chore: allow custom seed user creds

fix: remove unnecessery styling causing the problem with scrolling Edit/Create role pages

.devcontainer/boot.sh

@@ -28,7 +28,7 @@ cd packages/web
 rm -rf .env
 echo "
 PORT=$WEB_PORT
-REACT_APP_GRAPHQL_URL=http://localhost:$BACKEND_PORT/graphql
+REACT_APP_BACKEND_URL=http://localhost:$BACKEND_PORT
 " >> .env
 cd $CURRENT_DIR
 

.eslintrc.js

@@ -1,18 +0,0 @@
-module.exports = {
-  root: true,
-  parser: '@typescript-eslint/parser',
-  plugins: ['@typescript-eslint'],
-  extends: [
-    'eslint:recommended',
-    'plugin:@typescript-eslint/recommended',
-    'prettier',
-  ],
-  overrides: [
-    {
-      files: ['**/*.test.ts', '**/test/**/*.ts'],
-      rules: {
-        '@typescript-eslint/ban-ts-comment': ['off'],
-      },
-    },
-  ],
-};

.github/workflows/ci.yml

@@ -22,7 +22,7 @@ jobs:
       - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
       - run: echo "🖥️ The workflow is now ready to test your code on the runner."
       - run: yarn --frozen-lockfile
-      - run: yarn lint
+      - run: cd packages/backend && yarn lint
       - run: echo "🍏 This job's status is ${{ job.status }}."
   start-backend-server:
     runs-on: ubuntu-latest

.github/workflows/playwright.yml

@@ -62,8 +62,9 @@ jobs:
         run: yarn && yarn lerna bootstrap
       - name: Install Playwright Browsers
         run: yarn playwright install --with-deps
-      - name: Build Automatisch
-        run: yarn lerna run --scope=@*/{web,cli} build
+      - name: Build Automatisch web
+        working-directory: ./packages/web
+        run: yarn build
         env:
           # Keep this until we clean up warnings in build processes
           CI: false

package.json

@@ -6,7 +6,6 @@
     "start": "lerna run --stream --parallel --scope=@*/{web,backend} dev",
     "start:web": "lerna run --stream --scope=@*/web dev",
     "start:backend": "lerna run --stream --scope=@*/backend dev",
-    "lint": "lerna run --no-bail --stream --parallel --scope=@*/{web,backend} lint",
     "build:docs": "cd ./packages/docs && yarn install && yarn build"
   },
   "workspaces": {
@@ -21,8 +20,6 @@
     ]
   },
   "devDependencies": {
-    "@typescript-eslint/eslint-plugin": "^5.9.1",
-    "@typescript-eslint/parser": "^5.9.1",
     "eslint": "^8.13.0",
     "eslint-config-prettier": "^8.3.0",
     "eslint-plugin-prettier": "^4.0.0",

packages/backend/bin/database/utils.js

@@ -18,8 +18,8 @@ async function fetchAdminRole() {
 }
 
 export async function createUser(
-  email = 'user@automatisch.io',
-  password = 'sample'
+  email = appConfig.seedUserEmail,
+  password = appConfig.seedUserPassword
 ) {
   const UNIQUE_VIOLATION_CODE = '23505';
 

packages/backend/package.json

@@ -11,7 +11,7 @@
     "start:worker": "node src/worker.js",
     "pretest": "APP_ENV=test node ./test/setup/prepare-test-env.js",
     "test": "APP_ENV=test vitest run",
-    "lint": "eslint . --ignore-path ../../.eslintignore",
+    "lint": "eslint .",
     "db:create": "node ./bin/database/create.js",
     "db:seed:user": "node ./bin/database/seed-user.js",
     "db:drop": "node ./bin/database/drop.js",
@@ -38,6 +38,7 @@
     "debug": "~2.6.9",
     "dotenv": "^10.0.0",
     "express": "~4.18.2",
+    "express-async-handler": "^1.2.0",
     "express-basic-auth": "^1.2.1",
     "express-graphql": "^0.12.0",
     "fast-xml-parser": "^4.0.11",

packages/backend/src/apps/bigin-by-zoho-crm/assets/favicon.svg

@@ -1,32 +0,0 @@
-<svg xmlns:xlink="http://www.w3.org/1999/xlink" xmlns="http://www.w3.org/2000/svg" id="b" data-name="Layer 2" width="327.714" height="120" viewBox="0 0 327.714 120">
-  <defs>
-    <style>
-      .d {
-        fill: #039649;
-      }
-    </style>
-  </defs>
-  <g id="c" data-name="Layer 1">
-    <g>
-      <path class="d" d="m52.39,120c-1.801,0-3.6-.6-5.101-1.5-2.1-1.5-3.6-4.2-3.6-6.9v-24.6L1.09,12.901C-.41,9.9-.41,6.601,1.391,4.2,2.891,1.5,5.89,0,8.89,0h78c2.999,0,5.698,1.5,7.199,4.2,1.801,2.702,1.801,6.3.301,9.002l-5.101,9h10.201c2.999,0,5.698,1.5,7.199,4.2,1.801,2.7,1.801,6.3.301,9l-29.701,51.3v18.599c0,3.899-2.399,6.9-5.999,8.099l-16.2,6.3c-.6.301-1.799.301-2.7.301M8.89,8.4q-.301.301-.301.602l42.301,73.798c1.199,2.1,1.199,3.299,1.199,4.501v23.998s.301.301.6,0l16.2-6.3h.6v-17.999c0-1.199,0-3.299,1.201-4.8l29.4-50.999c0-.301,0-.6-.301-.6l-53.699-.301,14.399,24.901,10.201-17.7c1.199-2.1,3.6-2.7,5.7-1.5,2.1,1.199,2.7,3.6,1.498,5.7l-11.998,20.699c-2.702,4.2-8.701,3.901-11.102.301l-17.4-30.9c-1.199-1.799-1.199-4.2,0-6.3,1.201-2.1,3.301-3.6,5.7-3.6h36.6l7.499-12.899s0-.301-.299-.602H8.89Z"/>
-      <g>
-        <path d="m181.725,48.737c0,3.089-.54,5.684-1.618,7.788-1.081,2.104-2.548,3.79-4.407,5.062-1.858,1.27-4.016,2.179-6.476,2.726-2.459.547-5.069.819-7.828.819h-24.591V6.521h23.034c2.676,0,5.198.24,7.561.718,2.364.479,4.427,1.311,6.189,2.5,1.762,1.189,3.149,2.787,4.16,4.795,1.011,2.008,1.517,4.53,1.517,7.562,0,3.17-.786,5.813-2.357,7.93-1.57,2.119-3.913,3.628-7.028,4.53,4.017.819,6.995,2.371,8.935,4.652s2.91,5.458,2.91,9.529Zm-33.813-17.624h10.533c1.612,0,3.033-.136,4.263-.41,1.23-.272,2.268-.738,3.115-1.393.846-.656,1.489-1.55,1.927-2.684.436-1.134.655-2.562.655-4.284,0-1.612-.267-2.923-.799-3.934-.532-1.01-1.25-1.809-2.152-2.398-.902-.587-1.967-.99-3.197-1.209s-2.542-.328-3.934-.328h-10.411v16.64Zm0,26.067h12.09c1.64,0,3.115-.169,4.427-.512,1.311-.342,2.424-.894,3.341-1.66.915-.764,1.612-1.748,2.091-2.951.478-1.202.716-2.663.716-4.385,0-1.802-.294-3.285-.881-4.447-.588-1.161-1.394-2.083-2.419-2.766s-2.227-1.154-3.606-1.414c-1.381-.26-2.863-.39-4.447-.39h-11.312v18.525Z"/>
-        <path d="m202.257,9.555c0,.847-.151,1.633-.451,2.356-.3.724-.716,1.34-1.25,1.844-.532.507-1.167.902-1.905,1.189s-1.53.431-2.377.431c-.819,0-1.598-.144-2.336-.431s-1.388-.69-1.947-1.209c-.56-.519-.998-1.133-1.311-1.844-.315-.711-.471-1.489-.471-2.336s.156-1.626.471-2.336c.314-.711.744-1.325,1.291-1.845.546-.519,1.187-.922,1.925-1.209s1.53-.431,2.377-.431c.821,0,1.598.144,2.336.431s1.373.69,1.907,1.209c.532.52.955,1.134,1.27,1.845.314.71.471,1.489.471,2.336Zm-.778,12.705v42.871h-10.246V22.261h10.246Z"/>
-        <path d="m254.186,61.935c0,3.361-.587,6.236-1.762,8.627-1.174,2.391-2.78,4.352-4.815,5.882-2.036,1.529-4.407,2.65-7.111,3.361-2.706.71-5.589,1.065-8.648,1.065-2.023,0-4.037-.157-6.045-.471-2.009-.314-3.908-.861-5.697-1.64-1.79-.778-3.395-1.837-4.816-3.175-1.421-1.34-2.555-3.021-3.402-5.042l8.074-3.525c.519,1.202,1.202,2.193,2.049,2.971.847.779,1.797,1.408,2.848,1.885,1.051.479,2.172.814,3.361,1.005s2.398.287,3.628.287c1.885,0,3.572-.232,5.062-.696,1.489-.466,2.752-1.169,3.79-2.111,1.039-.943,1.838-2.132,2.399-3.566.559-1.434.839-3.107.839-5.02v-6.393c-.71,1.229-1.592,2.336-2.643,3.319-1.053.983-2.207,1.824-3.464,2.52s-2.582,1.237-3.976,1.62c-1.393.383-2.814.574-4.263.574-3.033,0-5.737-.56-8.114-1.681-2.377-1.119-4.379-2.636-6.005-4.55-1.625-1.912-2.862-4.139-3.709-6.68-.847-2.542-1.27-5.233-1.27-8.074,0-2.814.451-5.491,1.353-8.033.901-2.542,2.192-4.775,3.873-6.702,1.68-1.927,3.709-3.464,6.086-4.611,2.376-1.147,5.054-1.721,8.033-1.721,2.923,0,5.621.594,8.094,1.782,2.472,1.189,4.473,3.082,6.004,5.677v-6.557h10.246v39.674Zm-33.198-19.017c0,1.666.252,3.265.758,4.795s1.237,2.876,2.193,4.037c.957,1.162,2.137,2.084,3.545,2.767s3.013,1.025,4.816,1.025c2.021,0,3.784-.355,5.287-1.066,1.502-.711,2.746-1.673,3.729-2.89.985-1.215,1.722-2.643,2.213-4.283.492-1.64.738-3.374.738-5.206,0-1.802-.239-3.49-.716-5.062-.479-1.57-1.203-2.93-2.173-4.077s-2.179-2.056-3.626-2.726c-1.449-.67-3.157-1.005-5.123-1.005-2.049,0-3.812.363-5.287,1.086-1.476.724-2.684,1.709-3.628,2.951-.943,1.243-1.633,2.699-2.069,4.365-.438,1.666-.656,3.429-.656,5.287Z"/>
-        <path d="m277.096,9.555c0,.847-.151,1.633-.451,2.356-.3.724-.716,1.34-1.25,1.844-.532.507-1.167.902-1.905,1.189s-1.53.431-2.377.431c-.819,0-1.598-.144-2.336-.431s-1.388-.69-1.947-1.209c-.56-.519-.998-1.133-1.311-1.844-.315-.711-.471-1.489-.471-2.336s.156-1.626.471-2.336c.314-.711.744-1.325,1.291-1.845.546-.519,1.187-.922,1.925-1.209s1.53-.431,2.377-.431c.821,0,1.598.144,2.336.431s1.373.69,1.907,1.209c.532.52.955,1.134,1.27,1.845.314.71.471,1.489.471,2.336Zm-.778,12.705v42.871h-10.246V22.261h10.246Z"/>
-        <path d="m308.451,29.801c-1.585,0-2.999.24-4.243.718-1.243.479-2.288,1.162-3.135,2.049-.847.889-1.496,1.961-1.947,3.217-.451,1.258-.676,2.651-.676,4.181v25.165h-10.246V22.261h10.246v6.803c.683-1.338,1.537-2.492,2.562-3.462,1.025-.97,2.165-1.769,3.422-2.399,1.257-.627,2.59-1.091,3.997-1.393,1.406-.3,2.82-.451,4.241-.451,2.623,0,4.884.431,6.783,1.291s3.464,2.049,4.694,3.565c1.229,1.517,2.131,3.307,2.704,5.37s.861,4.311.861,6.742v26.805h-10.328v-25.822c0-3.005-.711-5.341-2.132-7.008-1.421-1.666-3.688-2.5-6.803-2.5Z"/>
-      </g>
-      <g>
-        <path d="m152.871,102.12c0,1.138-.168,2.221-.507,3.25-.337,1.028-.828,1.935-1.471,2.72s-1.436,1.41-2.379,1.874-2.021.696-3.234.696c-.579,0-1.155-.061-1.723-.183-.569-.121-1.107-.306-1.613-.553-.505-.247-.974-.561-1.407-.941s-.801-.822-1.107-1.328v2.72h-2.625v-24.446h2.625v10.689c.273-.464.632-.882,1.076-1.257.442-.374.93-.696,1.463-.964.531-.27,1.082-.477,1.652-.626.569-.146,1.122-.22,1.66-.22,1.244,0,2.34.227,3.289.679.95.454,1.743,1.068,2.38,1.843s1.117,1.685,1.44,2.728c.321,1.044.482,2.151.482,3.321Zm-13.536.126c0,.917.123,1.756.371,2.515.249.759.614,1.415,1.1,1.968.485.553,1.079.984,1.787,1.289.706.306,1.517.459,2.435.459.991,0,1.813-.178,2.467-.53.653-.354,1.178-.828,1.573-1.424.395-.595.674-1.283.838-2.063.163-.78.245-1.603.245-2.467,0-.801-.104-1.576-.308-2.325-.206-.748-.52-1.415-.941-1.999-.422-.586-.958-1.055-1.605-1.407-.648-.354-1.415-.53-2.3-.53-.981,0-1.827.174-2.538.521-.711.349-1.3.818-1.764,1.409-.464.59-.806,1.28-1.028,2.071s-.332,1.629-.332,2.514Z"/>
-        <path d="m169.949,93.834l-9.141,22.297h-2.656l3.131-7.464-6.388-14.833h2.814l4.965,11.86,4.586-11.86h2.689Z"/>
-        <path d="m194.11,108.034v2.34h-16.414v-1.139l13.189-19.228h-12.05v-2.246h15.465v1.139l-12.84,19.134h12.65Z"/>
-        <path d="m213.229,102.215c0,1.202-.206,2.319-.617,3.352-.411,1.034-.986,1.927-1.723,2.681-.739.753-1.611,1.344-2.618,1.77-1.007.428-2.106.641-3.296.641-1.256,0-2.388-.222-3.4-.665s-1.874-1.053-2.585-1.834-1.257-1.697-1.637-2.752c-.38-1.053-.57-2.192-.57-3.416,0-1.191.201-2.3.601-3.329.4-1.028.964-1.92,1.692-2.68.727-.759,1.594-1.354,2.601-1.787s2.116-.648,3.329-.648c1.254,0,2.391.22,3.408.663s1.881,1.055,2.593,1.835,1.26,1.697,1.644,2.751c.385,1.055.578,2.192.578,3.416Zm-13.726.031c0,.886.117,1.708.349,2.467s.579,1.418,1.043,1.977c.464.558,1.038.995,1.723,1.311.685.317,1.481.476,2.388.476.938,0,1.753-.175,2.443-.522.691-.349,1.263-.816,1.717-1.407.452-.591.79-1.275,1.012-2.056.22-.78.332-1.602.332-2.466,0-.844-.117-1.646-.349-2.404-.232-.759-.579-1.429-1.043-2.008s-1.038-1.038-1.723-1.376c-.685-.337-1.481-.505-2.388-.505-.971,0-1.802.174-2.498.521-.696.349-1.265.82-1.708,1.416-.443.595-.77,1.288-.981,2.078-.21.792-.316,1.624-.316,2.498Z"/>
-        <path d="m224.423,95.827c-.696,0-1.323.105-1.881.316s-1.034.512-1.423.902c-.391.39-.691.864-.902,1.423s-.316,1.186-.316,1.881v10.026h-2.625v-24.446h2.625v10.531c.253-.516.564-.956.933-1.32s.777-.663,1.226-.902c.447-.237.933-.411,1.454-.521.522-.111,1.057-.166,1.605-.166,1.033,0,1.937.171,2.712.513.775.343,1.423.818,1.945,1.424.522.605.915,1.326,1.178,2.157.263.833.395,1.745.395,2.735v9.994h-2.625v-10.184c0-1.423-.36-2.506-1.083-3.25-.722-.742-1.795-1.114-3.217-1.114Z"/>
-        <path d="m251.685,102.215c0,1.202-.206,2.319-.617,3.352-.411,1.034-.986,1.927-1.723,2.681-.739.753-1.611,1.344-2.618,1.77-1.007.428-2.106.641-3.296.641-1.256,0-2.388-.222-3.4-.665s-1.874-1.053-2.585-1.834-1.257-1.697-1.637-2.752c-.38-1.053-.57-2.192-.57-3.416,0-1.191.201-2.3.601-3.329.4-1.028.964-1.92,1.692-2.68.727-.759,1.594-1.354,2.601-1.787s2.116-.648,3.329-.648c1.254,0,2.391.22,3.408.663s1.881,1.055,2.593,1.835,1.26,1.697,1.644,2.751c.385,1.055.578,2.192.578,3.416Zm-13.726.031c0,.886.117,1.708.349,2.467s.579,1.418,1.043,1.977c.464.558,1.038.995,1.723,1.311.685.317,1.481.476,2.388.476.938,0,1.753-.175,2.443-.522.691-.349,1.263-.816,1.717-1.407.452-.591.79-1.275,1.012-2.056.22-.78.332-1.602.332-2.466,0-.844-.117-1.646-.349-2.404-.232-.759-.579-1.429-1.043-2.008s-1.038-1.038-1.723-1.376c-.685-.337-1.481-.505-2.388-.505-.971,0-1.802.174-2.498.521-.696.349-1.265.82-1.708,1.416-.443.595-.77,1.288-.981,2.078-.21.792-.316,1.624-.316,2.498Z"/>
-        <path d="m281.097,103.923c-.38.959-.884,1.85-1.511,2.672-.627.823-1.346,1.534-2.157,2.135-.812.601-1.703,1.073-2.673,1.415-.969.342-1.976.514-3.02.514-1.76,0-3.312-.295-4.656-.886-1.345-.59-2.472-1.407-3.385-2.45-.912-1.044-1.603-2.279-2.072-3.709-.469-1.428-.704-2.98-.704-4.657,0-1.033.114-2.037.341-3.013.227-.974.553-1.889.98-2.743.428-.854.95-1.637,1.565-2.348.617-.711,1.318-1.32,2.104-1.827.785-.505,1.652-.901,2.601-1.186.949-.284,1.961-.426,3.036-.426,1.012,0,2.003.148,2.973.442.971.295,1.866.718,2.689,1.266.822.548,1.55,1.209,2.182,1.984s1.127,1.642,1.486,2.602l-2.246.98c-.295-.768-.673-1.468-1.13-2.095-.459-.627-.989-1.162-1.59-1.604-.601-.443-1.265-.785-1.992-1.029-.728-.242-1.508-.363-2.341-.363-1.359,0-2.532.268-3.518.806s-1.797,1.254-2.435,2.151c-.638.895-1.107,1.919-1.407,3.067-.301,1.149-.451,2.335-.451,3.558,0,1.244.166,2.424.498,3.543.333,1.117.833,2.098,1.503,2.94.669.844,1.507,1.513,2.514,2.008,1.007.496,2.18.744,3.518.744.801,0,1.576-.143,2.325-.428.749-.284,1.44-.671,2.072-1.162.632-.49,1.191-1.064,1.675-1.723.485-.658.864-1.357,1.139-2.095l2.088.917Z"/>
-        <path d="m287.991,100.539v9.835h-2.751v-22.613h7.431c1.044,0,2.042.111,2.997.332.954.222,1.795.586,2.522,1.092.728.505,1.307,1.168,1.74,1.984.431.818.648,1.822.648,3.013,0,.885-.137,1.673-.411,2.364-.275.691-.66,1.289-1.155,1.795-.496.507-1.086.925-1.771,1.257-.685.333-1.44.583-2.261.752l6.926,10.026h-3.068l-6.736-9.835h-4.112Zm0-2.183h4.871c.727,0,1.393-.075,1.999-.228s1.131-.402,1.574-.744c.442-.342.785-.785,1.028-1.328s.363-1.21.363-2.001c0-.801-.126-1.466-.378-1.992-.254-.527-.601-.943-1.044-1.25-.443-.305-.967-.521-1.573-.648s-1.262-.189-1.968-.189h-4.871v8.38Z"/>
-        <path d="m308.231,91.335v19.039h-2.529v-22.613h3.826l7.242,17.932,7.148-17.932h3.795v22.613h-2.752v-19.039l-7.653,19.039h-1.17l-7.907-19.039Z"/>
-      </g>
-    </g>
-  </g>
-</svg>

packages/backend/src/apps/bigin-by-zoho-crm/auth/generate-auth-url.js

@@ -1,25 +0,0 @@
-import { URLSearchParams } from 'url';
-import authScope from '../common/auth-scope.js';
-
-export default async function generateAuthUrl($) {
-  const oauthRedirectUrlField = $.app.auth.fields.find(
-    (field) => field.key == 'oAuthRedirectUrl'
-  );
-  const redirectUri = oauthRedirectUrlField.value;
-  const searchParams = new URLSearchParams({
-    scope: authScope.join(','),
-    client_id: $.auth.data.clientId,
-    response_type: 'code',
-    access_type: 'offline',
-    redirect_uri: redirectUri,
-  });
-
-  const domain =
-    $.auth.data.region !== 'cn' ? 'account.zoho.com' : 'accounts.zoho.com.cn';
-
-  const url = `https://${domain}/oauth/v2/auth?${searchParams.toString()}`;
-
-  await $.auth.set({
-    url,
-  });
-}

packages/backend/src/apps/bigin-by-zoho-crm/auth/index.js

@@ -1,66 +0,0 @@
-import generateAuthUrl from './generate-auth-url.js';
-import verifyCredentials from './verify-credentials.js';
-import refreshToken from './refresh-token.js';
-import isStillVerified from './is-still-verified.js';
-
-export default {
-  fields: [
-    {
-      key: 'oAuthRedirectUrl',
-      label: 'OAuth Redirect URL',
-      type: 'string',
-      required: true,
-      readOnly: true,
-      value: '{WEB_APP_URL}/app/bigin-by-zoho-crm/connections/add',
-      placeholder: null,
-      description:
-        'When asked to input a redirect URL in Bigin By Zoho CRM, enter the URL above.',
-      clickToCopy: true,
-    },
-    {
-      key: 'region',
-      label: 'Region',
-      type: 'dropdown',
-      required: true,
-      readOnly: false,
-      value: null,
-      placeholder: null,
-      description: '',
-      options: [
-        { label: 'United States', value: 'us' },
-        { label: 'European Union', value: 'eu' },
-        { label: 'Australia', value: 'au' },
-        { label: 'India', value: 'in' },
-        { label: 'China', value: 'cn' },
-      ],
-      clickToCopy: false,
-    },
-    {
-      key: 'clientId',
-      label: 'Client ID',
-      type: 'string',
-      required: true,
-      readOnly: false,
-      value: null,
-      placeholder: null,
-      description: null,
-      clickToCopy: false,
-    },
-    {
-      key: 'clientSecret',
-      label: 'Client Secret',
-      type: 'string',
-      required: true,
-      readOnly: false,
-      value: null,
-      placeholder: null,
-      description: null,
-      clickToCopy: false,
-    },
-  ],
-
-  generateAuthUrl,
-  verifyCredentials,
-  isStillVerified,
-  refreshToken,
-};

packages/backend/src/apps/bigin-by-zoho-crm/auth/is-still-verified.js

@@ -1,8 +0,0 @@
-import getCurrentOrganization from '../common/get-current-organization.js';
-
-const isStillVerified = async ($) => {
-  const org = await getCurrentOrganization($);
-  return !!org.id;
-};
-
-export default isStillVerified;

packages/backend/src/apps/bigin-by-zoho-crm/auth/refresh-token.js

@@ -1,34 +0,0 @@
-import { URLSearchParams } from 'node:url';
-
-import authScope from '../common/auth-scope.js';
-import { regionUrlMap } from '../common/region-url-map.js';
-
-const refreshToken = async ($) => {
-  const location = $.auth.data.location;
-  const params = new URLSearchParams({
-    client_id: $.auth.data.clientId,
-    client_secret: $.auth.data.clientSecret,
-    refresh_token: $.auth.data.refreshToken,
-    grant_type: 'refresh_token',
-  });
-
-  const { data } = await $.http.post(
-    `${regionUrlMap[location]}/oauth/v2/token`,
-    params.toString(),
-    {
-      additionalProperties: {
-        skipAddingBaseUrl: true,
-      },
-    }
-  );
-
-  await $.auth.set({
-    accessToken: data.access_token,
-    apiDomain: data.api_domain,
-    scope: authScope.join(','),
-    tokenType: data.token_type,
-    expiresIn: data.expires_in,
-  });
-};
-
-export default refreshToken;

packages/backend/src/apps/bigin-by-zoho-crm/auth/verify-credentials.js

@@ -1,46 +0,0 @@
-import { URLSearchParams } from 'node:url';
-import { regionUrlMap } from '../common/region-url-map.js';
-import getCurrentOrganization from '../common/get-current-organization.js';
-
-const verifyCredentials = async ($) => {
-  const oauthRedirectUrlField = $.app.auth.fields.find(
-    (field) => field.key == 'oAuthRedirectUrl'
-  );
-  const redirectUri = oauthRedirectUrlField.value;
-  const location = $.auth.data.location;
-  const params = new URLSearchParams({
-    client_id: $.auth.data.clientId,
-    client_secret: $.auth.data.clientSecret,
-    code: $.auth.data.code,
-    redirect_uri: redirectUri,
-    grant_type: 'authorization_code',
-  });
-
-  const { data } = await $.http.post(
-    `${regionUrlMap[location]}/oauth/v2/token`,
-    params.toString()
-  );
-
-  await $.auth.set({
-    accessToken: data.access_token,
-    tokenType: data.token_type,
-    apiDomain: data.api_domain,
-  });
-
-  const organization = await getCurrentOrganization($);
-
-  const screenName = [organization.company_name, organization.primary_email]
-    .filter(Boolean)
-    .join(' @ ');
-
-  await $.auth.set({
-    clientId: $.auth.data.clientId,
-    clientSecret: $.auth.data.clientSecret,
-    scope: $.auth.data.scope,
-    expiresIn: data.expires_in,
-    refreshToken: data.refresh_token,
-    screenName,
-  });
-};
-
-export default verifyCredentials;

packages/backend/src/apps/bigin-by-zoho-crm/common/add-auth-header.js

@@ -1,9 +0,0 @@
-const addAuthHeader = ($, requestConfig) => {
-  if ($.auth.data?.accessToken) {
-    requestConfig.headers.Authorization = `Zoho-oauthtoken ${$.auth.data.accessToken}`;
-  }
-
-  return requestConfig;
-};
-
-export default addAuthHeader;

packages/backend/src/apps/bigin-by-zoho-crm/common/auth-scope.js

@@ -1,10 +0,0 @@
-const authScope = [
-  'ZohoBigin.notifications.ALL',
-  'ZohoBigin.users.ALL',
-  'ZohoBigin.modules.ALL',
-  'ZohoBigin.org.READ',
-  'ZohoBigin.settings.ALL',
-  'ZohoBigin.modules.ALL',
-];
-
-export default authScope;

packages/backend/src/apps/bigin-by-zoho-crm/common/get-current-organization.js

@@ -1,6 +0,0 @@
-const getCurrentOrganization = async ($) => {
-  const response = await $.http.get('/bigin/v2/org');
-  return response.data.org[0];
-};
-
-export default getCurrentOrganization;

packages/backend/src/apps/bigin-by-zoho-crm/common/region-url-map.js

@@ -1,8 +0,0 @@
-export const regionUrlMap = {
-  us: 'https://accounts.zoho.com',
-  au: 'https://accounts.zoho.com.au',
-  eu: 'https://accounts.zoho.eu',
-  in: 'https://accounts.zoho.in',
-  cn: 'https://accounts.zoho.com.cn',
-  jp: 'https://accounts.zoho.jp',
-};

packages/backend/src/apps/bigin-by-zoho-crm/common/set-base-url.js

@@ -1,14 +0,0 @@
-const setBaseUrl = ($, requestConfig) => {
-  if (requestConfig.additionalProperties?.skipAddingBaseUrl)
-    return requestConfig;
-
-  const apiDomain = $.auth.data.apiDomain;
-
-  if (apiDomain) {
-    requestConfig.baseURL = apiDomain;
-  }
-
-  return requestConfig;
-};
-
-export default setBaseUrl;

packages/backend/src/apps/bigin-by-zoho-crm/dynamic-data/index.js

@@ -1,3 +0,0 @@
-import listOrganizations from './list-organizations/index.js';
-
-export default [listOrganizations];

packages/backend/src/apps/bigin-by-zoho-crm/dynamic-data/list-organizations/index.js

@@ -1,23 +0,0 @@
-export default {
-  name: 'List organizations',
-  key: 'listOrganizations',
-
-  async run($) {
-    const organizations = {
-      data: [],
-    };
-
-    const { data } = await $.http.get('/bigin/v2/org');
-
-    if (data.org) {
-      for (const org of data.org) {
-        organizations.data.push({
-          value: org.id,
-          name: org.company_name,
-        });
-      }
-    }
-
-    return organizations;
-  },
-};

packages/backend/src/apps/bigin-by-zoho-crm/index.js

@@ -1,21 +0,0 @@
-import defineApp from '../../helpers/define-app.js';
-import addAuthHeader from './common/add-auth-header.js';
-import auth from './auth/index.js';
-import setBaseUrl from './common/set-base-url.js';
-import triggers from './triggers/index.js';
-import dynamicData from './dynamic-data/index.js';
-
-export default defineApp({
-  name: 'Bigin By Zoho CRM',
-  key: 'bigin-by-zoho-crm',
-  baseUrl: 'https://www.bigin.com',
-  apiBaseUrl: '',
-  iconUrl: '{BASE_URL}/apps/bigin-by-zoho-crm/assets/favicon.svg',
-  authDocUrl: 'https://automatisch.io/docs/apps/bigin-by-zoho-crm/connection',
-  primaryColor: '039649',
-  supportsConnections: true,
-  beforeRequest: [setBaseUrl, addAuthHeader],
-  auth,
-  triggers,
-  dynamicData,
-});

packages/backend/src/apps/bigin-by-zoho-crm/triggers/index.js

@@ -1,7 +0,0 @@
-import newCalls from './new-calls/index.js';
-import newCompanies from './new-companies/index.js';
-import newContacts from './new-contacts/index.js';
-import newProducts from './new-products/index.js';
-import newTasks from './new-tasks/index.js';
-
-export default [newCalls, newCompanies, newContacts, newProducts, newTasks];

packages/backend/src/apps/bigin-by-zoho-crm/triggers/new-calls/index.js

@@ -1,89 +0,0 @@
-import Crypto from 'crypto';
-import defineTrigger from '../../../../helpers/define-trigger.js';
-
-export default defineTrigger({
-  name: 'New calls',
-  key: 'newCalls',
-  type: 'webhook',
-  description: 'Triggers when a new call is added.',
-  arguments: [
-    {
-      label: 'Organization',
-      key: 'organizationId',
-      type: 'dropdown',
-      required: true,
-      description: '',
-      variables: false,
-      source: {
-        type: 'query',
-        name: 'getDynamicData',
-        arguments: [
-          {
-            name: 'key',
-            value: 'listOrganizations',
-          },
-        ],
-      },
-    },
-  ],
-
-  async run($) {
-    const dataItem = {
-      raw: $.request.body,
-      meta: {
-        internalId: Crypto.randomUUID(),
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async testRun($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const sampleEventData = {
-      ids: ['111111111111111111'],
-      token: null,
-      module: 'Calls',
-      operation: 'insert',
-      channel_id: organizationId,
-      server_time: 1708426963120,
-      query_params: {},
-      resource_uri: `${$.auth.data.apiDomain}/bigin/v1/Calls`,
-      affected_fields: [],
-    };
-
-    const dataItem = {
-      raw: sampleEventData,
-      meta: {
-        internalId: sampleEventData.channel_id,
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async registerHook($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const payload = {
-      watch: [
-        {
-          channel_id: organizationId,
-          notify_url: $.webhookUrl,
-          events: ['Calls.create'],
-        },
-      ],
-    };
-
-    await $.http.post('/bigin/v2/actions/watch', payload);
-
-    await $.flow.setRemoteWebhookId(organizationId);
-  },
-
-  async unregisterHook($) {
-    await $.http.delete(
-      `/bigin/v2/actions/watch?channel_ids=${$.flow.remoteWebhookId}`
-    );
-  },
-});

packages/backend/src/apps/bigin-by-zoho-crm/triggers/new-companies/index.js

@@ -1,89 +0,0 @@
-import Crypto from 'crypto';
-import defineTrigger from '../../../../helpers/define-trigger.js';
-
-export default defineTrigger({
-  name: 'New companies',
-  key: 'newCompanies',
-  type: 'webhook',
-  description: 'Triggers when a new company is created.',
-  arguments: [
-    {
-      label: 'Organization',
-      key: 'organizationId',
-      type: 'dropdown',
-      required: true,
-      description: '',
-      variables: false,
-      source: {
-        type: 'query',
-        name: 'getDynamicData',
-        arguments: [
-          {
-            name: 'key',
-            value: 'listOrganizations',
-          },
-        ],
-      },
-    },
-  ],
-
-  async run($) {
-    const dataItem = {
-      raw: $.request.body,
-      meta: {
-        internalId: Crypto.randomUUID(),
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async testRun($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const sampleEventData = {
-      ids: ['111111111111111111'],
-      token: null,
-      module: 'Accounts',
-      operation: 'insert',
-      channel_id: organizationId,
-      server_time: 1708426963120,
-      query_params: {},
-      resource_uri: `${$.auth.data.apiDomain}/bigin/v1/Accounts`,
-      affected_fields: [],
-    };
-
-    const dataItem = {
-      raw: sampleEventData,
-      meta: {
-        internalId: sampleEventData.channel_id,
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async registerHook($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const payload = {
-      watch: [
-        {
-          channel_id: organizationId,
-          notify_url: $.webhookUrl,
-          events: ['Accounts.create'],
-        },
-      ],
-    };
-
-    await $.http.post('/bigin/v2/actions/watch', payload);
-
-    await $.flow.setRemoteWebhookId(organizationId);
-  },
-
-  async unregisterHook($) {
-    await $.http.delete(
-      `/bigin/v2/actions/watch?channel_ids=${$.flow.remoteWebhookId}`
-    );
-  },
-});

packages/backend/src/apps/bigin-by-zoho-crm/triggers/new-contacts/index.js

@@ -1,89 +0,0 @@
-import Crypto from 'crypto';
-import defineTrigger from '../../../../helpers/define-trigger.js';
-
-export default defineTrigger({
-  name: 'New contacts',
-  key: 'newContacts',
-  type: 'webhook',
-  description: 'Triggers when a new contact is created.',
-  arguments: [
-    {
-      label: 'Organization',
-      key: 'organizationId',
-      type: 'dropdown',
-      required: true,
-      description: '',
-      variables: false,
-      source: {
-        type: 'query',
-        name: 'getDynamicData',
-        arguments: [
-          {
-            name: 'key',
-            value: 'listOrganizations',
-          },
-        ],
-      },
-    },
-  ],
-
-  async run($) {
-    const dataItem = {
-      raw: $.request.body,
-      meta: {
-        internalId: Crypto.randomUUID(),
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async testRun($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const sampleEventData = {
-      ids: ['111111111111111111'],
-      token: null,
-      module: 'Contacts',
-      operation: 'insert',
-      channel_id: organizationId,
-      server_time: 1708426963120,
-      query_params: {},
-      resource_uri: `${$.auth.data.apiDomain}/bigin/v1/Contacts`,
-      affected_fields: [],
-    };
-
-    const dataItem = {
-      raw: sampleEventData,
-      meta: {
-        internalId: sampleEventData.channel_id,
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async registerHook($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const payload = {
-      watch: [
-        {
-          channel_id: organizationId,
-          notify_url: $.webhookUrl,
-          events: ['Contacts.create'],
-        },
-      ],
-    };
-
-    await $.http.post('/bigin/v2/actions/watch', payload);
-
-    await $.flow.setRemoteWebhookId(organizationId);
-  },
-
-  async unregisterHook($) {
-    await $.http.delete(
-      `/bigin/v2/actions/watch?channel_ids=${$.flow.remoteWebhookId}`
-    );
-  },
-});

packages/backend/src/apps/bigin-by-zoho-crm/triggers/new-products/index.js

@@ -1,89 +0,0 @@
-import Crypto from 'crypto';
-import defineTrigger from '../../../../helpers/define-trigger.js';
-
-export default defineTrigger({
-  name: 'New products',
-  key: 'newProducts',
-  type: 'webhook',
-  description: 'Triggers when a new product is created.',
-  arguments: [
-    {
-      label: 'Organization',
-      key: 'organizationId',
-      type: 'dropdown',
-      required: true,
-      description: '',
-      variables: false,
-      source: {
-        type: 'query',
-        name: 'getDynamicData',
-        arguments: [
-          {
-            name: 'key',
-            value: 'listOrganizations',
-          },
-        ],
-      },
-    },
-  ],
-
-  async run($) {
-    const dataItem = {
-      raw: $.request.body,
-      meta: {
-        internalId: Crypto.randomUUID(),
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async testRun($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const sampleEventData = {
-      ids: ['111111111111111111'],
-      token: null,
-      module: 'Products',
-      operation: 'insert',
-      channel_id: organizationId,
-      server_time: 1708426963120,
-      query_params: {},
-      resource_uri: `${$.auth.data.apiDomain}/bigin/v1/Products`,
-      affected_fields: [],
-    };
-
-    const dataItem = {
-      raw: sampleEventData,
-      meta: {
-        internalId: sampleEventData.channel_id,
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async registerHook($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const payload = {
-      watch: [
-        {
-          channel_id: organizationId,
-          notify_url: $.webhookUrl,
-          events: ['Products.create'],
-        },
-      ],
-    };
-
-    await $.http.post('/bigin/v2/actions/watch', payload);
-
-    await $.flow.setRemoteWebhookId(organizationId);
-  },
-
-  async unregisterHook($) {
-    await $.http.delete(
-      `/bigin/v2/actions/watch?channel_ids=${$.flow.remoteWebhookId}`
-    );
-  },
-});

packages/backend/src/apps/bigin-by-zoho-crm/triggers/new-tasks/index.js

@@ -1,89 +0,0 @@
-import Crypto from 'crypto';
-import defineTrigger from '../../../../helpers/define-trigger.js';
-
-export default defineTrigger({
-  name: 'New tasks',
-  key: 'newTasks',
-  type: 'webhook',
-  description: 'Triggers when a new task is created.',
-  arguments: [
-    {
-      label: 'Organization',
-      key: 'organizationId',
-      type: 'dropdown',
-      required: true,
-      description: '',
-      variables: false,
-      source: {
-        type: 'query',
-        name: 'getDynamicData',
-        arguments: [
-          {
-            name: 'key',
-            value: 'listOrganizations',
-          },
-        ],
-      },
-    },
-  ],
-
-  async run($) {
-    const dataItem = {
-      raw: $.request.body,
-      meta: {
-        internalId: Crypto.randomUUID(),
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async testRun($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const sampleEventData = {
-      ids: ['111111111111111111'],
-      token: null,
-      module: 'Tasks',
-      operation: 'insert',
-      channel_id: organizationId,
-      server_time: 1708426963120,
-      query_params: {},
-      resource_uri: `${$.auth.data.apiDomain}/bigin/v1/Tasks`,
-      affected_fields: [],
-    };
-
-    const dataItem = {
-      raw: sampleEventData,
-      meta: {
-        internalId: sampleEventData.channel_id,
-      },
-    };
-
-    $.pushTriggerItem(dataItem);
-  },
-
-  async registerHook($) {
-    const organizationId = $.step.parameters.organizationId;
-
-    const payload = {
-      watch: [
-        {
-          channel_id: organizationId,
-          notify_url: $.webhookUrl,
-          events: ['Tasks.create'],
-        },
-      ],
-    };
-
-    await $.http.post('/bigin/v2/actions/watch', payload);
-
-    await $.flow.setRemoteWebhookId(organizationId);
-  },
-
-  async unregisterHook($) {
-    await $.http.delete(
-      `/bigin/v2/actions/watch?channel_ids=${$.flow.remoteWebhookId}`
-    );
-  },
-});

packages/backend/src/apps/datastore/actions/get-value/index.js

@@ -0,0 +1,27 @@
+import defineAction from '../../../../helpers/define-action.js';
+
+export default defineAction({
+  name: 'Get value',
+  key: 'getValue',
+  description: 'Get value from the persistent datastore.',
+  arguments: [
+    {
+      label: 'Key',
+      key: 'key',
+      type: 'string',
+      required: true,
+      description: 'The key of your value to get.',
+      variables: true,
+    },
+  ],
+
+  async run($) {
+    const keyValuePair = await $.datastore.get({
+      key: $.step.parameters.key,
+    });
+
+    $.setActionItem({
+      raw: keyValuePair,
+    });
+  },
+});

packages/backend/src/apps/datastore/actions/index.js

@@ -0,0 +1,4 @@
+import getValue from './get-value/index.js';
+import setValue from './set-value/index.js';
+
+export default [getValue, setValue];

packages/backend/src/apps/datastore/actions/set-value/index.js

@@ -0,0 +1,36 @@
+import defineAction from '../../../../helpers/define-action.js';
+
+export default defineAction({
+  name: 'Set value',
+  key: 'setValue',
+  description: 'Set value to the persistent datastore.',
+  arguments: [
+    {
+      label: 'Key',
+      key: 'key',
+      type: 'string',
+      required: true,
+      description: 'The key of your value to set.',
+      variables: true,
+    },
+    {
+      label: 'Value',
+      key: 'value',
+      type: 'string',
+      required: true,
+      description: 'The value to set.',
+      variables: true,
+    },
+  ],
+
+  async run($) {
+    const keyValuePair = await $.datastore.set({
+      key: $.step.parameters.key,
+      value: $.step.parameters.value,
+    });
+
+    $.setActionItem({
+      raw: keyValuePair,
+    });
+  },
+});

packages/backend/src/apps/datastore/assets/favicon.svg

@@ -0,0 +1,13 @@
+<?xml version="1.0"?>
+<svg xmlns="http://www.w3.org/2000/svg" fill="#000000" width="800px" height="800px" viewBox="0 0 32 32" id="icon">
+  <defs>
+    <style>.cls-1{fill:none;}</style>
+  </defs>
+  <title>datastore</title>
+  <circle cx="23" cy="23" r="1"/>
+  <rect x="8" y="22" width="12" height="2"/>
+  <circle cx="23" cy="9" r="1"/>
+  <rect x="8" y="8" width="12" height="2"/>
+  <path d="M26,14a2,2,0,0,0,2-2V6a2,2,0,0,0-2-2H6A2,2,0,0,0,4,6v6a2,2,0,0,0,2,2H8v4H6a2,2,0,0,0-2,2v6a2,2,0,0,0,2,2H26a2,2,0,0,0,2-2V20a2,2,0,0,0-2-2H24V14ZM6,6H26v6H6ZM26,26H6V20H26Zm-4-8H10V14H22Z"/>
+  <rect id="_Transparent_Rectangle_" data-name="&lt;Transparent Rectangle&gt;" class="cls-1" width="32" height="32"/>
+</svg>

packages/backend/src/apps/datastore/index.js

@@ -0,0 +1,14 @@
+import defineApp from '../../helpers/define-app.js';
+import actions from './actions/index.js';
+
+export default defineApp({
+  name: 'Datastore',
+  key: 'datastore',
+  iconUrl: '{BASE_URL}/apps/datastore/assets/favicon.svg',
+  authDocUrl: 'https://automatisch.io/docs/apps/datastore/connection',
+  supportsConnections: false,
+  baseUrl: '',
+  apiBaseUrl: '',
+  primaryColor: '001F52',
+  actions,
+});

packages/backend/src/apps/helix/actions/new-chat/index.js

@@ -1,4 +1,3 @@
-import FormData from 'form-data';
 import defineAction from '../../../../helpers/define-action.js';
 
 export default defineAction({
@@ -6,45 +5,51 @@ export default defineAction({
   key: 'newChat',
   description: 'Create a new chat session for Helix AI.',
   arguments: [
+    {
+      label: 'Session ID',
+      key: 'sessionId',
+      type: 'string',
+      required: false,
+      description:
+        'ID of the chat session to continue. Leave empty to start a new chat.',
+      variables: true,
+    },
+    {
+      label: 'System Prompt',
+      key: 'systemPrompt',
+      type: 'string',
+      required: false,
+      description:
+        'Optional system prompt to start the chat with. It will be used only for new chat sessions.',
+      variables: true,
+    },
     {
       label: 'Input',
       key: 'input',
       type: 'string',
       required: true,
-      description: 'Prompt to start the chat with.',
+      description: 'User input to start the chat with.',
       variables: true,
     },
   ],
 
   async run($) {
-    const formData = new FormData();
-    formData.append('input', $.step.parameters.input);
-    formData.append('mode', 'inference');
-    formData.append('type', 'text');
-
-    const sessionResponse = await $.http.post('/api/v1/sessions', formData, {
-      headers: {
-        ...formData.getHeaders(),
-      },
+    const response = await $.http.post('/api/v1/sessions/chat', {
+      session_id: $.step.parameters.sessionId,
+      system: $.step.parameters.systemPrompt,
+      messages: [
+        {
+          role: 'user',
+          content: {
+            content_type: 'text',
+            parts: [$.step.parameters.input],
+          },
+        },
+      ],
     });
 
-    const sessionId = sessionResponse.data.id;
-
-    let chatGenerated = false;
-
-    while (!chatGenerated) {
-      const response = await $.http.get(`/api/v1/sessions/${sessionId}`);
-
-      const message =
-        response.data.interactions[response.data.interactions.length - 1];
-
-      if (message.creator === 'system' && message.state === 'complete') {
-        $.setActionItem({
-          raw: message,
-        });
-
-        chatGenerated = true;
-      }
-    }
+    $.setActionItem({
+      raw: response.data,
+    });
   },
 });

packages/backend/src/config/app.js

@@ -94,6 +94,8 @@ const appConfig = {
   disableFavicon: process.env.DISABLE_FAVICON === 'true',
   additionalDrawerLink: process.env.ADDITIONAL_DRAWER_LINK,
   additionalDrawerLinkText: process.env.ADDITIONAL_DRAWER_LINK_TEXT,
+  seedUserEmail: process.env.SEED_USER_EMAIL || 'user@automatisch.io',
+  seedUserPassword: process.env.SEED_USER_PASSWORD || 'sample',
 };
 
 if (!appConfig.encryptionKey) {

packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js

@@ -0,0 +1,10 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClient = await AppAuthClient.query()
+    .findById(request.params.appAuthClientId)
+    .throwIfNotFound();
+
+  renderObject(response, appAuthClient);
+};

packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js

@@ -0,0 +1,52 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import getAdminAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
+import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/app-auth-clients/:appAuthClientId', () => {
+  let currentUser, currentUserRole, currentAppAuthClient, token;
+
+  describe('with valid license key', () => {
+    beforeEach(async () => {
+      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+      currentUserRole = await createRole({ key: 'admin' });
+      currentUser = await createUser({ roleId: currentUserRole.id });
+      currentAppAuthClient = await createAppAuthClient();
+
+      token = createAuthTokenByUserId(currentUser.id);
+    });
+
+    it('should return specified app auth client info', async () => {
+      const response = await request(app)
+        .get(`/api/v1/admin/app-auth-clients/${currentAppAuthClient.id}`)
+        .set('Authorization', token)
+        .expect(200);
+
+      const expectedPayload = getAdminAppAuthClientMock(currentAppAuthClient);
+      expect(response.body).toEqual(expectedPayload);
+    });
+
+    it('should return not found response for not existing app auth client UUID', async () => {
+      const notExistingAppAuthClientUUID = Crypto.randomUUID();
+
+      await request(app)
+        .get(`/api/v1/admin/app-auth-clients/${notExistingAppAuthClientUUID}`)
+        .set('Authorization', token)
+        .expect(404);
+    });
+
+    it('should return bad request response for invalid UUID', async () => {
+      await request(app)
+        .get('/api/v1/admin/app-auth-clients/invalidAppAuthClientUUID')
+        .set('Authorization', token)
+        .expect(400);
+    });
+  });
+});

packages/backend/src/controllers/api/v1/admin/permissions/get-permissions-catalog.ee.js

@@ -0,0 +1,6 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import permissionCatalog from '../../../../../helpers/permission-catalog.ee.js';
+
+export default async (request, response) => {
+  renderObject(response, permissionCatalog);
+};

packages/backend/src/controllers/api/v1/admin/permissions/get-permissions-catalog.ee.test.js

@@ -0,0 +1,32 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import getPermissionsCatalogMock from '../../../../../../test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/permissions/catalog', () => {
+  let role, currentUser, token;
+
+  beforeEach(async () => {
+    role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return roles', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/permissions/catalog')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getPermissionsCatalogMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.js

@@ -0,0 +1,16 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const role = await Role.query()
+    .leftJoinRelated({
+      permissions: true,
+    })
+    .withGraphFetched({
+      permissions: true,
+    })
+    .findById(request.params.roleId)
+    .throwIfNotFound();
+
+  renderObject(response, role);
+};

packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.test.js

@@ -0,0 +1,59 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createPermission } from '../../../../../../test/factories/permission.js';
+import getRoleMock from '../../../../../../test/mocks/rest/api/v1/admin/roles/get-role.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/roles/:roleId', () => {
+  let role, currentUser, token, permissionOne, permissionTwo;
+
+  beforeEach(async () => {
+    role = await createRole({ key: 'admin' });
+    permissionOne = await createPermission({ roleId: role.id });
+    permissionTwo = await createPermission({ roleId: role.id });
+    currentUser = await createUser({ roleId: role.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return role', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(`/api/v1/admin/roles/${role.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getRoleMock(role, [
+      permissionOne,
+      permissionTwo,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing role UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingRoleUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/admin/roles/${notExistingRoleUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/roles/invalidRoleUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.js

@@ -0,0 +1,8 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const roles = await Role.query().orderBy('name');
+
+  renderObject(response, roles);
+};

packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.test.js

@@ -0,0 +1,33 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import getRolesMock from '../../../../../../test/mocks/rest/api/v1/admin/roles/get-roles.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/roles', () => {
+  let roleOne, roleTwo, currentUser, token;
+
+  beforeEach(async () => {
+    roleOne = await createRole({ key: 'admin' });
+    roleTwo = await createRole({ key: 'user' });
+    currentUser = await createUser({ roleId: roleOne.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return roles', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/roles')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getRolesMock([roleOne, roleTwo]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js

@@ -0,0 +1,10 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import SamlAuthProvider from '../../../../../models/saml-auth-provider.ee.js';
+
+export default async (request, response) => {
+  const samlAuthProvider = await SamlAuthProvider.query()
+    .findById(request.params.samlAuthProviderId)
+    .throwIfNotFound();
+
+  renderObject(response, samlAuthProvider);
+};

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.test.js

@@ -0,0 +1,57 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
+import getSamlAuthProviderMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/saml-auth-provider/:samlAuthProviderId', () => {
+  let samlAuthProvider, currentUser, token;
+
+  beforeEach(async () => {
+    const role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+    samlAuthProvider = await createSamlAuthProvider();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return saml auth provider with specified id', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(`/api/v1/admin/saml-auth-providers/${samlAuthProvider.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getSamlAuthProviderMock(samlAuthProvider);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing saml auth provider UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingSamlAuthProviderUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(
+        `/api/v1/admin/saml-auth-providers/${notExistingSamlAuthProviderUUID}`
+      )
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/saml-auth-providers/invalidSamlAuthProviderUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js

@@ -0,0 +1,11 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import SamlAuthProvider from '../../../../../models/saml-auth-provider.ee.js';
+
+export default async (request, response) => {
+  const samlAuthProviders = await SamlAuthProvider.query().orderBy(
+    'created_at',
+    'desc'
+  );
+
+  renderObject(response, samlAuthProviders);
+};

packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.test.js

@@ -0,0 +1,39 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
+import getSamlAuthProvidersMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/saml-auth-providers', () => {
+  let samlAuthProviderOne, samlAuthProviderTwo, currentUser, token;
+
+  beforeEach(async () => {
+    const role = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: role.id });
+
+    samlAuthProviderOne = await createSamlAuthProvider();
+    samlAuthProviderTwo = await createSamlAuthProvider();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return saml auth providers', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/admin/saml-auth-providers')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getSamlAuthProvidersMock([
+      samlAuthProviderTwo,
+      samlAuthProviderOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/admin/users/get-user.ee.js

@@ -1,11 +1,8 @@
-import { renderObject } from '../../../../helpers/renderer.js';
-import User from '../../../../models/user.js';
+import { renderObject } from '../../../../../helpers/renderer.js';
+import User from '../../../../../models/user.js';
 
 export default async (request, response) => {
   const user = await User.query()
-    .leftJoinRelated({
-      role: true,
-    })
     .withGraphFetched({
       role: true,
     })

packages/backend/src/controllers/api/v1/admin/users/get-user.ee.test.js

@@ -0,0 +1,55 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../../test/factories/user';
+import { createRole } from '../../../../../../test/factories/role';
+import getUserMock from '../../../../../../test/mocks/rest/api/v1/admin/users/get-user.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/users/:userId', () => {
+  let currentUser, currentUserRole, anotherUser, anotherUserRole, token;
+
+  beforeEach(async () => {
+    currentUserRole = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: currentUserRole.id });
+
+    anotherUser = await createUser();
+    anotherUserRole = await anotherUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified user info', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get(`/api/v1/admin/users/${anotherUser.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getUserMock(anotherUser, anotherUserRole);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing user UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const notExistingUserUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/admin/users/${notExistingUserUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    await request(app)
+      .get('/api/v1/admin/users/invalidUserUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/users/get-users.ee.js

@@ -1,12 +1,9 @@
-import { renderObject } from '../../../../helpers/renderer.js';
-import User from '../../../../models/user.js';
-import paginateRest from '../../../../helpers/pagination-rest.js';
+import { renderObject } from '../../../../../helpers/renderer.js';
+import User from '../../../../../models/user.js';
+import paginateRest from '../../../../../helpers/pagination-rest.js';
 
 export default async (request, response) => {
   const usersQuery = User.query()
-    .leftJoinRelated({
-      role: true,
-    })
     .withGraphFetched({
       role: true,
     })

packages/backend/src/controllers/api/v1/admin/users/get-users.ee.test.js

@@ -1,26 +1,17 @@
-import { describe, it, expect, beforeEach } from 'vitest';
+import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
-import app from '../../../../app';
-import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
-import { createRole } from '../../../../../test/factories/role';
-import { createPermission } from '../../../../../test/factories/permission';
-import { createUser } from '../../../../../test/factories/user';
-import getUsersMock from '../../../../../test/mocks/rest/api/v1/users/get-users';
+import app from '../../../../../app';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id';
+import { createRole } from '../../../../../../test/factories/role';
+import { createUser } from '../../../../../../test/factories/user';
+import getUsersMock from '../../../../../../test/mocks/rest/api/v1/admin/users/get-users.js';
+import * as license from '../../../../../helpers/license.ee.js';
 
-describe('GET /api/v1/users', () => {
+describe('GET /api/v1/admin/users', () => {
   let currentUser, currentUserRole, anotherUser, anotherUserRole, token;
 
   beforeEach(async () => {
-    currentUserRole = await createRole({
-      key: 'currentUser',
-      name: 'Current user role',
-    });
-
-    await createPermission({
-      action: 'read',
-      subject: 'User',
-      roleId: currentUserRole.id,
-    });
+    currentUserRole = await createRole({ key: 'admin' });
 
     currentUser = await createUser({
       roleId: currentUserRole.id,
@@ -41,8 +32,10 @@ describe('GET /api/v1/users', () => {
   });
 
   it('should return users data', async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
     const response = await request(app)
-      .get('/api/v1/users')
+      .get('/api/v1/admin/users')
       .set('Authorization', token)
       .expect(200);
 

packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.js

@@ -0,0 +1,11 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClient = await AppAuthClient.query()
+    .findById(request.params.appAuthClientId)
+    .where({ active: true })
+    .throwIfNotFound();
+
+  renderObject(response, appAuthClient);
+};

packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js

@@ -0,0 +1,48 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getAppAuthClientMock from '../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
+import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/app-auth-clients/:id', () => {
+  let currentUser, currentAppAuthClient, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    currentUser = await createUser();
+    currentAppAuthClient = await createAppAuthClient();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client info', async () => {
+    const response = await request(app)
+      .get(`/api/v1/app-auth-clients/${currentAppAuthClient.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing app auth client ID', async () => {
+    const notExistingAppAuthClientUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/app-auth-clients/${notExistingAppAuthClientUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await request(app)
+      .get('/api/v1/app-auth-clients/invalidAppAuthClientUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-action-substeps.js

@@ -0,0 +1,11 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const substeps = await App.findActionSubsteps(
+    request.params.appKey,
+    request.params.actionKey
+  );
+
+  renderObject(response, substeps);
+};

packages/backend/src/controllers/api/v1/apps/get-action-substeps.test.js

@@ -0,0 +1,52 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getActionSubstepsMock from '../../../../../test/mocks/rest/api/v1/apps/get-action-substeps.js';
+
+describe('GET /api/v1/apps/:appKey/actions/:actionKey/substeps', () => {
+  let currentUser, exampleApp, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+    exampleApp = await App.findOneByKey('github');
+  });
+
+  it('should return the app auth info', async () => {
+    const actions = await App.findActionsByKey('github');
+    const exampleAction = actions.find(
+      (action) => action.key === 'createIssue'
+    );
+
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/actions/${exampleAction.key}/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getActionSubstepsMock(exampleAction.substeps);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/actions/invalid-actions-key/substeps')
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return empty array for invalid action key', async () => {
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/actions/invalid-action-key/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data).toEqual([]);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-actions.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const actions = await App.findActionsByKey(request.params.appKey);
+
+  renderObject(response, actions, { serializer: 'Action' });
+};

packages/backend/src/controllers/api/v1/apps/get-actions.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getActionsMock from '../../../../../test/mocks/rest/api/v1/apps/get-actions.js';
+
+describe('GET /api/v1/apps/:appKey/actions', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app actions', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}/actions`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getActionsMock(exampleApp.actions);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/actions')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-app.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const app = await App.findOneByKey(request.params.appKey);
+
+  renderObject(response, app, { serializer: 'App' });
+};

packages/backend/src/controllers/api/v1/apps/get-app.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getAppMock from '../../../../../test/mocks/rest/api/v1/apps/get-app.js';
+
+describe('GET /api/v1/apps/:appKey', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app info', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppMock(exampleApp);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-apps.js

@@ -0,0 +1,16 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  let apps = await App.findAll(request.query.name);
+
+  if (request.query.onlyWithTriggers) {
+    apps = apps.filter((app) => app.triggers?.length);
+  }
+
+  if (request.query.onlyWithActions) {
+    apps = apps.filter((app) => app.actions?.length);
+  }
+
+  renderObject(response, apps, { serializer: 'App' });
+};

packages/backend/src/controllers/api/v1/apps/get-apps.test.js

@@ -0,0 +1,63 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getAppsMock from '../../../../../test/mocks/rest/api/v1/apps/get-apps.js';
+
+describe('GET /api/v1/apps', () => {
+  let currentUser, apps, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+    apps = await App.findAll();
+  });
+
+  it('should return all apps', async () => {
+    const response = await request(app)
+      .get('/api/v1/apps')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(apps);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return all apps filtered by name', async () => {
+    const appsWithNameGit = apps.filter((app) => app.name.includes('Git'));
+
+    const response = await request(app)
+      .get('/api/v1/apps?name=Git')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(appsWithNameGit);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return only the apps with triggers', async () => {
+    const appsWithTriggers = apps.filter((app) => app.triggers?.length > 0);
+
+    const response = await request(app)
+      .get('/api/v1/apps?onlyWithTriggers=true')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(appsWithTriggers);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return only the apps with actions', async () => {
+    const appsWithActions = apps.filter((app) => app.actions?.length > 0);
+
+    const response = await request(app)
+      .get('/api/v1/apps?onlyWithActions=true')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock(appsWithActions);
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-auth.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const auth = await App.findAuthByKey(request.params.appKey);
+
+  renderObject(response, auth, { serializer: 'Auth' });
+};

packages/backend/src/controllers/api/v1/apps/get-auth.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getAuthMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth.js';
+
+describe('GET /api/v1/apps/:appKey/auth', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app auth info', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}/auth`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAuthMock(exampleApp.auth);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/auth')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-trigger-substeps.js

@@ -0,0 +1,11 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const substeps = await App.findTriggerSubsteps(
+    request.params.appKey,
+    request.params.triggerKey
+  );
+
+  renderObject(response, substeps);
+};

packages/backend/src/controllers/api/v1/apps/get-trigger-substeps.test.js

@@ -0,0 +1,52 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getTriggerSubstepsMock from '../../../../../test/mocks/rest/api/v1/apps/get-trigger-substeps.js';
+
+describe('GET /api/v1/apps/:appKey/triggers/:triggerKey/substeps', () => {
+  let currentUser, exampleApp, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+    exampleApp = await App.findOneByKey('github');
+  });
+
+  it('should return the app auth info', async () => {
+    const triggers = await App.findTriggersByKey('github');
+    const exampleTrigger = triggers.find(
+      (trigger) => trigger.key === 'newIssues'
+    );
+
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/triggers/${exampleTrigger.key}/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getTriggerSubstepsMock(exampleTrigger.substeps);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/triggers/invalid-trigger-key/substeps')
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return empty array for invalid trigger key', async () => {
+    const endpointUrl = `/api/v1/apps/${exampleApp.key}/triggers/invalid-trigger-key/substeps`;
+
+    const response = await request(app)
+      .get(endpointUrl)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data).toEqual([]);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-triggers.js

@@ -0,0 +1,8 @@
+import App from '../../../../models/app.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const triggers = await App.findTriggersByKey(request.params.appKey);
+
+  renderObject(response, triggers, { serializer: 'Trigger' });
+};

packages/backend/src/controllers/api/v1/apps/get-triggers.test.js

@@ -0,0 +1,35 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import App from '../../../../models/app';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import getTriggersMock from '../../../../../test/mocks/rest/api/v1/apps/get-triggers.js';
+
+describe('GET /api/v1/apps/:appKey/triggers', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the app triggers', async () => {
+    const exampleApp = await App.findOneByKey('github');
+
+    const response = await request(app)
+      .get(`/api/v1/apps/${exampleApp.key}/triggers`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getTriggersMock(exampleApp.triggers);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid app key', async () => {
+    await request(app)
+      .get('/api/v1/apps/invalid-app-key/triggers')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/info.js

@@ -0,0 +1,13 @@
+import appConfig from '../../../../config/app.js';
+import { hasValidLicense } from '../../../../helpers/license.ee.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const info = {
+    isCloud: appConfig.isCloud,
+    isMation: appConfig.isMation,
+    isEnterprise: await hasValidLicense(),
+  };
+
+  renderObject(response, info);
+};

packages/backend/src/controllers/api/v1/automatisch/info.test.js

@@ -0,0 +1,22 @@
+import { vi, expect, describe, it } from 'vitest';
+import request from 'supertest';
+import appConfig from '../../../../config/app.js';
+import app from '../../../../app.js';
+import infoMock from '../../../../../test/mocks/rest/api/v1/automatisch/info.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/automatisch/info', () => {
+  it('should return Automatisch info', async () => {
+    vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(false);
+    vi.spyOn(appConfig, 'isMation', 'get').mockReturnValue(false);
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    const response = await request(app)
+      .get('/api/v1/automatisch/info')
+      .expect(200);
+
+    const expectedPayload = infoMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/license.js

@@ -0,0 +1,15 @@
+import { getLicense } from '../../../../helpers/license.ee.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const license = await getLicense();
+
+  const computedLicense = {
+    id: license ? license.id : null,
+    name: license ? license.name : null,
+    expireAt: license ? license.expireAt : null,
+    verified: license ? true : false,
+  };
+
+  renderObject(response, computedLicense);
+};

packages/backend/src/controllers/api/v1/automatisch/license.test.js

@@ -0,0 +1,23 @@
+import { vi, expect, describe, it } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import licenseMock from '../../../../../test/mocks/rest/api/v1/automatisch/license.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/automatisch/license', () => {
+  it('should return Automatisch license info', async () => {
+    vi.spyOn(license, 'getLicense').mockResolvedValue({
+      id: '123',
+      name: 'license-name',
+      expireAt: '2025-12-31T23:59:59Z',
+    });
+
+    const response = await request(app)
+      .get('/api/v1/automatisch/license')
+      .expect(200);
+
+    const expectedPayload = licenseMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/automatisch/notifications.js

@@ -0,0 +1,19 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import axios from '../../../../helpers/axios-with-proxy.js';
+import logger from '../../../../helpers/logger.js';
+
+const NOTIFICATIONS_URL =
+  'https://notifications.automatisch.io/notifications.json';
+
+export default async (request, response) => {
+  let notifications = [];
+
+  try {
+    const response = await axios.get(NOTIFICATIONS_URL);
+    notifications = response.data;
+  } catch (error) {
+    logger.error('Error fetching notifications API endpoint!', error);
+  }
+
+  renderObject(response, notifications);
+};

packages/backend/src/controllers/api/v1/automatisch/notifications.test.js

@@ -0,0 +1,9 @@
+import { describe, it } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+
+describe('GET /api/v1/automatisch/notifications', () => {
+  it('should return Automatisch notifications', async () => {
+    await request(app).get('/api/v1/automatisch/notifications').expect(200);
+  });
+});

packages/backend/src/controllers/api/v1/executions/get-execution-steps.js

@@ -0,0 +1,23 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import paginateRest from '../../../../helpers/pagination-rest.js';
+
+export default async (request, response) => {
+  const execution = await request.currentUser.authorizedExecutions
+    .clone()
+    .withSoftDeleted()
+    .findById(request.params.executionId)
+    .throwIfNotFound();
+
+  const executionStepsQuery = execution
+    .$relatedQuery('executionSteps')
+    .withSoftDeleted()
+    .withGraphFetched('step')
+    .orderBy('created_at', 'asc');
+
+  const executionSteps = await paginateRest(
+    executionStepsQuery,
+    request.query.page
+  );
+
+  renderObject(response, executionSteps);
+};

packages/backend/src/controllers/api/v1/executions/get-execution-steps.test.js

@@ -0,0 +1,153 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createExecution } from '../../../../../test/factories/execution.js';
+import { createExecutionStep } from '../../../../../test/factories/execution-step.js';
+import { createPermission } from '../../../../../test/factories/permission';
+import getExecutionStepsMock from '../../../../../test/mocks/rest/api/v1/executions/get-execution-steps';
+
+describe('GET /api/v1/executions/:executionId/execution-steps', () => {
+  let currentUser, currentUserRole, anotherUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    anotherUser = await createUser();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the execution steps of current user execution', async () => {
+    const currentUserFlow = await createFlow({
+      userId: currentUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'action',
+    });
+
+    const currentUserExecution = await createExecution({
+      flowId: currentUserFlow.id,
+    });
+
+    const currentUserExecutionStepOne = await createExecutionStep({
+      executionId: currentUserExecution.id,
+      stepId: stepOne.id,
+    });
+
+    const currentUserExecutionStepTwo = await createExecutionStep({
+      executionId: currentUserExecution.id,
+      stepId: stepTwo.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${currentUserExecution.id}/execution-steps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionStepsMock(
+      [currentUserExecutionStepOne, currentUserExecutionStepTwo],
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the execution steps of another user execution', async () => {
+    const anotherUserFlow = await createFlow({
+      userId: anotherUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const anotherUserExecution = await createExecution({
+      flowId: anotherUserFlow.id,
+    });
+
+    const anotherUserExecutionStepOne = await createExecutionStep({
+      executionId: anotherUserExecution.id,
+      stepId: stepOne.id,
+    });
+
+    const anotherUserExecutionStepTwo = await createExecutionStep({
+      executionId: anotherUserExecution.id,
+      stepId: stepTwo.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${anotherUserExecution.id}/execution-steps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionStepsMock(
+      [anotherUserExecutionStepOne, anotherUserExecutionStepTwo],
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing execution step UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingExcecutionUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/executions/${notExistingExcecutionUUID}/execution-steps`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/executions/invalidExecutionUUID/execution-steps')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/executions/get-execution.js

@@ -0,0 +1,15 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const execution = await request.currentUser.authorizedExecutions
+    .withGraphFetched({
+      flow: {
+        steps: true,
+      },
+    })
+    .withSoftDeleted()
+    .findById(request.params.executionId)
+    .throwIfNotFound();
+
+  renderObject(response, execution);
+};

packages/backend/src/controllers/api/v1/executions/get-execution.test.js

@@ -0,0 +1,134 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createExecution } from '../../../../../test/factories/execution.js';
+import { createPermission } from '../../../../../test/factories/permission';
+import getExecutionMock from '../../../../../test/mocks/rest/api/v1/executions/get-execution';
+
+describe('GET /api/v1/executions/:executionId', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the execution data of current user', async () => {
+    const currentUserFlow = await createFlow({
+      userId: currentUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'action',
+    });
+
+    const currentUserExecution = await createExecution({
+      flowId: currentUserFlow.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${currentUserExecution.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionMock(
+      currentUserExecution,
+      currentUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the execution data of another user', async () => {
+    const anotherUser = await createUser();
+
+    const anotherUserFlow = await createFlow({
+      userId: anotherUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const anotherUserExecution = await createExecution({
+      flowId: anotherUserFlow.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/executions/${anotherUserExecution.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionMock(
+      anotherUserExecution,
+      anotherUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing execution UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingExcecutionUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/executions/${notExistingExcecutionUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/executions/invalidExecutionUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/executions/get-executions.js

@@ -0,0 +1,26 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import paginateRest from '../../../../helpers/pagination-rest.js';
+
+export default async (request, response) => {
+  const executionsQuery = request.currentUser.authorizedExecutions
+    .withSoftDeleted()
+    .orderBy('created_at', 'desc')
+    .withGraphFetched({
+      flow: {
+        steps: true,
+      },
+    });
+
+  const executions = await paginateRest(executionsQuery, request.query.page);
+
+  for (const execution of executions.records) {
+    const executionSteps = await execution.$relatedQuery('executionSteps');
+    const status = executionSteps.some((step) => step.status === 'failure')
+      ? 'failure'
+      : 'success';
+
+    execution.status = status;
+  }
+
+  renderObject(response, executions);
+};

packages/backend/src/controllers/api/v1/executions/get-executions.test.js

@@ -0,0 +1,113 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createExecution } from '../../../../../test/factories/execution.js';
+import { createPermission } from '../../../../../test/factories/permission';
+import getExecutionsMock from '../../../../../test/mocks/rest/api/v1/executions/get-executions';
+
+describe('GET /api/v1/executions', () => {
+  let currentUser, currentUserRole, anotherUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    anotherUser = await createUser();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the executions of current user', async () => {
+    const currentUserFlow = await createFlow({
+      userId: currentUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: currentUserFlow.id,
+      type: 'action',
+    });
+
+    const currentUserExecutionOne = await createExecution({
+      flowId: currentUserFlow.id,
+    });
+
+    const currentUserExecutionTwo = await createExecution({
+      flowId: currentUserFlow.id,
+      deletedAt: new Date().toISOString(),
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/executions')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionsMock(
+      [currentUserExecutionTwo, currentUserExecutionOne],
+      currentUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the executions of another user', async () => {
+    const anotherUserFlow = await createFlow({
+      userId: anotherUser.id,
+    });
+
+    const stepOne = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'trigger',
+    });
+
+    const stepTwo = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const anotherUserExecutionOne = await createExecution({
+      flowId: anotherUserFlow.id,
+    });
+
+    const anotherUserExecutionTwo = await createExecution({
+      flowId: anotherUserFlow.id,
+      deletedAt: new Date().toISOString(),
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Execution',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/executions')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getExecutionsMock(
+      [anotherUserExecutionTwo, anotherUserExecutionOne],
+      anotherUserFlow,
+      [stepOne, stepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/flows/get-flow.js

@@ -0,0 +1,11 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const flow = await request.currentUser.authorizedFlows
+    .withGraphJoined({ steps: true })
+    .orderBy('steps.position', 'asc')
+    .findOne({ 'flows.id': request.params.flowId })
+    .throwIfNotFound();
+
+  renderObject(response, flow);
+};

packages/backend/src/controllers/api/v1/flows/get-flow.test.js

@@ -0,0 +1,102 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow';
+import { createStep } from '../../../../../test/factories/step';
+import { createPermission } from '../../../../../test/factories/permission';
+import getFlowMock from '../../../../../test/mocks/rest/api/v1/flows/get-flow';
+
+describe('GET /api/v1/flows/:flowId', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the flow data of current user', async () => {
+    const currentUserflow = await createFlow({ userId: currentUser.id });
+    const triggerStep = await createStep({ flowId: currentUserflow.id });
+    const actionStep = await createStep({ flowId: currentUserflow.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/flows/${currentUserflow.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowMock(currentUserflow, [
+      triggerStep,
+      actionStep,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the flow data of another user', async () => {
+    const anotherUser = await createUser();
+    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
+    const triggerStep = await createStep({ flowId: anotherUserFlow.id });
+    const actionStep = await createStep({ flowId: anotherUserFlow.id });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/flows/${anotherUserFlow.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getFlowMock(anotherUserFlow, [
+      triggerStep,
+      actionStep,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing flow UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingFlowUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/flows/${notExistingFlowUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/flows/invalidFlowUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/payment/get-paddle-info.ee.js

@@ -0,0 +1,8 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import Billing from '../../../../helpers/billing/index.ee.js';
+
+export default async (request, response) => {
+  const paddleInfo = Billing.paddleInfo;
+
+  renderObject(response, paddleInfo);
+};

packages/backend/src/controllers/api/v1/payment/get-paddle-info.ee.test.js

@@ -0,0 +1,33 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getPaddleInfoMock from '../../../../../test/mocks/rest/api/v1/payment/get-paddle-info.js';
+import appConfig from '../../../../config/app.js';
+import billing from '../../../../helpers/billing/index.ee.js';
+
+describe('GET /api/v1/payment/paddle-info', () => {
+  let user, token;
+
+  beforeEach(async () => {
+    user = await createUser();
+    token = createAuthTokenByUserId(user.id);
+
+    vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(true);
+    vi.spyOn(billing.paddleInfo, 'vendorId', 'get').mockReturnValue(
+      'sampleVendorId'
+    );
+  });
+
+  it('should return payment plans', async () => {
+    const response = await request(app)
+      .get('/api/v1/payment/paddle-info')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedResponsePayload = await getPaddleInfoMock();
+
+    expect(response.body).toEqual(expectedResponsePayload);
+  });
+});

packages/backend/src/controllers/api/v1/payment/get-plans.ee.js

@@ -0,0 +1,8 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import Billing from '../../../../helpers/billing/index.ee.js';
+
+export default async (request, response) => {
+  const paymentPlans = Billing.paddlePlans;
+
+  renderObject(response, paymentPlans);
+};

packages/backend/src/controllers/api/v1/payment/get-plans.ee.test.js

@@ -0,0 +1,29 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getPaymentPlansMock from '../../../../../test/mocks/rest/api/v1/payment/get-plans.js';
+import appConfig from '../../../../config/app.js';
+
+describe('GET /api/v1/payment/plans', () => {
+  let user, token;
+
+  beforeEach(async () => {
+    user = await createUser();
+    token = createAuthTokenByUserId(user.id);
+
+    vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(true);
+  });
+
+  it('should return payment plans', async () => {
+    const response = await request(app)
+      .get('/api/v1/payment/plans')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedResponsePayload = await getPaymentPlansMock();
+
+    expect(response.body).toEqual(expectedResponsePayload);
+  });
+});

packages/backend/src/controllers/api/v1/users/get-current-user.test.js

@@ -2,15 +2,29 @@ import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createPermission } from '../../../../../test/factories/permission';
+import { createRole } from '../../../../../test/factories/role';
 import { createUser } from '../../../../../test/factories/user';
 import getCurrentUserMock from '../../../../../test/mocks/rest/api/v1/users/get-current-user';
 
 describe('GET /api/v1/users/me', () => {
-  let role, currentUser, token;
+  let role, permissionOne, permissionTwo, currentUser, token;
 
   beforeEach(async () => {
-    currentUser = await createUser();
-    role = await currentUser.$relatedQuery('role');
+    role = await createRole();
+
+    permissionOne = await createPermission({
+      roleId: role.id,
+    });
+
+    permissionTwo = await createPermission({
+      roleId: role.id,
+    });
+
+    currentUser = await createUser({
+      roleId: role.id,
+    });
+
     token = createAuthTokenByUserId(currentUser.id);
   });
 
@@ -20,7 +34,11 @@ describe('GET /api/v1/users/me', () => {
       .set('Authorization', token)
       .expect(200);
 
-    const expectedPayload = getCurrentUserMock(currentUser, role);
+    const expectedPayload = getCurrentUserMock(currentUser, role, [
+      permissionOne,
+      permissionTwo,
+    ]);
+
     expect(response.body).toEqual(expectedPayload);
   });
 });

packages/backend/src/controllers/api/v1/users/get-invoices.ee.js

@@ -0,0 +1,7 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const invoices = await request.currentUser.getInvoices();
+
+  renderObject(response, invoices);
+};

packages/backend/src/controllers/api/v1/users/get-invoices.ee.test.js

@@ -0,0 +1,34 @@
+import { describe, it, expect, beforeEach, vi } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import User from '../../../../models/user';
+import getInvoicesMock from '../../../../../test/mocks/rest/api/v1/users/get-invoices.ee';
+
+describe('GET /api/v1/user/invoices', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return current user invoices', async () => {
+    const invoices = [
+      { id: 1, amount: 100, description: 'Invoice 1' },
+      { id: 2, amount: 200, description: 'Invoice 2' },
+    ];
+
+    vi.spyOn(User.prototype, 'getInvoices').mockResolvedValue(invoices);
+
+    const response = await request(app)
+      .get('/api/v1/users/invoices')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getInvoicesMock(invoices);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/users/get-user.test.js

@@ -1,36 +0,0 @@
-import { describe, it, expect, beforeEach } from 'vitest';
-import request from 'supertest';
-import app from '../../../../app.js';
-import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
-import { createUser } from '../../../../../test/factories/user';
-import { createPermission } from '../../../../../test/factories/permission';
-import getUserMock from '../../../../../test/mocks/rest/api/v1/users/get-user';
-
-describe('GET /api/v1/users/:userId', () => {
-  let currentUser, currentUserRole, anotherUser, anotherUserRole, token;
-
-  beforeEach(async () => {
-    currentUser = await createUser();
-    anotherUser = await createUser();
-    currentUserRole = await currentUser.$relatedQuery('role');
-    anotherUserRole = await anotherUser.$relatedQuery('role');
-
-    await createPermission({
-      roleId: currentUserRole.id,
-      action: 'read',
-      subject: 'User',
-    });
-
-    token = createAuthTokenByUserId(currentUser.id);
-  });
-
-  it('should return specified user info', async () => {
-    const response = await request(app)
-      .get(`/api/v1/users/${anotherUser.id}`)
-      .set('Authorization', token)
-      .expect(200);
-
-    const expectedPayload = getUserMock(anotherUser, anotherUserRole);
-    expect(response.body).toEqual(expectedPayload);
-  });
-});

packages/backend/src/db/migrations/20240227164849_create_datastore_model.js

@@ -0,0 +1,16 @@
+export async function up(knex) {
+  return knex.schema.createTable('datastore', (table) => {
+    table.uuid('id').primary().defaultTo(knex.raw('gen_random_uuid()'));
+    table.string('key').notNullable();
+    table.string('value');
+    table.string('scope').notNullable();
+    table.uuid('scope_id').notNullable();
+    table.index(['key', 'scope', 'scope_id']);
+
+    table.timestamps(true, true);
+  });
+}
+
+export async function down(knex) {
+  return knex.schema.dropTable('datastore');
+}

packages/backend/src/graphql/mutations/delete-step.js

@@ -1,8 +1,13 @@
-const deleteStep = async (_parent, params, context) => {
-  context.currentUser.can('update', 'Flow');
+import Step from '../../models/flow.js';
 
-  const step = await context.currentUser
-    .$relatedQuery('steps')
+const deleteStep = async (_parent, params, context) => {
+  const conditions = context.currentUser.can('update', 'Flow');
+  const isCreator = conditions.isCreator;
+  const allSteps = Step.query();
+  const userSteps = context.currentUser.$relatedQuery('steps');
+  const baseQuery = isCreator ? userSteps : allSteps;
+
+  const step = await baseQuery
     .withGraphFetched('flow')
     .findOne({
       'steps.id': params.input.id,

packages/backend/src/graphql/queries/get-automatisch-info.js

@@ -1,21 +0,0 @@
-import appConfig from '../../config/app.js';
-import { getLicense } from '../../helpers/license.ee.js';
-
-const getAutomatischInfo = async () => {
-  const license = await getLicense();
-
-  const computedLicense = {
-    id: license ? license.id : null,
-    name: license ? license.name : null,
-    expireAt: license ? license.expireAt : null,
-    verified: license ? true : false,
-  };
-
-  return {
-    isCloud: appConfig.isCloud,
-    isMation: appConfig.isMation,
-    license: computedLicense,
-  };
-};
-
-export default getAutomatischInfo;

packages/backend/src/graphql/queries/get-automatisch-info.test.js

@@ -1,190 +0,0 @@
-import { vi, describe, it, expect, beforeEach } from 'vitest';
-import request from 'supertest';
-import app from '../../app';
-import * as license from '../../helpers/license.ee';
-import appConfig from '../../config/app';
-
-describe('graphQL getAutomatischInfo query', () => {
-  const query = `
-    query {
-      getAutomatischInfo {
-        isCloud
-        isMation
-        license {
-          id
-          name
-          expireAt
-          verified
-        }
-      }
-    }
-  `;
-
-  describe('and without valid license', () => {
-    beforeEach(async () => {
-      vi.spyOn(license, 'getLicense').mockResolvedValue(false);
-
-      vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(false);
-      vi.spyOn(appConfig, 'isMation', 'get').mockReturnValue(false);
-    });
-
-    it('should return empty license data', async () => {
-      const response = await request(app)
-        .post('/graphql')
-        .send({ query })
-        .expect(200);
-
-      const expectedResponsePayload = {
-        data: {
-          getAutomatischInfo: {
-            isCloud: false,
-            isMation: false,
-            license: {
-              id: null,
-              name: null,
-              expireAt: null,
-              verified: false,
-            },
-          },
-        },
-      };
-
-      expect(response.body).toEqual(expectedResponsePayload);
-    });
-  });
-
-  describe('and with valid license', () => {
-    beforeEach(async () => {
-      const mockedLicense = {
-        id: '123123',
-        name: 'Test License',
-        expireAt: '2025-08-09T10:56:54.144Z',
-        verified: true,
-      };
-
-      vi.spyOn(license, 'getLicense').mockResolvedValue(mockedLicense);
-    });
-
-    describe('and with cloud flag enabled', () => {
-      beforeEach(async () => {
-        vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(true);
-      });
-
-      it('should return all license data', async () => {
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getAutomatischInfo: {
-              isCloud: true,
-              isMation: false,
-              license: {
-                expireAt: '2025-08-09T10:56:54.144Z',
-                id: '123123',
-                name: 'Test License',
-                verified: true,
-              },
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-
-    describe('and with cloud flag disabled', () => {
-      beforeEach(async () => {
-        vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(false);
-      });
-
-      it('should return all license data', async () => {
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getAutomatischInfo: {
-              isCloud: false,
-              isMation: false,
-              license: {
-                expireAt: '2025-08-09T10:56:54.144Z',
-                id: '123123',
-                name: 'Test License',
-                verified: true,
-              },
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-
-    describe('and with mation flag enabled', () => {
-      beforeEach(async () => {
-        vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(false);
-        vi.spyOn(appConfig, 'isMation', 'get').mockReturnValue(true);
-      });
-
-      it('should return all license data', async () => {
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getAutomatischInfo: {
-              isCloud: false,
-              isMation: true,
-              license: {
-                expireAt: '2025-08-09T10:56:54.144Z',
-                id: '123123',
-                name: 'Test License',
-                verified: true,
-              },
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-
-    describe('and with mation flag disabled', () => {
-      beforeEach(async () => {
-        vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(false);
-        vi.spyOn(appConfig, 'isMation', 'get').mockReturnValue(false);
-      });
-
-      it('should return all license data', async () => {
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getAutomatischInfo: {
-              isMation: false,
-              isCloud: false,
-              license: {
-                expireAt: '2025-08-09T10:56:54.144Z',
-                id: '123123',
-                name: 'Test License',
-                verified: true,
-              },
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-  });
-});

packages/backend/src/graphql/query-resolvers.js

@@ -3,7 +3,6 @@ import getAppAuthClient from './queries/get-app-auth-client.ee.js';
 import getAppAuthClients from './queries/get-app-auth-clients.ee.js';
 import getAppConfig from './queries/get-app-config.ee.js';
 import getApps from './queries/get-apps.js';
-import getAutomatischInfo from './queries/get-automatisch-info.js';
 import getBillingAndUsage from './queries/get-billing-and-usage.ee.js';
 import getConfig from './queries/get-config.ee.js';
 import getConnectedApps from './queries/get-connected-apps.js';
@@ -39,7 +38,6 @@ const queryResolvers = {
   getAppAuthClients,
   getAppConfig,
   getApps,
-  getAutomatischInfo,
   getBillingAndUsage,
   getConfig,
   getConnectedApps,

packages/backend/src/graphql/schema.graphql

@@ -40,7 +40,6 @@ type Query {
     key: String!
     parameters: JSONObject
   ): [SubstepArgument]
-  getAutomatischInfo: GetAutomatischInfo
   getBillingAndUsage: GetBillingAndUsage
   getCurrentUser: User
   getConfig(keys: [String]): JSONObject
@@ -644,12 +643,6 @@ type AppHealth {
   version: String
 }
 
-type GetAutomatischInfo {
-  isCloud: Boolean
-  isMation: Boolean
-  license: License
-}
-
 type License {
   id: String
   name: String

packages/backend/src/helpers/authentication.js

@@ -42,7 +42,6 @@ const isAuthenticatedRule = rule()(isAuthenticated);
 export const authenticationRules = {
   Query: {
     '*': isAuthenticatedRule,
-    getAutomatischInfo: allow,
     getConfig: allow,
     getNotifications: allow,
     healthcheck: allow,

packages/backend/src/helpers/authorization.js

@@ -1,16 +1,33 @@
 const authorizationList = {
-  '/api/v1/users/:userId': {
+  'GET /api/v1/users/:userId': {
     action: 'read',
     subject: 'User',
   },
-  '/api/v1/users/': {
+  'GET /api/v1/users/': {
     action: 'read',
     subject: 'User',
   },
+  'GET /api/v1/flows/:flowId': {
+    action: 'read',
+    subject: 'Flow',
+  },
+  'GET /api/v1/executions/:executionId': {
+    action: 'read',
+    subject: 'Execution',
+  },
+  'GET /api/v1/executions/': {
+    action: 'read',
+    subject: 'Execution',
+  },
+  'GET /api/v1/executions/:executionId/execution-steps': {
+    action: 'read',
+    subject: 'Execution',
+  },
 };
 
 export const authorizeUser = async (request, response, next) => {
-  const currentRoute = request.baseUrl + request.route.path;
+  const currentRoute =
+    request.method + ' ' + request.baseUrl + request.route.path;
   const currentRouteRule = authorizationList[currentRoute];
 
   try {
@@ -20,3 +37,13 @@ export const authorizeUser = async (request, response, next) => {
     return response.status(403).end();
   }
 };
+
+export const authorizeAdmin = async (request, response, next) => {
+  const role = await request.currentUser.$relatedQuery('role');
+
+  if (role?.isAdmin) {
+    next();
+  } else {
+    return response.status(403).end();
+  }
+};

packages/backend/src/helpers/check-is-enterprise.js

@@ -0,0 +1,9 @@
+import { hasValidLicense } from './license.ee.js';
+
+export const checkIsEnterprise = async (request, response, next) => {
+  if (await hasValidLicense()) {
+    next();
+  } else {
+    return response.status(404).end();
+  }
+};

packages/backend/src/helpers/error-handler.js

@@ -1,14 +1,45 @@
 import logger from './logger.js';
+import objection from 'objection';
+import * as Sentry from './sentry.ee.js';
+const { NotFoundError, DataError } = objection;
 
 // Do not remove `next` argument as the function signature will not fit for an error handler middleware
 // eslint-disable-next-line no-unused-vars
-const errorHandler = (err, req, res, next) => {
-  if (err.message === 'Not Found') {
-    res.status(404).end();
-  } else {
-    logger.error(err.message + '\n' + err.stack);
-    res.status(err.statusCode || 500).send(err.message);
+const errorHandler = (error, request, response, next) => {
+  if (error.message === 'Not Found' || error instanceof NotFoundError) {
+    response.status(404).end();
   }
+
+  if (notFoundAppError(error)) {
+    response.status(404).end();
+  }
+
+  if (error instanceof DataError) {
+    response.status(400).end();
+  }
+
+  const statusCode = error.statusCode || 500;
+
+  logger.error(request.method + ' ' + request.url + ' ' + statusCode);
+  logger.error(error.stack);
+
+  Sentry.captureException(error, {
+    tags: { rest: true },
+    extra: {
+      url: request?.url,
+      method: request?.method,
+      params: request?.params,
+    },
+  });
+
+  response.status(statusCode).end();
+};
+
+const notFoundAppError = (error) => {
+  return (
+    error.message.includes('An application with the') ||
+    error.message.includes("key couldn't be found.")
+  );
 };
 
 export default errorHandler;

packages/backend/src/helpers/global-variable.js

@@ -1,6 +1,7 @@
 import createHttpClient from './http-client/index.js';
 import EarlyExitError from '../errors/early-exit.js';
 import AlreadyProcessedError from '../errors/already-processed.js';
+import Datastore from '../models/datastore.js';
 
 const globalVariable = async (options) => {
   const {
@@ -88,6 +89,43 @@ const globalVariable = async (options) => {
     setActionItem: (actionItem) => {
       $.actionOutput.data = actionItem;
     },
+    datastore: {
+      get: async ({ key }) => {
+        const datastore = await Datastore.query().findOne({
+          key,
+          scope: 'flow',
+          scope_id: $.flow.id,
+        });
+
+        return {
+          key: datastore.key,
+          value: datastore.value,
+          [datastore.key]: datastore.value,
+        };
+      },
+      set: async ({ key, value }) => {
+        let datastore = await Datastore.query()
+          .where({ key, scope: 'flow', scope_id: $.flow.id })
+          .first();
+
+        if (datastore) {
+          await datastore.$query().patchAndFetch({ value: value });
+        } else {
+          datastore = await Datastore.query().insert({
+            key,
+            value,
+            scope: 'flow',
+            scopeId: $.flow.id,
+          });
+        }
+
+        return {
+          key: datastore.key,
+          value: datastore.value,
+          [datastore.key]: datastore.value,
+        };
+      },
+    },
   };
 
   if (request) {