return{list:n,invite:n.invites[t]}}s(SA,"findInviteInList");async function QP(t,e){let r={...e.info},n=r.tenantId||G();r.tenantId=n,await fo(n,async()=>{let i=await Up(n)||{tenantId:n,invites:{}};i.invites[t]={email:e.email,info:r,expiresAt:Date.now()+yA*1e3},await lo(n,i)})}s(QP,"updateCode");async function jP(t,e){let r=ee(),n={...e||{}},i=n.tenantId||G();return n.tenantId=i,await fo(i,async()=>{let o=await Up(i)||{tenantId:i,invites:{}};o.invites[r]={email:t,info:n,expiresAt:Date.now()+yA*1e3},await lo(i,o)}),r}s(jP,"createCode");async function HP(t,e){let r=e||G();return await fo(r,async()=>{let n=await SA(t,r),{list:i,invite:o}=n;if(o.expiresAt<=Date.now())throw delete i.invites[t],await lo(i.tenantId,i),new Error(Gu);return{email:o.email,info:o.info}})}s(HP,"getCode");async function YP(t,e){let r=e||G();try{await fo(r,async()=>{let n=await SA(t,r);delete n.list.invites[t],await lo(n.list.tenantId,n.list)})}catch(n){if(n instanceof Error&&n.message===Gu)return;throw n}}s(YP,"deleteCode");async function AA(){let t=G(),e=await fo(t,async()=>{let n=await Up(t)||{tenantId:t,invites:{}},i=qP(n);return n=i.list,i.changed&&await lo(t,n),n}),r=new Map;for(let[n,i]of Object.entries(e.invites))r.set(n,KP(n,i));return Array.from(r.values())}s(AA,"getInviteCodes");async function Lp(t){let e=new Set(t.map(r=>r.toLowerCase()));return(await AA()).filter(r=>e.has(r.email.toLowerCase()))}s(Lp,"getExistingInvites");var Mp={};P(Mp,{createCode:()=>JP,getCode:()=>XP,invalidateCode:()=>ZP});var zP=pe.fromHours(1).toSeconds();async function JP(t,e){let r=ee();return await(await Bs()).store(r,{userId:t,info:e},zP),r}s(JP,"createCode");async function XP(t){let r=await(await Bs()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(XP,"getCode");async function ZP(t){await(await Bs()).delete(t)}s(ZP,"invalidateCode");var vr={};P(vr,{getUser:()=>Po,getUsers:()=>k0,invalidateUser:()=>No});var po={};P(po,{getPlatformDB:()=>Dr,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>OA,addUser:()=>sN,getUserDoc:()=>_A,lookupTenantId:()=>eN,removeUser:()=>oN,updateUserDoc:()=>tN});function Dr(){return Ce(fe.PLATFORM_INFO.name)}s(Dr,"getPlatformDB");async function eN(t){return m.MULTI_TENANCY?(await _A(t)).tenantId:ue}s(eN,"lookupTenantId");async function _A(t){return Dr().get(t)}s(_A,"getUserDoc");async function tN(t){await Dr().put(t)}s(tN,"updateUserDoc");function rN(t,e){return{_id:t,tenantId:e}}s(rN,"newUserIdDoc");function nN(t,e,r){return{_id:e,userId:t,tenantId:r}}s(nN,"newUserEmailDoc");function iN(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(iN,"newUserSsoIdDoc");async function Fp(t,e){let r=Dr(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(Fp,"addUserDoc");async function OA(t,e,r,n){return Fp(t,()=>iN(t,e,r,n))}s(OA,"addSsoUser");async function sN(t,e,r,n){let i=[Fp(e,()=>rN(e,t)),Fp(r,()=>nN(e,r,t))];n&&i.push(OA(n,r,e,t)),await Promise.all(i)}s(sN,"addUser");async function oN(t){let e=Dr(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(oN,"removeUser");var _n={};P(_n,{getAccount:()=>Cr,getAccountByTenantId:()=>hi,getStatus:()=>aN});var IA=B(require("node-fetch"));var An=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Zs.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,IA.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var Bp=new An(m.INTERNAL_ACCOUNT_PORTAL_URL),Wp=m.SELF_HOSTED||m.DISABLE_ACCOUNT_PORTAL,Cr=s(async t=>{if(Wp)return;let e={email:t},r=await Bp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),hi=s(async t=>{if(Wp)return;let e={tenantId:t},r=await Bp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),aN=s(async()=>{if(Wp)return;let t=await Bp.get("/api/status",{headers:{"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var Ai={};P(Ai,{UserDB:()=>vt,addAppBuilder:()=>P0,bulkGetGlobalUsersById:()=>dc,bulkUpdateGlobalUsers:()=>bo,cleanseUserObject:()=>um,creatorsInList:()=>xr,doesUserExist:()=>D0,getAccountHolderFromUsers:()=>lc,getAllUserIds:()=>w0,getAllUsers:()=>R0,getById:()=>wn,getCreatorCount:()=>x0,getExistingAccounts:()=>Si,getExistingPlatformUsers:()=>p_,getExistingTenantUsers:()=>f_,getFirstPlatformUser:()=>Do,getGlobalUserByAppPage:()=>S_,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>oc,getUserCount:()=>b0,hasAdminPermissions:()=>br,hasAppBuilderPermissions:()=>E_,hasBuilderPermissions:()=>Fe,isAdmin:()=>xt,isAdminOrBuilder:()=>h_,isAdminOrWorkspaceBuilder:()=>ac,isBuilder:()=>Ii,isCreatorAsync:()=>Co,isCreatorSync:()=>uc,isGlobalBuilder:()=>m_,paginatedUsers:()=>__,removeAppBuilder:()=>N0,removePortalUserPermissions:()=>v0,searchExistingEmails:()=>nm,searchGlobalUsersByApp:()=>T_,searchGlobalUsersByAppAccess:()=>am,searchGlobalUsersByEmail:()=>A_,validateUniqueUser:()=>cc});var zu={};P(zu,{ActiveContentFileError:()=>qu,BadRequestError:()=>ho,BudibaseError:()=>mo,EmailUnavailableError:()=>Jt,FeatureDisabledError:()=>ju,ForbiddenError:()=>Ku,HTTPError:()=>Me,NotFoundError:()=>Vu,NotImplementedError:()=>Qu,UnexpectedError:()=>$u,UsageLimitError:()=>Hu,getErrorMessage:()=>wA,getPublicError:()=>Yu});var mo=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}};function wA(t){if(t==null)return"No error provided.";if(t instanceof Error)return t.message;if(typeof t=="string")return t;if(typeof t=="object"&&"message"in t)return String(t.message);try{let r=JSON.stringify(t);if(r!=="{}")return r}catch{}let e=String(t);return e!=="[object Object]"?e:"An unknown error occurred"}s(wA,"getErrorMessage");var Yu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),Me=class t extends mo{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.error?.message||u.message,o=u.status??r.status,a=u.error?.code??r.statusText}catch{}return new t(i,o,a)}},$u=class extends Me{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Vu=class extends Me{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},ho=class extends Me{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},qu=class extends ho{static{s(this,"ActiveContentFileError")}constructor(e){super(`File "${e}" contains active content which is not permitted`)}},Ku=class extends Me{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},Qu=class extends Me{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},ju=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},Hu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Jt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var qp={};P(qp,{PASSWORD_MAX_LENGTH:()=>$p,PASSWORD_MIN_LENGTH:()=>Gp,validatePassword:()=>Vp});var Gp=+(m.PASSWORD_MIN_LENGTH||12),$p=+(m.PASSWORD_MAX_LENGTH||512);function Vp(t){return!t||t.length<Gp?{valid:!1,error:`Password invalid. Minimum ${Gp} characters.`}:t.length>$p?{valid:!1,error:`Password invalid. Maximum ${$p} characters.`}:{valid:!0}}s(Vp,"validatePassword");var Ju={};P(Ju,{createASession:()=>uN,endSession:()=>cN,getSession:()=>Qp,getSessionsForUser:()=>Eo,invalidateSessions:()=>On,updateSessionTTL:()=>Kp});var DA=require("uuid");var CA=m.SESSION_EXPIRY_SECONDS?parseInt(m.SESSION_EXPIRY_SECONDS):pe.fromDays(7).toSeconds();function Ei(t,e){return`${t}/${e}`}s(Ei,"makeSessionID");async function Eo(t){return t?(await(await yr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(Eo,"getSessionsForUser");async function On(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await Eo(t)).map(a=>({key:Ei(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:Ei(t,o)}))),i&&i.length>0){let o=await yr(),a=[];for(let u of i)a.push(o.delete(u.key));m.isTest()||fi(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(On,"invalidateSessions");async function uN(t,e){let r=await Eo(t),n=0;if(r.length>=3){let l=r.sort((E,p)=>new Date(E.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(E=>E.sessionId);n=f.length,await On(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await yr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,DA.v4)(),u=Ei(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,CA),{session:c,invalidatedSessionCount:n}}s(uN,"createASession");async function Kp(t){let e=await yr(),r=Ei(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,CA)}s(Kp,"updateSessionTTL");async function cN(t,e){await(await yr()).delete(Ei(t,e))}s(cN,"endSession");async function Qp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await yr()).get(Ei(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Qp,"getSession");var Ti={};P(Ti,{account:()=>GA,action:()=>$A,ai:()=>VA,analytics:()=>Zu,app:()=>qA,asyncEventQueue:()=>Tt,auditLog:()=>KA,auth:()=>sc,automation:()=>QA,backfill:()=>jA,backfillCache:()=>rc,backup:()=>HA,datasource:()=>YA,email:()=>zA,environmentVariable:()=>JA,group:()=>XA,identification:()=>St,initAsyncEvents:()=>f0,installation:()=>Ao,layout:()=>ZA,license:()=>e_,org:()=>t_,plugin:()=>r_,processors:()=>Xp,publishEvent:()=>A,query:()=>n_,resource:()=>i_,role:()=>Ro,rowAction:()=>s_,rows:()=>o_,screen:()=>a_,serve:()=>u_,shutdown:()=>p0,table:()=>c_,user:()=>Be,view:()=>l_,workspace:()=>d_});var Zu={};P(Zu,{enabled:()=>Xu});var Xu=s(async()=>ec(),"enabled");var Tt;function tc(){Tt=new gt("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(tc,"init");async function bA(){Tt&&await Tt.close()}s(bA,"shutdown");async function xA(t){Tt||tc();let{event:e,identity:r}=t;oh.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(xA,"publishAsyncEvent");var rc={};P(rc,{end:()=>dN,isAlreadySent:()=>Yp,isBackfillingEvent:()=>Hp,recordEvent:()=>jp,start:()=>lN});var lN=s(async t=>pN({eventWhitelist:t}),"start"),jp=s(async(t,e)=>{let r=zp(t,e);await zt(r,e,void 0,{useTenancy:!1})},"recordEvent"),dN=s(async()=>{await mN(),await hN()},"end"),fN=s(async()=>yn(ye.BACKFILL_METADATA),"getBackfillMetadata"),pN=s(async t=>zt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),mN=s(async()=>{await ao(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),hN=s(async()=>{let t=zp(),e=await Wu(t);for(let r of e)await ao(r,{useTenancy:!1})},"clearEvents"),Hp=s(async t=>{let r=(await fN())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),Yp=s(async(t,e)=>{let r=zp(t,e);return!!await yn(r,{useTenancy:!1})},"isAlreadySent"),EN={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},zp=s((t,e)=>{let r,n=G();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=EN[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Xp={};P(Xp,{analyticsProcessor:()=>FA,init:()=>CN,processors:()=>Zt});var LA=require("posthog-node");var gN=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),yN=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var PA={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},NA=s(async t=>{if(!gN(t))return!1;let e=await TN(t);if(e){let r=new Date(e.timestamp);switch(PA[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await vA(t,{timestamp:Date.now()}),!1):!0}}else return await vA(t,{timestamp:Date.now()}),!1},"limited"),UA=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return yN(t)&&(e=e+":"+Oe()),e},"eventKey"),TN=s(async t=>{let e=UA(t);return await yn(e)},"readEvent"),vA=s(async(t,e)=>{let r=UA(t),n=PA[t],i;switch(n){case"calendarDay":i=86400}await zt(r,e,i)},"recordEvent");var AN=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated","action:automation_step:executed","action:crud:executed","action:ai_agent:executed"],go=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new LA.PostHog(e)}async processEvent(e,r,n,i){if(AN.includes(e)||await NA(e))return;n=this.clearPIIProperties(n),n.version=m.VERSION,n.service=m.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=Oe();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var kA=go;var _N=["installation:version:upgraded","installation:version:downgraded"],ON=["installation","tenant"],yo=class{static{s(this,"AnalyticsProcessor")}constructor(){m.POSTHOG_TOKEN&&!m.isTest()&&(this.posthog=new kA(m.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!_N.includes(e)&&!await Xu()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!ON.includes(e.type)&&!await Xu()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Jp=m.SELF_HOSTED&&!m.isDev(),To=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Jp||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Jp||console.log("[audit] identified",e)}async identifyGroup(e){Jp||console.log("[audit] group identified",e)}async shutdown(){}};var gi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new gt("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await be(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};m.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&tp(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:Oe(),hostInfo:r.hostInfo},tenantId:G()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var MA=require("uuid");var IN=new An(m.INTERNAL_ACCOUNT_PORTAL_URL),yi=class t{static{s(this,"EventBrokerProcessor")}static init(e){t.getLicenseKeyFn=e}async processEvent(e,r,n,i){if(m.DISABLE_ACCOUNT_PORTAL)return;let o;if(m.SELF_HOSTED){if(!t.getLicenseKeyFn)return;let c=await t.getLicenseKeyFn();if(!c)return;o={"x-budibase-license-key":c}}else o={"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY},r.tenantId&&(o["x-budibase-tenant-id"]=r.tenantId);let a=Oe(),u={id:(0,MA.v4)(),type:e,identity:r,properties:{...n,version:m.VERSION,service:m.SERVICE,environment:r.environment,hosting:r.hosting,...a&&{appId:a},...r.installationId&&{installationId:r.installationId},...r.tenantId&&{tenantId:r.tenantId}},timestamp:i===void 0?Date.now():new Date(i).getTime()};try{let c=await IN.post("/api/v2/analytics/event",{headers:o,body:u});c.ok||console.warn(`[EventBrokerProcessor] unexpected response status: ${c.status}`)}catch(c){console.error(`[EventBrokerProcessor] failed to send event: ${c}`)}}};var So=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var FA=new yo,wN=new To,RN=new gi,DN=new yi;function CN(t,e){return yi.init(e),gi.init(t)}s(CN,"init");var Zt=new So([FA,wN,RN,DN]);var nc={};P(nc,{checkInstallVersion:()=>vN,getInstall:()=>_o,getInstallFromDB:()=>em});var Zp=B(require("semver"));var _o=s(async()=>Rr(ye.INSTALLATION,86400,em,{useTenancy:!1}),"getInstall");async function bN(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:m.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return em();throw r}}s(bN,"createInstallDoc");var em=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await bN(t);else throw r}return e}),"getInstallFromDB"),xN=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await _o();r.version=t,await e.put(r),await pi(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),vN=s(async()=>{let t=await _o(),e=t.version,r=m.VERSION;try{if(e!==r){let n=Zp.default.gt(r,e),i=Zp.default.lt(r,e);await xN(r)&&(await vs({_id:t.installId,type:"installation"},async()=>{n?await Ao.upgraded(e,r):i&&await Ao.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?mn(`Invalid version "${r}" - is it semver?`):mn("Failed to retrieve version",n)}},"checkInstallVersion");var PN=s(async()=>{let t=pf(),e=wo(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await In(),i=Oo();return{id:BA(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await In(),i=await ic(G()),o=Oo();return{id:BA(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:G(),environment:e}}else if(r==="user"){let n=t,i=await ic(G()),o=await In(),a=n.account,u;return a?u=a.hosting:u=Oo(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:G(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),NN=s(async(t,e)=>{let r=t,n="installation",i=Oo(),o=m.VERSION,a=wo(),u={id:r,type:n,hosting:i,version:o,environment:a};await tm(u,e),await Io({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),UN=s(async(t,e,r,n=m.VERSION)=>{let i=await ic(t),o="tenant",a=await In(),u=wo(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await tm(c,r),await Io({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),LN=s(async(t,e,r)=>{let n=t._id,i=await ic(t.tenantId),o="user",a=Fe(t),u=br(t),c;zo(t)&&(c=t.providerType);let d=(await Si([t.email])).length>0,f=!!e&&d&&e.verified,E=await In(),p=e?e.hosting:Oo(),T=wo();await Io({id:n,type:o,hosting:p,installationId:E,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:T},r)},"identifyUser"),kN=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Yo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await In(),l=wo();if(Ho(t)){let f=await At(t.email);f?._id&&(e=f._id)}await Io({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),Io=s(async(t,e)=>{await Zt.identify(t,e)},"identify"),tm=s(async(t,e)=>{await Zt.identifyGroup(t,e)},"identifyGroup"),wo=s(()=>m.isDev()?"development":m.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),Oo=s(()=>m.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),In=s(async()=>MN()?"account-portal":(await _o()).installId,"getInstallationId"),ic=s(async t=>m.SELF_HOSTED?WA(t):t,"getEventTenantId"),WA=s(async t=>be(t,()=>Rr(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=Y(),r=await _i(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=m.VERSION,await e.put(r),n)})),"getUniqueTenantId"),MN=s(()=>m.SERVICE==="account-portal","isAccountPortal"),BA=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:PN,identifyInstallationGroup:NN,identifyTenantGroup:UN,identifyUser:LN,identifyAccount:kN,identify:Io,identifyGroup:tm,getInstallationId:In,getUniqueTenantId:WA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Hp(t))){await xA({event:t,identity:i,properties:e,timestamp:r}),await Zt.processEvent(t,i,e,r);return}await Yp(t,e)||(await Zt.processEvent(t,i,e,r),await jp(t,e))},"publishEvent");async function FN(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(FN,"created");async function BN(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(BN,"deleted");async function WN(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(WN,"verified");var GA={created:FN,deleted:BN,verified:WN};async function GN(t,e){await A("action:automation_step:executed",t,e)}s(GN,"automationStepExecuted");async function $N(t,e){await A("action:crud:executed",t,e)}s($N,"crudExecuted");function VN(t,e){A("action:ai_agent:executed",t,e).catch(r=>{console.error("aiAgentExecuted telemetry failed",{action:t,err:r})})}s(VN,"aiAgentExecuted");var $A={aiAgentExecuted:VN,automationStepExecuted:GN,crudExecuted:$N};function qN(t,e){let r={configId:t._id,audited:{name:t.name}};A("ai:config:created",r,e).catch(n=>{console.error("configCreated telemetry failed",{configId:t._id,err:n})})}s(qN,"configCreated");function KN(t){let e={configId:t._id,audited:{name:t.name}};A("ai:config:updated",e).catch(r=>{console.error("configUpdated telemetry failed",{configId:t._id,err:r})})}s(KN,"configUpdated");function QN(t){let e={configId:t._id,audited:{name:t.name}};A("ai:config:deleted",e).catch(r=>{console.error("configDeleted telemetry failed",{configId:t._id,err:r})})}s(QN,"configDeleted");function jN(t){let e={agentId:t._id,audited:{name:t.name}};A("ai:agent:created",e).catch(r=>{console.error("agentCreated telemetry failed",{agentId:t._id,err:r})})}s(jN,"agentCreated");function HN(t){let e={agentId:t._id,audited:{name:t.name}};A("ai:agent:updated",e).catch(r=>{console.error("agentUpdated telemetry failed",{agentId:t._id,err:r})})}s(HN,"agentUpdated");function YN(t){let e={agentId:t._id,audited:{name:t.name}};A("ai:agent:deleted",e).catch(r=>{console.error("agentDeleted telemetry failed",{agentId:t._id,err:r})})}s(YN,"agentDeleted");var VA={configCreated:qN,configUpdated:KN,configDeleted:QN,agentCreated:jN,agentUpdated:HN,agentDeleted:YN};var zN=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function JN(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(JN,"updated");async function XN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(XN,"deleted");async function ZN(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(ZN,"published");async function eU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(eU,"unpublished");async function tU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(tU,"fileImported");async function rU(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(rU,"duplicated");async function nU(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(nU,"templateImported");async function iU(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(iU,"versionUpdated");async function sU(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(sU,"versionReverted");async function oU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(oU,"reverted");async function aU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(aU,"exported");var qA={created:zN,updated:JN,deleted:XN,published:ZN,unpublished:eU,fileImported:tU,duplicated:rU,templateImported:nU,versionUpdated:iU,versionReverted:sU,reverted:oU,exported:aU};async function uU(t){let e={filters:t};await A("audit_log:filtered",e)}s(uU,"filtered");async function cU(t){let e={filters:t};await A("audit_log:downloaded",e)}s(cU,"downloaded");var KA={filtered:uU,downloaded:cU};async function lU(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(lU,"login");async function dU(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(dU,"logout");async function fU(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(fU,"SSOCreated");async function pU(t){let e={type:t};await A("auth:sso:updated",e)}s(pU,"SSOUpdated");async function mU(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(mU,"SSOActivated");async function hU(t){let e={type:t};await A("auth:sso:deactivated",e)}s(hU,"SSODeactivated");var sc={login:lU,logout:dU,SSOCreated:fU,SSOUpdated:pU,SSOActivated:mU,SSODeactivated:hU};async function EU(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(EU,"created");async function gU(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(gU,"triggerUpdated");async function yU(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(yU,"deleted");async function TU(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(TU,"tested");var SU=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function AU(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(AU,"stepCreated");async function _U(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(_U,"stepDeleted");var QA={created:EU,triggerUpdated:gU,deleted:yU,tested:TU,run:SU,stepCreated:AU,stepDeleted:_U};var Oi=!m.SELF_HOSTED&&!m.isDev();async function OU(t){Oi||await A("app:backfill:succeeded",t)}s(OU,"appSucceeded");async function IU(t){if(Oi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(IU,"appFailed");async function wU(t){Oi||await A("tenant:backfill:succeeded",t)}s(wU,"tenantSucceeded");async function RU(t){if(Oi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(RU,"tenantFailed");async function DU(){if(Oi)return;let t={};await A("installation:backfill:succeeded",t)}s(DU,"installationSucceeded");async function CU(t){if(Oi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(CU,"installationFailed");var jA={appSucceeded:OU,appFailed:IU,tenantSucceeded:wU,tenantFailed:RU,installationSucceeded:DU,installationFailed:CU};async function bU(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(bU,"workspaceBackupRestored");async function xU(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(xU,"workspaceBackupTriggered");var HA={workspaceBackupRestored:bU,workspaceBackupTriggered:xU};function rm(t){return!Object.values(qo).includes(t.source)}s(rm,"isCustom");async function vU(t,e){let r={datasourceId:t._id,source:t.source,custom:rm(t)};await A("datasource:created",r,e)}s(vU,"created");async function PU(t){let e={datasourceId:t._id,source:t.source,custom:rm(t)};await A("datasource:updated",e)}s(PU,"updated");async function NU(t){let e={datasourceId:t._id,source:t.source,custom:rm(t)};await A("datasource:deleted",e)}s(NU,"deleted");var YA={created:vU,updated:PU,deleted:NU};async function UU(t){let e={};await A("email:smtp:created",e,t)}s(UU,"SMTPCreated");async function LU(){let t={};await A("email:smtp:updated",t)}s(LU,"SMTPUpdated");var zA={SMTPCreated:UU,SMTPUpdated:LU};async function kU(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(kU,"created");async function MU(t){let e={name:t};await A("environment_variable:deleted",e)}s(MU,"deleted");async function FU(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(FU,"upgradePanelOpened");var JA={created:kU,deleted:MU,upgradePanelOpened:FU};async function BU(t,e){let r={groupId:t._id,viaScim:Et(),audited:{name:t.name}};await A("user_group:created",r,e)}s(BU,"created");async function WU(t){let e={groupId:t._id,viaScim:Et(),audited:{name:t.name}};await A("user_group:updated",e)}s(WU,"updated");async function GU(t){let e={groupId:t._id,viaScim:Et(),audited:{name:t.name}};await A("user_group:deleted",e)}s(GU,"deleted");async function $U(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:Et(),audited:{name:e.name}};await A("user_group:user_added",n)}s($U,"usersAdded");async function VU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:Et(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(VU,"usersDeleted");async function qU(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(qU,"createdOnboarding");async function KU(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(KU,"permissionsEdited");var XA={created:BU,updated:WU,deleted:GU,usersAdded:$U,usersDeleted:VU,createdOnboarding:qU,permissionsEdited:KU};async function QU(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(QU,"versionChecked");async function jU(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(jU,"upgraded");async function HU(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(HU,"downgraded");async function YU(){let t={};await A("installation:firstStartup",t)}s(YU,"firstStartup");var Ao={versionChecked:QU,upgraded:jU,downgraded:HU,firstStartup:YU};async function zU(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(zU,"created");async function JU(t){let e={layoutId:t};await A("layout:deleted",e)}s(JU,"deleted");var ZA={created:zU,deleted:JU};async function XU(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(XU,"planChanged");async function ZU(t){let e={accountId:t.accountId};await A("license:activated",e)}s(ZU,"activated");async function eL(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(eL,"checkoutOpened");async function tL(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(tL,"checkoutSuccess");async function rL(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(rL,"portalOpened");async function nL(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(nL,"paymentFailed");async function iL(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(iL,"paymentRecovered");var e_={planChanged:XU,activated:ZU,checkoutOpened:eL,checkoutSuccess:tL,portalOpened:rL,paymentFailed:nL,paymentRecovered:iL};async function sL(t){let e={};await A("org:info:name:updated",e,t)}s(sL,"nameUpdated");async function oL(t){let e={};await A("org:info:logo:updated",e,t)}s(oL,"logoUpdated");async function aL(t){let e={};await A("org:platformurl:updated",e,t)}s(aL,"platformURLUpdated");async function uL(){let t={};await A("analytics:opt:out",t)}s(uL,"analyticsOptOut");async function cL(){let t={};await A("analytics:opt:out",t)}s(cL,"analyticsOptIn");var t_={nameUpdated:sL,logoUpdated:oL,platformURLUpdated:aL,analyticsOptOut:uL,analyticsOptIn:cL};async function lL(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(lL,"init");async function dL(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(dL,"imported");async function fL(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(fL,"deleted");var r_={init:lL,imported:dL,deleted:fL};var pL=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),mL=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),hL=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),EL=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),gL=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),yL=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),n_={created:pL,updated:mL,deleted:hL,imported:EL,run:gL,previewed:yL};async function TL({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(TL,"duplicatedToWorkspace");var i_={duplicatedToWorkspace:TL};async function SL(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(SL,"created");async function AL(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(AL,"updated");async function _L(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(_L,"deleted");async function OL(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(OL,"assigned");async function IL(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(IL,"unassigned");var Ro={created:SL,updated:AL,deleted:_L,assigned:OL,unassigned:IL};async function wL(t,e){await A("row_action:created",t,e)}s(wL,"created");var s_={created:wL};var RL=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),DL=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),o_={created:RL,imported:DL};async function CL(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(CL,"created");async function bL(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(bL,"deleted");var a_={created:CL,deleted:bL};async function xL(t){let e={timezone:t};await A("served:builder",e)}s(xL,"servedBuilder");async function vL(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(vL,"servedApp");async function PL(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(PL,"servedAppPreview");var u_={servedBuilder:xL,servedApp:vL,servedAppPreview:PL};async function NL(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(NL,"created");async function UL(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(UL,"updated");async function LL(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(LL,"deleted");async function kL(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(kL,"exported");async function ML(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(ML,"imported");var c_={created:NL,updated:UL,deleted:LL,exported:kL,imported:ML};async function FL(t,e){let r={userId:t._id,viaScim:Et(),audited:{email:t.email}};await A("user:created",r,e)}s(FL,"created");async function BL(t){let e={userId:t._id,viaScim:Et(),audited:{email:t.email}};await A("user:updated",e)}s(BL,"updated");async function WL(t){let e={userId:t._id,viaScim:Et(),audited:{email:t.email}};await A("user:deleted",e)}s(WL,"deleted");async function GL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(GL,"permissionAdminAssigned");async function $L(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s($L,"permissionAdminRemoved");async function VL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(VL,"permissionBuilderAssigned");async function qL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(qL,"permissionBuilderRemoved");async function KL(t){let e={audited:{email:t}};await A("user:invited",e)}s(KL,"invited");async function QL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(QL,"inviteAccepted");async function jL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(jL,"passwordForceReset");async function HL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(HL,"passwordUpdated");async function YL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(YL,"passwordResetRequested");async function zL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(zL,"passwordReset");async function JL(t){let e={users:t};await A("user:data:collaboration",e)}s(JL,"dataCollaboration");var Be={created:FL,updated:BL,deleted:WL,permissionAdminAssigned:GL,permissionAdminRemoved:$L,permissionBuilderAssigned:VL,permissionBuilderRemoved:qL,invited:KL,inviteAccepted:QL,passwordForceReset:jL,passwordUpdated:HL,passwordResetRequested:YL,passwordReset:zL,dataCollaboration:JL};async function XL(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(XL,"created");async function ZL(t){let e={tableId:t.tableId};await A("view:updated",e)}s(ZL,"updated");async function e0(t,e){let r={...Le.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(e0,"deleted");async function t0(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(t0,"exported");async function r0({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(r0,"filterCreated");async function n0({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(n0,"filterUpdated");async function i0(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(i0,"filterDeleted");async function s0({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(s0,"calculationCreated");async function o0(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(o0,"calculationUpdated");async function a0(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(a0,"calculationDeleted");async function u0(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(u0,"viewJoinCreated");var l_={created:XL,updated:ZL,deleted:e0,exported:t0,filterCreated:r0,filterUpdated:n0,filterDeleted:i0,calculationCreated:s0,calculationUpdated:o0,calculationDeleted:a0,viewJoinCreated:u0};async function c0(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};A("workspace_app:created",r).catch(n=>{console.error("appCreated telemetry failed",{workspaceAppId:t._id,err:n})})}s(c0,"appCreated");async function l0(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};A("workspace_app:updated",r).catch(n=>{console.error("appUpdated telemetry failed",{workspaceAppId:t._id,err:n})})}s(l0,"appUpdated");async function d0(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};A("workspace_app:deleted",r).catch(n=>{console.error("appDeleted telemetry failed",{workspaceAppId:t._id,err:n})})}s(d0,"appDeleted");var d_={appCreated:c0,appUpdated:l0,appDeleted:d0};function f0(){}s(f0,"initAsyncEvents");var p0=s(async()=>{await Zt.shutdown(),console.log("Events shutdown")},"shutdown");var im={};P(im,{creatorsInList:()=>xr,getAccountHolderFromUsers:()=>lc,hasAdminPermissions:()=>br,hasAppBuilderPermissions:()=>E_,hasBuilderPermissions:()=>Fe,isAdmin:()=>xt,isAdminOrBuilder:()=>h_,isAdminOrWorkspaceBuilder:()=>ac,isBuilder:()=>Ii,isCreatorAsync:()=>Co,isCreatorSync:()=>uc,isGlobalBuilder:()=>m_,validateUniqueUser:()=>cc});async function nm(t){let e=[],r=await f_(t);e.push(...r.map(a=>a.email));let n=await p_(t);e.push(...n.map(a=>a._id));let i=await Si(t);e.push(...i.map(a=>a.email));let o=await Lp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(nm,"searchExistingEmails");async function oc(t){return await qs("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(oc,"getPlatformUsers");async function Do(t){return(await oc(t))[0]??null}s(Do,"getFirstPlatformUser");async function f_(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Kt("by_email2",r,void 0,n)}s(f_,"getExistingTenantUsers");async function p_(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await qs("platform_users_lowercase_2",r)}s(p_,"getExistingPlatformUsers");async function Si(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await qs("account_by_email",r)}s(Si,"getExistingAccounts");var Ii=ke.users.isBuilder,xt=ke.users.isAdmin,m_=ke.users.isGlobalBuilder,h_=ke.users.isAdminOrBuilder,br=ke.users.hasAdminPermissions,Fe=ke.users.hasBuilderPermissions,E_=ke.users.hasAppBuilderPermissions,ac=ke.users.isAdminOrWorkspaceBuilder;async function xr(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await Y().getMultiple(r,{allowMissing:!0}),t.map(i=>uc(i,e))}s(xr,"creatorsInList");async function Co(t){let e=[];return t.userGroups&&(e=await Y().getMultiple(t.userGroups)),uc(t,e)}s(Co,"isCreatorAsync");function uc(t,e){let r=ke.users.isCreator(t);return!r&&t?m0(t,e):r}s(uc,"isCreatorSync");function m0(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(m0,"isCreatorByGroupMembership");async function cc(t,e){if(m.MULTI_TENANCY){let r=await Do(t);if(r!=null&&r.tenantId!==e)throw new Jt(t)}if(!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let r=await Cr(t);if(r&&r.verified&&r.tenantId!==e)throw new Jt(t)}}s(cc,"validateUniqueUser");async function lc(t){if(!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let e=await Si(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(lc,"getAccountHolderFromUsers");var sm=s(async t=>{await Be.deleted(t),Fe(t)&&await Be.permissionBuilderRemoved(t),br(t)&&await Be.permissionAdminRemoved(t)},"handleDeleteEvents"),h0=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await Ro.assigned(t,i)},"assignAppRoleEvents"),E0=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await Ro.unassigned(t,i)},"unassignAppRoleEvents"),g0=s(async(t,e)=>{let r=t.roles,n=e?.roles;await h0(t,r,n),await E0(t,r,n)},"handleAppRoleEvents"),om=s(async(t,e,r)=>{let n=r;!n&&!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL&&(n=await hi(G())),await St.identifyUser(t,n),e?(await Be.updated(t),T0(t,e)&&await Be.permissionBuilderRemoved(t),A0(t,e)&&await Be.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Be.passwordForceReset(t),t.password!==e.password&&await Be.passwordUpdated(t)):await Be.created(t),y0(t,e)&&await Be.permissionBuilderAssigned(t),S0(t,e)&&await Be.permissionAdminAssigned(t),await g0(t,e)},"handleSaveEvents"),y0=s((t,e)=>g_(t,e,Fe),"isAddingBuilder"),T0=s((t,e)=>y_(t,e,Fe),"isRemovingBuilder"),S0=s((t,e)=>g_(t,e,br),"isAddingAdmin"),A0=s((t,e)=>y_(t,e,br),"isRemovingAdmin"),g_=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),y_=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var O0=s(async t=>{let e=t._id;await yt.removeUser(t),await sm(t),await vr.invalidateUser(e),await On(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),vt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return m.ENABLE_SSO_MAINTENANCE_MODE&&xt(e)?!1:await t.features.isSSOEnforced()||zo(e)?!0:(r||(r=await hi(G())),!!(r&&r.email===e.email&&Yo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new Me("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Vp(a);if(!f.valid)throw new Me(f.error,400)}c=r.hashPassword?await df(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ii();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await Y().allDocs(cn(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByWorkspace(e){if(typeof e!="string"||!e)throw new Error("Must provide a string based workspace ID");return{userCount:(await Ks("by_app",si(e,{include_docs:!1}))).rows.length}}static async getUsersByAppAccess(e){return await am(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await wn(e);return r&&delete r.password,r}static async bulkGet(e){return await dc(e)}static async bulkUpdate(e){return await bo(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=G(),i=Y(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await wn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(g){if(g.status!==404)throw g}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Jt(o);let d=!l,f=!!l&&!!o&&l.email!==o,E=!r.isAccountHolder&&!!o&&(d||f),p=[...u];if(d&&p.length===0){let g=await t.groups.getDefaultGroup?.();g?._id&&(p=[g._id])}let T=1,h=0;if((r.isAccountHolder||l)&&(T=0,h=1),l){let[g,y]=await xr([l,e]);h=g!==y?1:0}else if(!r.isAccountHolder){let g=p.length>0?{...e,userGroups:p}:e;h=(await xr([g]))[0]?1:0}return t.quotas.addUsers(T,h,async()=>{E&&await cc(o,n);let g=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(g=um(g,l)),!l&&c?.length&&(g.roles={...c});let y=[];if(d){p.length>0&&(g.userGroups=p);for(let I of p)y.push(t.groups.addUsers(I,[g._id]))}try{let I=await i.put(g);return g._rev=I.rev,await om(g,l),l&&g.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,g._id,g.email,g.ssoId),await vr.invalidateUser(I.id),await Promise.all(y),i.get(g._id)}catch(I){throw I.status===409?"User exists already":I}})}static async bulkCreate(e,r){let n=G(),i=[],o=[],a=[],u=e.map(T=>T.email),c=await nm(u),l=[],d=!!r?.length,f=d?[...r]:[];if(!d){let T=await t.groups.getDefaultGroup?.();T?._id&&(f=[T._id])}for(let T of e){let h=o.find(y=>y.email.toLowerCase()===T.email.toLowerCase()),g=c.includes(T.email.toLowerCase());if(h||g){l.push({email:T.email,reason:"Unavailable"});continue}T.userGroups=[...f],o.push(T),await Co(T)&&a.push(T)}let E=await hi(n),p=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let g of o)p&&delete g.password,i.push(t.buildUser(g,{hashPassword:!0,requirePassword:!p},n,void 0,E));let T=await Promise.all(i);await bo(T);for(let g of T)await yt.addUser(n,g._id,g.email),await om(g,void 0,E);let h=T.map(g=>({_id:g._id,email:g.email}));if(Array.isArray(h)&&f.length){let g=[],y=h.map(I=>I._id);for(let I of f)g.push(t.groups.addUsers(I,y));await Promise.all(g)}return{successful:h,unsuccessful:l}})}static async bulkDelete(e){let r=Y(),n={successful:[],unsuccessful:[]},i=await lc(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await bo(u),d=(await xr(a)).filter(p=>p).length,f=[];for(let p of a){let h=(await Do(p._id)).ssoId;h&&(await oc(h)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await O0(p)}await Dr().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let E={};return a.reduce((p,T)=>(p[T._id]=T,p),E),c.forEach(p=>{let T=E[p.id].email;p.ok?n.successful.push({_id:p.id,email:T}):n.unsuccessful.push({_id:p.id,email:T,reason:"Database error"})}),n}static async destroy(e){let r=Y(),n=await r.get(e),i=n._id;if(!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await Cr(a))throw n.userId===$t()._id?new Me('Please visit "Account" to delete this user',400):new Me("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await Co(n)?1:0;await t.quotas.removeUsers(1,o),await sm(n),await vr.invalidateUser(i),await On(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await pi(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function vo(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(vo,"removeUserPassword");async function dc(t,e){let n=(await Y().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=vo(n)),n}s(dc,"bulkGetGlobalUsersById");async function w0(){let t=Y(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`})).rows.map(n=>n.id)}s(w0,"getAllUserIds");async function R0(){let t=Y(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`,include_docs:!0})).rows.map(n=>n.doc)}s(R0,"getAllUsers");async function bo(t){return await Y().bulkDocs(t)}s(bo,"bulkUpdateGlobalUsers");async function wn(t,e){let n=await Y().get(t);return e?.cleanup&&(n=vo(n)),n}s(wn,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Kt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=vo(n)),n}s(At,"getGlobalUserByEmail");async function D0(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(D0,"doesUserExist");async function T_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=si(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Kt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=vo(o)),o}s(T_,"searchGlobalUsersByApp");async function am(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await Y().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(am,"searchGlobalUsersByAppAccess");function S_(t,e){if(e)return Tu(He(t),e._id)}s(S_,"getGlobalUserByAppPage");async function A_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Kt("by_email2",{...e,startkey:i,endkey:`${n}${Pe}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=vo(a)),a}s(A_,"searchGlobalUsersByEmail");var C0=8;async function __({bookmark:t,query:e,appId:r,limit:n}={}){let i=Y(),o=n??C0,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await wn(e.equal._id)]:r?(c=await T_(r,u),d=s(f=>S_(r,f),"getKey")):e?.string?.email?(c=await A_(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await dc(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(cn(null,{...u,limit:void 0}))).rows.map(E=>E.doc),c=mr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(cn(null,u))).rows.map(E=>E.doc),jf(c,o,{paginate:!0,property:l,getKey:d})}s(__,"paginatedUsers");async function b0(){return(await Ks("by_email2",{limit:0,include_docs:!1})).total_rows}s(b0,"getUserCount");async function x0(){let t=0;async function e(r){let n=await __({bookmark:r}),i=await xr(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(x0,"getCreatorCount");function v0(t){return delete t.admin,delete t.builder,t}s(v0,"removePortalUserPermissions");function um(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(um,"cleanseUserObject");async function P0(t,e){let r=He(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await vt.save(t,{hashPassword:!1})}s(P0,"addAppBuilder");async function N0(t,e){let r=He(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await vt.save(t,{hashPassword:!1})}s(N0,"removeAppBuilder");var O_=3600;async function U0(t,e){let n=await Xf(e).get(t);if(n.budibaseAccess=!0,!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let i=await Cr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(U0,"populateFromDB");async function L0(t){let e=await vt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let o=await Cr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(L0,"populateUsersFromDB");async function Po({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=U0),!e)try{e=G()}catch{e=await yt.lookupTenantId(t)}let i=await Ms(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,O_)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!ke.users.isGlobalBuilder(o)&&await be(e,async()=>{let a=await vt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(Po,"getUser");async function k0(t){let e=await Ms(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await L0(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,O_);i.push(...a.users)}return{users:i,notFoundIds:o}}s(k0,"getUsers");async function No(t){await(await Ms()).delete(t)}s(No,"invalidateUser");var fm={};P(fm,{Writethrough:()=>lm});var I_=1e4,cm=null;async function fc(){if(!cm){let t=await Wf();cm=new hn(t)}return cm}s(fc,"getCache");function Uo(t,e){return t.name+e}s(Uo,"makeCacheKey");function dm(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(dm,"makeCacheItem");async function M0(t,e,r=I_){let n=await fc(),i=e._id,o;i&&(o=await n.get(Uo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await co({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;fi("Ignoring conflict in write-through cache")}})).executed||fi("Ignoring redlock conflict in write-through cache")),o=dm(u,a?null:o?.lastWrite),u._id&&await n.store(Uo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(M0,"put");async function F0(t,e){let r=await fc(),n=Uo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=dm(o),await r.store(n,i)}return i.doc}s(F0,"get");async function B0(t,e){let r=await fc(),n=Uo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=dm(o),await r.store(n,i)}return i.doc}s(B0,"tryGet");async function W0(t,e,r){let n=await fc();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(Uo(t,i))}finally{await t.remove(i,r)}}s(W0,"remove");var lm=class{static{s(this,"Writethrough")}constructor(e,r=I_){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return M0(this.db,e,r)}async get(e){return F0(this.db,e)}async tryGet(e){return B0(this.db,e)}async remove(e,r){return W0(this.db,e,r)}};function Lo(t){return`config${D}${t}`}s(Lo,"generateConfigID");var pc="en";function G0(){return{_id:Lo("translations"),type:"translations",config:{defaultLocale:pc,locales:{[pc]:{label:"English",overrides:{}}}}}}s(G0,"createDefaultTranslationsConfig");function $0(t){let e=t?.defaultLocale||pc,r={...t?.locales??{}};r[e]||(r[e]={label:e===pc?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s($0,"prepareTranslationsConfig");async function We(t){let e=Y();try{return await e.get(Lo(t))}catch(r){if(r.status===404)return;throw r}}s(We,"getConfig");async function V0(t){return t._id||(t._id=Lo(t.type)),Y().put(t)}s(V0,"save");async function w_(){let t=await We("translations");return t?(t.config=$0(t.config),t):G0()}s(w_,"getTranslationsConfigDoc");async function q0(){return(await w_()).config}s(q0,"getTranslationsConfig");async function _i(){let t=await We("settings");return t||(t={_id:Lo("settings"),type:"settings",config:{}}),t.config.platformUrl=await ko({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await ec({config:t.config}),t}s(_i,"getSettingsConfigDoc");async function mm(){return(await _i()).config}s(mm,"getSettingsConfig");async function ko(t={tenantAware:!0}){let e=m.PLATFORM_URL||"http://localhost:10000";if(!m.SELF_HOSTED&&m.MULTI_TENANCY&&t.tenantAware){let r=G();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(m.SELF_HOSTED){let r=t?.config?t.config:(await We("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(ko,"getPlatformUrl");var ec=s(async t=>{if(!m.SELF_HOSTED)return!!m.ENABLE_ANALYTICS;let e=await Rr(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await We("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=m.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function K0(){return await We("google")}s(K0,"getGoogleConfigDoc");async function hc(){return(await K0())?.config}s(hc,"getGoogleConfig");async function hm(){if(!m.SELF_HOSTED)return pm();let t=await hc();return(!t||!t.activated)&&(t=pm()),t}s(hm,"getGoogleDatasourceConfig");function pm(){if(m.GOOGLE_CLIENT_ID&&m.GOOGLE_CLIENT_SECRET)return{clientID:m.GOOGLE_CLIENT_ID,clientSecret:m.GOOGLE_CLIENT_SECRET,activated:!0}}s(pm,"getDefaultGoogleConfig");async function Q0(){return We("logos_oidc")}s(Q0,"getOIDCLogosDoc");async function j0(){return We("oidc")}s(j0,"getOIDCConfigDoc");async function H0(){let t=(await j0())?.config;return t?.configs&&t.configs[0]}s(H0,"getOIDCConfig");async function Em(t){let e=(await We("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(Em,"getOIDCConfigById");async function R_(){return We("smtp")}s(R_,"getSMTPConfigDoc");async function Y0(t){let e=await R_();if(e)return e.config;let r=m.SELF_HOSTED||!t;if(m.SMTP_FALLBACK_ENABLED&&r)return{port:m.SMTP_PORT,host:m.SMTP_HOST,secure:!1,from:m.SMTP_FROM_ADDRESS,auth:{user:m.SMTP_USER,pass:m.SMTP_PASSWORD},fallback:!0}}s(Y0,"getSMTPConfig");async function z0(){return(await We("scim"))?.config}s(z0,"getSCIMConfig");async function J0(){return We("recaptcha")}s(J0,"getRecaptchaConfig");var Rm={};P(Rm,{AccessController:()=>Tm,BUILTIN_ROLE_IDS:()=>Sm,Role:()=>Pr,RoleHierarchyTraversal:()=>Ec,RoleIDVersion:()=>Am,builtinRoleToNumber:()=>Mo,checkForRoleResourceArray:()=>x_,externalRole:()=>nk,findRole:()=>Fo,getAllRoleIds:()=>ak,getAllRoles:()=>wm,getBuiltinRole:()=>C_,getBuiltinRoles:()=>Om,getDBRoleID:()=>v_,getExternalRoleID:()=>Nr,getExternalRoleIDs:()=>P_,getRole:()=>ik,getUserRoleHierarchy:()=>Im,getUserRoleIdHierarchy:()=>b_,isBuiltin:()=>Ur,lowerBuiltinRoleID:()=>rk,prefixRoleIDNoBuiltin:()=>ym,roleIDsAreEqual:()=>Ye,roleToNumber:()=>tk,saveRoles:()=>sk,validInherits:()=>ek});var D_=require("lodash"),gc=B(require("lodash/fp/cloneDeep")),gm=B(require("semver"));var Sm={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},re={...Sm,BUILDER:"BUILDER"},Am={UUID:void 0,NAME:"name"};function Z0(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(Z0,"rolesInList");var Pr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=Am.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=ym(e):e&&Array.isArray(e)&&(e=e.map(ym)),this.inherits=e,this}},Ec=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Fo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!Z0(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Fo(a.inherits,n,r),a&&i.push(a),Le.roles.checkForRoleInheritanceLoops(i))break}}return(0,D_.uniqBy)(i,o=>o._id)}},_m={ADMIN:new Pr(re.ADMIN,re.ADMIN,"admin",{displayName:"Admin user",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(re.POWER),POWER:new Pr(re.POWER,re.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(re.BASIC),BASIC:new Pr(re.BASIC,re.BASIC,"write",{displayName:"Basic user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(re.PUBLIC),PUBLIC:new Pr(re.PUBLIC,re.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Pr(re.BUILDER,re.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Om(){return(0,gc.default)(_m)}s(Om,"getBuiltinRoles");function Ur(t){return Object.values(Sm).includes(t)}s(Ur,"isBuiltin");function ym(t){return Ur(t)?t:Vt(t)}s(ym,"prefixRoleIDNoBuiltin");function C_(t){let e=Object.values(_m).find(r=>t.includes(r._id));if(e)return(0,gc.default)(e)}s(C_,"getBuiltinRole");function ek(t,e){if(!e)return!1;let r=s(n=>t.find(i=>Ye(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(ek,"validInherits");function Mo(t){let e=Om(),r=Object.values(e).length+1;if(Ye(t,re.ADMIN)||Ye(t,re.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Mo,"builtinRoleToNumber");async function tk(t){if(Ur(t))return Mo(t);let e=await Im(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>Ye(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(Ur(n.inherits))return Mo(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(tk,"roleToNumber");function rk(t,e){return t?e&&Mo(t)>Mo(e)?e:t:e}s(rk,"lowerBuiltinRoleID");function Ye(t,e){return Vt(t)===Vt(e)}s(Ye,"roleIDsAreEqual");function nk(t){let e;return t._id&&(e=Nr(t._id)),{...t,_id:e,inherits:P_(t.inherits,t.version)}}s(nk,"externalRole");function Fo(t,e,r){let n=C_(t);n||(t=Vt(t));let i=e.find(o=>o._id&&Ye(o._id,t));return!i&&!Ur(t)&&r?.defaultPublic?(0,gc.default)(_m.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=Nr(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Fo,"findRole");async function ik(t,e){let r=ri(),n=[];if(!Ur(t)){let i=await r.tryGet(v_(t));i&&n.push(i)}return Fo(t,n,e)}s(ik,"getRole");async function sk(t){await ri().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:Vt(r._id)})))}s(sk,"saveRoles");async function ok(t,e){let r=await wm();if(Ye(t,re.ADMIN))return r;let n=Fo(t,r,e),i=[];return n&&(i=new Ec(r,e).walk(n)),i}s(ok,"getAllUserRoles");async function b_(t){return(await Im(t)).map(r=>r._id)}s(b_,"getUserRoleIdHierarchy");async function Im(t,e){return ok(t,e)}s(Im,"getUserRoleHierarchy");function x_(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(x_,"checkForRoleResourceArray");async function ak(t){return(await wm(t)).map(r=>r._id)}s(ak,"getAllRoleIds");async function wm(t){if(t)return je(t,e);{let r;try{r=ri()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(Su(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=Nr(u._id,u.version)));let i=Om(),o=[];!r||await uk(r)?o=[re.ADMIN,re.POWER,re.BASIC,re.PUBLIC]:o=[re.ADMIN,re.BASIC,re.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>Ye(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=Nr(u._id,c.version),n.push({...u,...c,name:u.name,_id:Nr(u._id,u.version),uiMetadata:{...c.uiMetadata,...u.uiMetadata}}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=x_(a.permissions,u);return n}s(e,"internal")}s(wm,"getAllRoles");async function uk(t){if(await ck(t))return!0;let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!gm.default.valid(r)?!0:!gm.default.gte(r,m.MIN_VERSION_WITHOUT_POWER_ROLE)}s(uk,"shouldIncludePowerRole");async function ck(t){let r=(await t.tryGet("ta_users"))?.schema?.roleId?.constraints?.inclusion;return!Array.isArray(r)||!r.some(i=>Ye(i,re.POWER))?!1:r.some(i=>!Ur(i))}s(ck,"hasLegacyPowerRole");var Tm=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||Ye(e,re.BUILDER)||Ye(r,e)||Ye(r,re.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await b_(r),this.userHierarchies[r]=n),n?.find(i=>Ye(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function v_(t){return t?.startsWith("role")?t:Vt(t)}s(v_,"getDBRoleID");function Nr(t,e){if(t.startsWith(`role${D}`)&&(Ur(t)||e===Am.NAME)){let r=t.split(D);return r.shift(),r.join(D)}return t}s(Nr,"getExternalRoleID");function P_(t,e){return t&&(typeof t=="string"?Nr(t,e):t.map(r=>Nr(r,e)))}s(P_,"getExternalRoleIDs");var Dm={};P(Dm,{BUILDER:()=>mk,BUILTIN_PERMISSIONS:()=>yc,CREATOR:()=>hk,GLOBAL_BUILDER:()=>Ek,PermissionImpl:()=>se,PermissionLevel:()=>Pi,PermissionType:()=>jo,doesHaveBasePermission:()=>fk,getAllowedLevels:()=>k_,getBuiltinPermissionByID:()=>dk,getBuiltinPermissions:()=>lk,isPermissionLevelHigherThanRead:()=>pk,levelToNumber:()=>L_});var N_=B(require("lodash/flatten")),U_=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function L_(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(L_,"levelToNumber");function k_(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(k_,"getAllowedLevels");var yc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function lk(){return(0,U_.default)(yc)}s(lk,"getBuiltinPermissions");function dk(t){return Object.values(yc).find(r=>r._id===t)}s(dk,"getBuiltinPermissionByID");function fk(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(yc),o=(0,N_.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&k_(a.level).indexOf(e)!==-1)return!0;return!1}s(fk,"doesHaveBasePermission");function pk(t){return L_(t)>1}s(pk,"isPermissionLevelHigherThanRead");var mk="builder",hk="creator",Ek="globalBuilder";var xm={};P(xm,{FlagSet:()=>Sc,all:()=>Ak,flags:()=>Cm,getEnvFlags:()=>W_,init:()=>gk,isEnabled:()=>Sk,parseEnvFlags:()=>_c,shutdown:()=>yk,testutils:()=>bm});var Ac=B(require("crypto")),M_=B(require("dd-trace")),F_=require("lodash"),B_=require("posthog-node");var Tc;function gk(t){m.POSTHOG_TOKEN&&m.POSTHOG_API_HOST&&!m.SELF_HOSTED&&m.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),Tc=new B_.PostHog(m.POSTHOG_TOKEN,{host:m.POSTHOG_API_HOST,personalApiKey:m.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:pe.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(gk,"init");function yk(){Tc?.shutdown()}s(yk,"shutdown");function _c(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(_c,"parseEnvFlags");function W_(){return _c(m.TENANT_FEATURE_FLAGS||"")}s(W_,"getEnvFlags");var Sc=class{constructor(e){this.flagSchema=e;this.setId=Ac.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,F_.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await M_.default.trace("features.fetch",async e=>{let r=Uf(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=G(),a=new Set;if(su())return i;for(let{tenantId:f,key:E,value:p}of W_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(E),!!this.isFlagName(E))){if(typeof i[E]!="boolean")throw new Error(`Feature: ${E} is not a boolean`);i[E]=p,n[`flags.${E}.source`]="environment"}let u=$t(),c=u?._id;if(!c){let f=Pf();f&&(c=Ac.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,Tc&&c){n.readFromPostHog=!0;let f=await _i(),E={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let T=await Tc.getAllFlags(c,{personProperties:E,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[h,g]of Object.entries(T))if(this.isFlagName(h)){if(typeof g!="boolean"){console.warn(`Invalid value for posthog flag "${h}": ${g}`);continue}if(!(i[h]===!0||a.has(h)))try{i[h]=g,n[`flags.${h}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${h}": ${g}`,y)}}}let d=kf();for(let[f,E]of Object.entries(d))this.isFlagName(f)&&typeof E=="boolean"&&(i[f]=E,n[`flags.${f}.source`]="override");Lf(this.setId,i);for(let[f,E]of Object.entries(i))n[`flags.${f}.value`]=E;return e?.addTags(n),i})}},Tk={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!0,AI_RAG:!1,AI_RAG_SHAREPOINT:!1,AI_AGENT_INSTRUCTIONS:!1,DEBUG_UI:m.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1},Cm=new Sc(Tk);async function Sk(t){return await Cm.isEnabled(t)}s(Sk,"isEnabled");async function Ak(){return await Cm.fetch()}s(Ak,"all");var bm={};P(bm,{setFeatureFlags:()=>G_,withFeatureFlags:()=>Ik});function _k(){let t={};for(let{tenantId:e,key:r,value:n}of _c(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(_k,"getCurrentFlags");function Ok(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(Ok,"buildFlagString");function G_(t,e){let r=_k();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=Ok(r);return bs({TENANT_FEATURE_FLAGS:n})}s(G_,"setFeatureFlags");function Ik(t,e,r){let n=G_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(Ik,"withFeatureFlags");var $m={};P($m,{adminOnly:()=>Oc,auditLog:()=>Ic,authError:()=>Ie,buildAuthMiddleware:()=>cM,buildCsrfMiddleware:()=>dM,buildTenancyMiddleware:()=>lM,builderOnly:()=>Nc,builderOrAdmin:()=>Uc,google:()=>rr,internalApi:()=>kc,joiValidator:()=>Bo,oidc:()=>nr,passport:()=>fM,platformLogout:()=>gM,refreshOAuthToken:()=>hM,ssoCallbackUrl:()=>kr,updateUserOAuth:()=>EM,workspaceBuilderOrAdmin:()=>Bc});var Gm={};P(Gm,{activeTenant:()=>fO,adminOnly:()=>Oc,auditLog:()=>Ic,authError:()=>Ie,authenticated:()=>Pc,builderOnly:()=>Nc,builderOrAdmin:()=>Uc,correlation:()=>V_,csp:()=>Z_,csrf:()=>Lc,datasource:()=>aM,errorHandling:()=>tO,featureFlagCookie:()=>rO,google:()=>rr,internalApi:()=>kc,ip:()=>nO,joiValidator:()=>Bo,local:()=>Ri,oidc:()=>nr,pino:()=>q_,querystringToBody:()=>dO,ssoCallbackUrl:()=>kr,tenancy:()=>Fc,workspaceBuilderOrAdmin:()=>Bc});var $_=require("uuid");var wk=require("correlation-id"),V_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,$_.v4)()),wk.withId(r,()=>e())},"correlationMiddleware");var Rk=require("koa-pino-logger"),Dk=require("correlation-id");function Ck(){return{logger:Mu,genReqId:Dk.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(Ck,"pinoSettings");function bk(){return m.HTTP_LOGGING?Rk(Ck()):(t,e)=>e()}s(bk,"getMiddleware");var q_=bk();var Oc=s(async(t,e)=>(!t.internal&&!xt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var Ic=s(async(t,e)=>e(),"auditLog");var xk=/\/:(.*?)(\/.*)?$/g,er=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(xk);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(`^${r}`),method:n,route:r}}):[],"buildMatcherRegex"),tr=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.path),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var Lm={};P(Lm,{SecretOption:()=>j_,compare:()=>Uk,decrypt:()=>Cc,decryptFile:()=>Mk,encrypt:()=>Nk,encryptFile:()=>Lk,getSecret:()=>Um});var Pt=B(require("crypto")),Lr=B(require("fs")),vm=require("path"),Pm=B(require("zlib"));var wc="aes-256-ctr",Q_="-",vk=1e4,Pk=32,Rc=16,Nm=16,j_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(j_||{});function Um(t){let e,r;switch(t){case"encryption":e=m.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=m.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(Um,"getSecret");function Dc(t,e){return Pt.default.pbkdf2Sync(t,new Uint8Array(e),vk,Pk,"sha512")}s(Dc,"stretchString");function Nk(t,e="api"){let r=Pt.default.randomBytes(Rc),n=Dc(Um(e),r),i=Pt.default.createCipheriv(wc,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${Q_}${u}`}s(Nk,"encrypt");function Cc(t,e="api"){let[r,n]=t.split(Q_),i=Buffer.from(r,"hex"),o=Dc(Um(e),i),a=Pt.default.createDecipheriv(wc,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(Cc,"decrypt");function Uk(t,e,r="api"){try{let n=new TextEncoder,i=n.encode(Cc(e,r)),o=n.encode(t);return i.length!==o.length?!1:Pt.default.timingSafeEqual(i,o)}catch{return!1}}s(Uk,"compare");async function Lk({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,vm.join)(t,e);if(Lr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=Lr.default.createReadStream(i),a=Lr.default.createWriteStream((0,vm.join)(t,n)),u=Pt.default.randomBytes(Rc),c=Pt.default.randomBytes(Nm),l=Dc(r,u),d=Pt.default.createCipheriv(wc,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(Pm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(Lk,"encryptFile");async function kk(t){let e=Lr.default.createReadStream(t),r=await K_(e,Rc),n=await K_(e,Nm);return e.close(),{salt:r,iv:n}}s(kk,"getSaltAndIV");async function Mk(t,e,r){if(Lr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await kk(t),o=Lr.default.createReadStream(t,{start:Rc+Nm}),a=Lr.default.createWriteStream(e),u=Dc(r,n),c=Pt.default.createDecipheriv(wc,new Uint8Array(u),new Uint8Array(i)),l=Pm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",E=>{a.close(),f(E)}),c.on("error",E=>{a.close(),f(E)}),l.on("error",E=>{a.close(),f(E)}),a.on("error",E=>{a.close(),f(E)})})}s(Mk,"decryptFile");function K_(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(K_,"readBytes");var km={};P(km,{APIWarning:()=>Rn,FeatureDisabledWarning:()=>xc,InvalidAPIKeyWarning:()=>wi,UsageLimitWarning:()=>bc});var Rn=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},wi=class extends Rn{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},bc=class extends Rn{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},xc=class extends Rn{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var Y_=B(require("dd-trace"));var Bk=m.SESSION_UPDATE_PERIOD?parseInt(m.SESSION_UPDATE_PERIOD):60*1e3;function Wk(){return new Date(Date.now()-Bk).toISOString()}s(Wk,"timeMinusOneMinute");function H_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(H_,"finalise");async function Gk(t,e){if(Ys(t))return{valid:!0,user:void 0};let n=Cc(t).split(D)[0];return be(n,async()=>{let i;try{let o=Y();i=await Kt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await Po({userId:i,tenantId:n,populateUser:e})};throw new wi})}s(Gk,"checkApiKey");function vc(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(vc,"getHeader");function Pc(t=[],e={publicAllowed:!1}){let r=t?er(t):[];return async(n,i)=>{let o=!1,a=vc(n,"x-budibase-api-version");tr(n,r)&&(o=!0);try{let c=vc(n,"x-budibase-token"),l=jt(n,"budibase:auth")||_u(c),d=vc(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=vc(n,"x-budibase-tenant-id"),E=!1,p,T=!1,h;if(l&&!d){let y=l.sessionId,I=l.userId,O;try{O=await Qp(I,y),e&&e.populateUser?p=await Po({userId:I,tenantId:O.tenantId,email:O.email,populateUser:e.populateUser(n)}):p=await Po({userId:I,tenantId:O.tenantId,email:O.email}),p.csrfToken=O.csrfToken,h="cookie",O?.lastAccessedAt<Wk()&&await Kp(O),E=!0}catch(w){E=!1,console.warn(`Auth Error: ${w.message}`),Ar(n,"budibase:auth")}}if(!E&&d){let y=e.populateUser?e.populateUser(n):null,{valid:I,user:O}=await Gk(d,y);I&&(E=!0,h="api_key",p=O,T=!O)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,E||(E=!1);let g=s(y=>y&&y.email,"isUser");return g(p)&&Y_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),H_(n,{authenticated:E,user:p,internal:T,version:a,publicEndpoint:o,loginMethod:h}),g(p)?hf(p,n,i):i()}catch(c){if(console.warn(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Ar(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return H_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c.message||"Authentication failed")}}}s(Pc,"authenticated");async function Nc(t,e){if(t.internal)return e();let r=await dn(t);return!r&&!m.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Builder user only endpoint."):r&&!Ii(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(Nc,"builderOnly");async function Uc(t,e){if(t.internal||xt(t.user))return e();let r=await dn(t);return!r&&!m.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!Ii(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(Uc,"builderOrAdmin");var X_=B(require("crypto"));var z_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com","https://d2l5prqdbvm3op.cloudfront.net"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},J_=/^[A-Za-z0-9-*:/.]+$/,Z_=s(async(t,e)=>{let r=X_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...z_};n["script-src"]=[...z_["script-src"],`'nonce-${r}'`];let i={"media-src":m.CUSTOM_CSP_MEDIA_SRC,"script-src":m.CUSTOM_CSP_SCRIPT_SRC,"connect-src":m.CUSTOM_CSP_CONNECT_SRC,"img-src":m.CUSTOM_CSP_IMG_SRC,"font-src":m.CUSTOM_CSP_FONT_SRC,"frame-src":m.CUSTOM_CSP_FRAME_SRC};for(let[u,c]of Object.entries(i))if(c){let l=c.split(",").map(d=>d.trim()).filter(d=>J_.test(d));n[u]=[...n[u]||[],...l]}if(t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let u=await Ws.getWorkspaceMetadata(t.appId);if("name"in u)for(let c of u.scripts||[]){let l=(c.cspWhitelist||"").split(`
+`);for(let o of i.filter(a=>a))t.push(io.default.readFileSync(o))}return t.push(io.default.readFileSync(sA(aA))),Buffer.concat(t.map(n=>new Uint8Array(n)))}s(vP,"getLogReadStream");function PP(t){return typeof t=="object"&&t!==null&&!(t instanceof Error)}s(PP,"isPlainObject");function NP(t){return t instanceof Error}s(NP,"isError");function UP(t){return typeof t=="string"}s(UP,"isMessage");var wr;if(!m.DISABLE_PINO_LOGGER){let t=m.LOG_LEVEL,e={level:t,formatters:{level:c=>({level:c.toUpperCase()}),bindings:()=>m.SELF_HOSTED?{service:m.SERVICE_NAME}:{}},timestamp:()=>`,"timestamp":"${new Date(Date.now()).toISOString()}"`},r=[];r.push(m.isDev()?{stream:(0,dA.default)({singleLine:!0}),level:t}:{stream:process.stdout,level:t}),m.SELF_HOSTED&&r.push({stream:Dp(),level:t}),wr=r.length?(0,ku.default)(e,ku.default.multistream(r)):(0,ku.default)(e);let n=s(c=>{let l,d=[],f="";c.forEach(g=>{UP(g)&&(f=`${f} ${g}`.trimStart()),PP(g)&&d.push(g),NP(g)&&(l=g)});let E=u(),p={};p={tenantId:i(),appId:o(),automationId:a(),identityId:E?._id,identityType:E?.type,correlationId:hp()};let T=bp.default.scope().active();T&&bp.default.inject(T.context(),fA.formats.LOG,p);let h={err:l,pid:process.pid,...p};if(d.length){let g={},y=0;for(let I=0;I<d.length;I++){let O=d[I],w=O._logKey;w?(delete O._logKey,h[w]=O):(g[y]=O,y++)}Object.keys(g).length&&(h.data=g)}return[h,f]},"getLogParams");console.log=(...c)=>{let[l,d]=n(c);wr?.info(l,d)},console.info=(...c)=>{let[l,d]=n(c);wr?.info(l,d)},console.warn=(...c)=>{let[l,d]=n(c);wr?.warn(l,d)},console.error=(...c)=>{let[l,d]=n(c);wr?.error(l,d)},console.trace=(...c)=>{let[l,d]=n(c);l.err||(l.err=new Error),wr?.trace(l,d)},console.debug=(...c)=>{let[l,d]=n(c);wr?.debug(l,d)};let i=s(()=>{let c;try{c=G()}catch{}return c},"getTenantId"),o=s(()=>{let c;try{c=Oe()}catch{}return c},"getAppId"),a=s(()=>{let c;try{c=vf()}catch{}return c},"getAutomationId"),u=s(()=>{let c;try{c=$t()}catch{}return c},"getIdentity")}var Mu=wr;var LP=["AccountError"];function kP(t){return t&&t.suppressAlert}s(kP,"isSuppressed");function mn(t,e){e&&LP.includes(e.name)&&kP(e)||console.error(`bb-alert: ${t}`,e)}s(mn,"logAlert");function MP(t,e,r,n){t=`${t} - db: ${e} - doc: ${r} - error: `,mn(t,n)}s(MP,"logAlertWithInfo");function fi(t,e){console.warn(`bb-warn: ${t}`,e)}s(fi,"logWarn");var Fu=class extends Error{static{s(this,"UnretriableError")}constructor(e){super(e),this.name="PermanentError"}},xp=class{static{s(this,"QueuedProcessor")}constructor(e,r={}){let{maxAttempts:n=3,removeOnFail:i=!0,removeOnComplete:o=!0,maxStalledCount:a=3}=r;this.waitForCompletionMs=r.waitForCompletionMs||1e4,this._queue=new gt(e,{maxStalledCount:a,jobOptions:{attempts:n,removeOnFail:i,removeOnComplete:o}}),this._queue.process(async(u,c)=>{try{let l=await this.processFn(u.data);c?.(null,l)}catch(l){l instanceof Fu&&await u.discard(),mn(`Failed to process job in ${this._queue.name}`,l),c?.(l)}})}async close(e){await this._queue.close(e)}async execute(e){try{let r=await this._queue.add(e);return{success:!0,result:await Le.withTimeout(this.waitForCompletionMs,()=>r.finished())}}catch(r){if(r.errno!=="ETIME")throw r;return{success:!1,reason:"timeout"}}}};var FP=100,Bu,oo=class t{static{s(this,"DocWritethroughProcessor")}static get queue(){return t._queue||(t._queue=new gt("docWritethroughQueue",{jobOptions:{attempts:FP}})),t._queue}init(){return t.queue.process(async e=>{try{await this.persistToDb(e.data)}catch(r){throw r.status===409?new Error(`Conflict persisting message ${e.id}. Attempt ${e.attemptsMade}`):r}}),this}async persistToDb({dbName:e,docId:r,data:n}){if(r.startsWith("scimlog"))return;let i=Ce(e),o;try{o=await i.get(r)}catch{o={_id:r}}o={...o,...n},await i.put(o)}},Pp=class{static{s(this,"DocWritethrough")}constructor(e,r){this.db=e,this._docId=r}get docId(){return this._docId}async patch(e){await oo.queue.add({dbName:this.db.name,docId:this.docId,data:e})}};function pA(){return Bu=new oo().init(),Bu}s(pA,"init");function BP(){return Bu||pA()}s(BP,"getProcessor");var uo={};P(uo,{CacheKey:()=>ye,TTL:()=>gn,bustCache:()=>pi,destroy:()=>ao,get:()=>yn,keys:()=>Wu,store:()=>zt,withCache:()=>Rr,withCacheWithDynamicTTL:()=>mA});function bt(t){let e=G();return`${t}:${e}`}s(bt,"generateTenantKey");var hn=class{static{s(this,"BaseCache")}constructor(e=void 0){this.client=e}async getClient(){return this.client?this.client:await Bf()}async keys(e){return(await this.getClient()).keys(e)}async exists(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).exists(e)}async scan(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).scan(e)}async get(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).get(e)}async bulkGet(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>bt(i)):e,(await this.getClient()).bulkGet(e)}async store(e,r,n=null,i={useTenancy:!0}){e=i.useTenancy?bt(e):e,await(await this.getClient()).store(e,r,n)}async bulkStore(e,r=null,n={useTenancy:!0}){n.useTenancy&&(e=Object.entries(e).reduce((o,[a,u])=>(o[bt(a)]=u,o),{})),await(await this.getClient()).bulkStore(e,r)}async delete(e,r={useTenancy:!0}){return e=r.useTenancy?bt(e):e,(await this.getClient()).delete(e)}async bulkDelete(e,r={useTenancy:!0}){return e=r.useTenancy?e.map(i=>bt(i)):e,(await this.getClient()).bulkDelete(e)}async withCache(e,r=null,n,i={useTenancy:!0}){let o=await this.get(e,i);if(o)return o;try{let a=await n();return await this.store(e,a,r,i),a}catch(a){throw console.error("Error fetching before cache - ",a),a}}async withCacheWithDynamicTTL(e,r,n={useTenancy:!0}){let i=await this.get(e,n);if(i)return i;try{let o=await r(),{value:a,ttl:u}=o;return await this.store(e,a,u,{useTenancy:n.useTenancy}),a}catch(o){throw console.error("Error fetching before cache - ",o),o}}async bustCache(e){let r=await this.getClient();try{await r.delete(bt(e))}catch(n){throw console.error("Error busting cache - ",n),n}}async deleteIfValue(e,r,n={useTenancy:!0}){e=n.useTenancy?bt(e):e,await(await this.getClient()).deleteIfValue(e,r)}};var En=new hn,ye={CHECKLIST:"checklist",INSTALLATION:"installation",ANALYTICS_ENABLED:"analyticsEnabled",UNIQUE_TENANT_ID:"uniqueTenantId",EVENTS:"events",BACKFILL_METADATA:"backfillMetadata",EVENTS_RATE_LIMIT:"eventsRateLimit",OAUTH2_TOKEN:t=>`oauth2Token_${t}`},gn=(n=>(n[n.ONE_MINUTE=600]="ONE_MINUTE",n[n.ONE_HOUR=3600]="ONE_HOUR",n[n.ONE_DAY=86400]="ONE_DAY",n))(gn||{}),Wu=s((...t)=>En.keys(...t),"keys"),yn=s((...t)=>En.get(...t),"get"),zt=s((...t)=>En.store(...t),"store"),ao=s((...t)=>En.delete(...t),"destroy"),Rr=s((...t)=>En.withCache(...t),"withCache"),mA=s((...t)=>En.withCacheWithDynamicTTL(...t),"withCacheWithDynamicTTL"),pi=s((...t)=>En.bustCache(...t),"bustCache");var kp={};P(kp,{createCode:()=>jP,deleteCode:()=>YP,getCode:()=>HP,getExistingInvites:()=>Lp,getInviteCodes:()=>AA,updateCode:()=>QP});var Sn={};P(Sn,{AUTO_EXTEND_POLLING_MS:()=>gA,doWithLock:()=>co,newRedlock:()=>Tn});var EA=B(require("redlock"));async function WP(t,e){if(t==="custom")return Tn(e);switch(t){case"try_once":return Tn(mi.TRY_ONCE);case"try_twice":return Tn(mi.TRY_TWICE);case"default":return Tn(mi.DEFAULT);case"delay_500":return Tn(mi.DELAY_500);case"auto_extend":return Tn(mi.AUTO_EXTEND);default:throw Ot.unreachable(t)}}s(WP,"getClient");var mi={TRY_ONCE:{retryCount:0},TRY_TWICE:{retryCount:1},DEFAULT:{driftFactor:.01,retryCount:10,retryDelay:200,retryJitter:100},DELAY_500:{retryDelay:500},CUSTOM:{},AUTO_EXTEND:{retryCount:-1}};async function Tn(t={}){let e={...mi.DEFAULT,...t},n=(await Gf()).client;return new EA.default([n],e)}s(Tn,"newRedlock");function GP(t){let r=`lock:${t.systemLock?"system":G()}_${t.name}`;return t.resource&&(r=r+`_${t.resource}`),r}s(GP,"getLockName");var gA=pe.fromSeconds(10).toMs();async function co(t,e){let r=await WP(t.type,t.customOptions),n,i,o,a=!1;try{let u=GP(t),c=t.type==="auto_extend"?gA:t.ttl;if(n=await r.lock(u,c),t.type==="auto_extend"){let d=s(()=>{i=setTimeout(async()=>{a||(o=(async()=>{n=await n.extend(c,()=>t.onExtend&&t.onExtend())})(),await o,o=void 0,d())},c/2)},"extendInIntervals");d()}return{executed:!0,result:await e()}}catch(u){if(u.name==="LockError"){if(t.type==="try_once")return{executed:!1};throw u}else throw u}finally{a=!0,clearTimeout(i),await o?.catch(()=>{}),await n?.unlock()}}s(co,"doWithLock");var yA=pe.fromDays(7).toSeconds(),VP=pe.fromSeconds(10).toMs(),Gu="Invitation is not valid or has expired, please request a new one.";function TA(t,e){if(!t)return null;let r=t.tenantId||e;return r?{tenantId:r,invites:t.invites||{}}:null}s(TA,"normaliseInviteList");function qP(t){let e=!1,r=Date.now();for(let[n,i]of Object.entries(t.invites))(!i?.expiresAt||i.expiresAt<=r)&&(delete t.invites[n],e=!0);return{list:t,changed:e}}s(qP,"pruneExpiredInvites");async function Up(t){let r=await(await Fs()).get(t);return TA(r,t)}s(Up,"loadInviteList");async function lo(t,e){await(await Fs()).store(t,e)}s(lo,"saveInviteList");async function fo(t,e){let{result:r}=await co({type:"default",name:"process_user_invite",systemLock:!0,resource:t,ttl:VP},e);return r}s(fo,"withInviteListLock");function KP(t,e){return{code:t,email:e.email,info:e.info}}s(KP,"toInviteWithCode");async function SA(t,e){let r=await Fs(),n=TA(await r.get(e),e);if(!n)throw new Error(Gu);if(!Object.keys(n.invites).includes(t))throw new Error(Gu);return{list:n,invite:n.invites[t]}}s(SA,"findInviteInList");async function QP(t,e){let r={...e.info},n=r.tenantId||G();r.tenantId=n,await fo(n,async()=>{let i=await Up(n)||{tenantId:n,invites:{}};i.invites[t]={email:e.email,info:r,expiresAt:Date.now()+yA*1e3},await lo(n,i)})}s(QP,"updateCode");async function jP(t,e){let r=ee(),n={...e||{}},i=n.tenantId||G();return n.tenantId=i,await fo(i,async()=>{let o=await Up(i)||{tenantId:i,invites:{}};o.invites[r]={email:t,info:n,expiresAt:Date.now()+yA*1e3},await lo(i,o)}),r}s(jP,"createCode");async function HP(t,e){let r=e||G();return await fo(r,async()=>{let n=await SA(t,r),{list:i,invite:o}=n;if(o.expiresAt<=Date.now())throw delete i.invites[t],await lo(i.tenantId,i),new Error(Gu);return{email:o.email,info:o.info}})}s(HP,"getCode");async function YP(t,e){let r=e||G();try{await fo(r,async()=>{let n=await SA(t,r);delete n.list.invites[t],await lo(n.list.tenantId,n.list)})}catch(n){if(n instanceof Error&&n.message===Gu)return;throw n}}s(YP,"deleteCode");async function AA(){let t=G(),e=await fo(t,async()=>{let n=await Up(t)||{tenantId:t,invites:{}},i=qP(n);return n=i.list,i.changed&&await lo(t,n),n}),r=new Map;for(let[n,i]of Object.entries(e.invites))r.set(n,KP(n,i));return Array.from(r.values())}s(AA,"getInviteCodes");async function Lp(t){let e=new Set(t.map(r=>r.toLowerCase()));return(await AA()).filter(r=>e.has(r.email.toLowerCase()))}s(Lp,"getExistingInvites");var Mp={};P(Mp,{createCode:()=>JP,getCode:()=>XP,invalidateCode:()=>ZP});var zP=pe.fromHours(1).toSeconds();async function JP(t,e){let r=ee();return await(await Bs()).store(r,{userId:t,info:e},zP),r}s(JP,"createCode");async function XP(t){let r=await(await Bs()).get(t);if(!r)throw new Error("Provided information is not valid, cannot reset password - please try again.");return r}s(XP,"getCode");async function ZP(t){await(await Bs()).delete(t)}s(ZP,"invalidateCode");var vr={};P(vr,{getUser:()=>Po,getUsers:()=>k0,invalidateUser:()=>No});var po={};P(po,{getPlatformDB:()=>Dr,users:()=>yt});var yt={};P(yt,{addSsoUser:()=>OA,addUser:()=>sN,getUserDoc:()=>_A,lookupTenantId:()=>eN,removeUser:()=>oN,updateUserDoc:()=>tN});function Dr(){return Ce(fe.PLATFORM_INFO.name)}s(Dr,"getPlatformDB");async function eN(t){return m.MULTI_TENANCY?(await _A(t)).tenantId:ue}s(eN,"lookupTenantId");async function _A(t){return Dr().get(t)}s(_A,"getUserDoc");async function tN(t){await Dr().put(t)}s(tN,"updateUserDoc");function rN(t,e){return{_id:t,tenantId:e}}s(rN,"newUserIdDoc");function nN(t,e,r){return{_id:e,userId:t,tenantId:r}}s(nN,"newUserEmailDoc");function iN(t,e,r,n){return{_id:t,userId:r,email:e,tenantId:n}}s(iN,"newUserSsoIdDoc");async function Fp(t,e){let r=Dr(),n;try{await r.get(t)}catch(i){if(i.status===404)n=e(),await r.put(n);else throw i}}s(Fp,"addUserDoc");async function OA(t,e,r,n){return Fp(t,()=>iN(t,e,r,n))}s(OA,"addSsoUser");async function sN(t,e,r,n){let i=[Fp(e,()=>rN(e,t)),Fp(r,()=>nN(e,r,t))];n&&i.push(OA(n,r,e,t)),await Promise.all(i)}s(sN,"addUser");async function oN(t){let e=Dr(),r=[t._id,t.email],n=await e.allDocs({keys:r,include_docs:!0});await e.bulkRemove(n.rows.map(i=>i.doc),{silenceErrors:!0})}s(oN,"removeUser");var _n={};P(_n,{getAccount:()=>Cr,getAccountByTenantId:()=>hi,getStatus:()=>aN});var IA=B(require("node-fetch"));var An=class{static{s(this,"API")}constructor(e){this.host=e}async apiCall(e,r,n){n.headers||(n.headers={}),n.headers["Content-Type"]||(n.headers={"Content-Type":"application/json",Accept:"application/json",...n.headers});let i=n.headers["Content-Type"]==="application/json";Zs.setHeader(n.headers);let o={method:e,body:i?JSON.stringify(n.body):n.body,headers:n.headers,credentials:"include"};return await(0,IA.default)(`${this.host}${r}`,o)}async post(e,r){return this.apiCall("POST",e,r)}async get(e,r){return this.apiCall("GET",e,r)}async patch(e,r){return this.apiCall("PATCH",e,r)}async del(e,r){return this.apiCall("DELETE",e,r)}async put(e,r){return this.apiCall("PUT",e,r)}};var Bp=new An(m.INTERNAL_ACCOUNT_PORTAL_URL),Wp=m.SELF_HOSTED||m.DISABLE_ACCOUNT_PORTAL,Cr=s(async t=>{if(Wp)return;let e={email:t},r=await Bp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by email ${t}`);return(await r.json())[0]},"getAccount"),hi=s(async t=>{if(Wp)return;let e={tenantId:t},r=await Bp.post("/api/accounts/search",{body:e,headers:{"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY}});if(r.status!==200)throw new Error(`Error getting account by tenantId ${t}`);return(await r.json())[0]},"getAccountByTenantId"),aN=s(async()=>{if(Wp)return;let t=await Bp.get("/api/status",{headers:{"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY}}),e=await t.json();if(t.status!==200)throw new Error("Error getting status");return e},"getStatus");var Ai={};P(Ai,{UserDB:()=>vt,addAppBuilder:()=>P0,bulkGetGlobalUsersById:()=>dc,bulkUpdateGlobalUsers:()=>bo,cleanseUserObject:()=>um,creatorsInList:()=>xr,doesUserExist:()=>D0,getAccountHolderFromUsers:()=>lc,getAllUserIds:()=>w0,getAllUsers:()=>R0,getById:()=>wn,getCreatorCount:()=>x0,getExistingAccounts:()=>Si,getExistingPlatformUsers:()=>p_,getExistingTenantUsers:()=>f_,getFirstPlatformUser:()=>Do,getGlobalUserByAppPage:()=>S_,getGlobalUserByEmail:()=>At,getPlatformUsers:()=>oc,getUserCount:()=>b0,hasAdminPermissions:()=>br,hasAppBuilderPermissions:()=>E_,hasBuilderPermissions:()=>Fe,isAdmin:()=>xt,isAdminOrBuilder:()=>h_,isAdminOrWorkspaceBuilder:()=>ac,isBuilder:()=>Ii,isCreatorAsync:()=>Co,isCreatorSync:()=>uc,isGlobalBuilder:()=>m_,paginatedUsers:()=>__,removeAppBuilder:()=>N0,removePortalUserPermissions:()=>v0,searchExistingEmails:()=>nm,searchGlobalUsersByApp:()=>T_,searchGlobalUsersByAppAccess:()=>am,searchGlobalUsersByEmail:()=>A_,validateUniqueUser:()=>cc});var zu={};P(zu,{ActiveContentFileError:()=>qu,BadRequestError:()=>ho,BudibaseError:()=>mo,EmailUnavailableError:()=>Jt,FeatureDisabledError:()=>ju,ForbiddenError:()=>Ku,HTTPError:()=>Me,NotFoundError:()=>Vu,NotImplementedError:()=>Qu,UnexpectedError:()=>$u,UsageLimitError:()=>Hu,getErrorMessage:()=>wA,getPublicError:()=>Yu});var mo=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"BudibaseError")}};function wA(t){if(t==null)return"No error provided.";if(t instanceof Error)return t.message;if(typeof t=="string")return t;if(typeof t=="object"&&"message"in t)return String(t.message);try{let r=JSON.stringify(t);if(r!=="{}")return r}catch{}let e=String(t);return e!=="[object Object]"?e:"An unknown error occurred"}s(wA,"getErrorMessage");var Yu=s(t=>{let e;return t.code&&(e={code:t.code},t.getPublicError&&(e={...e,...t.getPublicError()})),e},"getPublicError"),Me=class t extends mo{constructor(r,n,i="http"){super(r,i);this.status=n}static{s(this,"HTTPError")}static async fromResponse(r){let n=await r.text(),i=n,o=r.status,a="http";try{let u=JSON.parse(n);i=u.error?.message||u.message,o=u.status??r.status,a=u.error?.code??r.statusText}catch{}return new t(i,o,a)}},$u=class extends Me{static{s(this,"UnexpectedError")}constructor(e){super(e,500)}},Vu=class extends Me{static{s(this,"NotFoundError")}constructor(e){super(e,404)}},ho=class extends Me{static{s(this,"BadRequestError")}constructor(e){super(e,400)}},qu=class extends ho{static{s(this,"ActiveContentFileError")}constructor(e){super(`File "${e}" contains active content which is not permitted`)}},Ku=class extends Me{static{s(this,"ForbiddenError")}constructor(e){super(e,403)}},Qu=class extends Me{static{s(this,"NotImplementedError")}constructor(e){super(e,501)}},ju=class extends Error{static{s(this,"FeatureDisabledError")}constructor(e){super(`Feature disabled: '${e}'`)}},Hu=class extends Error{static{s(this,"UsageLimitError")}constructor(e){super(`Usage limit exceeded: '${e}'`)}},Jt=class extends Error{static{s(this,"EmailUnavailableError")}constructor(e){super(`Email already in use: '${e}'`)}};var qp={};P(qp,{PASSWORD_MAX_LENGTH:()=>$p,PASSWORD_MIN_LENGTH:()=>Gp,validatePassword:()=>Vp});var Gp=+(m.PASSWORD_MIN_LENGTH||12),$p=+(m.PASSWORD_MAX_LENGTH||512);function Vp(t){return!t||t.length<Gp?{valid:!1,error:`Password invalid. Minimum ${Gp} characters.`}:t.length>$p?{valid:!1,error:`Password invalid. Maximum ${$p} characters.`}:{valid:!0}}s(Vp,"validatePassword");var Ju={};P(Ju,{createASession:()=>uN,endSession:()=>cN,getSession:()=>Qp,getSessionsForUser:()=>Eo,invalidateSessions:()=>On,updateSessionTTL:()=>Kp});var DA=require("uuid");var CA=m.SESSION_EXPIRY_SECONDS?parseInt(m.SESSION_EXPIRY_SECONDS):pe.fromDays(7).toSeconds();function Ei(t,e){return`${t}/${e}`}s(Ei,"makeSessionID");async function Eo(t){return t?(await(await yr()).scan(t)).map(n=>n.value):(console.trace("Cannot get sessions for undefined userId"),[])}s(Eo,"getSessionsForUser");async function On(t,e={}){try{let r=e?.reason||"unknown",n=e.sessionIds||[],i;if(n.length===0?i=(await Eo(t)).map(a=>({key:Ei(a.userId,a.sessionId)})):(n=Array.isArray(n)?n:[n],i=n.map(o=>({key:Ei(t,o)}))),i&&i.length>0){let o=await yr(),a=[];for(let u of i)a.push(o.delete(u.key));m.isTest()||fi(`Invalidating sessions for ${t} (reason: ${r}) - ${i.map(u=>u.key).join(", ")}`),await Promise.all(a)}}catch(r){console.error(`Error invalidating sessions: ${r}`)}}s(On,"invalidateSessions");async function uN(t,e){let r=await Eo(t),n=0;if(r.length>=3){let l=r.sort((E,p)=>new Date(E.createdAt).getTime()-new Date(p.createdAt).getTime()),d=r.length-3+1,f=l.slice(0,d).map(E=>E.sessionId);n=f.length,await On(t,{sessionIds:f,reason:"session limit exceeded"})}let i=await yr(),o=e.sessionId,a=e.csrfToken?e.csrfToken:(0,DA.v4)(),u=Ei(t,o),c={...e,csrfToken:a,createdAt:new Date().toISOString(),lastAccessedAt:new Date().toISOString(),userId:t};return await i.store(u,c,CA),{session:c,invalidatedSessionCount:n}}s(uN,"createASession");async function Kp(t){let e=await yr(),r=Ei(t.userId,t.sessionId);t.lastAccessedAt=new Date().toISOString(),await e.store(r,t,CA)}s(Kp,"updateSessionTTL");async function cN(t,e){await(await yr()).delete(Ei(t,e))}s(cN,"endSession");async function Qp(t,e){if(!t||!e)throw new Error(`Invalid session details - ${t} - ${e}`);let n=await(await yr()).get(Ei(t,e));if(!n)throw new Error(`Session not found - ${t} - ${e}`);return n}s(Qp,"getSession");var Ti={};P(Ti,{account:()=>GA,action:()=>$A,ai:()=>VA,analytics:()=>Zu,app:()=>qA,asyncEventQueue:()=>Tt,auditLog:()=>KA,auth:()=>sc,automation:()=>QA,backfill:()=>jA,backfillCache:()=>rc,backup:()=>HA,datasource:()=>YA,email:()=>zA,environmentVariable:()=>JA,group:()=>XA,identification:()=>St,initAsyncEvents:()=>f0,installation:()=>Ao,layout:()=>ZA,license:()=>e_,org:()=>t_,plugin:()=>r_,processors:()=>Xp,publishEvent:()=>A,query:()=>n_,resource:()=>i_,role:()=>Ro,rowAction:()=>s_,rows:()=>o_,screen:()=>a_,serve:()=>u_,shutdown:()=>p0,table:()=>c_,user:()=>Be,view:()=>l_,workspace:()=>d_});var Zu={};P(Zu,{enabled:()=>Xu});var Xu=s(async()=>ec(),"enabled");var Tt;function tc(){Tt=new gt("systemEventQueue",{jobTags:t=>({"event.name":t.event})})}s(tc,"init");async function bA(){Tt&&await Tt.close()}s(bA,"shutdown");async function xA(t){Tt||tc();let{event:e,identity:r}=t;oh.indexOf(e)!==-1&&r.tenantId&&await Tt.add(t)}s(xA,"publishAsyncEvent");var rc={};P(rc,{end:()=>dN,isAlreadySent:()=>Yp,isBackfillingEvent:()=>Hp,recordEvent:()=>jp,start:()=>lN});var lN=s(async t=>pN({eventWhitelist:t}),"start"),jp=s(async(t,e)=>{let r=zp(t,e);await zt(r,e,void 0,{useTenancy:!1})},"recordEvent"),dN=s(async()=>{await mN(),await hN()},"end"),fN=s(async()=>yn(ye.BACKFILL_METADATA),"getBackfillMetadata"),pN=s(async t=>zt(ye.BACKFILL_METADATA,t),"saveBackfillMetadata"),mN=s(async()=>{await ao(ye.BACKFILL_METADATA)},"deleteBackfillMetadata"),hN=s(async()=>{let t=zp(),e=await Wu(t);for(let r of e)await ao(r,{useTenancy:!1})},"clearEvents"),Hp=s(async t=>{let r=(await fN())?.eventWhitelist;return!!(r&&r.includes(t))},"isBackfillingEvent"),Yp=s(async(t,e)=>{let r=zp(t,e);return!!await yn(r,{useTenancy:!1})},"isAlreadySent"),EN={"automation:created":t=>t.automationId,"automation:step:created":t=>t.stepId,"datasource:created":t=>t.datasourceId,"layout:created":t=>t.layoutId,"query:created":t=>t.queryId,"role:created":t=>t.roleId,"screen:created":t=>t.screenId,"table:created":t=>t.tableId,"view:created":t=>t.tableId,"view:calculation:created":t=>t.tableId,"view:filter:created":t=>t.tableId,"app:created":t=>t.appId,"app:published":t=>t.appId,"auth:sso:created":t=>t.type,"auth:sso:activated":t=>t.type,"user:created":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:builder:assigned":t=>t.userId,"role:assigned":t=>`${t.roleId}-${t.userId}`},zp=s((t,e)=>{let r,n=G();if(t){r=`${ye.EVENTS}:${n}:${t}`;let i=EN[t],o=i?i(e):void 0;o&&(r=`${r}:${o}`)}else r=`${ye.EVENTS}:${n}:*`;return r},"getEventKey");var Xp={};P(Xp,{analyticsProcessor:()=>FA,init:()=>CN,processors:()=>Zt});var LA=require("posthog-node");var gN=s(t=>t==="served:builder"||t==="served:app:preview"||t==="served:app","isRateLimited"),yN=s(t=>t==="served:app:preview"||t==="served:app","isPerApp");var PA={"served:app":"calendarDay","served:app:preview":"calendarDay","served:builder":"calendarDay"},NA=s(async t=>{if(!gN(t))return!1;let e=await TN(t);if(e){let r=new Date(e.timestamp);switch(PA[t]){case"calendarDay":return r.setDate(r.getDate()+1),r.setHours(0,0,0,0),Date.now()>r.getTime()?(await vA(t,{timestamp:Date.now()}),!1):!0}}else return await vA(t,{timestamp:Date.now()}),!1},"limited"),UA=s(t=>{let e=`${ye.EVENTS_RATE_LIMIT}:${t}`;return yN(t)&&(e=e+":"+Oe()),e},"eventKey"),TN=s(async t=>{let e=UA(t);return await yn(e)},"readEvent"),vA=s(async(t,e)=>{let r=UA(t),n=PA[t],i;switch(n){case"calendarDay":i=86400}await zt(r,e,i)},"recordEvent");var AN=["user:updated","email:smtp:updated","auth:sso:updated","app:updated","role:updated","datasource:updated","query:updated","view:updated","view:calculation:updated","automation:trigger:updated","user_group:updated","action:automation_step:executed","action:crud:executed","action:ai_agent:executed"],go=class{static{s(this,"PosthogProcessor")}constructor(e){if(!e)throw new Error("Posthog token is not defined");this.posthog=new LA.PostHog(e)}async processEvent(e,r,n,i){if(AN.includes(e)||await NA(e))return;n=this.clearPIIProperties(n),n.version=m.VERSION,n.service=m.SERVICE,n.environment=r.environment,n.hosting=r.hosting;let o=Oe();o&&(n.appId=o);let a={distinctId:r.id,event:e,properties:n};i&&(a.timestamp=new Date(i)),(r.installationId||r.tenantId)&&(a.groups={},r.installationId&&(a.groups.installation=r.installationId,a.properties.installationId=r.installationId),r.tenantId&&(a.groups.tenant=r.tenantId,a.properties.tenantId=r.tenantId)),this.posthog.capture(a)}clearPIIProperties(e){return e.email&&delete e.email,e.audited&&delete e.audited,e}async identify(e,r){let n={distinctId:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.identify(n)}async identifyGroup(e,r){let n={distinctId:e.id,groupType:e.type,groupKey:e.id,properties:e};r&&(n.timestamp=new Date(r)),this.posthog.groupIdentify(n)}async shutdown(){await this.posthog.shutdown()}};var kA=go;var _N=["installation:version:upgraded","installation:version:downgraded"],ON=["installation","tenant"],yo=class{static{s(this,"AnalyticsProcessor")}constructor(){m.POSTHOG_TOKEN&&!m.isTest()&&(this.posthog=new kA(m.POSTHOG_TOKEN))}async processEvent(e,r,n,i){!_N.includes(e)&&!await Xu()||this.posthog&&await this.posthog.processEvent(e,r,n,i)}async identify(e,r){!ON.includes(e.type)&&!await Xu()||this.posthog&&await this.posthog.identify(e,r)}async identifyGroup(e,r){this.posthog&&await this.posthog.identifyGroup(e,r)}async shutdown(){this.posthog&&await this.posthog.shutdown()}};var Jp=m.SELF_HOSTED&&!m.isDev(),To=class{static{s(this,"LoggingProcessor")}async processEvent(e,r,n){Jp||console.log(`[audit] [identityType=${r.type}] ${e}`,n)}async identify(e){Jp||console.log("[audit] identified",e)}async identifyGroup(e){Jp||console.log("[audit] group identified",e)}async shutdown(){}};var gi=class t{static{s(this,"AuditLogsProcessor")}static{this.auditLogsEnabled=!1}static init(e){t.auditLogsEnabled=!0;let r=e;return t.auditLogQueue=new gt("auditLogQueue",{jobTags:n=>({"event.name":n.event})}),t.auditLogQueue.process(async n=>{await be(n.data.tenantId,async()=>{let i=n.data.properties;i.audited&&(i={...i,...i.audited},delete i.audited);let o={};m.ENABLE_AUDIT_LOG_IP_ADDR&&(o=n.data.opts.hostInfo),await r(n.data.event,i,{userId:n.data.opts.userId,timestamp:n.data.opts.timestamp,appId:n.data.opts.appId,hostInfo:o})})})}async processEvent(e,r,n,i){if(t.auditLogsEnabled&&tp(e)){let o=r.type==="user"?r.id:void 0;await t.auditLogQueue.add({event:e,properties:n,opts:{userId:o,timestamp:i,appId:Oe(),hostInfo:r.hostInfo},tenantId:G()})}}async identify(){}async identifyGroup(){}async shutdown(){await t.auditLogQueue?.close()}};var MA=require("uuid");var IN=new An(m.INTERNAL_ACCOUNT_PORTAL_URL),yi=class t{static{s(this,"EventBrokerProcessor")}static init(e){t.getLicenseKeyFn=e}async processEvent(e,r,n,i){if(m.DISABLE_ACCOUNT_PORTAL)return;let o;if(m.SELF_HOSTED){if(!t.getLicenseKeyFn)return;let c=await t.getLicenseKeyFn();if(!c)return;o={"x-budibase-license-key":c}}else o={"x-budibase-api-key":m.ACCOUNT_PORTAL_API_KEY},r.tenantId&&(o["x-budibase-tenant-id"]=r.tenantId);let a=Oe(),u={id:(0,MA.v4)(),type:e,identity:r,properties:{...n,version:m.VERSION,service:m.SERVICE,environment:r.environment,hosting:r.hosting,...a&&{appId:a},...r.installationId&&{installationId:r.installationId},...r.tenantId&&{tenantId:r.tenantId}},timestamp:i===void 0?Date.now():new Date(i).getTime()};try{let c=await IN.post("/api/v2/analytics/event",{headers:o,body:u});c.ok||console.warn(`[EventBrokerProcessor] unexpected response status: ${c.status}`)}catch(c){console.error(`[EventBrokerProcessor] failed to send event: ${c}`)}}};var So=class{constructor(e){this.initialised=!1;this.processors=[];this.processors=e}static{s(this,"Processor")}async processEvent(e,r,n,i){for(let o of this.processors)await o.processEvent(e,r,n,i)}async identify(e,r){for(let n of this.processors)n.identify&&await n.identify(e,r)}async identifyGroup(e,r){for(let n of this.processors)n.identifyGroup&&await n.identifyGroup(e,r)}async shutdown(){for(let e of this.processors)e.shutdown&&await e.shutdown()}};var FA=new yo,wN=new To,RN=new gi,DN=new yi;function CN(t,e){return yi.init(e),gi.init(t)}s(CN,"init");var Zt=new So([FA,wN,RN,DN]);var nc={};P(nc,{checkInstallVersion:()=>vN,getInstall:()=>_o,getInstallFromDB:()=>em});var Zp=B(require("semver"));var _o=s(async()=>Rr(ye.INSTALLATION,86400,em,{useTenancy:!1}),"getInstall");async function bN(t){let e={_id:fe.PLATFORM_INFO.docs.install,installId:ee(),version:m.VERSION};try{let r=await t.put(e);return e._rev=r.rev,e}catch(r){if(r.status===409)return em();throw r}}s(bN,"createInstallDoc");var em=s(async()=>je(fe.PLATFORM_INFO.name,async t=>{let e;try{e=await t.get(fe.PLATFORM_INFO.docs.install)}catch(r){if(r.status===404)e=await bN(t);else throw r}return e}),"getInstallFromDB"),xN=s(async t=>{try{await je(fe.PLATFORM_INFO.name,async e=>{let r=await _o();r.version=t,await e.put(r),await pi(ye.INSTALLATION)})}catch(e){if(e.status===409)return!1;throw e}return!0},"updateVersion"),vN=s(async()=>{let t=await _o(),e=t.version,r=m.VERSION;try{if(e!==r){let n=Zp.default.gt(r,e),i=Zp.default.lt(r,e);await xN(r)&&(await vs({_id:t.installId,type:"installation"},async()=>{n?await Ao.upgraded(e,r):i&&await Ao.downgraded(e,r)}),await St.identifyInstallationGroup(t.installId))}}catch(n){n?.message?.includes("Invalid Version")?mn(`Invalid version "${r}" - is it semver?`):mn("Failed to retrieve version",n)}},"checkInstallVersion");var PN=s(async()=>{let t=pf(),e=wo(),r;if(t?r=t.type:r="tenant",r==="installation"){let n=await In(),i=Oo();return{id:BA(n,r),hosting:i,type:r,installationId:n,environment:e}}else if(r==="tenant"){let n=await In(),i=await ic(G()),o=Oo();return{id:BA(i,r),type:r,hosting:o,installationId:n,tenantId:i,realTenantId:G(),environment:e}}else if(r==="user"){let n=t,i=await ic(G()),o=await In(),a=n.account,u;return a?u=a.hosting:u=Oo(),{id:n._id,type:r,hosting:u,installationId:o,tenantId:i,environment:e,realTenantId:G(),hostInfo:n.hostInfo}}else throw new Error("Unknown identity type")},"getCurrentIdentity"),NN=s(async(t,e)=>{let r=t,n="installation",i=Oo(),o=m.VERSION,a=wo(),u={id:r,type:n,hosting:i,version:o,environment:a};await tm(u,e),await Io({...u,id:`$${n}_${r}`},e)},"identifyInstallationGroup"),UN=s(async(t,e,r,n=m.VERSION)=>{let i=await ic(t),o="tenant",a=await In(),u=wo(),c={id:i,type:o,hosting:e,environment:u,installationId:a,createdAt:r,createdVersion:n};await tm(c,r),await Io({...c,id:`$${o}_${i}`},r)},"identifyTenantGroup"),LN=s(async(t,e,r)=>{let n=t._id,i=await ic(t.tenantId),o="user",a=Fe(t),u=br(t),c;zo(t)&&(c=t.providerType);let d=(await Si([t.email])).length>0,f=!!e&&d&&e.verified,E=await In(),p=e?e.hosting:Oo(),T=wo();await Io({id:n,type:o,hosting:p,installationId:E,tenantId:i,verified:f,accountHolder:d,providerType:c,builder:a,admin:u,environment:T},r)},"identifyUser"),kN=s(async t=>{let e=t.accountId,r=t.tenantId,n="user",i=Yo(t)?t.providerType:void 0,o=t.verified,a=!0,u=t.hosting,c=await In(),l=wo();if(Ho(t)){let f=await At(t.email);f?._id&&(e=f._id)}await Io({id:e,type:n,hosting:u,installationId:c,tenantId:r,providerType:i,verified:o,accountHolder:a,environment:l})},"identifyAccount"),Io=s(async(t,e)=>{await Zt.identify(t,e)},"identify"),tm=s(async(t,e)=>{await Zt.identifyGroup(t,e)},"identifyGroup"),wo=s(()=>m.isDev()?"development":m.DEPLOYMENT_ENVIRONMENT,"getDeploymentEnvironment"),Oo=s(()=>m.SELF_HOSTED?"self":"cloud","getHostingFromEnv"),In=s(async()=>MN()?"account-portal":(await _o()).installId,"getInstallationId"),ic=s(async t=>m.SELF_HOSTED?WA(t):t,"getEventTenantId"),WA=s(async t=>be(t,()=>Rr(ye.UNIQUE_TENANT_ID,86400,async()=>{let e=Y(),r=await _i(),n;return r.config.uniqueTenantId?r.config.uniqueTenantId:(n=`${ee()}_${t}`,r.config.uniqueTenantId=n,r.config.createdVersion=m.VERSION,await e.put(r),n)})),"getUniqueTenantId"),MN=s(()=>m.SERVICE==="account-portal","isAccountPortal"),BA=s((t,e)=>e==="installation"||e==="tenant"?`$${e}_${t}`:t,"formatDistinctId"),St={getCurrentIdentity:PN,identifyInstallationGroup:NN,identifyTenantGroup:UN,identifyUser:LN,identifyAccount:kN,identify:Io,identifyGroup:tm,getInstallationId:In,getUniqueTenantId:WA};var A=s(async(t,e,r,n)=>{let i=n||await St.getCurrentIdentity();if(!(n?!1:await Hp(t))){await xA({event:t,identity:i,properties:e,timestamp:r}),await Zt.processEvent(t,i,e,r);return}await Yp(t,e)||(await Zt.processEvent(t,i,e,r),await jp(t,e))},"publishEvent");async function FN(t,e){let r={tenantId:t.tenantId};await A("account:created",r,void 0,e)}s(FN,"created");async function BN(t){let e={tenantId:t.tenantId};await A("account:deleted",e)}s(BN,"deleted");async function WN(t){let e={tenantId:t.tenantId};await A("account:verified",e)}s(WN,"verified");var GA={created:FN,deleted:BN,verified:WN};async function GN(t,e){await A("action:automation_step:executed",t,e)}s(GN,"automationStepExecuted");async function $N(t,e){await A("action:crud:executed",t,e)}s($N,"crudExecuted");function VN(t,e){A("action:ai_agent:executed",t,e).catch(r=>{console.error("aiAgentExecuted telemetry failed",{action:t,err:r})})}s(VN,"aiAgentExecuted");var $A={aiAgentExecuted:VN,automationStepExecuted:GN,crudExecuted:$N};function qN(t,e){let r={configId:t._id,audited:{name:t.name}};A("ai:config:created",r,e).catch(n=>{console.error("configCreated telemetry failed",{configId:t._id,err:n})})}s(qN,"configCreated");function KN(t){let e={configId:t._id,audited:{name:t.name}};A("ai:config:updated",e).catch(r=>{console.error("configUpdated telemetry failed",{configId:t._id,err:r})})}s(KN,"configUpdated");function QN(t){let e={configId:t._id,audited:{name:t.name}};A("ai:config:deleted",e).catch(r=>{console.error("configDeleted telemetry failed",{configId:t._id,err:r})})}s(QN,"configDeleted");function jN(t){let e={agentId:t._id,audited:{name:t.name}};A("ai:agent:created",e).catch(r=>{console.error("agentCreated telemetry failed",{agentId:t._id,err:r})})}s(jN,"agentCreated");function HN(t){let e={agentId:t._id,audited:{name:t.name}};A("ai:agent:updated",e).catch(r=>{console.error("agentUpdated telemetry failed",{agentId:t._id,err:r})})}s(HN,"agentUpdated");function YN(t){let e={agentId:t._id,audited:{name:t.name}};A("ai:agent:deleted",e).catch(r=>{console.error("agentDeleted telemetry failed",{agentId:t._id,err:r})})}s(YN,"agentDeleted");var VA={configCreated:qN,configUpdated:KN,configDeleted:QN,agentCreated:jN,agentUpdated:HN,agentDeleted:YN};var zN=s(async(t,e)=>{let r={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:created",r,e)},"created");async function JN(t){let e={appId:t.appId,version:t.version,audited:{name:t.name}};await A("app:updated",e)}s(JN,"updated");async function XN(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:deleted",e)}s(XN,"deleted");async function ZN(t,e){let r={appId:t.appId,audited:{name:t.name}};await A("app:published",r,e)}s(ZN,"published");async function eU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:unpublished",e)}s(eU,"unpublished");async function tU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:file:imported",e)}s(tU,"fileImported");async function rU(t,e){let r={duplicateAppId:e,appId:t.appId,audited:{name:t.name}};await A("app:duplicated",r)}s(rU,"duplicated");async function nU(t,e){let r={appId:t.appId,templateKey:e,audited:{name:t.name}};await A("app:template:imported",r)}s(nU,"templateImported");async function iU(t,e,r){let n={appId:t.appId,currentVersion:e,updatedToVersion:r,audited:{name:t.name}};await A("app:version:updated",n)}s(iU,"versionUpdated");async function sU(t,e,r){let n={appId:t.appId,currentVersion:e,revertedToVersion:r,audited:{name:t.name}};await A("app:version:reverted",n)}s(sU,"versionReverted");async function oU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:reverted",e)}s(oU,"reverted");async function aU(t){let e={appId:t.appId,audited:{name:t.name}};await A("app:exported",e)}s(aU,"exported");var qA={created:zN,updated:JN,deleted:XN,published:ZN,unpublished:eU,fileImported:tU,duplicated:rU,templateImported:nU,versionUpdated:iU,versionReverted:sU,reverted:oU,exported:aU};async function uU(t){let e={filters:t};await A("audit_log:filtered",e)}s(uU,"filtered");async function cU(t){let e={filters:t};await A("audit_log:downloaded",e)}s(cU,"downloaded");var KA={filtered:uU,downloaded:cU};async function lU(t,e){let n={userId:(await St.getCurrentIdentity()).id,source:t,audited:{email:e}};await A("auth:login",n)}s(lU,"login");async function dU(t){let r={userId:(await St.getCurrentIdentity()).id,audited:{email:t}};await A("auth:logout",r)}s(dU,"logout");async function fU(t,e){let r={type:t};await A("auth:sso:created",r,e)}s(fU,"SSOCreated");async function pU(t){let e={type:t};await A("auth:sso:updated",e)}s(pU,"SSOUpdated");async function mU(t,e){let r={type:t};await A("auth:sso:activated",r,e)}s(mU,"SSOActivated");async function hU(t){let e={type:t};await A("auth:sso:deactivated",e)}s(hU,"SSODeactivated");var sc={login:lU,logout:dU,SSOCreated:fU,SSOUpdated:pU,SSOActivated:mU,SSODeactivated:hU};async function EU(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:created",r,e)}s(EU,"created");async function gU(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:trigger:updated",e)}s(gU,"triggerUpdated");async function yU(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,audited:{name:t.name}};await A("automation:deleted",e)}s(yU,"deleted");async function TU(t){let e={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId};await A("automation:tested",e)}s(TU,"tested");var SU=s(async(t,e)=>{let r={count:t};await A("automations:run",r,e)},"run");async function AU(t,e,r){let n={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:created",n,r)}s(AU,"stepCreated");async function _U(t,e){let r={appId:t.appId,automationId:t._id,triggerId:t.definition?.trigger?.id,triggerType:t.definition?.trigger?.stepId,stepId:e.id,stepType:e.stepId,audited:{name:t.name}};await A("automation:step:deleted",r)}s(_U,"stepDeleted");var QA={created:EU,triggerUpdated:gU,deleted:yU,tested:TU,run:SU,stepCreated:AU,stepDeleted:_U};var Oi=!m.SELF_HOSTED&&!m.isDev();async function OU(t){Oi||await A("app:backfill:succeeded",t)}s(OU,"appSucceeded");async function IU(t){if(Oi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("app:backfill:failed",e)}s(IU,"appFailed");async function wU(t){Oi||await A("tenant:backfill:succeeded",t)}s(wU,"tenantSucceeded");async function RU(t){if(Oi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("tenant:backfill:failed",e)}s(RU,"tenantFailed");async function DU(){if(Oi)return;let t={};await A("installation:backfill:succeeded",t)}s(DU,"installationSucceeded");async function CU(t){if(Oi)return;let e={error:JSON.stringify(t,Object.getOwnPropertyNames(t))};await A("installation:backfill:failed",e)}s(CU,"installationFailed");var jA={appSucceeded:OU,appFailed:IU,tenantSucceeded:wU,tenantFailed:RU,installationSucceeded:DU,installationFailed:CU};async function bU(t){let e={appId:t.appId,restoreId:t._id,backupCreatedAt:t.timestamp,name:t.name};await A("app:backup:restored",e)}s(bU,"workspaceBackupRestored");async function xU(t,e,r,n,i){let o={appId:t,backupId:e,type:r,trigger:n,name:i};await A("app:backup:triggered",o)}s(xU,"workspaceBackupTriggered");var HA={workspaceBackupRestored:bU,workspaceBackupTriggered:xU};function rm(t){return!Object.values(qo).includes(t.source)}s(rm,"isCustom");async function vU(t,e){let r={datasourceId:t._id,source:t.source,custom:rm(t)};await A("datasource:created",r,e)}s(vU,"created");async function PU(t){let e={datasourceId:t._id,source:t.source,custom:rm(t)};await A("datasource:updated",e)}s(PU,"updated");async function NU(t){let e={datasourceId:t._id,source:t.source,custom:rm(t)};await A("datasource:deleted",e)}s(NU,"deleted");var YA={created:vU,updated:PU,deleted:NU};async function UU(t){let e={};await A("email:smtp:created",e,t)}s(UU,"SMTPCreated");async function LU(){let t={};await A("email:smtp:updated",t)}s(LU,"SMTPUpdated");var zA={SMTPCreated:UU,SMTPUpdated:LU};async function kU(t,e){let r={name:t,environments:e};await A("environment_variable:created",r)}s(kU,"created");async function MU(t){let e={name:t};await A("environment_variable:deleted",e)}s(MU,"deleted");async function FU(t){let e={userId:t};await A("environment_variable:upgrade_panel_opened",e)}s(FU,"upgradePanelOpened");var JA={created:kU,deleted:MU,upgradePanelOpened:FU};async function BU(t,e){let r={groupId:t._id,viaScim:Et(),audited:{name:t.name}};await A("user_group:created",r,e)}s(BU,"created");async function WU(t){let e={groupId:t._id,viaScim:Et(),audited:{name:t.name}};await A("user_group:updated",e)}s(WU,"updated");async function GU(t){let e={groupId:t._id,viaScim:Et(),audited:{name:t.name}};await A("user_group:deleted",e)}s(GU,"deleted");async function $U(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:Et(),audited:{name:e.name}};await A("user_group:user_added",n)}s($U,"usersAdded");async function VU(t,e,r){let n={count:t,groupId:e._id,userIds:r,viaScim:Et(),audited:{name:e.name}};await A("user_group:users_deleted",n)}s(VU,"usersDeleted");async function qU(t){let e={groupId:t,onboarding:!0};await A("user_group:onboarding_added",e)}s(qU,"createdOnboarding");async function KU(t){let e={permissions:t.roles,groupId:t._id,audited:{name:t.name}};await A("user_group:permissions_edited",e)}s(KU,"permissionsEdited");var XA={created:BU,updated:WU,deleted:GU,usersAdded:$U,usersDeleted:VU,createdOnboarding:qU,permissionsEdited:KU};async function QU(t){let e={currentVersion:t};await A("installation:version:checked",e)}s(QU,"versionChecked");async function jU(t,e){let r={from:t,to:e};await A("installation:version:upgraded",r)}s(jU,"upgraded");async function HU(t,e){let r={from:t,to:e};await A("installation:version:downgraded",r)}s(HU,"downgraded");async function YU(){let t={};await A("installation:firstStartup",t)}s(YU,"firstStartup");var Ao={versionChecked:QU,upgraded:jU,downgraded:HU,firstStartup:YU};async function zU(t,e){let r={layoutId:t._id};await A("layout:created",r,e)}s(zU,"created");async function JU(t){let e={layoutId:t};await A("layout:deleted",e)}s(JU,"deleted");var ZA={created:zU,deleted:JU};async function XU(t,e){let r={accountId:t.accountId,...e};await A("license:plan:changed",r)}s(XU,"planChanged");async function ZU(t){let e={accountId:t.accountId};await A("license:activated",e)}s(ZU,"activated");async function eL(t){let e={accountId:t.accountId};await A("license:checkout:opened",e)}s(eL,"checkoutOpened");async function tL(t){let e={accountId:t.accountId};await A("license:checkout:success",e)}s(tL,"checkoutSuccess");async function rL(t){let e={accountId:t.accountId};await A("license:portal:opened",e)}s(rL,"portalOpened");async function nL(t){let e={accountId:t.accountId};await A("license:payment:failed",e)}s(nL,"paymentFailed");async function iL(t){let e={accountId:t.accountId};await A("license:payment:recovered",e)}s(iL,"paymentRecovered");var e_={planChanged:XU,activated:ZU,checkoutOpened:eL,checkoutSuccess:tL,portalOpened:rL,paymentFailed:nL,paymentRecovered:iL};async function sL(t){let e={};await A("org:info:name:updated",e,t)}s(sL,"nameUpdated");async function oL(t){let e={};await A("org:info:logo:updated",e,t)}s(oL,"logoUpdated");async function aL(t){let e={};await A("org:platformurl:updated",e,t)}s(aL,"platformURLUpdated");async function uL(){let t={};await A("analytics:opt:out",t)}s(uL,"analyticsOptOut");async function cL(){let t={};await A("analytics:opt:out",t)}s(cL,"analyticsOptIn");var t_={nameUpdated:sL,logoUpdated:oL,platformURLUpdated:aL,analyticsOptOut:uL,analyticsOptIn:cL};async function lL(t){let e={type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:init",e)}s(lL,"init");async function dL(t){let e={pluginId:t._id,type:t.schema.type,source:t.source,name:t.name,description:t.description,version:t.version};await A("plugin:imported",e)}s(dL,"imported");async function fL(t){let e={pluginId:t._id,type:t.schema.type,name:t.name,description:t.description,version:t.version};await A("plugin:deleted",e)}s(fL,"deleted");var r_={init:lL,imported:dL,deleted:fL};var pL=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:created",n,r)},"created"),mL=s(async(t,e)=>{let r={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:updated",r)},"updated"),hL=s(async(t,e,r)=>{let n={queryId:e._id,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb,appId:r};await A("query:deleted",n)},"deleted"),EL=s(async(t,e,r)=>{let n={datasourceId:t._id,source:t.source,count:r,importSource:e};await A("query:import",n)},"imported"),gL=s(async(t,e)=>{let r={count:t};await A("queries:run",r,e)},"run"),yL=s(async(t,e)=>{let r={queryId:e.queryId,datasourceId:t._id,source:t.source,queryVerb:e.queryVerb};await A("query:previewed",r)},"previewed"),n_={created:pL,updated:mL,deleted:hL,imported:EL,run:gL,previewed:yL};async function TL({resource:t,fromWorkspace:e,toWorkspace:r},n){let i={resource:t,fromWorkspace:e,toWorkspace:r};await A("resource:copied_to_workspace",i,n)}s(TL,"duplicatedToWorkspace");var i_={duplicatedToWorkspace:TL};async function SL(t,e){let r={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:created",r,e)}s(SL,"created");async function AL(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:updated",e)}s(AL,"updated");async function _L(t){let e={roleId:t._id,permissionId:t.permissionId,inherits:t.inherits};await A("role:deleted",e)}s(_L,"deleted");async function OL(t,e,r){let n={userId:t._id,roleId:e};await A("role:assigned",n,r)}s(OL,"assigned");async function IL(t,e){let r={userId:t._id,roleId:e};await A("role:unassigned",r)}s(IL,"unassigned");var Ro={created:SL,updated:AL,deleted:_L,assigned:OL,unassigned:IL};async function wL(t,e){await A("row_action:created",t,e)}s(wL,"created");var s_={created:wL};var RL=s(async(t,e)=>{let r={count:t};await A("rows:created",r,e)},"created"),DL=s(async(t,e)=>{let r={tableId:t._id,count:e};await A("rows:imported",r)},"imported"),o_={created:RL,imported:DL};async function CL(t,e){let r={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:created",r,e)}s(CL,"created");async function bL(t){let e={layoutId:t.layoutId,screenId:t._id,roleId:t.routing.roleId,audited:{name:t.routing?.route}};await A("screen:deleted",e)}s(bL,"deleted");var a_={created:CL,deleted:bL};async function xL(t){let e={timezone:t};await A("served:builder",e)}s(xL,"servedBuilder");async function vL(t,e,r){let n={appVersion:t.version,timezone:e,embed:r===!0};await A("served:app",n)}s(vL,"servedApp");async function PL(t,e){let r={appId:t.appId,appVersion:t.version,timezone:e};await A("served:app:preview",r)}s(PL,"servedAppPreview");var u_={servedBuilder:xL,servedApp:vL,servedAppPreview:PL};async function NL(t,e){let r={tableId:t._id,audited:{name:t.name}};await A("table:created",r,e)}s(NL,"created");async function UL(t,e){let r,n;for(let o in e.schema)if(!t.schema[o]){let a=e.schema[o];"default"in a&&a.default!=null&&(r=!0),a.type==="ai"&&(n=a.operation)}let i={tableId:e._id,defaultValues:r,aiColumn:n,audited:{name:e.name}};(r||n)&&await A("table:updated",i)}s(UL,"updated");async function LL(t,e){let r={tableId:t._id,audited:{name:t.name},appId:e};await A("table:deleted",r)}s(LL,"deleted");async function kL(t,e){let r={tableId:t._id,format:e,audited:{name:t.name}};await A("table:exported",r)}s(kL,"exported");async function ML(t){let e={tableId:t._id,audited:{name:t.name}};await A("table:imported",e)}s(ML,"imported");var c_={created:NL,updated:UL,deleted:LL,exported:kL,imported:ML};async function FL(t,e){let r={userId:t._id,viaScim:Et(),audited:{email:t.email}};await A("user:created",r,e)}s(FL,"created");async function BL(t){let e={userId:t._id,viaScim:Et(),audited:{email:t.email}};await A("user:updated",e)}s(BL,"updated");async function WL(t){let e={userId:t._id,viaScim:Et(),audited:{email:t.email}};await A("user:deleted",e)}s(WL,"deleted");async function GL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:admin:assigned",r,e)}s(GL,"permissionAdminAssigned");async function $L(t){let e={userId:t._id,audited:{email:t.email}};await A("user:admin:removed",e)}s($L,"permissionAdminRemoved");async function VL(t,e){let r={userId:t._id,audited:{email:t.email}};await A("user:builder:assigned",r,e)}s(VL,"permissionBuilderAssigned");async function qL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:builder:removed",e)}s(qL,"permissionBuilderRemoved");async function KL(t){let e={audited:{email:t}};await A("user:invited",e)}s(KL,"invited");async function QL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:invite:accepted",e)}s(QL,"inviteAccepted");async function jL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:force:reset",e)}s(jL,"passwordForceReset");async function HL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:updated",e)}s(HL,"passwordUpdated");async function YL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset:requested",e)}s(YL,"passwordResetRequested");async function zL(t){let e={userId:t._id,audited:{email:t.email}};await A("user:password:reset",e)}s(zL,"passwordReset");async function JL(t){let e={users:t};await A("user:data:collaboration",e)}s(JL,"dataCollaboration");var Be={created:FL,updated:BL,deleted:WL,permissionAdminAssigned:GL,permissionAdminRemoved:$L,permissionBuilderAssigned:VL,permissionBuilderRemoved:qL,invited:KL,inviteAccepted:QL,passwordForceReset:jL,passwordUpdated:HL,passwordResetRequested:YL,passwordReset:zL,dataCollaboration:JL};async function XL(t,e){let r={name:t.name,type:t.type,tableId:t.tableId};await A("view:created",r,e)}s(XL,"created");async function ZL(t){let e={tableId:t.tableId};await A("view:updated",e)}s(ZL,"updated");async function e0(t,e){let r={...Le.views.isV2(t)?{id:t.id,tableId:t.tableId,appId:e}:{}};await A("view:deleted",r)}s(e0,"deleted");async function t0(t,e){let r={tableId:t._id,format:e};await A("view:exported",r)}s(t0,"exported");async function r0({tableId:t,filterGroups:e},r){let n={tableId:t,filterGroups:e};await A("view:filter:created",n,r)}s(r0,"filterCreated");async function n0({tableId:t,filterGroups:e}){let r={tableId:t,filterGroups:e};await A("view:filter:updated",r)}s(n0,"filterUpdated");async function i0(t){let e={tableId:t.tableId};await A("view:filter:deleted",e)}s(i0,"filterDeleted");async function s0({tableId:t,calculationType:e},r){let n={tableId:t,calculation:e};await A("view:calculation:created",n,r)}s(s0,"calculationCreated");async function o0(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:updated",e)}s(o0,"calculationUpdated");async function a0(t){let e={tableId:t.tableId,calculation:t.calculation};await A("view:calculation:deleted",e)}s(a0,"calculationDeleted");async function u0(t,e){let r={tableId:t};await A("view:join:created",r,e)}s(u0,"viewJoinCreated");var l_={created:XL,updated:ZL,deleted:e0,exported:t0,filterCreated:r0,filterUpdated:n0,filterDeleted:i0,calculationCreated:s0,calculationUpdated:o0,calculationDeleted:a0,viewJoinCreated:u0};async function c0(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};A("workspace_app:created",r).catch(n=>{console.error("appCreated telemetry failed",{workspaceAppId:t._id,err:n})})}s(c0,"appCreated");async function l0(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};A("workspace_app:updated",r).catch(n=>{console.error("appUpdated telemetry failed",{workspaceAppId:t._id,err:n})})}s(l0,"appUpdated");async function d0(t,e){let r={workspaceAppId:t._id,audited:{name:t.name},appId:e};A("workspace_app:deleted",r).catch(n=>{console.error("appDeleted telemetry failed",{workspaceAppId:t._id,err:n})})}s(d0,"appDeleted");var d_={appCreated:c0,appUpdated:l0,appDeleted:d0};function f0(){}s(f0,"initAsyncEvents");var p0=s(async()=>{await Zt.shutdown(),console.log("Events shutdown")},"shutdown");var im={};P(im,{creatorsInList:()=>xr,getAccountHolderFromUsers:()=>lc,hasAdminPermissions:()=>br,hasAppBuilderPermissions:()=>E_,hasBuilderPermissions:()=>Fe,isAdmin:()=>xt,isAdminOrBuilder:()=>h_,isAdminOrWorkspaceBuilder:()=>ac,isBuilder:()=>Ii,isCreatorAsync:()=>Co,isCreatorSync:()=>uc,isGlobalBuilder:()=>m_,validateUniqueUser:()=>cc});async function nm(t){let e=[],r=await f_(t);e.push(...r.map(a=>a.email));let n=await p_(t);e.push(...n.map(a=>a._id));let i=await Si(t);e.push(...i.map(a=>a.email));let o=await Lp(t);return e.push(...o.map(a=>a.email)),[...new Set(e.map(a=>a.toLowerCase()))]}s(nm,"searchExistingEmails");async function oc(t){return await qs("platform_users_lowercase_2",{keys:[t.toLowerCase()],include_docs:!0})}s(oc,"getPlatformUsers");async function Do(t){return(await oc(t))[0]??null}s(Do,"getFirstPlatformUser");async function f_(t){let r={keys:t.map(i=>i.toLowerCase()),include_docs:!0},n={arrayResponse:!0};return await Kt("by_email2",r,void 0,n)}s(f_,"getExistingTenantUsers");async function p_(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await qs("platform_users_lowercase_2",r)}s(p_,"getExistingPlatformUsers");async function Si(t){let r={keys:t.map(n=>n.toLowerCase()),include_docs:!0};return await qs("account_by_email",r)}s(Si,"getExistingAccounts");var Ii=ke.users.isBuilder,xt=ke.users.isAdmin,m_=ke.users.isGlobalBuilder,h_=ke.users.isAdminOrBuilder,br=ke.users.hasAdminPermissions,Fe=ke.users.hasBuilderPermissions,E_=ke.users.hasAppBuilderPermissions,ac=ke.users.isAdminOrWorkspaceBuilder;async function xr(t,e){let r=[...new Set(t.filter(i=>i.userGroups).flatMap(i=>i.userGroups))];return e=await Y().getMultiple(r,{allowMissing:!0}),t.map(i=>uc(i,e))}s(xr,"creatorsInList");async function Co(t){let e=[];return t.userGroups&&(e=await Y().getMultiple(t.userGroups)),uc(t,e)}s(Co,"isCreatorAsync");function uc(t,e){let r=ke.users.isCreator(t);return!r&&t?m0(t,e):r}s(uc,"isCreatorSync");function m0(t,e){let r=e?.filter(n=>t.userGroups?.indexOf(n._id)!==-1);return r&&r.length>0?r.some(n=>Object.values(n.roles||{}).includes("CREATOR")):!1}s(m0,"isCreatorByGroupMembership");async function cc(t,e){if(m.MULTI_TENANCY){let r=await Do(t);if(r!=null&&r.tenantId!==e)throw new Jt(t)}if(!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let r=await Cr(t);if(r&&r.verified&&r.tenantId!==e)throw new Jt(t)}}s(cc,"validateUniqueUser");async function lc(t){if(!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let e=await Si(t.map(r=>r.email));return t.find(r=>e.map(n=>n.email).includes(r.email))}}s(lc,"getAccountHolderFromUsers");var sm=s(async t=>{await Be.deleted(t),Fe(t)&&await Be.permissionBuilderRemoved(t),br(t)&&await Be.permissionAdminRemoved(t)},"handleDeleteEvents"),h0=s(async(t,e,r)=>{for(let[n,i]of Object.entries(e))(!r||r[n]!==i)&&await Ro.assigned(t,i)},"assignAppRoleEvents"),E0=s(async(t,e,r)=>{if(r)for(let[n,i]of Object.entries(r))(!e||e[n]!==i)&&await Ro.unassigned(t,i)},"unassignAppRoleEvents"),g0=s(async(t,e)=>{let r=t.roles,n=e?.roles;await h0(t,r,n),await E0(t,r,n)},"handleAppRoleEvents"),om=s(async(t,e,r)=>{let n=r;!n&&!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL&&(n=await hi(G())),await St.identifyUser(t,n),e?(await Be.updated(t),T0(t,e)&&await Be.permissionBuilderRemoved(t),A0(t,e)&&await Be.permissionAdminRemoved(t),!e.forceResetPassword&&t.forceResetPassword&&t.password&&await Be.passwordForceReset(t),t.password!==e.password&&await Be.passwordUpdated(t)):await Be.created(t),y0(t,e)&&await Be.permissionBuilderAssigned(t),S0(t,e)&&await Be.permissionAdminAssigned(t),await g0(t,e)},"handleSaveEvents"),y0=s((t,e)=>g_(t,e,Fe),"isAddingBuilder"),T0=s((t,e)=>y_(t,e,Fe),"isRemovingBuilder"),S0=s((t,e)=>g_(t,e,br),"isAddingAdmin"),A0=s((t,e)=>y_(t,e,br),"isRemovingAdmin"),g_=s((t,e,r)=>!(!r(t)||e&&r(e)),"isAddingPermission"),y_=s((t,e,r)=>!(r(t)||!e||!r(e)),"isRemovingPermission");var O0=s(async t=>{let e=t._id;await yt.removeUser(t),await sm(t),await vr.invalidateUser(e),await On(e,{reason:"bulk-deletion"})},"bulkDeleteProcessing"),vt=class t{static{s(this,"UserDB")}static init(e,r,n){t.quotas=e,t.groups=r,t.features=n}static async isPreventPasswordActions(e,r){return m.ENABLE_SSO_MAINTENANCE_MODE&&xt(e)?!1:await t.features.isSSOEnforced()||zo(e)?!0:(r||(r=await hi(G())),!!(r&&r.email===e.email&&Yo(r)))}static async buildUser(e,r={hashPassword:!0,requirePassword:!0},n,i,o){let{password:a,_id:u}=e;i&&!i.password&&(r.requirePassword=!1);let c;if(a&&a!==i?.password){if(await t.isPreventPasswordActions(e,o))throw new Me("Password change is disabled for this user",400);if(!r.skipPasswordValidation){let f=Vp(a);if(!f.valid)throw new Me(f.error,400)}c=r.hashPassword?await df(a):a}else i&&(c=i.password);let l=r.requirePassword&&!await t.features.isSSOEnforced();if(!c&&l)throw"Password must be specified.";u=u||ii();let d={createdAt:Date.now(),...i,...e,_id:u,password:c,tenantId:n};return d.roles||(d.roles={}),d.status==null&&(d.status="active"),d}static async allUsers(){return(await Y().allDocs(cn(null,{include_docs:!0}))).rows.map(n=>n.doc)}static async countUsersByWorkspace(e){if(typeof e!="string"||!e)throw new Error("Must provide a string based workspace ID");return{userCount:(await Ks("by_app",si(e,{include_docs:!1}))).rows.length}}static async getUsersByAppAccess(e){return await am(e.appId,{limit:e.limit||50})}static async getUserByEmail(e){return At(e)}static async getUser(e){let r=await wn(e);return r&&delete r.password,r}static async bulkGet(e){return await dc(e)}static async bulkUpdate(e){return await bo(e)}static async save(e,r={}){r.hashPassword==null&&(r.hashPassword=!0),r.requirePassword==null&&(r.requirePassword=!0);let n=G(),i=Y(),{email:o,_id:a,userGroups:u=[],roles:c}=e;if(!o&&!a)throw new Error("_id or email is required");let l;if(a)try{if(l=await wn(a),o&&l.email!==o&&!r.allowChangingEmail)throw new Error("Email address cannot be changed")}catch(g){if(g.status!==404)throw g}if(!l&&o&&(l=await At(o),l&&l._id!==a))throw new Jt(o);let d=!l,f=!!l&&!!o&&l.email!==o,E=!r.isAccountHolder&&!!o&&(d||f),p=[...u];if(d&&p.length===0){let g=await t.groups.getDefaultGroup?.();g?._id&&(p=[g._id])}let T=1,h=0;if((r.isAccountHolder||l)&&(T=0,h=1),l){let[g,y]=await xr([l,e]);h=g!==y?1:0}else if(!r.isAccountHolder){let g=p.length>0?{...e,userGroups:p}:e;h=(await xr([g]))[0]?1:0}return t.quotas.addUsers(T,h,async()=>{E&&await cc(o,n);let g=await t.buildUser(e,r,n,l);r.currentUserId&&r.currentUserId===l?._id&&(g=um(g,l)),!l&&c?.length&&(g.roles={...c});let y=[];if(d){p.length>0&&(g.userGroups=p);for(let I of p)y.push(t.groups.addUsers(I,[g._id]))}try{let I=await i.put(g);return g._rev=I.rev,await om(g,l),l&&g.email!==l.email&&await yt.removeUser({email:l.email}),await yt.addUser(n,g._id,g.email,g.ssoId),await vr.invalidateUser(I.id),await Promise.all(y),i.get(g._id)}catch(I){throw I.status===409?"User exists already":I}})}static async bulkCreate(e,r){let n=G(),i=[],o=[],a=[],u=e.map(T=>T.email),c=await nm(u),l=[],d=!!r?.length,f=d?[...r]:[];if(!d){let T=await t.groups.getDefaultGroup?.();T?._id&&(f=[T._id])}for(let T of e){let h=o.find(y=>y.email.toLowerCase()===T.email.toLowerCase()),g=c.includes(T.email.toLowerCase());if(h||g){l.push({email:T.email,reason:"Unavailable"});continue}T.userGroups=[...f],o.push(T),await Co(T)&&a.push(T)}let E=await hi(n),p=await t.features.isSSOEnforced();return t.quotas.addUsers(o.length,a.length,async()=>{for(let g of o)p&&delete g.password,i.push(t.buildUser(g,{hashPassword:!0,requirePassword:!p},n,void 0,E));let T=await Promise.all(i);await bo(T);for(let g of T)await yt.addUser(n,g._id,g.email),await om(g,void 0,E);let h=T.map(g=>({_id:g._id,email:g.email}));if(Array.isArray(h)&&f.length){let g=[],y=h.map(I=>I._id);for(let I of f)g.push(t.groups.addUsers(I,y));await Promise.all(g)}return{successful:h,unsuccessful:l}})}static async bulkDelete(e){let r=Y(),n={successful:[],unsuccessful:[]},i=await lc(e);i&&(e=e.filter(p=>p.userId!==i.userId),n.unsuccessful.push({_id:i.userId,email:i.email,reason:"Account holder cannot be deleted"}));let a=(await r.allDocs({include_docs:!0,keys:e.map(p=>p.userId)})).rows.map(p=>p.doc),u=a.map(p=>({...p,_deleted:!0})),c=await bo(u),d=(await xr(a)).filter(p=>p).length,f=[];for(let p of a){let h=(await Do(p._id)).ssoId;h&&(await oc(h)).filter(y=>y.ssoId==null).forEach(y=>{f.push({...y,_deleted:!0})}),await O0(p)}await Dr().bulkDocs(f),await t.quotas.removeUsers(u.length,d);let E={};return a.reduce((p,T)=>(p[T._id]=T,p),E),c.forEach(p=>{let T=E[p.id].email;p.ok?n.successful.push({_id:p.id,email:T}):n.unsuccessful.push({_id:p.id,email:T,reason:"Database error"})}),n}static async destroy(e){let r=Y(),n=await r.get(e),i=n._id;if(!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let a=n.email;if(await Cr(a))throw n.userId===$t()._id?new Me('Please visit "Account" to delete this user',400):new Me("Account holder cannot be deleted",400)}await yt.removeUser(n),await r.remove(i,n._rev);let o=await Co(n)?1:0;await t.quotas.removeUsers(1,o),await sm(n),await vr.invalidateUser(i),await On(i,{reason:"deletion"})}static async createAdminUser(e,r,n){let i=n?.password,o={email:e,password:i,createdAt:Date.now(),roles:{},builder:{global:!0},admin:{global:!0},tenantId:r,firstName:n?.firstName,lastName:n?.lastName};return n?.ssoId&&(o.ssoId=n.ssoId),await pi(ye.CHECKLIST),await t.save(o,{hashPassword:n?.hashPassword,requirePassword:n?.requirePassword,skipPasswordValidation:n?.skipPasswordValidation,isAccountHolder:!0})}static async getGroups(e){return await this.groups.getBulk(e)}static async getGroupBuilderAppIds(e){return await this.groups.getGroupBuilderAppIds(e)}};function vo(t){return Array.isArray(t)?t.map(e=>{if(e)return delete e.password,e}):t&&(delete t.password,t)}s(vo,"removeUserPassword");async function dc(t,e){let n=(await Y().allDocs({keys:t,include_docs:!0})).rows.map(i=>i.doc);return e?.cleanup&&(n=vo(n)),n}s(dc,"bulkGetGlobalUsersById");async function w0(){let t=Y(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`})).rows.map(n=>n.id)}s(w0,"getAllUserIds");async function R0(){let t=Y(),e=`us${D}`;return(await t.allDocs({startkey:e,endkey:`${e}${Pe}`,include_docs:!0})).rows.map(n=>n.doc)}s(R0,"getAllUsers");async function bo(t){return await Y().bulkDocs(t)}s(bo,"bulkUpdateGlobalUsers");async function wn(t,e){let n=await Y().get(t);return e?.cleanup&&(n=vo(n)),n}s(wn,"getById");async function At(t,e){if(t==null)throw"Must supply an email address to view";let r=await Kt("by_email2",{key:t.toLowerCase(),include_docs:!0});if(Array.isArray(r))throw new Error(`Multiple users found with email address: ${t}`);let n=r;return e?.cleanup&&(n=vo(n)),n}s(At,"getGlobalUserByEmail");async function D0(t){try{let e=await At(t);if(Array.isArray(e)||e!=null)return!0}catch{return!1}return!1}s(D0,"doesUserExist");async function T_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string based workspace ID");let n=si(t,{include_docs:!0});n.startkey=e&&e.startkey?e.startkey:n.startkey;let i=await Kt("by_app",n);i||(i=[]);let o=Array.isArray(i)?i:[i];return r?.cleanup&&(o=vo(o)),o}s(T_,"searchGlobalUsersByApp");async function am(t,e){let r=`roles.${t}`,n=[{"builder.global":!0},{"admin.global":!0}];if(t){let a={[r]:{$exists:!0}};n.push(a)}return(await Y().find({selector:{$or:n,_id:{$regex:"^us_"}},limit:e?.limit||50})).docs}s(am,"searchGlobalUsersByAppAccess");function S_(t,e){if(e)return Tu(He(t),e._id)}s(S_,"getGlobalUserByAppPage");async function A_(t,e,r){if(typeof t!="string")throw new Error("Must provide a string to search by");let n=t.toLowerCase(),i=e&&e.startkey?e.startkey:n,o=await Kt("by_email2",{...e,startkey:i,endkey:`${n}${Pe}`});o||(o=[]);let a=Array.isArray(o)?o:[o];return r?.cleanup&&(a=vo(a)),a}s(A_,"searchGlobalUsersByEmail");var C0=8;async function __({bookmark:t,query:e,appId:r,limit:n}={}){let i=Y(),o=n??C0,u={include_docs:!0,limit:o+1};t&&(u.startkey=t);let c,l="_id",d;return e?.equal?._id?c=[await wn(e.equal._id)]:r?(c=await T_(r,u),d=s(f=>S_(r,f),"getKey")):e?.string?.email?(c=await A_(e?.string?.email,u),l="email"):e?.oneOf?._id?c=await dc(e?.oneOf?._id,{cleanup:!0}):e?(c=(await i.allDocs(cn(null,{...u,limit:void 0}))).rows.map(E=>E.doc),c=mr.search(c,{query:e,limit:u.limit}).rows):c=(await i.allDocs(cn(null,u))).rows.map(E=>E.doc),jf(c,o,{paginate:!0,property:l,getKey:d})}s(__,"paginatedUsers");async function b0(){return(await Ks("by_email2",{limit:0,include_docs:!1})).total_rows}s(b0,"getUserCount");async function x0(){let t=0;async function e(r){let n=await __({bookmark:r}),i=await xr(n.data);t+=i.filter(o=>o).length,n.hasNextPage&&await e(n.nextPage)}return s(e,"iterate"),await e(),t}s(x0,"getCreatorCount");function v0(t){return delete t.admin,delete t.builder,t}s(v0,"removePortalUserPermissions");function um(t,e){return delete t.admin,delete t.builder,delete t.roles,e&&(t.admin=e.admin,t.builder=e.builder,t.roles=e.roles),t}s(um,"cleanseUserObject");async function P0(t,e){let r=He(e);t.builder??={},t.builder.creator=!0,t.builder.apps??=[],t.builder.apps.push(r),await vt.save(t,{hashPassword:!1})}s(P0,"addAppBuilder");async function N0(t,e){let r=He(e);t.builder&&t.builder.apps?.includes(r)&&(t.builder.apps=t.builder.apps.filter(n=>n!==r)),await vt.save(t,{hashPassword:!1})}s(N0,"removeAppBuilder");var O_=3600;async function U0(t,e){let n=await Xf(e).get(t);if(n.budibaseAccess=!0,!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let i=await Cr(n.email);i&&(n.account=i,n.accountPortalAccess=!0)}return n}s(U0,"populateFromDB");async function L0(t){let e=await vt.bulkGet(t),r=t.filter((i,o)=>!e[o]),n=e.filter(i=>i);return await Promise.all(n.map(async i=>{if(i.budibaseAccess=!0,!m.SELF_HOSTED&&!m.DISABLE_ACCOUNT_PORTAL){let o=await Cr(i.email);o&&(i.account=o,i.accountPortalAccess=!0)}})),r.length?{users:n,notFoundIds:r}:{users:n}}s(L0,"populateUsersFromDB");async function Po({userId:t,tenantId:e,email:r,populateUser:n}){if(n||(n=U0),!e)try{e=G()}catch{e=await yt.lookupTenantId(t)}let i=await Ms(),o=await i.get(t);return o||(o=await n(t,e,r),await i.store(t,o,O_)),o&&!o.tenantId&&e&&(o.tenantId=e),o.userGroups&&!ke.users.isGlobalBuilder(o)&&await be(e,async()=>{let a=await vt.getGroupBuilderAppIds(o);if(a.length){let u=o.builder?.apps||[];o.builder={apps:[...new Set(u.concat(a))]}}}),o}s(Po,"getUser");async function k0(t){let e=await Ms(),r=await e.bulkGet(t),n=t.filter(a=>!r[a]),i=Object.values(r).filter(a=>!!a),o;if(n.length){let a=await L0(n);o=a.notFoundIds;for(let u of a.users)await e.store(u._id,u,O_);i.push(...a.users)}return{users:i,notFoundIds:o}}s(k0,"getUsers");async function No(t){await(await Ms()).delete(t)}s(No,"invalidateUser");var fm={};P(fm,{Writethrough:()=>lm});var I_=1e4,cm=null;async function fc(){if(!cm){let t=await Wf();cm=new hn(t)}return cm}s(fc,"getCache");function Uo(t,e){return t.name+e}s(Uo,"makeCacheKey");function dm(t,e=null){return{doc:t,lastWrite:e||Date.now()}}s(dm,"makeCacheItem");async function M0(t,e,r=I_){let n=await fc(),i=e._id,o;i&&(o=await n.get(Uo(t,i)));let a=!o||o.lastWrite<Date.now()-r,u=e;return a&&((await co({type:"try_once",name:"persist_writethrough",resource:i,ttl:15e3},async()=>{let l=s(async d=>{let f=await t.put(d,{force:!0});u._id=f.id,u._rev=f.rev},"writeDb");try{await l(e)}catch(d){if(d.status!==409)throw d;fi("Ignoring conflict in write-through cache")}})).executed||fi("Ignoring redlock conflict in write-through cache")),o=dm(u,a?null:o?.lastWrite),u._id&&await n.store(Uo(t,u._id),o),{ok:!0,id:u._id,rev:u._rev}}s(M0,"put");async function F0(t,e){let r=await fc(),n=Uo(t,e),i=await r.get(n);if(!i){let o=await t.get(e);i=dm(o),await r.store(n,i)}return i.doc}s(F0,"get");async function B0(t,e){let r=await fc(),n=Uo(t,e),i=await r.get(n);if(!i){let o=await t.tryGet(e);if(!o)return null;i=dm(o),await r.store(n,i)}return i.doc}s(B0,"tryGet");async function W0(t,e,r){let n=await fc();if(!e)throw new Error("No ID/Rev provided.");let i=typeof e=="string"?e:e._id;r=typeof e=="string"?r:e._rev;try{await n.delete(Uo(t,i))}finally{await t.remove(i,r)}}s(W0,"remove");var lm=class{static{s(this,"Writethrough")}constructor(e,r=I_){this.db=e,this.writeRateMs=r}async put(e,r=this.writeRateMs){return M0(this.db,e,r)}async get(e){return F0(this.db,e)}async tryGet(e){return B0(this.db,e)}async remove(e,r){return W0(this.db,e,r)}};function Lo(t){return`config${D}${t}`}s(Lo,"generateConfigID");var pc="en";function G0(){return{_id:Lo("translations"),type:"translations",config:{defaultLocale:pc,locales:{[pc]:{label:"English",overrides:{}}}}}}s(G0,"createDefaultTranslationsConfig");function $0(t){let e=t?.defaultLocale||pc,r={...t?.locales??{}};r[e]||(r[e]={label:e===pc?"English":e,overrides:{}});for(let n of Object.keys(r))r[n].overrides||(r[n]={...r[n],overrides:{}});return{defaultLocale:e,locales:r}}s($0,"prepareTranslationsConfig");async function We(t){let e=Y();try{return await e.get(Lo(t))}catch(r){if(r.status===404)return;throw r}}s(We,"getConfig");async function V0(t){return t._id||(t._id=Lo(t.type)),Y().put(t)}s(V0,"save");async function w_(){let t=await We("translations");return t?(t.config=$0(t.config),t):G0()}s(w_,"getTranslationsConfigDoc");async function q0(){return(await w_()).config}s(q0,"getTranslationsConfig");async function _i(){let t=await We("settings");return t||(t={_id:Lo("settings"),type:"settings",config:{}}),t.config.platformUrl=await ko({tenantAware:!0,config:t.config}),t.config.analyticsEnabled=await ec({config:t.config}),t}s(_i,"getSettingsConfigDoc");async function mm(){return(await _i()).config}s(mm,"getSettingsConfig");async function ko(t={tenantAware:!0}){let e=m.PLATFORM_URL||"http://localhost:10000";if(!m.SELF_HOSTED&&m.MULTI_TENANCY&&t.tenantAware){let r=G();e.includes("localhost:")||(e=e.replace("://",`://${r}.`))}else if(m.SELF_HOSTED){let r=t?.config?t.config:(await We("settings"))?.config;r?.platformUrl&&(e=r.platformUrl)}return e}s(ko,"getPlatformUrl");var ec=s(async t=>{if(!m.SELF_HOSTED)return!!m.ENABLE_ANALYTICS;let e=await Rr(ye.ANALYTICS_ENABLED,86400,async()=>{let n=t?.config?t.config:(await We("settings"))?.config;if(n?.analyticsEnabled===!1)return!1;if(n?.analyticsEnabled===!0)return!0});if(e!==void 0)return e;let r=m.ENABLE_ANALYTICS;return!(r===0||r===!1)},"analyticsEnabled");async function K0(){return await We("google")}s(K0,"getGoogleConfigDoc");async function hc(){return(await K0())?.config}s(hc,"getGoogleConfig");async function hm(){if(!m.SELF_HOSTED)return pm();let t=await hc();return(!t||!t.activated)&&(t=pm()),t}s(hm,"getGoogleDatasourceConfig");function pm(){if(m.GOOGLE_CLIENT_ID&&m.GOOGLE_CLIENT_SECRET)return{clientID:m.GOOGLE_CLIENT_ID,clientSecret:m.GOOGLE_CLIENT_SECRET,activated:!0}}s(pm,"getDefaultGoogleConfig");async function Q0(){return We("logos_oidc")}s(Q0,"getOIDCLogosDoc");async function j0(){return We("oidc")}s(j0,"getOIDCConfigDoc");async function H0(){let t=(await j0())?.config;return t?.configs&&t.configs[0]}s(H0,"getOIDCConfig");async function Em(t){let e=(await We("oidc"))?.config;return e&&e.configs.filter(r=>r.uuid===t)[0]}s(Em,"getOIDCConfigById");async function R_(){return We("smtp")}s(R_,"getSMTPConfigDoc");async function Y0(t){let e=await R_();if(e)return e.config;let r=m.SELF_HOSTED||!t;if(m.SMTP_FALLBACK_ENABLED&&r)return{port:m.SMTP_PORT,host:m.SMTP_HOST,secure:!1,from:m.SMTP_FROM_ADDRESS,auth:{user:m.SMTP_USER,pass:m.SMTP_PASSWORD},fallback:!0}}s(Y0,"getSMTPConfig");async function z0(){return(await We("scim"))?.config}s(z0,"getSCIMConfig");async function J0(){return We("recaptcha")}s(J0,"getRecaptchaConfig");var Rm={};P(Rm,{AccessController:()=>Tm,BUILTIN_ROLE_IDS:()=>Sm,Role:()=>Pr,RoleHierarchyTraversal:()=>Ec,RoleIDVersion:()=>Am,builtinRoleToNumber:()=>Mo,checkForRoleResourceArray:()=>x_,externalRole:()=>nk,findRole:()=>Fo,getAllRoleIds:()=>ak,getAllRoles:()=>wm,getBuiltinRole:()=>C_,getBuiltinRoles:()=>Om,getDBRoleID:()=>v_,getExternalRoleID:()=>Nr,getExternalRoleIDs:()=>P_,getRole:()=>ik,getUserRoleHierarchy:()=>Im,getUserRoleIdHierarchy:()=>b_,isBuiltin:()=>Ur,lowerBuiltinRoleID:()=>rk,prefixRoleIDNoBuiltin:()=>ym,roleIDsAreEqual:()=>Ye,roleToNumber:()=>tk,saveRoles:()=>sk,validInherits:()=>ek});var D_=require("lodash"),gc=B(require("lodash/fp/cloneDeep")),gm=B(require("semver"));var Sm={ADMIN:"ADMIN",POWER:"POWER",BASIC:"BASIC",PUBLIC:"PUBLIC"},re={...Sm,BUILDER:"BUILDER"},Am={UUID:void 0,NAME:"name"};function Z0(t,e){return Array.isArray(e)?e.filter(r=>t.includes(r)).length===e.length:t.includes(e)}s(Z0,"rolesInList");var Pr=class{constructor(e,r,n,i){this.permissions={};this._id=e,this.name=r,this.uiMetadata=i,this.permissionId=n,this.version=Am.NAME}static{s(this,"Role")}addInheritance(e){return e&&typeof e=="string"?e=ym(e):e&&Array.isArray(e)&&(e=e.map(ym)),this.inherits=e,this}},Ec=class{static{s(this,"RoleHierarchyTraversal")}constructor(e,r){this.allRoles=e,this.opts=r}walk(e){let r=this.opts,n=this.allRoles,i=[];if(!e||!e._id)return i;if(i.push(e),Array.isArray(e.inherits))for(let o of e.inherits){let a=Fo(o,n,r);a&&(i=i.concat(this.walk(a)))}else{let o=[],a=e;for(;a&&a.inherits&&!Z0(o,a.inherits);){if(Array.isArray(a.inherits))return i.concat(this.walk(a));if(o.push(a.inherits),a=Fo(a.inherits,n,r),a&&i.push(a),Le.roles.checkForRoleInheritanceLoops(i))break}}return(0,D_.uniqBy)(i,o=>o._id)}},_m={ADMIN:new Pr(re.ADMIN,re.ADMIN,"admin",{displayName:"Admin user",description:"Can do everything",color:"var(--spectrum-global-color-static-red-400)"}).addInheritance(re.POWER),POWER:new Pr(re.POWER,re.POWER,"power",{displayName:"App power user",description:"An app user with more access",color:"var(--spectrum-global-color-static-orange-400)"}).addInheritance(re.BASIC),BASIC:new Pr(re.BASIC,re.BASIC,"write",{displayName:"Basic user",description:"Any logged in user",color:"var(--spectrum-global-color-static-green-400)"}).addInheritance(re.PUBLIC),PUBLIC:new Pr(re.PUBLIC,re.PUBLIC,"public",{displayName:"Public user",description:"Accessible to anyone",color:"var(--spectrum-global-color-static-blue-400)"}),BUILDER:new Pr(re.BUILDER,re.BUILDER,"admin",{displayName:"Builder user",description:"Users that can edit this app",color:"var(--spectrum-global-color-static-magenta-600)"})};function Om(){return(0,gc.default)(_m)}s(Om,"getBuiltinRoles");function Ur(t){return Object.values(Sm).includes(t)}s(Ur,"isBuiltin");function ym(t){return Ur(t)?t:Vt(t)}s(ym,"prefixRoleIDNoBuiltin");function C_(t){let e=Object.values(_m).find(r=>t.includes(r._id));if(e)return(0,gc.default)(e)}s(C_,"getBuiltinRole");function ek(t,e){if(!e)return!1;let r=s(n=>t.find(i=>Ye(i._id,n)),"find");if(Array.isArray(e)){let n=e.filter(i=>r(i));return e.length!==0&&n.length===e.length}else return!!r(e)}s(ek,"validInherits");function Mo(t){let e=Om(),r=Object.values(e).length+1;if(Ye(t,re.ADMIN)||Ye(t,re.BUILDER))return r;let n=e[t],i=0;do{if(!n)break;if(Array.isArray(n.inherits))throw new Error("Built-in roles don't support multi-inheritance");n=e[n.inherits],i++}while(n!==null);return i}s(Mo,"builtinRoleToNumber");async function tk(t){if(Ur(t))return Mo(t);let e=await Im(t,{defaultPublic:!0}),r=s(n=>{if(!n.inherits)return 0;if(Array.isArray(n.inherits)){let i=n.inherits.map(o=>{let a=e.find(u=>Ye(u._id,o));if(a)return r(a)+1}).filter(o=>o).sort().pop();if(i!=null)return i}else if(Ur(n.inherits))return Mo(n.inherits)+1;return 0},"findNumber");return Math.max(...e.map(r))}s(tk,"roleToNumber");function rk(t,e){return t?e&&Mo(t)>Mo(e)?e:t:e}s(rk,"lowerBuiltinRoleID");function Ye(t,e){return Vt(t)===Vt(e)}s(Ye,"roleIDsAreEqual");function nk(t){let e;return t._id&&(e=Nr(t._id)),{...t,_id:e,inherits:P_(t.inherits,t.version)}}s(nk,"externalRole");function Fo(t,e,r){let n=C_(t);n||(t=Vt(t));let i=e.find(o=>o._id&&Ye(o._id,t));return!i&&!Ur(t)&&r?.defaultPublic?(0,gc.default)(_m.PUBLIC):(n=Object.assign(n||{},i),n?._id&&(n._id=Nr(n._id,n.version)),Object.keys(n).length===0?void 0:n)}s(Fo,"findRole");async function ik(t,e){let r=ri(),n=[];if(!Ur(t)){let i=await r.tryGet(v_(t));i&&n.push(i)}return Fo(t,n,e)}s(ik,"getRole");async function sk(t){await ri().bulkDocs(t.filter(r=>r._id).map(r=>({...r,_id:Vt(r._id)})))}s(sk,"saveRoles");async function ok(t,e){let r=await wm();if(Ye(t,re.ADMIN))return r;let n=Fo(t,r,e),i=[];return n&&(i=new Ec(r,e).walk(n)),i}s(ok,"getAllUserRoles");async function b_(t){return(await Im(t)).map(r=>r._id)}s(b_,"getUserRoleIdHierarchy");async function Im(t,e){return ok(t,e)}s(Im,"getUserRoleHierarchy");function x_(t,e){if(t&&!Array.isArray(t[e])){let r=t[e];t[e]=[r],r==="write"&&t[e].push("read")}return t}s(x_,"checkForRoleResourceArray");async function ak(t){return(await wm(t)).map(r=>r._id)}s(ak,"getAllRoleIds");async function wm(t){if(t)return je(t,e);{let r;try{r=ri()}catch{}return e(r)}async function e(r){let n=[];r&&(n=(await r.allDocs(Su(null,{include_docs:!0}))).rows.map(u=>u.doc),n.forEach(u=>u._id=Nr(u._id,u.version)));let i=Om(),o=[];!r||await uk(r)?o=[re.ADMIN,re.POWER,re.BASIC,re.PUBLIC]:o=[re.ADMIN,re.BASIC,re.PUBLIC];for(let a of o){let u=i[a],c=n.filter(l=>Ye(l._id,a))[0];c==null?n.push(u||i.BASIC):(n=n.filter(l=>l._id!==c._id),c._id=Nr(u._id,c.version),n.push({...u,...c,name:u.name,_id:Nr(u._id,u.version),uiMetadata:{...c.uiMetadata,...u.uiMetadata}}))}for(let a of n)if(a.permissions)for(let u of Object.keys(a.permissions))a.permissions=x_(a.permissions,u);return n}s(e,"internal")}s(wm,"getAllRoles");async function uk(t){if(await ck(t))return!0;let r=(await t.tryGet("app_metadata"))?.creationVersion;return!r||!gm.default.valid(r)?!0:!gm.default.gte(r,m.MIN_VERSION_WITHOUT_POWER_ROLE)}s(uk,"shouldIncludePowerRole");async function ck(t){let r=(await t.tryGet("ta_users"))?.schema?.roleId?.constraints?.inclusion;return!Array.isArray(r)||!r.some(i=>Ye(i,re.POWER))?!1:r.some(i=>!Ur(i))}s(ck,"hasLegacyPowerRole");var Tm=class{static{s(this,"AccessController")}constructor(){this.userHierarchies={}}async hasAccess(e,r){if(e==null||e===""||Ye(e,re.BUILDER)||Ye(r,e)||Ye(r,re.BUILDER))return!0;let n=r?this.userHierarchies[r]:null;return!n&&r&&(n=await b_(r),this.userHierarchies[r]=n),n?.find(i=>Ye(i,e))!==void 0}async checkScreensAccess(e,r){let n=[];for(let i of e){let o=await this.checkScreenAccess(i,r);o&&n.push(o)}return n}async checkScreenAccess(e,r){let n=e&&e.routing?e.routing.roleId:void 0;return await this.hasAccess(n,r)?e:null}};function v_(t){return t?.startsWith("role")?t:Vt(t)}s(v_,"getDBRoleID");function Nr(t,e){if(t.startsWith(`role${D}`)&&(Ur(t)||e===Am.NAME)){let r=t.split(D);return r.shift(),r.join(D)}return t}s(Nr,"getExternalRoleID");function P_(t,e){return t&&(typeof t=="string"?Nr(t,e):t.map(r=>Nr(r,e)))}s(P_,"getExternalRoleIDs");var Dm={};P(Dm,{BUILDER:()=>mk,BUILTIN_PERMISSIONS:()=>yc,CREATOR:()=>hk,GLOBAL_BUILDER:()=>Ek,PermissionImpl:()=>se,PermissionLevel:()=>Pi,PermissionType:()=>jo,doesHaveBasePermission:()=>fk,getAllowedLevels:()=>k_,getBuiltinPermissionByID:()=>dk,getBuiltinPermissions:()=>lk,isPermissionLevelHigherThanRead:()=>pk,levelToNumber:()=>L_});var N_=B(require("lodash/flatten")),U_=B(require("lodash/fp/cloneDeep"));var se=class{static{s(this,"PermissionImpl")}constructor(e,r){this.type=e,this.level=r}};function L_(t){switch(t){case"execute":return 0;case"read":return 1;case"write":return 2;case"admin":return 3;default:return-1}}s(L_,"levelToNumber");function k_(t){switch(t){case"execute":return["execute"];case"read":return["execute","read"];case"write":case"admin":return["execute","read","write"];default:return[]}}s(k_,"getAllowedLevels");var yc={PUBLIC:{_id:"public",name:"Public",permissions:[new se("webhook","execute")]},READ_ONLY:{_id:"read_only",name:"Read only",permissions:[new se("query","read"),new se("table","read"),new se("app","read")]},WRITE:{_id:"write",name:"Read/Write",permissions:[new se("query","write"),new se("table","write"),new se("automation","execute"),new se("legacy_view","read"),new se("app","read")]},POWER:{_id:"power",name:"Power",permissions:[new se("table","write"),new se("user","read"),new se("automation","execute"),new se("webhook","read"),new se("legacy_view","read"),new se("app","read")]},ADMIN:{_id:"admin",name:"Admin",permissions:[new se("table","admin"),new se("user","admin"),new se("automation","admin"),new se("webhook","read"),new se("query","admin"),new se("legacy_view","read"),new se("app","read")]}};function lk(){return(0,U_.default)(yc)}s(lk,"getBuiltinPermissions");function dk(t){return Object.values(yc).find(r=>r._id===t)}s(dk,"getBuiltinPermissionByID");function fk(t,e,r){let n=[...new Set(r.map(a=>a.permissionId))],i=Object.values(yc),o=(0,N_.default)(i.filter(a=>n.indexOf(a._id)!==-1).map(a=>a.permissions));for(let a of o)if(a.type===t&&k_(a.level).indexOf(e)!==-1)return!0;return!1}s(fk,"doesHaveBasePermission");function pk(t){return L_(t)>1}s(pk,"isPermissionLevelHigherThanRead");var mk="builder",hk="creator",Ek="globalBuilder";var xm={};P(xm,{FlagSet:()=>Sc,all:()=>Ak,flags:()=>Cm,getEnvFlags:()=>W_,init:()=>gk,isEnabled:()=>Sk,parseEnvFlags:()=>_c,shutdown:()=>yk,testutils:()=>bm});var Ac=B(require("crypto")),M_=B(require("dd-trace")),F_=require("lodash"),B_=require("posthog-node");var Tc;function gk(t){m.POSTHOG_TOKEN&&m.POSTHOG_API_HOST&&!m.SELF_HOSTED&&m.POSTHOG_FEATURE_FLAGS_ENABLED?(console.log("initializing posthog client..."),Tc=new B_.PostHog(m.POSTHOG_TOKEN,{host:m.POSTHOG_API_HOST,personalApiKey:m.POSTHOG_PERSONAL_TOKEN,featureFlagsPollingInterval:pe.fromMinutes(3).toMs(),...t})):console.log("posthog disabled")}s(gk,"init");function yk(){Tc?.shutdown()}s(yk,"shutdown");function _c(t){let e=t.split(",").map(n=>n.split(":")),r=[];for(let[n,...i]of e)for(let o of i){let a=!0;o.startsWith("!")&&(o=o.slice(1),a=!1),r.push({tenantId:n,key:o,value:a})}return r}s(_c,"parseEnvFlags");function W_(){return _c(m.TENANT_FEATURE_FLAGS||"")}s(W_,"getEnvFlags");var Sc=class{constructor(e){this.flagSchema=e;this.setId=Ac.randomUUID()}static{s(this,"FlagSet")}defaults(){return(0,F_.cloneDeep)(this.flagSchema)}isFlagName(e){return this.flagSchema[e]!==void 0}async isEnabled(e){return(await this.fetch())[e]}async fetch(){return await M_.default.trace("features.fetch",async e=>{let r=Uf(this.setId);if(r)return e?.addTags({fromCache:!0}),r;let n={},i=this.defaults(),o=G(),a=new Set;if(su())return i;for(let{tenantId:f,key:E,value:p}of W_())if(!(!f||f!=="*"&&f!==o)&&(n.readFromEnvironmentVars=!0,p===!1&&a.add(E),!!this.isFlagName(E))){if(typeof i[E]!="boolean")throw new Error(`Feature: ${E} is not a boolean`);i[E]=p,n[`flags.${E}.source`]="environment"}let u=$t(),c=u?._id;if(!c){let f=Pf();f&&(c=Ac.createHash("sha512").update(f).digest("hex"))}let l=u?.tenantId;if(l||(l=o),n["identity.type"]=u?.type,n["identity._id"]=u?._id,n.tenantId=l,n.userId=c,Tc&&c){n.readFromPostHog=!0;let f=await _i(),E={tenantId:l},p={tenant:{id:l}};f.config.createdVersion&&(p.tenant.createdVersion=f.config.createdVersion),f.createdAt&&(p.tenant.createdAt=`${f.createdAt}`);let T=await Tc.getAllFlags(c,{personProperties:E,onlyEvaluateLocally:!0,groups:{tenant:l},groupProperties:p});for(let[h,g]of Object.entries(T))if(this.isFlagName(h)){if(typeof g!="boolean"){console.warn(`Invalid value for posthog flag "${h}": ${g}`);continue}if(!(i[h]===!0||a.has(h)))try{i[h]=g,n[`flags.${h}.source`]="posthog"}catch(y){console.warn(`Error parsing posthog flag "${h}": ${g}`,y)}}}let d=kf();for(let[f,E]of Object.entries(d))this.isFlagName(f)&&typeof E=="boolean"&&(i[f]=E,n[`flags.${f}.source`]="override");Lf(this.setId,i);for(let[f,E]of Object.entries(i))n[`flags.${f}.value`]=E;return e?.addTags(n),i})}},Tk={USE_ZOD_VALIDATOR:!1,AI_AGENTS:!0,AI_RAG:!1,AI_RAG_SHAREPOINT:!1,AI_AGENT_INSTRUCTIONS:!1,DEBUG_UI:m.isDev(),DEV_USE_CLIENT_FROM_STORAGE:!1},Cm=new Sc(Tk);async function Sk(t){return await Cm.isEnabled(t)}s(Sk,"isEnabled");async function Ak(){return await Cm.fetch()}s(Ak,"all");var bm={};P(bm,{setFeatureFlags:()=>G_,withFeatureFlags:()=>Ik});function _k(){let t={};for(let{tenantId:e,key:r,value:n}of _c(process.env.TENANT_FEATURE_FLAGS||"")){let i=t[e]||{};i[r]!==!1&&(i[r]=n,t[e]=i)}return t}s(_k,"getCurrentFlags");function Ok(t){let e=[];for(let[r,n]of Object.entries(t))for(let[i,o]of Object.entries(n))o===!1?e.push(`${r}:!${i}`):e.push(`${r}:${i}`);return e.join(",")}s(Ok,"buildFlagString");function G_(t,e){let r=_k();for(let[i,o]of Object.entries(e)){let a=r[t]||{};a[i]=o,r[t]=a}let n=Ok(r);return bs({TENANT_FEATURE_FLAGS:n})}s(G_,"setFeatureFlags");function Ik(t,e,r){let n=G_(t,e),i=r();return i instanceof Promise?i.finally(n):(n(),i)}s(Ik,"withFeatureFlags");var $m={};P($m,{adminOnly:()=>Oc,auditLog:()=>Ic,authError:()=>Ie,buildAuthMiddleware:()=>cM,buildCsrfMiddleware:()=>dM,buildTenancyMiddleware:()=>lM,builderOnly:()=>Nc,builderOrAdmin:()=>Uc,google:()=>rr,internalApi:()=>kc,joiValidator:()=>Bo,oidc:()=>nr,passport:()=>fM,platformLogout:()=>gM,refreshOAuthToken:()=>hM,ssoCallbackUrl:()=>kr,updateUserOAuth:()=>EM,workspaceBuilderOrAdmin:()=>Bc});var Gm={};P(Gm,{activeTenant:()=>fO,adminOnly:()=>Oc,auditLog:()=>Ic,authError:()=>Ie,authenticated:()=>Pc,builderOnly:()=>Nc,builderOrAdmin:()=>Uc,correlation:()=>V_,csp:()=>Z_,csrf:()=>Lc,datasource:()=>aM,errorHandling:()=>tO,featureFlagCookie:()=>rO,google:()=>rr,internalApi:()=>kc,ip:()=>nO,joiValidator:()=>Bo,local:()=>Ri,oidc:()=>nr,pino:()=>q_,querystringToBody:()=>dO,ssoCallbackUrl:()=>kr,tenancy:()=>Fc,workspaceBuilderOrAdmin:()=>Bc});var $_=require("uuid");var wk=require("correlation-id"),V_=s((t,e)=>{let r=t.headers["x-budibase-correlation-id"];return r||(r=(0,$_.v4)()),wk.withId(r,()=>e())},"correlationMiddleware");var Rk=require("koa-pino-logger"),Dk=require("correlation-id");function Ck(){return{logger:Mu,genReqId:Dk.getId,autoLogging:{ignore:t=>!!t.url?.includes("/health")},serializers:{req:t=>({method:t.method,url:t.url,correlationId:t.id}),res:t=>({status:t.statusCode})}}}s(Ck,"pinoSettings");function bk(){return m.HTTP_LOGGING?Rk(Ck()):(t,e)=>e()}s(bk,"getMiddleware");var q_=bk();var Oc=s(async(t,e)=>(!t.internal&&!xt(t.user)&&t.throw(403,"Admin user only endpoint."),e()),"adminOnly");var Ic=s(async(t,e)=>e(),"auditLog");var xk=/\/:(.*?)(\/.*)?$/g,er=s(t=>t?t.map(e=>{let r=e.route,n=e.method,i=r.match(xk);if(i)for(let o of i){let u="/.*"+(o.endsWith("/")?"/":"");r=r.replace(o,u)}return{regex:new RegExp(`^${r}`),method:n,route:r}}):[],"buildMatcherRegex"),tr=s((t,e)=>e.find(({regex:r,method:n})=>{let i=r.test(t.path),o=n==="ALL"?!0:t.request.method.toLowerCase()===n.toLowerCase();return i&&o}),"matches");var Lm={};P(Lm,{SecretOption:()=>j_,compare:()=>Uk,decrypt:()=>Cc,decryptFile:()=>Mk,encrypt:()=>Nk,encryptFile:()=>Lk,getSecret:()=>Um});var Pt=B(require("crypto")),Lr=B(require("fs")),vm=require("path"),Pm=B(require("zlib"));var wc="aes-256-ctr",Q_="-",vk=1e4,Pk=32,Rc=16,Nm=16,j_=(r=>(r.API="api",r.ENCRYPTION="encryption",r))(j_||{});function Um(t){let e,r;switch(t){case"encryption":e=m.ENCRYPTION_KEY,r="ENCRYPTION_KEY";break;case"api":default:e=m.API_ENCRYPTION_KEY,r="API_ENCRYPTION_KEY";break}if(!e)throw new Error(`Secret "${r}" has not been set in environment.`);return e}s(Um,"getSecret");function Dc(t,e){return Pt.default.pbkdf2Sync(t,new Uint8Array(e),vk,Pk,"sha512")}s(Dc,"stretchString");function Nk(t,e="api"){let r=Pt.default.randomBytes(Rc),n=Dc(Um(e),r),i=Pt.default.createCipheriv(wc,new Uint8Array(n),new Uint8Array(r)),o=i.update(t,"utf8"),a=i.final(),u=Buffer.concat([new Uint8Array(o),new Uint8Array(a)]).toString("hex");return`${r.toString("hex")}${Q_}${u}`}s(Nk,"encrypt");function Cc(t,e="api"){let[r,n]=t.split(Q_),i=Buffer.from(r,"hex"),o=Dc(Um(e),i),a=Pt.default.createDecipheriv(wc,new Uint8Array(o),new Uint8Array(i)),u=a.update(n,"hex"),c=a.final();return Buffer.concat([new Uint8Array(u),new Uint8Array(c)]).toString()}s(Cc,"decrypt");function Uk(t,e,r="api"){try{let n=new TextEncoder,i=n.encode(Cc(e,r)),o=n.encode(t);return i.length!==o.length?!1:Pt.default.timingSafeEqual(i,o)}catch{return!1}}s(Uk,"compare");async function Lk({dir:t,filename:e},r){let n=`${e}.enc`,i=(0,vm.join)(t,e);if(Lr.default.lstatSync(i).isDirectory())throw new Error("Unable to encrypt directory");let o=Lr.default.createReadStream(i),a=Lr.default.createWriteStream((0,vm.join)(t,n)),u=Pt.default.randomBytes(Rc),c=Pt.default.randomBytes(Nm),l=Dc(r,u),d=Pt.default.createCipheriv(wc,new Uint8Array(l),new Uint8Array(c));return a.write(u),a.write(c),o.pipe(Pm.default.createGzip()).pipe(d).pipe(a),new Promise(f=>{a.on("finish",()=>{f({filename:n,dir:t})})})}s(Lk,"encryptFile");async function kk(t){let e=Lr.default.createReadStream(t),r=await K_(e,Rc),n=await K_(e,Nm);return e.close(),{salt:r,iv:n}}s(kk,"getSaltAndIV");async function Mk(t,e,r){if(Lr.default.lstatSync(t).isDirectory())throw new Error("Unable to decrypt directory");let{salt:n,iv:i}=await kk(t),o=Lr.default.createReadStream(t,{start:Rc+Nm}),a=Lr.default.createWriteStream(e),u=Dc(r,n),c=Pt.default.createDecipheriv(wc,new Uint8Array(u),new Uint8Array(i)),l=Pm.default.createGunzip();return o.pipe(c).pipe(l).pipe(a),new Promise((d,f)=>{a.on("finish",()=>{a.close(),d()}),o.on("error",E=>{a.close(),f(E)}),c.on("error",E=>{a.close(),f(E)}),l.on("error",E=>{a.close(),f(E)}),a.on("error",E=>{a.close(),f(E)})})}s(Mk,"decryptFile");function K_(t,e){return new Promise((r,n)=>{let i=0,o=[];t.on("readable",()=>{let a;for(;(a=t.read(e-i))!==null;)o.push(a),i+=a.length;r(Buffer.concat(o.map(u=>new Uint8Array(u))))}),t.on("end",()=>{n(new Error("Insufficient data in the stream."))}),t.on("error",a=>{n(a)})})}s(K_,"readBytes");var km={};P(km,{APIWarning:()=>Rn,FeatureDisabledWarning:()=>xc,InvalidAPIKeyWarning:()=>wi,UsageLimitWarning:()=>bc});var Rn=class extends Error{constructor(r,n){super(r);this.code=n}static{s(this,"APIWarning")}},wi=class extends Rn{static{s(this,"InvalidAPIKeyWarning")}constructor(){super("Invalid API key","invalid_api_key")}},bc=class extends Rn{constructor(r){super(`Usage limit exceeded: '${r}'`,"usage_limit_exceeded");this.limitName=r}static{s(this,"UsageLimitWarning")}getPublicWarning(){return{limitName:this.limitName}}},xc=class extends Rn{constructor(r){super(`Feature disabled: '${r}'`,"feature_disabled");this.featureName=r,this.status=400}static{s(this,"FeatureDisabledWarning")}getPublicWarning(){return{featureName:this.featureName}}getPublicError(){return{featureName:this.featureName}}};var Y_=B(require("dd-trace"));var Bk=m.SESSION_UPDATE_PERIOD?parseInt(m.SESSION_UPDATE_PERIOD):60*1e3;function Wk(){return new Date(Date.now()-Bk).toISOString()}s(Wk,"timeMinusOneMinute");function H_(t,e={}){t.publicEndpoint=e.publicEndpoint||!1,t.isAuthenticated=e.authenticated||!1,t.loginMethod=e.loginMethod,t.user=e.user,t.internal=e.internal||!1,t.version=e.version}s(H_,"finalise");async function Gk(t,e){if(Ys(t))return{valid:!0,user:void 0};let n=Cc(t).split(D)[0];return be(n,async()=>{let i;try{let o=Y();i=await Kt("by_api_key",{key:t},o)}catch{i=void 0}if(i)return{valid:!0,user:await Po({userId:i,tenantId:n,populateUser:e})};throw new wi})}s(Gk,"checkApiKey");function vc(t,e){let r=t.request.headers[e];if(Array.isArray(r))throw new Error("Unexpected header format");return r}s(vc,"getHeader");function Pc(t=[],e={publicAllowed:!1}){let r=t?er(t):[];return async(n,i)=>{let o=!1,a=vc(n,"x-budibase-api-version");tr(n,r)&&(o=!0);try{let c=vc(n,"x-budibase-token"),l=jt(n,"budibase:auth")||_u(c),d=vc(n,"x-budibase-api-key");!d&&n.request.headers.authorization&&(d=n.request.headers.authorization.split(" ")[1]);let f=vc(n,"x-budibase-tenant-id"),E=!1,p,T=!1,h;if(l&&!d){let y=l.sessionId,I=l.userId,O;try{O=await Qp(I,y),e&&e.populateUser?p=await Po({userId:I,tenantId:O.tenantId,email:O.email,populateUser:e.populateUser(n)}):p=await Po({userId:I,tenantId:O.tenantId,email:O.email}),p.csrfToken=O.csrfToken,h="cookie",O?.lastAccessedAt<Wk()&&await Kp(O),E=!0}catch(w){E=!1,console.warn(`Auth Error: ${w.message}`),Ar(n,"budibase:auth")}}if(!E&&d){let y=e.populateUser?e.populateUser(n):null,{valid:I,user:O}=await Gk(d,y);I&&(E=!0,h="api_key",p=O,T=!O)}!p&&f?p={tenantId:f}:p&&"password"in p&&delete p.password,E||(E=!1);let g=s(y=>y&&y.email,"isUser");return g(p)&&Y_.default.setUser({id:p._id,tenantId:p.tenantId,budibaseAccess:p.budibaseAccess,status:p.status}),H_(n,{authenticated:E,user:p,internal:T,version:a,publicEndpoint:o,loginMethod:h}),g(p)?hf(p,n,i):i()}catch(c){if(console.warn(`Auth Error: ${c.message}`),c?.name==="JsonWebTokenError"?Ar(n,"budibase:auth"):c?.code==="invalid_api_key"&&n.throw(403,c.message),e&&e.publicAllowed||o)return H_(n,{authenticated:!1,version:a,publicEndpoint:o}),i();n.throw(c.status||403,c.message||"Authentication failed")}}}s(Pc,"authenticated");async function Nc(t,e){if(t.internal)return e();let r=await dn(t);return!r&&!m.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Builder user only endpoint."):r&&!Ii(t.user,r)&&t.throw(403,"Workspace builder user only endpoint."),e()}s(Nc,"builderOnly");async function Uc(t,e){if(t.internal||xt(t.user))return e();let r=await dn(t);return!r&&!m.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)?t.throw(403,"Admin/Builder user only endpoint."):r&&!Ii(t.user,r)&&t.throw(403,"Workspace Admin/Builder user only endpoint."),e()}s(Uc,"builderOrAdmin");var X_=B(require("crypto"));var z_={"default-src":["'self'"],"script-src":["'self'","'unsafe-eval'","https://*.budibase.net","https://cdn.budi.live","https://js.intercomcdn.com","https://widget.intercom.io","https://d2l5prqdbvm3op.cloudfront.net","https://us-assets.i.posthog.com","https://www.google.com/recaptcha/api.js"],"style-src":["'self'","'unsafe-inline'","https://cdn.jsdelivr.net","https://fonts.googleapis.com","https://rsms.me","https://maxcdn.bootstrapcdn.com"],"object-src":["'none'"],"base-uri":["'self'"],"connect-src":["'self'","https://*.budibase.app","https://*.budibaseqa.app","https://*.budibase.net","https://api-iam.intercom.io","https://api-ping.intercom.io","https://app.posthog.com","https://us.i.posthog.com","wss://nexus-websocket-a.intercom.io","wss://nexus-websocket-b.intercom.io","https://nexus-websocket-a.intercom.io","https://nexus-websocket-b.intercom.io","https://uploads.intercomcdn.com","https://uploads.intercomusercontent.com","https://*.amazonaws.com","https://*.s3.amazonaws.com","https://*.s3.us-east-2.amazonaws.com","https://*.s3.us-east-1.amazonaws.com","https://*.s3.us-west-1.amazonaws.com","https://*.s3.us-west-2.amazonaws.com","https://*.s3.af-south-1.amazonaws.com","https://*.s3.ap-east-1.amazonaws.com","https://*.s3.ap-south-1.amazonaws.com","https://*.s3.ap-northeast-2.amazonaws.com","https://*.s3.ap-southeast-1.amazonaws.com","https://*.s3.ap-southeast-2.amazonaws.com","https://*.s3.ap-northeast-1.amazonaws.com","https://*.s3.ca-central-1.amazonaws.com","https://*.s3.cn-north-1.amazonaws.com","https://*.s3.cn-northwest-1.amazonaws.com","https://*.s3.eu-central-1.amazonaws.com","https://*.s3.eu-west-1.amazonaws.com","https://*.s3.eu-west-2.amazonaws.com","https://*.s3.eu-south-1.amazonaws.com","https://*.s3.eu-west-3.amazonaws.com","https://*.s3.eu-north-1.amazonaws.com","https://*.s3.sa-east-1.amazonaws.com","https://*.s3.me-south-1.amazonaws.com","https://*.s3.us-gov-east-1.amazonaws.com","https://*.s3.us-gov-west-1.amazonaws.com","https://api.github.com","https://d2l5prqdbvm3op.cloudfront.net"],"font-src":["'self'","data:","https://cdn.jsdelivr.net","https://fonts.gstatic.com","https://rsms.me","https://maxcdn.bootstrapcdn.com","https://js.intercomcdn.com","https://fonts.intercomcdn.com"],"frame-src":["'self'","https:"],"img-src":["http:","https:","data:","blob:"],"manifest-src":["'self'"],"media-src":["'self'","https://js.intercomcdn.com","https://cdn.budi.live"],"worker-src":["blob:","'self'"]},J_=/^[A-Za-z0-9-*:/.]+$/,Z_=s(async(t,e)=>{let r=X_.default.randomBytes(16).toString("base64");t.state.nonce=r;let n={...z_};n["script-src"]=[...z_["script-src"],`'nonce-${r}'`];let i={"media-src":m.CUSTOM_CSP_MEDIA_SRC,"script-src":m.CUSTOM_CSP_SCRIPT_SRC,"connect-src":m.CUSTOM_CSP_CONNECT_SRC,"img-src":m.CUSTOM_CSP_IMG_SRC,"font-src":m.CUSTOM_CSP_FONT_SRC,"frame-src":m.CUSTOM_CSP_FRAME_SRC};for(let[u,c]of Object.entries(i))if(c){let l=c.split(",").map(d=>d.trim()).filter(d=>J_.test(d));n[u]=[...n[u]||[],...l]}if(t.user?.license?.features.includes("customAppScripts")&&t.appId)try{let u=await Ws.getWorkspaceMetadata(t.appId);if("name"in u)for(let c of u.scripts||[]){let l=(c.cspWhitelist||"").split(`
 `).filter(f=>J_.test(f)),d=["default-src","script-src","connect-src","media-src","img-src","font-src","frame-src"];for(let f of d)n[f]=[...n[f]||[],...l]}}catch(u){console.error(`Error occurred in Content-Security-Policy middleware: ${u}`)}let a=Object.entries(n).map(([u,c])=>`${u} ${c.join(" ")}`).join("; ");t.set("Content-Security-Policy",a),await e()},"contentSecurityPolicy");var $k=["GET","HEAD","OPTIONS"],Vk=["application/x-www-form-urlencoded","multipart/form-data","text/plain"];function Lc(t={noCsrfPatterns:[]}){let e=er(t.noCsrfPatterns);return async(r,n)=>{if(tr(r,e)||$k.indexOf(r.method)!==-1)return n();let o=r.get("content-type")?r.get("content-type").toLowerCase():"";if(!Vk.filter(c=>o.includes(c)).length||r.internal)return n();let a=r.user?.csrfToken;if(!a)return n();let u=r.get("x-csrf-token");return(!u||u!==a)&&r.throw(403,"Invalid CSRF token"),n()}}s(Lc,"csrf");function eO(t){if(t.includes("-----BEGIN PRIVATE KEY-----"))return!0;for(let e of aT){let r=m[e];if(!(typeof r!="string"||r==="")&&t.includes(r))return!0}return!1}s(eO,"stringContainsSecret");async function tO(t,e){try{await e()}catch(r){let n=r.status||r.statusCode||500;t.status=n,n>=400&&n<500?console.warn(r):console.error("Got 5xx response code",r);let i={message:r.message,status:n,validationErrors:r.validation,error:Yu(r)};if(eO(JSON.stringify(i))&&(i={message:"Unexpected error",status:n,error:"Unexpected error"}),m.isTest()&&t.headers["x-budibase-include-stacktrace"]){let o=r;for(;o.cause;)o=o.cause;i.stack=o.stack}t.body=i}}s(tO,"errorHandling");var rO=s(async(t,e)=>{let n=jt(t,"budibase:featureflags")?.flags||{};await Mf(n,async()=>{await e()})},"featureFlagCookie");async function kc(t,e){let r=t.request.headers["x-budibase-api-key"];return r||t.throw(403,"Unauthorized"),Array.isArray(r)&&t.throw(403,"Unauthorized"),Ys(r)||t.throw(403,"Unauthorized"),e()}s(kc,"internalApi");async function nO(t,e){return t.ip?await Nf(t.ip,()=>e()):e()}s(nO,"ip");var Bo={};P(Bo,{body:()=>qk,params:()=>Kk});var Mm=B(require("joi"));function iO(t,e,r){let n=r?.errorPrefix??`Invalid ${e}`;return(i,o)=>{if(!t)return o();let a=null,u=i.request?.[e];i[e]!=null?a=i[e]:u!=null&&(a=u),t.append&&(t=t.append({createdAt:Mm.default.any().optional(),updatedAt:Mm.default.any().optional()}));let{error:c}=t.validate(a,{allowUnknown:r?.allowUnknown});if(c){let l=c.message;n&&(l=`Invalid ${e} - ${l}`),i.throw(400,l)}return o()}}s(iO,"validate");function qk(t,e){return iO(t,"body",e)}s(qk,"body");function Kk(t,e){return iO(t,"params",e)}s(Kk,"params");var Ri={};P(Ri,{authenticate:()=>Hk,options:()=>jk});function Ie(t,e,r){return t(r,null,{message:e})}s(Ie,"authError");async function kr(t,e){if(e&&e.callbackURL)return e.callbackURL;let r=await mm(),n="/api/global/auth";return gr()&&(n+=`/${G()}`),n+=`/${t}/callback`,`${r.platformUrl}${n}`}s(kr,"ssoCallbackUrl");var Fm="Invalid credentials",Qk="This account has expired. Please reset your password",jk={passReqToCallback:!0};async function Hk(t,e,r,n){if(!e)return Ie(n,"Email Required");if(!r)return Ie(n,"Password Required");let i=await At(e);return i==null?(console.info(`user=${e} could not be found`),Ie(n,Fm)):i.status==="inactive"?(console.info(`user=${e} is inactive`,i),Ie(n,Fm)):i.password?await ff(r,i.password)?(delete i.password,n(null,i)):Ie(n,Fm):(console.info(`user=${e} has no password set`,i),Ie(n,Qk))}s(Hk,"authenticate");var rr={};P(rr,{buildVerifyFn:()=>aO,getCallbackUrl:()=>Jk,strategyFactory:()=>Bm});var Wo=s(t=>Promise.resolve(t),"ssoSaveUserNoOp");async function Mc(t,e=!0,r,n){if(!n)throw new Error("Save user function must be provided");if(!t.userId)return Ie(r,"sso user id required");if(!t.email)return Ie(r,"sso user email required");let i=ii(t.userId),o;try{o=await wn(i)}catch(u){if(!u.status||u.status!==404)return Ie(r,"Unexpected error when retrieving existing user",u)}if(o||(o=await At(t.email)),!o&&e)return Ie(r,"Email does not yet exist. You must set up your local budibase account first.");o||(o={_id:i,email:t.email,roles:{},tenantId:G()});let a=await Yk(o,t);a.forceResetPassword=!1;try{delete a.password,a=await n(a,{hashPassword:!1,requirePassword:!1})}catch(u){return Ie(r,"Error saving user",u)}return r(null,a)}s(Mc,"authenticate");async function Yk(t,e){let r,n,i;if(e.profile){let o=e.profile;if(o.name){let a=o.name;a.givenName&&(r=a.givenName),a.familyName&&(n=a.familyName)}}return e.oauth2&&(i={...e.oauth2}),{...t,provider:e.provider,providerType:e.providerType,firstName:r,lastName:n,oauth2:i}}s(Yk,"syncUser");var zk=require("passport-google-oauth").OAuth2Strategy;function aO(t){return(e,r,n,i)=>{let o={provider:"google",providerType:"google",userId:n.id,profile:n,email:n._json.email,oauth2:{accessToken:e,refreshToken:r}};return Mc(o,!0,i,t)}}s(aO,"buildVerifyFn");async function Bm(t,e,r){try{let{clientID:n,clientSecret:i}=t;if(!n||!i)throw new Error("Configuration invalid. Must contain google clientID and clientSecret");let o=aO(r);return new zk({clientID:t.clientID,clientSecret:t.clientSecret,callbackURL:e},o)}catch(n){throw new Error(`Error constructing google authentication strategy: ${n}`)}}s(Bm,"strategyFactory");async function Jk(t){return kr("google",t)}s(Jk,"getCallbackUrl");var nr={};P(nr,{buildVerifyFn:()=>lO,fetchStrategyConfig:()=>rM,getCallbackUrl:()=>nM,strategyFactory:()=>tM});var uO=B(require("node-fetch"));var cO=require("@govtechsg/passport-openidconnect");function lO(t){return async(e,r,n,i,o,a,u,c,l)=>{let d=Xk(r,n),f=Zk(r,n),E={provider:e,providerType:"oidc",userId:d.id,profile:d,email:eM(d,f),oauth2:{accessToken:a,refreshToken:u}};return Mc(E,!1,l,t)}}s(lO,"buildVerifyFn");function Xk(t,e){let r={...t?._json||{}};!r.email&&e.emails?.length&&(r.email=e.emails[0].value);let n=t?.displayName||e.displayName;return{id:t?.id||e.id,name:t?.name||e.name||!!n&&{givenName:n,familyName:""}||void 0,_json:r,provider:t?.provider}}s(Xk,"normalizeProfile");function Zk(t,e){return{email:t?._json?.email||e.emails?.[0]?.value,preferred_username:e.username}}s(Zk,"buildJwtClaims");function eM(t,e){if(t._json.email)return t._json.email.toLowerCase();if(e.email)return e.email.toLowerCase();let r=e.preferred_username;if(r&&rp(r))return r.toLowerCase();throw new Error(`Could not determine user email from profile ${JSON.stringify(t)} and claims ${JSON.stringify(e)}`)}s(eM,"getEmail");async function tM(t,e){try{let r=lO(e),n=new cO.Strategy(t,r);return n.name="oidc",n}catch(r){throw new Error(`Error constructing OIDC authentication strategy - ${r}`)}}s(tM,"strategyFactory");async function rM(t,e){try{let{clientID:r,clientSecret:n,configUrl:i,pkce:o}=t;if(!r||!n||!e||!i)throw new Error("Configuration invalid. Must contain clientID, clientSecret, callbackUrl and configUrl");let a=await(0,uO.default)(i);if(!a.ok)throw new Error(`Unexpected response when fetching openid-configuration: ${a.statusText}`);let u=await a.json();return{issuer:u.issuer,authorizationURL:u.authorization_endpoint,tokenURL:u.token_endpoint,userInfoURL:u.userinfo_endpoint,clientID:r,clientSecret:n,callbackURL:e,pkce:o}}catch(r){throw new Error(`Error constructing OIDC authentication configuration - ${r}`)}}s(rM,"fetchStrategyConfig");async function nM(){return kr("oidc")}s(nM,"getCallbackUrl");function dO(t,e){let r=t.request.query?.query;if(t.request.method.toLowerCase()!=="get"&&t.throw(500,"Query to download middleware can only be used for get requests."),!r)return e();let n=decodeURIComponent(r),i;try{i=JSON.parse(n)}catch{return e()}return t.request.body=i,e()}s(dO,"querystringToBody");function Fc(t,e,r={noTenancyRequired:!1}){let n=er(t),i=er(e);return async function(o,a){let c={allowNoTenant:r.noTenancyRequired||!!tr(o,i)};!!tr(o,n)||(c.excludeStrategies=["query"]);let d=js(o,c);return d&&o.set("x-budibase-tenant-id",d),be(d,a)}}s(Fc,"tenancy");function fO(t=[]){let e=er(t);return async function(r,n){if(tr(r,e))return n();try{if((await We("settings"))?.config?.active===!1){r.status=404,r.body={message:"Tenant not found"};return}}catch(i){if(i.message==="Global DB not found")return n();throw i}return n()}}s(fO,"activeTenant");async function Bc(t,e){if(t.internal||xt(t.user))return e();let r=await dn(t);return r&&!ac(t.user,r)?t.throw(403,"Workspace Admin/Builder user only endpoint."):!r&&!m.isWorker()?t.throw(403,"This request required a workspace id."):!r&&!Fe(t.user)&&t.throw(403,"Admin/Builder user only endpoint."),e()}s(Bc,"workspaceBuilderOrAdmin");var Wm={};P(Wm,{postAuth:()=>oM,preAuth:()=>sM});var iM=require("passport-google-oauth").OAuth2Strategy;async function pO(){let t=await hm();if(!t)throw new Error("No google configuration found");return t}s(pO,"fetchGoogleCreds");async function sM(t,e,r){let n=await pO(),o=`${await ko({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=await Bm(n,o,Wo);return e.query.appId||e.throw(400,"appId query param not present."),t.authenticate(a,{scope:["profile","email","https://www.googleapis.com/auth/spreadsheets"],accessType:"offline",prompt:"consent"})(e,r)}s(sM,"preAuth");async function oM(t,e,r){let n=await pO(),o=`${await ko({tenantAware:!1})}/api/global/auth/datasource/google/callback`,a=jt(e,"budibase:datasourceauth");if(!a)throw new Error("Unable to fetch datasource auth cookie");return t.authenticate(new iM({clientID:n.clientID,clientSecret:n.clientSecret,callbackURL:o},(u,c,l,d)=>{Ar(e,"budibase:datasourceauth"),d(null,{accessToken:u,refreshToken:c})}),{successRedirect:"/",failureRedirect:"/error"},async(u,c)=>{let l=`/builder/workspace/${a.appId}/data`,d=ee();await zt(`datasource:creation:${a.appId}:google:${d}`,{tokens:c}),e.redirect(`${l}/new?continue_google_setup=${d}`)})(e,r)}s(oM,"postAuth");var aM={google:Wm};var mO=require("koa-passport"),uM=require("passport-local").Strategy,Wc=require("passport-oauth2-refresh"),cM=Pc,lM=Fc,dM=Lc,fM=mO;mO.use(new uM(Ri.options,Ri.authenticate));async function pM(t,e){let r=await nr.getCallbackUrl(),n,i;try{if(n=await nr.fetchStrategyConfig(t,r),!n)throw new Error("OIDC Config contents invalid");i=await nr.strategyFactory(n,Wo)}catch{throw new Error("Could not refresh OAuth Token")}return Wc.use(i),new Promise(o=>{Wc.requestNewAccessToken("oidc",e,(a,u,c,l)=>{o({err:a,accessToken:u,refreshToken:c,params:l})})})}s(pM,"refreshOIDCAccessToken");async function mM(t,e){let r=await rr.getCallbackUrl(t),n;try{n=await rr.strategyFactory(t,r,Wo)}catch(i){throw new Error(`Error constructing OIDC refresh strategy: message=${i.message}`)}return Wc.use(n),new Promise(i=>{Wc.requestNewAccessToken("google",e,(o,a,u,c)=>{i({err:o,accessToken:a,refreshToken:u,params:c})})})}s(mM,"refreshGoogleAccessToken");async function hM(t,e,r){switch(e){case"oidc":{if(!r)return{err:{data:"OIDC config id not provided"}};let n=await Em(r);return n?pM(n,t):{err:{data:"OIDC configuration not found"}}}case"google":{let n=await hc();return n?mM(n,t):{err:{data:"Google configuration not found"}}}}}s(hM,"refreshOAuthToken");async function EM(t,e){let r={accessToken:e.accessToken,refreshToken:e.refreshToken};try{let n=Y(),i=await n.get(t);typeof r.refreshToken!="string"&&delete r.refreshToken,i.oauth2={...i.oauth2,...r},await n.put(i),await No(t)}catch(n){console.error("Could not update OAuth details for current user",n)}}s(EM,"updateUserOAuth");async function gM(t){let e=t.ctx,r=t.userId,n=t.keepActiveSession;if(!e)throw new Error("Koa context must be supplied to logout.");let i=jt(e,"budibase:auth"),o=await Eo(r);i&&n?o=o.filter(u=>u.sessionId!==i.sessionId):Ar(e,"budibase:auth");let a=o.map(({sessionId:u})=>u);await On(r,{sessionIds:a,reason:"logout"}),await sc.logout(e.user?.email),await No(r)}s(gM,"platformLogout");var qm={};P(qm,{validate:()=>_M});var x=B(require("joi"));var yM=["Relational","Non-relational","Spreadsheet","Object store","Graph","API"];function Vm(t,e){let{error:r}=t.validate(e);if(r)throw r}s(Vm,"runJoi");function TM(t){let e=x.default.object({type:x.default.string().allow("component").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),settings:x.default.array().items(x.default.object().unknown(!0)).required()}).unknown(!0)});Vm(e,t)}s(TM,"validateComponent");function SM(t){let e=x.default.object({type:x.default.string().allow(...Object.values(qc)).required(),required:x.default.boolean().required(),default:x.default.any(),display:x.default.string()}),r=x.default.object({type:x.default.string().allow(...Object.values(Vc)),readable:x.default.boolean(),displayName:x.default.string(),fields:x.default.object().pattern(x.default.string(),e)}).required(),n=x.default.object({type:x.default.string().allow("datasource").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({docs:x.default.string(),plus:x.default.boolean().optional(),isSQL:x.default.boolean().optional(),auth:x.default.object({type:x.default.string().required()}).optional(),features:x.default.object(Object.fromEntries(Object.values(Kc).map(i=>[i,x.default.boolean().optional()]))).optional(),relationships:x.default.boolean().optional(),description:x.default.string().required(),friendlyName:x.default.string().required(),type:x.default.string().allow(...yM),datasource:x.default.object().pattern(x.default.string(),e).required(),query:x.default.object().pattern(x.default.string(),r).unknown(!0).required(),extra:x.default.object().pattern(x.default.string(),x.default.object({type:x.default.string().required(),displayName:x.default.string().required(),required:x.default.boolean(),data:x.default.object()}))})});Vm(n,t)}s(SM,"validateDatasource");function AM(t){let e=x.default.object().pattern(x.default.string(),{type:x.default.string().allow(...Object.values(Qc)).required(),customType:x.default.string().allow(...Object.values(jc)),title:x.default.string(),description:x.default.string(),enum:x.default.array().items(x.default.string()),pretty:x.default.array().items(x.default.string())}),r=x.default.object({properties:e,required:x.default.array().items(x.default.string())}).concat(e).required(),n=x.default.object({type:x.default.string().allow("automation").required(),metadata:x.default.object().unknown(!0).required(),hash:x.default.string().optional(),version:x.default.string().optional(),schema:x.default.object({name:x.default.string().required(),tagline:x.default.string().required(),icon:x.default.string().required(),description:x.default.string().required(),type:x.default.string().allow("ACTION","LOGIC").required(),stepId:x.default.string().disallow(...dh).required(),inputs:x.default.object().optional(),schema:x.default.object({inputs:r,outputs:r}).required()})});Vm(n,t)}s(AM,"validateAutomation");function _M(t){switch(t?.type){case"component":TM(t);break;case"datasource":SM(t);break;case"automation":AM(t);break;default:throw new Error(`Unknown plugin type - check schema.json: ${t.type}`)}}s(_M,"validate");var Km={};P(Km,{Client:()=>De,clients:()=>Tr,locks:()=>Sn,utils:()=>Ja});var jm={};P(jm,{init:()=>IM});var OM={"user:created":t=>t.userId,"user:updated":t=>t.userId,"user:deleted":t=>t.userId,"user:admin:assigned":t=>t.userId,"user:admin:removed":t=>t.userId,"user:builder:assigned":t=>t.userId,"user:builder:removed":t=>t.userId,"user_group:created":t=>t.groupId,"user_group:updated":t=>t.groupId,"user_group:deleted":t=>t.groupId,"user_group:user_added":t=>t.groupId,"user_group:users_deleted":t=>t.groupId,"user_group:permissions_edited":t=>t.groupId,"automation:deleted":t=>t.automationId,"datasource:deleted":t=>t.datasourceId,"table:deleted":t=>t.tableId,"query:deleted":t=>t.queryId,"workspace_app:deleted":t=>t.workspaceAppId,"view:deleted":t=>t.id};function hO(t,e){let r=OM[t];if(!r)throw new Error("Event does not have a method of document ID extraction");return r(e)}s(hO,"getDocumentId");var Go=class{constructor(e){this.processors=[];this.processors=e}static{s(this,"DocumentUpdateProcessor")}async processEvent(e,r,n){let i=r.realTenantId,o=hO(e,n);if(!(!i||!o))for(let{events:a,processor:u}of this.processors)a.includes(e)&&await be(i,async()=>{await u({id:o,tenantId:i,appId:n.appId,properties:n})})}shutdown(){return bA()}};var EO,Qm;function IM(t){Tt||tc(),Qm||(Qm=new Go(t)),EO||(EO=Tt.process(async e=>{let{event:r,identity:n,properties:i}=e.data;await Qm.processEvent(r,n,i)}))}s(IM,"init");var rh={};P(rh,{COUNT_FIELD_NAME:()=>eh,Sql:()=>IO,SqlTable:()=>Gc,designDoc:()=>th,utils:()=>Rf});var SO=require("knex");var wM=require("knex");function Hm(t){return["link","formula","ai"].indexOf(t)!==-1}s(Hm,"isIgnoredType");function gO(t,e,r,n,i){let o=e&&e.primary?e.primary:[],a=Object.values(e.schema),u=a.filter(E=>E.meta),c=u.length===a.length,l=[];n||(c?t.primary(u.map(E=>E.name)):o.length===1?(t.increments(o[0]).primary(),l.push(o[0])):t.primary(o));let d=Object.values(e.schema).map(E=>E.foreignKey);for(let[E,p]of Object.entries(e.schema)){let T=n?.schema[E];if(T&&T.type||l.includes(E)||i?.updated===E)continue;let h=p.type;switch(h){case"string":case"options":case"longform":case"barcodeqr":case"bb_reference_single":o.includes(E)?t.string(E,255):t.text(E);break;case"number":if(p.meta&&p.meta.toKey&&p.meta.toTable){let{toKey:g,toTable:y}=p.meta;t.integer(E).unsigned(),t.foreign(E).references(`${y}.${g}`)}else d.indexOf(E)===-1&&t.float(E);break;case"bigint":t.bigint(E);break;case"boolean":t.boolean(E);break;case"datetime":p.timeOnly?t.time(E):t.datetime(E,{useTz:!p.ignoreTimezones});break;case"array":case"bb_reference":Le.schema.isDeprecatedSingleUserColumn(p)?t.text(E):t.json(E);break;case"link":if(p.relationshipType!=="many-to-one"&&p.relationshipType!=="many-to-many"){if(!p.foreignKey||!p.tableId)throw new Error("Invalid relationship schema");let{tableName:g}=Af(p.tableId),y=r[g];if(!y||!y.primary)throw new Error("Referenced table doesn't exist or has no primary keys");let I=y.primary[0],O=y.schema[I].externalType;O?t.specificType(p.foreignKey,O):t.integer(p.foreignKey).unsigned(),t.foreign(p.foreignKey).references(`${g}.${I}`)}break;case"signature_single":case"attachment":case"attachment_single":t.json(E);break;case"formula":break;case"ai":break;case"auto":case"json":case"internal":throw new Error(`${p.type} is not a valid SQL type`);default:Ot.unreachable(h)}}let f=i?n?.schema[i.old].type:void 0;return i&&f&&!Hm(f)&&t.renameColumn(i.old,i.updated),n&&Object.entries(n.schema).filter(([p,T])=>!Hm(T.type)&&e.schema[p]==null).forEach(([p,T])=>{i?.old===p||Hm(T.type)||(n.constrained&&n.constrained.indexOf(p)!==-1&&t.dropForeign(p),t.dropColumn(p))}),t}s(gO,"generateSchema");function DM(t,e,r){return t.createTable(e.name,n=>{gO(n,e,r)})}s(DM,"buildCreateTable");function CM(t,e,r,n,i){return t.alterTable(e.name,o=>{gO(o,e,r,n,i)})}s(CM,"buildUpdateTable");function bM(t,e){return t.dropTable(e.name)}s(bM,"buildDeleteTable");var Ym=class{static{s(this,"SqlTableQueryBuilder")}constructor(e){this.sqlClient=e}getBaseSqlClient(){return this.sqlClient}getSqlClient(){return this.extendedSqlClient||this.sqlClient}setExtendedSqlClient(e){this.extendedSqlClient=e}_operation(e){return e.operation}_tableQuery(e){let r=(0,wM.knex)({client:this.sqlClient}).schema;e?.schema&&(r=r.withSchema(e.schema));let n;if(!e.table||!e.tables)throw new Error("Cannot execute without table being specified");if(e.table.sourceType==="internal")throw new Error("Cannot perform table actions for SQS.");switch(this._operation(e)){case"CREATE_TABLE":n=DM(r,e.table,e.tables);break;case"UPDATE_TABLE":if(!e.table)throw new Error("Must specify old table for update");if(this.sqlClient==="mysql2"&&e.meta?.renamed){let i=e.meta.renamed.updated;return{sql:`alter table ${e?.schema?`\`${e.schema}\`.\`${e.table.name}\``:`\`${e.table.name}\``} rename column \`${e.meta.renamed.old}\` to \`${i}\`;`,bindings:[]}}if(n=CM(r,e.table,e.tables,e.meta?.oldTable,e.meta?.renamed),this.sqlClient==="mssql"&&e.meta?.renamed){let i=e.meta.renamed.old,o=e.meta.renamed.updated,a=e?.schema?`${e.schema}.${e.table.name}`:`${e.table.name}`,u=Zn(n);if(Array.isArray(u))for(let c of u)c.sql.startsWith("exec sp_rename")&&(c.sql=`exec sp_rename '${a}.${i}', '${o}', 'COLUMN'`,c.bindings=[]);return u}break;case"DELETE_TABLE":n=bM(r,e.table);break;default:throw new Error("Table operation is of unknown type")}return Zn(n)}},Gc=Ym;var AO=require("lodash");var eh="__bb_total";function yO(){return(m.SQL_MAX_ROWS?parseInt(m.SQL_MAX_ROWS):null)||5e3}s(yO,"getBaseLimit");function zm(){return(m.SQL_MAX_RELATED_ROWS?parseInt(m.SQL_MAX_RELATED_ROWS):null)||500}s(zm,"getRelationshipLimit");function xM(t,e){return t.sort((r,n)=>{let i=e.find(a=>a&&r.endsWith(a)),o=e.find(a=>a&&n.endsWith(a));return i&&!o?-1:!i&&o?1:r.localeCompare(n)})}s(xM,"prioritisedArraySort");function _O(t){return Array.isArray(t)?t.map(e=>_O(e)):(t.bindings&&(t.bindings=t.bindings.map(e=>typeof e=="boolean"?e?1:0:e)),t)}s(_O,"convertBooleans");function TO(t){return t.sourceType==="internal"||t.sourceId===zc}s(TO,"isSqs");function vM(t,e='"'){return t.replace(new RegExp(e,"g"),`${e}${e}`)}s(vM,"escapeQuotes");function PM(t,e='"'){return`${e}${vM(t,e)}${e}`}s(PM,"wrap");function NM(t,e='"'){for(let r in t)typeof t[r]=="string"&&(t[r]=PM(t[r],e));return`[${t.join(",")}]`}s(NM,"stringifyArray");function Jm(t){return`{${(Array.isArray(t)?t:t==null?[]:[t]).map(n=>{if(typeof n=="string"&&n.length>1){let i=n[0],o=n[n.length-1];if(i==='"'&&o==='"'||i==="'"&&o==="'")return n.substring(1,n.length-1)}return`${n}`}).join(",")}}`}s(Jm,"toPgArrayLiteral");function OO(t){return ph.includes(t.type)&&!Le.schema.isDeprecatedSingleUserColumn(t)}s(OO,"isJsonColumn");var UM={equal:!1,notEqual:!0,empty:!1,notEmpty:!0,fuzzy:!1,string:!1,range:!1,contains:!1,notContains:!0,containsAny:!1,oneOf:!1,$and:!1,$or:!1},Xm=class{constructor(e,r,n){this.SPECIAL_SELECT_CASES={POSTGRES_ARRAY:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="array",POSTGRES_MONEY:e=>this.client==="pg"&&e?.externalType?.includes("money"),POSTGRES_ENUM:e=>this.client==="pg"&&e?.externalType?.toLowerCase()==="user-defined"&&e?.type==="options",MSSQL_DATES:e=>this.client==="mssql"&&e?.type==="datetime"&&e.timeOnly};this.client=e,this.query=n,this.knex=r,this.splitter=new mr.ColumnSplitter([this.table],{aliases:this.query.tableAliases,columnPrefix:this.query.meta?.columnPrefix})}static{s(this,"InternalBuilder")}get table(){return this.query.table}get knexClient(){return this.knex.client}getFieldSchema(e){let{column:r}=this.splitter.run(e);return this.table.schema[r]}requiresJsonAsStringClient(){return["mssql","mysql2","mariadb","oracledb"].includes(this.client)}quoteChars(){let e=this.knexClient.wrapIdentifier("foo",{});return[e[0],e[e.length-1]]}quote(e){return this.knexClient.wrapIdentifier(e,{})}isQuoted(e){let[r,n]=this.quoteChars();return e.startsWith(r)&&e.endsWith(n)}quotedIdentifier(e){return Array.isArray(e)||(e=this.splitIdentifier(e)),e.map(r=>this.quote(r)).join(".")}castIntToString(e){switch(this.client){case"oracledb":return this.knex.raw("to_char(??)",[e]);case"pg":return this.knex.raw("??::TEXT",[e]);case"mysql2":case"mariadb":return this.knex.raw("CAST(?? AS CHAR)",[e]);case"sqlite3":return this.knex.raw("printf('%d', ??)",[e]);case"mssql":return this.knex.raw("CONVERT(NVARCHAR, ??)",[e])}}rawQuotedIdentifier(e){return this.knex.raw(this.quotedIdentifier(e))}splitIdentifier(e){let[r,n]=this.quoteChars();return this.isQuoted(e)?e.slice(1,-1).split(`${n}.${r}`):e.split(".")}qualifyIdentifier(e){let r=this.getTableName(),n=this.splitIdentifier(e);return n[0]!==r&&n.unshift(r),this.isQuoted(e)?this.quotedIdentifier(n):n.join(".")}generateSelectStatement(){let{table:e,resource:r}=this.query;if(!r||!r.fields||r.fields.length===0)return"*";let n=this.getTableName(e),i=this.table.schema;return r.fields.map(a=>{let u=a.split(/\./g),c,l=u[0];return u.length>1&&(c=u[0],l=u.slice(1).join(".")),{table:c,column:l,field:a}}).filter(({table:a})=>!a||a===n).map(({table:a,column:u,field:c})=>{let l=i[u];return this.SPECIAL_SELECT_CASES.POSTGRES_MONEY(l)?this.knex.raw("??::money::numeric as ??",[this.rawQuotedIdentifier([a,u].join(".")),this.knex.raw(this.quote(c))]):this.SPECIAL_SELECT_CASES.MSSQL_DATES(l)?this.knex.raw("CONVERT(varchar, ??, 108) as ??",[this.rawQuotedIdentifier(c),this.knex.raw(this.quote(c))]):a?this.rawQuotedIdentifier(`${a}.${u}`):this.rawQuotedIdentifier(c)})}convertClobs(e,r){if(this.client!=="oracledb")throw new Error("you've called convertClobs on a DB that's not Oracle, this is a mistake");let i=this.splitIdentifier(e).pop(),o=this.table.schema[i],a=this.rawQuotedIdentifier(e);return(o.type==="string"||o.type==="longform"||o.type==="bb_reference_single"||o.type==="bb_reference"||o.type==="options"||o.type==="barcodeqr")&&(r?.forSelect?a=this.knex.raw("to_char(??) as ??",[a,this.rawQuotedIdentifier(i)]):a=this.knex.raw("to_char(??)",[a])),a}parse(e,r){if(Array.isArray(e))return JSON.stringify(e);if(e==null)return null;if(this.requiresJsonAsStringClient()&&OO(r)&&typeof e=="object")return JSON.stringify(e);if(this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(r))return`{${e}}`;if(this.client==="oracledb"&&r.type==="datetime"&&r.timeOnly){if(e instanceof Date){let n=e.getHours().toString().padStart(2,"0"),i=e.getMinutes().toString().padStart(2,"0"),o=e.getSeconds().toString().padStart(2,"0");return`${n}:${i}:${o}`}if(typeof e=="string")return new Date(`1970-01-01T${e}Z`)}if(typeof e=="string"&&r.type==="datetime")if(r.timeOnly){if(!If(e))return null}else if(r.dateOnly){let n=Of(e);return n?new Date(n):null}else return r.ignoreTimezones?ru(e)?new Date(e):_f(e)?new Date(e+"Z"):null:ru(e)?new Date(e.trim()):null;return e}parseBody(e){for(let[r,n]of Object.entries(e)){let{column:i}=this.splitter.run(r),o=this.table.schema[i];o&&(e[r]=this.parse(n,o))}return e}parseFilters(e){e=(0,AO.cloneDeep)(e);for(let r of Object.values(Br)){let n=e[r];if(n)for(let i of Object.keys(n)){if(Array.isArray(n[i])){n[i]=JSON.stringify(n[i]);continue}let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=this.parse(n[i],a))}}for(let r of Object.values(sr)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];a&&(n[i]=n[i].map(u=>this.parse(u,a)))}}for(let r of Object.values(bn)){let n=e[r];if(n)for(let i of Object.keys(n)){let{column:o}=this.splitter.run(i),a=this.table.schema[o];if(!a)continue;let u=n[i];"low"in u&&(u.low=this.parse(u.low,a)),"high"in u&&(u.high=this.parse(u.high,a))}}return e}addJoinFieldCheck(e,r){let n=r.from?.split(".")[0]||"";return e.andWhere(`${n}.fieldName`,"=",r.column)}addRelationshipForFilter(e,r,n,i,o){let{relationships:a,schema:u,tableAliases:c,table:l}=this.query,d=c?.[l.name]||l.name,f=s(E=>n.match(new RegExp(`^${E}\\.`)),"matches");if(!a)return e;for(let E of a){let p=E.tableName,T=c?.[p]||p,h=f(p)||f(T),g=f(E.column),y=E.column===this.splitter.run(n).column&&!this.splitter.run(n).tableName;if((h||g||y)&&E.to&&E.tableName){let I=this.knex.select(this.knex.raw(1)).from({[T]:p}),O=I.clone(),w=wf(E),S;if(h?S=n:S=n.replace(new RegExp(`^${E.column}.`),`${c?.[E.tableName]||E.tableName}.`),w){let _=c?.[w.through]||E.through,U=this.tableNameWithSchema(w.through,{alias:_,schema:u});O=O.innerJoin(U,function(){this.on(`${T}.${w.toPrimary}`,"=",`${_}.${w.to}`)}).where(`${_}.${w.from}`,"=",this.rawQuotedIdentifier(`${d}.${w.fromPrimary}`)),this.client==="sqlite3"&&(O=this.addJoinFieldCheck(O,w)),y&&i==="empty"?e=e.whereNotExists(O):y&&i==="notEmpty"?e=e.whereExists(O):e=e.where(C=>{C.whereExists(o(S,O)),r&&C.orWhereNotExists(I.clone().innerJoin(U,function(){this.on(`${d}.${w.fromPrimary}`,"=",`${_}.${w.from}`)}))})}else{let _=`${T}.${E.to}`,U=`${d}.${E.from}`;O=O.where(_,"=",this.rawQuotedIdentifier(U)),y&&i==="empty"?e=e.whereNotExists(O):y&&i==="notEmpty"?e=e.whereExists(O):e=e.where(C=>{C.whereExists(o(S,O.clone())),r&&C.orWhereNotExists(O)})}}}return e}addFilters(e,r,n){if(!r)return e;let i=this;r=this.parseFilters({...r});let o=this.query.tableAliases,a=r.allOr,c=this.client==="sqlite3"?this.table._id:this.table.name;function l(h){return o?.[h]||h}s(l,"getTableAlias");function d(h,g,y,I){let O=s((w,S,_)=>{let[U,...C]=S.split("."),M=C.join("."),H=l(U);return w.andWhere(we=>y(we,H?`${H}.${M}`:M,_))},"handleRelationship");for(let w in h){let S=h[w],_=Qs(w),U=_.includes(".")||i.getFieldSchema(_)?.type==="link",C=n?.relationship&&U,M;if(w==="_complexIdOperator"&&(M=h[w])&&I){let H=l(c);e=I(e,M.id.map(we=>H?`${H}.${we}`:we),M.values)}else if(U)C&&(a&&(e=e.or),e=i.addRelationshipForFilter(e,UM[g],_,g,(H,we)=>O(we,H,S)));else{let H=l(c);e=y(e,H?`${H}.${_}`:_,S)}}}s(d,"iterate");let f=this.client==="sqlite3"&&this.query.meta?.sqliteUseLikeWithoutLower,E=s((h,g,y)=>((r?.fuzzyOr||a)&&(h=h.or),f?h.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(g),`%${y}%`]):this.client==="oracledb"||this.client==="sqlite3"?h.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(g),`%${y.toLowerCase()}%`]):h.whereILike(this.rawQuotedIdentifier(g),this.knex.raw("?",[`%${y}%`]))),"like"),p=s((h,g=!1)=>{function y(I){return(a||h===r?.containsAny)&&(I=I.or),h===r?.notContains&&(I=I.not),I}s(y,"addModifiers"),this.client==="pg"?d(h,"contains",(I,O,w)=>{I=y(I);let S=this.getFieldSchema(O),_=this.rawQuotedIdentifier(O),U=Array.isArray(w)?[...w]:[w],C=this.SPECIAL_SELECT_CASES.POSTGRES_ARRAY(S);return g?C?I.whereRaw("COALESCE(?? && ?::text[], FALSE)",[_,Jm(U)]):I.whereRaw("COALESCE(??::jsonb \\?| ?::text[], FALSE)",[_,Jm(U)]):C?I.whereRaw("COALESCE(?? @> ?::text[], FALSE)",[_,Jm(U)]):I.whereRaw("COALESCE(??::jsonb @> ?::jsonb, FALSE)",[_,NM(U)])}):this.client==="mysql2"||this.client==="mariadb"?d(h,"contains",(I,O,w)=>{let S=Array.isArray(w)?w:[w];return y(I).whereRaw("COALESCE(?(??, ?), FALSE)",[this.knex.raw(g?"JSON_OVERLAPS":"JSON_CONTAINS"),this.rawQuotedIdentifier(O),JSON.stringify(S)])}):d(h,"contains",(I,O,w)=>(w.length===0||(I=I.where(S=>(h===r?.notContains&&(S=S.not),S=S.where(_=>{for(let U of w){h===r?.containsAny?_=_.or:_=_.and;let C=!f,M=typeof U=="string"?`"${C?U.toLowerCase():U}"`:U,H=C?"COALESCE(LOWER(??), '')":"COALESCE(??, '')";_=_.whereLike(this.knex.raw(H,[this.rawQuotedIdentifier(O)]),`%${M}%`)}}),h===r?.notContains&&(S=S.or.whereNull(this.rawQuotedIdentifier(O))),S))),I))},"contains");if(r.$and){let{$and:h}=r;for(let g of h.conditions)e=e.where(y=>{this.addFilters(y,g,n)})}if(r.$or){let{$or:h}=r;e=e.where(g=>{for(let y of h.conditions)g.orWhere(I=>this.addFilters(I,{...y,allOr:!0},n))})}r.oneOf&&d(r.oneOf,"oneOf",(h,g,y)=>{let I=this.getFieldSchema(g),O=Array.isArray(y)?y:[y];if(a&&(h=h.or),this.client==="oracledb")g=this.convertClobs(g);else if(this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly){for(let w of O)w!=null?h=h.or.whereLike(g,`${w.toISOString().slice(0,10)}%`):h=h.or.whereNull(g);return h}return h.whereIn(g,O)},(h,g,y)=>(a&&(h=h.or),this.client==="oracledb"&&(g=g.map(I=>this.convertClobs(I))),h.whereIn(g,Array.isArray(y)?y:[y]))),r.string&&d(r.string,"string",(h,g,y)=>{if(a&&(h=h.or),f)return h.whereRaw("?? LIKE ?",[this.rawQuotedIdentifier(g),`${y}%`]);if(this.client==="oracledb"||this.client==="sqlite3")return h.whereRaw("LOWER(??) LIKE ?",[this.rawQuotedIdentifier(g),`${y.toLowerCase()}%`]);{let I=this.getFieldSchema(g);return this.SPECIAL_SELECT_CASES.POSTGRES_ENUM(I)?h.whereRaw("??::text ilike ?",[this.knex.raw(this.quote(I.name)),`${y}%`]):h.whereILike(g,`${y}%`)}}),r.fuzzy&&d(r.fuzzy,"fuzzy",E),r.range&&d(r.range,"range",(h,g,y)=>{let I=s(M=>M&&Object.keys(M).length===0&&Object.getPrototypeOf(M)===Object.prototype,"isEmptyObject");I(y.low)&&(y.low=""),I(y.high)&&(y.high="");let O=nu(y.low),w=nu(y.high),S=this.getFieldSchema(g),_=g,U=y.high,C=y.low;return this.client==="sqlite3"&&S?.type==="datetime"&&S.dateOnly&&(U!=null&&(U=`${U.toISOString().slice(0,10)}T23:59:59.999Z`),C!=null&&(C=C.toISOString().slice(0,10))),this.client==="oracledb"?_=this.convertClobs(g):this.client==="sqlite3"&&S?.type==="bigint"&&(_=this.knex.raw("CAST(?? AS INTEGER)",[this.rawQuotedIdentifier(g)]),U=this.knex.raw("CAST(? AS INTEGER)",[y.high]),C=this.knex.raw("CAST(? AS INTEGER)",[y.low])),a&&(h=h.or),O&&w?h.whereBetween(_,[C,U]):O?h.where(_,">=",C):w?h.where(_,"<=",U):h}),r.equal&&d(r.equal,"equal",(h,g,y)=>{let I=this.getFieldSchema(g);if(a&&(h=h.or),this.client==="mssql")return h.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 1",[this.rawQuotedIdentifier(g),y]);if(this.client==="oracledb"){let O=this.convertClobs(g);return h.where(w=>w.whereNotNull(O).andWhere(O,y))}else return this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly?y!=null?h.whereLike(g,`${y.toISOString().slice(0,10)}%`):h.whereNull(g):h.whereRaw("COALESCE(?? = ?, FALSE)",[this.rawQuotedIdentifier(g),y])}),r.notEqual&&d(r.notEqual,"notEqual",(h,g,y)=>{let I=this.getFieldSchema(g);if(a&&(h=h.or),this.client==="mssql")return h.whereRaw("CASE WHEN ?? = ? THEN 1 ELSE 0 END = 0",[this.rawQuotedIdentifier(g),y]);if(this.client==="oracledb"){let O=this.convertClobs(g);return h.where(w=>w.not.whereNull(O).and.where(O,"!=",y)).or.whereNull(O)}else return this.client==="sqlite3"&&I?.type==="datetime"&&I.dateOnly?y!=null?h.not.whereLike(g,`${y.toISOString().slice(0,10)}%`).or.whereNull(g):h.not.whereNull(g):h.whereRaw("COALESCE(?? != ?, TRUE)",[this.rawQuotedIdentifier(g),y])}),r.empty&&d(r.empty,"empty",(h,g)=>(a&&(h=h.or),h.whereNull(g))),r.notEmpty&&d(r.notEmpty,"notEmpty",(h,g)=>(a&&(h=h.or),h.whereNotNull(g))),r.contains&&p(r.contains),r.notContains&&p(r.notContains),r.containsAny&&p(r.containsAny,!0);let T=o?.[this.table._id]||this.table._id;return r.documentType&&!Sf(this.table)&&T&&e.andWhereLike(`${T}._id`,`${or(r.documentType)}%`),e}isSqs(){return TO(this.table)}getTableName(e){e||(e=this.table);let r=e.name;TO(e)&&e._id&&(r=e._id);let n=this.query.tableAliases||{};return n[r]?n[r]:r}addDistinctCount(e){if(!this.table.primary)throw new Error("SQL counting requires primary key to be supplied");return e.countDistinct(`${this.getTableName()}.${this.table.primary[0]} as ${eh}`)}addAggregations(e,r){let n=this.query.resource?.fields||[],i=this.getTableName();if(n.length>0){let o=n.map(a=>this.qualifyIdentifier(a));if(this.client==="oracledb"){let a=o.map(c=>this.convertClobs(c)),u=o.map(c=>this.convertClobs(c,{forSelect:!0}));e=e.groupBy(a).select(u)}else e=e.groupBy(o).select(o)}for(let o of r){let a=o.calculationType;if(a==="count")if("distinct"in o&&o.distinct)if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(DISTINCT ??) as ??",[u,o.name]))}else e=e.countDistinct(`${i}.${o.field} as ${o.name}`);else if(this.client==="oracledb"){let u=this.convertClobs(`${i}.${o.field}`);e=e.select(this.knex.raw("COUNT(??) as ??",[u,o.name]))}else e=e.count(`${o.field} as ${o.name}`);else{let u=this.getFieldSchema(o.field);if(!u)throw new Error(`field schema missing for aggregation target: ${o.field}`);let c=this.knex.raw("??(??)",[this.knex.raw(a),this.rawQuotedIdentifier(`${i}.${o.field}`)]);u.type==="bigint"&&(c=this.castIntToString(c)),e=e.select(this.knex.raw("?? as ??",[c,o.name]))}}return e}isAggregateField(e){return!!this.query.resource?.aggregations?.find(n=>n.name===e)}addSorting(e){let{sort:r,resource:n}=this.query,i=this.table.primary,o=this.getTableName();if(!Array.isArray(i))throw new Error("Sorting requires primary key to be specified for table");if(r&&Object.keys(r||{}).length>0)for(let[u,c]of Object.entries(r)){let l=this.getFieldSchema(u);if(this.isUnsortableField(l))continue;let d=c.direction==="ascending"?"asc":"desc",f;(this.client==="pg"||this.client==="oracledb")&&(f=c.direction==="ascending"?"first":"last");let E=`${o}.${u}`,p;this.isAggregateField(u)?p=this.rawQuotedIdentifier(u):this.client==="oracledb"?p=this.convertClobs(E):p=this.rawQuotedIdentifier(E),e=e.orderByRaw(`?? ?? ${f?"nulls ??":""}`,[p,this.knex.raw(d),...f?[this.knex.raw(f)]:[]])}if(!((n?.aggregations?.length??0)>0)){let u=this.findSortablePrimaryKey(i);if(u&&(!r||r[u]===void 0))e=e.orderBy(`${o}.${u}`);else if(!u&&(!r||Object.keys(r).length===0))throw new Error(`Primary key not found for table ${this.table.name}`)}return e}isUnsortableField(e){return e?.type==="json"}findSortablePrimaryKey(e){return e.find(r=>{if(r==null)return!1;let n=this.getFieldSchema(r);return!this.isUnsortableField(n)})}tableNameWithSchema(e,r){let n=r?.schema?`${r.schema}.${e}`:e;return r?.alias&&(n+=` as ${r.alias}`),n}buildJsonField(e,r){let n=r.split("."),i=n[n.length-1],o,a;if(n.length>1){let l=n.shift();o=n.join("."),a=`${l}.${o}`}else o=n.join("."),a=o;this.query.meta?.columnPrefix&&(i=i.replace(this.query.meta.columnPrefix,""));let u=this.rawQuotedIdentifier(a),c=e.schema[i];return c&&c.type==="bigint"&&(u=this.castIntToString(u)),[o,u]}maxFunctionParameters(){switch(this.client){case"sqlite3":return 127;case"pg":return 100;default:return 200}}addJsonRelationships(e,r,n){let i=this.client,o=this.knex,{resource:a,tableAliases:u,schema:c,tables:l}=this.query,d=a?.fields||[];for(let f of n){let{tableName:E,through:p,to:T,from:h,fromPrimary:g,toPrimary:y}=f;if(!E||!r)continue;let I=l[E];if(!I)throw new Error(`related table "${E}" not found in datasource`);let O=u?.[E]||E,w=u?.[r]||r,S=p&&u?.[p]||p,_=this.tableNameWithSchema(E,{alias:O,schema:c}),U=[...I?.primary||[],I?.primaryDisplay].filter(R=>R),C=xM(d.filter(R=>R.split(".")[0]===O),U);C=C.slice(0,Math.floor(this.maxFunctionParameters()/2));let M=C.map(R=>this.buildJsonField(I,R));if(!M.length)continue;let H=M.map(R=>{let J=this.client==="oracledb"?" VALUE ":",";return this.knex.raw(`?${J}??`,[R[0],R[1]]).toString()}).join(","),we=`${O}.${y||T}`,W=o.from(_).orderBy(we),F=p&&y&&g,N=F?`${S}.${h}`:`${O}.${T}`,$=F?`${w}.${g}`:`${w}.${h}`;if(F){let R=this.tableNameWithSchema(p,{alias:S,schema:c});W=W.join(R,function(){this.on(`${O}.${y}`,"=",`${S}.${T}`)})}W=W.where(this.rawQuotedIdentifier(N),"=",this.rawQuotedIdentifier($));let k=s(R=>(W=W.select(C.map(J=>this.rawQuotedIdentifier(J))).limit(zm()),o.select(R).from({[O]:W})),"standardWrap"),K;switch(i){case"sqlite3":W=this.addJoinFieldCheck(W,f),K=k(this.knex.raw(`json_group_array(json_object(${H}))`));break;case"pg":K=k(this.knex.raw(`json_agg(json_build_object(${H}))`));break;case"mariadb":K=W.select(o.raw(`json_arrayagg(json_object(${H}) LIMIT ${zm()})`));break;case"mysql2":case"oracledb":K=k(this.knex.raw(`json_arrayagg(json_object(${H}))`));break;case"mssql":{let R=o.select("*").from({[w]:W.select(M.map(J=>o.ref(J[1]).as(J[0]))).limit(zm())});K=o.raw(`(SELECT ?? = (${R} FOR JSON PATH))`,[this.rawQuotedIdentifier(O)]);break}default:throw new Error(`JSON relationships not implement for ${i}`)}e=e.select({[f.column]:K})}return e}addJoin(e,r,n){let{tableAliases:i,schema:o}=this.query,a=r.to,u=r.from,c=r.through,l=i?.[a]||a,d=c&&i?.[c]||c,f=i?.[u]||u,E=this.tableNameWithSchema(a,{alias:l,schema:o}),p=c?this.tableNameWithSchema(c,{alias:d,schema:o}):void 0;return c?e=e.leftJoin(p,function(){for(let T of n){let h=T.fromPrimary,g=T.from;this.orOn(`${f}.${h}`,"=",`${d}.${g}`)}}).leftJoin(E,function(){for(let T of n){let h=T.toPrimary,g=T.to;this.orOn(`${l}.${h}`,`${d}.${g}`)}}):e=e.leftJoin(E,function(){for(let T of n){let h=T.from,g=T.to;this.orOn(`${f}.${h}`,"=",`${l}.${g}`)}}),e}qualifiedKnex(e){let r=this.query.tableAliases?.[this.query.table.name];return e?.alias===!1?r=void 0:typeof e?.alias=="string"&&(r=e.alias),this.knex(this.tableNameWithSchema(this.query.table.name,{alias:r,schema:this.query.schema}))}create(e){let{body:r}=this.query;if(!r)throw new Error("Cannot create without row body");let n=this.qualifiedKnex({alias:!1}),i=this.parseBody(r);if(this.client==="oracledb")for(let[o,a]of Object.entries(this.query.table.schema)){if(a.constraints?.presence===!0||a.type==="formula"||a.type==="auto"||a.type==="link"||a.type==="ai")continue;i[o]==null&&(i[o]=null)}else for(let[o,a]of Object.entries(i))a==null&&delete i[o];return e.disableReturning?n.insert(i):n.insert(i).returning("*")}bulkCreate(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));return r.insert(n)}bulkUpsert(){let{body:e}=this.query,r=this.qualifiedKnex({alias:!1});if(!Array.isArray(e))return r;let n=e.map(i=>this.parseBody(i));if(this.client==="pg"||this.client==="sqlite3"||this.client==="mysql2"||this.client==="mariadb"){let i=this.table.primary;if(!i)throw new Error("Primary key is required for upsert");return r.insert(n).onConflict(i).merge()}else if(this.client==="mssql"||this.client==="oracledb")return r.insert(n);return r.upsert(n)}read(e={}){let{operation:r,filters:n,paginate:i,relationships:o,table:a}=this.query,{limits:u}=e,c=this.qualifiedKnex(),l=null,d=u?.query||u?.base;if(i&&i.page&&i.limit){let p=(i.page<=1?0:i.page-1)*i.limit;d=i.limit,l=p}else i&&i.offset&&i.limit?(d=i.limit,l=i.offset):i&&i.limit&&(d=i.limit);r!=="COUNT"&&(d!=null&&(c=c.limit(d)),l!=null&&(c=c.offset(l)));let f=this.query.resource?.aggregations||[];if(r==="COUNT"?c=this.addDistinctCount(c):f.length>0?c=this.addAggregations(c,f):c=c.select(this.generateSelectStatement()),r!=="COUNT"&&(c=this.addSorting(c)),c=this.addFilters(c,n,{relationship:!0}),o?.length&&f.length===0){let E=this.query.tableAliases?.[a.name]||a.name,p=this.addSorting(this.knex.with("paginated",c.clone().clearSelect().select("*")).select(this.generateSelectStatement()).from({[E]:"paginated"}));return this.addJsonRelationships(p,a.name,o)}return c}update(e){let{body:r,filters:n}=this.query;if(!r)throw new Error("Cannot update without row body");let i=this.qualifiedKnex(),o=this.parseBody(r);return i=this.addFilters(i,n,{relationship:!0}),e.disableReturning?i.update(o):i.update(o).returning("*")}delete(e){let{filters:r}=this.query,n=this.qualifiedKnex();return n=this.addFilters(n,r,{relationship:!0}),e.disableReturning?n.delete():n.delete().returning(this.generateSelectStatement())}},Zm=class extends Gc{constructor(r,n=yO()){super(r);this.limit=n}static{s(this,"SqlQueryBuilder")}convertToNative(r,n={}){let i=this.getSqlClient();if(n?.disableBindings)return{sql:r.toString()};{let o=Zn(r);return i==="sqlite3"&&(o=_O(o)),o}}_query(r,n={}){let i=this.getSqlClient(),o={client:this.getBaseSqlClient()};(i==="sqlite3"||i==="oracledb")&&(o.useNullAsDefault=!0);let a=(0,SO.knex)(o),u,c=new Xm(i,a,r);switch(this._operation(r)){case"CREATE":u=c.create(n);break;case"READ":u=c.read({limits:{query:this.limit,base:yO()}});break;case"COUNT":u=c.read();break;case"UPDATE":u=c.update(n);break;case"DELETE":u=c.delete(n);break;case"BULK_CREATE":u=c.bulkCreate();break;case"BULK_UPSERT":u=c.bulkUpsert();break;case"CREATE_TABLE":case"UPDATE_TABLE":case"DELETE_TABLE":return this._tableQuery(r);default:throw"Operation type is not supported by SQL query builder"}return this.convertToNative(u,n)}async getReturningRow(r,n){if(!n.extra||!n.extra.idFilter)return{};let i=this._query({operation:"READ",datasource:n.datasource,schema:n.schema,table:n.table,tables:n.tables,resource:{fields:[]},filters:n.extra?.idFilter,paginate:{limit:1}});return r(i,"READ")}checkLookupKeys(r,n){if(!r||!n.table.primary)return n;let i=n.table.primary[0];return n.extra={idFilter:{equal:{[i]:r}}},n}async queryWithReturning(r,n,i=o=>o){let o=this.getSqlClient(),a=this._operation(r),u=this._query(r,{disableReturning:!0});if(Array.isArray(u)){let f=[];for(let E of u)f.push(await n(E,a));return f}let c;a==="DELETE"&&(c=i(await this.getReturningRow(n,r)));let l=await n(u,a),d=i(l);if(a==="CREATE"||a==="UPDATE"){let f;o==="mssql"?f=d?.[0].id:(o==="mysql2"||o==="mariadb")&&(f=d?.insertId),c=i(await this.getReturningRow(n,this.checkLookupKeys(f,r)))}return a==="COUNT"?d:a!=="READ"?c:d.length?d:[{[a.toLowerCase()]:!0}]}getTableName(r,n){let i=r.name;if(r.sourceType==="internal"||r.sourceId===zc){if(!r._id)return;i=r._id}return n?.[i]||i}convertJsonStringColumns(r,n,i){let o=this.getTableName(r,i);for(let[a,u]of Object.entries(r.schema)){if(!OO(u))continue;let c=`${o}.${a}`;for(let l of n)typeof l[c]=="string"&&(l[c]=JSON.parse(l[c])),typeof l[a]=="string"&&(l[a]=JSON.parse(l[a]))}return n}log(r,n){Us(this.getSqlClient(),r,n)}},IO=Zm;var th={};P(th,{base:()=>LM});function LM(t){return{_id:Ct,language:"sqlite",sql:{tables:{},options:{table_name:t}}}}s(LM,"base");var nh={};P(nh,{jsonFromCsvString:()=>kM});var wO=B(require("csvtojson"));async function kM(t,e){let{ignoreEmpty:r=!1,allowSingleColumn:n=!1,possibleDelimiters:i=[",",";",":","|","~","	"," "]}=e||{};for(let o of i){let a,u=!1;try{let c=await(0,wO.default)({ignoreEmpty:r,delimiter:o}).fromString(t);for(let[,l]of c.entries()){let d=Object.keys(l);if(a==null&&(a=d),!n&&d.length===1){u=!0;break}if(a.length!==d.length){u=!0;break}for(let f of a)(l[f]===void 0||l[f]==="")&&(l[f]=null)}if(u)continue;return c}catch{continue}}throw new Error("Unable to determine delimiter")}s(kM,"jsonFromCsvString");var ih=class{static{s(this,"Endpoint")}constructor(e,r,n){this.method=e,this.url=r,this.controller=n,this.middlewares=[],this.outputMiddlewares=[]}addMiddleware(e,r){return r?.first?this.middlewares.unshift(e):this.middlewares.push(e),this}addOutputMiddleware(e,r){return r?.first?this.outputMiddlewares.unshift(e):this.outputMiddlewares.push(e),this}apply(e){let r=this.method,n=this.url,i=this.middlewares,o=this.controller,a=this.outputMiddlewares,u=s(()=>{},"complete"),c=[n,...i,o,...a,u];e[r](...c)}},$c=ih;var RO=B(require("@koa/router"));var Dn=class{constructor(){this.endpoints=[];this.middlewares=[];this.outputMiddlewares=[];this.applied=!1;this.locked=!1}static{s(this,"EndpointGroup")}addGroupMiddleware(e,r={first:!0}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.middlewares.push({fn:e,first:r.first}),this}addGroupMiddlewareOutput(e,r={first:!1}){if(this.locked)throw new Error("Group locked, no more middleware can be added.");return this.outputMiddlewares.push({fn:e,first:r.first}),this}addEndpoint(e,r,...n){let i=n.pop(),o=new $c(e,r,i);if(n.length!==0)for(let a of n)o.addMiddleware(a);return this.endpoints.push(o),this}lockMiddleware(){this.locked=!0}post(e,...r){return this.addEndpoint("post",e,...r)}patch(e,...r){return this.addEndpoint("patch",e,...r)}put(e,...r){return this.addEndpoint("put",e,...r)}get(e,...r){return this.addEndpoint("get",e,...r)}delete(e,...r){return this.addEndpoint("delete",e,...r)}head(e,...r){return this.addEndpoint("head",e,...r)}apply(e){let r=this.endpointList();e||(e=new RO.default);for(let n of r)n.apply(e);return e}endpointList(){if(this.applied)throw new Error("Already applied to router");this.applied=!0;for(let e of this.endpoints)this.middlewares.forEach(({fn:r,first:n})=>e.addMiddleware(r,{first:n})),this.outputMiddlewares.forEach(({fn:r,first:n})=>e.addOutputMiddleware(r,{first:n}));return this.endpoints}};var $o=class{constructor(){this.groups=[]}static{s(this,"EndpointGroupList")}group(...e){let r=new Dn;return e.length&&e.forEach(n=>{"first"in n?r.addGroupMiddleware(n.middleware,{first:n.first}):r.addGroupMiddleware(n)}),this.groups.push(r),r}listAllEndpoints(){let e=this.groups.flatMap(i=>i.endpointList()),r=[],n=[];for(let i of e)i.url.includes(":")?n.push(i):r.push(i);return[...r,...n]}};var MM={...Hs,...ae},FM=s((t={})=>{eu(t.db)},"init");0&&(module.exports={APIWarning,ActiveContentFileError,AutomationViewMode,BUDIBASE_DATASOURCE_TYPE,BadRequestError,BudibaseError,Config,Cookie,DEFAULT_BB_DATASOURCE_ID,DEFAULT_EMPLOYEE_TABLE_ID,DEFAULT_EXPENSES_TABLE_ID,DEFAULT_INVENTORY_TABLE_ID,DEFAULT_JOBS_TABLE_ID,DEFAULT_TENANT_ID,DeprecatedViews,DesignDocuments,DocumentType,Duration,DurationType,EmailUnavailableError,Endpoint,EndpointGroup,EndpointGroupList,FeatureDisabledError,FeatureDisabledWarning,ForbiddenError,GlobalRole,HTTPError,Header,InternalTable,InvalidAPIKeyWarning,MAX_VALID_DATE,MIN_VALID_DATE,NotFoundError,NotImplementedError,RedisClient,SEPARATOR,SQLITE_DESIGN_DOC_ID,SQS_DATASOURCE_INTERNAL,StaticDatabases,UNICODE_MAX,USER_METADATA_PREFIX,UnexpectedError,UsageLimitError,UsageLimitWarning,UserStatus,ViewName,WORKSPACE_DEV,WORKSPACE_DEV_PREFIX,WORKSPACE_PREFIX,accounts,auth,blacklist,cache,configs,constants,context,csv,db,docIds,docUpdates,encryption,env,errors,events,features,getErrorMessage,getPublicError,init,installation,locks,logging,middleware,objectStore,permissions,platform,plugins,queue,redis,roles,security,sessions,setEnv,sql,tenancy,timers,userUtils,users,utils,warnings,withEnv});
 //# sourceMappingURL=index.js.map