* Move model cache section to OSS

* Don't handle "off" state as it won't be shown

* Tweak copy

* application-colors have new keys that may be added via the getter

Some colors previously had multiple usage contexts. For example, `accent1` was used both in charts and other parts of
the summarize UI. Now, those notions are being separated, so `accent1` remains a valid key, and `summarize` is a new
valid key. To make sure behaviour remains the same for existing whitelabel users who may have set these keys, when
such a key exists, it is 'split' by the getter.

For example, if the existing application-colors json contains `accent1`, the getter will add a new key `summarize`
with the same value as `accent1`, but only if `accent1` already exists, otherwise it does nothing. This is also true
for keys `brand`, which adds `accent0`, and `accent7`, which adds `filter`

* Make application colors getter make change only once

* Premium feature flag for test

This supports serialization of only Collections and Settings so far, but
it demonstrates the design of the new serialization system.

`metabase.models.serialization.base` defines the multimethods, which
are to be implemented by all the exported models eventually.
The actual serialization code that drives the larger process is in
`metabase_enterprise.serialization.v2.extract` and `.merge`, since
serialization is an enterprise feature.

The design calls for two matching phases on each side:
- Serialization is extract + store;
- Deserialization is ingest + load.

Extract and load deal with vanilla Clojure maps with a `serdes/meta` key
giving common details; they deliberately know nothing about files.

Store and ingest deal with the storage medium and the process of
listing and reading a stored export.

Laziness is retained: the `load` process ingests full details on demand,
so only the metadata of the importing database needs to fit in memory.

* Allow for disabling settings

Disabled settings will return their default value (else nil if no
default is set). This allows us to have enterprise override settings and
use them from regular OSS code without classloaders, extra vars,
remembering to check if the feature is enabled, etc.

Motivating examples are the appearance settings. We allow
`application-font` setting to change the font of the application. This
is an enterprise feature, but anyone can post to
`api/setting/application-font` and set a new value or startup as
`MB_APPLICATION_FONT=comic-sans java -jar metabase.jar` and have the
functionality.

Same thing for application colors in static viz. The calling code just
calls `(settings/application-colors)` and uses them but doesn't check if
the enterprise settings are enabled. To do this correctly, you have to
remember to implement the following onerous procedure:

A whole namespace for a setting
```clojure
(ns metabase-enterprise.embedding.utils
  (:require [metabase.models.setting :as setting :refer [defsetting]]
            [metabase.public-settings :as public-settings]
            [metabase.public-settings.premium-features :as premium-features]
            [metabase.util.i18n :refer [deferred-tru]]))

(defsetting notification-link-base-url
  (deferred-tru "By default \"Site Url\" is used in notification links, but can be overridden.")
  :visibility :internal
  :getter (fn []
            (when (premium-features/hide-embed-branding?)
              (or (setting/get-value-of-type :string :notification-link-base-url)
                  (public-settings/site-url)))))
```

And then in the calling code you have to do the procedure to
conditionally require it and put it behind a var that can handle it
being nil:

```clojure
;; we want to load this at the top level so the Setting the namespace defines gets loaded
(def ^:private site-url*
  (or (u/ignore-exceptions
        (classloader/require 'metabase-enterprise.embedding.utils)
        (resolve 'metabase-enterprise.embedding.utils/notification-link-base-url))
      (constantly nil)))

;; and then the usage
(defn- site-url
  "Return the Notification Link Base URL if set by enterprise env var, or Site URL."
  []
  (or (site-url*) (public-settings/site-url)))
```

Far nicer to just place the following into the regular public-settings
namespace:

```clojure
(defsetting notification-link-base-url
  (deferred-tru "By default \"Site Url\" is used in notification links, but can be overridden.")
  :visibility :internal
  :enabled?    premium-features/hide-embed-branding?)
```

Then no need for a custom namespace to hold this setting, no need to
have an extra var to point to the setting else a fallback value.

Note that this feature is not required on every enterprise feature we
have. We a namespace `metabase-enterprise.sso.integrations.sso-settings`
that has 24 settings in it, all of which are enterprise features. But
these features are used in our enterprise sso offerings and are directly
referenced from the enterprise features. No need for the extra var to
point to them and the flag checks happen in other parts.

* Mark the UI/UX customization settings as requiring whitelabeling

Mark the following settings as requiring
premium-settings/enable-whitelabeling? (aka token check)

- application-name
- loading-message (override of "doing science")
- show-metabot (override of showing our friendly metabot)
- application-colors
- application-font
- application-logo-url
- application-favicon-url

Updates the helper functions for colors to use the setting rather than
feeling entitled to use a lower level `setting/get-value-of-type`. We
need the higher level api so it takes into account if its enabled or
not.

* Move notification-link-base-url into regular settings with enabled?

* Cleanup ns

* Add reply-to setting for emails

* Add reply-to to SMTPSettings

* Change setting UI to match spec

* Remove WIP comment

* Add email-from-name setting

* Support comma delimited list of emails for reply-to setting

* Remove extra require

* Remove console.logging

* Improve the setting descriptions

* update email settings

* For now, limit reply-to field to one email

* Change back SMTPSettings to closed map

* Change test to only one reply-to email

* Fix SMTPSettings reply-to type

* Fix email-api-test

* Fix e2e email setup

* Add more checks in e2e tests

* Fix smoketest

Co-authored-by: Aleksandr Lesnenko <alxnddr@gmail.com>

They're useful in v2 serialization as well.

* add metabot animation

* review

* Prevent SSO users from changing their user info

* Show user name and email under the avatar in profile settings

* Add E2E tests

* Improve redability

* Fix test failure from merging other PR

* Clean up user form usage

* Extract getFullName to common util

* Audit Queries fall back to email when first/last names are nil

The audit page displays user information, and one column is "Name". Since we now allow nil first/last names, this
value can return as a single space character. Instead, I've changed `common/user-full-name` to fall back to returning
the user's email address if they have no first/last name values.

Additionally:
- since names can be nil, I've added sort by email to some of the queries for the audit page
- display names have been changed from "Name" to "Member" in several queries to better fit the fallback to email

* Add a test to check that audit pages have proper name fallback

* Try to get test passing in CI

* Make query work in MySQL by coalescing 'null' to empty string

* override product voice

* review

* JWT shared key can now be any string. Message to suggest 64char key

* Remove util require

* We can now pass nice, readable multiline strings to tru/trs macros

So let's do that here :)

* Migration to allow 'null' first and last names for users

This is part of improving how we handle user names, related to SSO, but we also have an opportunity to make login via
email simpler as well -> just loosen the requirement for names.

* When only last name is given, :common_name should not have a space

* WIP making optional first/last names safe in the backend.

Trying to fix up some assumptions about first/last name keys in backend implementations.

* Only add `:common_name` key when non-nil

* Adjust setup tests to pass if use first/last name are nil

* Fix up setup tests to work with null first/last names.

* User API endpoints altered to handle nil names

* Remove name validation test since they can be nil now

* Alter JWT/SAML tests for nil user names

* Remove "unknown" default in SAML

* Add tests to make sure users are updating appropriately

* use good naming convention in local function

Co-authored-by: Cam Saul <1455846+camsaul@users.noreply.github.com>

* Simplify truthy check in test

Co-authored-by: Cam Saul <1455846+camsaul@users.noreply.github.com>

* Simplify truthy check in test

Co-authored-by: Cam Saul <1455846+camsaul@users.noreply.github.com>

* Indentation fix

* Fix up syntax issue from github merge.

* Fix missed function name changes in test

* Clean up how sets are built up in the PUT user/:id endpoint

* Better implementation for update-user-name

* Avoid relying on 'vals' since order of keys is not guaranteed

* Fixing little things, clarification in a comment

* I'm tired... missed an obvious thing here. oops

* indentation and clarify some testing

* Change post-select implementation slightly

* expected status is now an optional arg no dynamic var binding needed

* 'f' is not optional, so we take it with first, then args are rest

* simplify destructuring

Co-authored-by: Cam Saul <1455846+camsaul@users.noreply.github.com>

Define identity-hash for fairly robust de-duplication when deserializing

This is a fallback for fully robust de-duplication based on `entity_id`
fields.

All serialized models should support identity-hash, and there is a test
to enforce that.

* Handle deletable state when enabling persistence

When enabling persistence all models are supposed to be set to creating
unless they have been explicitly turned "off".

Before, we were only looking for new models without attached
PersistedInfos when enabling, but missed deletable PersistedInfos that
needed to be re-enabled. It's the correct thing to do during the refresh
as you wouldn't want refresh to re-enable but it's incorrect when
enabling.

* Remove unecessary thread-last

Add a test to check that all exported models have a portable unique name

Either an external name (eg. a database path) or an entity_id column.
Unexported models are explicitly listed as such here.

This makes it impossible to forget to address a unique ID for any new
model.

Related to epic #22641

* add parameters to report_card and card APIs

* make sure migration can work with existing cards and add migration tests

* remove debug code

* When parameters is empty, return template tag parameters

* update schema message

* update migraiton test name

* minor changes in test

* fix failing tests

* Always use card.parameters in PublicQuestion

* Add defaults and readd isEmpty check

* Default to undefined/use template tags in PublicQuestion...

* parameters should be in the writableProperties

* Native query card: construct parameters from template tags

* Separate the generation of parameter id

* Add parameter_mappings to report_card (#23003)

* add parameter_mappings to report_card

* fix from Noah's comments

* fix from Noah's comments

* Update a parameter from an updated template tag

* Correct the parameters construction

* Also add `parameter_mappings` to writableProperties

* CI test: bust the npm module cache

* Revert "CI test: bust the npm module cache"

This reverts commit 5a327b616f0220f43a90f7f871e0bd877ffa6f47.

Co-authored-by: Dalton Johnson <daltojohnso@users.noreply.github.com>
Co-authored-by: Ariya Hidayat <ariya@metabase.com>

* Adjust JWT and SAML fetch-and-update user to save new attributes

Before this change, JWT/SAML logins would attempt to update attributes, but never considered the first-name or
last-name attributes.

* Attempts to fix tests to prevent pulluting test users with "Unknown"

* No deleting users.

* Unit tests checking that first/last names are updated for SSO users

When an SSO user is first logged in, they might not have first_name and/or last_name keys. This is allowed, but the
names will be "Unknown" in the app-db. Subsequently, a User may log in again with SSO but have fisrt/last name
attributes, which should update the Metabase user data in the app-db.

These unit tests set up such a scenario to check that the :first_name and :last_name keys are indeed updated.

* Adjust Enterprise LDAP to also use SSO-UTILS

Trying to unify the LDAP implementation with JWT/SAML a bit here.

* Lint error

* Reverting LDAP n...

Adding action button to Question Page

* Add new cache info types

* Add model cache info mock factory

* Add `checkCanRefreshModelCache` utility

* Handle new states on model page caching section

* Handle new states on Tools page

* Fix svg import type error

* Use "queued" for `creating` state

* Fix tests

remove param_values hydration keys

Since this information is used in the model cache logging screen
accessible by monitoring users, :monitoring rather than :setting
permission is the correct one.

* `defsetting` setter functions should end in `!`

* Fix typo

* Update .clj-kondo/hooks/metabase/models/setting.clj

* Fix clj-kondo for Toucan defmodel not emitting a docstring

* Remove `^:private` metadata on a couple of Settings since it makes Eastwood fussy

Allow font selection in embedded widgets

* Add `PLUGIN_MODEL_PERSISTENCE` plugin

* Remove persist/unpersist actions

* Move model cache control to enterprise folder

* Move model cache management to enterprise folder

* Add `setPersisted` method to `Question`

* Refresh state when toggling model level persistence