chore: allow custom seed user creds

2024-03-07 08:41:30 +00:00
284 changed files with 3692 additions and 4481 deletions
--- a/.github/workflows/docs-change.yml
+++ b/.github/workflows/docs-change.yml
@@ -1,32 +0,0 @@
 name: Automatisch Docs Change
 on:
  pull_request:
    paths:
      - 'packages/docs/**'
 jobs:
  label:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      - name: Label PR
        uses: actions/github-script@v6
        with:
          script: |
            const { pull_request } = context.payload;
            const label = 'documentation-change';
            const hasLabel = pull_request.labels.some(({ name }) => name === label);
            if (!hasLabel) {
              await github.rest.issues.addLabels({
                owner: context.repo.owner,
                repo: context.repo.repo,
                issue_number: pull_request.number,
                labels: [label],
              });
              console.log(`Label "${label}" added to PR #${pull_request.number}`);
            } else {
              console.log(`Label "${label}" already exists on PR #${pull_request.number}`);
            }
--- a/packages/backend/bin/database/utils.js
+++ b/packages/backend/bin/database/utils.js
@@ -18,8 +18,8 @@ async function fetchAdminRole() {
 }
 export async function createUser(
-  email = 'user@automatisch.io',
+  email = appConfig.seedUserEmail,
-  password = 'sample'
+  password = appConfig.seedUserPassword
 ) {
  const UNIQUE_VIOLATION_CODE = '23505';
--- a/packages/backend/src/apps/webhook/actions/index.js
+++ b/packages/backend/src/apps/webhook/actions/index.js
@@ -1,3 +0,0 @@
 import respondWith from './respond-with/index.js';
 export default [respondWith];
--- a/packages/backend/src/apps/webhook/actions/respond-with/index.js
+++ b/packages/backend/src/apps/webhook/actions/respond-with/index.js
@@ -1,69 +0,0 @@
 import defineAction from '../../../../helpers/define-action.js';
 export default defineAction({
  name: 'Respond with',
  key: 'respondWith',
  description: 'Respond with defined JSON body.',
  arguments: [
    {
      label: 'Status code',
      key: 'statusCode',
      type: 'string',
      required: true,
      variables: true,
      value: '200',
    },
    {
      label: 'Headers',
      key: 'headers',
      type: 'dynamic',
      required: false,
      description: 'Add or remove headers as needed',
      fields: [
        {
          label: 'Key',
          key: 'key',
          type: 'string',
          required: true,
          description: 'Header key',
          variables: true,
        },
        {
          label: 'Value',
          key: 'value',
          type: 'string',
          required: true,
          description: 'Header value',
          variables: true,
        },
      ],
    },
    {
      label: 'Body',
      key: 'body',
      type: 'string',
      required: true,
      description: 'The content of the response body.',
      variables: true,
    },
  ],
  async run($) {
    const statusCode = parseInt($.step.parameters.statusCode, 10);
    const body = $.step.parameters.body;
    const headers = $.step.parameters.headers.reduce((result, entry) => {
      return {
        ...result,
        [entry.key]: entry.value,
      };
    }, {});
    $.setActionItem({
      raw: {
        headers,
        body,
        statusCode,
      },
    });
  },
 });
--- a/packages/backend/src/apps/webhook/index.js
+++ b/packages/backend/src/apps/webhook/index.js
@@ -1,5 +1,4 @@
 import defineApp from '../../helpers/define-app.js';
 import actions from './actions/index.js';
 import triggers from './triggers/index.js';
 export default defineApp({
@@ -11,6 +10,5 @@ export default defineApp({
  baseUrl: '',
  apiBaseUrl: '',
  primaryColor: '0059F7',
  actions,
  triggers,
 });
--- a/packages/backend/src/apps/webhook/triggers/catch-raw-webhook/index.js
+++ b/packages/backend/src/apps/webhook/triggers/catch-raw-webhook/index.js
@@ -7,20 +7,7 @@ export default defineTrigger({
  key: 'catchRawWebhook',
  type: 'webhook',
  showWebhookUrl: true,
-  description:
+  description: 'Triggers when the webhook receives a request.',
    'Triggers (immediately if configured) when the webhook receives a request.',
  arguments: [
    {
      label: 'Wait until flow is done',
      key: 'workSynchronously',
      type: 'dropdown',
      required: true,
      options: [
        { label: 'Yes', value: true },
        { label: 'No', value: false },
      ],
    },
  ],
  async run($) {
    const dataItem = {
--- a/packages/backend/src/config/app.js
+++ b/packages/backend/src/config/app.js
@@ -94,6 +94,8 @@ const appConfig = {
  disableFavicon: process.env.DISABLE_FAVICON === 'true',
  additionalDrawerLink: process.env.ADDITIONAL_DRAWER_LINK,
  additionalDrawerLinkText: process.env.ADDITIONAL_DRAWER_LINK_TEXT,
  seedUserEmail: process.env.SEED_USER_EMAIL || 'user@automatisch.io',
  seedUserPassword: process.env.SEED_USER_PASSWORD || 'sample',
 };
 if (!appConfig.encryptionKey) {
--- a/packages/backend/src/controllers/api/v1/access-tokens/create-access-token.js
+++ b/packages/backend/src/controllers/api/v1/access-tokens/create-access-token.js
@@ -1,13 +0,0 @@
 import User from '../../../../models/user.js';
 import { renderObject, renderError } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const { email, password } = request.body;
  const token = await User.authenticate(email, password);
  if (token) {
    return renderObject(response, { token });
  }
  renderError(response, [{ general: ['Incorrect email or password.'] }]);
 };
--- a/packages/backend/src/controllers/api/v1/access-tokens/create-access-token.test.js
+++ b/packages/backend/src/controllers/api/v1/access-tokens/create-access-token.test.js
@@ -1,39 +0,0 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import { createUser } from '../../../../../test/factories/user';
 describe('POST /api/v1/access-tokens', () => {
  beforeEach(async () => {
    await createUser({
      email: 'user@automatisch.io',
      password: 'password',
    });
  });
  it('should return the token data with correct credentials', async () => {
    const response = await request(app)
      .post('/api/v1/access-tokens')
      .send({
        email: 'user@automatisch.io',
        password: 'password',
      })
      .expect(200);
    expect(response.body.data.token.length).toBeGreaterThan(0);
  });
  it('should return error with incorrect credentials', async () => {
    const response = await request(app)
      .post('/api/v1/access-tokens')
      .send({
        email: 'incorrect@email.com',
        password: 'incorrectpassword',
      })
      .expect(422);
    expect(response.body.errors.general).toEqual([
      'Incorrect email or password.',
    ]);
  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js
+++ b/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js
@@ -4,7 +4,6 @@ import AppAuthClient from '../../../../../models/app-auth-client.js';
 export default async (request, response) => {
  const appAuthClient = await AppAuthClient.query()
    .findById(request.params.appAuthClientId)
    .where({ app_key: request.params.appKey })
    .throwIfNotFound();
  renderObject(response, appAuthClient);
--- a/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js
@@ -0,0 +1,52 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import Crypto from 'crypto';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../../test/factories/user.js';
 import getAdminAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
 import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
 import { createRole } from '../../../../../../test/factories/role.js';
 import * as license from '../../../../../helpers/license.ee.js';
 describe('GET /api/v1/admin/app-auth-clients/:appAuthClientId', () => {
  let currentUser, currentUserRole, currentAppAuthClient, token;
  describe('with valid license key', () => {
    beforeEach(async () => {
      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
      currentUserRole = await createRole({ key: 'admin' });
      currentUser = await createUser({ roleId: currentUserRole.id });
      currentAppAuthClient = await createAppAuthClient();
      token = createAuthTokenByUserId(currentUser.id);
    });
    it('should return specified app auth client info', async () => {
      const response = await request(app)
        .get(`/api/v1/admin/app-auth-clients/${currentAppAuthClient.id}`)
        .set('Authorization', token)
        .expect(200);
      const expectedPayload = getAdminAppAuthClientMock(currentAppAuthClient);
      expect(response.body).toEqual(expectedPayload);
    });
    it('should return not found response for not existing app auth client UUID', async () => {
      const notExistingAppAuthClientUUID = Crypto.randomUUID();
      await request(app)
        .get(`/api/v1/admin/app-auth-clients/${notExistingAppAuthClientUUID}`)
        .set('Authorization', token)
        .expect(404);
    });
    it('should return bad request response for invalid UUID', async () => {
      await request(app)
        .get('/api/v1/admin/app-auth-clients/invalidAppAuthClientUUID')
        .set('Authorization', token)
        .expect(400);
    });
  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.test.js
@@ -1,55 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import Crypto from 'crypto';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../../test/factories/user.js';
 import { createRole } from '../../../../../../test/factories/role.js';
 import getAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/get-auth-client.js';
 import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
 import * as license from '../../../../../helpers/license.ee.js';
 describe('GET /api/v1/admin/apps/:appKey/auth-clients/:appAuthClientId', () => {
  let currentUser, adminRole, currentAppAuthClient, token;
  beforeEach(async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    adminRole = await createRole({ key: 'admin' });
    currentUser = await createUser({ roleId: adminRole.id });
    currentAppAuthClient = await createAppAuthClient({
      appKey: 'deepl',
    });
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return specified app auth client', async () => {
    const response = await request(app)
      .get(`/api/v1/admin/apps/deepl/auth-clients/${currentAppAuthClient.id}`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return not found response for not existing app auth client ID', async () => {
    const notExistingAppAuthClientUUID = Crypto.randomUUID();
    await request(app)
      .get(
        `/api/v1/admin/apps/deepl/auth-clients/${notExistingAppAuthClientUUID}`
      )
      .set('Authorization', token)
      .expect(404);
  });
  it('should return bad request response for invalid UUID', async () => {
    await request(app)
      .get('/api/v1/admin/apps/deepl/auth-clients/invalidAppAuthClientUUID')
      .set('Authorization', token)
      .expect(400);
  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.js
+++ b/packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.js
@@ -1,10 +0,0 @@
 import { renderObject } from '../../../../../helpers/renderer.js';
 import AppAuthClient from '../../../../../models/app-auth-client.js';
 export default async (request, response) => {
  const appAuthClients = await AppAuthClient.query()
    .where({ app_key: request.params.appKey })
    .orderBy('created_at', 'desc');
  renderObject(response, appAuthClients);
 };
--- a/packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.test.js
@@ -1,44 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../../test/factories/user.js';
 import { createRole } from '../../../../../../test/factories/role.js';
 import getAuthClientsMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/get-auth-clients.js';
 import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
 import * as license from '../../../../../helpers/license.ee.js';
 describe('GET /api/v1/admin/apps/:appKey/auth-clients', () => {
  let currentUser, adminRole, token;
  beforeEach(async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    adminRole = await createRole({ key: 'admin' });
    currentUser = await createUser({ roleId: adminRole.id });
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return specified app auth client info', async () => {
    const appAuthClientOne = await createAppAuthClient({
      appKey: 'deepl',
    });
    const appAuthClientTwo = await createAppAuthClient({
      appKey: 'deepl',
    });
    const response = await request(app)
      .get('/api/v1/admin/apps/deepl/auth-clients')
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = getAuthClientsMock([
      appAuthClientTwo,
      appAuthClientOne,
    ]);
    expect(response.body).toEqual(expectedPayload);
  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js
@@ -1,14 +0,0 @@
 import { renderObject } from '../../../../../helpers/renderer.js';
 import SamlAuthProvider from '../../../../../models/saml-auth-provider.ee.js';
 export default async (request, response) => {
  const samlAuthProvider = await SamlAuthProvider.query()
    .findById(request.params.samlAuthProviderId)
    .throwIfNotFound();
  const roleMappings = await samlAuthProvider
    .$relatedQuery('samlAuthProvidersRoleMappings')
    .orderBy('remote_role_name', 'asc');
  renderObject(response, roleMappings);
 };
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-role-mappings.ee.test.js
@@ -1,51 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../../app.js';
 import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
 import { createRole } from '../../../../../../test/factories/role.js';
 import { createUser } from '../../../../../../test/factories/user.js';
 import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
 import { createRoleMapping } from '../../../../../../test/factories/role-mapping.js';
 import getRoleMappingsMock from '../../../../../../test/mocks/rest/api/v1/admin/saml-auth-providers/get-role-mappings.ee.js';
 import * as license from '../../../../../helpers/license.ee.js';
 describe('GET /api/v1/admin/saml-auth-providers/:samlAuthProviderId/role-mappings', () => {
  let roleMappingOne, roleMappingTwo, samlAuthProvider, currentUser, token;
  beforeEach(async () => {
    const role = await createRole({ key: 'admin' });
    currentUser = await createUser({ roleId: role.id });
    samlAuthProvider = await createSamlAuthProvider();
    roleMappingOne = await createRoleMapping({
      samlAuthProviderId: samlAuthProvider.id,
      remoteRoleName: 'Admin',
    });
    roleMappingTwo = await createRoleMapping({
      samlAuthProviderId: samlAuthProvider.id,
      remoteRoleName: 'User',
    });
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return role mappings', async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    const response = await request(app)
      .get(
        `/api/v1/admin/saml-auth-providers/${samlAuthProvider.id}/role-mappings`
      )
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getRoleMappingsMock([
      roleMappingOne,
      roleMappingTwo,
    ]);
    expect(response.body).toEqual(expectedPayload);
  });
 });
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-provider.ee.js
@@ -6,7 +6,5 @@ export default async (request, response) => {
    .findById(request.params.samlAuthProviderId)
    .throwIfNotFound();
-  renderObject(response, samlAuthProvider, {
+  renderObject(response, samlAuthProvider);
    serializer: 'AdminSamlAuthProvider',
  });
 };
--- a/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js
+++ b/packages/backend/src/controllers/api/v1/admin/saml-auth-providers/get-saml-auth-providers.ee.js
@@ -7,7 +7,5 @@ export default async (request, response) => {
    'desc'
  );
-  renderObject(response, samlAuthProviders, {
+  renderObject(response, samlAuthProviders);
    serializer: 'AdminSamlAuthProvider',
  });
 };
--- a/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.js
+++ b/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.js
@@ -4,7 +4,7 @@ import AppAuthClient from '../../../../models/app-auth-client.js';
 export default async (request, response) => {
  const appAuthClient = await AppAuthClient.query()
    .findById(request.params.appAuthClientId)
-    .where({ app_key: request.params.appKey, active: true })
+    .where({ active: true })
    .throwIfNotFound();
  renderObject(response, appAuthClient);
--- a/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js
+++ b/packages/backend/src/controllers/api/v1/app-auth-clients/get-app-auth-client.test.js
@@ -4,27 +4,25 @@ import Crypto from 'crypto';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
-import getAppAuthClientMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth-client.js';
+import getAppAuthClientMock from '../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
 import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
 import * as license from '../../../../helpers/license.ee.js';
-describe('GET /api/v1/apps/:appKey/auth-clients/:appAuthClientId', () => {
+describe('GET /api/v1/app-auth-clients/:id', () => {
  let currentUser, currentAppAuthClient, token;
  beforeEach(async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    currentUser = await createUser();
-    currentAppAuthClient = await createAppAuthClient({
+    currentAppAuthClient = await createAppAuthClient();
      appKey: 'deepl',
    });
    token = createAuthTokenByUserId(currentUser.id);
  });
-  it('should return specified app auth client', async () => {
+  it('should return specified app auth client info', async () => {
    const response = await request(app)
-      .get(`/api/v1/apps/deepl/auth-clients/${currentAppAuthClient.id}`)
+      .get(`/api/v1/app-auth-clients/${currentAppAuthClient.id}`)
      .set('Authorization', token)
      .expect(200);
@@ -36,14 +34,14 @@ describe('GET /api/v1/apps/:appKey/auth-clients/:appAuthClientId', () => {
    const notExistingAppAuthClientUUID = Crypto.randomUUID();
    await request(app)
-      .get(`/api/v1/apps/deepl/auth-clients/${notExistingAppAuthClientUUID}`)
+      .get(`/api/v1/app-auth-clients/${notExistingAppAuthClientUUID}`)
      .set('Authorization', token)
      .expect(404);
  });
  it('should return bad request response for invalid UUID', async () => {
    await request(app)
-      .get('/api/v1/apps/deepl/auth-clients/invalidAppAuthClientUUID')
+      .get('/api/v1/app-auth-clients/invalidAppAuthClientUUID')
      .set('Authorization', token)
      .expect(400);
  });
--- a/packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.js
+++ b/packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.js
@@ -1,10 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 import AppAuthClient from '../../../../models/app-auth-client.js';
 export default async (request, response) => {
  const appAuthClients = await AppAuthClient.query()
    .where({ app_key: request.params.appKey, active: true })
    .orderBy('created_at', 'desc');
  renderObject(response, appAuthClients);
 };
--- a/packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.test.js
@@ -1,42 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
 import getAuthClientsMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth-clients.js';
 import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
 import * as license from '../../../../helpers/license.ee.js';
 describe('GET /api/v1/apps/:appKey/auth-clients', () => {
  let currentUser, token;
  beforeEach(async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    currentUser = await createUser();
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return specified app auth client info', async () => {
    const appAuthClientOne = await createAppAuthClient({
      appKey: 'deepl',
    });
    const appAuthClientTwo = await createAppAuthClient({
      appKey: 'deepl',
    });
    const response = await request(app)
      .get('/api/v1/apps/deepl/auth-clients')
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = getAuthClientsMock([
      appAuthClientTwo,
      appAuthClientOne,
    ]);
    expect(response.body).toEqual(expectedPayload);
  });
 });
--- a/packages/backend/src/controllers/api/v1/apps/get-config.ee.js
+++ b/packages/backend/src/controllers/api/v1/apps/get-config.ee.js
@@ -1,12 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 import AppConfig from '../../../../models/app-config.js';
 export default async (request, response) => {
  const appConfig = await AppConfig.query()
    .findOne({
      key: request.params.appKey,
    })
    .throwIfNotFound();
  renderObject(response, appConfig);
 };
--- a/packages/backend/src/controllers/api/v1/apps/get-config.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/apps/get-config.ee.test.js
@@ -1,44 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
 import getAppConfigMock from '../../../../../test/mocks/rest/api/v1/apps/get-config.js';
 import { createAppConfig } from '../../../../../test/factories/app-config.js';
 import * as license from '../../../../helpers/license.ee.js';
 describe('GET /api/v1/apps/:appKey/config', () => {
  let currentUser, appConfig, token;
  beforeEach(async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    currentUser = await createUser();
    appConfig = await createAppConfig({
      key: 'deepl',
      allowCustomConnection: true,
      shared: true,
      disabled: false,
    });
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return specified app config info', async () => {
    const response = await request(app)
      .get(`/api/v1/apps/${appConfig.key}/config`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = getAppConfigMock(appConfig);
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return not found response for not existing app key', async () => {
    await request(app)
      .get('/api/v1/apps/not-existing-app-key/config')
      .set('Authorization', token)
      .expect(404);
  });
 });
--- a/packages/backend/src/controllers/api/v1/apps/get-flows.js
+++ b/packages/backend/src/controllers/api/v1/apps/get-flows.js
@@ -1,23 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 import App from '../../../../models/app.js';
 import paginateRest from '../../../../helpers/pagination-rest.js';
 export default async (request, response) => {
  const app = await App.findOneByKey(request.params.appKey);
  const flowsQuery = request.currentUser.authorizedFlows
    .clone()
    .joinRelated({
      steps: true,
    })
    .withGraphFetched({
      steps: true,
    })
    .where('steps.app_key', app.key)
    .orderBy('active', 'desc')
    .orderBy('updated_at', 'desc');
  const flows = await paginateRest(flowsQuery, request.query.page);
  renderObject(response, flows);
 };
--- a/packages/backend/src/controllers/api/v1/apps/get-flows.test.js
+++ b/packages/backend/src/controllers/api/v1/apps/get-flows.test.js
@@ -1,129 +0,0 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
 import { createFlow } from '../../../../../test/factories/flow.js';
 import { createStep } from '../../../../../test/factories/step.js';
 import { createPermission } from '../../../../../test/factories/permission.js';
 import getFlowsMock from '../../../../../test/mocks/rest/api/v1/flows/get-flows.js';
 describe('GET /api/v1/apps/:appKey/flows', () => {
  let currentUser, currentUserRole, token;
  beforeEach(async () => {
    currentUser = await createUser();
    currentUserRole = await currentUser.$relatedQuery('role');
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return the flows data of specified app for current user', async () => {
    const currentUserFlowOne = await createFlow({ userId: currentUser.id });
    const triggerStepFlowOne = await createStep({
      flowId: currentUserFlowOne.id,
      type: 'trigger',
      appKey: 'webhook',
    });
    const actionStepFlowOne = await createStep({
      flowId: currentUserFlowOne.id,
      type: 'action',
    });
    const currentUserFlowTwo = await createFlow({ userId: currentUser.id });
    await createStep({
      flowId: currentUserFlowTwo.id,
      type: 'trigger',
      appKey: 'github',
    });
    await createStep({
      flowId: currentUserFlowTwo.id,
      type: 'action',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    const response = await request(app)
      .get('/api/v1/apps/webhook/flows')
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getFlowsMock(
      [currentUserFlowOne],
      [triggerStepFlowOne, actionStepFlowOne]
    );
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return the flows data of specified app for another user', async () => {
    const anotherUser = await createUser();
    const anotherUserFlowOne = await createFlow({ userId: anotherUser.id });
    const triggerStepFlowOne = await createStep({
      flowId: anotherUserFlowOne.id,
      type: 'trigger',
      appKey: 'webhook',
    });
    const actionStepFlowOne = await createStep({
      flowId: anotherUserFlowOne.id,
      type: 'action',
    });
    const anotherUserFlowTwo = await createFlow({ userId: anotherUser.id });
    await createStep({
      flowId: anotherUserFlowTwo.id,
      type: 'trigger',
      appKey: 'github',
    });
    await createStep({
      flowId: anotherUserFlowTwo.id,
      type: 'action',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const response = await request(app)
      .get('/api/v1/apps/webhook/flows')
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getFlowsMock(
      [anotherUserFlowOne],
      [triggerStepFlowOne, actionStepFlowOne]
    );
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return not found response for invalid app key', async () => {
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    await request(app)
      .get('/api/v1/apps/invalid-app-key/flows')
      .set('Authorization', token)
      .expect(404);
  });
 });
--- a/packages/backend/src/controllers/api/v1/automatisch/config.ee.js
+++ b/packages/backend/src/controllers/api/v1/automatisch/config.ee.js
@@ -1,24 +0,0 @@
 import appConfig from '../../../../config/app.js';
 import Config from '../../../../models/config.js';
 import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const defaultConfig = {
    disableNotificationsPage: appConfig.disableNotificationsPage,
    disableFavicon: appConfig.disableFavicon,
    additionalDrawerLink: appConfig.additionalDrawerLink,
    additionalDrawerLinkText: appConfig.additionalDrawerLinkText,
  };
  let config = await Config.query().orderBy('key', 'asc');
  config = config.reduce((computedConfig, configEntry) => {
    const { key, value } = configEntry;
    computedConfig[key] = value?.data;
    return computedConfig;
  }, defaultConfig);
  renderObject(response, config);
 };
--- a/packages/backend/src/controllers/api/v1/automatisch/config.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/automatisch/config.ee.test.js
@@ -1,51 +0,0 @@
 import { vi, expect, describe, it } from 'vitest';
 import request from 'supertest';
 import { createConfig } from '../../../../../test/factories/config.js';
 import app from '../../../../app.js';
 import configMock from '../../../../../test/mocks/rest/api/v1/automatisch/config.js';
 import * as license from '../../../../helpers/license.ee.js';
 describe('GET /api/v1/automatisch/config', () => {
  it('should return Automatisch config', async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    const logoConfig = await createConfig({
      key: 'logo.svgData',
      value: { data: '<svg>Sample</svg>' },
    });
    const primaryDarkConfig = await createConfig({
      key: 'palette.primary.dark',
      value: { data: '#001F52' },
    });
    const primaryLightConfig = await createConfig({
      key: 'palette.primary.light',
      value: { data: '#4286FF' },
    });
    const primaryMainConfig = await createConfig({
      key: 'palette.primary.main',
      value: { data: '#0059F7' },
    });
    const titleConfig = await createConfig({
      key: 'title',
      value: { data: 'Sample Title' },
    });
    const response = await request(app)
      .get('/api/v1/automatisch/config')
      .expect(200);
    const expectedPayload = configMock(
      logoConfig,
      primaryDarkConfig,
      primaryLightConfig,
      primaryMainConfig,
      titleConfig
    );
    expect(response.body).toEqual(expectedPayload);
  });
 });
--- a/packages/backend/src/controllers/api/v1/connections/get-flows.js
+++ b/packages/backend/src/controllers/api/v1/connections/get-flows.js
@@ -1,20 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 import paginateRest from '../../../../helpers/pagination-rest.js';
 export default async (request, response) => {
  const flowsQuery = request.currentUser.authorizedFlows
    .clone()
    .joinRelated({
      steps: true,
    })
    .withGraphFetched({
      steps: true,
    })
    .where('steps.connection_id', request.params.connectionId)
    .orderBy('active', 'desc')
    .orderBy('updated_at', 'desc');
  const flows = await paginateRest(flowsQuery, request.query.page);
  renderObject(response, flows);
 };
--- a/packages/backend/src/controllers/api/v1/connections/get-flows.test.js
+++ b/packages/backend/src/controllers/api/v1/connections/get-flows.test.js
@@ -1,128 +0,0 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
 import { createConnection } from '../../../../../test/factories/connection.js';
 import { createFlow } from '../../../../../test/factories/flow.js';
 import { createStep } from '../../../../../test/factories/step.js';
 import { createPermission } from '../../../../../test/factories/permission.js';
 import getFlowsMock from '../../../../../test/mocks/rest/api/v1/flows/get-flows.js';
 describe('GET /api/v1/connections/:connectionId/flows', () => {
  let currentUser, currentUserRole, token;
  beforeEach(async () => {
    currentUser = await createUser();
    currentUserRole = await currentUser.$relatedQuery('role');
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return the flows data of specified connection for current user', async () => {
    const currentUserFlowOne = await createFlow({ userId: currentUser.id });
    const currentUserConnection = await createConnection({
      userId: currentUser.id,
      key: 'webhook',
    });
    const triggerStepFlowOne = await createStep({
      flowId: currentUserFlowOne.id,
      type: 'trigger',
      appKey: 'webhook',
      connectionId: currentUserConnection.id,
    });
    const actionStepFlowOne = await createStep({
      flowId: currentUserFlowOne.id,
      type: 'action',
    });
    const currentUserFlowTwo = await createFlow({ userId: currentUser.id });
    await createStep({
      flowId: currentUserFlowTwo.id,
      type: 'trigger',
      appKey: 'github',
    });
    await createStep({
      flowId: currentUserFlowTwo.id,
      type: 'action',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    const response = await request(app)
      .get(`/api/v1/connections/${currentUserConnection.id}/flows`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getFlowsMock(
      [currentUserFlowOne],
      [triggerStepFlowOne, actionStepFlowOne]
    );
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return the flows data of specified connection for another user', async () => {
    const anotherUser = await createUser();
    const anotherUserFlowOne = await createFlow({ userId: anotherUser.id });
    const anotherUserConnection = await createConnection({
      userId: anotherUser.id,
      key: 'webhook',
    });
    const triggerStepFlowOne = await createStep({
      flowId: anotherUserFlowOne.id,
      type: 'trigger',
      appKey: 'webhook',
      connectionId: anotherUserConnection.id,
    });
    const actionStepFlowOne = await createStep({
      flowId: anotherUserFlowOne.id,
      type: 'action',
    });
    const anotherUserFlowTwo = await createFlow({ userId: anotherUser.id });
    await createStep({
      flowId: anotherUserFlowTwo.id,
      type: 'trigger',
      appKey: 'github',
    });
    await createStep({
      flowId: anotherUserFlowTwo.id,
      type: 'action',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const response = await request(app)
      .get(`/api/v1/connections/${anotherUserConnection.id}/flows`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getFlowsMock(
      [anotherUserFlowOne],
      [triggerStepFlowOne, actionStepFlowOne]
    );
    expect(response.body).toEqual(expectedPayload);
  });
 });
--- a/packages/backend/src/controllers/api/v1/executions/get-execution.js
+++ b/packages/backend/src/controllers/api/v1/executions/get-execution.js
@@ -2,7 +2,6 @@ import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const execution = await request.currentUser.authorizedExecutions
    .clone()
    .withGraphFetched({
      flow: {
        steps: true,
--- a/packages/backend/src/controllers/api/v1/executions/get-executions.js
+++ b/packages/backend/src/controllers/api/v1/executions/get-executions.js
@@ -3,7 +3,6 @@ import paginateRest from '../../../../helpers/pagination-rest.js';
 export default async (request, response) => {
  const executionsQuery = request.currentUser.authorizedExecutions
    .clone()
    .withSoftDeleted()
    .orderBy('created_at', 'desc')
    .withGraphFetched({
--- a/packages/backend/src/controllers/api/v1/executions/get-executions.test.js
+++ b/packages/backend/src/controllers/api/v1/executions/get-executions.test.js
@@ -42,12 +42,9 @@ describe('GET /api/v1/executions', () => {
    const currentUserExecutionTwo = await createExecution({
      flowId: currentUserFlow.id,
      deletedAt: new Date().toISOString(),
    });
    await currentUserExecutionTwo
      .$query()
      .patchAndFetch({ deletedAt: new Date().toISOString() });
    await createPermission({
      action: 'read',
      subject: 'Execution',
@@ -90,12 +87,9 @@ describe('GET /api/v1/executions', () => {
    const anotherUserExecutionTwo = await createExecution({
      flowId: anotherUserFlow.id,
      deletedAt: new Date().toISOString(),
    });
    await anotherUserExecutionTwo
      .$query()
      .patchAndFetch({ deletedAt: new Date().toISOString() });
    await createPermission({
      action: 'read',
      subject: 'Execution',
--- a/packages/backend/src/controllers/api/v1/flows/get-flow.js
+++ b/packages/backend/src/controllers/api/v1/flows/get-flow.js
@@ -2,7 +2,6 @@ import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const flow = await request.currentUser.authorizedFlows
    .clone()
    .withGraphJoined({ steps: true })
    .orderBy('steps.position', 'asc')
    .findOne({ 'flows.id': request.params.flowId })
--- a/packages/backend/src/controllers/api/v1/flows/get-flows.js
+++ b/packages/backend/src/controllers/api/v1/flows/get-flows.js
@@ -1,21 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 import paginateRest from '../../../../helpers/pagination-rest.js';
 export default async (request, response) => {
  const flowsQuery = request.currentUser.authorizedFlows
    .clone()
    .withGraphFetched({
      steps: true,
    })
    .where((builder) => {
      if (request.query.name) {
        builder.where('flows.name', 'ilike', `%${request.query.name}%`);
      }
    })
    .orderBy('active', 'desc')
    .orderBy('updated_at', 'desc');
  const flows = await paginateRest(flowsQuery, request.query.page);
  renderObject(response, flows);
 };
--- a/packages/backend/src/controllers/api/v1/flows/get-flows.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/get-flows.test.js
@@ -1,118 +0,0 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
 import { createUser } from '../../../../../test/factories/user';
 import { createFlow } from '../../../../../test/factories/flow';
 import { createStep } from '../../../../../test/factories/step';
 import { createPermission } from '../../../../../test/factories/permission';
 import getFlowsMock from '../../../../../test/mocks/rest/api/v1/flows/get-flows.js';
 describe('GET /api/v1/flows', () => {
  let currentUser, currentUserRole, token;
  beforeEach(async () => {
    currentUser = await createUser();
    currentUserRole = await currentUser.$relatedQuery('role');
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return the flows data of current user', async () => {
    const currentUserFlowOne = await createFlow({ userId: currentUser.id });
    const triggerStepFlowOne = await createStep({
      flowId: currentUserFlowOne.id,
      type: 'trigger',
    });
    const actionStepFlowOne = await createStep({
      flowId: currentUserFlowOne.id,
      type: 'action',
    });
    const currentUserFlowTwo = await createFlow({ userId: currentUser.id });
    const triggerStepFlowTwo = await createStep({
      flowId: currentUserFlowTwo.id,
      type: 'trigger',
    });
    const actionStepFlowTwo = await createStep({
      flowId: currentUserFlowTwo.id,
      type: 'action',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    const response = await request(app)
      .get('/api/v1/flows')
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getFlowsMock(
      [currentUserFlowTwo, currentUserFlowOne],
      [
        triggerStepFlowOne,
        actionStepFlowOne,
        triggerStepFlowTwo,
        actionStepFlowTwo,
      ]
    );
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return the flows data of another user', async () => {
    const anotherUser = await createUser();
    const anotherUserFlowOne = await createFlow({ userId: anotherUser.id });
    const triggerStepFlowOne = await createStep({
      flowId: anotherUserFlowOne.id,
      type: 'trigger',
    });
    const actionStepFlowOne = await createStep({
      flowId: anotherUserFlowOne.id,
      type: 'action',
    });
    const anotherUserFlowTwo = await createFlow({ userId: anotherUser.id });
    const triggerStepFlowTwo = await createStep({
      flowId: anotherUserFlowTwo.id,
      type: 'trigger',
    });
    const actionStepFlowTwo = await createStep({
      flowId: anotherUserFlowTwo.id,
      type: 'action',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const response = await request(app)
      .get('/api/v1/flows')
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getFlowsMock(
      [anotherUserFlowTwo, anotherUserFlowOne],
      [
        triggerStepFlowOne,
        actionStepFlowOne,
        triggerStepFlowTwo,
        actionStepFlowTwo,
      ]
    );
    expect(response.body).toEqual(expectedPayload);
  });
 });
--- a/packages/backend/src/controllers/api/v1/saml-auth-providers/get-saml-auth-providers.ee.js
+++ b/packages/backend/src/controllers/api/v1/saml-auth-providers/get-saml-auth-providers.ee.js
@@ -1,12 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 import SamlAuthProvider from '../../../../models/saml-auth-provider.ee.js';
 export default async (request, response) => {
  const samlAuthProviders = await SamlAuthProvider.query()
    .where({
      active: true,
    })
    .orderBy('created_at', 'desc');
  renderObject(response, samlAuthProviders);
 };
--- a/packages/backend/src/controllers/api/v1/saml-auth-providers/get-saml-auth-providers.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/saml-auth-providers/get-saml-auth-providers.ee.test.js
@@ -1,30 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import { createSamlAuthProvider } from '../../../../../test/factories/saml-auth-provider.ee.js';
 import getSamlAuthProvidersMock from '../../../../../test/mocks/rest/api/v1/saml-auth-providers/get-saml-auth-providers.js';
 import * as license from '../../../../helpers/license.ee.js';
 describe('GET /api/v1/saml-auth-providers', () => {
  let samlAuthProviderOne, samlAuthProviderTwo;
  beforeEach(async () => {
    samlAuthProviderOne = await createSamlAuthProvider();
    samlAuthProviderTwo = await createSamlAuthProvider();
  });
  it('should return saml auth providers', async () => {
    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    const response = await request(app)
      .get('/api/v1/saml-auth-providers')
      .expect(200);
    const expectedPayload = await getSamlAuthProvidersMock([
      samlAuthProviderTwo,
      samlAuthProviderOne,
    ]);
    expect(response.body).toEqual(expectedPayload);
  });
 });
--- a/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.js
+++ b/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.js
@@ -1,17 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const step = await request.currentUser.authorizedSteps
    .clone()
    .where('steps.id', request.params.stepId)
    .whereNotNull('steps.app_key')
    .first()
    .throwIfNotFound();
  const dynamicFields = await step.createDynamicFields(
    request.body.dynamicFieldsKey,
    request.body.parameters
  );
  renderObject(response, dynamicFields);
 };
--- a/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js
@@ -1,169 +0,0 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import Crypto from 'crypto';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
 import { createUser } from '../../../../../test/factories/user';
 import { createFlow } from '../../../../../test/factories/flow';
 import { createStep } from '../../../../../test/factories/step';
 import { createPermission } from '../../../../../test/factories/permission';
 import createDynamicFieldsMock from '../../../../../test/mocks/rest/api/v1/steps/create-dynamic-fields';
 describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
  let currentUser, currentUserRole, token;
  beforeEach(async () => {
    currentUser = await createUser();
    currentUserRole = await currentUser.$relatedQuery('role');
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return dynamically created fields of the current users step', async () => {
    const currentUserflow = await createFlow({ userId: currentUser.id });
    const actionStep = await createStep({
      flowId: currentUserflow.id,
      type: 'action',
      appKey: 'slack',
      key: 'sendMessageToChannel',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    const response = await request(app)
      .post(`/api/v1/steps/${actionStep.id}/dynamic-fields`)
      .set('Authorization', token)
      .send({
        dynamicFieldsKey: 'listFieldsAfterSendAsBot',
        parameters: {
          sendAsBot: true,
        },
      })
      .expect(200);
    const expectedPayload = await createDynamicFieldsMock();
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return dynamically created fields of the another users step', async () => {
    const anotherUser = await createUser();
    const anotherUserflow = await createFlow({ userId: anotherUser.id });
    const actionStep = await createStep({
      flowId: anotherUserflow.id,
      type: 'action',
      appKey: 'slack',
      key: 'sendMessageToChannel',
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const response = await request(app)
      .post(`/api/v1/steps/${actionStep.id}/dynamic-fields`)
      .set('Authorization', token)
      .send({
        dynamicFieldsKey: 'listFieldsAfterSendAsBot',
        parameters: {
          sendAsBot: true,
        },
      })
      .expect(200);
    const expectedPayload = await createDynamicFieldsMock();
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const notExistingStepUUID = Crypto.randomUUID();
    await request(app)
      .get(`/api/v1/steps/${notExistingStepUUID}/dynamic-fields`)
      .set('Authorization', token)
      .expect(404);
  });
  it('should return not found response for existing step UUID without app key', async () => {
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const step = await createStep({ appKey: null });
    await request(app)
      .get(`/api/v1/steps/${step.id}/dynamic-fields`)
      .set('Authorization', token)
      .expect(404);
  });
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await request(app)
      .post('/api/v1/steps/invalidStepUUID/dynamic-fields')
      .set('Authorization', token)
      .expect(400);
  });
 });
--- a/packages/backend/src/controllers/api/v1/steps/get-connection.js
+++ b/packages/backend/src/controllers/api/v1/steps/get-connection.js
@@ -1,11 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const step = await request.currentUser.authorizedSteps
    .findById(request.params.stepId)
    .throwIfNotFound();
  const connection = await step.$relatedQuery('connection').throwIfNotFound();
  renderObject(response, connection);
 };
--- a/packages/backend/src/controllers/api/v1/steps/get-connection.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/get-connection.test.js
@@ -1,121 +0,0 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import Crypto from 'crypto';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
 import { createUser } from '../../../../../test/factories/user';
 import { createConnection } from '../../../../../test/factories/connection';
 import { createFlow } from '../../../../../test/factories/flow';
 import { createStep } from '../../../../../test/factories/step';
 import { createPermission } from '../../../../../test/factories/permission';
 import getConnectionMock from '../../../../../test/mocks/rest/api/v1/steps/get-connection';
 describe('GET /api/v1/steps/:stepId/connection', () => {
  let currentUser, currentUserRole, token;
  beforeEach(async () => {
    currentUser = await createUser();
    currentUserRole = await currentUser.$relatedQuery('role');
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return the current user connection data of specified step', async () => {
    const currentUserflow = await createFlow({ userId: currentUser.id });
    const currentUserConnection = await createConnection();
    const triggerStep = await createStep({
      flowId: currentUserflow.id,
      connectionId: currentUserConnection.id,
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    const response = await request(app)
      .get(`/api/v1/steps/${triggerStep.id}/connection`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getConnectionMock(currentUserConnection);
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return the current user connection data of specified step', async () => {
    const anotherUser = await createUser();
    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
    const anotherUserConnection = await createConnection();
    const triggerStep = await createStep({
      flowId: anotherUserFlow.id,
      connectionId: anotherUserConnection.id,
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const response = await request(app)
      .get(`/api/v1/steps/${triggerStep.id}/connection`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getConnectionMock(anotherUserConnection);
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return not found response for not existing step without connection', async () => {
    const stepWithoutConnection = await createStep();
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await request(app)
      .get(`/api/v1/steps/${stepWithoutConnection.id}/connection`)
      .set('Authorization', token)
      .expect(404);
  });
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const notExistingFlowUUID = Crypto.randomUUID();
    await request(app)
      .get(`/api/v1/steps/${notExistingFlowUUID}/connection`)
      .set('Authorization', token)
      .expect(404);
  });
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await request(app)
      .get('/api/v1/steps/invalidFlowUUID/connection')
      .set('Authorization', token)
      .expect(400);
  });
 });
--- a/packages/backend/src/controllers/api/v1/steps/get-previous-steps.js
+++ b/packages/backend/src/controllers/api/v1/steps/get-previous-steps.js
@@ -1,27 +0,0 @@
 import { ref } from 'objection';
 import ExecutionStep from '../../../../models/execution-step.js';
 import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const step = await request.currentUser.authorizedSteps
    .clone()
    .findOne({ 'steps.id': request.params.stepId })
    .throwIfNotFound();
  const previousSteps = await request.currentUser.authorizedSteps
    .clone()
    .withGraphJoined('executionSteps')
    .where('flow_id', '=', step.flowId)
    .andWhere('position', '<', step.position)
    .andWhere(
      'executionSteps.created_at',
      '=',
      ExecutionStep.query()
        .max('created_at')
        .where('step_id', '=', ref('steps.id'))
        .andWhere('status', 'success')
    )
    .orderBy('steps.position', 'asc');
  renderObject(response, previousSteps);
 };
--- a/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js
@@ -1,173 +0,0 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import Crypto from 'crypto';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
 import { createUser } from '../../../../../test/factories/user';
 import { createFlow } from '../../../../../test/factories/flow';
 import { createStep } from '../../../../../test/factories/step';
 import { createExecutionStep } from '../../../../../test/factories/execution-step.js';
 import { createPermission } from '../../../../../test/factories/permission';
 import getPreviousStepsMock from '../../../../../test/mocks/rest/api/v1/steps/get-previous-steps';
 describe('GET /api/v1/steps/:stepId/previous-steps', () => {
  let currentUser, currentUserRole, token;
  beforeEach(async () => {
    currentUser = await createUser();
    currentUserRole = await currentUser.$relatedQuery('role');
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return the previous steps of the specified step of the current user', async () => {
    const currentUserflow = await createFlow({ userId: currentUser.id });
    const triggerStep = await createStep({
      flowId: currentUserflow.id,
      type: 'trigger',
    });
    const actionStepOne = await createStep({
      flowId: currentUserflow.id,
      type: 'action',
    });
    const actionStepTwo = await createStep({
      flowId: currentUserflow.id,
      type: 'action',
    });
    const executionStepOne = await createExecutionStep({
      stepId: triggerStep.id,
    });
    const executionStepTwo = await createExecutionStep({
      stepId: actionStepOne.id,
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    const response = await request(app)
      .get(`/api/v1/steps/${actionStepTwo.id}/previous-steps`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getPreviousStepsMock(
      [triggerStep, actionStepOne],
      [executionStepOne, executionStepTwo]
    );
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return the previous steps of the specified step of another user', async () => {
    const anotherUser = await createUser();
    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
    const triggerStep = await createStep({
      flowId: anotherUserFlow.id,
      type: 'trigger',
    });
    const actionStepOne = await createStep({
      flowId: anotherUserFlow.id,
      type: 'action',
    });
    const actionStepTwo = await createStep({
      flowId: anotherUserFlow.id,
      type: 'action',
    });
    const executionStepOne = await createExecutionStep({
      stepId: triggerStep.id,
    });
    const executionStepTwo = await createExecutionStep({
      stepId: actionStepOne.id,
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const response = await request(app)
      .get(`/api/v1/steps/${actionStepTwo.id}/previous-steps`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = await getPreviousStepsMock(
      [triggerStep, actionStepOne],
      [executionStepOne, executionStepTwo]
    );
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    const notExistingFlowUUID = Crypto.randomUUID();
    await request(app)
      .get(`/api/v1/steps/${notExistingFlowUUID}/previous-steps`)
      .set('Authorization', token)
      .expect(404);
  });
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
      action: 'update',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await createPermission({
      action: 'read',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
    });
    await request(app)
      .get('/api/v1/steps/invalidFlowUUID/previous-steps')
      .set('Authorization', token)
      .expect(400);
  });
 });
--- a/packages/backend/src/controllers/api/v1/users/get-plan-and-usage.ee.js
+++ b/packages/backend/src/controllers/api/v1/users/get-plan-and-usage.ee.js
@@ -1,7 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const planAndUsage = await request.currentUser.getPlanAndUsage();
  renderObject(response, planAndUsage);
 };
--- a/packages/backend/src/controllers/api/v1/users/get-plan-and-usage.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/users/get-plan-and-usage.ee.test.js
@@ -1,68 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
 import { createSubscription } from '../../../../../test/factories/subscription.js';
 import { createUsageData } from '../../../../../test/factories/usage-data.js';
 import appConfig from '../../../../config/app.js';
 import { DateTime } from 'luxon';
 describe('GET /api/v1/users/:userId/plan-and-usage', () => {
  let user, token;
  beforeEach(async () => {
    const trialExpiryDate = DateTime.now().plus({ days: 30 }).toISODate();
    user = await createUser({ trialExpiryDate });
    token = createAuthTokenByUserId(user.id);
    vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(true);
  });
  it('should return free trial plan and usage data', async () => {
    const response = await request(app)
      .get(`/api/v1/users/${user.id}/plan-and-usage`)
      .set('Authorization', token)
      .expect(200);
    const expectedResponseData = {
      plan: {
        id: null,
        limit: null,
        name: 'Free Trial',
      },
      usage: {
        task: 0,
      },
    };
    expect(response.body.data).toEqual(expectedResponseData);
  });
  it('should return current plan and usage data', async () => {
    await createSubscription({ userId: user.id });
    await createUsageData({
      userId: user.id,
      consumedTaskCount: 1234,
    });
    const response = await request(app)
      .get(`/api/v1/users/${user.id}/plan-and-usage`)
      .set('Authorization', token)
      .expect(200);
    const expectedResponseData = {
      plan: {
        id: '47384',
        limit: '10,000',
        name: '10k - monthly',
      },
      usage: {
        task: 1234,
      },
    };
    expect(response.body.data).toEqual(expectedResponseData);
  });
 });
--- a/packages/backend/src/controllers/api/v1/users/get-subscription.ee.js
+++ b/packages/backend/src/controllers/api/v1/users/get-subscription.ee.js
@@ -1,9 +0,0 @@
 import { renderObject } from '../../../../helpers/renderer.js';
 export default async (request, response) => {
  const subscription = await request.currentUser
    .$relatedQuery('currentSubscription')
    .throwIfNotFound();
  renderObject(response, subscription);
 };
--- a/packages/backend/src/controllers/api/v1/users/get-subscription.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/users/get-subscription.ee.test.js
@@ -1,51 +0,0 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import appConfig from '../../../../config/app.js';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
 import { createRole } from '../../../../../test/factories/role';
 import { createUser } from '../../../../../test/factories/user';
 import { createSubscription } from '../../../../../test/factories/subscription.js';
 import getSubscriptionMock from '../../../../../test/mocks/rest/api/v1/users/get-subscription.js';
 describe('GET /api/v1/users/:userId/subscription', () => {
  let currentUser, role, subscription, token;
  beforeEach(async () => {
    vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(true);
    role = await createRole();
    currentUser = await createUser({
      roleId: role.id,
    });
    subscription = await createSubscription({ userId: currentUser.id });
    token = createAuthTokenByUserId(currentUser.id);
  });
  it('should return subscription info of the current user', async () => {
    const response = await request(app)
      .get(`/api/v1/users/${currentUser.id}/subscription`)
      .set('Authorization', token)
      .expect(200);
    const expectedPayload = getSubscriptionMock(subscription);
    expect(response.body).toEqual(expectedPayload);
  });
  it('should return not found response if there is no current subscription', async () => {
    const userWithoutSubscription = await createUser({
      roleId: role.id,
    });
    const token = createAuthTokenByUserId(userWithoutSubscription.id);
    await request(app)
      .get(`/api/v1/users/${userWithoutSubscription.id}/subscription`)
      .set('Authorization', token)
      .expect(404);
  });
 });
--- a/packages/backend/src/controllers/webhooks/handler-sync-by-flow-id.js
+++ b/packages/backend/src/controllers/webhooks/handler-sync-by-flow-id.js
@@ -1,29 +0,0 @@
 import Flow from '../../models/flow.js';
 import logger from '../../helpers/logger.js';
 import handlerSync from '../../helpers/webhook-handler-sync.js';
 export default async (request, response) => {
  const computedRequestPayload = {
    headers: request.headers,
    body: request.body,
    query: request.query,
    params: request.params,
  };
  logger.debug(`Handling incoming webhook request at ${request.originalUrl}.`);
  logger.debug(JSON.stringify(computedRequestPayload, null, 2));
  const flowId = request.params.flowId;
  const flow = await Flow.query().findById(flowId).throwIfNotFound();
  const triggerStep = await flow.getTriggerStep();
  if (triggerStep.appKey !== 'webhook') {
    const connection = await triggerStep.$relatedQuery('connection');
    if (!(await connection.verifyWebhook(request))) {
      return response.sendStatus(401);
    }
  }
  await handlerSync(flowId, request, response);
 };
--- a/packages/backend/src/db/migrations/20240326194638_add_app_key_to_app_auth_clients.js
+++ b/packages/backend/src/db/migrations/20240326194638_add_app_key_to_app_auth_clients.js
@@ -1,11 +0,0 @@
 export async function up(knex) {
  await knex.schema.table('app_auth_clients', (table) => {
    table.string('app_key');
  });
 }
 export async function down(knex) {
  await knex.schema.table('app_auth_clients', (table) => {
    table.dropColumn('app_key');
  });
 }
--- a/packages/backend/src/db/migrations/20240326195028_migrate_app_config_id_to_app_key.js
+++ b/packages/backend/src/db/migrations/20240326195028_migrate_app_config_id_to_app_key.js
@@ -1,17 +0,0 @@
 export async function up(knex) {
  const appAuthClients = await knex('app_auth_clients').select('*');
  for (const appAuthClient of appAuthClients) {
    const appConfig = await knex('app_configs')
      .where('id', appAuthClient.app_config_id)
      .first();
    await knex('app_auth_clients')
      .where('id', appAuthClient.id)
      .update({ app_key: appConfig.key });
  }
 }
 export async function down() {
  // void
 }
--- a/packages/backend/src/db/migrations/20240326195748_remove_app_config_id_from_app_auth_clients.js
+++ b/packages/backend/src/db/migrations/20240326195748_remove_app_config_id_from_app_auth_clients.js
@@ -1,15 +0,0 @@
 export async function up(knex) {
  await knex.schema.table('app_auth_clients', (table) => {
    table.dropColumn('app_config_id');
  });
 }
 export async function down(knex) {
  await knex.schema.table('app_auth_clients', (table) => {
    table
      .uuid('app_config_id')
      .notNullable()
      .references('id')
      .inTable('app_configs');
  });
 }
--- a/packages/backend/src/db/migrations/20240326202110_add_not_nullable_to_app_key_of_app_auth_clients.js
+++ b/packages/backend/src/db/migrations/20240326202110_add_not_nullable_to_app_key_of_app_auth_clients.js
@@ -1,11 +0,0 @@
 export async function up(knex) {
  await knex.schema.table('app_auth_clients', (table) => {
    table.string('app_key').notNullable().alter();
  });
 }
 export async function down(knex) {
  await knex.schema.table('app_auth_clients', (table) => {
    table.string('app_key').nullable().alter();
  });
 }
--- a/packages/backend/src/db/migrations/20240327205509_add_can_connect_column_to_app_configs.js
+++ b/packages/backend/src/db/migrations/20240327205509_add_can_connect_column_to_app_configs.js
@@ -1,11 +0,0 @@
 export async function up(knex) {
  await knex.schema.table('app_configs', (table) => {
    table.boolean('can_connect').defaultTo(false);
  });
 }
 export async function down(knex) {
  await knex.schema.table('app_configs', (table) => {
    table.dropColumn('can_connect');
  });
 }
--- a/packages/backend/src/graphql/mutations/delete-step.js
+++ b/packages/backend/src/graphql/mutations/delete-step.js
@@ -1,4 +1,4 @@
-import Step from '../../models/step.js';
+import Step from '../../models/flow.js';
 const deleteStep = async (_parent, params, context) => {
  const conditions = context.currentUser.can('update', 'Flow');
--- a/packages/backend/src/graphql/queries/get-app-config.ee.js
+++ b/packages/backend/src/graphql/queries/get-app-config.ee.js
@@ -0,0 +1,17 @@
 import AppConfig from '../../models/app-config.js';
 const getAppConfig = async (_parent, params, context) => {
  context.currentUser.can('create', 'Connection');
  const appConfig = await AppConfig.query()
    .withGraphFetched({
      appAuthClients: true,
    })
    .findOne({
      key: params.key,
    });
  return appConfig;
 };
 export default getAppConfig;
--- a/packages/backend/src/graphql/queries/get-apps.js
+++ b/packages/backend/src/graphql/queries/get-apps.js
@@ -0,0 +1,17 @@
 import App from '../../models/app.js';
 const getApps = async (_parent, params) => {
  const apps = await App.findAll(params.name);
  if (params.onlyWithTriggers) {
    return apps.filter((app) => app.triggers?.length);
  }
  if (params.onlyWithActions) {
    return apps.filter((app) => app.actions?.length);
  }
  return apps;
 };
 export default getApps;
--- a/packages/backend/src/graphql/queries/get-config.ee.js
+++ b/packages/backend/src/graphql/queries/get-config.ee.js
@@ -0,0 +1,32 @@
 import appConfig from '../../config/app.js';
 import { hasValidLicense } from '../../helpers/license.ee.js';
 import Config from '../../models/config.js';
 const getConfig = async (_parent, params) => {
  if (!(await hasValidLicense())) return {};
  const defaultConfig = {
    disableNotificationsPage: appConfig.disableNotificationsPage,
    disableFavicon: appConfig.disableFavicon,
    additionalDrawerLink: appConfig.additionalDrawerLink,
    additionalDrawerLinkText: appConfig.additionalDrawerLinkText,
  };
  const configQuery = Config.query();
  if (Array.isArray(params.keys)) {
    configQuery.whereIn('key', params.keys);
  }
  const config = await configQuery.orderBy('key', 'asc');
  return config.reduce((computedConfig, configEntry) => {
    const { key, value } = configEntry;
    computedConfig[key] = value?.data;
    return computedConfig;
  }, defaultConfig);
 };
 export default getConfig;
--- a/packages/backend/src/graphql/queries/get-config.ee.test.js
+++ b/packages/backend/src/graphql/queries/get-config.ee.test.js
@@ -0,0 +1,140 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import { createConfig } from '../../../test/factories/config';
 import appConfig from '../../config/app';
 import * as license from '../../helpers/license.ee';
 describe('graphQL getConfig query', () => {
  let configOne, configTwo, configThree, query;
  beforeEach(async () => {
    configOne = await createConfig({ key: 'configOne' });
    configTwo = await createConfig({ key: 'configTwo' });
    configThree = await createConfig({ key: 'configThree' });
    query = `
      query {
        getConfig
      }
    `;
  });
  describe('and without valid license', () => {
    beforeEach(async () => {
      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(false);
    });
    describe('and correct permissions', () => {
      it('should return empty config data', async () => {
        const response = await request(app)
          .post('/graphql')
          .send({ query })
          .expect(200);
        const expectedResponsePayload = { data: { getConfig: {} } };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
  });
  describe('and with valid license', () => {
    beforeEach(async () => {
      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    });
    describe('and without providing specific keys', () => {
      it('should return all config data', async () => {
        const response = await request(app)
          .post('/graphql')
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getConfig: {
              [configOne.key]: configOne.value.data,
              [configTwo.key]: configTwo.value.data,
              [configThree.key]: configThree.value.data,
              disableNotificationsPage: false,
              disableFavicon: false,
              additionalDrawerLink: undefined,
              additionalDrawerLinkText: undefined,
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
    describe('and with providing specific keys', () => {
      it('should return all config data', async () => {
        query = `
          query {
            getConfig(keys: ["configOne", "configTwo"])
          }
        `;
        const response = await request(app)
          .post('/graphql')
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getConfig: {
              [configOne.key]: configOne.value.data,
              [configTwo.key]: configTwo.value.data,
              disableNotificationsPage: false,
              disableFavicon: false,
              additionalDrawerLink: undefined,
              additionalDrawerLinkText: undefined,
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
    describe('and with different defaults', () => {
      beforeEach(async () => {
        vi.spyOn(appConfig, 'disableNotificationsPage', 'get').mockReturnValue(
          true
        );
        vi.spyOn(appConfig, 'disableFavicon', 'get').mockReturnValue(true);
        vi.spyOn(appConfig, 'additionalDrawerLink', 'get').mockReturnValue(
          'https://automatisch.io'
        );
        vi.spyOn(appConfig, 'additionalDrawerLinkText', 'get').mockReturnValue(
          'Automatisch'
        );
      });
      it('should return custom config', async () => {
        const response = await request(app)
          .post('/graphql')
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getConfig: {
              [configOne.key]: configOne.value.data,
              [configTwo.key]: configTwo.value.data,
              [configThree.key]: configThree.value.data,
              disableNotificationsPage: true,
              disableFavicon: true,
              additionalDrawerLink: 'https://automatisch.io',
              additionalDrawerLinkText: 'Automatisch',
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
  });
 });
--- a/packages/backend/src/graphql/queries/get-current-user.js
+++ b/packages/backend/src/graphql/queries/get-current-user.js
@@ -0,0 +1,5 @@
 const getCurrentUser = async (_parent, _params, context) => {
  return context.currentUser;
 };
 export default getCurrentUser;
--- a/packages/backend/src/graphql/queries/get-current-user.test.js
+++ b/packages/backend/src/graphql/queries/get-current-user.test.js
@@ -0,0 +1,79 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
 import { createRole } from '../../../test/factories/role';
 import { createUser } from '../../../test/factories/user';
 describe('graphQL getCurrentUser query', () => {
  let role, currentUser, token, requestObject;
  beforeEach(async () => {
    role = await createRole({
      key: 'sample',
      name: 'sample',
    });
    currentUser = await createUser({
      roleId: role.id,
    });
    token = createAuthTokenByUserId(currentUser.id);
    requestObject = request(app).post('/graphql').set('Authorization', token);
  });
  it('should return user data', async () => {
    const query = `
      query {
        getCurrentUser {
          id
          email
          fullName
          email
          createdAt
          updatedAt
          role {
            id
            name
          }
        }
      }
    `;
    const response = await requestObject.send({ query }).expect(200);
    const expectedResponsePayload = {
      data: {
        getCurrentUser: {
          createdAt: currentUser.createdAt.getTime().toString(),
          email: currentUser.email,
          fullName: currentUser.fullName,
          id: currentUser.id,
          role: { id: role.id, name: role.name },
          updatedAt: currentUser.updatedAt.getTime().toString(),
        },
      },
    };
    expect(response.body).toEqual(expectedResponsePayload);
  });
  it('should not return user password', async () => {
    const query = `
      query {
        getCurrentUser {
          id
          email
          password
        }
      }
    `;
    const response = await requestObject.send({ query }).expect(400);
    expect(response.body.errors).toBeDefined();
    expect(response.body.errors[0].message).toEqual(
      'Cannot query field "password" on type "User".'
    );
  });
 });
--- a/packages/backend/src/graphql/queries/get-dynamic-fields.js
+++ b/packages/backend/src/graphql/queries/get-dynamic-fields.js
@@ -0,0 +1,40 @@
 import App from '../../models/app.js';
 import Step from '../../models/step.js';
 import globalVariable from '../../helpers/global-variable.js';
 const getDynamicFields = async (_parent, params, context) => {
  const conditions = context.currentUser.can('update', 'Flow');
  const userSteps = context.currentUser.$relatedQuery('steps');
  const allSteps = Step.query();
  const stepBaseQuery = conditions.isCreator ? userSteps : allSteps;
  const step = await stepBaseQuery
    .clone()
    .withGraphFetched({
      connection: true,
      flow: true,
    })
    .findById(params.stepId);
  if (!step) return null;
  const connection = step.connection;
  if (!step.appKey) return null;
  const app = await App.findOneByKey(step.appKey);
  const $ = await globalVariable({ connection, app, flow: step.flow, step });
  const command = app.dynamicFields.find((data) => data.key === params.key);
  for (const parameterKey in params.parameters) {
    const parameterValue = params.parameters[parameterKey];
    $.step.parameters[parameterKey] = parameterValue;
  }
  const additionalFields = (await command.run($)) || [];
  return additionalFields;
 };
 export default getDynamicFields;
--- a/packages/backend/src/graphql/queries/get-execution-steps.js
+++ b/packages/backend/src/graphql/queries/get-execution-steps.js
@@ -0,0 +1,27 @@
 import paginate from '../../helpers/pagination.js';
 import Execution from '../../models/execution.js';
 const getExecutionSteps = async (_parent, params, context) => {
  const conditions = context.currentUser.can('read', 'Execution');
  const userExecutions = context.currentUser.$relatedQuery('executions');
  const allExecutions = Execution.query();
  const executionBaseQuery = conditions.isCreator
    ? userExecutions
    : allExecutions;
  const execution = await executionBaseQuery
    .clone()
    .withSoftDeleted()
    .findById(params.executionId)
    .throwIfNotFound();
  const executionSteps = execution
    .$relatedQuery('executionSteps')
    .withSoftDeleted()
    .withGraphFetched('step')
    .orderBy('created_at', 'asc');
  return paginate(executionSteps, params.limit, params.offset);
 };
 export default getExecutionSteps;
--- a/packages/backend/src/graphql/queries/get-execution.js
+++ b/packages/backend/src/graphql/queries/get-execution.js
@@ -0,0 +1,25 @@
 import Execution from '../../models/execution.js';
 const getExecution = async (_parent, params, context) => {
  const conditions = context.currentUser.can('read', 'Execution');
  const userExecutions = context.currentUser.$relatedQuery('executions');
  const allExecutions = Execution.query();
  const executionBaseQuery = conditions.isCreator
    ? userExecutions
    : allExecutions;
  const execution = await executionBaseQuery
    .clone()
    .withGraphFetched({
      flow: {
        steps: true,
      },
    })
    .withSoftDeleted()
    .findById(params.executionId)
    .throwIfNotFound();
  return execution;
 };
 export default getExecution;
--- a/packages/backend/src/graphql/queries/get-executions.js
+++ b/packages/backend/src/graphql/queries/get-executions.js
@@ -0,0 +1,70 @@
 import { raw } from 'objection';
 import { DateTime } from 'luxon';
 import Execution from '../../models/execution.js';
 import paginate from '../../helpers/pagination.js';
 const getExecutions = async (_parent, params, context) => {
  const conditions = context.currentUser.can('read', 'Execution');
  const filters = params.filters;
  const userExecutions = context.currentUser.$relatedQuery('executions');
  const allExecutions = Execution.query();
  const executionBaseQuery = conditions.isCreator
    ? userExecutions
    : allExecutions;
  const selectStatusStatement = `
    case
      when count(*) filter (where execution_steps.status = 'failure') > 0
        then 'failure'
      else 'success'
    end
    as status
  `;
  const executions = executionBaseQuery
    .clone()
    .joinRelated('executionSteps as execution_steps')
    .select('executions.*', raw(selectStatusStatement))
    .groupBy('executions.id')
    .orderBy('created_at', 'desc');
  const computedExecutions = Execution.query()
    .with('executions', executions)
    .withSoftDeleted()
    .withGraphFetched({
      flow: {
        steps: true,
      },
    });
  if (filters?.flowId) {
    computedExecutions.where('executions.flow_id', filters.flowId);
  }
  if (filters?.status) {
    computedExecutions.where('executions.status', filters.status);
  }
  if (filters?.createdAt) {
    const createdAtFilter = filters.createdAt;
    if (createdAtFilter.from) {
      const isoFromDateTime = DateTime.fromMillis(
        parseInt(createdAtFilter.from, 10)
      ).toISO();
      computedExecutions.where('executions.created_at', '>=', isoFromDateTime);
    }
    if (createdAtFilter.to) {
      const isoToDateTime = DateTime.fromMillis(
        parseInt(createdAtFilter.to, 10)
      ).toISO();
      computedExecutions.where('executions.created_at', '<=', isoToDateTime);
    }
  }
  return paginate(computedExecutions, params.limit, params.offset);
 };
 export default getExecutions;
--- a/packages/backend/src/graphql/queries/get-executions.test.js
+++ b/packages/backend/src/graphql/queries/get-executions.test.js
@@ -0,0 +1,472 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import appConfig from '../../config/app';
 import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
 import { createRole } from '../../../test/factories/role';
 import { createPermission } from '../../../test/factories/permission';
 import { createUser } from '../../../test/factories/user';
 import { createFlow } from '../../../test/factories/flow';
 import { createStep } from '../../../test/factories/step';
 import { createExecution } from '../../../test/factories/execution';
 import { createExecutionStep } from '../../../test/factories/execution-step';
 describe('graphQL getExecutions query', () => {
  const query = `
    query {
      getExecutions(limit: 10, offset: 0) {
        pageInfo {
          currentPage
          totalPages
        }
        edges {
          node {
            id
            testRun
            createdAt
            updatedAt
            status
            flow {
              id
              name
              active
              steps {
                iconUrl
              }
            }
          }
        }
      }
    }
  `;
  describe('and without correct permissions', () => {
    it('should throw not authorized error', async () => {
      const userWithoutPermissions = await createUser();
      const token = createAuthTokenByUserId(userWithoutPermissions.id);
      const response = await request(app)
        .post('/graphql')
        .set('Authorization', token)
        .send({ query })
        .expect(200);
      expect(response.body.errors).toBeDefined();
      expect(response.body.errors[0].message).toEqual('Not authorized!');
    });
  });
  describe('and with correct permission', () => {
    let role,
      currentUser,
      anotherUser,
      token,
      flowOne,
      stepOneForFlowOne,
      stepTwoForFlowOne,
      executionOne,
      flowTwo,
      stepOneForFlowTwo,
      stepTwoForFlowTwo,
      executionTwo,
      flowThree,
      stepOneForFlowThree,
      stepTwoForFlowThree,
      executionThree,
      expectedResponseForExecutionOne,
      expectedResponseForExecutionTwo,
      expectedResponseForExecutionThree;
    beforeEach(async () => {
      role = await createRole({
        key: 'sample',
        name: 'sample',
      });
      currentUser = await createUser({
        roleId: role.id,
        fullName: 'Current User',
      });
      anotherUser = await createUser();
      token = createAuthTokenByUserId(currentUser.id);
      flowOne = await createFlow({
        userId: currentUser.id,
      });
      stepOneForFlowOne = await createStep({
        flowId: flowOne.id,
      });
      stepTwoForFlowOne = await createStep({
        flowId: flowOne.id,
      });
      executionOne = await createExecution({
        flowId: flowOne.id,
      });
      await createExecutionStep({
        executionId: executionOne.id,
        stepId: stepOneForFlowOne.id,
        status: 'success',
      });
      await createExecutionStep({
        executionId: executionOne.id,
        stepId: stepTwoForFlowOne.id,
        status: 'success',
      });
      flowTwo = await createFlow({
        userId: currentUser.id,
      });
      stepOneForFlowTwo = await createStep({
        flowId: flowTwo.id,
      });
      stepTwoForFlowTwo = await createStep({
        flowId: flowTwo.id,
      });
      executionTwo = await createExecution({
        flowId: flowTwo.id,
      });
      await createExecutionStep({
        executionId: executionTwo.id,
        stepId: stepOneForFlowTwo.id,
        status: 'success',
      });
      await createExecutionStep({
        executionId: executionTwo.id,
        stepId: stepTwoForFlowTwo.id,
        status: 'failure',
      });
      flowThree = await createFlow({
        userId: anotherUser.id,
      });
      stepOneForFlowThree = await createStep({
        flowId: flowThree.id,
      });
      stepTwoForFlowThree = await createStep({
        flowId: flowThree.id,
      });
      executionThree = await createExecution({
        flowId: flowThree.id,
      });
      await createExecutionStep({
        executionId: executionThree.id,
        stepId: stepOneForFlowThree.id,
        status: 'success',
      });
      await createExecutionStep({
        executionId: executionThree.id,
        stepId: stepTwoForFlowThree.id,
        status: 'failure',
      });
      expectedResponseForExecutionOne = {
        node: {
          createdAt: executionOne.createdAt.getTime().toString(),
          flow: {
            active: flowOne.active,
            id: flowOne.id,
            name: flowOne.name,
            steps: [
              {
                iconUrl: `${appConfig.baseUrl}/apps/${stepOneForFlowOne.appKey}/assets/favicon.svg`,
              },
              {
                iconUrl: `${appConfig.baseUrl}/apps/${stepTwoForFlowOne.appKey}/assets/favicon.svg`,
              },
            ],
          },
          id: executionOne.id,
          status: 'success',
          testRun: executionOne.testRun,
          updatedAt: executionOne.updatedAt.getTime().toString(),
        },
      };
      expectedResponseForExecutionTwo = {
        node: {
          createdAt: executionTwo.createdAt.getTime().toString(),
          flow: {
            active: flowTwo.active,
            id: flowTwo.id,
            name: flowTwo.name,
            steps: [
              {
                iconUrl: `${appConfig.baseUrl}/apps/${stepTwoForFlowTwo.appKey}/assets/favicon.svg`,
              },
              {
                iconUrl: `${appConfig.baseUrl}/apps/${stepTwoForFlowTwo.appKey}/assets/favicon.svg`,
              },
            ],
          },
          id: executionTwo.id,
          status: 'failure',
          testRun: executionTwo.testRun,
          updatedAt: executionTwo.updatedAt.getTime().toString(),
        },
      };
      expectedResponseForExecutionThree = {
        node: {
          createdAt: executionThree.createdAt.getTime().toString(),
          flow: {
            active: flowThree.active,
            id: flowThree.id,
            name: flowThree.name,
            steps: [
              {
                iconUrl: `${appConfig.baseUrl}/apps/${stepOneForFlowThree.appKey}/assets/favicon.svg`,
              },
              {
                iconUrl: `${appConfig.baseUrl}/apps/${stepTwoForFlowThree.appKey}/assets/favicon.svg`,
              },
            ],
          },
          id: executionThree.id,
          status: 'failure',
          testRun: executionThree.testRun,
          updatedAt: executionThree.updatedAt.getTime().toString(),
        },
      };
    });
    describe('and with isCreator condition', () => {
      beforeEach(async () => {
        await createPermission({
          action: 'read',
          subject: 'Execution',
          roleId: role.id,
          conditions: ['isCreator'],
        });
      });
      it('should return executions data of the current user', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', token)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getExecutions: {
              edges: [
                expectedResponseForExecutionTwo,
                expectedResponseForExecutionOne,
              ],
              pageInfo: { currentPage: 1, totalPages: 1 },
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
    describe('and without isCreator condition', () => {
      beforeEach(async () => {
        await createPermission({
          action: 'read',
          subject: 'Execution',
          roleId: role.id,
          conditions: [],
        });
      });
      it('should return executions data of all users', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', token)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getExecutions: {
              edges: [
                expectedResponseForExecutionThree,
                expectedResponseForExecutionTwo,
                expectedResponseForExecutionOne,
              ],
              pageInfo: { currentPage: 1, totalPages: 1 },
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
    describe('and with filters', () => {
      beforeEach(async () => {
        await createPermission({
          action: 'read',
          subject: 'Execution',
          roleId: role.id,
          conditions: [],
        });
      });
      it('should return executions data for the specified flow', async () => {
        const query = `
            query {
              getExecutions(limit: 10, offset: 0, filters: { flowId: "${flowOne.id}" }) {
                pageInfo {
                  currentPage
                  totalPages
                }
                edges {
                  node {
                    id
                    testRun
                    createdAt
                    updatedAt
                    status
                    flow {
                      id
                      name
                      active
                      steps {
                        iconUrl
                      }
                    }
                  }
                }
              }
            }
          `;
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', token)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getExecutions: {
              edges: [expectedResponseForExecutionOne],
              pageInfo: { currentPage: 1, totalPages: 1 },
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
      it('should return only executions data with success status', async () => {
        const query = `
            query {
              getExecutions(limit: 10, offset: 0, filters: { status: "success" }) {
                pageInfo {
                  currentPage
                  totalPages
                }
                edges {
                  node {
                    id
                    testRun
                    createdAt
                    updatedAt
                    status
                    flow {
                      id
                      name
                      active
                      steps {
                        iconUrl
                      }
                    }
                  }
                }
              }
            }
          `;
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', token)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getExecutions: {
              edges: [expectedResponseForExecutionOne],
              pageInfo: { currentPage: 1, totalPages: 1 },
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
      it('should return only executions data within date range', async () => {
        const createdAtFrom = executionOne.createdAt.getTime().toString();
        const createdAtTo = executionOne.createdAt.getTime().toString();
        const query = `
            query {
              getExecutions(limit: 10, offset: 0, filters: { createdAt: { from: "${createdAtFrom}", to: "${createdAtTo}" }}) {
                pageInfo {
                  currentPage
                  totalPages
                }
                edges {
                  node {
                    id
                    testRun
                    createdAt
                    updatedAt
                    status
                    flow {
                      id
                      name
                      active
                      steps {
                        iconUrl
                      }
                    }
                  }
                }
              }
            }
          `;
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', token)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getExecutions: {
              edges: [expectedResponseForExecutionOne],
              pageInfo: { currentPage: 1, totalPages: 1 },
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
  });
 });
--- a/packages/backend/src/graphql/queries/get-flow.test.js
+++ b/packages/backend/src/graphql/queries/get-flow.test.js
@@ -136,7 +136,7 @@ describe('graphQL getFlow query', () => {
                  id: actionStep.id,
                  key: 'translateText',
                  parameters: {},
-                  position: 2,
+                  position: 1,
                  status: actionStep.status,
                  type: 'action',
                  webhookUrl: 'http://localhost:3000/null',
@@ -223,7 +223,7 @@ describe('graphQL getFlow query', () => {
                  id: actionStep.id,
                  key: 'translateText',
                  parameters: {},
-                  position: 2,
+                  position: 1,
                  status: actionStep.status,
                  type: 'action',
                  webhookUrl: 'http://localhost:3000/null',
--- a/packages/backend/src/graphql/queries/get-flows.js
+++ b/packages/backend/src/graphql/queries/get-flows.js
@@ -0,0 +1,40 @@
 import Flow from '../../models/flow.js';
 import paginate from '../../helpers/pagination.js';
 const getFlows = async (_parent, params, context) => {
  const conditions = context.currentUser.can('read', 'Flow');
  const userFlows = context.currentUser.$relatedQuery('flows');
  const allFlows = Flow.query();
  const baseQuery = conditions.isCreator ? userFlows : allFlows;
  const flowsQuery = baseQuery
    .clone()
    .joinRelated({
      steps: true,
    })
    .withGraphFetched({
      steps: {
        connection: true,
      },
    })
    .where((builder) => {
      if (params.connectionId) {
        builder.where('steps.connection_id', params.connectionId);
      }
      if (params.name) {
        builder.where('flows.name', 'ilike', `%${params.name}%`);
      }
      if (params.appKey) {
        builder.where('steps.app_key', params.appKey);
      }
    })
    .groupBy('flows.id')
    .orderBy('active', 'desc')
    .orderBy('updated_at', 'desc');
  return paginate(flowsQuery, params.limit, params.offset);
 };
 export default getFlows;
--- a/packages/backend/src/graphql/queries/get-invoices.ee.js
+++ b/packages/backend/src/graphql/queries/get-invoices.ee.js
@@ -0,0 +1,19 @@
 import Billing from '../../helpers/billing/index.ee.js';
 const getInvoices = async (_parent, _params, context) => {
  const subscription = await context.currentUser.$relatedQuery(
    'currentSubscription'
  );
  if (!subscription) {
    return;
  }
  const invoices = await Billing.paddleClient.getInvoices(
    Number(subscription.paddleSubscriptionId)
  );
  return invoices;
 };
 export default getInvoices;
--- a/packages/backend/src/graphql/queries/get-notifications.js
+++ b/packages/backend/src/graphql/queries/get-notifications.js
@@ -0,0 +1,16 @@
 import axios from '../../helpers/axios-with-proxy.js';
 const NOTIFICATIONS_URL =
  'https://notifications.automatisch.io/notifications.json';
 const getNotifications = async () => {
  try {
    const { data: notifications = [] } = await axios.get(NOTIFICATIONS_URL);
    return notifications;
  } catch (err) {
    return [];
  }
 };
 export default getNotifications;
--- a/packages/backend/src/graphql/queries/get-paddle-info.ee.js
+++ b/packages/backend/src/graphql/queries/get-paddle-info.ee.js
@@ -0,0 +1,10 @@
 import appConfig from '../../config/app.js';
 import Billing from '../../helpers/billing/index.ee.js';
 const getPaddleInfo = async () => {
  if (!appConfig.isCloud) return;
  return Billing.paddleInfo;
 };
 export default getPaddleInfo;
--- a/packages/backend/src/graphql/queries/get-payment-plans.ee.js
+++ b/packages/backend/src/graphql/queries/get-payment-plans.ee.js
@@ -0,0 +1,10 @@
 import appConfig from '../../config/app.js';
 import Billing from '../../helpers/billing/index.ee.js';
 const getPaymentPlans = async () => {
  if (!appConfig.isCloud) return;
  return Billing.paddlePlans;
 };
 export default getPaymentPlans;
--- a/packages/backend/src/graphql/queries/get-permission-catalog.ee.js
+++ b/packages/backend/src/graphql/queries/get-permission-catalog.ee.js
@@ -0,0 +1,7 @@
 import permissionCatalog from '../../helpers/permission-catalog.ee.js';
 const getPermissionCatalog = async () => {
  return permissionCatalog;
 };
 export default getPermissionCatalog;
--- a/packages/backend/src/graphql/queries/get-role.ee.js
+++ b/packages/backend/src/graphql/queries/get-role.ee.js
@@ -0,0 +1,17 @@
 import Role from '../../models/role.js';
 const getRole = async (_parent, params, context) => {
  context.currentUser.can('read', 'Role');
  return await Role.query()
    .leftJoinRelated({
      permissions: true,
    })
    .withGraphFetched({
      permissions: true,
    })
    .findById(params.id)
    .throwIfNotFound();
 };
 export default getRole;
--- a/packages/backend/src/graphql/queries/get-role.ee.test.js
+++ b/packages/backend/src/graphql/queries/get-role.ee.test.js
@@ -0,0 +1,164 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
 import Crypto from 'crypto';
 import { createRole } from '../../../test/factories/role';
 import { createPermission } from '../../../test/factories/permission';
 import { createUser } from '../../../test/factories/user';
 import * as license from '../../helpers/license.ee';
 describe('graphQL getRole query', () => {
  let validRole,
    invalidRoleId,
    queryWithValidRole,
    queryWithInvalidRole,
    userWithPermissions,
    userWithoutPermissions,
    tokenWithPermissions,
    tokenWithoutPermissions,
    permissionOne,
    permissionTwo;
  beforeEach(async () => {
    validRole = await createRole();
    invalidRoleId = Crypto.randomUUID();
    queryWithValidRole = `
      query {
        getRole(id: "${validRole.id}") {
          id
          name
          key
          description
          isAdmin
          permissions {
            id
            action
            subject
            conditions
          }
        }
      }
    `;
    queryWithInvalidRole = `
      query {
        getRole(id: "${invalidRoleId}") {
          id
          name
        }
      }
    `;
    permissionOne = await createPermission({
      action: 'read',
      subject: 'Role',
      roleId: validRole.id,
    });
    permissionTwo = await createPermission({
      action: 'read',
      subject: 'User',
      roleId: validRole.id,
    });
    userWithPermissions = await createUser({
      roleId: validRole.id,
    });
    userWithoutPermissions = await createUser();
    tokenWithPermissions = createAuthTokenByUserId(userWithPermissions.id);
    tokenWithoutPermissions = createAuthTokenByUserId(
      userWithoutPermissions.id
    );
  });
  describe('and with valid license', () => {
    beforeEach(async () => {
      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    });
    describe('and without permissions', () => {
      it('should throw not authorized error', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', tokenWithoutPermissions)
          .send({ query: queryWithValidRole })
          .expect(200);
        expect(response.body.errors).toBeDefined();
        expect(response.body.errors[0].message).toEqual('Not authorized!');
      });
    });
    describe('and correct permissions', () => {
      it('should return role data for a valid role id', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', tokenWithPermissions)
          .send({ query: queryWithValidRole })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getRole: {
              description: validRole.description,
              id: validRole.id,
              isAdmin: validRole.key === 'admin',
              key: validRole.key,
              name: validRole.name,
              permissions: [
                {
                  action: permissionOne.action,
                  conditions: permissionOne.conditions,
                  id: permissionOne.id,
                  subject: permissionOne.subject,
                },
                {
                  action: permissionTwo.action,
                  conditions: permissionTwo.conditions,
                  id: permissionTwo.id,
                  subject: permissionTwo.subject,
                },
              ],
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
      it('should return not found for invalid role id', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', tokenWithPermissions)
          .send({ query: queryWithInvalidRole })
          .expect(200);
        expect(response.body.errors).toBeDefined();
        expect(response.body.errors[0].message).toEqual('NotFoundError');
      });
    });
  });
  describe('and without valid license', () => {
    beforeEach(async () => {
      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(false);
    });
    describe('and correct permissions', () => {
      it('should throw not authorized error', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', tokenWithPermissions)
          .send({ query: queryWithInvalidRole })
          .expect(200);
        expect(response.body.errors).toBeDefined();
        expect(response.body.errors[0].message).toEqual('Not authorized!');
      });
    });
  });
 });
--- a/packages/backend/src/graphql/queries/get-roles.ee.js
+++ b/packages/backend/src/graphql/queries/get-roles.ee.js
@@ -0,0 +1,9 @@
 import Role from '../../models/role.js';
 const getRoles = async (_parent, params, context) => {
  context.currentUser.can('read', 'Role');
  return await Role.query().orderBy('name');
 };
 export default getRoles;
--- a/packages/backend/src/graphql/queries/get-roles.ee.test.js
+++ b/packages/backend/src/graphql/queries/get-roles.ee.test.js
@@ -0,0 +1,134 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
 import { createRole } from '../../../test/factories/role';
 import { createPermission } from '../../../test/factories/permission';
 import { createUser } from '../../../test/factories/user';
 import * as license from '../../helpers/license.ee';
 describe('graphQL getRoles query', () => {
  let currentUserRole,
    roleOne,
    roleSecond,
    query,
    userWithPermissions,
    userWithoutPermissions,
    tokenWithPermissions,
    tokenWithoutPermissions;
  beforeEach(async () => {
    currentUserRole = await createRole({ name: 'Current user role' });
    roleOne = await createRole({ name: 'Role one' });
    roleSecond = await createRole({ name: 'Role second' });
    query = `
      query {
        getRoles {
          id
          key
          name
          description
          isAdmin
        }
      }
    `;
    await createPermission({
      action: 'read',
      subject: 'Role',
      roleId: currentUserRole.id,
    });
    userWithPermissions = await createUser({
      roleId: currentUserRole.id,
    });
    userWithoutPermissions = await createUser({
      roleId: roleOne.id,
    });
    tokenWithPermissions = createAuthTokenByUserId(userWithPermissions.id);
    tokenWithoutPermissions = createAuthTokenByUserId(
      userWithoutPermissions.id
    );
  });
  describe('and with valid license', () => {
    beforeEach(async () => {
      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
    });
    describe('and without permissions', () => {
      it('should throw not authorized error', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', tokenWithoutPermissions)
          .send({ query })
          .expect(200);
        expect(response.body.errors).toBeDefined();
        expect(response.body.errors[0].message).toEqual('Not authorized!');
      });
    });
    describe('and correct permissions', () => {
      it('should return roles data', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', tokenWithPermissions)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getRoles: [
              {
                description: currentUserRole.description,
                id: currentUserRole.id,
                isAdmin: currentUserRole.key === 'admin',
                key: currentUserRole.key,
                name: currentUserRole.name,
              },
              {
                description: roleOne.description,
                id: roleOne.id,
                isAdmin: roleOne.key === 'admin',
                key: roleOne.key,
                name: roleOne.name,
              },
              {
                description: roleSecond.description,
                id: roleSecond.id,
                isAdmin: roleSecond.key === 'admin',
                key: roleSecond.key,
                name: roleSecond.name,
              },
            ],
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
  });
  describe('and without valid license', () => {
    beforeEach(async () => {
      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(false);
    });
    describe('and correct permissions', () => {
      it('should throw not authorized error', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', tokenWithPermissions)
          .send({ query })
          .expect(200);
        expect(response.body.errors).toBeDefined();
        expect(response.body.errors[0].message).toEqual('Not authorized!');
      });
    });
  });
 });
--- a/packages/backend/src/graphql/queries/get-saml-auth-provider-role-mappings.ee.js
+++ b/packages/backend/src/graphql/queries/get-saml-auth-provider-role-mappings.ee.js
@@ -0,0 +1,17 @@
 import SamlAuthProvider from '../../models/saml-auth-provider.ee.js';
 const getSamlAuthProviderRoleMappings = async (_parent, params, context) => {
  context.currentUser.can('read', 'SamlAuthProvider');
  const samlAuthProvider = await SamlAuthProvider.query()
    .findById(params.id)
    .throwIfNotFound();
  const roleMappings = await samlAuthProvider
    .$relatedQuery('samlAuthProvidersRoleMappings')
    .orderBy('remote_role_name', 'asc');
  return roleMappings;
 };
 export default getSamlAuthProviderRoleMappings;
--- a/packages/backend/src/graphql/queries/get-saml-auth-provider.ee.js
+++ b/packages/backend/src/graphql/queries/get-saml-auth-provider.ee.js
@@ -0,0 +1,14 @@
 import SamlAuthProvider from '../../models/saml-auth-provider.ee.js';
 const getSamlAuthProvider = async (_parent, params, context) => {
  context.currentUser.can('read', 'SamlAuthProvider');
  const samlAuthProvider = await SamlAuthProvider.query()
    .limit(1)
    .first()
    .throwIfNotFound();
  return samlAuthProvider;
 };
 export default getSamlAuthProvider;
--- a/packages/backend/src/graphql/queries/get-subscription-status.ee.js
+++ b/packages/backend/src/graphql/queries/get-subscription-status.ee.js
@@ -0,0 +1,17 @@
 import appConfig from '../../config/app.js';
 const getSubscriptionStatus = async (_parent, _params, context) => {
  if (!appConfig.isCloud) return;
  const currentSubscription = await context.currentUser.$relatedQuery(
    'currentSubscription'
  );
  if (!currentSubscription?.cancellationEffectiveDate) return;
  return {
    cancellationEffectiveDate: currentSubscription.cancellationEffectiveDate,
  };
 };
 export default getSubscriptionStatus;
--- a/packages/backend/src/graphql/queries/get-trial-status.ee.js
+++ b/packages/backend/src/graphql/queries/get-trial-status.ee.js
@@ -0,0 +1,17 @@
 import appConfig from '../../config/app.js';
 const getTrialStatus = async (_parent, _params, context) => {
  if (!appConfig.isCloud) return;
  const inTrial = await context.currentUser.inTrial();
  const hasActiveSubscription =
    await context.currentUser.hasActiveSubscription();
  if (!inTrial && hasActiveSubscription) return;
  return {
    expireAt: context.currentUser.trialExpiryDate,
  };
 };
 export default getTrialStatus;
--- a/packages/backend/src/graphql/queries/get-trial-status.ee.test.js
+++ b/packages/backend/src/graphql/queries/get-trial-status.ee.test.js
@@ -0,0 +1,100 @@
 import { vi, describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import User from '../../models/user';
 import { createUser } from '../../../test/factories/user';
 import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
 import { DateTime } from 'luxon';
 import appConfig from '../../config/app';
 describe('graphQL getTrialStatus query', () => {
  const query = `
    query GetTrialStatus {
      getTrialStatus {
        expireAt
      }
    }
  `;
  let user, userToken;
  beforeEach(async () => {
    const trialExpiryDate = DateTime.now().plus({ days: 30 }).toISODate();
    user = await createUser({ trialExpiryDate });
    userToken = createAuthTokenByUserId(user.id);
  });
  describe('and with cloud flag disabled', () => {
    beforeEach(async () => {
      vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(false);
    });
    it('should return null', async () => {
      const response = await request(app)
        .post('/graphql')
        .set('Authorization', userToken)
        .send({ query })
        .expect(200);
      const expectedResponsePayload = {
        data: { getTrialStatus: null },
      };
      expect(response.body).toEqual(expectedResponsePayload);
    });
  });
  describe('and with cloud flag enabled', () => {
    beforeEach(async () => {
      vi.spyOn(appConfig, 'isCloud', 'get').mockReturnValue(true);
    });
    describe('and not in trial and has active subscription', () => {
      beforeEach(async () => {
        vi.spyOn(User.prototype, 'inTrial').mockResolvedValue(false);
        vi.spyOn(User.prototype, 'hasActiveSubscription').mockResolvedValue(
          true
        );
      });
      it('should return null', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', userToken)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: { getTrialStatus: null },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
    describe('and in trial period', () => {
      beforeEach(async () => {
        vi.spyOn(User.prototype, 'inTrial').mockResolvedValue(true);
      });
      it('should return null', async () => {
        const response = await request(app)
          .post('/graphql')
          .set('Authorization', userToken)
          .send({ query })
          .expect(200);
        const expectedResponsePayload = {
          data: {
            getTrialStatus: {
              expireAt: new Date(user.trialExpiryDate).getTime().toString(),
            },
          },
        };
        expect(response.body).toEqual(expectedResponsePayload);
      });
    });
  });
 });
--- a/packages/backend/src/graphql/queries/get-user.js
+++ b/packages/backend/src/graphql/queries/get-user.js
@@ -0,0 +1,17 @@
 import User from '../../models/user.js';
 const getUser = async (_parent, params, context) => {
  context.currentUser.can('read', 'User');
  return await User.query()
    .leftJoinRelated({
      role: true,
    })
    .withGraphFetched({
      role: true,
    })
    .findById(params.id)
    .throwIfNotFound();
 };
 export default getUser;
--- a/packages/backend/src/graphql/queries/get-user.test.js
+++ b/packages/backend/src/graphql/queries/get-user.test.js
@@ -0,0 +1,146 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
 import Crypto from 'crypto';
 import { createRole } from '../../../test/factories/role';
 import { createPermission } from '../../../test/factories/permission';
 import { createUser } from '../../../test/factories/user';
 describe('graphQL getUser query', () => {
  describe('and without permissions', () => {
    it('should throw not authorized error', async () => {
      const userWithoutPermissions = await createUser();
      const anotherUser = await createUser();
      const query = `
          query {
            getUser(id: "${anotherUser.id}") {
              id
              email
            }
          }
        `;
      const token = createAuthTokenByUserId(userWithoutPermissions.id);
      const response = await request(app)
        .post('/graphql')
        .set('Authorization', token)
        .send({ query })
        .expect(200);
      expect(response.body.errors).toBeDefined();
      expect(response.body.errors[0].message).toEqual('Not authorized!');
    });
  });
  describe('and correct permissions', () => {
    let role, currentUser, anotherUser, token, requestObject;
    beforeEach(async () => {
      role = await createRole({
        key: 'sample',
        name: 'sample',
      });
      await createPermission({
        action: 'read',
        subject: 'User',
        roleId: role.id,
      });
      currentUser = await createUser({
        roleId: role.id,
      });
      anotherUser = await createUser({
        roleId: role.id,
      });
      token = createAuthTokenByUserId(currentUser.id);
      requestObject = request(app).post('/graphql').set('Authorization', token);
    });
    it('should return user data for a valid user id', async () => {
      const query = `
          query {
            getUser(id: "${anotherUser.id}") {
              id
              email
              fullName
              email
              createdAt
              updatedAt
              role {
                id
                name
              }
            }
          }
        `;
      const response = await requestObject.send({ query }).expect(200);
      const expectedResponsePayload = {
        data: {
          getUser: {
            createdAt: anotherUser.createdAt.getTime().toString(),
            email: anotherUser.email,
            fullName: anotherUser.fullName,
            id: anotherUser.id,
            role: { id: role.id, name: role.name },
            updatedAt: anotherUser.updatedAt.getTime().toString(),
          },
        },
      };
      expect(response.body).toEqual(expectedResponsePayload);
    });
    it('should not return user password for a valid user id', async () => {
      const query = `
          query {
            getUser(id: "${anotherUser.id}") {
              id
              email
              password
            }
          }
        `;
      const response = await requestObject.send({ query }).expect(400);
      expect(response.body.errors).toBeDefined();
      expect(response.body.errors[0].message).toEqual(
        'Cannot query field "password" on type "User".'
      );
    });
    it('should return not found for invalid user id', async () => {
      const invalidUserId = Crypto.randomUUID();
      const query = `
          query {
            getUser(id: "${invalidUserId}") {
              id
              email
              fullName
              email
              createdAt
              updatedAt
              role {
                id
                name
              }
            }
          }
        `;
      const response = await requestObject.send({ query }).expect(200);
      expect(response.body.errors).toBeDefined();
      expect(response.body.errors[0].message).toEqual('NotFoundError');
    });
  });
 });
--- a/packages/backend/src/graphql/queries/get-users.js
+++ b/packages/backend/src/graphql/queries/get-users.js
@@ -0,0 +1,19 @@
 import paginate from '../../helpers/pagination.js';
 import User from '../../models/user.js';
 const getUsers = async (_parent, params, context) => {
  context.currentUser.can('read', 'User');
  const usersQuery = User.query()
    .leftJoinRelated({
      role: true,
    })
    .withGraphFetched({
      role: true,
    })
    .orderBy('full_name', 'asc');
  return paginate(usersQuery, params.limit, params.offset);
 };
 export default getUsers;
--- a/packages/backend/src/graphql/queries/get-users.test.js
+++ b/packages/backend/src/graphql/queries/get-users.test.js
@@ -0,0 +1,148 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
 import { createRole } from '../../../test/factories/role';
 import { createPermission } from '../../../test/factories/permission';
 import { createUser } from '../../../test/factories/user';
 describe('graphQL getUsers query', () => {
  const query = `
    query {
      getUsers(limit: 10, offset: 0) {
        pageInfo {
          currentPage
          totalPages
        }
        totalCount
        edges {
          node {
            id
            fullName
            email
            role {
              id
              name
            }
          }
        }
      }
    }
  `;
  describe('and without permissions', () => {
    it('should throw not authorized error', async () => {
      const userWithoutPermissions = await createUser();
      const token = createAuthTokenByUserId(userWithoutPermissions.id);
      const response = await request(app)
        .post('/graphql')
        .set('Authorization', token)
        .send({ query })
        .expect(200);
      expect(response.body.errors).toBeDefined();
      expect(response.body.errors[0].message).toEqual('Not authorized!');
    });
  });
  describe('and with correct permissions', () => {
    let role, currentUser, anotherUser, token, requestObject;
    beforeEach(async () => {
      role = await createRole({
        key: 'sample',
        name: 'sample',
      });
      await createPermission({
        action: 'read',
        subject: 'User',
        roleId: role.id,
      });
      currentUser = await createUser({
        roleId: role.id,
        fullName: 'Current User',
      });
      anotherUser = await createUser({
        roleId: role.id,
        fullName: 'Another User',
      });
      token = createAuthTokenByUserId(currentUser.id);
      requestObject = request(app).post('/graphql').set('Authorization', token);
    });
    it('should return users data', async () => {
      const response = await requestObject.send({ query }).expect(200);
      const expectedResponsePayload = {
        data: {
          getUsers: {
            edges: [
              {
                node: {
                  email: anotherUser.email,
                  fullName: anotherUser.fullName,
                  id: anotherUser.id,
                  role: {
                    id: role.id,
                    name: role.name,
                  },
                },
              },
              {
                node: {
                  email: currentUser.email,
                  fullName: currentUser.fullName,
                  id: currentUser.id,
                  role: {
                    id: role.id,
                    name: role.name,
                  },
                },
              },
            ],
            pageInfo: {
              currentPage: 1,
              totalPages: 1,
            },
            totalCount: 2,
          },
        },
      };
      expect(response.body).toEqual(expectedResponsePayload);
    });
    it('should not return users data with password', async () => {
      const query = `
          query {
            getUsers(limit: 10, offset: 0) {
              pageInfo {
                currentPage
                totalPages
              }
              totalCount
              edges {
                node {
                  id
                  fullName
                  password
                }
              }
            }
          }
        `;
      const response = await requestObject.send({ query }).expect(400);
      expect(response.body.errors).toBeDefined();
      expect(response.body.errors[0].message).toEqual(
        'Cannot query field "password" on type "User".'
      );
    });
  });
 });
--- a/packages/backend/src/graphql/queries/healthcheck.js
+++ b/packages/backend/src/graphql/queries/healthcheck.js
@@ -0,0 +1,9 @@
 import appConfig from '../../config/app.js';
 const healthcheck = () => {
  return {
    version: appConfig.version,
  };
 };
 export default healthcheck;
--- a/packages/backend/src/graphql/queries/healthcheck.test.js
+++ b/packages/backend/src/graphql/queries/healthcheck.test.js
@@ -0,0 +1,27 @@
 import { describe, it, expect } from 'vitest';
 import request from 'supertest';
 import app from '../../app';
 import appConfig from '../../config/app';
 describe('graphQL healthcheck query', () => {
  it('should return application version', async () => {
    const query = `
      query {
        healthcheck {
          version
        }
      }
    `;
    const response = await request(app)
      .post('/graphql')
      .send({ query })
      .expect(200);
    const expectedResponsePayload = {
      data: { healthcheck: { version: appConfig.version } },
    };
    expect(response.body).toEqual(expectedResponsePayload);
  });
 });
--- a/packages/backend/src/graphql/queries/list-saml-auth-providers.ee.js
+++ b/packages/backend/src/graphql/queries/list-saml-auth-providers.ee.js
@@ -0,0 +1,9 @@
 import SamlAuthProvider from '../../models/saml-auth-provider.ee.js';
 const listSamlAuthProviders = async () => {
  const providers = await SamlAuthProvider.query().where({ active: true });
  return providers;
 };
 export default listSamlAuthProviders;
--- a/packages/backend/src/graphql/query-resolvers.js
+++ b/packages/backend/src/graphql/query-resolvers.js
@@ -1,22 +1,70 @@
 import getApp from './queries/get-app.js';
 import getAppAuthClient from './queries/get-app-auth-client.ee.js';
 import getAppAuthClients from './queries/get-app-auth-clients.ee.js';
 import getAppConfig from './queries/get-app-config.ee.js';
 import getApps from './queries/get-apps.js';
 import getBillingAndUsage from './queries/get-billing-and-usage.ee.js';
 import getConfig from './queries/get-config.ee.js';
 import getConnectedApps from './queries/get-connected-apps.js';
 import getCurrentUser from './queries/get-current-user.js';
 import getDynamicData from './queries/get-dynamic-data.js';
 import getDynamicFields from './queries/get-dynamic-fields.js';
 import getExecution from './queries/get-execution.js';
 import getExecutionSteps from './queries/get-execution-steps.js';
 import getExecutions from './queries/get-executions.js';
 import getFlow from './queries/get-flow.js';
 import getFlows from './queries/get-flows.js';
 import getInvoices from './queries/get-invoices.ee.js';
 import getNotifications from './queries/get-notifications.js';
 import getPaddleInfo from './queries/get-paddle-info.ee.js';
 import getPaymentPlans from './queries/get-payment-plans.ee.js';
 import getPermissionCatalog from './queries/get-permission-catalog.ee.js';
 import getRole from './queries/get-role.ee.js';
 import getRoles from './queries/get-roles.ee.js';
 import getSamlAuthProviderRoleMappings from './queries/get-saml-auth-provider-role-mappings.ee.js';
 import getSamlAuthProvider from './queries/get-saml-auth-provider.ee.js';
 import getStepWithTestExecutions from './queries/get-step-with-test-executions.js';
 import getSubscriptionStatus from './queries/get-subscription-status.ee.js';
 import getTrialStatus from './queries/get-trial-status.ee.js';
 import getUser from './queries/get-user.js';
 import getUsers from './queries/get-users.js';
 import healthcheck from './queries/healthcheck.js';
 import listSamlAuthProviders from './queries/list-saml-auth-providers.ee.js';
 import testConnection from './queries/test-connection.js';
 const queryResolvers = {
  getApp,
  getAppAuthClient,
  getAppAuthClients,
  getAppConfig,
  getApps,
  getBillingAndUsage,
  getConfig,
  getConnectedApps,
  getCurrentUser,
  getDynamicData,
  getDynamicFields,
  getExecution,
  getExecutions,
  getExecutionSteps,
  getFlow,
  getFlows,
  getInvoices,
  getNotifications,
  getPaddleInfo,
  getPaymentPlans,
  getPermissionCatalog,
  getRole,
  getRoles,
  getSamlAuthProvider,
  getSamlAuthProviderRoleMappings,
  getStepWithTestExecutions,
  getSubscriptionStatus,
  getTrialStatus,
  getUser,
  getUsers,
  healthcheck,
  listSamlAuthProviders,
  testConnection,
 };
--- a/packages/backend/src/graphql/schema.graphql
+++ b/packages/backend/src/graphql/schema.graphql
@@ -1,17 +1,63 @@
 type Query {
  getApps(
    name: String
    onlyWithTriggers: Boolean
    onlyWithActions: Boolean
  ): [App]
  getApp(key: String!): App
  getAppConfig(key: String!): AppConfig
  getAppAuthClient(id: String!): AppAuthClient
  getAppAuthClients(appKey: String!, active: Boolean): [AppAuthClient]
  getConnectedApps(name: String): [App]
  testConnection(id: String!): Connection
  getFlow(id: String!): Flow
  getFlows(
    limit: Int!
    offset: Int!
    appKey: String
    connectionId: String
    name: String
  ): FlowConnection
  getStepWithTestExecutions(stepId: String!): [Step]
  getExecution(executionId: String!): Execution
  getExecutions(
    limit: Int!
    offset: Int!
    filters: ExecutionFiltersInput
  ): ExecutionConnection
  getExecutionSteps(
    executionId: String!
    limit: Int!
    offset: Int!
  ): ExecutionStepConnection
  getDynamicData(
    stepId: String!
    key: String!
    parameters: JSONObject
  ): JSONObject
  getDynamicFields(
    stepId: String!
    key: String!
    parameters: JSONObject
  ): [SubstepArgument]
  getBillingAndUsage: GetBillingAndUsage
  getCurrentUser: User
  getConfig(keys: [String]): JSONObject
  getInvoices: [Invoice]
  getPaddleInfo: GetPaddleInfo
  getPaymentPlans: [PaymentPlan]
  getPermissionCatalog: PermissionCatalog
  getRole(id: String!): Role
  getRoles: [Role]
  getNotifications: [Notification]
  getSamlAuthProvider: SamlAuthProvider
  getSamlAuthProviderRoleMappings(id: String!): [SamlAuthProvidersRoleMapping]
  getSubscriptionStatus: GetSubscriptionStatus
  getTrialStatus: GetTrialStatus
  getUser(id: String!): User
  getUsers(limit: Int!, offset: Int!): UserConnection
  healthcheck: AppHealth
  listSamlAuthProviders: [ListSamlAuthProvider]
 }
 type Mutation {
@@ -242,6 +288,15 @@ type Field {
  options: [SubstepArgumentOption]
 }
 type FlowConnection {
  edges: [FlowEdge]
  pageInfo: PageInfo
 }
 type FlowEdge {
  node: Flow
 }
 enum FlowStatus {
  paused
  published
@@ -258,6 +313,15 @@ type Flow {
  status: FlowStatus
 }
 type Execution {
  id: String
  testRun: Boolean
  createdAt: String
  updatedAt: String
  status: String
  flow: Flow
 }
 type SamlAuthProvider {
  id: String
  name: String
@@ -280,6 +344,16 @@ type SamlAuthProvidersRoleMapping {
  remoteRoleName: String
 }
 type UserConnection {
  edges: [UserEdge]
  pageInfo: PageInfo
  totalCount: Int
 }
 type UserEdge {
  node: User
 }
 input CreateConnectionInput {
  key: String!
  appAuthClientId: String
@@ -547,15 +621,28 @@ type PageInfo {
  totalPages: Int!
 }
 type ExecutionEdge {
  node: Execution
 }
 type ExecutionStepEdge {
  node: ExecutionStep
 }
 type ExecutionConnection {
  edges: [ExecutionEdge]
  pageInfo: PageInfo
 }
 type ExecutionStepConnection {
  edges: [ExecutionStepEdge]
  pageInfo: PageInfo
 }
 type AppHealth {
  version: String
 }
 type License {
  id: String
  name: String
@@ -563,6 +650,14 @@ type License {
  verified: Boolean
 }
 type GetTrialStatus {
  expireAt: String
 }
 type GetSubscriptionStatus {
  cancellationEffectiveDate: String
 }
 type GetBillingAndUsage {
  subscription: Subscription
  usage: Usage
@@ -600,6 +695,33 @@ type Usage {
  task: Int
 }
 type GetPaddleInfo {
  sandbox: Boolean
  vendorId: Int
 }
 type Invoice {
  id: Int
  amount: Float
  currency: String
  payout_date: String
  receipt_url: String
 }
 type PaymentPlan {
  name: String
  limit: String
  price: String
  productId: String
 }
 type ListSamlAuthProvider {
  id: String
  name: String
  issuer: String
  loginUrl: String
 }
 type Permission {
  id: String
  action: String
@@ -607,6 +729,12 @@ type Permission {
  conditions: [String]
 }
 type PermissionCatalog {
  actions: [Action]
  subjects: [Subject]
  conditions: [Condition]
 }
 type Action {
  label: String
  key: String
@@ -658,6 +786,24 @@ input UpdateAppAuthClientInput {
  active: Boolean
 }
 type Notification {
  name: String
  createdAt: String
  documentationUrl: String
  description: String
 }
 input ExecutionCreatedAtFilterInput {
  from: String
  to: String
 }
 input ExecutionFiltersInput {
  flowId: String
  createdAt: ExecutionCreatedAtFilterInput
  status: String
 }
 schema {
  query: Query
  mutation: Mutation
--- a/packages/backend/src/helpers/authentication.js
+++ b/packages/backend/src/helpers/authentication.js
@@ -42,6 +42,10 @@ const isAuthenticatedRule = rule()(isAuthenticated);
 export const authenticationRules = {
  Query: {
    '*': isAuthenticatedRule,
    getConfig: allow,
    getNotifications: allow,
    healthcheck: allow,
    listSamlAuthProviders: allow,
  },
  Mutation: {
    '*': isAuthenticatedRule,
--- a/packages/backend/src/helpers/authorization.js
+++ b/packages/backend/src/helpers/authorization.js
@@ -11,30 +11,6 @@ const authorizationList = {
    action: 'read',
    subject: 'Flow',
  },
  'GET /api/v1/flows/': {
    action: 'read',
    subject: 'Flow',
  },
  'GET /api/v1/steps/:stepId/connection': {
    action: 'read',
    subject: 'Flow',
  },
  'GET /api/v1/steps/:stepId/previous-steps': {
    action: 'update',
    subject: 'Flow',
  },
  'POST /api/v1/steps/:stepId/dynamic-fields': {
    action: 'update',
    subject: 'Flow',
  },
  'GET /api/v1/connections/:connectionId/flows': {
    action: 'read',
    subject: 'Flow',
  },
  'GET /api/v1/apps/:appKey/flows': {
    action: 'read',
    subject: 'Flow',
  },
  'GET /api/v1/executions/:executionId': {
    action: 'read',
    subject: 'Execution',
--- a/packages/backend/src/helpers/morgan.js
+++ b/packages/backend/src/helpers/morgan.js
@@ -9,7 +9,7 @@ const stream = {
 const registerGraphQLToken = () => {
  morgan.token('graphql-query', (req) => {
    if (req.body.query) {
-      return `\n GraphQL ${req.body.query}`;
+      return `GraphQL ${req.body.query}`;
    }
  });
 };
@@ -17,7 +17,7 @@ const registerGraphQLToken = () => {
 registerGraphQLToken();
 const morganMiddleware = morgan(
-  ':method :url :status :res[content-length] - :response-time ms :graphql-query',
+  ':method :url :status :res[content-length] - :response-time ms\n:graphql-query',
  { stream }
 );
--- a/packages/backend/src/helpers/renderer.js
+++ b/packages/backend/src/helpers/renderer.js
@@ -15,7 +15,7 @@ const renderObject = (response, object, options) => {
  let data = isPaginated(object) ? object.records : object;
  const type = isPaginated(object)
-    ? object.records[0]?.constructor?.name || 'Object'
+    ? object.records[0].constructor.name
    : Array.isArray(object)
    ? object?.[0]?.constructor?.name || 'Object'
    : object.constructor.name;
@@ -44,22 +44,4 @@ const renderObject = (response, object, options) => {
  return response.json(computedPayload);
 };
-const renderError = (response, errors, status, type) => {
+export { renderObject };
  const errorStatus = status || 422;
  const errorType = type || 'ValidationError';
  const payload = {
    errors: errors.reduce((acc, error) => {
      const key = Object.keys(error)[0];
      acc[key] = error[key];
      return acc;
    }, {}),
    meta: {
      type: errorType,
    },
  };
  return response.status(errorStatus).send(payload);
 };
 export { renderObject, renderError };
--- a/packages/backend/src/helpers/webhook-handler-sync.js
+++ b/packages/backend/src/helpers/webhook-handler-sync.js
@@ -1,97 +0,0 @@
 import isEmpty from 'lodash/isEmpty.js';
 import Flow from '../models/flow.js';
 import { processTrigger } from '../services/trigger.js';
 import { processAction } from '../services/action.js';
 import globalVariable from './global-variable.js';
 import QuotaExceededError from '../errors/quote-exceeded.js';
 export default async (flowId, request, response) => {
  const flow = await Flow.query().findById(flowId).throwIfNotFound();
  const user = await flow.$relatedQuery('user');
  const testRun = !flow.active;
  const quotaExceeded = !testRun && !(await user.isAllowedToRunFlows());
  if (quotaExceeded) {
    throw new QuotaExceededError();
  }
  const [triggerStep, ...actionSteps] = await flow
    .$relatedQuery('steps')
    .withGraphFetched('connection')
    .orderBy('position', 'asc');
  const app = await triggerStep.getApp();
  const isWebhookApp = app.key === 'webhook';
  if (testRun && !isWebhookApp) {
    return response.status(404);
  }
  const connection = await triggerStep.$relatedQuery('connection');
  const $ = await globalVariable({
    flow,
    connection,
    app,
    step: triggerStep,
    testRun,
    request,
  });
  const triggerCommand = await triggerStep.getTriggerCommand();
  await triggerCommand.run($);
  const reversedTriggerItems = $.triggerOutput.data.reverse();
  // This is the case when we filter out the incoming data
  // in the run method of the webhook trigger.
  // In this case, we don't want to process anything.
  if (isEmpty(reversedTriggerItems)) {
    return response.status(204);
  }
  // set default status, but do not send it yet!
  response.status(204);
  for (const triggerItem of reversedTriggerItems) {
    const { executionId } = await processTrigger({
      flowId,
      stepId: triggerStep.id,
      triggerItem,
      testRun,
    });
    if (testRun) {
      // in case of testing, we do not process the whole process.
      continue;
    }
    for (const actionStep of actionSteps) {
      const { executionStep: actionExecutionStep } = await processAction({
        flowId: flow.id,
        stepId: actionStep.id,
        executionId,
      });
      if (actionStep.key === 'respondWith' && !response.headersSent) {
        const { headers, statusCode, body } = actionExecutionStep.dataOut;
        // we set the custom response headers
        if (headers) {
          for (const [key, value] of Object.entries(headers)) {
            if (key) {
              response.set(key, value);
            }
          }
        }
        // we send the response only if it's not sent yet. This allows us to early respond from the flow.
        response.status(statusCode);
        response.send(body);
      }
    }
  }
  return response;
 };
--- a/packages/backend/src/models/app-auth-client.js
+++ b/packages/backend/src/models/app-auth-client.js
@@ -9,11 +9,11 @@ class AppAuthClient extends Base {
  static jsonSchema = {
    type: 'object',
-    required: ['name', 'appKey', 'formattedAuthDefaults'],
+    required: ['name', 'appConfigId', 'formattedAuthDefaults'],
    properties: {
      id: { type: 'string', format: 'uuid' },
-      appKey: { type: 'string' },
+      appConfigId: { type: 'string', format: 'uuid' },
      active: { type: 'boolean' },
      authDefaults: { type: ['string', 'null'] },
      formattedAuthDefaults: { type: 'object' },
@@ -22,6 +22,17 @@ class AppAuthClient extends Base {
    },
  };
  static relationMappings = () => ({
    appConfig: {
      relation: Base.BelongsToOneRelation,
      modelClass: AppConfig,
      join: {
        from: 'app_auth_clients.app_config_id',
        to: 'app_configs.id',
      },
    },
  });
  encryptData() {
    if (!this.eligibleForEncryption()) return;
@@ -60,21 +71,6 @@ class AppAuthClient extends Base {
    this.encryptData();
  }
  async assignCanConnectForAppConfig() {
    const appConfig = await AppConfig.query().findOne({ key: this.appKey });
    await appConfig?.assignCanConnect();
  }
  async $afterInsert(queryContext) {
    await super.$afterInsert(queryContext);
    await this.assignCanConnectForAppConfig();
  }
  async $afterUpdate(opt, queryContext) {
    await super.$afterUpdate(opt, queryContext);
    await this.assignCanConnectForAppConfig();
  }
  async $afterFind() {
    this.decryptData();
  }
--- a/packages/backend/src/models/app-config.js
+++ b/packages/backend/src/models/app-config.js
@@ -1,6 +1,6 @@
 import App from './app.js';
 import AppAuthClient from './app-auth-client.js';
 import Base from './base.js';
 import AppAuthClient from './app-auth-client.js';
 class AppConfig extends Base {
  static tableName = 'app_configs';
@@ -15,48 +15,45 @@ class AppConfig extends Base {
      allowCustomConnection: { type: 'boolean', default: false },
      shared: { type: 'boolean', default: false },
      disabled: { type: 'boolean', default: false },
      canConnect: { type: 'boolean', default: false },
    },
  };
  static get virtualAttributes() {
    return ['canConnect', 'canCustomConnect'];
  }
  static relationMappings = () => ({
    appAuthClients: {
      relation: Base.HasManyRelation,
      modelClass: AppAuthClient,
      join: {
        from: 'app_configs.id',
        to: 'app_auth_clients.app_config_id',
      },
    },
  });
  get canCustomConnect() {
    return !this.disabled && this.allowCustomConnection;
  }
  get canConnect() {
    const hasSomeActiveAppAuthClients = !!this.appAuthClients?.some(
      (appAuthClient) => appAuthClient.active
    );
    const shared = this.shared;
    const active = this.disabled === false;
    const conditions = [hasSomeActiveAppAuthClients, shared, active];
    return conditions.every(Boolean);
  }
  async getApp() {
    if (!this.key) return null;
    return await App.findOneByKey(this.key);
  }
  async hasActiveAppAuthClients() {
    const appAuthClients = await AppAuthClient.query().where({
      appKey: this.key,
    });
    const hasSomeActiveAppAuthClients = !!appAuthClients?.some(
      (appAuthClient) => appAuthClient.active
    );
    return hasSomeActiveAppAuthClients;
  }
  async assignCanConnect() {
    const shared = this.shared;
    const active = this.disabled === false;
    const hasSomeActiveAppAuthClients = await this.hasActiveAppAuthClients();
    const conditions = [hasSomeActiveAppAuthClients, shared, active];
    const canConnect = conditions.every(Boolean);
    this.canConnect = canConnect;
  }
  async $beforeInsert(queryContext) {
    await super.$beforeInsert(queryContext);
    await this.assignCanConnect();
  }
  async $beforeUpdate(opt, queryContext) {
    await super.$beforeUpdate(opt, queryContext);
    await this.assignCanConnect();
  }
 }
 export default AppConfig;
--- a/packages/backend/src/models/step.js
+++ b/packages/backend/src/models/step.js
@@ -7,7 +7,6 @@ import Connection from './connection.js';
 import ExecutionStep from './execution-step.js';
 import Telemetry from '../helpers/telemetry/index.js';
 import appConfig from '../config/app.js';
 import globalVariable from '../helpers/global-variable.js';
 class Step extends Base {
  static tableName = 'steps';
@@ -104,10 +103,6 @@ class Step extends Base {
      return `/webhooks/connections/${this.connectionId}`;
    }
    if (this.parameters.workSynchronously) {
      return `/webhooks/flows/${this.flowId}/sync`;
    }
    return `/webhooks/flows/${this.flowId}`;
  }
@@ -166,7 +161,7 @@ class Step extends Base {
    if (!isTrigger || !appKey || !key) return null;
    const app = await App.findOneByKey(appKey);
-    const command = app.triggers?.find((trigger) => trigger.key === key);
+    const command = app.triggers.find((trigger) => trigger.key === key);
    return command;
  }
@@ -176,7 +171,7 @@ class Step extends Base {
    if (!isAction || !appKey || !key) return null;
    const app = await App.findOneByKey(appKey);
-    const command = app.actions?.find((action) => action.key === key);
+    const command = app.actions.find((action) => action.key === key);
    return command;
  }
@@ -197,26 +192,6 @@ class Step extends Base {
    return existingArguments;
  }
  async createDynamicFields(dynamicFieldsKey, parameters) {
    const connection = await this.$relatedQuery('connection');
    const flow = await this.$relatedQuery('flow');
    const app = await this.getApp();
    const $ = await globalVariable({ connection, app, flow, step: this });
    const command = app.dynamicFields.find(
      (data) => data.key === dynamicFieldsKey
    );
    for (const parameterKey in parameters) {
      const parameterValue = parameters[parameterKey];
      $.step.parameters[parameterKey] = parameterValue;
    }
    const dynamicFields = (await command.run($)) || [];
    return dynamicFields;
  }
  async updateWebhookUrl() {
    if (this.isAction) return this;
--- a/packages/backend/src/models/user.js
+++ b/packages/backend/src/models/user.js
@@ -5,7 +5,6 @@ import crypto from 'node:crypto';
 import appConfig from '../config/app.js';
 import { hasValidLicense } from '../helpers/license.ee.js';
 import userAbility from '../helpers/user-ability.js';
 import createAuthTokenByUserId from '../helpers/create-auth-token-by-user-id.js';
 import Base from './base.js';
 import Connection from './connection.js';
 import Execution from './execution.js';
@@ -150,11 +149,6 @@ class User extends Base {
    return conditions.isCreator ? this.$relatedQuery('flows') : Flow.query();
  }
  get authorizedSteps() {
    const conditions = this.can('read', 'Flow');
    return conditions.isCreator ? this.$relatedQuery('steps') : Step.query();
  }
  get authorizedExecutions() {
    const conditions = this.can('read', 'Execution');
    return conditions.isCreator
@@ -162,17 +156,6 @@ class User extends Base {
      : Execution.query();
  }
  static async authenticate(email, password) {
    const user = await User.query().findOne({
      email: email?.toLowerCase() || null,
    });
    if (user && (await user.login(password))) {
      const token = createAuthTokenByUserId(user.id);
      return token;
    }
  }
  login(password) {
    return bcrypt.compare(password, this.password);
  }
@@ -267,31 +250,6 @@ class User extends Base {
    return currentUsageData.consumedTaskCount < plan.quota;
  }
  async getPlanAndUsage() {
    const usageData = await this.$relatedQuery(
      'currentUsageData'
    ).throwIfNotFound();
    const subscription = await this.$relatedQuery('currentSubscription');
    const currentPlan = Billing.paddlePlans.find(
      (plan) => plan.productId === subscription?.paddlePlanId
    );
    const planAndUsage = {
      usage: {
        task: usageData.consumedTaskCount,
      },
      plan: {
        id: subscription?.paddlePlanId || null,
        name: subscription ? currentPlan.name : 'Free Trial',
        limit: currentPlan?.limit || null,
      },
    };
    return planAndUsage;
  }
  async getInvoices() {
    const subscription = await this.$relatedQuery('currentSubscription');
--- a/Show More
+++ b/Show More
		`@@ -1,3 +0,0 @@`
			`import respondWith from './respond-with/index.js';`

			`export default [respondWith];`