Merge branch 'master' into grid-conflict-improvements

hosting/single/runner.sh

@@ -53,6 +53,11 @@ done
 if [[ -z "${COUCH_DB_URL}" ]]; then
     export COUCH_DB_URL=http://$COUCHDB_USER:$COUCHDB_PASSWORD@127.0.0.1:5984
 fi
+
+if [[ -z "${COUCH_DB_SQL_URL}" ]]; then
+    export COUCH_DB_SQL_URL=http://127.0.0.1:4984
+fi
+
 if [ ! -f "${DATA_DIR}/.env" ]; then
     touch ${DATA_DIR}/.env
     for ENV_VAR in "${ENV_VARS[@]}"

package.json

@@ -40,7 +40,7 @@
     "build:oss": "NODE_OPTIONS=--max-old-space-size=1500 lerna run build --stream --ignore @budibase/account-portal --ignore @budibase/account-portal-server --ignore @budibase/account-portal-ui",
     "build:account-portal": "NODE_OPTIONS=--max-old-space-size=1500 lerna run build --stream --scope @budibase/account-portal --scope @budibase/account-portal-server --scope @budibase/account-portal-ui",
     "build:dev": "lerna run --stream prebuild && yarn nx run-many --target=build --output-style=dynamic --watch --preserveWatchOutput",
-    "check:types": "lerna run check:types",
+    "check:types": "lerna run --concurrency 2 check:types",
     "build:sdk": "lerna run --stream build:sdk",
     "deps:circular": "madge packages/server/dist/index.js packages/worker/src/index.ts packages/backend-core/dist/src/index.js packages/cli/src/index.js --circular",
     "release": "lerna publish from-package --yes --force-publish --no-git-tag-version --no-push --no-git-reset",

packages/account-portal

@@ -1 +1 @@
-Subproject commit c167c331ff9b8161fc18e2ecbaaf1ea5815ba964
+Subproject commit 39acfff42a063e5a8a7d58d36721ec3103e16348

packages/backend-core/src/sql/sql.ts

@@ -1,6 +1,11 @@
 import { Knex, knex } from "knex"
 import * as dbCore from "../db"
-import { isIsoDateString, isValidFilter, getNativeSql } from "./utils"
+import {
+  isIsoDateString,
+  isValidFilter,
+  getNativeSql,
+  isExternalTable,
+} from "./utils"
 import { SqlStatements } from "./sqlStatements"
 import SqlTableQueryBuilder from "./sqlTable"
 import {
@@ -21,6 +26,7 @@ import {
   SqlClient,
   QueryOptions,
   JsonTypes,
+  prefixed,
 } from "@budibase/types"
 import environment from "../environment"
 import { helpers } from "@budibase/shared-core"
@@ -391,6 +397,16 @@ class InternalBuilder {
       contains(filters.containsAny, true)
     }
 
+    // when searching internal tables make sure long looking for rows
+    if (filters.documentType && !isExternalTable(table)) {
+      const tableRef = opts?.aliases?.[table._id!] || table._id
+      // has to be its own option, must always be AND onto the search
+      query.andWhereLike(
+        `${tableRef}._id`,
+        `${prefixed(filters.documentType)}%`
+      )
+    }
+
     return query
   }
 
@@ -592,6 +608,7 @@ class InternalBuilder {
     query = this.addFilters(query, filters, json.meta.table, {
       aliases: tableAliases,
     })
+
     // add sorting to pre-query
     query = this.addSorting(query, json)
     const alias = tableAliases?.[tableName] || tableName

packages/backend-core/tests/core/utilities/mocks/licenses.ts

@@ -106,6 +106,10 @@ export const useViewPermissions = () => {
   return useFeature(Feature.VIEW_PERMISSIONS)
 }
 
+export const useViewReadonlyColumns = () => {
+  return useFeature(Feature.VIEW_READONLY_COLUMNS)
+}
+
 // QUOTAS
 
 export const setAutomationLogsQuota = (value: number) => {

packages/builder/src/pages/builder/invite/index.svelte

@@ -32,8 +32,14 @@
     onboarding = true
     try {
       const { password, firstName, lastName } = formData
-      await users.acceptInvite(inviteCode, password, firstName, lastName)
+      const user = await users.acceptInvite(
+        inviteCode,
+        password,
+        firstName,
+        lastName
+      )
       notifications.success("Invitation accepted successfully")
+      auth.setOrg(user.tenantId)
       await login()
     } catch (error) {
       notifications.error(error.message)
@@ -66,7 +72,7 @@
       notifications.success("Logged in successfully")
       $goto("../portal")
     } catch (err) {
-      notifications.error(err.message ? err.message : "Invalid credentials") //not likely, considering.
+      notifications.error(err.message ? err.message : "Something went wrong")
     }
   }
 
@@ -141,12 +147,19 @@
                   password: e.detail,
                 }
               }}
+              validateOn="blur"
               validate={() => {
                 let fieldError = {}
 
-                fieldError["password"] = !formData.password
+                function validatePassword() {
-                  ? "Please enter a password"
+                  if (!formData.password) {
-                  : undefined
+                    return "Please enter a password"
+                  } else if (formData.password.length < 8) {
+                    return "Please enter at least 8 characters"
+                  }
+                  return undefined
+                }
+                fieldError["password"] = validatePassword()
 
                 fieldError["confirmationPassword"] =
                   !passwordsMatch(

packages/pro

@@ -1 +1 @@
-Subproject commit 1879d8686b1d9392707595a02cdd4981923e7f99
+Subproject commit 5189b83bea1868574ff7f4c51fe5db38a11badb8

packages/server/src/api/controllers/view/viewsV2.ts

@@ -3,7 +3,7 @@ import {
   CreateViewRequest,
   Ctx,
   RequiredKeys,
-  UIFieldMetadata,
+  ViewUIFieldMetadata,
   UpdateViewRequest,
   ViewResponse,
   ViewResponseEnriched,
@@ -18,22 +18,23 @@ async function parseSchema(view: CreateViewRequest) {
   const finalViewSchema =
     view.schema &&
     Object.entries(view.schema).reduce((p, [fieldName, schemaValue]) => {
-      const fieldSchema: RequiredKeys<UIFieldMetadata> = {
+      const fieldSchema: RequiredKeys<ViewUIFieldMetadata> = {
         order: schemaValue.order,
         width: schemaValue.width,
         visible: schemaValue.visible,
+        readonly: schemaValue.readonly,
         icon: schemaValue.icon,
       }
       Object.entries(fieldSchema)
         .filter(([, val]) => val === undefined)
         .forEach(([key]) => {
-          delete fieldSchema[key as keyof UIFieldMetadata]
+          delete fieldSchema[key as keyof ViewUIFieldMetadata]
         })
       p[fieldName] = fieldSchema
       return p
-    }, {} as Record<string, RequiredKeys<UIFieldMetadata>>)
+    }, {} as Record<string, RequiredKeys<ViewUIFieldMetadata>>)
   for (let [key, column] of Object.entries(finalViewSchema)) {
-    if (!column.visible) {
+    if (!column.visible && !column.readonly) {
       delete finalViewSchema[key]
     }
   }

packages/server/src/api/routes/tests/viewV2.spec.ts

@@ -14,8 +14,8 @@ import {
   StaticQuotaName,
   Table,
   TableSourceType,
-  UIFieldMetadata,
   UpdateViewRequest,
+  ViewUIFieldMetadata,
   ViewV2,
 } from "@budibase/types"
 import { generator, mocks } from "@budibase/backend-core/tests"
@@ -23,6 +23,9 @@ import { DatabaseName, getDatasource } from "../../../integrations/tests/utils"
 import merge from "lodash/merge"
 import { quotas } from "@budibase/pro"
 import { roles } from "@budibase/backend-core"
+import * as schemaUtils from "../../../utilities/schema"
+
+jest.mock("../../../utilities/schema")
 
 describe.each([
   ["internal", undefined],
@@ -96,6 +99,10 @@ describe.each([
     setup.afterAll()
   })
 
+  beforeEach(() => {
+    mocks.licenses.useCloudFree()
+  })
+
   const getRowUsage = async () => {
     const { total } = await config.doInContext(undefined, () =>
       quotas.getCurrentUsageValues(QuotaUsageType.STATIC, StaticQuotaName.ROWS)
@@ -141,7 +148,7 @@ describe.each([
           type: SortType.STRING,
         },
         schema: {
-          name: {
+          Price: {
             visible: true,
           },
         },
@@ -150,7 +157,11 @@ describe.each([
 
       expect(res).toEqual({
         ...newView,
-        schema: newView.schema,
+        schema: {
+          Price: {
+            visible: true,
+          },
+        },
         id: expect.any(String),
         version: 2,
       })
@@ -214,6 +225,211 @@ describe.each([
         status: 201,
       })
     })
+
+    it("does not persist non-visible fields", async () => {
+      const newView: CreateViewRequest = {
+        name: generator.name(),
+        tableId: table._id!,
+        primaryDisplay: generator.word(),
+        schema: {
+          Price: { visible: true },
+          Category: { visible: false },
+        },
+      }
+      const res = await config.api.viewV2.create(newView)
+
+      expect(res).toEqual({
+        ...newView,
+        schema: {
+          Price: {
+            visible: true,
+          },
+        },
+        id: expect.any(String),
+        version: 2,
+      })
+    })
+
+    it("throws bad request when the schema fields are not valid", async () => {
+      const newView: CreateViewRequest = {
+        name: generator.name(),
+        tableId: table._id!,
+        schema: {
+          nonExisting: {
+            visible: true,
+          },
+        },
+      }
+      await config.api.viewV2.create(newView, {
+        status: 400,
+        body: {
+          message: 'Field "nonExisting" is not valid for the requested table',
+        },
+      })
+    })
+
+    describe("readonly fields", () => {
+      beforeEach(() => {
+        mocks.licenses.useViewReadonlyColumns()
+      })
+
+      it("readonly fields are persisted", async () => {
+        const table = await config.api.table.save(
+          saveTableRequest({
+            schema: {
+              name: {
+                name: "name",
+                type: FieldType.STRING,
+              },
+              description: {
+                name: "description",
+                type: FieldType.STRING,
+              },
+            },
+          })
+        )
+
+        const newView: CreateViewRequest = {
+          name: generator.name(),
+          tableId: table._id!,
+          schema: {
+            name: {
+              visible: true,
+              readonly: true,
+            },
+            description: {
+              visible: true,
+              readonly: true,
+            },
+          },
+        }
+
+        const res = await config.api.viewV2.create(newView)
+        expect(res.schema).toEqual({
+          name: {
+            visible: true,
+            readonly: true,
+          },
+          description: {
+            visible: true,
+            readonly: true,
+          },
+        })
+      })
+
+      it("required fields cannot be marked as readonly", async () => {
+        const isRequiredSpy = jest.spyOn(schemaUtils, "isRequired")
+        isRequiredSpy.mockReturnValueOnce(true)
+
+        const table = await config.api.table.save(
+          saveTableRequest({
+            schema: {
+              name: {
+                name: "name",
+                type: FieldType.STRING,
+              },
+              description: {
+                name: "description",
+                type: FieldType.STRING,
+              },
+            },
+          })
+        )
+
+        const newView: CreateViewRequest = {
+          name: generator.name(),
+          tableId: table._id!,
+          schema: {
+            name: {
+              readonly: true,
+            },
+          },
+        }
+
+        await config.api.viewV2.create(newView, {
+          status: 400,
+          body: {
+            message:
+              'Field "name" cannot be readonly as it is a required field',
+            status: 400,
+          },
+        })
+      })
+
+      it("readonly fields must be visible", async () => {
+        const table = await config.api.table.save(
+          saveTableRequest({
+            schema: {
+              name: {
+                name: "name",
+                type: FieldType.STRING,
+              },
+              description: {
+                name: "description",
+                type: FieldType.STRING,
+              },
+            },
+          })
+        )
+
+        const newView: CreateViewRequest = {
+          name: generator.name(),
+          tableId: table._id!,
+          schema: {
+            name: {
+              visible: false,
+              readonly: true,
+            },
+          },
+        }
+
+        await config.api.viewV2.create(newView, {
+          status: 400,
+          body: {
+            message:
+              'Field "name" must be visible if you want to make it readonly',
+            status: 400,
+          },
+        })
+      })
+
+      it("readonly fields cannot be used on free license", async () => {
+        mocks.licenses.useCloudFree()
+        const table = await config.api.table.save(
+          saveTableRequest({
+            schema: {
+              name: {
+                name: "name",
+                type: FieldType.STRING,
+              },
+              description: {
+                name: "description",
+                type: FieldType.STRING,
+              },
+            },
+          })
+        )
+
+        const newView: CreateViewRequest = {
+          name: generator.name(),
+          tableId: table._id!,
+          schema: {
+            name: {
+              visible: true,
+              readonly: true,
+            },
+          },
+        }
+
+        await config.api.viewV2.create(newView, {
+          status: 400,
+          body: {
+            message: "Readonly fields are not enabled for your tenant",
+            status: 400,
+          },
+        })
+      })
+    })
   })
 
   describe("update", () => {
@@ -251,6 +467,7 @@ describe.each([
     })
 
     it("can update all fields", async () => {
+      mocks.licenses.useViewReadonlyColumns()
       const tableId = table._id!
 
       const updatedData: Required<UpdateViewRequest> = {
@@ -275,6 +492,10 @@ describe.each([
           Category: {
             visible: false,
           },
+          Price: {
+            visible: true,
+            readonly: true,
+          },
         },
       }
       await config.api.viewV2.update(updatedData)
@@ -291,7 +512,8 @@ describe.each([
               visible: false,
             }),
             Price: expect.objectContaining({
-              visible: false,
+              visible: true,
+              readonly: true,
             }),
           },
         },
@@ -450,6 +672,67 @@ describe.each([
         }
       )
     })
+
+    it("cannot update views with readonly on on free license", async () => {
+      mocks.licenses.useViewReadonlyColumns()
+
+      view = await config.api.viewV2.update({
+        ...view,
+        schema: {
+          Price: {
+            visible: true,
+            readonly: true,
+          },
+        },
+      })
+
+      mocks.licenses.useCloudFree()
+      await config.api.viewV2.update(view, {
+        status: 400,
+        body: {
+          message: "Readonly fields are not enabled for your tenant",
+        },
+      })
+    })
+
+    it("can remove readonly config after license downgrade", async () => {
+      mocks.licenses.useViewReadonlyColumns()
+
+      view = await config.api.viewV2.update({
+        ...view,
+        schema: {
+          Price: {
+            visible: true,
+            readonly: true,
+          },
+          Category: {
+            visible: true,
+            readonly: true,
+          },
+        },
+      })
+      mocks.licenses.useCloudFree()
+      const res = await config.api.viewV2.update({
+        ...view,
+        schema: {
+          Price: {
+            visible: true,
+            readonly: false,
+          },
+        },
+      })
+      expect(res).toEqual(
+        expect.objectContaining({
+          ...view,
+          schema: {
+            Price: {
+              visible: true,
+              readonly: false,
+            },
+          },
+        })
+      )
+    })
   })
 
   describe("delete", () => {
@@ -491,15 +774,35 @@ describe.each([
       const updatedTable = await config.api.table.get(table._id!)
       const viewSchema = updatedTable.views![view!.name!].schema as Record<
         string,
-        UIFieldMetadata
+        ViewUIFieldMetadata
       >
       expect(viewSchema.Price?.visible).toEqual(false)
+      expect(viewSchema.Category?.visible).toEqual(true)
+    })
+
+    it("should be able to fetch readonly config after downgrades", async () => {
+      mocks.licenses.useViewReadonlyColumns()
+      const res = await config.api.viewV2.create({
+        name: generator.name(),
+        tableId: table._id!,
+        schema: {
+          Price: { visible: true, readonly: true },
+        },
+      })
+
+      mocks.licenses.useCloudFree()
+      const view = await config.api.viewV2.get(res.id)
+      expect(view.schema?.Price).toEqual(
+        expect.objectContaining({ visible: true, readonly: true })
+      )
     })
   })
 
   describe("read", () => {
-    it("views have extra data trimmed", async () => {
+    let view: ViewV2
-      const table = await config.api.table.save(
+
+    beforeAll(async () => {
+      table = await config.api.table.save(
         saveTableRequest({
           schema: {
             Country: {
@@ -514,7 +817,7 @@ describe.each([
         })
       )
 
-      const view = await config.api.viewV2.create({
+      view = await config.api.viewV2.create({
         tableId: table._id!,
         name: generator.guid(),
         schema: {
@@ -523,7 +826,9 @@ describe.each([
           },
         },
       })
+    })
 
+    it("views have extra data trimmed", async () => {
       let row = await config.api.row.save(view.id, {
         Country: "Aussy",
         Story: "aaaaa",
@@ -568,6 +873,27 @@ describe.each([
         expect(row.one).toBeUndefined()
         expect(row.two).toEqual("bar")
       })
+
+      it("can't persist readonly columns", async () => {
+        mocks.licenses.useViewReadonlyColumns()
+        const view = await config.api.viewV2.create({
+          tableId: table._id!,
+          name: generator.guid(),
+          schema: {
+            one: { visible: true, readonly: true },
+            two: { visible: true },
+          },
+        })
+        const row = await config.api.row.save(view.id, {
+          tableId: table!._id,
+          _viewId: view.id,
+          one: "foo",
+          two: "bar",
+        })
+
+        expect(row.one).toBeUndefined()
+        expect(row.two).toEqual("bar")
+      })
     })
 
     describe("patch", () => {
@@ -588,6 +914,33 @@ describe.each([
         expect(row.one).toEqual("foo")
         expect(row.two).toEqual("newBar")
       })
+
+      it("can't update readonly columns", async () => {
+        mocks.licenses.useViewReadonlyColumns()
+        const view = await config.api.viewV2.create({
+          tableId: table._id!,
+          name: generator.guid(),
+          schema: {
+            one: { visible: true, readonly: true },
+            two: { visible: true },
+          },
+        })
+        const newRow = await config.api.row.save(table._id!, {
+          one: "foo",
+          two: "bar",
+        })
+        await config.api.row.patch(view.id, {
+          tableId: table._id!,
+          _id: newRow._id!,
+          _rev: newRow._rev!,
+          one: "newFoo",
+          two: "newBar",
+        })
+
+        const row = await config.api.row.get(table._id!, newRow._id!)
+        expect(row.one).toEqual("foo")
+        expect(row.two).toEqual("newBar")
+      })
     })
 
     describe("destroy", () => {

packages/server/src/middleware/tests/trimViewRowInfo.spec.ts

@@ -144,8 +144,12 @@ describe("trimViewRowInfo middleware", () => {
       name: generator.guid(),
       tableId: table._id!,
       schema: {
-        name: {},
+        name: {
-        address: {},
+          visible: true,
+        },
+        address: {
+          visible: true,
+        },
       },
     })
 

packages/server/src/sdk/app/rows/search/sqs.ts

@@ -1,4 +1,5 @@
 import {
+  DocumentType,
   FieldType,
   Operation,
   QueryJson,
@@ -148,7 +149,10 @@ export async function search(
       entityId: table._id!,
       operation: Operation.READ,
     },
-    filters: cleanupFilters(query, allTables),
+    filters: {
+      ...cleanupFilters(query, allTables),
+      documentType: DocumentType.ROW,
+    },
     table,
     meta: {
       table,

packages/server/src/sdk/app/views/index.ts

@@ -2,10 +2,12 @@ import {
   RenameColumn,
   TableSchema,
   View,
+  ViewUIFieldMetadata,
   ViewV2,
   ViewV2Enriched,
 } from "@budibase/types"
-import { db as dbCore } from "@budibase/backend-core"
+import { HTTPError, db as dbCore } from "@budibase/backend-core"
+import { features } from "@budibase/pro"
 import { cloneDeep } from "lodash"
 
 import * as utils from "../../../db/utils"
@@ -13,6 +15,8 @@ import { isExternalTableID } from "../../../integrations/utils"
 
 import * as internal from "./internal"
 import * as external from "./external"
+import sdk from "../../../sdk"
+import { isRequired } from "../../../utilities/schema"
 
 function pickApi(tableId: any) {
   if (isExternalTableID(tableId)) {
@@ -31,14 +35,61 @@ export async function getEnriched(viewId: string): Promise<ViewV2Enriched> {
   return pickApi(tableId).getEnriched(viewId)
 }
 
+async function guardViewSchema(
+  tableId: string,
+  viewSchema?: Record<string, ViewUIFieldMetadata>
+) {
+  if (!viewSchema || !Object.keys(viewSchema).length) {
+    return
+  }
+  const table = await sdk.tables.getTable(tableId)
+
+  for (const field of Object.keys(viewSchema)) {
+    const tableSchemaField = table.schema[field]
+    if (!tableSchemaField) {
+      throw new HTTPError(
+        `Field "${field}" is not valid for the requested table`,
+        400
+      )
+    }
+
+    if (viewSchema[field].readonly) {
+      if (!(await features.isViewReadonlyColumnsEnabled())) {
+        throw new HTTPError(
+          `Readonly fields are not enabled for your tenant`,
+          400
+        )
+      }
+
+      if (isRequired(tableSchemaField.constraints)) {
+        throw new HTTPError(
+          `Field "${field}" cannot be readonly as it is a required field`,
+          400
+        )
+      }
+
+      if (!viewSchema[field].visible) {
+        throw new HTTPError(
+          `Field "${field}" must be visible if you want to make it readonly`,
+          400
+        )
+      }
+    }
+  }
+}
+
 export async function create(
   tableId: string,
   viewRequest: Omit<ViewV2, "id" | "version">
 ): Promise<ViewV2> {
+  await guardViewSchema(tableId, viewRequest.schema)
+
   return pickApi(tableId).create(tableId, viewRequest)
 }
 
 export async function update(tableId: string, view: ViewV2): Promise<ViewV2> {
+  await guardViewSchema(tableId, view.schema)
+
   return pickApi(tableId).update(tableId, view)
 }
 
@@ -53,7 +104,13 @@ export async function remove(viewId: string): Promise<ViewV2> {
 
 export function allowedFields(view: View | ViewV2) {
   return [
-    ...Object.keys(view?.schema || {}),
+    ...Object.keys(view?.schema || {}).filter(key => {
+      if (!isV2(view)) {
+        return true
+      }
+      const fieldSchema = view.schema![key]
+      return fieldSchema.visible && !fieldSchema.readonly
+    }),
     ...dbCore.CONSTANT_EXTERNAL_ROW_COLS,
     ...dbCore.CONSTANT_INTERNAL_ROW_COLS,
   ]

packages/server/src/utilities/schema.ts

@@ -4,6 +4,7 @@ import {
   TableSchema,
   FieldSchema,
   Row,
+  FieldConstraints,
 } from "@budibase/types"
 import { ValidColumnNameRegex, utils } from "@budibase/shared-core"
 import { db } from "@budibase/backend-core"
@@ -40,6 +41,15 @@ export function isRows(rows: any): rows is Rows {
   return Array.isArray(rows) && rows.every(row => typeof row === "object")
 }
 
+export function isRequired(constraints: FieldConstraints | undefined) {
+  const isRequired =
+    !!constraints &&
+    ((typeof constraints.presence !== "boolean" &&
+      constraints.presence?.allowEmpty === false) ||
+      constraints.presence === true)
+  return isRequired
+}
+
 export function validate(rows: Rows, schema: TableSchema): ValidationResults {
   const results: ValidationResults = {
     schemaValidation: {},
@@ -62,12 +72,6 @@ export function validate(rows: Rows, schema: TableSchema): ValidationResults {
         return
       }
 
-      const isRequired =
-        !!constraints &&
-        ((typeof constraints.presence !== "boolean" &&
-          !constraints.presence?.allowEmpty) ||
-          constraints.presence === true)
-
       // If the columnType is not a string, then it's not present in the schema, and should be added to the invalid columns array
       if (typeof columnType !== "string") {
         results.invalidColumns.push(columnName)
@@ -101,7 +105,12 @@ export function validate(rows: Rows, schema: TableSchema): ValidationResults {
       } else if (
         (columnType === FieldType.BB_REFERENCE ||
           columnType === FieldType.BB_REFERENCE_SINGLE) &&
-        !isValidBBReference(columnData, columnType, columnSubtype, isRequired)
+        !isValidBBReference(
+          columnData,
+          columnType,
+          columnSubtype,
+          isRequired(constraints)
+        )
       ) {
         results.schemaValidation[columnName] = false
       } else {

packages/server/src/utilities/tests/schema.spec.ts

@@ -0,0 +1,35 @@
+import { isRequired } from "../schema"
+
+describe("schema utilities", () => {
+  describe("isRequired", () => {
+    it("not required by default", () => {
+      const result = isRequired(undefined)
+      expect(result).toBe(false)
+    })
+
+    it("required when presence is true", () => {
+      const result = isRequired({ presence: true })
+      expect(result).toBe(true)
+    })
+
+    it("not required when presence is false", () => {
+      const result = isRequired({ presence: false })
+      expect(result).toBe(false)
+    })
+
+    it("not required when presence is an empty object", () => {
+      const result = isRequired({ presence: {} })
+      expect(result).toBe(false)
+    })
+
+    it("not required when allowEmpty is true", () => {
+      const result = isRequired({ presence: { allowEmpty: true } })
+      expect(result).toBe(false)
+    })
+
+    it("required when allowEmpty is false", () => {
+      const result = isRequired({ presence: { allowEmpty: false } })
+      expect(result).toBe(true)
+    })
+  })
+})

packages/types/src/api/web/app/table.ts

@@ -1,10 +1,5 @@
-import {
+import { Row, Table, TableRequest, View } from "../../../documents"
-  Row,
+import { ViewV2Enriched } from "../../../sdk"
-  Table,
-  TableRequest,
-  View,
-  ViewV2Enriched,
-} from "../../../documents"
 
 export type TableViewsResponse = { [key: string]: View | ViewV2Enriched }
 

packages/types/src/api/web/app/view.ts

@@ -1,4 +1,5 @@
-import { ViewV2, ViewV2Enriched } from "../../../documents"
+import { ViewV2 } from "../../../documents"
+import { ViewV2Enriched } from "../../../sdk/view"
 
 export interface ViewResponse {
   data: ViewV2

packages/types/src/api/web/user.ts

@@ -92,6 +92,7 @@ export interface AcceptUserInviteResponse {
   _id: string
   _rev: string
   email: string
+  tenantId: string
 }
 
 export interface SyncUserRequest {

packages/types/src/documents/app/view.ts

@@ -1,5 +1,5 @@
 import { SearchFilter, SortOrder, SortType } from "../../api"
-import { TableSchema, UIFieldMetadata } from "./table"
+import { UIFieldMetadata } from "./table"
 import { Document } from "../document"
 import { DBView } from "../../sdk"
 
@@ -33,6 +33,10 @@ export interface View {
   groupBy?: string
 }
 
+export type ViewUIFieldMetadata = UIFieldMetadata & {
+  readonly?: boolean
+}
+
 export interface ViewV2 {
   version: 2
   id: string
@@ -45,11 +49,7 @@ export interface ViewV2 {
     order?: SortOrder
     type?: SortType
   }
-  schema?: Record<string, UIFieldMetadata>
+  schema?: Record<string, ViewUIFieldMetadata>
-}
-
-export interface ViewV2Enriched extends ViewV2 {
-  schema?: TableSchema
 }
 
 export type ViewSchema = ViewCountOrSumSchema | ViewStatisticsSchema

packages/types/src/sdk/index.ts

@@ -21,3 +21,4 @@ export * from "./websocket"
 export * from "./permissions"
 export * from "./row"
 export * from "./vm"
+export * from "./view"

packages/types/src/sdk/licensing/feature.ts

@@ -14,6 +14,7 @@ export enum Feature {
   OFFLINE = "offline",
   EXPANDED_PUBLIC_API = "expandedPublicApi",
   VIEW_PERMISSIONS = "viewPermissions",
+  VIEW_READONLY_COLUMNS = "viewReadonlyColumns",
 }
 
 export type PlanFeatures = { [key in PlanType]: Feature[] | undefined }

packages/types/src/sdk/search.ts

@@ -1,5 +1,5 @@
 import { Operation, SortDirection } from "./datasources"
-import { Row, Table } from "../documents"
+import { Row, Table, DocumentType } from "../documents"
 import { SortType } from "../api"
 import { Knex } from "knex"
 
@@ -62,11 +62,15 @@ export interface SearchFilters {
   [SearchFilterOperator.CONTAINS_ANY]?: {
     [key: string]: any[]
   }
+  // specific to SQS/SQLite search on internal tables this can be used
+  // to make sure the documents returned are always filtered down to a
+  // specific document type (such as just rows)
+  documentType?: DocumentType
 }
 
 export type SearchFilterKey = keyof Omit<
   SearchFilters,
-  "allOr" | "onEmptyFilter" | "fuzzyOr"
+  "allOr" | "onEmptyFilter" | "fuzzyOr" | "documentType"
 >
 
 export type SearchQueryFields = Omit<SearchFilters, "allOr" | "onEmptyFilter">

packages/types/src/sdk/view.ts

@@ -0,0 +1,5 @@
+import { TableSchema, ViewV2 } from "../documents"
+
+export interface ViewV2Enriched extends ViewV2 {
+  schema?: TableSchema
+}

packages/worker/src/api/controllers/global/users.ts

@@ -35,6 +35,7 @@ import {
 } from "@budibase/backend-core"
 import { checkAnyUserExists } from "../../../utilities/users"
 import { isEmailConfigured } from "../../../utilities/email"
+import { BpmStatusKey, BpmStatusValue } from "@budibase/shared-core"
 
 const MAX_USERS_UPLOAD_LIMIT = 1000
 
@@ -444,10 +445,16 @@ export const inviteAccept = async (
 
         await cache.invite.deleteCode(inviteCode)
 
+        // make sure onboarding flow is cleared
+        ctx.cookies.set(BpmStatusKey.ONBOARDING, BpmStatusValue.COMPLETED, {
+          expires: new Date(0),
+        })
+
         ctx.body = {
           _id: user._id!,
           _rev: user._rev!,
           email: user.email,
+          tenantId: user.tenantId,
         }
       }
     )

packages/worker/src/api/index.ts

@@ -105,11 +105,6 @@ const NO_TENANCY_ENDPOINTS = [
     route: "/api/admin/auth/oidc/callback",
     method: "GET",
   },
-  // tenant is determined from code in redis
-  {
-    route: "/api/global/users/invite/accept",
-    method: "POST",
-  },
   // global user search - no tenancy
   // :id is user id
   // TODO: this should really be `/api/system/users/:id`
@@ -117,6 +112,15 @@ const NO_TENANCY_ENDPOINTS = [
     route: "/api/global/users/tenant/:id",
     method: "GET",
   },
+  // tenant is determined from code in redis
+  {
+    route: "/api/global/users/invite/accept",
+    method: "POST",
+  },
+  {
+    route: "/api/global/users/invite/:code",
+    method: "GET",
+  },
 ]
 
 // most public endpoints are gets, but some are posts