test: use new alert in create role and create user tests

.github/workflows/playwright.yml

@@ -4,12 +4,12 @@ on:
     branches:
       - main
   # TODO: Add pull request after optimizing the total excecution time of the test suite.
-  pull_request:
-    paths:
-      - 'packages/backend/**'
-      - 'packages/e2e-tests/**'
-      - 'packages/web/**'
-      - '!packages/backend/src/apps/**'
+  # pull_request:
+  #   paths:
+  #     - 'packages/backend/**'
+  #     - 'packages/e2e-tests/**'
+  #     - 'packages/web/**'
+  #     - '!packages/backend/src/apps/**'
   workflow_dispatch:
 
 env:

packages/backend/src/controllers/api/v1/admin/apps/create-config.ee.js

@@ -10,11 +10,12 @@ export default async (request, response) => {
 };
 
 const appConfigParams = (request) => {
-  const { useOnlyPredefinedAuthClients, disabled } = request.body;
+  const { customConnectionAllowed, shared, disabled } = request.body;
 
   return {
     key: request.params.appKey,
-    useOnlyPredefinedAuthClients,
+    customConnectionAllowed,
+    shared,
     disabled,
   };
 };

packages/backend/src/controllers/api/v1/admin/apps/create-config.ee.test.js

@@ -23,7 +23,8 @@ describe('POST /api/v1/admin/apps/:appKey/config', () => {
 
   it('should return created app config', async () => {
     const appConfig = {
-      useOnlyPredefinedAuthClients: false,
+      customConnectionAllowed: true,
+      shared: true,
       disabled: false,
     };
 
@@ -37,14 +38,14 @@ describe('POST /api/v1/admin/apps/:appKey/config', () => {
       ...appConfig,
       key: 'gitlab',
     });
-
     expect(response.body).toMatchObject(expectedPayload);
   });
 
   it('should return HTTP 422 for already existing app config', async () => {
     const appConfig = {
       key: 'gitlab',
-      useOnlyPredefinedAuthClients: false,
+      customConnectionAllowed: true,
+      shared: true,
       disabled: false,
     };
 

packages/backend/src/controllers/api/v1/admin/apps/update-config.ee.js

@@ -17,10 +17,11 @@ export default async (request, response) => {
 };
 
 const appConfigParams = (request) => {
-  const { useOnlyPredefinedAuthClients, disabled } = request.body;
+  const { customConnectionAllowed, shared, disabled } = request.body;
 
   return {
-    useOnlyPredefinedAuthClients,
+    customConnectionAllowed,
+    shared,
     disabled,
   };
 };

packages/backend/src/controllers/api/v1/admin/apps/update-config.ee.test.js

@@ -24,15 +24,17 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
   it('should return updated app config', async () => {
     const appConfig = {
       key: 'gitlab',
-      useOnlyPredefinedAuthClients: true,
+      customConnectionAllowed: true,
+      shared: true,
       disabled: false,
     };
 
     await createAppConfig(appConfig);
 
     const newAppConfigValues = {
+      shared: false,
       disabled: true,
-      useOnlyPredefinedAuthClients: false,
+      customConnectionAllowed: false,
     };
 
     const response = await request(app)
@@ -51,8 +53,9 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
 
   it('should return not found response for unexisting app config', async () => {
     const appConfig = {
+      shared: false,
       disabled: true,
-      useOnlyPredefinedAuthClients: false,
+      customConnectionAllowed: false,
     };
 
     await request(app)
@@ -65,7 +68,8 @@ describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
   it('should return HTTP 422 for invalid app config data', async () => {
     const appConfig = {
       key: 'gitlab',
-      useOnlyPredefinedAuthClients: true,
+      customConnectionAllowed: true,
+      shared: true,
       disabled: false,
     };
 

packages/backend/src/controllers/api/v1/apps/create-connection.test.js

@@ -155,7 +155,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
       await createAppConfig({
         key: 'gitlab',
         disabled: false,
-        useOnlyPredefinedAuthClients: false,
+        customConnectionAllowed: true,
       });
     });
 
@@ -218,7 +218,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
       await createAppConfig({
         key: 'gitlab',
         disabled: false,
-        useOnlyPredefinedAuthClients: true,
+        customConnectionAllowed: false,
       });
     });
 
@@ -266,14 +266,14 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
     });
   });
 
-  describe('with auth client enabled', async () => {
+  describe('with auth clients enabled', async () => {
     let appAuthClient;
 
     beforeEach(async () => {
       await createAppConfig({
         key: 'gitlab',
         disabled: false,
-        useOnlyPredefinedAuthClients: false,
+        shared: true,
       });
 
       appAuthClient = await createAppAuthClient({
@@ -310,6 +310,19 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
       expect(response.body).toStrictEqual(expectedPayload);
     });
 
+    it('should return not authorized response for appAuthClientId and formattedData together', async () => {
+      const connectionData = {
+        appAuthClientId: appAuthClient.id,
+        formattedData: {},
+      };
+
+      await request(app)
+        .post('/api/v1/apps/gitlab/connections')
+        .set('Authorization', token)
+        .send(connectionData)
+        .expect(403);
+    });
+
     it('should return not found response for invalid app key', async () => {
       await request(app)
         .post('/api/v1/apps/invalid-app-key/connections')
@@ -336,20 +349,18 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
       });
     });
   });
-
-  describe('with auth client disabled', async () => {
+  describe('with auth clients disabled', async () => {
     let appAuthClient;
 
     beforeEach(async () => {
       await createAppConfig({
         key: 'gitlab',
         disabled: false,
-        useOnlyPredefinedAuthClients: false,
+        shared: false,
       });
 
       appAuthClient = await createAppAuthClient({
         appKey: 'gitlab',
-        active: false,
       });
     });
 
@@ -362,7 +373,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
         .post('/api/v1/apps/gitlab/connections')
         .set('Authorization', token)
         .send(connectionData)
-        .expect(404);
+        .expect(403);
     });
 
     it('should return not found response for invalid app key', async () => {

packages/backend/src/controllers/api/v1/apps/get-config.ee.test.js

@@ -17,7 +17,8 @@ describe('GET /api/v1/apps/:appKey/config', () => {
 
     appConfig = await createAppConfig({
       key: 'deepl',
-      useOnlyPredefinedAuthClients: false,
+      customConnectionAllowed: true,
+      shared: true,
       disabled: false,
     });
 

packages/backend/src/controllers/api/v1/connections/reset-connection.test.js

@@ -47,6 +47,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
 
     const expectedPayload = resetConnectionMock({
       ...refetchedCurrentUserConnection,
+      reconnectable: refetchedCurrentUserConnection.reconnectable,
       formattedData: {
         screenName: 'Connection name',
       },

packages/backend/src/controllers/api/v1/connections/update-connection.test.js

@@ -55,9 +55,10 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
 
     const refetchedCurrentUserConnection = await currentUserConnection.$query();
 
-    const expectedPayload = updateConnectionMock(
-      refetchedCurrentUserConnection
-    );
+    const expectedPayload = updateConnectionMock({
+      ...refetchedCurrentUserConnection,
+      reconnectable: refetchedCurrentUserConnection.reconnectable,
+    });
 
     expect(response.body).toStrictEqual(expectedPayload);
   });

packages/backend/src/db/migrations/20241204103153_add_use_only_predefined_auth_clients_in_app_config.js

@@ -1,11 +0,0 @@
-export async function up(knex) {
-  return await knex.schema.alterTable('app_configs', (table) => {
-    table.boolean('use_only_predefined_auth_clients').defaultTo(false);
-  });
-}
-
-export async function down(knex) {
-  return await knex.schema.alterTable('app_configs', (table) => {
-    table.dropColumn('use_only_predefined_auth_clients');
-  });
-}

packages/backend/src/db/migrations/20241204103355_remove_obsolete_fields_in_app_config.js

@@ -1,15 +0,0 @@
-export async function up(knex) {
-  return await knex.schema.alterTable('app_configs', (table) => {
-    table.dropColumn('shared');
-    table.dropColumn('connection_allowed');
-    table.dropColumn('custom_connection_allowed');
-  });
-}
-
-export async function down(knex) {
-  return await knex.schema.alterTable('app_configs', (table) => {
-    table.boolean('shared').defaultTo(false);
-    table.boolean('connection_allowed').defaultTo(false);
-    table.boolean('custom_connection_allowed').defaultTo(false);
-  });
-}

packages/backend/src/models/__snapshots__/app-config.test.js.snap

@@ -3,9 +3,17 @@
 exports[`AppConfig model > jsonSchema should have correct validations 1`] = `
 {
   "properties": {
+    "connectionAllowed": {
+      "default": false,
+      "type": "boolean",
+    },
     "createdAt": {
       "type": "string",
     },
+    "customConnectionAllowed": {
+      "default": false,
+      "type": "boolean",
+    },
     "disabled": {
       "default": false,
       "type": "boolean",
@@ -17,13 +25,13 @@ exports[`AppConfig model > jsonSchema should have correct validations 1`] = `
     "key": {
       "type": "string",
     },
-    "updatedAt": {
-      "type": "string",
-    },
-    "useOnlyPredefinedAuthClients": {
+    "shared": {
       "default": false,
       "type": "boolean",
     },
+    "updatedAt": {
+      "type": "string",
+    },
   },
   "required": [
     "key",

packages/backend/src/models/app-auth-client.js

@@ -60,26 +60,39 @@ class AppAuthClient extends Base {
     return this.authDefaults ? true : false;
   }
 
+  async triggerAppConfigUpdate() {
+    const appConfig = await this.$relatedQuery('appConfig');
+
+    // This is a workaround to update connection allowed column for AppConfig
+    await appConfig?.$query().patch({
+      key: appConfig.key,
+      shared: appConfig.shared,
+      disabled: appConfig.disabled,
+    });
+  }
+
   // TODO: Make another abstraction like beforeSave instead of using
   // beforeInsert and beforeUpdate separately for the same operation.
   async $beforeInsert(queryContext) {
     await super.$beforeInsert(queryContext);
-
     this.encryptData();
   }
 
   async $afterInsert(queryContext) {
     await super.$afterInsert(queryContext);
+
+    await this.triggerAppConfigUpdate();
   }
 
   async $beforeUpdate(opt, queryContext) {
     await super.$beforeUpdate(opt, queryContext);
-
     this.encryptData();
   }
 
   async $afterUpdate(opt, queryContext) {
     await super.$afterUpdate(opt, queryContext);
+
+    await this.triggerAppConfigUpdate();
   }
 
   async $afterFind() {

packages/backend/src/models/app-auth-client.test.js

@@ -7,6 +7,7 @@ import AppAuthClient from './app-auth-client.js';
 import Base from './base.js';
 import appConfig from '../config/app.js';
 import { createAppAuthClient } from '../../test/factories/app-auth-client.js';
+import { createAppConfig } from '../../test/factories/app-config.js';
 
 describe('AppAuthClient model', () => {
   it('tableName should return correct name', () => {
@@ -163,6 +164,63 @@ describe('AppAuthClient model', () => {
     });
   });
 
+  describe('triggerAppConfigUpdate', () => {
+    it('should trigger an update in related app config', async () => {
+      await createAppConfig({ key: 'gitlab' });
+
+      const appAuthClient = await createAppAuthClient({
+        appKey: 'gitlab',
+      });
+
+      const appConfigBeforeUpdateSpy = vi.spyOn(
+        AppConfig.prototype,
+        '$beforeUpdate'
+      );
+
+      await appAuthClient.triggerAppConfigUpdate();
+
+      expect(appConfigBeforeUpdateSpy).toHaveBeenCalledOnce();
+    });
+
+    it('should update related AppConfig after creating an instance', async () => {
+      const appConfig = await createAppConfig({
+        key: 'gitlab',
+        disabled: false,
+        shared: true,
+      });
+
+      await createAppAuthClient({
+        appKey: 'gitlab',
+        active: true,
+      });
+
+      const refetchedAppConfig = await appConfig.$query();
+
+      expect(refetchedAppConfig.connectionAllowed).toBe(true);
+    });
+
+    it('should update related AppConfig after updating an instance', async () => {
+      const appConfig = await createAppConfig({
+        key: 'gitlab',
+        disabled: false,
+        shared: true,
+      });
+
+      const appAuthClient = await createAppAuthClient({
+        appKey: 'gitlab',
+        active: false,
+      });
+
+      let refetchedAppConfig = await appConfig.$query();
+      expect(refetchedAppConfig.connectionAllowed).toBe(false);
+
+      await appAuthClient.$query().patchAndFetch({ active: true });
+
+      refetchedAppConfig = await appConfig.$query();
+      expect(refetchedAppConfig.connectionAllowed).toBe(true);
+    });
+  });
+
   it('$beforeInsert should call AppAuthClient.encryptData', async () => {
     const appAuthClientBeforeInsertSpy = vi.spyOn(
       AppAuthClient.prototype,
@@ -174,6 +232,17 @@ describe('AppAuthClient model', () => {
     expect(appAuthClientBeforeInsertSpy).toHaveBeenCalledOnce();
   });
 
+  it('$afterInsert should call AppAuthClient.triggerAppConfigUpdate', async () => {
+    const appAuthClientAfterInsertSpy = vi.spyOn(
+      AppAuthClient.prototype,
+      'triggerAppConfigUpdate'
+    );
+
+    await createAppAuthClient();
+
+    expect(appAuthClientAfterInsertSpy).toHaveBeenCalledOnce();
+  });
+
   it('$beforeUpdate should call AppAuthClient.encryptData', async () => {
     const appAuthClient = await createAppAuthClient();
 
@@ -187,6 +256,19 @@ describe('AppAuthClient model', () => {
     expect(appAuthClientBeforeUpdateSpy).toHaveBeenCalledOnce();
   });
 
+  it('$afterUpdate should call AppAuthClient.triggerAppConfigUpdate', async () => {
+    const appAuthClient = await createAppAuthClient();
+
+    const appAuthClientAfterUpdateSpy = vi.spyOn(
+      AppAuthClient.prototype,
+      'triggerAppConfigUpdate'
+    );
+
+    await appAuthClient.$query().patchAndFetch({ name: 'sample' });
+
+    expect(appAuthClientAfterUpdateSpy).toHaveBeenCalledOnce();
+  });
+
   it('$afterFind should call AppAuthClient.decryptData', async () => {
     const appAuthClient = await createAppAuthClient();
 

packages/backend/src/models/app-config.js

@@ -16,7 +16,9 @@ class AppConfig extends Base {
     properties: {
       id: { type: 'string', format: 'uuid' },
       key: { type: 'string' },
-      useOnlyPredefinedAuthClients: { type: 'boolean', default: false },
+      connectionAllowed: { type: 'boolean', default: false },
+      customConnectionAllowed: { type: 'boolean', default: false },
+      shared: { type: 'boolean', default: false },
       disabled: { type: 'boolean', default: false },
       createdAt: { type: 'string' },
       updatedAt: { type: 'string' },
@@ -39,6 +41,39 @@ class AppConfig extends Base {
 
     return await App.findOneByKey(this.key);
   }
+
+  async computeAndAssignConnectionAllowedProperty() {
+    this.connectionAllowed = await this.computeConnectionAllowedProperty();
+  }
+
+  async computeConnectionAllowedProperty() {
+    const appAuthClients = await this.$relatedQuery('appAuthClients');
+
+    const hasSomeActiveAppAuthClients =
+      appAuthClients?.some((appAuthClient) => appAuthClient.active) || false;
+
+    const conditions = [
+      hasSomeActiveAppAuthClients,
+      this.shared,
+      !this.disabled,
+    ];
+
+    const connectionAllowed = conditions.every(Boolean);
+
+    return connectionAllowed;
+  }
+
+  async $beforeInsert(queryContext) {
+    await super.$beforeInsert(queryContext);
+
+    await this.computeAndAssignConnectionAllowedProperty();
+  }
+
+  async $beforeUpdate(opt, queryContext) {
+    await super.$beforeUpdate(opt, queryContext);
+
+    await this.computeAndAssignConnectionAllowedProperty();
+  }
 }
 
 export default AppConfig;

packages/backend/src/models/app-config.test.js

@@ -1,9 +1,11 @@
-import { describe, it, expect } from 'vitest';
+import { vi, describe, it, expect } from 'vitest';
 
 import Base from './base.js';
 import AppConfig from './app-config.js';
 import App from './app.js';
 import AppAuthClient from './app-auth-client.js';
+import { createAppConfig } from '../../test/factories/app-config.js';
+import { createAppAuthClient } from '../../test/factories/app-auth-client.js';
 
 describe('AppConfig model', () => {
   it('tableName should return correct name', () => {
@@ -53,4 +55,126 @@ describe('AppConfig model', () => {
       expect(app).toStrictEqual(expectedApp);
     });
   });
+
+  describe('computeAndAssignConnectionAllowedProperty', () => {
+    it('should call computeConnectionAllowedProperty and assign the result', async () => {
+      const appConfig = await createAppConfig();
+
+      const computeConnectionAllowedPropertySpy = vi
+        .spyOn(appConfig, 'computeConnectionAllowedProperty')
+        .mockResolvedValue(true);
+
+      await appConfig.computeAndAssignConnectionAllowedProperty();
+
+      expect(computeConnectionAllowedPropertySpy).toHaveBeenCalled();
+      expect(appConfig.connectionAllowed).toBe(true);
+    });
+  });
+
+  describe('computeConnectionAllowedProperty', () => {
+    it('should return true when app is enabled, shared and allows custom connection with an active app auth client', async () => {
+      await createAppAuthClient({
+        appKey: 'deepl',
+        active: true,
+      });
+
+      await createAppAuthClient({
+        appKey: 'deepl',
+        active: false,
+      });
+
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
+        key: 'deepl',
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(true);
+    });
+
+    it('should return false if there is no active app auth client', async () => {
+      await createAppAuthClient({
+        appKey: 'deepl',
+        active: false,
+      });
+
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
+        key: 'deepl',
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+
+    it('should return false if there is no app auth clients', async () => {
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
+        key: 'deepl',
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+
+    it('should return false when app is disabled', async () => {
+      const appConfig = await createAppConfig({
+        disabled: true,
+        customConnectionAllowed: true,
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+
+    it(`should return false when app doesn't allow custom connection`, async () => {
+      const appConfig = await createAppConfig({
+        disabled: false,
+        customConnectionAllowed: false,
+      });
+
+      const connectionAllowed =
+        await appConfig.computeConnectionAllowedProperty();
+
+      expect(connectionAllowed).toBe(false);
+    });
+  });
+
+  it('$beforeInsert should call computeAndAssignConnectionAllowedProperty', async () => {
+    const computeAndAssignConnectionAllowedPropertySpy = vi
+      .spyOn(AppConfig.prototype, 'computeAndAssignConnectionAllowedProperty')
+      .mockResolvedValue(true);
+
+    await createAppConfig();
+
+    expect(computeAndAssignConnectionAllowedPropertySpy).toHaveBeenCalledOnce();
+  });
+
+  it('$beforeUpdate should call computeAndAssignConnectionAllowedProperty', async () => {
+    const appConfig = await createAppConfig();
+
+    const computeAndAssignConnectionAllowedPropertySpy = vi
+      .spyOn(AppConfig.prototype, 'computeAndAssignConnectionAllowedProperty')
+      .mockResolvedValue(true);
+
+    await appConfig.$query().patch({
+      key: 'deepl',
+    });
+
+    expect(computeAndAssignConnectionAllowedPropertySpy).toHaveBeenCalledOnce();
+  });
 });

packages/backend/src/models/connection.js

@@ -33,6 +33,10 @@ class Connection extends Base {
     },
   };
 
+  static get virtualAttributes() {
+    return ['reconnectable'];
+  }
+
   static relationMappings = () => ({
     user: {
       relation: Base.BelongsToOneRelation,
@@ -79,6 +83,18 @@ class Connection extends Base {
     },
   });
 
+  get reconnectable() {
+    if (this.appAuthClientId) {
+      return this.appAuthClient.active;
+    }
+
+    if (this.appConfig) {
+      return !this.appConfig.disabled && this.appConfig.customConnectionAllowed;
+    }
+
+    return true;
+  }
+
   encryptData() {
     if (!this.eligibleForEncryption()) return;
 
@@ -128,13 +144,19 @@ class Connection extends Base {
         );
       }
 
-      if (appConfig.useOnlyPredefinedAuthClients && this.formattedData) {
+      if (!appConfig.customConnectionAllowed && this.formattedData) {
         throw new NotAuthorizedError(
           `New custom connections have been disabled for ${app.name}!`
         );
       }
 
-      if (!this.formattedData) {
+      if (!appConfig.shared && this.appAuthClientId) {
+        throw new NotAuthorizedError(
+          'The connection with the given app auth client is not allowed!'
+        );
+      }
+
+      if (appConfig.shared && !this.formattedData) {
         const authClient = await appConfig
           .$relatedQuery('appAuthClients')
           .findById(this.appAuthClientId)

packages/backend/src/models/connection.test.js

@@ -23,6 +23,14 @@ describe('Connection model', () => {
     expect(Connection.jsonSchema).toMatchSnapshot();
   });
 
+  it('virtualAttributes should return correct attributes', () => {
+    const virtualAttributes = Connection.virtualAttributes;
+
+    const expectedAttributes = ['reconnectable'];
+
+    expect(virtualAttributes).toStrictEqual(expectedAttributes);
+  });
+
   describe('relationMappings', () => {
     it('should return correct associations', () => {
       const relationMappings = Connection.relationMappings();
@@ -84,6 +92,78 @@ describe('Connection model', () => {
     });
   });
 
+  describe('reconnectable', () => {
+    it('should return active status of app auth client when created via app auth client', async () => {
+      const appAuthClient = await createAppAuthClient({
+        active: true,
+        formattedAuthDefaults: {
+          clientId: 'sample-id',
+        },
+      });
+
+      const connection = await createConnection({
+        appAuthClientId: appAuthClient.id,
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      const connectionWithAppAuthClient = await connection
+        .$query()
+        .withGraphFetched({
+          appAuthClient: true,
+        });
+
+      expect(connectionWithAppAuthClient.reconnectable).toBe(true);
+    });
+
+    it('should return true when app config is not disabled and allows custom connection', async () => {
+      const appConfig = await createAppConfig({
+        key: 'gitlab',
+        disabled: false,
+        customConnectionAllowed: true,
+      });
+
+      const connection = await createConnection({
+        key: appConfig.key,
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      const connectionWithAppAuthClient = await connection
+        .$query()
+        .withGraphFetched({
+          appConfig: true,
+        });
+
+      expect(connectionWithAppAuthClient.reconnectable).toBe(true);
+    });
+
+    it('should return false when app config is disabled or does not allow custom connection', async () => {
+      const connection = await createConnection({
+        key: 'gitlab',
+        formattedData: {
+          token: 'sample-token',
+        },
+      });
+
+      await createAppConfig({
+        key: 'gitlab',
+        disabled: true,
+        customConnectionAllowed: false,
+      });
+
+      const connectionWithAppAuthClient = await connection
+        .$query()
+        .withGraphFetched({
+          appConfig: true,
+        });
+
+      expect(connectionWithAppAuthClient.reconnectable).toBe(false);
+    });
+  });
+
   describe('encryptData', () => {
     it('should return undefined if eligibleForEncryption is not true', async () => {
       vi.spyOn(Connection.prototype, 'eligibleForEncryption').mockReturnValue(
@@ -286,7 +366,6 @@ describe('Connection model', () => {
       );
     });
 
-    // TODO: update test case name
     it('should throw an error when app config does not allow custom connection with formatted data', async () => {
       vi.spyOn(Connection.prototype, 'getApp').mockResolvedValue({
         name: 'gitlab',
@@ -294,7 +373,7 @@ describe('Connection model', () => {
 
       vi.spyOn(Connection.prototype, 'getAppConfig').mockResolvedValue({
         disabled: false,
-        useOnlyPredefinedAuthClients: true,
+        customConnectionAllowed: false,
       });
 
       const connection = new Connection();
@@ -307,10 +386,32 @@ describe('Connection model', () => {
       );
     });
 
+    it('should throw an error when app config is not shared with app auth client', async () => {
+      vi.spyOn(Connection.prototype, 'getApp').mockResolvedValue({
+        name: 'gitlab',
+      });
+
+      vi.spyOn(Connection.prototype, 'getAppConfig').mockResolvedValue({
+        disabled: false,
+        shared: false,
+      });
+
+      const connection = new Connection();
+      connection.appAuthClientId = 'sample-id';
+
+      await expect(() =>
+        connection.checkEligibilityForCreation()
+      ).rejects.toThrow(
+        'The connection with the given app auth client is not allowed!'
+      );
+    });
+
     it('should apply app auth client auth defaults when creating with shared app auth client', async () => {
       await createAppConfig({
         key: 'gitlab',
         disabled: false,
+        customConnectionAllowed: true,
+        shared: true,
       });
 
       const appAuthClient = await createAppAuthClient({

packages/backend/src/models/user.test.js

@@ -376,10 +376,7 @@ describe('User model', () => {
       const anotherUserConnection = await createConnection();
 
       expect(
-        await userWithRoleAndPermissions.authorizedConnections.orderBy(
-          'created_at',
-          'asc'
-        )
+        await userWithRoleAndPermissions.authorizedConnections
       ).toStrictEqual([userConnection, anotherUserConnection]);
     });
 

packages/backend/src/serializers/app-config.js

@@ -1,8 +1,10 @@
 const appConfigSerializer = (appConfig) => {
   return {
     key: appConfig.key,
-    useOnlyPredefinedAuthClients: appConfig.useOnlyPredefinedAuthClients,
+    customConnectionAllowed: appConfig.customConnectionAllowed,
+    shared: appConfig.shared,
     disabled: appConfig.disabled,
+    connectionAllowed: appConfig.connectionAllowed,
     createdAt: appConfig.createdAt.getTime(),
     updatedAt: appConfig.updatedAt.getTime(),
   };

packages/backend/src/serializers/app-config.test.js

@@ -12,8 +12,10 @@ describe('appConfig serializer', () => {
   it('should return app config data', async () => {
     const expectedPayload = {
       key: appConfig.key,
-      useOnlyPredefinedAuthClients: appConfig.useOnlyPredefinedAuthClients,
+      customConnectionAllowed: appConfig.customConnectionAllowed,
+      shared: appConfig.shared,
       disabled: appConfig.disabled,
+      connectionAllowed: appConfig.connectionAllowed,
       createdAt: appConfig.createdAt.getTime(),
       updatedAt: appConfig.updatedAt.getTime(),
     };

packages/backend/src/serializers/auth.js

@@ -2,9 +2,7 @@ const authSerializer = (auth) => {
   return {
     fields: auth.fields,
     authenticationSteps: auth.authenticationSteps,
-    sharedAuthenticationSteps: auth.sharedAuthenticationSteps,
     reconnectionSteps: auth.reconnectionSteps,
-    sharedReconnectionSteps: auth.sharedReconnectionSteps,
   };
 };
 

packages/backend/src/serializers/auth.test.js

@@ -10,8 +10,6 @@ describe('authSerializer', () => {
       fields: auth.fields,
       authenticationSteps: auth.authenticationSteps,
       reconnectionSteps: auth.reconnectionSteps,
-      sharedAuthenticationSteps: auth.sharedAuthenticationSteps,
-      sharedReconnectionSteps: auth.sharedReconnectionSteps,
     };
 
     expect(authSerializer(auth)).toStrictEqual(expectedPayload);

packages/backend/src/serializers/connection.js

@@ -2,6 +2,7 @@ const connectionSerializer = (connection) => {
   return {
     id: connection.id,
     key: connection.key,
+    reconnectable: connection.reconnectable,
     appAuthClientId: connection.appAuthClientId,
     formattedData: {
       screenName: connection.formattedData.screenName,

packages/backend/src/serializers/connection.test.js

@@ -13,6 +13,7 @@ describe('connectionSerializer', () => {
     const expectedPayload = {
       id: connection.id,
       key: connection.key,
+      reconnectable: connection.reconnectable,
       appAuthClientId: connection.appAuthClientId,
       formattedData: {
         screenName: connection.formattedData.screenName,

packages/backend/test/mocks/rest/api/v1/admin/apps/create-config.js

@@ -2,7 +2,8 @@ const createAppConfigMock = (appConfig) => {
   return {
     data: {
       key: appConfig.key,
-      useOnlyPredefinedAuthClients: appConfig.useOnlyPredefinedAuthClients,
+      customConnectionAllowed: appConfig.customConnectionAllowed,
+      shared: appConfig.shared,
       disabled: appConfig.disabled,
     },
     meta: {

packages/backend/test/mocks/rest/api/v1/apps/create-connection.js

@@ -2,6 +2,7 @@ const createConnection = (connection) => {
   const connectionData = {
     id: connection.id,
     key: connection.key,
+    reconnectable: connection.reconnectable || true,
     appAuthClientId: connection.appAuthClientId,
     formattedData: connection.formattedData,
     verified: connection.verified || false,

packages/backend/test/mocks/rest/api/v1/apps/get-auth.js

@@ -4,8 +4,6 @@ const getAuthMock = (auth) => {
       fields: auth.fields,
       authenticationSteps: auth.authenticationSteps,
       reconnectionSteps: auth.reconnectionSteps,
-      sharedReconnectionSteps: auth.sharedReconnectionSteps,
-      sharedAuthenticationSteps: auth.sharedAuthenticationSteps,
     },
     meta: {
       count: 1,

packages/backend/test/mocks/rest/api/v1/apps/get-config.js

@@ -2,8 +2,10 @@ const getAppConfigMock = (appConfig) => {
   return {
     data: {
       key: appConfig.key,
-      useOnlyPredefinedAuthClients: appConfig.useOnlyPredefinedAuthClients,
+      customConnectionAllowed: appConfig.customConnectionAllowed,
+      shared: appConfig.shared,
       disabled: appConfig.disabled,
+      connectionAllowed: appConfig.connectionAllowed,
       createdAt: appConfig.createdAt.getTime(),
       updatedAt: appConfig.updatedAt.getTime(),
     },

packages/backend/test/mocks/rest/api/v1/apps/get-connections.js

@@ -3,6 +3,7 @@ const getConnectionsMock = (connections) => {
     data: connections.map((connection) => ({
       id: connection.id,
       key: connection.key,
+      reconnectable: connection.reconnectable,
       verified: connection.verified,
       appAuthClientId: connection.appAuthClientId,
       formattedData: {

packages/backend/test/mocks/rest/api/v1/connections/reset-connection.js

@@ -3,6 +3,7 @@ const resetConnectionMock = (connection) => {
     id: connection.id,
     key: connection.key,
     verified: connection.verified,
+    reconnectable: connection.reconnectable,
     appAuthClientId: connection.appAuthClientId,
     formattedData: {
       screenName: connection.formattedData.screenName,

packages/backend/test/mocks/rest/api/v1/connections/update-connection.js

@@ -3,6 +3,7 @@ const updateConnectionMock = (connection) => {
     id: connection.id,
     key: connection.key,
     verified: connection.verified,
+    reconnectable: connection.reconnectable,
     appAuthClientId: connection.appAuthClientId,
     formattedData: {
       screenName: connection.formattedData.screenName,

packages/backend/test/mocks/rest/api/v1/steps/get-connection.js

@@ -3,6 +3,7 @@ const getConnectionMock = async (connection) => {
     id: connection.id,
     key: connection.key,
     verified: connection.verified,
+    reconnectable: connection.reconnectable,
     appAuthClientId: connection.appAuthClientId,
     formattedData: {
       screenName: connection.formattedData.screenName,

packages/backend/vitest.config.js

@@ -16,10 +16,10 @@ export default defineConfig({
       include: ['**/src/models/**', '**/src/controllers/**'],
       thresholds: {
         autoUpdate: true,
-        statements: 95.16,
-        branches: 94.66,
-        functions: 97.65,
-        lines: 95.16,
+        statements: 93.41,
+        branches: 93.46,
+        functions: 95.95,
+        lines: 93.41,
       },
     },
   },

packages/e2e-tests/fixtures/admin/create-user-page.js

@@ -1,3 +1,5 @@
+const { expect } = require('@playwright/test');
+
 const { faker } = require('@faker-js/faker');
 const { AuthenticatedPage } = require('../authenticated-page');
 
@@ -11,11 +13,17 @@ export class AdminCreateUserPage extends AuthenticatedPage {
     super(page);
     this.fullNameInput = page.getByTestId('full-name-input');
     this.emailInput = page.getByTestId('email-input');
-    this.roleInput = page.getByTestId('role.id-autocomplete');
+    this.roleInput = page.getByTestId('roleId-autocomplete');
     this.createButton = page.getByTestId('create-button');
     this.pageTitle = page.getByTestId('create-user-title');
-    this.invitationEmailInfoAlert = page.getByTestId('invitation-email-info-alert');
-    this.acceptInvitationLink = page.getByTestId('invitation-email-info-alert').getByRole('link');
+    this.invitationEmailInfoAlert = page.getByTestId(
+      'invitation-email-info-alert'
+    );
+    this.acceptInvitationLink = page
+      .getByTestId('invitation-email-info-alert')
+      .getByRole('link');
+    this.createUserSuccessAlert = page.getByTestId('create-user-success-alert');
+    this.fieldError = page.locator('p[id$="-helper-text"]');
   }
 
   seed(seed) {
@@ -28,4 +36,8 @@ export class AdminCreateUserPage extends AuthenticatedPage {
       email: faker.internet.email().toLowerCase(),
     };
   }
+
+  async expectCreateUserSuccessAlertToBeVisible() {
+    await expect(this.createUserSuccessAlert).toBeVisible();
+  }
 }

packages/e2e-tests/tests/admin/manage-roles.spec.js

@@ -35,9 +35,8 @@ test.describe('Role management page', () => {
       await adminCreateRolePage.closeSnackbar();
     });
 
-    let roleRow = await test.step(
-      'Make sure role data is correct',
-      async () => {
+    let roleRow =
+      await test.step('Make sure role data is correct', async () => {
         const roleRow = await adminRolesPage.getRoleRowByName(
           'Create Edit Test'
         );
@@ -48,8 +47,7 @@ test.describe('Role management page', () => {
         await expect(roleData.canEdit).toBe(true);
         await expect(roleData.canDelete).toBe(true);
         return roleRow;
-      }
-    );
+      });
 
     await test.step('Edit the role', async () => {
       await adminRolesPage.clickEditRole(roleRow);
@@ -67,9 +65,8 @@ test.describe('Role management page', () => {
       await adminEditRolePage.closeSnackbar();
     });
 
-    roleRow = await test.step(
-      'Make sure changes reflected on roles page',
-      async () => {
+    roleRow =
+      await test.step('Make sure changes reflected on roles page', async () => {
         await adminRolesPage.isMounted();
         const roleRow = await adminRolesPage.getRoleRowByName(
           'Create Update Test'
@@ -81,8 +78,7 @@ test.describe('Role management page', () => {
         await expect(roleData.canEdit).toBe(true);
         await expect(roleData.canDelete).toBe(true);
         return roleRow;
-      }
-    );
+      });
 
     await test.step('Delete the role', async () => {
       await adminRolesPage.clickDeleteRole(roleRow);
@@ -184,9 +180,7 @@ test.describe('Role management page', () => {
       await expect(snackbar.variant).toBe('success');
       await adminCreateRolePage.closeSnackbar();
     });
-    await test.step(
-      'Create a new user with the "Delete Role" role',
-      async () => {
+    await test.step('Create a new user with the "Delete Role" role', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill('User Role Test');
@@ -198,22 +192,13 @@ test.describe('Role management page', () => {
         .getByRole('option', { name: 'Delete Role', exact: true })
         .click();
       await adminCreateUserPage.createButton.click();
-        await adminCreateUserPage.snackbar.waitFor({
-          state: 'attached',
-        });
       await adminCreateUserPage.invitationEmailInfoAlert.waitFor({
         state: 'attached',
       });
-        const snackbar = await adminUsersPage.getSnackbarData(
-          'snackbar-create-user-success'
-        );
-        await expect(snackbar.variant).toBe('success');
-        await adminUsersPage.closeSnackbar();
-      }
-    );
-    await test.step(
-      'Try to delete "Delete Role" role when new user has it',
-      async () => {
+      await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
+    });
+
+    await test.step('Try to delete "Delete Role" role when new user has it', async () => {
       await adminRolesPage.navigateTo();
       const row = await adminRolesPage.getRoleRowByName('Delete Role');
       const modal = await adminRolesPage.clickDeleteRole(row);
@@ -221,12 +206,13 @@ test.describe('Role management page', () => {
       await adminRolesPage.snackbar.waitFor({
         state: 'attached',
       });
-        const snackbar = await adminRolesPage.getSnackbarData('snackbar-delete-role-error');
+      const snackbar = await adminRolesPage.getSnackbarData(
+        'snackbar-delete-role-error'
+      );
       await expect(snackbar.variant).toBe('error');
       await adminRolesPage.closeSnackbar();
       await modal.close();
-      }
-    );
+    });
     await test.step('Change the role the user has', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.usersLoader.waitFor({
@@ -301,24 +287,16 @@ test.describe('Role management page', () => {
         .getByRole('option', { name: 'Cannot Delete Role' })
         .click();
       await adminCreateUserPage.createButton.click();
-      await adminCreateUserPage.snackbar.waitFor({
-        state: 'attached',
-      });
       await adminCreateUserPage.invitationEmailInfoAlert.waitFor({
         state: 'attached',
       });
-      const snackbar = await adminCreateUserPage.getSnackbarData(
-        'snackbar-create-user-success'
-      );
-      await expect(snackbar.variant).toBe('success');
-      await adminCreateUserPage.closeSnackbar();
+      await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
     });
     await test.step('Delete this user', async () => {
       await adminUsersPage.navigateTo();
       const row = await adminUsersPage.findUserPageWithEmail(
         'user-delete-role-test@automatisch.io'
       );
-      // await test.waitForTimeout(10000);
       const modal = await adminUsersPage.clickDeleteUser(row);
       await modal.deleteButton.click();
       await adminUsersPage.snackbar.waitFor({
@@ -385,17 +363,10 @@ test('Accessibility of role management page', async ({
       .getByRole('option', { name: 'Basic Test' })
       .click();
     await adminCreateUserPage.createButton.click();
-    await adminCreateUserPage.snackbar.waitFor({
-      state: 'attached',
-    });
     await adminCreateUserPage.invitationEmailInfoAlert.waitFor({
       state: 'attached',
     });
-    const snackbar = await adminCreateUserPage.getSnackbarData(
-      'snackbar-create-user-success'
-    );
-    await expect(snackbar.variant).toBe('success');
-    await adminCreateUserPage.closeSnackbar();
+    await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
   });
 
   await test.step('Logout and login to the basic role user', async () => {
@@ -409,22 +380,16 @@ test('Accessibility of role management page', async ({
     await page.getByTestId('logout-item').click();
 
     const acceptInvitationPage = new AcceptInvitation(page);
-
     await acceptInvitationPage.open(acceptInvitatonToken);
-
     await acceptInvitationPage.acceptInvitation('sample');
 
     const loginPage = new LoginPage(page);
-
-    // await loginPage.isMounted();
     await loginPage.login('basic-role-test@automatisch.io', 'sample');
     await expect(loginPage.loginButton).not.toBeVisible();
     await expect(page).toHaveURL('/flows');
   });
 
-  await test.step(
-    'Navigate to the admin settings page and make sure it is blank',
-    async () => {
+  await test.step('Navigate to the admin settings page and make sure it is blank', async () => {
     const pageUrl = new URL(page.url());
     const url = `${pageUrl.origin}/admin-settings/users`;
     await page.goto(url);
@@ -443,8 +408,7 @@ test('Accessibility of role management page', async ({
       return false;
     });
     await expect(isUnmounted).toBe(true);
-    }
-  );
+  });
 
   await test.step('Log back into the admin account', async () => {
     await page.goto('/');

packages/e2e-tests/tests/admin/manage-users.spec.js

@@ -5,15 +5,16 @@ const { test, expect } = require('../../fixtures/index');
  * otherwise tests will fail since users are only *soft*-deleted
  */
 test.describe('User management page', () => {
-
   test.beforeEach(async ({ adminUsersPage }) => {
     await adminUsersPage.navigateTo();
     await adminUsersPage.closeSnackbar();
   });
 
-  test(
-    'User creation and deletion process',
-    async ({ adminCreateUserPage, adminEditUserPage, adminUsersPage }) => {
+  test('User creation and deletion process', async ({
+    adminCreateUserPage,
+    adminEditUserPage,
+    adminUsersPage,
+  }) => {
     adminCreateUserPage.seed(9000);
     const user = adminCreateUserPage.generateUser();
     await adminUsersPage.usersLoader.waitFor({
@@ -21,45 +22,33 @@ test.describe('User management page', () => {
         because visibility: hidden is used as part of the state transition in
         notistack, see
         https://github.com/iamhosseindhv/notistack/blob/122f47057eb7ce5a1abfe923316cf8475303e99a/src/transitions/Collapse/Collapse.tsx#L110
-        */
+        */,
     });
-      await test.step(
-        'Create a user',
-        async () => {
+    await test.step('Create a user', async () => {
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill(user.fullName);
       await adminCreateUserPage.emailInput.fill(user.email);
       await adminCreateUserPage.roleInput.click();
-          await adminCreateUserPage.page.getByRole(
-            'option', { name: 'Admin' }
-          ).click();
+      await adminCreateUserPage.page
+        .getByRole('option', { name: 'Admin' })
+        .click();
       await adminCreateUserPage.createButton.click();
       await adminCreateUserPage.invitationEmailInfoAlert.waitFor({
-            state: 'attached'
+        state: 'attached',
       });
 
-          const snackbar = await adminUsersPage.getSnackbarData(
-            'snackbar-create-user-success'
-          );
-          await expect(snackbar.variant).toBe('success');
+      await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
       await adminUsersPage.navigateTo();
-          await adminUsersPage.closeSnackbar();
-        }
-      );
-      await test.step(
-        'Check the user exists with the expected properties',
-        async () => {
+    });
+    await test.step('Check the user exists with the expected properties', async () => {
       await adminUsersPage.findUserPageWithEmail(user.email);
       const userRow = await adminUsersPage.getUserRowByEmail(user.email);
       const data = await adminUsersPage.getRowData(userRow);
       await expect(data.email).toBe(user.email);
       await expect(data.fullName).toBe(user.fullName);
       await expect(data.role).toBe('Admin');
-        }
-      );
-      await test.step(
-        'Edit user info and make sure the edit works correctly',
-        async () => {
+    });
+    await test.step('Edit user info and make sure the edit works correctly', async () => {
       await adminUsersPage.findUserPageWithEmail(user.email);
 
       let userRow = await adminUsersPage.getUserRowByEmail(user.email);
@@ -79,11 +68,8 @@ test.describe('User management page', () => {
       userRow = await adminUsersPage.getUserRowByEmail(user.email);
       const rowData = await adminUsersPage.getRowData(userRow);
       await expect(rowData.fullName).toBe(newUserInfo.fullName);
-        }
-      );
-      await test.step(
-        'Delete user and check the page confirms this deletion',
-        async () => {
+    });
+    await test.step('Delete user and check the page confirms this deletion', async () => {
       await adminUsersPage.findUserPageWithEmail(user.email);
       const userRow = await adminUsersPage.getUserRowByEmail(user.email);
       await adminUsersPage.clickDeleteUser(userRow);
@@ -96,39 +82,30 @@ test.describe('User management page', () => {
       await expect(snackbar.variant).toBe('success');
       await adminUsersPage.closeSnackbar();
       await expect(userRow).not.toBeVisible(false);
-        }
-      );
+    });
   });
 
-  test(
-    'Creating a user which has been deleted',
-    async ({ adminCreateUserPage, adminUsersPage }) => {
+  test('Creating a user which has been deleted', async ({
+    adminCreateUserPage,
+    adminUsersPage,
+  }) => {
     adminCreateUserPage.seed(9100);
     const testUser = adminCreateUserPage.generateUser();
 
-      await test.step(
-        'Create the test user',
-        async () => {
+    await test.step('Create the test user', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill(testUser.fullName);
       await adminCreateUserPage.emailInput.fill(testUser.email);
       await adminCreateUserPage.roleInput.click();
-          await adminCreateUserPage.page.getByRole(
-            'option', { name: 'Admin' }
-          ).click();
+      await adminCreateUserPage.page
+        .getByRole('option', { name: 'Admin' })
+        .click();
       await adminCreateUserPage.createButton.click();
-          const snackbar = await adminUsersPage.getSnackbarData(
-            'snackbar-create-user-success'
-          );
-          await expect(snackbar.variant).toBe('success');
-          await adminUsersPage.closeSnackbar();
-        }
-      );
+      await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
+    });
 
-      await test.step(
-        'Delete the created user',
-        async () => {
+    await test.step('Delete the created user', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.findUserPageWithEmail(testUser.email);
       const userRow = await adminUsersPage.getUserRowByEmail(testUser.email);
@@ -142,127 +119,94 @@ test.describe('User management page', () => {
       await expect(snackbar.variant).toBe('success');
       await adminUsersPage.closeSnackbar();
       await expect(userRow).not.toBeVisible(false);
-        }
-      );
+    });
 
-      await test.step(
-        'Create the user again',
-        async () => {
+    await test.step('Create the user again', async () => {
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill(testUser.fullName);
       await adminCreateUserPage.emailInput.fill(testUser.email);
       await adminCreateUserPage.roleInput.click();
-          await adminCreateUserPage.page.getByRole(
-            'option', { name: 'Admin' }
-          ).click();
+      await adminCreateUserPage.page
+        .getByRole('option', { name: 'Admin' })
+        .click();
       await adminCreateUserPage.createButton.click();
-          const snackbar = await adminUsersPage.getSnackbarData('snackbar-error');
-          await expect(snackbar.variant).toBe('error');
-          await adminUsersPage.closeSnackbar();
-        }
-      );
-    }
-  );
+      await expect(adminCreateUserPage.fieldError).toHaveCount(1);
+    });
+  });
 
-  test(
-    'Creating a user which already exists',
-    async ({ adminCreateUserPage, adminUsersPage, page }) => {
+  test('Creating a user which already exists', async ({
+    adminCreateUserPage,
+    adminUsersPage,
+    page,
+  }) => {
     adminCreateUserPage.seed(9200);
     const testUser = adminCreateUserPage.generateUser();
 
-      await test.step(
-        'Create the test user',
-        async () => {
+    await test.step('Create the test user', async () => {
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill(testUser.fullName);
       await adminCreateUserPage.emailInput.fill(testUser.email);
       await adminCreateUserPage.roleInput.click();
-          await adminCreateUserPage.page.getByRole(
-            'option', { name: 'Admin' }
-          ).click();
+      await adminCreateUserPage.page
+        .getByRole('option', { name: 'Admin' })
+        .click();
       await adminCreateUserPage.createButton.click();
-          const snackbar = await adminUsersPage.getSnackbarData(
-            'snackbar-create-user-success'
-          );
-          await expect(snackbar.variant).toBe('success');
-          await adminUsersPage.closeSnackbar();
-        }
-      );
+      await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
+    });
 
-      await test.step(
-        'Create the user again',
-        async () => {
+    await test.step('Create the user again', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill(testUser.fullName);
       await adminCreateUserPage.emailInput.fill(testUser.email);
       const createUserPageUrl = page.url();
       await adminCreateUserPage.roleInput.click();
-          await adminCreateUserPage.page.getByRole(
-            'option', { name: 'Admin' }
-          ).click();
+      await adminCreateUserPage.page
+        .getByRole('option', { name: 'Admin' })
+        .click();
       await adminCreateUserPage.createButton.click();
 
       await expect(page.url()).toBe(createUserPageUrl);
-          const snackbar = await adminUsersPage.getSnackbarData('snackbar-error');
-          await expect(snackbar.variant).toBe('error');
-          await adminUsersPage.closeSnackbar();
-        }
-      );
-    }
-  );
+      await expect(adminCreateUserPage.fieldError).toHaveCount(1);
+    });
+  });
 
-  test(
-    'Editing a user to have the same email as another user should not be allowed',
-    async ({
-      adminCreateUserPage, adminEditUserPage, adminUsersPage, page
+  test('Editing a user to have the same email as another user should not be allowed', async ({
+    adminCreateUserPage,
+    adminEditUserPage,
+    adminUsersPage,
+    page,
   }) => {
     adminCreateUserPage.seed(9300);
     const user1 = adminCreateUserPage.generateUser();
     const user2 = adminCreateUserPage.generateUser();
-      await test.step(
-        'Create the first user',
-        async () => {
+    await test.step('Create the first user', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill(user1.fullName);
       await adminCreateUserPage.emailInput.fill(user1.email);
       await adminCreateUserPage.roleInput.click();
-          await adminCreateUserPage.page.getByRole(
-            'option', { name: 'Admin' }
-          ).click();
+      await adminCreateUserPage.page
+        .getByRole('option', { name: 'Admin' })
+        .click();
       await adminCreateUserPage.createButton.click();
-          const snackbar = await adminUsersPage.getSnackbarData(
-            'snackbar-create-user-success'
-          );
-          await expect(snackbar.variant).toBe('success');
-          await adminUsersPage.closeSnackbar();
-        }
-      );
+      await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
+    });
 
-      await test.step(
-        'Create the second user',
-        async () => {
+    await test.step('Create the second user', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.createUserButton.click();
       await adminCreateUserPage.fullNameInput.fill(user2.fullName);
       await adminCreateUserPage.emailInput.fill(user2.email);
       await adminCreateUserPage.roleInput.click();
-          await adminCreateUserPage.page.getByRole(
-            'option', { name: 'Admin' }
-          ).click();
+      await adminCreateUserPage.page
+        .getByRole('option', { name: 'Admin' })
+        .click();
       await adminCreateUserPage.createButton.click();
-          const snackbar = await adminUsersPage.getSnackbarData(
-            'snackbar-create-user-success'
-          );
-          await expect(snackbar.variant).toBe('success');
-          await adminUsersPage.closeSnackbar();
-        }
-      );
+      await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
+    });
 
-      await test.step(
-        'Try editing the second user to have the email of the first user',
-        async () => {
+    await test.step('Try editing the second user to have the email of the first user', async () => {
       await adminUsersPage.navigateTo();
       await adminUsersPage.findUserPageWithEmail(user2.email);
       let userRow = await adminUsersPage.getUserRowByEmail(user2.email);
@@ -272,14 +216,10 @@ test.describe('User management page', () => {
       const editPageUrl = page.url();
       await adminEditUserPage.updateButton.click();
 
-          const snackbar = await adminUsersPage.getSnackbarData(
-            'snackbar-error'
-          );
+      const snackbar = await adminUsersPage.getSnackbarData('snackbar-error');
       await expect(snackbar.variant).toBe('error');
       await adminUsersPage.closeSnackbar();
       await expect(page.url()).toBe(editPageUrl);
-        }
-      );
-    }
-  );
+    });
+  });
 });

packages/e2e-tests/tests/flow-editor/create-flow.spec.js

@@ -7,9 +7,10 @@ test('Ensure creating a new flow works', async ({ page }) => {
   );
 });
 
-test(
-  'Create a new flow with a Scheduler step then an Ntfy step',
-  async ({ flowEditorPage, page }) => {
+test('Create a new flow with a Scheduler step then an Ntfy step', async ({
+  flowEditorPage,
+  page,
+}) => {
   await test.step('create flow', async () => {
     await test.step('navigate to new flow page', async () => {
       await page.getByTestId('create-flow-button').click();
@@ -27,17 +28,13 @@ test(
     await test.step('choose app and event substep', async () => {
       await test.step('choose application', async () => {
         await flowEditorPage.appAutocomplete.click();
-          await page
-            .getByRole('option', { name: 'Scheduler' })
-            .click();
+        await page.getByRole('option', { name: 'Scheduler' }).click();
       });
 
       await test.step('choose and event', async () => {
         await expect(flowEditorPage.eventAutocomplete).toBeVisible();
         await flowEditorPage.eventAutocomplete.click();
-          await page
-            .getByRole('option', { name: 'Every hour' })
-            .click();
+        await page.getByRole('option', { name: 'Every hour' }).click();
       });
 
       await test.step('continue to next step', async () => {
@@ -89,9 +86,7 @@ test(
       await test.step('choose an event', async () => {
         await expect(flowEditorPage.eventAutocomplete).toBeVisible();
         await flowEditorPage.eventAutocomplete.click();
-          await page
-            .getByRole('option', { name: 'Send message' })
-            .click();
+        await page.getByRole('option', { name: 'Send message' }).click();
       });
 
       await test.step('continue to next step', async () => {
@@ -107,14 +102,18 @@ test(
     await test.step('choose connection substep', async () => {
       await test.step('choose connection list item', async () => {
         await flowEditorPage.connectionAutocomplete.click();
-          await page.getByRole('option').first().click();
+        await page
+          .getByRole('option')
+          .filter({ hasText: 'Add new connection' })
+          .click();
       });
 
       await test.step('continue to next step', async () => {
-          await flowEditorPage.continueButton.click();
+        await page.getByTestId('create-connection-button').click();
       });
 
       await test.step('collapses the substep', async () => {
+        await flowEditorPage.continueButton.click();
         await expect(flowEditorPage.connectionAutocomplete).not.toBeVisible();
       });
     });
@@ -143,10 +142,7 @@ test(
     await test.step('test trigger substep', async () => {
       await test.step('show sample output', async () => {
         await expect(flowEditorPage.testOutput).not.toBeVisible();
-          await page
-            .getByTestId('flow-substep-continue-button')
-            .first()
-            .click();
+        await page.getByTestId('flow-substep-continue-button').first().click();
         await expect(flowEditorPage.testOutput).toBeVisible();
         await flowEditorPage.screenshot({
           path: 'Ntfy action test output.png',
@@ -172,9 +168,7 @@ test(
     });
 
     await test.step('unpublish from snackbar', async () => {
-        await page
-          .getByTestId('unpublish-flow-from-snackbar')
-          .click();
+      await page.getByTestId('unpublish-flow-from-snackbar').click();
       await expect(flowEditorPage.infoSnackbar).not.toBeVisible();
     });
 
@@ -200,5 +194,4 @@ test(
       await expect(page).toHaveURL('/flows');
     });
   });
-  }
-);
+});

packages/e2e-tests/tests/my-profile/profile-updates.spec.js

@@ -33,10 +33,7 @@ publicTest.describe('My Profile', () => {
           .getByRole('option', { name: 'Admin' })
           .click();
         await adminCreateUserPage.createButton.click();
-        const snackbar = await adminUsersPage.getSnackbarData(
-          'snackbar-create-user-success'
-        );
-        await expect(snackbar.variant).toBe('success');
+        await adminCreateUserPage.expectCreateUserSuccessAlertToBeVisible();
       });
 
       await publicTest.step('copy invitation link', async () => {

packages/web/package.json

@@ -83,7 +83,6 @@
     "access": "public"
   },
   "devDependencies": {
-    "@simbathesailor/use-what-changed": "^2.0.0",
     "@tanstack/eslint-plugin-query": "^5.20.1",
     "@tanstack/react-query-devtools": "^5.24.1",
     "eslint-config-prettier": "^9.1.0",

packages/web/src/components/AddAppConnection/index.jsx

@@ -18,7 +18,6 @@ import { generateExternalLink } from 'helpers/translationValues';
 import { Form } from './style';
 import useAppAuth from 'hooks/useAppAuth';
 import { useQueryClient } from '@tanstack/react-query';
-import { useWhatChanged } from '@simbathesailor/use-what-changed';
 
 function AddAppConnection(props) {
   const { application, connectionId, onClose } = props;
@@ -65,7 +64,7 @@ function AddAppConnection(props) {
 
       asyncAuthenticate();
     },
-    [appAuthClientId, authenticate, key, navigate],
+    [appAuthClientId, authenticate],
   );
 
   const handleClientClick = (appAuthClientId) =>

packages/web/src/components/AdminApplicationCreateAuthClient/index.jsx

@@ -34,10 +34,10 @@ function AdminApplicationCreateAuthClient(props) {
 
     if (!appConfigKey) {
       const { data: appConfigData } = await createAppConfig({
-        useOnlyPredefinedAuthClients: false,
+        customConnectionAllowed: true,
+        shared: false,
         disabled: false,
       });
-
       appConfigKey = appConfigData.key;
     }
 

packages/web/src/components/AdminApplicationSettings/index.jsx

@@ -46,8 +46,9 @@ function AdminApplicationSettings(props) {
 
   const defaultValues = useMemo(
     () => ({
-      useOnlyPredefinedAuthClients:
-        appConfig?.data?.useOnlyPredefinedAuthClients || false,
+      customConnectionAllowed:
+        appConfig?.data?.customConnectionAllowed || false,
+      shared: appConfig?.data?.shared || false,
       disabled: appConfig?.data?.disabled || false,
     }),
     [appConfig?.data],
@@ -61,17 +62,21 @@ function AdminApplicationSettings(props) {
         <Paper sx={{ p: 2, mt: 4 }}>
           <Stack spacing={2} direction="column">
             <Switch
-              name="useOnlyPredefinedAuthClients"
-              label={formatMessage(
-                'adminAppsSettings.useOnlyPredefinedAuthClients',
-              )}
+              name="customConnectionAllowed"
+              label={formatMessage('adminAppsSettings.customConnectionAllowed')}
+              FormControlLabelProps={{
+                labelPlacement: 'start',
+              }}
+            />
+            <Divider />
+            <Switch
+              name="shared"
+              label={formatMessage('adminAppsSettings.shared')}
               FormControlLabelProps={{
                 labelPlacement: 'start',
               }}
             />
-
             <Divider />
-
             <Switch
               name="disabled"
               label={formatMessage('adminAppsSettings.disabled')}
@@ -81,7 +86,6 @@ function AdminApplicationSettings(props) {
             />
             <Divider />
           </Stack>
-
           <Stack>
             <LoadingButton
               data-test="submit-button"

packages/web/src/components/AppAuthClientsDialog/index.ee.jsx

@@ -15,7 +15,17 @@ function AppAuthClientsDialog(props) {
 
   const formatMessage = useFormatMessage();
 
-  if (!appAuthClients?.data.length) return <React.Fragment />;
+  React.useEffect(
+    function autoAuthenticateSingleClient() {
+      if (appAuthClients?.data.length === 1) {
+        onClientClick(appAuthClients.data[0].id);
+      }
+    },
+    [appAuthClients?.data],
+  );
+
+  if (!appAuthClients?.data.length || appAuthClients?.data.length === 1)
+    return <React.Fragment />;
 
   return (
     <Dialog onClose={onClose} open={true}>

packages/web/src/components/AppConnectionContextMenu/index.jsx

@@ -11,7 +11,14 @@ import { useQueryClient } from '@tanstack/react-query';
 import Can from 'components/Can';
 
 function ContextMenu(props) {
-  const { appKey, connection, onClose, onMenuItemClick, anchorEl } = props;
+  const {
+    appKey,
+    connection,
+    onClose,
+    onMenuItemClick,
+    anchorEl,
+    disableReconnection,
+  } = props;
   const formatMessage = useFormatMessage();
   const queryClient = useQueryClient();
 
@@ -66,7 +73,7 @@ function ContextMenu(props) {
         {(allowed) => (
           <MenuItem
             component={Link}
-            disabled={!allowed}
+            disabled={!allowed || disableReconnection}
             to={URLS.APP_RECONNECT_CONNECTION(
               appKey,
               connection.id,
@@ -102,6 +109,7 @@ ContextMenu.propTypes = {
     PropTypes.func,
     PropTypes.shape({ current: PropTypes.instanceOf(Element) }),
   ]),
+  disableReconnection: PropTypes.bool.isRequired,
 };
 
 export default ContextMenu;

packages/web/src/components/AppConnectionRow/index.jsx

@@ -30,7 +30,8 @@ const countTranslation = (value) => (
 function AppConnectionRow(props) {
   const formatMessage = useFormatMessage();
   const enqueueSnackbar = useEnqueueSnackbar();
-  const { id, key, formattedData, verified, createdAt } = props.connection;
+  const { id, key, formattedData, verified, createdAt, reconnectable } =
+    props.connection;
   const [verificationVisible, setVerificationVisible] = React.useState(false);
   const contextButtonRef = React.useRef(null);
   const [anchorEl, setAnchorEl] = React.useState(null);
@@ -173,6 +174,7 @@ function AppConnectionRow(props) {
         <ConnectionContextMenu
           appKey={key}
           connection={props.connection}
+          disableReconnection={!reconnectable}
           onClose={handleClose}
           onMenuItemClick={onContextMenuAction}
           anchorEl={anchorEl}

packages/web/src/components/ChooseConnectionSubstep/index.jsx

@@ -95,8 +95,7 @@ function ChooseConnectionSubstep(props) {
 
     if (
       !appConfig?.data ||
-      (!appConfig.data?.disabled === false &&
-        appConfig.data?.useOnlyPredefinedAuthClients === false)
+      (!appConfig.data?.disabled && appConfig.data?.customConnectionAllowed)
     ) {
       options.push({
         label: formatMessage('chooseConnectionSubstep.addNewConnection'),
@@ -104,10 +103,12 @@ function ChooseConnectionSubstep(props) {
       });
     }
 
+    if (appConfig?.data?.connectionAllowed) {
       options.push({
         label: formatMessage('chooseConnectionSubstep.addNewSharedConnection'),
         value: ADD_SHARED_CONNECTION_VALUE,
       });
+    }
 
     return options;
   }, [data, formatMessage, appConfig?.data]);

packages/web/src/components/Container/index.jsx

@@ -1,10 +1,19 @@
 import * as React from 'react';
+import PropTypes from 'prop-types';
 import MuiContainer from '@mui/material/Container';
 
-export default function Container(props) {
-  return <MuiContainer {...props} />;
+export default function Container({ maxWidth = 'lg', ...props }) {
+  return <MuiContainer maxWidth={maxWidth} {...props} />;
 }
 
-Container.defaultProps = {
-  maxWidth: 'lg',
+Container.propTypes = {
+  maxWidth: PropTypes.oneOf([
+    'xs',
+    'sm',
+    'md',
+    'lg',
+    'xl',
+    false,
+    PropTypes.string,
+  ]),
 };

packages/web/src/components/Form/index.jsx

@@ -46,7 +46,12 @@ function Form(props) {
 
   return (
     <FormProvider {...methods}>
-      <form onSubmit={methods.handleSubmit(onSubmit)} {...formProps}>
+      <form
+        onSubmit={methods.handleSubmit((data, event) =>
+          onSubmit?.(data, event, methods.setError),
+        )}
+        {...formProps}
+      >
         {render ? render(methods) : children}
       </form>
     </FormProvider>

packages/web/src/components/SplitButton/index.jsx

@@ -67,12 +67,17 @@ export default function SplitButton(props) {
           }}
           open={open}
           anchorEl={anchorRef.current}
-          placement="bottom-end"
           transition
           disablePortal
         >
-          {({ TransitionProps }) => (
-            <Grow {...TransitionProps}>
+          {({ TransitionProps, placement }) => (
+            <Grow
+              {...TransitionProps}
+              style={{
+                transformOrigin:
+                  placement === 'bottom' ? 'center top' : 'center bottom',
+              }}
+            >
               <Paper>
                 <ClickAwayListener onClickAway={handleClose}>
                   <MenuList autoFocusItem>

packages/web/src/helpers/errors.js

@@ -0,0 +1,18 @@
+// Helpers to extract errors received from the API
+
+export const getGeneralErrorMessage = ({ error, fallbackMessage }) => {
+  if (!error) {
+    return;
+  }
+
+  const errors = error?.response?.data?.errors;
+  const generalError = errors?.general;
+
+  if (generalError && Array.isArray(generalError)) {
+    return generalError.join(' ');
+  }
+
+  if (!errors) {
+    return error?.message || fallbackMessage;
+  }
+};

packages/web/src/hooks/useAuthenticateApp.ee.js

@@ -13,7 +13,6 @@ import useCreateConnectionAuthUrl from './useCreateConnectionAuthUrl';
 import useUpdateConnection from './useUpdateConnection';
 import useResetConnection from './useResetConnection';
 import useVerifyConnection from './useVerifyConnection';
-import { useWhatChanged } from '@simbathesailor/use-what-changed';
 
 function getSteps(auth, hasConnection, useShared) {
   if (hasConnection) {
@@ -38,13 +37,11 @@ export default function useAuthenticateApp(payload) {
   const { mutateAsync: createConnectionAuthUrl } = useCreateConnectionAuthUrl();
   const { mutateAsync: updateConnection } = useUpdateConnection();
   const { mutateAsync: resetConnection } = useResetConnection();
-  const { mutateAsync: verifyConnection } = useVerifyConnection();
   const [authenticationInProgress, setAuthenticationInProgress] =
     React.useState(false);
   const formatMessage = useFormatMessage();
-  const steps = React.useMemo(() => {
-    return getSteps(auth?.data, !!connectionId, useShared);
-  }, [auth, connectionId, useShared]);
+  const steps = getSteps(auth?.data, !!connectionId, useShared);
+  const { mutateAsync: verifyConnection } = useVerifyConnection();
 
   const authenticate = React.useMemo(() => {
     if (!steps?.length) return;
@@ -60,6 +57,7 @@ export default function useAuthenticateApp(payload) {
         fields,
       };
       let stepIndex = 0;
+
       while (stepIndex < steps?.length) {
         const step = steps[stepIndex];
         const variables = computeAuthStepVariables(step.arguments, response);
@@ -107,10 +105,10 @@ export default function useAuthenticateApp(payload) {
             response[step.name] = stepResponse;
           }
         } catch (err) {
-          console.error(err);
+          console.log(err);
           setAuthenticationInProgress(false);
 
-          await queryClient.invalidateQueries({
+          queryClient.invalidateQueries({
             queryKey: ['apps', appKey, 'connections'],
           });
 
@@ -128,14 +126,13 @@ export default function useAuthenticateApp(payload) {
 
       return response;
     };
-    // keep formatMessage out of it as it causes infinite loop.
-    // eslint-disable-next-line react-hooks/exhaustive-deps
   }, [
     steps,
     appKey,
     appAuthClientId,
     connectionId,
     queryClient,
+    formatMessage,
     createConnection,
     createConnectionAuthUrl,
     updateConnection,
@@ -143,24 +140,6 @@ export default function useAuthenticateApp(payload) {
     verifyConnection,
   ]);
 
-  useWhatChanged(
-    [
-      steps,
-      appKey,
-      appAuthClientId,
-      connectionId,
-      queryClient,
-      createConnection,
-      createConnectionAuthUrl,
-      updateConnection,
-      resetConnection,
-      verifyConnection,
-    ],
-    'steps, appKey, appAuthClientId, connectionId, queryClient, createConnection, createConnectionAuthUrl, updateConnection, resetConnection, verifyConnection',
-    '',
-    'useAuthenticate',
-  );
-
   return {
     authenticate,
     inProgress: authenticationInProgress,

packages/web/src/hooks/useAutomatischInfo.js

@@ -9,7 +9,7 @@ export default function useAutomatischInfo() {
      **/
     staleTime: Infinity,
     queryKey: ['automatisch', 'info'],
-    queryFn: async ({ signal }) => {
+    queryFn: async (payload, signal) => {
       const { data } = await api.get('/v1/automatisch/info', { signal });
 
       return data;

packages/web/src/hooks/useCreateConnection.js

@@ -3,7 +3,7 @@ import { useMutation } from '@tanstack/react-query';
 import api from 'helpers/api';
 
 export default function useCreateConnection(appKey) {
-  const mutation = useMutation({
+  const query = useMutation({
     mutationFn: async ({ appAuthClientId, formattedData }) => {
       const { data } = await api.post(`/v1/apps/${appKey}/connections`, {
         appAuthClientId,
@@ -14,5 +14,5 @@ export default function useCreateConnection(appKey) {
     },
   });
 
-  return mutation;
+  return query;
 }

packages/web/src/hooks/useLicense.js

@@ -1,15 +0,0 @@
-import { useQuery } from '@tanstack/react-query';
-import api from 'helpers/api';
-
-export default function useLicense() {
-  const query = useQuery({
-    queryKey: ['automatisch', 'license'],
-    queryFn: async ({ signal }) => {
-      const { data } = await api.get('/v1/automatisch/license', { signal });
-
-      return data;
-    },
-  });
-
-  return query;
-}

packages/web/src/index.jsx

@@ -1,6 +1,5 @@
 import { createRoot } from 'react-dom/client';
 import { Settings } from 'luxon';
-import { setUseWhatChange } from '@simbathesailor/use-what-changed';
 
 import ThemeProvider from 'components/ThemeProvider';
 import IntlProvider from 'components/IntlProvider';
@@ -15,8 +14,6 @@ import reportWebVitals from './reportWebVitals';
 // Sets the default locale to English for all luxon DateTime instances created afterwards.
 Settings.defaultLocale = 'en';
 
-setUseWhatChange(process.env.NODE_ENV === 'development');
-
 const container = document.getElementById('root');
 const root = createRoot(container);
 

packages/web/src/locales/en.json

@@ -22,7 +22,7 @@
   "app.connectionCount": "{count} connections",
   "app.flowCount": "{count} flows",
   "app.addConnection": "Add connection",
-  "app.addConnectionWithAuthClient": "Add connection with auth client",
+  "app.addCustomConnection": "Add custom connection",
   "app.reconnectConnection": "Reconnect connection",
   "app.createFlow": "Create flow",
   "app.settings": "Settings",
@@ -225,6 +225,8 @@
   "userForm.email": "Email",
   "userForm.role": "Role",
   "userForm.password": "Password",
+  "userForm.mandatoryInput": "{inputName} is required.",
+  "userForm.validateEmail": "Email must be valid.",
   "createUser.submit": "Create",
   "createUser.successfullyCreated": "The user has been created.",
   "createUser.invitationEmailInfo": "Invitation email will be sent if SMTP credentials are valid. Otherwise, you can share the invitation link manually: <link></link>",
@@ -249,8 +251,11 @@
   "createRolePage.title": "Create role",
   "roleForm.name": "Name",
   "roleForm.description": "Description",
+  "roleForm.mandatoryInput": "{inputName} is required.",
   "createRole.submit": "Create",
   "createRole.successfullyCreated": "The role has been created.",
+  "createRole.generalError": "Error while creating the role.",
+  "createRole.permissionsError": "Permissions are invalid.",
   "editRole.submit": "Update",
   "editRole.successfullyUpdated": "The role has been updated.",
   "roleList.name": "Name",
@@ -292,7 +297,7 @@
   "adminApps.connections": "Connections",
   "adminApps.authClients": "Auth clients",
   "adminApps.settings": "Settings",
-  "adminAppsSettings.useOnlyPredefinedAuthClients": "Use only predefined auth clients",
+  "adminAppsSettings.customConnectionAllowed": "Allow custom connection",
   "adminAppsSettings.shared": "Shared",
   "adminAppsSettings.disabled": "Disabled",
   "adminAppsSettings.save": "Save",

packages/web/src/pages/AdminApplication/index.jsx

@@ -92,6 +92,13 @@ export default function AdminApplication() {
                     value={URLS.ADMIN_APP_AUTH_CLIENTS_PATTERN}
                     component={Link}
                   />
+                  <Tab
+                    label={formatMessage('adminApps.connections')}
+                    to={URLS.ADMIN_APP_CONNECTIONS(appKey)}
+                    value={URLS.ADMIN_APP_CONNECTIONS_PATTERN}
+                    disabled={!app.supportsConnections}
+                    component={Link}
+                  />
                 </Tabs>
               </Box>
 
@@ -104,6 +111,10 @@ export default function AdminApplication() {
                   path={`/auth-clients/*`}
                   element={<AdminApplicationAuthClients appKey={appKey} />}
                 />
+                <Route
+                  path={`/connections/*`}
+                  element={<div>App connections</div>}
+                />
                 <Route
                   path="/"
                   element={

packages/web/src/pages/Application/index.jsx

@@ -6,6 +6,7 @@ import {
   Navigate,
   Routes,
   useParams,
+  useSearchParams,
   useMatch,
   useNavigate,
 } from 'react-router-dom';
@@ -30,7 +31,6 @@ import AppIcon from 'components/AppIcon';
 import Container from 'components/Container';
 import PageTitle from 'components/PageTitle';
 import useApp from 'hooks/useApp';
-import useAppAuthClients from 'hooks/useAppAuthClients';
 import Can from 'components/Can';
 import { AppPropType } from 'propTypes/propTypes';
 
@@ -61,53 +61,47 @@ export default function Application() {
     end: false,
   });
   const flowsPathMatch = useMatch({ path: URLS.APP_FLOWS_PATTERN, end: false });
+  const [searchParams] = useSearchParams();
   const { appKey } = useParams();
   const navigate = useNavigate();
-  const { data: appAuthClients } = useAppAuthClients(appKey);
 
   const { data, loading } = useApp(appKey);
   const app = data?.data || {};
 
   const { data: appConfig } = useAppConfig(appKey);
+  const connectionId = searchParams.get('connectionId') || undefined;
 
   const currentUserAbility = useCurrentUserAbility();
 
   const goToApplicationPage = () => navigate('connections');
 
   const connectionOptions = React.useMemo(() => {
-    const addCustomConnection = {
+    const shouldHaveCustomConnection =
+      appConfig?.data?.connectionAllowed &&
+      appConfig?.data?.customConnectionAllowed;
+
+    const options = [
+      {
         label: formatMessage('app.addConnection'),
         key: 'addConnection',
         'data-test': 'add-connection-button',
-      to: URLS.APP_ADD_CONNECTION(appKey, false),
+        to: URLS.APP_ADD_CONNECTION(appKey, appConfig?.data?.connectionAllowed),
         disabled: !currentUserAbility.can('create', 'Connection'),
-    };
+      },
+    ];
 
-    const addConnectionWithAuthClient = {
-      label: formatMessage('app.addConnectionWithAuthClient'),
-      key: 'addConnectionWithAuthClient',
+    if (shouldHaveCustomConnection) {
+      options.push({
+        label: formatMessage('app.addCustomConnection'),
+        key: 'addCustomConnection',
         'data-test': 'add-custom-connection-button',
-      to: URLS.APP_ADD_CONNECTION(appKey, true),
+        to: URLS.APP_ADD_CONNECTION(appKey),
         disabled: !currentUserAbility.can('create', 'Connection'),
-    };
-
-    // means there is no app config. defaulting to custom connections only
-    if (!appConfig?.data) {
-      return [addCustomConnection];
+      });
     }
 
-    // means there is no app auth client. so we don't show the `addConnectionWithAuthClient`
-    if (appAuthClients?.data?.length === 0) {
-      return [addCustomConnection];
-    }
-
-    // means only auth clients are allowed for connection creation
-    if (appConfig?.data?.useOnlyPredefinedAuthClients === true) {
-      return [addConnectionWithAuthClient];
-    }
-
-    return [addCustomConnection, addConnectionWithAuthClient];
-  }, [appKey, appConfig, appAuthClients, currentUserAbility, formatMessage]);
+    return options;
+  }, [appKey, appConfig?.data, currentUserAbility, formatMessage]);
 
   if (loading) return null;
 
@@ -160,7 +154,12 @@ export default function Application() {
                       {(allowed) => (
                         <SplitButton
                           disabled={
-                            !allowed || appConfig?.data?.disabled === true
+                            !allowed ||
+                            (appConfig?.data &&
+                              !appConfig?.data?.disabled &&
+                              !appConfig?.data?.connectionAllowed &&
+                              !appConfig?.data?.customConnectionAllowed) ||
+                            connectionOptions.every(({ disabled }) => disabled)
                           }
                           options={connectionOptions}
                         />

packages/web/src/pages/CreateRole/index.ee.jsx

@@ -1,10 +1,14 @@
 import LoadingButton from '@mui/lab/LoadingButton';
 import Grid from '@mui/material/Grid';
 import Stack from '@mui/material/Stack';
+import Alert from '@mui/material/Alert';
+import AlertTitle from '@mui/material/AlertTitle';
 import PermissionCatalogField from 'components/PermissionCatalogField/index.ee';
 import useEnqueueSnackbar from 'hooks/useEnqueueSnackbar';
 import * as React from 'react';
 import { useNavigate } from 'react-router-dom';
+import { yupResolver } from '@hookform/resolvers/yup';
+import * as yup from 'yup';
 
 import Container from 'components/Container';
 import Form from 'components/Form';
@@ -15,10 +19,45 @@ import {
   getComputedPermissionsDefaultValues,
   getPermissions,
 } from 'helpers/computePermissions.ee';
+import { getGeneralErrorMessage } from 'helpers/errors';
 import useFormatMessage from 'hooks/useFormatMessage';
 import useAdminCreateRole from 'hooks/useAdminCreateRole';
 import usePermissionCatalog from 'hooks/usePermissionCatalog.ee';
 
+const getValidationSchema = (formatMessage) => {
+  const getMandatoryFieldMessage = (fieldTranslationId) =>
+    formatMessage('roleForm.mandatoryInput', {
+      inputName: formatMessage(fieldTranslationId),
+    });
+
+  return yup.object().shape({
+    name: yup
+      .string()
+      .trim()
+      .required(getMandatoryFieldMessage('roleForm.name')),
+    description: yup.string().trim(),
+  });
+};
+
+const getPermissionsErrorMessage = (error) => {
+  const errors = error?.response?.data?.errors;
+
+  if (errors) {
+    const permissionsErrors = Object.keys(errors)
+      .filter((key) => key.startsWith('permissions'))
+      .reduce((obj, key) => {
+        obj[key] = errors[key];
+        return obj;
+      }, {});
+
+    if (Object.keys(permissionsErrors).length > 0) {
+      return JSON.stringify(permissionsErrors, null, 2);
+    }
+  }
+
+  return null;
+};
+
 export default function CreateRole() {
   const navigate = useNavigate();
   const formatMessage = useFormatMessage();
@@ -41,7 +80,7 @@ export default function CreateRole() {
     [permissionCatalogData],
   );
 
-  const handleRoleCreation = async (roleData) => {
+  const handleRoleCreation = async (roleData, e, setError) => {
     try {
       const permissions = getPermissions(roleData.computedPermissions);
 
@@ -60,14 +99,38 @@ export default function CreateRole() {
 
       navigate(URLS.ROLES);
     } catch (error) {
-      const errors = Object.values(error.response.data.errors);
+      const errors = error?.response?.data?.errors;
 
-      for (const [errorMessage] of errors) {
-        enqueueSnackbar(errorMessage, {
-          variant: 'error',
-          SnackbarProps: {
-            'data-test': 'snackbar-error',
-          },
+      if (errors) {
+        const fieldNames = ['name', 'description'];
+        Object.entries(errors).forEach(([fieldName, fieldErrors]) => {
+          if (fieldNames.includes(fieldName) && Array.isArray(fieldErrors)) {
+            setError(fieldName, {
+              type: 'fieldRequestError',
+              message: fieldErrors.join(', '),
+            });
+          }
+        });
+      }
+
+      const permissionError = getPermissionsErrorMessage(error);
+
+      if (permissionError) {
+        setError('root.permissions', {
+          type: 'fieldRequestError',
+          message: permissionError,
+        });
+      }
+
+      const generalError = getGeneralErrorMessage({
+        error,
+        fallbackMessage: formatMessage('createRole.generalError'),
+      });
+
+      if (generalError) {
+        setError('root.general', {
+          type: 'requestError',
+          message: generalError,
         });
       }
     }
@@ -83,7 +146,15 @@ export default function CreateRole() {
         </Grid>
 
         <Grid item xs={12} justifyContent="flex-end" sx={{ pt: 5 }}>
-          <Form onSubmit={handleRoleCreation} defaultValues={defaultValues}>
+          <Form
+            onSubmit={handleRoleCreation}
+            defaultValues={defaultValues}
+            noValidate
+            resolver={yupResolver(
+              getValidationSchema(formatMessage, defaultValues),
+            )}
+            automaticValidation={false}
+            render={({ formState: { errors } }) => (
               <Stack direction="column" gap={2}>
                 <TextField
                   required={true}
@@ -91,6 +162,8 @@ export default function CreateRole() {
                   label={formatMessage('roleForm.name')}
                   fullWidth
                   data-test="name-input"
+                  error={!!errors?.name}
+                  helperText={errors?.name?.message}
                 />
 
                 <TextField
@@ -98,10 +171,29 @@ export default function CreateRole() {
                   label={formatMessage('roleForm.description')}
                   fullWidth
                   data-test="description-input"
+                  error={!!errors?.description}
+                  helperText={errors?.description?.message}
                 />
 
                 <PermissionCatalogField name="computedPermissions" />
 
+                {errors?.root?.permissions && (
+                  <Alert severity="error" data-test="create-role-error-alert">
+                    <AlertTitle>
+                      {formatMessage('createRole.permissionsError')}
+                    </AlertTitle>
+                    <pre>
+                      <code>{errors?.root?.permissions?.message}</code>
+                    </pre>
+                  </Alert>
+                )}
+
+                {errors?.root?.general && (
+                  <Alert severity="error" data-test="create-role-error-alert">
+                    {errors?.root?.general?.message}
+                  </Alert>
+                )}
+
                 <LoadingButton
                   type="submit"
                   variant="contained"
@@ -113,7 +205,8 @@ export default function CreateRole() {
                   {formatMessage('createRole.submit')}
                 </LoadingButton>
               </Stack>
-          </Form>
+            )}
+          />
         </Grid>
       </Grid>
     </Container>

packages/web/src/pages/CreateUser/index.jsx

@@ -3,9 +3,10 @@ import Grid from '@mui/material/Grid';
 import Stack from '@mui/material/Stack';
 import Alert from '@mui/material/Alert';
 import MuiTextField from '@mui/material/TextField';
-import useEnqueueSnackbar from 'hooks/useEnqueueSnackbar';
 import * as React from 'react';
 import { useQueryClient } from '@tanstack/react-query';
+import * as yup from 'yup';
+import { yupResolver } from '@hookform/resolvers/yup';
 
 import Can from 'components/Can';
 import Container from 'components/Container';
@@ -16,50 +17,94 @@ import TextField from 'components/TextField';
 import useFormatMessage from 'hooks/useFormatMessage';
 import useRoles from 'hooks/useRoles.ee';
 import useAdminCreateUser from 'hooks/useAdminCreateUser';
+import useCurrentUserAbility from 'hooks/useCurrentUserAbility';
+import { getGeneralErrorMessage } from 'helpers/errors';
 
 function generateRoleOptions(roles) {
   return roles?.map(({ name: label, id: value }) => ({ label, value }));
 }
 
+const getValidationSchema = (formatMessage, canUpdateRole) => {
+  const getMandatoryFieldMessage = (fieldTranslationId) =>
+    formatMessage('userForm.mandatoryInput', {
+      inputName: formatMessage(fieldTranslationId),
+    });
+
+  return yup.object().shape({
+    fullName: yup
+      .string()
+      .trim()
+      .required(getMandatoryFieldMessage('userForm.fullName')),
+    email: yup
+      .string()
+      .trim()
+      .email(formatMessage('userForm.validateEmail'))
+      .required(getMandatoryFieldMessage('userForm.email')),
+    ...(canUpdateRole
+      ? {
+          roleId: yup
+            .string()
+            .required(getMandatoryFieldMessage('userForm.role')),
+        }
+      : {}),
+  });
+};
+
+const defaultValues = {
+  fullName: '',
+  email: '',
+  roleId: '',
+};
+
 export default function CreateUser() {
   const formatMessage = useFormatMessage();
   const {
     mutateAsync: createUser,
     isPending: isCreateUserPending,
     data: createdUser,
+    isSuccess: createUserSuccess,
   } = useAdminCreateUser();
   const { data: rolesData, loading: isRolesLoading } = useRoles();
   const roles = rolesData?.data;
-  const enqueueSnackbar = useEnqueueSnackbar();
   const queryClient = useQueryClient();
+  const currentUserAbility = useCurrentUserAbility();
+  const canUpdateRole = currentUserAbility.can('update', 'Role');
 
-  const handleUserCreation = async (userData) => {
+  const handleUserCreation = async (userData, e, setError) => {
     try {
       await createUser({
         fullName: userData.fullName,
         email: userData.email,
-        roleId: userData.role?.id,
+        roleId: userData.roleId,
       });
 
       queryClient.invalidateQueries({ queryKey: ['admin', 'users'] });
-
-      enqueueSnackbar(formatMessage('createUser.successfullyCreated'), {
-        variant: 'success',
-        persist: true,
-        SnackbarProps: {
-          'data-test': 'snackbar-create-user-success',
-        },
-      });
     } catch (error) {
-      enqueueSnackbar(formatMessage('createUser.error'), {
-        variant: 'error',
-        persist: true,
-        SnackbarProps: {
-          'data-test': 'snackbar-error',
-        },
+      const errors = error?.response?.data?.errors;
+
+      if (errors) {
+        const fieldNames = Object.keys(defaultValues);
+        Object.entries(errors).forEach(([fieldName, fieldErrors]) => {
+          if (fieldNames.includes(fieldName) && Array.isArray(fieldErrors)) {
+            setError(fieldName, {
+              type: 'fieldRequestError',
+              message: fieldErrors.join(', '),
+            });
+          }
+        });
+      }
+
+      const generalError = getGeneralErrorMessage({
+        error,
+        fallbackMessage: formatMessage('createUser.error'),
       });
 
-      throw new Error('Failed while creating!');
+      if (generalError) {
+        setError('root.general', {
+          type: 'requestError',
+          message: generalError,
+        });
+      }
     }
   };
 
@@ -73,7 +118,16 @@ export default function CreateUser() {
         </Grid>
 
         <Grid item xs={12} justifyContent="flex-end" sx={{ pt: 5 }}>
-          <Form onSubmit={handleUserCreation}>
+          <Form
+            noValidate
+            onSubmit={handleUserCreation}
+            mode="onSubmit"
+            defaultValues={defaultValues}
+            resolver={yupResolver(
+              getValidationSchema(formatMessage, canUpdateRole),
+            )}
+            automaticValidation={false}
+            render={({ formState: { errors } }) => (
               <Stack direction="column" gap={2}>
                 <TextField
                   required={true}
@@ -81,6 +135,8 @@ export default function CreateUser() {
                   label={formatMessage('userForm.fullName')}
                   data-test="full-name-input"
                   fullWidth
+                  error={!!errors?.fullName}
+                  helperText={errors?.fullName?.message}
                 />
 
                 <TextField
@@ -89,11 +145,13 @@ export default function CreateUser() {
                   label={formatMessage('userForm.email')}
                   data-test="email-input"
                   fullWidth
+                  error={!!errors?.email}
+                  helperText={errors?.email?.message}
                 />
 
                 <Can I="update" a="Role">
                   <ControlledAutocomplete
-                  name="role.id"
+                    name="roleId"
                     fullWidth
                     disablePortal
                     disableClearable={true}
@@ -103,28 +161,40 @@ export default function CreateUser() {
                         {...params}
                         required
                         label={formatMessage('userForm.role')}
+                        error={!!errors?.roleId}
+                        helperText={errors?.roleId?.message}
                       />
                     )}
                     loading={isRolesLoading}
+                    showHelperText={false}
                   />
                 </Can>
 
-              <LoadingButton
-                type="submit"
-                variant="contained"
-                color="primary"
-                sx={{ boxShadow: 2 }}
-                loading={isCreateUserPending}
-                data-test="create-button"
+                {errors?.root?.general && (
+                  <Alert data-test="create-user-error-alert" severity="error">
+                    {errors?.root?.general?.message}
+                  </Alert>
+                )}
+
+                {createUserSuccess && (
+                  <Alert
+                    severity="success"
+                    data-test="create-user-success-alert"
                   >
-                {formatMessage('createUser.submit')}
-              </LoadingButton>
+                    {formatMessage('createUser.successfullyCreated')}
+                  </Alert>
+                )}
 
                 {createdUser && (
                   <Alert
                     severity="info"
                     color="primary"
                     data-test="invitation-email-info-alert"
+                    sx={{
+                      a: {
+                        wordBreak: 'break-all',
+                      },
+                    }}
                   >
                     {formatMessage('createUser.invitationEmailInfo', {
                       link: () => (
@@ -139,8 +209,20 @@ export default function CreateUser() {
                     })}
                   </Alert>
                 )}
+
+                <LoadingButton
+                  type="submit"
+                  variant="contained"
+                  color="primary"
+                  sx={{ boxShadow: 2 }}
+                  loading={isCreateUserPending}
+                  data-test="create-button"
+                >
+                  {formatMessage('createUser.submit')}
+                </LoadingButton>
               </Stack>
-          </Form>
+            )}
+          />
         </Grid>
       </Grid>
     </Container>

packages/web/src/propTypes/propTypes.js

@@ -211,6 +211,7 @@ export const ConnectionPropType = PropTypes.shape({
   flowCount: PropTypes.number,
   appData: AppPropType,
   createdAt: PropTypes.number,
+  reconnectable: PropTypes.bool,
   appAuthClientId: PropTypes.string,
 });
 
@@ -458,7 +459,8 @@ export const SamlAuthProviderRolePropType = PropTypes.shape({
 export const AppConfigPropType = PropTypes.shape({
   id: PropTypes.string,
   key: PropTypes.string,
-  useOnlyPredefinedAuthClients: PropTypes.bool,
+  customConnectionAllowed: PropTypes.bool,
+  connectionAllowed: PropTypes.bool,
   shared: PropTypes.bool,
   disabled: PropTypes.bool,
 });

packages/web/yarn.lock

@@ -2126,11 +2126,6 @@
   resolved "https://registry.yarnpkg.com/@rushstack/eslint-patch/-/eslint-patch-1.10.4.tgz#427d5549943a9c6fce808e39ea64dbe60d4047f1"
   integrity sha512-WJgX9nzTqknM393q1QJDJmoW28kUfEnybeTfVNcNAPnIx210RXm2DiXiHzfNPJNIUUb1tJnz/l4QGtJ30PgWmA==
 
-"@simbathesailor/use-what-changed@^2.0.0":
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/@simbathesailor/use-what-changed/-/use-what-changed-2.0.0.tgz#7f82d78f92c8588b5fadd702065dde93bd781403"
-  integrity sha512-ulBNrPSvfho9UN6zS2fii3AsdEcp2fMaKeqUZZeCNPaZbB6aXyTUhpEN9atjMAbu/eyK3AY8L4SYJUG62Ekocw==
-
 "@sinclair/typebox@^0.24.1":
   version "0.24.51"
   resolved "https://registry.yarnpkg.com/@sinclair/typebox/-/typebox-0.24.51.tgz#645f33fe4e02defe26f2f5c0410e1c094eac7f5f"
@@ -9789,16 +9784,7 @@ string-natural-compare@^3.0.1:
   resolved "https://registry.yarnpkg.com/string-natural-compare/-/string-natural-compare-3.0.1.tgz#7a42d58474454963759e8e8b7ae63d71c1e7fdf4"
   integrity sha512-n3sPwynL1nwKi3WJ6AIsClwBMa0zTi54fn2oLU6ndfTSIO05xaznjSf15PcBZU6FNWbmN5Q6cxT4V5hGvB4taw==
 
-"string-width-cjs@npm:string-width@^4.2.0":
-  version "4.2.3"
-  resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010"
-  integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==
-  dependencies:
-    emoji-regex "^8.0.0"
-    is-fullwidth-code-point "^3.0.0"
-    strip-ansi "^6.0.1"
-
-string-width@^4.1.0, string-width@^4.2.0:
+"string-width-cjs@npm:string-width@^4.2.0", string-width@^4.1.0, string-width@^4.2.0:
   version "4.2.3"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010"
   integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==
@@ -9902,14 +9888,7 @@ stringify-object@^3.3.0:
     is-obj "^1.0.1"
     is-regexp "^1.0.0"
 
-"strip-ansi-cjs@npm:strip-ansi@^6.0.1":
-  version "6.0.1"
-  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9"
-  integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==
-  dependencies:
-    ansi-regex "^5.0.1"
-
-strip-ansi@^6.0.0, strip-ansi@^6.0.1:
+"strip-ansi-cjs@npm:strip-ansi@^6.0.1", strip-ansi@^6.0.0, strip-ansi@^6.0.1:
   version "6.0.1"
   resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-6.0.1.tgz#9e26c63d30f53443e9489495b2105d37b67a85d9"
   integrity sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==
@@ -10973,16 +10952,7 @@ workbox-window@6.6.1:
     "@types/trusted-types" "^2.0.2"
     workbox-core "6.6.1"
 
-"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0":
-  version "7.0.0"
-  resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43"
-  integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==
-  dependencies:
-    ansi-styles "^4.0.0"
-    string-width "^4.1.0"
-    strip-ansi "^6.0.0"
-
-wrap-ansi@^7.0.0:
+"wrap-ansi-cjs@npm:wrap-ansi@^7.0.0", wrap-ansi@^7.0.0:
   version "7.0.0"
   resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-7.0.0.tgz#67e145cff510a6a6984bdf1152911d69d2eb9e43"
   integrity sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==