@datawheel/bespoke 0.1.18 → 0.1.19

package/dist/server.js

@@ -23,6 +23,7 @@ import auth0 from 'auth0';
 import NextCors from 'nextjs-cors';
 import formidable from 'formidable';
 import glob from 'fast-glob';
+import toposort from 'toposort';
 import { schema, normalize } from 'normalizr';
 import { createSlice, configureStore } from '@reduxjs/toolkit';
 import { HYDRATE, createWrapper } from 'next-redux-wrapper';
@@ -53,7 +54,6 @@ var afterRefetch = async (req, res, session) => {
   return session;
 };
 var fetchMe = async (req, res, refetch) => {
-  console.log("fetchMe: refetch?", refetch);
   return await getAuth_default.handleProfile(req, res, { afterRefetch, refetch });
 };
 var handleAuth_default = getAuth_default.handleAuth({
@@ -67,12 +67,15 @@ var handleAuth_default = getAuth_default.handleAuth({
   }
 });
 
+// libs/js/arrayUtils.ts
+var keyDiver = (obj, str) => !str ? obj : typeof str === "string" ? str.split(".").reduce((o, i) => o[i], obj) : obj;
+function arrContainsAnyItem(arr1, arr2) {
+  return arr1.some((item) => arr2.includes(item));
+}
+
 // api/auth/withApiRoleAuthRequired.tsx
 var withApiRoleAuthRequired = (apiRoute, allowedRoles) => {
   return async function(req, res) {
-    function arrContains(arr1, arr2) {
-      return arr1.some((item) => arr2.includes(item));
-    }
     const session = await getAuth_default.getSession(req, res);
     if (!session || !session.user) {
       res.status(401).json({
@@ -82,7 +85,7 @@ var withApiRoleAuthRequired = (apiRoute, allowedRoles) => {
       return;
     }
     const usersRoles = session.user.bespoke_roles;
-    if (allowedRoles.length > 0 && !arrContains(usersRoles, allowedRoles)) {
+    if (allowedRoles.length > 0 && !arrContainsAnyItem(usersRoles, allowedRoles)) {
       res.status(402).json({
         error: "unauthorize",
         description: "The user requires some specific roles"
@@ -1661,13 +1664,20 @@ if (!connectionString) {
 var getDB = () => {
   if (!global.sequelize) {
     if (verbose2)
-      console.log("INITIALIZING DB CONNECTION");
+      console.log("\u{1F511} INITIALIZING DB CONNECTION");
     let sequelize;
     try {
       sequelize = new Sequelize(connectionString, {
         // logging: verbose ? console.log : false,
         logging: false,
-        dialectModule: pg
+        dialectModule: pg,
+        pool: {
+          max: 10,
+          min: 1,
+          acquire: 5 * 1e3,
+          idle: 10 * 1e3,
+          evict: 1 * 1e3
+        }
       });
     } catch (e) {
       throw new Error(`
@@ -1690,7 +1700,7 @@ var getDB = () => {
     }).then(() => sequelize.models);
   } else {
     if (verbose2)
-      console.log("RE-UTILIZING DB CONNECTION");
+      console.log("\u267B\uFE0F  RE-UTILIZING DB CONNECTION");
   }
   return global.sequelize;
 };
@@ -1734,9 +1744,6 @@ var getLocales_default = () => {
   return { localeDefault: localeDefault10, locales: locales8 };
 };
 
-// libs/js/arrayUtils.ts
-var keyDiver = (obj, str) => !str ? obj : typeof str === "string" ? str.split(".").reduce((o, i) => o[i], obj) : obj;
-
 // libs/js/stripHTML.ts
 function stripHTML(n) {
   const entities = {
@@ -2021,33 +2028,17 @@ function readMemberImageFactory(db) {
   async function readMemberImage(params) {
     const member = await Search.findOne({
       where: { content_id: params.member },
-      include: [
-        {
-          association: "image",
-          attributes: ["id", "author", "url", "license", params.size],
-          include: [{
-            association: "contentByLocale"
-          }]
-        },
-        {
-          association: "report",
-          attributes: ["id", "name"]
-        },
-        {
-          association: "dimension",
-          attributes: ["id", "name", "ordering"]
-        },
-        {
-          association: "variant",
-          attributes: ["id", "name", "slug"]
-        }
-      ]
+      include: [{
+        association: "image",
+        attributes: [params.size],
+        include: [{
+          association: "contentByLocale"
+        }]
+      }]
     });
-    if (member && member.image) {
-      if (member.image[params.size]) {
-        const image = member.image[params.size];
-        return image;
-      }
+    if (member && member.image && member.image[params.size]) {
+      const image = member.image[params.size];
+      return image;
     } else {
       const emptyPixelImage = Buffer.from(
         "iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNkkAQAAB8AG7jymN8AAAAASUVORK5CYII=",
@@ -2055,7 +2046,6 @@ function readMemberImageFactory(db) {
       );
       return emptyPixelImage;
     }
-    throw new BackendError(404, "error in image, member not found");
   }
 }
 lunrStemmer(lunr);
@@ -2084,26 +2074,20 @@ var whitelist = [
   "vi",
   "zh"
 ];
-var verbose3 = getLogging_default();
+getLogging_default();
 var { locales } = getLocales_default();
 var enabledLocales = locales.filter((d) => whitelist.includes(d));
 var initializing = false;
 var getSearchIndexByLocale = async (db, forceRegenerate = false) => {
   if (forceRegenerate) {
-    if (verbose3)
-      console.log("CLEARING SEARCH INDEX");
     global.lunrsearch = void 0;
     initializing = false;
   }
   if (global.lunrsearch) {
-    if (verbose3)
-      console.log("RE-UTILIZING SEARCH INDEX");
     return global.lunrsearch;
   }
   try {
     if (!initializing) {
-      if (verbose3)
-        console.log("INITIALIZING SEARCH INDEX");
       initializing = true;
       global.lunrsearch = await newSearchIndex(db);
     }
@@ -3027,7 +3011,7 @@ function endpointMemberFactory(operations) {
     endpoint("POST", "update/member", (req) => {
       const { body } = req;
       return updateMember(body);
-    }, CMS_ROLES.EDITOR),
+    }, [CMS_ROLES.EDITOR]),
     /*
      *  Get image file itself
      *  Example queries:
@@ -3037,7 +3021,7 @@ function endpointMemberFactory(operations) {
       const size = normalizeList(req.query.size)[0];
       return readMemberImage({
         member: parseFiniteNumber(req.query.member),
-        size: size && size === "large" ? "large" : "thumb"
+        size: size && size === "splash" ? "splash" : "thumb"
       });
     })
   ];
@@ -3502,6 +3486,72 @@ function dbRevalidateFactory(db) {
     }
   };
 }
+
+// libs/blocks/crawlDown.ts
+function crawlDown(rootBlockIds, blockList) {
+  let consumersBlocksIds = [];
+  const crawlDownIndividual = (privateBlockId) => {
+    const downIds = Object.values(blockList).reduce((acc, block) => {
+      if ("inputs" in block && block.inputs.includes(privateBlockId)) {
+        acc.push(block.id);
+        acc = acc.concat(crawlDownIndividual(block.id));
+      }
+      return acc;
+    }, []);
+    return downIds;
+  };
+  rootBlockIds.forEach((rootBlockId) => {
+    consumersBlocksIds = consumersBlocksIds.concat(crawlDownIndividual(rootBlockId));
+  });
+  const uniqueConsumerBlocksIds = [];
+  consumersBlocksIds.forEach((id) => {
+    if (!uniqueConsumerBlocksIds.includes(id)) {
+      uniqueConsumerBlocksIds.push(id);
+    }
+  });
+  return uniqueConsumerBlocksIds;
+}
+
+// api/db/readPrivateBlocks.ts
+function accessContainsRole(arr1, arr2) {
+  return arr1.some((item) => arr2.includes(`role.${item}`));
+}
+function dbReadPrivateBlocksFactory(db) {
+  const { report: Report } = db;
+  return dbReadPrivateBlocks;
+  async function dbReadPrivateBlocks(params) {
+    const allBlocks = await Report.findByPk(
+      params.report_id,
+      {
+        include: reportQuery.include
+      }
+    ).then((report) => {
+      if (report && report.sections && Array.isArray(report.sections)) {
+        return report.sections.reduce((acc, section) => {
+          const nestedBlocks = section.blocks.map((entity) => {
+            const normalized = entity.toJSON();
+            normalized.inputs = normalized.inputs.map((b) => b.id);
+            normalized.consumers = normalized.consumers.map((b) => b.id);
+            return normalized;
+          });
+          return acc.concat(nestedBlocks);
+        }, []);
+      } else {
+        return [];
+      }
+    });
+    let privateBlockIds = allBlocks.filter((block) => {
+      return block.settings && block.settings.access && Array.isArray(block.settings.access) && Array.isArray(params.roles) && (block.settings.access.includes("private") || accessContainsRole(params.roles, block.settings.access));
+    }).map((block) => block.id);
+    privateBlockIds = privateBlockIds.concat(crawlDown(privateBlockIds, allBlocks));
+    return {
+      params: {
+        ...params
+      },
+      data: allBlocks.filter((block) => privateBlockIds.includes(block.id))
+    };
+  }
+}
 var auth0ConfigObject = {
   domain: new URL(process.env.AUTH0_ISSUER_BASE_URL || "").host,
   clientId: process.env.AUTH0_CLIENT_ID,
@@ -3642,7 +3692,8 @@ function apiFactory(dbModels) {
     readUser: resultWrapper(dbReadUser()),
     updateUser: resultWrapper(dbUpdateUser()),
     addNewReportToCurrentUser: resultWrapper(dbAddNewReportToCurrentUser()),
-    revalidate: resultWrapper(dbRevalidateFactory())
+    revalidate: resultWrapper(dbRevalidateFactory()),
+    readPrivateBlocks: resultWrapper(dbReadPrivateBlocksFactory(dbModels))
   };
 }
 async function parseBody(req) {
@@ -3671,7 +3722,7 @@ function endpointCRUDFactory(api, entity) {
     endpoint("POST", `create/${entity}`, (req) => {
       const { body } = req;
       return crudCreate(body);
-    }, CMS_ROLES.EDITOR),
+    }, [CMS_ROLES.EDITOR]),
     endpoint("GET", `read/${entity}`, (req) => {
       const params = req.query;
       const id = normalizeList(params.id).map(parseFiniteNumber);
@@ -3680,11 +3731,11 @@ function endpointCRUDFactory(api, entity) {
     endpoint("POST", `update/${entity}`, (req) => {
       const { body } = req;
       return crudUpdate(body);
-    }, CMS_ROLES.EDITOR),
+    }, [CMS_ROLES.EDITOR]),
     endpoint("DELETE", `delete/${entity}`, (req) => {
       const id = parseFiniteNumber(req.body.id);
       return crudDelete(id);
-    }, CMS_ROLES.EDITOR)
+    }, [CMS_ROLES.EDITOR])
   ];
 }
 function endpointVariantCRUDFactory(api) {
@@ -3695,7 +3746,7 @@ function endpointVariantCRUDFactory(api) {
       const params = req.query;
       const dimension = parseFiniteNumber(params.dimension);
       return validateVariantSlug({ dimension, slug: slugify_default(params.slug) });
-    }, CMS_ROLES.EDITOR)
+    }, [CMS_ROLES.EDITOR])
   ];
 }
 
@@ -3712,7 +3763,7 @@ function endpointImageSaveFactory(operations, provider) {
       throw new BackendError(400, "Missing 'image_id' parameter.");
     }
     return saveMethod(params);
-  }, CMS_ROLES.EDITOR);
+  }, [CMS_ROLES.EDITOR]);
 }
 
 // api/endpoints/image/imageSearch.ts
@@ -3725,7 +3776,7 @@ function endpointImageSearchFactory(operations, provider) {
       throw new BackendError(400, "Empty 'prompt' param.");
     }
     return searchMethod({ prompt });
-  }, CMS_ROLES.EDITOR);
+  }, [CMS_ROLES.EDITOR]);
 }
 
 // api/endpoints/readMetadata.ts
@@ -3737,7 +3788,7 @@ function endpointReadMetadataFactory(operations) {
 // api/endpoints/regenerateSearch.ts
 function endpointRegenerateSearchFactory(operations) {
   const { regenerateSearch } = operations;
-  return endpoint("POST", "search/regenerate", () => regenerateSearch(void 0), CMS_ROLES.EDITOR);
+  return endpoint("POST", "search/regenerate", () => regenerateSearch(void 0), [CMS_ROLES.EDITOR]);
 }
 
 // api/endpoints/searchReport.ts
@@ -3813,7 +3864,20 @@ function endpointRevalidateFactory(operations) {
       console.log(err);
       throw new BackendError(500, "Error revalidating");
     }
-  });
+  }, [CMS_ROLES.EDITOR]);
+}
+
+// api/endpoints/readPrivateBlocks.ts
+function endpointReadPrivateBlocksFactory(operations) {
+  const { readPrivateBlocks: readPrivateBlocks2 } = operations;
+  return endpoint("POST", "read/blocks/private", (req, res, session) => {
+    const params = {
+      report_id: parseInt(req.body.report_id, 10),
+      locale: req.body.locale || "es",
+      roles: session && session.user ? session.user.bespoke_roles : []
+    };
+    return readPrivateBlocks2(params);
+  }, []);
 }
 
 // api/endpoints/users/auth0.ts
@@ -3821,7 +3885,7 @@ function endpointGetRolesFactory(operations) {
   const { searchRole: searchRole2 } = operations;
   return endpoint("GET", "auth/search/roles", () => {
     return searchRole2("");
-  }, CMS_ROLES.ADMIN);
+  }, [CMS_ROLES.EDITOR]);
 }
 function endpointGetUsersFactory(operations) {
   const { searchUser: searchUser2 } = operations;
@@ -3831,13 +3895,13 @@ function endpointGetUsersFactory(operations) {
       role_id: req.query.role_id,
       page: req.query.page || 0
     });
-  }, CMS_ROLES.ADMIN);
+  }, [CMS_ROLES.ADMIN]);
 }
 function endpointGetUserDataFactory(operations) {
   const { readUser: readUser2 } = operations;
   return endpoint("GET", "auth/read/user", (req) => {
     return readUser2(req.query.user_id);
-  }, CMS_ROLES.ADMIN);
+  }, [CMS_ROLES.ADMIN]);
 }
 function endpointUpdateUserDataFactory(operations) {
   const { updateUser: updateUser2, readUser: readUser2 } = operations;
@@ -3858,7 +3922,7 @@ function endpointUpdateUserDataFactory(operations) {
       }
     }
     return response;
-  }, CMS_ROLES.ADMIN);
+  }, [CMS_ROLES.ADMIN]);
 }
 function endpointAddNewReportToCurrentUserFactory(operations) {
   const { updateUser: updateUser2, readUser: readUser2 } = operations;
@@ -3905,7 +3969,7 @@ function endpointAddNewReportToCurrentUserFactory(operations) {
         error: error.message
       };
     }
-  }, CMS_ROLES.EDITOR);
+  }, [CMS_ROLES.EDITOR]);
 }
 
 // api/endpoints/index.ts
@@ -3939,7 +4003,8 @@ function getEndpointMap(db) {
     endpointGetUserDataFactory(api),
     endpointUpdateUserDataFactory(api),
     endpointAddNewReportToCurrentUserFactory(api),
-    endpointRevalidateFactory(api)
+    endpointRevalidateFactory(api),
+    endpointReadPrivateBlocksFactory(api)
   ].map(({ handler, method, path, roleRequired }) => [endpointKey(method, path), { handler, roleRequired }]));
 }
 var endpointMap = getDB().then(getEndpointMap);
@@ -3963,7 +4028,7 @@ async function endpointNextJsHandlerFactory(req, res) {
           return res.status(401).json({ error: "Unauthorized. Must be logged in." });
         }
         const userRoles = session && session.user && session.user.bespoke_roles && Array.isArray(session.user.bespoke_roles) ? session.user.bespoke_roles : [];
-        if (!userRoles.includes(handlerObj.roleRequired)) {
+        if (Array.isArray(handlerObj.roleRequired) && handlerObj.roleRequired.length > 0 && !arrContainsAnyItem(userRoles, handlerObj.roleRequired)) {
           return res.status(402).json({ error: "Forbidden. Not enough roles." });
         }
       }
@@ -4009,6 +4074,7 @@ var crosswalk_default = reportsCrosswalkEntrypointFn;
 // store/actions.ts
 var actions_exports = {};
 __export(actions_exports, {
+  addBlockToState: () => addBlockToState,
   addNewReportToCurrentUser: () => addNewReportToCurrentUser,
   createEntity: () => createEntity,
   deleteEntity: () => deleteEntity,
@@ -4016,8 +4082,10 @@ __export(actions_exports, {
   readEntity: () => readEntity,
   readMember: () => readMember,
   readMetadata: () => readMetadata,
+  readPrivateBlocks: () => readPrivateBlocks,
   readUser: () => readUser,
   recalculateVariables: () => recalculateVariables,
+  removeBlocksFromState: () => removeBlocksFromState,
   reportSearch: () => reportSearch,
   searchMember: () => searchMember,
   searchRegenerate: () => searchRegenerate,
@@ -4140,7 +4208,8 @@ function apiFactory2(baseURL) {
     readUser: httpGET(axios6, "auth/read/user"),
     updateUser: httpPOST(axios6, "auth/update/user"),
     addNewReportToCurrentUser: httpPOST(axios6, "auth/update/me"),
-    revalidate: httpGET(axios6, "revalidate/report")
+    revalidate: httpGET(axios6, "revalidate/report"),
+    readPrivateBlocks: httpPOST(axios6, "read/blocks/private")
   };
 }
 var transformDeletePayload = (id) => ({ id });
@@ -4194,7 +4263,7 @@ function mortarEval(varInnerName, varOuterValue, logic, formatterFunctions, attr
       if (typeof output === "object" && Object.keys(output).length > 0) {
         Object.assign(vars, output);
       }
-      return { vars, error: null, log };
+      return { vars, error: null, log, output };
     }
     return { vars, error: "Invalid API Link", log };
   } catch (err) {
@@ -4371,8 +4440,6 @@ function getRootBlocksForSection(sid, blocks) {
   );
 }
 var getRootBlocksForSection_default = getRootBlocksForSection;
-
-// libs/blocks/runConsumers.ts
 var verbose7 = getLogging_default();
 var ORIGIN = process.env.REPORTS_ORIGIN || "";
 axios5.interceptors.request.use((config) => ({
@@ -4417,7 +4484,7 @@ async function runSingleBlock(block, formatterFunctions, blockContext) {
     api = swapAPI(unswappedAPI, formatterFunctions, blockContext);
     apiResponse = await apiFetch(api).then((result) => {
       if (verbose7)
-        console.log("Variable loaded:", api);
+        console.log("Variable loaded:", api, "response time: ", result.requestDuration);
       return result;
     }, (e) => {
       if (verbose7)
@@ -4489,11 +4556,57 @@ async function runSingleBlock(block, formatterFunctions, blockContext) {
     }
   };
 }
-var runConsumers = async (blocks, sid, bid, formatterFunctions, blockContext) => {
+var getConsumers = (bid, blocks, acc = []) => {
+  const rootBlock = blocks[bid];
+  if (rootBlock.consumers.length) {
+    rootBlock.consumers.forEach((consumer) => {
+      getConsumers(consumer, blocks, acc);
+    });
+  }
+  acc.push(bid);
+  return acc;
+};
+var getDependencies = (bid, blocks, acc = []) => {
+  const rootBlock = blocks[bid];
+  if (rootBlock.consumers.length) {
+    rootBlock.consumers.forEach((cid) => {
+      acc.push([bid, cid]);
+      rootBlock.consumers.forEach((cid2) => getDependencies(cid2, blocks, acc));
+    });
+  }
+  return acc;
+};
+var runConsumersV2 = async (blocks, sections, bid, formatterFunctions, blockContext, initialVariables = {}) => {
+  if (!bid && !sections)
+    return { variables: {} };
+  const variablesById = { ...initialVariables };
+  const parsedBlockContext = parseBlockContext(blockContext);
+  const attributes = parsedBlockContext.variables;
+  const rootBlocks = bid ? { [bid]: blocks[bid] } : sections.reduce((rootBlocks2, { id }) => ({ ...rootBlocks2, ...getRootBlocksForSection_default(id, blocks) }), {});
+  const blockDeps = Object.keys(rootBlocks).reduce((deps, bid2) => [...deps, ...getDependencies(Number(bid2), blocks)], []);
+  const orderedDAG = toposort(blockDeps);
+  const blockOrder = bid ? orderedDAG : Object.keys(blocks).sort((a, b) => orderedDAG.indexOf(Number(a)) - orderedDAG.indexOf(Number(b)));
+  for (const blockId of blockOrder) {
+    const block = blocks[blockId];
+    const variables = block.inputs.reduce((acc, d) => ({ ...acc, ...variablesById[d] }), attributes);
+    const { outputVariables } = await runSingleBlock(
+      block,
+      formatterFunctions,
+      {
+        ...parsedBlockContext,
+        variables
+      }
+    );
+    variablesById[blockId] = outputVariables;
+  }
+  return { variables: { ...initialVariables, ...variablesById } };
+};
+var runConsumers = async (blocks, sid, bid, formatterFunctions, blockContext, initialVariables) => {
+  const revalidate = bid ? getConsumers(bid, blocks) : [];
   const rootBlocks = bid ? { [bid]: blocks[bid] } : getRootBlocksForSection_default(sid, blocks);
   const parsedBlockContext = parseBlockContext(blockContext);
   const attributes = parsedBlockContext.variables;
-  const variablesById = {};
+  const variablesById = initialVariables ? { ...initialVariables } : {};
   const statusById = {};
   const crawlUp = async (bid2) => {
     const block = blocks[bid2];
@@ -4519,13 +4632,13 @@ var runConsumers = async (blocks, sid, bid, formatterFunctions, blockContext) =>
       statusById[bid2] = status;
     }
   };
-  const crawlDown = async (bid2, cascader = false) => {
+  const crawlDown2 = async (bid2, cascader = false) => {
     if (cascader) {
       variablesById[bid2] = {};
       statusById[bid2] = { hiddenByCascade: cascader };
       for (let i = 0; i < blocks[bid2].consumers.length; i += 1) {
         const cid = blocks[bid2].consumers[i];
-        await crawlDown(cid, cascader);
+        await crawlDown2(cid, cascader);
       }
       return;
     }
@@ -4548,7 +4661,7 @@ var runConsumers = async (blocks, sid, bid, formatterFunctions, blockContext) =>
       if (block.settings.allowed === "never")
         allowed = false;
       else {
-        const { vars, error } = mortarEval_default(
+        const { vars, error, output } = mortarEval_default(
           "variables",
           { ...variables, ...attributes },
           block.settings.allowedLogic,
@@ -4557,29 +4670,28 @@ var runConsumers = async (blocks, sid, bid, formatterFunctions, blockContext) =>
           parsedBlockContext
         );
         if (!error)
-          allowed = Boolean(vars);
+          allowed = Boolean(output);
       }
     }
     if (allowed) {
-      if (!variablesById[bid2]) {
+      if (!variablesById[bid2] || revalidate.includes(Number(bid2))) {
         const { outputVariables, status } = await runSingleBlock(block, formatterFunctions, { ...parsedBlockContext, variables: { ...variables, ...attributes } });
-        if (block.type === BLOCK_TYPES.GENERATOR)
-          variablesById[bid2] = outputVariables;
+        variablesById[bid2] = outputVariables;
         statusById[bid2] = status;
       }
       for (const cid of blocks[bid2].consumers) {
-        await crawlDown(cid);
+        await crawlDown2(cid);
       }
     } else {
       variablesById[bid2] = {};
       statusById[bid2] = { hiddenByCascade: bid2 };
       for (const cid of blocks[bid2].consumers) {
-        await crawlDown(cid, bid2);
+        await crawlDown2(cid, bid2);
       }
     }
   };
   for (const id of Object.keys(rootBlocks)) {
-    await crawlDown(id);
+    await crawlDown2(id);
   }
   return {
     variables: variablesById,
@@ -4779,7 +4891,10 @@ var statusSlice = createSlice({
      * properties for the client's components.
      */
     [HYDRATE]: (_state, _action) => {
-      return initialState;
+      return {
+        ..._state,
+        previews: _action.payload.status.previews
+      };
     }
   }
 });
@@ -4979,6 +5094,33 @@ var recordsSlice = createSlice({
           arrayRemove(state.entities[parentType][parentId][pluralKey], id);
         }
       }
+    },
+    removeBlocks: (state, action) => {
+      const privateBlockIds = action.payload;
+      const newBlocks = { ...state.entities.block };
+      privateBlockIds.forEach((pbId) => {
+        delete newBlocks[pbId];
+      });
+      return {
+        ...state,
+        entities: {
+          ...state.entities,
+          block: newBlocks
+        }
+      };
+    },
+    addBlocks: (state, action) => {
+      const newBlocks = action.payload;
+      return {
+        ...state,
+        entities: {
+          ...state.entities,
+          block: {
+            ...state.entities.block,
+            ...newBlocks
+          }
+        }
+      };
     }
   },
   extraReducers: {
@@ -4991,7 +5133,7 @@ var recordsSlice = createSlice({
      */
     [HYDRATE]: (state, action) => {
       const nextState = action.payload.records;
-      const entities = combineRecords(state.entities, nextState.entities);
+      const entities = nextState.entities;
       return {
         entities,
         reports: Object.values(entities.report).map((item) => item.id),
@@ -5025,8 +5167,6 @@ function arrayRemove(list2, item) {
     list2.splice(index, 1);
   }
 }
-
-// store/recordsActions.ts
 var recordsActions = recordsSlice.actions;
 var createEntity = entityActionFactory({
   block: createHandlerFactory("block"),
@@ -5364,6 +5504,27 @@ function addNewReportToCurrentUser(params) {
     return result.data;
   };
 }
+function removeBlocksFromState(privateBlockIds) {
+  const { removeBlocks } = recordsSlice.actions;
+  return async (dispatch) => {
+    await dispatch(removeBlocks(privateBlockIds));
+  };
+}
+function addBlockToState(newBlocks) {
+  const { addBlocks } = recordsSlice.actions;
+  return async (dispatch) => {
+    await dispatch(addBlocks(newBlocks));
+  };
+}
+function readPrivateBlocks(params) {
+  return async (_, __, api) => {
+    const result = await api.readPrivateBlocks({ ...params, roles: [] });
+    if ("error" in result) {
+      throw new Error(result.error);
+    }
+    return result.data;
+  };
+}
 var storeFactory = (_context) => configureStore({
   reducer: {
     [recordsSlice.name]: recordsSlice.reducer,
@@ -5470,7 +5631,6 @@ function BespokeRendererStaticPaths(options) {
         paths = req.data.results.slice(0, limit).map((item) => ({
           locale: locales8.find((token) => token === item.locale),
           params: {
-            //@ts-ignore
             bespoke: [item.variant.slug, item.slug]
             // TODO: fix SearchResult definition
           }
@@ -5492,7 +5652,6 @@ function BespokeRendererStaticProps(options) {
     return async (context) => {
       await dispatch(useDatabaseApi);
       const buildTime = (/* @__PURE__ */ new Date()).toISOString();
-      console.log("StaticProps", context);
       const {
         locale = localeDefault7,
         // TODO: detect or use app default
@@ -5526,16 +5685,27 @@ function BespokeRendererStaticProps(options) {
       const formatters = funcifyFormattersByLocale(formatterList, localeDefault7);
       const sectionList = selectSectionList(state);
       const blockRecords = selectBlockRecords(state);
+      const publicBlockRecords = { ...blockRecords };
+      let privateBlockIds = Object.values(blockRecords).reduce((acc, block) => {
+        if ("access" in block.settings && !["public", "guest"].some((grant) => !block.settings.access || block.settings.access.includes(grant))) {
+          console.log("is Private", block.id);
+          acc.push(block.id);
+        }
+        return acc;
+      }, []);
+      privateBlockIds = privateBlockIds.concat(crawlDown(privateBlockIds, Object.values(publicBlockRecords)));
+      privateBlockIds.forEach((privateBlockId) => {
+        delete publicBlockRecords[privateBlockId];
+      });
+      await dispatch(removeBlocksFromState(privateBlockIds));
       const attributes = previewsToAttributes_default(members.results);
-      await Promise.all(sectionList.map(
-        (section) => runConsumers(blockRecords, section.id, void 0, formatters, {
-          locale,
-          query: params,
-          variables: attributes
-        }).then((data) => {
-          dispatch(variablesActions.setVariableChange({ ...data, attributes }));
-        })
-      ));
+      await runConsumersV2(publicBlockRecords, sectionList, void 0, formatters, {
+        locale,
+        query: params,
+        variables: attributes
+      }).then((data) => {
+        dispatch(variablesActions.setVariableChange({ ...data, attributes }));
+      });
       return {
         props: {
           buildTime