Merge branch 'develop' into lab/mongodb

.eslintignore

@@ -7,4 +7,5 @@ packages/server/client
 packages/builder/.routify
 packages/builder/cypress/support/queryLevelTransformerFunction.js
 packages/builder/cypress/support/queryLevelTransformerFunctionWithData.js
-packages/builder/cypress/reports
+packages/builder/cypress/reports
+packages/sdk/sdk

.github/ISSUE_TEMPLATE/epic.md

@@ -0,0 +1,24 @@
+---
+name: Epic
+about: Plan a new project
+title: ''
+labels: epic
+assignees: ''
+
+---
+
+## Description
+Brief summary of what this Epic is, whether it's a larger project, goal, or user story. Describe the job to be done, which persona this Epic is mainly for, or if more multiple, break it down by user and job story.
+
+## Spec
+Link to confluence spec
+
+## Teams and Stakeholders
+Describe who needs to be kept up-to-date about this Epic, included in discussions, or updated along the way. Stakeholders can be both in Product/Engineering, as well as other teams like Customer Success who might want to keep customers updated on the Epic project.
+
+
+## Workflow
+- [ ]  Spec Created and pasted above
+- [ ]  Product Review
+- [ ]  Designs created
+- [ ]  Individual Tasks created and assigned to Epic

.github/workflows/budibase_ci.yml

@@ -23,6 +23,15 @@ jobs:
   build:
     runs-on: ubuntu-latest
 
+    services:
+      couchdb:
+        image: ibmcom/couchdb3
+        env:
+          COUCHDB_PASSWORD: budibase
+          COUCHDB_USER: budibase
+        ports:
+          - 4567:5984
+
     strategy:
       matrix:
         node-version: [14.x]
@@ -53,9 +62,8 @@ jobs:
         name: codecov-umbrella
         verbose: true 
 
-    # TODO: parallelise this
+    - name: QA Core Integration Tests
-    - name: Cypress run
+      run: | 
-      uses: cypress-io/github-action@v2
+        cd qa-core
-      with:
+        yarn
-        install: false
+        yarn api:test:ci
-        command: yarn test:e2e:ci

.github/workflows/deploy-single-image.yml

@@ -4,8 +4,6 @@ on:
   workflow_dispatch:
 
 env:
-  BASE_BRANCH: ${{ github.event.pull_request.base.ref}}
-  BRANCH: ${{ github.event.pull_request.head.ref }}
   CI: true
   PERSONAL_ACCESS_TOKEN : ${{ secrets.PERSONAL_ACCESS_TOKEN }}
   REGISTRY_URL: registry.hub.docker.com
@@ -17,6 +15,11 @@ jobs:
       matrix:
         node-version: [14.x]
     steps:
+      - name: Fail if branch is not master
+        if: github.ref != 'refs/heads/master'
+        run: | 
+          echo "Ref is not master, you must run this job from master."
+          exit 1
       - name: "Checkout"
         uses: actions/checkout@v2
       - name: Use Node.js ${{ matrix.node-version }}
@@ -28,8 +31,6 @@ jobs:
       - name: Setup Docker Buildx
         id: buildx
         uses: docker/setup-buildx-action@v1
-      - name: Install Pro
-        run: yarn install:pro $BRANCH $BASE_BRANCH
       - name: Run Yarn
         run: yarn
       - name: Run Yarn Bootstrap

.github/workflows/release-develop.yml

@@ -46,7 +46,8 @@ jobs:
       - run: yarn 
       - run: yarn bootstrap 
       - run: yarn lint 
-      - run: yarn build 
+      - run: yarn build
+      - run: yarn build:sdk
       - run: yarn test
 
       - name: Configure AWS Credentials

.github/workflows/release-selfhost.yml

@@ -3,10 +3,6 @@ name: Budibase Release Selfhost
 on:
  workflow_dispatch:
 
-env:
-  BRANCH: ${{ github.event.pull_request.head.ref }}
-  BASE_BRANCH: ${{ github.event.pull_request.base.ref}}
-
 jobs:
   release:
     runs-on: ubuntu-latest
@@ -54,9 +50,6 @@ jobs:
           DOCKER_PASSWORD: ${{ secrets.DOCKER_API_KEY }}
           SELFHOST_TAG: latest
 
-      - name: Install Pro
-        run: yarn install:pro $BRANCH $BASE_BRANCH
-
       - name: Bootstrap and build (CLI)
         run: |
           yarn

.github/workflows/release.yml

@@ -56,6 +56,7 @@ jobs:
       - run: yarn bootstrap
       - run: yarn lint
       - run: yarn build
+      - run: yarn build:sdk
       - run: yarn test
 
       - name: Configure AWS Credentials

.gitignore

@@ -63,6 +63,7 @@ typings/
 
 # dotenv environment variables file
 .env
+!qa-core/.env
 !hosting/.env
 hosting/.generated-nginx.dev.conf
 hosting/proxy/.generated-nginx.prod.conf
@@ -102,4 +103,6 @@ packages/builder/cypress/reports
 stats.html
 
 # TypeScript cache
-*.tsbuildinfo
+*.tsbuildinfo
+budibase-component
+budibase-datasource

.prettierignore

@@ -9,3 +9,4 @@ packages/server/src/definitions/openapi.ts
 packages/builder/.routify
 packages/builder/cypress/support/queryLevelTransformerFunction.js
 packages/builder/cypress/support/queryLevelTransformerFunctionWithData.js
+packages/sdk/sdk

.prettierrc.json

@@ -4,7 +4,7 @@
   "singleQuote": false,
   "trailingComma": "es5",
   "arrowParens": "avoid",
-  "jsxBracketSameLine": false,
+  "bracketSameLine": false,
   "plugins": ["prettier-plugin-svelte"],
   "svelteSortOrder": "options-scripts-markup-styles"
 }

README.md

@@ -65,7 +65,7 @@ Budibase is open-source - licensed as GPL v3. This should fill you with confiden
 <br /><br />
 
 ### Load data or start from scratch
-Budibase pulls in data from multiple sources, including MongoDB, CouchDB, PostgreSQL, MySQL, Airtable, S3, DynamoDB, or a REST API. And unlike other platforms, with Budibase you can start from scratch and create business apps with no data sources. [Request new data sources](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
+Budibase pulls in data from multiple sources, including MongoDB, CouchDB, PostgreSQL, MySQL, Airtable, S3, DynamoDB, or a REST API. And unlike other platforms, with Budibase you can start from scratch and create business apps with no datasources. [Request new datasources](https://github.com/Budibase/budibase/discussions?discussions_q=category%3AIdeas).
 
 <p align="center">
   <img alt="Budibase data" src="https://res.cloudinary.com/daog6scxm/image/upload/v1636970242/Out%20of%20beta%20launch/data_n1tlhf.png">

charts/budibase/templates/app-service-deployment.yaml

@@ -78,6 +78,8 @@ spec:
               key: objectStoreSecret
         - name: MINIO_URL
           value: {{ .Values.services.objectStore.url }}
+        - name: PLUGIN_BUCKET_NAME
+          value: {{ .Values.services.objectStore.pluginBucketName | default "plugins" | quote }}
         - name: PORT
           value: {{ .Values.services.apps.port | quote }}
         {{ if .Values.services.worker.publicApiRateLimitPerSecond }}
@@ -124,11 +126,31 @@ spec:
           value: {{ .Values.globals.tenantFeatureFlags | quote }}
         {{ if .Values.globals.bbAdminUserEmail }}
         - name: BB_ADMIN_USER_EMAIL
-          value: { { .Values.globals.bbAdminUserEmail | quote } }
+          value: {{ .Values.globals.bbAdminUserEmail | quote }}
         {{ end }}
         {{ if .Values.globals.bbAdminUserPassword }}
         - name: BB_ADMIN_USER_PASSWORD
-          value: { { .Values.globals.bbAdminUserPassword | quote } }
+          value: {{ .Values.globals.bbAdminUserPassword | quote }}
+        {{ end }}
+        {{ if .Values.globals.pluginsDir }}
+        - name: PLUGINS_DIR
+          value: {{ .Values.globals.pluginsDir | quote }}
+        {{ end }}
+        {{ if .Values.services.apps.nodeDebug }}
+        - name: NODE_DEBUG
+          value: {{ .Values.services.apps.nodeDebug | quote }}
+        {{ end }}
+        {{ if .Values.globals.elasticApmEnabled }}
+        - name: ELASTIC_APM_ENABLED
+          value: {{ .Values.globals.elasticApmEnabled | quote }}
+        {{ end }}
+        {{ if .Values.globals.elasticApmSecretToken }}
+        - name: ELASTIC_APM_SECRET_TOKEN
+          value: {{ .Values.globals.elasticApmSecretToken | quote }}
+        {{ end }}
+        {{ if .Values.globals.elasticApmServerUrl }}
+        - name: ELASTIC_APM_SERVER_URL
+          value: {{ .Values.globals.elasticApmServerUrl | quote }}
         {{ end }}
 
         image: budibase/apps:{{ .Values.globals.appVersion }}
@@ -142,7 +164,10 @@ spec:
         name: bbapps
         ports:
         - containerPort: {{ .Values.services.apps.port }}
-        resources: {}
+        {{ with .Values.services.apps.resources }}
+        resources:
+        {{- toYaml . | nindent 10 }}
+        {{ end }}
     {{- with .Values.affinity }}
       affinity:
         {{- toYaml . | nindent 8 }}

charts/budibase/templates/couchdb-backup.yaml

@@ -38,7 +38,10 @@ spec:
         image: redgeoff/replicate-couchdb-cluster
         imagePullPolicy: Always
         name: couchdb-backup
-        resources: {}
+        {{ with .Values.services.couchdb.backup.resources }}
+        resources:
+        {{- toYaml . | nindent 10 }}
+        {{ end }}
     {{- with .Values.affinity }}
       affinity:
         {{- toYaml . | nindent 8 }}

charts/budibase/templates/minio-service-deployment.yaml

@@ -56,7 +56,10 @@ spec:
         name: minio-service
         ports:
         - containerPort: {{ .Values.services.objectStore.port }}
-        resources: {}
+        {{ with .Values.services.objectStore.resources }}
+        resources:
+        {{- toYaml . | nindent 10 }}
+        {{ end }}
         volumeMounts:
         - mountPath: /data
           name: minio-data

charts/budibase/templates/proxy-service-deployment.yaml

@@ -30,7 +30,10 @@ spec:
         name: proxy-service
         ports:
         - containerPort: {{ .Values.services.proxy.port }}
-        resources: {}
+        {{ with .Values.services.proxy.resources }}
+        resources:
+        {{- toYaml . | nindent 10 }}
+        {{ end }}
         volumeMounts:
     {{- with .Values.affinity }}
       affinity:

charts/budibase/templates/redis-service-deployment.yaml

@@ -35,7 +35,10 @@ spec:
         name: redis-service
         ports:
         - containerPort: {{ .Values.services.redis.port }}
-        resources: {}
+        {{ with .Values.services.redis.resources }}
+        resources:
+        {{- toYaml . | nindent 10 }}
+        {{ end }}
         volumeMounts:
         - mountPath: /data
           name: redis-data

charts/budibase/templates/worker-service-deployment.yaml

@@ -27,6 +27,8 @@ spec:
     spec:
       containers:
       - env:
+        - name: BUDIBASE_ENVIRONMENT
+          value: {{ .Values.globals.budibaseEnv }}
         - name: DEPLOYMENT_ENVIRONMENT
           value: "kubernetes"
         - name: CLUSTER_PORT
@@ -75,6 +77,8 @@ spec:
               key: objectStoreSecret
         - name: MINIO_URL
           value: {{ .Values.services.objectStore.url }}
+        - name: PLUGIN_BUCKET_NAME
+          value: {{ .Values.services.objectStore.pluginBucketName | default "plugins" | quote }}
         - name: PORT
           value: {{ .Values.services.worker.port | quote }}
         - name: MULTI_TENANCY
@@ -125,6 +129,19 @@ spec:
           value: {{ .Values.globals.google.secret | quote }}
         - name: TENANT_FEATURE_FLAGS
           value: {{ .Values.globals.tenantFeatureFlags | quote }}
+        {{ if .Values.globals.elasticApmEnabled }}
+        - name: ELASTIC_APM_ENABLED
+          value: {{ .Values.globals.elasticApmEnabled | quote }}
+        {{ end }}
+        {{ if .Values.globals.elasticApmSecretToken }}
+        - name: ELASTIC_APM_SECRET_TOKEN
+          value: {{ .Values.globals.elasticApmSecretToken | quote }}
+        {{ end }}
+        {{ if .Values.globals.elasticApmServerUrl }}
+        - name: ELASTIC_APM_SERVER_URL
+          value: {{ .Values.globals.elasticApmServerUrl | quote }}
+        {{ end }}
+
         image: budibase/worker:{{ .Values.globals.appVersion }}
         imagePullPolicy: Always
         livenessProbe:
@@ -136,7 +153,10 @@ spec:
         name: bbworker
         ports:
         - containerPort: {{ .Values.services.worker.port }}
-        resources: {}
+        {{ with .Values.services.worker.resources }}
+        resources:
+        {{- toYaml . | nindent 10 }}
+        {{ end }}
     {{- with .Values.affinity }}
       affinity:
         {{- toYaml . | nindent 8 }}

charts/budibase/values.yaml

@@ -60,19 +60,6 @@ ingress:
               port:
                 number: 10000
 
-resources:
-  {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
-
 autoscaling:
   enabled: false
   minReplicas: 1
@@ -89,6 +76,7 @@ affinity: {}
 globals:
   appVersion: "latest"
   budibaseEnv: PRODUCTION
+  tenantFeatureFlags: "*:LICENSING,*:USER_GROUPS"
   enableAnalytics: "1"
   sentryDSN: ""
   posthogToken: "phc_bIjZL7oh2GEUd2vqvTBH8WvrX0fWTFQMs6H5KQxiUxU"
@@ -114,6 +102,10 @@ globals:
   smtp:
     enabled: false
 
+#  elasticApmEnabled:
+#  elasticApmSecretToken:
+#  elasticApmServerUrl:
+
 services:
   budibaseVersion: latest
   dns: cluster.local
@@ -121,15 +113,19 @@ services:
   proxy:
     port: 10000
     replicaCount: 1
+    resources: {}
 
   apps:
     port: 4002
     replicaCount: 1
     logLevel: info
+    resources: {}
+#    nodeDebug: "" # set the value of NODE_DEBUG
 
   worker:
     port: 4003
     replicaCount: 1
+    resources: {}
 
   couchdb:
     enabled: true
@@ -143,6 +139,7 @@ services:
       target: ""
       # backup interval in seconds
       interval: ""
+      resources: {}
 
   redis:
     enabled: true # disable if using external redis
@@ -156,6 +153,7 @@ services:
     ## If undefined (the default) or set to null, no storageClassName spec is
     ##   set, choosing the default provisioner.
     storageClass: ""
+    resources: {}
 
   objectStore:
     minio: true
@@ -172,6 +170,7 @@ services:
     ## If undefined (the default) or set to null, no storageClassName spec is
     ##   set, choosing the default provisioner.
     storageClass: ""
+    resources: {}
 
 # Override values in couchDB subchart
 couchdb:

examples/nextjs-api-sales/definitions/openapi.ts

@@ -348,7 +348,7 @@ export interface paths {
         }
       }
       responses: {
-        /** Returns the created table, including the ID which has been generated for it. This can be internal or external data sources. */
+        /** Returns the created table, including the ID which has been generated for it. This can be internal or external datasources. */
         200: {
           content: {
             "application/json": components["schemas"]["tableOutput"]
@@ -959,7 +959,7 @@ export interface components {
     query: {
       /** @description The ID of the query. */
       _id: string
-      /** @description The ID of the data source the query belongs to. */
+      /** @description The ID of the datasource the query belongs to. */
       datasourceId?: string
       /** @description The bindings which are required to perform this query. */
       parameters?: string[]
@@ -983,7 +983,7 @@ export interface components {
       data: {
         /** @description The ID of the query. */
         _id: string
-        /** @description The ID of the data source the query belongs to. */
+        /** @description The ID of the datasource the query belongs to. */
         datasourceId?: string
         /** @description The bindings which are required to perform this query. */
         parameters?: string[]

examples/nextjs-api-sales/package.json

@@ -11,8 +11,8 @@
   "dependencies": {
     "bulma": "^0.9.3",
     "next": "12.1.0",
-    "node-fetch": "^3.2.2",
+    "node-fetch": "^3.2.10",
-    "node-sass": "^7.0.1",
+    "sass": "^1.52.3",
     "react": "17.0.2",
     "react-dom": "17.0.2",
     "react-notifications-component": "^3.4.1"
@@ -24,4 +24,4 @@
     "eslint-config-next": "12.1.0",
     "typescript": "4.6.2"
   }
-}
+}

examples/nextjs-api-sales/yarn.lock

@@ -2020,10 +2020,10 @@ node-domexception@^1.0.0:
   resolved "https://registry.yarnpkg.com/node-domexception/-/node-domexception-1.0.0.tgz#6888db46a1f71c0b76b3f7555016b63fe64766e5"
   integrity sha512-/jKZoMpw0F8GRwl4/eLROPA3cfcXtLApP0QzLmUT/HuPCZWyB7IY9ZrMeKw2O/nFIqPQB3PVM9aYm0F312AXDQ==
 
-node-fetch@^3.2.2:
+node-fetch@^3.2.10:
-  version "3.2.2"
+  version "3.2.10"
-  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-3.2.2.tgz#16d33fbe32ca7c6ca1ca8ba5dfea1dd885c59f04"
+  resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-3.2.10.tgz#e8347f94b54ae18b57c9c049ef641cef398a85c8"
-  integrity sha512-Cwhq1JFIoon15wcIkFzubVNFE5GvXGV82pKf4knXXjvGmn7RJKcypeuqcVNZMGDZsAFWyIRya/anwAJr7TWJ7w==
+  integrity sha512-MhuzNwdURnZ1Cp4XTazr69K0BTizsBroX7Zx3UgDSVcZYKF/6p0CBe4EUb/hLqmzVhl0UpYfgRljQ4yxE+iCxA==
   dependencies:
     data-uri-to-buffer "^4.0.0"
     fetch-blob "^3.1.4"

hosting/.env

@@ -22,4 +22,7 @@ BUDIBASE_ENVIRONMENT=PRODUCTION
 
 # An admin user can be automatically created initially if these are set
 BB_ADMIN_USER_EMAIL=
-BB_ADMIN_USER_PASSWORD=
+BB_ADMIN_USER_PASSWORD=
+
+# A path that is watched for plugin bundles. Any bundles found are imported automatically/
+PLUGINS_DIR=

hosting/docker-compose.yaml

@@ -25,9 +25,12 @@ services:
       REDIS_PASSWORD: ${REDIS_PASSWORD}
       BB_ADMIN_USER_EMAIL: ${BB_ADMIN_USER_EMAIL}
       BB_ADMIN_USER_PASSWORD: ${BB_ADMIN_USER_PASSWORD}
+      PLUGINS_DIR: ${PLUGINS_DIR}
     depends_on:
       - worker-service
       - redis-service
+#    volumes:
+#      - /some/path/to/plugins:/plugins
 
   worker-service:
     restart: unless-stopped
@@ -78,6 +81,7 @@ services:
     image: budibase/proxy
     environment:
       - PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND=10
+      - PROXY_RATE_LIMIT_API_PER_SECOND=20
     depends_on:
       - minio-service
       - worker-service

hosting/hosting.properties

@@ -22,4 +22,7 @@ BUDIBASE_ENVIRONMENT=PRODUCTION
 
 # An admin user can be automatically created initially if these are set
 BB_ADMIN_USER_EMAIL=
-BB_ADMIN_USER_PASSWORD=
+BB_ADMIN_USER_PASSWORD=
+
+# A path that is watched for plugin bundles. Any bundles found are imported automatically/
+PLUGINS_DIR=

hosting/nginx.dev.conf.hbs

@@ -15,7 +15,10 @@ http {
 
   log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
-                    '"$http_user_agent" "$http_x_forwarded_for"';
+                    '"$http_user_agent" "$http_x_forwarded_for" '
+                    'response_time=$upstream_response_time proxy_host=$proxy_host upstream_addr=$upstream_addr';
+
+  access_log /var/log/nginx/access.log main;
   
   map $http_upgrade $connection_upgrade {
     default     "upgrade";
@@ -62,10 +65,6 @@ http {
       proxy_pass      http://{{ address }}:4001;
     }
 
-    location /preview {
-      proxy_pass      http://{{ address }}:4001;
-    }
-
     location /builder {
       proxy_pass      http://{{ address }}:3000;
       rewrite ^/builder(.*)$ /builder/$1 break;
@@ -81,6 +80,20 @@ http {
       proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
     }
 
+    location /vite/ {
+      proxy_pass  http://{{ address }}:3000;
+      rewrite     ^/vite(.*)$ /$1 break;
+    }
+
+    location /socket/ {
+      proxy_http_version  1.1;
+      proxy_set_header    Upgrade     $http_upgrade;
+      proxy_set_header    Connection  'upgrade';
+      proxy_set_header    Host        $host;
+      proxy_cache_bypass  $http_upgrade;
+      proxy_pass          http://{{ address }}:4001;
+    }
+
     location / {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

hosting/nginx.prod.conf.hbs

@@ -11,7 +11,7 @@ events {
 http {
   # rate limiting
   limit_req_status 429;
-  limit_req_zone $binary_remote_addr zone=ratelimit:10m rate=20r/s;
+  limit_req_zone $binary_remote_addr zone=ratelimit:10m rate=${PROXY_RATE_LIMIT_API_PER_SECOND}r/s;
   limit_req_zone $binary_remote_addr zone=webhooks:10m rate=${PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND}r/s;
 
   include       /etc/nginx/mime.types;
@@ -33,7 +33,10 @@ http {
 
   log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
-                    '"$http_user_agent" "$http_x_forwarded_for"';
+                    '"$http_user_agent" "$http_x_forwarded_for" '
+                    'response_time=$upstream_response_time proxy_host=$proxy_host upstream_addr=$upstream_addr';
+
+  access_log /var/log/nginx/access.log main;
 
   map $http_upgrade $connection_upgrade {
     default     "upgrade";
@@ -85,10 +88,6 @@ http {
       proxy_pass      http://$apps:4002;
     }
 
-    location /preview {
-      proxy_pass      http://$apps:4002;
-    }
-
     location = / {
       proxy_pass      http://$apps:4002;
     }
@@ -159,6 +158,15 @@ http {
       rewrite ^/db/(.*)$ /$1 break;
     }
 
+    location /socket/ {
+      proxy_http_version  1.1;
+      proxy_set_header    Upgrade     $http_upgrade;
+      proxy_set_header    Connection  'upgrade';
+      proxy_set_header    Host        $host;
+      proxy_cache_bypass  $http_upgrade;
+      proxy_pass          http://$apps:4002;
+    }
+
     location / {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

hosting/proxy/Dockerfile

@@ -10,4 +10,5 @@ COPY .generated-nginx.prod.conf /etc/nginx/templates/nginx.conf.template
 COPY error.html /usr/share/nginx/html/error.html
 
 # Default environment
-ENV PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND=10
+ENV PROXY_RATE_LIMIT_WEBHOOKS_PER_SECOND=10
+ENV PROXY_RATE_LIMIT_API_PER_SECOND=20

hosting/scripts/build-target-paths.sh

@@ -4,17 +4,21 @@ echo ${TARGETBUILD} > /buildtarget.txt
 if [[ "${TARGETBUILD}" = "aas" ]]; then
     # Azure AppService uses /home for persisent data & SSH on port 2222
     DATA_DIR=/home
-    mkdir -p $DATA_DIR/{search,minio,couchdb}
+    WEBSITES_ENABLE_APP_SERVICE_STORAGE=true
-    mkdir -p $DATA_DIR/couchdb/{dbs,views}
+    mkdir -p $DATA_DIR/{search,minio,couch}
-    chown -R couchdb:couchdb $DATA_DIR/couchdb/
+    mkdir -p $DATA_DIR/couch/{dbs,views}
+    chown -R couchdb:couchdb $DATA_DIR/couch/
     apt update
     apt-get install -y openssh-server
-    sed -i "s/#Port 22/Port 2222/" /etc/ssh/sshd_config
+    echo "root:Docker!" | chpasswd
+    mkdir -p /tmp
+    chmod +x /tmp/ssh_setup.sh \
+        && (sleep 1;/tmp/ssh_setup.sh 2>&1 > /dev/null)
+    cp /etc/sshd_config /etc/ssh/sshd_config
     /etc/init.d/ssh restart
     sed -i "s#DATA_DIR#/home#g" /opt/clouseau/clouseau.ini
     sed -i "s#DATA_DIR#/home#g" /opt/couchdb/etc/local.ini
 else
     sed -i "s#DATA_DIR#/data#g" /opt/clouseau/clouseau.ini
     sed -i "s#DATA_DIR#/data#g" /opt/couchdb/etc/local.ini
-
 fi

hosting/single/Dockerfile

@@ -29,23 +29,8 @@ ENV TARGETBUILD $TARGETBUILD
 COPY --from=build /app /app
 COPY --from=build /worker /worker
 
-ENV \
+# ENV CUSTOM_DOMAIN=budi001.custom.com \
-  APP_PORT=4001 \
+#  See runner.sh for Env Vars
-  ARCHITECTURE=amd \
-  BUDIBASE_ENVIRONMENT=PRODUCTION \
-  CLUSTER_PORT=80 \
-  # CUSTOM_DOMAIN=budi001.custom.com \
-  DATA_DIR=/data \
-  DEPLOYMENT_ENVIRONMENT=docker \
-  MINIO_URL=http://localhost:9000 \
-  POSTHOG_TOKEN=phc_bIjZL7oh2GEUd2vqvTBH8WvrX0fWTFQMs6H5KQxiUxU \
-  REDIS_URL=localhost:6379 \
-  SELF_HOSTED=1 \
-  TARGETBUILD=$TARGETBUILD \
-  WORKER_PORT=4002 \
-  WORKER_URL=http://localhost:4002 \
-  APPS_URL=http://localhost:4001
-
 # These secret env variables are generated by the runner at startup
 # their values can be overriden by the user, they will be written
 # to the .env file in the /data directory for use later on
@@ -117,6 +102,8 @@ RUN chmod +x ./build-target-paths.sh
 
 # Script below sets the path for storing data based on $DATA_DIR
 # For Azure App Service install SSH & point data locations to /home
+ADD hosting/single/ssh/sshd_config /etc/
+ADD hosting/single/ssh/ssh_setup.sh /tmp
 RUN /build-target-paths.sh
 
 # cleanup cache
@@ -124,6 +111,8 @@ RUN yarn cache clean -f
 
 EXPOSE 80
 EXPOSE 443
+# Expose port 2222 for SSH on Azure App Service build
+EXPOSE 2222
 VOLUME /data
 
 #  setup letsencrypt certificate

hosting/single/couch/local.ini

@@ -1,5 +1,5 @@
 ; CouchDB Configuration Settings
 
 [couchdb]
-database_dir = DATA_DIR/couchdb/dbs
+database_dir = DATA_DIR/couch/dbs
-view_index_dir = DATA_DIR/couchdb/views
+view_index_dir = DATA_DIR/couch/views

hosting/single/nginx/nginx-default-site.conf

@@ -66,6 +66,15 @@ server {
         rewrite ^/db/(.*)$ /$1 break;
     }
 
+    location /socket/ {
+      proxy_http_version  1.1;
+      proxy_set_header    Upgrade     $http_upgrade;
+      proxy_set_header    Connection  'upgrade';
+      proxy_set_header    Host        $host;
+      proxy_cache_bypass  $http_upgrade;
+      proxy_pass          http://127.0.0.1:4001;
+    }
+
     location / {
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

hosting/single/runner.sh

@@ -1,18 +1,37 @@
 #!/bin/bash
 declare -a ENV_VARS=("COUCHDB_USER" "COUCHDB_PASSWORD" "DATA_DIR" "MINIO_ACCESS_KEY" "MINIO_SECRET_KEY" "INTERNAL_API_KEY" "JWT_SECRET" "REDIS_PASSWORD")
-
+declare -a DOCKER_VARS=("APP_PORT" "APPS_URL" "ARCHITECTURE" "BUDIBASE_ENVIRONMENT" "CLUSTER_PORT" "DEPLOYMENT_ENVIRONMENT" "MINIO_URL" "NODE_ENV" "POSTHOG_TOKEN" "REDIS_URL" "SELF_HOSTED" "WORKER_PORT" "WORKER_URL" "TENANT_FEATURE_FLAGS" "ACCOUNT_PORTAL_URL")
+# Check the env vars set in Dockerfile have come through, AAS seems to drop them
+[[ -z "${APP_PORT}" ]] && export APP_PORT=4001
+[[ -z "${ARCHITECTURE}" ]] && export ARCHITECTURE=amd
+[[ -z "${BUDIBASE_ENVIRONMENT}" ]] && export BUDIBASE_ENVIRONMENT=PRODUCTION
+[[ -z "${CLUSTER_PORT}" ]] && export CLUSTER_PORT=80
+[[ -z "${DEPLOYMENT_ENVIRONMENT}" ]] && export DEPLOYMENT_ENVIRONMENT=docker
+[[ -z "${MINIO_URL}" ]] && export MINIO_URL=http://localhost:9000
+[[ -z "${NODE_ENV}" ]] && export NODE_ENV=production
+[[ -z "${POSTHOG_TOKEN}" ]] && export POSTHOG_TOKEN=phc_bIjZL7oh2GEUd2vqvTBH8WvrX0fWTFQMs6H5KQxiUxU
+[[ -z "${TENANT_FEATURE_FLAGS}" ]] && export TENANT_FEATURE_FLAGS="*:LICENSING,*:USER_GROUPS"
+[[ -z "${ACCOUNT_PORTAL_URL}" ]] && export ACCOUNT_PORTAL_URL=https://account.budibase.app
+[[ -z "${REDIS_URL}" ]] && export REDIS_URL=localhost:6379
+[[ -z "${SELF_HOSTED}" ]] && export SELF_HOSTED=1
+[[ -z "${WORKER_PORT}" ]] && export WORKER_PORT=4002
+[[ -z "${WORKER_URL}" ]] && export WORKER_URL=http://localhost:4002
+[[ -z "${APPS_URL}" ]] && export APPS_URL=http://localhost:4001
+#  export CUSTOM_DOMAIN=budi001.custom.com
 # Azure App Service customisations
 if [[ "${TARGETBUILD}" = "aas" ]]; then
     DATA_DIR=/home
+    WEBSITES_ENABLE_APP_SERVICE_STORAGE=true
     /etc/init.d/ssh start
 else
     DATA_DIR=${DATA_DIR:-/data}
 fi
 
 if [ -f "${DATA_DIR}/.env" ]; then
-    export $(cat ${DATA_DIR}/.env | xargs)
+    # Read in the .env file and export the variables
+    for LINE in $(cat ${DATA_DIR}/.env); do export $LINE; done
 fi
-# first randomise any unset environment variables
+# randomise any unset environment variables
 for ENV_VAR in "${ENV_VARS[@]}"
 do
     temp=$(eval "echo \$$ENV_VAR")
@@ -30,16 +49,23 @@ if [ ! -f "${DATA_DIR}/.env" ]; then
         temp=$(eval "echo \$$ENV_VAR")
         echo "$ENV_VAR=$temp" >> ${DATA_DIR}/.env
     done
+    for ENV_VAR in "${DOCKER_VARS[@]}"
+    do
+        temp=$(eval "echo \$$ENV_VAR")
+        echo "$ENV_VAR=$temp" >> ${DATA_DIR}/.env
+    done
     echo "COUCH_DB_URL=${COUCH_DB_URL}" >> ${DATA_DIR}/.env
 fi
 
-export COUCH_DB_URL=http://$COUCHDB_USER:$COUCHDB_PASSWORD@localhost:5984
+# Read in the .env file and export the variables
-
+for LINE in $(cat ${DATA_DIR}/.env); do export $LINE; done
+ln -s ${DATA_DIR}/.env /app/.env
+ln -s ${DATA_DIR}/.env /worker/.env
 # make these directories in runner, incase of mount
-mkdir -p ${DATA_DIR}/couchdb/{dbs,views}
+mkdir -p ${DATA_DIR}/couch/{dbs,views}
 mkdir -p ${DATA_DIR}/minio
 mkdir -p ${DATA_DIR}/search
-chown -R couchdb:couchdb ${DATA_DIR}/couchdb
+chown -R couchdb:couchdb ${DATA_DIR}/couch
 redis-server --requirepass $REDIS_PASSWORD &
 /opt/clouseau/bin/clouseau &
 /minio/minio server ${DATA_DIR}/minio &

hosting/single/ssh/ssh_setup.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+
+ssh-keygen -A
+
+#prepare run dir
+if [ ! -d "/var/run/sshd" ]; then
+    mkdir -p /var/run/sshd
+fi

hosting/single/ssh/sshd_config

@@ -0,0 +1,12 @@
+Port      2222
+ListenAddress     0.0.0.0
+LoginGraceTime    180
+X11Forwarding     yes
+Ciphers aes128-cbc,3des-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr
+MACs hmac-sha1,hmac-sha1-96
+StrictModes     yes
+SyslogFacility    DAEMON
+PasswordAuthentication  yes
+PermitEmptyPasswords  no
+PermitRootLogin   yes
+Subsystem sftp internal-sftp

lerna.json

@@ -1,5 +1,5 @@
 {
-  "version": "1.2.44-alpha.7",
+  "version": "2.0.14-alpha.2",
   "npmClient": "yarn",
   "packages": [
     "packages/*"

package.json

@@ -12,6 +12,7 @@
     "js-yaml": "^4.1.0",
     "kill-port": "^1.6.1",
     "lerna": "3.14.1",
+    "madge": "^5.0.1",
     "prettier": "^2.3.1",
     "prettier-plugin-svelte": "^2.3.0",
     "rimraf": "^3.0.2",
@@ -24,6 +25,8 @@
     "bootstrap": "lerna bootstrap && lerna link && ./scripts/link-dependencies.sh",
     "build": "lerna run build",
     "build:dev": "lerna run prebuild && tsc --build --watch --preserveWatchOutput",
+    "build:sdk": "lerna run build:sdk",
+    "deps:circular": "madge packages/server/dist/index.js packages/worker/src/index.ts packages/backend-core/dist/src/index.js packages/cli/src/index.js --circular",
     "release": "lerna publish ${RELEASE_VERSION_TYPE:-patch} --yes --force-publish && yarn release:pro",
     "release:develop": "lerna publish prerelease --yes --force-publish --dist-tag develop --exact && yarn release:pro:develop",
     "release:pro": "bash scripts/pro/release.sh",
@@ -44,8 +47,8 @@
     "lint:eslint": "eslint packages",
     "lint:prettier": "prettier --check \"packages/**/*.{js,ts,svelte}\"",
     "lint": "yarn run lint:eslint && yarn run lint:prettier",
-    "lint:fix:eslint": "eslint --fix packages",
+    "lint:fix:eslint": "eslint --fix packages qa-core",
-    "lint:fix:prettier": "prettier --write \"packages/**/*.{js,ts,svelte}\" && prettier --write \"examples/**/*.{js,ts,svelte}\"",
+    "lint:fix:prettier": "prettier --write \"packages/**/*.{js,ts,svelte}\" && prettier --write \"examples/**/*.{js,ts,svelte}\" && prettier --write \"qa-core/**/*.{js,ts,svelte}\"",
     "lint:fix": "yarn run lint:fix:prettier && yarn run lint:fix:eslint",
     "test:e2e": "lerna run cy:test --stream",
     "test:e2e:ci": "lerna run cy:ci --stream",

packages/backend-core/context.js

@@ -6,6 +6,7 @@ const {
   updateAppId,
   doInAppContext,
   doInTenant,
+  doInContext,
 } = require("./src/context")
 
 const identity = require("./src/context/identity")
@@ -19,4 +20,5 @@ module.exports = {
   doInAppContext,
   doInTenant,
   identity,
+  doInContext,
 }

packages/backend-core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@budibase/backend-core",
-  "version": "1.2.44-alpha.7",
+  "version": "2.0.14-alpha.2",
   "description": "Budibase backend core libraries used in server and worker",
   "main": "dist/src/index.js",
   "types": "dist/src/index.d.ts",
@@ -20,10 +20,12 @@
     "test:watch": "jest --watchAll"
   },
   "dependencies": {
-    "@budibase/types": "1.2.44-alpha.7",
+    "@budibase/types": "2.0.14-alpha.2",
+    "@shopify/jest-koa-mocks": "5.0.1",
     "@techpass/passport-openidconnect": "0.3.2",
     "aws-sdk": "2.1030.0",
     "bcrypt": "5.0.1",
+    "bcryptjs": "2.4.3",
     "dotenv": "16.0.1",
     "emitter-listener": "1.1.2",
     "ioredis": "4.28.0",
@@ -60,7 +62,6 @@
     ]
   },
   "devDependencies": {
-    "@shopify/jest-koa-mocks": "3.1.5",
     "@types/jest": "27.5.1",
     "@types/koa": "2.0.52",
     "@types/lodash": "4.14.180",

packages/backend-core/plugins.js

@@ -0,0 +1,3 @@
+module.exports = {
+  ...require("./src/plugin"),
+}

packages/backend-core/src/auth.ts

@@ -1,11 +1,11 @@
 const passport = require("koa-passport")
 const LocalStrategy = require("passport-local").Strategy
 const JwtStrategy = require("passport-jwt").Strategy
-const { getGlobalDB } = require("./tenancy")
+import { getGlobalDB } from "./tenancy"
 const refresh = require("passport-oauth2-refresh")
-const { Configs } = require("./constants")
+import { Configs } from "./constants"
-const { getScopedConfig } = require("./db/utils")
+import { getScopedConfig } from "./db/utils"
-const {
+import {
   jwt,
   local,
   authenticated,
@@ -13,7 +13,6 @@ const {
   oidc,
   auditLog,
   tenancy,
-  appTenancy,
   authError,
   ssoCallbackUrl,
   csrf,
@@ -22,32 +21,36 @@ const {
   builderOnly,
   builderOrAdmin,
   joiValidator,
-} = require("./middleware")
+} from "./middleware"
-
+import { invalidateUser } from "./cache/user"
-const { invalidateUser } = require("./cache/user")
+import { User } from "@budibase/types"
 
 // Strategies
 passport.use(new LocalStrategy(local.options, local.authenticate))
 passport.use(new JwtStrategy(jwt.options, jwt.authenticate))
 
-passport.serializeUser((user, done) => done(null, user))
+passport.serializeUser((user: User, done: any) => done(null, user))
 
-passport.deserializeUser(async (user, done) => {
+passport.deserializeUser(async (user: User, done: any) => {
   const db = getGlobalDB()
 
   try {
-    const user = await db.get(user._id)
+    const dbUser = await db.get(user._id)
-    return done(null, user)
+    return done(null, dbUser)
   } catch (err) {
     console.error(`User not found`, err)
     return done(null, false, { message: "User not found" })
   }
 })
 
-async function refreshOIDCAccessToken(db, chosenConfig, refreshToken) {
+async function refreshOIDCAccessToken(
+  db: any,
+  chosenConfig: any,
+  refreshToken: string
+) {
   const callbackUrl = await oidc.getCallbackUrl(db, chosenConfig)
-  let enrichedConfig
+  let enrichedConfig: any
-  let strategy
+  let strategy: any
 
   try {
     enrichedConfig = await oidc.fetchStrategyConfig(chosenConfig, callbackUrl)
@@ -70,22 +73,28 @@ async function refreshOIDCAccessToken(db, chosenConfig, refreshToken) {
     refresh.requestNewAccessToken(
       Configs.OIDC,
       refreshToken,
-      (err, accessToken, refreshToken, params) => {
+      (err: any, accessToken: string, refreshToken: any, params: any) => {
         resolve({ err, accessToken, refreshToken, params })
       }
     )
   })
 }
 
-async function refreshGoogleAccessToken(db, config, refreshToken) {
+async function refreshGoogleAccessToken(
+  db: any,
+  config: any,
+  refreshToken: any
+) {
   let callbackUrl = await google.getCallbackUrl(db, config)
 
   let strategy
   try {
     strategy = await google.strategyFactory(config, callbackUrl)
-  } catch (err) {
+  } catch (err: any) {
     console.error(err)
-    throw new Error("Error constructing OIDC refresh strategy", err)
+    throw new Error(
+      `Error constructing OIDC refresh strategy: message=${err.message}`
+    )
   }
 
   refresh.use(strategy)
@@ -94,14 +103,18 @@ async function refreshGoogleAccessToken(db, config, refreshToken) {
     refresh.requestNewAccessToken(
       Configs.GOOGLE,
       refreshToken,
-      (err, accessToken, refreshToken, params) => {
+      (err: any, accessToken: string, refreshToken: string, params: any) => {
         resolve({ err, accessToken, refreshToken, params })
       }
     )
   })
 }
 
-async function refreshOAuthToken(refreshToken, configType, configId) {
+async function refreshOAuthToken(
+  refreshToken: string,
+  configType: string,
+  configId: string
+) {
   const db = getGlobalDB()
 
   const config = await getScopedConfig(db, {
@@ -113,7 +126,7 @@ async function refreshOAuthToken(refreshToken, configType, configId) {
   let refreshResponse
   if (configType === Configs.OIDC) {
     // configId - retrieved from cookie.
-    chosenConfig = config.configs.filter(c => c.uuid === configId)[0]
+    chosenConfig = config.configs.filter((c: any) => c.uuid === configId)[0]
     if (!chosenConfig) {
       throw new Error("Invalid OIDC configuration")
     }
@@ -134,7 +147,7 @@ async function refreshOAuthToken(refreshToken, configType, configId) {
   return refreshResponse
 }
 
-async function updateUserOAuth(userId, oAuthConfig) {
+async function updateUserOAuth(userId: string, oAuthConfig: any) {
   const details = {
     accessToken: oAuthConfig.accessToken,
     refreshToken: oAuthConfig.refreshToken,
@@ -162,14 +175,13 @@ async function updateUserOAuth(userId, oAuthConfig) {
   }
 }
 
-module.exports = {
+export = {
   buildAuthMiddleware: authenticated,
   passport,
   google,
   oidc,
   jwt: require("jsonwebtoken"),
   buildTenancyMiddleware: tenancy,
-  buildAppTenancyMiddleware: appTenancy,
   auditLog,
   authError,
   buildCsrfMiddleware: csrf,

packages/backend-core/src/constants.js

@@ -7,6 +7,7 @@ exports.Cookies = {
   CurrentApp: "budibase:currentapp",
   Auth: "budibase:auth",
   Init: "budibase:init",
+  ACCOUNT_RETURN_URL: "budibase:account:returnurl",
   DatasourceAuth: "budibase:datasourceauth",
   OIDC_CONFIG: "budibase:oidc:config",
 }

packages/backend-core/src/context/index.ts

@@ -2,7 +2,7 @@ import env from "../environment"
 import { SEPARATOR, DocumentType } from "../db/constants"
 import cls from "./FunctionContext"
 import { dangerousGetDB, closeDB } from "../db"
-import { baseGlobalDBName } from "../tenancy/utils"
+import { baseGlobalDBName } from "../db/tenancy"
 import { IdentityContext } from "@budibase/types"
 import { DEFAULT_TENANT_ID as _DEFAULT_TENANT_ID } from "../constants"
 import { ContextKey } from "./constants"
@@ -65,7 +65,16 @@ export const getTenantIDFromAppID = (appId: string) => {
   }
 }
 
-// used for automations, API endpoints should always be in context already
+export const doInContext = async (appId: string, task: any) => {
+  // gets the tenant ID from the app ID
+  const tenantId = getTenantIDFromAppID(appId)
+  return doInTenant(tenantId, async () => {
+    return doInAppContext(appId, async () => {
+      return task()
+    })
+  })
+}
+
 export const doInTenant = (tenantId: string | null, task: any) => {
   // make sure default always selected in single tenancy
   if (!env.MULTI_TENANCY) {
@@ -226,6 +235,10 @@ export const getAppId = () => {
   }
 }
 
+export const isTenancyEnabled = () => {
+  return env.MULTI_TENANCY
+}
+
 /**
  * Opens the app database based on whatever the request
  * contained, dev or prod.

packages/backend-core/src/db/Replication.ts

@@ -1,4 +1,5 @@
 import { dangerousGetDB, closeDB } from "."
+import { DocumentType } from "./constants"
 
 class Replication {
   source: any
@@ -53,6 +54,14 @@ class Replication {
     return this.replication
   }
 
+  appReplicateOpts() {
+    return {
+      filter: (doc: any) => {
+        return doc._id !== DocumentType.APP_METADATA
+      },
+    }
+  }
+
   /**
    * Rollback the target DB back to the state of the source DB
    */
@@ -60,6 +69,7 @@ class Replication {
     await this.target.destroy()
     // Recreate the DB again
     this.target = dangerousGetDB(this.target.name)
+    // take the opportunity to remove deleted tombstones
     await this.replicate()
   }
 

packages/backend-core/src/db/constants.ts

@@ -18,6 +18,9 @@ export enum ViewName {
   LINK = "by_link",
   ROUTING = "screen_routes",
   AUTOMATION_LOGS = "automation_logs",
+  ACCOUNT_BY_EMAIL = "account_by_email",
+  PLATFORM_USERS_LOWERCASE = "platform_users_lowercase",
+  USER_BY_GROUP = "by_group_user",
 }
 
 export const DeprecatedViews = {
@@ -41,6 +44,11 @@ export enum DocumentType {
   MIGRATIONS = "migrations",
   DEV_INFO = "devinfo",
   AUTOMATION_LOG = "log_au",
+  ACCOUNT_METADATA = "acc_metadata",
+  PLUGIN = "plg",
+  TABLE = "ta",
+  DATASOURCE = "datasource",
+  DATASOURCE_PLUS = "datasource_plus",
 }
 
 export const StaticDatabases = {

packages/backend-core/src/db/conversions.js

@@ -36,6 +36,7 @@ exports.getDevelopmentAppID = appId => {
   const rest = split.join(APP_PREFIX)
   return `${APP_DEV_PREFIX}${rest}`
 }
+exports.getDevAppID = exports.getDevelopmentAppID
 
 /**
  * Convert a development app ID to a deployed app ID.

packages/backend-core/src/db/tenancy.ts

@@ -0,0 +1,22 @@
+import { DEFAULT_TENANT_ID } from "../constants"
+import { StaticDatabases, SEPARATOR } from "./constants"
+import { getTenantId } from "../context"
+
+export const getGlobalDBName = (tenantId?: string) => {
+  // tenant ID can be set externally, for example user API where
+  // new tenants are being created, this may be the case
+  if (!tenantId) {
+    tenantId = getTenantId()
+  }
+  return baseGlobalDBName(tenantId)
+}
+
+export const baseGlobalDBName = (tenantId: string | undefined | null) => {
+  let dbName
+  if (!tenantId || tenantId === DEFAULT_TENANT_ID) {
+    dbName = StaticDatabases.GLOBAL.name
+  } else {
+    dbName = `${tenantId}${SEPARATOR}${StaticDatabases.GLOBAL.name}`
+  }
+  return dbName
+}

packages/backend-core/src/db/utils.ts

@@ -2,7 +2,8 @@ import { newid } from "../hashing"
 import { DEFAULT_TENANT_ID, Configs } from "../constants"
 import env from "../environment"
 import { SEPARATOR, DocumentType, UNICODE_MAX, ViewName } from "./constants"
-import { getTenantId, getGlobalDBName, getGlobalDB } from "../tenancy"
+import { getTenantId, getGlobalDB } from "../context"
+import { getGlobalDBName } from "./tenancy"
 import fetch from "node-fetch"
 import { doWithDB, allDbs } from "./index"
 import { getCouchInfo } from "./pouch"
@@ -15,6 +16,7 @@ import * as events from "../events"
 export * from "./constants"
 export * from "./conversions"
 export { default as Replication } from "./Replication"
+export * from "./tenancy"
 
 /**
  * Generates a new app ID.
@@ -62,6 +64,28 @@ export function getQueryIndex(viewName: ViewName) {
   return `database/${viewName}`
 }
 
+/**
+ * Check if a given ID is that of a table.
+ * @returns {boolean}
+ */
+export const isTableId = (id: string) => {
+  // this includes datasource plus tables
+  return (
+    id &&
+    (id.startsWith(`${DocumentType.TABLE}${SEPARATOR}`) ||
+      id.startsWith(`${DocumentType.DATASOURCE_PLUS}${SEPARATOR}`))
+  )
+}
+
+/**
+ * Check if a given ID is that of a datasource or datasource plus.
+ * @returns {boolean}
+ */
+export const isDatasourceId = (id: string) => {
+  // this covers both datasources and datasource plus
+  return id && id.startsWith(`${DocumentType.DATASOURCE}${SEPARATOR}`)
+}
+
 /**
  * Generates a new workspace ID.
  * @returns {string} The new workspace ID which the workspace doc can be stored under.
@@ -254,7 +278,16 @@ export async function getAllApps({ dev, all, idsOnly, efficient }: any = {}) {
     return false
   })
   if (idsOnly) {
-    return appDbNames
+    const devAppIds = appDbNames.filter(appId => isDevAppID(appId))
+    const prodAppIds = appDbNames.filter(appId => !isDevAppID(appId))
+    switch (dev) {
+      case true:
+        return devAppIds
+      case false:
+        return prodAppIds
+      default:
+        return appDbNames
+    }
   }
   const appPromises = appDbNames.map((app: any) =>
     // skip setup otherwise databases could be re-created
@@ -357,6 +390,21 @@ export const generateDevInfoID = (userId: any) => {
   return `${DocumentType.DEV_INFO}${SEPARATOR}${userId}`
 }
 
+/**
+ * Generates a new plugin ID - to be used in the global DB.
+ * @returns {string} The new plugin ID which a plugin metadata document can be stored under.
+ */
+export const generatePluginID = (name: string) => {
+  return `${DocumentType.PLUGIN}${SEPARATOR}${name}`
+}
+
+/**
+ * Gets parameters for retrieving automations, this is a utility function for the getDocParams function.
+ */
+export const getPluginParams = (pluginId?: string | null, otherProps = {}) => {
+  return getDocParams(DocumentType.PLUGIN, pluginId, otherProps)
+}
+
 /**
  * Returns the most granular configuration document from the DB based on the type, workspace and userID passed.
  * @param {Object} db - db instance to query

packages/backend-core/src/db/views.js

@@ -1,158 +0,0 @@
-const {
-  DocumentType,
-  ViewName,
-  DeprecatedViews,
-  SEPARATOR,
-} = require("./utils")
-const { getGlobalDB } = require("../tenancy")
-
-const DESIGN_DB = "_design/database"
-
-function DesignDoc() {
-  return {
-    _id: DESIGN_DB,
-    // view collation information, read before writing any complex views:
-    // https://docs.couchdb.org/en/master/ddocs/views/collation.html#collation-specification
-    views: {},
-  }
-}
-
-async function removeDeprecated(db, viewName) {
-  if (!DeprecatedViews[viewName]) {
-    return
-  }
-  try {
-    const designDoc = await db.get(DESIGN_DB)
-    for (let deprecatedNames of DeprecatedViews[viewName]) {
-      delete designDoc.views[deprecatedNames]
-    }
-    await db.put(designDoc)
-  } catch (err) {
-    // doesn't exist, ignore
-  }
-}
-
-exports.createNewUserEmailView = async () => {
-  const db = getGlobalDB()
-  let designDoc
-  try {
-    designDoc = await db.get(DESIGN_DB)
-  } catch (err) {
-    // no design doc, make one
-    designDoc = DesignDoc()
-  }
-  const view = {
-    // if using variables in a map function need to inject them before use
-    map: `function(doc) {
-      if (doc._id.startsWith("${DocumentType.USER}${SEPARATOR}")) {
-        emit(doc.email.toLowerCase(), doc._id)
-      }
-    }`,
-  }
-  designDoc.views = {
-    ...designDoc.views,
-    [ViewName.USER_BY_EMAIL]: view,
-  }
-  await db.put(designDoc)
-}
-
-exports.createUserAppView = async () => {
-  const db = getGlobalDB()
-  let designDoc
-  try {
-    designDoc = await db.get("_design/database")
-  } catch (err) {
-    // no design doc, make one
-    designDoc = DesignDoc()
-  }
-  const view = {
-    // if using variables in a map function need to inject them before use
-    map: `function(doc) {
-      if (doc._id.startsWith("${DocumentType.USER}${SEPARATOR}") && doc.roles) {
-        for (let prodAppId of Object.keys(doc.roles)) {
-          let emitted = prodAppId + "${SEPARATOR}" + doc._id
-          emit(emitted, null)
-        }
-      }
-    }`,
-  }
-  designDoc.views = {
-    ...designDoc.views,
-    [ViewName.USER_BY_APP]: view,
-  }
-  await db.put(designDoc)
-}
-
-exports.createApiKeyView = async () => {
-  const db = getGlobalDB()
-  let designDoc
-  try {
-    designDoc = await db.get("_design/database")
-  } catch (err) {
-    designDoc = DesignDoc()
-  }
-  const view = {
-    map: `function(doc) {
-      if (doc._id.startsWith("${DocumentType.DEV_INFO}") && doc.apiKey) {
-        emit(doc.apiKey, doc.userId)
-      }
-    }`,
-  }
-  designDoc.views = {
-    ...designDoc.views,
-    [ViewName.BY_API_KEY]: view,
-  }
-  await db.put(designDoc)
-}
-
-exports.createUserBuildersView = async () => {
-  const db = getGlobalDB()
-  let designDoc
-  try {
-    designDoc = await db.get("_design/database")
-  } catch (err) {
-    // no design doc, make one
-    designDoc = DesignDoc()
-  }
-  const view = {
-    map: `function(doc) {
-      if (doc.builder && doc.builder.global === true) {
-        emit(doc._id, doc._id)
-      }
-    }`,
-  }
-  designDoc.views = {
-    ...designDoc.views,
-    [ViewName.USER_BY_BUILDERS]: view,
-  }
-  await db.put(designDoc)
-}
-
-exports.queryGlobalView = async (viewName, params, db = null) => {
-  const CreateFuncByName = {
-    [ViewName.USER_BY_EMAIL]: exports.createNewUserEmailView,
-    [ViewName.BY_API_KEY]: exports.createApiKeyView,
-    [ViewName.USER_BY_BUILDERS]: exports.createUserBuildersView,
-    [ViewName.USER_BY_APP]: exports.createUserAppView,
-  }
-  // can pass DB in if working with something specific
-  if (!db) {
-    db = getGlobalDB()
-  }
-  try {
-    let response = (await db.query(`database/${viewName}`, params)).rows
-    response = response.map(resp =>
-      params.include_docs ? resp.doc : resp.value
-    )
-    return response.length <= 1 ? response[0] : response
-  } catch (err) {
-    if (err != null && err.name === "not_found") {
-      const createFunc = CreateFuncByName[viewName]
-      await removeDeprecated(db, viewName)
-      await createFunc()
-      return exports.queryGlobalView(viewName, params)
-    } else {
-      throw err
-    }
-  }
-}

packages/backend-core/src/db/views.ts

@@ -0,0 +1,199 @@
+import { DocumentType, ViewName, DeprecatedViews, SEPARATOR } from "./utils"
+import { getGlobalDB } from "../context"
+import PouchDB from "pouchdb"
+import { StaticDatabases } from "./constants"
+import { doWithDB } from "./"
+
+const DESIGN_DB = "_design/database"
+
+function DesignDoc() {
+  return {
+    _id: DESIGN_DB,
+    // view collation information, read before writing any complex views:
+    // https://docs.couchdb.org/en/master/ddocs/views/collation.html#collation-specification
+    views: {},
+  }
+}
+
+interface DesignDocument {
+  views: any
+}
+
+async function removeDeprecated(db: PouchDB.Database, viewName: ViewName) {
+  // @ts-ignore
+  if (!DeprecatedViews[viewName]) {
+    return
+  }
+  try {
+    const designDoc = await db.get<DesignDocument>(DESIGN_DB)
+    // @ts-ignore
+    for (let deprecatedNames of DeprecatedViews[viewName]) {
+      delete designDoc.views[deprecatedNames]
+    }
+    await db.put(designDoc)
+  } catch (err) {
+    // doesn't exist, ignore
+  }
+}
+
+export async function createView(db: any, viewJs: string, viewName: string) {
+  let designDoc
+  try {
+    designDoc = (await db.get(DESIGN_DB)) as DesignDocument
+  } catch (err) {
+    // no design doc, make one
+    designDoc = DesignDoc()
+  }
+  const view = {
+    map: viewJs,
+  }
+  designDoc.views = {
+    ...designDoc.views,
+    [viewName]: view,
+  }
+  await db.put(designDoc)
+}
+
+export const createNewUserEmailView = async () => {
+  const db = getGlobalDB()
+  const viewJs = `function(doc) {
+    if (doc._id.startsWith("${DocumentType.USER}${SEPARATOR}")) {
+      emit(doc.email.toLowerCase(), doc._id)
+    }
+  }`
+  await createView(db, viewJs, ViewName.USER_BY_EMAIL)
+}
+
+export const createAccountEmailView = async () => {
+  const viewJs = `function(doc) {
+    if (doc._id.startsWith("${DocumentType.ACCOUNT_METADATA}${SEPARATOR}")) {
+      emit(doc.email.toLowerCase(), doc._id)
+    }
+  }`
+  await doWithDB(
+    StaticDatabases.PLATFORM_INFO.name,
+    async (db: PouchDB.Database) => {
+      await createView(db, viewJs, ViewName.ACCOUNT_BY_EMAIL)
+    }
+  )
+}
+
+export const createUserAppView = async () => {
+  const db = getGlobalDB() as PouchDB.Database
+  const viewJs = `function(doc) {
+    if (doc._id.startsWith("${DocumentType.USER}${SEPARATOR}") && doc.roles) {
+      for (let prodAppId of Object.keys(doc.roles)) {
+        let emitted = prodAppId + "${SEPARATOR}" + doc._id
+        emit(emitted, null)
+      }
+    }
+  }`
+  await createView(db, viewJs, ViewName.USER_BY_APP)
+}
+
+export const createApiKeyView = async () => {
+  const db = getGlobalDB()
+  const viewJs = `function(doc) {
+    if (doc._id.startsWith("${DocumentType.DEV_INFO}") && doc.apiKey) {
+      emit(doc.apiKey, doc.userId)
+    }
+  }`
+  await createView(db, viewJs, ViewName.BY_API_KEY)
+}
+
+export const createUserBuildersView = async () => {
+  const db = getGlobalDB()
+  const viewJs = `function(doc) {
+    if (doc.builder && doc.builder.global === true) {
+      emit(doc._id, doc._id)
+    }
+  }`
+  await createView(db, viewJs, ViewName.USER_BY_BUILDERS)
+}
+
+export const createPlatformUserView = async () => {
+  const viewJs = `function(doc) {
+    if (doc.tenantId) {
+      emit(doc._id.toLowerCase(), doc._id)
+    }
+  }`
+  await doWithDB(
+    StaticDatabases.PLATFORM_INFO.name,
+    async (db: PouchDB.Database) => {
+      await createView(db, viewJs, ViewName.PLATFORM_USERS_LOWERCASE)
+    }
+  )
+}
+
+export interface QueryViewOptions {
+  arrayResponse?: boolean
+}
+
+export const queryView = async <T>(
+  viewName: ViewName,
+  params: PouchDB.Query.Options<T, T>,
+  db: PouchDB.Database,
+  createFunc: any,
+  opts?: QueryViewOptions
+): Promise<T[] | T | undefined> => {
+  try {
+    let response = await db.query<T, T>(`database/${viewName}`, params)
+    const rows = response.rows
+    const docs = rows.map(row => (params.include_docs ? row.doc : row.value))
+
+    // if arrayResponse has been requested, always return array regardless of length
+    if (opts?.arrayResponse) {
+      return docs
+    } else {
+      // return the single document if there is only one
+      return docs.length <= 1 ? docs[0] : docs
+    }
+  } catch (err: any) {
+    if (err != null && err.name === "not_found") {
+      await removeDeprecated(db, viewName)
+      await createFunc()
+      return queryView(viewName, params, db, createFunc, opts)
+    } else {
+      throw err
+    }
+  }
+}
+
+export const queryPlatformView = async <T>(
+  viewName: ViewName,
+  params: PouchDB.Query.Options<T, T>,
+  opts?: QueryViewOptions
+): Promise<T[] | T | undefined> => {
+  const CreateFuncByName: any = {
+    [ViewName.ACCOUNT_BY_EMAIL]: createAccountEmailView,
+    [ViewName.PLATFORM_USERS_LOWERCASE]: createPlatformUserView,
+  }
+
+  return doWithDB(
+    StaticDatabases.PLATFORM_INFO.name,
+    async (db: PouchDB.Database) => {
+      const createFn = CreateFuncByName[viewName]
+      return queryView(viewName, params, db, createFn, opts)
+    }
+  )
+}
+
+export const queryGlobalView = async <T>(
+  viewName: ViewName,
+  params: PouchDB.Query.Options<T, T>,
+  db?: PouchDB.Database,
+  opts?: QueryViewOptions
+): Promise<T[] | T | undefined> => {
+  const CreateFuncByName: any = {
+    [ViewName.USER_BY_EMAIL]: createNewUserEmailView,
+    [ViewName.BY_API_KEY]: createApiKeyView,
+    [ViewName.USER_BY_BUILDERS]: createUserBuildersView,
+    [ViewName.USER_BY_APP]: createUserAppView,
+  }
+  // can pass DB in if working with something specific
+  if (!db) {
+    db = getGlobalDB() as PouchDB.Database
+  }
+  const createFn = CreateFuncByName[viewName]
+  return queryView(viewName, params, db, createFn, opts)
+}

packages/backend-core/src/environment.ts

@@ -16,9 +16,19 @@ if (!LOADED && isDev() && !isTest()) {
   LOADED = true
 }
 
+const DefaultBucketName = {
+  BACKUPS: "backups",
+  APPS: "prod-budi-app-assets",
+  TEMPLATES: "templates",
+  GLOBAL: "global",
+  CLOUD: "prod-budi-tenant-uploads",
+  PLUGINS: "plugins",
+}
+
 const env = {
   isTest,
   isDev,
+  JS_BCRYPT: process.env.JS_BCRYPT,
   JWT_SECRET: process.env.JWT_SECRET,
   COUCH_DB_URL: process.env.COUCH_DB_URL || "http://localhost:4005",
   COUCH_DB_USERNAME: process.env.COUCH_DB_USER,
@@ -36,7 +46,7 @@ const env = {
   MULTI_TENANCY: process.env.MULTI_TENANCY,
   ACCOUNT_PORTAL_URL:
     process.env.ACCOUNT_PORTAL_URL || "https://account.budibase.app",
-  ACCOUNT_PORTAL_API_KEY: process.env.ACCOUNT_PORTAL_API_KEY,
+  ACCOUNT_PORTAL_API_KEY: process.env.ACCOUNT_PORTAL_API_KEY || "",
   DISABLE_ACCOUNT_PORTAL: process.env.DISABLE_ACCOUNT_PORTAL,
   SELF_HOSTED: !!parseInt(process.env.SELF_HOSTED || ""),
   COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
@@ -44,12 +54,17 @@ const env = {
   POSTHOG_TOKEN: process.env.POSTHOG_TOKEN,
   ENABLE_ANALYTICS: process.env.ENABLE_ANALYTICS,
   TENANT_FEATURE_FLAGS: process.env.TENANT_FEATURE_FLAGS,
-  BACKUPS_BUCKET_NAME: process.env.BACKUPS_BUCKET_NAME || "backups",
+  BACKUPS_BUCKET_NAME:
-  APPS_BUCKET_NAME: process.env.APPS_BUCKET_NAME || "prod-budi-app-assets",
+    process.env.BACKUPS_BUCKET_NAME || DefaultBucketName.BACKUPS,
-  TEMPLATES_BUCKET_NAME: process.env.TEMPLATES_BUCKET_NAME || "templates",
+  APPS_BUCKET_NAME: process.env.APPS_BUCKET_NAME || DefaultBucketName.APPS,
-  GLOBAL_BUCKET_NAME: process.env.GLOBAL_BUCKET_NAME || "global",
+  TEMPLATES_BUCKET_NAME:
+    process.env.TEMPLATES_BUCKET_NAME || DefaultBucketName.TEMPLATES,
+  GLOBAL_BUCKET_NAME:
+    process.env.GLOBAL_BUCKET_NAME || DefaultBucketName.GLOBAL,
   GLOBAL_CLOUD_BUCKET_NAME:
-    process.env.GLOBAL_CLOUD_BUCKET_NAME || "prod-budi-tenant-uploads",
+    process.env.GLOBAL_CLOUD_BUCKET_NAME || DefaultBucketName.CLOUD,
+  PLUGIN_BUCKET_NAME:
+    process.env.PLUGIN_BUCKET_NAME || DefaultBucketName.PLUGINS,
   USE_COUCH: process.env.USE_COUCH || true,
   DISABLE_DEVELOPER_LICENSE: process.env.DISABLE_DEVELOPER_LICENSE,
   DEFAULT_LICENSE: process.env.DEFAULT_LICENSE,

packages/backend-core/src/errors/base.js

@@ -1,11 +0,0 @@
-class BudibaseError extends Error {
-  constructor(message, code, type) {
-    super(message)
-    this.code = code
-    this.type = type
-  }
-}
-
-module.exports = {
-  BudibaseError,
-}

packages/backend-core/src/errors/base.ts

@@ -0,0 +1,10 @@
+export class BudibaseError extends Error {
+  code: string
+  type: string
+
+  constructor(message: string, code: string, type: string) {
+    super(message)
+    this.code = code
+    this.type = type
+  }
+}

packages/backend-core/src/errors/generic.js

@@ -1,11 +0,0 @@
-const { BudibaseError } = require("./base")
-
-class GenericError extends BudibaseError {
-  constructor(message, code, type) {
-    super(message, code, type ? type : "generic")
-  }
-}
-
-module.exports = {
-  GenericError,
-}

packages/backend-core/src/errors/generic.ts

@@ -0,0 +1,7 @@
+import { BudibaseError } from "./base"
+
+export class GenericError extends BudibaseError {
+  constructor(message: string, code: string, type: string) {
+    super(message, code, type ? type : "generic")
+  }
+}

packages/backend-core/src/errors/http.js

@@ -1,12 +0,0 @@
-const { GenericError } = require("./generic")
-
-class HTTPError extends GenericError {
-  constructor(message, httpStatus, code = "http", type = "generic") {
-    super(message, code, type)
-    this.status = httpStatus
-  }
-}
-
-module.exports = {
-  HTTPError,
-}

packages/backend-core/src/errors/http.ts

@@ -0,0 +1,15 @@
+import { GenericError } from "./generic"
+
+export class HTTPError extends GenericError {
+  status: number
+
+  constructor(
+    message: string,
+    httpStatus: number,
+    code = "http",
+    type = "generic"
+  ) {
+    super(message, code, type)
+    this.status = httpStatus
+  }
+}

packages/backend-core/src/errors/index.ts

@@ -1,5 +1,6 @@
-const http = require("./http")
+import { HTTPError } from "./http"
-const licensing = require("./licensing")
+import { UsageLimitError, FeatureDisabledError } from "./licensing"
+import * as licensing from "./licensing"
 
 const codes = {
   ...licensing.codes,
@@ -11,7 +12,7 @@ const context = {
   ...licensing.context,
 }
 
-const getPublicError = err => {
+const getPublicError = (err: any) => {
   let error
   if (err.code || err.type) {
     // add generic error information
@@ -32,13 +33,15 @@ const getPublicError = err => {
   return error
 }
 
-module.exports = {
+const pkg = {
   codes,
   types,
   errors: {
-    UsageLimitError: licensing.UsageLimitError,
+    UsageLimitError,
-    FeatureDisabledError: licensing.FeatureDisabledError,
+    FeatureDisabledError,
-    HTTPError: http.HTTPError,
+    HTTPError,
   },
   getPublicError,
 }
+
+export = pkg

packages/backend-core/src/errors/licensing.js

@@ -1,43 +0,0 @@
-const { HTTPError } = require("./http")
-
-const type = "license_error"
-
-const codes = {
-  USAGE_LIMIT_EXCEEDED: "usage_limit_exceeded",
-  FEATURE_DISABLED: "feature_disabled",
-}
-
-const context = {
-  [codes.USAGE_LIMIT_EXCEEDED]: err => {
-    return {
-      limitName: err.limitName,
-    }
-  },
-  [codes.FEATURE_DISABLED]: err => {
-    return {
-      featureName: err.featureName,
-    }
-  },
-}
-
-class UsageLimitError extends HTTPError {
-  constructor(message, limitName) {
-    super(message, 400, codes.USAGE_LIMIT_EXCEEDED, type)
-    this.limitName = limitName
-  }
-}
-
-class FeatureDisabledError extends HTTPError {
-  constructor(message, featureName) {
-    super(message, 400, codes.FEATURE_DISABLED, type)
-    this.featureName = featureName
-  }
-}
-
-module.exports = {
-  type,
-  codes,
-  context,
-  UsageLimitError,
-  FeatureDisabledError,
-}

packages/backend-core/src/errors/licensing.ts

@@ -0,0 +1,39 @@
+import { HTTPError } from "./http"
+
+export const type = "license_error"
+
+export const codes = {
+  USAGE_LIMIT_EXCEEDED: "usage_limit_exceeded",
+  FEATURE_DISABLED: "feature_disabled",
+}
+
+export const context = {
+  [codes.USAGE_LIMIT_EXCEEDED]: (err: any) => {
+    return {
+      limitName: err.limitName,
+    }
+  },
+  [codes.FEATURE_DISABLED]: (err: any) => {
+    return {
+      featureName: err.featureName,
+    }
+  },
+}
+
+export class UsageLimitError extends HTTPError {
+  limitName: string
+
+  constructor(message: string, limitName: string) {
+    super(message, 400, codes.USAGE_LIMIT_EXCEEDED, type)
+    this.limitName = limitName
+  }
+}
+
+export class FeatureDisabledError extends HTTPError {
+  featureName: string
+
+  constructor(message: string, featureName: string) {
+    super(message, 400, codes.FEATURE_DISABLED, type)
+    this.featureName = featureName
+  }
+}

packages/backend-core/src/events/index.ts

@@ -8,4 +8,5 @@ import { processors } from "./processors"
 
 export const shutdown = () => {
   processors.shutdown()
+  console.log("Events shutdown")
 }

packages/backend-core/src/events/processors/LoggingProcessor.ts

@@ -23,9 +23,11 @@ export default class LoggingProcessor implements EventProcessor {
       return
     }
     let timestampString = getTimestampString(timestamp)
-    console.log(
+    let message = `[audit] [tenant=${identity.tenantId}] [identityType=${identity.type}] [identity=${identity.id}] ${timestampString} ${event} `
-      `[audit] [tenant=${identity.tenantId}] [identityType=${identity.type}] [identity=${identity.id}] ${timestampString} ${event} `
+    if (env.isDev()) {
-    )
+      message = message + `[debug: [properties=${JSON.stringify(properties)}] ]`
+    }
+    console.log(message)
   }
 
   async identify(identity: Identity, timestamp?: string | number) {

packages/backend-core/src/events/publishers/datasource.ts

@@ -5,8 +5,15 @@ import {
   DatasourceCreatedEvent,
   DatasourceUpdatedEvent,
   DatasourceDeletedEvent,
+  SourceName,
 } from "@budibase/types"
 
+function isCustom(datasource: Datasource) {
+  const sources = Object.values(SourceName)
+  // if not in the base source list, then it must be custom
+  return !sources.includes(datasource.source)
+}
+
 export async function created(
   datasource: Datasource,
   timestamp?: string | number
@@ -14,6 +21,7 @@ export async function created(
   const properties: DatasourceCreatedEvent = {
     datasourceId: datasource._id as string,
     source: datasource.source,
+    custom: isCustom(datasource),
   }
   await publishEvent(Event.DATASOURCE_CREATED, properties, timestamp)
 }
@@ -22,6 +30,7 @@ export async function updated(datasource: Datasource) {
   const properties: DatasourceUpdatedEvent = {
     datasourceId: datasource._id as string,
     source: datasource.source,
+    custom: isCustom(datasource),
   }
   await publishEvent(Event.DATASOURCE_UPDATED, properties)
 }
@@ -30,6 +39,7 @@ export async function deleted(datasource: Datasource) {
   const properties: DatasourceDeletedEvent = {
     datasourceId: datasource._id as string,
     source: datasource.source,
+    custom: isCustom(datasource),
   }
   await publishEvent(Event.DATASOURCE_DELETED, properties)
 }

packages/backend-core/src/events/publishers/group.ts

@@ -40,9 +40,9 @@ export async function usersAdded(count: number, group: UserGroup) {
   await publishEvent(Event.USER_GROUP_USERS_ADDED, properties)
 }
 
-export async function usersDeleted(emails: string[], group: UserGroup) {
+export async function usersDeleted(count: number, group: UserGroup) {
   const properties: GroupUsersDeletedEvent = {
-    count: emails.length,
+    count,
     groupId: group._id as string,
   }
   await publishEvent(Event.USER_GROUP_USERS_REMOVED, properties)

packages/backend-core/src/events/publishers/index.ts

@@ -18,3 +18,4 @@ export * as view from "./view"
 export * as installation from "./installation"
 export * as backfill from "./backfill"
 export * as group from "./group"
+export * as plugin from "./plugin"

packages/backend-core/src/events/publishers/license.ts

@@ -1,27 +1,78 @@
 import { publishEvent } from "../events"
 import {
   Event,
-  License,
   LicenseActivatedEvent,
-  LicenseDowngradedEvent,
+  LicensePlanChangedEvent,
-  LicenseUpdatedEvent,
+  LicenseTierChangedEvent,
-  LicenseUpgradedEvent,
+  PlanType,
+  Account,
+  LicensePortalOpenedEvent,
+  LicenseCheckoutSuccessEvent,
+  LicenseCheckoutOpenedEvent,
+  LicensePaymentFailedEvent,
+  LicensePaymentRecoveredEvent,
 } from "@budibase/types"
 
-// TODO
+export async function tierChanged(account: Account, from: number, to: number) {
-export async function updgraded(license: License) {
+  const properties: LicenseTierChangedEvent = {
-  const properties: LicenseUpgradedEvent = {}
+    accountId: account.accountId,
-  await publishEvent(Event.LICENSE_UPGRADED, properties)
+    to,
+    from,
+  }
+  await publishEvent(Event.LICENSE_TIER_CHANGED, properties)
 }
 
-// TODO
+export async function planChanged(
-export async function downgraded(license: License) {
+  account: Account,
-  const properties: LicenseDowngradedEvent = {}
+  from: PlanType,
-  await publishEvent(Event.LICENSE_DOWNGRADED, properties)
+  to: PlanType
+) {
+  const properties: LicensePlanChangedEvent = {
+    accountId: account.accountId,
+    to,
+    from,
+  }
+  await publishEvent(Event.LICENSE_PLAN_CHANGED, properties)
 }
 
-// TODO
+export async function activated(account: Account) {
-export async function activated(license: License) {
+  const properties: LicenseActivatedEvent = {
-  const properties: LicenseActivatedEvent = {}
+    accountId: account.accountId,
+  }
   await publishEvent(Event.LICENSE_ACTIVATED, properties)
 }
+
+export async function checkoutOpened(account: Account) {
+  const properties: LicenseCheckoutOpenedEvent = {
+    accountId: account.accountId,
+  }
+  await publishEvent(Event.LICENSE_CHECKOUT_OPENED, properties)
+}
+
+export async function checkoutSuccess(account: Account) {
+  const properties: LicenseCheckoutSuccessEvent = {
+    accountId: account.accountId,
+  }
+  await publishEvent(Event.LICENSE_CHECKOUT_SUCCESS, properties)
+}
+
+export async function portalOpened(account: Account) {
+  const properties: LicensePortalOpenedEvent = {
+    accountId: account.accountId,
+  }
+  await publishEvent(Event.LICENSE_PORTAL_OPENED, properties)
+}
+
+export async function paymentFailed(account: Account) {
+  const properties: LicensePaymentFailedEvent = {
+    accountId: account.accountId,
+  }
+  await publishEvent(Event.LICENSE_PAYMENT_FAILED, properties)
+}
+
+export async function paymentRecovered(account: Account) {
+  const properties: LicensePaymentRecoveredEvent = {
+    accountId: account.accountId,
+  }
+  await publishEvent(Event.LICENSE_PAYMENT_RECOVERED, properties)
+}

packages/backend-core/src/events/publishers/plugin.ts

@@ -0,0 +1,41 @@
+import { publishEvent } from "../events"
+import {
+  Event,
+  Plugin,
+  PluginDeletedEvent,
+  PluginImportedEvent,
+  PluginInitEvent,
+} from "@budibase/types"
+
+export async function init(plugin: Plugin) {
+  const properties: PluginInitEvent = {
+    type: plugin.schema.type,
+    name: plugin.name,
+    description: plugin.description,
+    version: plugin.version,
+  }
+  await publishEvent(Event.PLUGIN_INIT, properties)
+}
+
+export async function imported(plugin: Plugin) {
+  const properties: PluginImportedEvent = {
+    pluginId: plugin._id as string,
+    type: plugin.schema.type,
+    source: plugin.source,
+    name: plugin.name,
+    description: plugin.description,
+    version: plugin.version,
+  }
+  await publishEvent(Event.PLUGIN_IMPORTED, properties)
+}
+
+export async function deleted(plugin: Plugin) {
+  const properties: PluginDeletedEvent = {
+    pluginId: plugin._id as string,
+    type: plugin.schema.type,
+    name: plugin.name,
+    description: plugin.description,
+    version: plugin.version,
+  }
+  await publishEvent(Event.PLUGIN_DELETED, properties)
+}

packages/backend-core/src/featureFlags/index.js

@@ -31,23 +31,29 @@ const TENANT_FEATURE_FLAGS = getFeatureFlags()
 
 exports.isEnabled = featureFlag => {
   const tenantId = tenancy.getTenantId()
-
+  const flags = exports.getTenantFeatureFlags(tenantId)
-  return (
+  return flags.includes(featureFlag)
-    TENANT_FEATURE_FLAGS &&
-    TENANT_FEATURE_FLAGS[tenantId] &&
-    TENANT_FEATURE_FLAGS[tenantId].includes(featureFlag)
-  )
 }
 
 exports.getTenantFeatureFlags = tenantId => {
-  if (TENANT_FEATURE_FLAGS && TENANT_FEATURE_FLAGS[tenantId]) {
+  const flags = []
-    return TENANT_FEATURE_FLAGS[tenantId]
+
+  if (TENANT_FEATURE_FLAGS) {
+    const globalFlags = TENANT_FEATURE_FLAGS["*"]
+    const tenantFlags = TENANT_FEATURE_FLAGS[tenantId]
+
+    if (globalFlags) {
+      flags.push(...globalFlags)
+    }
+    if (tenantFlags) {
+      flags.push(...tenantFlags)
+    }
   }
 
-  return []
+  return flags
 }
 
-exports.FeatureFlag = {
+exports.TenantFeatureFlag = {
   LICENSING: "LICENSING",
   GOOGLE_SHEETS: "GOOGLE_SHEETS",
   USER_GROUPS: "USER_GROUPS",

packages/backend-core/src/hashing.js

@@ -1,5 +1,5 @@
-const bcrypt = require("bcrypt")
 const env = require("./environment")
+const bcrypt = env.JS_BCRYPT ? require("bcryptjs") : require("bcrypt")
 const { v4 } = require("uuid")
 
 const SALT_ROUNDS = env.SALT_ROUNDS || 10

packages/backend-core/src/index.ts

@@ -1,5 +1,4 @@
 import errors from "./errors"
-
 const errorClasses = errors.errors
 import * as events from "./events"
 import * as migrations from "./migrations"
@@ -15,8 +14,11 @@ import deprovisioning from "./context/deprovision"
 import auth from "./auth"
 import constants from "./constants"
 import * as dbConstants from "./db/constants"
-import logging from "./logging"
+import * as logging from "./logging"
 import pino from "./pino"
+import * as middleware from "./middleware"
+import plugins from "./plugin"
+import encryption from "./security/encryption"
 
 // mimic the outer package exports
 import * as db from "./pkg/db"
@@ -55,8 +57,11 @@ const core = {
   errors,
   logging,
   roles,
+  plugins,
   ...pino,
   ...errorClasses,
+  middleware,
+  encryption,
 }
 
 export = core

packages/backend-core/src/middleware/authenticated.ts

@@ -65,7 +65,7 @@ async function checkApiKey(apiKey: string, populateUser?: Function) {
  * The tenancy modules should not be used here and it should be assumed that the tenancy context
  * has not yet been populated.
  */
-module.exports = (
+export = (
   noAuthPatterns = [],
   opts: { publicAllowed: boolean; populateUser?: Function } = {
     publicAllowed: false,
@@ -106,6 +106,7 @@ module.exports = (
             user = await getUser(userId, session.tenantId)
           }
           user.csrfToken = session.csrfToken
+
           if (session?.lastAccessedAt < timeMinusOneMinute()) {
             // make sure we denote that the session is still in use
             await updateSessionTTL(session)

packages/backend-core/src/middleware/index.ts

@@ -13,7 +13,8 @@ const adminOnly = require("./adminOnly")
 const builderOrAdmin = require("./builderOrAdmin")
 const builderOnly = require("./builderOnly")
 const joiValidator = require("./joi-validator")
-module.exports = {
+
+const pkg = {
   google,
   oidc,
   jwt,
@@ -33,3 +34,5 @@ module.exports = {
   builderOrAdmin,
   joiValidator,
 }
+
+export = pkg

packages/backend-core/src/middleware/joi-validator.js

@@ -13,10 +13,13 @@ function validate(schema, property) {
       params = ctx.request[property]
     }
 
-    schema = schema.append({
+    // not all schemas have the append property e.g. array schemas
-      createdAt: Joi.any().optional(),
+    if (schema.append) {
-      updatedAt: Joi.any().optional(),
+      schema = schema.append({
-    })
+        createdAt: Joi.any().optional(),
+        updatedAt: Joi.any().optional(),
+      })
+    }
 
     const { error } = schema.validate(params)
     if (error) {

packages/backend-core/src/migrations/definitions.ts

@@ -11,20 +11,12 @@ export const DEFINITIONS: MigrationDefinition[] = [
   },
   {
     type: MigrationType.GLOBAL,
-    name: MigrationName.QUOTAS_1,
+    name: MigrationName.SYNC_QUOTAS,
   },
   {
     type: MigrationType.APP,
     name: MigrationName.APP_URLS,
   },
-  {
-    type: MigrationType.GLOBAL,
-    name: MigrationName.DEVELOPER_QUOTA,
-  },
-  {
-    type: MigrationType.GLOBAL,
-    name: MigrationName.PUBLISHED_APP_QUOTA,
-  },
   {
     type: MigrationType.APP,
     name: MigrationName.EVENT_APP_BACKFILL,

packages/backend-core/src/migrations/migrations.ts

@@ -3,12 +3,8 @@ import { doWithDB } from "../db"
 import { DocumentType, StaticDatabases } from "../db/constants"
 import { getAllApps } from "../db/utils"
 import environment from "../environment"
-import {
+import { doInTenant, getTenantIds, getTenantId } from "../tenancy"
-  doInTenant,
+import { getGlobalDBName } from "../db/tenancy"
-  getTenantIds,
-  getGlobalDBName,
-  getTenantId,
-} from "../tenancy"
 import * as context from "../context"
 import { DEFINITIONS } from "."
 import {

packages/backend-core/src/objectStore/index.ts

@@ -57,7 +57,11 @@ function publicPolicy(bucketName: any) {
   }
 }
 
-const PUBLIC_BUCKETS = [ObjectStoreBuckets.APPS, ObjectStoreBuckets.GLOBAL]
+const PUBLIC_BUCKETS = [
+  ObjectStoreBuckets.APPS,
+  ObjectStoreBuckets.GLOBAL,
+  ObjectStoreBuckets.PLUGINS,
+]
 
 /**
  * Gets a connection to the object store using the S3 SDK.
@@ -66,15 +70,13 @@ const PUBLIC_BUCKETS = [ObjectStoreBuckets.APPS, ObjectStoreBuckets.GLOBAL]
  * @constructor
  */
 export const ObjectStore = (bucket: any) => {
-  AWS.config.update({
-    accessKeyId: env.MINIO_ACCESS_KEY,
-    secretAccessKey: env.MINIO_SECRET_KEY,
-    region: env.AWS_REGION,
-  })
   const config: any = {
     s3ForcePathStyle: true,
     signatureVersion: "v4",
     apiVersion: "2006-03-01",
+    accessKeyId: env.MINIO_ACCESS_KEY,
+    secretAccessKey: env.MINIO_SECRET_KEY,
+    region: env.AWS_REGION,
   }
   if (bucket) {
     config.params = {
@@ -174,6 +176,19 @@ export const streamUpload = async (
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
 
+  // Set content type for certain known extensions
+  if (filename?.endsWith(".js")) {
+    extra = {
+      ...extra,
+      ContentType: "application/javascript",
+    }
+  } else if (filename?.endsWith(".svg")) {
+    extra = {
+      ...extra,
+      ContentType: "image",
+    }
+  }
+
   const params = {
     Bucket: sanitizeBucket(bucketName),
     Key: sanitizeKey(filename),
@@ -297,9 +312,13 @@ export const uploadDirectory = async (
   return files
 }
 
-exports.downloadTarballDirect = async (url: string, path: string) => {
+exports.downloadTarballDirect = async (
+  url: string,
+  path: string,
+  headers = {}
+) => {
   path = sanitizeKey(path)
-  const response = await fetch(url)
+  const response = await fetch(url, { headers })
   if (!response.ok) {
     throw new Error(`unexpected response ${response.statusText}`)
   }

packages/backend-core/src/objectStore/utils.js

@@ -2,12 +2,18 @@ const { join } = require("path")
 const { tmpdir } = require("os")
 const env = require("../environment")
 
+/****************************************************
+ *      NOTE: When adding a new bucket - name       *
+ *     sure that S3 usages (like budibase-infra)    *
+ *  have been updated to have a unique bucket name. *
+ ****************************************************/
 exports.ObjectStoreBuckets = {
   BACKUPS: env.BACKUPS_BUCKET_NAME,
   APPS: env.APPS_BUCKET_NAME,
   TEMPLATES: env.TEMPLATES_BUCKET_NAME,
   GLOBAL: env.GLOBAL_BUCKET_NAME,
   GLOBAL_CLOUD: env.GLOBAL_CLOUD_BUCKET_NAME,
+  PLUGINS: env.PLUGIN_BUCKET_NAME,
 }
 
 exports.budibaseTempDir = function () {

packages/backend-core/src/pkg/context.ts

@@ -8,6 +8,7 @@ import {
   updateAppId,
   doInAppContext,
   doInTenant,
+  doInContext,
 } from "../context"
 
 import * as identity from "../context/identity"
@@ -20,5 +21,6 @@ export = {
   updateAppId,
   doInAppContext,
   doInTenant,
+  doInContext,
   identity,
 }

packages/backend-core/src/plugin/index.ts

@@ -0,0 +1,7 @@
+import * as utils from "./utils"
+
+const pkg = {
+  ...utils,
+}
+
+export = pkg

packages/backend-core/src/plugin/utils.js

@@ -0,0 +1,99 @@
+const {
+  DatasourceFieldType,
+  QueryType,
+  PluginType,
+} = require("@budibase/types")
+const joi = require("joi")
+
+const DATASOURCE_TYPES = [
+  "Relational",
+  "Non-relational",
+  "Spreadsheet",
+  "Object store",
+  "Graph",
+  "API",
+]
+
+function runJoi(validator, schema) {
+  const { error } = validator.validate(schema)
+  if (error) {
+    throw error
+  }
+}
+
+function validateComponent(schema) {
+  const validator = joi.object({
+    type: joi.string().allow("component").required(),
+    metadata: joi.object().unknown(true).required(),
+    hash: joi.string().optional(),
+    version: joi.string().optional(),
+    schema: joi
+      .object({
+        name: joi.string().required(),
+        settings: joi.array().items(joi.object().unknown(true)).required(),
+      })
+      .unknown(true),
+  })
+  runJoi(validator, schema)
+}
+
+function validateDatasource(schema) {
+  const fieldValidator = joi.object({
+    type: joi
+      .string()
+      .allow(...Object.values(DatasourceFieldType))
+      .required(),
+    required: joi.boolean().required(),
+    default: joi.any(),
+    display: joi.string(),
+  })
+
+  const queryValidator = joi
+    .object({
+      type: joi.string().allow(...Object.values(QueryType)),
+      fields: joi.object().pattern(joi.string(), fieldValidator),
+    })
+    .required()
+
+  const validator = joi.object({
+    type: joi.string().allow("datasource").required(),
+    metadata: joi.object().unknown(true).required(),
+    hash: joi.string().optional(),
+    version: joi.string().optional(),
+    schema: joi.object({
+      docs: joi.string(),
+      friendlyName: joi.string().required(),
+      type: joi.string().allow(...DATASOURCE_TYPES),
+      description: joi.string().required(),
+      datasource: joi.object().pattern(joi.string(), fieldValidator).required(),
+      query: joi
+        .object()
+        .pattern(joi.string(), queryValidator)
+        .unknown(true)
+        .required(),
+      extra: joi.object().pattern(
+        joi.string(),
+        joi.object({
+          type: joi.string().required(),
+          displayName: joi.string().required(),
+          required: joi.boolean(),
+          data: joi.object(),
+        })
+      ),
+    }),
+  })
+  runJoi(validator, schema)
+}
+
+exports.validate = schema => {
+  switch (schema?.type) {
+    case PluginType.COMPONENT:
+      validateComponent(schema)
+      break
+    case PluginType.DATASOURCE:
+      validateDatasource(schema)
+      break
+    default:
+      throw new Error(`Unknown plugin type - check schema.json: ${schema.type}`)
+  }
+}

packages/backend-core/src/security/roles.js

@@ -78,7 +78,7 @@ function isBuiltin(role) {
  */
 exports.builtinRoleToNumber = id => {
   const builtins = exports.getBuiltinRoles()
-  const MAX = Object.values(BUILTIN_IDS).length + 1
+  const MAX = Object.values(builtins).length + 1
   if (id === BUILTIN_IDS.ADMIN || id === BUILTIN_IDS.BUILDER) {
     return MAX
   }
@@ -94,6 +94,22 @@ exports.builtinRoleToNumber = id => {
   return count
 }
 
+/**
+ * Converts any role to a number, but has to be async to get the roles from db.
+ */
+exports.roleToNumber = async id => {
+  if (exports.isBuiltin(id)) {
+    return exports.builtinRoleToNumber(id)
+  }
+  const hierarchy = await exports.getUserRoleHierarchy(id)
+  for (let role of hierarchy) {
+    if (isBuiltin(role.inherits)) {
+      return exports.builtinRoleToNumber(role.inherits) + 1
+    }
+  }
+  return 0
+}
+
 /**
  * Returns whichever builtin roleID is lower.
  */
@@ -172,7 +188,7 @@ async function getAllUserRoles(userRoleId) {
  * to determine if a user can access something that requires a specific role.
  * @param {string} userRoleId The user's role ID, this can be found in their access token.
  * @param {object} opts Various options, such as whether to only retrieve the IDs (default true).
- * @returns {Promise<string[]>} returns an ordered array of the roles, with the first being their
+ * @returns {Promise<string[]|object[]>} returns an ordered array of the roles, with the first being their
  * highest level of access and the last being the lowest level.
  */
 exports.getUserRoleHierarchy = async (userRoleId, opts = { idOnly: true }) => {

packages/backend-core/src/security/sessions.ts

@@ -2,18 +2,12 @@ const redis = require("../redis/init")
 const { v4: uuidv4 } = require("uuid")
 const { logWarn } = require("../logging")
 const env = require("../environment")
-
+import {
-interface Session {
+  Session,
-  key: string
+  ScannedSession,
-  userId: string
+  SessionKey,
-  sessionId: string
+  CreateSession,
-  lastAccessedAt: string
+} from "@budibase/types"
-  createdAt: string
-  csrfToken?: string
-  value: string
-}
-
-type SessionKey = { key: string }[]
 
 // a week in seconds
 const EXPIRY_SECONDS = 86400 * 7
@@ -22,14 +16,14 @@ function makeSessionID(userId: string, sessionId: string) {
   return `${userId}/${sessionId}`
 }
 
-export async function getSessionsForUser(userId: string) {
+export async function getSessionsForUser(userId: string): Promise<Session[]> {
   if (!userId) {
     console.trace("Cannot get sessions for undefined userId")
     return []
   }
   const client = await redis.getSessionClient()
-  const sessions = await client.scan(userId)
+  const sessions: ScannedSession[] = await client.scan(userId)
-  return sessions.map((session: Session) => session.value)
+  return sessions.map(session => session.value)
 }
 
 export async function invalidateSessions(
@@ -39,33 +33,32 @@ export async function invalidateSessions(
   try {
     const reason = opts?.reason || "unknown"
     let sessionIds: string[] = opts.sessionIds || []
-    let sessions: SessionKey
+    let sessionKeys: SessionKey[]
 
     // If no sessionIds, get all the sessions for the user
     if (sessionIds.length === 0) {
-      sessions = await getSessionsForUser(userId)
+      const sessions = await getSessionsForUser(userId)
-      sessions.forEach(
+      sessionKeys = sessions.map(session => ({
-        (session: any) =>
+        key: makeSessionID(session.userId, session.sessionId),
-          (session.key = makeSessionID(session.userId, session.sessionId))
+      }))
-      )
     } else {
       // use the passed array of sessionIds
       sessionIds = Array.isArray(sessionIds) ? sessionIds : [sessionIds]
-      sessions = sessionIds.map((sessionId: string) => ({
+      sessionKeys = sessionIds.map(sessionId => ({
         key: makeSessionID(userId, sessionId),
       }))
     }
 
-    if (sessions && sessions.length > 0) {
+    if (sessionKeys && sessionKeys.length > 0) {
       const client = await redis.getSessionClient()
       const promises = []
-      for (let session of sessions) {
+      for (let sessionKey of sessionKeys) {
-        promises.push(client.delete(session.key))
+        promises.push(client.delete(sessionKey.key))
       }
       if (!env.isTest()) {
         logWarn(
-          `Invalidating sessions for ${userId} (reason: ${reason}) - ${sessions
+          `Invalidating sessions for ${userId} (reason: ${reason}) - ${sessionKeys
-            .map(session => session.key)
+            .map(sessionKey => sessionKey.key)
             .join(", ")}`
         )
       }
@@ -76,22 +69,26 @@ export async function invalidateSessions(
   }
 }
 
-export async function createASession(userId: string, session: Session) {
+export async function createASession(
+  userId: string,
+  createSession: CreateSession
+) {
   // invalidate all other sessions
   await invalidateSessions(userId, { reason: "creation" })
 
   const client = await redis.getSessionClient()
-  const sessionId = session.sessionId
+  const sessionId = createSession.sessionId
-  if (!session.csrfToken) {
+  const csrfToken = createSession.csrfToken ? createSession.csrfToken : uuidv4()
-    session.csrfToken = uuidv4()
+  const key = makeSessionID(userId, sessionId)
-  }
+
-  session = {
+  const session: Session = {
-    ...session,
+    ...createSession,
+    csrfToken,
     createdAt: new Date().toISOString(),
     lastAccessedAt: new Date().toISOString(),
     userId,
   }
-  await client.store(makeSessionID(userId, sessionId), session, EXPIRY_SECONDS)
+  await client.store(key, session, EXPIRY_SECONDS)
 }
 
 export async function updateSessionTTL(session: Session) {
@@ -106,7 +103,10 @@ export async function endSession(userId: string, sessionId: string) {
   await client.delete(makeSessionID(userId, sessionId))
 }
 
-export async function getSession(userId: string, sessionId: string) {
+export async function getSession(
+  userId: string,
+  sessionId: string
+): Promise<Session> {
   if (!userId || !sessionId) {
     throw new Error(`Invalid session details - ${userId} - ${sessionId}`)
   }

packages/backend-core/src/tenancy/tenancy.ts

@@ -1,6 +1,7 @@
 import { doWithDB } from "../db"
-import { StaticDatabases } from "../db/constants"
+import { queryPlatformView } from "../db/views"
-import { baseGlobalDBName } from "./utils"
+import { StaticDatabases, ViewName } from "../db/constants"
+import { getGlobalDBName } from "../db/tenancy"
 import {
   getTenantId,
   DEFAULT_TENANT_ID,
@@ -8,6 +9,7 @@ import {
   getTenantIDFromAppID,
 } from "../context"
 import env from "../environment"
+import { PlatformUser } from "@budibase/types"
 
 const TENANT_DOC = StaticDatabases.PLATFORM_INFO.docs.tenants
 const PLATFORM_INFO_DB = StaticDatabases.PLATFORM_INFO.name
@@ -87,15 +89,6 @@ export const tryAddTenant = async (
   })
 }
 
-export const getGlobalDBName = (tenantId?: string) => {
-  // tenant ID can be set externally, for example user API where
-  // new tenants are being created, this may be the case
-  if (!tenantId) {
-    tenantId = getTenantId()
-  }
-  return baseGlobalDBName(tenantId)
-}
-
 export const doWithGlobalDB = (tenantId: string, cb: any) => {
   return doWithDB(getGlobalDBName(tenantId), cb)
 }
@@ -116,17 +109,19 @@ export const lookupTenantId = async (userId: string) => {
 }
 
 // lookup, could be email or userId, either will return a doc
-export const getTenantUser = async (identifier: string) => {
+export const getTenantUser = async (
-  return doWithDB(PLATFORM_INFO_DB, async (db: any) => {
+  identifier: string
-    try {
+): Promise<PlatformUser | null> => {
-      return await db.get(identifier)
+  // use the view here and allow to find anyone regardless of casing
-    } catch (err) {
+  // Use lowercase to ensure email login is case insensitive
-      return null
+  const response = queryPlatformView(ViewName.PLATFORM_USERS_LOWERCASE, {
-    }
+    keys: [identifier.toLowerCase()],
-  })
+    include_docs: true,
+  }) as Promise<PlatformUser>
+  return response
 }
 
-export const isUserInAppTenant = (appId: string, user: any) => {
+export const isUserInAppTenant = (appId: string, user?: any) => {
   let userTenantId
   if (user) {
     userTenantId = user.tenantId || DEFAULT_TENANT_ID

packages/backend-core/src/tenancy/utils.js

@@ -1,12 +0,0 @@
-const { DEFAULT_TENANT_ID } = require("../constants")
-const { StaticDatabases, SEPARATOR } = require("../db/constants")
-
-exports.baseGlobalDBName = tenantId => {
-  let dbName
-  if (!tenantId || tenantId === DEFAULT_TENANT_ID) {
-    dbName = StaticDatabases.GLOBAL.name
-  } else {
-    dbName = `${tenantId}${SEPARATOR}${StaticDatabases.GLOBAL.name}`
-  }
-  return dbName
-}

packages/backend-core/src/users.js

@@ -1,68 +0,0 @@
-const {
-  ViewName,
-  getUsersByAppParams,
-  getProdAppID,
-  generateAppUserID,
-} = require("./db/utils")
-const { queryGlobalView } = require("./db/views")
-const { UNICODE_MAX } = require("./db/constants")
-
-/**
- * Given an email address this will use a view to search through
- * all the users to find one with this email address.
- * @param {string} email the email to lookup the user by.
- * @return {Promise<object|null>}
- */
-exports.getGlobalUserByEmail = async email => {
-  if (email == null) {
-    throw "Must supply an email address to view"
-  }
-
-  return await queryGlobalView(ViewName.USER_BY_EMAIL, {
-    key: email.toLowerCase(),
-    include_docs: true,
-  })
-}
-
-exports.searchGlobalUsersByApp = async (appId, opts) => {
-  if (typeof appId !== "string") {
-    throw new Error("Must provide a string based app ID")
-  }
-  const params = getUsersByAppParams(appId, {
-    include_docs: true,
-  })
-  params.startkey = opts && opts.startkey ? opts.startkey : params.startkey
-  let response = await queryGlobalView(ViewName.USER_BY_APP, params)
-  if (!response) {
-    response = []
-  }
-  return Array.isArray(response) ? response : [response]
-}
-
-exports.getGlobalUserByAppPage = (appId, user) => {
-  if (!user) {
-    return
-  }
-  return generateAppUserID(getProdAppID(appId), user._id)
-}
-
-/**
- * Performs a starts with search on the global email view.
- */
-exports.searchGlobalUsersByEmail = async (email, opts) => {
-  if (typeof email !== "string") {
-    throw new Error("Must provide a string to search by")
-  }
-  const lcEmail = email.toLowerCase()
-  // handle if passing up startkey for pagination
-  const startkey = opts && opts.startkey ? opts.startkey : lcEmail
-  let response = await queryGlobalView(ViewName.USER_BY_EMAIL, {
-    ...opts,
-    startkey,
-    endkey: `${lcEmail}${UNICODE_MAX}`,
-  })
-  if (!response) {
-    response = []
-  }
-  return Array.isArray(response) ? response : [response]
-}

packages/backend-core/src/users.ts

@@ -0,0 +1,94 @@
+import {
+  ViewName,
+  getUsersByAppParams,
+  getProdAppID,
+  generateAppUserID,
+} from "./db/utils"
+import { queryGlobalView } from "./db/views"
+import { UNICODE_MAX } from "./db/constants"
+import { BulkDocsResponse, User } from "@budibase/types"
+import { getGlobalDB } from "./context"
+import PouchDB from "pouchdb"
+
+export const bulkGetGlobalUsersById = async (userIds: string[]) => {
+  const db = getGlobalDB() as PouchDB.Database
+  return (
+    await db.allDocs({
+      keys: userIds,
+      include_docs: true,
+    })
+  ).rows.map(row => row.doc) as User[]
+}
+
+export const bulkUpdateGlobalUsers = async (users: User[]) => {
+  const db = getGlobalDB() as PouchDB.Database
+  return (await db.bulkDocs(users)) as BulkDocsResponse
+}
+
+/**
+ * Given an email address this will use a view to search through
+ * all the users to find one with this email address.
+ * @param {string} email the email to lookup the user by.
+ */
+export const getGlobalUserByEmail = async (
+  email: String
+): Promise<User | undefined> => {
+  if (email == null) {
+    throw "Must supply an email address to view"
+  }
+
+  const response = await queryGlobalView<User>(ViewName.USER_BY_EMAIL, {
+    key: email.toLowerCase(),
+    include_docs: true,
+  })
+
+  if (Array.isArray(response)) {
+    // shouldn't be able to happen, but need to handle just in case
+    throw new Error(`Multiple users found with email address: ${email}`)
+  }
+
+  return response
+}
+
+export const searchGlobalUsersByApp = async (appId: any, opts: any) => {
+  if (typeof appId !== "string") {
+    throw new Error("Must provide a string based app ID")
+  }
+  const params = getUsersByAppParams(appId, {
+    include_docs: true,
+  })
+  params.startkey = opts && opts.startkey ? opts.startkey : params.startkey
+  let response = await queryGlobalView(ViewName.USER_BY_APP, params)
+  if (!response) {
+    response = []
+  }
+  return Array.isArray(response) ? response : [response]
+}
+
+export const getGlobalUserByAppPage = (appId: string, user: User) => {
+  if (!user) {
+    return
+  }
+  return generateAppUserID(getProdAppID(appId), user._id!)
+}
+
+/**
+ * Performs a starts with search on the global email view.
+ */
+export const searchGlobalUsersByEmail = async (email: string, opts: any) => {
+  if (typeof email !== "string") {
+    throw new Error("Must provide a string to search by")
+  }
+  const lcEmail = email.toLowerCase()
+  // handle if passing up startkey for pagination
+  const startkey = opts && opts.startkey ? opts.startkey : lcEmail
+  let response = await queryGlobalView<User>(ViewName.USER_BY_EMAIL, {
+    ...opts,
+    startkey,
+    endkey: `${lcEmail}${UNICODE_MAX}`,
+  })
+  if (!response) {
+    response = []
+  }
+  return Array.isArray(response) ? response : [response]
+}

packages/backend-core/src/utils.js

@@ -42,6 +42,18 @@ async function resolveAppUrl(ctx) {
   return app && app.appId ? app.appId : undefined
 }
 
+exports.isServingApp = ctx => {
+  // dev app
+  if (ctx.path.startsWith(`/${APP_PREFIX}`)) {
+    return true
+  }
+  // prod app
+  if (ctx.path.startsWith(PROD_APP_PREFIX)) {
+    return true
+  }
+  return false
+}
+
 /**
  * Given a request tries to find the appId, which can be located in various places
  * @param {object} ctx The main request body to look through.

packages/backend-core/tests/utilities/mocks/accounts.ts

@@ -0,0 +1,7 @@
+export const getAccount = jest.fn()
+export const getAccountByTenantId = jest.fn()
+
+jest.mock("../../../src/cloud/accounts", () => ({
+  getAccount,
+  getAccountByTenantId,
+}))

packages/backend-core/tests/utilities/mocks/date.js

@@ -1,2 +0,0 @@
-exports.MOCK_DATE = new Date("2020-01-01T00:00:00.000Z")
-exports.MOCK_DATE_TIMESTAMP = 1577836800000

packages/backend-core/tests/utilities/mocks/date.ts

@@ -0,0 +1,2 @@
+export const MOCK_DATE = new Date("2020-01-01T00:00:00.000Z")
+export const MOCK_DATE_TIMESTAMP = 1577836800000

packages/backend-core/tests/utilities/mocks/index.js

@@ -1,9 +0,0 @@
-const posthog = require("./posthog")
-const events = require("./events")
-const date = require("./date")
-
-module.exports = {
-  posthog,
-  date,
-  events,
-}

packages/backend-core/tests/utilities/mocks/index.ts

@@ -0,0 +1,4 @@
+import "./posthog"
+import "./events"
+export * as accounts from "./accounts"
+export * as date from "./date"

packages/backend-core/yarn.lock

@@ -543,13 +543,13 @@
     semver "^7.3.5"
     tar "^6.1.11"
 
-"@shopify/jest-koa-mocks@3.1.5":
+"@shopify/jest-koa-mocks@5.0.1":
-  version "3.1.5"
+  version "5.0.1"
-  resolved "https://registry.yarnpkg.com/@shopify/jest-koa-mocks/-/jest-koa-mocks-3.1.5.tgz#11f77ccfbcaf35cf5ee2c6108a286e61e6bea084"
+  resolved "https://registry.yarnpkg.com/@shopify/jest-koa-mocks/-/jest-koa-mocks-5.0.1.tgz#fba490b6b7985fbb571eb9974897d396a3642e94"
-  integrity sha512-gQ3/7ELerv00TWO37AGFX5mT9CsFCS+3/UbKMuoIlKEU0QH2OX8BV9WBf/EKw7adCDNlxss0lqV6J8kf5pgr4A==
+  integrity sha512-4YskS9q8+TEHNoyopmuoy2XyhInyqeOl7CF5ShJs19sm6m0EA/jGGvgf/osv2PeTfuf42/L2G9CzWUSg49yTSg==
   dependencies:
     koa "^2.13.4"
-    node-mocks-http "^1.5.8"
+    node-mocks-http "^1.11.0"
 
 "@sideway/address@^4.1.3":
   version "4.1.4"
@@ -1377,6 +1377,11 @@ bcrypt@5.0.1:
     "@mapbox/node-pre-gyp" "^1.0.0"
     node-addon-api "^3.1.0"
 
+bcryptjs@2.4.3:
+  version "2.4.3"
+  resolved "https://registry.yarnpkg.com/bcryptjs/-/bcryptjs-2.4.3.tgz#9ab5627b93e60621ff7cdac5da9733027df1d0cb"
+  integrity sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==
+
 binary-extensions@^2.0.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.2.0.tgz#75f502eeaf9ffde42fc98829645be4ea76bd9e2d"
@@ -3914,7 +3919,7 @@ node-int64@^0.4.0:
   resolved "https://registry.yarnpkg.com/node-int64/-/node-int64-0.4.0.tgz#87a9065cdb355d3182d8f94ce11188b825c68a3b"
   integrity sha512-O5lz91xSOeoXP6DulyHfllpq+Eg00MWitZIbtPfoSEvqIHdl5gfcY6hYzDWnj0qD5tz52PI08u9qUvSVeUBeHw==
 
-node-mocks-http@^1.5.8:
+node-mocks-http@^1.11.0:
   version "1.11.0"
   resolved "https://registry.yarnpkg.com/node-mocks-http/-/node-mocks-http-1.11.0.tgz#defc0febf6b935f08245397d47534a8de592996e"
   integrity sha512-jS/WzSOcKbOeGrcgKbenZeNhxUNnP36Yw11+hL4TTxQXErGfqYZ+MaYNNvhaTiGIJlzNSqgQkk9j8dSu1YWSuw==

packages/bbui/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@budibase/bbui",
   "description": "A UI solution used in the different Budibase projects.",
-  "version": "1.2.44-alpha.7",
+  "version": "2.0.14-alpha.2",
   "license": "MPL-2.0",
   "svelte": "src/index.js",
   "module": "dist/bbui.es.js",
@@ -38,7 +38,7 @@
   ],
   "dependencies": {
     "@adobe/spectrum-css-workflow-icons": "^1.2.1",
-    "@budibase/string-templates": "1.2.44-alpha.7",
+    "@budibase/string-templates": "2.0.14-alpha.2",
     "@spectrum-css/actionbutton": "^1.0.1",
     "@spectrum-css/actiongroup": "^1.0.1",
     "@spectrum-css/avatar": "^3.0.2",

packages/bbui/src/Actions/position_dropdown.js

@@ -1,4 +1,4 @@
-export default function positionDropdown(element, { anchor, align }) {
+export default function positionDropdown(element, { anchor, align, maxWidth }) {
   let positionSide = "top"
   let maxHeight = 0
   let dimensions = getDimensions(anchor)
@@ -34,13 +34,24 @@ export default function positionDropdown(element, { anchor, align }) {
   }
 
   function calcLeftPosition() {
-    return align === "right"
+    let left
-      ? dimensions.left + dimensions.width - dimensions.containerWidth
+
-      : dimensions.left
+    if (align == "right") {
+      left = dimensions.left + dimensions.width - dimensions.containerWidth
+    } else if (align == "right-side") {
+      left = dimensions.left + dimensions.width
+    } else {
+      left = dimensions.left
+    }
+
+    return left
   }
 
   element.style.position = "absolute"
   element.style.zIndex = "9999"
+  if (maxWidth) {
+    element.style.maxWidth = `${maxWidth}px`
+  }
   element.style.minWidth = `${dimensions.width}px`
   element.style.maxHeight = `${maxHeight.toFixed(0)}px`
   element.style.transformOrigin = `center ${positionSide}`
@@ -54,10 +65,8 @@ export default function positionDropdown(element, { anchor, align }) {
       element.style.left = `${calcLeftPosition(dimensions).toFixed(0)}px`
     })
   })
-
   resizeObserver.observe(anchor)
   resizeObserver.observe(element)
-
   return {
     destroy() {
       resizeObserver.disconnect()

packages/bbui/src/Banner/BannerDisplay.svelte

@@ -4,22 +4,32 @@
   import { banner } from "../Stores/banner"
   import Banner from "./Banner.svelte"
   import { fly } from "svelte/transition"
+  import TooltipWrapper from "../Tooltip/TooltipWrapper.svelte"
 </script>
 
 <Portal target=".banner-container">
   <div class="banner">
-    {#if $banner.message}
+    {#each $banner.messages as message}
       <div transition:fly={{ y: -30 }}>
         <Banner
-          type={$banner.type}
+          type={message.type}
-          extraButtonText={$banner.extraButtonText}
+          extraButtonText={message.extraButtonText}
-          extraButtonAction={$banner.extraButtonAction}
+          extraButtonAction={message.extraButtonAction}
-          on:change={$banner.onChange}
+          on:change={() => {
+            if (message.onChange) {
+              message.onChange()
+            }
+          }}
+          showCloseButton={typeof message.showCloseButton === "boolean"
+            ? message.showCloseButton
+            : true}
         >
-          {$banner.message}
+          <TooltipWrapper tooltip={message.tooltip} disabled={false}>
+            {message.message}
+          </TooltipWrapper>
         </Banner>
       </div>
-    {/if}
+    {/each}
   </div>
 </Portal>
 

packages/bbui/src/Drawer/Drawer.svelte

@@ -78,7 +78,7 @@
     bottom: 0;
     background: var(--background);
     border-top: var(--border-light);
-    z-index: 2;
+    z-index: 3;
   }
 
   .fillWidth {

packages/bbui/src/Form/Core/DatePicker.svelte

@@ -67,6 +67,13 @@
 
     // If time only set date component to 2000-01-01
     if (timeOnly) {
+      // Classic flackpickr causing issues.
+      // When selecting a value for the first time for a "time only" field,
+      // the time is always offset by 1 hour for some reason (regardless of time
+      // zone) so we need to correct it.
+      if (!value && newValue) {
+        newValue = new Date(dates[0].getTime() + 60 * 60 * 1000).toISOString()
+      }
       newValue = `2000-01-01T${newValue.split("T")[1]}`
     }
 

packages/bbui/src/Form/Core/Dropzone.svelte

@@ -65,6 +65,9 @@
     }
   }
 
+  $: showDropzone =
+    (!maximum || (maximum && value?.length < maximum)) && !disabled
+
   async function processFileList(fileList) {
     if (
       handleFileTooLarge &&
@@ -139,7 +142,13 @@
         <div class="title">
           <div class="filename">
             {#if selectedUrl}
-              <Link href={selectedUrl}>{selectedImage.name}</Link>
+              <Link
+                target="_blank"
+                download={selectedImage.name}
+                href={selectedUrl}
+              >
+                {selectedImage.name}
+              </Link>
             {:else}
               {selectedImage.name}
             {/if}
@@ -205,7 +214,7 @@
       {/each}
     {/if}
   {/if}
-  {#if !maximum || (maximum && value?.length < maximum)}
+  {#if showDropzone}
     <div
       class="spectrum-Dropzone"
       class:is-invalid={!!error}

packages/bbui/src/Form/Core/Picker.svelte

@@ -19,6 +19,7 @@
   export let placeholderOption = null
   export let options = []
   export let isOptionSelected = () => false
+  export let isOptionEnabled = () => true
   export let onSelectOption = () => {}
   export let getOptionLabel = option => option
   export let getOptionValue = option => option
@@ -164,6 +165,7 @@
               aria-selected="true"
               tabindex="0"
               on:click={() => onSelectOption(getOptionValue(option, idx))}
+              class:is-disabled={!isOptionEnabled(option)}
             >
               {#if getOptionIcon(option, idx)}
                 <span class="option-extra">
@@ -256,4 +258,7 @@
   .spectrum-Popover :global(.spectrum-Search .spectrum-Textfield-icon) {
     top: 9px;
   }
+  .spectrum-Menu-item.is-disabled {
+    pointer-events: none;
+  }
 </style>