From 678033cc8b7276e5823536925cfebc577527f764 Mon Sep 17 00:00:00 2001
From: Mitch-Budibase <mitch@budibase.com>
Date: Thu, 5 Oct 2023 17:39:40 +0100
Subject: [PATCH 01/48] License Key - Activate & Manage Tests

There are two test files, license.activate.spec.ts and license.manage.spec.ts

These test files each contain a test:
- Creates, activates, and deletes an online license for a self hosted account - license.activate.spec.ts
- Retrieves plans, creates checkout session, and updates license - license.manage.spec.ts

Updated and created API files
- StripeAPI
- LicenseAPI
- internal-api LicenseAPI
- index & AccountInternalAPI also updated to reflect API file changes
---
 .../src/account-api/api/AccountInternalAPI.ts |   4 +-
 .../src/account-api/api/apis/LicenseAPI.ts    | 137 +++++++++++++-----
 qa-core/src/account-api/api/apis/StripeAPI.ts |  64 ++++++++
 qa-core/src/account-api/api/apis/index.ts     |   1 +
 .../tests/licensing/license.activate.spec.ts  |  74 ++++++++++
 .../tests/licensing/license.manage.spec.ts    |  57 ++++++++
 .../src/internal-api/api/apis/LicenseAPI.ts   |  40 +++--
 7 files changed, 329 insertions(+), 48 deletions(-)
 create mode 100644 qa-core/src/account-api/api/apis/StripeAPI.ts
 create mode 100644 qa-core/src/account-api/tests/licensing/license.activate.spec.ts
 create mode 100644 qa-core/src/account-api/tests/licensing/license.manage.spec.ts

diff --git a/qa-core/src/account-api/api/AccountInternalAPI.ts b/qa-core/src/account-api/api/AccountInternalAPI.ts
index 3813ad2c9e..ef2c39d5a4 100644
--- a/qa-core/src/account-api/api/AccountInternalAPI.ts
+++ b/qa-core/src/account-api/api/AccountInternalAPI.ts
@@ -1,5 +1,5 @@
 import AccountInternalAPIClient from "./AccountInternalAPIClient"
-import { AccountAPI, LicenseAPI, AuthAPI } from "./apis"
+import { AccountAPI, LicenseAPI, AuthAPI, StripeAPI } from "./apis"
 import { State } from "../../types"
 
 export default class AccountInternalAPI {
@@ -8,11 +8,13 @@ export default class AccountInternalAPI {
   auth: AuthAPI
   accounts: AccountAPI
   licenses: LicenseAPI
+  stripe: StripeAPI
 
   constructor(state: State) {
     this.client = new AccountInternalAPIClient(state)
     this.auth = new AuthAPI(this.client)
     this.accounts = new AccountAPI(this.client)
     this.licenses = new LicenseAPI(this.client)
+    this.stripe = new StripeAPI((this.client))
   }
 }
diff --git a/qa-core/src/account-api/api/apis/LicenseAPI.ts b/qa-core/src/account-api/api/apis/LicenseAPI.ts
index 44579f867b..9f06ec7198 100644
--- a/qa-core/src/account-api/api/apis/LicenseAPI.ts
+++ b/qa-core/src/account-api/api/apis/LicenseAPI.ts
@@ -2,25 +2,23 @@ import AccountInternalAPIClient from "../AccountInternalAPIClient"
 import {
   Account,
   CreateOfflineLicenseRequest,
+  GetLicenseKeyResponse,
   GetOfflineLicenseResponse,
   UpdateLicenseRequest,
 } from "@budibase/types"
 import { Response } from "node-fetch"
 import BaseAPI from "./BaseAPI"
 import { APIRequestOpts } from "../../../types"
-
 export default class LicenseAPI extends BaseAPI {
   client: AccountInternalAPIClient
-
   constructor(client: AccountInternalAPIClient) {
     super()
     this.client = client
   }
-
   async updateLicense(
-    accountId: string,
-    body: UpdateLicenseRequest,
-    opts: APIRequestOpts = { status: 200 }
+      accountId: string,
+      body: UpdateLicenseRequest,
+      opts: APIRequestOpts = { status: 200 }
   ): Promise<[Response, Account]> {
     return this.doRequest(() => {
       return this.client.put(`/api/accounts/${accountId}/license`, {
@@ -29,44 +27,111 @@ export default class LicenseAPI extends BaseAPI {
       })
     }, opts)
   }
-
   // TODO: Better approach for setting tenant id header
-
   async createOfflineLicense(
-    accountId: string,
-    tenantId: string,
-    body: CreateOfflineLicenseRequest,
-    opts: { status?: number } = {}
+      accountId: string,
+      tenantId: string,
+      body: CreateOfflineLicenseRequest,
+      opts: { status?: number } = {}
   ): Promise<Response> {
     const [response, json] = await this.client.post(
-      `/api/internal/accounts/${accountId}/license/offline`,
-      {
-        body,
-        internal: true,
-        headers: {
-          "x-budibase-tenant-id": tenantId,
+        `/api/internal/accounts/${accountId}/license/offline`,
+        {
+          body,
+          internal: true,
+          headers: {
+            "x-budibase-tenant-id": tenantId,
+          },
+        }
+    )
+    expect(response.status).toBe(opts.status ? opts.status : 201)
+    return response
+  }
+  async getOfflineLicense(
+      accountId: string,
+      tenantId: string,
+      opts: { status?: number } = {}
+  ): Promise<[Response, GetOfflineLicenseResponse]> {
+    const [response, json] = await this.client.get(
+        `/api/internal/accounts/${accountId}/license/offline`,
+        {
+          internal: true,
+          headers: {
+            "x-budibase-tenant-id": tenantId,
+          },
+        }
+    )
+    expect(response.status).toBe(opts.status ? opts.status : 200)
+    return [response, json]
+  }
+  async getLicenseKey(
+      opts: { status?: number } = {}
+  ): Promise<[Response, GetLicenseKeyResponse]> {
+    const [response, json] = await this.client.get(`/api/license/key`)
+    expect(response.status).toBe(opts.status ? opts.status : 200)
+    return [response, json]
+  }
+  async activateLicense(
+      apiKey: string,
+      tenantId: string,
+      licenseKey: string,
+      opts: APIRequestOpts = { status: 200 }
+  ) {
+    return this.doRequest(() => {
+      return this.client.post(`/api/license/activate`, {
+        body: {
+          apiKey: apiKey,
+          tenantId: tenantId,
+          licenseKey: licenseKey,
         },
-      }
+      })
+    }, opts)
+  }
+  async regenerateLicenseKey(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.post(`/api/license/key/regenerate`, {})
+    }, opts)
+  }
+
+  async getPlans(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.get(`/api/plans`)
+    }, opts)
+  }
+
+  async updatePlan(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.put(`/api/license/plan`)
+    }, opts)
+  }
+
+  async refreshAccountLicense(
+      accountId: string,
+      opts: { status?: number } = {}
+  ): Promise<Response> {
+    const [response, json] = await this.client.post(
+        `/api/accounts/${accountId}/license/refresh`,
+        {
+          internal: true,
+        }
     )
     expect(response.status).toBe(opts.status ? opts.status : 201)
     return response
   }
 
-  async getOfflineLicense(
-    accountId: string,
-    tenantId: string,
-    opts: { status?: number } = {}
-  ): Promise<[Response, GetOfflineLicenseResponse]> {
-    const [response, json] = await this.client.get(
-      `/api/internal/accounts/${accountId}/license/offline`,
-      {
-        internal: true,
-        headers: {
-          "x-budibase-tenant-id": tenantId,
-        },
-      }
-    )
-    expect(response.status).toBe(opts.status ? opts.status : 200)
-    return [response, json]
+  async getLicenseUsage(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.get(`/api/license/usage`)
+    }, opts)
   }
-}
+
+  async licenseUsageTriggered(
+      opts: { status?: number } = {}
+  ): Promise<Response> {
+    const [response, json] = await this.client.post(
+        `/api/license/usage/triggered`
+    )
+    expect(response.status).toBe(opts.status ? opts.status : 201)
+    return response
+  }
+}
\ No newline at end of file
diff --git a/qa-core/src/account-api/api/apis/StripeAPI.ts b/qa-core/src/account-api/api/apis/StripeAPI.ts
new file mode 100644
index 0000000000..ffa96b3c2b
--- /dev/null
+++ b/qa-core/src/account-api/api/apis/StripeAPI.ts
@@ -0,0 +1,64 @@
+import AccountInternalAPIClient from "../AccountInternalAPIClient"
+import BaseAPI from "./BaseAPI"
+import { APIRequestOpts } from "../../../types"
+
+export default class StripeAPI extends BaseAPI {
+    client: AccountInternalAPIClient
+
+    constructor(client: AccountInternalAPIClient) {
+        super()
+        this.client = client
+    }
+
+    async createCheckoutSession(
+        priceId: string,
+        opts: APIRequestOpts = { status: 200 }
+    ) {
+        return this.doRequest(() => {
+            return this.client.post(`/api/stripe/checkout-session`, {
+                body: { priceId },
+            })
+        }, opts)
+    }
+
+    async checkoutSuccess(opts: APIRequestOpts = { status: 200 }) {
+        return this.doRequest(() => {
+            return this.client.post(`/api/stripe/checkout-success`)
+        }, opts)
+    }
+
+    async createPortalSession(
+        stripeCustomerId: string,
+        opts: APIRequestOpts = { status: 200 }
+    ) {
+        return this.doRequest(() => {
+            return this.client.post(`/api/stripe/portal-session`, {
+                body: { stripeCustomerId },
+            })
+        }, opts)
+    }
+
+    async linkStripeCustomer(opts: APIRequestOpts = { status: 200 }) {
+        return this.doRequest(() => {
+            return this.client.post(`/api/stripe/link`)
+        }, opts)
+    }
+
+    async getInvoices(opts: APIRequestOpts = { status: 200 }) {
+        return this.doRequest(() => {
+            return this.client.get(`/api/stripe/invoices`)
+        }, opts)
+    }
+
+    async getUpcomingInvoice(opts: APIRequestOpts = { status: 200 }) {
+        return this.doRequest(() => {
+            return this.client.get(`/api/stripe/upcoming-invoice`)
+        }, opts)
+    }
+
+    async getStripeCustomers(opts: APIRequestOpts = { status: 200 }) {
+        return this.doRequest(() => {
+            return this.client.get(`/api/stripe/customers`)
+        }, opts)
+    }
+}
diff --git a/qa-core/src/account-api/api/apis/index.ts b/qa-core/src/account-api/api/apis/index.ts
index 1137ac3e36..5b0cf55110 100644
--- a/qa-core/src/account-api/api/apis/index.ts
+++ b/qa-core/src/account-api/api/apis/index.ts
@@ -1,3 +1,4 @@
 export { default as AuthAPI } from "./AuthAPI"
 export { default as AccountAPI } from "./AccountAPI"
 export { default as LicenseAPI } from "./LicenseAPI"
+export { default as StripeAPI } from "./StripeAPI"
diff --git a/qa-core/src/account-api/tests/licensing/license.activate.spec.ts b/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
new file mode 100644
index 0000000000..709e2c33f0
--- /dev/null
+++ b/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
@@ -0,0 +1,74 @@
+import TestConfiguration from "../../config/TestConfiguration"
+import * as fixures from "../../fixtures"
+import { Feature, Hosting } from "@budibase/types"
+
+describe("license activation", () => {
+    const config = new TestConfiguration()
+
+    beforeAll(async () => {
+        await config.beforeAll()
+    })
+
+    afterAll(async () => {
+        await config.afterAll()
+    })
+
+    it("creates, activates and deletes online license - self host", async () => {
+        // Remove existing license key
+        await config.internalApi.license.deleteLicenseKey()
+
+        // Verify license key not found
+        await config.internalApi.license.getLicenseKey({ status: 404 })
+
+        // Create self host account
+        const createAccountRequest = fixures.accounts.generateAccount({
+            hosting: Hosting.SELF,
+        })
+        const [createAccountRes, account] =
+            await config.accountsApi.accounts.create(createAccountRequest, { autoVerify: true })
+
+        let licenseKey: string = " "
+        await config.doInNewState(async () => {
+            await config.loginAsAccount(createAccountRequest)
+            // Retrieve license key
+            const [res, body] =
+                await config.accountsApi.licenses.getLicenseKey()
+            licenseKey = body.licenseKey
+        })
+
+        const accountId = account.accountId!
+
+        // Update license to have paid feature
+        const [res, acc] = await config.accountsApi.licenses.updateLicense(
+            accountId,
+            {
+                overrides: {
+                    features: [Feature.APP_BACKUPS],
+                },
+            }
+        )
+
+        // Activate license key
+        await config.internalApi.license.activateLicenseKey({licenseKey})
+
+        // Verify license updated with new feature
+        await config.doInNewState(async () => {
+            await config.loginAsAccount(createAccountRequest)
+            const [selfRes, body] = await config.api.accounts.self()
+            expect(body.license.features[0]).toBe("appBackups")
+        })
+
+        // Remove license key
+        await config.internalApi.license.deleteLicenseKey()
+
+        // Verify license key not found
+        await config.internalApi.license.getLicenseKey({ status: 404 })
+
+        // Verify user downgraded to free license
+        await config.doInNewState(async () => {
+            await config.loginAsAccount(createAccountRequest)
+            const [selfRes, body] = await config.api.accounts.self()
+            expect(body.license.plan.type).toBe("free")
+        })
+    })
+})
diff --git a/qa-core/src/account-api/tests/licensing/license.manage.spec.ts b/qa-core/src/account-api/tests/licensing/license.manage.spec.ts
new file mode 100644
index 0000000000..967252a0f9
--- /dev/null
+++ b/qa-core/src/account-api/tests/licensing/license.manage.spec.ts
@@ -0,0 +1,57 @@
+import TestConfiguration from "../../config/TestConfiguration"
+import * as fixtures from "../../fixtures"
+import { Hosting, PlanType } from "@budibase/types"
+
+describe("license management", () => {
+    const config = new TestConfiguration()
+
+    beforeAll(async () => {
+        await config.beforeAll()
+    })
+
+    afterAll(async () => {
+        await config.afterAll()
+    })
+
+    it("retrieves plans, creates checkout session, and updates license", async () => {
+        // Create cloud account
+        const createAccountRequest = fixtures.accounts.generateAccount({
+            hosting: Hosting.CLOUD,
+        })
+
+        // Self response has free license
+        const [selfRes, selfBody] = await config.api.accounts.self()
+        expect(selfBody.license.plan.type).toBe(PlanType.FREE)
+
+        // Retrieve plans
+        const [plansRes, planBody] = await config.api.licenses.getPlans()
+
+        // Select priceId from premium plan
+        let premiumPriceId = null
+        for (const plan of planBody) {
+            if (plan.type === PlanType.PREMIUM) {
+                premiumPriceId = plan.prices[0].priceId
+                break
+            }
+        }
+
+        // Create checkout session for price
+        const checkoutSessionRes = await config.api.stripe.createCheckoutSession(
+            premiumPriceId
+        )
+        const checkoutSessionUrl = checkoutSessionRes[1].url
+        expect(checkoutSessionUrl).toContain("checkout.stripe.com")
+
+        // TODO: Mimic checkout success
+        // Create stripe customer
+        // Create subscription for premium plan
+        // Assert license updated from free to premium
+
+        // Create portal session
+        //await config.api.stripe.createPortalSession()
+
+        // Update from free to business license
+
+        // License updated
+    })
+})
diff --git a/qa-core/src/internal-api/api/apis/LicenseAPI.ts b/qa-core/src/internal-api/api/apis/LicenseAPI.ts
index 4c9d14c55e..268f8781c3 100644
--- a/qa-core/src/internal-api/api/apis/LicenseAPI.ts
+++ b/qa-core/src/internal-api/api/apis/LicenseAPI.ts
@@ -1,45 +1,63 @@
 import { Response } from "node-fetch"
 import {
+  ActivateLicenseKeyRequest,
   ActivateOfflineLicenseTokenRequest,
+  GetLicenseKeyResponse,
   GetOfflineIdentifierResponse,
   GetOfflineLicenseTokenResponse,
 } from "@budibase/types"
 import BudibaseInternalAPIClient from "../BudibaseInternalAPIClient"
 import BaseAPI from "./BaseAPI"
+import { APIRequestOpts } from "../../../types"
 
 export default class LicenseAPI extends BaseAPI {
   constructor(client: BudibaseInternalAPIClient) {
     super(client)
   }
-
   async getOfflineLicenseToken(
-    opts: { status?: number } = {}
+      opts: { status?: number } = {}
   ): Promise<[Response, GetOfflineLicenseTokenResponse]> {
     const [response, body] = await this.get(
-      `/global/license/offline`,
-      opts.status
+        `/global/license/offline`,
+        opts.status
     )
     return [response, body]
   }
-
   async deleteOfflineLicenseToken(): Promise<[Response]> {
     const [response] = await this.del(`/global/license/offline`, 204)
     return [response]
   }
-
   async activateOfflineLicenseToken(
-    body: ActivateOfflineLicenseTokenRequest
+      body: ActivateOfflineLicenseTokenRequest
   ): Promise<[Response]> {
     const [response] = await this.post(`/global/license/offline`, body)
     return [response]
   }
-
   async getOfflineIdentifier(): Promise<
-    [Response, GetOfflineIdentifierResponse]
+      [Response, GetOfflineIdentifierResponse]
   > {
     const [response, body] = await this.get(
-      `/global/license/offline/identifier`
+        `/global/license/offline/identifier`
     )
     return [response, body]
   }
-}
+
+  async getLicenseKey(
+      opts: { status?: number } = {}
+  ): Promise<[Response, GetLicenseKeyResponse]> {
+    const [response, body] = await this.get(`/global/license/key`, opts.status)
+    return [response, body]
+  }
+
+  async activateLicenseKey(
+      body: ActivateLicenseKeyRequest
+  ): Promise<[Response]> {
+    const [response] = await this.post(`/global/license/key`, body)
+    return [response]
+  }
+
+  async deleteLicenseKey(): Promise<[Response]> {
+    const [response] = await this.del(`/global/license/key`, 204)
+    return [response]
+  }
+}
\ No newline at end of file

From 5e16d0451936ed2b1c2c0c6d1928c146b45c65c1 Mon Sep 17 00:00:00 2001
From: Mitch-Budibase <mitch@budibase.com>
Date: Thu, 5 Oct 2023 17:43:25 +0100
Subject: [PATCH 02/48] lint

---
 .../src/account-api/api/AccountInternalAPI.ts |   2 +-
 .../src/account-api/api/apis/LicenseAPI.ts    |  78 +++++------
 qa-core/src/account-api/api/apis/StripeAPI.ts | 100 +++++++--------
 .../tests/licensing/license.activate.spec.ts  | 121 +++++++++---------
 .../tests/licensing/license.manage.spec.ts    |  82 ++++++------
 .../src/internal-api/api/apis/LicenseAPI.ts   |  18 +--
 6 files changed, 201 insertions(+), 200 deletions(-)

diff --git a/qa-core/src/account-api/api/AccountInternalAPI.ts b/qa-core/src/account-api/api/AccountInternalAPI.ts
index ef2c39d5a4..f89bf556f2 100644
--- a/qa-core/src/account-api/api/AccountInternalAPI.ts
+++ b/qa-core/src/account-api/api/AccountInternalAPI.ts
@@ -15,6 +15,6 @@ export default class AccountInternalAPI {
     this.auth = new AuthAPI(this.client)
     this.accounts = new AccountAPI(this.client)
     this.licenses = new LicenseAPI(this.client)
-    this.stripe = new StripeAPI((this.client))
+    this.stripe = new StripeAPI(this.client)
   }
 }
diff --git a/qa-core/src/account-api/api/apis/LicenseAPI.ts b/qa-core/src/account-api/api/apis/LicenseAPI.ts
index 9f06ec7198..dba1a661d4 100644
--- a/qa-core/src/account-api/api/apis/LicenseAPI.ts
+++ b/qa-core/src/account-api/api/apis/LicenseAPI.ts
@@ -16,9 +16,9 @@ export default class LicenseAPI extends BaseAPI {
     this.client = client
   }
   async updateLicense(
-      accountId: string,
-      body: UpdateLicenseRequest,
-      opts: APIRequestOpts = { status: 200 }
+    accountId: string,
+    body: UpdateLicenseRequest,
+    opts: APIRequestOpts = { status: 200 }
   ): Promise<[Response, Account]> {
     return this.doRequest(() => {
       return this.client.put(`/api/accounts/${accountId}/license`, {
@@ -29,53 +29,53 @@ export default class LicenseAPI extends BaseAPI {
   }
   // TODO: Better approach for setting tenant id header
   async createOfflineLicense(
-      accountId: string,
-      tenantId: string,
-      body: CreateOfflineLicenseRequest,
-      opts: { status?: number } = {}
+    accountId: string,
+    tenantId: string,
+    body: CreateOfflineLicenseRequest,
+    opts: { status?: number } = {}
   ): Promise<Response> {
     const [response, json] = await this.client.post(
-        `/api/internal/accounts/${accountId}/license/offline`,
-        {
-          body,
-          internal: true,
-          headers: {
-            "x-budibase-tenant-id": tenantId,
-          },
-        }
+      `/api/internal/accounts/${accountId}/license/offline`,
+      {
+        body,
+        internal: true,
+        headers: {
+          "x-budibase-tenant-id": tenantId,
+        },
+      }
     )
     expect(response.status).toBe(opts.status ? opts.status : 201)
     return response
   }
   async getOfflineLicense(
-      accountId: string,
-      tenantId: string,
-      opts: { status?: number } = {}
+    accountId: string,
+    tenantId: string,
+    opts: { status?: number } = {}
   ): Promise<[Response, GetOfflineLicenseResponse]> {
     const [response, json] = await this.client.get(
-        `/api/internal/accounts/${accountId}/license/offline`,
-        {
-          internal: true,
-          headers: {
-            "x-budibase-tenant-id": tenantId,
-          },
-        }
+      `/api/internal/accounts/${accountId}/license/offline`,
+      {
+        internal: true,
+        headers: {
+          "x-budibase-tenant-id": tenantId,
+        },
+      }
     )
     expect(response.status).toBe(opts.status ? opts.status : 200)
     return [response, json]
   }
   async getLicenseKey(
-      opts: { status?: number } = {}
+    opts: { status?: number } = {}
   ): Promise<[Response, GetLicenseKeyResponse]> {
     const [response, json] = await this.client.get(`/api/license/key`)
     expect(response.status).toBe(opts.status ? opts.status : 200)
     return [response, json]
   }
   async activateLicense(
-      apiKey: string,
-      tenantId: string,
-      licenseKey: string,
-      opts: APIRequestOpts = { status: 200 }
+    apiKey: string,
+    tenantId: string,
+    licenseKey: string,
+    opts: APIRequestOpts = { status: 200 }
   ) {
     return this.doRequest(() => {
       return this.client.post(`/api/license/activate`, {
@@ -106,14 +106,14 @@ export default class LicenseAPI extends BaseAPI {
   }
 
   async refreshAccountLicense(
-      accountId: string,
-      opts: { status?: number } = {}
+    accountId: string,
+    opts: { status?: number } = {}
   ): Promise<Response> {
     const [response, json] = await this.client.post(
-        `/api/accounts/${accountId}/license/refresh`,
-        {
-          internal: true,
-        }
+      `/api/accounts/${accountId}/license/refresh`,
+      {
+        internal: true,
+      }
     )
     expect(response.status).toBe(opts.status ? opts.status : 201)
     return response
@@ -126,12 +126,12 @@ export default class LicenseAPI extends BaseAPI {
   }
 
   async licenseUsageTriggered(
-      opts: { status?: number } = {}
+    opts: { status?: number } = {}
   ): Promise<Response> {
     const [response, json] = await this.client.post(
-        `/api/license/usage/triggered`
+      `/api/license/usage/triggered`
     )
     expect(response.status).toBe(opts.status ? opts.status : 201)
     return response
   }
-}
\ No newline at end of file
+}
diff --git a/qa-core/src/account-api/api/apis/StripeAPI.ts b/qa-core/src/account-api/api/apis/StripeAPI.ts
index ffa96b3c2b..c9c776e89b 100644
--- a/qa-core/src/account-api/api/apis/StripeAPI.ts
+++ b/qa-core/src/account-api/api/apis/StripeAPI.ts
@@ -3,62 +3,62 @@ import BaseAPI from "./BaseAPI"
 import { APIRequestOpts } from "../../../types"
 
 export default class StripeAPI extends BaseAPI {
-    client: AccountInternalAPIClient
+  client: AccountInternalAPIClient
 
-    constructor(client: AccountInternalAPIClient) {
-        super()
-        this.client = client
-    }
+  constructor(client: AccountInternalAPIClient) {
+    super()
+    this.client = client
+  }
 
-    async createCheckoutSession(
-        priceId: string,
-        opts: APIRequestOpts = { status: 200 }
-    ) {
-        return this.doRequest(() => {
-            return this.client.post(`/api/stripe/checkout-session`, {
-                body: { priceId },
-            })
-        }, opts)
-    }
+  async createCheckoutSession(
+    priceId: string,
+    opts: APIRequestOpts = { status: 200 }
+  ) {
+    return this.doRequest(() => {
+      return this.client.post(`/api/stripe/checkout-session`, {
+        body: { priceId },
+      })
+    }, opts)
+  }
 
-    async checkoutSuccess(opts: APIRequestOpts = { status: 200 }) {
-        return this.doRequest(() => {
-            return this.client.post(`/api/stripe/checkout-success`)
-        }, opts)
-    }
+  async checkoutSuccess(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.post(`/api/stripe/checkout-success`)
+    }, opts)
+  }
 
-    async createPortalSession(
-        stripeCustomerId: string,
-        opts: APIRequestOpts = { status: 200 }
-    ) {
-        return this.doRequest(() => {
-            return this.client.post(`/api/stripe/portal-session`, {
-                body: { stripeCustomerId },
-            })
-        }, opts)
-    }
+  async createPortalSession(
+    stripeCustomerId: string,
+    opts: APIRequestOpts = { status: 200 }
+  ) {
+    return this.doRequest(() => {
+      return this.client.post(`/api/stripe/portal-session`, {
+        body: { stripeCustomerId },
+      })
+    }, opts)
+  }
 
-    async linkStripeCustomer(opts: APIRequestOpts = { status: 200 }) {
-        return this.doRequest(() => {
-            return this.client.post(`/api/stripe/link`)
-        }, opts)
-    }
+  async linkStripeCustomer(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.post(`/api/stripe/link`)
+    }, opts)
+  }
 
-    async getInvoices(opts: APIRequestOpts = { status: 200 }) {
-        return this.doRequest(() => {
-            return this.client.get(`/api/stripe/invoices`)
-        }, opts)
-    }
+  async getInvoices(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.get(`/api/stripe/invoices`)
+    }, opts)
+  }
 
-    async getUpcomingInvoice(opts: APIRequestOpts = { status: 200 }) {
-        return this.doRequest(() => {
-            return this.client.get(`/api/stripe/upcoming-invoice`)
-        }, opts)
-    }
+  async getUpcomingInvoice(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.get(`/api/stripe/upcoming-invoice`)
+    }, opts)
+  }
 
-    async getStripeCustomers(opts: APIRequestOpts = { status: 200 }) {
-        return this.doRequest(() => {
-            return this.client.get(`/api/stripe/customers`)
-        }, opts)
-    }
+  async getStripeCustomers(opts: APIRequestOpts = { status: 200 }) {
+    return this.doRequest(() => {
+      return this.client.get(`/api/stripe/customers`)
+    }, opts)
+  }
 }
diff --git a/qa-core/src/account-api/tests/licensing/license.activate.spec.ts b/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
index 709e2c33f0..a494ceb354 100644
--- a/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
+++ b/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
@@ -3,72 +3,73 @@ import * as fixures from "../../fixtures"
 import { Feature, Hosting } from "@budibase/types"
 
 describe("license activation", () => {
-    const config = new TestConfiguration()
+  const config = new TestConfiguration()
 
-    beforeAll(async () => {
-        await config.beforeAll()
+  beforeAll(async () => {
+    await config.beforeAll()
+  })
+
+  afterAll(async () => {
+    await config.afterAll()
+  })
+
+  it("creates, activates and deletes online license - self host", async () => {
+    // Remove existing license key
+    await config.internalApi.license.deleteLicenseKey()
+
+    // Verify license key not found
+    await config.internalApi.license.getLicenseKey({ status: 404 })
+
+    // Create self host account
+    const createAccountRequest = fixures.accounts.generateAccount({
+      hosting: Hosting.SELF,
+    })
+    const [createAccountRes, account] =
+      await config.accountsApi.accounts.create(createAccountRequest, {
+        autoVerify: true,
+      })
+
+    let licenseKey: string = " "
+    await config.doInNewState(async () => {
+      await config.loginAsAccount(createAccountRequest)
+      // Retrieve license key
+      const [res, body] = await config.accountsApi.licenses.getLicenseKey()
+      licenseKey = body.licenseKey
     })
 
-    afterAll(async () => {
-        await config.afterAll()
+    const accountId = account.accountId!
+
+    // Update license to have paid feature
+    const [res, acc] = await config.accountsApi.licenses.updateLicense(
+      accountId,
+      {
+        overrides: {
+          features: [Feature.APP_BACKUPS],
+        },
+      }
+    )
+
+    // Activate license key
+    await config.internalApi.license.activateLicenseKey({ licenseKey })
+
+    // Verify license updated with new feature
+    await config.doInNewState(async () => {
+      await config.loginAsAccount(createAccountRequest)
+      const [selfRes, body] = await config.api.accounts.self()
+      expect(body.license.features[0]).toBe("appBackups")
     })
 
-    it("creates, activates and deletes online license - self host", async () => {
-        // Remove existing license key
-        await config.internalApi.license.deleteLicenseKey()
+    // Remove license key
+    await config.internalApi.license.deleteLicenseKey()
 
-        // Verify license key not found
-        await config.internalApi.license.getLicenseKey({ status: 404 })
+    // Verify license key not found
+    await config.internalApi.license.getLicenseKey({ status: 404 })
 
-        // Create self host account
-        const createAccountRequest = fixures.accounts.generateAccount({
-            hosting: Hosting.SELF,
-        })
-        const [createAccountRes, account] =
-            await config.accountsApi.accounts.create(createAccountRequest, { autoVerify: true })
-
-        let licenseKey: string = " "
-        await config.doInNewState(async () => {
-            await config.loginAsAccount(createAccountRequest)
-            // Retrieve license key
-            const [res, body] =
-                await config.accountsApi.licenses.getLicenseKey()
-            licenseKey = body.licenseKey
-        })
-
-        const accountId = account.accountId!
-
-        // Update license to have paid feature
-        const [res, acc] = await config.accountsApi.licenses.updateLicense(
-            accountId,
-            {
-                overrides: {
-                    features: [Feature.APP_BACKUPS],
-                },
-            }
-        )
-
-        // Activate license key
-        await config.internalApi.license.activateLicenseKey({licenseKey})
-
-        // Verify license updated with new feature
-        await config.doInNewState(async () => {
-            await config.loginAsAccount(createAccountRequest)
-            const [selfRes, body] = await config.api.accounts.self()
-            expect(body.license.features[0]).toBe("appBackups")
-        })
-
-        // Remove license key
-        await config.internalApi.license.deleteLicenseKey()
-
-        // Verify license key not found
-        await config.internalApi.license.getLicenseKey({ status: 404 })
-
-        // Verify user downgraded to free license
-        await config.doInNewState(async () => {
-            await config.loginAsAccount(createAccountRequest)
-            const [selfRes, body] = await config.api.accounts.self()
-            expect(body.license.plan.type).toBe("free")
-        })
+    // Verify user downgraded to free license
+    await config.doInNewState(async () => {
+      await config.loginAsAccount(createAccountRequest)
+      const [selfRes, body] = await config.api.accounts.self()
+      expect(body.license.plan.type).toBe("free")
     })
+  })
 })
diff --git a/qa-core/src/account-api/tests/licensing/license.manage.spec.ts b/qa-core/src/account-api/tests/licensing/license.manage.spec.ts
index 967252a0f9..3f87838ee4 100644
--- a/qa-core/src/account-api/tests/licensing/license.manage.spec.ts
+++ b/qa-core/src/account-api/tests/licensing/license.manage.spec.ts
@@ -3,55 +3,55 @@ import * as fixtures from "../../fixtures"
 import { Hosting, PlanType } from "@budibase/types"
 
 describe("license management", () => {
-    const config = new TestConfiguration()
+  const config = new TestConfiguration()
 
-    beforeAll(async () => {
-        await config.beforeAll()
+  beforeAll(async () => {
+    await config.beforeAll()
+  })
+
+  afterAll(async () => {
+    await config.afterAll()
+  })
+
+  it("retrieves plans, creates checkout session, and updates license", async () => {
+    // Create cloud account
+    const createAccountRequest = fixtures.accounts.generateAccount({
+      hosting: Hosting.CLOUD,
     })
 
-    afterAll(async () => {
-        await config.afterAll()
-    })
+    // Self response has free license
+    const [selfRes, selfBody] = await config.api.accounts.self()
+    expect(selfBody.license.plan.type).toBe(PlanType.FREE)
 
-    it("retrieves plans, creates checkout session, and updates license", async () => {
-        // Create cloud account
-        const createAccountRequest = fixtures.accounts.generateAccount({
-            hosting: Hosting.CLOUD,
-        })
+    // Retrieve plans
+    const [plansRes, planBody] = await config.api.licenses.getPlans()
 
-        // Self response has free license
-        const [selfRes, selfBody] = await config.api.accounts.self()
-        expect(selfBody.license.plan.type).toBe(PlanType.FREE)
+    // Select priceId from premium plan
+    let premiumPriceId = null
+    for (const plan of planBody) {
+      if (plan.type === PlanType.PREMIUM) {
+        premiumPriceId = plan.prices[0].priceId
+        break
+      }
+    }
 
-        // Retrieve plans
-        const [plansRes, planBody] = await config.api.licenses.getPlans()
+    // Create checkout session for price
+    const checkoutSessionRes = await config.api.stripe.createCheckoutSession(
+      premiumPriceId
+    )
+    const checkoutSessionUrl = checkoutSessionRes[1].url
+    expect(checkoutSessionUrl).toContain("checkout.stripe.com")
 
-        // Select priceId from premium plan
-        let premiumPriceId = null
-        for (const plan of planBody) {
-            if (plan.type === PlanType.PREMIUM) {
-                premiumPriceId = plan.prices[0].priceId
-                break
-            }
-        }
+    // TODO: Mimic checkout success
+    // Create stripe customer
+    // Create subscription for premium plan
+    // Assert license updated from free to premium
 
-        // Create checkout session for price
-        const checkoutSessionRes = await config.api.stripe.createCheckoutSession(
-            premiumPriceId
-        )
-        const checkoutSessionUrl = checkoutSessionRes[1].url
-        expect(checkoutSessionUrl).toContain("checkout.stripe.com")
+    // Create portal session
+    //await config.api.stripe.createPortalSession()
 
-        // TODO: Mimic checkout success
-        // Create stripe customer
-        // Create subscription for premium plan
-        // Assert license updated from free to premium
+    // Update from free to business license
 
-        // Create portal session
-        //await config.api.stripe.createPortalSession()
-
-        // Update from free to business license
-
-        // License updated
-    })
+    // License updated
+  })
 })
diff --git a/qa-core/src/internal-api/api/apis/LicenseAPI.ts b/qa-core/src/internal-api/api/apis/LicenseAPI.ts
index 268f8781c3..ef322e069a 100644
--- a/qa-core/src/internal-api/api/apis/LicenseAPI.ts
+++ b/qa-core/src/internal-api/api/apis/LicenseAPI.ts
@@ -15,11 +15,11 @@ export default class LicenseAPI extends BaseAPI {
     super(client)
   }
   async getOfflineLicenseToken(
-      opts: { status?: number } = {}
+    opts: { status?: number } = {}
   ): Promise<[Response, GetOfflineLicenseTokenResponse]> {
     const [response, body] = await this.get(
-        `/global/license/offline`,
-        opts.status
+      `/global/license/offline`,
+      opts.status
     )
     return [response, body]
   }
@@ -28,29 +28,29 @@ export default class LicenseAPI extends BaseAPI {
     return [response]
   }
   async activateOfflineLicenseToken(
-      body: ActivateOfflineLicenseTokenRequest
+    body: ActivateOfflineLicenseTokenRequest
   ): Promise<[Response]> {
     const [response] = await this.post(`/global/license/offline`, body)
     return [response]
   }
   async getOfflineIdentifier(): Promise<
-      [Response, GetOfflineIdentifierResponse]
+    [Response, GetOfflineIdentifierResponse]
   > {
     const [response, body] = await this.get(
-        `/global/license/offline/identifier`
+      `/global/license/offline/identifier`
     )
     return [response, body]
   }
 
   async getLicenseKey(
-      opts: { status?: number } = {}
+    opts: { status?: number } = {}
   ): Promise<[Response, GetLicenseKeyResponse]> {
     const [response, body] = await this.get(`/global/license/key`, opts.status)
     return [response, body]
   }
 
   async activateLicenseKey(
-      body: ActivateLicenseKeyRequest
+    body: ActivateLicenseKeyRequest
   ): Promise<[Response]> {
     const [response] = await this.post(`/global/license/key`, body)
     return [response]
@@ -60,4 +60,4 @@ export default class LicenseAPI extends BaseAPI {
     const [response] = await this.del(`/global/license/key`, 204)
     return [response]
   }
-}
\ No newline at end of file
+}

From f3234f6bd63e0bf5307ffc752c9992bfc4813b0d Mon Sep 17 00:00:00 2001
From: Mitch-Budibase <mitch@budibase.com>
Date: Fri, 6 Oct 2023 16:22:56 +0100
Subject: [PATCH 03/48] Update license activate test

I have removed the end of the test which was to 'Verify user downgraded to free license'
- This is not needed

I have also updated getLicenseKey - specifically how it handles the expected 200 response
---
 qa-core/src/account-api/api/apis/LicenseAPI.ts             | 2 +-
 .../account-api/tests/licensing/license.activate.spec.ts   | 7 -------
 2 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/qa-core/src/account-api/api/apis/LicenseAPI.ts b/qa-core/src/account-api/api/apis/LicenseAPI.ts
index dba1a661d4..b371f00f05 100644
--- a/qa-core/src/account-api/api/apis/LicenseAPI.ts
+++ b/qa-core/src/account-api/api/apis/LicenseAPI.ts
@@ -68,7 +68,7 @@ export default class LicenseAPI extends BaseAPI {
     opts: { status?: number } = {}
   ): Promise<[Response, GetLicenseKeyResponse]> {
     const [response, json] = await this.client.get(`/api/license/key`)
-    expect(response.status).toBe(opts.status ? opts.status : 200)
+    expect(response.status).toBe(opts.status || 200)
     return [response, json]
   }
   async activateLicense(
diff --git a/qa-core/src/account-api/tests/licensing/license.activate.spec.ts b/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
index a494ceb354..96c6eaea2a 100644
--- a/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
+++ b/qa-core/src/account-api/tests/licensing/license.activate.spec.ts
@@ -64,12 +64,5 @@ describe("license activation", () => {
 
     // Verify license key not found
     await config.internalApi.license.getLicenseKey({ status: 404 })
-
-    // Verify user downgraded to free license
-    await config.doInNewState(async () => {
-      await config.loginAsAccount(createAccountRequest)
-      const [selfRes, body] = await config.api.accounts.self()
-      expect(body.license.plan.type).toBe("free")
-    })
   })
 })

From a06451222400312d9928e67618e870cc28f2dbf7 Mon Sep 17 00:00:00 2001
From: Dean <deanhannigan@gmail.com>
Date: Wed, 18 Oct 2023 11:14:16 +0100
Subject: [PATCH 04/48] Added description field to the formblock

---
 packages/client/manifest.json                 |   6 ++
 .../app/blocks/form/FormBlock.svelte          |   2 +
 .../app/blocks/form/InnerFormBlock.svelte     | 101 ++++++++++--------
 3 files changed, 67 insertions(+), 42 deletions(-)

diff --git a/packages/client/manifest.json b/packages/client/manifest.json
index 8d0a4e456f..ed69b8868f 100644
--- a/packages/client/manifest.json
+++ b/packages/client/manifest.json
@@ -5305,6 +5305,12 @@
         "key": "title",
         "nested": true
       },
+      {
+        "type": "text",
+        "label": "Description",
+        "key": "description",
+        "nested": true
+      },
       {
         "section": true,
         "dependsOn": {
diff --git a/packages/client/src/components/app/blocks/form/FormBlock.svelte b/packages/client/src/components/app/blocks/form/FormBlock.svelte
index 5d57d10ab6..f905227af9 100644
--- a/packages/client/src/components/app/blocks/form/FormBlock.svelte
+++ b/packages/client/src/components/app/blocks/form/FormBlock.svelte
@@ -12,6 +12,7 @@
   export let fields
   export let labelPosition
   export let title
+  export let description
   export let showDeleteButton
   export let showSaveButton
   export let saveButtonLabel
@@ -98,6 +99,7 @@
     fields: fieldsOrDefault,
     labelPosition,
     title,
+    description,
     saveButtonLabel: saveLabel,
     deleteButtonLabel: deleteLabel,
     schema,
diff --git a/packages/client/src/components/app/blocks/form/InnerFormBlock.svelte b/packages/client/src/components/app/blocks/form/InnerFormBlock.svelte
index ec5daa21b1..e65d2cf90b 100644
--- a/packages/client/src/components/app/blocks/form/InnerFormBlock.svelte
+++ b/packages/client/src/components/app/blocks/form/InnerFormBlock.svelte
@@ -11,6 +11,7 @@
   export let fields
   export let labelPosition
   export let title
+  export let description
   export let saveButtonLabel
   export let deleteButtonLabel
   export let schema
@@ -160,55 +161,71 @@
         <BlockComponent
           type="container"
           props={{
-            direction: "row",
-            hAlign: "stretch",
-            vAlign: "center",
-            gap: "M",
-            wrap: true,
+            direction: "column",
+            gap: "S",
           }}
           order={0}
         >
           <BlockComponent
-            type="heading"
-            props={{ text: title || "" }}
+            type="container"
+            props={{
+              direction: "row",
+              hAlign: "stretch",
+              vAlign: "center",
+              gap: "M",
+              wrap: true,
+            }}
             order={0}
-          />
-          {#if renderButtons}
+          >
             <BlockComponent
-              type="container"
-              props={{
-                direction: "row",
-                hAlign: "stretch",
-                vAlign: "center",
-                gap: "M",
-                wrap: true,
-              }}
+              type="heading"
+              props={{ text: title || "" }}
+              order={0}
+            />
+            {#if renderButtons}
+              <BlockComponent
+                type="container"
+                props={{
+                  direction: "row",
+                  hAlign: "stretch",
+                  vAlign: "center",
+                  gap: "M",
+                  wrap: true,
+                }}
+                order={1}
+              >
+                {#if renderDeleteButton}
+                  <BlockComponent
+                    type="button"
+                    props={{
+                      text: deleteButtonLabel,
+                      onClick: onDelete,
+                      quiet: true,
+                      type: "secondary",
+                    }}
+                    order={0}
+                  />
+                {/if}
+                {#if renderSaveButton}
+                  <BlockComponent
+                    type="button"
+                    props={{
+                      text: saveButtonLabel,
+                      onClick: onSave,
+                      type: "cta",
+                    }}
+                    order={1}
+                  />
+                {/if}
+              </BlockComponent>
+            {/if}
+          </BlockComponent>
+          {#if description}
+            <BlockComponent
+              type="text"
+              props={{ text: description }}
               order={1}
-            >
-              {#if renderDeleteButton}
-                <BlockComponent
-                  type="button"
-                  props={{
-                    text: deleteButtonLabel,
-                    onClick: onDelete,
-                    quiet: true,
-                    type: "secondary",
-                  }}
-                  order={0}
-                />
-              {/if}
-              {#if renderSaveButton}
-                <BlockComponent
-                  type="button"
-                  props={{
-                    text: saveButtonLabel,
-                    onClick: onSave,
-                    type: "cta",
-                  }}
-                  order={1}
-                />
-              {/if}
-            </BlockComponent>
+            />
           {/if}
         </BlockComponent>
       {/if}

From d0b71ada08ec6695559f3687647d342d480e7a2c Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Fri, 20 Oct 2023 09:08:45 +0100
Subject: [PATCH 05/48] Ensure BBUI table component ignores numeric widths that
 are invalid

---
 packages/bbui/src/Table/Table.svelte | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/packages/bbui/src/Table/Table.svelte b/packages/bbui/src/Table/Table.svelte
index 529d1144ee..885dd75671 100644
--- a/packages/bbui/src/Table/Table.svelte
+++ b/packages/bbui/src/Table/Table.svelte
@@ -106,6 +106,13 @@
           name: fieldName,
         }
       }
+
+      // Delete numeric only widths as these are grid widths and should be
+      // ignored
+      let width = fixedSchema[fieldName].width
+      if (width != null && `${width}`.trim().match(/^[0-9]+$/)) {
+        delete fixedSchema[fieldName].width
+      }
     })
     return fixedSchema
   }

From ff257abab3dd1d747bc309075e13d2d993fc1481 Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Fri, 20 Oct 2023 09:09:32 +0100
Subject: [PATCH 06/48] Update copy for table column widths to inform user that
 a unit is required

---
 .../design/settings/controls/ColumnEditor/CellDrawer.svelte | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/packages/builder/src/components/design/settings/controls/ColumnEditor/CellDrawer.svelte b/packages/builder/src/components/design/settings/controls/ColumnEditor/CellDrawer.svelte
index 8e3079101a..9e53f7f1cf 100644
--- a/packages/builder/src/components/design/settings/controls/ColumnEditor/CellDrawer.svelte
+++ b/packages/builder/src/components/design/settings/controls/ColumnEditor/CellDrawer.svelte
@@ -16,7 +16,11 @@
 <DrawerContent>
   <div class="container">
     <Layout noPadding gap="S">
-      <Input bind:value={column.width} label="Width" placeholder="Auto" />
+      <Input
+        bind:value={column.width}
+        label="Width (must include a unit like px or %)"
+        placeholder="Auto"
+      />
       <Select
         label="Alignment"
         bind:value={column.align}

From 880c509f649dec592a53a8b2a5b0194f04d105b3 Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Fri, 20 Oct 2023 09:13:42 +0100
Subject: [PATCH 07/48] Always use custom table columns if provided to ensure
 we allow showing hidden columns if requested. Use grid visibility and order
 metadata by default in tables

---
 packages/client/src/components/app/DataProvider.svelte | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/client/src/components/app/DataProvider.svelte b/packages/client/src/components/app/DataProvider.svelte
index 2639c77edd..342194d5e2 100644
--- a/packages/client/src/components/app/DataProvider.svelte
+++ b/packages/client/src/components/app/DataProvider.svelte
@@ -81,6 +81,7 @@
       sortOrder: $fetch.sortOrder,
     },
     limit,
+    primaryDisplay: $fetch.definition?.primaryDisplay,
   }
 
   const createFetch = datasource => {

From 357f495c0d129344b5e1aaeb4190d65f229e35d7 Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Fri, 20 Oct 2023 09:14:15 +0100
Subject: [PATCH 08/48] Respect grid visibility and ordering by default when
 rendering tables

---
 .../src/components/app/table/Table.svelte     | 49 +++++++++++++------
 1 file changed, 35 insertions(+), 14 deletions(-)

diff --git a/packages/client/src/components/app/table/Table.svelte b/packages/client/src/components/app/table/Table.svelte
index 0ed76317db..34fa8c204d 100644
--- a/packages/client/src/components/app/table/Table.svelte
+++ b/packages/client/src/components/app/table/Table.svelte
@@ -32,7 +32,8 @@
   $: loading = dataProvider?.loading ?? false
   $: data = dataProvider?.rows || []
   $: fullSchema = dataProvider?.schema ?? {}
-  $: fields = getFields(fullSchema, columns, false)
+  $: primaryDisplay = dataProvider?.primaryDisplay
+  $: fields = getFields(fullSchema, columns, false, primaryDisplay)
   $: schema = getFilteredSchema(fullSchema, fields, hasChildren)
   $: setSorting = getAction(
     dataProvider?.id,
@@ -55,18 +56,13 @@
     }
   }
 
-  const getFields = (schema, customColumns, showAutoColumns) => {
-    // Check for an invalid column selection
-    let invalid = false
-    customColumns?.forEach(column => {
-      const columnName = typeof column === "string" ? column : column.name
-      if (schema[columnName] == null) {
-        invalid = true
-      }
-    })
-
-    // Use column selection if it exists
-    if (!invalid && customColumns?.length) {
+  const getFields = (
+    schema,
+    customColumns,
+    showAutoColumns,
+    primaryDisplay
+  ) => {
+    if (customColumns?.length) {
       return customColumns
     }
 
@@ -74,13 +70,38 @@
     let columns = []
     let autoColumns = []
     Object.entries(schema).forEach(([field, fieldSchema]) => {
+      if (!fieldSchema.visible) {
+        return
+      }
       if (!fieldSchema?.autocolumn) {
         columns.push(field)
       } else if (showAutoColumns) {
         autoColumns.push(field)
       }
     })
-    return columns.concat(autoColumns)
+
+    // Sort columns to respect grid metadata
+    const allCols = columns.concat(autoColumns)
+    return allCols.sort((a, b) => {
+      if (a === primaryDisplay) {
+        return -1
+      }
+      if (b === primaryDisplay) {
+        return 1
+      }
+      const aOrder = schema[a].order
+      const bOrder = schema[b].order
+      if (aOrder === bOrder) {
+        return 0
+      }
+      if (aOrder == null) {
+        return 1
+      }
+      if (bOrder == null) {
+        return -1
+      }
+      return aOrder < bOrder ? -1 : 1
+    })
   }
 
   const getFilteredSchema = (schema, fields, hasChildren) => {

From 8d2530d4c859963c9f36d6b31534e1c992d269f1 Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Fri, 20 Oct 2023 09:19:05 +0100
Subject: [PATCH 09/48] Swap let for const

---
 packages/bbui/src/Table/Table.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/bbui/src/Table/Table.svelte b/packages/bbui/src/Table/Table.svelte
index 885dd75671..2610d6106c 100644
--- a/packages/bbui/src/Table/Table.svelte
+++ b/packages/bbui/src/Table/Table.svelte
@@ -109,7 +109,7 @@
 
       // Delete numeric only widths as these are grid widths and should be
       // ignored
-      let width = fixedSchema[fieldName].width
+      const width = fixedSchema[fieldName].width
       if (width != null && `${width}`.trim().match(/^[0-9]+$/)) {
         delete fixedSchema[fieldName].width
       }

From 961913b88a3208924eba14a9602b853d9e6de8ce Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 16:21:35 +0200
Subject: [PATCH 10/48] Use version from environment

---
 packages/backend-core/src/environment.ts | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/packages/backend-core/src/environment.ts b/packages/backend-core/src/environment.ts
index 3894bdd0f7..4fb8b5fdca 100644
--- a/packages/backend-core/src/environment.ts
+++ b/packages/backend-core/src/environment.ts
@@ -49,7 +49,6 @@ function httpLogging() {
 }
 
 function getPackageJsonFields(): {
-  VERSION: string
   SERVICE_NAME: string
 } {
   function findFileInAncestors(
@@ -75,12 +74,11 @@ function getPackageJsonFields(): {
     const content = readFileSync(packageJsonFile!, "utf-8")
     const parsedContent = JSON.parse(content)
     return {
-      VERSION: parsedContent.version,
       SERVICE_NAME: parsedContent.name,
     }
   } catch {
     // throwing an error here is confusing/causes backend-core to be hard to import
-    return { VERSION: "", SERVICE_NAME: "" }
+    return { SERVICE_NAME: "" }
   }
 }
 
@@ -173,6 +171,7 @@ const environment = {
   ENABLE_SSO_MAINTENANCE_MODE: selfHosted
     ? process.env.ENABLE_SSO_MAINTENANCE_MODE
     : false,
+  VERSION: process.env.VERSION!,
   ...getPackageJsonFields(),
   DISABLE_PINO_LOGGER: process.env.DISABLE_PINO_LOGGER,
   OFFLINE_MODE: process.env.OFFLINE_MODE,

From 56ae857d498908c95c2c8e8146455ca170eaf8b0 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 16:21:48 +0200
Subject: [PATCH 11/48] Add version to dev .env

---
 packages/server/scripts/dev/manage.js | 1 +
 packages/worker/scripts/dev/manage.js | 1 +
 2 files changed, 2 insertions(+)

diff --git a/packages/server/scripts/dev/manage.js b/packages/server/scripts/dev/manage.js
index 5db45040bf..13639b6bfd 100644
--- a/packages/server/scripts/dev/manage.js
+++ b/packages/server/scripts/dev/manage.js
@@ -47,6 +47,7 @@ async function init() {
       TENANT_FEATURE_FLAGS: "*:LICENSING,*:USER_GROUPS,*:ONBOARDING_TOUR",
       HTTP_MIGRATIONS: "0",
       HTTP_LOGGING: "0",
+      VERSION: "0.0.0+local",
     }
     let envFile = ""
     Object.keys(envFileJson).forEach(key => {
diff --git a/packages/worker/scripts/dev/manage.js b/packages/worker/scripts/dev/manage.js
index ecf5defd47..9e6a57d4bf 100644
--- a/packages/worker/scripts/dev/manage.js
+++ b/packages/worker/scripts/dev/manage.js
@@ -31,6 +31,7 @@ async function init() {
       TENANT_FEATURE_FLAGS: "*:LICENSING,*:USER_GROUPS,*:ONBOARDING_TOUR",
       ENABLE_EMAIL_TEST_MODE: 1,
       HTTP_LOGGING: 0,
+      VERSION: "0.0.0+local",
     }
     let envFile = ""
     Object.keys(envFileJson).forEach(key => {

From 04a2bbc61aba8016d84b649273a60dc3c7c6effb Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Fri, 20 Oct 2023 15:45:35 +0100
Subject: [PATCH 12/48] Two fixes here - a quick fix for the builder side
 panel, making sure it fills up with users correctly (not all, but enough to
 make it look more pleasant) as well as dropping user search endpoint
 permissions to allow basic users to access it for user columns.

---
 packages/backend-core/src/users/db.ts              | 10 +++++-----
 packages/backend-core/src/users/users.ts           |  9 ++++++---
 .../_components/BuilderSidePanel.svelte            |  3 ++-
 packages/types/src/api/web/user.ts                 |  1 +
 .../worker/src/api/controllers/global/users.ts     |  7 ++++++-
 .../src/api/routes/global/tests/users.spec.ts      |  6 +++++-
 packages/worker/src/api/routes/global/users.ts     |  3 ++-
 packages/worker/src/tests/api/users.ts             | 14 ++++++++++----
 8 files changed, 37 insertions(+), 16 deletions(-)

diff --git a/packages/backend-core/src/users/db.ts b/packages/backend-core/src/users/db.ts
index 8bb6300d4e..daa09bee6f 100644
--- a/packages/backend-core/src/users/db.ts
+++ b/packages/backend-core/src/users/db.ts
@@ -164,14 +164,14 @@ export class UserDB {
     }
   }
 
-  static async getUsersByAppAccess(appId?: string) {
-    const opts: any = {
+  static async getUsersByAppAccess(opts: { appId?: string; limit?: number }) {
+    const params: any = {
       include_docs: true,
-      limit: 50,
+      limit: opts.limit || 50,
     }
     let response: User[] = await usersCore.searchGlobalUsersByAppAccess(
-      appId,
-      opts
+      opts.appId,
+      params
     )
     return response
   }
diff --git a/packages/backend-core/src/users/users.ts b/packages/backend-core/src/users/users.ts
index a64997224e..bad108ab84 100644
--- a/packages/backend-core/src/users/users.ts
+++ b/packages/backend-core/src/users/users.ts
@@ -19,6 +19,7 @@ import {
   SearchUsersRequest,
   User,
   ContextUser,
+  DatabaseQueryOpts,
 } from "@budibase/types"
 import { getGlobalDB } from "../context"
 import * as context from "../context"
@@ -241,12 +242,14 @@ export const paginatedUsers = async ({
   bookmark,
   query,
   appId,
+  limit,
 }: SearchUsersRequest = {}) => {
   const db = getGlobalDB()
+  const pageLimit = limit ? limit + 1 : PAGE_LIMIT + 1
   // get one extra document, to have the next page
-  const opts: any = {
+  const opts: DatabaseQueryOpts = {
     include_docs: true,
-    limit: PAGE_LIMIT + 1,
+    limit: pageLimit,
   }
   // add a startkey if the page was specified (anchor)
   if (bookmark) {
@@ -269,7 +272,7 @@ export const paginatedUsers = async ({
     const response = await db.allDocs(getGlobalUserParams(null, opts))
     userList = response.rows.map((row: any) => row.doc)
   }
-  return pagination(userList, PAGE_LIMIT, {
+  return pagination(userList, pageLimit, {
     paginate: true,
     property,
     getKey,
diff --git a/packages/builder/src/pages/builder/app/[application]/_components/BuilderSidePanel.svelte b/packages/builder/src/pages/builder/app/[application]/_components/BuilderSidePanel.svelte
index c93a41f541..a7d9584330 100644
--- a/packages/builder/src/pages/builder/app/[application]/_components/BuilderSidePanel.svelte
+++ b/packages/builder/src/pages/builder/app/[application]/_components/BuilderSidePanel.svelte
@@ -114,8 +114,9 @@
       query: {
         appId: query || !filterByAppAccess ? null : prodAppId,
         email: query,
-        paginated: query || !filterByAppAccess ? null : false,
       },
+      limit: 50,
+      paginate: query || !filterByAppAccess ? null : false,
     })
     await usersFetch.refresh()
 
diff --git a/packages/types/src/api/web/user.ts b/packages/types/src/api/web/user.ts
index a1e039cfd7..3a5bd16bdf 100644
--- a/packages/types/src/api/web/user.ts
+++ b/packages/types/src/api/web/user.ts
@@ -55,6 +55,7 @@ export interface SearchUsersRequest {
   bookmark?: string
   query?: SearchQuery
   appId?: string
+  limit?: number
   paginate?: boolean
 }
 
diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts
index 8de3a1444e..bfe9bdf284 100644
--- a/packages/worker/src/api/controllers/global/users.ts
+++ b/packages/worker/src/api/controllers/global/users.ts
@@ -189,7 +189,10 @@ export const destroy = async (ctx: any) => {
 
 export const getAppUsers = async (ctx: Ctx<SearchUsersRequest>) => {
   const body = ctx.request.body
-  const users = await userSdk.db.getUsersByAppAccess(body?.appId)
+  const users = await userSdk.db.getUsersByAppAccess({
+    appId: body.appId,
+    limit: body.limit,
+  })
 
   ctx.body = { data: users }
 }
@@ -203,8 +206,10 @@ export const search = async (ctx: Ctx<SearchUsersRequest>) => {
   }
 
   if (body.paginate === false) {
+    console.log("not paginated")
     await getAppUsers(ctx)
   } else {
+    console.log("paginated")
     const paginated = await userSdk.core.paginatedUsers(body)
     // user hashed password shouldn't ever be returned
     for (let user of paginated.data) {
diff --git a/packages/worker/src/api/routes/global/tests/users.spec.ts b/packages/worker/src/api/routes/global/tests/users.spec.ts
index a446d10ed0..846b98a7ae 100644
--- a/packages/worker/src/api/routes/global/tests/users.spec.ts
+++ b/packages/worker/src/api/routes/global/tests/users.spec.ts
@@ -569,9 +569,13 @@ describe("/api/global/users", () => {
         {
           query: { equal: { firstName: user.firstName } },
         },
-        501
+        { status: 501 }
       )
     })
+
+    it("should throw an error if public query performed", async () => {
+      await config.api.users.searchUsers({}, { status: 403, noHeaders: true })
+    })
   })
 
   describe("DELETE /api/global/users/:userId", () => {
diff --git a/packages/worker/src/api/routes/global/users.ts b/packages/worker/src/api/routes/global/users.ts
index a57f7834ac..3c9cfd2f41 100644
--- a/packages/worker/src/api/routes/global/users.ts
+++ b/packages/worker/src/api/routes/global/users.ts
@@ -72,7 +72,8 @@ router
   )
 
   .get("/api/global/users", auth.builderOrAdmin, controller.fetch)
-  .post("/api/global/users/search", auth.builderOrAdmin, controller.search)
+  // search can be used by any user now, to retrieve users for user column
+  .post("/api/global/users/search", controller.search)
   .delete("/api/global/users/:id", auth.adminOnly, controller.destroy)
   .get(
     "/api/global/users/count/:appId",
diff --git a/packages/worker/src/tests/api/users.ts b/packages/worker/src/tests/api/users.ts
index b2a19bcb28..ca25e2f9ca 100644
--- a/packages/worker/src/tests/api/users.ts
+++ b/packages/worker/src/tests/api/users.ts
@@ -134,13 +134,19 @@ export class UserAPI extends TestAPI {
       .expect(status ? status : 200)
   }
 
-  searchUsers = ({ query }: { query?: SearchQuery }, status = 200) => {
-    return this.request
+  searchUsers = (
+    { query }: { query?: SearchQuery },
+    opts?: { status?: number; noHeaders?: boolean }
+  ) => {
+    const req = this.request
       .post("/api/global/users/search")
-      .set(this.config.defaultHeaders())
       .send({ query })
       .expect("Content-Type", /json/)
-      .expect(status ? status : 200)
+      .expect(opts?.status ? opts.status : 200)
+    if (!opts?.noHeaders) {
+      req.set(this.config.defaultHeaders())
+    }
+    return req
   }
 
   getUser = (userId: string, opts?: TestAPIOpts) => {

From 8c744ea7a99ab68e7388094ab74c6fc5ba708e78 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Fri, 20 Oct 2023 15:57:45 +0100
Subject: [PATCH 13/48] PR comments.

---
 packages/worker/src/api/controllers/global/users.ts | 2 --
 1 file changed, 2 deletions(-)

diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts
index bfe9bdf284..de1a605890 100644
--- a/packages/worker/src/api/controllers/global/users.ts
+++ b/packages/worker/src/api/controllers/global/users.ts
@@ -206,10 +206,8 @@ export const search = async (ctx: Ctx<SearchUsersRequest>) => {
   }
 
   if (body.paginate === false) {
-    console.log("not paginated")
     await getAppUsers(ctx)
   } else {
-    console.log("paginated")
     const paginated = await userSdk.core.paginatedUsers(body)
     // user hashed password shouldn't ever be returned
     for (let user of paginated.data) {

From 8a939dd3e60cb8dc5f0d9e8703fd5a41c7879e1c Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:02:24 +0200
Subject: [PATCH 14/48] Update pro submodule ref

---
 packages/pro | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/pro b/packages/pro
index 570d14aa44..56d968bfe6 160000
--- a/packages/pro
+++ b/packages/pro
@@ -1 +1 @@
-Subproject commit 570d14aa44aa88f4d053856322210f0008ba5c76
+Subproject commit 56d968bfe6998e1077d3fce4eb1c9e483d1d6fc9

From 97fc794a2b198f2466dd1ec41e4371de8fd8a224 Mon Sep 17 00:00:00 2001
From: Budibase Staging Release Bot <>
Date: Fri, 20 Oct 2023 15:15:17 +0000
Subject: [PATCH 15/48] Bump version to 2.11.41

---
 lerna.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lerna.json b/lerna.json
index 75db3b9b55..4b2bbb05d5 100644
--- a/lerna.json
+++ b/lerna.json
@@ -1,5 +1,5 @@
 {
-  "version": "2.11.40",
+  "version": "2.11.41",
   "npmClient": "yarn",
   "packages": [
     "packages/*"

From 4c19ad1ca7f27c9713b9551bd4711aee6b081685 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:19:35 +0200
Subject: [PATCH 16/48] Add versions to server/worker docker v2

---
 hosting/docker-compose.build.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/hosting/docker-compose.build.yaml b/hosting/docker-compose.build.yaml
index e192620b59..19ce9b5473 100644
--- a/hosting/docker-compose.build.yaml
+++ b/hosting/docker-compose.build.yaml
@@ -7,6 +7,8 @@ services:
     build:
       context: ..
       dockerfile: packages/server/Dockerfile.v2
+      args:
+        - VERSION=0.0.0+dev-docker
     container_name: build-bbapps
     environment:
       SELF_HOSTED: 1
@@ -30,13 +32,13 @@ services:
     depends_on:
       - worker-service
       - redis-service
-  #    volumes:
-  #      - /some/path/to/plugins:/plugins
 
   worker-service:
     build:
       context: ..
       dockerfile: packages/worker/Dockerfile.v2
+      args:
+        - VERSION=0.0.0+dev-docker
     container_name: build-bbworker
     environment:
       SELF_HOSTED: 1

From 9dacb5849b126b69ae5006a39205719dd6e79a35 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:19:44 +0200
Subject: [PATCH 17/48] Add versions to server/worker docker v2

---
 packages/server/Dockerfile.v2 | 4 ++++
 packages/worker/Dockerfile.v2 | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/packages/server/Dockerfile.v2 b/packages/server/Dockerfile.v2
index d5a86b037d..339cefcc45 100644
--- a/packages/server/Dockerfile.v2
+++ b/packages/server/Dockerfile.v2
@@ -67,6 +67,10 @@ COPY packages/server/docker_run.sh .
 COPY packages/server/builder/ builder/
 COPY packages/server/client/ client/
 
+ARG VERSION
+RUN test -n "$VERSION"
+ENV VERSION=$VERSION
+
 EXPOSE 4001
 
 # have to add node environment production after install
diff --git a/packages/worker/Dockerfile.v2 b/packages/worker/Dockerfile.v2
index 0d60db6fc5..20fcd4a69b 100644
--- a/packages/worker/Dockerfile.v2
+++ b/packages/worker/Dockerfile.v2
@@ -50,4 +50,8 @@ ENV POSTHOG_TOKEN=phc_bIjZL7oh2GEUd2vqvTBH8WvrX0fWTFQMs6H5KQxiUxU
 ENV TENANT_FEATURE_FLAGS=*:LICENSING,*:USER_GROUPS,*:ONBOARDING_TOUR
 ENV ACCOUNT_PORTAL_URL=https://account.budibase.app
 
+ARG VERSION
+RUN test -n "$VERSION"
+ENV VERSION=$VERSION
+
 CMD ["./docker_run.sh"]

From 133e4752576c27bd2f41f68578236aa31b7a48e4 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:20:14 +0200
Subject: [PATCH 18/48] Add version to single image

---
 hosting/single/Dockerfile.v2 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hosting/single/Dockerfile.v2 b/hosting/single/Dockerfile.v2
index a983f10044..ecc223be15 100644
--- a/hosting/single/Dockerfile.v2
+++ b/hosting/single/Dockerfile.v2
@@ -118,6 +118,9 @@ EXPOSE 443
 EXPOSE 2222
 VOLUME /data
 
+ARG VERSION
+RUN test -n "$VERSION"
+ENV VERSION=$VERSION
 
 HEALTHCHECK --interval=15s --timeout=15s --start-period=45s CMD "/healthcheck.sh"
 

From 6ff11a82994719c556c3e68d46a5c5d35a5a57bf Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:23:16 +0200
Subject: [PATCH 19/48] Fix local docker singleimage build

---
 scripts/build-single-image.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/scripts/build-single-image.sh b/scripts/build-single-image.sh
index cb2c29deac..216d758fae 100755
--- a/scripts/build-single-image.sh
+++ b/scripts/build-single-image.sh
@@ -1,3 +1,4 @@
 #!/bin/bash
 yarn build --scope @budibase/server --scope @budibase/worker
-docker build -f hosting/single/Dockerfile.v2 -t budibase:latest .
+version=$(./scripts/getCurrentVersion.sh)
+docker build -f hosting/single/Dockerfile.v2 -t budibase:latest --build-arg VERSION=$version .

From 5ee1d73e8160d13862a1dd8f6883d2073380745e Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:25:30 +0200
Subject: [PATCH 20/48] Add args to build

---
 packages/server/package.json | 2 +-
 packages/worker/package.json | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/server/package.json b/packages/server/package.json
index 0bc3618a08..0636eebe77 100644
--- a/packages/server/package.json
+++ b/packages/server/package.json
@@ -18,7 +18,7 @@
     "test": "bash scripts/test.sh",
     "test:memory": "jest --maxWorkers=2 --logHeapUsage --forceExit",
     "test:watch": "jest --watch",
-    "build:docker": "yarn build && docker build . -t app-service --label version=$BUDIBASE_RELEASE_VERSION",
+    "build:docker": "yarn build && docker build . -t app-service --label version=$BUDIBASE_RELEASE_VERSION --build-arg VERSION=$BUDIBASE_RELEASE_VERSION",
     "run:docker": "node dist/index.js",
     "run:docker:cluster": "pm2-runtime start pm2.config.js",
     "dev:stack:up": "node scripts/dev/manage.js up",
diff --git a/packages/worker/package.json b/packages/worker/package.json
index 1eee3f020f..0a75eac522 100644
--- a/packages/worker/package.json
+++ b/packages/worker/package.json
@@ -20,7 +20,7 @@
     "run:docker": "node dist/index.js",
     "debug": "yarn build && node --expose-gc --inspect=9223 dist/index.js",
     "run:docker:cluster": "pm2-runtime start pm2.config.js",
-    "build:docker": "yarn build && docker build . -t worker-service --label version=$BUDIBASE_RELEASE_VERSION",
+    "build:docker": "yarn build && docker build . -t worker-service --label version=$BUDIBASE_RELEASE_VERSION --build-arg VERSION=$BUDIBASE_RELEASE_VERSION",
     "dev:stack:init": "node ./scripts/dev/manage.js init",
     "dev:builder": "npm run dev:stack:init && nodemon",
     "dev:built": "yarn run dev:stack:init && yarn run run:docker",

From 8db11ac174805355c1961defd7588629811de63f Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:27:42 +0200
Subject: [PATCH 21/48] Add version to test image pipeline

---
 .github/workflows/release-singleimage-test.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release-singleimage-test.yml b/.github/workflows/release-singleimage-test.yml
index 79b9afdd44..3d6c0d2b3c 100644
--- a/.github/workflows/release-singleimage-test.yml
+++ b/.github/workflows/release-singleimage-test.yml
@@ -54,6 +54,7 @@ jobs:
           push: true
           pull: true
           platforms: linux/amd64,linux/arm64
+          build-args: VERSION=0.0.0+test
           tags: budibase/budibase-test:test
           file: ./hosting/single/Dockerfile.v2
           cache-from: type=registry,ref=budibase/budibase-test:test
@@ -64,6 +65,8 @@ jobs:
           context: .
           push: true
           platforms: linux/amd64
-          build-args: TARGETBUILD=aas
+          build-args: |
+            TARGETBUILD=aas
+            VERSION=0.0.0+test
           tags: budibase/budibase-test:aas
           file: ./hosting/single/Dockerfile.v2

From d1f0e8fca0b4577e8ec0defa39f269727e793d77 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 17:53:23 +0200
Subject: [PATCH 22/48] Fix tests

---
 packages/server/src/tests/jestEnv.ts | 1 +
 packages/worker/src/tests/jestEnv.ts | 1 +
 2 files changed, 2 insertions(+)

diff --git a/packages/server/src/tests/jestEnv.ts b/packages/server/src/tests/jestEnv.ts
index 34c51009aa..c1f32eeec9 100644
--- a/packages/server/src/tests/jestEnv.ts
+++ b/packages/server/src/tests/jestEnv.ts
@@ -9,3 +9,4 @@ process.env.LOG_LEVEL = process.env.LOG_LEVEL || "error"
 process.env.MOCK_REDIS = "1"
 process.env.PLATFORM_URL = "http://localhost:10000"
 process.env.REDIS_PASSWORD = "budibase"
+process.env.VERSION = "0.0.0+jest"
diff --git a/packages/worker/src/tests/jestEnv.ts b/packages/worker/src/tests/jestEnv.ts
index 9153676b8e..f6de4e0fd2 100644
--- a/packages/worker/src/tests/jestEnv.ts
+++ b/packages/worker/src/tests/jestEnv.ts
@@ -10,3 +10,4 @@ process.env.PLATFORM_URL = "http://localhost:10000"
 process.env.INTERNAL_API_KEY = "tet"
 process.env.DISABLE_ACCOUNT_PORTAL = "0"
 process.env.MOCK_REDIS = "1"
+process.env.VERSION = "0.0.0+jest"

From 71869badfa26e57035582bca3f3d670a9fc7a8c0 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 19:19:35 +0200
Subject: [PATCH 23/48] Fix tests

---
 packages/server/src/api/routes/tests/debug.spec.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/server/src/api/routes/tests/debug.spec.ts b/packages/server/src/api/routes/tests/debug.spec.ts
index 23ee43fc73..26e98d93f9 100644
--- a/packages/server/src/api/routes/tests/debug.spec.ts
+++ b/packages/server/src/api/routes/tests/debug.spec.ts
@@ -41,7 +41,7 @@ describe("/component", () => {
         .expect("Content-Type", /json/)
         .expect(200)
       expect(res.body).toEqual({
-        budibaseVersion: "0.0.0",
+        budibaseVersion: "0.0.0+jest",
         cpuArch: "arm64",
         cpuCores: 1,
         cpuInfo: "test",

From e7459bb5e704685338032509334933f9fd80dede Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Fri, 20 Oct 2023 20:42:58 +0200
Subject: [PATCH 24/48] Fix test

---
 packages/server/src/api/routes/tests/dev.spec.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/packages/server/src/api/routes/tests/dev.spec.js b/packages/server/src/api/routes/tests/dev.spec.js
index 111f3dbd5b..af1dc82a9d 100644
--- a/packages/server/src/api/routes/tests/dev.spec.js
+++ b/packages/server/src/api/routes/tests/dev.spec.js
@@ -1,6 +1,6 @@
 const setup = require("./utilities")
 const { events } = require("@budibase/backend-core")
-const version = require("../../../../package.json").version
+
 
 describe("/dev", () => {
   let request = setup.getRequest()
@@ -32,9 +32,9 @@ describe("/dev", () => {
         .expect("Content-Type", /json/)
         .expect(200)
 
-      expect(res.body.version).toBe(version)
+      expect(res.body.version).toBe('0.0.0+jest')
       expect(events.installation.versionChecked).toBeCalledTimes(1)
-      expect(events.installation.versionChecked).toBeCalledWith(version)
+      expect(events.installation.versionChecked).toBeCalledWith('0.0.0+jest')
     })
   })
 })
\ No newline at end of file

From 4ee1fd0f7ad53a5ed6c08d202826a2b227adf4c1 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Mon, 23 Oct 2023 12:23:44 +0200
Subject: [PATCH 25/48] Default to package.json

---
 packages/backend-core/src/environment.ts | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/packages/backend-core/src/environment.ts b/packages/backend-core/src/environment.ts
index 4fb8b5fdca..a0905fb0f5 100644
--- a/packages/backend-core/src/environment.ts
+++ b/packages/backend-core/src/environment.ts
@@ -49,6 +49,7 @@ function httpLogging() {
 }
 
 function getPackageJsonFields(): {
+  VERSION: string
   SERVICE_NAME: string
 } {
   function findFileInAncestors(
@@ -74,11 +75,12 @@ function getPackageJsonFields(): {
     const content = readFileSync(packageJsonFile!, "utf-8")
     const parsedContent = JSON.parse(content)
     return {
+      VERSION: process.env.VERSION || parsedContent.version,
       SERVICE_NAME: parsedContent.name,
     }
   } catch {
     // throwing an error here is confusing/causes backend-core to be hard to import
-    return { SERVICE_NAME: "" }
+    return { VERSION: process.env.VERSION || "", SERVICE_NAME: "" }
   }
 }
 
@@ -171,7 +173,6 @@ const environment = {
   ENABLE_SSO_MAINTENANCE_MODE: selfHosted
     ? process.env.ENABLE_SSO_MAINTENANCE_MODE
     : false,
-  VERSION: process.env.VERSION!,
   ...getPackageJsonFields(),
   DISABLE_PINO_LOGGER: process.env.DISABLE_PINO_LOGGER,
   OFFLINE_MODE: process.env.OFFLINE_MODE,

From 648410348d2c2f0c9a3ce1e2d2a34b0ca4f5f80e Mon Sep 17 00:00:00 2001
From: jvcalderon <jose@budibase.com>
Date: Mon, 23 Oct 2023 13:27:59 +0200
Subject: [PATCH 26/48] [Revert] [Added] Per user per creator changes

---
 .../backend-core/src/cache/writethrough.ts    |   4 +-
 packages/backend-core/src/users/db.ts         | 116 ++++++++----------
 packages/backend-core/src/users/users.ts      |  13 --
 packages/backend-core/src/users/utils.ts      |   1 -
 .../tests/core/users/users.spec.js            |  54 --------
 .../core/utilities/structures/licenses.ts     |  13 --
 .../tests/core/utilities/structures/quotas.ts |   5 +-
 packages/pro                                  |   2 +-
 .../src/migrations/functions/syncQuotas.ts    |   2 -
 .../functions/usageQuotas/syncCreators.ts     |  13 --
 .../usageQuotas/tests/syncCreators.spec.ts    |  26 ----
 .../shared-core/src/sdk/documents/users.ts    |  25 ----
 packages/types/src/documents/global/quotas.ts |   1 -
 packages/types/src/sdk/featureFlag.ts         |   3 -
 packages/types/src/sdk/licensing/billing.ts   |   7 --
 packages/types/src/sdk/licensing/plan.ts      |   4 -
 packages/types/src/sdk/licensing/quota.ts     |   2 -
 17 files changed, 55 insertions(+), 236 deletions(-)
 delete mode 100644 packages/backend-core/tests/core/users/users.spec.js
 delete mode 100644 packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
 delete mode 100644 packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts

diff --git a/packages/backend-core/src/cache/writethrough.ts b/packages/backend-core/src/cache/writethrough.ts
index c331d791a6..e64c116663 100644
--- a/packages/backend-core/src/cache/writethrough.ts
+++ b/packages/backend-core/src/cache/writethrough.ts
@@ -119,8 +119,8 @@ export class Writethrough {
     this.writeRateMs = writeRateMs
   }
 
-  async put(doc: any, writeRateMs: number = this.writeRateMs) {
-    return put(this.db, doc, writeRateMs)
+  async put(doc: any) {
+    return put(this.db, doc, this.writeRateMs)
   }
 
   async get(id: string) {
diff --git a/packages/backend-core/src/users/db.ts b/packages/backend-core/src/users/db.ts
index daa09bee6f..a2539e836e 100644
--- a/packages/backend-core/src/users/db.ts
+++ b/packages/backend-core/src/users/db.ts
@@ -25,17 +25,12 @@ import {
 import {
   getAccountHolderFromUserIds,
   isAdmin,
-  isCreator,
   validateUniqueUser,
 } from "./utils"
 import { searchExistingEmails } from "./lookup"
 import { hash } from "../utils"
 
-type QuotaUpdateFn = (
-  change: number,
-  creatorsChange: number,
-  cb?: () => Promise<any>
-) => Promise<any>
+type QuotaUpdateFn = (change: number, cb?: () => Promise<any>) => Promise<any>
 type GroupUpdateFn = (groupId: string, userIds: string[]) => Promise<any>
 type FeatureFn = () => Promise<Boolean>
 type GroupGetFn = (ids: string[]) => Promise<UserGroup[]>
@@ -250,8 +245,7 @@ export class UserDB {
     }
 
     const change = dbUser ? 0 : 1 // no change if there is existing user
-    const creatorsChange = isCreator(dbUser) !== isCreator(user) ? 1 : 0
-    return UserDB.quotas.addUsers(change, creatorsChange, async () => {
+    return UserDB.quotas.addUsers(change, async () => {
       await validateUniqueUser(email, tenantId)
 
       let builtUser = await UserDB.buildUser(user, opts, tenantId, dbUser)
@@ -313,7 +307,6 @@ export class UserDB {
 
     let usersToSave: any[] = []
     let newUsers: any[] = []
-    let newCreators: any[] = []
 
     const emails = newUsersRequested.map((user: User) => user.email)
     const existingEmails = await searchExistingEmails(emails)
@@ -334,66 +327,59 @@ export class UserDB {
       }
       newUser.userGroups = groups
       newUsers.push(newUser)
-      if (isCreator(newUser)) {
-        newCreators.push(newUser)
-      }
     }
 
     const account = await accountSdk.getAccountByTenantId(tenantId)
-    return UserDB.quotas.addUsers(
-      newUsers.length,
-      newCreators.length,
-      async () => {
-        // create the promises array that will be called by bulkDocs
-        newUsers.forEach((user: any) => {
-          usersToSave.push(
-            UserDB.buildUser(
-              user,
-              {
-                hashPassword: true,
-                requirePassword: user.requirePassword,
-              },
-              tenantId,
-              undefined, // no dbUser
-              account
-            )
+    return UserDB.quotas.addUsers(newUsers.length, async () => {
+      // create the promises array that will be called by bulkDocs
+      newUsers.forEach((user: any) => {
+        usersToSave.push(
+          UserDB.buildUser(
+            user,
+            {
+              hashPassword: true,
+              requirePassword: user.requirePassword,
+            },
+            tenantId,
+            undefined, // no dbUser
+            account
           )
-        })
+        )
+      })
 
-        const usersToBulkSave = await Promise.all(usersToSave)
-        await usersCore.bulkUpdateGlobalUsers(usersToBulkSave)
+      const usersToBulkSave = await Promise.all(usersToSave)
+      await usersCore.bulkUpdateGlobalUsers(usersToBulkSave)
 
-        // Post-processing of bulk added users, e.g. events and cache operations
-        for (const user of usersToBulkSave) {
-          // TODO: Refactor to bulk insert users into the info db
-          // instead of relying on looping tenant creation
-          await platform.users.addUser(tenantId, user._id, user.email)
-          await eventHelpers.handleSaveEvents(user, undefined)
-        }
-
-        const saved = usersToBulkSave.map(user => {
-          return {
-            _id: user._id,
-            email: user.email,
-          }
-        })
-
-        // now update the groups
-        if (Array.isArray(saved) && groups) {
-          const groupPromises = []
-          const createdUserIds = saved.map(user => user._id)
-          for (let groupId of groups) {
-            groupPromises.push(UserDB.groups.addUsers(groupId, createdUserIds))
-          }
-          await Promise.all(groupPromises)
-        }
-
-        return {
-          successful: saved,
-          unsuccessful,
-        }
+      // Post-processing of bulk added users, e.g. events and cache operations
+      for (const user of usersToBulkSave) {
+        // TODO: Refactor to bulk insert users into the info db
+        // instead of relying on looping tenant creation
+        await platform.users.addUser(tenantId, user._id, user.email)
+        await eventHelpers.handleSaveEvents(user, undefined)
       }
-    )
+
+      const saved = usersToBulkSave.map(user => {
+        return {
+          _id: user._id,
+          email: user.email,
+        }
+      })
+
+      // now update the groups
+      if (Array.isArray(saved) && groups) {
+        const groupPromises = []
+        const createdUserIds = saved.map(user => user._id)
+        for (let groupId of groups) {
+          groupPromises.push(UserDB.groups.addUsers(groupId, createdUserIds))
+        }
+        await Promise.all(groupPromises)
+      }
+
+      return {
+        successful: saved,
+        unsuccessful,
+      }
+    })
   }
 
   static async bulkDelete(userIds: string[]): Promise<BulkUserDeleted> {
@@ -433,12 +419,11 @@ export class UserDB {
       _deleted: true,
     }))
     const dbResponse = await usersCore.bulkUpdateGlobalUsers(toDelete)
-    const creatorsToDelete = usersToDelete.filter(isCreator)
 
+    await UserDB.quotas.removeUsers(toDelete.length)
     for (let user of usersToDelete) {
       await bulkDeleteProcessing(user)
     }
-    await UserDB.quotas.removeUsers(toDelete.length, creatorsToDelete.length)
 
     // Build Response
     // index users by id
@@ -487,8 +472,7 @@ export class UserDB {
 
     await db.remove(userId, dbUser._rev)
 
-    const creatorsToDelete = isCreator(dbUser) ? 1 : 0
-    await UserDB.quotas.removeUsers(1, creatorsToDelete)
+    await UserDB.quotas.removeUsers(1)
     await eventHelpers.handleDeleteEvents(dbUser)
     await cache.user.invalidateUser(userId)
     await sessions.invalidateSessions(userId, { reason: "deletion" })
diff --git a/packages/backend-core/src/users/users.ts b/packages/backend-core/src/users/users.ts
index bad108ab84..30b9e0a45f 100644
--- a/packages/backend-core/src/users/users.ts
+++ b/packages/backend-core/src/users/users.ts
@@ -287,19 +287,6 @@ export async function getUserCount() {
   return response.total_rows
 }
 
-export async function getCreatorCount() {
-  let creators = 0
-  async function iterate(startPage?: string) {
-    const page = await paginatedUsers({ bookmark: startPage })
-    creators += page.data.filter(isCreator).length
-    if (page.hasNextPage) {
-      await iterate(page.nextPage)
-    }
-  }
-  await iterate()
-  return creators
-}
-
 // used to remove the builder/admin permissions, for processing the
 // user as an app user (they may have some specific role/group
 export function removePortalUserPermissions(user: User | ContextUser) {
diff --git a/packages/backend-core/src/users/utils.ts b/packages/backend-core/src/users/utils.ts
index 0ef4b77998..af0e8e10c7 100644
--- a/packages/backend-core/src/users/utils.ts
+++ b/packages/backend-core/src/users/utils.ts
@@ -10,7 +10,6 @@ import { getAccountByTenantId } from "../accounts"
 // extract from shared-core to make easily accessible from backend-core
 export const isBuilder = sdk.users.isBuilder
 export const isAdmin = sdk.users.isAdmin
-export const isCreator = sdk.users.isCreator
 export const isGlobalBuilder = sdk.users.isGlobalBuilder
 export const isAdminOrBuilder = sdk.users.isAdminOrBuilder
 export const hasAdminPermissions = sdk.users.hasAdminPermissions
diff --git a/packages/backend-core/tests/core/users/users.spec.js b/packages/backend-core/tests/core/users/users.spec.js
deleted file mode 100644
index ae7109344a..0000000000
--- a/packages/backend-core/tests/core/users/users.spec.js
+++ /dev/null
@@ -1,54 +0,0 @@
-const _ = require('lodash/fp')
-const {structures} = require("../../../tests")
-
-jest.mock("../../../src/context")
-jest.mock("../../../src/db")
-
-const context = require("../../../src/context")
-const db = require("../../../src/db")
-
-const {getCreatorCount} = require('../../../src/users/users')
-
-describe("Users", () => {
-
-  let getGlobalDBMock
-  let getGlobalUserParamsMock
-  let paginationMock
-
-  beforeEach(() => {
-    jest.resetAllMocks()
-
-    getGlobalDBMock = jest.spyOn(context, "getGlobalDB")
-    getGlobalUserParamsMock = jest.spyOn(db, "getGlobalUserParams")
-    paginationMock = jest.spyOn(db, "pagination")
-  })
-
-  it("Retrieves the number of creators", async () => {
-    const getUsers = (offset, limit, creators = false) => {
-      const range = _.range(offset, limit)
-      const opts = creators ? {builder: {global: true}} : undefined
-      return range.map(() => structures.users.user(opts))
-    }
-    const page1Data = getUsers(0, 8)
-    const page2Data = getUsers(8, 12, true)
-    getGlobalDBMock.mockImplementation(() => ({
-      name   : "fake-db",
-      allDocs: () => ({
-        rows: [...page1Data, ...page2Data]
-      })
-    }))
-    paginationMock.mockImplementationOnce(() => ({
-      data: page1Data,
-      hasNextPage: true,
-      nextPage: "1"
-    }))
-    paginationMock.mockImplementation(() => ({
-      data: page2Data,
-      hasNextPage: false,
-      nextPage: undefined
-    }))
-    const creatorsCount = await getCreatorCount()
-    expect(creatorsCount).toBe(4)
-    expect(paginationMock).toHaveBeenCalledTimes(2)
-  })
-})
diff --git a/packages/backend-core/tests/core/utilities/structures/licenses.ts b/packages/backend-core/tests/core/utilities/structures/licenses.ts
index bb452f9ad5..5cce84edfd 100644
--- a/packages/backend-core/tests/core/utilities/structures/licenses.ts
+++ b/packages/backend-core/tests/core/utilities/structures/licenses.ts
@@ -72,11 +72,6 @@ export function quotas(): Quotas {
           value: 1,
           triggers: [],
         },
-        creators: {
-          name: "Creators",
-          value: 1,
-          triggers: [],
-        },
         userGroups: {
           name: "User Groups",
           value: 1,
@@ -123,10 +118,6 @@ export function customer(): Customer {
 export function subscription(): Subscription {
   return {
     amount: 10000,
-    amounts: {
-      user: 10000,
-      creator: 0,
-    },
     cancelAt: undefined,
     currency: "usd",
     currentPeriodEnd: 0,
@@ -135,10 +126,6 @@ export function subscription(): Subscription {
     duration: PriceDuration.MONTHLY,
     pastDueAt: undefined,
     quantity: 0,
-    quantities: {
-      user: 0,
-      creator: 0,
-    },
     status: "active",
   }
 }
diff --git a/packages/backend-core/tests/core/utilities/structures/quotas.ts b/packages/backend-core/tests/core/utilities/structures/quotas.ts
index 8d0b05fe1e..e82117053f 100644
--- a/packages/backend-core/tests/core/utilities/structures/quotas.ts
+++ b/packages/backend-core/tests/core/utilities/structures/quotas.ts
@@ -1,6 +1,6 @@
 import { MonthlyQuotaName, QuotaUsage } from "@budibase/types"
 
-export const usage = (users: number = 0, creators: number = 0): QuotaUsage => {
+export const usage = (): QuotaUsage => {
   return {
     _id: "usage_quota",
     quotaReset: new Date().toISOString(),
@@ -58,8 +58,7 @@ export const usage = (users: number = 0, creators: number = 0): QuotaUsage => {
     usageQuota: {
       apps: 0,
       plugins: 0,
-      users,
-      creators,
+      users: 0,
       userGroups: 0,
       rows: 0,
       triggers: {},
diff --git a/packages/pro b/packages/pro
index 56d968bfe6..1e43861b7e 160000
--- a/packages/pro
+++ b/packages/pro
@@ -1 +1 @@
-Subproject commit 56d968bfe6998e1077d3fce4eb1c9e483d1d6fc9
+Subproject commit 1e43861b7ed7141284ab63a0cf5bd494ec3ab2d1
diff --git a/packages/server/src/migrations/functions/syncQuotas.ts b/packages/server/src/migrations/functions/syncQuotas.ts
index 83a7670e78..67f38ba929 100644
--- a/packages/server/src/migrations/functions/syncQuotas.ts
+++ b/packages/server/src/migrations/functions/syncQuotas.ts
@@ -3,7 +3,6 @@ import * as syncApps from "./usageQuotas/syncApps"
 import * as syncRows from "./usageQuotas/syncRows"
 import * as syncPlugins from "./usageQuotas/syncPlugins"
 import * as syncUsers from "./usageQuotas/syncUsers"
-import * as syncCreators from "./usageQuotas/syncCreators"
 
 /**
  * Synchronise quotas to the state of the db.
@@ -14,6 +13,5 @@ export const run = async () => {
     await syncRows.run()
     await syncPlugins.run()
     await syncUsers.run()
-    await syncCreators.run()
   })
 }
diff --git a/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts b/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
deleted file mode 100644
index ce53be925a..0000000000
--- a/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
+++ /dev/null
@@ -1,13 +0,0 @@
-import { users } from "@budibase/backend-core"
-import { quotas } from "@budibase/pro"
-import { QuotaUsageType, StaticQuotaName } from "@budibase/types"
-
-export const run = async () => {
-  const creatorCount = await users.getCreatorCount()
-  console.log(`Syncing creator count: ${creatorCount}`)
-  await quotas.setUsage(
-    creatorCount,
-    StaticQuotaName.CREATORS,
-    QuotaUsageType.STATIC
-  )
-}
diff --git a/packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts b/packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts
deleted file mode 100644
index 75fa9f217e..0000000000
--- a/packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts
+++ /dev/null
@@ -1,26 +0,0 @@
-import TestConfig from "../../../../tests/utilities/TestConfiguration"
-import * as syncCreators from "../syncCreators"
-import { quotas } from "@budibase/pro"
-
-describe("syncCreators", () => {
-  let config = new TestConfig(false)
-
-  beforeEach(async () => {
-    await config.init()
-  })
-
-  afterAll(config.end)
-
-  it("syncs creators", async () => {
-    return config.doInContext(null, async () => {
-      await config.createUser({ admin: true })
-
-      await syncCreators.run()
-
-      const usageDoc = await quotas.getQuotaUsage()
-      // default + additional creator
-      const creatorsCount = 2
-      expect(usageDoc.usageQuota.creators).toBe(creatorsCount)
-    })
-  })
-})
diff --git a/packages/shared-core/src/sdk/documents/users.ts b/packages/shared-core/src/sdk/documents/users.ts
index b58994aa46..03d86daa85 100644
--- a/packages/shared-core/src/sdk/documents/users.ts
+++ b/packages/shared-core/src/sdk/documents/users.ts
@@ -6,7 +6,6 @@ import {
   InternalTable,
 } from "@budibase/types"
 import { getProdAppID } from "./applications"
-import * as _ from "lodash/fp"
 
 // checks if a user is specifically a builder, given an app ID
 export function isBuilder(user: User | ContextUser, appId?: string): boolean {
@@ -59,18 +58,6 @@ export function hasAppBuilderPermissions(user?: User | ContextUser): boolean {
   return !isGlobalBuilder && appLength != null && appLength > 0
 }
 
-export function hasAppCreatorPermissions(user?: User | ContextUser): boolean {
-  if (!user) {
-    return false
-  }
-  return _.flow(
-    _.get("roles"),
-    _.values,
-    _.find(x => ["CREATOR", "ADMIN"].includes(x)),
-    x => !!x
-  )(user)
-}
-
 // checks if a user is capable of building any app
 export function hasBuilderPermissions(user?: User | ContextUser): boolean {
   if (!user) {
@@ -87,18 +74,6 @@ export function hasAdminPermissions(user?: User | ContextUser): boolean {
   return !!user.admin?.global
 }
 
-export function isCreator(user?: User | ContextUser): boolean {
-  if (!user) {
-    return false
-  }
-  return (
-    isGlobalBuilder(user) ||
-    hasAdminPermissions(user) ||
-    hasAppBuilderPermissions(user) ||
-    hasAppCreatorPermissions(user)
-  )
-}
-
 export function getGlobalUserID(userId?: string): string | undefined {
   if (typeof userId !== "string") {
     return userId
diff --git a/packages/types/src/documents/global/quotas.ts b/packages/types/src/documents/global/quotas.ts
index 4eb1168f7d..61410f7435 100644
--- a/packages/types/src/documents/global/quotas.ts
+++ b/packages/types/src/documents/global/quotas.ts
@@ -32,7 +32,6 @@ export interface StaticUsage {
   [StaticQuotaName.APPS]: number
   [StaticQuotaName.PLUGINS]: number
   [StaticQuotaName.USERS]: number
-  [StaticQuotaName.CREATORS]: number
   [StaticQuotaName.USER_GROUPS]: number
   [StaticQuotaName.ROWS]: number
   triggers: {
diff --git a/packages/types/src/sdk/featureFlag.ts b/packages/types/src/sdk/featureFlag.ts
index e3935bc7ee..53aa4842c4 100644
--- a/packages/types/src/sdk/featureFlag.ts
+++ b/packages/types/src/sdk/featureFlag.ts
@@ -1,8 +1,5 @@
 export enum FeatureFlag {
   LICENSING = "LICENSING",
-  // Feature IDs in Posthog
-  PER_CREATOR_PER_USER_PRICE = "18873",
-  PER_CREATOR_PER_USER_PRICE_ALERT = "18530",
 }
 
 export interface TenantFeatureFlags {
diff --git a/packages/types/src/sdk/licensing/billing.ts b/packages/types/src/sdk/licensing/billing.ts
index bcbc7abd18..35f366c811 100644
--- a/packages/types/src/sdk/licensing/billing.ts
+++ b/packages/types/src/sdk/licensing/billing.ts
@@ -5,17 +5,10 @@ export interface Customer {
   currency: string | null | undefined
 }
 
-export interface SubscriptionItems {
-  user: number | undefined
-  creator: number | undefined
-}
-
 export interface Subscription {
   amount: number
-  amounts: SubscriptionItems | undefined
   currency: string
   quantity: number
-  quantities: SubscriptionItems | undefined
   duration: PriceDuration
   cancelAt: number | null | undefined
   currentPeriodStart: number
diff --git a/packages/types/src/sdk/licensing/plan.ts b/packages/types/src/sdk/licensing/plan.ts
index 1604dfb8af..3e214a01ff 100644
--- a/packages/types/src/sdk/licensing/plan.ts
+++ b/packages/types/src/sdk/licensing/plan.ts
@@ -4,9 +4,7 @@ export enum PlanType {
   PRO = "pro",
   /** @deprecated */
   TEAM = "team",
-  /** @deprecated */
   PREMIUM = "premium",
-  PREMIUM_PLUS = "premium_plus",
   BUSINESS = "business",
   ENTERPRISE = "enterprise",
 }
@@ -28,12 +26,10 @@ export interface AvailablePrice {
   currency: string
   duration: PriceDuration
   priceId: string
-  type?: string
 }
 
 export enum PlanModel {
   PER_USER = "perUser",
-  PER_CREATOR_PER_USER = "per_creator_per_user",
   DAY_PASS = "dayPass",
 }
 
diff --git a/packages/types/src/sdk/licensing/quota.ts b/packages/types/src/sdk/licensing/quota.ts
index 85700f167b..73afa1ed05 100644
--- a/packages/types/src/sdk/licensing/quota.ts
+++ b/packages/types/src/sdk/licensing/quota.ts
@@ -14,7 +14,6 @@ export enum StaticQuotaName {
   ROWS = "rows",
   APPS = "apps",
   USERS = "users",
-  CREATORS = "creators",
   USER_GROUPS = "userGroups",
   PLUGINS = "plugins",
 }
@@ -68,7 +67,6 @@ export type StaticQuotas = {
   [StaticQuotaName.ROWS]: Quota
   [StaticQuotaName.APPS]: Quota
   [StaticQuotaName.USERS]: Quota
-  [StaticQuotaName.CREATORS]: Quota
   [StaticQuotaName.USER_GROUPS]: Quota
   [StaticQuotaName.PLUGINS]: Quota
 }

From a285fb1d4027ca70d77a953ba16bcb74179ba8e1 Mon Sep 17 00:00:00 2001
From: jvcalderon <jose@budibase.com>
Date: Mon, 23 Oct 2023 13:33:27 +0200
Subject: [PATCH 27/48] Missed code in merge

---
 packages/backend-core/src/users/users.ts | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/packages/backend-core/src/users/users.ts b/packages/backend-core/src/users/users.ts
index 30b9e0a45f..d259d5b560 100644
--- a/packages/backend-core/src/users/users.ts
+++ b/packages/backend-core/src/users/users.ts
@@ -14,16 +14,15 @@ import {
 } from "../db"
 import {
   BulkDocsResponse,
+  ContextUser,
   SearchQuery,
   SearchQueryOperators,
   SearchUsersRequest,
   User,
-  ContextUser,
   DatabaseQueryOpts,
 } from "@budibase/types"
-import { getGlobalDB } from "../context"
 import * as context from "../context"
-import { isCreator } from "./utils"
+import { getGlobalDB } from "../context"
 
 type GetOpts = { cleanup?: boolean }
 

From a22aea63a372f32a9a2089fd783cd72ced667378 Mon Sep 17 00:00:00 2001
From: jvcalderon <jose@budibase.com>
Date: Mon, 23 Oct 2023 13:33:56 +0200
Subject: [PATCH 28/48] Update pro submodule

---
 packages/pro | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/pro b/packages/pro
index 1e43861b7e..ee222c4694 160000
--- a/packages/pro
+++ b/packages/pro
@@ -1 +1 @@
-Subproject commit 1e43861b7ed7141284ab63a0cf5bd494ec3ab2d1
+Subproject commit ee222c4694c71716eeb1257f37467fc2231ee166

From 73f3b76c01a924e122e0f2f1de4ab132a333e05f Mon Sep 17 00:00:00 2001
From: Andrew Kingston <andrew@kingston.dev>
Date: Mon, 23 Oct 2023 12:40:29 +0100
Subject: [PATCH 29/48] Update default column visibility check

---
 packages/client/src/components/app/table/Table.svelte | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/client/src/components/app/table/Table.svelte b/packages/client/src/components/app/table/Table.svelte
index 34fa8c204d..7c133f4e17 100644
--- a/packages/client/src/components/app/table/Table.svelte
+++ b/packages/client/src/components/app/table/Table.svelte
@@ -70,7 +70,7 @@
     let columns = []
     let autoColumns = []
     Object.entries(schema).forEach(([field, fieldSchema]) => {
-      if (!fieldSchema.visible) {
+      if (fieldSchema.visible === false) {
         return
       }
       if (!fieldSchema?.autocolumn) {

From 0cc7cc67a388db38fbb03bbcf2adb1ce3ed3b364 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Mon, 23 Oct 2023 13:53:18 +0200
Subject: [PATCH 30/48] Renames

---
 .github/workflows/release-singleimage-test.yml | 4 ++--
 hosting/docker-compose.build.yaml              | 4 ++--
 hosting/single/Dockerfile.v2                   | 6 +++---
 packages/server/Dockerfile.v2                  | 6 +++---
 packages/server/package.json                   | 2 +-
 packages/worker/Dockerfile.v2                  | 6 +++---
 packages/worker/package.json                   | 2 +-
 scripts/build-single-image.sh                  | 2 +-
 8 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/release-singleimage-test.yml b/.github/workflows/release-singleimage-test.yml
index 3d6c0d2b3c..c3a14226ce 100644
--- a/.github/workflows/release-singleimage-test.yml
+++ b/.github/workflows/release-singleimage-test.yml
@@ -54,7 +54,7 @@ jobs:
           push: true
           pull: true
           platforms: linux/amd64,linux/arm64
-          build-args: VERSION=0.0.0+test
+          build-args: BUDIBASE_VERSION=0.0.0+test
           tags: budibase/budibase-test:test
           file: ./hosting/single/Dockerfile.v2
           cache-from: type=registry,ref=budibase/budibase-test:test
@@ -67,6 +67,6 @@ jobs:
           platforms: linux/amd64
           build-args: |
             TARGETBUILD=aas
-            VERSION=0.0.0+test
+            BUDIBASE_VERSION=0.0.0+test
           tags: budibase/budibase-test:aas
           file: ./hosting/single/Dockerfile.v2
diff --git a/hosting/docker-compose.build.yaml b/hosting/docker-compose.build.yaml
index 19ce9b5473..7ead001a1c 100644
--- a/hosting/docker-compose.build.yaml
+++ b/hosting/docker-compose.build.yaml
@@ -8,7 +8,7 @@ services:
       context: ..
       dockerfile: packages/server/Dockerfile.v2
       args:
-        - VERSION=0.0.0+dev-docker
+        - BUDIBASE_VERSION=0.0.0+dev-docker
     container_name: build-bbapps
     environment:
       SELF_HOSTED: 1
@@ -38,7 +38,7 @@ services:
       context: ..
       dockerfile: packages/worker/Dockerfile.v2
       args:
-        - VERSION=0.0.0+dev-docker
+        - BUDIBASE_VERSION=0.0.0+dev-docker
     container_name: build-bbworker
     environment:
       SELF_HOSTED: 1
diff --git a/hosting/single/Dockerfile.v2 b/hosting/single/Dockerfile.v2
index ecc223be15..3b994ce0e6 100644
--- a/hosting/single/Dockerfile.v2
+++ b/hosting/single/Dockerfile.v2
@@ -118,9 +118,9 @@ EXPOSE 443
 EXPOSE 2222
 VOLUME /data
 
-ARG VERSION
-RUN test -n "$VERSION"
-ENV VERSION=$VERSION
+ARG BUDIBASE_VERSION
+RUN test -n "$BUDIBASE_VERSION"
+ENV BUDIBASE_VERSION=$VERSION
 
 HEALTHCHECK --interval=15s --timeout=15s --start-period=45s CMD "/healthcheck.sh"
 
diff --git a/packages/server/Dockerfile.v2 b/packages/server/Dockerfile.v2
index 339cefcc45..341fe5ee34 100644
--- a/packages/server/Dockerfile.v2
+++ b/packages/server/Dockerfile.v2
@@ -67,9 +67,9 @@ COPY packages/server/docker_run.sh .
 COPY packages/server/builder/ builder/
 COPY packages/server/client/ client/
 
-ARG VERSION
-RUN test -n "$VERSION"
-ENV VERSION=$VERSION
+ARG BUDIBASE_VERSION
+RUN test -n "$BUDIBASE_VERSION"
+ENV BUDIBASE_VERSION=$VERSION
 
 EXPOSE 4001
 
diff --git a/packages/server/package.json b/packages/server/package.json
index 0636eebe77..4a858f3be9 100644
--- a/packages/server/package.json
+++ b/packages/server/package.json
@@ -18,7 +18,7 @@
     "test": "bash scripts/test.sh",
     "test:memory": "jest --maxWorkers=2 --logHeapUsage --forceExit",
     "test:watch": "jest --watch",
-    "build:docker": "yarn build && docker build . -t app-service --label version=$BUDIBASE_RELEASE_VERSION --build-arg VERSION=$BUDIBASE_RELEASE_VERSION",
+    "build:docker": "yarn build && docker build . -t app-service --label version=$BUDIBASE_RELEASE_VERSION --build-arg BUDIBASE_VERSION=$BUDIBASE_RELEASE_VERSION",
     "run:docker": "node dist/index.js",
     "run:docker:cluster": "pm2-runtime start pm2.config.js",
     "dev:stack:up": "node scripts/dev/manage.js up",
diff --git a/packages/worker/Dockerfile.v2 b/packages/worker/Dockerfile.v2
index 20fcd4a69b..ed3817e89d 100644
--- a/packages/worker/Dockerfile.v2
+++ b/packages/worker/Dockerfile.v2
@@ -50,8 +50,8 @@ ENV POSTHOG_TOKEN=phc_bIjZL7oh2GEUd2vqvTBH8WvrX0fWTFQMs6H5KQxiUxU
 ENV TENANT_FEATURE_FLAGS=*:LICENSING,*:USER_GROUPS,*:ONBOARDING_TOUR
 ENV ACCOUNT_PORTAL_URL=https://account.budibase.app
 
-ARG VERSION
-RUN test -n "$VERSION"
-ENV VERSION=$VERSION
+ARG BUDIBASE_VERSION
+RUN test -n "$BUDIBASE_VERSION"
+ENV BUDIBASE_VERSION=$VERSION
 
 CMD ["./docker_run.sh"]
diff --git a/packages/worker/package.json b/packages/worker/package.json
index 0a75eac522..205bf3309a 100644
--- a/packages/worker/package.json
+++ b/packages/worker/package.json
@@ -20,7 +20,7 @@
     "run:docker": "node dist/index.js",
     "debug": "yarn build && node --expose-gc --inspect=9223 dist/index.js",
     "run:docker:cluster": "pm2-runtime start pm2.config.js",
-    "build:docker": "yarn build && docker build . -t worker-service --label version=$BUDIBASE_RELEASE_VERSION --build-arg VERSION=$BUDIBASE_RELEASE_VERSION",
+    "build:docker": "yarn build && docker build . -t worker-service --label version=$BUDIBASE_RELEASE_VERSION --build-arg BUDIBASE_VERSION=$BUDIBASE_RELEASE_VERSION",
     "dev:stack:init": "node ./scripts/dev/manage.js init",
     "dev:builder": "npm run dev:stack:init && nodemon",
     "dev:built": "yarn run dev:stack:init && yarn run run:docker",
diff --git a/scripts/build-single-image.sh b/scripts/build-single-image.sh
index 216d758fae..ed3d9a8ed6 100755
--- a/scripts/build-single-image.sh
+++ b/scripts/build-single-image.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
 yarn build --scope @budibase/server --scope @budibase/worker
 version=$(./scripts/getCurrentVersion.sh)
-docker build -f hosting/single/Dockerfile.v2 -t budibase:latest --build-arg VERSION=$version .
+docker build -f hosting/single/Dockerfile.v2 -t budibase:latest --build-arg BUDIBASE_VERSION=$version .

From 3c16e820354c9b8b9ee03ad8e34ad304fb504d60 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Mon, 23 Oct 2023 13:55:23 +0200
Subject: [PATCH 31/48] Comment docker

---
 hosting/single/Dockerfile.v2  | 1 +
 packages/server/Dockerfile.v2 | 1 +
 packages/worker/Dockerfile.v2 | 1 +
 3 files changed, 3 insertions(+)

diff --git a/hosting/single/Dockerfile.v2 b/hosting/single/Dockerfile.v2
index 3b994ce0e6..66ce0f1c4d 100644
--- a/hosting/single/Dockerfile.v2
+++ b/hosting/single/Dockerfile.v2
@@ -119,6 +119,7 @@ EXPOSE 2222
 VOLUME /data
 
 ARG BUDIBASE_VERSION
+# Ensuring the version argument is sent
 RUN test -n "$BUDIBASE_VERSION"
 ENV BUDIBASE_VERSION=$VERSION
 
diff --git a/packages/server/Dockerfile.v2 b/packages/server/Dockerfile.v2
index 341fe5ee34..5035dc748f 100644
--- a/packages/server/Dockerfile.v2
+++ b/packages/server/Dockerfile.v2
@@ -68,6 +68,7 @@ COPY packages/server/builder/ builder/
 COPY packages/server/client/ client/
 
 ARG BUDIBASE_VERSION
+# Ensuring the version argument is sent
 RUN test -n "$BUDIBASE_VERSION"
 ENV BUDIBASE_VERSION=$VERSION
 
diff --git a/packages/worker/Dockerfile.v2 b/packages/worker/Dockerfile.v2
index ed3817e89d..78eba2d3d8 100644
--- a/packages/worker/Dockerfile.v2
+++ b/packages/worker/Dockerfile.v2
@@ -51,6 +51,7 @@ ENV TENANT_FEATURE_FLAGS=*:LICENSING,*:USER_GROUPS,*:ONBOARDING_TOUR
 ENV ACCOUNT_PORTAL_URL=https://account.budibase.app
 
 ARG BUDIBASE_VERSION
+# Ensuring the version argument is sent
 RUN test -n "$BUDIBASE_VERSION"
 ENV BUDIBASE_VERSION=$VERSION
 

From 3c85f1ce9e4b476062ffc5147f9c1e8bd73fc1f8 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Mon, 23 Oct 2023 13:55:58 +0200
Subject: [PATCH 32/48] Fix after renames

---
 packages/backend-core/src/environment.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/backend-core/src/environment.ts b/packages/backend-core/src/environment.ts
index a0905fb0f5..ed882fe96a 100644
--- a/packages/backend-core/src/environment.ts
+++ b/packages/backend-core/src/environment.ts
@@ -75,12 +75,12 @@ function getPackageJsonFields(): {
     const content = readFileSync(packageJsonFile!, "utf-8")
     const parsedContent = JSON.parse(content)
     return {
-      VERSION: process.env.VERSION || parsedContent.version,
+      VERSION: process.env.BUDIBASE_VERSION || parsedContent.version,
       SERVICE_NAME: parsedContent.name,
     }
   } catch {
     // throwing an error here is confusing/causes backend-core to be hard to import
-    return { VERSION: process.env.VERSION || "", SERVICE_NAME: "" }
+    return { VERSION: process.env.BUDIBASE_VERSION || "", SERVICE_NAME: "" }
   }
 }
 

From e3b342da57eac0f62b061f3c089a8f7c8f91bd0a Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Mon, 23 Oct 2023 13:57:23 +0200
Subject: [PATCH 33/48] Fix after renames

---
 hosting/single/Dockerfile.v2  | 2 +-
 packages/server/Dockerfile.v2 | 2 +-
 packages/worker/Dockerfile.v2 | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/hosting/single/Dockerfile.v2 b/hosting/single/Dockerfile.v2
index 66ce0f1c4d..5b07a51b27 100644
--- a/hosting/single/Dockerfile.v2
+++ b/hosting/single/Dockerfile.v2
@@ -121,7 +121,7 @@ VOLUME /data
 ARG BUDIBASE_VERSION
 # Ensuring the version argument is sent
 RUN test -n "$BUDIBASE_VERSION"
-ENV BUDIBASE_VERSION=$VERSION
+ENV BUDIBASE_VERSION=$BUDIBASE_VERSION
 
 HEALTHCHECK --interval=15s --timeout=15s --start-period=45s CMD "/healthcheck.sh"
 
diff --git a/packages/server/Dockerfile.v2 b/packages/server/Dockerfile.v2
index 5035dc748f..881c21299e 100644
--- a/packages/server/Dockerfile.v2
+++ b/packages/server/Dockerfile.v2
@@ -70,7 +70,7 @@ COPY packages/server/client/ client/
 ARG BUDIBASE_VERSION
 # Ensuring the version argument is sent
 RUN test -n "$BUDIBASE_VERSION"
-ENV BUDIBASE_VERSION=$VERSION
+ENV BUDIBASE_VERSION=$BUDIBASE_VERSION
 
 EXPOSE 4001
 
diff --git a/packages/worker/Dockerfile.v2 b/packages/worker/Dockerfile.v2
index 78eba2d3d8..a8be432827 100644
--- a/packages/worker/Dockerfile.v2
+++ b/packages/worker/Dockerfile.v2
@@ -53,6 +53,6 @@ ENV ACCOUNT_PORTAL_URL=https://account.budibase.app
 ARG BUDIBASE_VERSION
 # Ensuring the version argument is sent
 RUN test -n "$BUDIBASE_VERSION"
-ENV BUDIBASE_VERSION=$VERSION
+ENV BUDIBASE_VERSION=$BUDIBASE_VERSION
 
 CMD ["./docker_run.sh"]

From 453c0744be8d8b3721a2d760d56dcd616d8abf76 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Mon, 23 Oct 2023 15:20:44 +0200
Subject: [PATCH 34/48] Fix tests

---
 packages/server/src/tests/jestEnv.ts | 2 +-
 packages/worker/src/tests/jestEnv.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/server/src/tests/jestEnv.ts b/packages/server/src/tests/jestEnv.ts
index c1f32eeec9..4763208c54 100644
--- a/packages/server/src/tests/jestEnv.ts
+++ b/packages/server/src/tests/jestEnv.ts
@@ -9,4 +9,4 @@ process.env.LOG_LEVEL = process.env.LOG_LEVEL || "error"
 process.env.MOCK_REDIS = "1"
 process.env.PLATFORM_URL = "http://localhost:10000"
 process.env.REDIS_PASSWORD = "budibase"
-process.env.VERSION = "0.0.0+jest"
+process.env.BUDIBASE_VERSION = "0.0.0+jest"
diff --git a/packages/worker/src/tests/jestEnv.ts b/packages/worker/src/tests/jestEnv.ts
index f6de4e0fd2..9bd258c43c 100644
--- a/packages/worker/src/tests/jestEnv.ts
+++ b/packages/worker/src/tests/jestEnv.ts
@@ -10,4 +10,4 @@ process.env.PLATFORM_URL = "http://localhost:10000"
 process.env.INTERNAL_API_KEY = "tet"
 process.env.DISABLE_ACCOUNT_PORTAL = "0"
 process.env.MOCK_REDIS = "1"
-process.env.VERSION = "0.0.0+jest"
+process.env.BUDIBASE_VERSION = "0.0.0+jest"

From bc4dd8e1c99fafb335dc79daa78e47ded56e9498 Mon Sep 17 00:00:00 2001
From: jvcalderon <jose@budibase.com>
Date: Mon, 23 Oct 2023 15:43:44 +0200
Subject: [PATCH 35/48] Update pro submodule

---
 packages/pro | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/pro b/packages/pro
index ee222c4694..f7e7cffe42 160000
--- a/packages/pro
+++ b/packages/pro
@@ -1 +1 @@
-Subproject commit ee222c4694c71716eeb1257f37467fc2231ee166
+Subproject commit f7e7cffe422086d9449c2075a74a378c16caff9d

From 7623ffd11e6340bb732b6e00398f4dc37862e1f9 Mon Sep 17 00:00:00 2001
From: Budibase Staging Release Bot <>
Date: Mon, 23 Oct 2023 14:13:18 +0000
Subject: [PATCH 36/48] Bump version to 2.11.42

---
 lerna.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lerna.json b/lerna.json
index 4b2bbb05d5..4fd5161891 100644
--- a/lerna.json
+++ b/lerna.json
@@ -1,5 +1,5 @@
 {
-  "version": "2.11.41",
+  "version": "2.11.42",
   "npmClient": "yarn",
   "packages": [
     "packages/*"

From f643bc5ee8e94ba6c9db62b25a2320589699090f Mon Sep 17 00:00:00 2001
From: jvcalderon <jose@budibase.com>
Date: Tue, 24 Oct 2023 10:24:00 +0200
Subject: [PATCH 37/48] Keep only migrations

---
 packages/backend-core/src/users/users.ts      | 16 +++++++++++-
 packages/backend-core/src/users/utils.ts      |  1 +
 .../core/utilities/structures/licenses.ts     |  5 ++++
 .../tests/core/utilities/structures/quotas.ts |  5 ++--
 packages/pro                                  |  2 +-
 .../src/migrations/functions/syncQuotas.ts    |  2 ++
 .../functions/usageQuotas/syncCreators.ts     | 14 ++++++++++
 .../usageQuotas/tests/syncCreators.spec.ts    | 26 +++++++++++++++++++
 .../shared-core/src/sdk/documents/users.ts    | 25 ++++++++++++++++++
 packages/types/src/documents/global/quotas.ts |  1 +
 packages/types/src/sdk/licensing/quota.ts     |  2 ++
 11 files changed, 95 insertions(+), 4 deletions(-)
 create mode 100644 packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
 create mode 100644 packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts

diff --git a/packages/backend-core/src/users/users.ts b/packages/backend-core/src/users/users.ts
index d259d5b560..6237c23972 100644
--- a/packages/backend-core/src/users/users.ts
+++ b/packages/backend-core/src/users/users.ts
@@ -21,8 +21,9 @@ import {
   User,
   DatabaseQueryOpts,
 } from "@budibase/types"
-import * as context from "../context"
 import { getGlobalDB } from "../context"
+import * as context from "../context"
+import { isCreator } from "./utils"
 
 type GetOpts = { cleanup?: boolean }
 
@@ -286,6 +287,19 @@ export async function getUserCount() {
   return response.total_rows
 }
 
+export async function getCreatorCount() {
+  let creators = 0
+  async function iterate(startPage?: string) {
+    const page = await paginatedUsers({ bookmark: startPage })
+    creators += page.data.filter(isCreator).length
+    if (page.hasNextPage) {
+      await iterate(page.nextPage)
+    }
+  }
+  await iterate()
+  return creators
+}
+
 // used to remove the builder/admin permissions, for processing the
 // user as an app user (they may have some specific role/group
 export function removePortalUserPermissions(user: User | ContextUser) {
diff --git a/packages/backend-core/src/users/utils.ts b/packages/backend-core/src/users/utils.ts
index af0e8e10c7..0ef4b77998 100644
--- a/packages/backend-core/src/users/utils.ts
+++ b/packages/backend-core/src/users/utils.ts
@@ -10,6 +10,7 @@ import { getAccountByTenantId } from "../accounts"
 // extract from shared-core to make easily accessible from backend-core
 export const isBuilder = sdk.users.isBuilder
 export const isAdmin = sdk.users.isAdmin
+export const isCreator = sdk.users.isCreator
 export const isGlobalBuilder = sdk.users.isGlobalBuilder
 export const isAdminOrBuilder = sdk.users.isAdminOrBuilder
 export const hasAdminPermissions = sdk.users.hasAdminPermissions
diff --git a/packages/backend-core/tests/core/utilities/structures/licenses.ts b/packages/backend-core/tests/core/utilities/structures/licenses.ts
index 5cce84edfd..0e34f2e9bb 100644
--- a/packages/backend-core/tests/core/utilities/structures/licenses.ts
+++ b/packages/backend-core/tests/core/utilities/structures/licenses.ts
@@ -72,6 +72,11 @@ export function quotas(): Quotas {
           value: 1,
           triggers: [],
         },
+        creators: {
+          name: "Creators",
+          value: 1,
+          triggers: [],
+        },
         userGroups: {
           name: "User Groups",
           value: 1,
diff --git a/packages/backend-core/tests/core/utilities/structures/quotas.ts b/packages/backend-core/tests/core/utilities/structures/quotas.ts
index e82117053f..8d0b05fe1e 100644
--- a/packages/backend-core/tests/core/utilities/structures/quotas.ts
+++ b/packages/backend-core/tests/core/utilities/structures/quotas.ts
@@ -1,6 +1,6 @@
 import { MonthlyQuotaName, QuotaUsage } from "@budibase/types"
 
-export const usage = (): QuotaUsage => {
+export const usage = (users: number = 0, creators: number = 0): QuotaUsage => {
   return {
     _id: "usage_quota",
     quotaReset: new Date().toISOString(),
@@ -58,7 +58,8 @@ export const usage = (): QuotaUsage => {
     usageQuota: {
       apps: 0,
       plugins: 0,
-      users: 0,
+      users,
+      creators,
       userGroups: 0,
       rows: 0,
       triggers: {},
diff --git a/packages/pro b/packages/pro
index f7e7cffe42..271c1b38a5 160000
--- a/packages/pro
+++ b/packages/pro
@@ -1 +1 @@
-Subproject commit f7e7cffe422086d9449c2075a74a378c16caff9d
+Subproject commit 271c1b38a54ba2fd787caa741e437b80d032c9c9
diff --git a/packages/server/src/migrations/functions/syncQuotas.ts b/packages/server/src/migrations/functions/syncQuotas.ts
index 67f38ba929..83a7670e78 100644
--- a/packages/server/src/migrations/functions/syncQuotas.ts
+++ b/packages/server/src/migrations/functions/syncQuotas.ts
@@ -3,6 +3,7 @@ import * as syncApps from "./usageQuotas/syncApps"
 import * as syncRows from "./usageQuotas/syncRows"
 import * as syncPlugins from "./usageQuotas/syncPlugins"
 import * as syncUsers from "./usageQuotas/syncUsers"
+import * as syncCreators from "./usageQuotas/syncCreators"
 
 /**
  * Synchronise quotas to the state of the db.
@@ -13,5 +14,6 @@ export const run = async () => {
     await syncRows.run()
     await syncPlugins.run()
     await syncUsers.run()
+    await syncCreators.run()
   })
 }
diff --git a/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts b/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
new file mode 100644
index 0000000000..bcc94bf139
--- /dev/null
+++ b/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
@@ -0,0 +1,14 @@
+import { users } from "@budibase/backend-core"
+import { quotas } from "@budibase/pro"
+import { QuotaUsageType, StaticQuotaName } from "@budibase/types"
+
+export const run = async () => {
+  console.log("XXXXXXXXXXXXXXXXXXX2222222222")
+  const creatorCount = await users.getCreatorCount()
+  console.log(`Syncing creator count: ${creatorCount}`)
+  await quotas.setUsage(
+    creatorCount,
+    StaticQuotaName.CREATORS,
+    QuotaUsageType.STATIC
+  )
+}
diff --git a/packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts b/packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts
new file mode 100644
index 0000000000..75fa9f217e
--- /dev/null
+++ b/packages/server/src/migrations/functions/usageQuotas/tests/syncCreators.spec.ts
@@ -0,0 +1,26 @@
+import TestConfig from "../../../../tests/utilities/TestConfiguration"
+import * as syncCreators from "../syncCreators"
+import { quotas } from "@budibase/pro"
+
+describe("syncCreators", () => {
+  let config = new TestConfig(false)
+
+  beforeEach(async () => {
+    await config.init()
+  })
+
+  afterAll(config.end)
+
+  it("syncs creators", async () => {
+    return config.doInContext(null, async () => {
+      await config.createUser({ admin: true })
+
+      await syncCreators.run()
+
+      const usageDoc = await quotas.getQuotaUsage()
+      // default + additional creator
+      const creatorsCount = 2
+      expect(usageDoc.usageQuota.creators).toBe(creatorsCount)
+    })
+  })
+})
diff --git a/packages/shared-core/src/sdk/documents/users.ts b/packages/shared-core/src/sdk/documents/users.ts
index 03d86daa85..b58994aa46 100644
--- a/packages/shared-core/src/sdk/documents/users.ts
+++ b/packages/shared-core/src/sdk/documents/users.ts
@@ -6,6 +6,7 @@ import {
   InternalTable,
 } from "@budibase/types"
 import { getProdAppID } from "./applications"
+import * as _ from "lodash/fp"
 
 // checks if a user is specifically a builder, given an app ID
 export function isBuilder(user: User | ContextUser, appId?: string): boolean {
@@ -58,6 +59,18 @@ export function hasAppBuilderPermissions(user?: User | ContextUser): boolean {
   return !isGlobalBuilder && appLength != null && appLength > 0
 }
 
+export function hasAppCreatorPermissions(user?: User | ContextUser): boolean {
+  if (!user) {
+    return false
+  }
+  return _.flow(
+    _.get("roles"),
+    _.values,
+    _.find(x => ["CREATOR", "ADMIN"].includes(x)),
+    x => !!x
+  )(user)
+}
+
 // checks if a user is capable of building any app
 export function hasBuilderPermissions(user?: User | ContextUser): boolean {
   if (!user) {
@@ -74,6 +87,18 @@ export function hasAdminPermissions(user?: User | ContextUser): boolean {
   return !!user.admin?.global
 }
 
+export function isCreator(user?: User | ContextUser): boolean {
+  if (!user) {
+    return false
+  }
+  return (
+    isGlobalBuilder(user) ||
+    hasAdminPermissions(user) ||
+    hasAppBuilderPermissions(user) ||
+    hasAppCreatorPermissions(user)
+  )
+}
+
 export function getGlobalUserID(userId?: string): string | undefined {
   if (typeof userId !== "string") {
     return userId
diff --git a/packages/types/src/documents/global/quotas.ts b/packages/types/src/documents/global/quotas.ts
index 61410f7435..4eb1168f7d 100644
--- a/packages/types/src/documents/global/quotas.ts
+++ b/packages/types/src/documents/global/quotas.ts
@@ -32,6 +32,7 @@ export interface StaticUsage {
   [StaticQuotaName.APPS]: number
   [StaticQuotaName.PLUGINS]: number
   [StaticQuotaName.USERS]: number
+  [StaticQuotaName.CREATORS]: number
   [StaticQuotaName.USER_GROUPS]: number
   [StaticQuotaName.ROWS]: number
   triggers: {
diff --git a/packages/types/src/sdk/licensing/quota.ts b/packages/types/src/sdk/licensing/quota.ts
index 73afa1ed05..85700f167b 100644
--- a/packages/types/src/sdk/licensing/quota.ts
+++ b/packages/types/src/sdk/licensing/quota.ts
@@ -14,6 +14,7 @@ export enum StaticQuotaName {
   ROWS = "rows",
   APPS = "apps",
   USERS = "users",
+  CREATORS = "creators",
   USER_GROUPS = "userGroups",
   PLUGINS = "plugins",
 }
@@ -67,6 +68,7 @@ export type StaticQuotas = {
   [StaticQuotaName.ROWS]: Quota
   [StaticQuotaName.APPS]: Quota
   [StaticQuotaName.USERS]: Quota
+  [StaticQuotaName.CREATORS]: Quota
   [StaticQuotaName.USER_GROUPS]: Quota
   [StaticQuotaName.PLUGINS]: Quota
 }

From dbc903f3e69648b41cfa8d46de16c4785408d6ef Mon Sep 17 00:00:00 2001
From: jvcalderon <jose@budibase.com>
Date: Tue, 24 Oct 2023 12:03:07 +0200
Subject: [PATCH 38/48] Remove console.log

---
 .../server/src/migrations/functions/usageQuotas/syncCreators.ts  | 1 -
 1 file changed, 1 deletion(-)

diff --git a/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts b/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
index bcc94bf139..ce53be925a 100644
--- a/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
+++ b/packages/server/src/migrations/functions/usageQuotas/syncCreators.ts
@@ -3,7 +3,6 @@ import { quotas } from "@budibase/pro"
 import { QuotaUsageType, StaticQuotaName } from "@budibase/types"
 
 export const run = async () => {
-  console.log("XXXXXXXXXXXXXXXXXXX2222222222")
   const creatorCount = await users.getCreatorCount()
   console.log(`Syncing creator count: ${creatorCount}`)
   await quotas.setUsage(

From 5c1710b5dabd1eb44f26958c9cca6e110e1e66fc Mon Sep 17 00:00:00 2001
From: jvcalderon <jose@budibase.com>
Date: Tue, 24 Oct 2023 12:15:28 +0200
Subject: [PATCH 39/48] Update pro submodule

---
 packages/pro | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/pro b/packages/pro
index 271c1b38a5..d24c0dc3a3 160000
--- a/packages/pro
+++ b/packages/pro
@@ -1 +1 @@
-Subproject commit 271c1b38a54ba2fd787caa741e437b80d032c9c9
+Subproject commit d24c0dc3a30014cbe61860252aa48104cad36376

From 0610117d87b2be2843d78c3265f78fdc2a18824a Mon Sep 17 00:00:00 2001
From: Budibase Staging Release Bot <>
Date: Tue, 24 Oct 2023 10:54:33 +0000
Subject: [PATCH 40/48] Bump version to 2.11.43

---
 lerna.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lerna.json b/lerna.json
index 4fd5161891..11e4e7627a 100644
--- a/lerna.json
+++ b/lerna.json
@@ -1,5 +1,5 @@
 {
-  "version": "2.11.42",
+  "version": "2.11.43",
   "npmClient": "yarn",
   "packages": [
     "packages/*"

From b53158ac083046f0522855a3cb7628e6bd76d526 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Tue, 24 Oct 2023 16:25:14 +0100
Subject: [PATCH 41/48] Moving the client library to be retrieved using the
 same mechanism as we do in development, through the server instance (same as
 the builder itself). This should help with the CDN issues that we have been
 having, although attachments are still currently affected.

---
 .../src/objectStore/buckets/app.ts            | 50 ++++++++-------
 .../src/objectStore/buckets/plugins.ts        | 16 ++---
 .../src/objectStore/objectStore.ts            | 62 ++++++++++++-------
 .../src/api/controllers/static/index.ts       | 49 +++++++++------
 4 files changed, 102 insertions(+), 75 deletions(-)

diff --git a/packages/backend-core/src/objectStore/buckets/app.ts b/packages/backend-core/src/objectStore/buckets/app.ts
index be9fddeaa6..931cbeb78b 100644
--- a/packages/backend-core/src/objectStore/buckets/app.ts
+++ b/packages/backend-core/src/objectStore/buckets/app.ts
@@ -1,37 +1,41 @@
 import env from "../../environment"
 import * as objectStore from "../objectStore"
 import * as cloudfront from "../cloudfront"
+import qs from "querystring"
+
+export function clientLibraryPath(appId: string) {
+  return `${objectStore.sanitizeKey(appId)}/budibase-client.js`
+}
 
 /**
- * In production the client library is stored in the object store, however in development
- * we use the symlinked version produced by lerna, located in node modules. We link to this
- * via a specific endpoint (under /api/assets/client).
- * @param appId In production we need the appId to look up the correct bucket, as the
- * version of the client lib may differ between apps.
- * @param version The version to retrieve.
- * @return The URL to be inserted into appPackage response or server rendered
- * app index file.
+ * Previously we used to serve the client library directly from Cloudfront, however
+ * due to issues with the domain we were unable to continue doing this - keeping
+ * incase we are able to switch back to CDN path again in future.
  */
-export const clientLibraryUrl = (appId: string, version: string) => {
-  if (env.isProd()) {
-    let file = `${objectStore.sanitizeKey(appId)}/budibase-client.js`
-    if (env.CLOUDFRONT_CDN) {
-      // append app version to bust the cache
-      if (version) {
-        file += `?v=${version}`
-      }
-      // don't need to use presigned for client with cloudfront
-      // file is public
-      return cloudfront.getUrl(file)
-    } else {
-      return objectStore.getPresignedUrl(env.APPS_BUCKET_NAME, file)
+export function clientLibraryCDNUrl(appId: string, version: string) {
+  let file = clientLibraryPath(appId)
+  if (env.CLOUDFRONT_CDN) {
+    // append app version to bust the cache
+    if (version) {
+      file += `?v=${version}`
     }
+    // don't need to use presigned for client with cloudfront
+    // file is public
+    return cloudfront.getUrl(file)
   } else {
-    return `/api/assets/client`
+    return objectStore.getPresignedUrl(env.APPS_BUCKET_NAME, file)
   }
 }
 
-export const getAppFileUrl = (s3Key: string) => {
+export function clientLibraryUrl(appId: string, version: string) {
+  const queryString = qs.encode({
+    appId,
+    version,
+  })
+  return `/api/assets/client?${queryString}`
+}
+
+export function getAppFileUrl(s3Key: string) {
   if (env.CLOUDFRONT_CDN) {
     return cloudfront.getPresignedUrl(s3Key)
   } else {
diff --git a/packages/backend-core/src/objectStore/buckets/plugins.ts b/packages/backend-core/src/objectStore/buckets/plugins.ts
index f7721afb23..6f1b7116ae 100644
--- a/packages/backend-core/src/objectStore/buckets/plugins.ts
+++ b/packages/backend-core/src/objectStore/buckets/plugins.ts
@@ -6,7 +6,7 @@ import { Plugin } from "@budibase/types"
 
 // URLS
 
-export const enrichPluginURLs = (plugins: Plugin[]) => {
+export function enrichPluginURLs(plugins: Plugin[]) {
   if (!plugins || !plugins.length) {
     return []
   }
@@ -17,12 +17,12 @@ export const enrichPluginURLs = (plugins: Plugin[]) => {
   })
 }
 
-const getPluginJSUrl = (plugin: Plugin) => {
+function getPluginJSUrl(plugin: Plugin) {
   const s3Key = getPluginJSKey(plugin)
   return getPluginUrl(s3Key)
 }
 
-const getPluginIconUrl = (plugin: Plugin): string | undefined => {
+function getPluginIconUrl(plugin: Plugin): string | undefined {
   const s3Key = getPluginIconKey(plugin)
   if (!s3Key) {
     return
@@ -30,7 +30,7 @@ const getPluginIconUrl = (plugin: Plugin): string | undefined => {
   return getPluginUrl(s3Key)
 }
 
-const getPluginUrl = (s3Key: string) => {
+function getPluginUrl(s3Key: string) {
   if (env.CLOUDFRONT_CDN) {
     return cloudfront.getPresignedUrl(s3Key)
   } else {
@@ -40,11 +40,11 @@ const getPluginUrl = (s3Key: string) => {
 
 // S3 KEYS
 
-export const getPluginJSKey = (plugin: Plugin) => {
+export function getPluginJSKey(plugin: Plugin) {
   return getPluginS3Key(plugin, "plugin.min.js")
 }
 
-export const getPluginIconKey = (plugin: Plugin) => {
+export function getPluginIconKey(plugin: Plugin) {
   // stored iconUrl is deprecated - hardcode to icon.svg in this case
   const iconFileName = plugin.iconUrl ? "icon.svg" : plugin.iconFileName
   if (!iconFileName) {
@@ -53,12 +53,12 @@ export const getPluginIconKey = (plugin: Plugin) => {
   return getPluginS3Key(plugin, iconFileName)
 }
 
-const getPluginS3Key = (plugin: Plugin, fileName: string) => {
+function getPluginS3Key(plugin: Plugin, fileName: string) {
   const s3Key = getPluginS3Dir(plugin.name)
   return `${s3Key}/${fileName}`
 }
 
-export const getPluginS3Dir = (pluginName: string) => {
+export function getPluginS3Dir(pluginName: string) {
   let s3Key = `${pluginName}`
   if (env.MULTI_TENANCY) {
     const tenantId = context.getTenantId()
diff --git a/packages/backend-core/src/objectStore/objectStore.ts b/packages/backend-core/src/objectStore/objectStore.ts
index c36a09915e..76d2dd6689 100644
--- a/packages/backend-core/src/objectStore/objectStore.ts
+++ b/packages/backend-core/src/objectStore/objectStore.ts
@@ -1,6 +1,6 @@
 const sanitize = require("sanitize-s3-objectkey")
 import AWS from "aws-sdk"
-import stream from "stream"
+import stream, { Readable } from "stream"
 import fetch from "node-fetch"
 import tar from "tar-fs"
 import zlib from "zlib"
@@ -66,10 +66,10 @@ export function sanitizeBucket(input: string) {
  * @return an S3 object store object, check S3 Nodejs SDK for usage.
  * @constructor
  */
-export const ObjectStore = (
+export function ObjectStore(
   bucket: string,
   opts: { presigning: boolean } = { presigning: false }
-) => {
+) {
   const config: any = {
     s3ForcePathStyle: true,
     signatureVersion: "v4",
@@ -104,7 +104,7 @@ export const ObjectStore = (
  * Given an object store and a bucket name this will make sure the bucket exists,
  * if it does not exist then it will create it.
  */
-export const makeSureBucketExists = async (client: any, bucketName: string) => {
+export async function makeSureBucketExists(client: any, bucketName: string) {
   bucketName = sanitizeBucket(bucketName)
   try {
     await client
@@ -139,13 +139,13 @@ export const makeSureBucketExists = async (client: any, bucketName: string) => {
  * Uploads the contents of a file given the required parameters, useful when
  * temp files in use (for example file uploaded as an attachment).
  */
-export const upload = async ({
+export async function upload({
   bucket: bucketName,
   filename,
   path,
   type,
   metadata,
-}: UploadParams) => {
+}: UploadParams) {
   const extension = filename.split(".").pop()
   const fileBytes = fs.readFileSync(path)
 
@@ -180,12 +180,12 @@ export const upload = async ({
  * Similar to the upload function but can be used to send a file stream
  * through to the object store.
  */
-export const streamUpload = async (
+export async function streamUpload(
   bucketName: string,
   filename: string,
   stream: any,
   extra = {}
-) => {
+) {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
 
@@ -215,7 +215,7 @@ export const streamUpload = async (
  * retrieves the contents of a file from the object store, if it is a known content type it
  * will be converted, otherwise it will be returned as a buffer stream.
  */
-export const retrieve = async (bucketName: string, filepath: string) => {
+export async function retrieve(bucketName: string, filepath: string) {
   const objectStore = ObjectStore(bucketName)
   const params = {
     Bucket: sanitizeBucket(bucketName),
@@ -230,7 +230,7 @@ export const retrieve = async (bucketName: string, filepath: string) => {
   }
 }
 
-export const listAllObjects = async (bucketName: string, path: string) => {
+export async function listAllObjects(bucketName: string, path: string) {
   const objectStore = ObjectStore(bucketName)
   const list = (params: ListParams = {}) => {
     return objectStore
@@ -261,11 +261,11 @@ export const listAllObjects = async (bucketName: string, path: string) => {
 /**
  * Generate a presigned url with a default TTL of 1 hour
  */
-export const getPresignedUrl = (
+export function getPresignedUrl(
   bucketName: string,
   key: string,
   durationSeconds: number = 3600
-) => {
+) {
   const objectStore = ObjectStore(bucketName, { presigning: true })
   const params = {
     Bucket: sanitizeBucket(bucketName),
@@ -291,7 +291,7 @@ export const getPresignedUrl = (
 /**
  * Same as retrieval function but puts to a temporary file.
  */
-export const retrieveToTmp = async (bucketName: string, filepath: string) => {
+export async function retrieveToTmp(bucketName: string, filepath: string) {
   bucketName = sanitizeBucket(bucketName)
   filepath = sanitizeKey(filepath)
   const data = await retrieve(bucketName, filepath)
@@ -300,7 +300,7 @@ export const retrieveToTmp = async (bucketName: string, filepath: string) => {
   return outputPath
 }
 
-export const retrieveDirectory = async (bucketName: string, path: string) => {
+export async function retrieveDirectory(bucketName: string, path: string) {
   let writePath = join(budibaseTempDir(), v4())
   fs.mkdirSync(writePath)
   const objects = await listAllObjects(bucketName, path)
@@ -324,7 +324,7 @@ export const retrieveDirectory = async (bucketName: string, path: string) => {
 /**
  * Delete a single file.
  */
-export const deleteFile = async (bucketName: string, filepath: string) => {
+export async function deleteFile(bucketName: string, filepath: string) {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
   const params = {
@@ -334,7 +334,7 @@ export const deleteFile = async (bucketName: string, filepath: string) => {
   return objectStore.deleteObject(params).promise()
 }
 
-export const deleteFiles = async (bucketName: string, filepaths: string[]) => {
+export async function deleteFiles(bucketName: string, filepaths: string[]) {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
   const params = {
@@ -349,10 +349,10 @@ export const deleteFiles = async (bucketName: string, filepaths: string[]) => {
 /**
  * Delete a path, including everything within.
  */
-export const deleteFolder = async (
+export async function deleteFolder(
   bucketName: string,
   folder: string
-): Promise<any> => {
+): Promise<any> {
   bucketName = sanitizeBucket(bucketName)
   folder = sanitizeKey(folder)
   const client = ObjectStore(bucketName)
@@ -383,11 +383,11 @@ export const deleteFolder = async (
   }
 }
 
-export const uploadDirectory = async (
+export async function uploadDirectory(
   bucketName: string,
   localPath: string,
   bucketPath: string
-) => {
+) {
   bucketName = sanitizeBucket(bucketName)
   let uploads = []
   const files = fs.readdirSync(localPath, { withFileTypes: true })
@@ -404,11 +404,11 @@ export const uploadDirectory = async (
   return files
 }
 
-export const downloadTarballDirect = async (
+export async function downloadTarballDirect(
   url: string,
   path: string,
   headers = {}
-) => {
+) {
   path = sanitizeKey(path)
   const response = await fetch(url, { headers })
   if (!response.ok) {
@@ -418,11 +418,11 @@ export const downloadTarballDirect = async (
   await streamPipeline(response.body, zlib.createUnzip(), tar.extract(path))
 }
 
-export const downloadTarball = async (
+export async function downloadTarball(
   url: string,
   bucketName: string,
   path: string
-) => {
+) {
   bucketName = sanitizeBucket(bucketName)
   path = sanitizeKey(path)
   const response = await fetch(url)
@@ -438,3 +438,17 @@ export const downloadTarball = async (
   // return the temporary path incase there is a use for it
   return tmpPath
 }
+
+export async function getReadStream(
+  bucketName: string,
+  path: string
+): Promise<Readable> {
+  bucketName = sanitizeBucket(bucketName)
+  path = sanitizeKey(path)
+  const client = ObjectStore(bucketName)
+  const params = {
+    Bucket: bucketName,
+    Key: path,
+  }
+  return client.getObject(params).createReadStream()
+}
diff --git a/packages/server/src/api/controllers/static/index.ts b/packages/server/src/api/controllers/static/index.ts
index bbf9dd34f5..d2e887dcf8 100644
--- a/packages/server/src/api/controllers/static/index.ts
+++ b/packages/server/src/api/controllers/static/index.ts
@@ -16,7 +16,7 @@ import AWS from "aws-sdk"
 import fs from "fs"
 import sdk from "../../../sdk"
 import * as pro from "@budibase/pro"
-import { App } from "@budibase/types"
+import { App, Ctx } from "@budibase/types"
 
 const send = require("koa-send")
 
@@ -39,7 +39,7 @@ async function prepareUpload({ s3Key, bucket, metadata, file }: any) {
   }
 }
 
-export const toggleBetaUiFeature = async function (ctx: any) {
+export const toggleBetaUiFeature = async function (ctx: Ctx) {
   const cookieName = `beta:${ctx.params.feature}`
 
   if (ctx.cookies.get(cookieName)) {
@@ -67,16 +67,14 @@ export const toggleBetaUiFeature = async function (ctx: any) {
   }
 }
 
-export const serveBuilder = async function (ctx: any) {
+export const serveBuilder = async function (ctx: Ctx) {
   const builderPath = join(TOP_LEVEL_PATH, "builder")
   await send(ctx, ctx.file, { root: builderPath })
 }
 
-export const uploadFile = async function (ctx: any) {
-  let files =
-    ctx.request.files.file.length > 1
-      ? Array.from(ctx.request.files.file)
-      : [ctx.request.files.file]
+export const uploadFile = async function (ctx: Ctx) {
+  const file = ctx.request?.files?.file
+  let files = file && Array.isArray(file) ? Array.from(file) : [file]
 
   const uploads = files.map(async (file: any) => {
     const fileExtension = [...file.name.split(".")].pop()
@@ -93,14 +91,14 @@ export const uploadFile = async function (ctx: any) {
   ctx.body = await Promise.all(uploads)
 }
 
-export const deleteObjects = async function (ctx: any) {
+export const deleteObjects = async function (ctx: Ctx) {
   ctx.body = await objectStore.deleteFiles(
     ObjectStoreBuckets.APPS,
     ctx.request.body.keys
   )
 }
 
-export const serveApp = async function (ctx: any) {
+export const serveApp = async function (ctx: Ctx) {
   const bbHeaderEmbed =
     ctx.request.get("x-budibase-embed")?.toLowerCase() === "true"
 
@@ -181,7 +179,7 @@ export const serveApp = async function (ctx: any) {
   }
 }
 
-export const serveBuilderPreview = async function (ctx: any) {
+export const serveBuilderPreview = async function (ctx: Ctx) {
   const db = context.getAppDB({ skip_setup: true })
   const appInfo = await db.get<App>(DocumentType.APP_METADATA)
 
@@ -197,18 +195,29 @@ export const serveBuilderPreview = async function (ctx: any) {
   }
 }
 
-export const serveClientLibrary = async function (ctx: any) {
+export const serveClientLibrary = async function (ctx: Ctx) {
+  const appId = context.getAppId() || (ctx.request.query.appId as string)
   let rootPath = join(NODE_MODULES_PATH, "@budibase", "client", "dist")
-  // incase running from TS directly
-  if (env.isDev() && !fs.existsSync(rootPath)) {
-    rootPath = join(require.resolve("@budibase/client"), "..")
+  if (!appId) {
+    ctx.throw(400, "No app ID provided - cannot fetch client library.")
+  }
+  if (env.isProd()) {
+    ctx.body = await objectStore.getReadStream(
+      ObjectStoreBuckets.APPS,
+      objectStore.clientLibraryPath(appId!)
+    )
+  } else if (env.isDev()) {
+    // incase running from TS directly
+    const tsPath = join(require.resolve("@budibase/client"), "..")
+    return send(ctx, "budibase-client.js", {
+      root: !fs.existsSync(rootPath) ? tsPath : rootPath,
+    })
+  } else {
+    ctx.throw(500, "Unable to retrieve client library.")
   }
-  return send(ctx, "budibase-client.js", {
-    root: rootPath,
-  })
 }
 
-export const getSignedUploadURL = async function (ctx: any) {
+export const getSignedUploadURL = async function (ctx: Ctx) {
   // Ensure datasource is valid
   let datasource
   try {
@@ -247,7 +256,7 @@ export const getSignedUploadURL = async function (ctx: any) {
       const params = { Bucket: bucket, Key: key }
       signedUrl = s3.getSignedUrl("putObject", params)
       publicUrl = `https://${bucket}.s3.${awsRegion}.amazonaws.com/${key}`
-    } catch (error) {
+    } catch (error: any) {
       ctx.throw(400, error)
     }
   }

From 570eaa8e5347a41de09b78fb283b50c3d585def1 Mon Sep 17 00:00:00 2001
From: Mitch-Budibase <mitch@budibase.com>
Date: Tue, 24 Oct 2023 17:22:49 +0100
Subject: [PATCH 42/48] Update package.json + remove license.manage.spec.ts

Update package.json
- Updating "test:self:ci"
- Now includes license. Needed to prevent license tests from running where an account portal is not setup

Removing license.manage.spec.ts
- This will be included in another PR
- Work required to finish this test
- Removing so the license activation test can be merged
---
 qa-core/package.json                          |  2 +-
 .../tests/licensing/license.manage.spec.ts    | 57 -------------------
 2 files changed, 1 insertion(+), 58 deletions(-)
 delete mode 100644 qa-core/src/account-api/tests/licensing/license.manage.spec.ts

diff --git a/qa-core/package.json b/qa-core/package.json
index 3c789d89e6..d266ca9def 100644
--- a/qa-core/package.json
+++ b/qa-core/package.json
@@ -17,7 +17,7 @@
     "test:notify": "node scripts/testResultsWebhook",
     "test:cloud:prod": "yarn run test --testPathIgnorePatterns=\\.integration\\.",
     "test:cloud:qa": "yarn run test",
-    "test:self:ci": "yarn run test --testPathIgnorePatterns=\\.integration\\. \\.cloud\\.",
+    "test:self:ci": "yarn run test --testPathIgnorePatterns=\\.integration\\. \\.cloud\\. \\.license\\.",
     "serve:test:self:ci": "start-server-and-test dev:built http://localhost:4001/health test:self:ci",
     "serve": "start-server-and-test dev:built http://localhost:4001/health",
     "dev:built": "cd ../ && yarn dev:built"
diff --git a/qa-core/src/account-api/tests/licensing/license.manage.spec.ts b/qa-core/src/account-api/tests/licensing/license.manage.spec.ts
deleted file mode 100644
index 3f87838ee4..0000000000
--- a/qa-core/src/account-api/tests/licensing/license.manage.spec.ts
+++ /dev/null
@@ -1,57 +0,0 @@
-import TestConfiguration from "../../config/TestConfiguration"
-import * as fixtures from "../../fixtures"
-import { Hosting, PlanType } from "@budibase/types"
-
-describe("license management", () => {
-  const config = new TestConfiguration()
-
-  beforeAll(async () => {
-    await config.beforeAll()
-  })
-
-  afterAll(async () => {
-    await config.afterAll()
-  })
-
-  it("retrieves plans, creates checkout session, and updates license", async () => {
-    // Create cloud account
-    const createAccountRequest = fixtures.accounts.generateAccount({
-      hosting: Hosting.CLOUD,
-    })
-
-    // Self response has free license
-    const [selfRes, selfBody] = await config.api.accounts.self()
-    expect(selfBody.license.plan.type).toBe(PlanType.FREE)
-
-    // Retrieve plans
-    const [plansRes, planBody] = await config.api.licenses.getPlans()
-
-    // Select priceId from premium plan
-    let premiumPriceId = null
-    for (const plan of planBody) {
-      if (plan.type === PlanType.PREMIUM) {
-        premiumPriceId = plan.prices[0].priceId
-        break
-      }
-    }
-
-    // Create checkout session for price
-    const checkoutSessionRes = await config.api.stripe.createCheckoutSession(
-      premiumPriceId
-    )
-    const checkoutSessionUrl = checkoutSessionRes[1].url
-    expect(checkoutSessionUrl).toContain("checkout.stripe.com")
-
-    // TODO: Mimic checkout success
-    // Create stripe customer
-    // Create subscription for premium plan
-    // Assert license updated from free to premium
-
-    // Create portal session
-    //await config.api.stripe.createPortalSession()
-
-    // Update from free to business license
-
-    // License updated
-  })
-})

From ba5b1d7cfa0b9f9fc228a3d22c64b8b8bb53934a Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Tue, 24 Oct 2023 17:27:58 +0100
Subject: [PATCH 43/48] Adding tenant ID to query string and fixing test cases.

---
 .../src/objectStore/buckets/app.ts            | 19 ++++++---
 .../src/objectStore/buckets/tests/app.spec.ts | 42 +++++++------------
 2 files changed, 30 insertions(+), 31 deletions(-)

diff --git a/packages/backend-core/src/objectStore/buckets/app.ts b/packages/backend-core/src/objectStore/buckets/app.ts
index 931cbeb78b..95b73b9104 100644
--- a/packages/backend-core/src/objectStore/buckets/app.ts
+++ b/packages/backend-core/src/objectStore/buckets/app.ts
@@ -2,6 +2,7 @@ import env from "../../environment"
 import * as objectStore from "../objectStore"
 import * as cloudfront from "../cloudfront"
 import qs from "querystring"
+import { getTenantId, DEFAULT_TENANT_ID } from "../../context"
 
 export function clientLibraryPath(appId: string) {
   return `${objectStore.sanitizeKey(appId)}/budibase-client.js`
@@ -28,11 +29,19 @@ export function clientLibraryCDNUrl(appId: string, version: string) {
 }
 
 export function clientLibraryUrl(appId: string, version: string) {
-  const queryString = qs.encode({
-    appId,
-    version,
-  })
-  return `/api/assets/client?${queryString}`
+  let tenantId, qsParams: { appId: string; version: string; tenantId?: string }
+  try {
+    tenantId = getTenantId()
+  } finally {
+    qsParams = {
+      appId,
+      version,
+    }
+  }
+  if (tenantId) {
+    qsParams.tenantId = tenantId
+  }
+  return `/api/assets/client?${qs.encode(qsParams)}`
 }
 
 export function getAppFileUrl(s3Key: string) {
diff --git a/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts b/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
index aaa07ec9d3..cbbbee6255 100644
--- a/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
+++ b/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
@@ -1,5 +1,4 @@
 import * as app from "../app"
-import { getAppFileUrl } from "../app"
 import { testEnv } from "../../../../tests/extra"
 
 describe("app", () => {
@@ -7,6 +6,15 @@ describe("app", () => {
     testEnv.nodeJest()
   })
 
+  function baseCheck(url: string, tenantId?: string) {
+    expect(url).toContain("/api/assets/client")
+    if (tenantId) {
+      expect(url).toContain(`tenantId=${tenantId}`)
+    }
+    expect(url).toContain("appId=app_123")
+    expect(url).toContain("version=2.0.0")
+  }
+
   describe("clientLibraryUrl", () => {
     function getClientUrl() {
       return app.clientLibraryUrl("app_123/budibase-client.js", "2.0.0")
@@ -20,31 +28,19 @@ describe("app", () => {
       it("gets url in dev", () => {
         testEnv.nodeDev()
         const url = getClientUrl()
-        expect(url).toBe("/api/assets/client")
-      })
-
-      it("gets url with embedded minio", () => {
-        testEnv.withMinio()
-        const url = getClientUrl()
-        expect(url).toBe(
-          "/files/signed/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-        )
+        baseCheck(url)
       })
 
       it("gets url with custom S3", () => {
         testEnv.withS3()
         const url = getClientUrl()
-        expect(url).toBe(
-          "http://s3.example.com/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-        )
+        baseCheck(url)
       })
 
       it("gets url with cloudfront + s3", () => {
         testEnv.withCloudfront()
         const url = getClientUrl()
-        expect(url).toBe(
-          "http://cf.example.com/app_123/budibase-client.js/budibase-client.js?v=2.0.0"
-        )
+        baseCheck(url)
       })
     })
 
@@ -57,7 +53,7 @@ describe("app", () => {
         testEnv.nodeDev()
         await testEnv.withTenant(tenantId => {
           const url = getClientUrl()
-          expect(url).toBe("/api/assets/client")
+          baseCheck(url, tenantId)
         })
       })
 
@@ -65,9 +61,7 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withMinio()
           const url = getClientUrl()
-          expect(url).toBe(
-            "/files/signed/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-          )
+          baseCheck(url, tenantId)
         })
       })
 
@@ -75,9 +69,7 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withS3()
           const url = getClientUrl()
-          expect(url).toBe(
-            "http://s3.example.com/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-          )
+          baseCheck(url, tenantId)
         })
       })
 
@@ -85,9 +77,7 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withCloudfront()
           const url = getClientUrl()
-          expect(url).toBe(
-            "http://cf.example.com/app_123/budibase-client.js/budibase-client.js?v=2.0.0"
-          )
+          baseCheck(url, tenantId)
         })
       })
     })

From 701d30abb4f3c292fbddd5ec50cf4f8c31fae789 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Tue, 24 Oct 2023 17:30:57 +0100
Subject: [PATCH 44/48] Don't pass through default tenant ID.

---
 packages/backend-core/src/objectStore/buckets/app.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/backend-core/src/objectStore/buckets/app.ts b/packages/backend-core/src/objectStore/buckets/app.ts
index 95b73b9104..43bc965c65 100644
--- a/packages/backend-core/src/objectStore/buckets/app.ts
+++ b/packages/backend-core/src/objectStore/buckets/app.ts
@@ -2,7 +2,7 @@ import env from "../../environment"
 import * as objectStore from "../objectStore"
 import * as cloudfront from "../cloudfront"
 import qs from "querystring"
-import { getTenantId, DEFAULT_TENANT_ID } from "../../context"
+import { DEFAULT_TENANT_ID, getTenantId } from "../../context"
 
 export function clientLibraryPath(appId: string) {
   return `${objectStore.sanitizeKey(appId)}/budibase-client.js`
@@ -38,7 +38,7 @@ export function clientLibraryUrl(appId: string, version: string) {
       version,
     }
   }
-  if (tenantId) {
+  if (tenantId && tenantId !== DEFAULT_TENANT_ID) {
     qsParams.tenantId = tenantId
   }
   return `/api/assets/client?${qs.encode(qsParams)}`

From e2e5c9044c6fe708f520a1c66075f492c85f45b4 Mon Sep 17 00:00:00 2001
From: Michael Drury <me@michaeldrury.co.uk>
Date: Tue, 24 Oct 2023 18:12:20 +0100
Subject: [PATCH 45/48] Revert "Client library fetching through server"

---
 .../src/objectStore/buckets/app.ts            | 59 +++++++-----------
 .../src/objectStore/buckets/plugins.ts        | 16 ++---
 .../src/objectStore/buckets/tests/app.spec.ts | 42 ++++++++-----
 .../src/objectStore/objectStore.ts            | 62 +++++++------------
 .../src/api/controllers/static/index.ts       | 49 ++++++---------
 5 files changed, 101 insertions(+), 127 deletions(-)

diff --git a/packages/backend-core/src/objectStore/buckets/app.ts b/packages/backend-core/src/objectStore/buckets/app.ts
index 43bc965c65..be9fddeaa6 100644
--- a/packages/backend-core/src/objectStore/buckets/app.ts
+++ b/packages/backend-core/src/objectStore/buckets/app.ts
@@ -1,50 +1,37 @@
 import env from "../../environment"
 import * as objectStore from "../objectStore"
 import * as cloudfront from "../cloudfront"
-import qs from "querystring"
-import { DEFAULT_TENANT_ID, getTenantId } from "../../context"
-
-export function clientLibraryPath(appId: string) {
-  return `${objectStore.sanitizeKey(appId)}/budibase-client.js`
-}
 
 /**
- * Previously we used to serve the client library directly from Cloudfront, however
- * due to issues with the domain we were unable to continue doing this - keeping
- * incase we are able to switch back to CDN path again in future.
+ * In production the client library is stored in the object store, however in development
+ * we use the symlinked version produced by lerna, located in node modules. We link to this
+ * via a specific endpoint (under /api/assets/client).
+ * @param appId In production we need the appId to look up the correct bucket, as the
+ * version of the client lib may differ between apps.
+ * @param version The version to retrieve.
+ * @return The URL to be inserted into appPackage response or server rendered
+ * app index file.
  */
-export function clientLibraryCDNUrl(appId: string, version: string) {
-  let file = clientLibraryPath(appId)
-  if (env.CLOUDFRONT_CDN) {
-    // append app version to bust the cache
-    if (version) {
-      file += `?v=${version}`
+export const clientLibraryUrl = (appId: string, version: string) => {
+  if (env.isProd()) {
+    let file = `${objectStore.sanitizeKey(appId)}/budibase-client.js`
+    if (env.CLOUDFRONT_CDN) {
+      // append app version to bust the cache
+      if (version) {
+        file += `?v=${version}`
+      }
+      // don't need to use presigned for client with cloudfront
+      // file is public
+      return cloudfront.getUrl(file)
+    } else {
+      return objectStore.getPresignedUrl(env.APPS_BUCKET_NAME, file)
     }
-    // don't need to use presigned for client with cloudfront
-    // file is public
-    return cloudfront.getUrl(file)
   } else {
-    return objectStore.getPresignedUrl(env.APPS_BUCKET_NAME, file)
+    return `/api/assets/client`
   }
 }
 
-export function clientLibraryUrl(appId: string, version: string) {
-  let tenantId, qsParams: { appId: string; version: string; tenantId?: string }
-  try {
-    tenantId = getTenantId()
-  } finally {
-    qsParams = {
-      appId,
-      version,
-    }
-  }
-  if (tenantId && tenantId !== DEFAULT_TENANT_ID) {
-    qsParams.tenantId = tenantId
-  }
-  return `/api/assets/client?${qs.encode(qsParams)}`
-}
-
-export function getAppFileUrl(s3Key: string) {
+export const getAppFileUrl = (s3Key: string) => {
   if (env.CLOUDFRONT_CDN) {
     return cloudfront.getPresignedUrl(s3Key)
   } else {
diff --git a/packages/backend-core/src/objectStore/buckets/plugins.ts b/packages/backend-core/src/objectStore/buckets/plugins.ts
index 6f1b7116ae..f7721afb23 100644
--- a/packages/backend-core/src/objectStore/buckets/plugins.ts
+++ b/packages/backend-core/src/objectStore/buckets/plugins.ts
@@ -6,7 +6,7 @@ import { Plugin } from "@budibase/types"
 
 // URLS
 
-export function enrichPluginURLs(plugins: Plugin[]) {
+export const enrichPluginURLs = (plugins: Plugin[]) => {
   if (!plugins || !plugins.length) {
     return []
   }
@@ -17,12 +17,12 @@ export function enrichPluginURLs(plugins: Plugin[]) {
   })
 }
 
-function getPluginJSUrl(plugin: Plugin) {
+const getPluginJSUrl = (plugin: Plugin) => {
   const s3Key = getPluginJSKey(plugin)
   return getPluginUrl(s3Key)
 }
 
-function getPluginIconUrl(plugin: Plugin): string | undefined {
+const getPluginIconUrl = (plugin: Plugin): string | undefined => {
   const s3Key = getPluginIconKey(plugin)
   if (!s3Key) {
     return
@@ -30,7 +30,7 @@ function getPluginIconUrl(plugin: Plugin): string | undefined {
   return getPluginUrl(s3Key)
 }
 
-function getPluginUrl(s3Key: string) {
+const getPluginUrl = (s3Key: string) => {
   if (env.CLOUDFRONT_CDN) {
     return cloudfront.getPresignedUrl(s3Key)
   } else {
@@ -40,11 +40,11 @@ function getPluginUrl(s3Key: string) {
 
 // S3 KEYS
 
-export function getPluginJSKey(plugin: Plugin) {
+export const getPluginJSKey = (plugin: Plugin) => {
   return getPluginS3Key(plugin, "plugin.min.js")
 }
 
-export function getPluginIconKey(plugin: Plugin) {
+export const getPluginIconKey = (plugin: Plugin) => {
   // stored iconUrl is deprecated - hardcode to icon.svg in this case
   const iconFileName = plugin.iconUrl ? "icon.svg" : plugin.iconFileName
   if (!iconFileName) {
@@ -53,12 +53,12 @@ export function getPluginIconKey(plugin: Plugin) {
   return getPluginS3Key(plugin, iconFileName)
 }
 
-function getPluginS3Key(plugin: Plugin, fileName: string) {
+const getPluginS3Key = (plugin: Plugin, fileName: string) => {
   const s3Key = getPluginS3Dir(plugin.name)
   return `${s3Key}/${fileName}`
 }
 
-export function getPluginS3Dir(pluginName: string) {
+export const getPluginS3Dir = (pluginName: string) => {
   let s3Key = `${pluginName}`
   if (env.MULTI_TENANCY) {
     const tenantId = context.getTenantId()
diff --git a/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts b/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
index cbbbee6255..aaa07ec9d3 100644
--- a/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
+++ b/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
@@ -1,4 +1,5 @@
 import * as app from "../app"
+import { getAppFileUrl } from "../app"
 import { testEnv } from "../../../../tests/extra"
 
 describe("app", () => {
@@ -6,15 +7,6 @@ describe("app", () => {
     testEnv.nodeJest()
   })
 
-  function baseCheck(url: string, tenantId?: string) {
-    expect(url).toContain("/api/assets/client")
-    if (tenantId) {
-      expect(url).toContain(`tenantId=${tenantId}`)
-    }
-    expect(url).toContain("appId=app_123")
-    expect(url).toContain("version=2.0.0")
-  }
-
   describe("clientLibraryUrl", () => {
     function getClientUrl() {
       return app.clientLibraryUrl("app_123/budibase-client.js", "2.0.0")
@@ -28,19 +20,31 @@ describe("app", () => {
       it("gets url in dev", () => {
         testEnv.nodeDev()
         const url = getClientUrl()
-        baseCheck(url)
+        expect(url).toBe("/api/assets/client")
+      })
+
+      it("gets url with embedded minio", () => {
+        testEnv.withMinio()
+        const url = getClientUrl()
+        expect(url).toBe(
+          "/files/signed/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
+        )
       })
 
       it("gets url with custom S3", () => {
         testEnv.withS3()
         const url = getClientUrl()
-        baseCheck(url)
+        expect(url).toBe(
+          "http://s3.example.com/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
+        )
       })
 
       it("gets url with cloudfront + s3", () => {
         testEnv.withCloudfront()
         const url = getClientUrl()
-        baseCheck(url)
+        expect(url).toBe(
+          "http://cf.example.com/app_123/budibase-client.js/budibase-client.js?v=2.0.0"
+        )
       })
     })
 
@@ -53,7 +57,7 @@ describe("app", () => {
         testEnv.nodeDev()
         await testEnv.withTenant(tenantId => {
           const url = getClientUrl()
-          baseCheck(url, tenantId)
+          expect(url).toBe("/api/assets/client")
         })
       })
 
@@ -61,7 +65,9 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withMinio()
           const url = getClientUrl()
-          baseCheck(url, tenantId)
+          expect(url).toBe(
+            "/files/signed/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
+          )
         })
       })
 
@@ -69,7 +75,9 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withS3()
           const url = getClientUrl()
-          baseCheck(url, tenantId)
+          expect(url).toBe(
+            "http://s3.example.com/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
+          )
         })
       })
 
@@ -77,7 +85,9 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withCloudfront()
           const url = getClientUrl()
-          baseCheck(url, tenantId)
+          expect(url).toBe(
+            "http://cf.example.com/app_123/budibase-client.js/budibase-client.js?v=2.0.0"
+          )
         })
       })
     })
diff --git a/packages/backend-core/src/objectStore/objectStore.ts b/packages/backend-core/src/objectStore/objectStore.ts
index 76d2dd6689..c36a09915e 100644
--- a/packages/backend-core/src/objectStore/objectStore.ts
+++ b/packages/backend-core/src/objectStore/objectStore.ts
@@ -1,6 +1,6 @@
 const sanitize = require("sanitize-s3-objectkey")
 import AWS from "aws-sdk"
-import stream, { Readable } from "stream"
+import stream from "stream"
 import fetch from "node-fetch"
 import tar from "tar-fs"
 import zlib from "zlib"
@@ -66,10 +66,10 @@ export function sanitizeBucket(input: string) {
  * @return an S3 object store object, check S3 Nodejs SDK for usage.
  * @constructor
  */
-export function ObjectStore(
+export const ObjectStore = (
   bucket: string,
   opts: { presigning: boolean } = { presigning: false }
-) {
+) => {
   const config: any = {
     s3ForcePathStyle: true,
     signatureVersion: "v4",
@@ -104,7 +104,7 @@ export function ObjectStore(
  * Given an object store and a bucket name this will make sure the bucket exists,
  * if it does not exist then it will create it.
  */
-export async function makeSureBucketExists(client: any, bucketName: string) {
+export const makeSureBucketExists = async (client: any, bucketName: string) => {
   bucketName = sanitizeBucket(bucketName)
   try {
     await client
@@ -139,13 +139,13 @@ export async function makeSureBucketExists(client: any, bucketName: string) {
  * Uploads the contents of a file given the required parameters, useful when
  * temp files in use (for example file uploaded as an attachment).
  */
-export async function upload({
+export const upload = async ({
   bucket: bucketName,
   filename,
   path,
   type,
   metadata,
-}: UploadParams) {
+}: UploadParams) => {
   const extension = filename.split(".").pop()
   const fileBytes = fs.readFileSync(path)
 
@@ -180,12 +180,12 @@ export async function upload({
  * Similar to the upload function but can be used to send a file stream
  * through to the object store.
  */
-export async function streamUpload(
+export const streamUpload = async (
   bucketName: string,
   filename: string,
   stream: any,
   extra = {}
-) {
+) => {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
 
@@ -215,7 +215,7 @@ export async function streamUpload(
  * retrieves the contents of a file from the object store, if it is a known content type it
  * will be converted, otherwise it will be returned as a buffer stream.
  */
-export async function retrieve(bucketName: string, filepath: string) {
+export const retrieve = async (bucketName: string, filepath: string) => {
   const objectStore = ObjectStore(bucketName)
   const params = {
     Bucket: sanitizeBucket(bucketName),
@@ -230,7 +230,7 @@ export async function retrieve(bucketName: string, filepath: string) {
   }
 }
 
-export async function listAllObjects(bucketName: string, path: string) {
+export const listAllObjects = async (bucketName: string, path: string) => {
   const objectStore = ObjectStore(bucketName)
   const list = (params: ListParams = {}) => {
     return objectStore
@@ -261,11 +261,11 @@ export async function listAllObjects(bucketName: string, path: string) {
 /**
  * Generate a presigned url with a default TTL of 1 hour
  */
-export function getPresignedUrl(
+export const getPresignedUrl = (
   bucketName: string,
   key: string,
   durationSeconds: number = 3600
-) {
+) => {
   const objectStore = ObjectStore(bucketName, { presigning: true })
   const params = {
     Bucket: sanitizeBucket(bucketName),
@@ -291,7 +291,7 @@ export function getPresignedUrl(
 /**
  * Same as retrieval function but puts to a temporary file.
  */
-export async function retrieveToTmp(bucketName: string, filepath: string) {
+export const retrieveToTmp = async (bucketName: string, filepath: string) => {
   bucketName = sanitizeBucket(bucketName)
   filepath = sanitizeKey(filepath)
   const data = await retrieve(bucketName, filepath)
@@ -300,7 +300,7 @@ export async function retrieveToTmp(bucketName: string, filepath: string) {
   return outputPath
 }
 
-export async function retrieveDirectory(bucketName: string, path: string) {
+export const retrieveDirectory = async (bucketName: string, path: string) => {
   let writePath = join(budibaseTempDir(), v4())
   fs.mkdirSync(writePath)
   const objects = await listAllObjects(bucketName, path)
@@ -324,7 +324,7 @@ export async function retrieveDirectory(bucketName: string, path: string) {
 /**
  * Delete a single file.
  */
-export async function deleteFile(bucketName: string, filepath: string) {
+export const deleteFile = async (bucketName: string, filepath: string) => {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
   const params = {
@@ -334,7 +334,7 @@ export async function deleteFile(bucketName: string, filepath: string) {
   return objectStore.deleteObject(params).promise()
 }
 
-export async function deleteFiles(bucketName: string, filepaths: string[]) {
+export const deleteFiles = async (bucketName: string, filepaths: string[]) => {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
   const params = {
@@ -349,10 +349,10 @@ export async function deleteFiles(bucketName: string, filepaths: string[]) {
 /**
  * Delete a path, including everything within.
  */
-export async function deleteFolder(
+export const deleteFolder = async (
   bucketName: string,
   folder: string
-): Promise<any> {
+): Promise<any> => {
   bucketName = sanitizeBucket(bucketName)
   folder = sanitizeKey(folder)
   const client = ObjectStore(bucketName)
@@ -383,11 +383,11 @@ export async function deleteFolder(
   }
 }
 
-export async function uploadDirectory(
+export const uploadDirectory = async (
   bucketName: string,
   localPath: string,
   bucketPath: string
-) {
+) => {
   bucketName = sanitizeBucket(bucketName)
   let uploads = []
   const files = fs.readdirSync(localPath, { withFileTypes: true })
@@ -404,11 +404,11 @@ export async function uploadDirectory(
   return files
 }
 
-export async function downloadTarballDirect(
+export const downloadTarballDirect = async (
   url: string,
   path: string,
   headers = {}
-) {
+) => {
   path = sanitizeKey(path)
   const response = await fetch(url, { headers })
   if (!response.ok) {
@@ -418,11 +418,11 @@ export async function downloadTarballDirect(
   await streamPipeline(response.body, zlib.createUnzip(), tar.extract(path))
 }
 
-export async function downloadTarball(
+export const downloadTarball = async (
   url: string,
   bucketName: string,
   path: string
-) {
+) => {
   bucketName = sanitizeBucket(bucketName)
   path = sanitizeKey(path)
   const response = await fetch(url)
@@ -438,17 +438,3 @@ export async function downloadTarball(
   // return the temporary path incase there is a use for it
   return tmpPath
 }
-
-export async function getReadStream(
-  bucketName: string,
-  path: string
-): Promise<Readable> {
-  bucketName = sanitizeBucket(bucketName)
-  path = sanitizeKey(path)
-  const client = ObjectStore(bucketName)
-  const params = {
-    Bucket: bucketName,
-    Key: path,
-  }
-  return client.getObject(params).createReadStream()
-}
diff --git a/packages/server/src/api/controllers/static/index.ts b/packages/server/src/api/controllers/static/index.ts
index d2e887dcf8..bbf9dd34f5 100644
--- a/packages/server/src/api/controllers/static/index.ts
+++ b/packages/server/src/api/controllers/static/index.ts
@@ -16,7 +16,7 @@ import AWS from "aws-sdk"
 import fs from "fs"
 import sdk from "../../../sdk"
 import * as pro from "@budibase/pro"
-import { App, Ctx } from "@budibase/types"
+import { App } from "@budibase/types"
 
 const send = require("koa-send")
 
@@ -39,7 +39,7 @@ async function prepareUpload({ s3Key, bucket, metadata, file }: any) {
   }
 }
 
-export const toggleBetaUiFeature = async function (ctx: Ctx) {
+export const toggleBetaUiFeature = async function (ctx: any) {
   const cookieName = `beta:${ctx.params.feature}`
 
   if (ctx.cookies.get(cookieName)) {
@@ -67,14 +67,16 @@ export const toggleBetaUiFeature = async function (ctx: Ctx) {
   }
 }
 
-export const serveBuilder = async function (ctx: Ctx) {
+export const serveBuilder = async function (ctx: any) {
   const builderPath = join(TOP_LEVEL_PATH, "builder")
   await send(ctx, ctx.file, { root: builderPath })
 }
 
-export const uploadFile = async function (ctx: Ctx) {
-  const file = ctx.request?.files?.file
-  let files = file && Array.isArray(file) ? Array.from(file) : [file]
+export const uploadFile = async function (ctx: any) {
+  let files =
+    ctx.request.files.file.length > 1
+      ? Array.from(ctx.request.files.file)
+      : [ctx.request.files.file]
 
   const uploads = files.map(async (file: any) => {
     const fileExtension = [...file.name.split(".")].pop()
@@ -91,14 +93,14 @@ export const uploadFile = async function (ctx: Ctx) {
   ctx.body = await Promise.all(uploads)
 }
 
-export const deleteObjects = async function (ctx: Ctx) {
+export const deleteObjects = async function (ctx: any) {
   ctx.body = await objectStore.deleteFiles(
     ObjectStoreBuckets.APPS,
     ctx.request.body.keys
   )
 }
 
-export const serveApp = async function (ctx: Ctx) {
+export const serveApp = async function (ctx: any) {
   const bbHeaderEmbed =
     ctx.request.get("x-budibase-embed")?.toLowerCase() === "true"
 
@@ -179,7 +181,7 @@ export const serveApp = async function (ctx: Ctx) {
   }
 }
 
-export const serveBuilderPreview = async function (ctx: Ctx) {
+export const serveBuilderPreview = async function (ctx: any) {
   const db = context.getAppDB({ skip_setup: true })
   const appInfo = await db.get<App>(DocumentType.APP_METADATA)
 
@@ -195,29 +197,18 @@ export const serveBuilderPreview = async function (ctx: Ctx) {
   }
 }
 
-export const serveClientLibrary = async function (ctx: Ctx) {
-  const appId = context.getAppId() || (ctx.request.query.appId as string)
+export const serveClientLibrary = async function (ctx: any) {
   let rootPath = join(NODE_MODULES_PATH, "@budibase", "client", "dist")
-  if (!appId) {
-    ctx.throw(400, "No app ID provided - cannot fetch client library.")
-  }
-  if (env.isProd()) {
-    ctx.body = await objectStore.getReadStream(
-      ObjectStoreBuckets.APPS,
-      objectStore.clientLibraryPath(appId!)
-    )
-  } else if (env.isDev()) {
-    // incase running from TS directly
-    const tsPath = join(require.resolve("@budibase/client"), "..")
-    return send(ctx, "budibase-client.js", {
-      root: !fs.existsSync(rootPath) ? tsPath : rootPath,
-    })
-  } else {
-    ctx.throw(500, "Unable to retrieve client library.")
+  // incase running from TS directly
+  if (env.isDev() && !fs.existsSync(rootPath)) {
+    rootPath = join(require.resolve("@budibase/client"), "..")
   }
+  return send(ctx, "budibase-client.js", {
+    root: rootPath,
+  })
 }
 
-export const getSignedUploadURL = async function (ctx: Ctx) {
+export const getSignedUploadURL = async function (ctx: any) {
   // Ensure datasource is valid
   let datasource
   try {
@@ -256,7 +247,7 @@ export const getSignedUploadURL = async function (ctx: Ctx) {
       const params = { Bucket: bucket, Key: key }
       signedUrl = s3.getSignedUrl("putObject", params)
       publicUrl = `https://${bucket}.s3.${awsRegion}.amazonaws.com/${key}`
-    } catch (error: any) {
+    } catch (error) {
       ctx.throw(400, error)
     }
   }

From c6b377c5659067bb220006d94abfacc18a2b575b Mon Sep 17 00:00:00 2001
From: Michael Drury <me@michaeldrury.co.uk>
Date: Tue, 24 Oct 2023 18:13:36 +0100
Subject: [PATCH 46/48] Revert "Revert "Client library fetching through
 server""

---
 .../src/objectStore/buckets/app.ts            | 59 +++++++++++-------
 .../src/objectStore/buckets/plugins.ts        | 16 ++---
 .../src/objectStore/buckets/tests/app.spec.ts | 42 +++++--------
 .../src/objectStore/objectStore.ts            | 62 ++++++++++++-------
 .../src/api/controllers/static/index.ts       | 49 +++++++++------
 5 files changed, 127 insertions(+), 101 deletions(-)

diff --git a/packages/backend-core/src/objectStore/buckets/app.ts b/packages/backend-core/src/objectStore/buckets/app.ts
index be9fddeaa6..43bc965c65 100644
--- a/packages/backend-core/src/objectStore/buckets/app.ts
+++ b/packages/backend-core/src/objectStore/buckets/app.ts
@@ -1,37 +1,50 @@
 import env from "../../environment"
 import * as objectStore from "../objectStore"
 import * as cloudfront from "../cloudfront"
+import qs from "querystring"
+import { DEFAULT_TENANT_ID, getTenantId } from "../../context"
+
+export function clientLibraryPath(appId: string) {
+  return `${objectStore.sanitizeKey(appId)}/budibase-client.js`
+}
 
 /**
- * In production the client library is stored in the object store, however in development
- * we use the symlinked version produced by lerna, located in node modules. We link to this
- * via a specific endpoint (under /api/assets/client).
- * @param appId In production we need the appId to look up the correct bucket, as the
- * version of the client lib may differ between apps.
- * @param version The version to retrieve.
- * @return The URL to be inserted into appPackage response or server rendered
- * app index file.
+ * Previously we used to serve the client library directly from Cloudfront, however
+ * due to issues with the domain we were unable to continue doing this - keeping
+ * incase we are able to switch back to CDN path again in future.
  */
-export const clientLibraryUrl = (appId: string, version: string) => {
-  if (env.isProd()) {
-    let file = `${objectStore.sanitizeKey(appId)}/budibase-client.js`
-    if (env.CLOUDFRONT_CDN) {
-      // append app version to bust the cache
-      if (version) {
-        file += `?v=${version}`
-      }
-      // don't need to use presigned for client with cloudfront
-      // file is public
-      return cloudfront.getUrl(file)
-    } else {
-      return objectStore.getPresignedUrl(env.APPS_BUCKET_NAME, file)
+export function clientLibraryCDNUrl(appId: string, version: string) {
+  let file = clientLibraryPath(appId)
+  if (env.CLOUDFRONT_CDN) {
+    // append app version to bust the cache
+    if (version) {
+      file += `?v=${version}`
     }
+    // don't need to use presigned for client with cloudfront
+    // file is public
+    return cloudfront.getUrl(file)
   } else {
-    return `/api/assets/client`
+    return objectStore.getPresignedUrl(env.APPS_BUCKET_NAME, file)
   }
 }
 
-export const getAppFileUrl = (s3Key: string) => {
+export function clientLibraryUrl(appId: string, version: string) {
+  let tenantId, qsParams: { appId: string; version: string; tenantId?: string }
+  try {
+    tenantId = getTenantId()
+  } finally {
+    qsParams = {
+      appId,
+      version,
+    }
+  }
+  if (tenantId && tenantId !== DEFAULT_TENANT_ID) {
+    qsParams.tenantId = tenantId
+  }
+  return `/api/assets/client?${qs.encode(qsParams)}`
+}
+
+export function getAppFileUrl(s3Key: string) {
   if (env.CLOUDFRONT_CDN) {
     return cloudfront.getPresignedUrl(s3Key)
   } else {
diff --git a/packages/backend-core/src/objectStore/buckets/plugins.ts b/packages/backend-core/src/objectStore/buckets/plugins.ts
index f7721afb23..6f1b7116ae 100644
--- a/packages/backend-core/src/objectStore/buckets/plugins.ts
+++ b/packages/backend-core/src/objectStore/buckets/plugins.ts
@@ -6,7 +6,7 @@ import { Plugin } from "@budibase/types"
 
 // URLS
 
-export const enrichPluginURLs = (plugins: Plugin[]) => {
+export function enrichPluginURLs(plugins: Plugin[]) {
   if (!plugins || !plugins.length) {
     return []
   }
@@ -17,12 +17,12 @@ export const enrichPluginURLs = (plugins: Plugin[]) => {
   })
 }
 
-const getPluginJSUrl = (plugin: Plugin) => {
+function getPluginJSUrl(plugin: Plugin) {
   const s3Key = getPluginJSKey(plugin)
   return getPluginUrl(s3Key)
 }
 
-const getPluginIconUrl = (plugin: Plugin): string | undefined => {
+function getPluginIconUrl(plugin: Plugin): string | undefined {
   const s3Key = getPluginIconKey(plugin)
   if (!s3Key) {
     return
@@ -30,7 +30,7 @@ const getPluginIconUrl = (plugin: Plugin): string | undefined => {
   return getPluginUrl(s3Key)
 }
 
-const getPluginUrl = (s3Key: string) => {
+function getPluginUrl(s3Key: string) {
   if (env.CLOUDFRONT_CDN) {
     return cloudfront.getPresignedUrl(s3Key)
   } else {
@@ -40,11 +40,11 @@ const getPluginUrl = (s3Key: string) => {
 
 // S3 KEYS
 
-export const getPluginJSKey = (plugin: Plugin) => {
+export function getPluginJSKey(plugin: Plugin) {
   return getPluginS3Key(plugin, "plugin.min.js")
 }
 
-export const getPluginIconKey = (plugin: Plugin) => {
+export function getPluginIconKey(plugin: Plugin) {
   // stored iconUrl is deprecated - hardcode to icon.svg in this case
   const iconFileName = plugin.iconUrl ? "icon.svg" : plugin.iconFileName
   if (!iconFileName) {
@@ -53,12 +53,12 @@ export const getPluginIconKey = (plugin: Plugin) => {
   return getPluginS3Key(plugin, iconFileName)
 }
 
-const getPluginS3Key = (plugin: Plugin, fileName: string) => {
+function getPluginS3Key(plugin: Plugin, fileName: string) {
   const s3Key = getPluginS3Dir(plugin.name)
   return `${s3Key}/${fileName}`
 }
 
-export const getPluginS3Dir = (pluginName: string) => {
+export function getPluginS3Dir(pluginName: string) {
   let s3Key = `${pluginName}`
   if (env.MULTI_TENANCY) {
     const tenantId = context.getTenantId()
diff --git a/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts b/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
index aaa07ec9d3..cbbbee6255 100644
--- a/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
+++ b/packages/backend-core/src/objectStore/buckets/tests/app.spec.ts
@@ -1,5 +1,4 @@
 import * as app from "../app"
-import { getAppFileUrl } from "../app"
 import { testEnv } from "../../../../tests/extra"
 
 describe("app", () => {
@@ -7,6 +6,15 @@ describe("app", () => {
     testEnv.nodeJest()
   })
 
+  function baseCheck(url: string, tenantId?: string) {
+    expect(url).toContain("/api/assets/client")
+    if (tenantId) {
+      expect(url).toContain(`tenantId=${tenantId}`)
+    }
+    expect(url).toContain("appId=app_123")
+    expect(url).toContain("version=2.0.0")
+  }
+
   describe("clientLibraryUrl", () => {
     function getClientUrl() {
       return app.clientLibraryUrl("app_123/budibase-client.js", "2.0.0")
@@ -20,31 +28,19 @@ describe("app", () => {
       it("gets url in dev", () => {
         testEnv.nodeDev()
         const url = getClientUrl()
-        expect(url).toBe("/api/assets/client")
-      })
-
-      it("gets url with embedded minio", () => {
-        testEnv.withMinio()
-        const url = getClientUrl()
-        expect(url).toBe(
-          "/files/signed/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-        )
+        baseCheck(url)
       })
 
       it("gets url with custom S3", () => {
         testEnv.withS3()
         const url = getClientUrl()
-        expect(url).toBe(
-          "http://s3.example.com/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-        )
+        baseCheck(url)
       })
 
       it("gets url with cloudfront + s3", () => {
         testEnv.withCloudfront()
         const url = getClientUrl()
-        expect(url).toBe(
-          "http://cf.example.com/app_123/budibase-client.js/budibase-client.js?v=2.0.0"
-        )
+        baseCheck(url)
       })
     })
 
@@ -57,7 +53,7 @@ describe("app", () => {
         testEnv.nodeDev()
         await testEnv.withTenant(tenantId => {
           const url = getClientUrl()
-          expect(url).toBe("/api/assets/client")
+          baseCheck(url, tenantId)
         })
       })
 
@@ -65,9 +61,7 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withMinio()
           const url = getClientUrl()
-          expect(url).toBe(
-            "/files/signed/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-          )
+          baseCheck(url, tenantId)
         })
       })
 
@@ -75,9 +69,7 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withS3()
           const url = getClientUrl()
-          expect(url).toBe(
-            "http://s3.example.com/prod-budi-app-assets/app_123/budibase-client.js/budibase-client.js"
-          )
+          baseCheck(url, tenantId)
         })
       })
 
@@ -85,9 +77,7 @@ describe("app", () => {
         await testEnv.withTenant(tenantId => {
           testEnv.withCloudfront()
           const url = getClientUrl()
-          expect(url).toBe(
-            "http://cf.example.com/app_123/budibase-client.js/budibase-client.js?v=2.0.0"
-          )
+          baseCheck(url, tenantId)
         })
       })
     })
diff --git a/packages/backend-core/src/objectStore/objectStore.ts b/packages/backend-core/src/objectStore/objectStore.ts
index c36a09915e..76d2dd6689 100644
--- a/packages/backend-core/src/objectStore/objectStore.ts
+++ b/packages/backend-core/src/objectStore/objectStore.ts
@@ -1,6 +1,6 @@
 const sanitize = require("sanitize-s3-objectkey")
 import AWS from "aws-sdk"
-import stream from "stream"
+import stream, { Readable } from "stream"
 import fetch from "node-fetch"
 import tar from "tar-fs"
 import zlib from "zlib"
@@ -66,10 +66,10 @@ export function sanitizeBucket(input: string) {
  * @return an S3 object store object, check S3 Nodejs SDK for usage.
  * @constructor
  */
-export const ObjectStore = (
+export function ObjectStore(
   bucket: string,
   opts: { presigning: boolean } = { presigning: false }
-) => {
+) {
   const config: any = {
     s3ForcePathStyle: true,
     signatureVersion: "v4",
@@ -104,7 +104,7 @@ export const ObjectStore = (
  * Given an object store and a bucket name this will make sure the bucket exists,
  * if it does not exist then it will create it.
  */
-export const makeSureBucketExists = async (client: any, bucketName: string) => {
+export async function makeSureBucketExists(client: any, bucketName: string) {
   bucketName = sanitizeBucket(bucketName)
   try {
     await client
@@ -139,13 +139,13 @@ export const makeSureBucketExists = async (client: any, bucketName: string) => {
  * Uploads the contents of a file given the required parameters, useful when
  * temp files in use (for example file uploaded as an attachment).
  */
-export const upload = async ({
+export async function upload({
   bucket: bucketName,
   filename,
   path,
   type,
   metadata,
-}: UploadParams) => {
+}: UploadParams) {
   const extension = filename.split(".").pop()
   const fileBytes = fs.readFileSync(path)
 
@@ -180,12 +180,12 @@ export const upload = async ({
  * Similar to the upload function but can be used to send a file stream
  * through to the object store.
  */
-export const streamUpload = async (
+export async function streamUpload(
   bucketName: string,
   filename: string,
   stream: any,
   extra = {}
-) => {
+) {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
 
@@ -215,7 +215,7 @@ export const streamUpload = async (
  * retrieves the contents of a file from the object store, if it is a known content type it
  * will be converted, otherwise it will be returned as a buffer stream.
  */
-export const retrieve = async (bucketName: string, filepath: string) => {
+export async function retrieve(bucketName: string, filepath: string) {
   const objectStore = ObjectStore(bucketName)
   const params = {
     Bucket: sanitizeBucket(bucketName),
@@ -230,7 +230,7 @@ export const retrieve = async (bucketName: string, filepath: string) => {
   }
 }
 
-export const listAllObjects = async (bucketName: string, path: string) => {
+export async function listAllObjects(bucketName: string, path: string) {
   const objectStore = ObjectStore(bucketName)
   const list = (params: ListParams = {}) => {
     return objectStore
@@ -261,11 +261,11 @@ export const listAllObjects = async (bucketName: string, path: string) => {
 /**
  * Generate a presigned url with a default TTL of 1 hour
  */
-export const getPresignedUrl = (
+export function getPresignedUrl(
   bucketName: string,
   key: string,
   durationSeconds: number = 3600
-) => {
+) {
   const objectStore = ObjectStore(bucketName, { presigning: true })
   const params = {
     Bucket: sanitizeBucket(bucketName),
@@ -291,7 +291,7 @@ export const getPresignedUrl = (
 /**
  * Same as retrieval function but puts to a temporary file.
  */
-export const retrieveToTmp = async (bucketName: string, filepath: string) => {
+export async function retrieveToTmp(bucketName: string, filepath: string) {
   bucketName = sanitizeBucket(bucketName)
   filepath = sanitizeKey(filepath)
   const data = await retrieve(bucketName, filepath)
@@ -300,7 +300,7 @@ export const retrieveToTmp = async (bucketName: string, filepath: string) => {
   return outputPath
 }
 
-export const retrieveDirectory = async (bucketName: string, path: string) => {
+export async function retrieveDirectory(bucketName: string, path: string) {
   let writePath = join(budibaseTempDir(), v4())
   fs.mkdirSync(writePath)
   const objects = await listAllObjects(bucketName, path)
@@ -324,7 +324,7 @@ export const retrieveDirectory = async (bucketName: string, path: string) => {
 /**
  * Delete a single file.
  */
-export const deleteFile = async (bucketName: string, filepath: string) => {
+export async function deleteFile(bucketName: string, filepath: string) {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
   const params = {
@@ -334,7 +334,7 @@ export const deleteFile = async (bucketName: string, filepath: string) => {
   return objectStore.deleteObject(params).promise()
 }
 
-export const deleteFiles = async (bucketName: string, filepaths: string[]) => {
+export async function deleteFiles(bucketName: string, filepaths: string[]) {
   const objectStore = ObjectStore(bucketName)
   await makeSureBucketExists(objectStore, bucketName)
   const params = {
@@ -349,10 +349,10 @@ export const deleteFiles = async (bucketName: string, filepaths: string[]) => {
 /**
  * Delete a path, including everything within.
  */
-export const deleteFolder = async (
+export async function deleteFolder(
   bucketName: string,
   folder: string
-): Promise<any> => {
+): Promise<any> {
   bucketName = sanitizeBucket(bucketName)
   folder = sanitizeKey(folder)
   const client = ObjectStore(bucketName)
@@ -383,11 +383,11 @@ export const deleteFolder = async (
   }
 }
 
-export const uploadDirectory = async (
+export async function uploadDirectory(
   bucketName: string,
   localPath: string,
   bucketPath: string
-) => {
+) {
   bucketName = sanitizeBucket(bucketName)
   let uploads = []
   const files = fs.readdirSync(localPath, { withFileTypes: true })
@@ -404,11 +404,11 @@ export const uploadDirectory = async (
   return files
 }
 
-export const downloadTarballDirect = async (
+export async function downloadTarballDirect(
   url: string,
   path: string,
   headers = {}
-) => {
+) {
   path = sanitizeKey(path)
   const response = await fetch(url, { headers })
   if (!response.ok) {
@@ -418,11 +418,11 @@ export const downloadTarballDirect = async (
   await streamPipeline(response.body, zlib.createUnzip(), tar.extract(path))
 }
 
-export const downloadTarball = async (
+export async function downloadTarball(
   url: string,
   bucketName: string,
   path: string
-) => {
+) {
   bucketName = sanitizeBucket(bucketName)
   path = sanitizeKey(path)
   const response = await fetch(url)
@@ -438,3 +438,17 @@ export const downloadTarball = async (
   // return the temporary path incase there is a use for it
   return tmpPath
 }
+
+export async function getReadStream(
+  bucketName: string,
+  path: string
+): Promise<Readable> {
+  bucketName = sanitizeBucket(bucketName)
+  path = sanitizeKey(path)
+  const client = ObjectStore(bucketName)
+  const params = {
+    Bucket: bucketName,
+    Key: path,
+  }
+  return client.getObject(params).createReadStream()
+}
diff --git a/packages/server/src/api/controllers/static/index.ts b/packages/server/src/api/controllers/static/index.ts
index bbf9dd34f5..d2e887dcf8 100644
--- a/packages/server/src/api/controllers/static/index.ts
+++ b/packages/server/src/api/controllers/static/index.ts
@@ -16,7 +16,7 @@ import AWS from "aws-sdk"
 import fs from "fs"
 import sdk from "../../../sdk"
 import * as pro from "@budibase/pro"
-import { App } from "@budibase/types"
+import { App, Ctx } from "@budibase/types"
 
 const send = require("koa-send")
 
@@ -39,7 +39,7 @@ async function prepareUpload({ s3Key, bucket, metadata, file }: any) {
   }
 }
 
-export const toggleBetaUiFeature = async function (ctx: any) {
+export const toggleBetaUiFeature = async function (ctx: Ctx) {
   const cookieName = `beta:${ctx.params.feature}`
 
   if (ctx.cookies.get(cookieName)) {
@@ -67,16 +67,14 @@ export const toggleBetaUiFeature = async function (ctx: any) {
   }
 }
 
-export const serveBuilder = async function (ctx: any) {
+export const serveBuilder = async function (ctx: Ctx) {
   const builderPath = join(TOP_LEVEL_PATH, "builder")
   await send(ctx, ctx.file, { root: builderPath })
 }
 
-export const uploadFile = async function (ctx: any) {
-  let files =
-    ctx.request.files.file.length > 1
-      ? Array.from(ctx.request.files.file)
-      : [ctx.request.files.file]
+export const uploadFile = async function (ctx: Ctx) {
+  const file = ctx.request?.files?.file
+  let files = file && Array.isArray(file) ? Array.from(file) : [file]
 
   const uploads = files.map(async (file: any) => {
     const fileExtension = [...file.name.split(".")].pop()
@@ -93,14 +91,14 @@ export const uploadFile = async function (ctx: any) {
   ctx.body = await Promise.all(uploads)
 }
 
-export const deleteObjects = async function (ctx: any) {
+export const deleteObjects = async function (ctx: Ctx) {
   ctx.body = await objectStore.deleteFiles(
     ObjectStoreBuckets.APPS,
     ctx.request.body.keys
   )
 }
 
-export const serveApp = async function (ctx: any) {
+export const serveApp = async function (ctx: Ctx) {
   const bbHeaderEmbed =
     ctx.request.get("x-budibase-embed")?.toLowerCase() === "true"
 
@@ -181,7 +179,7 @@ export const serveApp = async function (ctx: any) {
   }
 }
 
-export const serveBuilderPreview = async function (ctx: any) {
+export const serveBuilderPreview = async function (ctx: Ctx) {
   const db = context.getAppDB({ skip_setup: true })
   const appInfo = await db.get<App>(DocumentType.APP_METADATA)
 
@@ -197,18 +195,29 @@ export const serveBuilderPreview = async function (ctx: any) {
   }
 }
 
-export const serveClientLibrary = async function (ctx: any) {
+export const serveClientLibrary = async function (ctx: Ctx) {
+  const appId = context.getAppId() || (ctx.request.query.appId as string)
   let rootPath = join(NODE_MODULES_PATH, "@budibase", "client", "dist")
-  // incase running from TS directly
-  if (env.isDev() && !fs.existsSync(rootPath)) {
-    rootPath = join(require.resolve("@budibase/client"), "..")
+  if (!appId) {
+    ctx.throw(400, "No app ID provided - cannot fetch client library.")
+  }
+  if (env.isProd()) {
+    ctx.body = await objectStore.getReadStream(
+      ObjectStoreBuckets.APPS,
+      objectStore.clientLibraryPath(appId!)
+    )
+  } else if (env.isDev()) {
+    // incase running from TS directly
+    const tsPath = join(require.resolve("@budibase/client"), "..")
+    return send(ctx, "budibase-client.js", {
+      root: !fs.existsSync(rootPath) ? tsPath : rootPath,
+    })
+  } else {
+    ctx.throw(500, "Unable to retrieve client library.")
   }
-  return send(ctx, "budibase-client.js", {
-    root: rootPath,
-  })
 }
 
-export const getSignedUploadURL = async function (ctx: any) {
+export const getSignedUploadURL = async function (ctx: Ctx) {
   // Ensure datasource is valid
   let datasource
   try {
@@ -247,7 +256,7 @@ export const getSignedUploadURL = async function (ctx: any) {
       const params = { Bucket: bucket, Key: key }
       signedUrl = s3.getSignedUrl("putObject", params)
       publicUrl = `https://${bucket}.s3.${awsRegion}.amazonaws.com/${key}`
-    } catch (error) {
+    } catch (error: any) {
       ctx.throw(400, error)
     }
   }

From 5fabe324345a4e20ae03130a8d7047ad33c5220b Mon Sep 17 00:00:00 2001
From: Michael Drury <me@michaeldrury.co.uk>
Date: Tue, 24 Oct 2023 20:35:25 +0100
Subject: [PATCH 47/48] Making sure client endpoint available in prod.

---
 packages/server/src/api/routes/static.ts | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/packages/server/src/api/routes/static.ts b/packages/server/src/api/routes/static.ts
index 0012764b40..bd3f1aba2e 100644
--- a/packages/server/src/api/routes/static.ts
+++ b/packages/server/src/api/routes/static.ts
@@ -27,15 +27,9 @@ router.param("file", async (file: any, ctx: any, next: any) => {
   return next()
 })
 
-// only used in development for retrieving the client library,
-// in production the client lib is always stored in the object store.
-if (env.isDev()) {
-  router.get("/api/assets/client", controller.serveClientLibrary)
-}
-
 router
-  // TODO: for now this builder endpoint is not authorized/secured, will need to be
   .get("/builder/:file*", controller.serveBuilder)
+  .get("/api/assets/client", controller.serveClientLibrary)
   .post("/api/attachments/process", authorized(BUILDER), controller.uploadFile)
   .post(
     "/api/attachments/delete",

From 9983d67163e576d8e202b633017d394722efb84f Mon Sep 17 00:00:00 2001
From: Michael Drury <me@michaeldrury.co.uk>
Date: Tue, 24 Oct 2023 22:13:56 +0100
Subject: [PATCH 48/48] Adding mimetype for client library response (correcting
 from octet-stream).

---
 packages/server/src/api/controllers/static/index.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/server/src/api/controllers/static/index.ts b/packages/server/src/api/controllers/static/index.ts
index d2e887dcf8..984cb16c06 100644
--- a/packages/server/src/api/controllers/static/index.ts
+++ b/packages/server/src/api/controllers/static/index.ts
@@ -206,6 +206,7 @@ export const serveClientLibrary = async function (ctx: Ctx) {
       ObjectStoreBuckets.APPS,
       objectStore.clientLibraryPath(appId!)
     )
+    ctx.set("Content-Type", "application/javascript")
   } else if (env.isDev()) {
     // incase running from TS directly
     const tsPath = join(require.resolve("@budibase/client"), "..")