piper-utils 1.1.60 → 1.1.61

package/bin/main.js

@@ -1,362 +1,1264 @@
-/******/(()=>{// webpackBootstrap
-/******/"use strict";
-/******/var __webpack_modules__={
-/***/31(module){module.exports=require("sequelize");
-/***/},
-/***/43(module){module.exports=require("@aws-sdk/client-s3");
-/***/},
-/***/59(module){module.exports=require("dayjs/plugin/customParseFormat");
-/***/},
-/***/64(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.default=void 0;var _libDynamodb=__webpack_require__(515),_clientDynamodb=__webpack_require__(929);const dynamoUtil={get:params=>
+/******/ (() => { // webpackBootstrap
+/******/ 	"use strict";
+/******/ 	var __webpack_modules__ = ({
+
+/***/ "./src/database/dbSetup/migrations.js"
+/*!********************************************!*\
+  !*** ./src/database/dbSetup/migrations.js ***!
+  \********************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.runMigrations = runMigrations;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));
+var _umzug = __webpack_require__(/*! umzug */ "umzug");function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
 /**
- * @param {{TableName:string, Key:{key:string}}} params
+ * Execute database migrations
+ * @param {string} databaseName - name of database to create (or verify existence)
+ * @param {object} sequelizeInstance - instance of Sequelize (must be initialized)
+ * @param {function} initializeModels - function to run to sync Sequelize models with database
+ * @param {string} pathToMigrationFolder - pass in the path if using windows. windows and linux PWD will be different
  */
-async function get(params){return _libDynamodb.DynamoDBDocument.from(new _clientDynamodb.DynamoDB).get(params)}(params)};exports.default=dynamoUtil;
-/***/},
-/***/95(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.handleDirectS3WriteEvent=function handleDirectS3WriteEvent(event,transformer,errorHandlerPerFile,shouldSkipFailedFolders=!1,userImportTypes){if(!event||!event.Records)return _bluebird.default.resolve();let hasErrors=!1;return _bluebird.default.map(event.Records,record=>{const s3Bucket=record.s3.bucket.name,file=record.s3.object.key||[];let path=decodeURIComponent(file);if(path)return(0,_handleFile.handleFile)(path,s3Bucket,transformer,{shouldSkipFailedFolders,userImportTypes}).catch(err=>{errorHandlerPerFile&&!errorHandlerPerFile(err,path)&&(console.error("HANDLE-FILE-CATCH:",err),hasErrors=!0)})}).then(()=>{if(hasErrors)throw new Error("ERROR: HANDLE-FILE (DIRECT S3 EVENT)")})}
-/***/,exports.handleEvents=function handleEvents(event,transformer,errorHandlerPerFile,shouldSkipFailedFolders=!1,userImportTypes){if(!event||!event.Records)return _bluebird.default.resolve();let hasErrors=!1;return _bluebird.default.map(event.Records,record=>{const snsInfo=JSON.parse(_lodash.default.get(record,"Sns.Message","{}")),s3Bucket=snsInfo.bucket,files=snsInfo.files||[];return _bluebird.default.map(files,file=>{let path=decodeURIComponent(file);if(path)return(0,_handleFile.handleFile)(path,s3Bucket,transformer,{shouldSkipFailedFolders,userImportTypes}).catch(err=>{errorHandlerPerFile&&!errorHandlerPerFile(err,path)&&(console.error("HANDLE-FILE-CATCH: ",err),hasErrors=!0)})})}).then(()=>{if(hasErrors)throw new Error("ERROR: HANDLE-FILE")})};var _handleFile=__webpack_require__(876),_lodash=_interopRequireDefault(__webpack_require__(825)),_bluebird=_interopRequireDefault(__webpack_require__(564));function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}},
-/***/137(module){module.exports=require("dayjs/plugin/utc.js");
-/***/},
-/***/183(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.watchBucket=
-/**
- * bucket watcher watches a s3 bucket and publishes events to a sns topic, this allows you to process files in s3 with a some transformer function
- * prefix objects with DIRECT to listen to direct s3 events
- *
- * @param {object} params - The parameters for watchBucket, see below
- * @param {object} params.event - The event of the lambda
- * @param {string} params.dynamoConfigTable - The Dynamo DB table where to get the chunkSize and maxMessage size
- * @param {string} params.dynamoConfigKey - The key to the item in the Dynamo DB table that holds the chunkSize and maxMessage size
- * @param {string} params.s3Bucket - The name of the s3 bucket to watch, when you drop items into this table events will be created
- * @param {string} params.snsTopic - The name of the snsEvent to publish
- * @param {function} params.transformer - the function to run on each file
- * @param {function} [params.errorHandlerPerFile] - the function to run on as a catch on each file
- * @param {boolean} [params.shouldSkipFailedFolders] - whether to use the failed-once, failed-twice, error or just error folders
- * @param {object} [params.userImportTypes] - user import subdirectories object map
+async function runMigrations(databaseName,
+sequelizeInstance,
+initializeModels,
+pathToMigrationFolder = `${process.env.PWD}/migrations/*.js`) {
+  const umzug = new _umzug.Umzug({
+    migrations: { glob: pathToMigrationFolder },
+    context: sequelizeInstance.getQueryInterface(),
+    storage: new _umzug.SequelizeStorage({ sequelize: sequelizeInstance }),
+    logger: console
+  });
+
+  const pendingMigrations = await umzug.pending();
+  console.log('------->UTIL Pending Migrations:', pendingMigrations, pathToMigrationFolder);
+  await umzug.up().catch((upError) => {
+    console.error('Migration Error: ', upError);
+    return umzug.down({
+      migrations: _lodash.default.chain(pendingMigrations).
+      map('file').
+      reverse().
+      value()
+    }).then(() => {
+      const msg = 'UTIL Error: Error with migrating up:' + upError;
+      console.error(msg);
+      throw new Error(msg);
+    }, (downError) => {
+      const msg = 'UTIL Error: Error with migrating down:' + downError;
+      console.error(msg);
+      throw new Error(msg);
+    });
+  });
+
+  // The following line is needed to sync (create) tables, but not to database updates
+  // in the past it worked to leave it in, but now the tags module causes foreign key problems
+  // The tables are still initiated by being passed in to run migrations
+  await initializeModels();
+}
+
+/***/ },
+
+/***/ "./src/database/dbUtils/queryStringUtils/accessRightsUtils.js"
+/*!********************************************************************!*\
+  !*** ./src/database/dbUtils/queryStringUtils/accessRightsUtils.js ***!
+  \********************************************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.accessRightsUtils = accessRightsUtils;exports.checkIsSuper = checkIsSuper;exports.checkModule = checkModule;exports.checkWriteAccess = checkWriteAccess;exports.enrichEventWithPartnerAccess = enrichEventWithPartnerAccess;exports.getAccessRightsInfo = getAccessRightsInfo;exports.getBelongsToPartnerId = getBelongsToPartnerId;exports.getBusinessesInfo = getBusinessesInfo;exports.getCompanySettings = getCompanySettings;exports.getDefaultBusinessIDInfo = getDefaultBusinessIDInfo;exports.getEffectivePartnerId = getEffectivePartnerId;exports.getModuleInfo = getModuleInfo;exports.getRequestedBusinessIds = getRequestedBusinessIds;exports.isPartnerUser = isPartnerUser;exports.isSuperUser = isSuperUser;exports.isSystemUser = isSystemUser;exports.userDefaultBid = userDefaultBid;exports.userRoles = void 0;var _lodash = _interopRequireWildcard(__webpack_require__(/*! lodash */ "lodash"));
+var _errorCodes = __webpack_require__(/*! ../../../requestResponse/errorCodes.js */ "./src/requestResponse/errorCodes.js");
+var _requestResponse = __webpack_require__(/*! ../../../requestResponse/requestResponse.js */ "./src/requestResponse/requestResponse.js");function _interopRequireWildcard(e, t) {if ("function" == typeof WeakMap) var r = new WeakMap(),n = new WeakMap();return (_interopRequireWildcard = function (e, t) {if (!t && e && e.__esModule) return e;var o,i,f = { __proto__: null, default: e };if (null === e || "object" != typeof e && "function" != typeof e) return f;if (o = t ? n : r) {if (o.has(e)) return o.get(e);o.set(e, f);}for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]);return f;})(e, t);}
+
+function isSystemUser(event) {
+  let jsonToParse = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:SYSTEM') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:SYSTEM') ||
+  'false';
+  let isSys = false;
+  try {
+    isSys = JSON.parse(jsonToParse);
+    return isSys;
+  } catch (e) {
+    console.error('error with system user:', e);
+
+    return false;
+  }
+}
+
+function isSuperUser(event) {
+  let jsonToParse = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:SUPER') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:SUPER') ||
+  'false';
+  let isSys = false;
+
+  try {
+    isSys = JSON.parse(jsonToParse);
+
+    return isSys;
+  } catch (e) {
+
+    return false;
+  }
+}
+
+/**
+ * Throws unauthorized error if the user is not a super user.
+ * Mirrors the behavior and style of checkModule but focused on SUPER role.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
  */
-function watchBucket({event,dynamoConfigTable,dynamoConfigKey,s3Bucket,snsTopic,transformer,errorHandlerPerFile=_lodash.default.noop,shouldSkipFailedFolders=!1,userImportTypes}){if(!(event&&dynamoConfigTable&&dynamoConfigKey&&s3Bucket&&snsTopic&&transformer))throw new Error("Missing required parameters. Need event, dynamoConfigTable, dynamoConfigKey, s3Bucket, snsTopic, transformer");const EventSource=_lodash.default.get(event,"Records[0].eventSource")||_lodash.default.get(event,"Records[0].EventSource");if(_lodash.default.isEqual(EventSource,"aws:sns"))return(0,_handleEvents.handleEvents)(event,transformer,errorHandlerPerFile,shouldSkipFailedFolders,userImportTypes);if(!_lodash.default.isEqual(EventSource,"aws:s3"))
-// the function is being run from the cron job so publish SNS events
-return(0,_publishEvents.publishEvents)(dynamoConfigTable,dynamoConfigKey,s3Bucket,snsTopic,userImportTypes);{const failedOnce="failed-once",failedTwice="failed-twice",error="error",direct="DIRECT",key=_lodash.default.get(event,"Records[0].s3.object.key")||"",startsWithDirect=_lodash.default.startsWith(key,direct);if(key.includes(failedOnce)||key.includes(failedTwice)||key.includes(error))
-// this used to throw, but the throw raised useless alarms, I believed turing throw in to a return was ok
-return;if(startsWithDirect)return console.log("-------\x3eDIRECT WRITE FIRE"),(0,_handleEvents.handleDirectS3WriteEvent)(event,transformer,errorHandlerPerFile,shouldSkipFailedFolders,userImportTypes)}}
-/***/;var _publishEvents=__webpack_require__(864),_handleEvents=__webpack_require__(95),_lodash=function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}(__webpack_require__(825))},
-/***/207(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.addFiltersFromSchema=addFiltersFromSchema,exports.defaultFilters=
-/**
- * Create an object with default filters for a given sequeliaze Schema Object, and set of sub schemas
- *
- * @param {object} schema - type is sequelize data type
- * @param {object} subSchemas - An object with alias as the key and sequelize schema as the value http://docs.sequelizejs.com/class/lib/sequelize.js~Sequelize.html#instance-method-define
- * sub schema can be {location: locationSchema} or {location: {as: "asAlias", schema: schema}}
- * @returns {object} An Object with a default filter for each dataType CHAR and TEXT will get a $like operator, INTEGER, DECIMAL and BOOLEAN will get a $eq.
+function checkIsSuper(event) {
+  // Super or System users are always allowed
+  if (isSuperUser(event)) {
+    return;
+  }
+  if (isSystemUser(event)) {
+    return;
+  }
+
+  // In local builds allow bypass to ease development and tests
+  if (process.env.BUILD_ENV === 'local') {
+    return;
+  }
+
+  throw _errorCodes.errorList.unauthorized;
+}
+
+/**
+ * Get the allowed businessIds for a user from the lambda event, compare it to businessIds, return what user has access to.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @param {{useCognitoBid:boolean}} [options] - An object with options, useCognitoBid prefers the businessId set in cognito if set and does not return the local bid of 1 if a bid is in the claim.
+ * @returns {array} A  list of businessIds that have been requested and are allowed to for some user.
  */
-function defaultFilters(schema,subSchemas={}){schema=_lodash.default.clone(schema);const filters={};return addFiltersFromSchema(schema,filters),Object.keys(subSchemas).forEach(key=>{addFiltersFromSchema(subSchemas[key],filters,key)}),filters};var _lodash=_interopRequireDefault(__webpack_require__(825)),_sequelize=_interopRequireDefault(__webpack_require__(31));function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}function addFiltersFromSchema(schema,filters,keyPrefix=""){const asLinkAlias=_lodash.default.get(schema,"as",null);return schema=_lodash.default.get(schema,"schema")||schema,Object.keys(schema).reduce((acc,item)=>{let key=item;if(asLinkAlias&&(acc[asLinkAlias]={type:_sequelize.default.STRING,filterType:_sequelize.default.Op.eq}),keyPrefix&&(key=`${keyPrefix}.${item}`),schema[item].filterType)return acc[key]={filterType:schema[item].filterType},acc;const itemType=schema[item].type;
-//new sequelize uses class symbols instead of objects
-return itemType instanceof _sequelize.default.STRING||itemType instanceof _sequelize.default.CHAR||itemType instanceof _sequelize.default.TEXT?acc[key]={filterType:_sequelize.default.Op.iLike}:itemType instanceof _sequelize.default.DECIMAL||itemType instanceof _sequelize.default.INTEGER||itemType instanceof _sequelize.default.BIGINT?acc[key]={filterType:_sequelize.default.Op.or}:itemType instanceof _sequelize.default.BOOLEAN?acc[key]={type:_sequelize.default.BOOLEAN,filterType:_sequelize.default.Op.eq}:itemType instanceof _sequelize.default.JSONB||itemType===_sequelize.default.JSONB?acc[key]={type:"jsonb",field:item}:itemType instanceof _sequelize.default.DATE?acc[key]={filterType:_sequelize.default.Op.between}:itemType instanceof _sequelize.default.DATEONLY&&(acc[key]={filterType:_sequelize.default.Op.eq}),
-//these are automatically part of the models, so add them always
-acc.createdAt={type:_sequelize.default.DATE,filterType:_sequelize.default.Op.between},acc.updatedAt={type:_sequelize.default.DATE,filterType:_sequelize.default.Op.between},acc.id={type:_sequelize.default.INTEGER,filterType:_sequelize.default.Op.eq},acc},filters)}
-/***/},
-/***/288(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.createFilters=void 0;var _lodash=_interopRequireDefault(__webpack_require__(825)),_sequelize=_interopRequireDefault(__webpack_require__(31)),_dayjs=_interopRequireDefault(__webpack_require__(293)),_utc=_interopRequireDefault(__webpack_require__(137)),_errorCodes=__webpack_require__(953),_accessRightsUtils=__webpack_require__(673);function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}_dayjs.default.extend(_utc.default);exports.createFilters=function(event,objectFilters){let query=_lodash.default.get(event,"queryStringParameters",{})||{};
-// Extract the three convenience params before iterating.
-// These are handled separately from the per-field filter logic below.
-const searchString=_lodash.default.get(query,"searchString"),startDate=_lodash.default.get(query,"startDate"),endDate=_lodash.default.get(query,"endDate"),caseInsensitiveConditions=[],where=Object.keys(query).reduce((acc,item)=>{const val=_lodash.default.get(objectFilters,item,null);if(val){
-// JSONB fields are handled entirely in Step 4 below.
-// Skip them here so they don't fall into the catch-all else branch.
-if("jsonb"===val.type)return acc;
-// Dot-notation keys (e.g. "snowman.snowmanType") reference columns
-// on joined/included models. Sequelize requires these to be wrapped
-// in $...$ syntax in the WHERE object so it can resolve them.
-const itemName=item.includes(".")?`$${item}$`:item;
-// STRING / CHAR / TEXT fields — case-insensitive partial match
-// Generates: WHERE LOWER("column") LIKE '%lowered_value%'
-if(val.filterType===_sequelize.default.Op.iLike)caseInsensitiveConditions.push(_sequelize.default.where(_sequelize.default.fn("LOWER",_sequelize.default.col(item)),{[_sequelize.default.Op.like]:`%${query[item]?.toLowerCase()}%`}));
-// INTEGER / DECIMAL fields — match positive or negative value
-// Generates: WHERE "column" IN (-value, value)
-// Useful for fields like amounts where sign may vary.
-else if(val.filterType===_sequelize.default.Op.or)acc[itemName]={},acc[itemName][val.filterType]=[-1*+query[item],+query[item]];else if(val.filterType===_sequelize.default.Op.in)acc[itemName]={},acc[itemName][val.filterType]=query[item].split(",");else{let parsedJson;acc[itemName]={};try{parsedJson=JSON.parse(query[item])}catch(e){parsedJson=query[item]}acc[itemName][val.filterType]=parsedJson}
-// BOOLEAN override — runs after the block above so it can replace
-// the value set by the catch-all. Query strings are always strings
-// ("true", "false", "null"), so we coerce them to actual booleans/null.
-if(val.type===_sequelize.default.BOOLEAN){const queryValue=_lodash.default.get(query,item,"").toLowerCase(),booleanMap={false:!1,null:null,true:!0};acc[itemName][val.filterType]=booleanMap[queryValue]}}return acc},{});
-// Merge the case-insensitive string conditions into WHERE using Op.and.
-// This keeps them alongside the key-based conditions built above.
-// Example result: WHERE decimal = 100 AND LOWER("name") LIKE '%john%'
-caseInsensitiveConditions.length&&(where[_sequelize.default.Op.and]=[...where[_sequelize.default.Op.and]||[],...caseInsensitiveConditions]),
-// ──────────────────────────────────────────────────────────────────────
-// STEP 2 — Apply automatic filters (active flag, businessId, dates)
-// These are appended to every query regardless of what the caller sent.
-// ──────────────────────────────────────────────────────────────────────
-// If the model has an "active" column and the caller did not explicitly
-// filter by it, default to only returning active records.
-objectFilters?.active&&!where?.active&&(where.active=!0);
-// Scope every query to the caller's authorized business IDs.
-// accessRightsUtils extracts them from the JWT claims on the event.
-const filterAdds={businessId:(0,_accessRightsUtils.accessRightsUtils)(event)};
-// Date range filter — when both startDate and endDate are provided,
-// automatically filter createdAt with a BETWEEN clause.
-// Generates: WHERE "createdAt" BETWEEN '2024-01-01' AND '2024-12-31'
-if(startDate&&endDate){const s=_dayjs.default.utc(startDate),e=_dayjs.default.utc(endDate),dates={[_sequelize.default.Op.between]:[s.toDate(),e.toDate()]};if(!s.isValid())throw{..._errorCodes.errorList.invalidStartDate};if(!e.isValid())throw{..._errorCodes.errorList.invalidEndDate};filterAdds.createdAt=dates}
-// ──────────────────────────────────────────────────────────────────────
-// STEP 3 — searchString: search one value across many fields with OR
-
-// When ?searchString=john is provided, we build an OR array that checks
-// every filterable field for a match. This lets a single search box
-// query across name, title, email, etc. simultaneously.
-
-// String fields (Op.iLike) get a case-insensitive LOWER + LIKE condition.
-// Numeric fields (Op.eq) get an exact match, but only when the search
-// value is a valid number (and the field is not a boolean).
-
-// Generates: WHERE (LOWER("name") LIKE '%john%'
-//              OR   LOWER("title") LIKE '%john%'
-//              OR   "id" = 123)
-// ──────────────────────────────────────────────────────────────────────
-if(searchString){const adds=Object.keys(objectFilters).reduce((acc,item)=>{const type=objectFilters[item].filterType,dataType=objectFilters[item].type;
-// Numeric fields — exact match only when the search value is numeric.
-// Booleans are excluded because a search for "1" should not match
-// boolean true.
-if(
-// String fields — case-insensitive partial match via LOWER + LIKE
-type===_sequelize.default.Op.iLike&&acc.push(_sequelize.default.where(_sequelize.default.fn("LOWER",_sequelize.default.col(item)),{[_sequelize.default.Op.like]:`%${query.searchString.toLowerCase()}%`})),!(_lodash.default.isNaN(Number(query.searchString))||dataType instanceof _sequelize.default.BOOLEAN)&&type===_sequelize.default.Op.eq){const newOr={};newOr[item.includes(".")?`$${item}$`:item]={[_sequelize.default.Op.eq]:`${query.searchString}`},acc.push(newOr)}return acc},[]);filterAdds[_sequelize.default.Op.or]=adds}
-// Merge the automatic filters (businessId, createdAt, searchString OR)
-// into the where object built in Step 1.
-const withDate=Object.assign(where,filterAdds);
-// ──────────────────────────────────────────────────────────────────────
-// STEP 4 — JSONB field filters: case-insensitive search inside JSON columns
-
-// JSONB columns store structured data (e.g. a "token" column containing
-// { cardType: "mastercard", cardHolderName: "GREGORY HERBERT" }).
-
-// Query params use dot-notation to target nested keys:
-//   ?token.cardHolderName=gregory
-//   ?paymentProviderData.payment.result.message=approved
-
-// For each matching param we:
-//   1. Split the path after the column prefix into individual key segments
-//   2. Use jsonb_extract_path_text(column, key1, key2, ...) to pull the
-//      value out of the JSON as plain text
-//   3. Wrap it in LOWER() and compare with Op.like for case-insensitive match
-
-// Generates: WHERE LOWER(jsonb_extract_path_text("token", 'cardHolderName'))
-//              LIKE '%gregory%'
-
-// jsonb_extract_path_text is used via DB.fn() so Sequelize parameterizes
-// the path arguments, keeping it safe from SQL injection.
-// ──────────────────────────────────────────────────────────────────────
-return Object.keys(objectFilters||{}).forEach(k=>{const def=objectFilters[k];if(def&&"jsonb"===def.type&&def.field){const prefix=`${def.field}.`;Object.keys(query).forEach(qKey=>{if(qKey.startsWith(prefix)){
-// Dot-notation: ?token.cardHolderName=gregory
-// e.g. "token.cardHolderName" -> pathParts = ["cardHolderName"]
-// e.g. "data.payment.result.message" -> pathParts = ["payment","result","message"]
-const pathParts=qKey.substring(prefix.length).split("."),value=query[qKey];withDate[_sequelize.default.Op.and]||(withDate[_sequelize.default.Op.and]=[]),withDate[_sequelize.default.Op.and].push(_sequelize.default.where(_sequelize.default.fn("LOWER",_sequelize.default.fn("jsonb_extract_path_text",_sequelize.default.col(def.field),...pathParts)),{[_sequelize.default.Op.like]:`%${value?.toLowerCase()}%`}))}else if(qKey===def.field){
-// JSON-object-as-value: ?token={"cardHolderName":"Test"}
-// Parse the JSON and create a condition for each key-value pair.
-// Nested objects are flattened recursively into deeper path segments.
-let parsed;try{parsed=JSON.parse(query[qKey])}catch(e){return}if(parsed&&"object"==typeof parsed&&!Array.isArray(parsed)){const addJsonbConditions=(obj,pathParts)=>{Object.entries(obj).forEach(([key,value])=>{const currentPath=[...pathParts,key];value&&"object"==typeof value&&!Array.isArray(value)?addJsonbConditions(value,currentPath):null===value||Array.isArray(value)||(withDate[_sequelize.default.Op.and]||(withDate[_sequelize.default.Op.and]=[]),withDate[_sequelize.default.Op.and].push(_sequelize.default.where(_sequelize.default.fn("LOWER",_sequelize.default.fn("jsonb_extract_path_text",_sequelize.default.col(def.field),...currentPath)),{[_sequelize.default.Op.like]:`%${String(value)?.toLowerCase()}%`})))})};addJsonbConditions(parsed,[])}}})}}),withDate}},
-/***/293(module){module.exports=require("dayjs");
-/***/},
-/***/306(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.default=void 0;var _clientSns=__webpack_require__(793);const SNSUtil={publish:params=>async function publish(params){const sns=new _clientSns.SNS;return await sns.publish(params)}(params),createTopic:params=>async function createTopic(params){const sns=new _clientSns.SNS;return await sns.createTopic(params)}(params)};exports.default=SNSUtil;
-/***/},
-/***/394(module){module.exports=require("dayjs/plugin/isSameOrBefore");
-/***/},
-/***/515(module){module.exports=require("@aws-sdk/lib-dynamodb");
-/***/},
-/***/564(module){module.exports=require("bluebird");
-/***/},
-/***/673(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.accessRightsUtils=accessRightsUtils,exports.checkIsSuper=
-/**
- * Throws unauthorized error if the user is not a super user.
- * Mirrors the behavior and style of checkModule but focused on SUPER role.
- *
- * @param {object} event - The lambda event passed in by a validated api request.
+function accessRightsUtils(event, options) {
+  const useCognitoBid = _lodash.default.get(options, 'useCognitoBid', false);
+  const requestedBusinessIds = getRequestedBusinessIds(event);
+  const allowedBusinessIds = getAllowedBusinessIds(event, useCognitoBid);
+
+  if (isSuperUser(event)) {
+    let v = requestedBusinessIds;
+    if (_lodash.default.isEmpty(requestedBusinessIds)) {
+      v = allowedBusinessIds;
+    }
+
+    return v;
+  }
+  if (isSystemUser(event)) {
+    return requestedBusinessIds;
+  }
+
+  if (requestedBusinessIds.length === 0) {
+    return allowedBusinessIds;
+  }
+
+  return _lodash.default.intersection(requestedBusinessIds, allowedBusinessIds);
+}
+
+/**
+ * Get the businessID set in cognito as custom:DBI.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {string} The businessID set in cognito as custom:DBI
  */
-function checkIsSuper(event){
-// Super or System users are always allowed
-if(isSuperUser(event))return;if(isSystemUser(event))return;
-// In local builds allow bypass to ease development and tests
-if("local"===process.env.BUILD_ENV)return;throw _errorCodes.errorList.unauthorized}
-/**
- * Get the allowed businessIds for a user from the lambda event, compare it to businessIds, return what user has access to.
- *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @param {{useCognitoBid:boolean}} [options] - An object with options, useCognitoBid prefers the businessId set in cognito if set and does not return the local bid of 1 if a bid is in the claim.
- * @returns {array} A  list of businessIds that have been requested and are allowed to for some user.
- */,exports.checkModule=
-/**
- * Get the modules listed in custom:MOD.
- *
- * @param {string} moduleName - A sting name for a module.
- * @param {object} event - The lambda event passed in by a validated api request.
- * @returns {array} The Module access list
+function userDefaultBid(event) {
+  let jsonToParse = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:DBI') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:DBI') ||
+  '{}';
+
+  const dbi = JSON.parse(jsonToParse);
+  return _lodash.default.get(dbi, 'defaultBid', '') || '1';
+}
+
+/**
+ * Get  requested businessIds from the query string.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {array} The businessID requested by the query string
  */
-function checkModule(moduleName,event){const moduleRights=getModuleInfo(event);let allowAccess=_lodash.default.get(moduleRights,moduleName,!1);if(isSuperUser(event))return;if(isSystemUser(event))return;if("local"===process.env.BUILD_ENV)return;if(!allowAccess)throw _errorCodes.errorList.unauthorized},exports.checkWriteAccess=
-/**
- * @param {{body: string}} event
- * @param {{useCognitoBid:boolean}} [options] - An object with options, useCognitoBid prefers the businessId set in cognito if set and does not return the local bid of 1 if a bid is in the claim.
- * @returns {string} businessId
+function getRequestedBusinessIds(event) {
+  let requestedBusinessIds = _lodash.default.get(event, 'queryStringParameters.businessIds', null);
+  const body = (0, _requestResponse.parseBody)(event);
+  const bodyBid = body?.businessId;
+  if (requestedBusinessIds) {
+    return requestedBusinessIds ? requestedBusinessIds.split(',') : [];
+  } else if (bodyBid) {
+    return [bodyBid];
+  } else {
+    return [];
+  }
+}
+
+/**
+ * Get the allowed businessIds for a user from cognito custom:AR property.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @param useCognitoBid
+ * @returns {array} The businessID requested by the query string
  */
-function checkWriteAccess(event,options){const eventBody=(0,_requestResponse.parseBody)(event),businessId=(accessRightsUtils(event,options)||[]).find(id=>id===eventBody.businessId),userRight=getBusinessesInfo(event)[businessId];if(isSuperUser(event))return eventBody.businessId;if(isSystemUser(event))return eventBody.businessId;if("local"===process.env.BUILD_ENV)return eventBody.businessId;if(userRight!==userRoles.admin&&userRight!==userRoles.write||!userRight)throw _errorCodes.errorList.unauthorized;return businessId}
-/***/,exports.enrichEventWithPartnerAccess=
-/**
- * Enrich the event's custom:AR with partner business IDs in-memory.
- * Call this BEFORE accessRightsUtils() or getBusinessesInfo() so that
- * partner admins (custom:PID) get access to their partner's merchants.
- *
- * This keeps accessRightsUtils synchronous — the DB lookup is done by the caller.
- *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @param {string[]} partnerBusinessIds - Array of business IDs from the partner record.
- * @param {string} [role='R'] - Access role to assign (default: Read).
+function getAllowedBusinessIds(event, useCognitoBid) {
+  const businesses = getBusinessesInfo(event, useCognitoBid);
+  return Object.keys(businesses);
+}
+
+function getAccessRightsInfo(event) {
+  let jsonToParse = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:AR') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:AR') ||
+  '{}';
+  const accessRights = JSON.parse(jsonToParse);
+  return _lodash.default.get(accessRights, 'businessIds', {});
+}
+
+function getDefaultBusinessIDInfo(event) {
+  let jsonToParse = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:DBI') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:DBI') ||
+  '{}';
+  const dbi = JSON.parse(jsonToParse);
+
+  return _lodash.default.get(dbi, 'defaultBid', '1');
+}
+
+function getBusinessesInfo(event, useCognitoBid = false) {
+  const json = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:AR') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:AR') ||
+  '{}';
+
+  let businessIds = _lodash.default.get(JSON.parse(json), 'businessIds', {});
+
+  // Local environment tweaks
+  if (process.env.BUILD_ENV === 'local') {
+    let b;
+    try {
+      b = JSON.parse(event?.body);
+    } catch (e) {
+    }
+    const bodyBid = b?.businessId;
+    // Always inject the default local BID “1” unless the caller explicitly wants
+    // what Cognito says **and** Cognito actually returned something.
+    if (!useCognitoBid) {
+      businessIds = { ...businessIds, '1': 'A' };
+    }
+
+    // If Cognito gave no BIDs at all, fall back to the local default.
+    if ((0, _lodash.isEmpty)(businessIds)) {
+      businessIds = { '1': 'A' };
+    }
+    // a businessId is found on the body for local allow it
+    if (bodyBid) {
+      businessIds[bodyBid] = 'A';
+    }
+  }
+
+  return businessIds;
+}
+
+/**
+ * Get the modules listed in custom:MOD.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {array} The Module access list
  */
-function enrichEventWithPartnerAccess(event,partnerBusinessIds,role="R"){if(!partnerBusinessIds||0===partnerBusinessIds.length)return;const arPath=event?.requestContext?.authorizer?.claims?"requestContext.authorizer.claims.custom:AR":"requestContext.authorizer.custom:AR",json=_lodash.default.get(event,arPath)||"{}",accessRights=JSON.parse(json),businessIds=accessRights.businessIds||{};for(const bid of partnerBusinessIds)businessIds[bid]||(businessIds[bid]=role);accessRights.businessIds=businessIds,_lodash.default.set(event,arPath,JSON.stringify(accessRights))},exports.getAccessRightsInfo=function getAccessRightsInfo(event){let jsonToParse=_lodash.default.get(event,"requestContext.authorizer.claims.custom:AR")||_lodash.default.get(event,"requestContext.authorizer.custom:AR")||"{}";const accessRights=JSON.parse(jsonToParse);return _lodash.default.get(accessRights,"businessIds",{})},exports.getBelongsToPartnerId=getBelongsToPartnerId,exports.getBusinessesInfo=getBusinessesInfo,exports.getDefaultBusinessIDInfo=function getDefaultBusinessIDInfo(event){let jsonToParse=_lodash.default.get(event,"requestContext.authorizer.claims.custom:DBI")||_lodash.default.get(event,"requestContext.authorizer.custom:DBI")||"{}";const dbi=JSON.parse(jsonToParse);return _lodash.default.get(dbi,"defaultBid","1")},exports.getEffectivePartnerId=
-/**
- * Get the effective partner ID from either custom:PID or custom:BPID.
- *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @returns {string|false} The partner ID or false.
+function getModuleInfo(event) {
+  let jsonToParse =
+  _lodash.default.get(event, 'requestContext.authorizer.claims.custom:MOD') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:MOD') ||
+  _lodash.default.get(event, 'requestContext.authorizer.claims.custom:AR') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:AR') ||
+
+  '{}';
+
+  const moduleRights = JSON.parse(jsonToParse);
+  return _lodash.default.get(moduleRights, 'module', {});
+}
+
+/**
+ * Get the modules listed in custom:MOD.
+ *
+ * @param {string} moduleName - A sting name for a module.
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {array} The Module access list
  */
-function getEffectivePartnerId(event){return isPartnerUser(event)||getBelongsToPartnerId(event)},exports.getModuleInfo=getModuleInfo,exports.getRequestedBusinessIds=getRequestedBusinessIds,exports.isPartnerUser=isPartnerUser,exports.isSuperUser=isSuperUser,exports.isSystemUser=isSystemUser,exports.userDefaultBid=
-/**
- * Get the businessID set in cognito as custom:DBI.
- *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @returns {string} The businessID set in cognito as custom:DBI
+function checkModule(moduleName, event) {
+  const moduleRights = getModuleInfo(event);
+  let allowAccess = _lodash.default.get(moduleRights, moduleName, false);
+
+  if (isSuperUser(event)) {
+    return;
+  }
+  if (isSystemUser(event)) {
+    return;
+  }
+
+  if (process.env.BUILD_ENV === 'local') {
+    return;
+  }
+  if (!allowAccess) {
+    throw _errorCodes.errorList.unauthorized;
+  }
+}
+
+const userRoles = exports.userRoles = {
+  admin: 'A',
+  read: 'R',
+  write: 'W'
+};
+
+/**
+ * Get the partner ID from custom:PID if the user is a partner admin.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {string|false} The partner ID or false if not a partner user.
  */
-function userDefaultBid(event){let jsonToParse=_lodash.default.get(event,"requestContext.authorizer.claims.custom:DBI")||_lodash.default.get(event,"requestContext.authorizer.custom:DBI")||"{}";const dbi=JSON.parse(jsonToParse);return _lodash.default.get(dbi,"defaultBid","")||"1"}
+function isPartnerUser(event) {
+  const partnerId = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:PID') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:PID') ||
+  '';
+  return partnerId || false;
+}
+
+/**
+ * Get the partner ID from custom:BPID if the user's business belongs to a partner.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {string|false} The partner ID or false if not associated with a partner.
+ */
+function getBelongsToPartnerId(event) {
+  const partnerId = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:BPID') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:BPID') ||
+  '';
+  return partnerId || false;
+}
+
+/**
+ * Get the effective partner ID from either custom:PID or custom:BPID.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {string|false} The partner ID or false.
+ */
+function getEffectivePartnerId(event) {
+  return isPartnerUser(event) || getBelongsToPartnerId(event);
+}
+
+/**
+ * Enrich the event's custom:AR with partner business IDs in-memory.
+ * Call this BEFORE accessRightsUtils() or getBusinessesInfo() so that
+ * partner admins (custom:PID) get access to their partner's merchants.
+ *
+ * This keeps accessRightsUtils synchronous — the DB lookup is done by the caller.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @param {string[]} partnerBusinessIds - Array of business IDs from the partner record.
+ * @param {string} [role='R'] - Access role to assign (default: Read).
+ */
+function enrichEventWithPartnerAccess(event, partnerBusinessIds, role = 'R') {
+  if (!partnerBusinessIds || partnerBusinessIds.length === 0) return;
+
+  const arPath = event?.requestContext?.authorizer?.claims ?
+  'requestContext.authorizer.claims.custom:AR' :
+  'requestContext.authorizer.custom:AR';
+
+  const json = _lodash.default.get(event, arPath) || '{}';
+  const accessRights = JSON.parse(json);
+  const businessIds = accessRights.businessIds || {};
+
+  for (const bid of partnerBusinessIds) {
+    if (!businessIds[bid]) {
+      businessIds[bid] = role;
+    }
+  }
+
+  accessRights.businessIds = businessIds;
+  _lodash.default.set(event, arPath, JSON.stringify(accessRights));
+}
+
+/**
+ * @param {{body: string}} event
+ * @param {{useCognitoBid:boolean}} [options] - An object with options, useCognitoBid prefers the businessId set in cognito if set and does not return the local bid of 1 if a bid is in the claim.
+ * @returns {string} businessId
+ */
+function checkWriteAccess(event, options) {
+  const eventBody = (0, _requestResponse.parseBody)(event);
+  const businessIds = accessRightsUtils(event, options) || [];
+  const businessId = businessIds.find((id) => id === eventBody.businessId);
+  const raw = getBusinessesInfo(event);
+  const userRight = raw[businessId];
+
+  if (isSuperUser(event)) {
+    return eventBody.businessId;
+  }
+
+  if (isSystemUser(event)) {
+    return eventBody.businessId;
+  }
+
+  if (process.env.BUILD_ENV === 'local') {
+    return eventBody.businessId;
+  }
+
+  if (userRight !== userRoles.admin && userRight !== userRoles.write || !userRight) {
+    throw _errorCodes.errorList.unauthorized;
+  }
+  return businessId;
+}
+
+/**
+ * Get the company-level cached settings from custom:SET.
+ *
+ * @param {object} event - The lambda event passed in by a validated api request.
+ * @returns {object} The company settings object (e.g. { auditEnabled: true })
+ */
+function getCompanySettings(event) {
+  const jsonToParse = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:SET') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:SET') ||
+  '{}';
+  try {
+    return JSON.parse(jsonToParse);
+  } catch (e) {
+    return {};
+  }
+}
+
+/***/ },
+
+/***/ "./src/database/dbUtils/queryStringUtils/createFilters.js"
+/*!****************************************************************!*\
+  !*** ./src/database/dbUtils/queryStringUtils/createFilters.js ***!
+  \****************************************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.createFilters = void 0;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));
+var _sequelize = _interopRequireDefault(__webpack_require__(/*! sequelize */ "sequelize"));
+var _dayjs = _interopRequireDefault(__webpack_require__(/*! dayjs */ "dayjs"));
+var _utc = _interopRequireDefault(__webpack_require__(/*! dayjs/plugin/utc.js */ "dayjs/plugin/utc.js"));
+var _errorCodes = __webpack_require__(/*! ../../../requestResponse/errorCodes.js */ "./src/requestResponse/errorCodes.js");
+var _accessRightsUtils = __webpack_require__(/*! ./accessRightsUtils.js */ "./src/database/dbUtils/queryStringUtils/accessRightsUtils.js");function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
+_dayjs.default.extend(_utc.default);
+
 /**
- * Get  requested businessIds from the query string.
+ * Create sequelize where clause from query string parameters and default sort object
  *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @returns {array} The businessID requested by the query string
- */,exports.userRoles=void 0;var _lodash=function _interopRequireWildcard(e,t){if("function"==typeof WeakMap)var r=new WeakMap,n=new WeakMap;return function(e,t){if(!t&&e&&e.__esModule)return e;var o,i,f={__proto__:null,default:e};if(null===e||"object"!=typeof e&&"function"!=typeof e)return f;if(o=t?n:r){if(o.has(e))return o.get(e);o.set(e,f)}for(const t in e)"default"!==t&&{}.hasOwnProperty.call(e,t)&&((i=(o=Object.defineProperty)&&Object.getOwnPropertyDescriptor(e,t))&&(i.get||i.set)?o(f,t,i):f[t]=e[t]);return f}(e,t)}(__webpack_require__(825)),_errorCodes=__webpack_require__(953),_requestResponse=__webpack_require__(859);function isSystemUser(event){let jsonToParse=_lodash.default.get(event,"requestContext.authorizer.claims.custom:SYSTEM")||_lodash.default.get(event,"requestContext.authorizer.custom:SYSTEM")||"false",isSys=!1;try{return isSys=JSON.parse(jsonToParse),isSys}catch(e){return console.error("error with system user:",e),!1}}function isSuperUser(event){let jsonToParse=_lodash.default.get(event,"requestContext.authorizer.claims.custom:SUPER")||_lodash.default.get(event,"requestContext.authorizer.custom:SUPER")||"false",isSys=!1;try{return isSys=JSON.parse(jsonToParse),isSys}catch(e){return!1}}function accessRightsUtils(event,options){const useCognitoBid=_lodash.default.get(options,"useCognitoBid",!1),requestedBusinessIds=getRequestedBusinessIds(event),allowedBusinessIds=
-/**
- * Get the allowed businessIds for a user from cognito custom:AR property.
+ * Translates URL query string parameters into a Sequelize-compatible WHERE object
+ * by matching each param against a filter definition (objectFilters).
  *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @param useCognitoBid
- * @returns {array} The businessID requested by the query string
- */
-function getAllowedBusinessIds(event,useCognitoBid){const businesses=getBusinessesInfo(event,useCognitoBid);return Object.keys(businesses)}(event,useCognitoBid);if(isSuperUser(event)){let v=requestedBusinessIds;return _lodash.default.isEmpty(requestedBusinessIds)&&(v=allowedBusinessIds),v}return isSystemUser(event)?requestedBusinessIds:0===requestedBusinessIds.length?allowedBusinessIds:_lodash.default.intersection(requestedBusinessIds,allowedBusinessIds)}function getRequestedBusinessIds(event){let requestedBusinessIds=_lodash.default.get(event,"queryStringParameters.businessIds",null);const body=(0,_requestResponse.parseBody)(event),bodyBid=body?.businessId;return requestedBusinessIds?requestedBusinessIds?requestedBusinessIds.split(","):[]:bodyBid?[bodyBid]:[]}function getBusinessesInfo(event,useCognitoBid=!1){const json=_lodash.default.get(event,"requestContext.authorizer.claims.custom:AR")||_lodash.default.get(event,"requestContext.authorizer.custom:AR")||"{}";let businessIds=_lodash.default.get(JSON.parse(json),"businessIds",{});
-// Local environment tweaks
-if("local"===process.env.BUILD_ENV){let b;try{b=JSON.parse(event?.body)}catch(e){}const bodyBid=b?.businessId;
-// Always inject the default local BID “1” unless the caller explicitly wants
-// what Cognito says **and** Cognito actually returned something.
-useCognitoBid||(businessIds={...businessIds,1:"A"}),
-// If Cognito gave no BIDs at all, fall back to the local default.
-(0,_lodash.isEmpty)(businessIds)&&(businessIds={1:"A"}),
-// a businessId is found on the body for local allow it
-bodyBid&&(businessIds[bodyBid]="A")}return businessIds}
-/**
- * Get the modules listed in custom:MOD.
+ * Filter definitions come from defaultFilters() which maps schema data types to operators:
+ *   STRING / CHAR / TEXT  -> Op.iLike  (case-insensitive LIKE)
+ *   INTEGER / DECIMAL     -> Op.or     (positive or negative match)
+ *   BOOLEAN               -> Op.eq     (exact match with string-to-boolean coercion)
+ *   JSONB                 -> case-insensitive search via jsonb_extract_path_text
+ *   DATE                  -> Op.between
  *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @returns {array} The Module access list
- */function getModuleInfo(event){let jsonToParse=_lodash.default.get(event,"requestContext.authorizer.claims.custom:MOD")||_lodash.default.get(event,"requestContext.authorizer.custom:MOD")||_lodash.default.get(event,"requestContext.authorizer.claims.custom:AR")||_lodash.default.get(event,"requestContext.authorizer.custom:AR")||"{}";const moduleRights=JSON.parse(jsonToParse);return _lodash.default.get(moduleRights,"module",{})}const userRoles=exports.userRoles={admin:"A",read:"R",write:"W"};
-/**
- * Get the partner ID from custom:PID if the user is a partner admin.
+ * Three convenience params are handled automatically:
+ *   - searchString: searches a single value across all iLike and eq fields using OR
+ *   - startDate + endDate: filters createdAt with a BETWEEN range
  *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @returns {string|false} The partner ID or false if not a partner user.
- */function isPartnerUser(event){return _lodash.default.get(event,"requestContext.authorizer.claims.custom:PID")||_lodash.default.get(event,"requestContext.authorizer.custom:PID")||""||!1}
+ * @param {object} event - the Lambda event containing queryStringParameters
+ * @param {object} objectFilters - filter definitions created by defaultFilters()
+ * @returns {object} A Sequelize where clause object
+ */
+const createFilters = function (event, objectFilters) {
+  let query = _lodash.default.get(event, 'queryStringParameters', {}) || {};
+
+  // Extract the three convenience params before iterating.
+  // These are handled separately from the per-field filter logic below.
+  const searchString = _lodash.default.get(query, 'searchString');
+  const startDate = _lodash.default.get(query, 'startDate');
+  const endDate = _lodash.default.get(query, 'endDate');
+
+  // ──────────────────────────────────────────────────────────────────────
+  // STEP 1 — Build per-field WHERE conditions
+  //
+  // Each query param is looked up in objectFilters. If a matching filter
+  // definition exists, we create the appropriate Sequelize condition.
+  //
+  // String-type fields (Op.iLike) are collected into a separate array
+  // because they use DB.where(DB.fn('LOWER', DB.col(...))) which cannot
+  // be expressed as a simple { column: { operator: value } } key.
+  // Instead they are merged into WHERE via Op.and after the reduce.
+  //
+  // This approach replaces the Postgres-only Op.iLike with
+  // LOWER(column) LIKE '%lowered_value%' which works across all
+  // database dialects (Postgres, MySQL, MSSQL, SQLite).
+  // ──────────────────────────────────────────────────────────────────────
+  const caseInsensitiveConditions = [];
+  const where = Object.keys(query).reduce((acc, item) => {
+    const val = _lodash.default.get(objectFilters, item, null);
+
+    if (val) {
+      // JSONB fields are handled entirely in Step 4 below.
+      // Skip them here so they don't fall into the catch-all else branch.
+      if (val.type === 'jsonb') {
+        return acc;
+      }
+
+      // Dot-notation keys (e.g. "snowman.snowmanType") reference columns
+      // on joined/included models. Sequelize requires these to be wrapped
+      // in $...$ syntax in the WHERE object so it can resolve them.
+      const itemName = item.includes('.') ?
+      `$${item}$` :
+      item;
+
+      // STRING / CHAR / TEXT fields — case-insensitive partial match
+      // Generates: WHERE LOWER("column") LIKE '%lowered_value%'
+      if (val.filterType === _sequelize.default.Op.iLike) {
+        caseInsensitiveConditions.push(
+          _sequelize.default.where(
+            _sequelize.default.fn('LOWER', _sequelize.default.col(item)),
+            { [_sequelize.default.Op.like]: `%${query[item]?.toLowerCase()}%` }
+          )
+        );
+
+        // INTEGER / DECIMAL fields — match positive or negative value
+        // Generates: WHERE "column" IN (-value, value)
+        // Useful for fields like amounts where sign may vary.
+      } else if (val.filterType === _sequelize.default.Op.or) {
+        acc[itemName] = {};
+        acc[itemName][val.filterType] = [-1 * +query[item], +query[item]];
+
+        // ENUM / multi-value fields — match any value in a comma-separated list
+        // Query: ?status=open,closed  ->  WHERE "status" IN ('open','closed')
+      } else if (val.filterType === _sequelize.default.Op.in) {
+        acc[itemName] = {};
+        acc[itemName][val.filterType] = query[item].split(',');
+
+        // Catch-all for other operators (Op.eq, Op.contains, Op.between, etc.)
+        // Attempts JSON.parse first so structured values (objects, arrays, numbers)
+        // are passed as their parsed type rather than raw strings.
+      } else {
+        acc[itemName] = {};
+        let parsedJson;
+        try {
+          parsedJson = JSON.parse(query[item]);
+        } catch (e) {
+          parsedJson = query[item];
+        }
+        acc[itemName][val.filterType] = parsedJson;
+      }
+
+      // BOOLEAN override — runs after the block above so it can replace
+      // the value set by the catch-all. Query strings are always strings
+      // ("true", "false", "null"), so we coerce them to actual booleans/null.
+      if (val.type === _sequelize.default.BOOLEAN) {
+        const queryValue = _lodash.default.get(query, item, '').toLowerCase();
+
+        const booleanMap = {
+          'false': false,
+          'null': null,
+          'true': true
+        };
+
+        acc[itemName][val.filterType] = booleanMap[queryValue];
+      }
+    }
+
+    return acc;
+  }, {});
+
+  // Merge the case-insensitive string conditions into WHERE using Op.and.
+  // This keeps them alongside the key-based conditions built above.
+  // Example result: WHERE decimal = 100 AND LOWER("name") LIKE '%john%'
+  if (caseInsensitiveConditions.length) {
+    where[_sequelize.default.Op.and] = [...(where[_sequelize.default.Op.and] || []), ...caseInsensitiveConditions];
+  }
+
+  // ──────────────────────────────────────────────────────────────────────
+  // STEP 2 — Apply automatic filters (active flag, businessId, dates)
+  //
+  // These are appended to every query regardless of what the caller sent.
+  // ──────────────────────────────────────────────────────────────────────
+
+  // If the model has an "active" column and the caller did not explicitly
+  // filter by it, default to only returning active records.
+  if (objectFilters?.active && !where?.active) {
+    where.active = true;
+  }
+
+  // Scope every query to the caller's authorized business IDs.
+  // accessRightsUtils extracts them from the JWT claims on the event.
+  const businessIds = (0, _accessRightsUtils.accessRightsUtils)(event);
+  const filterAdds = {
+    businessId: businessIds
+  };
+
+  // Date range filter — when both startDate and endDate are provided,
+  // automatically filter createdAt with a BETWEEN clause.
+  // Generates: WHERE "createdAt" BETWEEN '2024-01-01' AND '2024-12-31'
+  if (startDate && endDate) {
+    const s = _dayjs.default.utc(startDate);
+    const e = _dayjs.default.utc(endDate);
+    const dates = {
+      [_sequelize.default.Op.between]: [s.toDate(), e.toDate()]
+    };
+    if (!s.isValid()) {
+      throw { ..._errorCodes.errorList.invalidStartDate };
+    }
+
+    if (!e.isValid()) {
+      throw { ..._errorCodes.errorList.invalidEndDate };
+    }
+
+    filterAdds.createdAt = dates;
+  }
+
+  // ──────────────────────────────────────────────────────────────────────
+  // STEP 3 — searchString: search one value across many fields with OR
+  //
+  // When ?searchString=john is provided, we build an OR array that checks
+  // every filterable field for a match. This lets a single search box
+  // query across name, title, email, etc. simultaneously.
+  //
+  // String fields (Op.iLike) get a case-insensitive LOWER + LIKE condition.
+  // Numeric fields (Op.eq) get an exact match, but only when the search
+  // value is a valid number (and the field is not a boolean).
+  //
+  // Generates: WHERE (LOWER("name") LIKE '%john%'
+  //              OR   LOWER("title") LIKE '%john%'
+  //              OR   "id" = 123)
+  // ──────────────────────────────────────────────────────────────────────
+  if (searchString) {
+    const adds = Object.keys(objectFilters).reduce((acc, item) => {
+      const type = objectFilters[item].filterType;
+      const dataType = objectFilters[item].type;
+
+      // String fields — case-insensitive partial match via LOWER + LIKE
+      if (type === _sequelize.default.Op.iLike) {
+        acc.push(
+          _sequelize.default.where(
+            _sequelize.default.fn('LOWER', _sequelize.default.col(item)),
+            { [_sequelize.default.Op.like]: `%${query['searchString'].toLowerCase()}%` }
+          )
+        );
+      }
+
+      // Numeric fields — exact match only when the search value is numeric.
+      // Booleans are excluded because a search for "1" should not match
+      // boolean true.
+      if (!_lodash.default.isNaN(Number(query['searchString'])) && !(dataType instanceof _sequelize.default.BOOLEAN)) {
+
+        if (type === _sequelize.default.Op.eq) {
+          const newOr = {};
+          const itemName = item.includes('.') ? `$${item}$` : item;
+          newOr[itemName] = {
+            [_sequelize.default.Op.eq]: `${query['searchString']}`
+          };
+          acc.push(newOr);
+        }
+      }
+
+      return acc;
+    }, []);
+
+    filterAdds[_sequelize.default.Op.or] = adds;
+  }
+
+  // Merge the automatic filters (businessId, createdAt, searchString OR)
+  // into the where object built in Step 1.
+  const withDate = Object.assign(where, filterAdds);
+
+  // ──────────────────────────────────────────────────────────────────────
+  // STEP 4 — JSONB field filters: case-insensitive search inside JSON columns
+  //
+  // JSONB columns store structured data (e.g. a "token" column containing
+  // { cardType: "mastercard", cardHolderName: "GREGORY HERBERT" }).
+  //
+  // Query params use dot-notation to target nested keys:
+  //   ?token.cardHolderName=gregory
+  //   ?paymentProviderData.payment.result.message=approved
+  //
+  // For each matching param we:
+  //   1. Split the path after the column prefix into individual key segments
+  //   2. Use jsonb_extract_path_text(column, key1, key2, ...) to pull the
+  //      value out of the JSON as plain text
+  //   3. Wrap it in LOWER() and compare with Op.like for case-insensitive match
+  //
+  // Generates: WHERE LOWER(jsonb_extract_path_text("token", 'cardHolderName'))
+  //              LIKE '%gregory%'
+  //
+  // jsonb_extract_path_text is used via DB.fn() so Sequelize parameterizes
+  // the path arguments, keeping it safe from SQL injection.
+  // ──────────────────────────────────────────────────────────────────────
+  Object.keys(objectFilters || {}).forEach((k) => {
+    const def = objectFilters[k];
+    if (def && def.type === 'jsonb' && def.field) {
+      const prefix = `${def.field}.`;
+
+      Object.keys(query).forEach((qKey) => {
+        if (qKey.startsWith(prefix)) {
+          // Dot-notation: ?token.cardHolderName=gregory
+          // e.g. "token.cardHolderName" -> pathParts = ["cardHolderName"]
+          // e.g. "data.payment.result.message" -> pathParts = ["payment","result","message"]
+          const pathParts = qKey.substring(prefix.length).split('.');
+          const value = query[qKey];
+
+          if (!withDate[_sequelize.default.Op.and]) {
+            withDate[_sequelize.default.Op.and] = [];
+          }
+          withDate[_sequelize.default.Op.and].push(
+            _sequelize.default.where(
+              _sequelize.default.fn('LOWER', _sequelize.default.fn('jsonb_extract_path_text', _sequelize.default.col(def.field), ...pathParts)),
+              { [_sequelize.default.Op.like]: `%${value?.toLowerCase()}%` }
+            )
+          );
+        } else if (qKey === def.field) {
+          // JSON-object-as-value: ?token={"cardHolderName":"Test"}
+          // Parse the JSON and create a condition for each key-value pair.
+          // Nested objects are flattened recursively into deeper path segments.
+          let parsed;
+          try {
+            parsed = JSON.parse(query[qKey]);
+          } catch (e) {
+            return;
+          }
+          if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
+            const addJsonbConditions = (obj, pathParts) => {
+              Object.entries(obj).forEach(([key, value]) => {
+                const currentPath = [...pathParts, key];
+                if (value && typeof value === 'object' && !Array.isArray(value)) {
+                  addJsonbConditions(value, currentPath);
+                } else if (value !== null && !Array.isArray(value)) {
+                  if (!withDate[_sequelize.default.Op.and]) {
+                    withDate[_sequelize.default.Op.and] = [];
+                  }
+                  withDate[_sequelize.default.Op.and].push(
+                    _sequelize.default.where(
+                      _sequelize.default.fn('LOWER', _sequelize.default.fn('jsonb_extract_path_text', _sequelize.default.col(def.field), ...currentPath)),
+                      { [_sequelize.default.Op.like]: `%${String(value)?.toLowerCase()}%` }
+                    )
+                  );
+                }
+              });
+            };
+            addJsonbConditions(parsed, []);
+          }
+        }
+      });
+    }
+  });
+
+  return withDate;
+};exports.createFilters = createFilters;
+
+/***/ },
+
+/***/ "./src/database/dbUtils/queryStringUtils/createIncludes.js"
+/*!*****************************************************************!*\
+  !*** ./src/database/dbUtils/queryStringUtils/createIncludes.js ***!
+  \*****************************************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.createIncludes = createIncludes;exports.includeSubItem = includeSubItem;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
 /**
- * Get the partner ID from custom:BPID if the user's business belongs to a partner.
+ * Create sequelize includes array from query string parameters and default sequelize model
  *
- * @param {object} event - The lambda event passed in by a validated api request.
- * @returns {string|false} The partner ID or false if not associated with a partner.
- */function getBelongsToPartnerId(event){return _lodash.default.get(event,"requestContext.authorizer.claims.custom:BPID")||_lodash.default.get(event,"requestContext.authorizer.custom:BPID")||""||!1}},
-/***/793(module){module.exports=require("@aws-sdk/client-sns");
-/***/},
-/***/825(module){module.exports=require("lodash");
-/***/},
-/***/835(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.createSort=void 0;var _lodash=function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}
+ * @param {object} event - the query parameters from the event passed by lambda
+ * @param {object} objectFilters - the default filters object created by createDefaultFilters
+ * @returns {object} A sequelize includes array
+ */
+
+function createIncludes(event, objectFilters) {
+  const query = _lodash.default.get(event, 'queryStringParameters', {}) || {};
+
+  const keys = Object.keys(objectFilters);
+
+  const canBeIncluded = keys.reduce((acc, item) => {
+    acc = includeSubItem(item, acc);
+
+    return acc;
+  }, []);
+
+  const askedForInQuery = Object.keys(query).reduce((acc, item) => {
+    if (item === 'sort') {
+      query[item].split(',').forEach((sortItem) => {
+        sortItem = sortItem.indexOf('-') === 0 ? sortItem.substr(1) : sortItem;
+        acc = includeSubItem(sortItem, acc);
+      });
+    }
+
+    acc = includeSubItem(item, acc);
+
+    return acc;
+  }, []);
+
+  return _lodash.default.intersection(canBeIncluded, askedForInQuery);
+}
+
+function includeSubItem(queryStringItem, acc = []) {
+  const dot = queryStringItem.indexOf('.');
+  if (dot > 0) {
+    acc.push(queryStringItem.substring(0, dot));
+  }
+
+  return acc;
+}
+
+/***/ },
+
+/***/ "./src/database/dbUtils/queryStringUtils/createSort.js"
+/*!*************************************************************!*\
+  !*** ./src/database/dbUtils/queryStringUtils/createSort.js ***!
+  \*************************************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.createSort = void 0;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
 /**
  * Create sequelize order clause from query string parameters and default sort object
  *
  * @param {object} event - the event created AWS lambda, it will contain queryStringParameters with sort property a comma seperated list of sortable fields * @param {object} objectFilters - the default filters object created by createDefaultFilters
  * @param {object} defaultFilter - A default filter object as built by createDefault Filters, if items are not on the schema they will not be in the order by
  * @returns {object}  An sequelize order by object
- */(__webpack_require__(825));exports.createSort=function(event,defaultFilter){let copyOfDefaultFilter=_lodash.default.clone(defaultFilter),query=_lodash.default.get(event,"queryStringParameters",{})||{};return(_lodash.default.get(query,"sort","-updatedAt")||"-updatedAt").split(",").reduce((acc,item)=>{const testItem=0===item.indexOf("-")?item.substr(1):item;if(_lodash.default.get(copyOfDefaultFilter,testItem,null)){const sortItem=[];testItem.split(".").forEach(parentChildList=>{sortItem.push(parentChildList)}),0===item.indexOf("-")?sortItem.push("DESC"):sortItem.push("ASC"),acc.push(sortItem)}return acc},[])}},
-/***/859(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.detectDynamooseError=
-/**
- * Parse the body of a Dynamoose error response.
- * Attempts to extract a human-readable error message from Dynamoose errors.
- * This is a fallback for unknown database errors.
- *
- * @param {object} body - Part of a body response containing error details.
- * @returns {object} - Error message object { message: string }
- */
-function detectDynamooseError(body){const errorBody={};
-// Start with an empty message string.
-let dynamooseError="";
-// If the error body contains an array of errors, concatenate their messages.
-Array.isArray(body.errors)&&(dynamooseError+=body.errors.reduce((acc,err)=>acc+" "+(err.message||""),""));
-// If there's a top-level message, add it.
-body.message&&(dynamooseError+=" "+body.message);
-// If there is any additional detail provided, append it.
-body.detail&&(dynamooseError+=" "+body.detail);
-// Trim the message to remove extra spaces.
-return errorBody.message=dynamooseError.trim(),errorBody}
-/***/,exports.detectJoyError=detectJoyError,exports.detectSequelizeError=detectSequelizeError,exports.failure=
-/**
- * Create a failure response
- *
- * @param body {Object} an event object
- * @param options {Object} an options object
- * @returns {{statusCode:number, headers:object, body:string}} a response object
  */
-function failure(body={},options){let cleanedErrorBody;_lodash.default.get(options,"dbClose",_lodash.default.noop)(),("LOG_ALL"===process.env.UTIL_LOG||"test"===process.env.BUILD_ENV)&&_lodash.default.isObject(body)&&console.error("-------\x3eALL UTIL ERROR:",JSON.stringify(body,null,2));cleanedErrorBody=body,_lodash.default.isUndefined(body.details)?(_lodash.default.isUndefined(body.errorCode)||_lodash.default.isUndefined(body.statusCode))&&(cleanedErrorBody=detectSequelizeError(body)):cleanedErrorBody=detectJoyError(body);if(_lodash.default.get(body,"response.data.message")){const err=_lodash.default.get(body,"response.data.message");_lodash.default.isObject(body)&&("LOG_ALL"!==process.env.UTIL_LOG&&"test"!==process.env.BUILD_ENV||console.error("-------\x3eMSG UTIL ERROR:",JSON.stringify(err,null,2)))}const newBody=_lodash.default.merge({statusCode:500,errorCode:"5XX",message:"INTERNAL UTIL ERROR"},cleanedErrorBody);return buildResponse(newBody.statusCode,newBody)}
-/**
- * Create a failure response object
- *
- * @param statusCode {Number} a status code
- * @param body {Object} an event object
- * @returns {{statusCode:number, headers:object, body:string}} a response object
- */,exports.getCurrentUser=
+const createSort = function (event, defaultFilter) {
+  let copyOfDefaultFilter = _lodash.default.clone(defaultFilter);
+  let query = _lodash.default.get(event, 'queryStringParameters', {}) || {};
+  let sort = _lodash.default.get(query, 'sort', '-updatedAt') || '-updatedAt';
+
+  return sort.split(',').reduce((acc, item) => {
+
+    const testItem = item.indexOf('-') === 0 ? item.substr(1) : item;
+
+    if (_lodash.default.get(copyOfDefaultFilter, testItem, null)) {
+      const sortItem = [];
+
+      testItem.split('.').forEach((parentChildList) => {
+        sortItem.push(parentChildList);
+      });
+
+      if (item.indexOf('-') === 0) {
+        sortItem.push('DESC');
+      } else {
+        sortItem.push('ASC');
+      }
+      acc.push(sortItem);
+    }
+
+    return acc;
+  }, []);
+};exports.createSort = createSort;
+
+/***/ },
+
+/***/ "./src/database/dbUtils/queryStringUtils/defaultFilters.js"
+/*!*****************************************************************!*\
+  !*** ./src/database/dbUtils/queryStringUtils/defaultFilters.js ***!
+  \*****************************************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.addFiltersFromSchema = addFiltersFromSchema;exports.defaultFilters = defaultFilters;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));
+var _sequelize = _interopRequireDefault(__webpack_require__(/*! sequelize */ "sequelize"));function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
 /**
- * Get the user information from the event object
+ * Create an object with default filters for a given sequeliaze Schema Object, and set of sub schemas
  *
- * @param event {Object} an event object
- * @returns {{username: string, id: number}}
+ * @param {object} schema - type is sequelize data type
+ * @param {object} subSchemas - An object with alias as the key and sequelize schema as the value http://docs.sequelizejs.com/class/lib/sequelize.js~Sequelize.html#instance-method-define
+ * sub schema can be {location: locationSchema} or {location: {as: "asAlias", schema: schema}}
+ * @returns {object} An Object with a default filter for each dataType CHAR and TEXT will get a $like operator, INTEGER, DECIMAL and BOOLEAN will get a $eq.
  */
-function getCurrentUser(event){let jsonToParse=_lodash.default.get(event,"requestContext.authorizer.claims.custom:UID")||_lodash.default.get(event,"requestContext.authorizer.custom:UID")||"0";const id=JSON.parse(jsonToParse);return{username:_lodash.default.get(event,"requestContext.authorizer.claims.email")||_lodash.default.get(event,"requestContext.authorizer.email")||"localtestuser@gexample.com",id}},exports.getCurrentUserNameFromCognitoEvent=
-/**
- * @param {string} event
- * @returns string
+function defaultFilters(schema, subSchemas = {}) {
+  schema = _lodash.default.clone(schema);
+
+  const filters = {};
+
+  addFiltersFromSchema(schema, filters);
+  Object.keys(subSchemas).forEach((key) => {
+    addFiltersFromSchema(subSchemas[key], filters, key);
+  });
+
+  return filters;
+}
+
+function addFiltersFromSchema(schema, filters, keyPrefix = '') {
+  const asLinkAlias = _lodash.default.get(schema, 'as', null);
+  schema = _lodash.default.get(schema, 'schema') || schema;
+
+  return Object.keys(schema).reduce((acc, item) => {
+    let key = item;
+
+    if (asLinkAlias) {
+      acc[asLinkAlias] = { type: _sequelize.default.STRING, filterType: _sequelize.default.Op.eq };
+    }
+
+    if (keyPrefix) {
+      key = `${keyPrefix}.${item}`;
+    }
+
+    if (schema[item].filterType) {
+      acc[key] = { filterType: schema[item].filterType };
+
+      return acc;
+    }
+
+    const itemType = schema[item].type;
+
+    //new sequelize uses class symbols instead of objects
+    if (itemType instanceof _sequelize.default.STRING) {
+      acc[key] = { filterType: _sequelize.default.Op.iLike };
+    } else if (itemType instanceof _sequelize.default.CHAR) {
+      acc[key] = { filterType: _sequelize.default.Op.iLike };
+    } else if (itemType instanceof _sequelize.default.TEXT) {
+      acc[key] = { filterType: _sequelize.default.Op.iLike };
+    } else if (itemType instanceof _sequelize.default.DECIMAL) {
+      acc[key] = { filterType: _sequelize.default.Op.or };
+    } else if (itemType instanceof _sequelize.default.INTEGER) {
+      acc[key] = { filterType: _sequelize.default.Op.or };
+    } else if (itemType instanceof _sequelize.default.BIGINT) {
+      acc[key] = { filterType: _sequelize.default.Op.or };
+    } else if (itemType instanceof _sequelize.default.BOOLEAN) {
+      acc[key] = { type: _sequelize.default.BOOLEAN, filterType: _sequelize.default.Op.eq };
+    } else if (itemType instanceof _sequelize.default.JSONB || itemType === _sequelize.default.JSONB) {
+      acc[key] = { type: 'jsonb', field: item };
+    } else if (itemType instanceof _sequelize.default.DATE) {
+      acc[key] = { filterType: _sequelize.default.Op.between };
+    } else if (itemType instanceof _sequelize.default.DATEONLY) {
+      acc[key] = { filterType: _sequelize.default.Op.eq };
+    }
+
+    //these are automatically part of the models, so add them always
+    acc['createdAt'] = { type: _sequelize.default.DATE, filterType: _sequelize.default.Op.between };
+    acc['updatedAt'] = { type: _sequelize.default.DATE, filterType: _sequelize.default.Op.between };
+    acc['id'] = { type: _sequelize.default.INTEGER, filterType: _sequelize.default.Op.eq };
+
+    return acc;
+  }, filters);
+}
+
+/***/ },
+
+/***/ "./src/database/dbUtils/queryStringUtils/findAll.js"
+/*!**********************************************************!*\
+  !*** ./src/database/dbUtils/queryStringUtils/findAll.js ***!
+  \**********************************************************/
+(__unused_webpack_module, exports) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports["default"] = void 0;exports.findAll = findAll;exports.getPaginationFromFindAll = getPaginationFromFindAll; /**
+ * create pagination object from Sequelize findAll
+ * @param {object} result - sequelize result
+ * @param {number} limit - max number of results to return
+ * @param {number} offset - page offset
  */
-function getCurrentUserNameFromCognitoEvent(event){const attributes=_lodash.default.get(event,"request.userAttributes");return attributes["cognito:email_alias"]||attributes.email||"UNKNOWN USER"},exports.parseBody=
+function getPaginationFromFindAll(result, limit, offset) {
+  result = result || [];
+  limit = limit || 0;
+  offset = offset || 0;
+
+  const hasMore = result.length > limit;
+  if (hasMore) {
+    result.splice(-1, 1);
+  }
+  const pageObject = {
+    offset: offset,
+    limit: limit,
+    rows: result,
+    hasMore: hasMore
+  };
+
+  return pageObject;
+}
+
 /**
- * parse the body of the event object
- *
- * @param requestEvent {{body:string}} an event object
- * @returns event {*} the json object of the body
+ * wrapper for Sequelize findAll
+ * @param {object} model - instance of Sequelize (must be initialized)
+ * @param {*&{include: [{model: *}], where: {businessId: Array}, order: [string[]]}} options - instance of Sequelize (must be initialized)
  */
-function parseBody(requestEvent){let eventBody={};if(_lodash.default.isString(requestEvent.body))try{eventBody=JSON.parse(requestEvent.body)}catch(e){
-// Invalid JSON
-throw eventBody=null,_errorCodes.errorList.invalidJson}else _lodash.default.isObject(requestEvent.body)&&(eventBody=requestEvent.body);return eventBody}
-/**
- * parse the body of the event object
- *
- * @param requestEvent {string|object} an event object
- * @param [callback] {function} undefined a call back function
- * @returns event {*} the json object of the body
- */,exports.parseEvent=function parseEvent(requestEvent,callback){let event={};if(_lodash.default.isString(requestEvent))try{event=JSON.parse(requestEvent)}catch(e){
-// Invalid JSON
-event=null,callback&&callback(Error(e))}else _lodash.default.isObject(requestEvent)&&(event=requestEvent);return event}
-/**
- * parse the body of the event object
- * look for sequelize errors and return a message
- * ERRORS should not be caught here this is a fallback for unknown database errors
- *
- * @param body {object} part of a body response
- * @returns error message object {message:string}
- */,exports.success=
+async function findAll(model, options) {
+
+  const limit = options.limit || 0;
+  const includes = options.includes || { all: true, nested: true };
+  const findArgs = Object.assign({ include: includes }, options, { limit: limit + 1 });
+  const results = await model.findAll(findArgs);
+  return getPaginationFromFindAll(results, limit, options.offset);
+}
+
+const findUtils = {
+  findAll
+};var _default = exports["default"] =
+findUtils;
+
+/***/ },
+
+/***/ "./src/dynamo/dynamoUtils.js"
+/*!***********************************!*\
+  !*** ./src/dynamo/dynamoUtils.js ***!
+  \***********************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports["default"] = void 0;var _libDynamodb = __webpack_require__(/*! @aws-sdk/lib-dynamodb */ "@aws-sdk/lib-dynamodb");
+var _clientDynamodb = __webpack_require__(/*! @aws-sdk/client-dynamodb */ "@aws-sdk/client-dynamodb");
+
+const dynamoUtil = {
+  get: (params) => get(params)
+};
+
 /**
- * @param {Object} body
- * @param {{dbClose?:function}} [options]
+ * @param {{TableName:string, Key:{key:string}}} params
  */
-function success(body,options){return _lodash.default.get(options,"dbClose",_lodash.default.noop)(),buildResponse(200,body)}
+async function get(params) {
+  const dynamoDb = _libDynamodb.DynamoDBDocument.from(new _clientDynamodb.DynamoDB());
+  return dynamoDb.get(params);
+}var _default = exports["default"] =
+
+dynamoUtil;
+
+/***/ },
+
+/***/ "./src/eventManager/handleEvents.js"
+/*!******************************************!*\
+  !*** ./src/eventManager/handleEvents.js ***!
+  \******************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.handleDirectS3WriteEvent = handleDirectS3WriteEvent;exports.handleEvents = handleEvents;var _handleFile = __webpack_require__(/*! ./handleFile.js */ "./src/eventManager/handleFile.js");
+var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));
+var _bluebird = _interopRequireDefault(__webpack_require__(/*! bluebird */ "bluebird"));function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
+function handleEvents(event, transformer, errorHandlerPerFile, shouldSkipFailedFolders = false, userImportTypes) {
+  if (!event || !event.Records) {
+    return _bluebird.default.resolve();
+  }
+
+  let hasErrors = false;
+
+  return _bluebird.default.map(event.Records, (record) => {
+    const snsInfo = JSON.parse(_lodash.default.get(record, 'Sns.Message', '{}'));
+    const s3Bucket = snsInfo.bucket;
+    const files = snsInfo.files || [];
+
+    return _bluebird.default.map(files, (file) => {
+      let path = decodeURIComponent(file);
+      if (path) {
+        return (0, _handleFile.handleFile)(path, s3Bucket, transformer, { shouldSkipFailedFolders, userImportTypes }).catch((err) => {
+          if (errorHandlerPerFile && !errorHandlerPerFile(err, path)) {
+            console.error('HANDLE-FILE-CATCH: ', err);
+            hasErrors = true;
+          }
+        });
+      }
+    });
+  }).then(() => {
+    if (hasErrors) {
+      throw new Error('ERROR: HANDLE-FILE');
+    }
+  });
+}
+
+function handleDirectS3WriteEvent(event, transformer, errorHandlerPerFile, shouldSkipFailedFolders = false, userImportTypes) {
+  if (!event || !event.Records) {
+    return _bluebird.default.resolve();
+  }
+
+  let hasErrors = false;
+
+  return _bluebird.default.map(event.Records, (record) => {
+    const s3Bucket = record.s3.bucket.name;
+    const file = record.s3.object.key || [];
+
+    let path = decodeURIComponent(file);
+    if (path) {
+      return (0, _handleFile.handleFile)(path, s3Bucket, transformer, { shouldSkipFailedFolders, userImportTypes }).catch((err) => {
+        if (errorHandlerPerFile && !errorHandlerPerFile(err, path)) {
+          console.error('HANDLE-FILE-CATCH:', err);
+          hasErrors = true;
+        }
+      });
+    }
+
+  }).then(() => {
+    if (hasErrors) {
+      throw new Error('ERROR: HANDLE-FILE (DIRECT S3 EVENT)');
+    }
+  });
+}
+
+/***/ },
+
+/***/ "./src/eventManager/handleFile.js"
+/*!****************************************!*\
+  !*** ./src/eventManager/handleFile.js ***!
+  \****************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.containsError = containsError;exports.handleFile = handleFile;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));
+var _S3Utils = _interopRequireDefault(__webpack_require__(/*! ../s3/S3Utils/S3Utils.js */ "./src/s3/S3Utils/S3Utils.js"));function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
+async function handleFile(path, s3Bucket, transformer, options) {
+  const shouldSkipFailedFolders = _lodash.default.get(options, 'shouldSkipFailedFolders');
+  const userImportTypes = _lodash.default.get(options, 'userImportTypes');
+  const params = {
+    Bucket: s3Bucket,
+    Key: path
+  };
+  let body;
+
+  try {
+    body = await _S3Utils.default.getObject(params);
+  } catch (e) {
+    if (e.Code === 'NoSuchKey' || e.code === 'NoSuchKey' || e.name === 'NoSuchKey') {
+      return;
+    }
+    console.error('S3 getObject error:', e);
+    throw e;
+  }
+
+  try {
+    // exit early for null/undefined or blank string bodies
+    if (_lodash.default.isNil(body) || _lodash.default.isString(body) && _lodash.default.isEmpty(body.trim())) {
+      await _S3Utils.default.deleteObject(params);
+      return;
+    }
+
+    const parsedBody = JSON.parse(body);
+
+    // exit early for objects like {} or []
+    if (_lodash.default.isEmpty(parsedBody)) {
+      await _S3Utils.default.deleteObject(params);
+      return;
+    }
+
+    const returnedValue = await transformer(parsedBody);
+    await _S3Utils.default.deleteObject(params);
+
+    return returnedValue;
+  } catch (error) {
+    console.error('HANDLE-FILE-ERROR', error);
+
+    if (!body) {
+      return;
+    }
+
+    let newPath = '';
+
+    if (userImportTypes) {
+      console.log('USER IMPORT');
+      // look for items in the userImportTypes
+      const usersImports = Object.values(userImportTypes);
+      const items = path.split('/');
+      const fileName = _lodash.default.last(items);
+      const folderName = _lodash.default.first(items);
+
+      if (usersImports.indexOf(folderName) > -1) {
+        if (shouldSkipFailedFolders) {
+          newPath = `${folderName}/error/${fileName}`;
+        } else if (_lodash.default.startsWith(path, `${folderName}/failed-once/`)) {
+          newPath = _lodash.default.replace(path, `${folderName}/failed-once/`, `${folderName}/failed-twice/`);
+        } else if (_lodash.default.startsWith(path, `${folderName}/failed-twice/`)) {
+          newPath = _lodash.default.replace(path, `${folderName}/failed-twice/`, `${folderName}/error/`);
+        } else {
+          newPath = `${folderName}/failed-once/${fileName}`;
+        }
+      } else {
+        newPath = `pathAndEventMisMatchError/${path}`;
+      }
+
+    } else {
+      if (shouldSkipFailedFolders) {
+        newPath = `error/${path}`;
+      } else if (_lodash.default.startsWith(path, 'failed-once/')) {
+        newPath = _lodash.default.replace(path, 'failed-once/', 'failed-twice/');
+      } else if (_lodash.default.startsWith(path, 'failed-twice/')) {
+        newPath = _lodash.default.replace(path, 'failed-twice/', 'error/');
+      } else {
+        if (_lodash.default.includes(path, 'delayUntil/')) {
+          path = _lodash.default.last(path.split('/'));
+        }
+
+        newPath = `failed-once/${path}`;
+      }
+    }
+
+    const newParams = {
+      Bucket: s3Bucket,
+      Key: newPath,
+      Body: body
+    };
+
+    if (
+    containsError(newPath, 'failed-once') ||
+    containsError(newPath, 'failed-twice') ||
+    containsError(newPath, 'error'))
+    {
+      throw new Error('NESTING ERROR');
+    }
+
+    await _S3Utils.default.putObject(newParams);
+    await _S3Utils.default.deleteObject(params);
+
+    throw error;
+  }
+}
+
+function containsError(str, val) {
+  const firstIndex = str.toLowerCase().indexOf(val);
+  if (firstIndex === -1) return false;
+  const secondIndex = str.toLowerCase().indexOf(val, firstIndex + 1);
+  return secondIndex !== -1;
+}
+
+/***/ },
+
+/***/ "./src/eventManager/publishEvents.js"
+/*!*******************************************!*\
+  !*** ./src/eventManager/publishEvents.js ***!
+  \*******************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.loop = loop;exports.publishEvents = publishEvents;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));
+var _dayjs = _interopRequireDefault(__webpack_require__(/*! dayjs */ "dayjs"));
+var _customParseFormat = _interopRequireDefault(__webpack_require__(/*! dayjs/plugin/customParseFormat */ "dayjs/plugin/customParseFormat"));
+var _isSameOrBefore = _interopRequireDefault(__webpack_require__(/*! dayjs/plugin/isSameOrBefore */ "dayjs/plugin/isSameOrBefore"));
+var _bluebird = _interopRequireDefault(__webpack_require__(/*! bluebird */ "bluebird"));
+var _S3Utils = _interopRequireDefault(__webpack_require__(/*! ../s3/S3Utils/S3Utils.js */ "./src/s3/S3Utils/S3Utils.js"));
+var _SNSUtils = _interopRequireDefault(__webpack_require__(/*! ../sns/SNSUtils.js */ "./src/sns/SNSUtils.js"));
+var _dynamoUtils = _interopRequireDefault(__webpack_require__(/*! ../dynamo/dynamoUtils.js */ "./src/dynamo/dynamoUtils.js"));function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
+_dayjs.default.extend(_customParseFormat.default);
+_dayjs.default.extend(_isSameOrBefore.default);
+
 /**
- * @param {string} html
- * @param {{dbClose:function|undefined}} options
- */,exports.successHtml=function successHtml(html,options){return _lodash.default.get(options,"dbClose",_lodash.default.noop)(),{statusCode:200,headers:{"Content-Type":"text/html","Access-Control-Allow-Origin":"*","Access-Control-Allow-Credentials":!0,...htmlSecurityHeaders},body:html}};var _lodash=function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}(__webpack_require__(825)),_errorCodes=__webpack_require__(953);const securityHeaders={"Strict-Transport-Security":"max-age=31536000; includeSubDomains","X-Content-Type-Options":"nosniff","X-Frame-Options":"DENY","Referrer-Policy":"strict-origin-when-cross-origin","Permissions-Policy":"camera=(), microphone=(), geolocation=()","Cache-Control":"no-store","Content-Security-Policy":"default-src 'none'; frame-ancestors 'none'"},htmlSecurityHeaders={"Strict-Transport-Security":"max-age=31536000; includeSubDomains","X-Content-Type-Options":"nosniff","Referrer-Policy":"strict-origin-when-cross-origin","Permissions-Policy":"camera=(), microphone=(), geolocation=(), payment=*","Cache-Control":"no-store","Content-Security-Policy":["default-src 'self'","script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://test-htp.tokenex.com https://htp.tokenex.com https://sandbox.nmi.com https://secure.nmi.com https://applepay.cdn-apple.com","style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://sandbox.nmi.com https://secure.nmi.com","font-src 'self' https://fonts.gstatic.com","frame-src https:","connect-src 'self' https://*.tokenex.com https://*.sentry.io https://*.nmi.com","img-src 'self' data:","frame-ancestors *"].join("; ")};function buildResponse(statusCode,body){return{statusCode,headers:{"Access-Control-Allow-Origin":"*","Access-Control-Allow-Credentials":!0,...securityHeaders},body:JSON.stringify(body)}}function detectSequelizeError(body){const errorBody={},errorName=_lodash.default.get(body,"name","");if("SequelizeForeignKeyConstraintError"===errorName)return errorBody.message="You cannot delete this item as it is in use",errorBody.statusCode=409,errorBody.errorCode="4090",errorBody;if("SequelizeUniqueConstraintError"===errorName){const fields=_lodash.default.get(body,"errors",[]).map(err=>_lodash.default.get(err,"path")).filter(Boolean);return errorBody.message=fields.length?"A record with this "+fields.join(", ")+" already exists":"A record with this value already exists",errorBody.statusCode=409,errorBody.errorCode="4091",errorBody}if("SequelizeValidationError"===errorName){const messages=_lodash.default.get(body,"errors",[]).map(err=>_lodash.default.get(err,"message")).filter(Boolean);return errorBody.message=messages.length?messages.join(", "):"Validation error",errorBody.statusCode=400,errorBody.errorCode="4001",errorBody}let sequelizeError=_lodash.default.get(body,"errors",[]).reduce((acc,err)=>acc=acc+" "+_lodash.default.get(err,"message"),"");const parentError=_lodash.default.get(body,"parent","");return sequelizeError=sequelizeError+_lodash.default.get(body,"original.detail","")+_lodash.default.get(body,"TypeError","")+parentError,errorBody.message=sequelizeError.trim(),errorBody}function detectJoyError(body){const errorBody={},joyError=_lodash.default.get(body,"details[0]",{}),v=(_lodash.default.get(body,"details[0].context.details")||[]).reduce((acc,contextItem)=>acc=acc+" "+contextItem?.message||"","");console.error("USER VALIDATION ERROR:",body);const msg=(joyError?.message||"")+v;return msg&&(errorBody.message=_lodash.default.trim(msg)),errorBody.statusCode=400,errorBody.errorCode="4000",errorBody}},
-/***/864(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.loop=loop,exports.publishEvents=
+ * @param {string} bucket
+ * @param {number} maxKeys
+ * @param {Object} userImportTypes
+ */
+async function loop(bucket, maxKeys, userImportTypes) {
+  let bucketResult = {};
+  let fileList = [];
+
+  const currentTime = (0, _dayjs.default)();
+
+  do {
+    bucketResult = await _S3Utils.default.listObjectsV2({
+      Bucket: bucket,
+      MaxKeys: maxKeys,
+      ContinuationToken: _lodash.default.get(bucketResult, 'NextContinuationToken')
+    });
+
+    let newFiles = _lodash.default.filter(bucketResult.Contents, (file) => {
+      if (_lodash.default.startsWith(_lodash.default.get(file, 'Key'), 'delayUntil/')) {
+        const fileDelayTime = _lodash.default.get(file, 'Key').split('/')[1];
+        return (0, _dayjs.default)(fileDelayTime, 'YYYYMMDDHHmm').isSameOrBefore(currentTime);
+      }
+      if (userImportTypes) {
+        // look for items in the userImportTypes
+        const usersImports = Object.values(userImportTypes);
+        const items = file.Key.split('/');
+        const fileName = _lodash.default.last(items);
+        const folderName = _lodash.default.first(items);
+        if (_lodash.default.isEmpty(fileName)) {
+          return false;
+
+        } else if (usersImports.indexOf(folderName) === -1) {
+          return false;
+        }
+
+        return !_lodash.default.startsWith(file.Key, `${folderName}/error`);
+      }
+      return !_lodash.default.startsWith(file.Key, 'error');
+    });
+
+    fileList = _lodash.default.concat(fileList, newFiles);
+  } while (bucketResult.IsTruncated && bucketResult.NextContinuationToken && fileList.length < maxKeys);
+
+  return fileList;
+}
+
 /**
  * Published SNS events at a steady pace for data in a particular bucket. Should be executed via a cloud watch cron job as a part of a micro service
  *
@@ -366,98 +1268,857 @@ function success(body,options){return _lodash.default.get(options,"dbClose",_lod
  * @param {string} snsTopic - The name of the snsEvent to publish
  * @param {object} userImportTypes - import types to filter on
  */
-async function publishEvents(configTable,tableKey,bucket,snsTopic,userImportTypes){let result;try{result=await _dynamoUtils.default.get({TableName:configTable,Key:{key:tableKey}})}catch(e){console.error(`Cannot get config for key: ${tableKey} table: ${configTable} falling back to defaults of 2 and 10`,e)}let chunkSize=_lodash.default.get(result,"Item.snsChunkSize",2),maxMessages=_lodash.default.get(result,"Item.snsMaxMessages",10);const topicArn=(await _SNSUtils.default.createTopic({Name:snsTopic})).TopicArn,maxKeys=chunkSize*maxMessages,fileList=await loop(bucket,maxKeys,userImportTypes),messageList=_lodash.default.chain(fileList).map("Key").chunk(chunkSize).slice(0,maxMessages).value();return _bluebird.default.map(messageList,files=>_SNSUtils.default.publish({Message:JSON.stringify({bucket,files}),TopicArn:topicArn}))}
-/***/;var _lodash=_interopRequireDefault(__webpack_require__(825)),_dayjs=_interopRequireDefault(__webpack_require__(293)),_customParseFormat=_interopRequireDefault(__webpack_require__(59)),_isSameOrBefore=_interopRequireDefault(__webpack_require__(394)),_bluebird=_interopRequireDefault(__webpack_require__(564)),_S3Utils=_interopRequireDefault(__webpack_require__(908)),_SNSUtils=_interopRequireDefault(__webpack_require__(306)),_dynamoUtils=_interopRequireDefault(__webpack_require__(64));function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}
+async function publishEvents(configTable, tableKey, bucket, snsTopic, userImportTypes) {
+  let result;
+  try {
+    result = await _dynamoUtils.default.get({
+      TableName: configTable,
+      Key: { key: tableKey }
+    });
+  } catch (e) {
+    console.error(`Cannot get config for key: ${tableKey} table: ${configTable} falling back to defaults of 2 and 10`, e);
+  }
+  let chunkSize = _lodash.default.get(result, 'Item.snsChunkSize', 2);
+  let maxMessages = _lodash.default.get(result, 'Item.snsMaxMessages', 10);
+
+  const snsCreateTopicResponse = await _SNSUtils.default.createTopic({ Name: snsTopic });
+  const topicArn = snsCreateTopicResponse.TopicArn;
+  const maxKeys = chunkSize * maxMessages;
+
+  const fileList = await loop(bucket, maxKeys, userImportTypes);
+
+  const messageList = _lodash.default.chain(fileList).
+  map('Key').
+  chunk(chunkSize).
+  slice(0, maxMessages).
+  value();
+
+
+  return _bluebird.default.map(messageList, (files) => {
+    return _SNSUtils.default.publish({
+      Message: JSON.stringify({
+        bucket: bucket,
+        files: files
+      }),
+      TopicArn: topicArn
+    });
+  });
+}
+
+/***/ },
+
+/***/ "./src/eventManager/watchBucket.js"
+/*!*****************************************!*\
+  !*** ./src/eventManager/watchBucket.js ***!
+  \*****************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.watchBucket = watchBucket;var _publishEvents = __webpack_require__(/*! ./publishEvents.js */ "./src/eventManager/publishEvents.js");
+var _handleEvents = __webpack_require__(/*! ./handleEvents.js */ "./src/eventManager/handleEvents.js");
+var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
 /**
- * @param {string} bucket
- * @param {number} maxKeys
- * @param {Object} userImportTypes
+ * bucket watcher watches a s3 bucket and publishes events to a sns topic, this allows you to process files in s3 with a some transformer function
+ * prefix objects with DIRECT to listen to direct s3 events
+ *
+ * @param {object} params - The parameters for watchBucket, see below
+ * @param {object} params.event - The event of the lambda
+ * @param {string} params.dynamoConfigTable - The Dynamo DB table where to get the chunkSize and maxMessage size
+ * @param {string} params.dynamoConfigKey - The key to the item in the Dynamo DB table that holds the chunkSize and maxMessage size
+ * @param {string} params.s3Bucket - The name of the s3 bucket to watch, when you drop items into this table events will be created
+ * @param {string} params.snsTopic - The name of the snsEvent to publish
+ * @param {function} params.transformer - the function to run on each file
+ * @param {function} [params.errorHandlerPerFile] - the function to run on as a catch on each file
+ * @param {boolean} [params.shouldSkipFailedFolders] - whether to use the failed-once, failed-twice, error or just error folders
+ * @param {object} [params.userImportTypes] - user import subdirectories object map
  */
-async function loop(bucket,maxKeys,userImportTypes){let bucketResult={},fileList=[];const currentTime=(0,_dayjs.default)();do{bucketResult=await _S3Utils.default.listObjectsV2({Bucket:bucket,MaxKeys:maxKeys,ContinuationToken:_lodash.default.get(bucketResult,"NextContinuationToken")});let newFiles=_lodash.default.filter(bucketResult.Contents,file=>{if(_lodash.default.startsWith(_lodash.default.get(file,"Key"),"delayUntil/")){const fileDelayTime=_lodash.default.get(file,"Key").split("/")[1];return(0,_dayjs.default)(fileDelayTime,"YYYYMMDDHHmm").isSameOrBefore(currentTime)}if(userImportTypes){
-// look for items in the userImportTypes
-const usersImports=Object.values(userImportTypes),items=file.Key.split("/"),fileName=_lodash.default.last(items),folderName=_lodash.default.first(items);return!_lodash.default.isEmpty(fileName)&&(-1!==usersImports.indexOf(folderName)&&!_lodash.default.startsWith(file.Key,`${folderName}/error`))}return!_lodash.default.startsWith(file.Key,"error")});fileList=_lodash.default.concat(fileList,newFiles)}while(bucketResult.IsTruncated&&bucketResult.NextContinuationToken&&fileList.length<maxKeys);return fileList}_dayjs.default.extend(_customParseFormat.default),_dayjs.default.extend(_isSameOrBefore.default)},
-/***/871(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.runMigrations=
-/**
- * Execute database migrations
- * @param {string} databaseName - name of database to create (or verify existence)
- * @param {object} sequelizeInstance - instance of Sequelize (must be initialized)
- * @param {function} initializeModels - function to run to sync Sequelize models with database
- * @param {string} pathToMigrationFolder - pass in the path if using windows. windows and linux PWD will be different
+function watchBucket({
+  event,
+  dynamoConfigTable,
+  dynamoConfigKey,
+  s3Bucket,
+  snsTopic,
+  transformer,
+  errorHandlerPerFile = _lodash.default.noop,
+  shouldSkipFailedFolders = false,
+  userImportTypes
+}) {
+  if (!event || !dynamoConfigTable || !dynamoConfigKey || !s3Bucket || !snsTopic || !transformer) {
+    throw new Error('Missing required parameters. Need event, dynamoConfigTable, dynamoConfigKey, s3Bucket, snsTopic, transformer');
+  }
+
+  const EventSource = _lodash.default.get(event, 'Records[0].eventSource') || _lodash.default.get(event, 'Records[0].EventSource');
+
+  if (_lodash.default.isEqual(EventSource, 'aws:sns')) {
+    return (0, _handleEvents.handleEvents)(event, transformer, errorHandlerPerFile, shouldSkipFailedFolders, userImportTypes);
+  } else if (_lodash.default.isEqual(EventSource, 'aws:s3')) {
+    const failedOnce = 'failed-once';
+    const failedTwice = 'failed-twice';
+    const error = 'error';
+    const direct = 'DIRECT';
+    const key = _lodash.default.get(event, 'Records[0].s3.object.key') || '';
+    const startsWithDirect = _lodash.default.startsWith(key, direct);
+    if (key.includes(failedOnce) || key.includes(failedTwice) || key.includes(error)) {
+      // this used to throw, but the throw raised useless alarms, I believed turing throw in to a return was ok
+      return;
+    }
+
+    if (startsWithDirect) {
+      console.log('------->DIRECT WRITE FIRE');
+      return (0, _handleEvents.handleDirectS3WriteEvent)(event, transformer, errorHandlerPerFile, shouldSkipFailedFolders, userImportTypes);
+    }
+
+  } else {
+    // the function is being run from the cron job so publish SNS events
+    return (0, _publishEvents.publishEvents)(dynamoConfigTable, dynamoConfigKey, s3Bucket, snsTopic, userImportTypes);
+  }
+}
+
+/***/ },
+
+/***/ "./src/requestResponse/errorCodes.js"
+/*!*******************************************!*\
+  !*** ./src/requestResponse/errorCodes.js ***!
+  \*******************************************/
+(__unused_webpack_module, exports) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.errorList = void 0;const errorList = exports.errorList = {
+  invalidInventoryReleaseRequest: {
+    message: 'NOT ENOUGH INVENTORY TO FULFILL RELEASE',
+    errorCode: '4010',
+    statusCode: 400
+  },
+  alreadyReleased: {
+    message: 'ALREADY RELEASED',
+    errorCode: '4011',
+    statusCode: 400
+  },
+  alreadyReceived: {
+    message: 'RECEIVABLE ALREADY RECEIVED',
+    errorCode: '4012',
+    statusCode: 400
+  },
+  invalidItemsRequest: {
+    message: 'VALID ITEMS MUST BE INCLUDED',
+    errorCode: '4013',
+    statusCode: 400
+  },
+  invalidID: {
+    message: 'ID is invalid',
+    errorCode: '4014',
+    statusCode: 400
+  },
+  invalidReceivable: {
+    message: 'MUST CONTAIN AT LEAST ONE RECEIVABLE',
+    errorCode: '4015',
+    statusCode: 400
+  },
+  invalidRequest: {
+    message: 'INVALID REQUEST DATA',
+    errorCode: '4016',
+    statusCode: 400
+  },
+  invalidAPIKey: {
+    message: 'INVALID REQUEST - API MAY KEY INVALID',
+    errorCode: '4017',
+    statusCode: 400
+  },
+  qbCreationError: {
+    message: 'QUICKBOOKS ERROR - ERROR CREATING OBJECT IN QUICKBOOKS',
+    errorCode: '4018',
+    statusCode: 400
+  },
+  cannotReopen: {
+    message: 'CANNOT REOPEN - THE ORDER HAS ALREADY BEEN OPENED',
+    errorCode: '4018',
+    statusCode: 400
+  },
+  invalidDateFormat: {
+    message: 'INVALID DATE FORMAT',
+    errorCode: '4019',
+    statusCode: 400
+  },
+  invalidStartDate: {
+    message: 'INVALID START DATE',
+    errorCode: '4020',
+    statusCode: 400
+  },
+  invalidEndDate: {
+    message: 'INVALID END DATE',
+    errorCode: '4021',
+    statusCode: 400
+  },
+  invalidOrderStatus: {
+    message: 'UNABLE TO EDIT ORDER ITEMS UNLESS THE ORDER IS IN ESTIMATE STATUS',
+    errorCode: '4022',
+    statusCode: 400
+  },
+  invalidPaymentStatus: {
+    message: 'UNABLE TO UPDATE PAYMENT STATUS PAYMENT MUST BE OPEN',
+    errorCode: '4023',
+    statusCode: 400
+  },
+  invalidReleaseStatus: {
+    message: 'UNABLE TO UPDATE RELEASE, STATUS RELEASE MUST BE OPEN',
+    errorCode: '4024',
+    statusCode: 400
+  },
+  invalidReceivableStatus: {
+    message: 'UNABLE TO UPDATE RECEIVABLE, STATUS RECEIVABLE MUST BE OPEN',
+    errorCode: '40025',
+    statusCode: 400
+  },
+  invalidJson: {
+    message: 'INVALID JSON',
+    errorCode: '4005',
+    statusCode: 400
+  },
+  invalidFilter: {
+    message: 'INVALID FILTER',
+    errorCode: '4026',
+    statusCode: 400
+  },
+  invalidUserNameUpdate: {
+    message: 'UNABLE TO UPDATE USERNAME',
+    errorCode: '4027',
+    statusCode: 400
+  },
+  imageSizeLimit: {
+    message: 'IMAGE SIZE LIMIT 100KB EXCEEDED',
+    errorCode: '4028',
+    statusCode: 400
+  },
+  unauthorized: {
+    message: 'UNAUTHORIZED',
+    errorCode: '4111',
+    statusCode: 401
+  },
+  notFound: {
+    message: 'ITEM NOT FOUND',
+    errorCode: '4004',
+    statusCode: 404
+  },
+  emailRequired: {
+    message: 'NO EMAIL PROVIDED, CHECK CUSTOMER EMAIL',
+    errorCode: '4004',
+    statusCode: 404
+  },
+  mobilePhoneRequired: {
+    message: 'NO MOBILE PHONE PROVIDED, CHECK CUSTOMER CONTACTS',
+    errorCode: '4004',
+    statusCode: 404
+  },
+  invalidCadenceType: {
+    message: 'INVALID CADENCE TYPE',
+    errorCode: '5001',
+    statusCode: 500
+  }
+};
+
+/***/ },
+
+/***/ "./src/requestResponse/requestResponse.js"
+/*!************************************************!*\
+  !*** ./src/requestResponse/requestResponse.js ***!
+  \************************************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.detectDynamooseError = detectDynamooseError;exports.detectJoyError = detectJoyError;exports.detectSequelizeError = detectSequelizeError;exports.failure = failure;exports.getCurrentUser = getCurrentUser;exports.getCurrentUserNameFromCognitoEvent = getCurrentUserNameFromCognitoEvent;exports.parseBody = parseBody;exports.parseEvent = parseEvent;exports.success = success;exports.successHtml = successHtml;var _lodash = _interopRequireDefault(__webpack_require__(/*! lodash */ "lodash"));
+var _errorCodes = __webpack_require__(/*! ./errorCodes.js */ "./src/requestResponse/errorCodes.js");function _interopRequireDefault(e) {return e && e.__esModule ? e : { default: e };}
+
+const securityHeaders = {
+  'Strict-Transport-Security': 'max-age=31536000; includeSubDomains',
+  'X-Content-Type-Options': 'nosniff',
+  'X-Frame-Options': 'DENY',
+  'Referrer-Policy': 'strict-origin-when-cross-origin',
+  'Permissions-Policy': 'camera=(), microphone=(), geolocation=()',
+  'Cache-Control': 'no-store',
+  'Content-Security-Policy': "default-src 'none'; frame-ancestors 'none'"
+};
+
+const htmlSecurityHeaders = {
+  'Strict-Transport-Security': 'max-age=31536000; includeSubDomains',
+  'X-Content-Type-Options': 'nosniff',
+  'Referrer-Policy': 'strict-origin-when-cross-origin',
+  'Permissions-Policy': 'camera=(), microphone=(), geolocation=(), payment=*',
+  'Cache-Control': 'no-store',
+  'Content-Security-Policy': [
+  "default-src 'self'",
+  "script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://test-htp.tokenex.com https://htp.tokenex.com https://sandbox.nmi.com https://secure.nmi.com https://applepay.cdn-apple.com",
+  "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://sandbox.nmi.com https://secure.nmi.com",
+  "font-src 'self' https://fonts.gstatic.com",
+  "frame-src https:",
+  "connect-src 'self' https://*.tokenex.com https://*.sentry.io https://*.nmi.com https://*.apple.com",
+  "img-src 'self' data:",
+  "frame-ancestors *"].
+  join('; ')
+};
+
+/**
+ * @param {Object} body
+ * @param {{dbClose?:function}} [options]
  */
-async function runMigrations(databaseName,sequelizeInstance,initializeModels,pathToMigrationFolder=`${process.env.PWD}/migrations/*.js`){const umzug=new _umzug.Umzug({migrations:{glob:pathToMigrationFolder},context:sequelizeInstance.getQueryInterface(),storage:new _umzug.SequelizeStorage({sequelize:sequelizeInstance}),logger:console}),pendingMigrations=await umzug.pending();console.log("-------\x3eUTIL Pending Migrations:",pendingMigrations,pathToMigrationFolder),await umzug.up().catch(upError=>(console.error("Migration Error: ",upError),umzug.down({migrations:_lodash.default.chain(pendingMigrations).map("file").reverse().value()}).then(()=>{const msg="UTIL Error: Error with migrating up:"+upError;throw console.error(msg),new Error(msg)},downError=>{const msg="UTIL Error: Error with migrating down:"+downError;throw console.error(msg),new Error(msg)}))),
-// The following line is needed to sync (create) tables, but not to database updates
-// in the past it worked to leave it in, but now the tags module causes foreign key problems
-// The tables are still initiated by being passed in to run migrations
-await initializeModels()}
-/***/;var _lodash=function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}(__webpack_require__(825)),_umzug=__webpack_require__(920)},
-/***/876(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.containsError=containsError,exports.handleFile=async function handleFile(path,s3Bucket,transformer,options){const shouldSkipFailedFolders=_lodash.default.get(options,"shouldSkipFailedFolders"),userImportTypes=_lodash.default.get(options,"userImportTypes"),params={Bucket:s3Bucket,Key:path};let body;try{body=await _S3Utils.default.getObject(params)}catch(e){if("NoSuchKey"===e.Code||"NoSuchKey"===e.code||"NoSuchKey"===e.name)return;throw console.error("S3 getObject error:",e),e}try{
-// exit early for null/undefined or blank string bodies
-if(_lodash.default.isNil(body)||_lodash.default.isString(body)&&_lodash.default.isEmpty(body.trim()))return void await _S3Utils.default.deleteObject(params);const parsedBody=JSON.parse(body);
-// exit early for objects like {} or []
-if(_lodash.default.isEmpty(parsedBody))return void await _S3Utils.default.deleteObject(params);const returnedValue=await transformer(parsedBody);return await _S3Utils.default.deleteObject(params),returnedValue}catch(error){if(console.error("HANDLE-FILE-ERROR",error),!body)return;let newPath="";if(userImportTypes){console.log("USER IMPORT");
-// look for items in the userImportTypes
-const usersImports=Object.values(userImportTypes),items=path.split("/"),fileName=_lodash.default.last(items),folderName=_lodash.default.first(items);newPath=usersImports.indexOf(folderName)>-1?shouldSkipFailedFolders?`${folderName}/error/${fileName}`:_lodash.default.startsWith(path,`${folderName}/failed-once/`)?_lodash.default.replace(path,`${folderName}/failed-once/`,`${folderName}/failed-twice/`):_lodash.default.startsWith(path,`${folderName}/failed-twice/`)?_lodash.default.replace(path,`${folderName}/failed-twice/`,`${folderName}/error/`):`${folderName}/failed-once/${fileName}`:`pathAndEventMisMatchError/${path}`}else shouldSkipFailedFolders?newPath=`error/${path}`:_lodash.default.startsWith(path,"failed-once/")?newPath=_lodash.default.replace(path,"failed-once/","failed-twice/"):_lodash.default.startsWith(path,"failed-twice/")?newPath=_lodash.default.replace(path,"failed-twice/","error/"):(_lodash.default.includes(path,"delayUntil/")&&(path=_lodash.default.last(path.split("/"))),newPath=`failed-once/${path}`);const newParams={Bucket:s3Bucket,Key:newPath,Body:body};if(containsError(newPath,"failed-once")||containsError(newPath,"failed-twice")||containsError(newPath,"error"))throw new Error("NESTING ERROR");throw await _S3Utils.default.putObject(newParams),await _S3Utils.default.deleteObject(params),error}};var _lodash=_interopRequireDefault(__webpack_require__(825)),_S3Utils=_interopRequireDefault(__webpack_require__(908));function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}function containsError(str,val){const firstIndex=str.toLowerCase().indexOf(val);if(-1===firstIndex)return!1;return-1!==str.toLowerCase().indexOf(val,firstIndex+1)}
-/***/},
-/***/908(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.default=void 0,exports.s3Utils=s3Utils;var _clientS=__webpack_require__(43);function s3Utils(action,params){return(new _clientS.S3)[action](params)}const S3Util={getObject:params=>async function getS3(params){const s3=new _clientS.S3,response=await s3.getObject(params);return response?.Body.transformToString("utf-8")}
-/***/(params),deleteObject:params=>s3Utils("deleteObject",params),putObject:params=>s3Utils("putObject",params),listObjectsV2:params=>s3Utils("listObjectsV2",params)};exports.default=S3Util},
-/***/920(module){module.exports=require("umzug");
-/***/},
-/***/929(module){module.exports=require("@aws-sdk/client-dynamodb");
-/***/},
-/***/953(__unused_webpack_module,exports){Object.defineProperty(exports,"__esModule",{value:!0}),exports.errorList=void 0;exports.errorList={invalidInventoryReleaseRequest:{message:"NOT ENOUGH INVENTORY TO FULFILL RELEASE",errorCode:"4010",statusCode:400},alreadyReleased:{message:"ALREADY RELEASED",errorCode:"4011",statusCode:400},alreadyReceived:{message:"RECEIVABLE ALREADY RECEIVED",errorCode:"4012",statusCode:400},invalidItemsRequest:{message:"VALID ITEMS MUST BE INCLUDED",errorCode:"4013",statusCode:400},invalidID:{message:"ID is invalid",errorCode:"4014",statusCode:400},invalidReceivable:{message:"MUST CONTAIN AT LEAST ONE RECEIVABLE",errorCode:"4015",statusCode:400},invalidRequest:{message:"INVALID REQUEST DATA",errorCode:"4016",statusCode:400},invalidAPIKey:{message:"INVALID REQUEST - API MAY KEY INVALID",errorCode:"4017",statusCode:400},qbCreationError:{message:"QUICKBOOKS ERROR - ERROR CREATING OBJECT IN QUICKBOOKS",errorCode:"4018",statusCode:400},cannotReopen:{message:"CANNOT REOPEN - THE ORDER HAS ALREADY BEEN OPENED",errorCode:"4018",statusCode:400},invalidDateFormat:{message:"INVALID DATE FORMAT",errorCode:"4019",statusCode:400},invalidStartDate:{message:"INVALID START DATE",errorCode:"4020",statusCode:400},invalidEndDate:{message:"INVALID END DATE",errorCode:"4021",statusCode:400},invalidOrderStatus:{message:"UNABLE TO EDIT ORDER ITEMS UNLESS THE ORDER IS IN ESTIMATE STATUS",errorCode:"4022",statusCode:400},invalidPaymentStatus:{message:"UNABLE TO UPDATE PAYMENT STATUS PAYMENT MUST BE OPEN",errorCode:"4023",statusCode:400},invalidReleaseStatus:{message:"UNABLE TO UPDATE RELEASE, STATUS RELEASE MUST BE OPEN",errorCode:"4024",statusCode:400},invalidReceivableStatus:{message:"UNABLE TO UPDATE RECEIVABLE, STATUS RECEIVABLE MUST BE OPEN",errorCode:"40025",statusCode:400},invalidJson:{message:"INVALID JSON",errorCode:"4005",statusCode:400},invalidFilter:{message:"INVALID FILTER",errorCode:"4026",statusCode:400},invalidUserNameUpdate:{message:"UNABLE TO UPDATE USERNAME",errorCode:"4027",statusCode:400},imageSizeLimit:{message:"IMAGE SIZE LIMIT 100KB EXCEEDED",errorCode:"4028",statusCode:400},unauthorized:{message:"UNAUTHORIZED",errorCode:"4111",statusCode:401},notFound:{message:"ITEM NOT FOUND",errorCode:"4004",statusCode:404},emailRequired:{message:"NO EMAIL PROVIDED, CHECK CUSTOMER EMAIL",errorCode:"4004",statusCode:404},mobilePhoneRequired:{message:"NO MOBILE PHONE PROVIDED, CHECK CUSTOMER CONTACTS",errorCode:"4004",statusCode:404},invalidCadenceType:{message:"INVALID CADENCE TYPE",errorCode:"5001",statusCode:500}};
-/***/},
-/***/981(__unused_webpack_module,exports){
-/**
- * create pagination object from Sequelize findAll
- * @param {object} result - sequelize result
- * @param {number} limit - max number of results to return
- * @param {number} offset - page offset
+function success(body, options) {
+  const dbClose = _lodash.default.get(options, 'dbClose', _lodash.default.noop);
+  dbClose();
+
+  return buildResponse(200, body);
+}
+
+/**
+ * @param {string} html
+ * @param {{dbClose:function|undefined}} options
  */
-function getPaginationFromFindAll(result,limit,offset){limit=limit||0,offset=offset||0;const hasMore=(result=result||[]).length>limit;hasMore&&result.splice(-1,1);return{offset,limit,rows:result,hasMore}}
-/**
- * wrapper for Sequelize findAll
- * @param {object} model - instance of Sequelize (must be initialized)
- * @param {*&{include: [{model: *}], where: {businessId: Array}, order: [string[]]}} options - instance of Sequelize (must be initialized)
- */async function findAll(model,options){const limit=options.limit||0,includes=options.includes||{all:!0,nested:!0},findArgs=Object.assign({include:includes},options,{limit:limit+1});return getPaginationFromFindAll(await model.findAll(findArgs),limit,options.offset)}Object.defineProperty(exports,"__esModule",{value:!0}),exports.default=void 0,exports.findAll=findAll,exports.getPaginationFromFindAll=getPaginationFromFindAll;const findUtils={findAll};exports.default=findUtils;
-/***/},
-/***/982(__unused_webpack_module,exports,__webpack_require__){Object.defineProperty(exports,"__esModule",{value:!0}),exports.createIncludes=
-/**
- * Create sequelize includes array from query string parameters and default sequelize model
- *
- * @param {object} event - the query parameters from the event passed by lambda
- * @param {object} objectFilters - the default filters object created by createDefaultFilters
- * @returns {object} A sequelize includes array
+function successHtml(html, options) {
+  const dbClose = _lodash.default.get(options, 'dbClose', _lodash.default.noop);
+
+  dbClose();
+  return {
+    statusCode: 200,
+    headers: {
+      'Content-Type': 'text/html',
+      'Access-Control-Allow-Origin': '*',
+      'Access-Control-Allow-Credentials': true,
+      ...htmlSecurityHeaders
+    },
+    body: html
+  };
+}
+
+/**
+ * @param {string} event
+ * @returns string
+ */
+function getCurrentUserNameFromCognitoEvent(event) {
+  const attributes = _lodash.default.get(event, 'request.userAttributes');
+
+  return attributes['cognito:email_alias'] || attributes['email'] || 'UNKNOWN USER';
+}
+
+/**
+ * Get the user information from the event object
+ *
+ * @param event {Object} an event object
+ * @returns {{username: string, id: number}}
  */
-function createIncludes(event,objectFilters){const query=_lodash.default.get(event,"queryStringParameters",{})||{},canBeIncluded=Object.keys(objectFilters).reduce((acc,item)=>acc=includeSubItem(item,acc),[]),askedForInQuery=Object.keys(query).reduce((acc,item)=>("sort"===item&&query[item].split(",").forEach(sortItem=>{sortItem=0===sortItem.indexOf("-")?sortItem.substr(1):sortItem,acc=includeSubItem(sortItem,acc)}),acc=includeSubItem(item,acc)),[]);return _lodash.default.intersection(canBeIncluded,askedForInQuery)},exports.includeSubItem=includeSubItem;var _lodash=function _interopRequireDefault(e){return e&&e.__esModule?e:{default:e}}(__webpack_require__(825));function includeSubItem(queryStringItem,acc=[]){const dot=queryStringItem.indexOf(".");return dot>0&&acc.push(queryStringItem.substring(0,dot)),acc}
-/***/}
-/******/},__webpack_module_cache__={};
+function getCurrentUser(event) {
+  let jsonToParse = _lodash.default.get(event, 'requestContext.authorizer.claims.custom:UID') ||
+  _lodash.default.get(event, 'requestContext.authorizer.custom:UID') ||
+  '0';
+
+  const id = JSON.parse(jsonToParse);
+
+  const username = _lodash.default.get(event, 'requestContext.authorizer.claims.email') || _lodash.default.get(event, 'requestContext.authorizer.email') || 'localtestuser@gexample.com';
+
+  return {
+    username,
+    id
+  };
+}
+
+/**
+ * Create a failure response
+ *
+ * @param body {Object} an event object
+ * @param options {Object} an options object
+ * @returns {{statusCode:number, headers:object, body:string}} a response object
+ */
+function failure(body = {}, options) {
+  const dbClose = _lodash.default.get(options, 'dbClose', _lodash.default.noop);
+  dbClose();
+  let cleanedErrorBody;
+
+  if (process.env.UTIL_LOG === 'LOG_ALL' || process.env.BUILD_ENV === 'test') {
+    if (_lodash.default.isObject(body)) {
+      console.error('------->ALL UTIL ERROR:', JSON.stringify(body, null, 2));
+    }
+  }
+
+  const NORMAL_ERROR = { statusCode: 500, errorCode: '5XX', message: 'INTERNAL UTIL ERROR' };
+  cleanedErrorBody = body;
+  if (!_lodash.default.isUndefined(body.details)) {
+    cleanedErrorBody = detectJoyError(body);
+  } else if (_lodash.default.isUndefined(body.errorCode) || _lodash.default.isUndefined(body.statusCode)) {
+    cleanedErrorBody = detectSequelizeError(body);
+  }
+  if (_lodash.default.get(body, 'response.data.message')) {
+    const err = _lodash.default.get(body, 'response.data.message');
+    if (_lodash.default.isObject(body)) {
+      if (process.env.UTIL_LOG === 'LOG_ALL' || process.env.BUILD_ENV === 'test') {
+        console.error('------->MSG UTIL ERROR:', JSON.stringify(err, null, 2));
+      }
+    }
+  }
+  const newBody = _lodash.default.merge(NORMAL_ERROR, cleanedErrorBody);
+
+  return buildResponse(newBody.statusCode, newBody);
+}
+
+/**
+ * Create a failure response object
+ *
+ * @param statusCode {Number} a status code
+ * @param body {Object} an event object
+ * @returns {{statusCode:number, headers:object, body:string}} a response object
+ */
+function buildResponse(statusCode, body) {
+  return {
+    statusCode: statusCode,
+    headers: {
+      'Access-Control-Allow-Origin': '*',
+      'Access-Control-Allow-Credentials': true,
+      ...securityHeaders
+    },
+    body: JSON.stringify(body)
+  };
+}
+
+/**
+ * parse the body of the event object
+ *
+ * @param requestEvent {{body:string}} an event object
+ * @returns event {*} the json object of the body
+ */
+function parseBody(requestEvent) {
+
+  let eventBody = {};
+  if (_lodash.default.isString(requestEvent.body)) {
+    try {
+      eventBody = JSON.parse(requestEvent.body);
+    } catch (e) {
+      // Invalid JSON
+      eventBody = null;
+
+      throw _errorCodes.errorList.invalidJson;
+    }
+  } else if (_lodash.default.isObject(requestEvent.body)) {
+    eventBody = requestEvent.body;
+  }
+
+  return eventBody;
+}
+
+/**
+ * parse the body of the event object
+ *
+ * @param requestEvent {string|object} an event object
+ * @param [callback] {function} undefined a call back function
+ * @returns event {*} the json object of the body
+ */
+function parseEvent(requestEvent, callback) {
+  let event = {};
+  if (_lodash.default.isString(requestEvent)) {
+    try {
+      event = JSON.parse(requestEvent);
+    } catch (e) {
+      // Invalid JSON
+      event = null;
+
+      if (callback) {
+        callback(Error(e));
+      }
+    }
+  } else if (_lodash.default.isObject(requestEvent)) {
+    event = requestEvent;
+  }
+
+  return event;
+}
+
+/**
+ * parse the body of the event object
+ * look for sequelize errors and return a message
+ * ERRORS should not be caught here this is a fallback for unknown database errors
+ *
+ * @param body {object} part of a body response
+ * @returns error message object {message:string}
+ */
+function detectSequelizeError(body) {
+  const errorBody = {};
+  const errorName = _lodash.default.get(body, 'name', '');
+
+  if (errorName === 'SequelizeForeignKeyConstraintError') {
+    errorBody.message = 'You cannot delete this item as it is in use';
+    errorBody.statusCode = 409;
+    errorBody.errorCode = '4090';
+    return errorBody;
+  }
+
+  if (errorName === 'SequelizeUniqueConstraintError') {
+    const fields = _lodash.default.get(body, 'errors', []).map((err) => _lodash.default.get(err, 'path')).filter(Boolean);
+    errorBody.message = fields.length ?
+    'A record with this ' + fields.join(', ') + ' already exists' :
+    'A record with this value already exists';
+    errorBody.statusCode = 409;
+    errorBody.errorCode = '4091';
+    return errorBody;
+  }
+
+  if (errorName === 'SequelizeValidationError') {
+    const messages = _lodash.default.get(body, 'errors', []).map((err) => _lodash.default.get(err, 'message')).filter(Boolean);
+    errorBody.message = messages.length ? messages.join(', ') : 'Validation error';
+    errorBody.statusCode = 400;
+    errorBody.errorCode = '4001';
+    return errorBody;
+  }
+
+  let sequelizeError = _lodash.default.get(body, 'errors', []).reduce((acc, err) => {
+    acc = acc + ' ' + _lodash.default.get(err, 'message');
+    return acc;
+  }, '');
+  const parentError = _lodash.default.get(body, 'parent', '');
+
+  sequelizeError = sequelizeError + _lodash.default.get(body, 'original.detail', '') + _lodash.default.get(body, 'TypeError', '') + parentError;
+  errorBody.message = sequelizeError.trim();
+  return errorBody;
+}
+
+function detectJoyError(body) {
+  const errorBody = {};
+  const joyError = _lodash.default.get(body, 'details[0]', {});
+  const additionalMessages = _lodash.default.get(body, 'details[0].context.details') || [];
+
+  const v = additionalMessages.reduce((acc, contextItem) => {
+    acc = acc + ' ' + contextItem?.message || '';
+    return acc;
+  }, '');
+
+  console.error('USER VALIDATION ERROR:', body);
+  const msg = (joyError?.message || '') + v;
+
+  if (msg) {
+    errorBody.message = _lodash.default.trim(msg);
+  }
+
+  errorBody.statusCode = 400;
+  errorBody.errorCode = '4000';
+  return errorBody;
+}
+
+/**
+ * Parse the body of a Dynamoose error response.
+ * Attempts to extract a human-readable error message from Dynamoose errors.
+ * This is a fallback for unknown database errors.
+ *
+ * @param {object} body - Part of a body response containing error details.
+ * @returns {object} - Error message object { message: string }
+ */
+function detectDynamooseError(body) {
+  const errorBody = {};
+
+  // Start with an empty message string.
+  let dynamooseError = '';
+
+  // If the error body contains an array of errors, concatenate their messages.
+  if (Array.isArray(body.errors)) {
+    dynamooseError += body.errors.reduce((acc, err) => {
+      return acc + ' ' + (err.message || '');
+    }, '');
+  }
+
+  // If there's a top-level message, add it.
+  if (body.message) {
+    dynamooseError += ' ' + body.message;
+  }
+
+  // If there is any additional detail provided, append it.
+  if (body.detail) {
+    dynamooseError += ' ' + body.detail;
+  }
+
+  // Trim the message to remove extra spaces.
+  errorBody.message = dynamooseError.trim();
+
+  return errorBody;
+}
+
+/***/ },
+
+/***/ "./src/s3/S3Utils/S3Utils.js"
+/*!***********************************!*\
+  !*** ./src/s3/S3Utils/S3Utils.js ***!
+  \***********************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports["default"] = void 0;exports.s3Utils = s3Utils;var _clientS = __webpack_require__(/*! @aws-sdk/client-s3 */ "@aws-sdk/client-s3");
+
+function s3Utils(action, params) {
+  const s3 = new _clientS.S3();
+  return s3[action](params);
+}
+
+const S3Util = {
+  getObject: (params) => getS3(params),
+  deleteObject: (params) => s3Utils('deleteObject', params),
+  putObject: (params) => s3Utils('putObject', params),
+  listObjectsV2: (params) => s3Utils('listObjectsV2', params)
+};var _default = exports["default"] =
+S3Util;
+
+async function getS3(params) {
+  const s3 = new _clientS.S3();
+  const response = await s3.getObject(params);
+  return response?.Body.transformToString('utf-8');
+}
+
+/***/ },
+
+/***/ "./src/sns/SNSUtils.js"
+/*!*****************************!*\
+  !*** ./src/sns/SNSUtils.js ***!
+  \*****************************/
+(__unused_webpack_module, exports, __webpack_require__) {
+
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports["default"] = void 0;var _clientSns = __webpack_require__(/*! @aws-sdk/client-sns */ "@aws-sdk/client-sns");
+
+const SNSUtil = {
+  publish: (params) => publish(params),
+  createTopic: (params) => createTopic(params)
+};
+
+async function publish(params) {
+  const sns = new _clientSns.SNS();
+  return await sns.publish(params);
+}
+
+async function createTopic(params) {
+  const sns = new _clientSns.SNS();
+  return await sns.createTopic(params);
+}var _default = exports["default"] =
+
+SNSUtil;
+
+/***/ },
+
+/***/ "@aws-sdk/client-dynamodb"
+/*!*******************************************!*\
+  !*** external "@aws-sdk/client-dynamodb" ***!
+  \*******************************************/
+(module) {
+
+module.exports = require("@aws-sdk/client-dynamodb");
+
+/***/ },
+
+/***/ "@aws-sdk/client-s3"
+/*!*************************************!*\
+  !*** external "@aws-sdk/client-s3" ***!
+  \*************************************/
+(module) {
+
+module.exports = require("@aws-sdk/client-s3");
+
+/***/ },
+
+/***/ "@aws-sdk/client-sns"
+/*!**************************************!*\
+  !*** external "@aws-sdk/client-sns" ***!
+  \**************************************/
+(module) {
+
+module.exports = require("@aws-sdk/client-sns");
+
+/***/ },
+
+/***/ "@aws-sdk/lib-dynamodb"
+/*!****************************************!*\
+  !*** external "@aws-sdk/lib-dynamodb" ***!
+  \****************************************/
+(module) {
+
+module.exports = require("@aws-sdk/lib-dynamodb");
+
+/***/ },
+
+/***/ "bluebird"
+/*!***************************!*\
+  !*** external "bluebird" ***!
+  \***************************/
+(module) {
+
+module.exports = require("bluebird");
+
+/***/ },
+
+/***/ "dayjs"
+/*!************************!*\
+  !*** external "dayjs" ***!
+  \************************/
+(module) {
+
+module.exports = require("dayjs");
+
+/***/ },
+
+/***/ "dayjs/plugin/customParseFormat"
+/*!*************************************************!*\
+  !*** external "dayjs/plugin/customParseFormat" ***!
+  \*************************************************/
+(module) {
+
+module.exports = require("dayjs/plugin/customParseFormat");
+
+/***/ },
+
+/***/ "dayjs/plugin/isSameOrBefore"
+/*!**********************************************!*\
+  !*** external "dayjs/plugin/isSameOrBefore" ***!
+  \**********************************************/
+(module) {
+
+module.exports = require("dayjs/plugin/isSameOrBefore");
+
+/***/ },
+
+/***/ "dayjs/plugin/utc.js"
+/*!**************************************!*\
+  !*** external "dayjs/plugin/utc.js" ***!
+  \**************************************/
+(module) {
+
+module.exports = require("dayjs/plugin/utc.js");
+
+/***/ },
+
+/***/ "lodash"
+/*!*************************!*\
+  !*** external "lodash" ***!
+  \*************************/
+(module) {
+
+module.exports = require("lodash");
+
+/***/ },
+
+/***/ "sequelize"
+/*!****************************!*\
+  !*** external "sequelize" ***!
+  \****************************/
+(module) {
+
+module.exports = require("sequelize");
+
+/***/ },
+
+/***/ "umzug"
+/*!************************!*\
+  !*** external "umzug" ***!
+  \************************/
+(module) {
+
+module.exports = require("umzug");
+
+/***/ }
+
+/******/ 	});
+/************************************************************************/
+/******/ 	// The module cache
+/******/ 	var __webpack_module_cache__ = {};
+/******/ 	
+/******/ 	// The require function
+/******/ 	function __webpack_require__(moduleId) {
+/******/ 		// Check if module is in cache
+/******/ 		var cachedModule = __webpack_module_cache__[moduleId];
+/******/ 		if (cachedModule !== undefined) {
+/******/ 			return cachedModule.exports;
+/******/ 		}
+/******/ 		// Check if module exists (development only)
+/******/ 		if (__webpack_modules__[moduleId] === undefined) {
+/******/ 			var e = new Error("Cannot find module '" + moduleId + "'");
+/******/ 			e.code = 'MODULE_NOT_FOUND';
+/******/ 			throw e;
+/******/ 		}
+/******/ 		// Create a new module (and put it into the cache)
+/******/ 		var module = __webpack_module_cache__[moduleId] = {
+/******/ 			// no module.id needed
+/******/ 			// no module.loaded needed
+/******/ 			exports: {}
+/******/ 		};
+/******/ 	
+/******/ 		// Execute the module function
+/******/ 		__webpack_modules__[moduleId](module, module.exports, __webpack_require__);
+/******/ 	
+/******/ 		// Return the exports of the module
+/******/ 		return module.exports;
+/******/ 	}
+/******/ 	
 /************************************************************************/
-/******/ // The module cache
-/******/
-/******/
-/******/ // The require function
-/******/function __webpack_require__(moduleId){
-/******/ // Check if module is in cache
-/******/var cachedModule=__webpack_module_cache__[moduleId];
-/******/if(void 0!==cachedModule)
-/******/return cachedModule.exports;
-/******/
-/******/ // Create a new module (and put it into the cache)
-/******/var module=__webpack_module_cache__[moduleId]={
-/******/ // no module.id needed
-/******/ // no module.loaded needed
-/******/exports:{}
-/******/};
-/******/
-/******/ // Execute the module function
-/******/
-/******/
-/******/ // Return the exports of the module
-/******/return __webpack_modules__[moduleId](module,module.exports,__webpack_require__),module.exports;
-/******/}
-/******/
-/************************************************************************/var __webpack_exports__={};
-// This entry needs to be wrapped in an IIFE because it uses a non-standard name for the exports (exports).
-(()=>{var exports=__webpack_exports__;Object.defineProperty(exports,"__esModule",{value:!0}),exports.watchBucket=exports.userDefaultBid=exports.successHtml=exports.success=exports.runMigrations=exports.publishEvents=exports.parseEvent=exports.parseBody=exports.isSystemUser=exports.isSuperUser=exports.isPartnerUser=exports.handleFile=exports.getModuleInfo=exports.getEffectivePartnerId=exports.getDefaultBusinessIDInfo=exports.getCurrentUserNameFromCognitoEvent=exports.getCurrentUser=exports.getBusinessesInfo=exports.getBelongsToPartnerId=exports.getAccessRightsInfo=exports.findAll=exports.failure=exports.enrichEventWithPartnerAccess=exports.defaultFilters=exports.createSort=exports.createIncludes=exports.createFilters=exports.checkWriteAccess=exports.checkModule=exports.checkIsSuper=exports.accessRightsUtils=void 0;var _handleFile=__webpack_require__(876),_watchBucket=__webpack_require__(183),_publishEvents=__webpack_require__(864),_createIncludes=__webpack_require__(982),_createFilters=__webpack_require__(288),_createSort=__webpack_require__(835),_findAll=__webpack_require__(981),_accessRightsUtils=__webpack_require__(673),_requestResponse=__webpack_require__(859),_migrations=__webpack_require__(871),_defaultFilters=__webpack_require__(207);exports.handleFile=_handleFile.handleFile,exports.watchBucket=_watchBucket.watchBucket,exports.publishEvents=_publishEvents.publishEvents,exports.createFilters=_createFilters.createFilters,exports.createIncludes=_createIncludes.createIncludes,exports.createSort=_createSort.createSort,exports.findAll=_findAll.findAll,exports.checkModule=_accessRightsUtils.checkModule,exports.checkIsSuper=_accessRightsUtils.checkIsSuper,exports.getAccessRightsInfo=_accessRightsUtils.getAccessRightsInfo,exports.getDefaultBusinessIDInfo=_accessRightsUtils.getDefaultBusinessIDInfo,exports.getModuleInfo=_accessRightsUtils.getModuleInfo,exports.failure=_requestResponse.failure,exports.success=_requestResponse.success,exports.runMigrations=_migrations.runMigrations,exports.getCurrentUser=_requestResponse.getCurrentUser,exports.successHtml=_requestResponse.successHtml,exports.getCurrentUserNameFromCognitoEvent=_requestResponse.getCurrentUserNameFromCognitoEvent,exports.defaultFilters=_defaultFilters.defaultFilters,exports.accessRightsUtils=_accessRightsUtils.accessRightsUtils,exports.parseBody=_requestResponse.parseBody,exports.parseEvent=_requestResponse.parseEvent,exports.getBusinessesInfo=_accessRightsUtils.getBusinessesInfo,exports.userDefaultBid=_accessRightsUtils.userDefaultBid,exports.checkWriteAccess=_accessRightsUtils.checkWriteAccess,exports.isSystemUser=_accessRightsUtils.isSystemUser,exports.isSuperUser=_accessRightsUtils.isSuperUser,exports.isPartnerUser=_accessRightsUtils.isPartnerUser,exports.getBelongsToPartnerId=_accessRightsUtils.getBelongsToPartnerId,exports.getEffectivePartnerId=_accessRightsUtils.getEffectivePartnerId,exports.enrichEventWithPartnerAccess=_accessRightsUtils.enrichEventWithPartnerAccess})();var __webpack_export_target__=exports;for(var __webpack_i__ in __webpack_exports__)__webpack_export_target__[__webpack_i__]=__webpack_exports__[__webpack_i__];__webpack_exports__.__esModule&&Object.defineProperty(__webpack_export_target__,"__esModule",{value:!0})
-/******/})();
+var __webpack_exports__ = {};
+// This entry needs to be wrapped in an IIFE because it needs to be isolated against other modules in the chunk.
+(() => {
+var exports = __webpack_exports__;
+/*!**********************!*\
+  !*** ./src/index.js ***!
+  \**********************/
+Object.defineProperty(exports, "__esModule", ({ value: true }));exports.watchBucket = exports.userDefaultBid = exports.successHtml = exports.success = exports.runMigrations = exports.publishEvents = exports.parseEvent = exports.parseBody = exports.isSystemUser = exports.isSuperUser = exports.isPartnerUser = exports.handleFile = exports.getModuleInfo = exports.getEffectivePartnerId = exports.getDefaultBusinessIDInfo = exports.getCurrentUserNameFromCognitoEvent = exports.getCurrentUser = exports.getCompanySettings = exports.getBusinessesInfo = exports.getBelongsToPartnerId = exports.getAccessRightsInfo = exports.findAll = exports.failure = exports.enrichEventWithPartnerAccess = exports.defaultFilters = exports.createSort = exports.createIncludes = exports.createFilters = exports.checkWriteAccess = exports.checkModule = exports.checkIsSuper = exports.accessRightsUtils = void 0;var _handleFile = __webpack_require__(/*! ./eventManager/handleFile.js */ "./src/eventManager/handleFile.js");
+var _watchBucket = __webpack_require__(/*! ./eventManager/watchBucket.js */ "./src/eventManager/watchBucket.js");
+var _publishEvents = __webpack_require__(/*! ./eventManager/publishEvents.js */ "./src/eventManager/publishEvents.js");
+var _createIncludes = __webpack_require__(/*! ./database/dbUtils/queryStringUtils/createIncludes.js */ "./src/database/dbUtils/queryStringUtils/createIncludes.js");
+var _createFilters = __webpack_require__(/*! ./database/dbUtils/queryStringUtils/createFilters.js */ "./src/database/dbUtils/queryStringUtils/createFilters.js");
+var _createSort = __webpack_require__(/*! ./database/dbUtils/queryStringUtils/createSort.js */ "./src/database/dbUtils/queryStringUtils/createSort.js");
+var _findAll = __webpack_require__(/*! ./database/dbUtils/queryStringUtils/findAll.js */ "./src/database/dbUtils/queryStringUtils/findAll.js");
+var _accessRightsUtils = __webpack_require__(/*! ./database/dbUtils/queryStringUtils/accessRightsUtils.js */ "./src/database/dbUtils/queryStringUtils/accessRightsUtils.js");
+
+
+
+
+var _requestResponse = __webpack_require__(/*! ./requestResponse/requestResponse.js */ "./src/requestResponse/requestResponse.js");
+var _migrations = __webpack_require__(/*! ./database/dbSetup/migrations.js */ "./src/database/dbSetup/migrations.js");
+
+
+
+var _defaultFilters = __webpack_require__(/*! ./database/dbUtils/queryStringUtils/defaultFilters.js */ "./src/database/dbUtils/queryStringUtils/defaultFilters.js");
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+const handleFile = exports.handleFile = _handleFile.handleFile;
+const watchBucket = exports.watchBucket = _watchBucket.watchBucket;
+const publishEvents = exports.publishEvents = _publishEvents.publishEvents;
+const createFilters = exports.createFilters = _createFilters.createFilters;
+const createIncludes = exports.createIncludes = _createIncludes.createIncludes;
+const createSort = exports.createSort = _createSort.createSort;
+const findAll = exports.findAll = _findAll.findAll;
+const checkModule = exports.checkModule = _accessRightsUtils.checkModule;
+const checkIsSuper = exports.checkIsSuper = _accessRightsUtils.checkIsSuper;
+const getAccessRightsInfo = exports.getAccessRightsInfo = _accessRightsUtils.getAccessRightsInfo;
+const getDefaultBusinessIDInfo = exports.getDefaultBusinessIDInfo = _accessRightsUtils.getDefaultBusinessIDInfo;
+const getModuleInfo = exports.getModuleInfo = _accessRightsUtils.getModuleInfo;
+const failure = exports.failure = _requestResponse.failure;
+const success = exports.success = _requestResponse.success;
+const runMigrations = exports.runMigrations = _migrations.runMigrations;
+const getCurrentUser = exports.getCurrentUser = _requestResponse.getCurrentUser;
+const successHtml = exports.successHtml = _requestResponse.successHtml;
+const getCurrentUserNameFromCognitoEvent = exports.getCurrentUserNameFromCognitoEvent = _requestResponse.getCurrentUserNameFromCognitoEvent;
+const defaultFilters = exports.defaultFilters = _defaultFilters.defaultFilters;
+const accessRightsUtils = exports.accessRightsUtils = _accessRightsUtils.accessRightsUtils;
+const parseBody = exports.parseBody = _requestResponse.parseBody;
+const parseEvent = exports.parseEvent = _requestResponse.parseEvent;
+const getBusinessesInfo = exports.getBusinessesInfo = _accessRightsUtils.getBusinessesInfo;
+const userDefaultBid = exports.userDefaultBid = _accessRightsUtils.userDefaultBid;
+const checkWriteAccess = exports.checkWriteAccess = _accessRightsUtils.checkWriteAccess;
+const isSystemUser = exports.isSystemUser = _accessRightsUtils.isSystemUser;
+const isSuperUser = exports.isSuperUser = _accessRightsUtils.isSuperUser;
+const isPartnerUser = exports.isPartnerUser = _accessRightsUtils.isPartnerUser;
+const getBelongsToPartnerId = exports.getBelongsToPartnerId = _accessRightsUtils.getBelongsToPartnerId;
+const getEffectivePartnerId = exports.getEffectivePartnerId = _accessRightsUtils.getEffectivePartnerId;
+const enrichEventWithPartnerAccess = exports.enrichEventWithPartnerAccess = _accessRightsUtils.enrichEventWithPartnerAccess;
+const getCompanySettings = exports.getCompanySettings = _accessRightsUtils.getCompanySettings;
+})();
+
+var __webpack_export_target__ = exports;
+for(var __webpack_i__ in __webpack_exports__) __webpack_export_target__[__webpack_i__] = __webpack_exports__[__webpack_i__];
+if(__webpack_exports__.__esModule) Object.defineProperty(__webpack_export_target__, "__esModule", { value: true });
+/******/ })()
+;
 //# sourceMappingURL=main.js.map