test: add delete flow tests

test(connection): write model tests

.github/workflows/playwright.yml

@@ -12,6 +12,9 @@ on:
   workflow_dispatch:
 
 env:
+  BULLMQ_DASHBOARD_USERNAME: root
+  BULLMQ_DASHBOARD_PASSWORD: sample
+  ENABLE_BULLMQ_DASHBOARD: true
   ENCRYPTION_KEY: sample_encryption_key
   WEBHOOK_SECRET_KEY: sample_webhook_secret_key
   APP_SECRET_KEY: sample_app_secret_key
@@ -22,6 +25,7 @@ env:
   POSTGRES_PASSWORD: automatisch_password
   REDIS_HOST: localhost
   APP_ENV: production
+  PORT: 3000
   LICENSE_KEY: dummy_license_key
 
 jobs:

packages/backend/bin/database/utils.js

@@ -10,7 +10,7 @@ import process from 'process';
 async function fetchAdminRole() {
   const role = await Role.query()
     .where({
-      key: 'admin',
+      name: 'Admin',
     })
     .limit(1)
     .first();

packages/backend/package.json

@@ -11,6 +11,7 @@
     "start:worker": "node src/worker.js",
     "pretest": "APP_ENV=test node ./test/setup/prepare-test-env.js",
     "test": "APP_ENV=test vitest run",
+    "test:watch": "APP_ENV=test vitest watch",
     "lint": "eslint .",
     "db:create": "node ./bin/database/create.js",
     "db:seed:user": "node ./bin/database/seed-user.js",
@@ -22,8 +23,6 @@
   "dependencies": {
     "@bull-board/express": "^3.10.1",
     "@casl/ability": "^6.5.0",
-    "@graphql-tools/graphql-file-loader": "^7.3.4",
-    "@graphql-tools/load": "^7.5.2",
     "@node-saml/passport-saml": "^4.0.4",
     "@rudderstack/rudder-sdk-node": "^1.1.2",
     "@sentry/node": "^7.42.0",
@@ -38,13 +37,9 @@
     "debug": "~2.6.9",
     "dotenv": "^10.0.0",
     "express": "~4.18.2",
-    "express-async-handler": "^1.2.0",
+    "express-async-errors": "^3.1.1",
     "express-basic-auth": "^1.2.1",
-    "express-graphql": "^0.12.0",
     "fast-xml-parser": "^4.0.11",
-    "graphql-middleware": "^6.1.15",
-    "graphql-shield": "^7.5.0",
-    "graphql-tools": "^8.2.0",
     "handlebars": "^4.7.7",
     "http-errors": "~1.6.3",
     "http-proxy-agent": "^7.0.0",
@@ -106,7 +101,9 @@
     "access": "public"
   },
   "nodemonConfig": {
-    "watch": [ "src/" ],
+    "watch": [
+      "src/"
+    ],
     "ext": "js"
   }
 }

packages/backend/src/app.js

@@ -1,5 +1,6 @@
 import createError from 'http-errors';
 import express from 'express';
+import 'express-async-errors';
 import cors from 'cors';
 
 import appConfig from './config/app.js';

packages/backend/src/apps/airtable/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.airtable.com',
   iconUrl: '{BASE_URL}/apps/airtable/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/airtable/connection',
-  primaryColor: 'FFBF00',
+  primaryColor: '#FFBF00',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/appwrite/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: 'https://cloud.appwrite.io',
   iconUrl: '{BASE_URL}/apps/appwrite/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/appwrite/connection',
-  primaryColor: 'FD366E',
+  primaryColor: '#FD366E',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/azure-openai/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: '',
   iconUrl: '{BASE_URL}/apps/azure-openai/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/azure-openai/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/carbone/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://carbone.io',
   apiBaseUrl: 'https://api.carbone.io',
-  primaryColor: '6f42c1',
+  primaryColor: '#6f42c1',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/clickup/index.js

@@ -12,8 +12,8 @@ export default defineApp({
   baseUrl: 'https://clickup.com',
   apiBaseUrl: 'https://api.clickup.com/api',
   iconUrl: '{BASE_URL}/apps/clickup/assets/favicon.svg',
-  authDocUrl: 'https://automatisch.io/docs/apps/clickup/connection',
-  primaryColor: 'FD71AF',
+  authDocUrl: '{DOCS_URL}/apps/clickup/connection',
+  primaryColor: '#FD71AF',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/code/actions/run-javascript/index.js

@@ -33,6 +33,7 @@ export default defineAction({
           type: 'string',
           required: true,
           variables: true,
+          valueType: 'parse',
         },
       ],
     },

packages/backend/src/apps/code/index.js

@@ -8,7 +8,7 @@ export default defineApp({
   apiBaseUrl: '',
   iconUrl: '{BASE_URL}/apps/code/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/code/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: false,
   actions,
 });

packages/backend/src/apps/cryptography/index.js

@@ -9,6 +9,6 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '001F52',
+  primaryColor: '#001F52',
   actions,
 });

packages/backend/src/apps/datastore/index.js

@@ -9,6 +9,6 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '001F52',
+  primaryColor: '#001F52',
   actions,
 });

packages/backend/src/apps/deepl/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://deepl.com',
   apiBaseUrl: 'https://api.deepl.com',
-  primaryColor: '0d2d45',
+  primaryColor: '#0d2d45',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/delay/index.js

@@ -9,6 +9,6 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '001F52',
+  primaryColor: '#001F52',
   actions,
 });

packages/backend/src/apps/discord/index.js

@@ -14,7 +14,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://discord.com',
   apiBaseUrl: 'https://discord.com/api',
-  primaryColor: '5865f2',
+  primaryColor: '#5865f2',
   beforeRequest: [addAuthHeader],
   auth,
   dynamicData,

packages/backend/src/apps/disqus/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://disqus.com/api',
   iconUrl: '{BASE_URL}/apps/disqus/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/disqus/connection',
-  primaryColor: '2E9FFF',
+  primaryColor: '#2E9FFF',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/dropbox/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://dropbox.com',
   apiBaseUrl: 'https://api.dropboxapi.com',
-  primaryColor: '0061ff',
+  primaryColor: '#0061ff',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/filter/index.js

@@ -9,6 +9,6 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '001F52',
+  primaryColor: '#001F52',
   actions,
 });

packages/backend/src/apps/flickr/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   iconUrl: '{BASE_URL}/apps/flickr/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/flickr/connection',
   docUrl: 'https://automatisch.io/docs/flickr',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   baseUrl: 'https://www.flickr.com/',
   apiBaseUrl: 'https://www.flickr.com/services',

packages/backend/src/apps/flowers-software/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://flowers-software.com',
   apiBaseUrl: 'https://webapp.flowers-software.com/api',
-  primaryColor: '02AFC7',
+  primaryColor: '#02AFC7',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/formatter/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '001F52',
+  primaryColor: '#001F52',
   actions,
   dynamicFields,
 });

packages/backend/src/apps/ghost/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: '',
   iconUrl: '{BASE_URL}/apps/ghost/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/ghost/connection',
-  primaryColor: '15171A',
+  primaryColor: '#15171A',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/github/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.github.com',
   iconUrl: '{BASE_URL}/apps/github/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/github/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/gitlab/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: 'https://gitlab.com',
   iconUrl: '{BASE_URL}/apps/gitlab/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/gitlab/connection',
-  primaryColor: 'FC6D26',
+  primaryColor: '#FC6D26',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/google-calendar/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://www.googleapis.com/calendar',
   iconUrl: '{BASE_URL}/apps/google-calendar/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/google-calendar/connection',
-  primaryColor: '448AFF',
+  primaryColor: '#448AFF',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/google-drive/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://www.googleapis.com/drive',
   iconUrl: '{BASE_URL}/apps/google-drive/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/google-drive/connection',
-  primaryColor: '1FA463',
+  primaryColor: '#1FA463',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/google-forms/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://forms.googleapis.com',
   iconUrl: '{BASE_URL}/apps/google-forms/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/google-forms/connection',
-  primaryColor: '673AB7',
+  primaryColor: '#673AB7',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/google-sheets/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   apiBaseUrl: 'https://sheets.googleapis.com',
   iconUrl: '{BASE_URL}/apps/google-sheets/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/google-sheets/connection',
-  primaryColor: '0F9D58',
+  primaryColor: '#0F9D58',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/google-tasks/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: 'https://tasks.googleapis.com',
   iconUrl: '{BASE_URL}/apps/google-tasks/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/google-tasks/connection',
-  primaryColor: '0066DA',
+  primaryColor: '#0066DA',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/helix/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://app.tryhelix.ai',
   iconUrl: '{BASE_URL}/apps/helix/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/helix/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/http-request/index.js

@@ -9,6 +9,6 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   actions,
 });

packages/backend/src/apps/hubspot/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://www.hubspot.com',
   apiBaseUrl: 'https://api.hubapi.com',
-  primaryColor: 'F95C35',
+  primaryColor: '#F95C35',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/invoice-ninja/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   apiBaseUrl: 'https://invoicing.co/api',
   iconUrl: '{BASE_URL}/apps/invoice-ninja/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/invoice-ninja/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/jotform/index.js

@@ -9,11 +9,11 @@ export default defineApp({
   name: 'Jotform',
   key: 'jotform',
   iconUrl: '{BASE_URL}/apps/jotform/assets/favicon.svg',
-  authDocUrl: 'https://automatisch.io/docs/apps/jotform/connection',
+  authDocUrl: '{DOCS_URL}/apps/jotform/connection',
   supportsConnections: true,
   baseUrl: 'https://www.jotform.com',
   apiBaseUrl: 'https://api.jotform.com',
-  primaryColor: 'FF6100',
+  primaryColor: '#FF6100',
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/mailchimp/index.js

@@ -12,8 +12,8 @@ export default defineApp({
   baseUrl: 'https://mailchimp.com',
   apiBaseUrl: '',
   iconUrl: '{BASE_URL}/apps/mailchimp/assets/favicon.svg',
-  authDocUrl: 'https://automatisch.io/docs/apps/mailchimp/connection',
-  primaryColor: '000000',
+  authDocUrl: '{DOCS_URL}/apps/mailchimp/connection',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/mailerlite/index.js

@@ -7,11 +7,11 @@ export default defineApp({
   name: 'MailerLite',
   key: 'mailerlite',
   iconUrl: '{BASE_URL}/apps/mailerlite/assets/favicon.svg',
-  authDocUrl: 'https://automatisch.io/docs/apps/mailerlite/connection',
+  authDocUrl: '{DOCS_URL}/apps/mailerlite/connection',
   supportsConnections: true,
   baseUrl: 'https://www.mailerlite.com',
   apiBaseUrl: 'https://connect.mailerlite.com/api',
-  primaryColor: '09C269',
+  primaryColor: '#09C269',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/mattermost/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   authDocUrl: '{DOCS_URL}/apps/mattermost/connection',
   baseUrl: 'https://mattermost.com',
   apiBaseUrl: '', // there is no cloud version of this app, user always need to provide address of own instance when creating connection
-  primaryColor: '4a154b',
+  primaryColor: '#4a154b',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addXRequestedWithHeader, addAuthHeader],
   auth,

packages/backend/src/apps/miro/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.miro.com',
   iconUrl: '{BASE_URL}/apps/miro/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/miro/connection',
-  primaryColor: 'F2CA02',
+  primaryColor: '#F2CA02',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/notion/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.notion.com',
   iconUrl: '{BASE_URL}/apps/notion/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/notion/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [addAuthHeader, addNotionVersionHeader],
   auth,

packages/backend/src/apps/ntfy/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://ntfy.sh',
   apiBaseUrl: 'https://ntfy.sh',
-  primaryColor: '56bda8',
+  primaryColor: '#56bda8',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/odoo/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://odoo.com',
   apiBaseUrl: '',
-  primaryColor: '9c5789',
+  primaryColor: '#9c5789',
   auth,
   actions,
 });

packages/backend/src/apps/openai/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.openai.com',
   iconUrl: '{BASE_URL}/apps/openai/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/openai/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/pipedrive/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   apiBaseUrl: '',
   iconUrl: '{BASE_URL}/apps/pipedrive/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/pipedrive/connection',
-  primaryColor: 'FFFFFF',
+  primaryColor: '#FFFFFF',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/placetel/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://placetel.de',
   apiBaseUrl: 'https://api.placetel.de',
-  primaryColor: '069dd9',
+  primaryColor: '#069dd9',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/postgresql/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '336791',
+  primaryColor: '#336791',
   auth,
   actions,
 });

packages/backend/src/apps/pushover/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.pushover.net',
   iconUrl: '{BASE_URL}/apps/pushover/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/pushover/connection',
-  primaryColor: '249DF1',
+  primaryColor: '#249DF1',
   supportsConnections: true,
   auth,
   actions,

packages/backend/src/apps/reddit/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://oauth.reddit.com',
   iconUrl: '{BASE_URL}/apps/reddit/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/reddit/connection',
-  primaryColor: 'FF4500',
+  primaryColor: '#FF4500',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/removebg/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://www.remove.bg',
   apiBaseUrl: 'https://api.remove.bg/v1.0',
-  primaryColor: '55636c',
+  primaryColor: '#55636c',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/rss/index.js

@@ -9,6 +9,6 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: 'ff8800',
+  primaryColor: '#ff8800',
   triggers,
 });

packages/backend/src/apps/salesforce/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://salesforce.com',
   apiBaseUrl: '',
-  primaryColor: '00A1E0',
+  primaryColor: '#00A1E0',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/scheduler/index.js

@@ -9,7 +9,7 @@ export default defineApp({
   authDocUrl: '{DOCS_URL}/apps/scheduler/connection',
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '0059F7',
+  primaryColor: '#0059F7',
   supportsConnections: false,
   triggers,
 });

packages/backend/src/apps/self-hosted-llm/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: '',
   iconUrl: '{BASE_URL}/apps/self-hosted-llm/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/self-hosted-llm/connection',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   supportsConnections: true,
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,

packages/backend/src/apps/signalwire/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://signalwire.com',
   apiBaseUrl: '',
-  primaryColor: '044cf6',
+  primaryColor: '#044cf6',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/slack/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://slack.com',
   apiBaseUrl: 'https://slack.com/api',
-  primaryColor: '4a154b',
+  primaryColor: '#4a154b',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/smtp/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '2DAAE1',
+  primaryColor: '#2DAAE1',
   auth,
   actions,
 });

packages/backend/src/apps/spotify/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://spotify.com',
   apiBaseUrl: 'https://api.spotify.com',
-  primaryColor: '000000',
+  primaryColor: '#000000',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/strava/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://www.strava.com',
   apiBaseUrl: 'https://www.strava.com/api',
-  primaryColor: 'fc4c01',
+  primaryColor: '#fc4c01',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/stripe/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://stripe.com',
   apiBaseUrl: 'https://api.stripe.com',
-  primaryColor: '635bff',
+  primaryColor: '#635bff',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/telegram-bot/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://telegram.org',
   apiBaseUrl: 'https://api.telegram.org',
-  primaryColor: '2AABEE',
+  primaryColor: '#2AABEE',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/todoist/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://todoist.com',
   apiBaseUrl: 'https://api.todoist.com/rest/v2',
-  primaryColor: 'e44332',
+  primaryColor: '#e44332',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/trello/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   iconUrl: '{BASE_URL}/apps/trello/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/trello/connection',
   supportsConnections: true,
-  primaryColor: '0079bf',
+  primaryColor: '#0079bf',
   beforeRequest: [addAuthHeader],
   auth,
   actions,

packages/backend/src/apps/twilio/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://twilio.com',
   apiBaseUrl: 'https://api.twilio.com',
-  primaryColor: 'e1000f',
+  primaryColor: '#e1000f',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/twitter/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://twitter.com',
   apiBaseUrl: 'https://api.twitter.com',
-  primaryColor: '1da1f2',
+  primaryColor: '#1da1f2',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/typeform/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://typeform.com',
   apiBaseUrl: 'https://api.typeform.com',
-  primaryColor: '262627',
+  primaryColor: '#262627',
   beforeRequest: [addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/vtiger-crm/index.js

@@ -14,7 +14,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '39a86d',
+  primaryColor: '#39a86d',
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/webhook/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   supportsConnections: false,
   baseUrl: '',
   apiBaseUrl: '',
-  primaryColor: '0059F7',
+  primaryColor: '#0059F7',
   actions,
   triggers,
 });

packages/backend/src/apps/wordpress/index.js

@@ -13,7 +13,7 @@ export default defineApp({
   supportsConnections: true,
   baseUrl: 'https://wordpress.com',
   apiBaseUrl: '',
-  primaryColor: '464342',
+  primaryColor: '#464342',
   beforeRequest: [setBaseUrl, addAuthHeader],
   auth,
   triggers,

packages/backend/src/apps/wordpress/triggers/new-comment/index.js

@@ -4,6 +4,7 @@ export default defineTrigger({
   name: 'New comment',
   key: 'newComment',
   description: 'Triggers when a new comment is created.',
+  pollInterval: 15,
   arguments: [
     {
       label: 'Status',

packages/backend/src/apps/wordpress/triggers/new-page/index.js

@@ -3,6 +3,7 @@ import defineTrigger from '../../../../helpers/define-trigger.js';
 export default defineTrigger({
   name: 'New page',
   key: 'newPage',
+  pollInterval: 15,
   description: 'Triggers when a new page is created.',
   arguments: [
     {

packages/backend/src/apps/wordpress/triggers/new-post/index.js

@@ -3,6 +3,7 @@ import defineTrigger from '../../../../helpers/define-trigger.js';
 export default defineTrigger({
   name: 'New post',
   key: 'newPost',
+  pollInterval: 15,
   description: 'Triggers when a new post is created.',
   arguments: [
     {

packages/backend/src/apps/xero/index.js

@@ -11,7 +11,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.xero.com',
   iconUrl: '{BASE_URL}/apps/xero/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/xero/connection',
-  primaryColor: '13B5EA',
+  primaryColor: '#13B5EA',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/you-need-a-budget/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   apiBaseUrl: 'https://api.ynab.com/v1',
   iconUrl: '{BASE_URL}/apps/you-need-a-budget/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/you-need-a-budget/connection',
-  primaryColor: '19223C',
+  primaryColor: '#19223C',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/youtube/index.js

@@ -10,7 +10,7 @@ export default defineApp({
   apiBaseUrl: 'https://www.googleapis.com/youtube',
   iconUrl: '{BASE_URL}/apps/youtube/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/youtube/connection',
-  primaryColor: 'FF0000',
+  primaryColor: '#FF0000',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/apps/youtube/triggers/new-video-by-search/index.js

@@ -3,6 +3,7 @@ import defineTrigger from '../../../../helpers/define-trigger.js';
 export default defineTrigger({
   name: 'New video by search',
   key: 'newVideoBySearch',
+  pollInterval: 15,
   description:
     'Triggers when a new video is uploaded that matches a specific search string.',
   arguments: [

packages/backend/src/apps/youtube/triggers/new-video-in-channel/index.js

@@ -3,6 +3,7 @@ import defineTrigger from '../../../../helpers/define-trigger.js';
 export default defineTrigger({
   name: 'New video in channel',
   key: 'newVideoInChannel',
+  pollInterval: 15,
   description:
     'Triggers when a new video is published to a specific Youtube channel.',
   arguments: [

packages/backend/src/apps/zendesk/index.js

@@ -12,7 +12,7 @@ export default defineApp({
   apiBaseUrl: '',
   iconUrl: '{BASE_URL}/apps/zendesk/assets/favicon.svg',
   authDocUrl: '{DOCS_URL}/apps/zendesk/connection',
-  primaryColor: '17494d',
+  primaryColor: '#17494d',
   supportsConnections: true,
   beforeRequest: [addAuthHeader],
   auth,

packages/backend/src/config/cors-options.js

@@ -2,7 +2,7 @@ import appConfig from './app.js';
 
 const corsOptions = {
   origin: appConfig.webAppUrl,
-  methods: 'GET,HEAD,POST,DELETE',
+  methods: 'GET,HEAD,POST,PATCH,DELETE',
   credentials: true,
   optionsSuccessStatus: 200,
 };

packages/backend/src/controllers/api/v1/access-tokens/revoke-access-token.js

@@ -11,5 +11,5 @@ export default async (request, response) => {
 
   await accessToken.revoke();
 
-  response.status(204).send();
+  response.status(204).end();
 };

packages/backend/src/controllers/api/v1/admin/apps/create-auth-client.ee.js

@@ -0,0 +1,25 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppConfig from '../../../../../models/app-config.js';
+
+export default async (request, response) => {
+  const appConfig = await AppConfig.query()
+    .findOne({ key: request.params.appKey })
+    .throwIfNotFound();
+
+  const appAuthClient = await appConfig
+    .$relatedQuery('appAuthClients')
+    .insert(appAuthClientParams(request));
+
+  renderObject(response, appAuthClient, { status: 201 });
+};
+
+const appAuthClientParams = (request) => {
+  const { active, appKey, name, formattedAuthDefaults } = request.body;
+
+  return {
+    active,
+    appKey,
+    name,
+    formattedAuthDefaults,
+  };
+};

packages/backend/src/controllers/api/v1/admin/apps/create-auth-client.ee.test.js

@@ -0,0 +1,94 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import createAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/create-auth-client.js';
+import { createAppConfig } from '../../../../../../test/factories/app-config.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('POST /api/v1/admin/apps/:appKey/auth-clients', () => {
+  let currentUser, adminRole, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ name: 'Admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return created response for valid app config', async () => {
+    await createAppConfig({
+      key: 'gitlab',
+    });
+
+    const appAuthClient = {
+      active: true,
+      appKey: 'gitlab',
+      name: 'First auth client',
+      formattedAuthDefaults: {
+        clientid: 'sample client ID',
+        clientSecret: 'sample client secret',
+        instanceUrl: 'https://gitlab.com',
+        oAuthRedirectUrl: 'http://localhost:3001/app/gitlab/connection/add',
+      },
+    };
+
+    const response = await request(app)
+      .post('/api/v1/admin/apps/gitlab/auth-clients')
+      .set('Authorization', token)
+      .send(appAuthClient)
+      .expect(201);
+
+    const expectedPayload = createAppAuthClientMock(appAuthClient);
+    expect(response.body).toMatchObject(expectedPayload);
+  });
+
+  it('should return not found response for not existing app config', async () => {
+    const appAuthClient = {
+      active: true,
+      appKey: 'gitlab',
+      name: 'First auth client',
+      formattedAuthDefaults: {
+        clientid: 'sample client ID',
+        clientSecret: 'sample client secret',
+        instanceUrl: 'https://gitlab.com',
+        oAuthRedirectUrl: 'http://localhost:3001/app/gitlab/connection/add',
+      },
+    };
+
+    await request(app)
+      .post('/api/v1/admin/apps/gitlab/auth-clients')
+      .set('Authorization', token)
+      .send(appAuthClient)
+      .expect(404);
+  });
+
+  it('should return bad request response for missing required fields', async () => {
+    await createAppConfig({
+      key: 'gitlab',
+    });
+
+    const appAuthClient = {
+      appKey: 'gitlab',
+    };
+
+    const response = await request(app)
+      .post('/api/v1/admin/apps/gitlab/auth-clients')
+      .set('Authorization', token)
+      .send(appAuthClient)
+      .expect(422);
+
+    expect(response.body.meta.type).toEqual('ModelValidation');
+    expect(response.body.errors).toMatchObject({
+      name: ["must have required property 'name'"],
+      formattedAuthDefaults: [
+        "must have required property 'formattedAuthDefaults'",
+      ],
+    });
+  });
+});

packages/backend/src/controllers/api/v1/admin/apps/create-config.ee.js

@@ -0,0 +1,21 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppConfig from '../../../../../models/app-config.js';
+
+export default async (request, response) => {
+  const createdAppConfig = await AppConfig.query().insertAndFetch(
+    appConfigParams(request)
+  );
+
+  renderObject(response, createdAppConfig, { status: 201 });
+};
+
+const appConfigParams = (request) => {
+  const { allowCustomConnection, shared, disabled } = request.body;
+
+  return {
+    key: request.params.appKey,
+    allowCustomConnection,
+    shared,
+    disabled,
+  };
+};

packages/backend/src/controllers/api/v1/admin/apps/create-config.ee.test.js

@@ -0,0 +1,67 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import createAppConfigMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/create-config.js';
+import { createAppConfig } from '../../../../../../test/factories/app-config.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('POST /api/v1/admin/apps/:appKey/config', () => {
+  let currentUser, adminRole, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ name: 'Admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return created app config', async () => {
+    const appConfig = {
+      allowCustomConnection: true,
+      shared: true,
+      disabled: false,
+    };
+
+    const response = await request(app)
+      .post('/api/v1/admin/apps/gitlab/config')
+      .set('Authorization', token)
+      .send(appConfig)
+      .expect(201);
+
+    const expectedPayload = createAppConfigMock({
+      ...appConfig,
+      key: 'gitlab',
+    });
+    expect(response.body).toMatchObject(expectedPayload);
+  });
+
+  it('should return HTTP 422 for already existing app config', async () => {
+    const appConfig = {
+      key: 'gitlab',
+      allowCustomConnection: true,
+      shared: true,
+      disabled: false,
+    };
+
+    await createAppConfig(appConfig);
+
+    const response = await request(app)
+      .post('/api/v1/admin/apps/gitlab/config')
+      .set('Authorization', token)
+      .send({
+        disabled: false,
+      })
+      .expect(422);
+
+    expect(response.body.meta.type).toEqual('UniqueViolationError');
+    expect(response.body.errors).toMatchObject({
+      key: ["'key' must be unique."],
+    });
+  });
+});

packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.test.js

@@ -15,7 +15,7 @@ describe('GET /api/v1/admin/apps/:appKey/auth-clients/:appAuthClientId', () => {
   beforeEach(async () => {
     vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
 
-    adminRole = await createRole({ key: 'admin' });
+    adminRole = await createRole({ name: 'Admin' });
     currentUser = await createUser({ roleId: adminRole.id });
 
     currentAppAuthClient = await createAppAuthClient({

packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.test.js

@@ -14,7 +14,7 @@ describe('GET /api/v1/admin/apps/:appKey/auth-clients', () => {
   beforeEach(async () => {
     vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
 
-    adminRole = await createRole({ key: 'admin' });
+    adminRole = await createRole({ name: 'Admin' });
     currentUser = await createUser({ roleId: adminRole.id });
 
     token = await createAuthTokenByUserId(currentUser.id);

packages/backend/src/controllers/api/v1/admin/apps/update-auth-client.ee.js

@@ -0,0 +1,22 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClient = await AppAuthClient.query()
+    .findById(request.params.appAuthClientId)
+    .throwIfNotFound();
+
+  await appAuthClient.$query().patchAndFetch(appAuthClientParams(request));
+
+  renderObject(response, appAuthClient);
+};
+
+const appAuthClientParams = (request) => {
+  const { active, name, formattedAuthDefaults } = request.body;
+
+  return {
+    active,
+    name,
+    formattedAuthDefaults,
+  };
+};

packages/backend/src/controllers/api/v1/admin/apps/update-auth-client.ee.test.js

@@ -0,0 +1,104 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import updateAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/update-auth-client.js';
+import { createAppConfig } from '../../../../../../test/factories/app-config.js';
+import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('PATCH /api/v1/admin/apps/:appKey/auth-clients', () => {
+  let currentUser, adminRole, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ name: 'Admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+
+    await createAppConfig({
+      key: 'gitlab',
+    });
+  });
+
+  it('should return updated entity for valid app auth client', async () => {
+    const appAuthClient = {
+      active: true,
+      appKey: 'gitlab',
+      formattedAuthDefaults: {
+        clientid: 'sample client ID',
+        clientSecret: 'sample client secret',
+        instanceUrl: 'https://gitlab.com',
+        oAuthRedirectUrl: 'http://localhost:3001/app/gitlab/connection/add',
+      },
+    };
+
+    const existingAppAuthClient = await createAppAuthClient({
+      appKey: 'gitlab',
+      name: 'First auth client',
+    });
+
+    const response = await request(app)
+      .patch(
+        `/api/v1/admin/apps/gitlab/auth-clients/${existingAppAuthClient.id}`
+      )
+      .set('Authorization', token)
+      .send(appAuthClient)
+      .expect(200);
+
+    const expectedPayload = updateAppAuthClientMock({
+      ...existingAppAuthClient,
+      ...appAuthClient,
+    });
+
+    expect(response.body).toMatchObject(expectedPayload);
+  });
+
+  it('should return not found response for not existing app auth client', async () => {
+    const notExistingAppAuthClientId = Crypto.randomUUID();
+
+    await request(app)
+      .patch(
+        `/api/v1/admin/apps/gitlab/auth-clients/${notExistingAppAuthClientId}`
+      )
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await request(app)
+      .patch('/api/v1/admin/apps/gitlab/auth-clients/invalidAuthClientUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+
+  it('should return HTTP 422 for invalid payload', async () => {
+    const appAuthClient = {
+      formattedAuthDefaults: 'invalid input',
+    };
+
+    const existingAppAuthClient = await createAppAuthClient({
+      appKey: 'gitlab',
+      name: 'First auth client',
+    });
+
+    const response = await request(app)
+      .patch(
+        `/api/v1/admin/apps/gitlab/auth-clients/${existingAppAuthClient.id}`
+      )
+      .set('Authorization', token)
+      .send(appAuthClient)
+      .expect(422);
+
+    expect(response.body.meta.type).toBe('ModelValidation');
+    expect(response.body.errors).toMatchObject({
+      formattedAuthDefaults: ['must be object'],
+    });
+  });
+});

packages/backend/src/controllers/api/v1/admin/apps/update-config.ee.js

@@ -0,0 +1,24 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppConfig from '../../../../../models/app-config.js';
+
+export default async (request, response) => {
+  const appConfig = await AppConfig.query()
+    .findOne({
+      key: request.params.appKey,
+    })
+    .throwIfNotFound();
+
+  await appConfig.$query().patchAndFetch(appConfigParams(request));
+
+  renderObject(response, appConfig);
+};
+
+const appConfigParams = (request) => {
+  const { allowCustomConnection, shared, disabled } = request.body;
+
+  return {
+    allowCustomConnection,
+    shared,
+    disabled,
+  };
+};

packages/backend/src/controllers/api/v1/admin/apps/update-config.ee.test.js

@@ -0,0 +1,91 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import createAppConfigMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/create-config.js';
+import { createAppConfig } from '../../../../../../test/factories/app-config.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('PATCH /api/v1/admin/apps/:appKey/config', () => {
+  let currentUser, adminRole, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ name: 'Admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return updated app config', async () => {
+    const appConfig = {
+      key: 'gitlab',
+      allowCustomConnection: true,
+      shared: true,
+      disabled: false,
+    };
+
+    await createAppConfig(appConfig);
+
+    const newAppConfigValues = {
+      shared: false,
+      disabled: true,
+      allowCustomConnection: false,
+    };
+
+    const response = await request(app)
+      .patch('/api/v1/admin/apps/gitlab/config')
+      .set('Authorization', token)
+      .send(newAppConfigValues)
+      .expect(200);
+
+    const expectedPayload = createAppConfigMock({
+      ...newAppConfigValues,
+      key: 'gitlab',
+    });
+
+    expect(response.body).toMatchObject(expectedPayload);
+  });
+
+  it('should return not found response for unexisting app config', async () => {
+    const appConfig = {
+      shared: false,
+      disabled: true,
+      allowCustomConnection: false,
+    };
+
+    await request(app)
+      .patch('/api/v1/admin/apps/gitlab/config')
+      .set('Authorization', token)
+      .send(appConfig)
+      .expect(404);
+  });
+
+  it('should return HTTP 422 for invalid app config data', async () => {
+    const appConfig = {
+      key: 'gitlab',
+      allowCustomConnection: true,
+      shared: true,
+      disabled: false,
+    };
+
+    await createAppConfig(appConfig);
+
+    const response = await request(app)
+      .patch('/api/v1/admin/apps/gitlab/config')
+      .set('Authorization', token)
+      .send({
+        disabled: 'invalid value type',
+      })
+      .expect(422);
+
+    expect(response.body.meta.type).toEqual('ModelValidation');
+    expect(response.body.errors).toMatchObject({
+      disabled: ['must be boolean'],
+    });
+  });
+});

packages/backend/src/controllers/api/v1/admin/config/update.ee.js

@@ -0,0 +1,28 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Config from '../../../../../models/config.js';
+
+export default async (request, response) => {
+  const config = await Config.query().updateFirstOrInsert(
+    configParams(request)
+  );
+
+  renderObject(response, config);
+};
+
+const configParams = (request) => {
+  const {
+    logoSvgData,
+    palettePrimaryDark,
+    palettePrimaryLight,
+    palettePrimaryMain,
+    title,
+  } = request.body;
+
+  return {
+    logoSvgData,
+    palettePrimaryDark,
+    palettePrimaryLight,
+    palettePrimaryMain,
+    title,
+  };
+};

packages/backend/src/controllers/api/v1/admin/config/update.ee.test.js

@@ -0,0 +1,88 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { updateConfig } from '../../../../../../test/factories/config.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('PATCH /api/v1/admin/config', () => {
+  let currentUser, adminRole, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ name: 'Admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return updated config', async () => {
+    const title = 'Test environment - Automatisch';
+    const palettePrimaryMain = '#00adef';
+    const palettePrimaryDark = '#222222';
+    const palettePrimaryLight = '#f90707';
+    const logoSvgData =
+      '<svg width="25" height="25" xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 100 100"><rect width="100%" height="100%" fill="white" /><text x="10" y="40" font-family="Arial" font-size="40" fill="black">A</text></svg>';
+
+    const appConfig = {
+      title,
+      palettePrimaryMain: palettePrimaryMain,
+      palettePrimaryDark: palettePrimaryDark,
+      palettePrimaryLight: palettePrimaryLight,
+      logoSvgData: logoSvgData,
+    };
+
+    await updateConfig(appConfig);
+
+    const newTitle = 'Updated title';
+
+    const newConfigValues = {
+      title: newTitle,
+    };
+
+    const response = await request(app)
+      .patch('/api/v1/admin/config')
+      .set('Authorization', token)
+      .send(newConfigValues)
+      .expect(200);
+
+    expect(response.body.data.title).toEqual(newTitle);
+    expect(response.body.meta.type).toEqual('Config');
+  });
+
+  it('should return created config for unexisting config', async () => {
+    const newTitle = 'Updated title';
+
+    const newConfigValues = {
+      title: newTitle,
+    };
+
+    const response = await request(app)
+      .patch('/api/v1/admin/config')
+      .set('Authorization', token)
+      .send(newConfigValues)
+      .expect(200);
+
+    expect(response.body.data.title).toEqual(newTitle);
+    expect(response.body.meta.type).toEqual('Config');
+  });
+
+  it('should return null for deleted config entry', async () => {
+    const newConfigValues = {
+      title: null,
+    };
+
+    const response = await request(app)
+      .patch('/api/v1/admin/config')
+      .set('Authorization', token)
+      .send(newConfigValues)
+      .expect(200);
+
+    expect(response.body.data.title).toBeNull();
+    expect(response.body.meta.type).toEqual('Config');
+  });
+});

packages/backend/src/controllers/api/v1/admin/permissions/get-permissions-catalog.ee.test.js

@@ -11,7 +11,7 @@ describe('GET /api/v1/admin/permissions/catalog', () => {
   let role, currentUser, token;
 
   beforeEach(async () => {
-    role = await createRole({ key: 'admin' });
+    role = await createRole({ name: 'Admin' });
     currentUser = await createUser({ roleId: role.id });
 
     token = await createAuthTokenByUserId(currentUser.id);

packages/backend/src/controllers/api/v1/admin/roles/create-role.ee.js

@@ -0,0 +1,22 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const roleData = roleParams(request);
+
+  const roleWithPermissions = await Role.query().insertGraphAndFetch(roleData, {
+    relate: ['permissions'],
+  });
+
+  renderObject(response, roleWithPermissions, { status: 201 });
+};
+
+const roleParams = (request) => {
+  const { name, description, permissions } = request.body;
+
+  return {
+    name,
+    description,
+    permissions,
+  };
+};

packages/backend/src/controllers/api/v1/admin/roles/create-role.ee.test.js

@@ -0,0 +1,109 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import Role from '../../../../../models/role.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import createRoleMock from '../../../../../../test/mocks/rest/api/v1/admin/roles/create-role.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('POST /api/v1/admin/roles', () => {
+  let role, currentUser, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    role = await createRole({ name: 'Admin' });
+    currentUser = await createUser({ roleId: role.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the created role along with permissions', async () => {
+    const roleData = {
+      name: 'Viewer',
+      description: '',
+      permissions: [
+        {
+          action: 'read',
+          subject: 'Flow',
+          conditions: ['isCreator'],
+        },
+      ],
+    };
+
+    const response = await request(app)
+      .post('/api/v1/admin/roles')
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(201);
+
+    const createdRole = await Role.query()
+      .withGraphFetched({ permissions: true })
+      .findOne({ name: 'Viewer' })
+      .throwIfNotFound();
+
+    const expectedPayload = await createRoleMock(
+      {
+        ...createdRole,
+        ...roleData,
+        isAdmin: createdRole.isAdmin,
+      },
+      [
+        {
+          ...createdRole.permissions[0],
+          ...roleData.permissions[0],
+        },
+      ]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return unprocessable entity response for invalid role data', async () => {
+    const roleData = {
+      description: '',
+      permissions: [],
+    };
+
+    const response = await request(app)
+      .post('/api/v1/admin/roles')
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(422);
+
+    expect(response.body).toStrictEqual({
+      errors: {
+        name: ["must have required property 'name'"],
+      },
+      meta: {
+        type: 'ModelValidation',
+      },
+    });
+  });
+
+  it('should return unprocessable entity response for duplicate role', async () => {
+    await createRole({ name: 'Viewer' });
+
+    const roleData = {
+      name: 'Viewer',
+      permissions: [],
+    };
+
+    const response = await request(app)
+      .post('/api/v1/admin/roles')
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(422);
+
+    expect(response.body).toStrictEqual({
+      errors: {
+        name: ["'name' must be unique."],
+      },
+      meta: {
+        type: 'UniqueViolationError',
+      },
+    });
+  });
+});

packages/backend/src/controllers/api/v1/admin/roles/delete-role.ee.js

@@ -0,0 +1,11 @@
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const role = await Role.query()
+    .findById(request.params.roleId)
+    .throwIfNotFound();
+
+  await role.deleteWithPermissions();
+
+  response.status(204).end();
+};

packages/backend/src/controllers/api/v1/admin/roles/delete-role.ee.test.js

@@ -0,0 +1,112 @@
+import Crypto from 'node:crypto';
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createPermission } from '../../../../../../test/factories/permission.js';
+import { createSamlAuthProvider } from '../../../../../../test/factories/saml-auth-provider.ee.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('DELETE /api/v1/admin/roles/:roleId', () => {
+  let adminRole, currentUser, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ name: 'Admin' });
+
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return HTTP 204 for unused role', async () => {
+    const role = await createRole();
+    const permission = await createPermission({ roleId: role.id });
+
+    await request(app)
+      .delete(`/api/v1/admin/roles/${role.id}`)
+      .set('Authorization', token)
+      .expect(204);
+
+    const refetchedRole = await role.$query();
+    const refetchedPermission = await permission.$query();
+
+    expect(refetchedRole).toBeUndefined();
+    expect(refetchedPermission).toBeUndefined();
+  });
+
+  it('should return HTTP 404 for not existing role UUID', async () => {
+    const notExistingRoleUUID = Crypto.randomUUID();
+
+    await request(app)
+      .delete(`/api/v1/admin/roles/${notExistingRoleUUID}`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return not authorized response for deleting admin role', async () => {
+    await request(app)
+      .delete(`/api/v1/admin/roles/${adminRole.id}`)
+      .set('Authorization', token)
+      .expect(403);
+  });
+
+  it('should return unprocessable entity response for role used by users', async () => {
+    const role = await createRole();
+    await createUser({ roleId: role.id });
+
+    const response = await request(app)
+      .delete(`/api/v1/admin/roles/${role.id}`)
+      .set('Authorization', token)
+      .expect(422);
+
+    expect(response.body).toStrictEqual({
+      errors: {
+        role: [`All users must be migrated away from the "${role.name}" role.`],
+      },
+      meta: {
+        type: 'ValidationError',
+      },
+    });
+  });
+
+  it('should return unprocessable entity response for role used by saml auth providers', async () => {
+    const samlAuthProvider = await createSamlAuthProvider();
+
+    const response = await request(app)
+      .delete(`/api/v1/admin/roles/${samlAuthProvider.defaultRoleId}`)
+      .set('Authorization', token)
+      .expect(422);
+
+    expect(response.body).toStrictEqual({
+      errors: {
+        samlAuthProvider: [
+          'You need to change the default role in the SAML configuration before deleting this role.',
+        ],
+      },
+      meta: {
+        type: 'ValidationError',
+      },
+    });
+  });
+
+  it('should not delete role and permissions on unsuccessful response', async () => {
+    const role = await createRole();
+    const permission = await createPermission({ roleId: role.id });
+    await createUser({ roleId: role.id });
+
+    await request(app)
+      .delete(`/api/v1/admin/roles/${role.id}`)
+      .set('Authorization', token)
+      .expect(422);
+
+    const refetchedRole = await role.$query();
+    const refetchedPermission = await permission.$query();
+
+    expect(refetchedRole).toStrictEqual(role);
+    expect(refetchedPermission).toStrictEqual(permission);
+  });
+});

packages/backend/src/controllers/api/v1/admin/roles/get-role.ee.test.js

@@ -13,7 +13,7 @@ describe('GET /api/v1/admin/roles/:roleId', () => {
   let role, currentUser, token, permissionOne, permissionTwo;
 
   beforeEach(async () => {
-    role = await createRole({ key: 'admin' });
+    role = await createRole({ name: 'Admin' });
     permissionOne = await createPermission({ roleId: role.id });
     permissionTwo = await createPermission({ roleId: role.id });
     currentUser = await createUser({ roleId: role.id });

packages/backend/src/controllers/api/v1/admin/roles/get-roles.ee.test.js

@@ -11,8 +11,8 @@ describe('GET /api/v1/admin/roles', () => {
   let roleOne, roleTwo, currentUser, token;
 
   beforeEach(async () => {
-    roleOne = await createRole({ key: 'admin' });
-    roleTwo = await createRole({ key: 'user' });
+    roleOne = await createRole({ name: 'Admin' });
+    roleTwo = await createRole({ name: 'User' });
     currentUser = await createUser({ roleId: roleOne.id });
 
     token = await createAuthTokenByUserId(currentUser.id);

packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.js

@@ -0,0 +1,24 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import Role from '../../../../../models/role.js';
+
+export default async (request, response) => {
+  const role = await Role.query()
+    .findById(request.params.roleId)
+    .throwIfNotFound();
+
+  const updatedRoleWithPermissions = await role.updateWithPermissions(
+    roleParams(request)
+  );
+
+  renderObject(response, updatedRoleWithPermissions);
+};
+
+const roleParams = (request) => {
+  const { name, description, permissions } = request.body;
+
+  return {
+    name,
+    description,
+    permissions,
+  };
+};

packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js

@@ -0,0 +1,177 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import { createPermission } from '../../../../../../test/factories/permission.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import updateRoleMock from '../../../../../../test/mocks/rest/api/v1/admin/roles/update-role.ee.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('PATCH /api/v1/admin/roles/:roleId', () => {
+  let adminRole, viewerRole, currentUser, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ name: 'Admin' });
+    viewerRole = await createRole({ name: 'Viewer' });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+    });
+
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = await createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the updated role along with permissions', async () => {
+    const roleData = {
+      name: 'Updated role name',
+      description: 'A new description',
+      permissions: [
+        {
+          action: 'read',
+          subject: 'Execution',
+          conditions: ['isCreator'],
+        },
+      ],
+    };
+
+    const response = await request(app)
+      .patch(`/api/v1/admin/roles/${viewerRole.id}`)
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(200);
+
+    const refetchedViewerRole = await viewerRole
+      .$query()
+      .withGraphFetched({ permissions: true });
+
+    const expectedPayload = await updateRoleMock(
+      {
+        ...refetchedViewerRole,
+        ...roleData,
+        isAdmin: false,
+      },
+      [
+        {
+          ...refetchedViewerRole.permissions[0],
+          ...roleData.permissions[0],
+        },
+      ]
+    );
+
+    expect(response.body).toStrictEqual(expectedPayload);
+  });
+
+  it('should return the updated role with sanitized permissions', async () => {
+    const validPermission = {
+      action: 'create',
+      subject: 'Connection',
+      conditions: ['isCreator'],
+    };
+
+    const invalidPermission = {
+      action: 'publish',
+      subject: 'Connection',
+      conditions: ['isCreator'],
+    };
+
+    const roleData = {
+      permissions: [validPermission, invalidPermission],
+    };
+
+    const response = await request(app)
+      .patch(`/api/v1/admin/roles/${viewerRole.id}`)
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(200);
+
+    const refetchedViewerRole = await viewerRole.$query().withGraphFetched({
+      permissions: true,
+    });
+
+    const expectedPayload = updateRoleMock(refetchedViewerRole, [
+      {
+        ...refetchedViewerRole.permissions[0],
+        ...validPermission,
+      },
+    ]);
+
+    expect(response.body).toStrictEqual(expectedPayload);
+  });
+
+  it('should return not authorized response for updating admin role', async () => {
+    const roleData = {
+      name: 'Updated role name',
+      description: 'A new description',
+      permissions: [
+        {
+          action: 'read',
+          subject: 'Execution',
+          conditions: ['isCreator'],
+        },
+      ],
+    };
+
+    await request(app)
+      .patch(`/api/v1/admin/roles/${adminRole.id}`)
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(403);
+  });
+
+  it('should return unprocessable entity response for invalid role data', async () => {
+    const roleData = {
+      description: 123,
+      permissions: [],
+    };
+
+    const response = await request(app)
+      .patch(`/api/v1/admin/roles/${viewerRole.id}`)
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(422);
+
+    expect(response.body).toStrictEqual({
+      errors: {
+        description: ['must be string,null'],
+      },
+      meta: {
+        type: 'ModelValidation',
+      },
+    });
+  });
+
+  it('should return unique violation response for duplicate role data', async () => {
+    await createRole({ name: 'Editor' });
+
+    const roleData = {
+      name: 'Editor',
+      permissions: [],
+    };
+
+    const response = await request(app)
+      .patch(`/api/v1/admin/roles/${viewerRole.id}`)
+      .set('Authorization', token)
+      .send(roleData)
+      .expect(422);
+
+    expect(response.body).toStrictEqual({
+      errors: {
+        name: ["'name' must be unique."],
+      },
+      meta: {
+        type: 'UniqueViolationError',
+      },
+    });
+  });
+});