feat(formatter): add decode html entities action

fix: expose missing createdAt and updatedAt fields from flow

.devcontainer/boot.sh

@@ -28,7 +28,7 @@ cd packages/web
 rm -rf .env
 echo "
 PORT=$WEB_PORT
-REACT_APP_GRAPHQL_URL=http://localhost:$BACKEND_PORT/graphql
+REACT_APP_BACKEND_URL=http://localhost:$BACKEND_PORT
 " >> .env
 cd $CURRENT_DIR
 

.devcontainer/devcontainer.json

@@ -8,7 +8,7 @@
       "version": "latest"
     },
     "ghcr.io/devcontainers/features/node:1": {
-      "version": 16
+      "version": 18
     },
     "ghcr.io/devcontainers/features/common-utils:1": {
       "username": "vscode",

.eslintrc.js

@@ -1,18 +0,0 @@
-module.exports = {
-  root: true,
-  parser: '@typescript-eslint/parser',
-  plugins: ['@typescript-eslint'],
-  extends: [
-    'eslint:recommended',
-    'plugin:@typescript-eslint/recommended',
-    'prettier',
-  ],
-  overrides: [
-    {
-      files: ['**/*.test.ts', '**/test/**/*.ts'],
-      rules: {
-        '@typescript-eslint/ban-ts-comment': ['off'],
-      },
-    },
-  ],
-};

.github/workflows/ci.yml

@@ -22,7 +22,7 @@ jobs:
       - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
       - run: echo "🖥️ The workflow is now ready to test your code on the runner."
       - run: yarn --frozen-lockfile
-      - run: yarn lint
+      - run: cd packages/backend && yarn lint
       - run: echo "🍏 This job's status is ${{ job.status }}."
   start-backend-server:
     runs-on: ubuntu-latest

.github/workflows/docs-change.yml

@@ -0,0 +1,32 @@
+name: Automatisch Docs Change
+on:
+  pull_request:
+    paths:
+      - 'packages/docs/**'
+jobs:
+  label:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Label PR
+        uses: actions/github-script@v6
+        with:
+          script: |
+            const { pull_request } = context.payload;
+
+            const label = 'documentation-change';
+            const hasLabel = pull_request.labels.some(({ name }) => name === label);
+
+            if (!hasLabel) {
+              await github.rest.issues.addLabels({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: pull_request.number,
+                labels: [label],
+              });
+
+              console.log(`Label "${label}" added to PR #${pull_request.number}`);
+            } else {
+              console.log(`Label "${label}" already exists on PR #${pull_request.number}`);
+            }

.github/workflows/playwright.yml

@@ -62,8 +62,9 @@ jobs:
         run: yarn && yarn lerna bootstrap
       - name: Install Playwright Browsers
         run: yarn playwright install --with-deps
-      - name: Build Automatisch
-        run: yarn lerna run --scope=@*/{web,cli} build
+      - name: Build Automatisch web
+        working-directory: ./packages/web
+        run: yarn build
         env:
           # Keep this until we clean up warnings in build processes
           CI: false

package.json

@@ -6,7 +6,6 @@
     "start": "lerna run --stream --parallel --scope=@*/{web,backend} dev",
     "start:web": "lerna run --stream --scope=@*/web dev",
     "start:backend": "lerna run --stream --scope=@*/backend dev",
-    "lint": "lerna run --no-bail --stream --parallel --scope=@*/{web,backend} lint",
     "build:docs": "cd ./packages/docs && yarn install && yarn build"
   },
   "workspaces": {
@@ -21,8 +20,6 @@
     ]
   },
   "devDependencies": {
-    "@typescript-eslint/eslint-plugin": "^5.9.1",
-    "@typescript-eslint/parser": "^5.9.1",
     "eslint": "^8.13.0",
     "eslint-config-prettier": "^8.3.0",
     "eslint-plugin-prettier": "^4.0.0",

packages/backend/package.json

@@ -11,7 +11,7 @@
     "start:worker": "node src/worker.js",
     "pretest": "APP_ENV=test node ./test/setup/prepare-test-env.js",
     "test": "APP_ENV=test vitest run",
-    "lint": "eslint . --ignore-path ../../.eslintignore",
+    "lint": "eslint .",
     "db:create": "node ./bin/database/create.js",
     "db:seed:user": "node ./bin/database/seed-user.js",
     "db:drop": "node ./bin/database/drop.js",
@@ -33,20 +33,20 @@
     "axios": "1.6.0",
     "bcrypt": "^5.0.1",
     "bullmq": "^3.0.0",
-    "copyfiles": "^2.4.1",
     "cors": "^2.8.5",
     "crypto-js": "^4.1.1",
     "debug": "~2.6.9",
     "dotenv": "^10.0.0",
     "express": "~4.18.2",
+    "express-async-handler": "^1.2.0",
     "express-basic-auth": "^1.2.1",
     "express-graphql": "^0.12.0",
     "fast-xml-parser": "^4.0.11",
     "graphql-middleware": "^6.1.15",
     "graphql-shield": "^7.5.0",
     "graphql-tools": "^8.2.0",
-    "graphql-type-json": "^0.3.2",
     "handlebars": "^4.7.7",
+    "he": "^1.2.0",
     "http-errors": "~1.6.3",
     "http-proxy-agent": "^7.0.0",
     "https-proxy-agent": "^7.0.1",
@@ -68,7 +68,6 @@
     "pluralize": "^8.0.0",
     "raw-body": "^2.5.2",
     "showdown": "^2.1.0",
-    "stripe": "^11.13.0",
     "winston": "^3.7.1",
     "xmlrpc": "^1.3.2"
   },

packages/backend/src/apps/datastore/actions/get-value/index.js

@@ -0,0 +1,27 @@
+import defineAction from '../../../../helpers/define-action.js';
+
+export default defineAction({
+  name: 'Get value',
+  key: 'getValue',
+  description: 'Get value from the persistent datastore.',
+  arguments: [
+    {
+      label: 'Key',
+      key: 'key',
+      type: 'string',
+      required: true,
+      description: 'The key of your value to get.',
+      variables: true,
+    },
+  ],
+
+  async run($) {
+    const keyValuePair = await $.datastore.get({
+      key: $.step.parameters.key,
+    });
+
+    $.setActionItem({
+      raw: keyValuePair,
+    });
+  },
+});

packages/backend/src/apps/datastore/actions/index.js

@@ -0,0 +1,4 @@
+import getValue from './get-value/index.js';
+import setValue from './set-value/index.js';
+
+export default [getValue, setValue];

packages/backend/src/apps/datastore/actions/set-value/index.js

@@ -0,0 +1,36 @@
+import defineAction from '../../../../helpers/define-action.js';
+
+export default defineAction({
+  name: 'Set value',
+  key: 'setValue',
+  description: 'Set value to the persistent datastore.',
+  arguments: [
+    {
+      label: 'Key',
+      key: 'key',
+      type: 'string',
+      required: true,
+      description: 'The key of your value to set.',
+      variables: true,
+    },
+    {
+      label: 'Value',
+      key: 'value',
+      type: 'string',
+      required: true,
+      description: 'The value to set.',
+      variables: true,
+    },
+  ],
+
+  async run($) {
+    const keyValuePair = await $.datastore.set({
+      key: $.step.parameters.key,
+      value: $.step.parameters.value,
+    });
+
+    $.setActionItem({
+      raw: keyValuePair,
+    });
+  },
+});

packages/backend/src/apps/datastore/assets/favicon.svg

@@ -0,0 +1,13 @@
+<?xml version="1.0"?>
+<svg xmlns="http://www.w3.org/2000/svg" fill="#000000" width="800px" height="800px" viewBox="0 0 32 32" id="icon">
+  <defs>
+    <style>.cls-1{fill:none;}</style>
+  </defs>
+  <title>datastore</title>
+  <circle cx="23" cy="23" r="1"/>
+  <rect x="8" y="22" width="12" height="2"/>
+  <circle cx="23" cy="9" r="1"/>
+  <rect x="8" y="8" width="12" height="2"/>
+  <path d="M26,14a2,2,0,0,0,2-2V6a2,2,0,0,0-2-2H6A2,2,0,0,0,4,6v6a2,2,0,0,0,2,2H8v4H6a2,2,0,0,0-2,2v6a2,2,0,0,0,2,2H26a2,2,0,0,0,2-2V20a2,2,0,0,0-2-2H24V14ZM6,6H26v6H6ZM26,26H6V20H26Zm-4-8H10V14H22Z"/>
+  <rect id="_Transparent_Rectangle_" data-name="&lt;Transparent Rectangle&gt;" class="cls-1" width="32" height="32"/>
+</svg>

packages/backend/src/apps/datastore/index.js

@@ -0,0 +1,14 @@
+import defineApp from '../../helpers/define-app.js';
+import actions from './actions/index.js';
+
+export default defineApp({
+  name: 'Datastore',
+  key: 'datastore',
+  iconUrl: '{BASE_URL}/apps/datastore/assets/favicon.svg',
+  authDocUrl: 'https://automatisch.io/docs/apps/datastore/connection',
+  supportsConnections: false,
+  baseUrl: '',
+  apiBaseUrl: '',
+  primaryColor: '001F52',
+  actions,
+});

packages/backend/src/apps/formatter/actions/text/index.js

@@ -1,6 +1,8 @@
 import defineAction from '../../../../helpers/define-action.js';
 
+import base64ToString from './transformers/base64-to-string.js';
 import capitalize from './transformers/capitalize.js';
+import decodeHtmlEntities from './transformers/decode-html-entities.js';
 import extractEmailAddress from './transformers/extract-email-address.js';
 import extractNumber from './transformers/extract-number.js';
 import htmlToMarkdown from './transformers/html-to-markdown.js';
@@ -8,11 +10,14 @@ import lowercase from './transformers/lowercase.js';
 import markdownToHtml from './transformers/markdown-to-html.js';
 import pluralize from './transformers/pluralize.js';
 import replace from './transformers/replace.js';
+import stringToBase64 from './transformers/string-to-base64.js';
 import trimWhitespace from './transformers/trim-whitespace.js';
 import useDefaultValue from './transformers/use-default-value.js';
 
 const transformers = {
+  base64ToString,
   capitalize,
+  decodeHtmlEntities,
   extractEmailAddress,
   extractNumber,
   htmlToMarkdown,
@@ -20,6 +25,7 @@ const transformers = {
   markdownToHtml,
   pluralize,
   replace,
+  stringToBase64,
   trimWhitespace,
   useDefaultValue,
 };
@@ -37,7 +43,9 @@ export default defineAction({
       required: true,
       variables: true,
       options: [
+        { label: 'Base64 to String', value: 'base64ToString' },
         { label: 'Capitalize', value: 'capitalize' },
+        { label: 'Decode HTML Entities', value: 'decodeHtmlEntities' },
         { label: 'Convert HTML to Markdown', value: 'htmlToMarkdown' },
         { label: 'Convert Markdown to HTML', value: 'markdownToHtml' },
         { label: 'Extract Email Address', value: 'extractEmailAddress' },
@@ -45,6 +53,7 @@ export default defineAction({
         { label: 'Lowercase', value: 'lowercase' },
         { label: 'Pluralize', value: 'pluralize' },
         { label: 'Replace', value: 'replace' },
+        { label: 'String to Base64', value: 'stringToBase64' },
         { label: 'Trim Whitespace', value: 'trimWhitespace' },
         { label: 'Use Default Value', value: 'useDefaultValue' },
       ],

packages/backend/src/apps/formatter/actions/text/transformers/base64-to-string.js

@@ -0,0 +1,8 @@
+const base64ToString = ($) => {
+  const input = $.step.parameters.input;
+  const decodedString = Buffer.from(input, 'base64').toString('utf8');
+
+  return decodedString;
+};
+
+export default base64ToString;

packages/backend/src/apps/formatter/actions/text/transformers/decode-html-entities.js

@@ -0,0 +1,8 @@
+import he from 'he';
+
+const decodeHtmlEntities = ($) => {
+  const input = $.step.parameters.input;
+  return he.decode(input);
+};
+
+export default decodeHtmlEntities;

packages/backend/src/apps/formatter/actions/text/transformers/string-to-base64.js

@@ -0,0 +1,8 @@
+const stringtoBase64 = ($) => {
+  const input = $.step.parameters.input;
+  const base64String = Buffer.from(input).toString('base64');
+
+  return base64String;
+};
+
+export default stringtoBase64;

packages/backend/src/apps/formatter/dynamic-fields/list-transform-options/index.js

@@ -1,4 +1,6 @@
+import base64ToString from './text/base64-to-string.js';
 import capitalize from './text/capitalize.js';
+import decodeHtmlEntities from './text/decode-html-entities.js';
 import extractEmailAddress from './text/extract-email-address.js';
 import extractNumber from './text/extract-number.js';
 import htmlToMarkdown from './text/html-to-markdown.js';
@@ -6,6 +8,7 @@ import lowercase from './text/lowercase.js';
 import markdownToHtml from './text/markdown-to-html.js';
 import pluralize from './text/pluralize.js';
 import replace from './text/replace.js';
+import stringToBase64 from './text/string-to-base64.js';
 import trimWhitespace from './text/trim-whitespace.js';
 import useDefaultValue from './text/use-default-value.js';
 import performMathOperation from './numbers/perform-math-operation.js';
@@ -15,7 +18,9 @@ import formatPhoneNumber from './numbers/format-phone-number.js';
 import formatDateTime from './date-time/format-date-time.js';
 
 const options = {
+  base64ToString,
   capitalize,
+  decodeHtmlEntities,
   extractEmailAddress,
   extractNumber,
   htmlToMarkdown,
@@ -23,6 +28,7 @@ const options = {
   markdownToHtml,
   pluralize,
   replace,
+  stringToBase64,
   trimWhitespace,
   useDefaultValue,
   performMathOperation,

packages/backend/src/apps/formatter/dynamic-fields/list-transform-options/text/base64-to-string.js

@@ -0,0 +1,12 @@
+const base64ToString = [
+  {
+    label: 'Input',
+    key: 'input',
+    type: 'string',
+    required: true,
+    description: 'Text that will be converted from Base64 to string.',
+    variables: true,
+  },
+];
+
+export default base64ToString;

packages/backend/src/apps/formatter/dynamic-fields/list-transform-options/text/decode-html-entities.js

@@ -0,0 +1,12 @@
+const decodeHtmlEntities = [
+  {
+    label: 'Input',
+    key: 'input',
+    type: 'string',
+    required: true,
+    description: 'Text that will be decoded.',
+    variables: true,
+  },
+];
+
+export default decodeHtmlEntities;

packages/backend/src/apps/formatter/dynamic-fields/list-transform-options/text/string-to-base64.js

@@ -0,0 +1,12 @@
+const stringToBase64 = [
+  {
+    label: 'Input',
+    key: 'input',
+    type: 'string',
+    required: true,
+    description: 'Text that will be converted to Base64.',
+    variables: true,
+  },
+];
+
+export default stringToBase64;

packages/backend/src/apps/helix/actions/new-chat/index.js

@@ -1,4 +1,3 @@
-import FormData from 'form-data';
 import defineAction from '../../../../helpers/define-action.js';
 
 export default defineAction({
@@ -6,45 +5,51 @@ export default defineAction({
   key: 'newChat',
   description: 'Create a new chat session for Helix AI.',
   arguments: [
+    {
+      label: 'Session ID',
+      key: 'sessionId',
+      type: 'string',
+      required: false,
+      description:
+        'ID of the chat session to continue. Leave empty to start a new chat.',
+      variables: true,
+    },
+    {
+      label: 'System Prompt',
+      key: 'systemPrompt',
+      type: 'string',
+      required: false,
+      description:
+        'Optional system prompt to start the chat with. It will be used only for new chat sessions.',
+      variables: true,
+    },
     {
       label: 'Input',
       key: 'input',
       type: 'string',
       required: true,
-      description: 'Prompt to start the chat with.',
+      description: 'User input to start the chat with.',
       variables: true,
     },
   ],
 
   async run($) {
-    const formData = new FormData();
-    formData.append('input', $.step.parameters.input);
-    formData.append('mode', 'inference');
-    formData.append('type', 'text');
-
-    const sessionResponse = await $.http.post('/api/v1/sessions', formData, {
-      headers: {
-        ...formData.getHeaders(),
-      },
+    const response = await $.http.post('/api/v1/sessions/chat', {
+      session_id: $.step.parameters.sessionId,
+      system: $.step.parameters.systemPrompt,
+      messages: [
+        {
+          role: 'user',
+          content: {
+            content_type: 'text',
+            parts: [$.step.parameters.input],
+          },
+        },
+      ],
     });
 
-    const sessionId = sessionResponse.data.id;
-
-    let chatGenerated = false;
-
-    while (!chatGenerated) {
-      const response = await $.http.get(`/api/v1/sessions/${sessionId}`);
-
-      const message =
-        response.data.interactions[response.data.interactions.length - 1];
-
-      if (message.creator === 'system' && message.state === 'complete') {
-        $.setActionItem({
-          raw: message,
-        });
-
-        chatGenerated = true;
-      }
-    }
+    $.setActionItem({
+      raw: response.data,
+    });
   },
 });

packages/backend/src/apps/http-request/actions/custom-request/index.js

@@ -90,7 +90,7 @@ export default defineAction({
 
   async run($) {
     const method = $.step.parameters.method;
-    const data = $.step.parameters.data;
+    const data = $.step.parameters.data || null;
     const url = $.step.parameters.url;
     const headers = $.step.parameters.headers;
 
@@ -108,14 +108,17 @@ export default defineAction({
       return result;
     }, {});
 
-    let contentType = headersObject['content-type'];
+    let expectedResponseContentType = headersObject.accept;
 
     // in case HEAD request is not supported by the URL
     try {
       const metadataResponse = await $.http.head(url, {
         headers: headersObject,
       });
-      contentType = metadataResponse.headers['content-type'];
+
+      if (!expectedResponseContentType) {
+        expectedResponseContentType = metadataResponse.headers['content-type'];
+      }
 
       throwIfFileSizeExceedsLimit(metadataResponse.headers['content-length']);
       // eslint-disable-next-line no-empty
@@ -128,7 +131,7 @@ export default defineAction({
       headers: headersObject,
     };
 
-    if (!isPossiblyTextBased(contentType)) {
+    if (!isPossiblyTextBased(expectedResponseContentType)) {
       requestData.responseType = 'arraybuffer';
     }
 
@@ -138,7 +141,7 @@ export default defineAction({
 
     let responseData = response.data;
 
-    if (!isPossiblyTextBased(contentType)) {
+    if (!isPossiblyTextBased(expectedResponseContentType)) {
       responseData = Buffer.from(responseData).toString('base64');
     }
 

packages/backend/src/apps/pipedrive/actions/create-deal/index.js

@@ -64,32 +64,17 @@ export default defineAction({
       value: '1',
       description:
         'The ID of the stage this deal will be added to. If omitted, the deal will be placed in the first stage of the default pipeline.',
-      options: [
-        {
-          label: 'Qualified (Pipeline)',
-          value: 1,
-        },
-        {
-          label: 'Contact Made (Pipeline)',
-          value: 2,
-        },
-        {
-          label: 'Prospect Qualified (Pipeline)',
-          value: 3,
-        },
-        {
-          label: 'Needs Defined (Pipeline)',
-          value: 4,
-        },
-        {
-          label: 'Proposal Made (Pipeline)',
-          value: 5,
-        },
-        {
-          label: 'Negotiations Started (Pipeline)',
-          value: 6,
-        },
-      ],
+      variables: true,
+      source: {
+        type: 'query',
+        name: 'getDynamicData',
+        arguments: [
+          {
+            name: 'key',
+            value: 'listStages',
+          },
+        ],
+      },
     },
     {
       label: 'Owner',

packages/backend/src/apps/pipedrive/dynamic-data/index.js

@@ -1,23 +1,25 @@
 import listActivityTypes from './list-activity-types/index.js';
 import listCurrencies from './list-currencies/index.js';
 import listDeals from './list-deals/index.js';
-import listLeads from './list-leads/index.js';
 import listLeadLabels from './list-lead-labels/index.js';
-import listOrganizations from './list-organizations/index.js';
+import listLeads from './list-leads/index.js';
 import listOrganizationLabelField from './list-organization-label-field/index.js';
+import listOrganizations from './list-organizations/index.js';
 import listPersonLabelField from './list-person-label-field/index.js';
 import listPersons from './list-persons/index.js';
+import listStages from './list-stages/index.js';
 import listUsers from './list-users/index.js';
 
 export default [
   listActivityTypes,
   listCurrencies,
   listDeals,
-  listLeads,
   listLeadLabels,
-  listOrganizations,
+  listLeads,
   listOrganizationLabelField,
+  listOrganizations,
   listPersonLabelField,
   listPersons,
+  listStages,
   listUsers,
 ];

packages/backend/src/apps/pipedrive/dynamic-data/list-stages/index.js

@@ -0,0 +1,23 @@
+export default {
+  name: 'List stages',
+  key: 'listStages',
+
+  async run($) {
+    const stages = {
+      data: [],
+    };
+
+    const { data } = await $.http.get('/api/v1/stages');
+
+    if (data.data?.length) {
+      for (const stage of data.data) {
+        stages.data.push({
+          value: stage.id,
+          name: stage.name,
+        });
+      }
+    }
+
+    return stages;
+  },
+};

packages/backend/src/apps/webhook/actions/index.js

@@ -0,0 +1,3 @@
+import respondWith from './respond-with/index.js';
+
+export default [respondWith];

packages/backend/src/apps/webhook/actions/respond-with/index.js

@@ -0,0 +1,69 @@
+import defineAction from '../../../../helpers/define-action.js';
+
+export default defineAction({
+  name: 'Respond with',
+  key: 'respondWith',
+  description: 'Respond with defined JSON body.',
+  arguments: [
+    {
+      label: 'Status code',
+      key: 'statusCode',
+      type: 'string',
+      required: true,
+      variables: true,
+      value: '200',
+    },
+    {
+      label: 'Headers',
+      key: 'headers',
+      type: 'dynamic',
+      required: false,
+      description: 'Add or remove headers as needed',
+      fields: [
+        {
+          label: 'Key',
+          key: 'key',
+          type: 'string',
+          required: true,
+          description: 'Header key',
+          variables: true,
+        },
+        {
+          label: 'Value',
+          key: 'value',
+          type: 'string',
+          required: true,
+          description: 'Header value',
+          variables: true,
+        },
+      ],
+    },
+    {
+      label: 'Body',
+      key: 'body',
+      type: 'string',
+      required: true,
+      description: 'The content of the response body.',
+      variables: true,
+    },
+  ],
+
+  async run($) {
+    const statusCode = parseInt($.step.parameters.statusCode, 10);
+    const body = $.step.parameters.body;
+    const headers = $.step.parameters.headers.reduce((result, entry) => {
+      return {
+        ...result,
+        [entry.key]: entry.value,
+      };
+    }, {});
+
+    $.setActionItem({
+      raw: {
+        headers,
+        body,
+        statusCode,
+      },
+    });
+  },
+});

packages/backend/src/apps/webhook/index.js

@@ -1,4 +1,5 @@
 import defineApp from '../../helpers/define-app.js';
+import actions from './actions/index.js';
 import triggers from './triggers/index.js';
 
 export default defineApp({
@@ -10,5 +11,6 @@ export default defineApp({
   baseUrl: '',
   apiBaseUrl: '',
   primaryColor: '0059F7',
+  actions,
   triggers,
 });

packages/backend/src/apps/webhook/triggers/catch-raw-webhook/index.js

@@ -7,7 +7,20 @@ export default defineTrigger({
   key: 'catchRawWebhook',
   type: 'webhook',
   showWebhookUrl: true,
-  description: 'Triggers when the webhook receives a request.',
+  description:
+    'Triggers (immediately if configured) when the webhook receives a request.',
+  arguments: [
+    {
+      label: 'Wait until flow is done',
+      key: 'workSynchronously',
+      type: 'dropdown',
+      required: true,
+      options: [
+        { label: 'Yes', value: true },
+        { label: 'No', value: false },
+      ],
+    },
+  ],
 
   async run($) {
     const dataItem = {

packages/backend/src/config/app.js

@@ -18,7 +18,9 @@ const port = process.env.PORT || '3000';
 const serveWebAppSeparately =
   process.env.SERVE_WEB_APP_SEPARATELY === 'true' ? true : false;
 
-let apiUrl = new URL(`${protocol}://${host}:${port}`).toString();
+let apiUrl = new URL(
+  process.env.API_URL || `${protocol}://${host}:${port}`
+).toString();
 apiUrl = apiUrl.substring(0, apiUrl.length - 1);
 
 // use apiUrl by default, which has less priority over the following cases
@@ -88,6 +90,10 @@ const appConfig = {
   licenseKey: process.env.LICENSE_KEY,
   sentryDsn: process.env.SENTRY_DSN,
   CI: process.env.CI === 'true',
+  disableNotificationsPage: process.env.DISABLE_NOTIFICATIONS_PAGE === 'true',
+  disableFavicon: process.env.DISABLE_FAVICON === 'true',
+  additionalDrawerLink: process.env.ADDITIONAL_DRAWER_LINK,
+  additionalDrawerLinkText: process.env.ADDITIONAL_DRAWER_LINK_TEXT,
 };
 
 if (!appConfig.encryptionKey) {

packages/backend/src/controllers/api/v1/access-tokens/create-access-token.js

@@ -0,0 +1,13 @@
+import User from '../../../../models/user.js';
+import { renderObject, renderError } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const { email, password } = request.body;
+  const token = await User.authenticate(email, password);
+
+  if (token) {
+    return renderObject(response, { token });
+  }
+
+  renderError(response, [{ general: ['Incorrect email or password.'] }]);
+};

packages/backend/src/controllers/api/v1/access-tokens/create-access-token.test.js

@@ -0,0 +1,39 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import { createUser } from '../../../../../test/factories/user';
+
+describe('POST /api/v1/access-tokens', () => {
+  beforeEach(async () => {
+    await createUser({
+      email: 'user@automatisch.io',
+      password: 'password',
+    });
+  });
+
+  it('should return the token data with correct credentials', async () => {
+    const response = await request(app)
+      .post('/api/v1/access-tokens')
+      .send({
+        email: 'user@automatisch.io',
+        password: 'password',
+      })
+      .expect(200);
+
+    expect(response.body.data.token.length).toBeGreaterThan(0);
+  });
+
+  it('should return error with incorrect credentials', async () => {
+    const response = await request(app)
+      .post('/api/v1/access-tokens')
+      .send({
+        email: 'incorrect@email.com',
+        password: 'incorrectpassword',
+      })
+      .expect(422);
+
+    expect(response.body.errors.general).toEqual([
+      'Incorrect email or password.',
+    ]);
+  });
+});

packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.js

@@ -0,0 +1,11 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClient = await AppAuthClient.query()
+    .findById(request.params.appAuthClientId)
+    .where({ app_key: request.params.appKey })
+    .throwIfNotFound();
+
+  renderObject(response, appAuthClient);
+};

packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.test.js

@@ -0,0 +1,55 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import getAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/get-auth-client.js';
+import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/apps/:appKey/auth-clients/:appAuthClientId', () => {
+  let currentUser, adminRole, currentAppAuthClient, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    currentAppAuthClient = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client', async () => {
+    const response = await request(app)
+      .get(`/api/v1/admin/apps/deepl/auth-clients/${currentAppAuthClient.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing app auth client ID', async () => {
+    const notExistingAppAuthClientUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(
+        `/api/v1/admin/apps/deepl/auth-clients/${notExistingAppAuthClientUUID}`
+      )
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await request(app)
+      .get('/api/v1/admin/apps/deepl/auth-clients/invalidAppAuthClientUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.js

@@ -0,0 +1,10 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClients = await AppAuthClient.query()
+    .where({ app_key: request.params.appKey })
+    .orderBy('created_at', 'desc');
+
+  renderObject(response, appAuthClients);
+};

packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.test.js

@@ -0,0 +1,44 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import getAuthClientsMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/get-auth-clients.js';
+import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/apps/:appKey/auth-clients', () => {
+  let currentUser, adminRole, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client info', async () => {
+    const appAuthClientOne = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const appAuthClientTwo = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const response = await request(app)
+      .get('/api/v1/admin/apps/deepl/auth-clients')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAuthClientsMock([
+      appAuthClientTwo,
+      appAuthClientOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/permissions/get-permissions-catalog.ee.js

@@ -0,0 +1,6 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import permissionCatalog from '../../../../../helpers/permission-catalog.ee.js';
+
+export default async (request, response) => {
+  renderObject(response, permissionCatalog);
+};

packages/backend/src/controllers/api/v1/admin/permissions/get-permissions-catalog.ee.test.js

@@ -0,0 +1,32 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import getPermissionsCatalogMock from '../../../../../../test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/permissions/catalog', () => {
+  let role, currentUser, token;
+
+  beforeEach(async () => {
+    role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return roles', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/permissions/catalog')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getPermissionsCatalogMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.js

@@ -0,0 +1,16 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const role = await Role.query()
+    .leftJoinRelated({
+      permissions: true,
+    })
+    .withGraphFetched({
+      permissions: true,
+    })
+    .findById(request.params.roleId)
+    .throwIfNotFound();
+
+  renderObject(response, role);
+};

packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.test.js

@@ -0,0 +1,59 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createPermission } from '../../../../../../test/factories/permission.js';
+import getRoleMock from '../../../../../../test/mocks/rest/api/v1/admin/roles/get-role.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/roles/:roleId', () => {
+  let role, currentUser, token, permissionOne, permissionTwo;
+
+  beforeEach(async () => {
+    role = await createRole({ key: 'admin' });
+    permissionOne = await createPermission({ roleId: role.id });
+    permissionTwo = await createPermission({ roleId: role.id });
+    currentUser = await createUser({ roleId: role.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return role', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(`/api/v1/admin/roles/${role.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getRoleMock(role, [
+      permissionOne,
+      permissionTwo,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing role UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingRoleUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/admin/roles/${notExistingRoleUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/roles/invalidRoleUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.js

@@ -0,0 +1,8 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const roles = await Role.query().orderBy('name');
+
+  renderObject(response, roles);
+};

packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.test.js

@@ -0,0 +1,33 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import getRolesMock from '../../../../../../test/mocks/rest/api/v1/admin/roles/get-roles.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/roles', () => {
+  let roleOne, roleTwo, currentUser, token;
+
+  beforeEach(async () => {
+    roleOne = await createRole({ key: 'admin' });
+    roleTwo = await createRole({ key: 'user' });
+    currentUser = await createUser({ roleId: roleOne.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return roles', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/roles')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getRolesMock([roleOne, roleTwo]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js

@@ -0,0 +1,14 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import SamlAuthProvider from '../../../../../models/saml-auth-provider.ee.js';
+
+export default async (request, response) => {
+  const samlAuthProvider = await SamlAuthProvider.query()
+    .findById(request.params.samlAuthProviderId)
+    .throwIfNotFound();
+
+  const roleMappings = await samlAuthProvider
+    .$relatedQuery('samlAuthProvidersRoleMappings')
+    .orderBy('remote_role_name', 'asc');
+
+  renderObject(response, roleMappings);
+};

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.test.js

@@ -0,0 +1,51 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
+import { createRoleMapping } from '../../../../../../test/factories/role-mapping.js';
+import getRoleMappingsMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/saml-auth-providers/:samlAuthProviderId/role-mappings', () => {
+  let roleMappingOne, roleMappingTwo, samlAuthProvider, currentUser, token;
+
+  beforeEach(async () => {
+    const role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+
+    samlAuthProvider = await createSamlAuthProvider();
+
+    roleMappingOne = await createRoleMapping({
+      samlAuthProviderId: samlAuthProvider.id,
+      remoteRoleName: 'Admin',
+    });
+
+    roleMappingTwo = await createRoleMapping({
+      samlAuthProviderId: samlAuthProvider.id,
+      remoteRoleName: 'User',
+    });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return role mappings', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(
+        `/api/v1/admin/saml-auth-providers/${samlAuthProvider.id}/role-mappings`
+      )
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getRoleMappingsMock([
+      roleMappingOne,
+      roleMappingTwo,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js

@@ -0,0 +1,12 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import SamlAuthProvider from '../../../../../models/saml-auth-provider.ee.js';
+
+export default async (request, response) => {
+  const samlAuthProvider = await SamlAuthProvider.query()
+    .findById(request.params.samlAuthProviderId)
+    .throwIfNotFound();
+
+  renderObject(response, samlAuthProvider, {
+    serializer: 'AdminSamlAuthProvider',
+  });
+};

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js

@@ -0,0 +1,57 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
+import getSamlAuthProviderMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/saml-auth-provider/:samlAuthProviderId', () => {
+  let samlAuthProvider, currentUser, token;
+
+  beforeEach(async () => {
+    const role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+    samlAuthProvider = await createSamlAuthProvider();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return saml auth provider with specified id', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(`/api/v1/admin/saml-auth-providers/${samlAuthProvider.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getSamlAuthProviderMock(samlAuthProvider);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing saml auth provider UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingSamlAuthProviderUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(
+        `/api/v1/admin/saml-auth-providers/${notExistingSamlAuthProviderUUID}`
+      )
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/saml-auth-providers/invalidSamlAuthProviderUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js

@@ -0,0 +1,13 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import SamlAuthProvider from '../../../../../models/saml-auth-provider.ee.js';
+
+export default async (request, response) => {
+  const samlAuthProviders = await SamlAuthProvider.query().orderBy(
+    'created_at',
+    'desc'
+  );
+
+  renderObject(response, samlAuthProviders, {
+    serializer: 'AdminSamlAuthProvider',
+  });
+};

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.test.js

@@ -0,0 +1,39 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
+import getSamlAuthProvidersMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/saml-auth-providers', () => {
+  let samlAuthProviderOne, samlAuthProviderTwo, currentUser, token;
+
+  beforeEach(async () => {
+    const role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+
+    samlAuthProviderOne = await createSamlAuthProvider();
+    samlAuthProviderTwo = await createSamlAuthProvider();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return saml auth providers', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/saml-auth-providers')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getSamlAuthProvidersMock([
+      samlAuthProviderTwo,
+      samlAuthProviderOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/users/get-user.ee.js

@@ -0,0 +1,13 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import User from '../../../../../models/user.js';
+
+export default async (request, response) => {
+  const user = await User.query()
+    .withGraphFetched({
+      role: true,
+    })
+    .findById(request.params.userId)
+    .throwIfNotFound();
+
+  renderObject(response, user);
+};

packages/backend/src/controllers/api/v1/admin/users/get-user.ee.test.js

@@ -0,0 +1,55 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../../test/factories/user';
+import { createRole } from '../../../../../../test/factories/role';
+import getUserMock from '../../../../../../test/mocks/rest/api/v1/admin/users/get-user.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/users/:userId', () => {
+  let currentUser, currentUserRole, anotherUser, anotherUserRole, token;
+
+  beforeEach(async () => {
+    currentUserRole = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: currentUserRole.id });
+
+    anotherUser = await createUser();
+    anotherUserRole = await anotherUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified user info', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(`/api/v1/admin/users/${anotherUser.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getUserMock(anotherUser, anotherUserRole);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing user UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingUserUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/admin/users/${notExistingUserUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/users/invalidUserUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/users/get-users.ee.js

@@ -0,0 +1,15 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import User from '../../../../../models/user.js';
+import paginateRest from '../../../../../helpers/pagination-rest.js';
+
+export default async (request, response) => {
+  const usersQuery = User.query()
+    .withGraphFetched({
+      role: true,
+    })
+    .orderBy('full_name', 'asc');
+
+  const users = await paginateRest(usersQuery, request.query.page);
+
+  renderObject(response, users);
+};

packages/backend/src/controllers/api/v1/admin/users/get-users.ee.test.js

@@ -0,0 +1,49 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id';
+import { createRole } from '../../../../../../test/factories/role';
+import { createUser } from '../../../../../../test/factories/user';
+import getUsersMock from '../../../../../../test/mocks/rest/api/v1/admin/users/get-users.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/users', () => {
+  let currentUser, currentUserRole, anotherUser, anotherUserRole, token;
+
+  beforeEach(async () => {
+    currentUserRole = await createRole({ key: 'admin' });
+
+    currentUser = await createUser({
+      roleId: currentUserRole.id,
+      fullName: 'Current User',
+    });
+
+    anotherUserRole = await createRole({
+      key: 'anotherUser',
+      name: 'Another user role',
+    });
+
+    anotherUser = await createUser({
+      roleId: anotherUserRole.id,
+      fullName: 'Another User',
+    });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return users data', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/users')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedResponsePayload = await getUsersMock(
+      [anotherUser, currentUser],
+      [anotherUserRole, currentUserRole]
+    );
+
+    expect(response.body).toEqual(expectedResponsePayload);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-action-substeps.js

@@ -0,0 +1,11 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const substeps = await App.findActionSubsteps(
+    request.params.appKey,
+    request.params.actionKey
+  );
+
+  renderObject(response, substeps);
+};

packages/backend/src/controllers/api/v1/apps/get-action-substeps.test.js

@@ -0,0 +1,52 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getActionSubstepsMock from '../../../../../test/mocks/rest/api/v1/apps/get-action-substeps.js';
+
+describe('GET /api/v1/apps/:appKey/actions/:actionKey/substeps', () => {
+  let currentUser, exampleApp, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+    exampleApp = await App.findOneByKey('github');
+  });
+
+  it('should return the app auth info', async () => {
+    const actions = await App.findActionsByKey('github');
+    const exampleAction = actions.find(
+      (action) => action.key === 'createIssue'
+    );
+
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/actions/${exampleAction.key}/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getActionSubstepsMock(exampleAction.substeps);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/actions/invalid-actions-key/substeps')
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return empty array for invalid action key', async () => {
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/actions/invalid-action-key/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data).toEqual([]);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-actions.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const actions = await App.findActionsByKey(request.params.appKey);
+
+  renderObject(response, actions, { serializer: 'Action' });
+};

packages/backend/src/controllers/api/v1/apps/get-actions.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getActionsMock from '../../../../../test/mocks/rest/api/v1/apps/get-actions.js';
+
+describe('GET /api/v1/apps/:appKey/actions', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app actions', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}/actions`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getActionsMock(exampleApp.actions);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/actions')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-app.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const app = await App.findOneByKey(request.params.appKey);
+
+  renderObject(response, app, { serializer: 'App' });
+};

packages/backend/src/controllers/api/v1/apps/get-app.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getAppMock from '../../../../../test/mocks/rest/api/v1/apps/get-app.js';
+
+describe('GET /api/v1/apps/:appKey', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app info', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppMock(exampleApp);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-apps.js

@@ -0,0 +1,16 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  let apps = await App.findAll(request.query.name);
+
+  if (request.query.onlyWithTriggers) {
+    apps = apps.filter((app) => app.triggers?.length);
+  }
+
+  if (request.query.onlyWithActions) {
+    apps = apps.filter((app) => app.actions?.length);
+  }
+
+  renderObject(response, apps, { serializer: 'App' });
+};

packages/backend/src/controllers/api/v1/apps/get-apps.test.js

@@ -0,0 +1,63 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getAppsMock from '../../../../../test/mocks/rest/api/v1/apps/get-apps.js';
+
+describe('GET /api/v1/apps', () => {
+  let currentUser, apps, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+    apps = await App.findAll();
+  });
+
+  it('should return all apps', async () => {
+    const response = await request(app)
+      .get('/api/v1/apps')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(apps);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return all apps filtered by name', async () => {
+    const appsWithNameGit = apps.filter((app) => app.name.includes('Git'));
+
+    const response = await request(app)
+      .get('/api/v1/apps?name=Git')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(appsWithNameGit);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return only the apps with triggers', async () => {
+    const appsWithTriggers = apps.filter((app) => app.triggers?.length > 0);
+
+    const response = await request(app)
+      .get('/api/v1/apps?onlyWithTriggers=true')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(appsWithTriggers);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return only the apps with actions', async () => {
+    const appsWithActions = apps.filter((app) => app.actions?.length > 0);
+
+    const response = await request(app)
+      .get('/api/v1/apps?onlyWithActions=true')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(appsWithActions);
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-auth-client.ee.js

@@ -0,0 +1,11 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClient = await AppAuthClient.query()
+    .findById(request.params.appAuthClientId)
+    .where({ app_key: request.params.appKey, active: true })
+    .throwIfNotFound();
+
+  renderObject(response, appAuthClient);
+};

packages/backend/src/controllers/api/v1/apps/get-auth-client.ee.test.js

@@ -0,0 +1,50 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getAppAuthClientMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth-client.js';
+import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/apps/:appKey/auth-clients/:appAuthClientId', () => {
+  let currentUser, currentAppAuthClient, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    currentUser = await createUser();
+    currentAppAuthClient = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client', async () => {
+    const response = await request(app)
+      .get(`/api/v1/apps/deepl/auth-clients/${currentAppAuthClient.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing app auth client ID', async () => {
+    const notExistingAppAuthClientUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/apps/deepl/auth-clients/${notExistingAppAuthClientUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await request(app)
+      .get('/api/v1/apps/deepl/auth-clients/invalidAppAuthClientUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.js

@@ -0,0 +1,10 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClients = await AppAuthClient.query()
+    .where({ app_key: request.params.appKey, active: true })
+    .orderBy('created_at', 'desc');
+
+  renderObject(response, appAuthClients);
+};

packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.test.js

@@ -0,0 +1,42 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getAuthClientsMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth-clients.js';
+import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/apps/:appKey/auth-clients', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    currentUser = await createUser();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client info', async () => {
+    const appAuthClientOne = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const appAuthClientTwo = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/deepl/auth-clients')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAuthClientsMock([
+      appAuthClientTwo,
+      appAuthClientOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-auth.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const auth = await App.findAuthByKey(request.params.appKey);
+
+  renderObject(response, auth, { serializer: 'Auth' });
+};

packages/backend/src/controllers/api/v1/apps/get-auth.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getAuthMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth.js';
+
+describe('GET /api/v1/apps/:appKey/auth', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app auth info', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}/auth`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAuthMock(exampleApp.auth);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/auth')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-config.ee.js

@@ -0,0 +1,15 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import AppConfig from '../../../../models/app-config.js';
+
+export default async (request, response) => {
+  const appConfig = await AppConfig.query()
+    .withGraphFetched({
+      appAuthClients: true,
+    })
+    .findOne({
+      key: request.params.appKey,
+    })
+    .throwIfNotFound();
+
+  renderObject(response, appConfig);
+};

packages/backend/src/controllers/api/v1/apps/get-config.ee.test.js

@@ -0,0 +1,44 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getAppConfigMock from '../../../../../test/mocks/rest/api/v1/apps/get-config.js';
+import { createAppConfig } from '../../../../../test/factories/app-config.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/apps/:appKey/config', () => {
+  let currentUser, appConfig, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    currentUser = await createUser();
+
+    appConfig = await createAppConfig({
+      key: 'deepl',
+      allowCustomConnection: true,
+      shared: true,
+      disabled: false,
+    });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app config info', async () => {
+    const response = await request(app)
+      .get(`/api/v1/apps/${appConfig.key}/config`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppConfigMock(appConfig);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/not-existing-app-key/config')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-connections.js

@@ -0,0 +1,24 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import App from '../../../../models/app.js';
+
+export default async (request, response) => {
+  const app = await App.findOneByKey(request.params.appKey);
+
+  const connections = await request.currentUser.authorizedConnections
+    .clone()
+    .select('connections.*')
+    .withGraphFetched({
+      appConfig: true,
+      appAuthClient: true,
+    })
+    .fullOuterJoinRelated('steps')
+    .where({
+      'connections.key': app.key,
+      'connections.draft': false,
+    })
+    .countDistinct('steps.flow_id as flowCount')
+    .groupBy('connections.id')
+    .orderBy('created_at', 'desc');
+
+  renderObject(response, connections);
+};

packages/backend/src/controllers/api/v1/apps/get-connections.test.js

@@ -0,0 +1,101 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createConnection } from '../../../../../test/factories/connection.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+import getConnectionsMock from '../../../../../test/mocks/rest/api/v1/apps/get-connections.js';
+
+describe('GET /api/v1/apps/:appKey/connections', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the connections data of specified app for current user', async () => {
+    const currentUserConnectionOne = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    const currentUserConnectionTwo = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/deepl/connections')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getConnectionsMock([
+      currentUserConnectionTwo,
+      currentUserConnectionOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the connections data of specified app for another user', async () => {
+    const anotherUser = await createUser();
+
+    const anotherUserConnectionOne = await createConnection({
+      userId: anotherUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    const anotherUserConnectionTwo = await createConnection({
+      userId: anotherUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/deepl/connections')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getConnectionsMock([
+      anotherUserConnectionTwo,
+      anotherUserConnectionOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid connection UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .get('/api/v1/connections/invalid-connection-id/connections')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-flows.js

@@ -0,0 +1,23 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import App from '../../../../models/app.js';
+import paginateRest from '../../../../helpers/pagination-rest.js';
+
+export default async (request, response) => {
+  const app = await App.findOneByKey(request.params.appKey);
+
+  const flowsQuery = request.currentUser.authorizedFlows
+    .clone()
+    .joinRelated({
+      steps: true,
+    })
+    .withGraphFetched({
+      steps: true,
+    })
+    .where('steps.app_key', app.key)
+    .orderBy('active', 'desc')
+    .orderBy('updated_at', 'desc');
+
+  const flows = await paginateRest(flowsQuery, request.query.page);
+
+  renderObject(response, flows);
+};

packages/backend/src/controllers/api/v1/apps/get-flows.test.js

@@ -0,0 +1,129 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+import getFlowsMock from '../../../../../test/mocks/rest/api/v1/flows/get-flows.js';
+
+describe('GET /api/v1/apps/:appKey/flows', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the flows data of specified app for current user', async () => {
+    const currentUserFlowOne = await createFlow({ userId: currentUser.id });
+
+    const triggerStepFlowOne = await createStep({
+      flowId: currentUserFlowOne.id,
+      type: 'trigger',
+      appKey: 'webhook',
+    });
+
+    const actionStepFlowOne = await createStep({
+      flowId: currentUserFlowOne.id,
+      type: 'action',
+    });
+
+    const currentUserFlowTwo = await createFlow({ userId: currentUser.id });
+
+    await createStep({
+      flowId: currentUserFlowTwo.id,
+      type: 'trigger',
+      appKey: 'github',
+    });
+
+    await createStep({
+      flowId: currentUserFlowTwo.id,
+      type: 'action',
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/webhook/flows')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowsMock(
+      [currentUserFlowOne],
+      [triggerStepFlowOne, actionStepFlowOne]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the flows data of specified app for another user', async () => {
+    const anotherUser = await createUser();
+    const anotherUserFlowOne = await createFlow({ userId: anotherUser.id });
+
+    const triggerStepFlowOne = await createStep({
+      flowId: anotherUserFlowOne.id,
+      type: 'trigger',
+      appKey: 'webhook',
+    });
+
+    const actionStepFlowOne = await createStep({
+      flowId: anotherUserFlowOne.id,
+      type: 'action',
+    });
+
+    const anotherUserFlowTwo = await createFlow({ userId: anotherUser.id });
+
+    await createStep({
+      flowId: anotherUserFlowTwo.id,
+      type: 'trigger',
+      appKey: 'github',
+    });
+
+    await createStep({
+      flowId: anotherUserFlowTwo.id,
+      type: 'action',
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/webhook/flows')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowsMock(
+      [anotherUserFlowOne],
+      [triggerStepFlowOne, actionStepFlowOne]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/flows')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-trigger-substeps.js

@@ -0,0 +1,11 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const substeps = await App.findTriggerSubsteps(
+    request.params.appKey,
+    request.params.triggerKey
+  );
+
+  renderObject(response, substeps);
+};

packages/backend/src/controllers/api/v1/apps/get-trigger-substeps.test.js

@@ -0,0 +1,52 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getTriggerSubstepsMock from '../../../../../test/mocks/rest/api/v1/apps/get-trigger-substeps.js';
+
+describe('GET /api/v1/apps/:appKey/triggers/:triggerKey/substeps', () => {
+  let currentUser, exampleApp, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+    exampleApp = await App.findOneByKey('github');
+  });
+
+  it('should return the app auth info', async () => {
+    const triggers = await App.findTriggersByKey('github');
+    const exampleTrigger = triggers.find(
+      (trigger) => trigger.key === 'newIssues'
+    );
+
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/triggers/${exampleTrigger.key}/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getTriggerSubstepsMock(exampleTrigger.substeps);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/triggers/invalid-trigger-key/substeps')
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return empty array for invalid trigger key', async () => {
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/triggers/invalid-trigger-key/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data).toEqual([]);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-triggers.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const triggers = await App.findTriggersByKey(request.params.appKey);
+
+  renderObject(response, triggers, { serializer: 'Trigger' });
+};

packages/backend/src/controllers/api/v1/apps/get-triggers.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getTriggersMock from '../../../../../test/mocks/rest/api/v1/apps/get-triggers.js';
+
+describe('GET /api/v1/apps/:appKey/triggers', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app triggers', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}/triggers`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getTriggersMock(exampleApp.triggers);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/triggers')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/config.ee.js

@@ -0,0 +1,24 @@
+import appConfig from '../../../../config/app.js';
+import Config from '../../../../models/config.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const defaultConfig = {
+    disableNotificationsPage: appConfig.disableNotificationsPage,
+    disableFavicon: appConfig.disableFavicon,
+    additionalDrawerLink: appConfig.additionalDrawerLink,
+    additionalDrawerLinkText: appConfig.additionalDrawerLinkText,
+  };
+
+  let config = await Config.query().orderBy('key', 'asc');
+
+  config = config.reduce((computedConfig, configEntry) => {
+    const { key, value } = configEntry;
+
+    computedConfig[key] = value?.data;
+
+    return computedConfig;
+  }, defaultConfig);
+
+  renderObject(response, config);
+};

packages/backend/src/controllers/api/v1/automatisch/config.ee.test.js

@@ -0,0 +1,51 @@
+import { vi, expect, describe, it } from 'vitest';
+import request from 'supertest';
+import { createConfig } from '../../../../../test/factories/config.js';
+import app from '../../../../app.js';
+import configMock from '../../../../../test/mocks/rest/api/v1/automatisch/config.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/automatisch/config', () => {
+  it('should return Automatisch config', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const logoConfig = await createConfig({
+      key: 'logo.svgData',
+      value: { data: '<svg>Sample</svg>' },
+    });
+
+    const primaryDarkConfig = await createConfig({
+      key: 'palette.primary.dark',
+      value: { data: '#001F52' },
+    });
+
+    const primaryLightConfig = await createConfig({
+      key: 'palette.primary.light',
+      value: { data: '#4286FF' },
+    });
+
+    const primaryMainConfig = await createConfig({
+      key: 'palette.primary.main',
+      value: { data: '#0059F7' },
+    });
+
+    const titleConfig = await createConfig({
+      key: 'title',
+      value: { data: 'Sample Title' },
+    });
+
+    const response = await request(app)
+      .get('/api/v1/automatisch/config')
+      .expect(200);
+
+    const expectedPayload = configMock(
+      logoConfig,
+      primaryDarkConfig,
+      primaryLightConfig,
+      primaryMainConfig,
+      titleConfig
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/info.js

@@ -0,0 +1,13 @@
+import appConfig from '../../../../config/app.js';
+import { hasValidLicense } from '../../../../helpers/license.ee.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const info = {
+    isCloud: appConfig.isCloud,
+    isMation: appConfig.isMation,
+    isEnterprise: await hasValidLicense(),
+  };
+
+  renderObject(response, info);
+};

packages/backend/src/controllers/api/v1/automatisch/info.test.js

@@ -0,0 +1,22 @@
+import { vi, expect, describe, it } from 'vitest';
+import request from 'supertest';
+import appConfig from '../../../../config/app.js';
+import app from '../../../../app.js';
+import infoMock from '../../../../../test/mocks/rest/api/v1/automatisch/info.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/automatisch/info', () => {
+  it('should return Automatisch info', async () => {
+    vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(false);
+    vi.spyOn(appConfig, 'isMation', 'get').mockReturnValue(false);
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/automatisch/info')
+      .expect(200);
+
+    const expectedPayload = infoMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/license.js

@@ -0,0 +1,15 @@
+import { getLicense } from '../../../../helpers/license.ee.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const license = await getLicense();
+
+  const computedLicense = {
+    id: license ? license.id : null,
+    name: license ? license.name : null,
+    expireAt: license ? license.expireAt : null,
+    verified: license ? true : false,
+  };
+
+  renderObject(response, computedLicense);
+};

packages/backend/src/controllers/api/v1/automatisch/license.test.js

@@ -0,0 +1,23 @@
+import { vi, expect, describe, it } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import licenseMock from '../../../../../test/mocks/rest/api/v1/automatisch/license.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/automatisch/license', () => {
+  it('should return Automatisch license info', async () => {
+    vi.spyOn(license, 'getLicense').mockResolvedValue({
+      id: '123',
+      name: 'license-name',
+      expireAt: '2025-12-31T23:59:59Z',
+    });
+
+    const response = await request(app)
+      .get('/api/v1/automatisch/license')
+      .expect(200);
+
+    const expectedPayload = licenseMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/notifications.js

@@ -0,0 +1,19 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import axios from '../../../../helpers/axios-with-proxy.js';
+import logger from '../../../../helpers/logger.js';
+
+const NOTIFICATIONS_URL =
+  'https://notifications.automatisch.io/notifications.json';
+
+export default async (request, response) => {
+  let notifications = [];
+
+  try {
+    const response = await axios.get(NOTIFICATIONS_URL);
+    notifications = response.data;
+  } catch (error) {
+    logger.error('Error fetching notifications API endpoint!', error);
+  }
+
+  renderObject(response, notifications);
+};

packages/backend/src/controllers/api/v1/automatisch/notifications.test.js

@@ -0,0 +1,9 @@
+import { describe, it } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+
+describe('GET /api/v1/automatisch/notifications', () => {
+  it('should return Automatisch notifications', async () => {
+    await request(app).get('/api/v1/automatisch/notifications').expect(200);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/version.js

@@ -0,0 +1,6 @@
+import appConfig from '../../../../config/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  renderObject(response, { version: appConfig.version });
+};

packages/backend/src/controllers/api/v1/automatisch/version.test.js

@@ -0,0 +1,26 @@
+import { describe, it, expect } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+
+describe('GET /api/v1/automatisch/version', () => {
+  it('should return Automatisch version', async () => {
+    const response = await request(app)
+      .get('/api/v1/automatisch/version')
+      .expect(200);
+
+    const expectedPayload = {
+      data: {
+        version: '0.10.0',
+      },
+      meta: {
+        count: 1,
+        currentPage: null,
+        isArray: false,
+        totalPages: null,
+        type: 'Object',
+      },
+    };
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/connections/create-test.js

@@ -0,0 +1,14 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  let connection = await request.currentUser.authorizedConnections
+    .clone()
+    .findOne({
+      id: request.params.connectionId,
+    })
+    .throwIfNotFound();
+
+  connection = await connection.testAndUpdateConnection();
+
+  renderObject(response, connection);
+};

packages/backend/src/controllers/api/v1/connections/create-test.test.js

@@ -0,0 +1,123 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createConnection } from '../../../../../test/factories/connection.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+
+describe('POST /api/v1/connections/:connectionId/test', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should update the connection as not verified for current user', async () => {
+    const currentUserConnection = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      verified: true,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .post(`/api/v1/connections/${currentUserConnection.id}/test`)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data.verified).toEqual(false);
+  });
+
+  it('should update the connection as not verified for another user', async () => {
+    const anotherUser = await createUser();
+
+    const anotherUserConnection = await createConnection({
+      userId: anotherUser.id,
+      key: 'deepl',
+      verified: true,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .post(`/api/v1/connections/${anotherUserConnection.id}/test`)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data.verified).toEqual(false);
+  });
+
+  it('should return not found response for not existing connection UUID', async () => {
+    const notExistingConnectionUUID = Crypto.randomUUID();
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .post(`/api/v1/connections/${notExistingConnectionUUID}/test`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .post('/api/v1/connections/invalidConnectionUUID/test')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/connections/get-flows.js

@@ -0,0 +1,20 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import paginateRest from '../../../../helpers/pagination-rest.js';
+
+export default async (request, response) => {
+  const flowsQuery = request.currentUser.authorizedFlows
+    .clone()
+    .joinRelated({
+      steps: true,
+    })
+    .withGraphFetched({
+      steps: true,
+    })
+    .where('steps.connection_id', request.params.connectionId)
+    .orderBy('active', 'desc')
+    .orderBy('updated_at', 'desc');
+
+  const flows = await paginateRest(flowsQuery, request.query.page);
+
+  renderObject(response, flows);
+};

packages/backend/src/controllers/api/v1/connections/get-flows.test.js

@@ -0,0 +1,128 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createConnection } from '../../../../../test/factories/connection.js';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+import getFlowsMock from '../../../../../test/mocks/rest/api/v1/flows/get-flows.js';
+
+describe('GET /api/v1/connections/:connectionId/flows', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the flows data of specified connection for current user', async () => {
+    const currentUserFlowOne = await createFlow({ userId: currentUser.id });
+
+    const currentUserConnection = await createConnection({
+      userId: currentUser.id,
+      key: 'webhook',
+    });
+
+    const triggerStepFlowOne = await createStep({
+      flowId: currentUserFlowOne.id,
+      type: 'trigger',
+      appKey: 'webhook',
+      connectionId: currentUserConnection.id,
+    });
+
+    const actionStepFlowOne = await createStep({
+      flowId: currentUserFlowOne.id,
+      type: 'action',
+    });
+
+    const currentUserFlowTwo = await createFlow({ userId: currentUser.id });
+
+    await createStep({
+      flowId: currentUserFlowTwo.id,
+      type: 'trigger',
+      appKey: 'github',
+    });
+
+    await createStep({
+      flowId: currentUserFlowTwo.id,
+      type: 'action',
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/connections/${currentUserConnection.id}/flows`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowsMock(
+      [currentUserFlowOne],
+      [triggerStepFlowOne, actionStepFlowOne]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the flows data of specified connection for another user', async () => {
+    const anotherUser = await createUser();
+    const anotherUserFlowOne = await createFlow({ userId: anotherUser.id });
+
+    const anotherUserConnection = await createConnection({
+      userId: anotherUser.id,
+      key: 'webhook',
+    });
+
+    const triggerStepFlowOne = await createStep({
+      flowId: anotherUserFlowOne.id,
+      type: 'trigger',
+      appKey: 'webhook',
+      connectionId: anotherUserConnection.id,
+    });
+
+    const actionStepFlowOne = await createStep({
+      flowId: anotherUserFlowOne.id,
+      type: 'action',
+    });
+
+    const anotherUserFlowTwo = await createFlow({ userId: anotherUser.id });
+
+    await createStep({
+      flowId: anotherUserFlowTwo.id,
+      type: 'trigger',
+      appKey: 'github',
+    });
+
+    await createStep({
+      flowId: anotherUserFlowTwo.id,
+      type: 'action',
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/connections/${anotherUserConnection.id}/flows`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowsMock(
+      [anotherUserFlowOne],
+      [triggerStepFlowOne, actionStepFlowOne]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/executions/get-execution-steps.js

@@ -0,0 +1,23 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import paginateRest from '../../../../helpers/pagination-rest.js';
+
+export default async (request, response) => {
+  const execution = await request.currentUser.authorizedExecutions
+    .clone()
+    .withSoftDeleted()
+    .findById(request.params.executionId)
+    .throwIfNotFound();
+
+  const executionStepsQuery = execution
+    .$relatedQuery('executionSteps')
+    .withSoftDeleted()
+    .withGraphFetched('step')
+    .orderBy('created_at', 'asc');
+
+  const executionSteps = await paginateRest(
+    executionStepsQuery,
+    request.query.page
+  );
+
+  renderObject(response, executionSteps);
+};

packages/backend/src/controllers/api/v1/executions/get-execution-steps.test.js

@@ -0,0 +1,153 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createExecution } from '../../../../../test/factories/execution.js';
+import { createExecutionStep } from '../../../../../test/factories/execution-step.js';
+import { createPermission } from '../../../../../test/factories/permission';
+import getExecutionStepsMock from '../../../../../test/mocks/rest/api/v1/executions/get-execution-steps';
+
+describe('GET /api/v1/executions/:executionId/execution-steps', () => {
+  let currentUser, currentUserRole, anotherUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    anotherUser = await createUser();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the execution steps of current user execution', async () => {
+    const currentUserFlow = await createFlow({
+      userId: currentUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'action',
+    });
+
+    const currentUserExecution = await createExecution({
+      flowId: currentUserFlow.id,
+    });
+
+    const currentUserExecutionStepOne = await createExecutionStep({
+      executionId: currentUserExecution.id,
+      stepId: stepOne.id,
+    });
+
+    const currentUserExecutionStepTwo = await createExecutionStep({
+      executionId: currentUserExecution.id,
+      stepId: stepTwo.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${currentUserExecution.id}/execution-steps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionStepsMock(
+      [currentUserExecutionStepOne, currentUserExecutionStepTwo],
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the execution steps of another user execution', async () => {
+    const anotherUserFlow = await createFlow({
+      userId: anotherUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const anotherUserExecution = await createExecution({
+      flowId: anotherUserFlow.id,
+    });
+
+    const anotherUserExecutionStepOne = await createExecutionStep({
+      executionId: anotherUserExecution.id,
+      stepId: stepOne.id,
+    });
+
+    const anotherUserExecutionStepTwo = await createExecutionStep({
+      executionId: anotherUserExecution.id,
+      stepId: stepTwo.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${anotherUserExecution.id}/execution-steps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionStepsMock(
+      [anotherUserExecutionStepOne, anotherUserExecutionStepTwo],
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing execution step UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingExcecutionUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/executions/${notExistingExcecutionUUID}/execution-steps`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/executions/invalidExecutionUUID/execution-steps')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/executions/get-execution.js

@@ -0,0 +1,16 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const execution = await request.currentUser.authorizedExecutions
+    .clone()
+    .withGraphFetched({
+      flow: {
+        steps: true,
+      },
+    })
+    .withSoftDeleted()
+    .findById(request.params.executionId)
+    .throwIfNotFound();
+
+  renderObject(response, execution);
+};

packages/backend/src/controllers/api/v1/executions/get-execution.test.js

@@ -0,0 +1,134 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createExecution } from '../../../../../test/factories/execution.js';
+import { createPermission } from '../../../../../test/factories/permission';
+import getExecutionMock from '../../../../../test/mocks/rest/api/v1/executions/get-execution';
+
+describe('GET /api/v1/executions/:executionId', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the execution data of current user', async () => {
+    const currentUserFlow = await createFlow({
+      userId: currentUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'action',
+    });
+
+    const currentUserExecution = await createExecution({
+      flowId: currentUserFlow.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${currentUserExecution.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionMock(
+      currentUserExecution,
+      currentUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the execution data of another user', async () => {
+    const anotherUser = await createUser();
+
+    const anotherUserFlow = await createFlow({
+      userId: anotherUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const anotherUserExecution = await createExecution({
+      flowId: anotherUserFlow.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${anotherUserExecution.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionMock(
+      anotherUserExecution,
+      anotherUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing execution UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingExcecutionUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/executions/${notExistingExcecutionUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/executions/invalidExecutionUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/executions/get-executions.js

@@ -0,0 +1,27 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import paginateRest from '../../../../helpers/pagination-rest.js';
+
+export default async (request, response) => {
+  const executionsQuery = request.currentUser.authorizedExecutions
+    .clone()
+    .withSoftDeleted()
+    .orderBy('created_at', 'desc')
+    .withGraphFetched({
+      flow: {
+        steps: true,
+      },
+    });
+
+  const executions = await paginateRest(executionsQuery, request.query.page);
+
+  for (const execution of executions.records) {
+    const executionSteps = await execution.$relatedQuery('executionSteps');
+    const status = executionSteps.some((step) => step.status === 'failure')
+      ? 'failure'
+      : 'success';
+
+    execution.status = status;
+  }
+
+  renderObject(response, executions);
+};

packages/backend/src/controllers/api/v1/executions/get-executions.test.js

@@ -0,0 +1,119 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createExecution } from '../../../../../test/factories/execution.js';
+import { createPermission } from '../../../../../test/factories/permission';
+import getExecutionsMock from '../../../../../test/mocks/rest/api/v1/executions/get-executions';
+
+describe('GET /api/v1/executions', () => {
+  let currentUser, currentUserRole, anotherUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    anotherUser = await createUser();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the executions of current user', async () => {
+    const currentUserFlow = await createFlow({
+      userId: currentUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'action',
+    });
+
+    const currentUserExecutionOne = await createExecution({
+      flowId: currentUserFlow.id,
+    });
+
+    const currentUserExecutionTwo = await createExecution({
+      flowId: currentUserFlow.id,
+    });
+
+    await currentUserExecutionTwo
+      .$query()
+      .patchAndFetch({ deletedAt: new Date().toISOString() });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/executions')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionsMock(
+      [currentUserExecutionTwo, currentUserExecutionOne],
+      currentUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the executions of another user', async () => {
+    const anotherUserFlow = await createFlow({
+      userId: anotherUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const anotherUserExecutionOne = await createExecution({
+      flowId: anotherUserFlow.id,
+    });
+
+    const anotherUserExecutionTwo = await createExecution({
+      flowId: anotherUserFlow.id,
+    });
+
+    await anotherUserExecutionTwo
+      .$query()
+      .patchAndFetch({ deletedAt: new Date().toISOString() });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/executions')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionsMock(
+      [anotherUserExecutionTwo, anotherUserExecutionOne],
+      anotherUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/flows/get-flow.js

@@ -0,0 +1,12 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const flow = await request.currentUser.authorizedFlows
+    .clone()
+    .withGraphJoined({ steps: true })
+    .orderBy('steps.position', 'asc')
+    .findOne({ 'flows.id': request.params.flowId })
+    .throwIfNotFound();
+
+  renderObject(response, flow);
+};

packages/backend/src/controllers/api/v1/flows/get-flow.test.js

@@ -0,0 +1,102 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow';
+import { createStep } from '../../../../../test/factories/step';
+import { createPermission } from '../../../../../test/factories/permission';
+import getFlowMock from '../../../../../test/mocks/rest/api/v1/flows/get-flow';
+
+describe('GET /api/v1/flows/:flowId', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the flow data of current user', async () => {
+    const currentUserflow = await createFlow({ userId: currentUser.id });
+    const triggerStep = await createStep({ flowId: currentUserflow.id });
+    const actionStep = await createStep({ flowId: currentUserflow.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/flows/${currentUserflow.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowMock(currentUserflow, [
+      triggerStep,
+      actionStep,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the flow data of another user', async () => {
+    const anotherUser = await createUser();
+    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
+    const triggerStep = await createStep({ flowId: anotherUserFlow.id });
+    const actionStep = await createStep({ flowId: anotherUserFlow.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/flows/${anotherUserFlow.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowMock(anotherUserFlow, [
+      triggerStep,
+      actionStep,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing flow UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingFlowUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/flows/${notExistingFlowUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/flows/invalidFlowUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});