feat(firebase): add firebase integration

fix: expose missing createdAt and updatedAt fields from flow

.github/workflows/docs-change.yml

@@ -13,8 +13,6 @@ jobs:
         uses: actions/github-script@v6
         with:
           script: |
-            const github = require('@actions/github');
-            const { context } = github;
             const { pull_request } = context.payload;
 
             const label = 'documentation-change';

packages/backend/src/apps/firebase/auth/generate-auth-url.js

@@ -0,0 +1,23 @@
+import { URLSearchParams } from 'url';
+import authScope from '../common/auth-scope.js';
+
+export default async function generateAuthUrl($) {
+  const oauthRedirectUrlField = $.app.auth.fields.find(
+    (field) => field.key == 'oAuthRedirectUrl'
+  );
+  const redirectUri = oauthRedirectUrlField.value;
+  const searchParams = new URLSearchParams({
+    client_id: $.auth.data.clientId,
+    redirect_uri: redirectUri,
+    prompt: 'select_account',
+    scope: authScope.join(' '),
+    response_type: 'code',
+    access_type: 'offline',
+  });
+
+  const url = `https://accounts.google.com/o/oauth2/v2/auth?${searchParams.toString()}`;
+
+  await $.auth.set({
+    url,
+  });
+}

packages/backend/src/apps/firebase/auth/index.js

@@ -0,0 +1,71 @@
+import generateAuthUrl from './generate-auth-url.js';
+import verifyCredentials from './verify-credentials.js';
+import refreshToken from './refresh-token.js';
+import isStillVerified from './is-still-verified.js';
+
+export default {
+  fields: [
+    {
+      key: 'oAuthRedirectUrl',
+      label: 'OAuth Redirect URL',
+      type: 'string',
+      required: true,
+      readOnly: true,
+      value: '{WEB_APP_URL}/app/firebase/connections/add',
+      placeholder: null,
+      description:
+        'When asked to input a redirect URL in Google Cloud, enter the URL above.',
+      clickToCopy: true,
+    },
+    {
+      key: 'clientId',
+      label: 'Client ID',
+      type: 'string',
+      required: true,
+      readOnly: false,
+      value: null,
+      placeholder: null,
+      description: null,
+      clickToCopy: false,
+    },
+    {
+      key: 'clientSecret',
+      label: 'Client Secret',
+      type: 'string',
+      required: true,
+      readOnly: false,
+      value: null,
+      placeholder: null,
+      description: null,
+      clickToCopy: false,
+    },
+    {
+      key: 'projectId',
+      label: 'Project ID',
+      type: 'string',
+      required: true,
+      readOnly: false,
+      value: null,
+      placeholder: null,
+      description: 'The project id of your Firebase project',
+      clickToCopy: false,
+    },
+    {
+      key: 'realtimeDatabaseId',
+      label: 'Realtime Database Domain',
+      type: 'string',
+      required: false,
+      readOnly: false,
+      value: null,
+      placeholder: null,
+      description:
+        'If you want to use Realtime Database, please provide the domain of your Realtime Database (https://{{domain}}.firebaseio.com)',
+      clickToCopy: false,
+    },
+  ],
+
+  generateAuthUrl,
+  verifyCredentials,
+  isStillVerified,
+  refreshToken,
+};

packages/backend/src/apps/firebase/auth/is-still-verified.js

@@ -0,0 +1,8 @@
+import getCurrentUser from '../common/get-current-user.js';
+
+const isStillVerified = async ($) => {
+  const currentUser = await getCurrentUser($);
+  return !!currentUser.resourceName;
+};
+
+export default isStillVerified;

packages/backend/src/apps/firebase/auth/refresh-token.js

@@ -0,0 +1,31 @@
+import { URLSearchParams } from 'node:url';
+
+import authScope from '../common/auth-scope.js';
+
+const refreshToken = async ($) => {
+  const params = new URLSearchParams({
+    client_id: $.auth.data.clientId,
+    client_secret: $.auth.data.clientSecret,
+    grant_type: 'refresh_token',
+    refresh_token: $.auth.data.refreshToken,
+  });
+
+  const { data } = await $.http.post(
+    'https://oauth2.googleapis.com/token',
+    params.toString(),
+    {
+      additionalProperties: {
+        skipAddingAuthHeader: true,
+      },
+    }
+  );
+
+  await $.auth.set({
+    accessToken: data.access_token,
+    expiresIn: data.expires_in,
+    scope: authScope.join(' '),
+    tokenType: data.token_type,
+  });
+};
+
+export default refreshToken;

packages/backend/src/apps/firebase/auth/verify-credentials.js

@@ -0,0 +1,50 @@
+import getCurrentUser from '../common/get-current-user.js';
+
+const verifyCredentials = async ($) => {
+  const oauthRedirectUrlField = $.app.auth.fields.find(
+    (field) => field.key == 'oAuthRedirectUrl'
+  );
+  const redirectUri = oauthRedirectUrlField.value;
+  const { data } = await $.http.post(
+    `https://oauth2.googleapis.com/token`,
+    {
+      client_id: $.auth.data.clientId,
+      client_secret: $.auth.data.clientSecret,
+      code: $.auth.data.code,
+      grant_type: 'authorization_code',
+      redirect_uri: redirectUri,
+    },
+    {
+      additionalProperties: {
+        skipAddingAuthHeader: true,
+      },
+    }
+  );
+
+  await $.auth.set({
+    accessToken: data.access_token,
+    tokenType: data.token_type,
+  });
+
+  const currentUser = await getCurrentUser($);
+
+  const { displayName } = currentUser.names.find(
+    (name) => name.metadata.primary
+  );
+  const { value: email } = currentUser.emailAddresses.find(
+    (emailAddress) => emailAddress.metadata.primary
+  );
+
+  await $.auth.set({
+    clientId: $.auth.data.clientId,
+    clientSecret: $.auth.data.clientSecret,
+    scope: $.auth.data.scope,
+    idToken: data.id_token,
+    expiresIn: data.expires_in,
+    refreshToken: data.refresh_token,
+    resourceName: currentUser.resourceName,
+    screenName: `${displayName} - ${email}`,
+  });
+};
+
+export default verifyCredentials;

packages/backend/src/apps/firebase/common/add-auth-header.js

@@ -0,0 +1,9 @@
+const addAuthHeader = ($, requestConfig) => {
+  if ($.auth.data?.accessToken) {
+    requestConfig.headers.Authorization = `${$.auth.data.tokenType} ${$.auth.data.accessToken}`;
+  }
+
+  return requestConfig;
+};
+
+export default addAuthHeader;

packages/backend/src/apps/firebase/common/auth-scope.js

@@ -0,0 +1,9 @@
+const authScope = [
+  'https://www.googleapis.com/auth/datastore',
+  'https://www.googleapis.com/auth/firebase.database',
+  'https://www.googleapis.com/auth/datastore',
+  'https://www.googleapis.com/auth/userinfo.email',
+  'https://www.googleapis.com/auth/userinfo.profile',
+];
+
+export default authScope;

packages/backend/src/apps/firebase/common/get-current-user.js

@@ -0,0 +1,13 @@
+const getCurrentUser = async ($) => {
+  const { data: currentUser } = await $.http.get(
+    'https://people.googleapis.com/v1/people/me?personFields=names,emailAddresses',
+    {
+      additionalProperties: {
+        skipAddingAuthHeader: true,
+      },
+    }
+  );
+  return currentUser;
+};
+
+export default getCurrentUser;

packages/backend/src/apps/firebase/common/set-base-url.js

@@ -0,0 +1,16 @@
+const setBaseUrl = ($, requestConfig) => {
+  const realtimeDatabaseId = $.auth.data.realtimeDatabaseId;
+
+  if (requestConfig.additionalProperties?.skipAddingAuthHeader)
+    return requestConfig;
+
+  if (requestConfig.additionalProperties?.setFirestoreBaseUrl) {
+    requestConfig.baseURL = 'https://firestore.googleapis.com';
+  } else {
+    requestConfig.baseURL = `https://${realtimeDatabaseId}.firebaseio.com`;
+  }
+
+  return requestConfig;
+};
+
+export default setBaseUrl;

packages/backend/src/apps/firebase/index.js

@@ -0,0 +1,17 @@
+import defineApp from '../../helpers/define-app.js';
+import addAuthHeader from './common/add-auth-header.js';
+import auth from './auth/index.js';
+import setBaseUrl from './common/set-base-url.js';
+
+export default defineApp({
+  name: 'Firebase',
+  key: 'firebase',
+  baseUrl: 'https://firebase.google.com',
+  apiBaseUrl: '',
+  iconUrl: '{BASE_URL}/apps/firebase/assets/favicon.svg',
+  authDocUrl: 'https://automatisch.io/docs/apps/firebase/connection',
+  primaryColor: 'FFA000',
+  supportsConnections: true,
+  beforeRequest: [setBaseUrl, addAuthHeader],
+  auth,
+});

packages/backend/src/apps/http-request/actions/custom-request/index.js

@@ -90,7 +90,7 @@ export default defineAction({
 
   async run($) {
     const method = $.step.parameters.method;
-    const data = $.step.parameters.data;
+    const data = $.step.parameters.data || null;
     const url = $.step.parameters.url;
     const headers = $.step.parameters.headers;
 
@@ -108,14 +108,17 @@ export default defineAction({
       return result;
     }, {});
 
-    let contentType = headersObject['content-type'];
+    let expectedResponseContentType = headersObject.accept;
 
     // in case HEAD request is not supported by the URL
     try {
       const metadataResponse = await $.http.head(url, {
         headers: headersObject,
       });
-      contentType = metadataResponse.headers['content-type'];
+
+      if (!expectedResponseContentType) {
+        expectedResponseContentType = metadataResponse.headers['content-type'];
+      }
 
       throwIfFileSizeExceedsLimit(metadataResponse.headers['content-length']);
       // eslint-disable-next-line no-empty
@@ -128,7 +131,7 @@ export default defineAction({
       headers: headersObject,
     };
 
-    if (!isPossiblyTextBased(contentType)) {
+    if (!isPossiblyTextBased(expectedResponseContentType)) {
       requestData.responseType = 'arraybuffer';
     }
 
@@ -138,7 +141,7 @@ export default defineAction({
 
     let responseData = response.data;
 
-    if (!isPossiblyTextBased(contentType)) {
+    if (!isPossiblyTextBased(expectedResponseContentType)) {
       responseData = Buffer.from(responseData).toString('base64');
     }
 

packages/backend/src/apps/pipedrive/actions/create-deal/index.js

@@ -64,32 +64,17 @@ export default defineAction({
       value: '1',
       description:
         'The ID of the stage this deal will be added to. If omitted, the deal will be placed in the first stage of the default pipeline.',
-      options: [
+      variables: true,
-        {
+      source: {
-          label: 'Qualified (Pipeline)',
+        type: 'query',
-          value: 1,
+        name: 'getDynamicData',
-        },
+        arguments: [
-        {
+          {
-          label: 'Contact Made (Pipeline)',
+            name: 'key',
-          value: 2,
+            value: 'listStages',
-        },
+          },
-        {
+        ],
-          label: 'Prospect Qualified (Pipeline)',
+      },
-          value: 3,
-        },
-        {
-          label: 'Needs Defined (Pipeline)',
-          value: 4,
-        },
-        {
-          label: 'Proposal Made (Pipeline)',
-          value: 5,
-        },
-        {
-          label: 'Negotiations Started (Pipeline)',
-          value: 6,
-        },
-      ],
     },
     {
       label: 'Owner',

packages/backend/src/apps/pipedrive/dynamic-data/index.js

@@ -1,23 +1,25 @@
 import listActivityTypes from './list-activity-types/index.js';
 import listCurrencies from './list-currencies/index.js';
 import listDeals from './list-deals/index.js';
-import listLeads from './list-leads/index.js';
 import listLeadLabels from './list-lead-labels/index.js';
-import listOrganizations from './list-organizations/index.js';
+import listLeads from './list-leads/index.js';
 import listOrganizationLabelField from './list-organization-label-field/index.js';
+import listOrganizations from './list-organizations/index.js';
 import listPersonLabelField from './list-person-label-field/index.js';
 import listPersons from './list-persons/index.js';
+import listStages from './list-stages/index.js';
 import listUsers from './list-users/index.js';
 
 export default [
   listActivityTypes,
   listCurrencies,
   listDeals,
-  listLeads,
   listLeadLabels,
-  listOrganizations,
+  listLeads,
   listOrganizationLabelField,
+  listOrganizations,
   listPersonLabelField,
   listPersons,
+  listStages,
   listUsers,
 ];

packages/backend/src/apps/pipedrive/dynamic-data/list-stages/index.js

@@ -0,0 +1,23 @@
+export default {
+  name: 'List stages',
+  key: 'listStages',
+
+  async run($) {
+    const stages = {
+      data: [],
+    };
+
+    const { data } = await $.http.get('/api/v1/stages');
+
+    if (data.data?.length) {
+      for (const stage of data.data) {
+        stages.data.push({
+          value: stage.id,
+          name: stage.name,
+        });
+      }
+    }
+
+    return stages;
+  },
+};

packages/backend/src/apps/webhook/actions/respond-with/index.js

@@ -14,24 +14,55 @@ export default defineAction({
       value: '200',
     },
     {
-      label: 'JSON body',
+      label: 'Headers',
-      key: 'stringifiedJsonBody',
+      key: 'headers',
+      type: 'dynamic',
+      required: false,
+      description: 'Add or remove headers as needed',
+      fields: [
+        {
+          label: 'Key',
+          key: 'key',
+          type: 'string',
+          required: true,
+          description: 'Header key',
+          variables: true,
+        },
+        {
+          label: 'Value',
+          key: 'value',
+          type: 'string',
+          required: true,
+          description: 'Header value',
+          variables: true,
+        },
+      ],
+    },
+    {
+      label: 'Body',
+      key: 'body',
       type: 'string',
       required: true,
-      description: 'The content of the JSON body. It must be a valid JSON.',
+      description: 'The content of the response body.',
       variables: true,
     },
   ],
 
   async run($) {
-    const parsedStatusCode = parseInt($.step.parameters.statusCode, 10);
+    const statusCode = parseInt($.step.parameters.statusCode, 10);
-    const stringifiedJsonBody = $.step.parameters.stringifiedJsonBody;
+    const body = $.step.parameters.body;
-    const parsedJsonBody = JSON.parse(stringifiedJsonBody);
+    const headers = $.step.parameters.headers.reduce((result, entry) => {
+      return {
+        ...result,
+        [entry.key]: entry.value,
+      };
+    }, {});
 
     $.setActionItem({
       raw: {
-        body: parsedJsonBody,
+        headers,
-        statusCode: parsedStatusCode,
+        body,
+        statusCode,
       },
     });
   },

packages/backend/src/controllers/api/v1/access-tokens/create-access-token.js

@@ -0,0 +1,13 @@
+import User from '../../../../models/user.js';
+import { renderObject, renderError } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const { email, password } = request.body;
+  const token = await User.authenticate(email, password);
+
+  if (token) {
+    return renderObject(response, { token });
+  }
+
+  renderError(response, [{ general: ['Incorrect email or password.'] }]);
+};

packages/backend/src/controllers/api/v1/access-tokens/create-access-token.test.js

@@ -0,0 +1,39 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import { createUser } from '../../../../../test/factories/user';
+
+describe('POST /api/v1/access-tokens', () => {
+  beforeEach(async () => {
+    await createUser({
+      email: 'user@automatisch.io',
+      password: 'password',
+    });
+  });
+
+  it('should return the token data with correct credentials', async () => {
+    const response = await request(app)
+      .post('/api/v1/access-tokens')
+      .send({
+        email: 'user@automatisch.io',
+        password: 'password',
+      })
+      .expect(200);
+
+    expect(response.body.data.token.length).toBeGreaterThan(0);
+  });
+
+  it('should return error with incorrect credentials', async () => {
+    const response = await request(app)
+      .post('/api/v1/access-tokens')
+      .send({
+        email: 'incorrect@email.com',
+        password: 'incorrectpassword',
+      })
+      .expect(422);
+
+    expect(response.body.errors.general).toEqual([
+      'Incorrect email or password.',
+    ]);
+  });
+});

packages/backend/src/controllers/api/v1/admin/app-auth-clients/get-app-auth-client.test.js

@@ -1,52 +0,0 @@
-import { vi, describe, it, expect, beforeEach } from 'vitest';
-import request from 'supertest';
-import Crypto from 'crypto';
-import app from '../../../../../app.js';
-import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
-import { createUser } from '../../../../../../test/factories/user.js';
-import getAdminAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
-import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
-import { createRole } from '../../../../../../test/factories/role.js';
-import * as license from '../../../../../helpers/license.ee.js';
-
-describe('GET /api/v1/admin/app-auth-clients/:appAuthClientId', () => {
-  let currentUser, currentUserRole, currentAppAuthClient, token;
-
-  describe('with valid license key', () => {
-    beforeEach(async () => {
-      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
-
-      currentUserRole = await createRole({ key: 'admin' });
-      currentUser = await createUser({ roleId: currentUserRole.id });
-      currentAppAuthClient = await createAppAuthClient();
-
-      token = createAuthTokenByUserId(currentUser.id);
-    });
-
-    it('should return specified app auth client info', async () => {
-      const response = await request(app)
-        .get(`/api/v1/admin/app-auth-clients/${currentAppAuthClient.id}`)
-        .set('Authorization', token)
-        .expect(200);
-
-      const expectedPayload = getAdminAppAuthClientMock(currentAppAuthClient);
-      expect(response.body).toEqual(expectedPayload);
-    });
-
-    it('should return not found response for not existing app auth client UUID', async () => {
-      const notExistingAppAuthClientUUID = Crypto.randomUUID();
-
-      await request(app)
-        .get(`/api/v1/admin/app-auth-clients/${notExistingAppAuthClientUUID}`)
-        .set('Authorization', token)
-        .expect(404);
-    });
-
-    it('should return bad request response for invalid UUID', async () => {
-      await request(app)
-        .get('/api/v1/admin/app-auth-clients/invalidAppAuthClientUUID')
-        .set('Authorization', token)
-        .expect(400);
-    });
-  });
-});

packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.js

@@ -4,6 +4,7 @@ import AppAuthClient from '../../../../../models/app-auth-client.js';
 export default async (request, response) => {
   const appAuthClient = await AppAuthClient.query()
     .findById(request.params.appAuthClientId)
+    .where({ app_key: request.params.appKey })
     .throwIfNotFound();
 
   renderObject(response, appAuthClient);

packages/backend/src/controllers/api/v1/admin/apps/get-auth-client.ee.test.js

@@ -0,0 +1,55 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import getAppAuthClientMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/get-auth-client.js';
+import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/apps/:appKey/auth-clients/:appAuthClientId', () => {
+  let currentUser, adminRole, currentAppAuthClient, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    currentAppAuthClient = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client', async () => {
+    const response = await request(app)
+      .get(`/api/v1/admin/apps/deepl/auth-clients/${currentAppAuthClient.id}`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppAuthClientMock(currentAppAuthClient);
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing app auth client ID', async () => {
+    const notExistingAppAuthClientUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(
+        `/api/v1/admin/apps/deepl/auth-clients/${notExistingAppAuthClientUUID}`
+      )
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await request(app)
+      .get('/api/v1/admin/apps/deepl/auth-clients/invalidAppAuthClientUUID')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.js

@@ -0,0 +1,10 @@
+import { renderObject } from '../../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClients = await AppAuthClient.query()
+    .where({ app_key: request.params.appKey })
+    .orderBy('created_at', 'desc');
+
+  renderObject(response, appAuthClients);
+};

packages/backend/src/controllers/api/v1/admin/apps/get-auth-clients.ee.test.js

@@ -0,0 +1,44 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../../app.js';
+import createAuthTokenByUserId from '../../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../../test/factories/user.js';
+import { createRole } from '../../../../../../test/factories/role.js';
+import getAuthClientsMock from '../../../../../../test/mocks/rest/api/v1/admin/apps/get-auth-clients.js';
+import { createAppAuthClient } from '../../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/admin/apps/:appKey/auth-clients', () => {
+  let currentUser, adminRole, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    adminRole = await createRole({ key: 'admin' });
+    currentUser = await createUser({ roleId: adminRole.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client info', async () => {
+    const appAuthClientOne = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const appAuthClientTwo = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const response = await request(app)
+      .get('/api/v1/admin/apps/deepl/auth-clients')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAuthClientsMock([
+      appAuthClientTwo,
+      appAuthClientOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-auth-client.ee.js

@@ -4,7 +4,7 @@ import AppAuthClient from '../../../../models/app-auth-client.js';
 export default async (request, response) => {
   const appAuthClient = await AppAuthClient.query()
     .findById(request.params.appAuthClientId)
-    .where({ active: true })
+    .where({ app_key: request.params.appKey, active: true })
     .throwIfNotFound();
 
   renderObject(response, appAuthClient);

packages/backend/src/controllers/api/v1/apps/get-auth-client.ee.test.js

@@ -4,25 +4,27 @@ import Crypto from 'crypto';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
-import getAppAuthClientMock from '../../../../../test/mocks/rest/api/v1/admin/get-app-auth-client.js';
+import getAppAuthClientMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth-client.js';
 import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
 import * as license from '../../../../helpers/license.ee.js';
 
-describe('GET /api/v1/app-auth-clients/:id', () => {
+describe('GET /api/v1/apps/:appKey/auth-clients/:appAuthClientId', () => {
   let currentUser, currentAppAuthClient, token;
 
   beforeEach(async () => {
     vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
 
     currentUser = await createUser();
-    currentAppAuthClient = await createAppAuthClient();
+    currentAppAuthClient = await createAppAuthClient({
+      appKey: 'deepl',
+    });
 
     token = createAuthTokenByUserId(currentUser.id);
   });
 
-  it('should return specified app auth client info', async () => {
+  it('should return specified app auth client', async () => {
     const response = await request(app)
-      .get(`/api/v1/app-auth-clients/${currentAppAuthClient.id}`)
+      .get(`/api/v1/apps/deepl/auth-clients/${currentAppAuthClient.id}`)
       .set('Authorization', token)
       .expect(200);
 
@@ -34,14 +36,14 @@ describe('GET /api/v1/app-auth-clients/:id', () => {
     const notExistingAppAuthClientUUID = Crypto.randomUUID();
 
     await request(app)
-      .get(`/api/v1/app-auth-clients/${notExistingAppAuthClientUUID}`)
+      .get(`/api/v1/apps/deepl/auth-clients/${notExistingAppAuthClientUUID}`)
       .set('Authorization', token)
       .expect(404);
   });
 
   it('should return bad request response for invalid UUID', async () => {
     await request(app)
-      .get('/api/v1/app-auth-clients/invalidAppAuthClientUUID')
+      .get('/api/v1/apps/deepl/auth-clients/invalidAppAuthClientUUID')
       .set('Authorization', token)
       .expect(400);
   });

packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.js

@@ -0,0 +1,10 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import AppAuthClient from '../../../../models/app-auth-client.js';
+
+export default async (request, response) => {
+  const appAuthClients = await AppAuthClient.query()
+    .where({ app_key: request.params.appKey, active: true })
+    .orderBy('created_at', 'desc');
+
+  renderObject(response, appAuthClients);
+};

packages/backend/src/controllers/api/v1/apps/get-auth-clients.ee.test.js

@@ -0,0 +1,42 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import getAuthClientsMock from '../../../../../test/mocks/rest/api/v1/apps/get-auth-clients.js';
+import { createAppAuthClient } from '../../../../../test/factories/app-auth-client.js';
+import * as license from '../../../../helpers/license.ee.js';
+
+describe('GET /api/v1/apps/:appKey/auth-clients', () => {
+  let currentUser, token;
+
+  beforeEach(async () => {
+    vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
+
+    currentUser = await createUser();
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return specified app auth client info', async () => {
+    const appAuthClientOne = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const appAuthClientTwo = await createAppAuthClient({
+      appKey: 'deepl',
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/deepl/auth-clients')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAuthClientsMock([
+      appAuthClientTwo,
+      appAuthClientOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+});

packages/backend/src/controllers/api/v1/apps/get-config.ee.js

@@ -3,6 +3,9 @@ import AppConfig from '../../../../models/app-config.js';
 
 export default async (request, response) => {
   const appConfig = await AppConfig.query()
+    .withGraphFetched({
+      appAuthClients: true,
+    })
     .findOne({
       key: request.params.appKey,
     })

packages/backend/src/controllers/api/v1/apps/get-config.ee.test.js

@@ -3,11 +3,11 @@ import request from 'supertest';
 import app from '../../../../app.js';
 import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
 import { createUser } from '../../../../../test/factories/user.js';
-import getAppConfigMock from '../../../../../test/mocks/rest/api/v1/app-configs/get-app-config.js';
+import getAppConfigMock from '../../../../../test/mocks/rest/api/v1/apps/get-config.js';
 import { createAppConfig } from '../../../../../test/factories/app-config.js';
 import * as license from '../../../../helpers/license.ee.js';
 
-describe('GET /api/v1/app-configs/:appKey', () => {
+describe('GET /api/v1/apps/:appKey/config', () => {
   let currentUser, appConfig, token;
 
   beforeEach(async () => {
@@ -27,7 +27,7 @@ describe('GET /api/v1/app-configs/:appKey', () => {
 
   it('should return specified app config info', async () => {
     const response = await request(app)
-      .get(`/api/v1/app-configs/${appConfig.key}`)
+      .get(`/api/v1/apps/${appConfig.key}/config`)
       .set('Authorization', token)
       .expect(200);
 
@@ -37,7 +37,7 @@ describe('GET /api/v1/app-configs/:appKey', () => {
 
   it('should return not found response for not existing app key', async () => {
     await request(app)
-      .get('/api/v1/app-configs/not-existing-app-key')
+      .get('/api/v1/apps/not-existing-app-key/config')
       .set('Authorization', token)
       .expect(404);
   });

packages/backend/src/controllers/api/v1/apps/get-connections.js

@@ -0,0 +1,24 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+import App from '../../../../models/app.js';
+
+export default async (request, response) => {
+  const app = await App.findOneByKey(request.params.appKey);
+
+  const connections = await request.currentUser.authorizedConnections
+    .clone()
+    .select('connections.*')
+    .withGraphFetched({
+      appConfig: true,
+      appAuthClient: true,
+    })
+    .fullOuterJoinRelated('steps')
+    .where({
+      'connections.key': app.key,
+      'connections.draft': false,
+    })
+    .countDistinct('steps.flow_id as flowCount')
+    .groupBy('connections.id')
+    .orderBy('created_at', 'desc');
+
+  renderObject(response, connections);
+};

packages/backend/src/controllers/api/v1/apps/get-connections.test.js

@@ -0,0 +1,101 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createConnection } from '../../../../../test/factories/connection.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+import getConnectionsMock from '../../../../../test/mocks/rest/api/v1/apps/get-connections.js';
+
+describe('GET /api/v1/apps/:appKey/connections', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the connections data of specified app for current user', async () => {
+    const currentUserConnectionOne = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    const currentUserConnectionTwo = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/deepl/connections')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getConnectionsMock([
+      currentUserConnectionTwo,
+      currentUserConnectionOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the connections data of specified app for another user', async () => {
+    const anotherUser = await createUser();
+
+    const anotherUserConnectionOne = await createConnection({
+      userId: anotherUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    const anotherUserConnectionTwo = await createConnection({
+      userId: anotherUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get('/api/v1/apps/deepl/connections')
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getConnectionsMock([
+      anotherUserConnectionTwo,
+      anotherUserConnectionOne,
+    ]);
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for invalid connection UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .get('/api/v1/connections/invalid-connection-id/connections')
+      .set('Authorization', token)
+      .expect(404);
+  });
+});

packages/backend/src/controllers/api/v1/connections/create-test.js

@@ -0,0 +1,14 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  let connection = await request.currentUser.authorizedConnections
+    .clone()
+    .findOne({
+      id: request.params.connectionId,
+    })
+    .throwIfNotFound();
+
+  connection = await connection.testAndUpdateConnection();
+
+  renderObject(response, connection);
+};

packages/backend/src/controllers/api/v1/connections/create-test.test.js

@@ -0,0 +1,123 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id.js';
+import { createUser } from '../../../../../test/factories/user.js';
+import { createConnection } from '../../../../../test/factories/connection.js';
+import { createPermission } from '../../../../../test/factories/permission.js';
+
+describe('POST /api/v1/connections/:connectionId/test', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should update the connection as not verified for current user', async () => {
+    const currentUserConnection = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      verified: true,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .post(`/api/v1/connections/${currentUserConnection.id}/test`)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data.verified).toEqual(false);
+  });
+
+  it('should update the connection as not verified for another user', async () => {
+    const anotherUser = await createUser();
+
+    const anotherUserConnection = await createConnection({
+      userId: anotherUser.id,
+      key: 'deepl',
+      verified: true,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .post(`/api/v1/connections/${anotherUserConnection.id}/test`)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data.verified).toEqual(false);
+  });
+
+  it('should return not found response for not existing connection UUID', async () => {
+    const notExistingConnectionUUID = Crypto.randomUUID();
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .post(`/api/v1/connections/${notExistingConnectionUUID}/test`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await request(app)
+      .post('/api/v1/connections/invalidConnectionUUID/test')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/executions/get-executions.test.js

@@ -42,9 +42,12 @@ describe('GET /api/v1/executions', () => {
 
     const currentUserExecutionTwo = await createExecution({
       flowId: currentUserFlow.id,
-      deletedAt: new Date().toISOString(),
     });
 
+    await currentUserExecutionTwo
+      .$query()
+      .patchAndFetch({ deletedAt: new Date().toISOString() });
+
     await createPermission({
       action: 'read',
       subject: 'Execution',
@@ -87,9 +90,12 @@ describe('GET /api/v1/executions', () => {
 
     const anotherUserExecutionTwo = await createExecution({
       flowId: anotherUserFlow.id,
-      deletedAt: new Date().toISOString(),
     });
 
+    await anotherUserExecutionTwo
+      .$query()
+      .patchAndFetch({ deletedAt: new Date().toISOString() });
+
     await createPermission({
       action: 'read',
       subject: 'Execution',

packages/backend/src/controllers/api/v1/steps/create-dynamic-data.js

@@ -0,0 +1,18 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const step = await request.currentUser.authorizedSteps
+    .clone()
+    .where('steps.id', request.params.stepId)
+    .whereNotNull('steps.app_key')
+    .whereNotNull('steps.connection_id')
+    .first()
+    .throwIfNotFound();
+
+  const dynamicData = await step.createDynamicData(
+    request.body.dynamicDataKey,
+    request.body.parameters
+  );
+
+  renderObject(response, dynamicData);
+};

packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js

@@ -0,0 +1,244 @@
+import { vi, describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createConnection } from '../../../../../test/factories/connection';
+import { createFlow } from '../../../../../test/factories/flow';
+import { createStep } from '../../../../../test/factories/step';
+import { createPermission } from '../../../../../test/factories/permission';
+import listRepos from '../../../../apps/github/dynamic-data/list-repos/index.js';
+import HttpError from '../../../../errors/http.js';
+
+describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  describe('should return dynamically created data', () => {
+    let repositories;
+
+    beforeEach(async () => {
+      repositories = [
+        {
+          value: 'automatisch/automatisch',
+          name: 'automatisch/automatisch',
+        },
+        {
+          value: 'automatisch/sample',
+          name: 'automatisch/sample',
+        },
+      ];
+
+      vi.spyOn(listRepos, 'run').mockImplementation(async () => {
+        return {
+          data: repositories,
+        };
+      });
+    });
+
+    it('of the current users step', async () => {
+      const currentUserFlow = await createFlow({ userId: currentUser.id });
+      const connection = await createConnection({ userId: currentUser.id });
+
+      const actionStep = await createStep({
+        flowId: currentUserFlow.id,
+        connectionId: connection.id,
+        type: 'action',
+        appKey: 'github',
+        key: 'createIssue',
+      });
+
+      await createPermission({
+        action: 'read',
+        subject: 'Flow',
+        roleId: currentUserRole.id,
+        conditions: ['isCreator'],
+      });
+
+      await createPermission({
+        action: 'update',
+        subject: 'Flow',
+        roleId: currentUserRole.id,
+        conditions: ['isCreator'],
+      });
+
+      const response = await request(app)
+        .post(`/api/v1/steps/${actionStep.id}/dynamic-data`)
+        .set('Authorization', token)
+        .send({
+          dynamicDataKey: 'listRepos',
+          parameters: {},
+        })
+        .expect(200);
+
+      expect(response.body.data).toEqual(repositories);
+    });
+
+    it('of the another users step', async () => {
+      const anotherUser = await createUser();
+      const anotherUserFlow = await createFlow({ userId: anotherUser.id });
+      const connection = await createConnection({ userId: anotherUser.id });
+
+      const actionStep = await createStep({
+        flowId: anotherUserFlow.id,
+        connectionId: connection.id,
+        type: 'action',
+        appKey: 'github',
+        key: 'createIssue',
+      });
+
+      await createPermission({
+        action: 'read',
+        subject: 'Flow',
+        roleId: currentUserRole.id,
+        conditions: [],
+      });
+
+      await createPermission({
+        action: 'update',
+        subject: 'Flow',
+        roleId: currentUserRole.id,
+        conditions: [],
+      });
+
+      const response = await request(app)
+        .post(`/api/v1/steps/${actionStep.id}/dynamic-data`)
+        .set('Authorization', token)
+        .send({
+          dynamicDataKey: 'listRepos',
+          parameters: {},
+        })
+        .expect(200);
+
+      expect(response.body.data).toEqual(repositories);
+    });
+  });
+
+  describe('should return error for dynamically created data', () => {
+    let errors;
+
+    beforeEach(async () => {
+      errors = {
+        message: 'Not Found',
+        documentation_url:
+          'https://docs.github.com/rest/users/users#get-a-user',
+      };
+
+      vi.spyOn(listRepos, 'run').mockImplementation(async () => {
+        throw new HttpError({ message: errors });
+      });
+    });
+
+    it('of the current users step', async () => {
+      const currentUserFlow = await createFlow({ userId: currentUser.id });
+      const connection = await createConnection({ userId: currentUser.id });
+
+      const actionStep = await createStep({
+        flowId: currentUserFlow.id,
+        connectionId: connection.id,
+        type: 'action',
+        appKey: 'github',
+        key: 'createIssue',
+      });
+
+      await createPermission({
+        action: 'read',
+        subject: 'Flow',
+        roleId: currentUserRole.id,
+        conditions: ['isCreator'],
+      });
+
+      await createPermission({
+        action: 'update',
+        subject: 'Flow',
+        roleId: currentUserRole.id,
+        conditions: ['isCreator'],
+      });
+
+      const response = await request(app)
+        .post(`/api/v1/steps/${actionStep.id}/dynamic-data`)
+        .set('Authorization', token)
+        .send({
+          dynamicDataKey: 'listRepos',
+          parameters: {},
+        })
+        .expect(200);
+
+      expect(response.body.errors).toEqual(errors);
+    });
+  });
+
+  it('should return not found response for not existing step UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingStepUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/steps/${notExistingStepUUID}/dynamic-data`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return not found response for existing step UUID without app key', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const step = await createStep({ appKey: null });
+
+    await request(app)
+      .get(`/api/v1/steps/${step.id}/dynamic-data`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .post('/api/v1/steps/invalidStepUUID/dynamic-fields')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.js

@@ -0,0 +1,17 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const step = await request.currentUser.authorizedSteps
+    .clone()
+    .where('steps.id', request.params.stepId)
+    .whereNotNull('steps.app_key')
+    .first()
+    .throwIfNotFound();
+
+  const dynamicFields = await step.createDynamicFields(
+    request.body.dynamicFieldsKey,
+    request.body.parameters
+  );
+
+  renderObject(response, dynamicFields);
+};

packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js

@@ -0,0 +1,169 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow';
+import { createStep } from '../../../../../test/factories/step';
+import { createPermission } from '../../../../../test/factories/permission';
+import createDynamicFieldsMock from '../../../../../test/mocks/rest/api/v1/steps/create-dynamic-fields';
+
+describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return dynamically created fields of the current users step', async () => {
+    const currentUserflow = await createFlow({ userId: currentUser.id });
+
+    const actionStep = await createStep({
+      flowId: currentUserflow.id,
+      type: 'action',
+      appKey: 'slack',
+      key: 'sendMessageToChannel',
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .post(`/api/v1/steps/${actionStep.id}/dynamic-fields`)
+      .set('Authorization', token)
+      .send({
+        dynamicFieldsKey: 'listFieldsAfterSendAsBot',
+        parameters: {
+          sendAsBot: true,
+        },
+      })
+      .expect(200);
+
+    const expectedPayload = await createDynamicFieldsMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return dynamically created fields of the another users step', async () => {
+    const anotherUser = await createUser();
+    const anotherUserflow = await createFlow({ userId: anotherUser.id });
+
+    const actionStep = await createStep({
+      flowId: anotherUserflow.id,
+      type: 'action',
+      appKey: 'slack',
+      key: 'sendMessageToChannel',
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .post(`/api/v1/steps/${actionStep.id}/dynamic-fields`)
+      .set('Authorization', token)
+      .send({
+        dynamicFieldsKey: 'listFieldsAfterSendAsBot',
+        parameters: {
+          sendAsBot: true,
+        },
+      })
+      .expect(200);
+
+    const expectedPayload = await createDynamicFieldsMock();
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing step UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingStepUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/steps/${notExistingStepUUID}/dynamic-fields`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return not found response for existing step UUID without app key', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const step = await createStep({ appKey: null });
+
+    await request(app)
+      .get(`/api/v1/steps/${step.id}/dynamic-fields`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .post('/api/v1/steps/invalidStepUUID/dynamic-fields')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/steps/get-previous-steps.js

@@ -0,0 +1,27 @@
+import { ref } from 'objection';
+import ExecutionStep from '../../../../models/execution-step.js';
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const step = await request.currentUser.authorizedSteps
+    .clone()
+    .findOne({ 'steps.id': request.params.stepId })
+    .throwIfNotFound();
+
+  const previousSteps = await request.currentUser.authorizedSteps
+    .clone()
+    .withGraphJoined('executionSteps')
+    .where('flow_id', '=', step.flowId)
+    .andWhere('position', '<', step.position)
+    .andWhere(
+      'executionSteps.created_at',
+      '=',
+      ExecutionStep.query()
+        .max('created_at')
+        .where('step_id', '=', ref('steps.id'))
+        .andWhere('status', 'success')
+    )
+    .orderBy('steps.position', 'asc');
+
+  renderObject(response, previousSteps);
+};

packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js

@@ -0,0 +1,173 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import Crypto from 'crypto';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createUser } from '../../../../../test/factories/user';
+import { createFlow } from '../../../../../test/factories/flow';
+import { createStep } from '../../../../../test/factories/step';
+import { createExecutionStep } from '../../../../../test/factories/execution-step.js';
+import { createPermission } from '../../../../../test/factories/permission';
+import getPreviousStepsMock from '../../../../../test/mocks/rest/api/v1/steps/get-previous-steps';
+
+describe('GET /api/v1/steps/:stepId/previous-steps', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUser = await createUser();
+    currentUserRole = await currentUser.$relatedQuery('role');
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return the previous steps of the specified step of the current user', async () => {
+    const currentUserflow = await createFlow({ userId: currentUser.id });
+
+    const triggerStep = await createStep({
+      flowId: currentUserflow.id,
+      type: 'trigger',
+    });
+
+    const actionStepOne = await createStep({
+      flowId: currentUserflow.id,
+      type: 'action',
+    });
+
+    const actionStepTwo = await createStep({
+      flowId: currentUserflow.id,
+      type: 'action',
+    });
+
+    const executionStepOne = await createExecutionStep({
+      stepId: triggerStep.id,
+    });
+
+    const executionStepTwo = await createExecutionStep({
+      stepId: actionStepOne.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/steps/${actionStepTwo.id}/previous-steps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getPreviousStepsMock(
+      [triggerStep, actionStepOne],
+      [executionStepOne, executionStepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return the previous steps of the specified step of another user', async () => {
+    const anotherUser = await createUser();
+    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
+
+    const triggerStep = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'trigger',
+    });
+
+    const actionStepOne = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const actionStepTwo = await createStep({
+      flowId: anotherUserFlow.id,
+      type: 'action',
+    });
+
+    const executionStepOne = await createExecutionStep({
+      stepId: triggerStep.id,
+    });
+
+    const executionStepTwo = await createExecutionStep({
+      stepId: actionStepOne.id,
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/steps/${actionStepTwo.id}/previous-steps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = await getPreviousStepsMock(
+      [triggerStep, actionStepOne],
+      [executionStepOne, executionStepTwo]
+    );
+
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return not found response for not existing step UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const notExistingFlowUUID = Crypto.randomUUID();
+
+    await request(app)
+      .get(`/api/v1/steps/${notExistingFlowUUID}/previous-steps`)
+      .set('Authorization', token)
+      .expect(404);
+  });
+
+  it('should return bad request response for invalid UUID', async () => {
+    await createPermission({
+      action: 'update',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await request(app)
+      .get('/api/v1/steps/invalidFlowUUID/previous-steps')
+      .set('Authorization', token)
+      .expect(400);
+  });
+});

packages/backend/src/controllers/api/v1/users/get-apps.js

@@ -0,0 +1,7 @@
+import { renderObject } from '../../../../helpers/renderer.js';
+
+export default async (request, response) => {
+  const apps = await request.currentUser.getApps(request.query.name);
+
+  renderObject(response, apps, { serializer: 'App' });
+};

packages/backend/src/controllers/api/v1/users/get-apps.test.js

@@ -0,0 +1,210 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import request from 'supertest';
+import app from '../../../../app.js';
+import createAuthTokenByUserId from '../../../../helpers/create-auth-token-by-user-id';
+import { createRole } from '../../../../../test/factories/role';
+import { createUser } from '../../../../../test/factories/user';
+import { createPermission } from '../../../../../test/factories/permission.js';
+import { createFlow } from '../../../../../test/factories/flow.js';
+import { createStep } from '../../../../../test/factories/step.js';
+import { createConnection } from '../../../../../test/factories/connection.js';
+import getAppsMock from '../../../../../test/mocks/rest/api/v1/users/get-apps.js';
+
+describe('GET /api/v1/users/:userId/apps', () => {
+  let currentUser, currentUserRole, token;
+
+  beforeEach(async () => {
+    currentUserRole = await createRole();
+    currentUser = await createUser({ roleId: currentUserRole.id });
+
+    token = createAuthTokenByUserId(currentUser.id);
+  });
+
+  it('should return all apps of the current user', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const flowOne = await createFlow({ userId: currentUser.id });
+
+    await createStep({
+      flowId: flowOne.id,
+      appKey: 'webhook',
+    });
+
+    const flowOneActionStepConnection = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    await createStep({
+      connectionId: flowOneActionStepConnection.id,
+      flowId: flowOne.id,
+      appKey: 'deepl',
+    });
+
+    const flowTwo = await createFlow({ userId: currentUser.id });
+
+    const flowTwoTriggerStepConnection = await createConnection({
+      userId: currentUser.id,
+      key: 'github',
+      draft: false,
+    });
+
+    await createStep({
+      connectionId: flowTwoTriggerStepConnection.id,
+      flowId: flowTwo.id,
+      appKey: 'github',
+    });
+
+    await createStep({
+      flowId: flowTwo.id,
+      appKey: 'slack',
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/users/${currentUser.id}/apps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock();
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return all apps of the another user', async () => {
+    const anotherUser = await createUser();
+
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: [],
+    });
+
+    const flowOne = await createFlow({ userId: anotherUser.id });
+
+    await createStep({
+      flowId: flowOne.id,
+      appKey: 'webhook',
+    });
+
+    const flowOneActionStepConnection = await createConnection({
+      userId: anotherUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    await createStep({
+      connectionId: flowOneActionStepConnection.id,
+      flowId: flowOne.id,
+      appKey: 'deepl',
+    });
+
+    const flowTwo = await createFlow({ userId: anotherUser.id });
+
+    const flowTwoTriggerStepConnection = await createConnection({
+      userId: anotherUser.id,
+      key: 'github',
+      draft: false,
+    });
+
+    await createStep({
+      connectionId: flowTwoTriggerStepConnection.id,
+      flowId: flowTwo.id,
+      appKey: 'github',
+    });
+
+    await createStep({
+      flowId: flowTwo.id,
+      appKey: 'slack',
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/users/${currentUser.id}/apps`)
+      .set('Authorization', token)
+      .expect(200);
+
+    const expectedPayload = getAppsMock();
+    expect(response.body).toEqual(expectedPayload);
+  });
+
+  it('should return specified app of the current user', async () => {
+    await createPermission({
+      action: 'read',
+      subject: 'Flow',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    await createPermission({
+      action: 'read',
+      subject: 'Connection',
+      roleId: currentUserRole.id,
+      conditions: ['isCreator'],
+    });
+
+    const flowOne = await createFlow({ userId: currentUser.id });
+
+    await createStep({
+      flowId: flowOne.id,
+      appKey: 'webhook',
+    });
+
+    const flowOneActionStepConnection = await createConnection({
+      userId: currentUser.id,
+      key: 'deepl',
+      draft: false,
+    });
+
+    await createStep({
+      connectionId: flowOneActionStepConnection.id,
+      flowId: flowOne.id,
+      appKey: 'deepl',
+    });
+
+    const flowTwo = await createFlow({ userId: currentUser.id });
+
+    const flowTwoTriggerStepConnection = await createConnection({
+      userId: currentUser.id,
+      key: 'github',
+      draft: false,
+    });
+
+    await createStep({
+      connectionId: flowTwoTriggerStepConnection.id,
+      flowId: flowTwo.id,
+      appKey: 'github',
+    });
+
+    await createStep({
+      flowId: flowTwo.id,
+      appKey: 'slack',
+    });
+
+    const response = await request(app)
+      .get(`/api/v1/users/${currentUser.id}/apps?name=deepl`)
+      .set('Authorization', token)
+      .expect(200);
+
+    expect(response.body.data.length).toEqual(1);
+    expect(response.body.data[0].key).toEqual('deepl');
+  });
+});

packages/backend/src/controllers/webhooks/handler-sync-by-flow-id.js

@@ -26,6 +26,4 @@ export default async (request, response) => {
   }
 
   await handlerSync(flowId, request, response);
-
-  response.sendStatus(204);
 };

packages/backend/src/db/migrations/20240326194638_add_app_key_to_app_auth_clients.js

@@ -0,0 +1,11 @@
+export async function up(knex) {
+  await knex.schema.table('app_auth_clients', (table) => {
+    table.string('app_key');
+  });
+}
+
+export async function down(knex) {
+  await knex.schema.table('app_auth_clients', (table) => {
+    table.dropColumn('app_key');
+  });
+}

packages/backend/src/db/migrations/20240326195028_migrate_app_config_id_to_app_key.js

@@ -0,0 +1,17 @@
+export async function up(knex) {
+  const appAuthClients = await knex('app_auth_clients').select('*');
+
+  for (const appAuthClient of appAuthClients) {
+    const appConfig = await knex('app_configs')
+      .where('id', appAuthClient.app_config_id)
+      .first();
+
+    await knex('app_auth_clients')
+      .where('id', appAuthClient.id)
+      .update({ app_key: appConfig.key });
+  }
+}
+
+export async function down() {
+  // void
+}

packages/backend/src/db/migrations/20240326195748_remove_app_config_id_from_app_auth_clients.js

@@ -0,0 +1,11 @@
+export async function up(knex) {
+  await knex.schema.table('app_auth_clients', (table) => {
+    table.dropColumn('app_config_id');
+  });
+}
+
+export async function down(knex) {
+  await knex.schema.table('app_auth_clients', (table) => {
+    table.uuid('app_config_id').references('id').inTable('app_configs');
+  });
+}

packages/backend/src/db/migrations/20240326202110_add_not_nullable_to_app_key_of_app_auth_clients.js

@@ -0,0 +1,11 @@
+export async function up(knex) {
+  await knex.schema.table('app_auth_clients', (table) => {
+    table.string('app_key').notNullable().alter();
+  });
+}
+
+export async function down(knex) {
+  await knex.schema.table('app_auth_clients', (table) => {
+    table.string('app_key').nullable().alter();
+  });
+}

packages/backend/src/graphql/queries/get-app-auth-client.ee.js

@@ -1,24 +0,0 @@
-import AppAuthClient from '../../models/app-auth-client.js';
-
-const getAppAuthClient = async (_parent, params, context) => {
-  let canSeeAllClients = false;
-  try {
-    context.currentUser.can('read', 'App');
-
-    canSeeAllClients = true;
-  } catch {
-    // void
-  }
-
-  const appAuthClient = AppAuthClient.query()
-    .findById(params.id)
-    .throwIfNotFound();
-
-  if (!canSeeAllClients) {
-    appAuthClient.where({ active: true });
-  }
-
-  return await appAuthClient;
-};
-
-export default getAppAuthClient;

packages/backend/src/graphql/queries/get-app-auth-clients.ee.js

@@ -1,33 +0,0 @@
-import AppConfig from '../../models/app-config.js';
-
-const getAppAuthClients = async (_parent, params, context) => {
-  let canSeeAllClients = false;
-  try {
-    context.currentUser.can('read', 'App');
-
-    canSeeAllClients = true;
-  } catch {
-    // void
-  }
-
-  const appConfig = await AppConfig.query()
-    .findOne({
-      key: params.appKey,
-    })
-    .throwIfNotFound();
-
-  const appAuthClients = appConfig
-    .$relatedQuery('appAuthClients')
-    .where({ active: params.active })
-    .skipUndefined();
-
-  if (!canSeeAllClients) {
-    appAuthClients.where({
-      active: true,
-    });
-  }
-
-  return await appAuthClients;
-};
-
-export default getAppAuthClients;

packages/backend/src/graphql/queries/get-app.js

@@ -1,41 +0,0 @@
-import App from '../../models/app.js';
-import Connection from '../../models/connection.js';
-
-const getApp = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('read', 'Connection');
-
-  const userConnections = context.currentUser.$relatedQuery('connections');
-  const allConnections = Connection.query();
-  const connectionBaseQuery = conditions.isCreator
-    ? userConnections
-    : allConnections;
-
-  const app = await App.findOneByKey(params.key);
-
-  if (context.currentUser) {
-    const connections = await connectionBaseQuery
-      .clone()
-      .select('connections.*')
-      .withGraphFetched({
-        appConfig: true,
-        appAuthClient: true,
-      })
-      .fullOuterJoinRelated('steps')
-      .where({
-        'connections.key': params.key,
-        'connections.draft': false,
-      })
-      .countDistinct('steps.flow_id as flowCount')
-      .groupBy('connections.id')
-      .orderBy('created_at', 'desc');
-
-    return {
-      ...app,
-      connections,
-    };
-  }
-
-  return app;
-};
-
-export default getApp;

packages/backend/src/graphql/queries/get-billing-and-usage.ee.js

@@ -1,101 +0,0 @@
-import { DateTime } from 'luxon';
-import Billing from '../../helpers/billing/index.ee.js';
-import ExecutionStep from '../../models/execution-step.js';
-
-const getBillingAndUsage = async (_parent, _params, context) => {
-  const persistedSubscription = await context.currentUser.$relatedQuery(
-    'currentSubscription'
-  );
-
-  const subscription = persistedSubscription
-    ? paidSubscription(persistedSubscription)
-    : freeTrialSubscription();
-
-  return {
-    subscription,
-    usage: {
-      task: executionStepCount(context),
-    },
-  };
-};
-
-const paidSubscription = (subscription) => {
-  const currentPlan = Billing.paddlePlans.find(
-    (plan) => plan.productId === subscription.paddlePlanId
-  );
-
-  return {
-    status: subscription.status,
-    monthlyQuota: {
-      title: currentPlan.limit,
-      action: {
-        type: 'link',
-        text: 'Cancel plan',
-        src: subscription.cancelUrl,
-      },
-    },
-    nextBillAmount: {
-      title: subscription.nextBillAmount
-        ? '€' + subscription.nextBillAmount
-        : '---',
-      action: {
-        type: 'link',
-        text: 'Update payment method',
-        src: subscription.updateUrl,
-      },
-    },
-    nextBillDate: {
-      title: subscription.nextBillDate ? subscription.nextBillDate : '---',
-      action: {
-        type: 'text',
-        text: '(monthly payment)',
-      },
-    },
-  };
-};
-
-const freeTrialSubscription = () => {
-  return {
-    status: null,
-    monthlyQuota: {
-      title: 'Free Trial',
-      action: {
-        type: 'link',
-        text: 'Upgrade plan',
-        src: '/settings/billing/upgrade',
-      },
-    },
-    nextBillAmount: {
-      title: '---',
-      action: null,
-    },
-    nextBillDate: {
-      title: '---',
-      action: null,
-    },
-  };
-};
-
-const executionIds = async (context) => {
-  return (
-    await context.currentUser
-      .$relatedQuery('executions')
-      .select('executions.id')
-  ).map((execution) => execution.id);
-};
-
-const executionStepCount = async (context) => {
-  const executionStepCount = await ExecutionStep.query()
-    .whereIn('execution_id', await executionIds(context))
-    .andWhere(
-      'created_at',
-      '>=',
-      DateTime.now().minus({ days: 30 }).toISODate()
-    )
-    .count()
-    .first();
-
-  return executionStepCount.count;
-};
-
-export default getBillingAndUsage;

packages/backend/src/graphql/queries/get-config.ee.js

@@ -1,32 +0,0 @@
-import appConfig from '../../config/app.js';
-import { hasValidLicense } from '../../helpers/license.ee.js';
-import Config from '../../models/config.js';
-
-const getConfig = async (_parent, params) => {
-  if (!(await hasValidLicense())) return {};
-
-  const defaultConfig = {
-    disableNotificationsPage: appConfig.disableNotificationsPage,
-    disableFavicon: appConfig.disableFavicon,
-    additionalDrawerLink: appConfig.additionalDrawerLink,
-    additionalDrawerLinkText: appConfig.additionalDrawerLinkText,
-  };
-
-  const configQuery = Config.query();
-
-  if (Array.isArray(params.keys)) {
-    configQuery.whereIn('key', params.keys);
-  }
-
-  const config = await configQuery.orderBy('key', 'asc');
-
-  return config.reduce((computedConfig, configEntry) => {
-    const { key, value } = configEntry;
-
-    computedConfig[key] = value?.data;
-
-    return computedConfig;
-  }, defaultConfig);
-};
-
-export default getConfig;

packages/backend/src/graphql/queries/get-config.ee.test.js

@@ -1,140 +0,0 @@
-import { vi, describe, it, expect, beforeEach } from 'vitest';
-import request from 'supertest';
-import app from '../../app';
-import { createConfig } from '../../../test/factories/config';
-import appConfig from '../../config/app';
-import * as license from '../../helpers/license.ee';
-
-describe('graphQL getConfig query', () => {
-  let configOne, configTwo, configThree, query;
-
-  beforeEach(async () => {
-    configOne = await createConfig({ key: 'configOne' });
-    configTwo = await createConfig({ key: 'configTwo' });
-    configThree = await createConfig({ key: 'configThree' });
-
-    query = `
-      query {
-        getConfig
-      }
-    `;
-  });
-
-  describe('and without valid license', () => {
-    beforeEach(async () => {
-      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(false);
-    });
-
-    describe('and correct permissions', () => {
-      it('should return empty config data', async () => {
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = { data: { getConfig: {} } };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-  });
-
-  describe('and with valid license', () => {
-    beforeEach(async () => {
-      vi.spyOn(license, 'hasValidLicense').mockResolvedValue(true);
-    });
-
-    describe('and without providing specific keys', () => {
-      it('should return all config data', async () => {
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getConfig: {
-              [configOne.key]: configOne.value.data,
-              [configTwo.key]: configTwo.value.data,
-              [configThree.key]: configThree.value.data,
-              disableNotificationsPage: false,
-              disableFavicon: false,
-              additionalDrawerLink: undefined,
-              additionalDrawerLinkText: undefined,
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-
-    describe('and with providing specific keys', () => {
-      it('should return all config data', async () => {
-        query = `
-          query {
-            getConfig(keys: ["configOne", "configTwo"])
-          }
-        `;
-
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getConfig: {
-              [configOne.key]: configOne.value.data,
-              [configTwo.key]: configTwo.value.data,
-              disableNotificationsPage: false,
-              disableFavicon: false,
-              additionalDrawerLink: undefined,
-              additionalDrawerLinkText: undefined,
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-
-    describe('and with different defaults', () => {
-      beforeEach(async () => {
-        vi.spyOn(appConfig, 'disableNotificationsPage', 'get').mockReturnValue(
-          true
-        );
-        vi.spyOn(appConfig, 'disableFavicon', 'get').mockReturnValue(true);
-        vi.spyOn(appConfig, 'additionalDrawerLink', 'get').mockReturnValue(
-          'https://automatisch.io'
-        );
-        vi.spyOn(appConfig, 'additionalDrawerLinkText', 'get').mockReturnValue(
-          'Automatisch'
-        );
-      });
-
-      it('should return custom config', async () => {
-        const response = await request(app)
-          .post('/graphql')
-          .send({ query })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getConfig: {
-              [configOne.key]: configOne.value.data,
-              [configTwo.key]: configTwo.value.data,
-              [configThree.key]: configThree.value.data,
-              disableNotificationsPage: true,
-              disableFavicon: true,
-              additionalDrawerLink: 'https://automatisch.io',
-              additionalDrawerLinkText: 'Automatisch',
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-  });
-});

packages/backend/src/graphql/queries/get-connected-apps.js

@@ -1,67 +0,0 @@
-import App from '../../models/app.js';
-import Flow from '../../models/flow.js';
-import Connection from '../../models/connection.js';
-
-const getConnectedApps = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('read', 'Connection');
-
-  const userConnections = context.currentUser.$relatedQuery('connections');
-  const allConnections = Connection.query();
-  const connectionBaseQuery = conditions.isCreator
-    ? userConnections
-    : allConnections;
-
-  const userFlows = context.currentUser.$relatedQuery('flows');
-  const allFlows = Flow.query();
-  const flowBaseQuery = conditions.isCreator ? userFlows : allFlows;
-
-  let apps = await App.findAll(params.name);
-
-  const connections = await connectionBaseQuery
-    .clone()
-    .select('connections.key')
-    .where({ draft: false })
-    .count('connections.id as count')
-    .groupBy('connections.key');
-
-  const flows = await flowBaseQuery
-    .clone()
-    .withGraphJoined('steps')
-    .orderBy('created_at', 'desc');
-
-  const duplicatedUsedApps = flows
-    .map((flow) => flow.steps.map((step) => step.appKey))
-    .flat()
-    .filter(Boolean);
-
-  const connectionKeys = connections.map((connection) => connection.key);
-  const usedApps = [...new Set([...duplicatedUsedApps, ...connectionKeys])];
-
-  apps = apps
-    .filter((app) => {
-      return usedApps.includes(app.key);
-    })
-    .map((app) => {
-      const connection = connections.find(
-        (connection) => connection.key === app.key
-      );
-
-      app.connectionCount = connection?.count || 0;
-      app.flowCount = 0;
-
-      flows.forEach((flow) => {
-        const usedFlow = flow.steps.find((step) => step.appKey === app.key);
-
-        if (usedFlow) {
-          app.flowCount += 1;
-        }
-      });
-
-      return app;
-    })
-    .sort((appA, appB) => appA.name.localeCompare(appB.name));
-
-  return apps;
-};
-
-export default getConnectedApps;

packages/backend/src/graphql/queries/get-dynamic-data.js

@@ -1,65 +0,0 @@
-import App from '../../models/app.js';
-import Step from '../../models/step.js';
-import ExecutionStep from '../../models/execution-step.js';
-import globalVariable from '../../helpers/global-variable.js';
-import computeParameters from '../../helpers/compute-parameters.js';
-
-const getDynamicData = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('update', 'Flow');
-  const userSteps = context.currentUser.$relatedQuery('steps');
-  const allSteps = Step.query();
-  const stepBaseQuery = conditions.isCreator ? userSteps : allSteps;
-
-  const step = await stepBaseQuery
-    .clone()
-    .withGraphFetched({
-      connection: true,
-      flow: true,
-    })
-    .findById(params.stepId);
-
-  if (!step) return null;
-
-  const connection = step.connection;
-
-  if (!connection || !step.appKey) return null;
-
-  const flow = step.flow;
-  const app = await App.findOneByKey(step.appKey);
-  const $ = await globalVariable({ connection, app, flow, step });
-
-  const command = app.dynamicData.find((data) => data.key === params.key);
-
-  // apply run-time parameters that're not persisted yet
-  for (const parameterKey in params.parameters) {
-    const parameterValue = params.parameters[parameterKey];
-    $.step.parameters[parameterKey] = parameterValue;
-  }
-
-  const lastExecution = await flow.$relatedQuery('lastExecution');
-  const lastExecutionId = lastExecution?.id;
-
-  const priorExecutionSteps = lastExecutionId
-    ? await ExecutionStep.query().where({
-        execution_id: lastExecutionId,
-      })
-    : [];
-
-  // compute variables in parameters
-  const computedParameters = computeParameters(
-    $.step.parameters,
-    priorExecutionSteps
-  );
-
-  $.step.parameters = computedParameters;
-
-  const fetchedData = await command.run($);
-
-  if (fetchedData.error) {
-    throw new Error(JSON.stringify(fetchedData.error));
-  }
-
-  return fetchedData.data;
-};
-
-export default getDynamicData;

packages/backend/src/graphql/queries/get-dynamic-fields.js

@@ -1,40 +0,0 @@
-import App from '../../models/app.js';
-import Step from '../../models/step.js';
-import globalVariable from '../../helpers/global-variable.js';
-
-const getDynamicFields = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('update', 'Flow');
-  const userSteps = context.currentUser.$relatedQuery('steps');
-  const allSteps = Step.query();
-  const stepBaseQuery = conditions.isCreator ? userSteps : allSteps;
-
-  const step = await stepBaseQuery
-    .clone()
-    .withGraphFetched({
-      connection: true,
-      flow: true,
-    })
-    .findById(params.stepId);
-
-  if (!step) return null;
-
-  const connection = step.connection;
-
-  if (!step.appKey) return null;
-
-  const app = await App.findOneByKey(step.appKey);
-  const $ = await globalVariable({ connection, app, flow: step.flow, step });
-
-  const command = app.dynamicFields.find((data) => data.key === params.key);
-
-  for (const parameterKey in params.parameters) {
-    const parameterValue = params.parameters[parameterKey];
-    $.step.parameters[parameterKey] = parameterValue;
-  }
-
-  const additionalFields = (await command.run($)) || [];
-
-  return additionalFields;
-};
-
-export default getDynamicFields;

packages/backend/src/graphql/queries/get-flow.js

@@ -1,19 +0,0 @@
-import Flow from '../../models/flow.js';
-
-const getFlow = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('read', 'Flow');
-  const userFlows = context.currentUser.$relatedQuery('flows');
-  const allFlows = Flow.query();
-  const baseQuery = conditions.isCreator ? userFlows : allFlows;
-
-  const flow = await baseQuery
-    .clone()
-    .withGraphJoined('[steps.[connection]]')
-    .orderBy('steps.position', 'asc')
-    .findOne({ 'flows.id': params.id })
-    .throwIfNotFound();
-
-  return flow;
-};
-
-export default getFlow;

packages/backend/src/graphql/queries/get-flow.test.js

@@ -1,240 +0,0 @@
-import { describe, it, expect, beforeEach } from 'vitest';
-import request from 'supertest';
-import app from '../../app';
-import appConfig from '../../config/app';
-import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
-import { createRole } from '../../../test/factories/role';
-import { createPermission } from '../../../test/factories/permission';
-import { createUser } from '../../../test/factories/user';
-import { createFlow } from '../../../test/factories/flow';
-import { createStep } from '../../../test/factories/step';
-import { createConnection } from '../../../test/factories/connection';
-
-describe('graphQL getFlow query', () => {
-  const query = (flowId) => {
-    return `
-      query {
-        getFlow(id: "${flowId}") {
-          id
-          name
-          active
-          status
-          steps {
-            id
-            type
-            key
-            appKey
-            iconUrl
-            webhookUrl
-            status
-            position
-            connection {
-              id
-              verified
-              createdAt
-            }
-            parameters
-          }
-        }
-      }
-    `;
-  };
-
-  describe('and without permissions', () => {
-    it('should throw not authorized error', async () => {
-      const userWithoutPermissions = await createUser();
-      const token = createAuthTokenByUserId(userWithoutPermissions.id);
-      const flow = await createFlow();
-
-      const response = await request(app)
-        .post('/graphql')
-        .set('Authorization', token)
-        .send({ query: query(flow.id) })
-        .expect(200);
-
-      expect(response.body.errors).toBeDefined();
-      expect(response.body.errors[0].message).toEqual('Not authorized!');
-    });
-  });
-
-  describe('and with correct permission', () => {
-    let currentUser, currentUserRole, currentUserFlow;
-
-    beforeEach(async () => {
-      currentUserRole = await createRole();
-      currentUser = await createUser({ roleId: currentUserRole.id });
-      currentUserFlow = await createFlow({ userId: currentUser.id });
-    });
-
-    describe('and with isCreator condition', () => {
-      it('should return executions data of the current user', async () => {
-        await createPermission({
-          action: 'read',
-          subject: 'Flow',
-          roleId: currentUserRole.id,
-          conditions: ['isCreator'],
-        });
-
-        const triggerStep = await createStep({
-          flowId: currentUserFlow.id,
-          type: 'trigger',
-          key: 'catchRawWebhook',
-          webhookPath: `/webhooks/flows/${currentUserFlow.id}`,
-        });
-
-        const actionConnection = await createConnection({
-          userId: currentUser.id,
-          formattedData: {
-            screenName: 'Test',
-            authenticationKey: 'test key',
-          },
-        });
-
-        const actionStep = await createStep({
-          flowId: currentUserFlow.id,
-          type: 'action',
-          connectionId: actionConnection.id,
-          key: 'translateText',
-        });
-
-        const token = createAuthTokenByUserId(currentUser.id);
-
-        const response = await request(app)
-          .post('/graphql')
-          .set('Authorization', token)
-          .send({ query: query(currentUserFlow.id) })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getFlow: {
-              active: currentUserFlow.active,
-              id: currentUserFlow.id,
-              name: currentUserFlow.name,
-              status: 'draft',
-              steps: [
-                {
-                  appKey: triggerStep.appKey,
-                  connection: null,
-                  iconUrl: `${appConfig.baseUrl}/apps/${triggerStep.appKey}/assets/favicon.svg`,
-                  id: triggerStep.id,
-                  key: 'catchRawWebhook',
-                  parameters: {},
-                  position: 1,
-                  status: triggerStep.status,
-                  type: 'trigger',
-                  webhookUrl: `${appConfig.baseUrl}/webhooks/flows/${currentUserFlow.id}`,
-                },
-                {
-                  appKey: actionStep.appKey,
-                  connection: {
-                    createdAt: actionConnection.createdAt.getTime().toString(),
-                    id: actionConnection.id,
-                    verified: actionConnection.verified,
-                  },
-                  iconUrl: `${appConfig.baseUrl}/apps/${actionStep.appKey}/assets/favicon.svg`,
-                  id: actionStep.id,
-                  key: 'translateText',
-                  parameters: {},
-                  position: 1,
-                  status: actionStep.status,
-                  type: 'action',
-                  webhookUrl: 'http://localhost:3000/null',
-                },
-              ],
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-
-    describe('and without isCreator condition', () => {
-      it('should return executions data of all users', async () => {
-        await createPermission({
-          action: 'read',
-          subject: 'Flow',
-          roleId: currentUserRole.id,
-          conditions: [],
-        });
-
-        const anotherUser = await createUser();
-        const anotherUserFlow = await createFlow({ userId: anotherUser.id });
-
-        const triggerStep = await createStep({
-          flowId: anotherUserFlow.id,
-          type: 'trigger',
-          key: 'catchRawWebhook',
-          webhookPath: `/webhooks/flows/${anotherUserFlow.id}`,
-        });
-
-        const actionConnection = await createConnection({
-          userId: anotherUser.id,
-          formattedData: {
-            screenName: 'Test',
-            authenticationKey: 'test key',
-          },
-        });
-
-        const actionStep = await createStep({
-          flowId: anotherUserFlow.id,
-          type: 'action',
-          connectionId: actionConnection.id,
-          key: 'translateText',
-        });
-
-        const token = createAuthTokenByUserId(currentUser.id);
-
-        const response = await request(app)
-          .post('/graphql')
-          .set('Authorization', token)
-          .send({ query: query(anotherUserFlow.id) })
-          .expect(200);
-
-        const expectedResponsePayload = {
-          data: {
-            getFlow: {
-              active: anotherUserFlow.active,
-              id: anotherUserFlow.id,
-              name: anotherUserFlow.name,
-              status: 'draft',
-              steps: [
-                {
-                  appKey: triggerStep.appKey,
-                  connection: null,
-                  iconUrl: `${appConfig.baseUrl}/apps/${triggerStep.appKey}/assets/favicon.svg`,
-                  id: triggerStep.id,
-                  key: 'catchRawWebhook',
-                  parameters: {},
-                  position: 1,
-                  status: triggerStep.status,
-                  type: 'trigger',
-                  webhookUrl: `${appConfig.baseUrl}/webhooks/flows/${anotherUserFlow.id}`,
-                },
-                {
-                  appKey: actionStep.appKey,
-                  connection: {
-                    createdAt: actionConnection.createdAt.getTime().toString(),
-                    id: actionConnection.id,
-                    verified: actionConnection.verified,
-                  },
-                  iconUrl: `${appConfig.baseUrl}/apps/${actionStep.appKey}/assets/favicon.svg`,
-                  id: actionStep.id,
-                  key: 'translateText',
-                  parameters: {},
-                  position: 1,
-                  status: actionStep.status,
-                  type: 'action',
-                  webhookUrl: 'http://localhost:3000/null',
-                },
-              ],
-            },
-          },
-        };
-
-        expect(response.body).toEqual(expectedResponsePayload);
-      });
-    });
-  });
-});

packages/backend/src/graphql/queries/get-flows.js

@@ -1,40 +0,0 @@
-import Flow from '../../models/flow.js';
-import paginate from '../../helpers/pagination.js';
-
-const getFlows = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('read', 'Flow');
-  const userFlows = context.currentUser.$relatedQuery('flows');
-  const allFlows = Flow.query();
-  const baseQuery = conditions.isCreator ? userFlows : allFlows;
-
-  const flowsQuery = baseQuery
-    .clone()
-    .joinRelated({
-      steps: true,
-    })
-    .withGraphFetched({
-      steps: {
-        connection: true,
-      },
-    })
-    .where((builder) => {
-      if (params.connectionId) {
-        builder.where('steps.connection_id', params.connectionId);
-      }
-
-      if (params.name) {
-        builder.where('flows.name', 'ilike', `%${params.name}%`);
-      }
-
-      if (params.appKey) {
-        builder.where('steps.app_key', params.appKey);
-      }
-    })
-    .groupBy('flows.id')
-    .orderBy('active', 'desc')
-    .orderBy('updated_at', 'desc');
-
-  return paginate(flowsQuery, params.limit, params.offset);
-};
-
-export default getFlows;

packages/backend/src/graphql/queries/get-notifications.js

@@ -1,16 +0,0 @@
-import axios from '../../helpers/axios-with-proxy.js';
-
-const NOTIFICATIONS_URL =
-  'https://notifications.automatisch.io/notifications.json';
-
-const getNotifications = async () => {
-  try {
-    const { data: notifications = [] } = await axios.get(NOTIFICATIONS_URL);
-
-    return notifications;
-  } catch (err) {
-    return [];
-  }
-};
-
-export default getNotifications;

packages/backend/src/graphql/queries/get-step-with-test-executions.js

@@ -1,34 +0,0 @@
-import { ref } from 'objection';
-import ExecutionStep from '../../models/execution-step.js';
-import Step from '../../models/step.js';
-
-const getStepWithTestExecutions = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('update', 'Flow');
-  const userSteps = context.currentUser.$relatedQuery('steps');
-  const allSteps = Step.query();
-  const stepBaseQuery = conditions.isCreator ? userSteps : allSteps;
-
-  const step = await stepBaseQuery
-    .clone()
-    .findOne({ 'steps.id': params.stepId })
-    .throwIfNotFound();
-
-  const previousStepsWithCurrentStep = await stepBaseQuery
-    .clone()
-    .withGraphJoined('executionSteps')
-    .where('flow_id', '=', step.flowId)
-    .andWhere('position', '<', step.position)
-    .andWhere(
-      'executionSteps.created_at',
-      '=',
-      ExecutionStep.query()
-        .max('created_at')
-        .where('step_id', '=', ref('steps.id'))
-        .andWhere('status', 'success')
-    )
-    .orderBy('steps.position', 'asc');
-
-  return previousStepsWithCurrentStep;
-};
-
-export default getStepWithTestExecutions;

packages/backend/src/graphql/queries/get-users.js

@@ -1,19 +0,0 @@
-import paginate from '../../helpers/pagination.js';
-import User from '../../models/user.js';
-
-const getUsers = async (_parent, params, context) => {
-  context.currentUser.can('read', 'User');
-
-  const usersQuery = User.query()
-    .leftJoinRelated({
-      role: true,
-    })
-    .withGraphFetched({
-      role: true,
-    })
-    .orderBy('full_name', 'asc');
-
-  return paginate(usersQuery, params.limit, params.offset);
-};
-
-export default getUsers;

packages/backend/src/graphql/queries/get-users.test.js

@@ -1,148 +0,0 @@
-import { describe, it, expect, beforeEach } from 'vitest';
-import request from 'supertest';
-import app from '../../app';
-import createAuthTokenByUserId from '../../helpers/create-auth-token-by-user-id';
-import { createRole } from '../../../test/factories/role';
-import { createPermission } from '../../../test/factories/permission';
-import { createUser } from '../../../test/factories/user';
-
-describe('graphQL getUsers query', () => {
-  const query = `
-    query {
-      getUsers(limit: 10, offset: 0) {
-        pageInfo {
-          currentPage
-          totalPages
-        }
-        totalCount
-        edges {
-          node {
-            id
-            fullName
-            email
-            role {
-              id
-              name
-            }
-          }
-        }
-      }
-    }
-  `;
-
-  describe('and without permissions', () => {
-    it('should throw not authorized error', async () => {
-      const userWithoutPermissions = await createUser();
-      const token = createAuthTokenByUserId(userWithoutPermissions.id);
-
-      const response = await request(app)
-        .post('/graphql')
-        .set('Authorization', token)
-        .send({ query })
-        .expect(200);
-
-      expect(response.body.errors).toBeDefined();
-      expect(response.body.errors[0].message).toEqual('Not authorized!');
-    });
-  });
-
-  describe('and with correct permissions', () => {
-    let role, currentUser, anotherUser, token, requestObject;
-
-    beforeEach(async () => {
-      role = await createRole({
-        key: 'sample',
-        name: 'sample',
-      });
-
-      await createPermission({
-        action: 'read',
-        subject: 'User',
-        roleId: role.id,
-      });
-
-      currentUser = await createUser({
-        roleId: role.id,
-        fullName: 'Current User',
-      });
-
-      anotherUser = await createUser({
-        roleId: role.id,
-        fullName: 'Another User',
-      });
-
-      token = createAuthTokenByUserId(currentUser.id);
-      requestObject = request(app).post('/graphql').set('Authorization', token);
-    });
-
-    it('should return users data', async () => {
-      const response = await requestObject.send({ query }).expect(200);
-
-      const expectedResponsePayload = {
-        data: {
-          getUsers: {
-            edges: [
-              {
-                node: {
-                  email: anotherUser.email,
-                  fullName: anotherUser.fullName,
-                  id: anotherUser.id,
-                  role: {
-                    id: role.id,
-                    name: role.name,
-                  },
-                },
-              },
-              {
-                node: {
-                  email: currentUser.email,
-                  fullName: currentUser.fullName,
-                  id: currentUser.id,
-                  role: {
-                    id: role.id,
-                    name: role.name,
-                  },
-                },
-              },
-            ],
-            pageInfo: {
-              currentPage: 1,
-              totalPages: 1,
-            },
-            totalCount: 2,
-          },
-        },
-      };
-
-      expect(response.body).toEqual(expectedResponsePayload);
-    });
-
-    it('should not return users data with password', async () => {
-      const query = `
-          query {
-            getUsers(limit: 10, offset: 0) {
-              pageInfo {
-                currentPage
-                totalPages
-              }
-              totalCount
-              edges {
-                node {
-                  id
-                  fullName
-                  password
-                }
-              }
-            }
-          }
-        `;
-
-      const response = await requestObject.send({ query }).expect(400);
-
-      expect(response.body.errors).toBeDefined();
-      expect(response.body.errors[0].message).toEqual(
-        'Cannot query field "password" on type "User".'
-      );
-    });
-  });
-});

packages/backend/src/graphql/queries/test-connection.js

@@ -1,38 +0,0 @@
-import App from '../../models/app.js';
-import Connection from '../../models/connection.js';
-import globalVariable from '../../helpers/global-variable.js';
-
-const testConnection = async (_parent, params, context) => {
-  const conditions = context.currentUser.can('update', 'Connection');
-  const userConnections = context.currentUser.$relatedQuery('connections');
-  const allConnections = Connection.query();
-  const connectionBaseQuery = conditions.isCreator
-    ? userConnections
-    : allConnections;
-
-  let connection = await connectionBaseQuery
-    .clone()
-    .findOne({
-      id: params.id,
-    })
-    .throwIfNotFound();
-
-  const app = await App.findOneByKey(connection.key, false);
-  const $ = await globalVariable({ connection, app });
-
-  let isStillVerified;
-  try {
-    isStillVerified = !!(await app.auth.isStillVerified($));
-  } catch {
-    isStillVerified = false;
-  }
-
-  connection = await connection.$query().patchAndFetch({
-    formattedData: connection.formattedData,
-    verified: isStillVerified,
-  });
-
-  return connection;
-};
-
-export default testConnection;

packages/backend/src/graphql/query-resolvers.js

@@ -1,33 +0,0 @@
-import getApp from './queries/get-app.js';
-import getAppAuthClient from './queries/get-app-auth-client.ee.js';
-import getAppAuthClients from './queries/get-app-auth-clients.ee.js';
-import getBillingAndUsage from './queries/get-billing-and-usage.ee.js';
-import getConfig from './queries/get-config.ee.js';
-import getConnectedApps from './queries/get-connected-apps.js';
-import getDynamicData from './queries/get-dynamic-data.js';
-import getDynamicFields from './queries/get-dynamic-fields.js';
-import getFlow from './queries/get-flow.js';
-import getFlows from './queries/get-flows.js';
-import getNotifications from './queries/get-notifications.js';
-import getStepWithTestExecutions from './queries/get-step-with-test-executions.js';
-import getUsers from './queries/get-users.js';
-import testConnection from './queries/test-connection.js';
-
-const queryResolvers = {
-  getApp,
-  getAppAuthClient,
-  getAppAuthClients,
-  getBillingAndUsage,
-  getConfig,
-  getConnectedApps,
-  getDynamicData,
-  getDynamicFields,
-  getFlow,
-  getFlows,
-  getNotifications,
-  getStepWithTestExecutions,
-  getUsers,
-  testConnection,
-};
-
-export default queryResolvers;

packages/backend/src/graphql/resolvers.js

@@ -1,8 +1,6 @@
 import mutationResolvers from './mutation-resolvers.js';
-import queryResolvers from './query-resolvers.js';
 
 const resolvers = {
-  Query: queryResolvers,
   Mutation: mutationResolvers,
 };
 

packages/backend/src/graphql/schema.graphql

@@ -1,34 +1,6 @@
 type Query {
-  getApp(key: String!): App
+  placeholderQuery(name: String): Boolean
-  getAppAuthClient(id: String!): AppAuthClient
-  getAppAuthClients(appKey: String!, active: Boolean): [AppAuthClient]
-  getConnectedApps(name: String): [App]
-  testConnection(id: String!): Connection
-  getFlow(id: String!): Flow
-  getFlows(
-    limit: Int!
-    offset: Int!
-    appKey: String
-    connectionId: String
-    name: String
-  ): FlowConnection
-  getStepWithTestExecutions(stepId: String!): [Step]
-  getDynamicData(
-    stepId: String!
-    key: String!
-    parameters: JSONObject
-  ): JSONObject
-  getDynamicFields(
-    stepId: String!
-    key: String!
-    parameters: JSONObject
-  ): [SubstepArgument]
-  getBillingAndUsage: GetBillingAndUsage
-  getConfig(keys: [String]): JSONObject
-  getNotifications: [Notification]
-  getUsers(limit: Int!, offset: Int!): UserConnection
 }
-
 type Mutation {
   createAppConfig(input: CreateAppConfigInput): AppConfig
   createAppAuthClient(input: CreateAppAuthClientInput): AppAuthClient
@@ -257,15 +229,6 @@ type Field {
   options: [SubstepArgumentOption]
 }
 
-type FlowConnection {
-  edges: [FlowEdge]
-  pageInfo: PageInfo
-}
-
-type FlowEdge {
-  node: Flow
-}
-
 enum FlowStatus {
   paused
   published
@@ -304,16 +267,6 @@ type SamlAuthProvidersRoleMapping {
   remoteRoleName: String
 }
 
-type UserConnection {
-  edges: [UserEdge]
-  pageInfo: PageInfo
-  totalCount: Int
-}
-
-type UserEdge {
-  node: User
-}
-
 input CreateConnectionInput {
   key: String!
   appAuthClientId: String
@@ -597,43 +550,6 @@ type License {
   verified: Boolean
 }
 
-type GetBillingAndUsage {
-  subscription: Subscription
-  usage: Usage
-}
-
-type MonthlyQuota {
-  title: String
-  action: BillingCardAction
-}
-
-type NextBillAmount {
-  title: String
-  action: BillingCardAction
-}
-
-type NextBillDate {
-  title: String
-  action: BillingCardAction
-}
-
-type BillingCardAction {
-  type: String
-  text: String
-  src: String
-}
-
-type Subscription {
-  status: String
-  monthlyQuota: MonthlyQuota
-  nextBillAmount: NextBillAmount
-  nextBillDate: NextBillDate
-}
-
-type Usage {
-  task: Int
-}
-
 type Permission {
   id: String
   action: String
@@ -692,13 +608,6 @@ input UpdateAppAuthClientInput {
   active: Boolean
 }
 
-type Notification {
-  name: String
-  createdAt: String
-  documentationUrl: String
-  description: String
-}
-
 schema {
   query: Query
   mutation: Mutation

packages/backend/src/helpers/authentication.js

@@ -40,11 +40,6 @@ export const authenticateUser = async (request, response, next) => {
 const isAuthenticatedRule = rule()(isAuthenticated);
 
 export const authenticationRules = {
-  Query: {
-    '*': isAuthenticatedRule,
-    getConfig: allow,
-    getNotifications: allow,
-  },
   Mutation: {
     '*': isAuthenticatedRule,
     forgotPassword: allow,

packages/backend/src/helpers/authentication.test.js

@@ -42,19 +42,21 @@ describe('authentication rules', () => {
 
   const { queries, mutations } = getQueryAndMutationNames(authenticationRules);
 
-  describe('for queries', () => {
+  if (queries.length) {
-    queries.forEach((query) => {
+    describe('for queries', () => {
-      it(`should apply correct rule for query: ${query}`, () => {
+      queries.forEach((query) => {
-        const ruleApplied = authenticationRules.Query[query];
+        it(`should apply correct rule for query: ${query}`, () => {
+          const ruleApplied = authenticationRules.Query[query];
 
-        if (query === '*') {
+          if (query === '*') {
-          expect(ruleApplied.func).toBe(isAuthenticated);
+            expect(ruleApplied.func).toBe(isAuthenticated);
-        } else {
+          } else {
-          expect(ruleApplied).toEqual(allow);
+            expect(ruleApplied).toEqual(allow);
-        }
+          }
+        });
       });
     });
-  });
+  }
 
   describe('for mutations', () => {
     mutations.forEach((mutation) => {

packages/backend/src/helpers/authorization.js

@@ -7,6 +7,10 @@ const authorizationList = {
     action: 'read',
     subject: 'User',
   },
+  'GET /api/v1/users/:userId/apps': {
+    action: 'read',
+    subject: 'Connection',
+  },
   'GET /api/v1/flows/:flowId': {
     action: 'read',
     subject: 'Flow',
@@ -19,14 +23,34 @@ const authorizationList = {
     action: 'read',
     subject: 'Flow',
   },
+  'GET /api/v1/steps/:stepId/previous-steps': {
+    action: 'update',
+    subject: 'Flow',
+  },
+  'POST /api/v1/steps/:stepId/dynamic-fields': {
+    action: 'update',
+    subject: 'Flow',
+  },
+  'POST /api/v1/steps/:stepId/dynamic-data': {
+    action: 'update',
+    subject: 'Flow',
+  },
   'GET /api/v1/connections/:connectionId/flows': {
     action: 'read',
     subject: 'Flow',
   },
+  'POST /api/v1/connections/:connectionId/test': {
+    action: 'update',
+    subject: 'Connection',
+  },
   'GET /api/v1/apps/:appKey/flows': {
     action: 'read',
     subject: 'Flow',
   },
+  'GET /api/v1/apps/:appKey/connections': {
+    action: 'read',
+    subject: 'Connection',
+  },
   'GET /api/v1/executions/:executionId': {
     action: 'read',
     subject: 'Execution',

packages/backend/src/helpers/axios-with-proxy.js

@@ -2,7 +2,7 @@ import axios from 'axios';
 import { HttpsProxyAgent } from 'https-proxy-agent';
 import { HttpProxyAgent } from 'http-proxy-agent';
 
-const config = {};
+const config = axios.defaults;
 const httpProxyUrl = process.env.http_proxy;
 const httpsProxyUrl = process.env.https_proxy;
 const supportsProxy = httpProxyUrl || httpsProxyUrl;

packages/backend/src/helpers/error-handler.js

@@ -2,6 +2,7 @@ import logger from './logger.js';
 import objection from 'objection';
 import * as Sentry from './sentry.ee.js';
 const { NotFoundError, DataError } = objection;
+import HttpError from '../errors/http.js';
 
 // Do not remove `next` argument as the function signature will not fit for an error handler middleware
 // eslint-disable-next-line no-unused-vars
@@ -18,6 +19,17 @@ const errorHandler = (error, request, response, next) => {
     response.status(400).end();
   }
 
+  if (error instanceof HttpError) {
+    const httpErrorPayload = {
+      errors: JSON.parse(error.message),
+      meta: {
+        type: 'HttpError',
+      },
+    };
+
+    response.status(200).json(httpErrorPayload);
+  }
+
   const statusCode = error.statusCode || 500;
 
   logger.error(request.method + ' ' + request.url + ' ' + statusCode);
@@ -37,7 +49,7 @@ const errorHandler = (error, request, response, next) => {
 
 const notFoundAppError = (error) => {
   return (
-    error.message.includes('An application with the') ||
+    error.message.includes('An application with the') &&
     error.message.includes("key couldn't be found.")
   );
 };

packages/backend/src/helpers/morgan.js

@@ -9,7 +9,7 @@ const stream = {
 const registerGraphQLToken = () => {
   morgan.token('graphql-query', (req) => {
     if (req.body.query) {
-      return `GraphQL ${req.body.query}`;
+      return `\n GraphQL ${req.body.query}`;
     }
   });
 };
@@ -17,7 +17,7 @@ const registerGraphQLToken = () => {
 registerGraphQLToken();
 
 const morganMiddleware = morgan(
-  ':method :url :status :res[content-length] - :response-time ms\n:graphql-query',
+  ':method :url :status :res[content-length] - :response-time ms :graphql-query',
   { stream }
 );
 

packages/backend/src/helpers/renderer.js

@@ -44,4 +44,22 @@ const renderObject = (response, object, options) => {
   return response.json(computedPayload);
 };
 
-export { renderObject };
+const renderError = (response, errors, status, type) => {
+  const errorStatus = status || 422;
+  const errorType = type || 'ValidationError';
+
+  const payload = {
+    errors: errors.reduce((acc, error) => {
+      const key = Object.keys(error)[0];
+      acc[key] = error[key];
+      return acc;
+    }, {}),
+    meta: {
+      type: errorType,
+    },
+  };
+
+  return response.status(errorStatus).send(payload);
+};
+
+export { renderObject, renderError };

packages/backend/src/helpers/webhook-handler-sync.js

@@ -75,9 +75,20 @@ export default async (flowId, request, response) => {
       });
 
       if (actionStep.key === 'respondWith' && !response.headersSent) {
+        const { headers, statusCode, body } = actionExecutionStep.dataOut;
+
+        // we set the custom response headers
+        if (headers) {
+          for (const [key, value] of Object.entries(headers)) {
+            if (key) {
+              response.set(key, value);
+            }
+          }
+        }
+
         // we send the response only if it's not sent yet. This allows us to early respond from the flow.
-        response.status(actionExecutionStep.dataOut.statusCode);
+        response.status(statusCode);
-        response.send(actionExecutionStep.dataOut.body);
+        response.send(body);
       }
     }
   }

packages/backend/src/models/app-auth-client.js

@@ -1,7 +1,6 @@
 import AES from 'crypto-js/aes.js';
 import enc from 'crypto-js/enc-utf8.js';
 import appConfig from '../config/app.js';
-import AppConfig from './app-config.js';
 import Base from './base.js';
 
 class AppAuthClient extends Base {
@@ -9,11 +8,11 @@ class AppAuthClient extends Base {
 
   static jsonSchema = {
     type: 'object',
-    required: ['name', 'appConfigId', 'formattedAuthDefaults'],
+    required: ['name', 'appKey', 'formattedAuthDefaults'],
 
     properties: {
       id: { type: 'string', format: 'uuid' },
-      appConfigId: { type: 'string', format: 'uuid' },
+      appKey: { type: 'string' },
       active: { type: 'boolean' },
       authDefaults: { type: ['string', 'null'] },
       formattedAuthDefaults: { type: 'object' },
@@ -22,17 +21,6 @@ class AppAuthClient extends Base {
     },
   };
 
-  static relationMappings = () => ({
-    appConfig: {
-      relation: Base.BelongsToOneRelation,
-      modelClass: AppConfig,
-      join: {
-        from: 'app_auth_clients.app_config_id',
-        to: 'app_configs.id',
-      },
-    },
-  });
-
   encryptData() {
     if (!this.eligibleForEncryption()) return;
 

packages/backend/src/models/app-config.js

@@ -1,6 +1,6 @@
 import App from './app.js';
-import Base from './base.js';
 import AppAuthClient from './app-auth-client.js';
+import Base from './base.js';
 
 class AppConfig extends Base {
   static tableName = 'app_configs';
@@ -18,21 +18,21 @@ class AppConfig extends Base {
     },
   };
 
-  static get virtualAttributes() {
-    return ['canConnect', 'canCustomConnect'];
-  }
-
   static relationMappings = () => ({
     appAuthClients: {
       relation: Base.HasManyRelation,
       modelClass: AppAuthClient,
       join: {
-        from: 'app_configs.id',
+        from: 'app_configs.key',
-        to: 'app_auth_clients.app_config_id',
+        to: 'app_auth_clients.app_key',
       },
     },
   });
 
+  static get virtualAttributes() {
+    return ['canConnect', 'canCustomConnect'];
+  }
+
   get canCustomConnect() {
     return !this.disabled && this.allowCustomConnection;
   }

packages/backend/src/models/connection.js

@@ -153,6 +153,24 @@ class Connection extends Base {
     return await App.findOneByKey(this.key);
   }
 
+  async testAndUpdateConnection() {
+    const app = await this.getApp();
+    const $ = await globalVariable({ connection: this, app });
+
+    let isStillVerified;
+
+    try {
+      isStillVerified = !!(await app.auth.isStillVerified($));
+    } catch {
+      isStillVerified = false;
+    }
+
+    return await this.$query().patchAndFetch({
+      formattedData: this.formattedData,
+      verified: isStillVerified,
+    });
+  }
+
   async verifyWebhook(request) {
     if (!this.key) return true;
 

packages/backend/src/models/flow.js

@@ -160,7 +160,7 @@ class Flow extends Base {
   }
 
   async isPaused() {
-    const user = await this.$relatedQuery('user');
+    const user = await this.$relatedQuery('user').withSoftDeleted();
     const allowedToRunFlows = await user.isAllowedToRunFlows();
     return allowedToRunFlows ? false : true;
   }

packages/backend/src/models/step.js

@@ -7,6 +7,8 @@ import Connection from './connection.js';
 import ExecutionStep from './execution-step.js';
 import Telemetry from '../helpers/telemetry/index.js';
 import appConfig from '../config/app.js';
+import globalVariable from '../helpers/global-variable.js';
+import computeParameters from '../helpers/compute-parameters.js';
 
 class Step extends Base {
   static tableName = 'steps';
@@ -196,6 +198,59 @@ class Step extends Base {
     return existingArguments;
   }
 
+  async createDynamicFields(dynamicFieldsKey, parameters) {
+    const connection = await this.$relatedQuery('connection');
+    const flow = await this.$relatedQuery('flow');
+    const app = await this.getApp();
+    const $ = await globalVariable({ connection, app, flow, step: this });
+
+    const command = app.dynamicFields.find(
+      (data) => data.key === dynamicFieldsKey
+    );
+
+    for (const parameterKey in parameters) {
+      const parameterValue = parameters[parameterKey];
+      $.step.parameters[parameterKey] = parameterValue;
+    }
+
+    const dynamicFields = (await command.run($)) || [];
+
+    return dynamicFields;
+  }
+
+  async createDynamicData(dynamicDataKey, parameters) {
+    const connection = await this.$relatedQuery('connection');
+    const flow = await this.$relatedQuery('flow');
+    const app = await this.getApp();
+    const $ = await globalVariable({ connection, app, flow, step: this });
+
+    const command = app.dynamicData.find((data) => data.key === dynamicDataKey);
+
+    for (const parameterKey in parameters) {
+      const parameterValue = parameters[parameterKey];
+      $.step.parameters[parameterKey] = parameterValue;
+    }
+
+    const lastExecution = await flow.$relatedQuery('lastExecution');
+    const lastExecutionId = lastExecution?.id;
+
+    const priorExecutionSteps = lastExecutionId
+      ? await ExecutionStep.query().where({
+          execution_id: lastExecutionId,
+        })
+      : [];
+
+    const computedParameters = computeParameters(
+      $.step.parameters,
+      priorExecutionSteps
+    );
+
+    $.step.parameters = computedParameters;
+    const dynamicData = (await command.run($)).data;
+
+    return dynamicData;
+  }
+
   async updateWebhookUrl() {
     if (this.isAction) return this;
 

packages/backend/src/models/user.js

@@ -5,7 +5,9 @@ import crypto from 'node:crypto';
 import appConfig from '../config/app.js';
 import { hasValidLicense } from '../helpers/license.ee.js';
 import userAbility from '../helpers/user-ability.js';
+import createAuthTokenByUserId from '../helpers/create-auth-token-by-user-id.js';
 import Base from './base.js';
+import App from './app.js';
 import Connection from './connection.js';
 import Execution from './execution.js';
 import Flow from './flow.js';
@@ -154,6 +156,13 @@ class User extends Base {
     return conditions.isCreator ? this.$relatedQuery('steps') : Step.query();
   }
 
+  get authorizedConnections() {
+    const conditions = this.can('read', 'Connection');
+    return conditions.isCreator
+      ? this.$relatedQuery('connections')
+      : Connection.query();
+  }
+
   get authorizedExecutions() {
     const conditions = this.can('read', 'Execution');
     return conditions.isCreator
@@ -161,6 +170,17 @@ class User extends Base {
       : Execution.query();
   }
 
+  static async authenticate(email, password) {
+    const user = await User.query().findOne({
+      email: email?.toLowerCase() || null,
+    });
+
+    if (user && (await user.login(password))) {
+      const token = createAuthTokenByUserId(user.id);
+      return token;
+    }
+  }
+
   login(password) {
     return bcrypt.compare(password, this.password);
   }
@@ -294,6 +314,56 @@ class User extends Base {
     return invoices;
   }
 
+  async getApps(name) {
+    const connections = await this.authorizedConnections
+      .clone()
+      .select('connections.key')
+      .where({ draft: false })
+      .count('connections.id as count')
+      .groupBy('connections.key');
+
+    const flows = await this.authorizedFlows
+      .clone()
+      .withGraphJoined('steps')
+      .orderBy('created_at', 'desc');
+
+    const duplicatedUsedApps = flows
+      .map((flow) => flow.steps.map((step) => step.appKey))
+      .flat()
+      .filter(Boolean);
+
+    const connectionKeys = connections.map((connection) => connection.key);
+    const usedApps = [...new Set([...duplicatedUsedApps, ...connectionKeys])];
+
+    let apps = await App.findAll(name);
+
+    apps = apps
+      .filter((app) => {
+        return usedApps.includes(app.key);
+      })
+      .map((app) => {
+        const connection = connections.find(
+          (connection) => connection.key === app.key
+        );
+
+        app.connectionCount = connection?.count || 0;
+        app.flowCount = 0;
+
+        flows.forEach((flow) => {
+          const usedFlow = flow.steps.find((step) => step.appKey === app.key);
+
+          if (usedFlow) {
+            app.flowCount += 1;
+          }
+        });
+
+        return app;
+      })
+      .sort((appA, appB) => appA.name.localeCompare(appB.name));
+
+    return apps;
+  }
+
   async $beforeInsert(queryContext) {
     await super.$beforeInsert(queryContext);
 

packages/backend/src/routes/api/v1/access-tokens.js

@@ -0,0 +1,9 @@
+import { Router } from 'express';
+import asyncHandler from 'express-async-handler';
+import createAccessTokenAction from '../../../controllers/api/v1/access-tokens/create-access-token.js';
+
+const router = Router();
+
+router.post('/', asyncHandler(createAccessTokenAction));
+
+export default router;

packages/backend/src/routes/api/v1/admin/apps.ee.js

@@ -3,16 +3,25 @@ import asyncHandler from 'express-async-handler';
 import { authenticateUser } from '../../../../helpers/authentication.js';
 import { authorizeAdmin } from '../../../../helpers/authorization.js';
 import { checkIsEnterprise } from '../../../../helpers/check-is-enterprise.js';
-import getAdminAppAuthClientsAction from '../../../../controllers/api/v1/admin/app-auth-clients/get-app-auth-client.js';
+import getAuthClientsAction from '../../../../controllers/api/v1/admin/apps/get-auth-clients.ee.js';
+import getAuthClientAction from '../../../../controllers/api/v1/admin/apps/get-auth-client.ee.js';
 
 const router = Router();
 
 router.get(
-  '/:appAuthClientId',
+  '/:appKey/auth-clients',
   authenticateUser,
   authorizeAdmin,
   checkIsEnterprise,
-  asyncHandler(getAdminAppAuthClientsAction)
+  asyncHandler(getAuthClientsAction)
+);
+
+router.get(
+  '/:appKey/auth-clients/:appAuthClientId',
+  authenticateUser,
+  authorizeAdmin,
+  checkIsEnterprise,
+  asyncHandler(getAuthClientAction)
 );
 
 export default router;

packages/backend/src/routes/api/v1/app-auth-clients.js

@@ -1,16 +0,0 @@
-import { Router } from 'express';
-import asyncHandler from 'express-async-handler';
-import { authenticateUser } from '../../../helpers/authentication.js';
-import { checkIsEnterprise } from '../../../helpers/check-is-enterprise.js';
-import getAppAuthClientAction from '../../../controllers/api/v1/app-auth-clients/get-app-auth-client.js';
-
-const router = Router();
-
-router.get(
-  '/:appAuthClientId',
-  authenticateUser,
-  checkIsEnterprise,
-  asyncHandler(getAppAuthClientAction)
-);
-
-export default router;

packages/backend/src/routes/api/v1/app-configs.ee.js

@@ -1,16 +0,0 @@
-import { Router } from 'express';
-import asyncHandler from 'express-async-handler';
-import { authenticateUser } from '../../../helpers/authentication.js';
-import { checkIsEnterprise } from '../../../helpers/check-is-enterprise.js';
-import getAppConfigAction from '../../../controllers/api/v1/app-configs/get-app-config.ee.js';
-
-const router = Router();
-
-router.get(
-  '/:appKey',
-  authenticateUser,
-  checkIsEnterprise,
-  asyncHandler(getAppConfigAction)
-);
-
-export default router;

packages/backend/src/routes/api/v1/apps.js

@@ -2,9 +2,14 @@ import { Router } from 'express';
 import asyncHandler from 'express-async-handler';
 import { authenticateUser } from '../../../helpers/authentication.js';
 import { authorizeUser } from '../../../helpers/authorization.js';
+import { checkIsEnterprise } from '../../../helpers/check-is-enterprise.js';
 import getAppAction from '../../../controllers/api/v1/apps/get-app.js';
 import getAppsAction from '../../../controllers/api/v1/apps/get-apps.js';
 import getAuthAction from '../../../controllers/api/v1/apps/get-auth.js';
+import getConnectionsAction from '../../../controllers/api/v1/apps/get-connections.js';
+import getConfigAction from '../../../controllers/api/v1/apps/get-config.ee.js';
+import getAuthClientsAction from '../../../controllers/api/v1/apps/get-auth-clients.ee.js';
+import getAuthClientAction from '../../../controllers/api/v1/apps/get-auth-client.ee.js';
 import getTriggersAction from '../../../controllers/api/v1/apps/get-triggers.js';
 import getTriggerSubstepsAction from '../../../controllers/api/v1/apps/get-trigger-substeps.js';
 import getActionsAction from '../../../controllers/api/v1/apps/get-actions.js';
@@ -17,6 +22,34 @@ router.get('/', authenticateUser, asyncHandler(getAppsAction));
 router.get('/:appKey', authenticateUser, asyncHandler(getAppAction));
 router.get('/:appKey/auth', authenticateUser, asyncHandler(getAuthAction));
 
+router.get(
+  '/:appKey/connections',
+  authenticateUser,
+  authorizeUser,
+  asyncHandler(getConnectionsAction)
+);
+
+router.get(
+  '/:appKey/config',
+  authenticateUser,
+  checkIsEnterprise,
+  asyncHandler(getConfigAction)
+);
+
+router.get(
+  '/:appKey/auth-clients',
+  authenticateUser,
+  checkIsEnterprise,
+  asyncHandler(getAuthClientsAction)
+);
+
+router.get(
+  '/:appKey/auth-clients/:appAuthClientId',
+  authenticateUser,
+  checkIsEnterprise,
+  asyncHandler(getAuthClientAction)
+);
+
 router.get(
   '/:appKey/triggers',
   authenticateUser,

packages/backend/src/routes/api/v1/connections.js

@@ -3,6 +3,7 @@ import asyncHandler from 'express-async-handler';
 import { authenticateUser } from '../../../helpers/authentication.js';
 import { authorizeUser } from '../../../helpers/authorization.js';
 import getFlowsAction from '../../../controllers/api/v1/connections/get-flows.js';
+import createTestAction from '../../../controllers/api/v1/connections/create-test.js';
 
 const router = Router();
 
@@ -13,4 +14,11 @@ router.get(
   asyncHandler(getFlowsAction)
 );
 
+router.post(
+  '/:connectionId/test',
+  authenticateUser,
+  authorizeUser,
+  asyncHandler(createTestAction)
+);
+
 export default router;

packages/backend/src/routes/api/v1/steps.js

@@ -3,6 +3,9 @@ import asyncHandler from 'express-async-handler';
 import { authenticateUser } from '../../../helpers/authentication.js';
 import { authorizeUser } from '../../../helpers/authorization.js';
 import getConnectionAction from '../../../controllers/api/v1/steps/get-connection.js';
+import getPreviousStepsAction from '../../../controllers/api/v1/steps/get-previous-steps.js';
+import createDynamicFieldsAction from '../../../controllers/api/v1/steps/create-dynamic-fields.js';
+import createDynamicDataAction from '../../../controllers/api/v1/steps/create-dynamic-data.js';
 
 const router = Router();
 
@@ -13,4 +16,25 @@ router.get(
   asyncHandler(getConnectionAction)
 );
 
+router.get(
+  '/:stepId/previous-steps',
+  authenticateUser,
+  authorizeUser,
+  asyncHandler(getPreviousStepsAction)
+);
+
+router.post(
+  '/:stepId/dynamic-fields',
+  authenticateUser,
+  authorizeUser,
+  asyncHandler(createDynamicFieldsAction)
+);
+
+router.post(
+  '/:stepId/dynamic-data',
+  authenticateUser,
+  authorizeUser,
+  asyncHandler(createDynamicDataAction)
+);
+
 export default router;

packages/backend/src/routes/api/v1/users.js

@@ -1,9 +1,11 @@
 import { Router } from 'express';
 import asyncHandler from 'express-async-handler';
 import { authenticateUser } from '../../../helpers/authentication.js';
+import { authorizeUser } from '../../../helpers/authorization.js';
 import checkIsCloud from '../../../helpers/check-is-cloud.js';
 import getCurrentUserAction from '../../../controllers/api/v1/users/get-current-user.js';
 import getUserTrialAction from '../../../controllers/api/v1/users/get-user-trial.ee.js';
+import getAppsAction from '../../../controllers/api/v1/users/get-apps.js';
 import getInvoicesAction from '../../../controllers/api/v1/users/get-invoices.ee.js';
 import getSubscriptionAction from '../../../controllers/api/v1/users/get-subscription.ee.js';
 import getPlanAndUsageAction from '../../../controllers/api/v1/users/get-plan-and-usage.ee.js';
@@ -11,6 +13,14 @@ import getPlanAndUsageAction from '../../../controllers/api/v1/users/get-plan-an
 const router = Router();
 
 router.get('/me', authenticateUser, asyncHandler(getCurrentUserAction));
+
+router.get(
+  '/:userId/apps',
+  authenticateUser,
+  authorizeUser,
+  asyncHandler(getAppsAction)
+);
+
 router.get(
   '/invoices',
   authenticateUser,

packages/backend/src/routes/index.js

@@ -4,21 +4,20 @@ import webhooksRouter from './webhooks.js';
 import paddleRouter from './paddle.ee.js';
 import healthcheckRouter from './healthcheck.js';
 import automatischRouter from './api/v1/automatisch.js';
+import accessTokensRouter from './api/v1/access-tokens.js';
 import usersRouter from './api/v1/users.js';
 import paymentRouter from './api/v1/payment.ee.js';
-import appAuthClientsRouter from './api/v1/app-auth-clients.js';
-import appConfigsRouter from './api/v1/app-configs.ee.js';
 import flowsRouter from './api/v1/flows.js';
 import stepsRouter from './api/v1/steps.js';
 import appsRouter from './api/v1/apps.js';
 import connectionsRouter from './api/v1/connections.js';
 import executionsRouter from './api/v1/executions.js';
 import samlAuthProvidersRouter from './api/v1/saml-auth-providers.ee.js';
+import adminAppsRouter from './api/v1/admin/apps.ee.js';
 import adminSamlAuthProvidersRouter from './api/v1/admin/saml-auth-providers.ee.js';
 import rolesRouter from './api/v1/admin/roles.ee.js';
 import permissionsRouter from './api/v1/admin/permissions.ee.js';
 import adminUsersRouter from './api/v1/admin/users.ee.js';
-import adminAppAuthClientsRouter from './api/v1/admin/app-auth-clients.js';
 
 const router = Router();
 
@@ -27,20 +26,19 @@ router.use('/webhooks', webhooksRouter);
 router.use('/paddle', paddleRouter);
 router.use('/healthcheck', healthcheckRouter);
 router.use('/api/v1/automatisch', automatischRouter);
+router.use('/api/v1/access-tokens', accessTokensRouter);
 router.use('/api/v1/users', usersRouter);
 router.use('/api/v1/payment', paymentRouter);
-router.use('/api/v1/app-auth-clients', appAuthClientsRouter);
-router.use('/api/v1/app-configs', appConfigsRouter);
-router.use('/api/v1/flows', flowsRouter);
-router.use('/api/v1/steps', stepsRouter);
 router.use('/api/v1/apps', appsRouter);
 router.use('/api/v1/connections', connectionsRouter);
+router.use('/api/v1/flows', flowsRouter);
+router.use('/api/v1/steps', stepsRouter);
 router.use('/api/v1/executions', executionsRouter);
 router.use('/api/v1/saml-auth-providers', samlAuthProvidersRouter);
-router.use('/api/v1/admin/saml-auth-providers', adminSamlAuthProvidersRouter);
+router.use('/api/v1/admin/apps', adminAppsRouter);
+router.use('/api/v1/admin/users', adminUsersRouter);
 router.use('/api/v1/admin/roles', rolesRouter);
 router.use('/api/v1/admin/permissions', permissionsRouter);
-router.use('/api/v1/admin/users', adminUsersRouter);
+router.use('/api/v1/admin/saml-auth-providers', adminSamlAuthProvidersRouter);
-router.use('/api/v1/admin/app-auth-clients', adminAppAuthClientsRouter);
 
 export default router;

packages/backend/src/serializers/app.js

@@ -1,12 +1,22 @@
 const appSerializer = (app) => {
-  return {
+  let appData = {
-    name: app.name,
     key: app.key,
+    name: app.name,
     iconUrl: app.iconUrl,
+    primaryColor: app.primaryColor,
     authDocUrl: app.authDocUrl,
     supportsConnections: app.supportsConnections,
-    primaryColor: app.primaryColor,
   };
+
+  if (app.connectionCount) {
+    appData.connectionCount = app.connectionCount;
+  }
+
+  if (app.flowCount) {
+    appData.flowCount = app.flowCount;
+  }
+
+  return appData;
 };
 
 export default appSerializer;

packages/backend/src/serializers/flow.js

@@ -6,6 +6,8 @@ const flowSerializer = (flow) => {
     name: flow.name,
     active: flow.active,
     status: flow.status,
+    createdAt: flow.createdAt.getTime(),
+    updatedAt: flow.updatedAt.getTime(),
   };
 
   if (flow.steps?.length > 0) {

packages/backend/src/serializers/flow.test.js

@@ -27,6 +27,8 @@ describe('flowSerializer', () => {
       name: flow.name,
       active: flow.active,
       status: flow.status,
+      createdAt: flow.createdAt.getTime(),
+      updatedAt: flow.updatedAt.getTime(),
     };
 
     expect(flowSerializer(flow)).toEqual(expectedPayload);

packages/backend/src/serializers/step.js

@@ -1,5 +1,7 @@
+import executionStepSerializer from './execution-step.js';
+
 const stepSerializer = (step) => {
-  return {
+  let stepData = {
     id: step.id,
     type: step.type,
     key: step.key,
@@ -10,6 +12,14 @@ const stepSerializer = (step) => {
     position: step.position,
     parameters: step.parameters,
   };
+
+  if (step.executionSteps?.length > 0) {
+    stepData.executionSteps = step.executionSteps.map((executionStep) =>
+      executionStepSerializer(executionStep)
+    );
+  }
+
+  return stepData;
 };
 
 export default stepSerializer;

packages/backend/src/serializers/step.test.js

@@ -1,6 +1,8 @@
 import { describe, it, expect, beforeEach } from 'vitest';
 import { createStep } from '../../test/factories/step';
+import { createExecutionStep } from '../../test/factories/execution-step';
 import stepSerializer from './step';
+import executionStepSerializer from './execution-step';
 
 describe('stepSerializer', () => {
   let step;
@@ -24,4 +26,20 @@ describe('stepSerializer', () => {
 
     expect(stepSerializer(step)).toEqual(expectedPayload);
   });
+
+  it('should return step data with the execution steps', async () => {
+    const executionStepOne = await createExecutionStep({ stepId: step.id });
+    const executionStepTwo = await createExecutionStep({ stepId: step.id });
+
+    step.executionSteps = [executionStepOne, executionStepTwo];
+
+    const expectedPayload = {
+      executionSteps: [
+        executionStepSerializer(executionStepOne),
+        executionStepSerializer(executionStepTwo),
+      ],
+    };
+
+    expect(stepSerializer(step)).toMatchObject(expectedPayload);
+  });
 });

packages/backend/test/factories/app-auth-client.js

@@ -1,5 +1,4 @@
 import { faker } from '@faker-js/faker';
-import { createAppConfig } from './app-config.js';
 import AppAuthClient from '../../src/models/app-auth-client';
 
 const formattedAuthDefaults = {
@@ -12,14 +11,12 @@ const formattedAuthDefaults = {
 export const createAppAuthClient = async (params = {}) => {
   params.name = params?.name || faker.person.fullName();
   params.id = params?.id || faker.string.uuid();
-  params.appConfigId = params?.appConfigId || (await createAppConfig()).id;
+  params.appKey = params?.appKey || 'deepl';
   params.active = params?.active ?? true;
   params.formattedAuthDefaults =
     params?.formattedAuthDefaults || formattedAuthDefaults;
 
-  const appAuthClient = await AppAuthClient.query()
+  const appAuthClient = await AppAuthClient.query().insertAndFetch(params);
-    .insert(params)
-    .returning('*');
 
   return appAuthClient;
 };

packages/backend/test/factories/app-config.js

@@ -1,9 +1,10 @@
 import AppConfig from '../../src/models/app-config.js';
+import { faker } from '@faker-js/faker';
 
 export const createAppConfig = async (params = {}) => {
-  params.key = params?.key || 'gitlab';
+  params.key = params?.key || faker.lorem.word();
 
-  const appConfig = await AppConfig.query().insert(params).returning('*');
+  const appConfig = await AppConfig.query().insertAndFetch(params);
 
   return appConfig;
 };

packages/backend/test/factories/config.js

@@ -7,7 +7,7 @@ export const createConfig = async (params = {}) => {
     value: params?.value || { data: 'sampleConfig' },
   };
 
-  const config = await Config.query().insert(configData).returning('*');
+  const config = await Config.query().insertAndFetch(configData);
 
   return config;
 };

packages/backend/test/factories/execution-step.js

@@ -9,9 +9,7 @@ export const createExecutionStep = async (params = {}) => {
   params.dataIn = params?.dataIn || { dataIn: 'dataIn' };
   params.dataOut = params?.dataOut || { dataOut: 'dataOut' };
 
-  const executionStep = await ExecutionStep.query()
+  const executionStep = await ExecutionStep.query().insertAndFetch(params);
-    .insert(params)
-    .returning('*');
 
   return executionStep;
 };