* Add public_uuid and made_public_by_id to actions table & endpoints to enable/disable the public sharing on individual actions (#27721)

* Add migration for public_uuid (indexed) and made_public_by_id

* Add UUIDString schema

* Add endpoints for enabling/disabling sharing of actions

* Test that the new fields are returned with `GET /api/action/:id`

* Remove validCheckSum on migration

* Remove trailing whitespace

* Fix DELETE test

* Fix tests

* Please migration linter

* Update the default public_uuid every test run

* Please migration linter

* Add FK onDelete cascade

* Replace ü

* Add GET endpoint and post-select for action

* Revert "Add GET endpoint and post-select for action"

This reverts commit 8cc8b57d6034146dd726b54bc4199830ec1fda21.

* Fix merge

* Reorder migrations

* Update test for GET `api/action?model-id=<id>` endpoint to include public sharing keys (#27802)

* Add GET: /api/public/action/:uuid endpoint (#27781)

* Add test

* Remove non-public columns and check for 404

* Fix docstring

* Rename for clarity

* Fix missing ns

* Remove unneccessary keys from action

* Update test

* Remove unused refer

* Reorder migrations

* Use mt

* Add require and refactor

* Use mt

* Add endpoint for executing a public action (#27793)

* Add endpoint and test

* Add more tests and TODOs

* Use mt

* Reorder migrations

* Remove unused require

* Rate limit actions at 1 per second

* Fix the tests for the throttle

* Refactor tests

* Fix test

* Fix docstring

* Add test for failed execution if actions are disabled

* Use crowberto in tests

* Fix using crowberto in tests

* Fix cyclic load dependency

* Refactor ActionCreator (#27832)

* Refactor make ActionCreator more sane

* Render sidebar conditionally with JS rather than hiding it in CSS

* Make action public (#27809)

* Move action creator action buttons to the header following design

* Remove double border which make it looks thicker

* Draft toggle action public

* Add confirmation when disabling public link similiar to questions and dashboards

* Add an action public UUID input and copy button

* Show action settings based on user permission

* Add public action toggle tests

* Remove unused import ‍

* Attempt to fix flaky CI unit tests

The problem seems to be because of how long it takes for the response
to be received even on unit tests, it took longer than 1 second which is
the default timeout for `waitFor`.

* See if not using `userEvent` could make the involving nock faster

* Improve test speed to reduce flakiness

* Add public action page (#27747)

* Add basic public action page

* Add form submit logic placeholder

* Use "Submit" as default action form's button label

* Add "big" variant to `EmbedFrame's` footer

* Use new footer variant for action page

* Break down the page, add document title

* Handle long forms better

* Add `PublicWritebackAction` type

* Use public action GET endpoint

* Add endpoint to execute public actions

* Use action execution endpoint

* Add tests

* Handle actions without parameters

* Rename variant prop

* Replace `waitFor` with `findBy`

* Define `FooterVariant` type

* Fix router setup in `renderWithProviders`

* Show which action is publicly accessible on model detail page (#28039)

* Bring e2e tests back

Manually bringing back tests added in: https://github.com/metabase/metabase/pull/28056



* Update typo

Co-authored-by: Tim Macdonald <tim@metabase.com>

* Remove TODO and use malli for defendpoint

* Add malli schema for endpoints

* Update permissions checks for POST and DELETE

---------

Co-authored-by: Mahatthana (Kelvin) Nomsawadi <me@bboykelvin.dev>
Co-authored-by: Mahatthana Nomsawadi <mahatthana.n@gmail.com>
Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>
Co-authored-by: Tim Macdonald <tim@metabase.com>

* makes sure snowplow tracking for taskhistory does not exceeds the 2048 limit

* explains why 2048 limit is needed and return nil instead of empty string

deduplicates values returned from multiple fields and use malli for API schema

This reverts commit dca5f441.

Added logic to select only collections for a user that are public or their own. Note that original CTE logic was rewritten as inline queries as MySQL5.7 doesn't support CTEs.

insert next-gen permission paths alongside currently active permission paths + classification (#27911)

* implement move, which returns v2 paths

- TODO: insert these into the db

(move v1-path) => [v2 paths]

* cleanup + add some schemas

* generative tests 4 permission path classification

* whitespace lint

* detect data, query, and paths for v2

* calling move on v2 paths is a no-op

* differentiate between v1 and v2 permissions

quickchecking for move, classify-path, and classify-data-path

* fix tests + add idempotency test

* add tests for classification of permission paths

- rename move to ->v2-path
- move some fxns around
- ascii art in test

* making the legos line up

- need to insert both v1 and v2 versions of paths (of course)
- valid-path? has to allow v2 paths to be inserted

* replace mu/with-api-error-message

* linter + code quality fixes

* privatize rx->kind

* remove some changes that should be 4 anotherbranch

* revert ns

* delete v2 permissions in

- they aren't handled by the perm graph parser, so they don't get propagated into "old graph", so the diff between old and new indicates that they need to be rewritten.

* only delete v2 paths for the current group_id

- reorder declarations in models.permissions

* remove extra line break

* Update src/metabase/models/permissions.clj

fix typo

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

Added bans for print and friends. Fixed issues in kondo config where a macroexpansion put in a print by replacing with (constantly nil) as a no-op.

* Switch Audit App to Honey SQL 2

* Compile using Honey SQL 2

* Mark some more tests as ^:parallel

* Remove unused namespace

* Backport sql.qp/current-datetime-honeysql-form :mysql Honey SQL 2 support

* Add `hx/call` and `hx/raw`

* Update enterprise/backend/src/metabase_enterprise/audit_app/pages/common.clj

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* `#schema` => `#hawk/schema`

* Mark `metabase.async.streaming-response-test` as `^:mb/once`

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* initial migrations

* autofill permission_id when adding new sandbox

* use new table name in backend code

* add test for migration

* fix migration lint errors

* WIP fix tests

* small cleanup

* use CONCAT to fix migration on mysql

* break out fk constraint into a separate migration

* address feedback

* fix GET api/session endpoint for settings managers

* fix test

Parameter with source is a card:
- deduplicates values
- remove null/empty values
- properly search number

* Switch to the new Hawk test runner

* Fix some stuff

* Fix everything

* Commentz

* Bump init timeout?

* Fix Kondo config

* Remove unused

* Bump test runner version to get `:exclude-tags` support

Removed pulses from search API and corresponding tests. There _may_ be cruft tied to pulse search elsewhere because we can't blindly remove pulses yet (need to provide legacy support at the model level), but I think I got it all.

Fixing check such that a create-table check failure shows correctly instead of showing as a can-read failure.

* Add migration to remove defaults

* Add rollback

* Fix migration

* Fix migration

* Fix migrations

* whitespace

* Add test defaults for DashboardCard

* Remove defaults from create-dashboard-card!

* Fix test

* Fix tests

* Tighten API endpoints

* Fix endpoints

* Formatting

* Fix tests

* Fix tests

* Fix tests

* Fix tests

* Fix test

* Fix e2e tests

* Update e2e tests

* Fix e2e tests

* subscription permissions refactor (https://github.com/metabase/metabase/security/advisories/GHSA-ch8f-hhq9-7gv5)

* move recipient filtering to API-level (https://github.com/metabase/metabase/security/advisories/GHSA-492f-qxr3-9rrv)

Replaced, as needed, instances of str/lower|upper-case with the -en version. Also updated rules in our kondo config.

* Add actions.creator_id

* Add creator_id and hydrated creator to actions

* Punt on locking down time types

* Workaround for DB migration issue

* Move hydration down the pipe

* HydratedUser -> DefaultUser

* Remove experimental-enable-actions setting

* Ensure actions are enabled before executing custom actions

* Fixes MongoDB OrderedMap encoding with nippy
* Removes flatland/ordered from build-drivers deps

We can now filter out any ns tag for tests.

Added new endpoint "/db/:id/new-table".

This work removes a spec and a p.schema for data graph permissions.

There are still some specs but they are for execution, and collection graph permissions. Those should be targeted next.

* decoded + verified FIXME

* still good

* some cleanup

* a little more cleaning up

* bit more cleaning

* converted update-group-permissions! -> mu/defn

* use the correct shape for new-group-perms

* remove bunch of pschemas

* linter appeasement

* update test for setting dissallowed schema

* respond to review comments

* fix some tests + improve mu/defn error messages

* a lint fix

* lint fix

* read and query are optional

* update expected error message to the improved one

* stop calling trs at the top level

* fix function signature

* improve test

* Add import vars to metabase.test

* Adjust clj-kondo config

* Import more vars to metabase.test

* Remove unused vars from clj-kondo

* Import another var

* Replace actions.test-util with mt

* Fix merge

* Import another var

* Resolve cyclic deps

* Sort ns

* Fix quoted namespace

* Switch to Toucan 2 part 1

* Fix Kondo errors

* Switch to Toucan 2, part 2

* Fix Kondo errors

* Bump clj-kondo to 2022.12.10

[Fixes #27512]

* Use Kondo's :config-in-call instead of grosser hacks

Ordering in nested queries doesn't have to affect how rows are returned
from the embedding queries.

* Switch to Toucan 2 part 1

* Fix Kondo errors

Use the vertica/vertica-ce:12.0.2-0 image.

* fix throwing exceptions in handle-paging mw