fix

This reverts commit 4dbd312607.

.github/workflows/build-app-beta.yaml

@@ -6,16 +6,20 @@ name: Electron app BETA
   push:
     tags:
       - v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+
+
+permissions:
+  id-token: write
+  contents: write
+  
 jobs:
   build:
     runs-on: ${{ matrix.os }}
+    environment: dbgate-app
     strategy:
       fail-fast: false
       matrix:
         os:
-          - macos-14
           - windows-2022
-          - ubuntu-22.04
     steps:
       - name: Install python 3.11 (MacOS)
         if: matrix.os == 'macos-14'
@@ -53,12 +57,6 @@ jobs:
         run: |
 
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: fillPackagedPlugins
         run: |
 
@@ -70,17 +68,63 @@ jobs:
         run: |
 
           yarn run build:app
-        env:
-          GH_TOKEN: ${{ secrets.GH_TOKEN }}
-          WIN_CSC_LINK: ${{ secrets.WINCERT_2025 }}
-          WIN_CSC_KEY_PASSWORD: ${{ secrets.WINCERT_2025_PASSWORD }}
-          CSC_LINK: ${{ secrets.APPLECERT_CERTIFICATE }}
-          CSC_KEY_PASSWORD: ${{ secrets.APPLECERT_PASSWORD }}
-          APPLE_ID: ${{ secrets.APPLE_ID }}
-          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
-          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
-          SNAPCRAFT_STORE_CREDENTIALS: ${{secrets.SNAPCRAFT_LOGIN}}
-          APPLE_APP_SPECIFIC_PASSWORD: ${{secrets.APPLE_APP_SPECIFIC_PASSWORD}}
+        # env:
+        #   GH_TOKEN: ${{ secrets.GH_TOKEN }}
+          # WIN_CSC_LINK: ${{ secrets.WINCERT_2025 }}
+          # WIN_CSC_KEY_PASSWORD: ${{ secrets.WINCERT_2025_PASSWORD }}
+
+          # CSC_LINK: ${{ secrets.APPLECERT_CERTIFICATE }}
+          # CSC_KEY_PASSWORD: ${{ secrets.APPLECERT_PASSWORD }}
+          # APPLE_ID: ${{ secrets.APPLE_ID }}
+          # APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+          # APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
+          # SNAPCRAFT_STORE_CREDENTIALS: ${{secrets.SNAPCRAFT_LOGIN}}
+          # APPLE_APP_SPECIFIC_PASSWORD: ${{secrets.APPLE_APP_SPECIFIC_PASSWORD}}
+
+      - name: Check OIDC availability
+        if: matrix.os == 'windows-2022'
+        run: |
+          echo "OIDC URL: $env:ACTIONS_ID_TOKEN_REQUEST_URL"
+          echo "OIDC TOKEN: ${{ steps.none.outputs.nothing || '' }}"
+          echo "Client ID: ${{ secrets.AZURE_TC_CLIENT_ID }}"
+          echo "Tenant ID: ${{ secrets.AZURE_TC_TENANT_ID }}"
+        shell: pwsh
+
+      - name: Azure login (OIDC)
+        uses: azure/login@v2
+        if: matrix.os == 'windows-2022'
+        with:
+          client-id: ${{ secrets.AZURE_TC_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TC_TENANT_ID }}
+          allow-no-subscriptions: true
+
+      - name: Sign Windows artifacts with Azure Trusted Signing
+        uses: azure/trusted-signing-action@v0
+        if: matrix.os == 'windows-2022'
+        with:
+          # azure-tenant-id: ${{ secrets.AZURE_TC_TENANT_ID }}
+          # azure-client-id: ${{ secrets.AZURE_TC_CLIENT_ID }}
+          # azure-client-secret: ${{ secrets.AZURE_CLIENT_SECRET }}
+
+          endpoint: https://wus3.codesigning.azure.net/
+          trusted-signing-account-name: DbGate
+          certificate-profile-name: DbGate-Release
+
+          files-folder: app/dist
+          files-folder-filter: exe
+
+          timestamp-rfc3161: http://timestamp.acs.microsoft.com
+          timestamp-digest: SHA256
+
+      # - name: Repackage Windows
+      #   if: matrix.os == 'windows-2022'
+      #   run: |
+      #     yarn run repackage:app
+
+      - name: Fix YML hashes
+        run: |
+          yarn run fixYmlHashes
+
       - name: Copy artifacts
         run: |
           mkdir artifacts          
@@ -92,6 +136,7 @@ jobs:
           cp app/dist/*win*.exe artifacts/dbgate-beta.exe || true
           cp app/dist/*win_x64.zip artifacts/dbgate-windows-beta.zip || true
           cp app/dist/*win_arm64.zip artifacts/dbgate-windows-beta-arm64.zip || true
+          cp app/dist/*win_arm64.exe artifacts/dbgate-windows-beta-arm64.exe || true
           cp app/dist/*-mac_universal.dmg artifacts/dbgate-beta.dmg || true
           cp app/dist/*-mac_x64.dmg artifacts/dbgate-beta-x64.dmg || true
           cp app/dist/*-mac_arm64.dmg artifacts/dbgate-beta-arm64.dmg || true
@@ -104,10 +149,17 @@ jobs:
           mv app/dist/*.deb artifacts/ || true
           mv app/dist/*.snap artifacts/ || true
           mv app/dist/*.dmg artifacts/ || true
-          mv app/dist/*.blockmap artifacts/ || true
 
           mv app/dist/*.yml artifacts/ || true
           rm artifacts/builder-debug.yml
+
+      # - name: Verify Windows signature
+      #   if: matrix.os == 'windows-2022'
+      #   run: |
+      #     "C:\Program Files (x86)\Windows Kits\10\App Certification Kit\signtool.exe" verify /pa /v "artifacts/dbgate-beta.exe"
+      #     Get-AuthenticodeSignature "artifacts/dbgate-beta.exe" | Format-List
+      #   shell: pwsh
+
       - name: Upload artifacts
         uses: actions/upload-artifact@v4
         with:

.github/workflows/build-app-check.yaml

@@ -49,12 +49,6 @@ jobs:
         run: |
 
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: fillPackagedPlugins
         run: |
 
@@ -88,6 +82,7 @@ jobs:
           cp app/dist/*win*.exe artifacts/dbgate-check.exe || true
           cp app/dist/*win_x64.zip artifacts/dbgate-windows-check.zip || true
           cp app/dist/*win_arm64.zip artifacts/dbgate-windows-check-arm64.zip || true
+          cp app/dist/*win_arm64.exe artifacts/dbgate-windows-check-arm64.exe || true
           cp app/dist/*-mac_universal.dmg artifacts/dbgate-check.dmg || true
           cp app/dist/*-mac_x64.dmg artifacts/dbgate-check-x64.dmg || true
           cp app/dist/*-mac_arm64.dmg artifacts/dbgate-check-arm64.dmg || true

.github/workflows/build-app-pro-beta.yaml

@@ -39,7 +39,7 @@ jobs:
           repository: dbgate/dbgate-pro
           token: ${{ secrets.GH_TOKEN }}
           path: dbgate-pro
-          ref: 36b6ce878c3c0a0c9623163c8a8b3bdeefc7da53
+          ref: 11203754aad94189b565c2816d37760b15c8e07f
       - name: Merge dbgate/dbgate-pro
         run: |
           mkdir ../dbgate-pro
@@ -81,14 +81,6 @@ jobs:
           cd dbgate-merged
 
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-          cd ..
-          cd dbgate-merged
-
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: fillPackagedPlugins
         run: |
           cd ..
@@ -123,6 +115,7 @@ jobs:
           cp ../dbgate-merged/app/dist/*win*.exe artifacts/dbgate-premium-beta.exe || true
           cp ../dbgate-merged/app/dist/*win_x64.zip artifacts/dbgate-windows-premium-beta.zip || true
           cp ../dbgate-merged/app/dist/*win_arm64.zip artifacts/dbgate-windows-premium-beta-arm64.zip || true
+          cp ../dbgate-merged/app/dist/*win_arm64.exe artifacts/dbgate-windows-premium-beta-arm64.exe || true
           cp ../dbgate-merged/app/dist/*-mac_universal.dmg artifacts/dbgate-premium-beta.dmg || true
           cp ../dbgate-merged/app/dist/*-mac_x64.dmg artifacts/dbgate-premium-beta-x64.dmg || true
           cp ../dbgate-merged/app/dist/*-mac_arm64.dmg artifacts/dbgate-premium-beta-arm64.dmg || true

.github/workflows/build-app-pro.yaml

@@ -39,7 +39,7 @@ jobs:
           repository: dbgate/dbgate-pro
           token: ${{ secrets.GH_TOKEN }}
           path: dbgate-pro
-          ref: 36b6ce878c3c0a0c9623163c8a8b3bdeefc7da53
+          ref: 11203754aad94189b565c2816d37760b15c8e07f
       - name: Merge dbgate/dbgate-pro
         run: |
           mkdir ../dbgate-pro
@@ -81,14 +81,6 @@ jobs:
           cd dbgate-merged
 
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-          cd ..
-          cd dbgate-merged
-
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: fillPackagedPlugins
         run: |
           cd ..
@@ -123,6 +115,7 @@ jobs:
           cp ../dbgate-merged/app/dist/*win*.exe artifacts/dbgate-premium-latest.exe || true
           cp ../dbgate-merged/app/dist/*win_x64.zip artifacts/dbgate-windows-premium-latest.zip || true
           cp ../dbgate-merged/app/dist/*win_arm64.zip artifacts/dbgate-windows-premium-latest-arm64.zip || true
+          cp ../dbgate-merged/app/dist/*win_arm64.exe artifacts/dbgate-windows-premium-latest-arm64.exe || true
           cp ../dbgate-merged/app/dist/*-mac_universal.dmg artifacts/dbgate-premium-latest.dmg || true
           cp ../dbgate-merged/app/dist/*-mac_x64.dmg artifacts/dbgate-premium-latest-x64.dmg || true
           cp ../dbgate-merged/app/dist/*-mac_arm64.dmg artifacts/dbgate-premium-latest-arm64.dmg || true

.github/workflows/build-app.yaml

@@ -13,9 +13,7 @@ jobs:
       fail-fast: false
       matrix:
         os:
-          - macos-14
           - windows-2022
-          - ubuntu-22.04
     steps:
       - name: Install python 3.11 (MacOS)
         if: matrix.os == 'macos-14'
@@ -49,12 +47,6 @@ jobs:
         run: |
 
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: fillPackagedPlugins
         run: |
 
@@ -68,8 +60,8 @@ jobs:
           yarn run build:app
         env:
           GH_TOKEN: ${{ secrets.GH_TOKEN }}
-          WIN_CSC_LINK: ${{ secrets.WINCERT_2025 }}
-          WIN_CSC_KEY_PASSWORD: ${{ secrets.WINCERT_2025_PASSWORD }}
+          # WIN_CSC_LINK: ${{ secrets.WINCERT_2025 }}
+          # WIN_CSC_KEY_PASSWORD: ${{ secrets.WINCERT_2025_PASSWORD }}
           CSC_LINK: ${{ secrets.APPLECERT_CERTIFICATE }}
           CSC_KEY_PASSWORD: ${{ secrets.APPLECERT_PASSWORD }}
           APPLE_ID: ${{ secrets.APPLE_ID }}
@@ -80,6 +72,24 @@ jobs:
       - name: generatePadFile
         run: |
           yarn generatePadFile
+
+
+      - name: Sign Windows artifacts with Azure Trusted Signing
+        uses: azure/trusted-signing-action@v0
+        with:
+          azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
+
+          endpoint: https://wus3.codesigning.azure.net/
+          trusted-signing-account-name: DbGate
+          certificate-profile-name: DbGate-Release
+
+          files-folder: app/dist
+          files-folder-filter: exe
+
+          timestamp-rfc3161: http://timestamp.acs.microsoft.com
+          timestamp-digest: SHA256
+
       - name: Copy artifacts
         run: |
           mkdir artifacts          
@@ -91,6 +101,7 @@ jobs:
           cp app/dist/*win*.exe artifacts/dbgate-latest.exe || true
           cp app/dist/*win_x64.zip artifacts/dbgate-windows-latest.zip || true
           cp app/dist/*win_arm64.zip artifacts/dbgate-windows-latest-arm64.zip || true
+          cp app/dist/*win_arm64.exe artifacts/dbgate-windows-latest-arm64.exe || true
           cp app/dist/*-mac_universal.dmg artifacts/dbgate-latest.dmg || true
           cp app/dist/*-mac_x64.dmg artifacts/dbgate-latest-x64.dmg || true
           cp app/dist/*-mac_arm64.dmg artifacts/dbgate-latest-arm64.dmg || true

.github/workflows/build-cloud-pro.yaml

@@ -39,7 +39,7 @@ jobs:
           repository: dbgate/dbgate-pro
           token: ${{ secrets.GH_TOKEN }}
           path: dbgate-pro
-          ref: 36b6ce878c3c0a0c9623163c8a8b3bdeefc7da53
+          ref: 11203754aad94189b565c2816d37760b15c8e07f
       - name: Merge dbgate/dbgate-pro
         run: |
           mkdir ../dbgate-pro
@@ -66,13 +66,6 @@ jobs:
           cd ..
           cd dbgate-merged
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-          cd ..
-          cd dbgate-merged
-            yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: Prepare packer build
         run: |
           cd ..

.github/workflows/build-docker-pro.yaml

@@ -44,7 +44,7 @@ jobs:
           repository: dbgate/dbgate-pro
           token: ${{ secrets.GH_TOKEN }}
           path: dbgate-pro
-          ref: 36b6ce878c3c0a0c9623163c8a8b3bdeefc7da53
+          ref: 11203754aad94189b565c2816d37760b15c8e07f
       - name: Merge dbgate/dbgate-pro
         run: |
           mkdir ../dbgate-pro
@@ -76,14 +76,6 @@ jobs:
           cd dbgate-merged
 
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-          cd ..
-          cd dbgate-merged
-
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: Prepare docker image
         run: |
           cd ..

.github/workflows/build-docker.yaml

@@ -1,101 +0,0 @@
-# --------------------------------------------------------------------------------------------
-# This file is generated. Do not edit manually
-# --------------------------------------------------------------------------------------------
-name: Docker image Community
-'on':
-  push:
-    tags:
-      - v[0-9]+.[0-9]+.[0-9]+
-      - v[0-9]+.[0-9]+.[0-9]+-beta.[0-9]+
-jobs:
-  build:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os:
-          - ubuntu-22.04
-    steps:
-      - name: Context
-        env:
-          GITHUB_CONTEXT: ${{ toJson(github) }}
-        run: echo "$GITHUB_CONTEXT"
-      - uses: actions/checkout@v2
-        with:
-          fetch-depth: 1
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: dbgate/dbgate
-          flavor: |
-            latest=false
-          tags: |
-            type=raw,value=beta,enable=${{ contains(github.ref_name, '-docker.') || contains(github.ref_name, '-beta.') }}
-
-            type=match,pattern=\d+.\d+.\d+,enable=${{ !contains(github.ref_name, '-docker.') && !contains(github.ref_name, '-beta.') }}
-            type=raw,value=latest,enable=${{ !contains(github.ref_name, '-docker.') && !contains(github.ref_name, '-beta.') }}
-      - name: Docker alpine meta
-        id: alpmeta
-        uses: docker/metadata-action@v4
-        with:
-          images: |
-            dbgate/dbgate
-          flavor: |
-            latest=false
-          tags: |
-            type=raw,value=beta-alpine,enable=${{ contains(github.ref_name, '-docker.') || contains(github.ref_name, '-beta.') }}
-
-            type=match,pattern=\d+.\d+.\d+,suffix=-alpine,enable=${{ !contains(github.ref_name, '-docker.') && !contains(github.ref_name, '-beta.') }}
-            type=raw,value=alpine,enable=${{ !contains(github.ref_name, '-docker.') && !contains(github.ref_name, '-beta.') }}
-      - name: Use Node.js 22.x
-        uses: actions/setup-node@v1
-        with:
-          node-version: 22.x
-      - name: adjustPackageJson
-        run: |
-
-          node adjustPackageJson --community
-      - name: yarn install
-        run: |
-
-          # yarn --version
-          # yarn config set network-timeout 300000
-          yarn install
-      - name: setCurrentVersion
-        run: |
-
-          yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
-      - name: Prepare docker image
-        run: |
-
-          yarn run prepare:docker
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      - name: Login to DockerHub
-        uses: docker/login-action@v2
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}
-      - name: Build and push
-        uses: docker/build-push-action@v3
-        with:
-          push: true
-          context: ./docker
-          tags: ${{ steps.meta.outputs.tags }}
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
-      - name: Build and push alpine
-        uses: docker/build-push-action@v3
-        with:
-          push: true
-          context: ./docker
-          file: ./docker/Dockerfile-alpine
-          tags: ${{ steps.alpmeta.outputs.tags }}
-          platforms: linux/amd64,linux/arm64,linux/arm/v7

.github/workflows/build-npm-pro.yaml

@@ -32,7 +32,7 @@ jobs:
           repository: dbgate/dbgate-pro
           token: ${{ secrets.GH_TOKEN }}
           path: dbgate-pro
-          ref: 36b6ce878c3c0a0c9623163c8a8b3bdeefc7da53
+          ref: 11203754aad94189b565c2816d37760b15c8e07f
       - name: Merge dbgate/dbgate-pro
         run: |
           mkdir ../dbgate-pro
@@ -71,13 +71,6 @@ jobs:
           cd ..
           cd dbgate-merged
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-          cd ..
-          cd dbgate-merged
-            yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: Publish dbgate-api-premium
         run: |
           cd ..

.github/workflows/build-npm.yaml

@@ -37,11 +37,6 @@ jobs:
       - name: setCurrentVersion
         run: |
           yarn setCurrentVersion
-      - name: printSecrets
-        run: |
-          yarn printSecrets
-        env:
-          GIST_UPLOAD_SECRET: ${{secrets.GIST_UPLOAD_SECRET}}
       - name: Publish types
         working-directory: packages/types
         run: |

.github/workflows/e2e-pro.yaml

@@ -26,7 +26,7 @@ jobs:
           repository: dbgate/dbgate-pro
           token: ${{ secrets.GH_TOKEN }}
           path: dbgate-pro
-          ref: 36b6ce878c3c0a0c9623163c8a8b3bdeefc7da53
+          ref: 11203754aad94189b565c2816d37760b15c8e07f
       - name: Merge dbgate/dbgate-pro
         run: |
           mkdir ../dbgate-pro
@@ -107,7 +107,7 @@ jobs:
         ports:
           - '16009:5556'
       mongo:
-        image: mongo:4.0.12
+        image: mongo:4.4.29
         env:
           MONGO_INITDB_ROOT_USERNAME: root
           MONGO_INITDB_ROOT_PASSWORD: Pwd2020Db

.github/workflows/run-tests.yaml

@@ -83,7 +83,7 @@ jobs:
         ports:
           - '15002:1433'
       clickhouse-integr:
-        image: bitnami/clickhouse:24.8.4
+        image: bitnamilegacy/clickhouse:24.8.4
         env:
           CLICKHOUSE_ADMIN_PASSWORD: Pwd2020Db
         ports:

.github/workflows/winsigntest.yaml

@@ -0,0 +1,39 @@
+# --------------------------------------------------------------------------------------------
+# This file is generated. Do not edit manually
+# --------------------------------------------------------------------------------------------
+name: WinSignTest
+'on':
+  push:
+    branches:
+      - winsign
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    environment: dbgate-app
+    strategy:
+      fail-fast: false
+      matrix:
+        os:
+          - windows-2022
+    steps:
+      - name: Check OIDC availability
+        if: matrix.os == 'windows-2022'
+        run: |
+          echo "OIDC URL: $env:ACTIONS_ID_TOKEN_REQUEST_URL"
+          echo "OIDC TOKEN: ${{ steps.none.outputs.nothing || '' }}"
+          echo "Client ID: ${{ secrets.AZURE_TC_CLIENT_ID }}"
+          echo "Tenant ID: ${{ secrets.AZURE_TC_TENANT_ID }}"
+        shell: pwsh
+
+      - name: Azure login (OIDC)
+        uses: azure/login@v2
+        if: matrix.os == 'windows-2022'
+        with:
+          client-id: ${{ secrets.AZURE_TC_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TC_TENANT_ID }}
+          allow-no-subscriptions: true

CHANGELOG.md

@@ -8,6 +8,49 @@ Builds:
  - linux - application for linux
  - win - application for Windows
 
+## 6.6.5
+- ADDED: SQL AI assistant - powered by database chat, could help you to write SQL queries (Premium)
+- ADDED: Explain SQL error (powered by AI) (Premium)
+- ADDED: Database chat (and SQL AI Assistant) now supports showing charts (Premium)
+- FIXED: Fxied editing new files and roles (Team Premium)
+- FIXED: Connection to standalone database could be now pinned
+
+## 6.6.4
+- ADDED: AI Database chat now supports much more LLM models. (Premium)
+- ADDED: Possibility to use your own API key with OPENAI-compatible providers (OpenRouter, Antropic...)
+- ADDED: Possibility to use self-hosted own LLM (eg. Llama)
+- ADDED: Team files - save SQL files and define shared charts, assign roles and users to these objects (Team Premium)
+- FIXED: BUG: does no longer work with Cockroach DB #1202
+- FIXED: DbGate Web UI Connections do not display 'Databases' #1199
+- CHANGED: Redesign fof applications. Applications are now storted in single JSON file
+- ADDED: Application editor (Premium)
+- ADDED: Posibility to filter only tables with rows
+- FIXED: Fixed several issues with large Firebird databases
+- CHANGED: Community edition now supports shared folders in read-only mode
+
+## 6.6.3
+- FIXED: Error “db.getCollection(…).renameCollection is not a function” when renaming collection in dbGate #1198
+- FIXED: Can't list databases from Azure SQL SERVER #1197
+- ADDED: Save zoom level in electron apps
+
+## 6.6.2
+- ADDED: List of processes, ability to kill process (Server summary) #1178
+- ADDED: Database and table permissions (Team Premium edition)
+- ADDED: Redis search box - Scan all #1191
+- FIXED: Optimalized loading SQL server with descriptions #1187
+- CHANGED: Allow a much greater page size #1185
+- FIXED: Optimalized loading SQL server with descriptions #1187
+- FIXED: Executing queries for SQLite crash #1195
+
+## 6.6.1
+- ADDED: Support for Mongo shell (Premium) - #1114
+- FIXED: Support for BLOB in Oracle #1181
+- ADDED: Connect to named SQL Server instance #340
+- ADDED: Support for SQL Server descriptions #1137
+- ADDED: Application log viewer
+- FIXED: Selecting default database in connection dialog
+- CHANGED: Improved logging system, added related database and connection to logs metadata
+
 ## 6.6.0
 - ADDED: Database chat - AI powered chatbot, which knows your database (Premium)
 - ADDED: Firestore support (Premium)

README.md

@@ -15,12 +15,13 @@ But there are also many advanced features like schema compare, visual query desi
 DbGate is licensed under GPL-3.0 license and is free to use for any purpose.
 
 * Try it online - [demo.dbgate.org](https://demo.dbgate.org) - online demo application
-* **Download** application for Windows, Linux or Mac from [dbgate.io](https://dbgate.io/download/)
+* **Download** application for Windows, Linux or Mac from [dbgate.io](https://www.dbgate.io/download/)
 * Looking for DbGate Community? **Download** from [dbgate.org](https://dbgate.org/download/)
 * Run web version as [NPM package](https://www.npmjs.com/package/dbgate-serve) or as [docker image](https://hub.docker.com/r/dbgate/dbgate)
 * Use nodeJs [scripting interface](https://docs.dbgate.io/scripting) ([API documentation](https://docs.dbgate.io/apidoc))
 * [Recommend DbGate](https://testimonial.to/dbgate) | [Rate on G2](https://www.g2.com/products/dbgate/reviews)
 * [Give us feedback](https://dbgate.org/feedback) - it will help us to decide, how to improve DbGate in future
+* We [offer 2-year PREMIUM license](https://dbgate.org/review/) for any honest review on these platforms (time-limited offer)
 
 ## Supported databases
 * MySQL
@@ -91,8 +92,8 @@ DbGate is licensed under GPL-3.0 license and is free to use for any purpose.
 Any contributions are welcome. If you want to contribute without coding, consider following:
 
 * Tell your friends about DbGate or share on social networks - when more people will use DbGate, it will grow to be better
-* Purchase a [DbGate Premium](https://dbgate.io/purchase/premium/) liocense
-* Write review on [Slant.co](https://www.slant.co/improve/options/41086/~dbgate-review) or [G2](https://www.g2.com/products/dbgate/reviews) 
+* Purchase a [DbGate Premium](https://www.dbgate.io/purchase/premium/) license
+* Write review on [Product Hunt](https://www.producthunt.com/products/dbgate) or [G2](https://www.g2.com/products/dbgate/reviews) - we offer [2-year PREMIUM license](https://dbgate.org/review/) for reviewers (time limited offer)
 * Create issue, if you find problem in app, or you have idea to new feature. If issue already exists, you could leave comment on it, to prioritise most wanted issues
 * Create some tutorial video on [youtube](https://www.youtube.com/playlist?list=PLCo7KjCVXhr0RfUSjM9wJMsp_ShL1q61A)
 * Become a backer on [GitHub sponsors](https://github.com/sponsors/dbgate) or [Open collective](https://opencollective.com/dbgate)

app/package.json

@@ -117,8 +117,9 @@
   "scripts": {
     "start": "cross-env ELECTRON_START_URL=http://localhost:5001 DEVMODE=1 electron .",
     "start:local": "cross-env electron .",
-    "dist": "electron-builder",
+    "dist": "electron-builder --publish never",
     "build": "cd ../packages/api && yarn build && cd ../web && yarn build && cd ../../app && yarn dist",
+    "repackage": "electron-builder --prepackaged app/dist --publish never",
     "build:local": "cd ../packages/api && yarn build && cd ../web && yarn build && cd ../../app && yarn predist",
     "postinstall": "yarn rebuild && patch-package",
     "rebuild": "electron-builder install-app-deps",

app/src/electron.js

@@ -212,6 +212,10 @@ ipcMain.on('app-started', async (event, arg) => {
       autoUpdater.checkForUpdates();
     }
   }
+
+  if (initialConfig['winZoomLevel'] != null) {
+    mainWindow.webContents.zoomLevel = initialConfig['winZoomLevel'];
+  }
 });
 ipcMain.on('window-action', async (event, arg) => {
   if (!mainWindow) {
@@ -394,6 +398,7 @@ function createWindow() {
             JSON.stringify({
               winBounds: mainWindow.getBounds(),
               winIsMaximized: mainWindow.isMaximized(),
+              winZoomLevel: mainWindow.webContents.zoomLevel,
             }),
             'utf-8'
           );

app/src/mainMenuDefinition.js

@@ -10,6 +10,7 @@ module.exports = ({ editMenu, isMac }) => [
       { command: 'new.queryDesign', hideDisabled: true },
       { command: 'new.diagram', hideDisabled: true },
       { command: 'new.perspective', hideDisabled: true },
+      { command: 'new.application', hideDisabled: true },
       { command: 'new.shell', hideDisabled: true },
       { command: 'new.jsonl', hideDisabled: true },
       { command: 'new.modelTransform', hideDisabled: true },
@@ -86,7 +87,6 @@ module.exports = ({ editMenu, isMac }) => [
       { divider: true },
       { command: 'folder.showLogs', hideDisabled: true },
       { command: 'folder.showData', hideDisabled: true },
-      { command: 'new.gist', hideDisabled: true },
       { command: 'app.resetSettings', hideDisabled: true },
       { divider: true },
       { command: 'app.exportConnections', hideDisabled: true },
@@ -108,7 +108,7 @@ module.exports = ({ editMenu, isMac }) => [
       { command: 'app.openWeb', hideDisabled: true },
       { command: 'app.openIssue', hideDisabled: true },
       { command: 'app.openSponsoring', hideDisabled: true },
-      { command: 'app.giveFeedback', hideDisabled: true },
+      // { command: 'app.giveFeedback', hideDisabled: true },
       { divider: true },
       { command: 'settings.commands', hideDisabled: true },
       { command: 'tabs.changelog', hideDisabled: true },

common/assign-dbgm-codes.mjs

@@ -0,0 +1,129 @@
+#!/usr/bin/env node
+// assign-dbgm-codes.mjs
+import fs from 'fs/promises';
+import path from 'path';
+
+const PLACEHOLDER = 'DBGM-00000';
+const CODE_RE = /DBGM-(\d{5})/g;
+const JS_TS_RE = /\.(mjs|cjs|js|ts|jsx|tsx)$/i;
+
+const IGNORE_DIRS = new Set([
+  'node_modules',
+  '.git',
+  '.hg',
+  '.svn',
+  'dist',
+  'build',
+  'out',
+  '.next',
+  '.turbo',
+  '.cache',
+]);
+const IGNORE_FILES = ['assign-dbgm-codes.mjs', 'package.json', 'README.md'];
+
+// --- CLI ---
+const args = process.argv.slice(2);
+const dryRun = args.includes('--dry');
+const rootArg = args.find(a => a !== '--dry') || process.cwd();
+const root = path.resolve(rootArg);
+
+// --- helpers ---
+async function* walk(dir) {
+  const entries = await fs.readdir(dir, { withFileTypes: true });
+  for (const e of entries) {
+    if (e.isDirectory()) {
+      if (IGNORE_DIRS.has(e.name)) continue;
+      yield* walk(path.join(dir, e.name));
+    } else if (e.isFile()) {
+      if (JS_TS_RE.test(e.name) && !IGNORE_FILES.includes(e.name)) yield path.join(dir, e.name);
+    }
+  }
+}
+
+function formatCode(n) {
+  return `DBGM-${String(n).padStart(5, '0')}`;
+}
+
+// Find the smallest positive integer not in `taken`
+function makeNextCodeFn(taken) {
+  let n = 1;
+  // advance n to first free
+  while (taken.has(n)) n++;
+  return () => {
+    const code = n;
+    taken.add(code);
+    // move n to next free for next call
+    do {
+      n++;
+    } while (taken.has(n));
+    return formatCode(code);
+  };
+}
+
+// --- main ---
+(async () => {
+  console.log(`Scanning: ${root} ${dryRun ? '(dry run)' : ''}`);
+
+  // 1) Collect all taken codes across the repo
+  const taken = new Set(); // numeric parts only
+  const files = [];
+  for await (const file of walk(root)) files.push(file);
+
+  await Promise.all(
+    files.map(async file => {
+      try {
+        const text = await fs.readFile(file, 'utf8');
+        for (const m of text.matchAll(CODE_RE)) {
+          const num = Number(m[1]);
+          if (Number.isInteger(num) && num > 0) taken.add(num);
+        }
+      } catch (err) {
+        console.warn(`! Failed to read ${file}: ${err.message}`);
+      }
+    })
+  );
+
+  console.log(`Found ${taken.size} occupied code(s).`);
+
+  // 2) Replace placeholders with next available unique code
+  const nextCode = makeNextCodeFn(taken);
+
+  let filesChanged = 0;
+  let placeholdersReplaced = 0;
+
+  for (const file of files) {
+    let text;
+    try {
+      text = await fs.readFile(file, 'utf8');
+    } catch (err) {
+      console.warn(`! Failed to read ${file}: ${err.message}`);
+      continue;
+    }
+
+    if (!text.includes(PLACEHOLDER)) continue;
+
+    let countInFile = 0;
+    const updated = text.replaceAll(PLACEHOLDER, () => {
+      countInFile++;
+      return nextCode();
+    });
+
+    if (countInFile > 0) {
+      placeholdersReplaced += countInFile;
+      filesChanged++;
+      console.log(`${dryRun ? '[dry]' : '[write]'} ${file} — ${countInFile} replacement(s)`);
+      if (!dryRun) {
+        try {
+          await fs.writeFile(file, updated, 'utf8');
+        } catch (err) {
+          console.warn(`! Failed to write ${file}: ${err.message}`);
+        }
+      }
+    }
+  }
+
+  console.log(`Done. Files changed: ${filesChanged}, placeholders replaced: ${placeholdersReplaced}.`);
+})().catch(err => {
+  console.error(err);
+  process.exit(1);
+});

common/fixYmlHashes.js

@@ -0,0 +1,109 @@
+// scripts/fixYmlHashes.mjs
+import fs from "node:fs/promises";
+import { createHash } from "node:crypto";
+import path from "node:path";
+import process from "node:process";
+import { fileURLToPath } from "node:url";
+import YAML from "yaml";
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+async function sha512Base64(filePath) {
+  const buf = await fs.readFile(filePath);
+  const h = createHash("sha512");
+  h.update(buf);
+  return h.digest("base64");
+}
+
+async function fileSize(filePath) {
+  const st = await fs.stat(filePath);
+  return st.size;
+}
+
+async function fixOneYaml(ymlPath, distDir) {
+  let raw;
+  try {
+    raw = await fs.readFile(ymlPath, "utf8");
+  } catch (e) {
+    console.error(`✗ Cannot read ${ymlPath}:`, e.message);
+    return;
+  }
+
+  let doc;
+  try {
+    doc = YAML.parse(raw);
+  } catch (e) {
+    console.error(`✗ Cannot parse YAML ${ymlPath}:`, e.message);
+    return;
+  }
+
+  if (!doc || !Array.isArray(doc.files)) {
+    console.warn(`! ${path.basename(ymlPath)} has no 'files' array — skipped.`);
+    return;
+  }
+
+  let changed = false;
+
+  // Update each files[i].sha512 and files[i].size based on files[i].url
+  for (const entry of doc.files) {
+    if (!entry?.url) continue;
+
+    const target = path.resolve(distDir, entry.url);
+    try {
+      const [hash, size] = await Promise.all([sha512Base64(target), fileSize(target)]);
+      if (entry.sha512 !== hash || entry.size !== size) {
+        console.log(`• ${path.basename(ymlPath)}: refresh ${entry.url}`);
+        entry.sha512 = hash;
+        entry.size = size;
+        changed = true;
+      }
+    } catch (e) {
+      console.warn(`! Missing or unreadable file for ${entry.url} (referenced by ${path.basename(ymlPath)}): ${e.message}`);
+    }
+  }
+
+  // Update top-level sha512 for the primary "path" file if present
+  if (doc.path) {
+    const primary = path.resolve(distDir, doc.path);
+    try {
+      const hash = await sha512Base64(primary);
+      if (doc.sha512 !== hash) {
+        console.log(`• ${path.basename(ymlPath)}: refresh top-level sha512 for path=${doc.path}`);
+        doc.sha512 = hash;
+        changed = true;
+      }
+    } catch (e) {
+      console.warn(`! Primary 'path' file not found for ${path.basename(ymlPath)}: ${doc.path} (${e.message})`);
+    }
+  }
+
+  if (changed) {
+    const out = YAML.stringify(doc);
+    await fs.writeFile(ymlPath, out, "utf8");
+    console.log(`✓ Updated ${path.basename(ymlPath)}`);
+  } else {
+    console.log(`= No changes for ${path.basename(ymlPath)}`);
+  }
+}
+
+async function main() {
+  const distDir = path.resolve(process.argv[2] ?? path.join(__dirname, "..", "app", "dist"));
+  const entries = await fs.readdir(distDir);
+  const ymls = entries.filter(f => f.toLowerCase().endsWith(".yml"));
+
+  if (ymls.length === 0) {
+    console.warn(`No .yml files found in ${distDir}`);
+    return;
+  }
+
+  console.log(`Scanning ${distDir}`);
+  for (const y of ymls) {
+    await fixOneYaml(path.join(distDir, y), distDir);
+  }
+}
+
+main().catch(err => {
+  console.error(err);
+  process.exit(1);
+});

e2e-tests/cypress/e2e/add-connection.cy.js

@@ -119,4 +119,17 @@ describe('Add connection', () => {
     cy.contains('Export connections').click();
     cy.themeshot('export-connections');
   });
+
+  it('configure LLM provider', () => {
+    cy.testid('WidgetIconPanel_settings').click();
+    cy.contains('Settings').click();
+    cy.contains('AI').click();
+    cy.testid('AiSupportedProvidersInfo_add_OpenRouter').click();
+    cy.testid('AiProviderCard_apikey_OpenRouter').clear().type('xxx');
+    cy.testid('AiProviderCard_testButton_OpenRouter').click();
+    cy.testid('AiProviderCard_statusValid_OpenRouter').should('exist');
+    cy.testid('AiProviderCard_editButton_OpenRouter').click();
+    cy.wait(1000);
+    cy.themeshot('llm-providers-settings');
+  });
 });

e2e-tests/cypress/e2e/browse-data.cy.js

@@ -277,6 +277,14 @@ describe('Data browser data', () => {
     cy.testid('CommandPalette_main').themeshot('command-palette', { padding: 50 });
   });
 
+  it('About window', () => {
+    cy.contains('Connections');
+    cy.testid('WidgetIconPanel_menu').click();
+    cy.contains('Help').click();
+    cy.contains('About').click();
+    cy.testid('ModalBase_window').themeshot('about-window', { padding: 50 });
+  });
+
   it('Show map', () => {
     cy.contains('Postgres-connection').click();
     cy.contains('PgGeoData').click();
@@ -381,27 +389,6 @@ describe('Data browser data', () => {
     cy.themeshot('compare-database-settings');
   });
 
-  it('Database chat', () => {
-    cy.contains('MySql-connection').click();
-    cy.contains('MyChinook').click();
-    cy.testid('TabsPanel_buttonNewObject').click();
-    cy.testid('NewObjectModal_databaseChat').click();
-    cy.wait(1000);
-    cy.get('body').realType('find most popular artist');
-    cy.get('body').realPress('{enter}');
-    cy.testid('DatabaseChatTab_executeAllQueries', { timeout: 20000 }).click();
-    cy.wait(20000);
-    // cy.contains('Iron Maiden');
-    cy.themeshot('database-chat');
-
-    // cy.testid('DatabaseChatTab_promptInput').click();
-    // cy.get('body').realType('I need top 10 songs with the biggest income');
-    // cy.get('body').realPress('{enter}');
-    // cy.contains('Hot Girl', { timeout: 20000 });
-    // cy.wait(1000);
-    // cy.themeshot('database-chat');
-  });
-
   it('Modify data', () => {
     // TODO FIX: delete references cascade not working
     cy.contains('MySql-connection').click();

e2e-tests/cypress/e2e/charts.cy.js

@@ -109,4 +109,62 @@ describe('Charts', () => {
     cy.contains('Compare database');
     cy.themeshot('new-object-window');
   });
+
+  it('Database chat - charts', () => {
+    cy.contains('MySql-connection').click();
+    cy.contains('MyChinook').click();
+    cy.testid('TabsPanel_buttonNewObject').click();
+    cy.testid('NewObjectModal_databaseChat').click();
+    cy.wait(1000);
+    cy.get('body').realType('show me chart of most popular genres');
+    cy.get('body').realPress('{enter}');
+    cy.testid('DatabaseChatTab_executeAllQueries', { timeout: 30000 }).click();
+    cy.wait(5000);
+    cy.testid('chart-canvas').should($c => expect($c[0].toDataURL()).to.match(/^data:image\/png;base64/));
+    cy.themeshot('database-chat-chart');
+  });
+
+  it('Database chat', () => {
+    cy.contains('MySql-connection').click();
+    cy.contains('MyChinook').click();
+    cy.testid('TabsPanel_buttonNewObject').click();
+    cy.testid('NewObjectModal_databaseChat').click();
+    cy.wait(1000);
+    cy.get('body').realType('find most popular artist');
+    cy.get('body').realPress('{enter}');
+    cy.testid('DatabaseChatTab_executeAllQueries', { timeout: 30000 }).click();
+    cy.wait(30000);
+    // cy.contains('Iron Maiden');
+    cy.themeshot('database-chat');
+
+    // cy.testid('DatabaseChatTab_promptInput').click();
+    // cy.get('body').realType('I need top 10 songs with the biggest income');
+    // cy.get('body').realPress('{enter}');
+    // cy.contains('Hot Girl', { timeout: 20000 });
+    // cy.wait(1000);
+    // cy.themeshot('database-chat');
+  });
+
+  it('Explain query error', () => {
+    cy.contains('MySql-connection').click();
+    cy.contains('MyChinook').click();
+    cy.testid('TabsPanel_buttonNewObject').click();
+    cy.testid('NewObjectModal_query').click();
+    cy.wait(1000);
+    cy.get('body').realType('select * from Invoice2');
+    cy.contains('Execute').click();
+    cy.testid('MessageViewRow-explainErrorButton-1').click();
+    cy.testid('ChatCodeRenderer_useSqlButton', { timeout: 30000 });
+    cy.themeshot('explain-query-error');
+
+    // cy.testid('TabsPanel_buttonNewObject').click();
+    // cy.testid('NewObjectModal_databaseChat').click();
+    // cy.wait(1000);
+    // cy.get('body').realType('show me chart of most popular genres');
+    // cy.get('body').realPress('{enter}');
+    // cy.testid('DatabaseChatTab_executeAllQueries', { timeout: 30000 }).click();
+    // cy.wait(5000);
+    // cy.testid('chart-canvas').should($c => expect($c[0].toDataURL()).to.match(/^data:image\/png;base64/));
+    // cy.themeshot('database-chat-chart');
+  });
 });

e2e-tests/cypress/e2e/team.cy.js

@@ -21,14 +21,17 @@ describe('Team edition tests', () => {
     cy.testid('AdminMenuWidget_itemConnections').click();
     cy.contains('New connection').click();
     cy.testid('ConnectionDriverFields_connectionType').select('PostgreSQL');
+    cy.contains('not granted').should('not.exist');
     cy.themeshot('connection-administration');
 
     cy.testid('AdminMenuWidget_itemRoles').click();
     cy.contains('logged-user').click();
+    cy.contains('not granted').should('not.exist');
     cy.themeshot('role-administration');
 
     cy.testid('AdminMenuWidget_itemUsers').click();
     cy.contains('New user').click();
+    cy.contains('not granted').should('not.exist');
     cy.themeshot('user-administration');
 
     cy.testid('AdminMenuWidget_itemAuthentication').click();
@@ -36,6 +39,7 @@ describe('Team edition tests', () => {
     cy.contains('Use database login').click();
     cy.contains('Add authentication').click();
     cy.contains('OAuth 2.0').click();
+    cy.contains('not granted').should('not.exist');
     cy.themeshot('authentication-administration');
   });
 
@@ -119,4 +123,29 @@ describe('Team edition tests', () => {
     cy.contains('Exporting query').click();
     cy.themeshot('auditlog');
   });
+
+  it('Edit database permissions', () => {
+    cy.testid('LoginPage_linkAdmin').click();
+    cy.testid('LoginPage_password').type('adminpwd');
+    cy.testid('LoginPage_submitLogin').click();
+
+    cy.testid('AdminMenuWidget_itemRoles').click();
+    cy.testid('AdminRolesTab_table').contains('superadmin').click();
+    cy.testid('AdminRolesTab_databases').click();
+
+    cy.testid('AdminDatabasesPermissionsGrid_addButton').click();
+    cy.testid('AdminDatabasesPermissionsGrid_addButton').click();
+    cy.testid('AdminDatabasesPermissionsGrid_addButton').click();
+    
+    cy.testid('AdminListOrRegexEditor_1_regexInput').type('^Chinook[\\d]*$');
+    cy.testid('AdminListOrRegexEditor_2_listSwitch').click();
+    cy.testid('AdminListOrRegexEditor_2_listInput').type('Nortwind\nSales');
+    cy.testid('AdminDatabasesPermissionsGrid_roleSelect_0').select('-2');
+    cy.testid('AdminDatabasesPermissionsGrid_roleSelect_1').select('-3');
+    cy.testid('AdminDatabasesPermissionsGrid_roleSelect_2').select('-4');
+
+    cy.contains('not granted').should('not.exist');
+
+    cy.themeshot('database-permissions');
+  });
 });

e2e-tests/docker-compose.yaml

@@ -37,7 +37,7 @@ services:
       - "16009:5556"
 
   mongo:
-    image: mongo:4.0.12
+    image: mongo:4.4.29
     restart: always
     environment:
       MONGO_INITDB_ROOT_USERNAME: root

integration-tests/__tests__/alter-table.spec.js

@@ -118,6 +118,31 @@ describe('Alter table', () => {
     })
   );
 
+  test.each(engines.filter(i => i.supportTableComments).map(engine => [engine.label, engine]))(
+    'Add comment to table - %s',
+    testWrapper(async (conn, driver, engine) => {
+      await testTableDiff(engine, conn, driver, tbl => {
+        tbl.objectComment = 'Added table comment';
+      });
+    })
+  );
+
+  test.each(engines.filter(i => i.supportColumnComments).map(engine => [engine.label, engine]))(
+    'Add comment to column - %s',
+    testWrapper(async (conn, driver, engine) => {
+      await testTableDiff(engine, conn, driver, tbl => {
+        tbl.columns.push({
+          columnName: 'added',
+          columnComment: 'Added column comment',
+          dataType: 'int',
+          pairingId: crypto.randomUUID(),
+          notNull: false,
+          autoIncrement: false,
+        });
+      });
+    })
+  );
+
   test.each(
     createEnginesColumnsSource(engines.filter(x => !x.skipDropColumn)).filter(
       ([_label, col, engine]) => !engine.skipPkDrop || !col.endsWith('_pk')

integration-tests/__tests__/table-create.spec.js

@@ -64,6 +64,40 @@ describe('Table create', () => {
     })
   );
 
+  test.each(
+    engines.filter(i => i.supportTableComments || i.supportColumnComments).map(engine => [engine.label, engine])
+  )(
+    'Simple table with comment - %s',
+    testWrapper(async (conn, driver, engine) => {
+      await testTableCreate(engine, conn, driver, {
+        ...(engine.supportTableComments && {
+          schemaName: 'dbo',
+          objectComment: 'table comment',
+        }),
+        ...(engine.defaultSchemaName && {
+          schemaName: engine.defaultSchemaName,
+        }),
+        columns: [
+          {
+            columnName: 'col1',
+            dataType: 'int',
+            pureName: 'tested',
+            ...(engine.skipNullability ? {} : { notNull: true }),
+            ...(engine.supportColumnComments && {
+              columnComment: 'column comment',
+            }),
+            ...(engine.defaultSchemaName && {
+              schemaName: engine.defaultSchemaName,
+            }),
+          },
+        ],
+        primaryKey: {
+          columns: [{ columnName: 'col1' }],
+        },
+      });
+    })
+  );
+
   test.each(engines.filter(x => !x.skipIndexes).map(engine => [engine.label, engine]))(
     'Table with index - %s',
     testWrapper(async (conn, driver, engine) => {

integration-tests/engines.js

@@ -443,6 +443,8 @@ const sqlServerEngine = {
   supportSchemas: true,
   supportRenameSqlObject: true,
   defaultSchemaName: 'dbo',
+  supportTableComments: true,
+  supportColumnComments: true,
   // skipSeparateSchemas: true,
   triggers: [
     {

package.json

@@ -1,6 +1,6 @@
 {
   "private": true,
-  "version": "6.6.1-premium-beta.5",
+  "version": "6.6.8-beta.16",
   "name": "dbgate-all",
   "workspaces": [
     "packages/*",
@@ -37,6 +37,8 @@
     "build:tools": "yarn workspace dbgate-tools build",
     "build:lib": "yarn build:sqltree && yarn build:tools && yarn build:filterparser && yarn build:datalib",
     "build:app": "yarn plugins:copydist && cd app && yarn install && yarn build",
+    "repackage:app": "cd app && yarn repackage",
+    "fixYmlHashes": "cd common && yarn init -y && yarn add yaml -W && cd .. && node common/fixYmlHashes.js app/dist",
     "build:api": "yarn workspace dbgate-api build",
     "build:api:doc": "yarn workspace dbgate-api build:doc",
     "build:web": "yarn workspace dbgate-web build",
@@ -72,7 +74,8 @@
     "translations:extract": "node common/translations-cli/index.js extract",
     "translations:add-missing": "node common/translations-cli/index.js add-missing",
     "translations:remove-unused": "node common/translations-cli/index.js remove-unused",
-    "translations:check": "node common/translations-cli/index.js check"
+    "translations:check": "node common/translations-cli/index.js check",
+    "errors": "node common/assign-dbgm-codes.mjs  ."
   },
   "dependencies": {
     "concurrently": "^5.1.0",

packages/api/.env

@@ -2,6 +2,7 @@ DEVMODE=1
 SHELL_SCRIPTING=1
 ALLOW_DBGATE_PRIVATE_CLOUD=1
 DEVWEB=1 
+LOCAL_AUTH_PROXY=1
 # LOCAL_AI_GATEWAY=true
 
 # REDIRECT_TO_DBGATE_CLOUD_LOGIN=1

packages/api/package.json

@@ -31,7 +31,7 @@
     "cors": "^2.8.5",
     "cross-env": "^6.0.3",
     "dbgate-datalib": "^6.0.0-alpha.1",
-    "dbgate-query-splitter": "^4.11.5",
+    "dbgate-query-splitter": "^4.11.7",
     "dbgate-sqltree": "^6.0.0-alpha.1",
     "dbgate-tools": "^6.0.0-alpha.1",
     "debug": "^4.3.4",
@@ -56,7 +56,7 @@
     "ncp": "^2.0.0",
     "node-cron": "^2.0.3",
     "on-finished": "^2.4.1",
-    "pinomin": "^1.0.4",
+    "pinomin": "^1.0.5",
     "portfinder": "^1.0.28",
     "rimraf": "^3.0.0",
     "semver": "^7.6.3",

packages/api/src/auth/authCommon.js

@@ -10,7 +10,13 @@ function getTokenSecret() {
   return tokenSecret;
 }
 
+function getStaticTokenSecret() {
+  // TODO static not fixed
+  return '14813c43-a91b-4ad1-9dcd-a81bd7dbb05f';
+}
+
 module.exports = {
   getTokenLifetime,
   getTokenSecret,
+  getStaticTokenSecret,
 };

packages/api/src/auth/authProvider.js

@@ -10,6 +10,7 @@ const logger = getLogger('authProvider');
 
 class AuthProviderBase {
   amoid = 'none';
+  skipInList = false;
 
   async login(login, password, options = undefined, req = undefined) {
     return {
@@ -36,12 +37,28 @@ class AuthProviderBase {
     return !!req?.user || !!req?.auth;
   }
 
-  getCurrentPermissions(req) {
+  async getCurrentPermissions(req) {
     const login = this.getCurrentLogin(req);
     const permissions = process.env[`LOGIN_PERMISSIONS_${login}`];
     return permissions || process.env.PERMISSIONS;
   }
 
+  async checkCurrentConnectionPermission(req, conid) {
+    return true;
+  }
+
+  async getCurrentDatabasePermissions(req) {
+    return [];
+  }
+
+  async getCurrentTablePermissions(req) {
+    return [];
+  }
+
+  async getCurrentFilePermissions(req) {
+    return [];
+  }
+
   getLoginPageConnections() {
     return null;
   }
@@ -94,7 +111,7 @@ class OAuthProvider extends AuthProviderBase {
       payload = jwt.decode(id_token);
     }
 
-    logger.info({ payload }, 'User payload returned from OAUTH');
+    logger.info({ payload }, 'DBGM-00002 User payload returned from OAUTH');
 
     const login =
       process.env.OAUTH_LOGIN_FIELD && payload && payload[process.env.OAUTH_LOGIN_FIELD]

packages/api/src/controllers/apps.js

@@ -1,233 +1,99 @@
 const fs = require('fs-extra');
 const _ = require('lodash');
 const path = require('path');
-const { appdir } = require('../utility/directories');
+const { appdir, filesdir } = require('../utility/directories');
 const socket = require('../utility/socket');
 const connections = require('./connections');
+const {
+  loadPermissionsFromRequest,
+  loadFilePermissionsFromRequest,
+  hasPermission,
+  getFilePermissionRole,
+} = require('../utility/hasPermission');
 
 module.exports = {
-  folders_meta: true,
-  async folders() {
-    const folders = await fs.readdir(appdir());
-    return [
-      ...folders.map(name => ({
-        name,
-      })),
-    ];
-  },
-
-  createFolder_meta: true,
-  async createFolder({ folder }) {
-    const name = await this.getNewAppFolder({ name: folder });
-    await fs.mkdir(path.join(appdir(), name));
-    socket.emitChanged('app-folders-changed');
-    this.emitChangedDbApp(folder);
-    return name;
-  },
-
-  files_meta: true,
-  async files({ folder }) {
-    if (!folder) return [];
-    const dir = path.join(appdir(), folder);
+  getAllApps_meta: true,
+  async getAllApps({}, req) {
+    const dir = path.join(filesdir(), 'apps');
     if (!(await fs.exists(dir))) return [];
-    const files = await fs.readdir(dir);
-
-    function fileType(ext, type) {
-      return files
-        .filter(name => name.endsWith(ext))
-        .map(name => ({
-          name: name.slice(0, -ext.length),
-          label: path.parse(name.slice(0, -ext.length)).base,
-          type,
-        }));
-    }
-
-    return [
-      ...fileType('.command.sql', 'command.sql'),
-      ...fileType('.query.sql', 'query.sql'),
-      ...fileType('.config.json', 'config.json'),
-    ];
-  },
-
-  async emitChangedDbApp(folder) {
-    const used = await this.getUsedAppFolders();
-    if (used.includes(folder)) {
-      socket.emitChanged('used-apps-changed');
-    }
-  },
-
-  refreshFiles_meta: true,
-  async refreshFiles({ folder }) {
-    socket.emitChanged('app-files-changed', { app: folder });
-  },
-
-  refreshFolders_meta: true,
-  async refreshFolders() {
-    socket.emitChanged(`app-folders-changed`);
-  },
-
-  deleteFile_meta: true,
-  async deleteFile({ folder, file, fileType }) {
-    await fs.unlink(path.join(appdir(), folder, `${file}.${fileType}`));
-    socket.emitChanged('app-files-changed', { app: folder });
-    this.emitChangedDbApp(folder);
-  },
-
-  renameFile_meta: true,
-  async renameFile({ folder, file, newFile, fileType }) {
-    await fs.rename(
-      path.join(path.join(appdir(), folder), `${file}.${fileType}`),
-      path.join(path.join(appdir(), folder), `${newFile}.${fileType}`)
-    );
-    socket.emitChanged('app-files-changed', { app: folder });
-    this.emitChangedDbApp(folder);
-  },
-
-  renameFolder_meta: true,
-  async renameFolder({ folder, newFolder }) {
-    const uniqueName = await this.getNewAppFolder({ name: newFolder });
-    await fs.rename(path.join(appdir(), folder), path.join(appdir(), uniqueName));
-    socket.emitChanged(`app-folders-changed`);
-  },
-
-  deleteFolder_meta: true,
-  async deleteFolder({ folder }) {
-    if (!folder) throw new Error('Missing folder parameter');
-    await fs.rmdir(path.join(appdir(), folder), { recursive: true });
-    socket.emitChanged(`app-folders-changed`);
-    socket.emitChanged('app-files-changed', { app: folder });
-    socket.emitChanged('used-apps-changed');
-  },
-
-  async getNewAppFolder({ name }) {
-    if (!(await fs.exists(path.join(appdir(), name)))) return name;
-    let index = 2;
-    while (await fs.exists(path.join(appdir(), `${name}${index}`))) {
-      index += 1;
-    }
-    return `${name}${index}`;
-  },
-
-  getUsedAppFolders_meta: true,
-  async getUsedAppFolders() {
-    const list = await connections.list();
-    const apps = [];
-
-    for (const connection of list) {
-      for (const db of connection.databases || []) {
-        for (const key of _.keys(db || {})) {
-          if (key.startsWith('useApp:') && db[key]) {
-            apps.push(key.substring('useApp:'.length));
-          }
-        }
-      }
-    }
-
-    return _.intersection(_.uniq(apps), await fs.readdir(appdir()));
-  },
-
-  getUsedApps_meta: true,
-  async getUsedApps() {
-    const apps = await this.getUsedAppFolders();
     const res = [];
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    const filePermissions = await loadFilePermissionsFromRequest(req);
 
-    for (const folder of apps) {
-      res.push(await this.loadApp({ folder }));
-    }
-    return res;
-  },
-
-  // getAppsForDb_meta: true,
-  // async getAppsForDb({ conid, database }) {
-  //   const connection = await connections.get({ conid });
-  //   if (!connection) return [];
-  //   const db = (connection.databases || []).find(x => x.name == database);
-  //   const apps = [];
-  //   const res = [];
-  //   if (db) {
-  //     for (const key of _.keys(db || {})) {
-  //       if (key.startsWith('useApp:') && db[key]) {
-  //         apps.push(key.substring('useApp:'.length));
-  //       }
-  //     }
-  //   }
-  //   for (const folder of apps) {
-  //     res.push(await this.loadApp({ folder }));
-  //   }
-  //   return res;
-  // },
-
-  loadApp_meta: true,
-  async loadApp({ folder }) {
-    const res = {
-      queries: [],
-      commands: [],
-      name: folder,
-    };
-    const dir = path.join(appdir(), folder);
-    if (await fs.exists(dir)) {
-      const files = await fs.readdir(dir);
-
-      async function processType(ext, field) {
-        for (const file of files) {
-          if (file.endsWith(ext)) {
-            res[field].push({
-              name: file.slice(0, -ext.length),
-              sql: await fs.readFile(path.join(dir, file), { encoding: 'utf-8' }),
-            });
-          }
-        }
+    for (const file of await fs.readdir(dir)) {
+      if (!hasPermission(`all-disk-files`, loadedPermissions)) {
+        const role = getFilePermissionRole('apps', file, filePermissions);
+        if (role == 'deny') continue;
       }
+      const content = await fs.readFile(path.join(dir, file), { encoding: 'utf-8' });
+      const appJson = JSON.parse(content);
+      // const app = {
+      //   appid: file,
+      //   name: appJson.applicationName,
+      //   usageRules: appJson.usageRules || [],
+      //   icon: appJson.applicationIcon || 'img app',
+      //   color: appJson.applicationColor,
+      //   queries: Object.values(appJson.files || {})
+      //     .filter(x => x.type == 'query')
+      //     .map(x => ({
+      //       name: x.label,
+      //       sql: x.sql,
+      //     })),
+      //   commands: Object.values(appJson.files || {})
+      //     .filter(x => x.type == 'command')
+      //     .map(x => ({
+      //       name: x.label,
+      //       sql: x.sql,
+      //     })),
+      //   virtualReferences: appJson.virtualReferences,
+      //   dictionaryDescriptions: appJson.dictionaryDescriptions,
+      // };
+      const app = {
+        ...appJson,
+        appid: file,
+      };
 
-      await processType('.command.sql', 'commands');
-      await processType('.query.sql', 'queries');
+      res.push(app);
     }
-
-    try {
-      res.virtualReferences = JSON.parse(
-        await fs.readFile(path.join(dir, 'virtual-references.config.json'), { encoding: 'utf-8' })
-      );
-    } catch (err) {
-      res.virtualReferences = [];
-    }
-    try {
-      res.dictionaryDescriptions = JSON.parse(
-        await fs.readFile(path.join(dir, 'dictionary-descriptions.config.json'), { encoding: 'utf-8' })
-      );
-    } catch (err) {
-      res.dictionaryDescriptions = [];
-    }
-
     return res;
   },
 
-  async saveConfigFile(appFolder, filename, filterFunc, newItem) {
-    const file = path.join(appdir(), appFolder, filename);
-
-    let json;
-    try {
-      json = JSON.parse(await fs.readFile(file, { encoding: 'utf-8' }));
-    } catch (err) {
-      json = [];
+  createAppFromDb_meta: true,
+  async createAppFromDb({ appName, server, database }, req) {
+    const appdir = path.join(filesdir(), 'apps');
+    if (!fs.existsSync(appdir)) {
+      await fs.mkdir(appdir);
     }
-
-    if (filterFunc) {
-      json = json.filter(filterFunc);
+    const appId = _.kebabCase(appName);
+    let suffix = undefined;
+    while (fs.existsSync(path.join(appdir, `${appId}${suffix || ''}`))) {
+      if (!suffix) suffix = 2;
+      else suffix++;
     }
+    const finalAppId = `${appId}${suffix || ''}`;
 
-    json = [...json, newItem];
+    const appJson = {
+      applicationName: appName,
+      usageRules: [
+        {
+          serverHostsList: server,
+          databaseNamesList: database,
+        },
+      ],
+    };
 
-    await fs.writeFile(file, JSON.stringify(json, undefined, 2));
+    await fs.writeFile(path.join(appdir, `${finalAppId}`), JSON.stringify(appJson, undefined, 2));
 
-    socket.emitChanged('app-files-changed', { app: appFolder });
-    socket.emitChanged('used-apps-changed');
+    socket.emitChanged(`files-changed`, { folder: 'apps' });
+
+    return finalAppId;
   },
 
   saveVirtualReference_meta: true,
-  async saveVirtualReference({ appFolder, schemaName, pureName, refSchemaName, refTableName, columns }) {
-    await this.saveConfigFile(
-      appFolder,
-      'virtual-references.config.json',
+  async saveVirtualReference({ appid, schemaName, pureName, refSchemaName, refTableName, columns }) {
+    await this.saveConfigItem(
+      appid,
+      'virtualReferences',
       columns.length == 1
         ? x =>
             !(
@@ -245,14 +111,17 @@ module.exports = {
         columns,
       }
     );
+
+    socket.emitChanged(`files-changed`, { folder: 'apps' });
+
     return true;
   },
 
   saveDictionaryDescription_meta: true,
-  async saveDictionaryDescription({ appFolder, pureName, schemaName, expression, columns, delimiter }) {
-    await this.saveConfigFile(
-      appFolder,
-      'dictionary-descriptions.config.json',
+  async saveDictionaryDescription({ appid, pureName, schemaName, expression, columns, delimiter }) {
+    await this.saveConfigItem(
+      appid,
+      'dictionaryDescriptions',
       x => !(x.schemaName == schemaName && x.pureName == pureName),
       {
         schemaName,
@@ -263,18 +132,271 @@ module.exports = {
       }
     );
 
+    socket.emitChanged(`files-changed`, { folder: 'apps' });
+
     return true;
   },
 
-  createConfigFile_meta: true,
-  async createConfigFile({ appFolder, fileName, content }) {
-    const file = path.join(appdir(), appFolder, fileName);
-    if (!(await fs.exists(file))) {
-      await fs.writeFile(file, JSON.stringify(content, undefined, 2));
-      socket.emitChanged('app-files-changed', { app: appFolder });
-      socket.emitChanged('used-apps-changed');
-      return true;
+  async saveConfigItem(appid, fieldName, filterFunc, newItem) {
+    const file = path.join(filesdir(), 'apps', appid);
+
+    const appJson = JSON.parse(await fs.readFile(file, { encoding: 'utf-8' }));
+    let json = appJson[fieldName] || [];
+
+    if (filterFunc) {
+      json = json.filter(filterFunc);
     }
-    return false;
+
+    json = [...json, newItem];
+
+    await fs.writeFile(
+      file,
+      JSON.stringify(
+        {
+          ...appJson,
+          [fieldName]: json,
+        },
+        undefined,
+        2
+      )
+    );
+
+    socket.emitChanged('files-changed', { folder: 'apps' });
   },
+
+  // folders_meta: true,
+  // async folders() {
+  //   const folders = await fs.readdir(appdir());
+  //   return [
+  //     ...folders.map(name => ({
+  //       name,
+  //     })),
+  //   ];
+  // },
+
+  // createFolder_meta: true,
+  // async createFolder({ folder }) {
+  //   const name = await this.getNewAppFolder({ name: folder });
+  //   await fs.mkdir(path.join(appdir(), name));
+  //   socket.emitChanged('app-folders-changed');
+  //   this.emitChangedDbApp(folder);
+  //   return name;
+  // },
+
+  // files_meta: true,
+  // async files({ folder }) {
+  //   if (!folder) return [];
+  //   const dir = path.join(appdir(), folder);
+  //   if (!(await fs.exists(dir))) return [];
+  //   const files = await fs.readdir(dir);
+
+  //   function fileType(ext, type) {
+  //     return files
+  //       .filter(name => name.endsWith(ext))
+  //       .map(name => ({
+  //         name: name.slice(0, -ext.length),
+  //         label: path.parse(name.slice(0, -ext.length)).base,
+  //         type,
+  //       }));
+  //   }
+
+  //   return [
+  //     ...fileType('.command.sql', 'command.sql'),
+  //     ...fileType('.query.sql', 'query.sql'),
+  //     ...fileType('.config.json', 'config.json'),
+  //   ];
+  // },
+
+  // async emitChangedDbApp(folder) {
+  //   const used = await this.getUsedAppFolders();
+  //   if (used.includes(folder)) {
+  //     socket.emitChanged('used-apps-changed');
+  //   }
+  // },
+
+  // refreshFiles_meta: true,
+  // async refreshFiles({ folder }) {
+  //   socket.emitChanged('app-files-changed', { app: folder });
+  // },
+
+  // refreshFolders_meta: true,
+  // async refreshFolders() {
+  //   socket.emitChanged(`app-folders-changed`);
+  // },
+
+  // deleteFile_meta: true,
+  // async deleteFile({ folder, file, fileType }) {
+  //   await fs.unlink(path.join(appdir(), folder, `${file}.${fileType}`));
+  //   socket.emitChanged('app-files-changed', { app: folder });
+  //   this.emitChangedDbApp(folder);
+  // },
+
+  // renameFile_meta: true,
+  // async renameFile({ folder, file, newFile, fileType }) {
+  //   await fs.rename(
+  //     path.join(path.join(appdir(), folder), `${file}.${fileType}`),
+  //     path.join(path.join(appdir(), folder), `${newFile}.${fileType}`)
+  //   );
+  //   socket.emitChanged('app-files-changed', { app: folder });
+  //   this.emitChangedDbApp(folder);
+  // },
+
+  // renameFolder_meta: true,
+  // async renameFolder({ folder, newFolder }) {
+  //   const uniqueName = await this.getNewAppFolder({ name: newFolder });
+  //   await fs.rename(path.join(appdir(), folder), path.join(appdir(), uniqueName));
+  //   socket.emitChanged(`app-folders-changed`);
+  // },
+
+  // deleteFolder_meta: true,
+  // async deleteFolder({ folder }) {
+  //   if (!folder) throw new Error('Missing folder parameter');
+  //   await fs.rmdir(path.join(appdir(), folder), { recursive: true });
+  //   socket.emitChanged(`app-folders-changed`);
+  //   socket.emitChanged('app-files-changed', { app: folder });
+  //   socket.emitChanged('used-apps-changed');
+  // },
+
+  // async getNewAppFolder({ name }) {
+  //   if (!(await fs.exists(path.join(appdir(), name)))) return name;
+  //   let index = 2;
+  //   while (await fs.exists(path.join(appdir(), `${name}${index}`))) {
+  //     index += 1;
+  //   }
+  //   return `${name}${index}`;
+  // },
+
+  // getUsedAppFolders_meta: true,
+  // async getUsedAppFolders() {
+  //   const list = await connections.list();
+  //   const apps = [];
+
+  //   for (const connection of list) {
+  //     for (const db of connection.databases || []) {
+  //       for (const key of _.keys(db || {})) {
+  //         if (key.startsWith('useApp:') && db[key]) {
+  //           apps.push(key.substring('useApp:'.length));
+  //         }
+  //       }
+  //     }
+  //   }
+
+  //   return _.intersection(_.uniq(apps), await fs.readdir(appdir()));
+  // },
+
+  // // getAppsForDb_meta: true,
+  // // async getAppsForDb({ conid, database }) {
+  // //   const connection = await connections.get({ conid });
+  // //   if (!connection) return [];
+  // //   const db = (connection.databases || []).find(x => x.name == database);
+  // //   const apps = [];
+  // //   const res = [];
+  // //   if (db) {
+  // //     for (const key of _.keys(db || {})) {
+  // //       if (key.startsWith('useApp:') && db[key]) {
+  // //         apps.push(key.substring('useApp:'.length));
+  // //       }
+  // //     }
+  // //   }
+  // //   for (const folder of apps) {
+  // //     res.push(await this.loadApp({ folder }));
+  // //   }
+  // //   return res;
+  // // },
+
+  // loadApp_meta: true,
+  // async loadApp({ folder }) {
+  //   const res = {
+  //     queries: [],
+  //     commands: [],
+  //     name: folder,
+  //   };
+  //   const dir = path.join(appdir(), folder);
+  //   if (await fs.exists(dir)) {
+  //     const files = await fs.readdir(dir);
+
+  //     async function processType(ext, field) {
+  //       for (const file of files) {
+  //         if (file.endsWith(ext)) {
+  //           res[field].push({
+  //             name: file.slice(0, -ext.length),
+  //             sql: await fs.readFile(path.join(dir, file), { encoding: 'utf-8' }),
+  //           });
+  //         }
+  //       }
+  //     }
+
+  //     await processType('.command.sql', 'commands');
+  //     await processType('.query.sql', 'queries');
+  //   }
+
+  //   try {
+  //     res.virtualReferences = JSON.parse(
+  //       await fs.readFile(path.join(dir, 'virtual-references.config.json'), { encoding: 'utf-8' })
+  //     );
+  //   } catch (err) {
+  //     res.virtualReferences = [];
+  //   }
+  //   try {
+  //     res.dictionaryDescriptions = JSON.parse(
+  //       await fs.readFile(path.join(dir, 'dictionary-descriptions.config.json'), { encoding: 'utf-8' })
+  //     );
+  //   } catch (err) {
+  //     res.dictionaryDescriptions = [];
+  //   }
+
+  //   return res;
+  // },
+
+  // async saveConfigFile(appFolder, filename, filterFunc, newItem) {
+  //   const file = path.join(appdir(), appFolder, filename);
+
+  //   let json;
+  //   try {
+  //     json = JSON.parse(await fs.readFile(file, { encoding: 'utf-8' }));
+  //   } catch (err) {
+  //     json = [];
+  //   }
+
+  //   if (filterFunc) {
+  //     json = json.filter(filterFunc);
+  //   }
+
+  //   json = [...json, newItem];
+
+  //   await fs.writeFile(file, JSON.stringify(json, undefined, 2));
+
+  //   socket.emitChanged('app-files-changed', { app: appFolder });
+  //   socket.emitChanged('used-apps-changed');
+  // },
+
+  // saveDictionaryDescription_meta: true,
+  // async saveDictionaryDescription({ appFolder, pureName, schemaName, expression, columns, delimiter }) {
+  //   await this.saveConfigFile(
+  //     appFolder,
+  //     'dictionary-descriptions.config.json',
+  //     x => !(x.schemaName == schemaName && x.pureName == pureName),
+  //     {
+  //       schemaName,
+  //       pureName,
+  //       expression,
+  //       columns,
+  //       delimiter,
+  //     }
+  //   );
+
+  //   return true;
+  // },
+
+  // createConfigFile_meta: true,
+  // async createConfigFile({ appFolder, fileName, content }) {
+  //   const file = path.join(appdir(), appFolder, fileName);
+  //   if (!(await fs.exists(file))) {
+  //     await fs.writeFile(file, JSON.stringify(content, undefined, 2));
+  //     socket.emitChanged('app-files-changed', { app: appFolder });
+  //     socket.emitChanged('used-apps-changed');
+  //     return true;
+  //   }
+  //   return false;
+  // },
 };

packages/api/src/controllers/archive.js

@@ -102,7 +102,7 @@ module.exports = {
         ...fileType('.matview.sql', 'matview.sql'),
       ];
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error reading archive files');
+      logger.error(extractErrorLogData(err), 'DBGM-00001 Error reading archive files');
       return [];
     }
   },

packages/api/src/controllers/auth.js

@@ -51,6 +51,7 @@ function authMiddleware(req, res, next) {
     '/auth/oauth-token',
     '/auth/login',
     '/auth/redirect',
+    '/redirect',
     '/stream',
     '/storage/get-connections-for-login-page',
     '/storage/set-admin-password',
@@ -99,7 +100,7 @@ function authMiddleware(req, res, next) {
       return next();
     }
 
-    logger.error(extractErrorLogData(err), 'Sending invalid token error');
+    logger.error(extractErrorLogData(err), 'DBGM-00098 Sending invalid token error');
 
     return unauthorizedResponse(req, res, 'invalid token');
   }
@@ -139,9 +140,9 @@ module.exports = {
         const accessToken = jwt.sign(
           {
             login: 'superadmin',
-            permissions: await storage.loadSuperadminPermissions(),
             roleId: -3,
             licenseUid,
+            amoid: 'superadmin',
           },
           getTokenSecret(),
           {
@@ -173,7 +174,9 @@ module.exports = {
   getProviders_meta: true,
   getProviders() {
     return {
-      providers: getAuthProviders().map(x => x.toJson()),
+      providers: getAuthProviders()
+        .filter(x => !x.skipInList)
+        .map(x => x.toJson()),
       default: getDefaultAuthProvider()?.amoid,
     };
   },

packages/api/src/controllers/cloud.js

@@ -8,6 +8,7 @@ const {
   getCloudContent,
   putCloudContent,
   removeCloudCachedConnection,
+  getPromoWidgetData,
 } = require('../utility/cloudIntf');
 const connections = require('./connections');
 const socket = require('../utility/socket');
@@ -45,7 +46,7 @@ module.exports = {
       const resp = await callCloudApiGet('content-list');
       return resp;
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error getting cloud content list');
+      logger.error(extractErrorLogData(err), 'DBGM-00099 Error getting cloud content list');
 
       return [];
     }
@@ -283,6 +284,18 @@ module.exports = {
     return getAiGatewayServer();
   },
 
+  premiumPromoWidget_meta: true,
+  async premiumPromoWidget() {
+    const data = getPromoWidgetData();
+    if (data?.state != 'data') {
+      return null;
+    }
+    if (data.validTo && new Date().getTime() > new Date(data.validTo).getTime()) {
+      return null;
+    }
+    return data;
+  },
+
   // chatStream_meta: {
   //   raw: true,
   //   method: 'post',

packages/api/src/controllers/config.js

@@ -3,7 +3,7 @@ const os = require('os');
 const path = require('path');
 const axios = require('axios');
 const { datadir, getLogsFilePath } = require('../utility/directories');
-const { hasPermission } = require('../utility/hasPermission');
+const { hasPermission, loadPermissionsFromRequest } = require('../utility/hasPermission');
 const socket = require('../utility/socket');
 const _ = require('lodash');
 const AsyncLock = require('async-lock');
@@ -46,7 +46,7 @@ module.exports = {
   async get(_params, req) {
     const authProvider = getAuthProviderFromReq(req);
     const login = authProvider.getCurrentLogin(req);
-    const permissions = authProvider.getCurrentPermissions(req);
+    const permissions = await authProvider.getCurrentPermissions(req);
     const isUserLoggedIn = authProvider.isUserLoggedIn(req);
 
     const singleConid = authProvider.getSingleConnectionId(req);
@@ -280,7 +280,8 @@ module.exports = {
 
   updateSettings_meta: true,
   async updateSettings(values, req) {
-    if (!hasPermission(`settings/change`, req)) return false;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`settings/change`, loadedPermissions)) return false;
     cachedSettingsValue = null;
 
     const res = await lock.acquire('settings', async () => {
@@ -392,7 +393,8 @@ module.exports = {
 
   exportConnectionsAndSettings_meta: true,
   async exportConnectionsAndSettings(_params, req) {
-    if (!hasPermission(`admin/config`, req)) {
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`admin/config`, loadedPermissions)) {
       throw new Error('Permission denied: admin/config');
     }
 
@@ -416,7 +418,8 @@ module.exports = {
 
   importConnectionsAndSettings_meta: true,
   async importConnectionsAndSettings({ db }, req) {
-    if (!hasPermission(`admin/config`, req)) {
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`admin/config`, loadedPermissions)) {
       throw new Error('Permission denied: admin/config');
     }
 

packages/api/src/controllers/connections.js

@@ -14,7 +14,7 @@ const JsonLinesDatabase = require('../utility/JsonLinesDatabase');
 const processArgs = require('../utility/processArgs');
 const { safeJsonParse, getLogger, extractErrorLogData } = require('dbgate-tools');
 const platformInfo = require('../utility/platformInfo');
-const { connectionHasPermission, testConnectionPermission } = require('../utility/hasPermission');
+const { connectionHasPermission, testConnectionPermission, loadPermissionsFromRequest } = require('../utility/hasPermission');
 const pipeForkLogs = require('../utility/pipeForkLogs');
 const requireEngineDriver = require('../utility/requireEngineDriver');
 const { getAuthProviderById } = require('../auth/authProvider');
@@ -116,12 +116,12 @@ function getPortalCollections() {
       }
     }
 
-    logger.info({ connections: connections.map(pickSafeConnectionInfo) }, 'Using connections from ENV variables');
+    logger.info({ connections: connections.map(pickSafeConnectionInfo) }, 'DBGM-00005 Using connections from ENV variables');
     const noengine = connections.filter(x => !x.engine);
     if (noengine.length > 0) {
       logger.warn(
         { connections: noengine.map(x => x._id) },
-        'Invalid CONNECTIONS configuration, missing ENGINE for connection ID'
+        'DBGM-00006 Invalid CONNECTIONS configuration, missing ENGINE for connection ID'
       );
     }
     return connections;
@@ -227,6 +227,7 @@ module.exports = {
   list_meta: true,
   async list(_params, req) {
     const storage = require('./storage');
+    const loadedPermissions = await loadPermissionsFromRequest(req);
 
     const storageConnections = await storage.connections(req);
     if (storageConnections) {
@@ -234,9 +235,9 @@ module.exports = {
     }
     if (portalConnections) {
       if (platformInfo.allowShellConnection) return portalConnections;
-      return portalConnections.map(maskConnection).filter(x => connectionHasPermission(x, req));
+      return portalConnections.map(maskConnection).filter(x => connectionHasPermission(x, loadedPermissions));
     }
-    return (await this.datastore.find()).filter(x => connectionHasPermission(x, req));
+    return (await this.datastore.find()).filter(x => connectionHasPermission(x, loadedPermissions));
   },
 
   async getUsedEngines() {
@@ -375,7 +376,7 @@ module.exports = {
   update_meta: true,
   async update({ _id, values }, req) {
     if (portalConnections) return;
-    testConnectionPermission(_id, req);
+    await testConnectionPermission(_id, req);
     const res = await this.datastore.patch(_id, values);
     socket.emitChanged('connection-list-changed');
     return res;
@@ -392,7 +393,7 @@ module.exports = {
   updateDatabase_meta: true,
   async updateDatabase({ conid, database, values }, req) {
     if (portalConnections) return;
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const conn = await this.datastore.get(conid);
     let databases = (conn && conn.databases) || [];
     if (databases.find(x => x.name == database)) {
@@ -410,7 +411,7 @@ module.exports = {
   delete_meta: true,
   async delete(connection, req) {
     if (portalConnections) return;
-    testConnectionPermission(connection, req);
+    await testConnectionPermission(connection, req);
     const res = await this.datastore.remove(connection._id);
     socket.emitChanged('connection-list-changed');
     return res;
@@ -452,7 +453,7 @@ module.exports = {
         _id: '__model',
       };
     }
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.getCore({ conid, mask: true });
   },
 
@@ -530,7 +531,7 @@ module.exports = {
       socket.emit('got-volatile-token', { strmid, savedConId: conid, volatileConId: volatile._id });
       return { success: true };
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error getting DB token');
+      logger.error(extractErrorLogData(err), 'DBGM-00100 Error getting DB token');
       return { error: err.message };
     }
   },
@@ -546,7 +547,7 @@ module.exports = {
       const resp = await authProvider.login(null, null, { conid: volatile._id }, req);
       return resp;
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error getting DB token');
+      logger.error(extractErrorLogData(err), 'DBGM-00101 Error getting DB token');
       return { error: err.message };
     }
   },

packages/api/src/controllers/databaseConnections.js

@@ -29,7 +29,7 @@ const generateDeploySql = require('../shell/generateDeploySql');
 const { createTwoFilesPatch } = require('diff');
 const diff2htmlPage = require('../utility/diff2htmlPage');
 const processArgs = require('../utility/processArgs');
-const { testConnectionPermission } = require('../utility/hasPermission');
+const { testConnectionPermission, hasPermission, loadPermissionsFromRequest, loadTablePermissionsFromRequest, getTablePermissionRole, loadDatabasePermissionsFromRequest, getDatabasePermissionRole, getTablePermissionRoleLevelIndex, testDatabaseRolePermission } = require('../utility/hasPermission');
 const { MissingCredentialsError } = require('../utility/exceptions');
 const pipeForkLogs = require('../utility/pipeForkLogs');
 const crypto = require('crypto');
@@ -76,7 +76,7 @@ module.exports = {
 
   handle_error(conid, database, props) {
     const { error } = props;
-    logger.error(`Error in database connection ${conid}, database ${database}: ${error}`);
+    logger.error(`DBGM-00102 Error in database connection ${conid}, database ${database}: ${error}`);
     if (props?.msgid) {
       const [resolve, reject] = this.requests[props?.msgid];
       reject(error);
@@ -100,7 +100,7 @@ module.exports = {
     socket.emitChanged(`database-status-changed`, { conid, database });
   },
 
-  handle_ping() {},
+  handle_ping() { },
 
   // session event handlers
 
@@ -144,7 +144,7 @@ module.exports = {
   handle_copyStreamError(conid, database, { copyStreamError }) {
     const { progressName } = copyStreamError;
     const { runid } = progressName;
-    logger.error(`Error in database connection ${conid}, database ${database}: ${copyStreamError}`);
+    logger.error(`DBGM-00103 Error in database connection ${conid}, database ${database}: ${copyStreamError}`);
     socket.emit(`runner-done-${runid}`);
   },
 
@@ -193,7 +193,7 @@ module.exports = {
       if (newOpened.disconnected) return;
       const funcName = `handle_${msgtype}`;
       if (!this[funcName]) {
-        logger.error(`Unknown message type ${msgtype} from subprocess databaseConnectionProcess`);
+        logger.error(`DBGM-00104 Unknown message type ${msgtype} from subprocess databaseConnectionProcess`);
         return;
       }
 
@@ -204,7 +204,7 @@ module.exports = {
       this.close(conid, database, false);
     });
     subprocess.on('error', err => {
-      logger.error(extractErrorLogData(err), 'Error in database connection subprocess');
+      logger.error(extractErrorLogData(err), 'DBGM-00114 Error in database connection subprocess');
       if (newOpened.disconnected) return;
       this.close(conid, database, false);
     });
@@ -226,7 +226,7 @@ module.exports = {
       try {
         conn.subprocess.send({ msgid, ...message });
       } catch (err) {
-        logger.error(extractErrorLogData(err), 'Error sending request do process');
+        logger.error(extractErrorLogData(err), 'DBGM-00115 Error sending request do process');
         this.close(conn.conid, conn.database);
       }
     });
@@ -235,8 +235,8 @@ module.exports = {
 
   queryData_meta: true,
   async queryData({ conid, database, sql }, req) {
-    testConnectionPermission(conid, req);
-    logger.info({ conid, database, sql }, 'Processing query');
+    await testConnectionPermission(conid, req);
+    logger.info({ conid, database, sql }, 'DBGM-00007 Processing query');
     const opened = await this.ensureOpened(conid, database);
     // if (opened && opened.status && opened.status.name == 'error') {
     //   return opened.status;
@@ -247,7 +247,7 @@ module.exports = {
 
   sqlSelect_meta: true,
   async sqlSelect({ conid, database, select, auditLogSessionGroup }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid, database);
     const res = await this.sendRequest(
       opened,
@@ -256,24 +256,23 @@ module.exports = {
         auditLogger:
           auditLogSessionGroup && select?.from?.name?.pureName
             ? response => {
-                sendToAuditLog(req, {
-                  category: 'dbop',
-                  component: 'DatabaseConnectionsController',
-                  event: 'sql.select',
-                  action: 'select',
-                  severity: 'info',
-                  conid,
-                  database,
-                  schemaName: select?.from?.name?.schemaName,
-                  pureName: select?.from?.name?.pureName,
-                  sumint1: response?.rows?.length,
-                  sessionParam: `${conid}::${database}::${select?.from?.name?.schemaName || '0'}::${
-                    select?.from?.name?.pureName
+              sendToAuditLog(req, {
+                category: 'dbop',
+                component: 'DatabaseConnectionsController',
+                event: 'sql.select',
+                action: 'select',
+                severity: 'info',
+                conid,
+                database,
+                schemaName: select?.from?.name?.schemaName,
+                pureName: select?.from?.name?.pureName,
+                sumint1: response?.rows?.length,
+                sessionParam: `${conid}::${database}::${select?.from?.name?.schemaName || '0'}::${select?.from?.name?.pureName
                   }`,
-                  sessionGroup: auditLogSessionGroup,
-                  message: `Loaded table data from ${select?.from?.name?.pureName}`,
-                });
-              }
+                sessionGroup: auditLogSessionGroup,
+                message: `Loaded table data from ${select?.from?.name?.pureName}`,
+              });
+            }
             : null,
       }
     );
@@ -282,8 +281,10 @@ module.exports = {
 
   runScript_meta: true,
   async runScript({ conid, database, sql, useTransaction, logMessage }, req) {
-    testConnectionPermission(conid, req);
-    logger.info({ conid, database, sql }, 'Processing script');
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    await testConnectionPermission(conid, req, loadedPermissions);
+    await testDatabaseRolePermission(conid, database, 'run_script', req);
+    logger.info({ conid, database, sql }, 'DBGM-00008 Processing script');
     const opened = await this.ensureOpened(conid, database);
     sendToAuditLog(req, {
       category: 'dbop',
@@ -303,8 +304,8 @@ module.exports = {
 
   runOperation_meta: true,
   async runOperation({ conid, database, operation, useTransaction }, req) {
-    testConnectionPermission(conid, req);
-    logger.info({ conid, database, operation }, 'Processing operation');
+    await testConnectionPermission(conid, req);
+    logger.info({ conid, database, operation }, 'DBGM-00009 Processing operation');
 
     sendToAuditLog(req, {
       category: 'dbop',
@@ -325,7 +326,7 @@ module.exports = {
 
   collectionData_meta: true,
   async collectionData({ conid, database, options, auditLogSessionGroup }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid, database);
     const res = await this.sendRequest(
       opened,
@@ -334,21 +335,21 @@ module.exports = {
         auditLogger:
           auditLogSessionGroup && options?.pureName
             ? response => {
-                sendToAuditLog(req, {
-                  category: 'dbop',
-                  component: 'DatabaseConnectionsController',
-                  event: 'nosql.collectionData',
-                  action: 'select',
-                  severity: 'info',
-                  conid,
-                  database,
-                  pureName: options?.pureName,
-                  sumint1: response?.result?.rows?.length,
-                  sessionParam: `${conid}::${database}::${options?.pureName}`,
-                  sessionGroup: auditLogSessionGroup,
-                  message: `Loaded collection data ${options?.pureName}`,
-                });
-              }
+              sendToAuditLog(req, {
+                category: 'dbop',
+                component: 'DatabaseConnectionsController',
+                event: 'nosql.collectionData',
+                action: 'select',
+                severity: 'info',
+                conid,
+                database,
+                pureName: options?.pureName,
+                sumint1: response?.result?.rows?.length,
+                sessionParam: `${conid}::${database}::${options?.pureName}`,
+                sessionGroup: auditLogSessionGroup,
+                message: `Loaded collection data ${options?.pureName}`,
+              });
+            }
             : null,
       }
     );
@@ -356,7 +357,7 @@ module.exports = {
   },
 
   async loadDataCore(msgtype, { conid, database, ...args }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid, database);
     const res = await this.sendRequest(opened, { msgtype, ...args });
     if (res.errorMessage) {
@@ -371,7 +372,7 @@ module.exports = {
 
   schemaList_meta: true,
   async schemaList({ conid, database }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('schemaList', { conid, database });
   },
 
@@ -383,43 +384,43 @@ module.exports = {
 
   loadKeys_meta: true,
   async loadKeys({ conid, database, root, filter, limit }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('loadKeys', { conid, database, root, filter, limit });
   },
 
   scanKeys_meta: true,
   async scanKeys({ conid, database, root, pattern, cursor, count }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('scanKeys', { conid, database, root, pattern, cursor, count });
   },
 
   exportKeys_meta: true,
   async exportKeys({ conid, database, options }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('exportKeys', { conid, database, options });
   },
 
   loadKeyInfo_meta: true,
   async loadKeyInfo({ conid, database, key }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('loadKeyInfo', { conid, database, key });
   },
 
   loadKeyTableRange_meta: true,
   async loadKeyTableRange({ conid, database, key, cursor, count }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('loadKeyTableRange', { conid, database, key, cursor, count });
   },
 
   loadFieldValues_meta: true,
   async loadFieldValues({ conid, database, schemaName, pureName, field, search, dataType }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('loadFieldValues', { conid, database, schemaName, pureName, field, search, dataType });
   },
 
   callMethod_meta: true,
   async callMethod({ conid, database, method, args }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     return this.loadDataCore('callMethod', { conid, database, method, args });
 
     // const opened = await this.ensureOpened(conid, database);
@@ -432,7 +433,8 @@ module.exports = {
 
   updateCollection_meta: true,
   async updateCollection({ conid, database, changeSet }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
+
     const opened = await this.ensureOpened(conid, database);
     const res = await this.sendRequest(opened, { msgtype: 'updateCollection', changeSet });
     if (res.errorMessage) {
@@ -443,6 +445,36 @@ module.exports = {
     return res.result || null;
   },
 
+  saveTableData_meta: true,
+  async saveTableData({ conid, database, changeSet }, req) {
+    await testConnectionPermission(conid, req);
+
+    const databasePermissions = await loadDatabasePermissionsFromRequest(req);
+    const tablePermissions = await loadTablePermissionsFromRequest(req);
+    const fieldsAndRoles = [
+      [changeSet.inserts, 'create_update_delete'],
+      [changeSet.deletes, 'create_update_delete'],
+      [changeSet.updates, 'update_only'],
+    ]
+    for (const [operations, requiredRole] of fieldsAndRoles) {
+      for (const operation of operations) {
+        const role = getTablePermissionRole(conid, database, 'tables', operation.schemaName, operation.pureName, tablePermissions, databasePermissions);
+        if (getTablePermissionRoleLevelIndex(role) < getTablePermissionRoleLevelIndex(requiredRole)) {
+          throw new Error('DBGM-00262 Permission not granted');
+        }
+      }
+    }
+
+    const opened = await this.ensureOpened(conid, database);
+    const res = await this.sendRequest(opened, { msgtype: 'saveTableData', changeSet });
+    if (res.errorMessage) {
+      return {
+        errorMessage: res.errorMessage,
+      };
+    }
+    return res.result || null;
+  },
+
   status_meta: true,
   async status({ conid, database }, req) {
     if (!conid) {
@@ -451,7 +483,7 @@ module.exports = {
         message: 'No connection',
       };
     }
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const existing = this.opened.find(x => x.conid == conid && x.database == database);
     if (existing) {
       return {
@@ -474,14 +506,14 @@ module.exports = {
 
   ping_meta: true,
   async ping({ conid, database }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     let existing = this.opened.find(x => x.conid == conid && x.database == database);
 
     if (existing) {
       try {
         existing.subprocess.send({ msgtype: 'ping' });
       } catch (err) {
-        logger.error(extractErrorLogData(err), 'Error pinging DB connection');
+        logger.error(extractErrorLogData(err), 'DBGM-00116 Error pinging DB connection');
         this.close(conid, database);
 
         return {
@@ -502,7 +534,7 @@ module.exports = {
 
   refresh_meta: true,
   async refresh({ conid, database, keepOpen }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     if (!keepOpen) this.close(conid, database);
 
     await this.ensureOpened(conid, database);
@@ -516,7 +548,7 @@ module.exports = {
       return { status: 'ok' };
     }
 
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const conn = await this.ensureOpened(conid, database);
     conn.subprocess.send({ msgtype: 'syncModel', isFullRefresh });
     return { status: 'ok' };
@@ -530,7 +562,7 @@ module.exports = {
         try {
           existing.subprocess.kill();
         } catch (err) {
-          logger.error(extractErrorLogData(err), 'Error killing subprocess');
+          logger.error(extractErrorLogData(err), 'DBGM-00117 Error killing subprocess');
         }
       }
       this.opened = this.opened.filter(x => x.conid != conid || x.database != database);
@@ -553,7 +585,7 @@ module.exports = {
 
   disconnect_meta: true,
   async disconnect({ conid, database }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     await this.close(conid, database, true);
     return { status: 'ok' };
   },
@@ -563,8 +595,9 @@ module.exports = {
     if (!conid || !database) {
       return {};
     }
+    const loadedPermissions = await loadPermissionsFromRequest(req);
 
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req, loadedPermissions);
     if (conid == '__model') {
       const model = await importDbModel(database);
       const trans = await loadModelTransform(modelTransFile);
@@ -586,6 +619,38 @@ module.exports = {
       message: `Loaded database structure for ${database}`,
     });
 
+    if (process.env.STORAGE_DATABASE && !hasPermission(`all-tables`, loadedPermissions)) {
+      // filter databases by permissions
+      const tablePermissions = await loadTablePermissionsFromRequest(req);
+      const databasePermissions = await loadDatabasePermissionsFromRequest(req);
+      const databasePermissionRole = getDatabasePermissionRole(conid, database, databasePermissions);
+
+      function applyTablePermissionRole(list, objectTypeField) {
+        const res = [];
+        for (const item of list ?? []) {
+          const tablePermissionRole = getTablePermissionRole(conid, database, objectTypeField, item.schemaName, item.pureName, tablePermissions, databasePermissionRole);
+          if (tablePermissionRole != 'deny') {
+            res.push({
+              ...item,
+              tablePermissionRole,
+            });
+          }
+        }
+        return res;
+      }
+
+      const res = {
+        ...opened.structure,
+        tables: applyTablePermissionRole(opened.structure.tables, 'tables'),
+        views: applyTablePermissionRole(opened.structure.views, 'views'),
+        procedures: applyTablePermissionRole(opened.structure.procedures, 'procedures'),
+        functions: applyTablePermissionRole(opened.structure.functions, 'functions'),
+        triggers: applyTablePermissionRole(opened.structure.triggers, 'triggers'),
+        collections: applyTablePermissionRole(opened.structure.collections, 'collections'),
+      }
+      return res;
+    }
+
     return opened.structure;
     // const existing = this.opened.find((x) => x.conid == conid && x.database == database);
     // if (existing) return existing.status;
@@ -600,7 +665,7 @@ module.exports = {
     if (!conid) {
       return null;
     }
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     if (!conid) return null;
     const opened = await this.ensureOpened(conid, database);
     return opened.serverVersion || null;
@@ -608,7 +673,7 @@ module.exports = {
 
   sqlPreview_meta: true,
   async sqlPreview({ conid, database, objects, options }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     // wait for structure
     await this.structure({ conid, database });
 
@@ -619,7 +684,7 @@ module.exports = {
 
   exportModel_meta: true,
   async exportModel({ conid, database, outputFolder, schema }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
 
     const realFolder = outputFolder.startsWith('archive:')
       ? resolveArchiveFolder(outputFolder.substring('archive:'.length))
@@ -637,7 +702,7 @@ module.exports = {
 
   exportModelSql_meta: true,
   async exportModelSql({ conid, database, outputFolder, outputFile, schema }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
 
     const connection = await connections.getCore({ conid });
     const driver = requireEngineDriver(connection);
@@ -651,7 +716,7 @@ module.exports = {
 
   generateDeploySql_meta: true,
   async generateDeploySql({ conid, database, archiveFolder }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid, database);
     const res = await this.sendRequest(opened, {
       msgtype: 'generateDeploySql',
@@ -816,17 +881,17 @@ module.exports = {
     return {
       ...(command == 'backup'
         ? driver.backupDatabaseCommand(
-            connection,
-            { outputFile, database, options, selectedTables, skippedTables, argsFormat },
-            // @ts-ignore
-            externalTools
-          )
+          connection,
+          { outputFile, database, options, selectedTables, skippedTables, argsFormat },
+          // @ts-ignore
+          externalTools
+        )
         : driver.restoreDatabaseCommand(
-            connection,
-            { inputFile, database, options, argsFormat },
-            // @ts-ignore
-            externalTools
-          )),
+          connection,
+          { inputFile, database, options, argsFormat },
+          // @ts-ignore
+          externalTools
+        )),
       transformMessage: driver.transformNativeCommandMessage
         ? message => driver.transformNativeCommandMessage(message, command)
         : null,
@@ -923,8 +988,8 @@ module.exports = {
 
   executeSessionQuery_meta: true,
   async executeSessionQuery({ sesid, conid, database, sql }, req) {
-    testConnectionPermission(conid, req);
-    logger.info({ sesid, sql }, 'Processing query');
+    await testConnectionPermission(conid, req);
+    logger.info({ sesid, sql }, 'DBGM-00010 Processing query');
     sessions.dispatchMessage(sesid, 'Query execution started');
 
     const opened = await this.ensureOpened(conid, database);
@@ -935,7 +1000,7 @@ module.exports = {
 
   evalJsonScript_meta: true,
   async evalJsonScript({ conid, database, script, runid }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid, database);
 
     opened.subprocess.send({ msgtype: 'evalJsonScript', script, runid });

packages/api/src/controllers/files.js

@@ -1,9 +1,14 @@
 const fs = require('fs-extra');
 const path = require('path');
 const crypto = require('crypto');
-const { filesdir, archivedir, resolveArchiveFolder, uploadsdir, appdir } = require('../utility/directories');
+const { filesdir, archivedir, resolveArchiveFolder, uploadsdir, appdir, jsldir } = require('../utility/directories');
 const getChartExport = require('../utility/getChartExport');
-const { hasPermission } = require('../utility/hasPermission');
+const {
+  hasPermission,
+  loadPermissionsFromRequest,
+  loadFilePermissionsFromRequest,
+  getFilePermissionRole,
+} = require('../utility/hasPermission');
 const socket = require('../utility/socket');
 const scheduler = require('./scheduler');
 const getDiagramExport = require('../utility/getDiagramExport');
@@ -13,6 +18,7 @@ const dbgateApi = require('../shell');
 const { getLogger } = require('dbgate-tools');
 const platformInfo = require('../utility/platformInfo');
 const { checkSecureFilePathsWithoutDirectory, checkSecureDirectories } = require('../utility/security');
+const { copyAppLogsIntoFile, getRecentAppLogRecords } = require('../utility/appLogStore');
 const logger = getLogger('files');
 
 function serialize(format, data) {
@@ -30,7 +36,8 @@ function deserialize(format, text) {
 module.exports = {
   list_meta: true,
   async list({ folder }, req) {
-    if (!hasPermission(`files/${folder}/read`, req)) return [];
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`files/${folder}/read`, loadedPermissions)) return [];
     const dir = path.join(filesdir(), folder);
     if (!(await fs.exists(dir))) return [];
     const files = (await fs.readdir(dir)).map(file => ({ folder, file }));
@@ -39,10 +46,11 @@ module.exports = {
 
   listAll_meta: true,
   async listAll(_params, req) {
+    const loadedPermissions = await loadPermissionsFromRequest(req);
     const folders = await fs.readdir(filesdir());
     const res = [];
     for (const folder of folders) {
-      if (!hasPermission(`files/${folder}/read`, req)) continue;
+      if (!hasPermission(`files/${folder}/read`, loadedPermissions)) continue;
       const dir = path.join(filesdir(), folder);
       const files = (await fs.readdir(dir)).map(file => ({ folder, file }));
       res.push(...files);
@@ -52,7 +60,8 @@ module.exports = {
 
   delete_meta: true,
   async delete({ folder, file }, req) {
-    if (!hasPermission(`files/${folder}/write`, req)) return false;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`files/${folder}/write`, loadedPermissions)) return false;
     if (!checkSecureFilePathsWithoutDirectory(folder, file)) {
       return false;
     }
@@ -64,7 +73,8 @@ module.exports = {
 
   rename_meta: true,
   async rename({ folder, file, newFile }, req) {
-    if (!hasPermission(`files/${folder}/write`, req)) return false;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`files/${folder}/write`, loadedPermissions)) return false;
     if (!checkSecureFilePathsWithoutDirectory(folder, file, newFile)) {
       return false;
     }
@@ -85,10 +95,11 @@ module.exports = {
 
   copy_meta: true,
   async copy({ folder, file, newFile }, req) {
+    const loadedPermissions = await loadPermissionsFromRequest(req);
     if (!checkSecureFilePathsWithoutDirectory(folder, file, newFile)) {
       return false;
     }
-    if (!hasPermission(`files/${folder}/write`, req)) return false;
+    if (!hasPermission(`files/${folder}/write`, loadedPermissions)) return false;
     await fs.copyFile(path.join(filesdir(), folder, file), path.join(filesdir(), folder, newFile));
     socket.emitChanged(`files-changed`, { folder });
     socket.emitChanged(`all-files-changed`);
@@ -112,7 +123,8 @@ module.exports = {
       });
       return deserialize(format, text);
     } else {
-      if (!hasPermission(`files/${folder}/read`, req)) return null;
+      const loadedPermissions = await loadPermissionsFromRequest(req);
+      if (!hasPermission(`files/${folder}/read`, loadedPermissions)) return null;
       const text = await fs.readFile(path.join(filesdir(), folder, file), { encoding: 'utf-8' });
       return deserialize(format, text);
     }
@@ -130,18 +142,19 @@ module.exports = {
 
   save_meta: true,
   async save({ folder, file, data, format }, req) {
+    const loadedPermissions = await loadPermissionsFromRequest(req);
     if (!checkSecureFilePathsWithoutDirectory(folder, file)) {
       return false;
     }
 
     if (folder.startsWith('archive:')) {
-      if (!hasPermission(`archive/write`, req)) return false;
+      if (!hasPermission(`archive/write`, loadedPermissions)) return false;
       const dir = resolveArchiveFolder(folder.substring('archive:'.length));
       await fs.writeFile(path.join(dir, file), serialize(format, data));
       socket.emitChanged(`archive-files-changed`, { folder: folder.substring('archive:'.length) });
       return true;
     } else if (folder.startsWith('app:')) {
-      if (!hasPermission(`apps/write`, req)) return false;
+      if (!hasPermission(`apps/write`, loadedPermissions)) return false;
       const app = folder.substring('app:'.length);
       await fs.writeFile(path.join(appdir(), app, file), serialize(format, data));
       socket.emitChanged(`app-files-changed`, { app });
@@ -149,7 +162,7 @@ module.exports = {
       apps.emitChangedDbApp(folder);
       return true;
     } else {
-      if (!hasPermission(`files/${folder}/write`, req)) return false;
+      if (!hasPermission(`files/${folder}/write`, loadedPermissions)) return false;
       const dir = path.join(filesdir(), folder);
       if (!(await fs.exists(dir))) {
         await fs.mkdir(dir);
@@ -176,7 +189,8 @@ module.exports = {
 
   favorites_meta: true,
   async favorites(_params, req) {
-    if (!hasPermission(`files/favorites/read`, req)) return [];
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`files/favorites/read`, loadedPermissions)) return [];
     const dir = path.join(filesdir(), 'favorites');
     if (!(await fs.exists(dir))) return [];
     const files = await fs.readdir(dir);
@@ -233,16 +247,17 @@ module.exports = {
 
   getFileRealPath_meta: true,
   async getFileRealPath({ folder, file }, req) {
+    const loadedPermissions = await loadPermissionsFromRequest(req);
     if (folder.startsWith('archive:')) {
-      if (!hasPermission(`archive/write`, req)) return false;
+      if (!hasPermission(`archive/write`, loadedPermissions)) return false;
       const dir = resolveArchiveFolder(folder.substring('archive:'.length));
       return path.join(dir, file);
     } else if (folder.startsWith('app:')) {
-      if (!hasPermission(`apps/write`, req)) return false;
+      if (!hasPermission(`apps/write`, loadedPermissions)) return false;
       const app = folder.substring('app:'.length);
       return path.join(appdir(), app, file);
     } else {
-      if (!hasPermission(`files/${folder}/write`, req)) return false;
+      if (!hasPermission(`files/${folder}/write`, loadedPermissions)) return false;
       const dir = path.join(filesdir(), folder);
       if (!(await fs.exists(dir))) {
         await fs.mkdir(dir);
@@ -253,7 +268,7 @@ module.exports = {
 
   createZipFromJsons_meta: true,
   async createZipFromJsons({ db, filePath }) {
-    logger.info(`Creating zip file from JSONS ${filePath}`);
+    logger.info(`DBGM-00011 Creating zip file from JSONS ${filePath}`);
     await dbgateApi.zipJsonLinesData(db, filePath);
     return true;
   },
@@ -279,7 +294,7 @@ module.exports = {
     const FOLDERS = ['sql', 'sqlite'];
     for (const folder of FOLDERS) {
       if (fileName.toLowerCase().endsWith('.' + folder)) {
-        logger.info(`Saving ${folder} file ${fileName}`);
+        logger.info(`DBGM-00012 Saving ${folder} file ${fileName}`);
         await fs.copyFile(filePath, path.join(filesdir(), folder, fileName));
 
         socket.emitChanged(`files-changed`, { folder: folder });
@@ -291,12 +306,13 @@ module.exports = {
       }
     }
 
-    throw new Error(`${fileName} doesn't have one of supported extensions: ${FOLDERS.join(', ')}`);
+    throw new Error(`DBGM-00013 ${fileName} doesn't have one of supported extensions: ${FOLDERS.join(', ')}`);
   },
 
   exportFile_meta: true,
   async exportFile({ folder, file, filePath }, req) {
-    if (!hasPermission(`files/${folder}/read`, req)) return false;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`files/${folder}/read`, loadedPermissions)) return false;
     await fs.copyFile(path.join(filesdir(), folder, file), filePath);
     return true;
   },
@@ -311,4 +327,23 @@ module.exports = {
     await fs.copyFile(sourceFilePath, targetFilePath);
     return true;
   },
+
+  fillAppLogs_meta: true,
+  async fillAppLogs({ dateFrom = 0, dateTo = new Date().getTime(), prepareForExport = false }) {
+    const jslid = crypto.randomUUID();
+    const outputFile = path.join(jsldir(), `${jslid}.jsonl`);
+    await copyAppLogsIntoFile(dateFrom, dateTo, outputFile, prepareForExport);
+    return {
+      jslid,
+    };
+  },
+
+  getRecentAppLog_meta: true,
+  getRecentAppLog({ limit }) {
+    const res = getRecentAppLogRecords();
+    if (limit) {
+      return res.slice(-limit);
+    }
+    return res;
+  },
 };

packages/api/src/controllers/plugins.js

@@ -7,7 +7,7 @@ const socket = require('../utility/socket');
 const compareVersions = require('compare-versions');
 const requirePlugin = require('../shell/requirePlugin');
 const downloadPackage = require('../utility/downloadPackage');
-const { hasPermission } = require('../utility/hasPermission');
+const { hasPermission, loadPermissionsFromRequest } = require('../utility/hasPermission');
 const _ = require('lodash');
 const packagedPluginsContent = require('../packagedPluginsContent');
 
@@ -118,7 +118,8 @@ module.exports = {
 
   install_meta: true,
   async install({ packageName }, req) {
-    if (!hasPermission(`plugins/install`, req)) return;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`plugins/install`, loadedPermissions)) return;
     const dir = path.join(pluginsdir(), packageName);
     // @ts-ignore
     if (!(await fs.exists(dir))) {
@@ -132,7 +133,8 @@ module.exports = {
 
   uninstall_meta: true,
   async uninstall({ packageName }, req) {
-    if (!hasPermission(`plugins/install`, req)) return;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`plugins/install`, loadedPermissions)) return;
     const dir = path.join(pluginsdir(), packageName);
     await fs.rmdir(dir, { recursive: true });
     socket.emitChanged(`installed-plugins-changed`);
@@ -143,7 +145,8 @@ module.exports = {
 
   upgrade_meta: true,
   async upgrade({ packageName }, req) {
-    if (!hasPermission(`plugins/install`, req)) return;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission(`plugins/install`, loadedPermissions)) return;
     const dir = path.join(pluginsdir(), packageName);
     // @ts-ignore
     if (await fs.exists(dir)) {

packages/api/src/controllers/runners.js

@@ -21,6 +21,7 @@ const processArgs = require('../utility/processArgs');
 const platformInfo = require('../utility/platformInfo');
 const { checkSecureDirectories, checkSecureDirectoriesInScript } = require('../utility/security');
 const { sendToAuditLog, logJsonRunnerScript } = require('../utility/auditlog');
+const { testStandardPermission } = require('../utility/hasPermission');
 const logger = getLogger('runners');
 
 function extractPlugins(script) {
@@ -48,7 +49,7 @@ require=null;
 async function run() {
 ${script}
 await dbgateApi.finalizer.run();
-logger.info('Finished job script');
+logger.info('DBGM-00014 Finished job script');
 }
 dbgateApi.runScript(run);
 `;
@@ -74,7 +75,8 @@ module.exports = {
 
   dispatchMessage(runid, message) {
     if (message) {
-      if (_.isPlainObject(message)) logger.log(message);
+      if (_.isPlainObject(message))
+        logger.log({ ...message, msg: message.msg || message.message || '', message: undefined });
       else logger.info(message);
 
       const toEmit = _.isPlainObject(message)
@@ -132,7 +134,7 @@ module.exports = {
     const pluginNames = extractPlugins(scriptText);
     // console.log('********************** SCRIPT TEXT **********************');
     // console.log(scriptText);
-    logger.info({ scriptFile }, 'Running script');
+    logger.info({ scriptFile }, 'DBGM-00015 Running script');
     // const subprocess = fork(scriptFile, ['--checkParent', '--max-old-space-size=8192'], {
     const subprocess = fork(
       scriptFile,
@@ -171,7 +173,7 @@ module.exports = {
     subprocess.on('exit', code => {
       // console.log('... EXITED', code);
       this.rejectRequest(runid, { message: 'No data returned, maybe input data source is too big' });
-      logger.info({ code, pid: subprocess.pid }, 'Exited process');
+      logger.info({ code, pid: subprocess.pid }, 'DBGM-00016 Exited process');
       socket.emit(`runner-done-${runid}`, code);
       this.opened = this.opened.filter(x => x.runid != runid);
     });
@@ -222,7 +224,7 @@ module.exports = {
 
     subprocess.on('exit', code => {
       console.log('... EXITED', code);
-      logger.info({ code, pid: subprocess.pid }, 'Exited process');
+      logger.info({ code, pid: subprocess.pid }, 'DBGM-00017 Exited process');
       this.dispatchMessage(runid, `Finished external process with code ${code}`);
       socket.emit(`runner-done-${runid}`, code);
       if (onFinished) {
@@ -258,7 +260,7 @@ module.exports = {
           severity: 'error',
           message: extractErrorMessage(err),
         });
-        logger.error(extractErrorLogData(err), 'Caught error on stdin');
+        logger.error(extractErrorLogData(err), 'DBGM-00118 Caught error on stdin');
       });
     }
 
@@ -272,6 +274,8 @@ module.exports = {
 
   start_meta: true,
   async start({ script }, req) {
+    await testStandardPermission('run-shell-script', req);
+    
     const runid = crypto.randomUUID();
 
     if (script.type == 'json') {

packages/api/src/controllers/scheduler.js

@@ -3,7 +3,7 @@ const fs = require('fs-extra');
 const path = require('path');
 const cron = require('node-cron');
 const runners = require('./runners');
-const { hasPermission } = require('../utility/hasPermission');
+const { hasPermission, loadPermissionsFromRequest } = require('../utility/hasPermission');
 const { getLogger } = require('dbgate-tools');
 
 const logger = getLogger('scheduler');
@@ -24,13 +24,14 @@ module.exports = {
     if (!match) return;
     const pattern = match[1];
     if (!cron.validate(pattern)) return;
-    logger.info(`Schedule script ${file} with pattern ${pattern}`);
+    logger.info(`DBGM-00018 Schedule script ${file} with pattern ${pattern}`);
     const task = cron.schedule(pattern, () => runners.start({ script: text }));
     this.tasks.push(task);
   },
 
   async reload(_params, req) {
-    if (!hasPermission('files/shell/read', req)) return;
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+    if (!hasPermission('files/shell/read', loadedPermissions)) return;
     const shellDir = path.join(filesdir(), 'shell');
     await this.unload();
     if (!(await fs.exists(shellDir))) return;

packages/api/src/controllers/serverConnections.js

@@ -8,7 +8,13 @@ const { handleProcessCommunication } = require('../utility/processComm');
 const lock = new AsyncLock();
 const config = require('./config');
 const processArgs = require('../utility/processArgs');
-const { testConnectionPermission } = require('../utility/hasPermission');
+const {
+  testConnectionPermission,
+  loadPermissionsFromRequest,
+  hasPermission,
+  loadDatabasePermissionsFromRequest,
+  getDatabasePermissionRole,
+} = require('../utility/hasPermission');
 const { MissingCredentialsError } = require('../utility/exceptions');
 const pipeForkLogs = require('../utility/pipeForkLogs');
 const { getLogger, extractErrorLogData } = require('dbgate-tools');
@@ -103,7 +109,7 @@ module.exports = {
         this.close(conid, false);
       });
       subprocess.on('error', err => {
-        logger.error(extractErrorLogData(err), 'Error in server connection subprocess');
+        logger.error(extractErrorLogData(err), 'DBGM-00119 Error in server connection subprocess');
         if (newOpened.disconnected) return;
         this.close(conid, false);
       });
@@ -121,7 +127,7 @@ module.exports = {
         try {
           existing.subprocess.kill();
         } catch (err) {
-          logger.error(extractErrorLogData(err), 'Error killing subprocess');
+          logger.error(extractErrorLogData(err), 'DBGM-00120 Error killing subprocess');
         }
       }
       this.opened = this.opened.filter(x => x.conid != conid);
@@ -135,7 +141,7 @@ module.exports = {
 
   disconnect_meta: true,
   async disconnect({ conid }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     await this.close(conid, true);
     return { status: 'ok' };
   },
@@ -144,7 +150,9 @@ module.exports = {
   async listDatabases({ conid }, req) {
     if (!conid) return [];
     if (conid == '__model') return [];
-    testConnectionPermission(conid, req);
+    const loadedPermissions = await loadPermissionsFromRequest(req);
+
+    await testConnectionPermission(conid, req, loadedPermissions);
     const opened = await this.ensureOpened(conid);
     sendToAuditLog(req, {
       category: 'serverop',
@@ -157,12 +165,29 @@ module.exports = {
       sessionGroup: 'listDatabases',
       message: `Loaded databases for connection`,
     });
+
+    if (process.env.STORAGE_DATABASE && !hasPermission(`all-databases`, loadedPermissions)) {
+      // filter databases by permissions
+      const databasePermissions = await loadDatabasePermissionsFromRequest(req);
+      const res = [];
+      for (const db of opened?.databases ?? []) {
+        const databasePermissionRole = getDatabasePermissionRole(db.id, db.name, databasePermissions);
+        if (databasePermissionRole != 'deny') {
+          res.push({
+            ...db,
+            databasePermissionRole,
+          });
+        }
+      }
+      return res;
+    }
+
     return opened?.databases ?? [];
   },
 
   version_meta: true,
   async version({ conid }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid);
     return opened?.version ?? null;
   },
@@ -191,7 +216,7 @@ module.exports = {
         try {
           opened.subprocess.send({ msgtype: 'ping' });
         } catch (err) {
-          logger.error(extractErrorLogData(err), 'Error pinging server connection');
+          logger.error(extractErrorLogData(err), 'DBGM-00121 Error pinging server connection');
           this.close(conid);
         }
       })
@@ -202,7 +227,7 @@ module.exports = {
 
   refresh_meta: true,
   async refresh({ conid, keepOpen }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     if (!keepOpen) this.close(conid);
 
     await this.ensureOpened(conid);
@@ -210,7 +235,7 @@ module.exports = {
   },
 
   async sendDatabaseOp({ conid, msgtype, name }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid);
     if (!opened) {
       return null;
@@ -244,7 +269,7 @@ module.exports = {
       try {
         conn.subprocess.send({ msgid, ...message });
       } catch (err) {
-        logger.error(extractErrorLogData(err), 'Error sending request');
+        logger.error(extractErrorLogData(err), 'DBGM-00122 Error sending request');
         this.close(conn.conid);
       }
     });
@@ -252,7 +277,7 @@ module.exports = {
   },
 
   async loadDataCore(msgtype, { conid, ...args }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid);
     if (!opened) {
       return null;
@@ -270,13 +295,43 @@ module.exports = {
 
   serverSummary_meta: true,
   async serverSummary({ conid }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
+    logger.info({ conid }, 'DBGM-00260 Processing server summary');
     return this.loadDataCore('serverSummary', { conid });
   },
 
+  listDatabaseProcesses_meta: true,
+  async listDatabaseProcesses(ctx, req) {
+    const { conid } = ctx;
+    // logger.info({ conid }, 'DBGM-00261 Listing processes of database server');
+    testConnectionPermission(conid, req);
+
+    const opened = await this.ensureOpened(conid);
+    if (!opened) {
+      return null;
+    }
+    if (opened.connection.isReadOnly) return false;
+
+    return this.sendRequest(opened, { msgtype: 'listDatabaseProcesses' });
+  },
+
+  killDatabaseProcess_meta: true,
+  async killDatabaseProcess(ctx, req) {
+    const { conid, pid } = ctx;
+    testConnectionPermission(conid, req);
+
+    const opened = await this.ensureOpened(conid);
+    if (!opened) {
+      return null;
+    }
+    if (opened.connection.isReadOnly) return false;
+
+    return this.sendRequest(opened, { msgtype: 'killDatabaseProcess', pid });
+  },
+
   summaryCommand_meta: true,
   async summaryCommand({ conid, command, row }, req) {
-    testConnectionPermission(conid, req);
+    await testConnectionPermission(conid, req);
     const opened = await this.ensureOpened(conid);
     if (!opened) {
       return null;

packages/api/src/controllers/sessions.js

@@ -8,10 +8,13 @@ const path = require('path');
 const { handleProcessCommunication } = require('../utility/processComm');
 const processArgs = require('../utility/processArgs');
 const { appdir } = require('../utility/directories');
-const { getLogger, extractErrorLogData } = require('dbgate-tools');
+const { getLogger, extractErrorLogData, removeSqlFrontMatter } = require('dbgate-tools');
 const pipeForkLogs = require('../utility/pipeForkLogs');
 const config = require('./config');
 const { sendToAuditLog } = require('../utility/auditlog');
+const { testStandardPermission, testDatabaseRolePermission } = require('../utility/hasPermission');
+const { getStaticTokenSecret } = require('../auth/authCommon');
+const jwt = require('jsonwebtoken');
 
 const logger = getLogger('sessions');
 
@@ -148,10 +151,23 @@ module.exports = {
 
   executeQuery_meta: true,
   async executeQuery({ sesid, sql, autoCommit, autoDetectCharts, limitRows, frontMatter }, req) {
+    let useTokenIsOk = false;
+    if (frontMatter?.useToken) {
+      const decoded = jwt.verify(frontMatter.useToken, getStaticTokenSecret());
+      if (decoded?.['contentHash'] == crypto.createHash('md5').update(removeSqlFrontMatter(sql)).digest('hex')) {
+        useTokenIsOk = true;
+      }
+    }
+    if (!useTokenIsOk) {
+      await testStandardPermission('dbops/query', req);
+    }
     const session = this.opened.find(x => x.sesid == sesid);
     if (!session) {
       throw new Error('Invalid session');
     }
+    if (!useTokenIsOk) {
+      await testDatabaseRolePermission(session.conid, session.database, 'run_script', req);
+    }
 
     sendToAuditLog(req, {
       category: 'dbop',
@@ -165,7 +181,7 @@ module.exports = {
       message: 'Executing query',
     });
 
-    logger.info({ sesid, sql }, 'Processing query');
+    logger.info({ sesid, sql }, 'DBGM-00019 Processing query');
     this.dispatchMessage(sesid, 'Query execution started');
     session.subprocess.send({
       msgtype: 'executeQuery',
@@ -186,7 +202,7 @@ module.exports = {
       throw new Error('Invalid session');
     }
 
-    logger.info({ sesid, command }, 'Processing control command');
+    logger.info({ sesid, command }, 'DBGM-00020 Processing control command');
     this.dispatchMessage(sesid, `${_.startCase(command)} started`);
     session.subprocess.send({ msgtype: 'executeControlCommand', command });
 
@@ -224,7 +240,7 @@ module.exports = {
       throw new Error('Invalid session');
     }
 
-    logger.info({ sesid }, 'Starting profiler');
+    logger.info({ sesid }, 'DBGM-00021 Starting profiler');
     session.loadingReader_jslid = jslid;
     session.subprocess.send({ msgtype: 'startProfiler', jslid });
 
@@ -271,7 +287,7 @@ module.exports = {
     try {
       session.subprocess.send({ msgtype: 'ping' });
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error pinging session');
+      logger.error(extractErrorLogData(err), 'DBGM-00145 Error pinging session');
 
       return {
         status: 'error',

packages/api/src/controllers/storage.js

@@ -13,10 +13,6 @@ module.exports = {
     return null;
   },
 
-  async loadSuperadminPermissions() {
-    return [];
-  },
-
   getConnectionsForLoginPage_meta: true,
   async getConnectionsForLoginPage() {
     return null;

packages/api/src/controllers/teamFiles.js

@@ -0,0 +1,6 @@
+module.exports = {
+  list_meta: true,
+  async list(req) {
+    return [];
+  },
+};

packages/api/src/controllers/uploads.js

@@ -1,19 +1,8 @@
 const crypto = require('crypto');
 const path = require('path');
-const { uploadsdir, getLogsFilePath, filesdir } = require('../utility/directories');
-const { getLogger, extractErrorLogData } = require('dbgate-tools');
+const { uploadsdir } = require('../utility/directories');
+const { getLogger } = require('dbgate-tools');
 const logger = getLogger('uploads');
-const axios = require('axios');
-const os = require('os');
-const fs = require('fs/promises');
-const { read } = require('./queryHistory');
-const platformInfo = require('../utility/platformInfo');
-const _ = require('lodash');
-const serverConnections = require('./serverConnections');
-const config = require('./config');
-const gistSecret = require('../gistSecret');
-const currentVersion = require('../currentVersion');
-const socket = require('../utility/socket');
 
 module.exports = {
   upload_meta: {
@@ -28,7 +17,7 @@ module.exports = {
     }
     const uploadName = crypto.randomUUID();
     const filePath = path.join(uploadsdir(), uploadName);
-    logger.info(`Uploading file ${data.name}, size=${data.size}`);
+    logger.info(`DBGM-00025 Uploading file ${data.name}, size=${data.size}`);
 
     data.mv(filePath, () => {
       res.json({
@@ -51,88 +40,70 @@ module.exports = {
     res.sendFile(path.join(uploadsdir(), req.query.file));
   },
 
-  async getGistToken() {
-    const settings = await config.getSettings();
+//   uploadErrorToGist_meta: true,
+//   async uploadErrorToGist() {
+//     const logs = await fs.readFile(getLogsFilePath(), { encoding: 'utf-8' });
+//     const connections = await serverConnections.getOpenedConnectionReport();
+//     try {
+//       const response = await axios.default.post(
+//         'https://api.github.com/gists',
+//         {
+//           description: `DbGate ${currentVersion.version} error report`,
+//           public: false,
+//           files: {
+//             'logs.jsonl': {
+//               content: logs,
+//             },
+//             'os.json': {
+//               content: JSON.stringify(
+//                 {
+//                   release: os.release(),
+//                   arch: os.arch(),
+//                   machine: os.machine(),
+//                   platform: os.platform(),
+//                   type: os.type(),
+//                 },
+//                 null,
+//                 2
+//               ),
+//             },
+//             'platform.json': {
+//               content: JSON.stringify(
+//                 _.omit(
+//                   {
+//                     ...platformInfo,
+//                   },
+//                   ['defaultKeyfile', 'sshAuthSock']
+//                 ),
+//                 null,
+//                 2
+//               ),
+//             },
+//             'connections.json': {
+//               content: JSON.stringify(connections, null, 2),
+//             },
+//             'version.json': {
+//               content: JSON.stringify(currentVersion, null, 2),
+//             },
+//           },
+//         },
+//         {
+//           headers: {
+//             Authorization: `token ${await this.getGistToken()}`,
+//             'Content-Type': 'application/json',
+//             Accept: 'application/vnd.github.v3+json',
+//           },
+//         }
+//       );
 
-    return settings['other.gistCreateToken'] || gistSecret;
-  },
+//       return response.data;
+//     } catch (err) {
+//       logger.error(extractErrorLogData(err), 'DBGM-00148 Error uploading gist');
 
-  uploadErrorToGist_meta: true,
-  async uploadErrorToGist() {
-    const logs = await fs.readFile(getLogsFilePath(), { encoding: 'utf-8' });
-    const connections = await serverConnections.getOpenedConnectionReport();
-    try {
-      const response = await axios.default.post(
-        'https://api.github.com/gists',
-        {
-          description: `DbGate ${currentVersion.version} error report`,
-          public: false,
-          files: {
-            'logs.jsonl': {
-              content: logs,
-            },
-            'os.json': {
-              content: JSON.stringify(
-                {
-                  release: os.release(),
-                  arch: os.arch(),
-                  machine: os.machine(),
-                  platform: os.platform(),
-                  type: os.type(),
-                },
-                null,
-                2
-              ),
-            },
-            'platform.json': {
-              content: JSON.stringify(
-                _.omit(
-                  {
-                    ...platformInfo,
-                  },
-                  ['defaultKeyfile', 'sshAuthSock']
-                ),
-                null,
-                2
-              ),
-            },
-            'connections.json': {
-              content: JSON.stringify(connections, null, 2),
-            },
-            'version.json': {
-              content: JSON.stringify(currentVersion, null, 2),
-            },
-          },
-        },
-        {
-          headers: {
-            Authorization: `token ${await this.getGistToken()}`,
-            'Content-Type': 'application/json',
-            Accept: 'application/vnd.github.v3+json',
-          },
-        }
-      );
-
-      return response.data;
-    } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error uploading gist');
-
-      return {
-        apiErrorMessage: err.message,
-      };
-      // console.error('Error creating gist:', error.response ? error.response.data : error.message);
-    }
-  },
-
-  deleteGist_meta: true,
-  async deleteGist({ url }) {
-    const response = await axios.default.delete(url, {
-      headers: {
-        Authorization: `token ${await this.getGistToken()}`,
-        'Content-Type': 'application/json',
-        Accept: 'application/vnd.github.v3+json',
-      },
-    });
-    return true;
-  },
+//       return {
+//         apiErrorMessage: err.message,
+//       };
+//       // console.error('Error creating gist:', error.response ? error.response.data : error.message);
+//     }
+//   },
 };

packages/api/src/gistSecret.js

@@ -1 +0,0 @@
-module.exports = process.env.GIST_UPLOAD_SECRET;

packages/api/src/index.js

@@ -5,11 +5,12 @@ const moment = require('moment');
 const path = require('path');
 const { logsdir, setLogsFilePath, getLogsFilePath } = require('./utility/directories');
 const currentVersion = require('./currentVersion');
+const _ = require('lodash');
 
 const logger = getLogger('apiIndex');
 
 process.on('uncaughtException', err => {
-  logger.fatal(extractErrorLogData(err), 'Uncaught exception, exiting process');
+  logger.fatal(extractErrorLogData(err), 'DBGM-00259 Uncaught exception, exiting process');
   process.exit(1);
 });
 
@@ -33,6 +34,9 @@ if (processArgs.processDisplayName) {
 // }
 
 function configureLogger() {
+  const { initializeRecentLogProvider, pushToRecentLogs } = require('./utility/appLogStore');
+  initializeRecentLogProvider();
+
   const logsFilePath = path.join(logsdir(), `${moment().format('YYYY-MM-DD-HH-mm')}-${process.pid}.ndjson`);
   setLogsFilePath(logsFilePath);
   setLoggerName('main');
@@ -40,6 +44,8 @@ function configureLogger() {
   const consoleLogLevel = process.env.CONSOLE_LOG_LEVEL || process.env.LOG_LEVEL || 'info';
   const fileLogLevel = process.env.FILE_LOG_LEVEL || process.env.LOG_LEVEL || 'debug';
 
+  const streamsByDatePart = {};
+
   const logConfig = {
     base: { pid: process.pid },
     targets: [
@@ -49,10 +55,35 @@ function configureLogger() {
         level: consoleLogLevel,
       },
       {
-        type: 'stream',
+        type: 'objstream',
         // @ts-ignore
         level: fileLogLevel,
-        stream: fs.createWriteStream(logsFilePath, { flags: 'a' }),
+        objstream: {
+          send(msg) {
+            const datePart = moment(msg.time).format('YYYY-MM-DD');
+            if (!streamsByDatePart[datePart]) {
+              streamsByDatePart[datePart] = fs.createWriteStream(
+                path.join(logsdir(), `${moment().format('YYYY-MM-DD-HH-mm')}-${process.pid}.ndjson`),
+                { flags: 'a' }
+              );
+            }
+            const additionals = {};
+            const finalMsg =
+              _.isString(msg.msg) && msg.msg.match(/^DBGM-\d\d\d\d\d/)
+                ? {
+                    ...msg,
+                    msg: msg.msg.substring(10).trimStart(),
+                    msgcode: msg.msg.substring(0, 10),
+                    ...additionals,
+                  }
+                : {
+                    ...msg,
+                    ...additionals,
+                  };
+            streamsByDatePart[datePart].write(`${JSON.stringify(finalMsg)}\n`);
+            pushToRecentLogs(finalMsg);
+          },
+        },
       },
     ],
   };
@@ -101,10 +132,10 @@ function configureLogger() {
 
 if (processArgs.listenApi) {
   configureLogger();
-  logger.info(`Starting API process version ${currentVersion.version}`);
+  logger.info(`DBGM-00026 Starting API process version ${currentVersion.version}`);
 
   if (process.env.DEBUG_PRINT_ENV_VARIABLES) {
-    logger.info('Debug print environment variables:');
+    logger.info('DBGM-00027 Debug print environment variables:');
     for (const key of Object.keys(process.env)) {
       logger.info(`  ${key}: ${JSON.stringify(process.env[key])}`);
     }

packages/api/src/main.js

@@ -6,6 +6,7 @@ const http = require('http');
 const cors = require('cors');
 const getPort = require('get-port');
 const path = require('path');
+const fs = require('fs/promises');
 
 const useController = require('./utility/useController');
 const socket = require('./utility/socket');
@@ -28,6 +29,8 @@ const files = require('./controllers/files');
 const scheduler = require('./controllers/scheduler');
 const queryHistory = require('./controllers/queryHistory');
 const cloud = require('./controllers/cloud');
+const teamFiles = require('./controllers/teamFiles');
+
 const onFinished = require('on-finished');
 const processArgs = require('./utility/processArgs');
 
@@ -44,6 +47,48 @@ const { startCloudFiles } = require('./utility/cloudIntf');
 
 const logger = getLogger('main');
 
+function registerExpressStatic(app, publicDir) {
+  app.get([getExpressPath('/'), getExpressPath('/*.html')], async (req, res, next) => {
+    try {
+      const relPath = req.path === getExpressPath('/') ? '/index.html' : req.path;
+      const filePath = path.join(publicDir, relPath);
+
+      let html = await fs.readFile(filePath, 'utf8');
+
+      if (process.env.DBGATE_GTM_ID) {
+        html = html.replace(
+          /<!--HEAD_SCRIPT-->/g,
+          `<!-- Google Tag Manager -->
+<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
+    new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
+    j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
+    'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
+    })(window,document,'script','dataLayer','${process.env.DBGATE_GTM_ID}');</script>
+    <!-- End Google Tag Manager -->`
+        );
+        html = html.replace(
+          /<!--BODY_SCRIPT-->/g,
+          process.env.PAGE_BODY_SCRIPT ??
+            `<!-- Google Tag Manager (noscript) -->
+<noscript><iframe src="https://www.googletagmanager.com/ns.html?id=${process.env.DBGATE_GTM_ID}" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>
+<!-- End Google Tag Manager (noscript) -->`
+        );
+      } else {
+        html = html.replace(/<!--HEAD_SCRIPT-->/g, process.env.PAGE_HEAD_SCRIPT ?? '');
+        html = html.replace(/<!--BODY_SCRIPT-->/g, process.env.PAGE_BODY_SCRIPT ?? '');
+      }
+
+      res.type('html').send(html);
+    } catch (err) {
+      if (err.code === 'ENOENT') return next();
+      next(err);
+    }
+  });
+
+  // 2) Static assets for everything else (css/js/images/etc.)
+  app.use(getExpressPath('/'), express.static(publicDir));
+}
+
 function start() {
   // console.log('process.argv', process.argv);
 
@@ -78,22 +123,18 @@ function start() {
 
   if (platformInfo.isDocker) {
     // server static files inside docker container
-    app.use(getExpressPath('/'), express.static('/home/dbgate-docker/public'));
+    registerExpressStatic(app, '/home/dbgate-docker/public');
   } else if (platformInfo.isAwsUbuntuLayout) {
-    app.use(getExpressPath('/'), express.static('/home/ubuntu/build/public'));
+    registerExpressStatic(app, '/home/dbgate-docker/public');
+    registerExpressStatic(app, '/home/ubuntu/build/public');
   } else if (platformInfo.isAzureUbuntuLayout) {
-    app.use(getExpressPath('/'), express.static('/home/azureuser/build/public'));
+    registerExpressStatic(app, '/home/azureuser/build/public');
   } else if (processArgs.runE2eTests) {
-    app.use(getExpressPath('/'), express.static(path.resolve('packer/build/public')));
+    registerExpressStatic(app, path.resolve('packer/build/public'));
   } else if (platformInfo.isNpmDist) {
-    app.use(
-      getExpressPath('/'),
-      express.static(path.join(__dirname, isProApp() ? '../../dbgate-web-premium/public' : '../../dbgate-web/public'))
-    );
+    registerExpressStatic(app, path.join(__dirname, isProApp() ? '../../dbgate-web-premium/public' : '../../dbgate-web/public'));
   } else if (process.env.DEVWEB) {
-    // console.log('__dirname', __dirname);
-    // console.log(path.join(__dirname, '../../web/public/build'));
-    app.use(getExpressPath('/'), express.static(path.join(__dirname, '../../web/public')));
+    registerExpressStatic(app, path.join(__dirname, '../../web/public'));
   } else {
     app.get(getExpressPath('/'), (req, res) => {
       res.send('DbGate API');
@@ -152,15 +193,15 @@ function start() {
 
   if (platformInfo.isDocker) {
     const port = process.env.PORT || 3000;
-    logger.info(`DbGate API listening on port ${port} (docker build)`);
+    logger.info(`DBGM-00028 DbGate API listening on port ${port} (docker build)`);
     server.listen(port);
   } else if (platformInfo.isAwsUbuntuLayout) {
     const port = process.env.PORT || 3000;
-    logger.info(`DbGate API listening on port ${port} (AWS AMI build)`);
+    logger.info(`DBGM-00029 DbGate API listening on port ${port} (AWS AMI build)`);
     server.listen(port);
   } else if (platformInfo.isAzureUbuntuLayout) {
     const port = process.env.PORT || 3000;
-    logger.info(`DbGate API listening on port ${port} (Azure VM build)`);
+    logger.info(`DBGM-00030 DbGate API listening on port ${port} (Azure VM build)`);
     server.listen(port);
   } else if (platformInfo.isNpmDist) {
     getPort({
@@ -170,27 +211,27 @@ function start() {
       ),
     }).then(port => {
       server.listen(port, () => {
-        logger.info(`DbGate API listening on port ${port} (NPM build)`);
+        logger.info(`DBGM-00031 DbGate API listening on port ${port} (NPM build)`);
       });
     });
   } else if (process.env.DEVWEB) {
     const port = process.env.PORT || 3000;
-    logger.info(`DbGate API & web listening on port ${port} (dev web build)`);
+    logger.info(`DBGM-00032 DbGate API & web listening on port ${port} (dev web build)`);
     server.listen(port);
   } else {
     const port = process.env.PORT || 3000;
-    logger.info(`DbGate API listening on port ${port} (dev API build)`);
+    logger.info(`DBGM-00033 DbGate API listening on port ${port} (dev API build)`);
     server.listen(port);
   }
 
   function shutdown() {
-    logger.info('\nShutting down DbGate API server');
+    logger.info('DBGM-00034 Shutting down DbGate API server');
     server.close(() => {
-      logger.info('Server shut down, terminating');
+      logger.info('DBGM-00035 Server shut down, terminating');
       process.exit(0);
     });
     setTimeout(() => {
-      logger.info('Server close timeout, terminating');
+      logger.info('DBGM-00036 Server close timeout, terminating');
       process.exit(0);
     }, 1000);
   }
@@ -225,6 +266,7 @@ function useAllControllers(app, electron) {
   useController(app, electron, '/apps', apps);
   useController(app, electron, '/auth', auth);
   useController(app, electron, '/cloud', cloud);
+  useController(app, electron, '/team-files', teamFiles);
 }
 
 function setElectronSender(electronSender) {

packages/api/src/proc/databaseConnectionProcess.js

@@ -6,7 +6,6 @@ const {
   extractIntSettingsValue,
   getLogger,
   isCompositeDbName,
-  dbNameLogCategory,
   extractErrorMessage,
   extractErrorLogData,
   ScriptWriterEval,
@@ -18,13 +17,14 @@ const requireEngineDriver = require('../utility/requireEngineDriver');
 const { connectUtility } = require('../utility/connectUtility');
 const { handleProcessCommunication } = require('../utility/processComm');
 const generateDeploySql = require('../shell/generateDeploySql');
-const { dumpSqlSelect } = require('dbgate-sqltree');
+const { dumpSqlSelect, scriptToSql } = require('dbgate-sqltree');
 const { allowExecuteCustomScript, handleQueryStream } = require('../utility/handleQueryStream');
 const dbgateApi = require('../shell');
 const requirePlugin = require('../shell/requirePlugin');
 const path = require('path');
 const { rundir } = require('../utility/directories');
 const fs = require('fs-extra');
+const { changeSetToSql } = require('dbgate-datalib');
 
 const logger = getLogger('dbconnProcess');
 
@@ -45,6 +45,14 @@ function getStatusCounter() {
   return statusCounter;
 }
 
+function getLogInfo() {
+  return {
+    database: dbhan ? dbhan.database : undefined,
+    conid: dbhan ? dbhan.conid : undefined,
+    engine: storedConnection ? storedConnection.engine : undefined,
+  };
+}
+
 async function checkedAsyncCall(promise) {
   try {
     const res = await promise;
@@ -131,10 +139,10 @@ async function readVersion() {
   const driver = requireEngineDriver(storedConnection);
   try {
     const version = await driver.getVersion(dbhan);
-    logger.debug(`Got server version: ${version.version}`);
+    logger.debug(getLogInfo(), `DBGM-00037 Got server version: ${version.version}`);
     serverVersion = version;
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Error getting DB server version');
+    logger.error(extractErrorLogData(err, getLogInfo()), 'DBGM-00149 Error getting DB server version');
     serverVersion = { version: 'Unknown' };
   }
   process.send({ msgtype: 'version', version: serverVersion });
@@ -148,9 +156,8 @@ async function handleConnect({ connection, structure, globalSettings }) {
   const driver = requireEngineDriver(storedConnection);
   dbhan = await checkedAsyncCall(connectUtility(driver, storedConnection, 'app'));
   logger.debug(
-    `Connected to database, driver: ${storedConnection.engine}, separate schemas: ${
-      storedConnection.useSeparateSchemas ? 'YES' : 'NO'
-    }, 'DB: ${dbNameLogCategory(dbhan.database)} }`
+    getLogInfo(),
+    `DBGM-00038 Connected to database, separate schemas: ${storedConnection.useSeparateSchemas ? 'YES' : 'NO'}`
   );
   dbhan.feedback = feedback => setStatus({ feedback });
   await checkedAsyncCall(readVersion());
@@ -257,13 +264,16 @@ async function handleDriverDataCore(msgid, callMethod, { logName }) {
     const result = await callMethod(driver);
     process.send({ msgtype: 'response', msgid, result: serializeJsTypesForJsonStringify(result) });
   } catch (err) {
-    logger.error(extractErrorLogData(err, { logName }), `Error when handling message ${logName}`);
+    logger.error(
+      extractErrorLogData(err, { logName, ...getLogInfo() }),
+      `DBGM-00150 Error when handling message ${logName}`
+    );
     process.send({ msgtype: 'response', msgid, errorMessage: extractErrorMessage(err, 'Error executing DB data') });
   }
 }
 
 async function handleSchemaList({ msgid }) {
-  logger.debug('Loading schema list');
+  logger.debug(getLogInfo(), 'DBGM-00039 Loading schema list');
   return handleDriverDataCore(msgid, driver => driver.listSchemas(dbhan), { logName: 'listSchemas' });
 }
 
@@ -339,6 +349,25 @@ async function handleUpdateCollection({ msgid, changeSet }) {
   }
 }
 
+async function handleSaveTableData({ msgid, changeSet }) {
+  await waitStructure();
+  try {
+    const driver = requireEngineDriver(storedConnection);
+    const script = driver.createSaveChangeSetScript(changeSet, analysedStructure, () =>
+      changeSetToSql(changeSet, analysedStructure, driver.dialect)
+    );
+    const sql = scriptToSql(driver, script);
+    await driver.script(dbhan, sql, { useTransaction: true });
+    process.send({ msgtype: 'response', msgid });
+  } catch (err) {
+    process.send({
+      msgtype: 'response',
+      msgid,
+      errorMessage: extractErrorMessage(err, 'Error executing SQL script'),
+    });
+  }
+}
+
 async function handleSqlPreview({ msgid, objects, options }) {
   await waitStructure();
   const driver = requireEngineDriver(storedConnection);
@@ -351,7 +380,7 @@ async function handleSqlPreview({ msgid, objects, options }) {
     process.send({ msgtype: 'response', msgid, sql: dmp.s, isTruncated: generator.isTruncated });
     if (generator.isUnhandledException) {
       setTimeout(async () => {
-        logger.error('Exiting because of unhandled exception');
+        logger.error(getLogInfo(), 'DBGM-00151 Exiting because of unhandled exception');
         await driver.close(dbhan);
         process.exit(0);
       }, 500);
@@ -455,6 +484,7 @@ const messageHandlers = {
   runScript: handleRunScript,
   runOperation: handleRunOperation,
   updateCollection: handleUpdateCollection,
+  saveTableData: handleSaveTableData,
   collectionData: handleCollectionData,
   loadKeys: handleLoadKeys,
   scanKeys: handleScanKeys,
@@ -485,7 +515,7 @@ function start() {
   setInterval(async () => {
     const time = new Date().getTime();
     if (time - lastPing > 40 * 1000) {
-      logger.info('Database connection not alive, exiting');
+      logger.info(getLogInfo(), 'DBGM-00040 Database connection not alive, exiting');
       const driver = requireEngineDriver(storedConnection);
       await driver.close(dbhan);
       process.exit(0);
@@ -497,10 +527,10 @@ function start() {
     try {
       await handleMessage(message);
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error in DB connection');
+      logger.error(extractErrorLogData(err, getLogInfo()), 'DBGM-00041 Error in DB connection');
       process.send({
         msgtype: 'error',
-        error: extractErrorMessage(err, 'Error processing message'),
+        error: extractErrorMessage(err, 'DBGM-00042 Error processing message'),
         msgid: message?.msgid,
       });
     }

packages/api/src/proc/serverConnectionProcess.js

@@ -39,7 +39,7 @@ async function handleRefresh() {
       name: 'error',
       message: err.message,
     });
-    logger.error(extractErrorLogData(err), 'Error refreshing server databases');
+    logger.error(extractErrorLogData(err), 'DBGM-00152 Error refreshing server databases');
     setTimeout(() => process.exit(1), 1000);
   }
 }
@@ -50,7 +50,7 @@ async function readVersion() {
   try {
     version = await driver.getVersion(dbhan);
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Error getting DB server version');
+    logger.error(extractErrorLogData(err), 'DBGM-00153 Error getting DB server version');
     version = { version: 'Unknown' };
   }
   process.send({ msgtype: 'version', version });
@@ -90,7 +90,7 @@ async function handleConnect(connection) {
       name: 'error',
       message: err.message,
     });
-    logger.error(extractErrorLogData(err), 'Error connecting to server');
+    logger.error(extractErrorLogData(err), 'DBGM-00154 Error connecting to server');
     setTimeout(() => process.exit(1), 1000);
   }
 
@@ -120,7 +120,7 @@ async function handleDatabaseOp(op, { msgid, name }) {
     } else {
       const dmp = driver.createDumper();
       dmp[op](name);
-      logger.info({ sql: dmp.s }, 'Running script');
+      logger.info({ sql: dmp.s }, 'DBGM-00043 Running script');
       await driver.query(dbhan, dmp.s, { discardResult: true });
     }
     await handleRefresh();
@@ -146,6 +146,30 @@ async function handleServerSummary({ msgid }) {
   return handleDriverDataCore(msgid, driver => driver.serverSummary(dbhan));
 }
 
+async function handleKillDatabaseProcess({ msgid, pid }) {
+  await waitConnected();
+  const driver = requireEngineDriver(storedConnection);
+
+  try {
+    const result = await driver.killProcess(dbhan, Number(pid));
+    process.send({ msgtype: 'response', msgid, result });
+  } catch (err) {
+    process.send({ msgtype: 'response', msgid, errorMessage: err.message });
+  }
+}
+
+async function handleListDatabaseProcesses({ msgid }) {
+  await waitConnected();
+  const driver = requireEngineDriver(storedConnection);
+
+  try {
+    const result = await driver.listProcesses(dbhan);
+    process.send({ msgtype: 'response', msgid, result });
+  } catch (err) {
+    process.send({ msgtype: 'response', msgid, errorMessage: err.message });
+  }
+}
+
 async function handleSummaryCommand({ msgid, command, row }) {
   return handleDriverDataCore(msgid, driver => driver.summaryCommand(dbhan, command, row));
 }
@@ -154,6 +178,8 @@ const messageHandlers = {
   connect: handleConnect,
   ping: handlePing,
   serverSummary: handleServerSummary,
+  killDatabaseProcess: handleKillDatabaseProcess,
+  listDatabaseProcesses: handleListDatabaseProcesses,
   summaryCommand: handleSummaryCommand,
   createDatabase: props => handleDatabaseOp('createDatabase', props),
   dropDatabase: props => handleDatabaseOp('dropDatabase', props),
@@ -170,7 +196,7 @@ function start() {
   setInterval(async () => {
     const time = new Date().getTime();
     if (time - lastPing > 40 * 1000) {
-      logger.info('Server connection not alive, exiting');
+      logger.info('DBGM-00044 Server connection not alive, exiting');
       const driver = requireEngineDriver(storedConnection);
       if (dbhan) {
         await driver.close(dbhan);
@@ -188,7 +214,7 @@ function start() {
         name: 'error',
         message: err.message,
       });
-      logger.error(extractErrorLogData(err), `Error processing message ${message?.['msgtype']}`);
+      logger.error(extractErrorLogData(err), `DBGM-00155 Error processing message ${message?.['msgtype']}`);
     }
   });
 }

packages/api/src/proc/sessionProcess.js

@@ -230,7 +230,7 @@ function start() {
   setInterval(async () => {
     const time = new Date().getTime();
     if (time - lastPing > 25 * 1000) {
-      logger.info('Session not alive, exiting');
+      logger.info('DBGM-00045 Session not alive, exiting');
       const driver = requireEngineDriver(storedConnection);
       await driver.close(dbhan);
       process.exit(0);
@@ -250,7 +250,7 @@ function start() {
       !currentProfiler &&
       executingScripts == 0
     ) {
-      logger.info('Session not active, exiting');
+      logger.info('DBGM-00046 Session not active, exiting');
       const driver = requireEngineDriver(storedConnection);
       await driver.close(dbhan);
       process.exit(0);

packages/api/src/proc/sshForwardProcess.js

@@ -41,7 +41,7 @@ async function handleStart({ connection, tunnelConfig }) {
       tunnelConfig,
     });
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Error creating SSH tunnel connection:');
+    logger.error(extractErrorLogData(err), 'DBGM-00156 Error creating SSH tunnel connection:');
 
     process.send({
       msgtype: 'error',

packages/api/src/shell/archiveWriter.js

@@ -10,7 +10,7 @@ const logger = getLogger();
 function archiveWriter({ folderName, fileName }) {
   const dir = resolveArchiveFolder(folderName);
   if (!fs.existsSync(dir)) {
-    logger.info(`Creating directory ${dir}`);
+    logger.info(`DBGM-00047 Creating directory ${dir}`);
     fs.mkdirSync(dir);
   }
   const jsonlFile = path.join(dir, `${fileName}.jsonl`);

packages/api/src/shell/copyStream.js

@@ -83,7 +83,7 @@ async function copyStream(input, output, options) {
       });
     }
 
-    logger.error(extractErrorLogData(err, { progressName }), 'Import/export job failed');
+    logger.error(extractErrorLogData(err, { progressName }), 'DBGM-00157 Import/export job failed');
     // throw err;
   }
 }

packages/api/src/shell/executeQuery.js

@@ -28,20 +28,20 @@ async function executeQuery({
   useTransaction,
 }) {
   if (!logScriptItems && !skipLogging) {
-    logger.info({ sql: getLimitedQuery(sql) }, `Execute query`);
+    logger.info({ sql: getLimitedQuery(sql) }, `DBGM-00048 Execute query`);
   }
 
   if (!driver) driver = requireEngineDriver(connection);
   const dbhan = systemConnection || (await connectUtility(driver, connection, 'script'));
 
   if (sqlFile) {
-    logger.debug(`Loading SQL file ${sqlFile}`);
+    logger.debug(`DBGM-00049 Loading SQL file ${sqlFile}`);
     sql = await fs.readFile(sqlFile, { encoding: 'utf-8' });
   }
 
   try {
     if (!skipLogging) {
-      logger.debug(`Running SQL query, length: ${sql.length}`);
+      logger.debug(`DBGM-00050 Running SQL query, length: ${sql.length}`);
     }
 
     await driver.script(dbhan, sql, { logScriptItems, useTransaction });

packages/api/src/shell/importDatabase.js

@@ -45,14 +45,14 @@ class ImportStream extends stream.Transform {
 }
 
 async function importDatabase({ connection = undefined, systemConnection = undefined, driver = undefined, inputFile }) {
-  logger.info(`Importing database`);
+  logger.info(`DBGM-00051 Importing database`);
 
   if (!driver) driver = requireEngineDriver(connection);
   const dbhan = systemConnection || (await connectUtility(driver, connection, 'write'));
   try {
-    logger.info(`Input file: ${inputFile}`);
+    logger.info(`DBGM-00052 Input file: ${inputFile}`);
     const downloadedFile = await download(inputFile);
-    logger.info(`Downloaded file: ${downloadedFile}`);
+    logger.info(`DBGM-00053 Downloaded file: ${downloadedFile}`);
 
     const fileStream = fs.createReadStream(downloadedFile, 'utf-8');
     const splittedStream = splitQueryStream(fileStream, {

packages/api/src/shell/jsonLinesReader.js

@@ -42,7 +42,7 @@ class ParseStream extends stream.Transform {
  * @returns {Promise<readerType>} - reader object
  */
 async function jsonLinesReader({ fileName, encoding = 'utf-8', limitRows = undefined }) {
-  logger.info(`Reading file ${fileName}`);
+  logger.info(`DBGM-00054 Reading file ${fileName}`);
 
   const downloadedFile = await download(fileName);
 

packages/api/src/shell/jsonLinesWriter.js

@@ -33,7 +33,7 @@ class StringifyStream extends stream.Transform {
  * @returns {Promise<writerType>} - writer object
  */
 async function jsonLinesWriter({ fileName, encoding = 'utf-8', header = true }) {
-  logger.info(`Writing file ${fileName}`);
+  logger.info(`DBGM-00055 Writing file ${fileName}`);
   const stringify = new StringifyStream({ header });
   const fileStream = fs.createWriteStream(fileName, encoding);
   return [stringify, fileStream];

packages/api/src/shell/jsonReader.js

@@ -63,7 +63,7 @@ async function jsonReader({
   encoding = 'utf-8',
   limitRows = undefined,
 }) {
-  logger.info(`Reading file ${fileName}`);
+  logger.info(`DBGM-00056 Reading file ${fileName}`);
 
   const downloadedFile = await download(fileName);
   const fileStream = fs.createReadStream(

packages/api/src/shell/jsonWriter.js

@@ -96,7 +96,7 @@ class StringifyStream extends stream.Transform {
  * @returns {Promise<writerType>} - writer object
  */
 async function jsonWriter({ fileName, jsonStyle, keyField = '_key', rootField, encoding = 'utf-8' }) {
-  logger.info(`Writing file ${fileName}`);
+  logger.info(`DBGM-00057 Writing file ${fileName}`);
   const stringify = new StringifyStream({ jsonStyle, keyField, rootField });
   const fileStream = fs.createWriteStream(fileName, encoding);
   return [stringify, fileStream];

packages/api/src/shell/loadDatabase.js

@@ -6,13 +6,13 @@ const exportDbModel = require('../utility/exportDbModel');
 const logger = getLogger('analyseDb');
 
 async function loadDatabase({ connection = undefined, systemConnection = undefined, driver = undefined, outputDir }) {
-  logger.debug(`Analysing database`);
+  logger.debug(`DBGM-00058 Analysing database`);
 
   if (!driver) driver = requireEngineDriver(connection);
   const dbhan = systemConnection || (await connectUtility(driver, connection, 'read', { forceRowsAsObjects: true }));
   try {
     const dbInfo = await driver.analyseFull(dbhan);
-    logger.debug(`Analyse finished`);
+    logger.debug(`DBGM-00059 Analyse finished`);
 
     await exportDbModel(dbInfo, outputDir);
   } finally {

packages/api/src/shell/modifyJsonLinesReader.js

@@ -132,7 +132,7 @@ async function modifyJsonLinesReader({
   mergeKey = null,
   mergeMode = 'merge',
 }) {
-  logger.info(`Reading file ${fileName} with change set`);
+  logger.info(`DBGM-00060 Reading file ${fileName} with change set`);
 
   const fileStream = fs.createReadStream(
     fileName,

packages/api/src/shell/queryReader.js

@@ -29,7 +29,7 @@ async function queryReader({
   // if (!sql && !json) {
   //   throw new Error('One of sql or json must be set');
   // }
-  logger.info({ sql: query || sql }, `Reading query`);
+  logger.info({ sql: query || sql }, `DBGM-00061 Reading query`);
   // else console.log(`Reading query ${JSON.stringify(json)}`);
 
   if (!driver) {

packages/api/src/shell/requirePlugin.js

@@ -4,6 +4,7 @@ const { pluginsdir, packagedPluginsDir, getPluginBackendPath } = require('../uti
 const platformInfo = require('../utility/platformInfo');
 const authProxy = require('../utility/authProxy');
 const { getLogger } = require('dbgate-tools');
+// 
 const logger = getLogger('requirePlugin');
 
 const loadedPlugins = {};
@@ -12,6 +13,10 @@ const dbgateEnv = {
   dbgateApi: null,
   platformInfo,
   authProxy,
+  isProApp: () =>{
+    const { isProApp } = require('../utility/checkLicense');
+    return isProApp();
+  }
 };
 function requirePlugin(packageName, requiredPlugin = null) {
   if (!packageName) throw new Error('Missing packageName in plugin');
@@ -20,7 +25,7 @@ function requirePlugin(packageName, requiredPlugin = null) {
   if (requiredPlugin == null) {
     let module;
     const modulePath = getPluginBackendPath(packageName);
-    logger.info(`Loading module ${packageName} from ${modulePath}`);
+    logger.info(`DBGM-00062 Loading module ${packageName} from ${modulePath}`);
     try {
       // @ts-ignore
       module = __non_webpack_require__(modulePath);

packages/api/src/shell/runScript.js

@@ -11,7 +11,7 @@ async function runScript(func) {
     await func();
     process.exit(0);
   } catch (err) {
-    logger.error(extractErrorLogData(err), `Error running script`);
+    logger.error(extractErrorLogData(err), `DBGM-00158 Error running script`);
     process.exit(1);
   }
 }

packages/api/src/shell/sqlDataWriter.js

@@ -41,7 +41,7 @@ class SqlizeStream extends stream.Transform {
 }
 
 async function sqlDataWriter({ fileName, dataName, driver, encoding = 'utf-8' }) {
-  logger.info(`Writing file ${fileName}`);
+  logger.info(`DBGM-00063 Writing file ${fileName}`);
   const stringify = new SqlizeStream({ fileName, dataName });
   const fileStream = fs.createWriteStream(fileName, encoding);
   return [stringify, fileStream];

packages/api/src/shell/tableReader.js

@@ -23,7 +23,7 @@ async function tableReader({ connection, systemConnection, pureName, schemaName,
 
   if (driver.databaseEngineTypes.includes('document')) {
     // @ts-ignore
-    logger.info(`Reading collection ${fullNameToString(fullName)}`);
+    logger.info(`DBGM-00064 Reading collection ${fullNameToString(fullName)}`);
     // @ts-ignore
     return await driver.readQuery(dbhan, JSON.stringify(fullName));
   }
@@ -32,14 +32,14 @@ async function tableReader({ connection, systemConnection, pureName, schemaName,
   const query = `select * from ${quoteFullName(driver.dialect, fullName)}`;
   if (table) {
     // @ts-ignore
-    logger.info(`Reading table ${fullNameToString(table)}`);
+    logger.info(`DBGM-00065 Reading table ${fullNameToString(table)}`);
     // @ts-ignore
     return await driver.readQuery(dbhan, query, table);
   }
   const view = await driver.analyseSingleObject(dbhan, fullName, 'views');
   if (view) {
     // @ts-ignore
-    logger.info(`Reading view ${fullNameToString(view)}`);
+    logger.info(`DBGM-00066 Reading view ${fullNameToString(view)}`);
     // @ts-ignore
     return await driver.readQuery(dbhan, query, view);
   }

packages/api/src/shell/tableWriter.js

@@ -20,7 +20,7 @@ const logger = getLogger('tableWriter');
  * @returns {Promise<writerType>} - writer object
  */
 async function tableWriter({ connection, schemaName, pureName, driver, systemConnection, ...options }) {
-  logger.info(`Writing table ${fullNameToString({ schemaName, pureName })}`);
+  logger.info(`DBGM-00067 Writing table ${fullNameToString({ schemaName, pureName })}`);
 
   if (!driver) {
     driver = requireEngineDriver(connection);

packages/api/src/shell/unzipDirectory.js

@@ -52,14 +52,14 @@ function unzipDirectory(zipPath, outputDirectory) {
                   readStream.on('end', () => zipFile.readEntry());
 
                   writeStream.on('finish', () => {
-                    logger.info(`Extracted "${entry.fileName}" → "${destPath}".`);
+                    logger.info(`DBGM-00068 Extracted "${entry.fileName}" → "${destPath}".`);
                     res();
                   });
 
                   writeStream.on('error', writeErr => {
                     logger.error(
                       extractErrorLogData(writeErr),
-                      `Error extracting "${entry.fileName}" from "${zipPath}".`
+                      `DBGM-00069 Error extracting "${entry.fileName}" from "${zipPath}".`
                     );
                     rej(writeErr);
                   });
@@ -74,14 +74,14 @@ function unzipDirectory(zipPath, outputDirectory) {
       zipFile.on('end', () => {
         Promise.all(pending)
           .then(() => {
-            logger.info(`Archive "${zipPath}" fully extracted to "${outputDirectory}".`);
+            logger.info(`DBGM-00070 Archive "${zipPath}" fully extracted to "${outputDirectory}".`);
             resolve(true);
           })
           .catch(reject);
       });
 
       zipFile.on('error', err => {
-        logger.error(extractErrorLogData(err), `ZIP file error in ${zipPath}.`);
+        logger.error(extractErrorLogData(err), `DBGM-00071 ZIP file error in ${zipPath}.`);
         reject(err);
       });
     });

packages/api/src/shell/zipDirectory.js

@@ -16,16 +16,16 @@ function zipDirectory(inputDirectory, outputFile) {
 
     // Listen for all archive data to be written
     output.on('close', () => {
-      logger.info(`ZIP file created (${archive.pointer()} total bytes)`);
+      logger.info(`DBGM-00072 ZIP file created (${archive.pointer()} total bytes)`);
       resolve();
     });
 
     archive.on('warning', err => {
-      logger.warn(extractErrorLogData(err), `Warning while creating ZIP: ${err.message}`);
+      logger.warn(extractErrorLogData(err), `DBGM-00073 Warning while creating ZIP: ${err.message}`);
     });
 
     archive.on('error', err => {
-      logger.error(extractErrorLogData(err), `Error while creating ZIP: ${err.message}`);
+      logger.error(extractErrorLogData(err), `DBGM-00074 Error while creating ZIP: ${err.message}`);
       reject(err);
     });
 

packages/api/src/shell/zipJsonLinesData.js

@@ -17,16 +17,16 @@ function zipDirectory(jsonDb, outputFile) {
 
     // Listen for all archive data to be written
     output.on('close', () => {
-      logger.info(`ZIP file created (${archive.pointer()} total bytes)`);
+      logger.info(`DBGM-00075 ZIP file created (${archive.pointer()} total bytes)`);
       resolve();
     });
 
     archive.on('warning', err => {
-      logger.warn(extractErrorLogData(err), `Warning while creating ZIP: ${err.message}`);
+      logger.warn(extractErrorLogData(err), `DBGM-00076 Warning while creating ZIP: ${err.message}`);
     });
 
     archive.on('error', err => {
-      logger.error(extractErrorLogData(err), `Error while creating ZIP: ${err.message}`);
+      logger.error(extractErrorLogData(err), `DBGM-00077 Error while creating ZIP: ${err.message}`);
       reject(err);
     });
 

packages/api/src/utility/DatastoreProxy.js

@@ -61,7 +61,7 @@ class DatastoreProxy {
         this.subprocess = null;
       });
       this.subprocess.on('error', err => {
-        logger.error(extractErrorLogData(err), 'Error in data store subprocess');
+        logger.error(extractErrorLogData(err), 'DBGM-00167 Error in data store subprocess');
         this.subprocess = null;
       });
       this.subprocess.send({ msgtype: 'open', file: this.file });
@@ -77,7 +77,7 @@ class DatastoreProxy {
       try {
         this.subprocess.send({ msgtype: 'read', msgid, offset, limit });
       } catch (err) {
-        logger.error(extractErrorLogData(err), 'Error getting rows');
+        logger.error(extractErrorLogData(err), 'DBGM-00168 Error getting rows');
         this.subprocess = null;
       }
     });
@@ -91,7 +91,7 @@ class DatastoreProxy {
       try {
         this.subprocess.send({ msgtype: 'notify', msgid });
       } catch (err) {
-        logger.error(extractErrorLogData(err), 'Error notifying subprocess');
+        logger.error(extractErrorLogData(err), 'DBGM-00169 Error notifying subprocess');
         this.subprocess = null;
       }
     });

packages/api/src/utility/JsonLinesDatastore.js

@@ -7,7 +7,6 @@ const AsyncLock = require('async-lock');
 const lock = new AsyncLock();
 const stableStringify = require('json-stable-stringify');
 const { evaluateCondition } = require('dbgate-sqltree');
-const requirePluginFunction = require('./requirePluginFunction');
 const esort = require('external-sorting');
 const { jsldir } = require('./directories');
 const LineReader = require('./LineReader');
@@ -23,7 +22,10 @@ class JsonLinesDatastore {
     this.notifyChangedCallback = null;
     this.currentFilter = null;
     this.currentSort = null;
-    this.rowFormatter = requirePluginFunction(formatterFunction);
+    if (formatterFunction) {
+      const requirePluginFunction = require('./requirePluginFunction');
+      this.rowFormatter = requirePluginFunction(formatterFunction);
+    }
     this.sortedFiles = {};
   }
 

packages/api/src/utility/appLogStore.js

@@ -0,0 +1,119 @@
+const fs = require('fs-extra');
+const path = require('path');
+const { logsdir } = require('./directories');
+const { format, addDays, startOfDay } = require('date-fns');
+const LineReader = require('./LineReader');
+const socket = require('./socket');
+const _ = require('lodash');
+
+async function getLogFiles(timeFrom, timeTo) {
+  const dir = logsdir();
+  const files = await fs.readdir(dir);
+  const startPrefix = format(timeFrom, 'yyyy-MM-dd');
+  const endPrefix = format(addDays(timeTo, 1), 'yyyy-MM-dd');
+  const logFiles = files
+    .filter(file => file.endsWith('.ndjson'))
+    .filter(file => file >= startPrefix && file < endPrefix);
+  return logFiles.sort().map(x => path.join(dir, x));
+}
+
+const RECENT_LOG_LIMIT = 1000;
+
+let recentLogs = null;
+const beforeRecentLogs = [];
+
+function adjustRecentLogs() {
+  if (recentLogs.length > RECENT_LOG_LIMIT) {
+    recentLogs.splice(0, recentLogs.length - RECENT_LOG_LIMIT);
+  }
+}
+
+function prepareEntryForExport(entry, lastEntry) {
+  return {
+    date: format(new Date(entry.time), 'yyyy-MM-dd'),
+    time: format(new Date(entry.time), 'HH:mm:ss'),
+    dtime: lastEntry ? entry.time - lastEntry.time : 0,
+    msgcode: entry.msgcode || '',
+    message: entry.msg || '',
+    ..._.omit(entry, ['time', 'msg', 'msgcode']),
+    conid: entry.conid || '',
+    database: entry.database || '',
+    engine: entry.engine || '',
+    ts: entry.time,
+  };
+}
+
+async function copyAppLogsIntoFile(timeFrom, timeTo, fileName, prepareForExport) {
+  const writeStream = fs.createWriteStream(fileName);
+
+  let lastEntry = null;
+  for (const file of await getLogFiles(timeFrom, timeTo)) {
+    const readStream = fs.createReadStream(file);
+    const reader = new LineReader(readStream);
+    do {
+      const line = await reader.readLine();
+      if (line == null) break;
+      try {
+        const logEntry = JSON.parse(line);
+        if (logEntry.time >= timeFrom && logEntry.time <= timeTo) {
+          writeStream.write(
+            JSON.stringify(prepareForExport ? prepareEntryForExport(logEntry, lastEntry) : logEntry) + '\n'
+          );
+          lastEntry = logEntry;
+        }
+      } catch (e) {
+        continue;
+      }
+    } while (true);
+  }
+}
+
+async function initializeRecentLogProvider() {
+  const logs = [];
+  for (const file of await getLogFiles(startOfDay(new Date()), new Date())) {
+    const fileStream = fs.createReadStream(file);
+    const reader = new LineReader(fileStream);
+    do {
+      const line = await reader.readLine();
+      if (line == null) break;
+      try {
+        const logEntry = JSON.parse(line);
+        logs.push(logEntry);
+        if (logs.length > RECENT_LOG_LIMIT) {
+          logs.shift();
+        }
+      } catch (e) {
+        continue;
+      }
+    } while (true);
+  }
+  recentLogs = logs;
+  recentLogs.push(...beforeRecentLogs);
+}
+
+let counter = 0;
+function pushToRecentLogs(msg) {
+  const finalMsg = {
+    ...msg,
+    counter,
+  };
+  counter += 1;
+  if (recentLogs) {
+    recentLogs.push(finalMsg);
+    adjustRecentLogs();
+    socket.emit('applog-event', finalMsg);
+  } else {
+    beforeRecentLogs.push(finalMsg);
+  }
+}
+
+function getRecentAppLogRecords() {
+  return recentLogs ?? beforeRecentLogs;
+}
+
+module.exports = {
+  initializeRecentLogProvider,
+  getRecentAppLogRecords,
+  pushToRecentLogs,
+  copyAppLogsIntoFile,
+};

packages/api/src/utility/childProcessChecker.js

@@ -12,7 +12,7 @@ function childProcessChecker() {
       // This will come once parent dies.
       // One way can be to check for error code ERR_IPC_CHANNEL_CLOSED
       //     and call process.exit()
-      logger.error(extractErrorLogData(err), 'parent died');
+      logger.error(extractErrorLogData(err), 'DBGM-00163 parent died');
       process.exit(1);
     }
   }, 1000);

packages/api/src/utility/cloudIntf.js

@@ -13,11 +13,11 @@ const socket = require('./socket');
 const config = require('../controllers/config');
 const simpleEncryptor = require('simple-encryptor');
 const currentVersion = require('../currentVersion');
-const { getPublicIpInfo } = require('./hardwareFingerprint');
 
 const logger = getLogger('cloudIntf');
 
 let cloudFiles = null;
+let promoWidgetData = null;
 
 const DBGATE_IDENTITY_URL = process.env.LOCAL_DBGATE_IDENTITY
   ? 'http://localhost:3103'
@@ -77,7 +77,7 @@ function startCloudTokenChecking(sid, callback) {
         callback(resp.data);
       }
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error checking cloud token');
+      logger.error(extractErrorLogData(err), 'DBGM-00164 Error checking cloud token');
     }
   }, 500);
 }
@@ -125,7 +125,7 @@ async function getCloudUsedEngines() {
     const resp = await callCloudApiGet('content-engines');
     return resp || [];
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Error getting cloud content list');
+    logger.error(extractErrorLogData(err), 'DBGM-00165 Error getting cloud content list');
     return [];
   }
 }
@@ -200,20 +200,18 @@ async function updateCloudFiles(isRefresh) {
     lastCloudFilesTags = '';
   }
 
-  const ipInfo = await getPublicIpInfo();
-
   const tags = (await collectCloudFilesSearchTags()).join(',');
   let lastCheckedTm = 0;
   if (tags == lastCloudFilesTags && cloudFiles.length > 0) {
     lastCheckedTm = _.max(cloudFiles.map(x => parseInt(x.modifiedTm)));
   }
 
-  logger.info({ tags, lastCheckedTm }, 'Downloading cloud files');
+  logger.info({ tags, lastCheckedTm }, 'DBGM-00082 Downloading cloud files');
 
   const resp = await axios.default.get(
     `${DBGATE_CLOUD_URL}/public-cloud-updates?lastCheckedTm=${lastCheckedTm}&tags=${tags}&isRefresh=${
       isRefresh ? 1 : 0
-    }&country=${ipInfo?.country || ''}`,
+    }`,
     {
       headers: {
         ...getLicenseHttpHeaders(),
@@ -223,7 +221,7 @@ async function updateCloudFiles(isRefresh) {
     }
   );
 
-  logger.info(`Downloaded ${resp.data.length} cloud files`);
+  logger.info(`DBGM-00083 Downloaded ${resp.data.length} cloud files`);
 
   const filesByPath = lastCheckedTm == 0 ? {} : _.keyBy(cloudFiles, 'path');
   for (const file of resp.data) {
@@ -262,6 +260,36 @@ async function getPublicFileData(path) {
   return resp.data;
 }
 
+async function updatePremiumPromoWidget() {
+  try {
+    const fileContent = await fs.readFile(path.join(datadir(), 'promo-widget.json'), 'utf-8');
+    promoWidgetData = JSON.parse(fileContent);
+  } catch (err) {
+    promoWidgetData = null;
+  }
+
+  const tags = (await collectCloudFilesSearchTags()).join(',');
+
+  const resp = await axios.default.get(
+    `${DBGATE_CLOUD_URL}/premium-promo-widget?identifier=${promoWidgetData?.identifier ?? 'empty'}&tags=${tags}`,
+    {
+      headers: {
+        ...(await getCloudInstanceHeaders()),
+        'x-app-version': currentVersion.version,
+      },
+    }
+  );
+
+  if (!resp.data || resp.data?.state == 'unchanged') {
+    return;
+  }
+
+  promoWidgetData = resp.data;
+  await fs.writeFile(path.join(datadir(), 'promo-widget.json'), JSON.stringify(promoWidgetData, null, 2));
+
+  socket.emitChanged(`promo-widget-changed`);
+}
+
 async function refreshPublicFiles(isRefresh) {
   if (!cloudFiles) {
     await loadCloudFiles();
@@ -269,7 +297,10 @@ async function refreshPublicFiles(isRefresh) {
   try {
     await updateCloudFiles(isRefresh);
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Error updating cloud files');
+    logger.error(extractErrorLogData(err), 'DBGM-00166 Error updating cloud files');
+  }
+  if (!isProApp()) {
+    await updatePremiumPromoWidget();
   }
 }
 
@@ -423,6 +454,22 @@ function removeCloudCachedConnection(folid, cntid) {
   delete cloudConnectionCache[cacheKey];
 }
 
+async function getPublicIpInfo() {
+  try {
+    const resp = await axios.default.get(`${DBGATE_CLOUD_URL}/ipinfo`);
+    if (!resp.data?.ip) {
+      return { ip: 'unknown-ip' };
+    }
+    return resp.data;
+  } catch (err) {
+    return { ip: 'unknown-ip' };
+  }
+}
+
+function getPromoWidgetData() {
+  return promoWidgetData;
+}
+
 module.exports = {
   createDbGateIdentitySession,
   startCloudTokenChecking,
@@ -439,4 +486,6 @@ module.exports = {
   removeCloudCachedConnection,
   readCloudTokenHolder,
   readCloudTestTokenHolder,
+  getPublicIpInfo,
+  getPromoWidgetData,
 };

packages/api/src/utility/connectUtility.js

@@ -132,7 +132,7 @@ async function connectUtility(driver, storedConnection, connectionMode, addition
 
   connection.ssl = await extractConnectionSslParams(connection);
 
-  const conn = await driver.connect({ ...connection, ...additionalOptions });
+  const conn = await driver.connect({ conid: connectionLoaded?._id, ...connection, ...additionalOptions });
   return conn;
 }
 

packages/api/src/utility/directories.js

@@ -14,11 +14,11 @@ const createDirectories = {};
 const ensureDirectory = (dir, clean) => {
   if (!createDirectories[dir]) {
     if (clean && fs.existsSync(dir) && !platformInfo.isForkedApi) {
-      getLogger('directories').info(`Cleaning directory ${dir}`);
+      getLogger('directories').info(`DBGM-00170 Cleaning directory ${dir}`);
       cleanDirectory(dir, _.isNumber(clean) ? clean : null);
     }
     if (!fs.existsSync(dir)) {
-      getLogger('directories').info(`Creating directory ${dir}`);
+      getLogger('directories').info(`DBGM-00171 Creating directory ${dir}`);
       fs.mkdirSync(dir);
     }
     createDirectories[dir] = true;

packages/api/src/utility/extractSingleFileFromZip.js

@@ -42,13 +42,13 @@ function extractSingleFileFromZip(zipPath, fileInZip, outputPath) {
 
             // When the file is finished writing, resolve
             writeStream.on('finish', () => {
-              logger.info(`File "${fileInZip}" extracted to "${outputPath}".`);
+              logger.info(`DBGM-00088 File "${fileInZip}" extracted to "${outputPath}".`);
               resolve(true);
             });
 
             // Handle write errors
             writeStream.on('error', writeErr => {
-              logger.error(extractErrorLogData(writeErr), `Error extracting "${fileInZip}" from "${zipPath}".`);
+              logger.error(extractErrorLogData(writeErr), `DBGM-00089 Error extracting "${fileInZip}" from "${zipPath}".`);
               reject(writeErr);
             });
           });
@@ -67,7 +67,7 @@ function extractSingleFileFromZip(zipPath, fileInZip, outputPath) {
 
       // Handle general errors
       zipFile.on('error', err => {
-        logger.error(extractErrorLogData(err), `ZIP file error in ${zipPath}.`);
+        logger.error(extractErrorLogData(err), `DBGM-00172 ZIP file error in ${zipPath}.`);
         reject(err);
       });
     });

packages/api/src/utility/getChartExport.js

@@ -53,7 +53,7 @@ const getChartExport = (title, config, imageFile, plugins) => {
     </div>
 
     <div class="footer">
-        Exported from <a href='https://dbgate.io/' target='_blank'>DbGate</a>, powered by <a href='https://www.chartjs.org/' target='_blank'>Chart.js</a>
+        Exported from <a href='https://www.dbgate.io/' target='_blank'>DbGate</a>, powered by <a href='https://www.chartjs.org/' target='_blank'>Chart.js</a>
     </div>
 </body>
 

packages/api/src/utility/getMapExport.js

@@ -18,7 +18,7 @@ const getMapExport = (geoJson) => {
     leaflet
       .tileLayer('https://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png', {
         maxZoom: 19,
-        attribution: '<a href="https://dbgate.io" title="Exported from DbGate">DbGate</a> | © OpenStreetMap',
+        attribution: '<a href="https://www.dbgate.io" title="Exported from DbGate">DbGate</a> | © OpenStreetMap',
       })
       .addTo(map);
       

packages/api/src/utility/hardwareFingerprint.js

@@ -3,18 +3,6 @@ const os = require('os');
 const crypto = require('crypto');
 const platformInfo = require('./platformInfo');
 
-async function getPublicIpInfo() {
-  try {
-    const resp = await axios.default.get('https://ipinfo.io/json');
-    if (!resp.data?.ip) {
-      return { ip: 'unknown-ip' };
-    }
-    return resp.data;
-  } catch (err) {
-    return { ip: 'unknown-ip' };
-  }
-}
-
 function getMacAddress() {
   try {
     const interfaces = os.networkInterfaces();
@@ -32,6 +20,7 @@ function getMacAddress() {
 }
 
 async function getHardwareFingerprint() {
+  const { getPublicIpInfo } = require('./cloudIntf');
   const publicIpInfo = await getPublicIpInfo();
   const macAddress = getMacAddress();
   const platform = os.platform();
@@ -42,8 +31,6 @@ async function getHardwareFingerprint() {
   return {
     publicIp: publicIpInfo.ip,
     country: publicIpInfo.country,
-    region: publicIpInfo.region,
-    city: publicIpInfo.city,
     macAddress,
     platform,
     release,
@@ -68,9 +55,7 @@ async function getPublicHardwareFingerprint() {
     hash,
     payload: {
       platform: fingerprint.platform,
-      city: fingerprint.city,
       country: fingerprint.country,
-      region: fingerprint.region,
       isDocker: platformInfo.isDocker,
       isAwsUbuntuLayout: platformInfo.isAwsUbuntuLayout,
       isAzureUbuntuLayout: platformInfo.isAzureUbuntuLayout,
@@ -87,5 +72,4 @@ module.exports = {
   getHardwareFingerprint,
   getHardwareFingerprintHash,
   getPublicHardwareFingerprint,
-  getPublicIpInfo,
 };

packages/api/src/utility/hasPermission.js

@@ -1,96 +1,350 @@
-const { compilePermissions, testPermission } = require('dbgate-tools');
+const { compilePermissions, testPermission, getPermissionsCacheKey } = require('dbgate-tools');
 const _ = require('lodash');
 const { getAuthProviderFromReq } = require('../auth/authProvider');
 
 const cachedPermissions = {};
 
-function hasPermission(tested, req) {
+async function loadPermissionsFromRequest(req) {
+  const authProvider = getAuthProviderFromReq(req);
   if (!req) {
-    // request object not available, allow all
+    return null;
+  }
+
+  const loadedPermissions = await authProvider.getCurrentPermissions(req);
+  return loadedPermissions;
+}
+
+function hasPermission(tested, loadedPermissions) {
+  if (!loadedPermissions) {
+    // not available, allow all
     return true;
   }
 
-  const permissions = getAuthProviderFromReq(req).getCurrentPermissions(req);
-
-  if (!cachedPermissions[permissions]) {
-    cachedPermissions[permissions] = compilePermissions(permissions);
+  const permissionsKey = getPermissionsCacheKey(loadedPermissions);
+  if (!cachedPermissions[permissionsKey]) {
+    cachedPermissions[permissionsKey] = compilePermissions(loadedPermissions);
   }
 
-  return testPermission(tested, cachedPermissions[permissions]);
-
-  // const { user } = (req && req.auth) || {};
-  // const { login } = (process.env.OAUTH_PERMISSIONS && req && req.user) || {};
-  // const key = user || login || '';
-  // const logins = getLogins();
-
-  // if (!userPermissions[key]) {
-  //   if (logins) {
-  //     const login = logins.find(x => x.login == user);
-  //     userPermissions[key] = compilePermissions(login ? login.permissions : null);
-  //   } else {
-  //     userPermissions[key] = compilePermissions(process.env.PERMISSIONS);
-  //   }
-  // }
-  // return testPermission(tested, userPermissions[key]);
+  return testPermission(tested, cachedPermissions[permissionsKey]);
 }
 
-// let loginsCache = null;
-// let loginsLoaded = false;
-
-// function getLogins() {
-//   if (loginsLoaded) {
-//     return loginsCache;
-//   }
-
-//   const res = [];
-//   if (process.env.LOGIN && process.env.PASSWORD) {
-//     res.push({
-//       login: process.env.LOGIN,
-//       password: process.env.PASSWORD,
-//       permissions: process.env.PERMISSIONS,
-//     });
-//   }
-//   if (process.env.LOGINS) {
-//     const logins = _.compact(process.env.LOGINS.split(',').map(x => x.trim()));
-//     for (const login of logins) {
-//       const password = process.env[`LOGIN_PASSWORD_${login}`];
-//       const permissions = process.env[`LOGIN_PERMISSIONS_${login}`];
-//       if (password) {
-//         res.push({
-//           login,
-//           password,
-//           permissions,
-//         });
-//       }
-//     }
-//   } else if (process.env.OAUTH_PERMISSIONS) {
-//     const login_permission_keys = Object.keys(process.env).filter(key => _.startsWith(key, 'LOGIN_PERMISSIONS_'));
-//     for (const permissions_key of login_permission_keys) {
-//       const login = permissions_key.replace('LOGIN_PERMISSIONS_', '');
-//       const permissions = process.env[permissions_key];
-//       userPermissions[login] = compilePermissions(permissions);
-//     }
-//   }
-
-//   loginsCache = res.length > 0 ? res : null;
-//   loginsLoaded = true;
-//   return loginsCache;
-// }
-
-function connectionHasPermission(connection, req) {
+function connectionHasPermission(connection, loadedPermissions) {
   if (!connection) {
     return true;
   }
   if (_.isString(connection)) {
-    return hasPermission(`connections/${connection}`, req);
+    return hasPermission(`connections/${connection}`, loadedPermissions);
   } else {
-    return hasPermission(`connections/${connection._id}`, req);
+    return hasPermission(`connections/${connection._id}`, loadedPermissions);
   }
 }
 
-function testConnectionPermission(connection, req) {
-  if (!connectionHasPermission(connection, req)) {
-    throw new Error('Connection permission not granted');
+async function testConnectionPermission(connection, req, loadedPermissions) {
+  if (!loadedPermissions) {
+    loadedPermissions = await loadPermissionsFromRequest(req);
+  }
+  if (process.env.STORAGE_DATABASE) {
+    if (hasPermission(`all-connections`, loadedPermissions)) {
+      return;
+    }
+    const conid = _.isString(connection) ? connection : connection?._id;
+    if (hasPermission('internal-storage', loadedPermissions) && conid == '__storage') {
+      return;
+    }
+    const authProvider = getAuthProviderFromReq(req);
+    if (!req) {
+      return;
+    }
+    if (!(await authProvider.checkCurrentConnectionPermission(req, conid))) {
+      throw new Error('DBGM-00263 Connection permission not granted');
+    }
+  } else {
+    if (!connectionHasPermission(connection, loadedPermissions)) {
+      throw new Error('DBGM-00264 Connection permission not granted');
+    }
+  }
+}
+
+async function loadDatabasePermissionsFromRequest(req) {
+  const authProvider = getAuthProviderFromReq(req);
+  if (!req) {
+    return null;
+  }
+
+  const databasePermissions = await authProvider.getCurrentDatabasePermissions(req);
+  return databasePermissions;
+}
+
+async function loadTablePermissionsFromRequest(req) {
+  const authProvider = getAuthProviderFromReq(req);
+  if (!req) {
+    return null;
+  }
+
+  const tablePermissions = await authProvider.getCurrentTablePermissions(req);
+  return tablePermissions;
+}
+
+async function loadFilePermissionsFromRequest(req) {
+  const authProvider = getAuthProviderFromReq(req);
+  if (!req) {
+    return null;
+  }
+
+  const filePermissions = await authProvider.getCurrentFilePermissions(req);
+  return filePermissions;
+}
+
+function matchDatabasePermissionRow(conid, database, permissionRow) {
+  if (permissionRow.connection_id) {
+    if (conid != permissionRow.connection_id) {
+      return false;
+    }
+  }
+  if (permissionRow.database_names_list) {
+    const items = permissionRow.database_names_list.split('\n');
+    if (!items.find(item => item.trim()?.toLowerCase() === database?.toLowerCase())) {
+      return false;
+    }
+  }
+  if (permissionRow.database_names_regex) {
+    const regex = new RegExp(permissionRow.database_names_regex, 'i');
+    if (!regex.test(database)) {
+      return false;
+    }
+  }
+  return true;
+}
+
+function matchTablePermissionRow(objectTypeField, schemaName, pureName, permissionRow) {
+  if (permissionRow.table_names_list) {
+    const items = permissionRow.table_names_list.split('\n');
+    if (!items.find(item => item.trim()?.toLowerCase() === pureName?.toLowerCase())) {
+      return false;
+    }
+  }
+  if (permissionRow.table_names_regex) {
+    const regex = new RegExp(permissionRow.table_names_regex, 'i');
+    if (!regex.test(pureName)) {
+      return false;
+    }
+  }
+  if (permissionRow.schema_names_list) {
+    const items = permissionRow.schema_names_list.split('\n');
+    if (!items.find(item => item.trim()?.toLowerCase() === schemaName?.toLowerCase())) {
+      return false;
+    }
+  }
+  if (permissionRow.schema_names_regex) {
+    const regex = new RegExp(permissionRow.schema_names_regex, 'i');
+    if (!regex.test(schemaName)) {
+      return false;
+    }
+  }
+
+  return true;
+}
+
+function matchFilePermissionRow(folder, file, permissionRow) {
+  if (permissionRow.folder_name) {
+    if (folder != permissionRow.folder_name) {
+      return false;
+    }
+  }
+  if (permissionRow.file_names_list) {
+    const items = permissionRow.file_names_list.split('\n');
+    if (!items.find(item => item.trim()?.toLowerCase() === file?.toLowerCase())) {
+      return false;
+    }
+  }
+  if (permissionRow.file_names_regex) {
+    const regex = new RegExp(permissionRow.file_names_regex, 'i');
+    if (!regex.test(file)) {
+      return false;
+    }
+  }
+  return true;
+}
+
+const DATABASE_ROLE_ID_NAMES = {
+  '-1': 'view',
+  '-2': 'read_content',
+  '-3': 'write_data',
+  '-4': 'run_script',
+  '-5': 'deny',
+};
+
+const FILE_ROLE_ID_NAMES = {
+  '-1': 'allow',
+  '-2': 'deny',
+};
+
+function getDatabaseRoleLevelIndex(roleName) {
+  if (!roleName) {
+    return 6;
+  }
+  if (roleName == 'run_script') {
+    return 5;
+  }
+  if (roleName == 'write_data') {
+    return 4;
+  }
+  if (roleName == 'read_content') {
+    return 3;
+  }
+  if (roleName == 'view') {
+    return 2;
+  }
+  if (roleName == 'deny') {
+    return 1;
+  }
+  return 6;
+}
+
+function getTablePermissionRoleLevelIndex(roleName) {
+  if (!roleName) {
+    return 6;
+  }
+  if (roleName == 'run_script') {
+    return 5;
+  }
+  if (roleName == 'create_update_delete') {
+    return 4;
+  }
+  if (roleName == 'update_only') {
+    return 3;
+  }
+  if (roleName == 'read') {
+    return 2;
+  }
+  if (roleName == 'deny') {
+    return 1;
+  }
+  return 6;
+}
+
+function getDatabasePermissionRole(conid, database, loadedDatabasePermissions) {
+  let res = 'deny';
+  for (const permissionRow of loadedDatabasePermissions) {
+    if (!matchDatabasePermissionRow(conid, database, permissionRow)) {
+      continue;
+    }
+    res = DATABASE_ROLE_ID_NAMES[permissionRow.database_permission_role_id];
+  }
+  return res;
+}
+
+function getFilePermissionRole(folder, file, loadedFilePermissions) {
+  let res = 'deny';
+  for (const permissionRow of loadedFilePermissions) {
+    if (!matchFilePermissionRow(folder, file, permissionRow)) {
+      continue;
+    }
+    res = FILE_ROLE_ID_NAMES[permissionRow.file_permission_role_id];
+  }
+  return res;
+}
+
+const TABLE_ROLE_ID_NAMES = {
+  '-1': 'read',
+  '-2': 'update_only',
+  '-3': 'create_update_delete',
+  '-4': 'run_script',
+  '-5': 'deny',
+};
+
+const TABLE_SCOPE_ID_NAMES = {
+  '-1': 'all_objects',
+  '-2': 'tables',
+  '-3': 'views',
+  '-4': 'tables_views_collections',
+  '-5': 'procedures',
+  '-6': 'functions',
+  '-7': 'triggers',
+  '-8': 'sql_objects',
+  '-9': 'collections',
+};
+
+function getTablePermissionRole(
+  conid,
+  database,
+  objectTypeField,
+  schemaName,
+  pureName,
+  loadedTablePermissions,
+  databasePermissionRole
+) {
+  let res =
+    databasePermissionRole == 'read_content'
+      ? 'read'
+      : databasePermissionRole == 'write_data'
+      ? 'create_update_delete'
+      : databasePermissionRole == 'run_script'
+      ? 'run_script'
+      : 'deny';
+  for (const permissionRow of loadedTablePermissions) {
+    if (!matchDatabasePermissionRow(conid, database, permissionRow)) {
+      continue;
+    }
+    if (!matchTablePermissionRow(objectTypeField, schemaName, pureName, permissionRow)) {
+      continue;
+    }
+    const scope = TABLE_SCOPE_ID_NAMES[permissionRow.table_permission_scope_id];
+    switch (scope) {
+      case 'tables':
+        if (objectTypeField != 'tables') continue;
+        break;
+      case 'views':
+        if (objectTypeField != 'views') continue;
+        break;
+      case 'tables_views_collections':
+        if (objectTypeField != 'tables' && objectTypeField != 'views' && objectTypeField != 'collections') continue;
+        break;
+      case 'procedures':
+        if (objectTypeField != 'procedures') continue;
+        break;
+      case 'functions':
+        if (objectTypeField != 'functions') continue;
+        break;
+      case 'triggers':
+        if (objectTypeField != 'triggers') continue;
+        break;
+      case 'sql_objects':
+        if (objectTypeField != 'procedures' && objectTypeField != 'functions' && objectTypeField != 'triggers')
+          continue;
+        break;
+      case 'collections':
+        if (objectTypeField != 'collections') continue;
+        break;
+    }
+    res = TABLE_ROLE_ID_NAMES[permissionRow.table_permission_role_id];
+  }
+  return res;
+}
+
+async function testStandardPermission(permission, req, loadedPermissions) {
+  if (!loadedPermissions) {
+    loadedPermissions = await loadPermissionsFromRequest(req);
+  }
+  if (!hasPermission(permission, loadedPermissions)) {
+    throw new Error(`DBGM-00265 Permission ${permission} not granted`);
+  }
+}
+
+async function testDatabaseRolePermission(conid, database, requiredRole, req) {
+  if (!process.env.STORAGE_DATABASE) {
+    return;
+  }
+  const loadedPermissions = await loadPermissionsFromRequest(req);
+  if (hasPermission(`all-databases`, loadedPermissions)) {
+    return;
+  }
+  const databasePermissions = await loadDatabasePermissionsFromRequest(req);
+  const role = getDatabasePermissionRole(conid, database, databasePermissions);
+  const requiredIndex = getDatabaseRoleLevelIndex(requiredRole);
+  const roleIndex = getDatabaseRoleLevelIndex(role);
+  if (roleIndex < requiredIndex) {
+    throw new Error(`DBGM-00266 Permission ${requiredRole} not granted`);
   }
 }
 
@@ -98,4 +352,14 @@ module.exports = {
   hasPermission,
   connectionHasPermission,
   testConnectionPermission,
+  loadPermissionsFromRequest,
+  loadDatabasePermissionsFromRequest,
+  loadTablePermissionsFromRequest,
+  loadFilePermissionsFromRequest,
+  getDatabasePermissionRole,
+  getTablePermissionRole,
+  getFilePermissionRole,
+  testStandardPermission,
+  testDatabaseRolePermission,
+  getTablePermissionRoleLevelIndex,
 };

packages/api/src/utility/loadModelTransform.js

@@ -28,7 +28,7 @@ async function loadModelTransform(file) {
     }
     return null;
   } catch (err) {
-    logger.error(extractErrorLogData(err), `Error loading model transform ${file}`);
+    logger.error(extractErrorLogData(err), `DBGM-00173 Error loading model transform ${file}`);
     return null;
   }
 }

packages/api/src/utility/platformInfo.js

@@ -3,7 +3,6 @@ const os = require('os');
 const path = require('path');
 const processArgs = require('./processArgs');
 const isElectron = require('is-electron');
-const { isProApp } = require('./checkLicense');
 
 const platform = process.env.OS_OVERRIDE ? process.env.OS_OVERRIDE : process.platform;
 const isWindows = platform === 'win32';
@@ -60,7 +59,6 @@ const platformInfo = {
   defaultKeyfile: path.join(os.homedir(), '.ssh/id_rsa'),
   isAwsUbuntuLayout,
   isAzureUbuntuLayout,
-  isProApp: isProApp()
 };
 
 module.exports = platformInfo;

packages/api/src/utility/sshTunnel.js

@@ -40,7 +40,7 @@ function callForwardProcess(connection, tunnelConfig, tunnelCacheKey) {
       tunnelConfig,
     });
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Error connecting SSH');
+    logger.error(extractErrorLogData(err), 'DBGM-00174 Error connecting SSH');
   }
   return new Promise((resolve, reject) => {
     let promiseHandled = false;
@@ -57,18 +57,18 @@ function callForwardProcess(connection, tunnelConfig, tunnelCacheKey) {
       }
     });
     subprocess.on('exit', code => {
-      logger.info(`SSH forward process exited with code ${code}`);
+      logger.info(`DBGM-00090 SSH forward process exited with code ${code}`);
       delete sshTunnelCache[tunnelCacheKey];
       if (!promiseHandled) {
         reject(
           new Error(
-            'SSH forward process exited, try to change "Local host address for SSH connections" in Settings/Connections'
+            'DBGM-00091 SSH forward process exited, try to change "Local host address for SSH connections" in Settings/Connections'
           )
         );
       }
     });
     subprocess.on('error', error => {
-      logger.error(extractErrorLogData(error), 'SSH forward process error');
+      logger.error(extractErrorLogData(error), 'DBGM-00092 SSH forward process error');
       delete sshTunnelCache[tunnelCacheKey];
       if (!promiseHandled) {
         reject(error);
@@ -97,13 +97,13 @@ async function getSshTunnel(connection) {
     };
     try {
       logger.info(
-        `Creating SSH tunnel to ${connection.sshHost}-${connection.server}:${connection.port}, using local port ${localPort}`
+        `DBGM-00093 Creating SSH tunnel to ${connection.sshHost}-${connection.server}:${connection.port}, using local port ${localPort}`
       );
 
       const subprocess = await callForwardProcess(connection, tunnelConfig, tunnelCacheKey);
 
       logger.info(
-        `Created SSH tunnel to ${connection.sshHost}-${connection.server}:${connection.port}, using local port ${localPort}`
+        `DBGM-00094 Created SSH tunnel to ${connection.sshHost}-${connection.server}:${connection.port}, using local port ${localPort}`
       );
 
       sshTunnelCache[tunnelCacheKey] = {
@@ -114,7 +114,7 @@ async function getSshTunnel(connection) {
       };
       return sshTunnelCache[tunnelCacheKey];
     } catch (err) {
-      logger.error(extractErrorLogData(err), 'Error creating SSH tunnel:');
+      logger.error(extractErrorLogData(err), 'DBGM-00095 Error creating SSH tunnel:');
       // error is not cached
       return {
         state: 'error',

packages/api/src/utility/sshTunnelProxy.js

@@ -10,7 +10,7 @@ async function handleGetSshTunnelRequest({ msgid, connection }, subprocess) {
   try {
     subprocess.send({ msgtype: 'getsshtunnel-response', msgid, response });
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Error sending to SSH tunnel');
+    logger.error(extractErrorLogData(err), 'DBGM-00175 Error sending to SSH tunnel');
   }
 }
 

packages/api/src/utility/useController.js

@@ -12,11 +12,11 @@ module.exports = function useController(app, electron, route, controller) {
   const router = express.Router();
 
   if (controller._init) {
-    logger.info(`Calling init controller for controller ${route}`);
+    logger.info(`DBGM-00096 Calling init controller for controller ${route}`);
     try {
       controller._init();
     } catch (err) {
-      logger.error(extractErrorLogData(err), `Error initializing controller, exiting application`);
+      logger.error(extractErrorLogData(err), `DBGM-00097 Error initializing controller, exiting application`);
       process.exit(1);
     }
   }
@@ -78,7 +78,7 @@ module.exports = function useController(app, electron, route, controller) {
           const data = await controller[key]({ ...req.body, ...req.query }, req);
           res.json(data);
         } catch (err) {
-          logger.error(extractErrorLogData(err), `Error when processing route ${route}/${key}`);
+          logger.error(extractErrorLogData(err), `DBGM-00176 Error when processing route ${route}/${key}`);
           if (err instanceof MissingCredentialsError) {
             res.json({
               missingCredentials: true,

packages/datalib/src/DataReplicator.ts

@@ -330,7 +330,7 @@ class ReplicatorItemHolder {
 
         if (new Date().getTime() - lastLogged.getTime() > 5000) {
           logger.info(
-            `Replicating ${this.item.name} in progress, inserted ${inserted} rows, mapped ${mapped} rows, missing ${missing} rows, skipped ${skipped} rows, updated ${updated} rows`
+            `DBGM-00105 Replicating ${this.item.name} in progress, inserted ${inserted} rows, mapped ${mapped} rows, missing ${missing} rows, skipped ${skipped} rows, updated ${updated} rows`
           );
           lastLogged = new Date();
         }
@@ -489,19 +489,19 @@ export class DataReplicator {
       for (const item of this.itemPlan) {
         const stats = await item.runImport();
         logger.info(
-          `Replicated ${item.name}, inserted ${stats.inserted} rows, mapped ${stats.mapped} rows, missing ${stats.missing} rows, skipped ${stats.skipped} rows, updated ${stats.updated} rows, deleted ${stats.deleted} rows`
+          `DBGM-00106 Replicated ${item.name}, inserted ${stats.inserted} rows, mapped ${stats.mapped} rows, missing ${stats.missing} rows, skipped ${stats.skipped} rows, updated ${stats.updated} rows, deleted ${stats.deleted} rows`
         );
       }
     } catch (err) {
-      logger.error(extractErrorLogData(err), `Failed replicator job, rollbacking. ${err.message}`);
+      logger.error(extractErrorLogData(err), `DBGM-00179 Failed replicator job, rollbacking. ${err.message}`);
       await this.runDumperCommand(dmp => dmp.rollbackTransaction());
       return;
     }
     if (this.options.rollbackAfterFinish) {
-      logger.info('Rollbacking transaction, nothing was changed');
+      logger.info('DBGM-00107 Rollbacking transaction, nothing was changed');
       await this.runDumperCommand(dmp => dmp.rollbackTransaction());
     } else {
-      logger.info('Committing replicator transaction');
+      logger.info('DBGM-00108 Committing replicator transaction');
       await this.runDumperCommand(dmp => dmp.commitTransaction());
     }
 

packages/datalib/src/GridDisplay.ts

@@ -13,7 +13,7 @@ import type {
   FilterBehaviour,
 } from 'dbgate-types';
 import { parseFilter } from 'dbgate-filterparser';
-import { filterName } from 'dbgate-tools';
+import { filterName, shortenIdentifier } from 'dbgate-tools';
 import { ChangeSetFieldDefinition, ChangeSetRowDefinition } from './ChangeSet';
 import { Expression, Select, treeToSql, dumpSqlSelect, Condition, CompoudCondition } from 'dbgate-sqltree';
 import { isTypeLogical, standardFilterBehaviours, detectSqlFilterBehaviour, stringFilterBehaviour } from 'dbgate-tools';
@@ -24,6 +24,7 @@ export interface DisplayColumn {
   columnName: string;
   headerText: string;
   uniqueName: string;
+  uniqueNameShorten?: string;
   uniquePath: string[];
   notNull?: boolean;
   autoIncrement?: boolean;
@@ -606,7 +607,9 @@ export abstract class GridDisplay {
     }
     return {
       exprType: 'column',
-      ...(!this.dialect.omitTableAliases && { alias: alias || col.columnName }),
+      ...(!this.dialect.omitTableAliases && {
+        alias: alias ?? col.columnName,
+      }),
       source,
       ...col,
     };

packages/datalib/src/ScriptDrivedDeployer.ts

@@ -43,11 +43,11 @@ export class ScriptDrivedDeployer {
         dmp.put('select * from ~dbgate_deploy_journal')
       );
       this.journalItems = rows;
-      logger.debug(`Loaded ${rows.length} items from DbGate deploy journal`);
+      logger.debug(`DBGM-00109 Loaded ${rows.length} items from DbGate deploy journal`);
     } catch (err) {
       logger.warn(
         extractErrorLogData(err),
-        'Error loading DbGate deploy journal, creating table dbgate_deploy_journal'
+        'DBGM-00110 Error loading DbGate deploy journal, creating table dbgate_deploy_journal'
       );
       const dmp = this.driver.createDumper();
       dmp.createTable({
@@ -126,12 +126,12 @@ export class ScriptDrivedDeployer {
       runCommandOnDriver(this.dbhan, this.driver, dmp => dmp.beginTransaction());
     }
 
-    logger.debug(`Running ${category} script ${file.name}`);
+    logger.debug(`DBGM-00111 Running ${category} script ${file.name}`);
     try {
       await this.driver.script(this.dbhan, file.text, { useTransaction: false });
       await this.saveToJournal(file, category, hash);
     } catch (err) {
-      logger.error(extractErrorLogData(err), `Error running ${category} script ${file.name}`);
+      logger.error(extractErrorLogData(err), `DBGM-00180 Error running ${category} script ${file.name}`);
       if (this.driver.supportsTransactions) {
         runCommandOnDriver(this.dbhan, this.driver, dmp => dmp.rollbackTransaction());
         return;

packages/datalib/src/TableGridDisplay.ts

@@ -1,5 +1,5 @@
 import _ from 'lodash';
-import { filterName, isTableColumnUnique } from 'dbgate-tools';
+import { filterName, isTableColumnUnique, shortenIdentifier } from 'dbgate-tools';
 import { GridDisplay, ChangeCacheFunc, DisplayColumn, DisplayedColumnInfo, ChangeConfigFunc } from './GridDisplay';
 import type {
   TableInfo,
@@ -93,7 +93,7 @@ export class TableGridDisplay extends GridDisplay {
     );
   }
 
-  getDisplayColumns(table: TableInfo, parentPath: string[]) {
+  getDisplayColumns(table: TableInfo, parentPath: string[]): DisplayColumn[] {
     return (
       table?.columns
         ?.map(col => this.getDisplayColumn(table, col, parentPath))
@@ -101,11 +101,12 @@ export class TableGridDisplay extends GridDisplay {
           ...col,
           isChecked: this.isColumnChecked(col),
           hintColumnNames:
-            this.getFkDictionaryDescription(col.isForeignKeyUnique ? col.foreignKey : null)?.columns?.map(
-              columnName => `hint_${col.uniqueName}_${columnName}`
+            this.getFkDictionaryDescription(col.isForeignKeyUnique ? col.foreignKey : null)?.columns?.map(columnName =>
+              shortenIdentifier(`hint_${col.uniqueName}_${columnName}`, this.driver.dialect.maxIdentifierLength)
             ) || null,
           hintColumnDelimiter: this.getFkDictionaryDescription(col.isForeignKeyUnique ? col.foreignKey : null)
             ?.delimiter,
+          uniqueNameShorten: shortenIdentifier(col.uniqueName, this.driver.dialect.maxIdentifierLength),
           isExpandable: !!col.foreignKey,
         })) || []
     );
@@ -116,7 +117,7 @@ export class TableGridDisplay extends GridDisplay {
       if (this.isExpandedColumn(column.uniqueName)) {
         const table = this.getFkTarget(column);
         if (table) {
-          const childAlias = `${column.uniqueName}_ref`;
+          const childAlias = shortenIdentifier(`${column.uniqueName}_ref`, this.driver.dialect.maxIdentifierLength);
           const subcolumns = this.getDisplayColumns(table, column.uniquePath);
 
           this.addReferenceToSelect(select, parentAlias, column);
@@ -129,7 +130,7 @@ export class TableGridDisplay extends GridDisplay {
   }
 
   addReferenceToSelect(select: Select, parentAlias: string, column: DisplayColumn) {
-    const childAlias = `${column.uniqueName}_ref`;
+    const childAlias = shortenIdentifier(`${column.uniqueName}_ref`, this.driver.dialect.maxIdentifierLength);
     if ((select.from.relations || []).find(x => x.alias == childAlias)) return;
     const table = this.getFkTarget(column);
     if (table && table.primaryKey) {
@@ -191,15 +192,24 @@ export class TableGridDisplay extends GridDisplay {
           const hintDescription = this.getDictionaryDescription(table);
           if (hintDescription) {
             const parentUniqueName = column.uniquePath.slice(0, -1).join('.');
-            this.addReferenceToSelect(select, parentUniqueName ? `${parentUniqueName}_ref` : 'basetbl', column);
-            const childAlias = `${column.uniqueName}_ref`;
+            this.addReferenceToSelect(
+              select,
+              parentUniqueName
+                ? shortenIdentifier(`${parentUniqueName}_ref`, this.driver.dialect.maxIdentifierLength)
+                : 'basetbl',
+              column
+            );
+            const childAlias = shortenIdentifier(`${column.uniqueName}_ref`, this.driver.dialect.maxIdentifierLength);
             select.columns.push(
               ...hintDescription.columns.map(
                 columnName =>
                   ({
                     exprType: 'column',
                     columnName,
-                    alias: `hint_${column.uniqueName}_${columnName}`,
+                    alias: shortenIdentifier(
+                      `hint_${column.uniqueName}_${columnName}`,
+                      this.driver.dialect.maxIdentifierLength
+                    ),
                     source: { alias: childAlias },
                   } as ColumnRefExpression)
               )
@@ -230,7 +240,7 @@ export class TableGridDisplay extends GridDisplay {
   }
 
   getFkTarget(column: DisplayColumn) {
-    const { uniqueName, foreignKey, isForeignKeyUnique } = column;
+    const { foreignKey, isForeignKeyUnique } = column;
     if (!isForeignKeyUnique) return null;
     const pureName = foreignKey.refTableName;
     const schemaName = foreignKey.refSchemaName;
@@ -298,7 +308,12 @@ export class TableGridDisplay extends GridDisplay {
     for (const column of columns) {
       if (this.addAllExpandedColumnsToSelected || this.config.addedColumns.includes(column.uniqueName)) {
         select.columns.push(
-          this.createColumnExpression(column, { name: column, alias: parentAlias }, column.uniqueName, 'view')
+          this.createColumnExpression(
+            column,
+            { name: column, alias: parentAlias },
+            column.uniqueNameShorten ?? column.uniqueName,
+            'view'
+          )
         );
         displayedColumnInfo[column.uniqueName] = {
           ...column,

packages/datalib/src/chartDefinitions.ts

@@ -4,6 +4,7 @@ export type ChartXTransformFunction =
   | 'date:minute'
   | 'date:hour'
   | 'date:day'
+  | 'date:week'
   | 'date:month'
   | 'date:year';
 export type ChartYAggregateFunction = 'sum' | 'first' | 'last' | 'min' | 'max' | 'count' | 'avg';
@@ -70,6 +71,7 @@ export interface ChartDateParsed {
   minute?: number;
   second?: number;
   fraction?: string;
+  week?: number;
 }
 
 export interface ChartAvailableColumn {

packages/datalib/src/chartTools.ts

@@ -9,7 +9,7 @@ import {
   ChartYFieldDefinition,
   ProcessedChart,
 } from './chartDefinitions';
-import { addMinutes, addHours, addDays, addMonths, addYears } from 'date-fns';
+import { addMinutes, addHours, addDays, addMonths, addWeeks, addYears, getWeek } from 'date-fns';
 
 export function getChartDebugPrint(chart: ProcessedChart) {
   let res = '';
@@ -29,6 +29,7 @@ export function tryParseChartDate(dateInput: any): ChartDateParsed | null {
     return {
       year: dateInput.getFullYear(),
       month: dateInput.getMonth() + 1,
+      week: getWeek(dateInput),
       day: dateInput.getDate(),
       hour: dateInput.getHours(),
       minute: dateInput.getMinutes(),
@@ -42,15 +43,21 @@ export function tryParseChartDate(dateInput: any): ChartDateParsed | null {
     /^(\d{4})-(\d{2})-(\d{2})(?:[ T](\d{2}):(\d{2}):(\d{2})(?:\.(\d+))?(Z|[+-]\d{2}:\d{2})?)?$/
   );
   const monthMatch = dateInput.match(/^(\d{4})-(\d{2})$/);
+  const weekMatch = dateInput.match(/^(\d{4})\@(\d{2})$/);
   // const yearMatch = dateInput.match(/^(\d{4})$/);
 
   if (dateMatch) {
-    const [_notUsed, year, month, day, hour, minute, second, fraction] = dateMatch;
+    const [_notUsed, yearStr, monthStr, dayStr, hour, minute, second, fraction] = dateMatch;
+
+    const year = parseInt(yearStr, 10);
+    const month = parseInt(monthStr, 10);
+    const day = parseInt(dayStr, 10);
 
     return {
-      year: parseInt(year, 10),
-      month: parseInt(month, 10),
-      day: parseInt(day, 10),
+      year,
+      month,
+      week: getWeek(new Date(year, month - 1, day)),
+      day,
       hour: parseInt(hour, 10) || 0,
       minute: parseInt(minute, 10) || 0,
       second: parseInt(second, 10) || 0,
@@ -71,6 +78,19 @@ export function tryParseChartDate(dateInput: any): ChartDateParsed | null {
     };
   }
 
+  if (weekMatch) {
+    const [_notUsed, year, week] = weekMatch;
+    return {
+      year: parseInt(year, 10),
+      week: parseInt(week, 10),
+      day: 1,
+      hour: 0,
+      minute: 0,
+      second: 0,
+      fraction: undefined,
+    };
+  }
+
   // if (yearMatch) {
   //   const [_notUsed, year] = yearMatch;
   //   return {
@@ -97,6 +117,8 @@ export function stringifyChartDate(value: ChartDateParsed, transform: ChartXTran
       return `${value.year}`;
     case 'date:month':
       return `${value.year}-${pad2Digits(value.month)}`;
+    case 'date:week':
+      return `${value.year}@${pad2Digits(getWeek(new Date(value.year, (value.month ?? 1) - 1, value.day ?? 1)))}`;
     case 'date:day':
       return `${value.year}-${pad2Digits(value.month)}-${pad2Digits(value.day)}`;
     case 'date:hour':
@@ -126,6 +148,9 @@ export function incrementChartDate(value: ChartDateParsed, transform: ChartXTran
     case 'date:month':
       newDateRepresentation = addMonths(dateRepresentation, 1);
       break;
+    case 'date:week':
+      newDateRepresentation = addWeeks(dateRepresentation, 1);
+      break;
     case 'date:day':
       newDateRepresentation = addDays(dateRepresentation, 1);
       break;
@@ -144,6 +169,11 @@ export function incrementChartDate(value: ChartDateParsed, transform: ChartXTran
         year: newDateRepresentation.getFullYear(),
         month: newDateRepresentation.getMonth() + 1,
       };
+    case 'date:week':
+      return {
+        year: newDateRepresentation.getFullYear(),
+        week: getWeek(newDateRepresentation),
+      };
     case 'date:day':
       return {
         year: newDateRepresentation.getFullYear(),
@@ -175,6 +205,8 @@ export function runTransformFunction(value: string, transformFunction: ChartXTra
       return dateParsed ? `${dateParsed.year}` : null;
     case 'date:month':
       return dateParsed ? `${dateParsed.year}-${pad2Digits(dateParsed.month)}` : null;
+    case 'date:week':
+      return dateParsed ? `${dateParsed.year}@${pad2Digits(dateParsed.week)}` : null;
     case 'date:day':
       return dateParsed ? `${dateParsed.year}-${pad2Digits(dateParsed.month)}-${pad2Digits(dateParsed.day)}` : null;
     case 'date:hour':
@@ -211,6 +243,14 @@ export function computeChartBucketKey(
           month: dateParsed.month,
         },
       ];
+    case 'date:week':
+      return [
+        dateParsed ? `${dateParsed.year}@${pad2Digits(dateParsed.week)}` : null,
+        {
+          year: dateParsed.year,
+          week: dateParsed.week,
+        },
+      ];
     case 'date:day':
       return [
         dateParsed ? `${dateParsed.year}-${pad2Digits(dateParsed.month)}-${pad2Digits(dateParsed.day)}` : null,
@@ -265,6 +305,8 @@ export function computeDateBucketDistance(
       return end.year - begin.year;
     case 'date:month':
       return (end.year - begin.year) * 12 + (end.month - begin.month);
+    case 'date:week':
+      return (end.year - begin.year) * 52 + (end.week - begin.week);
     case 'date:day':
       return (
         (end.year - begin.year) * 365 +
@@ -302,6 +344,8 @@ export function compareChartDatesParsed(
       return a.year - b.year;
     case 'date:month':
       return a.year === b.year ? a.month - b.month : a.year - b.year;
+    case 'date:week':
+      return a.year === b.year ? a.week - b.week : a.year - b.year;
     case 'date:day':
       return a.year === b.year && a.month === b.month
         ? a.day - b.day
@@ -356,6 +400,8 @@ function getParentDateBucketKey(
       return null; // no parent for year
     case 'date:month':
       return bucketKey.slice(0, 4);
+    case 'date:week':
+      return bucketKey.slice(0, 4);
     case 'date:day':
       return bucketKey.slice(0, 7);
     case 'date:hour':
@@ -371,6 +417,8 @@ function getParentDateBucketTransform(transform: ChartXTransformFunction): Chart
       return null; // no parent for year
     case 'date:month':
       return 'date:year';
+    case 'date:week':
+      return 'date:year';
     case 'date:day':
       return 'date:month';
     case 'date:hour':
@@ -388,6 +436,8 @@ function getParentKeyParsed(date: ChartDateParsed, transform: ChartXTransformFun
       return null; // no parent for year
     case 'date:month':
       return { year: date.year };
+    case 'date:week':
+      return { year: date.week };
     case 'date:day':
       return { year: date.year, month: date.month };
     case 'date:hour':

packages/dbmodel/bin/dbmodel.js

@@ -20,10 +20,10 @@ const logger = createLogger('dbmodel');
 async function runAndExit(promise) {
   try {
     await promise;
-    logger.info('Success');
+    logger.info('DBGM-00112 Success');
     process.exit();
   } catch (err) {
-    logger.error(extractErrorLogData(err), 'Processing failed');
+    logger.error(extractErrorLogData(err), 'DBGM-00113 Processing failed');
     process.exit(1);
   }
 }