dbgate-api-premium 7.0.6 → 7.1.1

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "dbgate-api-premium",
   "main": "src/index.js",
-  "version": "7.0.6",
-  "homepage": "https://dbgate.org/",
+  "version": "7.1.1",
+  "homepage": "https://www.dbgate.io/",
   "repository": {
     "type": "git",
     "url": "https://github.com/dbgate/dbgate.git"
@@ -30,10 +30,11 @@
     "compare-versions": "^3.6.0",
     "cors": "^2.8.5",
     "cross-env": "^6.0.3",
-    "dbgate-datalib": "^7.0.6",
-    "dbgate-query-splitter": "^4.11.9",
-    "dbgate-sqltree": "^7.0.6",
-    "dbgate-tools": "^7.0.6",
+    "dbgate-datalib": "^7.1.1",
+    "dbgate-query-splitter": "^4.12.0",
+    "dbgate-rest": "^7.1.1",
+    "dbgate-sqltree": "^7.1.1",
+    "dbgate-tools": "^7.1.1",
     "debug": "^4.3.4",
     "diff": "^5.0.0",
     "diff2html": "^3.4.13",
@@ -87,7 +88,7 @@
   "devDependencies": {
     "@types/fs-extra": "^9.0.11",
     "@types/lodash": "^4.14.149",
-    "dbgate-types": "^7.0.6",
+    "dbgate-types": "^7.1.1",
     "env-cmd": "^10.1.0",
     "jsdoc-to-markdown": "^9.0.5",
     "node-loader": "^1.0.2",

package/src/auth/storageAuthProvider.js

@@ -14,6 +14,7 @@ const {
   loadSuperadminPermissions,
   readComplexUserRolePermissions,
   readComplexRolePermissions,
+  resolvePermissionConnectionIds,
   storageCheckRoleConnectionAccess,
   storageCheckUserRoleConnectionAccess,
 } = require('../controllers/storageDb');
@@ -61,12 +62,12 @@ class SuperadminAuthProvider extends AuthProviderBase {
 
   async getCurrentDatabasePermissions(req) {
     const databasePermissions = await readComplexRolePermissions(-3, 'role_databases');
-    return databasePermissions;
+    return resolvePermissionConnectionIds(databasePermissions);
   }
 
   async getCurrentTablePermissions(req) {
     const tablePermissions = await readComplexRolePermissions(-3, 'role_tables');
-    return tablePermissions;
+    return resolvePermissionConnectionIds(tablePermissions);
   }
 
   async getCurrentFilePermissions(req) {
@@ -104,13 +105,13 @@ class StorageProviderBase extends AuthProviderBase {
   async getCurrentDatabasePermissions(req) {
     const userId = this.getUserIdFromRequest(req);
     const databasePermissions = await readComplexUserRolePermissions(userId, 'user_databases', 'role_databases');
-    return databasePermissions;
+    return resolvePermissionConnectionIds(databasePermissions);
   }
 
   async getCurrentTablePermissions(req) {
     const userId = this.getUserIdFromRequest(req);
     const tablePermissions = await readComplexUserRolePermissions(userId, 'user_tables', 'role_tables');
-    return tablePermissions;
+    return resolvePermissionConnectionIds(tablePermissions);
   }
 
   async getCurrentFilePermissions(req) {
@@ -172,12 +173,12 @@ class AnonymousProvider extends StorageProviderBase {
 
   async getCurrentDatabasePermissions(req) {
     const databasePermissions = await readComplexRolePermissions(-1, 'role_databases');
-    return databasePermissions;
+    return resolvePermissionConnectionIds(databasePermissions);
   }
 
   async getCurrentTablePermissions(req) {
     const tablePermissions = await readComplexRolePermissions(-1, 'role_tables');
-    return tablePermissions;
+    return resolvePermissionConnectionIds(tablePermissions);
   }
 
   async getCurrentFilePermissions(req) {

package/src/controllers/connections.js

@@ -202,7 +202,7 @@ module.exports = {
 
     const storageConnections = await storage.connections(req);
     if (storageConnections) {
-      return storageConnections;
+      return storageConnections.map(maskConnection);
     }
     if (portalConnections) {
       if (platformInfo.allowShellConnection) return portalConnections.map(x => encryptConnection(x));
@@ -484,7 +484,7 @@ module.exports = {
 
     const storageConnection = await storage.getConnection({ conid });
     if (storageConnection) {
-      return storageConnection;
+      return mask ? maskConnection(storageConnection) : storageConnection;
     }
 
     if (portalConnections) {
@@ -502,6 +502,9 @@ module.exports = {
         _id: '__model',
       };
     }
+    if (!conid) {
+      return null;
+    }
     await testConnectionPermission(conid, req);
     return this.getCore({ conid, mask: true });
   },

package/src/controllers/databaseConnections.js

@@ -15,6 +15,7 @@ const {
   getLogger,
   extractErrorLogData,
   filterStructureBySchema,
+  serializeJsTypesForJsonStringify,
 } = require('dbgate-tools');
 const { html, parse } = require('diff2html');
 const { handleProcessCommunication } = require('../utility/processComm');
@@ -165,6 +166,11 @@ module.exports = {
     if (!connection) {
       throw new Error(`databaseConnections: Connection with conid="${conid}" not found`);
     }
+
+    if (connection.engine?.endsWith('@rest')) {
+      return { isApiConnection: true };
+    }
+
     if (connection.passwordMode == 'askPassword' || connection.passwordMode == 'askUser') {
       throw new MissingCredentialsError({ conid, passwordMode: connection.passwordMode });
     }
@@ -219,12 +225,13 @@ module.exports = {
       this.close(conid, database, false);
     });
 
-    subprocess.send({
+    const connectMessage = serializeJsTypesForJsonStringify({
       msgtype: 'connect',
       connection: { ...connection, database },
       structure: lastClosed ? lastClosed.structure : null,
       globalSettings: await config.getSettings(),
     });
+    subprocess.send(connectMessage);
     return newOpened;
   },
 
@@ -234,7 +241,8 @@ module.exports = {
     const promise = new Promise((resolve, reject) => {
       this.requests[msgid] = [resolve, reject, additionalData];
       try {
-        conn.subprocess.send({ msgid, ...message });
+        const serializedMessage = serializeJsTypesForJsonStringify({ msgid, ...message });
+        conn.subprocess.send(serializedMessage);
       } catch (err) {
         logger.error(extractErrorLogData(err), 'DBGM-00115 Error sending request do process');
         this.close(conn.conid, conn.database);
@@ -468,6 +476,7 @@ module.exports = {
 
     const databasePermissions = await loadDatabasePermissionsFromRequest(req);
     const tablePermissions = await loadTablePermissionsFromRequest(req);
+    const databasePermissionRole = getDatabasePermissionRole(conid, database, databasePermissions);
     const fieldsAndRoles = [
       [changeSet.inserts, 'create_update_delete'],
       [changeSet.deletes, 'create_update_delete'],
@@ -482,7 +491,7 @@ module.exports = {
           operation.schemaName,
           operation.pureName,
           tablePermissions,
-          databasePermissions
+          databasePermissionRole
         );
         if (getTablePermissionRoleLevelIndex(role) < getTablePermissionRoleLevelIndex(requiredRole)) {
           throw new Error('DBGM-00262 Permission not granted');

package/src/controllers/restConnections.js

@@ -0,0 +1,316 @@
+// *** This file is part of DbGate Premium ***
+
+const crypto = require('crypto');
+const connections = require('./connections');
+const socket = require('../utility/socket');
+const { fork } = require('child_process');
+const _ = require('lodash');
+const AsyncLock = require('async-lock');
+const { handleProcessCommunication } = require('../utility/processComm');
+const lock = new AsyncLock();
+const config = require('./config');
+const processArgs = require('../utility/processArgs');
+const { testConnectionPermission, loadPermissionsFromRequest, hasPermission } = require('../utility/hasPermission');
+const { MissingCredentialsError } = require('../utility/exceptions');
+const pipeForkLogs = require('../utility/pipeForkLogs');
+const { getLogger, extractErrorLogData } = require('dbgate-tools');
+const { sendToAuditLog } = require('../utility/auditlog');
+const { decryptPasswordString } = require('../utility/crypting');
+const { getRestAuthFromConnection } = require('../utility/connectUtility');
+
+const logger = getLogger('restConnection');
+
+module.exports = {
+  opened: [],
+  closed: {},
+  requests: {},
+
+  handle_apiInfo(conid, { apiInfo }) {
+    const existing = this.opened.find(x => x.conid == conid);
+    if (!existing) return;
+    existing.apiInfo = apiInfo;
+    socket.emitChanged(`rest-api-info-changed`, { conid });
+  },
+
+  handle_status(conid, { status }) {
+    const existing = this.opened.find(x => x.conid == conid);
+    if (!existing) return;
+    if (existing.status && status && existing.status.counter > status.counter) return;
+    existing.status = status;
+    socket.emitChanged(`rest-status-changed`, { conid });
+  },
+
+  handle_ping() {},
+
+  handle_response(conid, { msgid, ...response }) {
+    const pending = this.requests[msgid];
+    if (!pending) {
+      logger.warn(
+        `DBGM-00275 restConnections: Received response for unknown or already handled msgid="${msgid}" (conid="${conid}")`
+      );
+      return;
+    }
+    const [resolve, reject] = pending;
+    resolve(response);
+    delete this.requests[msgid];
+  },
+
+  async ensureOpened(conid) {
+    const res = await lock.acquire(conid, async () => {
+      const existing = this.opened.find(x => x.conid == conid);
+      if (existing) return existing;
+
+      const connection = await connections.getCore({ conid });
+      if (!connection) {
+        throw new Error(`restConnections: Connection with conid="${conid}" not found`);
+      }
+
+      if (connection.passwordMode == 'askPassword' || connection.passwordMode == 'askUser') {
+        throw new MissingCredentialsError({ conid, passwordMode: connection.passwordMode });
+      }
+
+      const subprocess = fork(
+        global['API_PACKAGE'] || process.argv[1],
+        ['--is-forked-api', '--start-process', 'restConnectionProcess', ...processArgs.getPassArgs()],
+        {
+          stdio: ['ignore', 'pipe', 'pipe', 'ipc'],
+        }
+      );
+
+      pipeForkLogs(subprocess);
+
+      const newOpened = {
+        conid,
+        subprocess,
+        apiInfo: null,
+        connection,
+        status: {
+          name: 'pending',
+        },
+        disconnected: false,
+      };
+
+      this.opened.push(newOpened);
+      delete this.closed[conid];
+      socket.emitChanged(`rest-status-changed`, { conid });
+
+      subprocess.on('message', message => {
+        // @ts-ignore
+        const { msgtype } = message;
+        if (handleProcessCommunication(message, subprocess)) return;
+        if (newOpened.disconnected) return;
+        const funcName = `handle_${msgtype}`;
+        if (!this[funcName]) {
+          logger.error({ msgtype, conid }, 'DBGM-00276 Unknown message type from subprocess restConnectionProcess');
+          return;
+        }
+        this[funcName](conid, message);
+      });
+
+      subprocess.on('exit', () => {
+        if (newOpened.disconnected) return;
+        this.close(conid, false);
+      });
+
+      subprocess.on('error', err => {
+        logger.error(extractErrorLogData(err), 'DBGM-00277 Error in REST connection subprocess');
+        if (newOpened.disconnected) return;
+        this.close(conid, false);
+      });
+
+      subprocess.send({
+        msgtype: 'connect',
+        connection: { ...connection, restAuth: getRestAuthFromConnection(connection) },
+        globalSettings: await config.getSettings(),
+      });
+      return newOpened;
+    });
+    return res;
+  },
+
+  close(conid, kill = true) {
+    const existing = this.opened.find(x => x.conid == conid);
+    if (existing) {
+      existing.disconnected = true;
+      if (kill) {
+        try {
+          existing.subprocess.kill();
+        } catch (err) {
+          logger.error(extractErrorLogData(err), 'DBGM-00278 Error killing REST subprocess');
+        }
+      }
+      this.opened = this.opened.filter(x => x.conid != conid);
+      this.closed[conid] = {
+        ...existing.status,
+        name: 'error',
+      };
+      socket.emitChanged(`rest-status-changed`, { conid });
+    }
+  },
+
+  disconnect_meta: true,
+  async disconnect({ conid }, req) {
+    await testConnectionPermission(conid, req);
+    await this.close(conid, true);
+    return { status: 'ok' };
+  },
+
+  getApiInfo_meta: true,
+  async getApiInfo({ conid }, req) {
+    if (!conid) return null;
+
+    await testConnectionPermission(conid, req);
+
+    const opened = await this.ensureOpened(conid);
+    sendToAuditLog(req, {
+      category: 'restop',
+      component: 'RestConnectionsController',
+      action: 'getApiInfo',
+      event: 'rest.getApiInfo',
+      severity: 'info',
+      conid,
+      sessionParam: `${conid}`,
+      sessionGroup: 'getApiInfo',
+      message: `Loaded API info for REST connection`,
+    });
+
+    return opened?.apiInfo ?? null;
+  },
+
+  restStatus_meta: true,
+  async restStatus() {
+    return {
+      ...this.closed,
+      ..._.mapValues(_.keyBy(this.opened, 'conid'), 'status'),
+    };
+  },
+
+  ping_meta: true,
+  async ping({ conidArray, strmid }) {
+    await Promise.all(
+      _.uniq(conidArray).map(async conid => {
+        try {
+          const opened = await this.ensureOpened(conid);
+          if (!opened) {
+            return Promise.resolve();
+          }
+          opened.subprocess.send({ msgtype: 'ping' });
+        } catch (err) {
+          logger.error(extractErrorLogData(err), 'DBGM-00279 Error pinging REST connection');
+          this.close(conid);
+        }
+      })
+    );
+    socket.setStreamIdFilter(strmid, { conid: conidArray ?? [] });
+    return { status: 'ok' };
+  },
+
+  refresh_meta: true,
+  async refresh({ conid, keepOpen }, req) {
+    await testConnectionPermission(conid, req);
+    if (!keepOpen) this.close(conid);
+
+    const opened = await this.ensureOpened(conid);
+    return this.sendRequest(opened, { msgtype: 'refresh' });
+  },
+
+  testConnection_meta: true,
+  async testConnection({ conid }, req) {
+    await testConnectionPermission(conid, req);
+    const opened = await this.ensureOpened(conid);
+    if (!opened) {
+      return { errorMessage: 'Could not open REST connection' };
+    }
+    const res = await this.sendRequest(opened, { msgtype: 'testConnection' });
+    if (res.errorMessage) {
+      return {
+        errorMessage: res.errorMessage,
+      };
+    }
+    return { status: 'ok' };
+  },
+
+  async executeCore(msgtype, { conid, method, endpoint, parameters, server }, req) {
+    await testConnectionPermission(conid, req);
+    const opened = await this.ensureOpened(conid);
+    if (!opened) {
+      return { errorMessage: 'Could not open REST connection' };
+    }
+    const auth = getRestAuthFromConnection(opened.connection);
+    return this.sendRequest(opened, {
+      msgtype,
+      method,
+      endpoint,
+      parameters,
+      server,
+      auth,
+    });
+  },
+
+  executeOpenapi_meta: true,
+  async executeOpenapi({ conid, method, endpoint, parameters, server }, req) {
+    return this.executeCore('executeOpenapi', { conid, method, endpoint, parameters, server }, req);
+  },
+
+  executeOdata_meta: true,
+  async executeOdata({ conid, method, endpoint, parameters, server }, req) {
+    return this.executeCore('executeOdata', { conid, method, endpoint, parameters, server }, req);
+  },
+
+  apiQuery_meta: true,
+  async apiQuery({ conid, server, query, variables }, req) {
+    await testConnectionPermission(conid, req);
+    const opened = await this.ensureOpened(conid);
+    if (!opened) {
+      return { errorMessage: 'Could not open REST connection' };
+    }
+    const auth = getRestAuthFromConnection(opened.connection);
+    const res = await this.sendRequest(opened, {
+      msgtype: 'apiQuery',
+      server,
+      query,
+      variables,
+      auth,
+    });
+    return res;
+  },
+
+  loadGraphqlConnectionData_meta: true,
+  async loadGraphqlConnectionData(
+    { conid, server, operationName, projection, queryField, selectedFieldSelection, pageSize, filterParameterName, filterValue },
+    req
+  ) {
+    await testConnectionPermission(conid, req);
+    const opened = await this.ensureOpened(conid);
+    if (!opened) {
+      return { errorMessage: 'Could not open REST connection' };
+    }
+    const auth = getRestAuthFromConnection(opened.connection);
+    return this.sendRequest(opened, {
+      msgtype: 'loadGraphqlConnectionData',
+      server,
+      operationName,
+      projection,
+      queryField,
+      selectedFieldSelection,
+      pageSize,
+      filterParameterName,
+      filterValue,
+      auth,
+    });
+  },
+
+  sendRequest(conn, message) {
+    const msgid = crypto.randomUUID();
+    const promise = new Promise((resolve, reject) => {
+      this.requests[msgid] = [resolve, reject];
+      try {
+        conn.subprocess.send({ msgid, ...message });
+      } catch (err) {
+        logger.error(extractErrorLogData(err), 'DBGM-00280 Error sending request to REST connection');
+        this.close(conn.conid);
+      }
+    });
+    return promise;
+  },
+};

package/src/controllers/runners.js

@@ -172,7 +172,7 @@ module.exports = {
     byline(subprocess.stderr).on('data', pipeDispatcher('error'));
     subprocess.on('exit', code => {
       // console.log('... EXITED', code);
-      this.rejectRequest(runid, { message: 'No data returned, maybe input data source is too big' });
+      this.rejectRequest(runid, { message: 'DBGM-00281 No data returned, maybe input data source is too big' });
       logger.info({ code, pid: subprocess.pid }, 'DBGM-00016 Exited process');
       socket.emit(`runner-done-${runid}`, code);
       this.opened = this.opened.filter(x => x.runid != runid);
@@ -225,7 +225,7 @@ module.exports = {
     subprocess.on('exit', code => {
       console.log('... EXITED', code);
       logger.info({ code, pid: subprocess.pid }, 'DBGM-00017 Exited process');
-      this.dispatchMessage(runid, `Finished external process with code ${code}`);
+      this.dispatchMessage(runid, `DBGM-00282 Finished external process with code ${code}`);
       socket.emit(`runner-done-${runid}`, code);
       if (onFinished) {
         onFinished();
@@ -233,7 +233,7 @@ module.exports = {
       this.opened = this.opened.filter(x => x.runid != runid);
     });
     subprocess.on('spawn', () => {
-      this.dispatchMessage(runid, `Started external process ${command}`);
+      this.dispatchMessage(runid, `DBGM-00283 Started external process ${command}`);
     });
     subprocess.on('error', error => {
       console.log('... ERROR subprocess', error);
@@ -279,7 +279,7 @@ module.exports = {
     if (script.type == 'json') {
       if (!platformInfo.isElectron) {
         if (!checkSecureDirectoriesInScript(script)) {
-          return { errorMessage: 'Unallowed directories in script' };
+          return { errorMessage: 'DBGM-00284 Unallowed directories in script' };
         }
       }
 
@@ -299,10 +299,10 @@ module.exports = {
         action: 'script',
         severity: 'warn',
         detail: script,
-        message: 'Scripts are not allowed',
+        message: 'DBGM-00285 Scripts are not allowed',
       });
 
-      return { errorMessage: 'Shell scripting is not allowed' };
+      return { errorMessage: 'DBGM-00286 Shell scripting is not allowed' };
     }
 
     sendToAuditLog(req, {
@@ -312,7 +312,7 @@ module.exports = {
       action: 'script',
       severity: 'info',
       detail: script,
-      message: 'Running JS script',
+      message: 'DBGM-00287 Running JS script',
     });
 
     return this.startCore(runid, scriptTemplate(script, false));
@@ -327,7 +327,7 @@ module.exports = {
   async cancel({ runid }) {
     const runner = this.opened.find(x => x.runid == runid);
     if (!runner) {
-      throw new Error('Invalid runner');
+      throw new Error('DBGM-00288 Invalid runner');
     }
     runner.subprocess.kill();
     return { state: 'ok' };
@@ -353,7 +353,7 @@ module.exports = {
   async loadReader({ functionName, props }) {
     if (!platformInfo.isElectron) {
       if (props?.fileName && !checkSecureDirectories(props.fileName)) {
-        return { errorMessage: 'Unallowed file' };
+        return { errorMessage: 'DBGM-00289 Unallowed file' };
       }
     }
     const prefix = extractShellApiPlugins(functionName)
@@ -371,7 +371,7 @@ module.exports = {
   scriptResult_meta: true,
   async scriptResult({ script }) {
     if (script.type != 'json') {
-      return { errorMessage: 'Only JSON scripts are allowed' };
+      return { errorMessage: 'DBGM-00290 Only JSON scripts are allowed' };
     }
 
     const promise = new Promise(async (resolve, reject) => {

package/src/controllers/serverConnections.js

@@ -171,7 +171,7 @@ module.exports = {
       const databasePermissions = await loadDatabasePermissionsFromRequest(req);
       const res = [];
       for (const db of opened?.databases ?? []) {
-        const databasePermissionRole = getDatabasePermissionRole(db.id, db.name, databasePermissions);
+        const databasePermissionRole = getDatabasePermissionRole(conid, db.name, databasePermissions);
         if (databasePermissionRole != 'deny') {
           res.push({
             ...db,

package/src/controllers/storage.js

@@ -1173,7 +1173,7 @@ module.exports = {
 
     // Store token in database
     await storageSqlCommandFmt(
-      'insert into ~password_reset_tokens (~user_id, ~token, ~created_at, ~expires_at) values (%v, %v, %v, %v)',
+      'insert into ~user_password_reset_tokens (~user_id, ~token, ~created_at, ~expires_at) values (%v, %v, %v, %v)',
       user.id,
       token,
       format(now, "yyyy-MM-dd'T'HH:mm:ss"),
@@ -1219,7 +1219,7 @@ DbGate Team
       // Cleanup: delete the password reset token that was inserted before sending the email
       try {
         await storageSqlCommandFmt(
-          'delete from ~password_reset_tokens where ~token = %v and ~used_at is null',
+          'delete from ~user_password_reset_tokens where ~token = %v and ~used_at is null',
           token
         );
       } catch (cleanupErr) {
@@ -1238,7 +1238,7 @@ DbGate Team
   async resetPassword({ token, newPassword }, req) {
     // Find valid token
     const tokens = await storageSelectFmt(
-      'select * from ~password_reset_tokens where ~token = %v and ~used_at is null and ~expires_at > %v',
+      'select * from ~user_password_reset_tokens where ~token = %v and ~used_at is null and ~expires_at > %v',
       token,
       format(new Date(), "yyyy-MM-dd'T'HH:mm:ss")
     );
@@ -1265,7 +1265,7 @@ DbGate Team
 
     // Mark token as used
     await storageSqlCommandFmt(
-      'update ~password_reset_tokens set ~used_at = %v where ~id = %v',
+      'update ~user_password_reset_tokens set ~used_at = %v where ~id = %v',
       format(new Date(), "yyyy-MM-dd'T'HH:mm:ss"),
       resetToken.id
     );

package/src/controllers/storageDb.js

@@ -247,6 +247,24 @@ async function readComplexRolePermissions(roleId, rolePermissionsTable) {
   return rolePermissionsResp;
 }
 
+async function resolvePermissionConnectionIds(permissionRows) {
+  if (!permissionRows || permissionRows.length === 0) return permissionRows;
+
+  const connectionIds = Array.from(new Set(permissionRows.filter(r => r.connection_id).map(r => r.connection_id)));
+  if (connectionIds.length === 0) return permissionRows;
+
+  const conidMap = {};
+  const rows = await storageSelectFmt('select ~id, ~conid from ~connections where ~id in (%,v)', connectionIds);
+  for (const row of rows ?? []) {
+    conidMap[row.id] = row.conid;
+  }
+
+  return permissionRows.map(r => ({
+    ...r,
+    connection_conid: r.connection_id ? conidMap[r.connection_id] ?? null : null,
+  }));
+}
+
 async function loadSuperadminPermissions() {
   const rolePermissions = await storageReadRolePermissions(-3);
   return [...getPredefinedPermissions('superadmin'), ...rolePermissions];
@@ -496,10 +514,12 @@ function getStorageConnectionError() {
 async function selectStorageIdentity(tableName) {
   const [conn, driver] = await getStorageConnection();
 
+  const tableDefinition = storageModel.tables?.find(t => t.pureName === tableName);
+
   const resp = await runQueryOnDriver(conn, driver, dmp =>
     dmp.selectScopeIdentity(
       // @ts-ignore
-      { pureName: tableName }
+      tableDefinition || { pureName: tableName }
     )
   );
 
@@ -1098,6 +1118,7 @@ module.exports = {
   storageSaveDetailPermissionsDiff,
   readComplexUserRolePermissions,
   readComplexRolePermissions,
+  resolvePermissionConnectionIds,
   storageCheckRoleConnectionAccess,
   storageCheckUserRoleConnectionAccess,
   storageCreateTeamFile,

package/src/currentVersion.js

@@ -1,5 +1,5 @@
 
 module.exports = { 
-  version: '7.0.6',
-  buildTime: '2026-02-13T08:57:35.650Z'
+  version: '7.1.1',
+  buildTime: '2026-02-27T15:10:53.579Z'
 };