feat: show api error message when logging in fails

fix: variable chip label disappearing

packages/backend/src/controllers/api/v1/access-tokens/create-access-token.test.js

@@ -32,7 +32,7 @@ describe('POST /api/v1/access-tokens', () => {
       })
       .expect(422);
 
-    expect(response.body.errors.general).toEqual([
+    expect(response.body.errors.general).toStrictEqual([
       'Incorrect email or password.',
     ]);
   });

packages/backend/src/controllers/api/v1/admin/apps/create-auth-client.ee.test.js

@@ -83,7 +83,7 @@ describe('POST /api/v1/admin/apps/:appKey/auth-clients', () => {
       .send(appAuthClient)
       .expect(422);
 
-    expect(response.body.meta.type).toEqual('ModelValidation');
+    expect(response.body.meta.type).toStrictEqual('ModelValidation');
     expect(response.body.errors).toMatchObject({
       name: ["must have required property 'name'"],
       formattedAuthDefaults: [

packages/backend/src/controllers/api/v1/admin/apps/create-config.ee.js

@@ -10,11 +10,11 @@ export default async (request, response) => {
 };
 
 const appConfigParams = (request) => {
-  const { allowCustomConnection, shared, disabled } = request.body;
+  const { customConnectionAllowed, shared, disabled } = request.body;
 
   return {
     key: request.params.appKey,
-    allowCustomConnection,
+    customConnectionAllowed,
     shared,
     disabled,
   };

packages/backend/src/controllers/api/v1/admin/apps/create-config.ee.test.js

@@ -23,7 +23,7 @@ describe('POST /api/v1/admin/apps/:appKey/config', () => {
 
   it('should return created app config', async () => {
     const appConfig = {
-      allowCustomConnection: true,
+      customConnectionAllowed: true,
       shared: true,
       disabled: false,
     };
@@ -44,7 +44,7 @@ describe('POST /api/v1/admin/apps/:appKey/config', () => {
   it('should return HTTP 422 for already existing app config', async () => {
     const appConfig = {
       key: 'gitlab',
-      allowCustomConnection: true,
+      customConnectionAllowed: true,
       shared: true,
       disabled: false,
     };
@@ -59,7 +59,7 @@ describe('POST /api/v1/admin/apps/:appKey/config', () => {
       })
       .expect(422);
 
-    expect(response.body.meta.type).toEqual('UniqueViolationError');
+    expect(response.body.meta.type).toStrictEqual('UniqueViolationError');
     expect(response.body.errors).toMatchObject({
       key: ["'key' must be unique."],
     });

packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.test.js

@@ -32,7 +32,7 @@ describe('GET /api/v1/admin/apps/:appKey/auth-clients/:appAuthClientId', () => {
       .expect(200);
 
     const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing app auth client ID', async () => {

packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.test.js

@@ -39,6 +39,6 @@ describe('GET /api/v1/admin/apps/:appKey/auth-clients', () => {
       appAuthClientOne,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/admin/apps/update-config.ee.js

@@ -8,16 +8,19 @@ export default async (request, response) => {
     })
     .throwIfNotFound();
 
-  await appConfig.$query().patchAndFetch(appConfigParams(request));
+  await appConfig.$query().patchAndFetch({
+    ...appConfigParams(request),
+    key: request.params.appKey,
+  });
 
   renderObject(response, appConfig);
 };
 
 const appConfigParams = (request) => {
-  const { allowCustomConnection, shared, disabled } = request.body;
+  const { customConnectionAllowed, shared, disabled } = request.body;
 
   return {
-    allowCustomConnection,
+    customConnectionAllowed,
     shared,
     disabled,
   };

packages/backend/src/controllers/api/v1/admin/apps/update-config.ee.test.js

@@ -24,7 +24,7 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
   it('should return updated app config', async () => {
     const appConfig = {
       key: 'gitlab',
-      allowCustomConnection: true,
+      customConnectionAllowed: true,
       shared: true,
       disabled: false,
     };
@@ -34,7 +34,7 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
     const newAppConfigValues = {
       shared: false,
       disabled: true,
-      allowCustomConnection: false,
+      customConnectionAllowed: false,
     };
 
     const response = await request(app)
@@ -55,7 +55,7 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
     const appConfig = {
       shared: false,
       disabled: true,
-      allowCustomConnection: false,
+      customConnectionAllowed: false,
     };
 
     await request(app)
@@ -68,7 +68,7 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
   it('should return HTTP 422 for invalid app config data', async () => {
     const appConfig = {
       key: 'gitlab',
-      allowCustomConnection: true,
+      customConnectionAllowed: true,
       shared: true,
       disabled: false,
     };
@@ -83,7 +83,7 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
       })
       .expect(422);
 
-    expect(response.body.meta.type).toEqual('ModelValidation');
+    expect(response.body.meta.type).toStrictEqual('ModelValidation');
     expect(response.body.errors).toMatchObject({
       disabled: ['must be boolean'],
     });

packages/backend/src/controllers/api/v1/admin/config/update.ee.test.js

@@ -50,8 +50,8 @@ describe('PATCH /api/v1/admin/config', () => {
       .send(newConfigValues)
       .expect(200);
 
-    expect(response.body.data.title).toEqual(newTitle);
+    expect(response.body.data.title).toStrictEqual(newTitle);
-    expect(response.body.meta.type).toEqual('Config');
+    expect(response.body.meta.type).toStrictEqual('Config');
   });
 
   it('should return created config for unexisting config', async () => {
@@ -67,8 +67,8 @@ describe('PATCH /api/v1/admin/config', () => {
       .send(newConfigValues)
       .expect(200);
 
-    expect(response.body.data.title).toEqual(newTitle);
+    expect(response.body.data.title).toStrictEqual(newTitle);
-    expect(response.body.meta.type).toEqual('Config');
+    expect(response.body.meta.type).toStrictEqual('Config');
   });
 
   it('should return null for deleted config entry', async () => {
@@ -83,6 +83,6 @@ describe('PATCH /api/v1/admin/config', () => {
       .expect(200);
 
     expect(response.body.data.title).toBeNull();
-    expect(response.body.meta.type).toEqual('Config');
+    expect(response.body.meta.type).toStrictEqual('Config');
   });
 });

packages/backend/src/controllers/api/v1/admin/permissions/get-permissions-catalog.ee.test.js

@@ -27,6 +27,6 @@ describe('GET /api/v1/admin/permissions/catalog', () => {
 
     const expectedPayload = await getPermissionsCatalogMock();
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/admin/roles/create-role.ee.test.js

@@ -58,7 +58,7 @@ describe('POST /api/v1/admin/roles', () => {
       ]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return unprocessable entity response for invalid role data', async () => {

packages/backend/src/controllers/api/v1/admin/roles/delete-role.ee.test.js

@@ -92,21 +92,4 @@ describe('DELETE /api/v1/admin/roles/:roleId', () => {
       },
     });
   });
-
-  it('should not delete role and permissions on unsuccessful response', async () => {
-    const role = await createRole();
-    const permission = await createPermission({ roleId: role.id });
-    await createUser({ roleId: role.id });
-
-    await request(app)
-      .delete(`/api/v1/admin/roles/${role.id}`)
-      .set('Authorization', token)
-      .expect(422);
-
-    const refetchedRole = await role.$query();
-    const refetchedPermission = await permission.$query();
-
-    expect(refetchedRole).toStrictEqual(role);
-    expect(refetchedPermission).toStrictEqual(permission);
-  });
 });

packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.test.js

@@ -34,7 +34,7 @@ describe('GET /api/v1/admin/roles/:roleId', () => {
       permissionTwo,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing role UUID', async () => {

packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.test.js

@@ -28,6 +28,6 @@ describe('GET /api/v1/admin/roles', () => {
 
     const expectedPayload = await getRolesMock([roleOne, roleTwo]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.test.js

@@ -46,6 +46,6 @@ describe('GET /api/v1/admin/saml-auth-providers/:samlAuthProviderId/role-mapping
       roleMappingTwo,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js

@@ -30,7 +30,7 @@ describe('GET /api/v1/admin/saml-auth-provider/:samlAuthProviderId', () => {
 
     const expectedPayload = await getSamlAuthProviderMock(samlAuthProvider);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing saml auth provider UUID', async () => {

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.test.js

@@ -34,6 +34,6 @@ describe('GET /api/v1/admin/saml-auth-providers', () => {
       samlAuthProviderOne,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/admin/users/get-user.ee.test.js

@@ -30,7 +30,7 @@ describe('GET /api/v1/admin/users/:userId', () => {
       .expect(200);
 
     const expectedPayload = getUserMock(anotherUser, anotherUserRole);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing user UUID', async () => {

packages/backend/src/controllers/api/v1/admin/users/get-users.ee.test.js

@@ -40,6 +40,6 @@ describe('GET /api/v1/admin/users', () => {
       [anotherUserRole, currentUserRole]
     );
 
-    expect(response.body).toEqual(expectedResponsePayload);
+    expect(response.body).toStrictEqual(expectedResponsePayload);
   });
 });

packages/backend/src/controllers/api/v1/admin/users/update-user.ee.test.js

@@ -61,7 +61,8 @@ describe('PATCH /api/v1/admin/users/:userId', () => {
       .send(anotherUserUpdatedData)
       .expect(422);
 
-    expect(response.body.meta.type).toEqual('ModelValidation');
+    expect(response.body.meta.type).toStrictEqual('ModelValidation');
+
     expect(response.body.errors).toMatchObject({
       email: ['must be string'],
       fullName: ['must be string'],

packages/backend/src/controllers/api/v1/apps/create-connection.test.js

@@ -155,7 +155,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
       await createAppConfig({
         key: 'gitlab',
         disabled: false,
-        allowCustomConnection: true,
+        customConnectionAllowed: true,
       });
     });
 
@@ -218,7 +218,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
       await createAppConfig({
         key: 'gitlab',
         disabled: false,
-        allowCustomConnection: false,
+        customConnectionAllowed: false,
       });
     });
 

packages/backend/src/controllers/api/v1/apps/get-action-substeps.test.js

@@ -29,7 +29,7 @@ describe('GET /api/v1/apps/:appKey/actions/:actionKey/substeps', () => {
       .expect(200);
 
     const expectedPayload = getActionSubstepsMock(exampleAction.substeps);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for invalid app key', async () => {
@@ -47,6 +47,6 @@ describe('GET /api/v1/apps/:appKey/actions/:actionKey/substeps', () => {
       .set('Authorization', token)
       .expect(200);
 
-    expect(response.body.data).toEqual([]);
+    expect(response.body.data).toStrictEqual([]);
   });
 });

packages/backend/src/controllers/api/v1/apps/get-actions.test.js

@@ -23,7 +23,7 @@ describe('GET /api/v1/apps/:appKey/actions', () => {
       .expect(200);
 
     const expectedPayload = getActionsMock(exampleApp.actions);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for invalid app key', async () => {

packages/backend/src/controllers/api/v1/apps/get-app.test.js

@@ -23,7 +23,7 @@ describe('GET /api/v1/apps/:appKey', () => {
       .expect(200);
 
     const expectedPayload = getAppMock(exampleApp);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for invalid app key', async () => {

packages/backend/src/controllers/api/v1/apps/get-apps.test.js

@@ -22,7 +22,7 @@ describe('GET /api/v1/apps', () => {
       .expect(200);
 
     const expectedPayload = getAppsMock(apps);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return all apps filtered by name', async () => {
@@ -34,7 +34,7 @@ describe('GET /api/v1/apps', () => {
       .expect(200);
 
     const expectedPayload = getAppsMock(appsWithNameGit);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return only the apps with triggers', async () => {
@@ -46,7 +46,7 @@ describe('GET /api/v1/apps', () => {
       .expect(200);
 
     const expectedPayload = getAppsMock(appsWithTriggers);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return only the apps with actions', async () => {
@@ -58,6 +58,6 @@ describe('GET /api/v1/apps', () => {
       .expect(200);
 
     const expectedPayload = getAppsMock(appsWithActions);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/apps/get-auth-client.ee.test.js

@@ -29,7 +29,7 @@ describe('GET /api/v1/apps/:appKey/auth-clients/:appAuthClientId', () => {
       .expect(200);
 
     const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing app auth client ID', async () => {

packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.test.js

@@ -37,6 +37,6 @@ describe('GET /api/v1/apps/:appKey/auth-clients', () => {
       appAuthClientOne,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/apps/get-auth.test.js

@@ -23,7 +23,7 @@ describe('GET /api/v1/apps/:appKey/auth', () => {
       .expect(200);
 
     const expectedPayload = getAuthMock(exampleApp.auth);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for invalid app key', async () => {

packages/backend/src/controllers/api/v1/apps/get-config.ee.test.js

@@ -17,7 +17,7 @@ describe('GET /api/v1/apps/:appKey/config', () => {
 
     appConfig = await createAppConfig({
       key: 'deepl',
-      allowCustomConnection: true,
+      customConnectionAllowed: true,
       shared: true,
       disabled: false,
     });
@@ -32,7 +32,7 @@ describe('GET /api/v1/apps/:appKey/config', () => {
       .expect(200);
 
     const expectedPayload = getAppConfigMock(appConfig);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing app key', async () => {

packages/backend/src/controllers/api/v1/apps/get-connections.test.js

@@ -47,7 +47,7 @@ describe('GET /api/v1/apps/:appKey/connections', () => {
       currentUserConnectionOne,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the connections data of specified app for another user', async () => {
@@ -82,7 +82,7 @@ describe('GET /api/v1/apps/:appKey/connections', () => {
       anotherUserConnectionOne,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for invalid connection UUID', async () => {

packages/backend/src/controllers/api/v1/apps/get-flows.test.js

@@ -62,7 +62,7 @@ describe('GET /api/v1/apps/:appKey/flows', () => {
       [triggerStepFlowOne, actionStepFlowOne]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the flows data of specified app for another user', async () => {
@@ -110,7 +110,7 @@ describe('GET /api/v1/apps/:appKey/flows', () => {
       [triggerStepFlowOne, actionStepFlowOne]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for invalid app key', async () => {

packages/backend/src/controllers/api/v1/apps/get-trigger-substeps.test.js

@@ -29,7 +29,7 @@ describe('GET /api/v1/apps/:appKey/triggers/:triggerKey/substeps', () => {
       .expect(200);
 
     const expectedPayload = getTriggerSubstepsMock(exampleTrigger.substeps);
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for invalid app key', async () => {
@@ -47,6 +47,6 @@ describe('GET /api/v1/apps/:appKey/triggers/:triggerKey/substeps', () => {
       .set('Authorization', token)
       .expect(200);
 
-    expect(response.body.data).toEqual([]);
+    expect(response.body.data).toStrictEqual([]);
   });
 });

packages/backend/src/controllers/api/v1/apps/get-triggers.test.js

@@ -23,7 +23,7 @@ describe('GET /api/v1/apps/:appKey/triggers', () => {
       .expect(200);
 
     const expectedPayload = getTriggersMock(exampleApp.triggers);
-    expect(response.body).toEqual(expectedPayload);
+    expect(expectedPayload).toMatchObject(response.body);
   });
 
   it('should return not found response for invalid app key', async () => {

packages/backend/src/controllers/api/v1/automatisch/info.test.js

@@ -20,6 +20,6 @@ describe('GET /api/v1/automatisch/info', () => {
 
     const expectedPayload = infoMock();
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/automatisch/license.test.js

@@ -18,6 +18,6 @@ describe('GET /api/v1/automatisch/license', () => {
 
     const expectedPayload = licenseMock();
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/automatisch/version.test.js

@@ -21,6 +21,6 @@ describe('GET /api/v1/automatisch/version', () => {
       },
     };
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/connections/get-flows.test.js

@@ -69,7 +69,7 @@ describe('GET /api/v1/connections/:connectionId/flows', () => {
       [triggerStepFlowOne, actionStepFlowOne]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the flows data of specified connection for another user', async () => {
@@ -123,6 +123,6 @@ describe('GET /api/v1/connections/:connectionId/flows', () => {
       [triggerStepFlowOne, actionStepFlowOne]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/connections/test-connection.test.js

@@ -43,7 +43,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
       .set('Authorization', token)
       .expect(200);
 
-    expect(response.body.data.verified).toEqual(false);
+    expect(response.body.data.verified).toStrictEqual(false);
   });
 
   it('should update the connection as not verified for another user', async () => {
@@ -74,7 +74,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
       .set('Authorization', token)
       .expect(200);
 
-    expect(response.body.data.verified).toEqual(false);
+    expect(response.body.data.verified).toStrictEqual(false);
   });
 
   it('should return not found response for not existing connection UUID', async () => {

packages/backend/src/controllers/api/v1/connections/update-connection.js

@@ -8,7 +8,7 @@ export default async (request, response) => {
     })
     .throwIfNotFound();
 
-  connection = await connection.update(connectionParams(request));
+  connection = await connection.updateFormattedData(connectionParams(request));
 
   renderObject(response, connection);
 };

packages/backend/src/controllers/api/v1/connections/verify-connection.test.js

@@ -47,7 +47,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => {
       .set('Authorization', token)
       .expect(200);
 
-    expect(response.body.data.verified).toEqual(true);
+    expect(response.body.data.verified).toStrictEqual(true);
   });
 
   it('should return not found response for not existing connection UUID', async () => {

packages/backend/src/controllers/api/v1/executions/get-execution-steps.test.js

@@ -69,7 +69,7 @@ describe('GET /api/v1/executions/:executionId/execution-steps', () => {
       [stepOne, stepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the execution steps of another user execution', async () => {
@@ -118,7 +118,7 @@ describe('GET /api/v1/executions/:executionId/execution-steps', () => {
       [stepOne, stepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing execution step UUID', async () => {

packages/backend/src/controllers/api/v1/executions/get-execution.test.js

@@ -57,7 +57,7 @@ describe('GET /api/v1/executions/:executionId', () => {
       [stepOne, stepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the execution data of another user', async () => {
@@ -99,7 +99,7 @@ describe('GET /api/v1/executions/:executionId', () => {
       [stepOne, stepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing execution UUID', async () => {

packages/backend/src/controllers/api/v1/executions/get-executions.test.js

@@ -66,7 +66,7 @@ describe('GET /api/v1/executions', () => {
       [stepOne, stepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the executions of another user', async () => {
@@ -114,6 +114,6 @@ describe('GET /api/v1/executions', () => {
       [stepOne, stepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/flows/create-flow.js

@@ -1,11 +1,11 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 
 export default async (request, response) => {
-  let flow = await request.currentUser.$relatedQuery('flows').insert({
+  const flow = await request.currentUser.$relatedQuery('flows').insertAndFetch({
     name: 'Name your flow',
   });
 
-  flow = await flow.createInitialSteps();
+  await flow.createInitialSteps();
 
   renderObject(response, flow, { status: 201 });
 };

packages/backend/src/controllers/api/v1/flows/create-step.js

@@ -6,7 +6,7 @@ export default async (request, response) => {
     .findById(request.params.flowId)
     .throwIfNotFound();
 
-  const createdActionStep = await flow.createActionStep(
+  const createdActionStep = await flow.createStepAfter(
     request.body.previousStepId
   );
 

packages/backend/src/controllers/api/v1/flows/get-flow.test.js

@@ -41,7 +41,7 @@ describe('GET /api/v1/flows/:flowId', () => {
       actionStep,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the flow data of another user', async () => {
@@ -67,7 +67,7 @@ describe('GET /api/v1/flows/:flowId', () => {
       actionStep,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing flow UUID', async () => {

packages/backend/src/controllers/api/v1/flows/get-flows.test.js

@@ -63,7 +63,7 @@ describe('GET /api/v1/flows', () => {
       ]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the flows data of another user', async () => {
@@ -113,6 +113,6 @@ describe('GET /api/v1/flows', () => {
       ]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/installation/users/create-user.test.js

@@ -53,7 +53,7 @@ describe('POST /api/v1/installation/users', () => {
 
       const usersCountAfter = await User.query().resultSize();
 
-      expect(usersCountBefore).toEqual(usersCountAfter);
+      expect(usersCountBefore).toStrictEqual(usersCountAfter);
     });
   });
 

packages/backend/src/controllers/api/v1/payment/get-paddle-info.ee.test.js

@@ -28,6 +28,6 @@ describe('GET /api/v1/payment/paddle-info', () => {
 
     const expectedResponsePayload = await getPaddleInfoMock();
 
-    expect(response.body).toEqual(expectedResponsePayload);
+    expect(response.body).toStrictEqual(expectedResponsePayload);
   });
 });

packages/backend/src/controllers/api/v1/payment/get-plans.ee.test.js

@@ -24,6 +24,6 @@ describe('GET /api/v1/payment/plans', () => {
 
     const expectedResponsePayload = await getPaymentPlansMock();
 
-    expect(response.body).toEqual(expectedResponsePayload);
+    expect(response.body).toStrictEqual(expectedResponsePayload);
   });
 });

packages/backend/src/controllers/api/v1/saml-auth-providers/get-saml-auth-providers.ee.test.js

@@ -25,6 +25,6 @@ describe('GET /api/v1/saml-auth-providers', () => {
       samlAuthProviderOne,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js

@@ -78,7 +78,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
         })
         .expect(200);
 
-      expect(response.body.data).toEqual(repositories);
+      expect(response.body.data).toStrictEqual(repositories);
     });
 
     it('of the another users step', async () => {
@@ -117,7 +117,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
         })
         .expect(200);
 
-      expect(response.body.data).toEqual(repositories);
+      expect(response.body.data).toStrictEqual(repositories);
     });
   });
 
@@ -171,7 +171,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
         })
         .expect(422);
 
-      expect(response.body.errors).toEqual(errors);
+      expect(response.body.errors).toStrictEqual(errors);
     });
   });
 

packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js

@@ -56,7 +56,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
 
     const expectedPayload = await createDynamicFieldsMock();
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return dynamically created fields of the another users step', async () => {
@@ -97,7 +97,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
 
     const expectedPayload = await createDynamicFieldsMock();
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing step UUID', async () => {

packages/backend/src/controllers/api/v1/steps/get-connection.test.js

@@ -43,7 +43,7 @@ describe('GET /api/v1/steps/:stepId/connection', () => {
 
     const expectedPayload = await getConnectionMock(currentUserConnection);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the current user connection data of specified step', async () => {
@@ -70,7 +70,7 @@ describe('GET /api/v1/steps/:stepId/connection', () => {
 
     const expectedPayload = await getConnectionMock(anotherUserConnection);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing step without connection', async () => {

packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js

@@ -70,7 +70,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
       [executionStepOne, executionStepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return the previous steps of the specified step of another user', async () => {
@@ -124,7 +124,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
       [executionStepOne, executionStepTwo]
     );
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response for not existing step UUID', async () => {

packages/backend/src/controllers/api/v1/users/get-apps.test.js

@@ -79,7 +79,7 @@ describe('GET /api/v1/users/:userId/apps', () => {
       .expect(200);
 
     const expectedPayload = getAppsMock();
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return all apps of the another user', async () => {
@@ -143,7 +143,7 @@ describe('GET /api/v1/users/:userId/apps', () => {
       .expect(200);
 
     const expectedPayload = getAppsMock();
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return specified app of the current user', async () => {
@@ -204,7 +204,7 @@ describe('GET /api/v1/users/:userId/apps', () => {
       .set('Authorization', token)
       .expect(200);
 
-    expect(response.body.data.length).toEqual(1);
+    expect(response.body.data.length).toStrictEqual(1);
-    expect(response.body.data[0].key).toEqual('deepl');
+    expect(response.body.data[0].key).toStrictEqual('deepl');
   });
 });

packages/backend/src/controllers/api/v1/users/get-current-user.test.js

@@ -39,6 +39,6 @@ describe('GET /api/v1/users/me', () => {
       permissionTwo,
     ]);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/users/get-invoices.ee.test.js

@@ -29,6 +29,6 @@ describe('GET /api/v1/user/invoices', () => {
 
     const expectedPayload = await getInvoicesMock(invoices);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/users/get-plan-and-usage.ee.test.js

@@ -36,7 +36,7 @@ describe('GET /api/v1/users/:userId/plan-and-usage', () => {
       },
     };
 
-    expect(response.body.data).toEqual(expectedResponseData);
+    expect(response.body.data).toStrictEqual(expectedResponseData);
   });
 
   it('should return current plan and usage data', async () => {
@@ -63,6 +63,6 @@ describe('GET /api/v1/users/:userId/plan-and-usage', () => {
       },
     };
 
-    expect(response.body.data).toEqual(expectedResponseData);
+    expect(response.body.data).toStrictEqual(expectedResponseData);
   });
 });

packages/backend/src/controllers/api/v1/users/get-subscription.ee.test.js

@@ -33,7 +33,7 @@ describe('GET /api/v1/users/:userId/subscription', () => {
 
     const expectedPayload = getSubscriptionMock(subscription);
 
-    expect(response.body).toEqual(expectedPayload);
+    expect(response.body).toStrictEqual(expectedPayload);
   });
 
   it('should return not found response if there is no current subscription', async () => {

packages/backend/src/controllers/api/v1/users/get-user-trial.ee.test.js

@@ -32,7 +32,7 @@ describe('GET /api/v1/users/:userId/trial', () => {
         .expect(200);
 
       const expectedResponsePayload = await getUserTrialMock(user);
-      expect(response.body).toEqual(expectedResponsePayload);
+      expect(response.body).toStrictEqual(expectedResponsePayload);
     });
   });
 });

packages/backend/src/controllers/api/v1/users/update-current-user-password.test.js

@@ -43,7 +43,7 @@ describe('PATCH /api/v1/users/:userId/password', () => {
       .send(userData)
       .expect(422);
 
-    expect(response.body.meta.type).toEqual('ValidationError');
+    expect(response.body.meta.type).toStrictEqual('ValidationError');
     expect(response.body.errors).toMatchObject({
       currentPassword: ['is incorrect.'],
     });

packages/backend/src/controllers/api/v1/users/update-current-user.test.js

@@ -47,7 +47,8 @@ describe('PATCH /api/v1/users/:userId', () => {
       .send(userData)
       .expect(422);
 
-    expect(response.body.meta.type).toEqual('ModelValidation');
+    expect(response.body.meta.type).toStrictEqual('ModelValidation');
+
     expect(response.body.errors).toMatchObject({
       email: ['must be string'],
       fullName: ['must be string'],

packages/backend/src/db/migrations/20241002121145_add_connection_allowed_to_app_configs.js

@@ -0,0 +1,37 @@
+export async function up(knex) {
+  await knex.schema.alterTable('app_configs', (table) => {
+    table.boolean('connection_allowed').defaultTo(false);
+  });
+
+  const appConfigs = await knex('app_configs').select('*');
+
+  for (const appConfig of appConfigs) {
+    const appAuthClients = await knex('app_auth_clients').where(
+      'app_key',
+      appConfig.key
+    );
+
+    const hasSomeActiveAppAuthClients = !!appAuthClients?.some(
+      (appAuthClient) => appAuthClient.active
+    );
+    const shared = appConfig.shared;
+    const active = appConfig.disabled === false;
+
+    const connectionAllowedConditions = [
+      hasSomeActiveAppAuthClients,
+      shared,
+      active,
+    ];
+    const connectionAllowed = connectionAllowedConditions.every(Boolean);
+
+    await knex('app_configs')
+      .where('id', appConfig.id)
+      .update({ connection_allowed: connectionAllowed });
+  }
+}
+
+export async function down(knex) {
+  await knex.schema.alterTable('app_configs', (table) => {
+    table.dropColumn('connection_allowed');
+  });
+}

packages/backend/src/db/migrations/20241009094438_rename_allow_custom_connection_as_custom_connection_allowed_in_app_configs.js

@@ -0,0 +1,11 @@
+export async function up(knex) {
+  return knex.schema.alterTable('app_configs', (table) => {
+    table.renameColumn('allow_custom_connection', 'custom_connection_allowed');
+  });
+}
+
+export async function down(knex) {
+  return knex.schema.alterTable('app_configs', (table) => {
+    table.renameColumn('custom_connection_allowed', 'allow_custom_connection');
+  });
+}

packages/backend/src/db/migrations/20241024130418_make_key_primary_for_app_configs.js

@@ -0,0 +1,13 @@
+export async function up(knex) {
+  return knex.schema.alterTable('app_configs', function (table) {
+    table.dropPrimary();
+    table.primary('key');
+  });
+}
+
+export async function down(knex) {
+  return knex.schema.alterTable('app_configs', function (table) {
+    table.dropPrimary();
+    table.primary('id');
+  });
+}

packages/backend/src/db/migrations/20241024131158_remove_id_column_from_app_configs.js

@@ -0,0 +1,11 @@
+export async function up(knex) {
+  return knex.schema.alterTable('app_configs', function (table) {
+    table.dropColumn('id');
+  });
+}
+
+export async function down(knex) {
+  return knex.schema.alterTable('app_configs', function (table) {
+    table.uuid('id').defaultTo(knex.raw('gen_random_uuid()'));
+  });
+}

packages/backend/src/models/__snapshots__/app-config.test.js.snap

@@ -0,0 +1,41 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`AppConfig model > jsonSchema should have correct validations 1`] = `
+{
+  "properties": {
+    "connectionAllowed": {
+      "default": false,
+      "type": "boolean",
+    },
+    "createdAt": {
+      "type": "string",
+    },
+    "customConnectionAllowed": {
+      "default": false,
+      "type": "boolean",
+    },
+    "disabled": {
+      "default": false,
+      "type": "boolean",
+    },
+    "id": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "key": {
+      "type": "string",
+    },
+    "shared": {
+      "default": false,
+      "type": "boolean",
+    },
+    "updatedAt": {
+      "type": "string",
+    },
+  },
+  "required": [
+    "key",
+  ],
+  "type": "object",
+}
+`;

packages/backend/src/models/__snapshots__/flow.test.js.snap

@@ -0,0 +1,42 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`Flow model > jsonSchema should have correct validations 1`] = `
+{
+  "properties": {
+    "active": {
+      "type": "boolean",
+    },
+    "createdAt": {
+      "type": "string",
+    },
+    "deletedAt": {
+      "type": "string",
+    },
+    "id": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "name": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "publishedAt": {
+      "type": "string",
+    },
+    "remoteWebhookId": {
+      "type": "string",
+    },
+    "updatedAt": {
+      "type": "string",
+    },
+    "userId": {
+      "format": "uuid",
+      "type": "string",
+    },
+  },
+  "required": [
+    "name",
+  ],
+  "type": "object",
+}
+`;

packages/backend/src/models/__snapshots__/permission.test.js.snap

@@ -0,0 +1,42 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`Permission model > jsonSchema should have correct validations 1`] = `
+{
+  "properties": {
+    "action": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "conditions": {
+      "items": {
+        "type": "string",
+      },
+      "type": "array",
+    },
+    "createdAt": {
+      "type": "string",
+    },
+    "id": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "roleId": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "subject": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "updatedAt": {
+      "type": "string",
+    },
+  },
+  "required": [
+    "roleId",
+    "action",
+    "subject",
+  ],
+  "type": "object",
+}
+`;

packages/backend/src/models/__snapshots__/role.test.js.snap

@@ -0,0 +1,33 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`Role model > jsonSchema should have correct validations 1`] = `
+{
+  "properties": {
+    "createdAt": {
+      "type": "string",
+    },
+    "description": {
+      "maxLength": 255,
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "id": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "name": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "updatedAt": {
+      "type": "string",
+    },
+  },
+  "required": [
+    "name",
+  ],
+  "type": "object",
+}
+`;

packages/backend/src/models/__snapshots__/saml-auth-provider.ee.test.js.snap

@@ -0,0 +1,72 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`SamlAuthProvider model > jsonSchema should have the correct schema 1`] = `
+{
+  "properties": {
+    "active": {
+      "type": "boolean",
+    },
+    "certificate": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "defaultRoleId": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "emailAttributeName": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "entryPoint": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "firstnameAttributeName": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "id": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "issuer": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "name": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "roleAttributeName": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "signatureAlgorithm": {
+      "enum": [
+        "sha1",
+        "sha256",
+        "sha512",
+      ],
+      "type": "string",
+    },
+    "surnameAttributeName": {
+      "minLength": 1,
+      "type": "string",
+    },
+  },
+  "required": [
+    "name",
+    "certificate",
+    "signatureAlgorithm",
+    "entryPoint",
+    "issuer",
+    "firstnameAttributeName",
+    "surnameAttributeName",
+    "emailAttributeName",
+    "roleAttributeName",
+    "defaultRoleId",
+  ],
+  "type": "object",
+}
+`;

packages/backend/src/models/__snapshots__/saml-auth-providers-role-mapping.ee.test.js.snap

@@ -28,14 +28,3 @@ exports[`SamlAuthProvidersRoleMapping model > jsonSchema should have the correct
   "type": "object",
 }
 `;
-
-exports[`SamlAuthProvidersRoleMapping model > relationMappings should have samlAuthProvider relation 1`] = `
-{
-  "join": {
-    "from": "saml_auth_providers_role_mappings.saml_auth_provider_id",
-    "to": "saml_auth_providers.id",
-  },
-  "modelClass": [Function],
-  "relation": [Function],
-}
-`;

packages/backend/src/models/__snapshots__/step.test.js.snap

@@ -0,0 +1,77 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`Step model > jsonSchema should have correct validations 1`] = `
+{
+  "properties": {
+    "appKey": {
+      "maxLength": 255,
+      "minLength": 1,
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "connectionId": {
+      "format": "uuid",
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "createdAt": {
+      "type": "string",
+    },
+    "deletedAt": {
+      "type": "string",
+    },
+    "flowId": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "id": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "key": {
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "parameters": {
+      "type": "object",
+    },
+    "position": {
+      "type": "integer",
+    },
+    "status": {
+      "default": "incomplete",
+      "enum": [
+        "incomplete",
+        "completed",
+      ],
+      "type": "string",
+    },
+    "type": {
+      "enum": [
+        "action",
+        "trigger",
+      ],
+      "type": "string",
+    },
+    "updatedAt": {
+      "type": "string",
+    },
+    "webhookPath": {
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+  },
+  "required": [
+    "type",
+  ],
+  "type": "object",
+}
+`;

packages/backend/src/models/__snapshots__/user.test.js.snap

@@ -0,0 +1,81 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`User model > jsonSchema should have correct validations 1`] = `
+{
+  "properties": {
+    "createdAt": {
+      "type": "string",
+    },
+    "deletedAt": {
+      "type": "string",
+    },
+    "email": {
+      "format": "email",
+      "maxLength": 255,
+      "minLength": 1,
+      "type": "string",
+    },
+    "fullName": {
+      "minLength": 1,
+      "type": "string",
+    },
+    "id": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "invitationToken": {
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "invitationTokenSentAt": {
+      "format": "date-time",
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "password": {
+      "minLength": 6,
+      "type": "string",
+    },
+    "resetPasswordToken": {
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "resetPasswordTokenSentAt": {
+      "format": "date-time",
+      "type": [
+        "string",
+        "null",
+      ],
+    },
+    "roleId": {
+      "format": "uuid",
+      "type": "string",
+    },
+    "status": {
+      "default": "active",
+      "enum": [
+        "active",
+        "invited",
+      ],
+      "type": "string",
+    },
+    "trialExpiryDate": {
+      "type": "string",
+    },
+    "updatedAt": {
+      "type": "string",
+    },
+  },
+  "required": [
+    "fullName",
+    "email",
+  ],
+  "type": "object",
+}
+`;

packages/backend/src/models/app-auth-client.js

@@ -2,6 +2,7 @@ import AES from 'crypto-js/aes.js';
 import enc from 'crypto-js/enc-utf8.js';
 import appConfig from '../config/app.js';
 import Base from './base.js';
+import AppConfig from './app-config.js';
 
 class AppAuthClient extends Base {
   static tableName = 'app_auth_clients';
@@ -21,6 +22,17 @@ class AppAuthClient extends Base {
     },
   };
 
+  static relationMappings = () => ({
+    appConfig: {
+      relation: Base.BelongsToOneRelation,
+      modelClass: AppConfig,
+      join: {
+        from: 'app_auth_clients.app_key',
+        to: 'app_configs.key',
+      },
+    },
+  });
+
   encryptData() {
     if (!this.eligibleForEncryption()) return;
 
@@ -48,6 +60,17 @@ class AppAuthClient extends Base {
     return this.authDefaults ? true : false;
   }
 
+  async triggerAppConfigUpdate() {
+    const appConfig = await this.$relatedQuery('appConfig');
+
+    // This is a workaround to update connection allowed column for AppConfig
+    await appConfig?.$query().patch({
+      key: appConfig.key,
+      shared: appConfig.shared,
+      disabled: appConfig.disabled,
+    });
+  }
+
   // TODO: Make another abstraction like beforeSave instead of using
   // beforeInsert and beforeUpdate separately for the same operation.
   async $beforeInsert(queryContext) {
@@ -55,11 +78,23 @@ class AppAuthClient extends Base {
     this.encryptData();
   }
 
+  async $afterInsert(queryContext) {
+    await super.$afterInsert(queryContext);
+
+    await this.triggerAppConfigUpdate();
+  }
+
   async $beforeUpdate(opt, queryContext) {
     await super.$beforeUpdate(opt, queryContext);
     this.encryptData();
   }
 
+  async $afterUpdate(opt, queryContext) {
+    await super.$afterUpdate(opt, queryContext);
+
+    await this.triggerAppConfigUpdate();
+  }
+
   async $afterFind() {
     this.decryptData();
   }

packages/backend/src/models/app-auth-client.test.js

@@ -2,9 +2,12 @@ import { describe, it, expect, vi } from 'vitest';
 import AES from 'crypto-js/aes.js';
 import enc from 'crypto-js/enc-utf8.js';
 
+import AppConfig from './app-config.js';
 import AppAuthClient from './app-auth-client.js';
+import Base from './base.js';
 import appConfig from '../config/app.js';
 import { createAppAuthClient } from '../../test/factories/app-auth-client.js';
+import { createAppConfig } from '../../test/factories/app-config.js';
 
 describe('AppAuthClient model', () => {
   it('tableName should return correct name', () => {
@@ -15,6 +18,23 @@ describe('AppAuthClient model', () => {
     expect(AppAuthClient.jsonSchema).toMatchSnapshot();
   });
 
+  it('relationMappings should return correct associations', () => {
+    const relationMappings = AppAuthClient.relationMappings();
+
+    const expectedRelations = {
+      appConfig: {
+        relation: Base.BelongsToOneRelation,
+        modelClass: AppConfig,
+        join: {
+          from: 'app_auth_clients.app_key',
+          to: 'app_configs.key',
+        },
+      },
+    };
+
+    expect(relationMappings).toStrictEqual(expectedRelations);
+  });
+
   describe('encryptData', () => {
     it('should return undefined if eligibleForEncryption is not true', async () => {
       vi.spyOn(
@@ -49,7 +69,9 @@ describe('AppAuthClient model', () => {
       );
 
       expect(formattedAuthDefaults).toStrictEqual(expectedDecryptedValue);
-      expect(appAuthClient.authDefaults).not.toEqual(formattedAuthDefaults);
+      expect(appAuthClient.authDefaults).not.toStrictEqual(
+        formattedAuthDefaults
+      );
     });
 
     it('should encrypt formattedAuthDefaults and remove formattedAuthDefaults', async () => {
@@ -104,7 +126,9 @@ describe('AppAuthClient model', () => {
       expect(appAuthClient.formattedAuthDefaults).toStrictEqual(
         formattedAuthDefaults
       );
-      expect(appAuthClient.authDefaults).not.toEqual(formattedAuthDefaults);
+      expect(appAuthClient.authDefaults).not.toStrictEqual(
+        formattedAuthDefaults
+      );
     });
   });
 
@@ -140,6 +164,63 @@ describe('AppAuthClient model', () => {
     });
   });
 
+  describe('triggerAppConfigUpdate', () => {
+    it('should trigger an update in related app config', async () => {
+      await createAppConfig({ key: 'gitlab' });
+
+      const appAuthClient = await createAppAuthClient({
+        appKey: 'gitlab',
+      });
+
+      const appConfigBeforeUpdateSpy = vi.spyOn(
+        AppConfig.prototype,
+        '$beforeUpdate'
+      );
+
+      await appAuthClient.triggerAppConfigUpdate();
+
+      expect(appConfigBeforeUpdateSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should update related AppConfig after creating an instance', async () => {
+      const appConfig = await createAppConfig({
+        key: 'gitlab',
+        disabled: false,
+        shared: true,
+      });
+
+      await createAppAuthClient({
+        appKey: 'gitlab',
+        active: true,
+      });
+
+      const refetchedAppConfig = await appConfig.$query();
+
+      expect(refetchedAppConfig.connectionAllowed).toBe(true);
+    });
+
+    it('should update related AppConfig after updating an instance', async () => {
+      const appConfig = await createAppConfig({
+        key: 'gitlab',
+        disabled: false,
+        shared: true,
+      });
+
+      const appAuthClient = await createAppAuthClient({
+        appKey: 'gitlab',
+        active: false,
+      });
+
+      let refetchedAppConfig = await appConfig.$query();
+      expect(refetchedAppConfig.connectionAllowed).toBe(false);
+
+      await appAuthClient.$query().patchAndFetch({ active: true });
+
+      refetchedAppConfig = await appConfig.$query();
+      expect(refetchedAppConfig.connectionAllowed).toBe(true);
+    });
+  });
+
   it('$beforeInsert should call AppAuthClient.encryptData', async () => {
     const appAuthClientBeforeInsertSpy = vi.spyOn(
       AppAuthClient.prototype,
@@ -151,6 +232,17 @@ describe('AppAuthClient model', () => {
     expect(appAuthClientBeforeInsertSpy).toHaveBeenCalledOnce();
   });
 
+  it('$afterInsert should call AppAuthClient.triggerAppConfigUpdate', async () => {
+    const appAuthClientAfterInsertSpy = vi.spyOn(
+      AppAuthClient.prototype,
+      'triggerAppConfigUpdate'
+    );
+
+    await createAppAuthClient();
+
+    expect(appAuthClientAfterInsertSpy).toHaveBeenCalledOnce();
+  });
+
   it('$beforeUpdate should call AppAuthClient.encryptData', async () => {
     const appAuthClient = await createAppAuthClient();
 
@@ -164,6 +256,19 @@ describe('AppAuthClient model', () => {
     expect(appAuthClientBeforeUpdateSpy).toHaveBeenCalledOnce();
   });
 
+  it('$afterUpdate should call AppAuthClient.triggerAppConfigUpdate', async () => {
+    const appAuthClient = await createAppAuthClient();
+
+    const appAuthClientAfterUpdateSpy = vi.spyOn(
+      AppAuthClient.prototype,
+      'triggerAppConfigUpdate'
+    );
+
+    await appAuthClient.$query().patchAndFetch({ name: 'sample' });
+
+    expect(appAuthClientAfterUpdateSpy).toHaveBeenCalledOnce();
+  });
+
   it('$afterFind should call AppAuthClient.decryptData', async () => {
     const appAuthClient = await createAppAuthClient();
 

packages/backend/src/models/app-config.js

@@ -5,6 +5,10 @@ import Base from './base.js';
 class AppConfig extends Base {
   static tableName = 'app_configs';
 
+  static get idColumn() {
+    return 'key';
+  }
+
   static jsonSchema = {
     type: 'object',
     required: ['key'],
@@ -12,7 +16,8 @@ class AppConfig extends Base {
     properties: {
       id: { type: 'string', format: 'uuid' },
       key: { type: 'string' },
-      allowCustomConnection: { type: 'boolean', default: false },
+      connectionAllowed: { type: 'boolean', default: false },
+      customConnectionAllowed: { type: 'boolean', default: false },
       shared: { type: 'boolean', default: false },
       disabled: { type: 'boolean', default: false },
       createdAt: { type: 'string' },
@@ -31,31 +36,44 @@ class AppConfig extends Base {
     },
   });
 
-  static get virtualAttributes() {
-    return ['canConnect', 'canCustomConnect'];
-  }
-
-  get canCustomConnect() {
-    return !this.disabled && this.allowCustomConnection;
-  }
-
-  get canConnect() {
-    const hasSomeActiveAppAuthClients = !!this.appAuthClients?.some(
-      (appAuthClient) => appAuthClient.active
-    );
-    const shared = this.shared;
-    const active = this.disabled === false;
-
-    const conditions = [hasSomeActiveAppAuthClients, shared, active];
-
-    return conditions.every(Boolean);
-  }
-
   async getApp() {
     if (!this.key) return null;
 
     return await App.findOneByKey(this.key);
   }
+
+  async computeAndAssignConnectionAllowedProperty() {
+    this.connectionAllowed = await this.computeConnectionAllowedProperty();
+  }
+
+  async computeConnectionAllowedProperty() {
+    const appAuthClients = await this.$relatedQuery('appAuthClients');
+
+    const hasSomeActiveAppAuthClients =
+      appAuthClients?.some((appAuthClient) => appAuthClient.active) || false;
+
+    const conditions = [
+      hasSomeActiveAppAuthClients,
+      this.shared,
+      !this.disabled,
+    ];
+
+    const connectionAllowed = conditions.every(Boolean);
+
+    return connectionAllowed;
+  }
+
+  async $beforeInsert(queryContext) {
+    await super.$beforeInsert(queryContext);
+
+    await this.computeAndAssignConnectionAllowedProperty();
+  }
+
+  async $beforeUpdate(opt, queryContext) {
+    await super.$beforeUpdate(opt, queryContext);
+
+    await this.computeAndAssignConnectionAllowedProperty();
+  }
 }
 
 export default AppConfig;

packages/backend/src/models/app-config.test.js

@@ -0,0 +1,180 @@
+import { vi, describe, it, expect } from 'vitest';
+
+import Base from './base.js';
+import AppConfig from './app-config.js';
+import App from './app.js';
+import AppAuthClient from './app-auth-client.js';
+import { createAppConfig } from '../../test/factories/app-config.js';
+import { createAppAuthClient } from '../../test/factories/app-auth-client.js';
+
+describe('AppConfig model', () => {
+  it('tableName should return correct name', () => {
+    expect(AppConfig.tableName).toBe('app_configs');
+  });
+
+  it('idColumn should return key field', () => {
+    expect(AppConfig.idColumn).toBe('key');
+  });
+
+  it('jsonSchema should have correct validations', () => {
+    expect(AppConfig.jsonSchema).toMatchSnapshot();
+  });
+
+  it('relationMappings should return correct associations', () => {
+    const relationMappings = AppConfig.relationMappings();
+
+    const expectedRelations = {
+      appAuthClients: {
+        relation: Base.HasManyRelation,
+        modelClass: AppAuthClient,
+        join: {
+          from: 'app_configs.key',
+          to: 'app_auth_clients.app_key',
+        },
+      },
+    };
+
+    expect(relationMappings).toStrictEqual(expectedRelations);
+  });
+
+  describe('getApp', () => {
+    it('getApp should return null if there is no key', async () => {
+      const appConfig = new AppConfig();
+      const app = await appConfig.getApp();
+
+      expect(app).toBeNull();
+    });
+
+    it('getApp should return app with provided key', async () => {
+      const appConfig = new AppConfig();
+      appConfig.key = 'deepl';
+
+      const app = await appConfig.getApp();
+      const expectedApp = await App.findOneByKey(appConfig.key);
+
+      expect(app).toStrictEqual(expectedApp);
+    });
+  });
+
+  describe('computeAndAssignConnectionAllowedProperty', () => {
+    it('should call computeConnectionAllowedProperty and assign the result', async () => {
+      const appConfig = await createAppConfig();
+
+      const computeConnectionAllowedPropertySpy = vi
+        .spyOn(appConfig, 'computeConnectionAllowedProperty')
+        .mockResolvedValue(true);
+
+      await appConfig.computeAndAssignConnectionAllowedProperty();
+
+      expect(computeConnectionAllowedPropertySpy).toHaveBeenCalled();
+      expect(appConfig.connectionAllowed).toBe(true);
+    });
+  });
+
+  describe('computeConnectionAllowedProperty', () => {
+    it('should return true when app is enabled, shared and allows custom connection with an active app auth client', async () => {
+      await createAppAuthClient({
+        appKey: 'deepl',
+        active: true,
+      });
+
+      await createAppAuthClient({
+        appKey: 'deepl',
+        active: false,
+      });
+
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
+        key: 'deepl',
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(true);
+    });
+
+    it('should return false if there is no active app auth client', async () => {
+      await createAppAuthClient({
+        appKey: 'deepl',
+        active: false,
+      });
+
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
+        key: 'deepl',
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+
+    it('should return false if there is no app auth clients', async () => {
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
+        key: 'deepl',
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+
+    it('should return false when app is disabled', async () => {
+      const appConfig = await createAppConfig({
+        disabled: true,
+        customConnectionAllowed: true,
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+
+    it(`should return false when app doesn't allow custom connection`, async () => {
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: false,
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+  });
+
+  it('$beforeInsert should call computeAndAssignConnectionAllowedProperty', async () => {
+    const computeAndAssignConnectionAllowedPropertySpy = vi
+      .spyOn(AppConfig.prototype, 'computeAndAssignConnectionAllowedProperty')
+      .mockResolvedValue(true);
+
+    await createAppConfig();
+
+    expect(computeAndAssignConnectionAllowedPropertySpy).toHaveBeenCalledOnce();
+  });
+
+  it('$beforeUpdate should call computeAndAssignConnectionAllowedProperty', async () => {
+    const appConfig = await createAppConfig();
+
+    const computeAndAssignConnectionAllowedPropertySpy = vi
+      .spyOn(AppConfig.prototype, 'computeAndAssignConnectionAllowedProperty')
+      .mockResolvedValue(true);
+
+    await appConfig.$query().patch({
+      key: 'deepl',
+    });
+
+    expect(computeAndAssignConnectionAllowedPropertySpy).toHaveBeenCalledOnce();
+  });
+});

packages/backend/src/models/connection.js

@@ -89,7 +89,7 @@ class Connection extends Base {
     }
 
     if (this.appConfig) {
-      return !this.appConfig.disabled && this.appConfig.allowCustomConnection;
+      return !this.appConfig.disabled && this.appConfig.customConnectionAllowed;
     }
 
     return true;
@@ -122,10 +122,20 @@ class Connection extends Base {
     return this.data ? true : false;
   }
 
-  async checkEligibilityForCreation() {
+  async getApp() {
-    const app = await App.findOneByKey(this.key);
+    if (!this.key) return null;
 
-    const appConfig = await AppConfig.query().findOne({ key: this.key });
+    return await App.findOneByKey(this.key);
+  }
+
+  async getAppConfig() {
+    return await AppConfig.query().findOne({ key: this.key });
+  }
+
+  async checkEligibilityForCreation() {
+    const app = await this.getApp();
+
+    const appConfig = await this.getAppConfig();
 
     if (appConfig) {
       if (appConfig.disabled) {
@@ -134,7 +144,7 @@ class Connection extends Base {
         );
       }
 
-      if (!appConfig.allowCustomConnection && this.formattedData) {
+      if (!appConfig.customConnectionAllowed && this.formattedData) {
         throw new NotAuthorizedError(
           `New custom connections have been disabled for ${app.name}!`
         );
@@ -160,12 +170,6 @@ class Connection extends Base {
     return this;
   }
 
-  async getApp() {
-    if (!this.key) return null;
-
-    return await App.findOneByKey(this.key);
-  }
-
   async testAndUpdateConnection() {
     const app = await this.getApp();
     const $ = await globalVariable({ connection: this, app });
@@ -224,7 +228,7 @@ class Connection extends Base {
   async reset() {
     const formattedData = this?.formattedData?.screenName
       ? { screenName: this.formattedData.screenName }
-      : null;
+      : {};
 
     const updatedConnection = await this.$query().patchAndFetch({
       formattedData,
@@ -233,7 +237,7 @@ class Connection extends Base {
     return updatedConnection;
   }
 
-  async update({ formattedData, appAuthClientId }) {
+  async updateFormattedData({ formattedData, appAuthClientId }) {
     if (appAuthClientId) {
       const appAuthClient = await AppAuthClient.query()
         .findById(appAuthClientId)

packages/backend/src/models/connection.test.js

@@ -3,11 +3,16 @@ import AES from 'crypto-js/aes.js';
 import enc from 'crypto-js/enc-utf8.js';
 import appConfig from '../config/app.js';
 import AppAuthClient from './app-auth-client.js';
+import App from './app.js';
 import AppConfig from './app-config.js';
 import Base from './base.js';
 import Connection from './connection';
 import Step from './step.js';
 import User from './user.js';
+import Telemetry from '../helpers/telemetry/index.js';
+import { createConnection } from '../../test/factories/connection.js';
+import { createAppConfig } from '../../test/factories/app-config.js';
+import { createAppAuthClient } from '../../test/factories/app-auth-client.js';
 
 describe('Connection model', () => {
   it('tableName should return correct name', () => {
@@ -26,57 +31,138 @@ describe('Connection model', () => {
     expect(virtualAttributes).toStrictEqual(expectedAttributes);
   });
 
-  it('relationMappings should return correct associations', () => {
+  describe('relationMappings', () => {
-    const relationMappings = Connection.relationMappings();
+    it('should return correct associations', () => {
+      const relationMappings = Connection.relationMappings();
 
-    const expectedRelations = {
+      const expectedRelations = {
-      user: {
+        user: {
-        relation: Base.BelongsToOneRelation,
+          relation: Base.BelongsToOneRelation,
-        modelClass: User,
+          modelClass: User,
-        join: {
+          join: {
-          from: 'connections.user_id',
+            from: 'connections.user_id',
-          to: 'users.id',
+            to: 'users.id',
+          },
         },
-      },
+        steps: {
-      steps: {
+          relation: Base.HasManyRelation,
-        relation: Base.HasManyRelation,
+          modelClass: Step,
-        modelClass: Step,
+          join: {
-        join: {
+            from: 'connections.id',
-          from: 'connections.id',
+            to: 'steps.connection_id',
-          to: 'steps.connection_id',
+          },
         },
-      },
+        triggerSteps: {
-      triggerSteps: {
+          relation: Base.HasManyRelation,
-        relation: Base.HasManyRelation,
+          modelClass: Step,
-        modelClass: Step,
+          join: {
-        join: {
+            from: 'connections.id',
-          from: 'connections.id',
+            to: 'steps.connection_id',
-          to: 'steps.connection_id',
+          },
+          filter: expect.any(Function),
         },
-        filter: expect.any(Function),
+        appConfig: {
-      },
+          relation: Base.BelongsToOneRelation,
-      appConfig: {
+          modelClass: AppConfig,
-        relation: Base.BelongsToOneRelation,
+          join: {
-        modelClass: AppConfig,
+            from: 'connections.key',
-        join: {
+            to: 'app_configs.key',
-          from: 'connections.key',
+          },
-          to: 'app_configs.key',
         },
-      },
+        appAuthClient: {
-      appAuthClient: {
+          relation: Base.BelongsToOneRelation,
-        relation: Base.BelongsToOneRelation,
+          modelClass: AppAuthClient,
-        modelClass: AppAuthClient,
+          join: {
-        join: {
+            from: 'connections.app_auth_client_id',
-          from: 'connections.app_auth_client_id',
+            to: 'app_auth_clients.id',
-          to: 'app_auth_clients.id',
+          },
         },
-      },
+      };
-    };
 
-    expect(relationMappings).toStrictEqual(expectedRelations);
+      expect(relationMappings).toStrictEqual(expectedRelations);
+    });
+
+    it('triggerSteps should return only trigger typed steps', () => {
+      const relations = Connection.relationMappings();
+      const whereSpy = vi.fn();
+
+      relations.triggerSteps.filter({ where: whereSpy });
+
+      expect(whereSpy).toHaveBeenCalledWith('type', '=', 'trigger');
+    });
   });
 
-  describe.todo('reconnectable');
+  describe('reconnectable', () => {
+    it('should return active status of app auth client when created via app auth client', async () => {
+      const appAuthClient = await createAppAuthClient({
+        active: true,
+        formattedAuthDefaults: {
+          clientId: 'sample-id',
+        },
+      });
+
+      const connection = await createConnection({
+        appAuthClientId: appAuthClient.id,
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      const connectionWithAppAuthClient = await connection
+        .$query()
+        .withGraphFetched({
+          appAuthClient: true,
+        });
+
+      expect(connectionWithAppAuthClient.reconnectable).toBe(true);
+    });
+
+    it('should return true when app config is not disabled and allows custom connection', async () => {
+      const appConfig = await createAppConfig({
+        key: 'gitlab',
+        disabled: false,
+        customConnectionAllowed: true,
+      });
+
+      const connection = await createConnection({
+        key: appConfig.key,
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      const connectionWithAppAuthClient = await connection
+        .$query()
+        .withGraphFetched({
+          appConfig: true,
+        });
+
+      expect(connectionWithAppAuthClient.reconnectable).toBe(true);
+    });
+
+    it('should return false when app config is disabled or does not allow custom connection', async () => {
+      const connection = await createConnection({
+        key: 'gitlab',
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      await createAppConfig({
+        key: 'gitlab',
+        disabled: true,
+        customConnectionAllowed: false,
+      });
+
+      const connectionWithAppAuthClient = await connection
+        .$query()
+        .withGraphFetched({
+          appConfig: true,
+        });
+
+      expect(connectionWithAppAuthClient.reconnectable).toBe(false);
+    });
+  });
 
   describe('encryptData', () => {
     it('should return undefined if eligibleForEncryption is not true', async () => {
@@ -107,7 +193,7 @@ describe('Connection model', () => {
       );
 
       expect(formattedData).toStrictEqual(expectedDecryptedValue);
-      expect(connection.data).not.toEqual(formattedData);
+      expect(connection.data).not.toStrictEqual(formattedData);
     });
 
     it('should encrypt formattedData and remove formattedData', async () => {
@@ -157,7 +243,561 @@ describe('Connection model', () => {
       connection.decryptData();
 
       expect(connection.formattedData).toStrictEqual(formattedData);
-      expect(connection.data).not.toEqual(formattedData);
+      expect(connection.data).not.toStrictEqual(formattedData);
+    });
+  });
+
+  describe('eligibleForEncryption', () => {
+    it('should return true when formattedData property exists', async () => {
+      const connection = new Connection();
+      connection.formattedData = { clientId: 'sample-id' };
+
+      expect(connection.eligibleForEncryption()).toBe(true);
+    });
+
+    it("should return false when formattedData property doesn't exist", async () => {
+      const connection = new Connection();
+      connection.formattedData = undefined;
+
+      expect(connection.eligibleForEncryption()).toBe(false);
+    });
+  });
+
+  describe('eligibleForDecryption', () => {
+    it('should return true when data property exists', async () => {
+      const connection = new Connection();
+      connection.data = 'encrypted-data';
+
+      expect(connection.eligibleForDecryption()).toBe(true);
+    });
+
+    it("should return false when data property doesn't exist", async () => {
+      const connection = new Connection();
+      connection.data = undefined;
+
+      expect(connection.eligibleForDecryption()).toBe(false);
+    });
+  });
+
+  describe('getApp', () => {
+    it('should return connection app when valid key exists', async () => {
+      const connection = new Connection();
+      connection.key = 'gitlab';
+
+      const connectionApp = await connection.getApp();
+      const app = await App.findOneByKey('gitlab');
+
+      expect(connectionApp).toStrictEqual(app);
+    });
+
+    it('should throw an error when invalid key exists', async () => {
+      const connection = new Connection();
+      connection.key = 'invalid-key';
+
+      await expect(() => connection.getApp()).rejects.toThrowError(
+        `An application with the "invalid-key" key couldn't be found.`
+      );
+    });
+
+    it('should return null when no key exists', async () => {
+      const connection = new Connection();
+
+      await expect(connection.getApp()).resolves.toBe(null);
+    });
+  });
+
+  it('getAppConfig should return connection app config', async () => {
+    const connection = new Connection();
+    connection.key = 'gitlab';
+
+    const appConfig = await createAppConfig({ key: 'gitlab' });
+
+    const connectionAppConfig = await connection.getAppConfig();
+
+    expect(connectionAppConfig).toStrictEqual(appConfig);
+  });
+
+  describe('checkEligibilityForCreation', () => {
+    it('should return connection if no app config exists', async () => {
+      vi.spyOn(Connection.prototype, 'getApp').mockResolvedValue({
+        name: 'gitlab',
+      });
+
+      vi.spyOn(Connection.prototype, 'getAppConfig').mockResolvedValue();
+
+      const connection = new Connection();
+
+      expect(await connection.checkEligibilityForCreation()).toBe(connection);
+    });
+
+    it('should throw an error when app does not exist', async () => {
+      vi.spyOn(Connection.prototype, 'getApp').mockRejectedValue(
+        new Error(
+          `An application with the "unexisting-app" key couldn't be found.`
+        )
+      );
+
+      vi.spyOn(Connection.prototype, 'getAppConfig').mockResolvedValue();
+
+      const connection = new Connection();
+
+      await expect(() =>
+        connection.checkEligibilityForCreation()
+      ).rejects.toThrow(
+        `An application with the "unexisting-app" key couldn't be found.`
+      );
+    });
+
+    it('should throw an error when app config is disabled', async () => {
+      vi.spyOn(Connection.prototype, 'getApp').mockResolvedValue({
+        name: 'gitlab',
+      });
+
+      vi.spyOn(Connection.prototype, 'getAppConfig').mockResolvedValue({
+        disabled: true,
+      });
+
+      const connection = new Connection();
+
+      await expect(() =>
+        connection.checkEligibilityForCreation()
+      ).rejects.toThrow(
+        'The application has been disabled for new connections!'
+      );
+    });
+
+    it('should throw an error when app config does not allow custom connection with formatted data', async () => {
+      vi.spyOn(Connection.prototype, 'getApp').mockResolvedValue({
+        name: 'gitlab',
+      });
+
+      vi.spyOn(Connection.prototype, 'getAppConfig').mockResolvedValue({
+        disabled: false,
+        customConnectionAllowed: false,
+      });
+
+      const connection = new Connection();
+      connection.formattedData = {};
+
+      await expect(() =>
+        connection.checkEligibilityForCreation()
+      ).rejects.toThrow(
+        'New custom connections have been disabled for gitlab!'
+      );
+    });
+
+    it('should throw an error when app config is not shared with app auth client', async () => {
+      vi.spyOn(Connection.prototype, 'getApp').mockResolvedValue({
+        name: 'gitlab',
+      });
+
+      vi.spyOn(Connection.prototype, 'getAppConfig').mockResolvedValue({
+        disabled: false,
+        shared: false,
+      });
+
+      const connection = new Connection();
+      connection.appAuthClientId = 'sample-id';
+
+      await expect(() =>
+        connection.checkEligibilityForCreation()
+      ).rejects.toThrow(
+        'The connection with the given app auth client is not allowed!'
+      );
+    });
+
+    it('should apply app auth client auth defaults when creating with shared app auth client', async () => {
+      await createAppConfig({
+        key: 'gitlab',
+        disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
+      });
+
+      const appAuthClient = await createAppAuthClient({
+        appKey: 'gitlab',
+        active: true,
+        formattedAuthDefaults: {
+          clientId: 'sample-id',
+        },
+      });
+
+      const connection = await createConnection({
+        key: 'gitlab',
+        appAuthClientId: appAuthClient.id,
+        formattedData: null,
+      });
+
+      await connection.checkEligibilityForCreation();
+
+      expect(connection.formattedData).toStrictEqual({
+        clientId: 'sample-id',
+      });
+    });
+  });
+
+  describe('testAndUpdateConnection', () => {
+    it('should verify connection and persist it', async () => {
+      const connection = await createConnection({ verified: false });
+
+      const isStillVerifiedSpy = vi.fn().mockReturnValue(true);
+
+      const originalApp = await connection.getApp();
+
+      const getAppSpy = vi
+        .spyOn(connection, 'getApp')
+        .mockImplementation(() => {
+          return {
+            ...originalApp,
+            auth: {
+              ...originalApp.auth,
+              isStillVerified: isStillVerifiedSpy,
+            },
+          };
+        });
+
+      const updatedConnection = await connection.testAndUpdateConnection();
+
+      expect(getAppSpy).toHaveBeenCalledOnce();
+      expect(isStillVerifiedSpy).toHaveBeenCalledOnce();
+      expect(updatedConnection.verified).toBe(true);
+    });
+
+    it('should unverify connection and persist it', async () => {
+      const connection = await createConnection({ verified: true });
+
+      const isStillVerifiedSpy = vi
+        .fn()
+        .mockRejectedValue(new Error('Wrong credentials!'));
+
+      const originalApp = await connection.getApp();
+
+      const getAppSpy = vi
+        .spyOn(connection, 'getApp')
+        .mockImplementation(() => {
+          return {
+            ...originalApp,
+            auth: {
+              ...originalApp.auth,
+              isStillVerified: isStillVerifiedSpy,
+            },
+          };
+        });
+
+      const updatedConnection = await connection.testAndUpdateConnection();
+
+      expect(getAppSpy).toHaveBeenCalledOnce();
+      expect(isStillVerifiedSpy).toHaveBeenCalledOnce();
+      expect(updatedConnection.verified).toBe(false);
+    });
+  });
+
+  describe('verifyAndUpdateConnection', () => {
+    it('should verify connection with valid token', async () => {
+      const connection = await createConnection({
+        verified: false,
+        draft: true,
+      });
+
+      const verifyCredentialsSpy = vi.fn().mockResolvedValue(true);
+
+      const originalApp = await connection.getApp();
+
+      vi.spyOn(connection, 'getApp').mockImplementation(() => {
+        return {
+          ...originalApp,
+          auth: {
+            ...originalApp.auth,
+            verifyCredentials: verifyCredentialsSpy,
+          },
+        };
+      });
+
+      const updatedConnection = await connection.verifyAndUpdateConnection();
+
+      expect(verifyCredentialsSpy).toHaveBeenCalledOnce();
+      expect(updatedConnection.verified).toBe(true);
+      expect(updatedConnection.draft).toBe(false);
+    });
+
+    it('should throw an error with invalid token', async () => {
+      const connection = await createConnection({
+        verified: false,
+        draft: true,
+      });
+
+      const verifyCredentialsSpy = vi
+        .fn()
+        .mockRejectedValue(new Error('Invalid token!'));
+
+      const originalApp = await connection.getApp();
+
+      vi.spyOn(connection, 'getApp').mockImplementation(() => {
+        return {
+          ...originalApp,
+          auth: {
+            ...originalApp.auth,
+            verifyCredentials: verifyCredentialsSpy,
+          },
+        };
+      });
+
+      await expect(() =>
+        connection.verifyAndUpdateConnection()
+      ).rejects.toThrowError('Invalid token!');
+      expect(verifyCredentialsSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('verifyWebhook', () => {
+    it('should verify webhook on remote', async () => {
+      const connection = await createConnection({ key: 'typeform' });
+
+      const verifyWebhookSpy = vi.fn().mockResolvedValue('verified-webhook');
+
+      const originalApp = await connection.getApp();
+
+      vi.spyOn(connection, 'getApp').mockImplementation(() => {
+        return {
+          ...originalApp,
+          auth: {
+            ...originalApp.auth,
+            verifyWebhook: verifyWebhookSpy,
+          },
+        };
+      });
+
+      expect(await connection.verifyWebhook()).toBe('verified-webhook');
+    });
+
+    it('should return true if connection does not have value in key property', async () => {
+      const connection = await createConnection({ key: null });
+
+      expect(await connection.verifyWebhook()).toBe(true);
+    });
+
+    it('should throw an error at failed webhook verification', async () => {
+      const connection = await createConnection({ key: 'typeform' });
+
+      const verifyWebhookSpy = vi.fn().mockRejectedValue('unverified-webhook');
+
+      const originalApp = await connection.getApp();
+
+      vi.spyOn(connection, 'getApp').mockImplementation(() => {
+        return {
+          ...originalApp,
+          auth: {
+            ...originalApp.auth,
+            verifyWebhook: verifyWebhookSpy,
+          },
+        };
+      });
+
+      await expect(() => connection.verifyWebhook()).rejects.toThrowError(
+        'unverified-webhook'
+      );
+    });
+  });
+
+  it('generateAuthUrl should return authentication url', async () => {
+    const connection = await createConnection({
+      key: 'typeform',
+      formattedData: {
+        url: 'https://automatisch.io/authentication-url',
+      },
+    });
+
+    const generateAuthUrlSpy = vi.fn();
+
+    const originalApp = await connection.getApp();
+
+    vi.spyOn(connection, 'getApp').mockImplementation(() => {
+      return {
+        ...originalApp,
+        auth: {
+          ...originalApp.auth,
+          generateAuthUrl: generateAuthUrlSpy,
+        },
+      };
+    });
+
+    expect(await connection.generateAuthUrl()).toStrictEqual({
+      url: 'https://automatisch.io/authentication-url',
+    });
+  });
+
+  describe('reset', () => {
+    it('should keep screen name when exists and reset the rest of the formatted data', async () => {
+      const connection = await createConnection({
+        formattedData: {
+          screenName: 'Sample connection',
+          token: 'sample-token',
+        },
+      });
+
+      await connection.reset();
+
+      const refetchedConnection = await connection.$query();
+
+      expect(refetchedConnection.formattedData).toStrictEqual({
+        screenName: 'Sample connection',
+      });
+    });
+
+    it('should empty formatted data object when screen name does not exist', async () => {
+      const connection = await createConnection({
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      await connection.reset();
+
+      const refetchedConnection = await connection.$query();
+
+      expect(refetchedConnection.formattedData).toStrictEqual({});
+    });
+  });
+
+  describe('updateFormattedData', () => {
+    it('should extend connection data with app auth client auth defaults', async () => {
+      const appAuthClient = await createAppAuthClient({
+        formattedAuthDefaults: {
+          clientId: 'sample-id',
+        },
+      });
+
+      const connection = await createConnection({
+        appAuthClientId: appAuthClient.id,
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      const updatedConnection = await connection.updateFormattedData({
+        appAuthClientId: appAuthClient.id,
+      });
+
+      expect(updatedConnection.formattedData).toStrictEqual({
+        clientId: 'sample-id',
+        token: 'sample-token',
+      });
+    });
+  });
+
+  describe('$beforeInsert', () => {
+    it('should call super.$beforeInsert', async () => {
+      const superBeforeInsertSpy = vi
+        .spyOn(Base.prototype, '$beforeInsert')
+        .mockResolvedValue();
+
+      await createConnection();
+
+      expect(superBeforeInsertSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should call checkEligibilityForCreation', async () => {
+      const checkEligibilityForCreationSpy = vi
+        .spyOn(Connection.prototype, 'checkEligibilityForCreation')
+        .mockResolvedValue();
+
+      await createConnection();
+
+      expect(checkEligibilityForCreationSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should call encryptData', async () => {
+      const encryptDataSpy = vi
+        .spyOn(Connection.prototype, 'encryptData')
+        .mockResolvedValue();
+
+      await createConnection();
+
+      expect(encryptDataSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('$beforeUpdate', () => {
+    it('should call super.$beforeUpdate', async () => {
+      const superBeforeUpdateSpy = vi
+        .spyOn(Base.prototype, '$beforeUpdate')
+        .mockResolvedValue();
+
+      const connection = await createConnection();
+
+      await connection.$query().patch({ verified: false });
+
+      expect(superBeforeUpdateSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should call encryptData', async () => {
+      const connection = await createConnection();
+
+      const encryptDataSpy = vi
+        .spyOn(Connection.prototype, 'encryptData')
+        .mockResolvedValue();
+
+      await connection.$query().patch({ verified: false });
+
+      expect(encryptDataSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('$afterFind', () => {
+    it('should call decryptData', async () => {
+      const connection = await createConnection();
+
+      const decryptDataSpy = vi
+        .spyOn(Connection.prototype, 'decryptData')
+        .mockResolvedValue();
+
+      await connection.$query();
+
+      expect(decryptDataSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('$afterInsert', () => {
+    it('should call super.$afterInsert', async () => {
+      const superAfterInsertSpy = vi.spyOn(Base.prototype, '$afterInsert');
+
+      await createConnection();
+
+      expect(superAfterInsertSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should call Telemetry.connectionCreated', async () => {
+      const telemetryConnectionCreatedSpy = vi
+        .spyOn(Telemetry, 'connectionCreated')
+        .mockImplementation(() => {});
+
+      const connection = await createConnection();
+
+      expect(telemetryConnectionCreatedSpy).toHaveBeenCalledWith(connection);
+    });
+  });
+
+  describe('$afterUpdate', () => {
+    it('should call super.$afterUpdate', async () => {
+      const superAfterInsertSpy = vi.spyOn(Base.prototype, '$afterUpdate');
+
+      const connection = await createConnection();
+
+      await connection.$query().patch({ verified: false });
+
+      expect(superAfterInsertSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should call Telemetry.connectionUpdated', async () => {
+      const telemetryconnectionUpdatedSpy = vi
+        .spyOn(Telemetry, 'connectionCreated')
+        .mockImplementation(() => {});
+
+      const connection = await createConnection();
+
+      await connection.$query().patch({ verified: false });
+
+      expect(telemetryconnectionUpdatedSpy).toHaveBeenCalledWith(connection);
     });
   });
 });

packages/backend/src/models/flow.js

@@ -88,15 +88,13 @@ class Flow extends Base {
     },
   });
 
-  static async afterFind(args) {
+  static async populateStatusProperty(flows) {
-    const { result } = args;
+    const referenceFlow = flows[0];
-
-    const referenceFlow = result[0];
 
     if (referenceFlow) {
       const shouldBePaused = await referenceFlow.isPaused();
 
-      for (const flow of result) {
+      for (const flow of flows) {
         if (!flow.active) {
           flow.status = 'draft';
         } else if (flow.active && shouldBePaused) {
@@ -108,6 +106,10 @@ class Flow extends Base {
     }
   }
 
+  static async afterFind(args) {
+    await this.populateStatusProperty(args.result);
+  }
+
   async lastInternalId() {
     const lastExecution = await this.$relatedQuery('lastExecution');
 
@@ -123,13 +125,14 @@ class Flow extends Base {
     return lastExecutions.map((execution) => execution.internalId);
   }
 
-  get IncompleteStepsError() {
+  static get IncompleteStepsError() {
     return new ValidationError({
       data: {
         flow: [
           {
-            message: 'All steps should be completed before updating flow status!'
+            message:
-          }
+              'All steps should be completed before updating flow status!',
+          },
         ],
       },
       type: 'incompleteStepsError',
@@ -148,36 +151,48 @@ class Flow extends Base {
       type: 'action',
       position: 2,
     });
-
-    return this.$query().withGraphFetched('steps');
   }
 
-  async createActionStep(previousStepId) {
+  async getStepById(stepId) {
-    const previousStep = await this.$relatedQuery('steps')
+    return await this.$relatedQuery('steps').findById(stepId).throwIfNotFound();
-      .findById(previousStepId)
+  }
-      .throwIfNotFound();
 
-    const createdStep = await this.$relatedQuery('steps').insertAndFetch({
+  async insertActionStepAtPosition(position) {
+    return await this.$relatedQuery('steps').insertAndFetch({
       type: 'action',
-      position: previousStep.position + 1,
+      position,
     });
+  }
 
-    const nextSteps = await this.$relatedQuery('steps')
+  async getStepsAfterPosition(position) {
-      .where('position', '>=', createdStep.position)
+    return await this.$relatedQuery('steps').where('position', '>', position);
-      .whereNot('id', createdStep.id);
+  }
 
-    const nextStepQueries = nextSteps.map(async (nextStep, index) => {
+  async updateStepPositionsFrom(startPosition, steps) {
-      return await nextStep.$query().patchAndFetch({
+    const stepPositionUpdates = steps.map(async (step, index) => {
-        position: createdStep.position + index + 1,
+      return await step.$query().patch({
+        position: startPosition + index,
       });
     });
 
-    await Promise.all(nextStepQueries);
+    return await Promise.all(stepPositionUpdates);
+  }
+
+  async createStepAfter(previousStepId) {
+    const previousStep = await this.getStepById(previousStepId);
+
+    const nextSteps = await this.getStepsAfterPosition(previousStep.position);
+
+    const createdStep = await this.insertActionStepAtPosition(
+      previousStep.position + 1
+    );
+
+    await this.updateStepPositionsFrom(createdStep.position + 1, nextSteps);
 
     return createdStep;
   }
 
-  async delete() {
+  async unregisterWebhook() {
     const triggerStep = await this.getTriggerStep();
     const trigger = await triggerStep?.getTriggerCommand();
 
@@ -198,15 +213,33 @@ class Flow extends Base {
         );
       }
     }
+  }
 
+  async deleteExecutionSteps() {
     const executionIds = (
       await this.$relatedQuery('executions').select('executions.id')
     ).map((execution) => execution.id);
 
-    await ExecutionStep.query().delete().whereIn('execution_id', executionIds);
+    return await ExecutionStep.query()
+      .delete()
+      .whereIn('execution_id', executionIds);
+  }
+
+  async deleteExecutions() {
+    return await this.$relatedQuery('executions').delete();
+  }
+
+  async deleteSteps() {
+    return await this.$relatedQuery('steps').delete();
+  }
+
+  async delete() {
+    await this.unregisterWebhook();
+
+    await this.deleteExecutionSteps();
+    await this.deleteExecutions();
+    await this.deleteSteps();
 
-    await this.$relatedQuery('executions').delete();
-    await this.$relatedQuery('steps').delete();
     await this.$query().delete();
   }
 
@@ -291,6 +324,18 @@ class Flow extends Base {
     return duplicatedFlowWithSteps;
   }
 
+  async getTriggerStep() {
+    return await this.$relatedQuery('steps').findOne({
+      type: 'trigger',
+    });
+  }
+
+  async isPaused() {
+    const user = await this.$relatedQuery('user').withSoftDeleted();
+    const allowedToRunFlows = await user.isAllowedToRunFlows();
+    return allowedToRunFlows ? false : true;
+  }
+
   async updateStatus(newActiveValue) {
     if (this.active === newActiveValue) {
       return this;
@@ -299,7 +344,7 @@ class Flow extends Base {
     const triggerStep = await this.getTriggerStep();
 
     if (triggerStep.status === 'incomplete') {
-      throw this.IncompleteStepsError;
+      throw Flow.IncompleteStepsError;
     }
 
     const trigger = await triggerStep.getTriggerCommand();
@@ -353,60 +398,55 @@ class Flow extends Base {
     });
   }
 
-  async $beforeUpdate(opt, queryContext) {
+  async throwIfHavingIncompleteSteps() {
-    await super.$beforeUpdate(opt, queryContext);
+    const incompleteStep = await this.$relatedQuery('steps').findOne({
-
-    if (!this.active) return;
-
-    const oldFlow = opt.old;
-
-    const incompleteStep = await oldFlow.$relatedQuery('steps').findOne({
       status: 'incomplete',
     });
 
     if (incompleteStep) {
-      throw this.IncompleteStepsError;
+      throw Flow.IncompleteStepsError;
     }
+  }
 
-    const allSteps = await oldFlow.$relatedQuery('steps');
+  async throwIfHavingLessThanTwoSteps() {
+    const allSteps = await this.$relatedQuery('steps');
 
     if (allSteps.length < 2) {
       throw new ValidationError({
         data: {
           flow: [
             {
-              message: 'There should be at least one trigger and one action steps in the flow!'
+              message:
-            }
+                'There should be at least one trigger and one action steps in the flow!',
+            },
           ],
         },
         type: 'insufficientStepsError',
       });
     }
+  }
 
-    return;
+  async $beforeUpdate(opt, queryContext) {
+    await super.$beforeUpdate(opt, queryContext);
+
+    if (this.active) {
+      await opt.old.throwIfHavingIncompleteSteps();
+
+      await opt.old.throwIfHavingLessThanTwoSteps();
+    }
   }
 
   async $afterInsert(queryContext) {
     await super.$afterInsert(queryContext);
+
     Telemetry.flowCreated(this);
   }
 
   async $afterUpdate(opt, queryContext) {
     await super.$afterUpdate(opt, queryContext);
+
     Telemetry.flowUpdated(this);
   }
-
-  async getTriggerStep() {
-    return await this.$relatedQuery('steps').findOne({
-      type: 'trigger',
-    });
-  }
-
-  async isPaused() {
-    const user = await this.$relatedQuery('user').withSoftDeleted();
-    const allowedToRunFlows = await user.isAllowedToRunFlows();
-    return allowedToRunFlows ? false : true;
-  }
 }
 
 export default Flow;

packages/backend/src/models/flow.test.js

@@ -0,0 +1,616 @@
+import { describe, it, expect, vi } from 'vitest';
+import Flow from './flow.js';
+import User from './user.js';
+import Base from './base.js';
+import Step from './step.js';
+import Execution from './execution.js';
+import Telemetry from '../helpers/telemetry/index.js';
+import * as globalVariableModule from '../helpers/global-variable.js';
+import { createFlow } from '../../test/factories/flow.js';
+import { createStep } from '../../test/factories/step.js';
+import { createExecution } from '../../test/factories/execution.js';
+import { createExecutionStep } from '../../test/factories/execution-step.js';
+
+describe('Flow model', () => {
+  it('tableName should return correct name', () => {
+    expect(Flow.tableName).toBe('flows');
+  });
+
+  it('jsonSchema should have correct validations', () => {
+    expect(Flow.jsonSchema).toMatchSnapshot();
+  });
+
+  describe('relationMappings', () => {
+    it('should return correct associations', () => {
+      const relationMappings = Flow.relationMappings();
+
+      const expectedRelations = {
+        steps: {
+          relation: Base.HasManyRelation,
+          modelClass: Step,
+          join: {
+            from: 'flows.id',
+            to: 'steps.flow_id',
+          },
+          filter: expect.any(Function),
+        },
+        triggerStep: {
+          relation: Base.HasOneRelation,
+          modelClass: Step,
+          join: {
+            from: 'flows.id',
+            to: 'steps.flow_id',
+          },
+          filter: expect.any(Function),
+        },
+        executions: {
+          relation: Base.HasManyRelation,
+          modelClass: Execution,
+          join: {
+            from: 'flows.id',
+            to: 'executions.flow_id',
+          },
+        },
+        lastExecution: {
+          relation: Base.HasOneRelation,
+          modelClass: Execution,
+          join: {
+            from: 'flows.id',
+            to: 'executions.flow_id',
+          },
+          filter: expect.any(Function),
+        },
+        user: {
+          relation: Base.HasOneRelation,
+          modelClass: User,
+          join: {
+            from: 'flows.user_id',
+            to: 'users.id',
+          },
+        },
+      };
+
+      expect(relationMappings).toStrictEqual(expectedRelations);
+    });
+
+    it('steps should return the steps', () => {
+      const relations = Flow.relationMappings();
+      const orderBySpy = vi.fn();
+
+      relations.steps.filter({ orderBy: orderBySpy });
+
+      expect(orderBySpy).toHaveBeenCalledWith('position', 'asc');
+    });
+
+    it('triggerStep should return the trigger step', () => {
+      const relations = Flow.relationMappings();
+
+      const firstSpy = vi.fn();
+
+      const limitSpy = vi.fn().mockImplementation(() => ({
+        first: firstSpy,
+      }));
+
+      const whereSpy = vi.fn().mockImplementation(() => ({
+        limit: limitSpy,
+      }));
+
+      relations.triggerStep.filter({ where: whereSpy });
+
+      expect(whereSpy).toHaveBeenCalledWith('type', 'trigger');
+      expect(limitSpy).toHaveBeenCalledWith(1);
+      expect(firstSpy).toHaveBeenCalledOnce();
+    });
+
+    it('lastExecution should return the last execution', () => {
+      const relations = Flow.relationMappings();
+
+      const firstSpy = vi.fn();
+
+      const limitSpy = vi.fn().mockImplementation(() => ({
+        first: firstSpy,
+      }));
+
+      const orderBySpy = vi.fn().mockImplementation(() => ({
+        limit: limitSpy,
+      }));
+
+      relations.lastExecution.filter({ orderBy: orderBySpy });
+
+      expect(orderBySpy).toHaveBeenCalledWith('created_at', 'desc');
+      expect(limitSpy).toHaveBeenCalledWith(1);
+      expect(firstSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('populateStatusProperty', () => {
+    it('should assign "draft" to status property when a flow is not active', async () => {
+      const referenceFlow = await createFlow({ active: false });
+
+      const flows = [referenceFlow];
+
+      vi.spyOn(referenceFlow, 'isPaused').mockResolvedValue();
+
+      await Flow.populateStatusProperty(flows);
+
+      expect(referenceFlow.status).toBe('draft');
+    });
+
+    it('should assign "paused" to status property when a flow is active, but should be paused', async () => {
+      const referenceFlow = await createFlow({ active: true });
+
+      const flows = [referenceFlow];
+
+      vi.spyOn(referenceFlow, 'isPaused').mockResolvedValue(true);
+
+      await Flow.populateStatusProperty(flows);
+
+      expect(referenceFlow.status).toBe('paused');
+    });
+
+    it('should assign "published" to status property when a flow is active', async () => {
+      const referenceFlow = await createFlow({ active: true });
+
+      const flows = [referenceFlow];
+
+      vi.spyOn(referenceFlow, 'isPaused').mockResolvedValue(false);
+
+      await Flow.populateStatusProperty(flows);
+
+      expect(referenceFlow.status).toBe('published');
+    });
+  });
+
+  it('afterFind should call Flow.populateStatusProperty', async () => {
+    const populateStatusPropertySpy = vi
+      .spyOn(Flow, 'populateStatusProperty')
+      .mockImplementation(() => {});
+
+    await createFlow();
+
+    expect(populateStatusPropertySpy).toHaveBeenCalledOnce();
+  });
+
+  describe('lastInternalId', () => {
+    it('should return internal ID of last execution when exists', async () => {
+      const flow = await createFlow();
+
+      await createExecution({ flowId: flow.id });
+      await createExecution({ flowId: flow.id });
+      const lastExecution = await createExecution({ flowId: flow.id });
+
+      expect(await flow.lastInternalId()).toBe(lastExecution.internalId);
+    });
+
+    it('should return null when no flow execution exists', async () => {
+      const flow = await createFlow();
+
+      expect(await flow.lastInternalId()).toBe(null);
+    });
+  });
+
+  describe('lastInternalIds', () => {
+    it('should return last internal IDs', async () => {
+      const flow = await createFlow();
+
+      const internalIds = [
+        await createExecution({ flowId: flow.id }),
+        await createExecution({ flowId: flow.id }),
+        await createExecution({ flowId: flow.id }),
+      ].map((execution) => execution.internalId);
+
+      expect(await flow.lastInternalIds()).toStrictEqual(internalIds);
+    });
+
+    it('should return last 50 internal IDs by default', async () => {
+      const flow = new Flow();
+
+      const limitSpy = vi.fn().mockResolvedValue([]);
+
+      vi.spyOn(flow, '$relatedQuery').mockReturnValue({
+        select: vi.fn().mockReturnThis(),
+        orderBy: vi.fn().mockReturnThis(),
+        limit: limitSpy,
+      });
+
+      await flow.lastInternalIds();
+
+      expect(limitSpy).toHaveBeenCalledWith(50);
+    });
+  });
+
+  it('IncompleteStepsError should return validation error for incomplete steps', () => {
+    expect(() => {
+      throw Flow.IncompleteStepsError;
+    }).toThrowError(
+      'flow: All steps should be completed before updating flow status!'
+    );
+  });
+
+  it('createInitialSteps should create one trigger and one action step', async () => {
+    const flow = await createFlow();
+    await flow.createInitialSteps();
+    const steps = await flow.$relatedQuery('steps');
+
+    expect(steps.length).toBe(2);
+
+    expect(steps[0]).toMatchObject({
+      flowId: flow.id,
+      type: 'trigger',
+      position: 1,
+    });
+
+    expect(steps[1]).toMatchObject({
+      flowId: flow.id,
+      type: 'action',
+      position: 2,
+    });
+  });
+
+  it('getStepById should return the step with the given ID from the flow', async () => {
+    const flow = await createFlow();
+
+    const step = await createStep({ flowId: flow.id });
+
+    expect(await flow.getStepById(step.id)).toStrictEqual(step);
+  });
+
+  it('insertActionStepAtPosition should insert action step at given position', async () => {
+    const flow = await createFlow();
+
+    await flow.createInitialSteps();
+
+    const createdStep = await flow.insertActionStepAtPosition(2);
+
+    expect(createdStep).toMatchObject({
+      type: 'action',
+      position: 2,
+    });
+  });
+
+  it('getStepsAfterPosition should return steps after the given position', async () => {
+    const flow = await createFlow();
+
+    await flow.createInitialSteps();
+
+    await createStep({ flowId: flow.id });
+
+    expect(await flow.getStepsAfterPosition(1)).toMatchObject([
+      { position: 2 },
+      { position: 3 },
+    ]);
+  });
+
+  it('updateStepPositionsFrom', async () => {
+    const flow = await createFlow();
+
+    await createStep({ type: 'trigger', flowId: flow.id, position: 6 });
+    await createStep({ type: 'action', flowId: flow.id, position: 8 });
+    await createStep({ type: 'action', flowId: flow.id, position: 10 });
+
+    await flow.updateStepPositionsFrom(2, await flow.$relatedQuery('steps'));
+
+    expect(await flow.$relatedQuery('steps')).toMatchObject([
+      { position: 2, type: 'trigger' },
+      { position: 3, type: 'action' },
+      { position: 4, type: 'action' },
+    ]);
+  });
+
+  it('createStepAfter should create an action step after given step ID', async () => {
+    const flow = await createFlow();
+
+    const triggerStep = await createStep({ type: 'trigger', flowId: flow.id });
+    const actionStep = await createStep({ type: 'action', flowId: flow.id });
+
+    const createdStep = await flow.createStepAfter(triggerStep.id);
+
+    const refetchedActionStep = await actionStep.$query();
+
+    expect(createdStep).toMatchObject({ type: 'action', position: 2 });
+    expect(refetchedActionStep.position).toBe(3);
+  });
+
+  describe('unregisterWebhook', () => {
+    it('should unregister webhook on remote when supported', async () => {
+      const flow = await createFlow();
+      const triggerStep = await createStep({
+        flowId: flow.id,
+        appKey: 'typeform',
+        key: 'new-entry',
+        type: 'trigger',
+      });
+
+      const unregisterHookSpy = vi.fn().mockResolvedValue();
+
+      vi.spyOn(Step.prototype, 'getTriggerCommand').mockResolvedValue({
+        type: 'webhook',
+        unregisterHook: unregisterHookSpy,
+      });
+
+      const globalVariableSpy = vi
+        .spyOn(globalVariableModule, 'default')
+        .mockResolvedValue('global-variable');
+
+      await flow.unregisterWebhook();
+
+      expect(unregisterHookSpy).toHaveBeenCalledWith('global-variable');
+      expect(globalVariableSpy).toHaveBeenCalledWith({
+        flow,
+        step: triggerStep,
+        connection: undefined,
+        app: await triggerStep.getApp(),
+      });
+    });
+
+    it('should silently fail when unregistration fails', async () => {
+      const flow = await createFlow();
+      await createStep({
+        flowId: flow.id,
+        appKey: 'typeform',
+        key: 'new-entry',
+        type: 'trigger',
+      });
+
+      const unregisterHookSpy = vi.fn().mockRejectedValue(new Error());
+
+      vi.spyOn(Step.prototype, 'getTriggerCommand').mockResolvedValue({
+        type: 'webhook',
+        unregisterHook: unregisterHookSpy,
+      });
+
+      expect(await flow.unregisterWebhook()).toBe(undefined);
+      expect(unregisterHookSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should do nothing when trigger step is not webhook', async () => {
+      const flow = await createFlow();
+      await createStep({
+        flowId: flow.id,
+        type: 'trigger',
+      });
+
+      const unregisterHookSpy = vi.fn().mockRejectedValue(new Error());
+
+      expect(await flow.unregisterWebhook()).toBe(undefined);
+      expect(unregisterHookSpy).not.toHaveBeenCalled();
+    });
+  });
+
+  it('deleteExecutionSteps should delete related execution steps', async () => {
+    const flow = await createFlow();
+    const execution = await createExecution({ flowId: flow.id });
+    const firstExecutionStep = await createExecutionStep({
+      executionId: execution.id,
+    });
+    const secondExecutionStep = await createExecutionStep({
+      executionId: execution.id,
+    });
+
+    await flow.deleteExecutionSteps();
+
+    expect(await firstExecutionStep.$query()).toBe(undefined);
+    expect(await secondExecutionStep.$query()).toBe(undefined);
+  });
+
+  it('deleteExecutions should delete related executions', async () => {
+    const flow = await createFlow();
+    const firstExecution = await createExecution({ flowId: flow.id });
+    const secondExecution = await createExecution({ flowId: flow.id });
+
+    await flow.deleteExecutions();
+
+    expect(await firstExecution.$query()).toBe(undefined);
+    expect(await secondExecution.$query()).toBe(undefined);
+  });
+
+  it('deleteSteps should delete related steps', async () => {
+    const flow = await createFlow();
+    await flow.createInitialSteps();
+    await flow.deleteSteps();
+
+    expect(await flow.$relatedQuery('steps')).toStrictEqual([]);
+  });
+
+  it('delete should delete the flow with its relations', async () => {
+    const flow = await createFlow();
+
+    const unregisterWebhookSpy = vi
+      .spyOn(flow, 'unregisterWebhook')
+      .mockResolvedValue();
+    const deleteExecutionStepsSpy = vi
+      .spyOn(flow, 'deleteExecutionSteps')
+      .mockResolvedValue();
+    const deleteExecutionsSpy = vi
+      .spyOn(flow, 'deleteExecutions')
+      .mockResolvedValue();
+    const deleteStepsSpy = vi.spyOn(flow, 'deleteSteps').mockResolvedValue();
+
+    await flow.delete();
+
+    expect(unregisterWebhookSpy).toHaveBeenCalledOnce();
+    expect(deleteExecutionStepsSpy).toHaveBeenCalledOnce();
+    expect(deleteExecutionsSpy).toHaveBeenCalledOnce();
+    expect(deleteStepsSpy).toHaveBeenCalledOnce();
+    expect(await flow.$query()).toBe(undefined);
+  });
+
+  it.todo('duplicateFor');
+
+  it('getTriggerStep', async () => {
+    const flow = await createFlow();
+    const triggerStep = await createStep({ flowId: flow.id, type: 'trigger' });
+
+    await createStep({ flowId: flow.id, type: 'action' });
+
+    expect(await flow.getTriggerStep()).toStrictEqual(triggerStep);
+  });
+
+  describe('isPaused', () => {
+    it('should return true when user.isAllowedToRunFlows returns false', async () => {
+      const flow = await createFlow();
+
+      const isAllowedToRunFlowsSpy = vi.fn().mockResolvedValue(false);
+      vi.spyOn(flow, '$relatedQuery').mockReturnValue({
+        withSoftDeleted: vi.fn().mockReturnThis(),
+        isAllowedToRunFlows: isAllowedToRunFlowsSpy,
+      });
+
+      expect(await flow.isPaused()).toBe(true);
+      expect(isAllowedToRunFlowsSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should return false when user.isAllowedToRunFlows returns true', async () => {
+      const flow = await createFlow();
+
+      const isAllowedToRunFlowsSpy = vi.fn().mockResolvedValue(true);
+      vi.spyOn(flow, '$relatedQuery').mockReturnValue({
+        withSoftDeleted: vi.fn().mockReturnThis(),
+        isAllowedToRunFlows: isAllowedToRunFlowsSpy,
+      });
+
+      expect(await flow.isPaused()).toBe(false);
+      expect(isAllowedToRunFlowsSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('throwIfHavingIncompleteSteps', () => {
+    it('should throw validation error with incomplete steps', async () => {
+      const flow = await createFlow();
+
+      await flow.createInitialSteps();
+
+      await expect(() =>
+        flow.throwIfHavingIncompleteSteps()
+      ).rejects.toThrowError(
+        'flow: All steps should be completed before updating flow status!'
+      );
+    });
+
+    it('should return undefined when all steps are completed', async () => {
+      const flow = await createFlow();
+
+      await createStep({
+        flowId: flow.id,
+        status: 'completed',
+        type: 'trigger',
+      });
+
+      await createStep({
+        flowId: flow.id,
+        status: 'completed',
+        type: 'action',
+      });
+
+      expect(await flow.throwIfHavingIncompleteSteps()).toBe(undefined);
+    });
+  });
+
+  describe('throwIfHavingLessThanTwoSteps', () => {
+    it('should throw validation error with less than two steps', async () => {
+      const flow = await createFlow();
+
+      await expect(() =>
+        flow.throwIfHavingLessThanTwoSteps()
+      ).rejects.toThrowError(
+        'flow: There should be at least one trigger and one action steps in the flow!'
+      );
+    });
+
+    it('should return undefined when there are at least two steps', async () => {
+      const flow = await createFlow();
+
+      await createStep({
+        flowId: flow.id,
+        type: 'trigger',
+      });
+
+      await createStep({
+        flowId: flow.id,
+        type: 'action',
+      });
+
+      expect(await flow.throwIfHavingLessThanTwoSteps()).toBe(undefined);
+    });
+  });
+
+  describe('$beforeUpdate', () => {
+    it('should invoke throwIfHavingIncompleteSteps when flow is becoming active', async () => {
+      const flow = await createFlow({ active: false });
+
+      const throwIfHavingIncompleteStepsSpy = vi
+        .spyOn(Flow.prototype, 'throwIfHavingIncompleteSteps')
+        .mockImplementation(() => {});
+
+      const throwIfHavingLessThanTwoStepsSpy = vi
+        .spyOn(Flow.prototype, 'throwIfHavingLessThanTwoSteps')
+        .mockImplementation(() => {});
+
+      await flow.$query().patch({ active: true });
+
+      expect(throwIfHavingIncompleteStepsSpy).toHaveBeenCalledOnce();
+      expect(throwIfHavingLessThanTwoStepsSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should invoke throwIfHavingIncompleteSteps when flow is not becoming active', async () => {
+      const flow = await createFlow({ active: true });
+
+      const throwIfHavingIncompleteStepsSpy = vi
+        .spyOn(Flow.prototype, 'throwIfHavingIncompleteSteps')
+        .mockImplementation(() => {});
+
+      const throwIfHavingLessThanTwoStepsSpy = vi
+        .spyOn(Flow.prototype, 'throwIfHavingLessThanTwoSteps')
+        .mockImplementation(() => {});
+
+      await flow.$query().patch({});
+
+      expect(throwIfHavingIncompleteStepsSpy).not.toHaveBeenCalledOnce();
+      expect(throwIfHavingLessThanTwoStepsSpy).not.toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('$afterInsert', () => {
+    it('should call super.$afterInsert', async () => {
+      const superAfterInsertSpy = vi.spyOn(Base.prototype, '$afterInsert');
+
+      await createFlow();
+
+      expect(superAfterInsertSpy).toHaveBeenCalled();
+    });
+
+    it('should call Telemetry.flowCreated', async () => {
+      const telemetryFlowCreatedSpy = vi
+        .spyOn(Telemetry, 'flowCreated')
+        .mockImplementation(() => {});
+
+      const flow = await createFlow();
+
+      expect(telemetryFlowCreatedSpy).toHaveBeenCalledWith(flow);
+    });
+  });
+
+  describe('$afterUpdate', () => {
+    it('should call super.$afterUpdate', async () => {
+      const superAfterUpdateSpy = vi.spyOn(Base.prototype, '$afterUpdate');
+
+      const flow = await createFlow();
+
+      await flow.$query().patch({ active: false });
+
+      expect(superAfterUpdateSpy).toHaveBeenCalledOnce();
+    });
+
+    it('$afterUpdate should call Telemetry.flowUpdated', async () => {
+      const telemetryFlowUpdatedSpy = vi
+        .spyOn(Telemetry, 'flowUpdated')
+        .mockImplementation(() => {});
+
+      const flow = await createFlow();
+
+      await flow.$query().patch({ active: false });
+
+      expect(telemetryFlowUpdatedSpy).toHaveBeenCalled({});
+    });
+  });
+});

packages/backend/src/models/permission.js

@@ -19,25 +19,39 @@ class Permission extends Base {
     },
   };
 
-  static sanitize(permissions) {
+  static filter(permissions) {
     const sanitizedPermissions = permissions.filter((permission) => {
       const { action, subject, conditions } = permission;
 
-      const relevantAction = permissionCatalog.actions.find(
+      const relevantAction = this.findAction(action);
-        (actionCatalogItem) => actionCatalogItem.key === action
+      const validSubject = this.isSubjectValid(subject, relevantAction);
-      );
+      const validConditions = this.areConditionsValid(conditions);
-      const validSubject = relevantAction.subjects.includes(subject);
-      const validConditions = conditions.every((condition) => {
-        return !!permissionCatalog.conditions.find(
-          (conditionCatalogItem) => conditionCatalogItem.key === condition
-        );
-      });
 
-      return validSubject && validConditions;
+      return relevantAction && validSubject && validConditions;
     });
 
     return sanitizedPermissions;
   }
+
+  static findAction(action) {
+    return permissionCatalog.actions.find(
+      (actionCatalogItem) => actionCatalogItem.key === action
+    );
+  }
+
+  static isSubjectValid(subject, action) {
+    return action && action.subjects.includes(subject);
+  }
+
+  static areConditionsValid(conditions) {
+    return conditions.every((condition) => this.isConditionValid(condition));
+  }
+
+  static isConditionValid(condition) {
+    return !!permissionCatalog.conditions.find(
+      (conditionCatalogItem) => conditionCatalogItem.key === condition
+    );
+  }
 }
 
 export default Permission;

packages/backend/src/models/permission.test.js

@@ -0,0 +1,95 @@
+import { describe, it, expect } from 'vitest';
+import Permission from './permission';
+import permissionCatalog from '../helpers/permission-catalog.ee.js';
+
+describe('Permission model', () => {
+  it('tableName should return correct name', () => {
+    expect(Permission.tableName).toBe('permissions');
+  });
+
+  it('jsonSchema should have correct validations', () => {
+    expect(Permission.jsonSchema).toMatchSnapshot();
+  });
+
+  it('filter should return only valid permissions based on permission catalog', () => {
+    const permissions = [
+      { action: 'read', subject: 'Flow', conditions: ['isCreator'] },
+      { action: 'delete', subject: 'Connection', conditions: [] },
+      { action: 'publish', subject: 'Flow', conditions: ['isCreator'] },
+      { action: 'update', subject: 'Execution', conditions: [] }, // Invalid subject
+      { action: 'read', subject: 'Execution', conditions: ['invalid'] }, // Invalid condition
+      { action: 'invalid', subject: 'Execution', conditions: [] }, // Invalid action
+    ];
+
+    const result = Permission.filter(permissions);
+
+    expect(result).toStrictEqual([
+      { action: 'read', subject: 'Flow', conditions: ['isCreator'] },
+      { action: 'delete', subject: 'Connection', conditions: [] },
+      { action: 'publish', subject: 'Flow', conditions: ['isCreator'] },
+    ]);
+  });
+
+  describe('findAction', () => {
+    it('should return action from permission catalog', () => {
+      const action = Permission.findAction('create');
+      expect(action.key).toStrictEqual('create');
+    });
+
+    it('should return undefined for invalid actions', () => {
+      const invalidAction = Permission.findAction('invalidAction');
+      expect(invalidAction).toBeUndefined();
+    });
+  });
+
+  describe('isSubjectValid', () => {
+    it('should return true for valid subjects', () => {
+      const validAction = permissionCatalog.actions.find(
+        (action) => action.key === 'create'
+      );
+
+      const validSubject = Permission.isSubjectValid('Connection', validAction);
+      expect(validSubject).toBe(true);
+    });
+
+    it('should return false for invalid subjects', () => {
+      const validAction = permissionCatalog.actions.find(
+        (action) => action.key === 'create'
+      );
+
+      const invalidSubject = Permission.isSubjectValid(
+        'Execution',
+        validAction
+      );
+
+      expect(invalidSubject).toBe(false);
+    });
+  });
+
+  describe('areConditionsValid', () => {
+    it('should return true for valid conditions', () => {
+      const validConditions = Permission.areConditionsValid(['isCreator']);
+      expect(validConditions).toBe(true);
+    });
+
+    it('should return false for invalid conditions', () => {
+      const invalidConditions = Permission.areConditionsValid([
+        'invalidCondition',
+      ]);
+
+      expect(invalidConditions).toBe(false);
+    });
+  });
+
+  describe('isConditionValid', () => {
+    it('should return true for valid conditions', () => {
+      const validCondition = Permission.isConditionValid('isCreator');
+      expect(validCondition).toBe(true);
+    });
+
+    it('should return false for invalid conditions', () => {
+      const invalidCondition = Permission.isConditionValid('invalidCondition');
+      expect(invalidCondition).toBe(false);
+    });
+  });
+});

packages/backend/src/models/role.js

@@ -52,57 +52,64 @@ class Role extends Base {
     return await this.query().findOne({ name: 'Admin' });
   }
 
-  async updateWithPermissions(data) {
+  async preventAlteringAdmin() {
-    if (this.isAdmin) {
+    const currentRole = await Role.query().findById(this.id);
+
+    if (currentRole.isAdmin) {
       throw new NotAuthorizedError('The admin role cannot be altered!');
     }
+  }
 
+  async deletePermissions() {
+    return await this.$relatedQuery('permissions').delete();
+  }
+
+  async createPermissions(permissions) {
+    if (permissions?.length) {
+      const validPermissions = Permission.filter(permissions).map(
+        (permission) => ({
+          ...permission,
+          roleId: this.id,
+        })
+      );
+
+      await Permission.query().insert(validPermissions);
+    }
+  }
+
+  async updatePermissions(permissions) {
+    await this.deletePermissions();
+
+    await this.createPermissions(permissions);
+  }
+
+  async updateWithPermissions(data) {
     const { name, description, permissions } = data;
 
-    return await Role.transaction(async (trx) => {
+    await this.updatePermissions(permissions);
-      await this.$relatedQuery('permissions', trx).delete();
 
-      if (permissions?.length) {
+    await this.$query().patchAndFetch({
-        const sanitizedPermissions = Permission.sanitize(permissions).map(
+      id: this.id,
-          (permission) => ({
+      name,
-            ...permission,
+      description,
-            roleId: this.id,
-          })
-        );
-
-        await Permission.query().insert(sanitizedPermissions);
-      }
-
-      await this.$query(trx).patch({
-        name,
-        description,
-      });
-
-      return await this.$query(trx)
-        .leftJoinRelated({
-          permissions: true,
-        })
-        .withGraphFetched({
-          permissions: true,
-        });
     });
+
+    return await this.$query()
+      .leftJoinRelated({
+        permissions: true,
+      })
+      .withGraphFetched({
+        permissions: true,
+      });
   }
 
   async deleteWithPermissions() {
-    return await Role.transaction(async (trx) => {
+    await this.deletePermissions();
-      await this.$relatedQuery('permissions', trx).delete();
 
-      return await this.$query(trx).delete();
+    return await this.$query().delete();
-    });
   }
 
-  async $beforeDelete(queryContext) {
+  async assertNoRoleUserExists() {
-    await super.$beforeDelete(queryContext);
-
-    if (this.isAdmin) {
-      throw new NotAuthorizedError('The admin role cannot be deleted!');
-    }
-
     const userCount = await this.$relatedQuery('users').limit(1).resultSize();
     const hasUsers = userCount > 0;
 
@@ -118,7 +125,9 @@ class Role extends Base {
         type: 'ValidationError',
       });
     }
+  }
 
+  async assertNoConfigurationUsage() {
     const samlAuthProviderUsingDefaultRole = await SamlAuthProvider.query()
       .where({
         default_role_id: this.id,
@@ -140,6 +149,26 @@ class Role extends Base {
       });
     }
   }
+
+  async assertRoleIsNotUsed() {
+    await this.assertNoRoleUserExists();
+
+    await this.assertNoConfigurationUsage();
+  }
+
+  async $beforeUpdate(opt, queryContext) {
+    await super.$beforeUpdate(opt, queryContext);
+
+    await this.preventAlteringAdmin();
+  }
+
+  async $beforeDelete(queryContext) {
+    await super.$beforeDelete(queryContext);
+
+    await this.preventAlteringAdmin();
+
+    await this.assertRoleIsNotUsed();
+  }
 }
 
 export default Role;

packages/backend/src/models/role.test.js

@@ -0,0 +1,287 @@
+import { describe, it, expect, vi } from 'vitest';
+import Role from './role';
+import Base from './base.js';
+import Permission from './permission.js';
+import User from './user.js';
+import { createRole } from '../../test/factories/role.js';
+import { createPermission } from '../../test/factories/permission.js';
+import { createUser } from '../../test/factories/user.js';
+import { createSamlAuthProvider } from '../../test/factories/saml-auth-provider.ee.js';
+
+describe('Role model', () => {
+  it('tableName should return correct name', () => {
+    expect(Role.tableName).toBe('roles');
+  });
+
+  it('jsonSchema should have correct validations', () => {
+    expect(Role.jsonSchema).toMatchSnapshot();
+  });
+
+  it('relationMappingsshould return correct associations', () => {
+    const relationMappings = Role.relationMappings();
+
+    const expectedRelations = {
+      users: {
+        relation: Base.HasManyRelation,
+        modelClass: User,
+        join: {
+          from: 'roles.id',
+          to: 'users.role_id',
+        },
+      },
+      permissions: {
+        relation: Base.HasManyRelation,
+        modelClass: Permission,
+        join: {
+          from: 'roles.id',
+          to: 'permissions.role_id',
+        },
+      },
+    };
+
+    expect(relationMappings).toStrictEqual(expectedRelations);
+  });
+
+  it('virtualAttributes should return correct attributes', () => {
+    expect(Role.virtualAttributes).toStrictEqual(['isAdmin']);
+  });
+
+  describe('isAdmin', () => {
+    it('should return true for admin named role', () => {
+      const role = new Role();
+      role.name = 'Admin';
+
+      expect(role.isAdmin).toBe(true);
+    });
+
+    it('should return false for not admin named roles', () => {
+      const role = new Role();
+      role.name = 'User';
+
+      expect(role.isAdmin).toBe(false);
+    });
+  });
+
+  it('findAdmin should return admin role', async () => {
+    const createdAdminRole = await createRole({ name: 'Admin' });
+
+    const adminRole = await Role.findAdmin();
+
+    expect(createdAdminRole).toStrictEqual(adminRole);
+  });
+
+  describe('preventAlteringAdmin', () => {
+    it('preventAlteringAdmin should throw an error when altering admin role', async () => {
+      const role = await createRole({ name: 'Admin' });
+
+      await expect(() => role.preventAlteringAdmin()).rejects.toThrowError(
+        'The admin role cannot be altered!'
+      );
+    });
+
+    it('preventAlteringAdmin should not throw an error when altering non-admin roles', async () => {
+      const role = await createRole({ name: 'User' });
+
+      expect(await role.preventAlteringAdmin()).toBe(undefined);
+    });
+  });
+
+  it("deletePermissions should delete role's permissions", async () => {
+    const role = await createRole({ name: 'User' });
+    await createPermission({ roleId: role.id });
+
+    await role.deletePermissions();
+
+    expect(await role.$relatedQuery('permissions')).toStrictEqual([]);
+  });
+
+  describe('createPermissions', () => {
+    it('should create permissions', async () => {
+      const role = await createRole({ name: 'User' });
+
+      await role.createPermissions([
+        { action: 'read', subject: 'Flow', conditions: [] },
+      ]);
+
+      expect(await role.$relatedQuery('permissions')).toMatchObject([
+        {
+          action: 'read',
+          subject: 'Flow',
+          conditions: [],
+        },
+      ]);
+    });
+
+    it('should call Permission.filter', async () => {
+      const role = await createRole({ name: 'User' });
+
+      const permissions = [{ action: 'read', subject: 'Flow', conditions: [] }];
+
+      const permissionFilterSpy = vi
+        .spyOn(Permission, 'filter')
+        .mockReturnValue(permissions);
+
+      await role.createPermissions(permissions);
+
+      expect(permissionFilterSpy).toHaveBeenCalledWith(permissions);
+    });
+  });
+
+  it('updatePermissions should delete existing permissions and create new permissions', async () => {
+    const permissionsData = [
+      { action: 'read', subject: 'Flow', conditions: [] },
+    ];
+
+    const deletePermissionsSpy = vi
+      .spyOn(Role.prototype, 'deletePermissions')
+      .mockResolvedValueOnce();
+    const createPermissionsSpy = vi
+      .spyOn(Role.prototype, 'createPermissions')
+      .mockResolvedValueOnce();
+
+    const role = await createRole({ name: 'User' });
+
+    await role.updatePermissions(permissionsData);
+
+    expect(deletePermissionsSpy.mock.invocationCallOrder[0]).toBeLessThan(
+      createPermissionsSpy.mock.invocationCallOrder[0]
+    );
+
+    expect(deletePermissionsSpy).toHaveBeenNthCalledWith(1);
+    expect(createPermissionsSpy).toHaveBeenNthCalledWith(1, permissionsData);
+  });
+
+  describe('updateWithPermissions', () => {
+    it('should update role along with given permissions', async () => {
+      const role = await createRole({ name: 'User' });
+      await createPermission({
+        roleId: role.id,
+        subject: 'Flow',
+        action: 'read',
+        conditions: [],
+      });
+
+      const newRoleData = {
+        name: 'Updated user',
+        description: 'Updated description',
+        permissions: [
+          {
+            action: 'update',
+            subject: 'Flow',
+            conditions: [],
+          },
+        ],
+      };
+
+      await role.updateWithPermissions(newRoleData);
+
+      const roleWithPermissions = await role
+        .$query()
+        .leftJoinRelated({ permissions: true })
+        .withGraphFetched({ permissions: true });
+
+      expect(roleWithPermissions).toMatchObject(newRoleData);
+    });
+  });
+
+  describe('deleteWithPermissions', () => {
+    it('should delete role along with given permissions', async () => {
+      const role = await createRole({ name: 'User' });
+      await createPermission({
+        roleId: role.id,
+        subject: 'Flow',
+        action: 'read',
+        conditions: [],
+      });
+
+      await role.deleteWithPermissions();
+
+      const refetchedRole = await role.$query();
+      const rolePermissions = await Permission.query().where({
+        roleId: role.id,
+      });
+
+      expect(refetchedRole).toBe(undefined);
+      expect(rolePermissions).toStrictEqual([]);
+    });
+  });
+
+  describe('assertNoRoleUserExists', () => {
+    it('should reject with an error when the role has users', async () => {
+      const role = await createRole({ name: 'User' });
+      await createUser({ roleId: role.id });
+
+      await expect(() => role.assertNoRoleUserExists()).rejects.toThrowError(
+        `All users must be migrated away from the "User" role.`
+      );
+    });
+
+    it('should resolve when the role does not have any users', async () => {
+      const role = await createRole();
+
+      expect(await role.assertNoRoleUserExists()).toBe(undefined);
+    });
+  });
+
+  describe('assertNoConfigurationUsage', () => {
+    it('should reject with an error when the role is used in configuration', async () => {
+      const role = await createRole();
+      await createSamlAuthProvider({ defaultRoleId: role.id });
+
+      await expect(() =>
+        role.assertNoConfigurationUsage()
+      ).rejects.toThrowError(
+        'samlAuthProvider: You need to change the default role in the SAML configuration before deleting this role.'
+      );
+    });
+
+    it('should resolve when the role does not have any users', async () => {
+      const role = await createRole();
+
+      expect(await role.assertNoConfigurationUsage()).toBe(undefined);
+    });
+  });
+
+  it('assertRoleIsNotUsed should call assertNoRoleUserExists and assertNoConfigurationUsage', async () => {
+    const role = new Role();
+
+    const assertNoRoleUserExistsSpy = vi
+      .spyOn(role, 'assertNoRoleUserExists')
+      .mockResolvedValue();
+
+    const assertNoConfigurationUsageSpy = vi
+      .spyOn(role, 'assertNoConfigurationUsage')
+      .mockResolvedValue();
+
+    await role.assertRoleIsNotUsed();
+
+    expect(assertNoRoleUserExistsSpy).toHaveBeenCalledOnce();
+    expect(assertNoConfigurationUsageSpy).toHaveBeenCalledOnce();
+  });
+
+  describe('$beforeDelete', () => {
+    it('should call preventAlteringAdmin', async () => {
+      const role = await createRole({ name: 'User' });
+
+      const preventAlteringAdminSpy = vi
+        .spyOn(role, 'preventAlteringAdmin')
+        .mockResolvedValue();
+
+      await role.$query().delete();
+
+      expect(preventAlteringAdminSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should call assertRoleIsNotUsed', async () => {
+      const role = await createRole({ name: 'User' });
+
+      const assertRoleIsNotUsedSpy = vi
+        .spyOn(role, 'assertRoleIsNotUsed')
+        .mockResolvedValue();
+
+      await role.$query().delete();
+
+      expect(assertRoleIsNotUsedSpy).toHaveBeenCalledOnce();
+    });
+  });
+});

packages/backend/src/models/saml-auth-provider.ee.test.js

@@ -0,0 +1,48 @@
+import { describe, it, expect } from 'vitest';
+import SamlAuthProvider from '../models/saml-auth-provider.ee';
+import SamlAuthProvidersRoleMapping from '../models/saml-auth-providers-role-mapping.ee';
+import Identity from './identity.ee';
+import Base from './base';
+
+describe('SamlAuthProvider model', () => {
+  it('tableName should return correct name', () => {
+    expect(SamlAuthProvider.tableName).toBe('saml_auth_providers');
+  });
+
+  it('jsonSchema should have the correct schema', () => {
+    expect(SamlAuthProvider.jsonSchema).toMatchSnapshot();
+  });
+
+  it('relationMappings should return correct associations', () => {
+    const relationMappings = SamlAuthProvider.relationMappings();
+
+    const expectedRelations = {
+      identities: {
+        relation: Base.HasOneRelation,
+        modelClass: Identity,
+        join: {
+          from: 'identities.provider_id',
+          to: 'saml_auth_providers.id',
+        },
+      },
+      samlAuthProvidersRoleMappings: {
+        relation: Base.HasManyRelation,
+        modelClass: SamlAuthProvidersRoleMapping,
+        join: {
+          from: 'saml_auth_providers.id',
+          to: 'saml_auth_providers_role_mappings.saml_auth_provider_id',
+        },
+      },
+    };
+
+    expect(relationMappings).toStrictEqual(expectedRelations);
+  });
+
+  it('virtualAttributes should return correct attributes', () => {
+    const virtualAttributes = SamlAuthProvider.virtualAttributes;
+
+    const expectedAttributes = ['loginUrl', 'remoteLogoutUrl'];
+
+    expect(virtualAttributes).toStrictEqual(expectedAttributes);
+  });
+});

packages/backend/src/models/step.js

@@ -93,6 +93,14 @@ class Step extends Base {
     return `${appConfig.baseUrl}/apps/${this.appKey}/assets/favicon.svg`;
   }
 
+  get isTrigger() {
+    return this.type === 'trigger';
+  }
+
+  get isAction() {
+    return this.type === 'action';
+  }
+
   async computeWebhookPath() {
     if (this.type === 'action') return null;
 
@@ -135,24 +143,6 @@ class Step extends Base {
     return webhookUrl;
   }
 
-  async $afterInsert(queryContext) {
-    await super.$afterInsert(queryContext);
-    Telemetry.stepCreated(this);
-  }
-
-  async $afterUpdate(opt, queryContext) {
-    await super.$afterUpdate(opt, queryContext);
-    Telemetry.stepUpdated(this);
-  }
-
-  get isTrigger() {
-    return this.type === 'trigger';
-  }
-
-  get isAction() {
-    return this.type === 'action';
-  }
-
   async getApp() {
     if (!this.appKey) return null;
 
@@ -170,12 +160,7 @@ class Step extends Base {
   }
 
   async getLastExecutionStep() {
-    const lastExecutionStep = await this.$relatedQuery('executionSteps')
+    return await this.$relatedQuery('lastExecutionStep');
-      .orderBy('created_at', 'desc')
-      .limit(1)
-      .first();
-
-    return lastExecutionStep;
   }
 
   async getNextStep() {
@@ -207,19 +192,18 @@ class Step extends Base {
   }
 
   async getSetupFields() {
-    let setupSupsteps;
+    let substeps;
 
     if (this.isTrigger) {
-      setupSupsteps = (await this.getTriggerCommand()).substeps;
+      substeps = (await this.getTriggerCommand()).substeps;
     } else {
-      setupSupsteps = (await this.getActionCommand()).substeps;
+      substeps = (await this.getActionCommand()).substeps;
     }
 
-    const existingArguments = setupSupsteps.find(
+    const setupSubstep = substeps.find(
       (substep) => substep.key === 'chooseTrigger'
-    ).arguments;
+    );
-
+    return setupSubstep.arguments;
-    return existingArguments;
   }
 
   async getSetupAndDynamicFields() {
@@ -326,23 +310,17 @@ class Step extends Base {
       .$relatedQuery('steps')
       .where('position', '>', this.position);
 
-    const nextStepQueries = nextSteps.map(async (nextStep) => {
+    await flow.updateStepPositionsFrom(this.position, nextSteps);
-      await nextStep.$query().patch({
-        position: nextStep.position - 1,
-      });
-    });
-
-    await Promise.all(nextStepQueries);
   }
 
   async updateFor(user, newStepData) {
-    const { connectionId, appKey, key, parameters } = newStepData;
+    const { appKey = this.appKey, connectionId, key, parameters } = newStepData;
 
-    if (connectionId && (appKey || this.appKey)) {
+    if (connectionId && appKey) {
       await user.authorizedConnections
         .findOne({
           id: connectionId,
-          key: appKey || this.appKey,
+          key: appKey,
         })
         .throwIfNotFound();
     }
@@ -356,8 +334,8 @@ class Step extends Base {
     }
 
     const updatedStep = await this.$query().patchAndFetch({
-      key: key,
+      key,
-      appKey: appKey,
+      appKey,
       connectionId: connectionId,
       parameters: parameters,
       status: 'incomplete',
@@ -367,6 +345,16 @@ class Step extends Base {
 
     return updatedStep;
   }
+
+  async $afterInsert(queryContext) {
+    await super.$afterInsert(queryContext);
+    Telemetry.stepCreated(this);
+  }
+
+  async $afterUpdate(opt, queryContext) {
+    await super.$afterUpdate(opt, queryContext);
+    Telemetry.stepUpdated(this);
+  }
 }
 
 export default Step;

packages/backend/src/models/step.test.js

@@ -0,0 +1,504 @@
+import { beforeEach, describe, it, expect, vi } from 'vitest';
+import appConfig from '../config/app.js';
+import App from './app.js';
+import Base from './base.js';
+import Step from './step.js';
+import Flow from './flow.js';
+import Connection from './connection.js';
+import ExecutionStep from './execution-step.js';
+import Telemetry from '../helpers/telemetry/index.js';
+import * as testRunModule from '../services/test-run.js';
+import { createFlow } from '../../test/factories/flow.js';
+import { createUser } from '../../test/factories/user.js';
+import { createRole } from '../../test/factories/role.js';
+import { createPermission } from '../../test/factories/permission.js';
+import { createConnection } from '../../test/factories/connection.js';
+import { createStep } from '../../test/factories/step.js';
+import { createExecutionStep } from '../../test/factories/execution-step.js';
+
+describe('Step model', () => {
+  it('tableName should return correct name', () => {
+    expect(Step.tableName).toBe('steps');
+  });
+
+  it('jsonSchema should have correct validations', () => {
+    expect(Step.jsonSchema).toMatchSnapshot();
+  });
+
+  it('virtualAttributes should return correct attributes', () => {
+    const virtualAttributes = Step.virtualAttributes;
+
+    const expectedAttributes = ['iconUrl', 'webhookUrl'];
+
+    expect(virtualAttributes).toStrictEqual(expectedAttributes);
+  });
+
+  describe('relationMappings', () => {
+    it('should return correct associations', () => {
+      const relationMappings = Step.relationMappings();
+
+      const expectedRelations = {
+        flow: {
+          relation: Base.BelongsToOneRelation,
+          modelClass: Flow,
+          join: {
+            from: 'steps.flow_id',
+            to: 'flows.id',
+          },
+        },
+        connection: {
+          relation: Base.HasOneRelation,
+          modelClass: Connection,
+          join: {
+            from: 'steps.connection_id',
+            to: 'connections.id',
+          },
+        },
+        lastExecutionStep: {
+          relation: Base.HasOneRelation,
+          modelClass: ExecutionStep,
+          join: {
+            from: 'steps.id',
+            to: 'execution_steps.step_id',
+          },
+          filter: expect.any(Function),
+        },
+        executionSteps: {
+          relation: Base.HasManyRelation,
+          modelClass: ExecutionStep,
+          join: {
+            from: 'steps.id',
+            to: 'execution_steps.step_id',
+          },
+        },
+      };
+
+      expect(relationMappings).toStrictEqual(expectedRelations);
+    });
+
+    it('lastExecutionStep should return the trigger step', () => {
+      const relations = Step.relationMappings();
+
+      const firstSpy = vi.fn();
+
+      const limitSpy = vi.fn().mockImplementation(() => ({
+        first: firstSpy,
+      }));
+
+      const orderBySpy = vi.fn().mockImplementation(() => ({
+        limit: limitSpy,
+      }));
+
+      relations.lastExecutionStep.filter({ orderBy: orderBySpy });
+
+      expect(orderBySpy).toHaveBeenCalledWith('created_at', 'desc');
+      expect(limitSpy).toHaveBeenCalledWith(1);
+      expect(firstSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  describe('webhookUrl', () => {
+    it('should return it along with appConfig.webhookUrl when exists', () => {
+      vi.spyOn(appConfig, 'webhookUrl', 'get').mockReturnValue(
+        'https://automatisch.io'
+      );
+
+      const step = new Step();
+      step.webhookPath = '/webhook-path';
+
+      expect(step.webhookUrl).toBe('https://automatisch.io/webhook-path');
+    });
+
+    it('should return null when webhookUrl does not exist', () => {
+      const step = new Step();
+
+      expect(step.webhookUrl).toBe(null);
+    });
+  });
+
+  describe('iconUrl', () => {
+    it('should return step app icon absolute URL when app is set', () => {
+      vi.spyOn(appConfig, 'baseUrl', 'get').mockReturnValue(
+        'https://automatisch.io'
+      );
+
+      const step = new Step();
+      step.appKey = 'gitlab';
+
+      expect(step.iconUrl).toBe(
+        'https://automatisch.io/apps/gitlab/assets/favicon.svg'
+      );
+    });
+
+    it('should return null when appKey is not set', () => {
+      const step = new Step();
+
+      expect(step.iconUrl).toBe(null);
+    });
+  });
+
+  it('isTrigger should return true when step type is trigger', () => {
+    const step = new Step();
+    step.type = 'trigger';
+
+    expect(step.isTrigger).toBe(true);
+  });
+
+  it('isAction should return true when step type is action', () => {
+    const step = new Step();
+    step.type = 'action';
+
+    expect(step.isAction).toBe(true);
+  });
+
+  describe.todo('computeWebhookPath');
+
+  describe('getWebhookUrl', () => {
+    it('should return absolute webhook URL when step type is trigger', async () => {
+      const step = new Step();
+      step.type = 'trigger';
+
+      vi.spyOn(step, 'computeWebhookPath').mockResolvedValue('/webhook-path');
+      vi.spyOn(appConfig, 'webhookUrl', 'get').mockReturnValue(
+        'https://automatisch.io'
+      );
+
+      expect(await step.getWebhookUrl()).toBe(
+        'https://automatisch.io/webhook-path'
+      );
+    });
+
+    it('should return undefined when step type is action', async () => {
+      const step = new Step();
+      step.type = 'action';
+
+      expect(await step.getWebhookUrl()).toBe(undefined);
+    });
+  });
+  describe('getApp', () => {
+    it('should return app with the given appKey', async () => {
+      const step = new Step();
+      step.appKey = 'gitlab';
+
+      const findOneByKeySpy = vi.spyOn(App, 'findOneByKey').mockResolvedValue();
+
+      await step.getApp();
+      expect(findOneByKeySpy).toHaveBeenCalledWith('gitlab');
+    });
+
+    it('should return null with no appKey', async () => {
+      const step = new Step();
+
+      const findOneByKeySpy = vi.spyOn(App, 'findOneByKey').mockResolvedValue();
+
+      expect(await step.getApp()).toBe(null);
+      expect(findOneByKeySpy).not.toHaveBeenCalled();
+    });
+  });
+
+  it('test should execute the flow and mark the step as completed', async () => {
+    const step = await createStep({ status: 'incomplete' });
+
+    const testRunSpy = vi.spyOn(testRunModule, 'default').mockResolvedValue();
+
+    const updatedStep = await step.test();
+
+    expect(testRunSpy).toHaveBeenCalledWith({ stepId: step.id });
+    expect(updatedStep.status).toBe('completed');
+  });
+
+  it('getLastExecutionStep should return last execution step', async () => {
+    const step = await createStep();
+    await createExecutionStep({ stepId: step.id });
+    const secondExecutionStep = await createExecutionStep({ stepId: step.id });
+
+    expect(await step.getLastExecutionStep()).toStrictEqual(
+      secondExecutionStep
+    );
+  });
+
+  it('getNextStep should return the next step', async () => {
+    const firstStep = await createStep();
+    const secondStep = await createStep({ flowId: firstStep.flowId });
+    const thirdStep = await createStep({ flowId: firstStep.flowId });
+
+    expect(await secondStep.getNextStep()).toStrictEqual(thirdStep);
+  });
+
+  describe('getTriggerCommand', () => {
+    it('should return trigger command when app key and key are defined in trigger step', async () => {
+      const step = new Step();
+      step.type = 'trigger';
+      step.appKey = 'webhook';
+      step.key = 'catchRawWebhook';
+
+      const findOneByKeySpy = vi.spyOn(App, 'findOneByKey');
+      const triggerCommand = await step.getTriggerCommand();
+
+      expect(findOneByKeySpy).toHaveBeenCalledWith(step.appKey);
+      expect(triggerCommand.key).toBe(step.key);
+    });
+
+    it('should return null when key is not defined', async () => {
+      const step = new Step();
+      step.type = 'trigger';
+      step.appKey = 'webhook';
+
+      expect(await step.getTriggerCommand()).toBe(null);
+    });
+  });
+
+  describe('getActionCommand', () => {
+    it('should return action comamand when app key and key are defined in action step', async () => {
+      const step = new Step();
+      step.type = 'action';
+      step.appKey = 'ntfy';
+      step.key = 'sendMessage';
+
+      const findOneByKeySpy = vi.spyOn(App, 'findOneByKey');
+      const actionCommand = await step.getActionCommand();
+
+      expect(findOneByKeySpy).toHaveBeenCalledWith(step.appKey);
+      expect(actionCommand.key).toBe(step.key);
+    });
+
+    it('should return null when key is not defined', async () => {
+      const step = new Step();
+      step.type = 'action';
+      step.appKey = 'ntfy';
+
+      expect(await step.getActionCommand()).toBe(null);
+    });
+  });
+
+  describe('getSetupFields', () => {
+    it('should return trigger setup substep fields in trigger step', async () => {
+      const step = new Step();
+      step.appKey = 'webhook';
+      step.key = 'catchRawWebhook';
+      step.type = 'trigger';
+
+      expect(await step.getSetupFields()).toStrictEqual([
+        {
+          label: 'Wait until flow is done',
+          key: 'workSynchronously',
+          type: 'dropdown',
+          required: true,
+          options: [
+            { label: 'Yes', value: true },
+            { label: 'No', value: false },
+          ],
+        },
+      ]);
+    });
+
+    it('should return action setup substep fields in action step', async () => {
+      const step = new Step();
+      step.appKey = 'datastore';
+      step.key = 'getValue';
+      step.type = 'action';
+
+      expect(await step.getSetupFields()).toStrictEqual([
+        {
+          label: 'Key',
+          key: 'key',
+          type: 'string',
+          required: true,
+          description: 'The key of your value to get.',
+          variables: true,
+        },
+      ]);
+    });
+  });
+
+  it.todo('getSetupAndDynamicFields');
+  it.todo('createDynamicFields');
+  it.todo('createDynamicData');
+  it.todo('updateWebhookUrl');
+
+  describe('delete', () => {
+    it('should delete the step and align the positions', async () => {
+      const flow = await createFlow();
+      await createStep({ flowId: flow.id, position: 1, type: 'trigger' });
+      await createStep({ flowId: flow.id, position: 2 });
+      const stepToDelete = await createStep({ flowId: flow.id, position: 3 });
+      await createStep({ flowId: flow.id, position: 4 });
+
+      await stepToDelete.delete();
+
+      const steps = await flow.$relatedQuery('steps');
+      const stepIds = steps.map((step) => step.id);
+
+      expect(stepIds).not.toContain(stepToDelete.id);
+    });
+
+    it('should align the positions of remaining steps', async () => {
+      const flow = await createFlow();
+      await createStep({ flowId: flow.id, position: 1, type: 'trigger' });
+      await createStep({ flowId: flow.id, position: 2 });
+      const stepToDelete = await createStep({ flowId: flow.id, position: 3 });
+      await createStep({ flowId: flow.id, position: 4 });
+
+      await stepToDelete.delete();
+
+      const steps = await flow.$relatedQuery('steps');
+      const stepPositions = steps.map((step) => step.position);
+
+      expect(stepPositions).toMatchObject([1, 2, 3]);
+    });
+
+    it('should delete related execution steps', async () => {
+      const step = await createStep();
+      const executionStep = await createExecutionStep({ stepId: step.id });
+
+      await step.delete();
+
+      expect(await executionStep.$query()).toBe(undefined);
+    });
+  });
+
+  describe('updateFor', async () => {
+    let step,
+      userRole,
+      user,
+      userConnection,
+      anotherUser,
+      anotherUserConnection;
+
+    beforeEach(async () => {
+      userRole = await createRole({ name: 'User' });
+      anotherUser = await createUser({ roleId: userRole.id });
+      user = await createUser({ roleId: userRole.id });
+
+      userConnection = await createConnection({
+        key: 'deepl',
+        userId: user.id,
+      });
+
+      anotherUserConnection = await createConnection({
+        key: 'deepl',
+        userId: anotherUser.id,
+      });
+
+      await createPermission({
+        roleId: userRole.id,
+        action: 'read',
+        subject: 'Connection',
+        conditions: ['isCreator'],
+      });
+
+      step = await createStep();
+    });
+
+    it('should update step with the given payload and mark it as incomplete', async () => {
+      const stepData = {
+        appKey: 'deepl',
+        key: 'translateText',
+        connectionId: anotherUserConnection.id,
+        parameters: {
+          key: 'value',
+        },
+      };
+
+      const anotherUserWithRoleAndPermissions = await anotherUser
+        .$query()
+        .withGraphFetched({ permissions: true, role: true });
+
+      const updatedStep = await step.updateFor(
+        anotherUserWithRoleAndPermissions,
+        stepData
+      );
+
+      expect(updatedStep).toMatchObject({
+        ...stepData,
+        status: 'incomplete',
+      });
+    });
+
+    it('should invoke updateWebhookUrl', async () => {
+      const updateWebhookUrlSpy = vi
+        .spyOn(Step.prototype, 'updateWebhookUrl')
+        .mockResolvedValue();
+
+      const stepData = {
+        appKey: 'deepl',
+        key: 'translateText',
+      };
+
+      await step.updateFor(user, stepData);
+
+      expect(updateWebhookUrlSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should not update step when inaccessible connection is given', async () => {
+      const stepData = {
+        appKey: 'deepl',
+        key: 'translateText',
+        connectionId: userConnection.id,
+      };
+
+      const anotherUserWithRoleAndPermissions = await anotherUser
+        .$query()
+        .withGraphFetched({ permissions: true, role: true });
+
+      await expect(() =>
+        step.updateFor(anotherUserWithRoleAndPermissions, stepData)
+      ).rejects.toThrowError('NotFoundError');
+    });
+
+    it('should not update step when given app key and key do not exist', async () => {
+      const stepData = {
+        appKey: 'deepl',
+        key: 'not-existing-key',
+      };
+
+      await expect(() => step.updateFor(user, stepData)).rejects.toThrowError(
+        'DeepL does not have an action with the "not-existing-key" key!'
+      );
+    });
+  });
+
+  describe('$afterInsert', () => {
+    it('should call super.$afterInsert', async () => {
+      const superAfterInsertSpy = vi.spyOn(Base.prototype, '$afterInsert');
+
+      await createStep();
+
+      expect(superAfterInsertSpy).toHaveBeenCalled();
+    });
+
+    it('should call Telemetry.stepCreated', async () => {
+      const telemetryStepCreatedSpy = vi
+        .spyOn(Telemetry, 'stepCreated')
+        .mockImplementation(() => {});
+
+      const step = await createStep();
+
+      expect(telemetryStepCreatedSpy).toHaveBeenCalledWith(step);
+    });
+  });
+
+  describe('$afterUpdate', () => {
+    it('should call super.$afterUpdate', async () => {
+      const superAfterUpdateSpy = vi.spyOn(Base.prototype, '$afterUpdate');
+
+      const step = await createStep();
+
+      await step.$query().patch({ position: 2 });
+
+      expect(superAfterUpdateSpy).toHaveBeenCalledOnce();
+    });
+
+    it('$afterUpdate should call Telemetry.stepUpdated', async () => {
+      const telemetryStepUpdatedSpy = vi
+        .spyOn(Telemetry, 'stepUpdated')
+        .mockImplementation(() => {});
+
+      const step = await createStep();
+
+      await step.$query().patch({ position: 2 });
+
+      expect(telemetryStepUpdatedSpy).toHaveBeenCalled({});
+    });
+  });
+});

packages/backend/src/models/user.js

@@ -223,8 +223,8 @@ class User extends Base {
     }
   }
 
-  login(password) {
+  async login(password) {
-    return bcrypt.compare(password, this.password);
+    return await bcrypt.compare(password, this.password);
   }
 
   async generateResetPasswordToken() {
@@ -642,7 +642,7 @@ class User extends Base {
   can(action, subject) {
     const can = this.ability.can(action, subject);
 
-    if (!can) throw new NotAuthorizedError();
+    if (!can) throw new NotAuthorizedError('The user is not authorized!');
 
     const relevantRule = this.ability.relevantRuleFor(action, subject);
 

packages/backend/src/models/user.test.js

@@ -0,0 +1,583 @@
+import { describe, it, expect, vi } from 'vitest';
+import appConfig from '../config/app.js';
+import Base from './base.js';
+import AccessToken from './access-token.js';
+import Connection from './connection.js';
+import Execution from './execution.js';
+import Flow from './flow.js';
+import Identity from './identity.ee.js';
+import Permission from './permission.js';
+import Role from './role.js';
+import Step from './step.js';
+import Subscription from './subscription.ee.js';
+import UsageData from './usage-data.ee.js';
+import User from './user.js';
+import { createUser } from '../../test/factories/user.js';
+import { createConnection } from '../../test/factories/connection.js';
+import { createRole } from '../../test/factories/role.js';
+import { createPermission } from '../../test/factories/permission.js';
+import { createFlow } from '../../test/factories/flow.js';
+import { createStep } from '../../test/factories/step.js';
+import { createExecution } from '../../test/factories/execution.js';
+
+describe('User model', () => {
+  it('tableName should return correct name', () => {
+    expect(User.tableName).toBe('users');
+  });
+
+  it('jsonSchema should have correct validations', () => {
+    expect(User.jsonSchema).toMatchSnapshot();
+  });
+
+  describe('relationMappings', () => {
+    it('should return correct associations', () => {
+      const relationMappings = User.relationMappings();
+
+      const expectedRelations = {
+        accessTokens: {
+          relation: Base.HasManyRelation,
+          modelClass: AccessToken,
+          join: {
+            from: 'users.id',
+            to: 'access_tokens.user_id',
+          },
+        },
+        connections: {
+          relation: Base.HasManyRelation,
+          modelClass: Connection,
+          join: {
+            from: 'users.id',
+            to: 'connections.user_id',
+          },
+        },
+        flows: {
+          relation: Base.HasManyRelation,
+          modelClass: Flow,
+          join: {
+            from: 'users.id',
+            to: 'flows.user_id',
+          },
+        },
+        steps: {
+          relation: Base.ManyToManyRelation,
+          modelClass: Step,
+          join: {
+            from: 'users.id',
+            through: {
+              from: 'flows.user_id',
+              to: 'flows.id',
+            },
+            to: 'steps.flow_id',
+          },
+        },
+        executions: {
+          relation: Base.ManyToManyRelation,
+          modelClass: Execution,
+          join: {
+            from: 'users.id',
+            through: {
+              from: 'flows.user_id',
+              to: 'flows.id',
+            },
+            to: 'executions.flow_id',
+          },
+        },
+        usageData: {
+          relation: Base.HasManyRelation,
+          modelClass: UsageData,
+          join: {
+            from: 'usage_data.user_id',
+            to: 'users.id',
+          },
+        },
+        currentUsageData: {
+          relation: Base.HasOneRelation,
+          modelClass: UsageData,
+          join: {
+            from: 'usage_data.user_id',
+            to: 'users.id',
+          },
+          filter: expect.any(Function),
+        },
+        subscriptions: {
+          relation: Base.HasManyRelation,
+          modelClass: Subscription,
+          join: {
+            from: 'subscriptions.user_id',
+            to: 'users.id',
+          },
+        },
+        currentSubscription: {
+          relation: Base.HasOneRelation,
+          modelClass: Subscription,
+          join: {
+            from: 'subscriptions.user_id',
+            to: 'users.id',
+          },
+          filter: expect.any(Function),
+        },
+        role: {
+          relation: Base.HasOneRelation,
+          modelClass: Role,
+          join: {
+            from: 'roles.id',
+            to: 'users.role_id',
+          },
+        },
+        permissions: {
+          relation: Base.HasManyRelation,
+          modelClass: Permission,
+          join: {
+            from: 'users.role_id',
+            to: 'permissions.role_id',
+          },
+        },
+        identities: {
+          relation: Base.HasManyRelation,
+          modelClass: Identity,
+          join: {
+            from: 'identities.user_id',
+            to: 'users.id',
+          },
+        },
+      };
+
+      expect(relationMappings).toStrictEqual(expectedRelations);
+    });
+
+    it('currentUsageData should return the current usage data', () => {
+      const relations = User.relationMappings();
+
+      const firstSpy = vi.fn();
+
+      const limitSpy = vi.fn().mockImplementation(() => ({
+        first: firstSpy,
+      }));
+
+      const orderBySpy = vi.fn().mockImplementation(() => ({
+        limit: limitSpy,
+      }));
+
+      relations.currentUsageData.filter({ orderBy: orderBySpy });
+
+      expect(orderBySpy).toHaveBeenCalledWith('created_at', 'desc');
+      expect(limitSpy).toHaveBeenCalledWith(1);
+      expect(firstSpy).toHaveBeenCalledOnce();
+    });
+
+    it('currentSubscription should return the current subscription', () => {
+      const relations = User.relationMappings();
+
+      const firstSpy = vi.fn();
+
+      const limitSpy = vi.fn().mockImplementation(() => ({
+        first: firstSpy,
+      }));
+
+      const orderBySpy = vi.fn().mockImplementation(() => ({
+        limit: limitSpy,
+      }));
+
+      relations.currentSubscription.filter({ orderBy: orderBySpy });
+
+      expect(orderBySpy).toHaveBeenCalledWith('created_at', 'desc');
+      expect(limitSpy).toHaveBeenCalledWith(1);
+      expect(firstSpy).toHaveBeenCalledOnce();
+    });
+  });
+
+  it('virtualAttributes should return correct attributes', () => {
+    const virtualAttributes = User.virtualAttributes;
+
+    const expectedAttributes = ['acceptInvitationUrl'];
+
+    expect(virtualAttributes).toStrictEqual(expectedAttributes);
+  });
+
+  it('acceptInvitationUrl should return accept invitation page URL with invitation token', async () => {
+    const user = new User();
+    user.invitationToken = 'invitation-token';
+
+    vi.spyOn(appConfig, 'webAppUrl', 'get').mockReturnValue(
+      'https://automatisch.io'
+    );
+
+    expect(user.acceptInvitationUrl).toBe(
+      'https://automatisch.io/accept-invitation?token=invitation-token'
+    );
+  });
+
+  describe('authenticate', () => {
+    it('should create and return the token for correct email and password', async () => {
+      const user = await createUser({
+        email: 'test-user@automatisch.io',
+        password: 'sample-password',
+      });
+
+      const token = await User.authenticate(
+        'test-user@automatisch.io',
+        'sample-password'
+      );
+
+      const persistedToken = await AccessToken.query().findOne({
+        userId: user.id,
+      });
+
+      expect(token).toBe(persistedToken.token);
+    });
+
+    it('should return undefined for existing email and incorrect password', async () => {
+      await createUser({
+        email: 'test-user@automatisch.io',
+        password: 'sample-password',
+      });
+
+      const token = await User.authenticate(
+        'test-user@automatisch.io',
+        'wrong-password'
+      );
+
+      expect(token).toBe(undefined);
+    });
+
+    it('should return undefined for non-existing email', async () => {
+      await createUser({
+        email: 'test-user@automatisch.io',
+        password: 'sample-password',
+      });
+
+      const token = await User.authenticate('non-existing-user@automatisch.io');
+
+      expect(token).toBe(undefined);
+    });
+  });
+
+  describe('authorizedFlows', () => {
+    it('should return user flows with isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Flow',
+        action: 'read',
+        conditions: ['isCreator'],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userFlow = await createFlow({ userId: user.id });
+      await createFlow();
+
+      expect(await userWithRoleAndPermissions.authorizedFlows).toStrictEqual([
+        userFlow,
+      ]);
+    });
+
+    it('should return all flows without isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Flow',
+        action: 'read',
+        conditions: [],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userFlow = await createFlow({ userId: user.id });
+      const anotherUserFlow = await createFlow();
+
+      expect(await userWithRoleAndPermissions.authorizedFlows).toStrictEqual([
+        userFlow,
+        anotherUserFlow,
+      ]);
+    });
+
+    it('should throw an authorization error without Flow read permission', async () => {
+      const user = new User();
+
+      expect(() => user.authorizedFlows).toThrowError(
+        'The user is not authorized!'
+      );
+    });
+  });
+
+  describe('authorizedSteps', () => {
+    it('should return user steps with isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Flow',
+        action: 'read',
+        conditions: ['isCreator'],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userFlow = await createFlow({ userId: user.id });
+      const userFlowStep = await createStep({ flowId: userFlow.id });
+      const anotherUserFlow = await createFlow();
+      await createStep({ flowId: anotherUserFlow.id });
+
+      expect(await userWithRoleAndPermissions.authorizedSteps).toStrictEqual([
+        userFlowStep,
+      ]);
+    });
+
+    it('should return all steps without isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Flow',
+        action: 'read',
+        conditions: [],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userFlow = await createFlow({ userId: user.id });
+      const userFlowStep = await createStep({ flowId: userFlow.id });
+      const anotherUserFlow = await createFlow();
+      const anotherUserFlowStep = await createStep({
+        flowId: anotherUserFlow.id,
+      });
+
+      expect(await userWithRoleAndPermissions.authorizedSteps).toStrictEqual([
+        userFlowStep,
+        anotherUserFlowStep,
+      ]);
+    });
+
+    it('should throw an authorization error without Flow read permission', async () => {
+      const user = new User();
+
+      expect(() => user.authorizedSteps).toThrowError(
+        'The user is not authorized!'
+      );
+    });
+  });
+
+  describe('authorizedConnections', () => {
+    it('should return user connections with isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Connection',
+        action: 'read',
+        conditions: ['isCreator'],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userConnection = await createConnection({ userId: user.id });
+      await createConnection();
+
+      expect(
+        await userWithRoleAndPermissions.authorizedConnections
+      ).toStrictEqual([userConnection]);
+    });
+
+    it('should return all connections without isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Connection',
+        action: 'read',
+        conditions: [],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userConnection = await createConnection({ userId: user.id });
+      const anotherUserConnection = await createConnection();
+
+      expect(
+        await userWithRoleAndPermissions.authorizedConnections
+      ).toStrictEqual([userConnection, anotherUserConnection]);
+    });
+
+    it('should throw an authorization error without Connection read permission', async () => {
+      const user = new User();
+
+      expect(() => user.authorizedConnections).toThrowError(
+        'The user is not authorized!'
+      );
+    });
+  });
+
+  describe('authorizedExecutions', () => {
+    it('should return user executions with isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Execution',
+        action: 'read',
+        conditions: ['isCreator'],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userFlow = await createFlow({ userId: user.id });
+      const userFlowExecution = await createExecution({ flowId: userFlow.id });
+      await createExecution();
+
+      expect(
+        await userWithRoleAndPermissions.authorizedExecutions
+      ).toStrictEqual([userFlowExecution]);
+    });
+
+    it('should return all executions without isCreator condition', async () => {
+      const userRole = await createRole({ name: 'User' });
+
+      await createPermission({
+        roleId: userRole.id,
+        subject: 'Execution',
+        action: 'read',
+        conditions: [],
+      });
+
+      const user = await createUser({ roleId: userRole.id });
+
+      const userWithRoleAndPermissions = await user
+        .$query()
+        .withGraphFetched({ role: true, permissions: true });
+
+      const userFlow = await createFlow({ userId: user.id });
+      const userFlowExecution = await createExecution({ flowId: userFlow.id });
+      const anotherUserFlowExecution = await createExecution();
+
+      expect(
+        await userWithRoleAndPermissions.authorizedExecutions
+      ).toStrictEqual([userFlowExecution, anotherUserFlowExecution]);
+    });
+
+    it('should throw an authorization error without Execution read permission', async () => {
+      const user = new User();
+
+      expect(() => user.authorizedExecutions).toThrowError(
+        'The user is not authorized!'
+      );
+    });
+  });
+
+  describe('login', () => {
+    it('should return true when the given password matches with the user password', async () => {
+      const user = await createUser({ password: 'sample-password' });
+
+      expect(await user.login('sample-password')).toBe(true);
+    });
+
+    it('should return false when the given password does not match with the user password', async () => {
+      const user = await createUser({ password: 'sample-password' });
+
+      expect(await user.login('wrong-password')).toBe(false);
+    });
+  });
+
+  it('generateResetPasswordToken should persist a random reset password token with the current date', async () => {
+    vi.useFakeTimers();
+
+    const date = new Date(2024, 10, 11, 15, 17, 0, 0);
+    vi.setSystemTime(date);
+
+    const user = await createUser({
+      resetPasswordToken: null,
+      resetPasswordTokenSentAt: null,
+    });
+
+    await user.generateResetPasswordToken();
+
+    const refetchedUser = await user.$query();
+
+    expect(refetchedUser.resetPasswordToken.length).toBe(128);
+    expect(refetchedUser.resetPasswordTokenSentAt).toStrictEqual(date);
+
+    vi.useRealTimers();
+  });
+
+  it('generateInvitationToken should persist a random invitation token with the current date', async () => {
+    vi.useFakeTimers();
+
+    const date = new Date(2024, 10, 11, 15, 26, 0, 0);
+    vi.setSystemTime(date);
+
+    const user = await createUser({
+      invitationToken: null,
+      invitationTokenSentAt: null,
+    });
+
+    await user.generateInvitationToken();
+
+    const refetchedUser = await user.$query();
+
+    expect(refetchedUser.invitationToken.length).toBe(128);
+    expect(refetchedUser.invitationTokenSentAt).toStrictEqual(date);
+
+    vi.useRealTimers();
+  });
+
+  it('resetPassword should persist given password and remove reset password token', async () => {
+    const user = await createUser({
+      resetPasswordToken: 'reset-password-token',
+      resetPasswordTokenSentAt: '2024-11-11T12:26:00.000Z',
+    });
+
+    await user.resetPassword('new-password');
+
+    const refetchedUser = await user.$query();
+
+    expect(refetchedUser.resetPasswordToken).toBe(null);
+    expect(refetchedUser.resetPasswordTokenSentAt).toBe(null);
+    expect(await refetchedUser.login('new-password')).toBe(true);
+  });
+
+  it('acceptInvitation should persist given password, set user active and remove invitation token', async () => {
+    const user = await createUser({
+      invitationToken: 'invitation-token',
+      invitationTokenSentAt: '2024-11-11T12:26:00.000Z',
+      status: 'invited',
+    });
+
+    await user.acceptInvitation('new-password');
+
+    const refetchedUser = await user.$query();
+
+    expect(refetchedUser.invitationToken).toBe(null);
+    expect(refetchedUser.invitationTokenSentAt).toBe(null);
+    expect(refetchedUser.status).toBe('active');
+  });
+});

packages/backend/src/serializers/action.test.js

@@ -16,6 +16,6 @@ describe('actionSerializer', () => {
       type: action.type,
     };
 
-    expect(actionSerializer(action)).toEqual(expectedPayload);
+    expect(expectedPayload).toMatchObject(actionSerializer(action));
   });
 });

packages/backend/src/serializers/admin-saml-auth-provider.ee.test.js

@@ -25,7 +25,7 @@ describe('adminSamlAuthProviderSerializer', () => {
       defaultRoleId: samlAuthProvider.defaultRoleId,
     };
 
-    expect(adminSamlAuthProviderSerializer(samlAuthProvider)).toEqual(
+    expect(adminSamlAuthProviderSerializer(samlAuthProvider)).toStrictEqual(
       expectedPayload
     );
   });

packages/backend/src/serializers/admin/user.test.js

@@ -12,7 +12,7 @@ describe('adminUserSerializer', () => {
   it('should return user data with accept invitation url', async () => {
     const serializedUser = adminUserSerializer(user);
 
-    expect(serializedUser.acceptInvitationUrl).toEqual(
+    expect(serializedUser.acceptInvitationUrl).toStrictEqual(
       user.acceptInvitationUrl
     );
   });

packages/backend/src/serializers/app-auth-client.test.js

@@ -17,6 +17,8 @@ describe('appAuthClient serializer', () => {
       active: appAuthClient.active,
     };
 
-    expect(appAuthClientSerializer(appAuthClient)).toEqual(expectedPayload);
+    expect(appAuthClientSerializer(appAuthClient)).toStrictEqual(
+      expectedPayload
+    );
   });
 });

packages/backend/src/serializers/app-config.js

@@ -1,12 +1,10 @@
 const appConfigSerializer = (appConfig) => {
   return {
-    id: appConfig.id,
     key: appConfig.key,
-    allowCustomConnection: appConfig.allowCustomConnection,
+    customConnectionAllowed: appConfig.customConnectionAllowed,
     shared: appConfig.shared,
     disabled: appConfig.disabled,
-    canConnect: appConfig.canConnect,
+    connectionAllowed: appConfig.connectionAllowed,
-    canCustomConnect: appConfig.canCustomConnect,
     createdAt: appConfig.createdAt.getTime(),
     updatedAt: appConfig.updatedAt.getTime(),
   };

packages/backend/src/serializers/app-config.test.js

@@ -11,17 +11,15 @@ describe('appConfig serializer', () => {
 
   it('should return app config data', async () => {
     const expectedPayload = {
-      id: appConfig.id,
       key: appConfig.key,
-      allowCustomConnection: appConfig.allowCustomConnection,
+      customConnectionAllowed: appConfig.customConnectionAllowed,
       shared: appConfig.shared,
       disabled: appConfig.disabled,
-      canConnect: appConfig.canConnect,
+      connectionAllowed: appConfig.connectionAllowed,
-      canCustomConnect: appConfig.canCustomConnect,
       createdAt: appConfig.createdAt.getTime(),
       updatedAt: appConfig.updatedAt.getTime(),
     };
 
-    expect(appConfigSerializer(appConfig)).toEqual(expectedPayload);
+    expect(appConfigSerializer(appConfig)).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/serializers/app.test.js

@@ -15,6 +15,6 @@ describe('appSerializer', () => {
       primaryColor: app.primaryColor,
     };
 
-    expect(appSerializer(app)).toEqual(expectedPayload);
+    expect(appSerializer(app)).toStrictEqual(expectedPayload);
   });
 });

packages/backend/src/serializers/auth.test.js

@@ -12,6 +12,6 @@ describe('authSerializer', () => {
       reconnectionSteps: auth.reconnectionSteps,
     };
 
-    expect(authSerializer(auth)).toEqual(expectedPayload);
+    expect(authSerializer(auth)).toStrictEqual(expectedPayload);
   });
 });