Cam suggested most of these changes in another PR, and I'm tackling them
here.

* Lets use the main thread

* Strip out channel stuff and rename

* 202 -> 200 response

When returning a channel we return a 202. A map is just a 200. Since we
no longer need to have the main stuff async (as opposed to the metadata
stuff) we can just return the map with a 200 instead of this long
running channel stuff and a 202.

* Last test

* renames, logging, ensure query is the same before saving metadata

* Sandbox test 202 -> 200

* Another 202 -> 200

* Put timeout on async metadata saving

timeout of 15 minutes before we give up on the async metadata saving. It
is possible this cuts things off but hard to tell if work is still being
done at that point.

* outdated comment

* Return json error message, not text/plain

this is a subtle one that I'm not happy about. Our error handling will
return text/plain if you throw an `(ex-info "something" {:status-code
400})`.

```shell
❯ http post localhost:3000/api/timeline-event/ name=some-name description=Bob timestamp=2022 timezone=America/Central time_matters:=false timeline_id:=1629  Cookie:$COOKIE
HTTP/1.1 404 Not Found
Content-Type: text/plain

Timeline with id 1,629 not found
```

But if you add extra information to the map to the ex-info, you get
json!

```clojure
(defmethod api-exception-response Throwable
  [^Throwable e]
  (let [{:keys [status-code], :as info} (ex-data e)
        other-info                      (dissoc info :status-code :schema :type)
        body                            (cond
                                          (and status-code (empty? other-info))
                                          ;; If status code was specified but other data wasn't, it's something like a
                                          ;; 404. Return message as the (plain-text) body.
                                          (.getMessage e)

                                          ;; if the response includes `:errors`, (e.g., it's something like a generic
                                          ;; parameter validation exception), just return the `other-info` from the
                                          ;; ex-data.
                                          (and status-code (:errors other-info))
                                          other-info

                                          ;; Otherwise return the full `Throwable->map` representation with Stacktrace
                                          ;; and ex-data
                                          :else
                                          (merge
                                           (Throwable->map e)
                                           {:message (.getMessage e)}
                                           other-info))]
    {:status  (or status-code 500)
     :headers (mw.security/security-headers)
     :body    body}))
```

So this fix is a _very_ subtle way to get to what we want, although it
does add a bunch of extra junk to our response.

```javascript
{
 ...
 "message": "Invalid Field Filter: Field 26 \"PRODUCTS\".\"CATEGORY\"
belongs to Database 1 \"Sample Database\", but the query is against
Database 990 \"copy of sample dataset\"",
 "data": {
   "status-code": 400,
   "query-database": 990,
   "field-filter-database": 1}
 ...
}
```

Reminder of what we want: the frontend is saving a card. We added a
field filter on a database and then changed the source database of the
query. So the backend needs to reject the field filter as being on the
wrong db. The FE expects a json response with a message and will then
show that message in the save/edit modal.

Why did this come up now: these endpoints for saving and editing a card
used to always return 202 streaming responses. This means they would
have to tuck any errors inside of an already open 202 response. Which is
why you get a message as a json response. But now that they are sync,
the api can just return a proper 400 with a reason. But we still want
that to be a json response for the FE.

* error layout fix

* Several Cleanups

- make sure numbers have units at the end (-ms)
- use (u/minutes->ms 15) rather than a more opaque (* 15 60 1000)
- move the scheduled metadata saving into its own function

This last bit is actually a bit more than that. I was previously
throwing everything in a thread submitted to the pooled executor. I'm
now using a `future` but with a caveat: All of the waiting for the
timeout, checking if we got metadata is done in a simple `a/go` block
now, and the thread does just the last bit of IO. We have to select the
card as it is now to ensure the query is the same and then save.

Refresher on why we have to check if the query is the same. We have up
to 15 minutes to wait for the query metadata to come back. Completely
possible for them to have edited the query and then our metadata is
useless.

Co-authored-by: Aleksandr Lesnenko <alxnddr@gmail.com>

* first pass storing linked-filter fieldvalues

* limit linked-filter to not explode

* no check perms for fields when getting params values on dashboard

Also standardizes date/time output to `ZonedDateTime`, rather than whatever the JDBC happens to return.

* logout when session expires, login when session appears

* add setting UI

* Add last_activity column to session table

* Start implementing session middleware to check for expired sessions

* Change last_activity field to include timezone offset

* Update session middleware to check user activity timeout

* Update last_activity after checking the timeout, or not at all if the setting is nil

* Move session-timeout settings to server.middleware.session

* Handcode timeout for testing

* Fix migrations validation error

* Fix whitespace

* Change session timeout to use metabase.TIMEOUT cookie with expiry

* Remove migration for last_activity column on session table

* Revert changes to logout endpoint

* Revert change to Session model pre-update

* Remove tap>

* Fix tests to include cookie value

* Fix timeout when user is logged out. Timeout loop should only start when a user is logged in

* Update comment and date format

* Store the session-timeout setting as json and convert it to seconds on the fly

* Set zoned date time to use GMT instead of default time zone

* Refactor for testing

* refactor session listener (#23686)

* remove old session listener

* Clear the timeout cookie when user signs out

* Clear session cookie if the timeout cookie expires

* fe tweaks

* Update expires attribute for session and timeout cookies together

* Reapply minimum limit on session-timeout

* Rename functions and fix lint warnings

* Fix resetting session-timeout

* Fix sign out

* Fix tests

* Whitespace

* Get full-app-embeds working

* Add test for embedded session

* session timeout ui tweaks

* fix security issue

* Fix test

* Fix tests

* Do not redirect to "/" if there isn't any redirect URL

* Add test for session-cookies setting

* Fix bug when toggling off timeout and adjust tests

Co-authored-by: Aleksandr Lesnenko <alxnddr@gmail.com>
Co-authored-by: Aleksandr Lesnenko <alxnddr@users.noreply.github.com>

Pursuant to #23451.

The end effect of whitespace existing in a SAML response is us choking on it as reported in #23451. Two possible interpretations of causes of this bug:

There was an upstream change in our fork of the clojure SAML lib as flamber noted,
The decoding of base64 in our SAML endpoint (which uses the SAML lib) chokes on whitespace.
The proximate cause is the second one and ultimate cause is the first. However, I tend to believe that fixing the second one would be the better fix. For comparison, onelogin's first party SAML thing for java decodes base64 (https://github.com/onelogin/java-saml/blob/master/core/src/main/java/com/onelogin/saml2/util/Util.java) via apache's lib, which seems to do the thing that a lot of base64 decoders do of skipping whitespace.

* Allow group managers to see members even if they're sandboxed

* Remove failing test

* Delete test file

* Fix (unrelated) failing E2E test

Co-authored-by: Nemanja <31325167+nemanjaglumac@users.noreply.github.com>

Serialization of Databases, Tables, Fields

This brought a few core changes:
- Add `serdes-entity-id` to abstract the field used for the ID
- Pass the options to `extract-one` so it can eg. do encryption things.
- Handle dates in YAML storage and ingestion
- `:serdes/meta` now holds the entire hierarchy, not just the leaf model+ID pair.

There's an open problem here about the right way to handle secrets like
a database's password. Do we assume both sides have the same
`MB_ENCRYPTION_SECRET_KEY`? Provide a serdes-specific password the user
just made up, and every secret gets decrypted with the source key, encrypted with
the serdes key, stored, decrypted with the serdes key, and encrypted with
the destination key?

* Replace interval-hours and anchor-time with cron

Removed the two settings and replaced with a single cron schedule setting

Renamed the /set-interval endpoint to /set-refresh-schedule

* Ignore "year" part in schedule endpoint

* Fix variable

* Use a temp scheduler and initialize the refresh job

Running into errors when updating the triggers for each database's
refresh job because the "job" itself didn't exist. Reminder of what's
going on here: There's a single refresh job. It has a trigger for each
database. So updating the trigger would fail since it doesn't exist
since there was no job to hold the triggers.

This error is quite clear in the tests run locally:

```
ERROR in metabase.api.persist-test/set-refresh-schedule-test (util.clj:421)
Uncaught exception, not in assertion.

        clojure.lang.ExceptionInfo: Error in with-temporary-setting-values: Couldn't store trigger 'DEFAULT.metabase.task.PersistenceRefresh.database.trigger.1' for 'DEFAULT.metabase.task.PersistenceRefresh.job' job:The job (DEFAULT.metabase.task.PersistenceRefresh.job) referenced by the trigger does not exist.
    location: metabase.public-settings/persisted-models-enabled
     setting: "persisted-models-enabled"
       value: true
```

But this logging is absent from the logging in Github annoyingly:

```
FAIL in metabase.api.persist-test/set-refresh-schedule-test (persist_test.clj:26)
Setting new cron schedule reschedules refresh tasks
Setting :persisted-models-enabled = true
expected: "0 0 0/12 * * ? *"
  actual: (nil)
```
Whic doesn't give us the error, just the test result.

* update to newer API `set-interval` -> `set-refresh-schedule`

```
;; old
{:hours 4}

;; new
{:cron "0 0 0/1 * * ? *"}
```

Co-authored-by: Case Nelson <case@metabase.com>
Co-authored-by: dan sutton <dan@dpsutton.com>

* LDAP now also properly allows `nil` in names.

There were still places where "Unknown" was substituted in to name keys, which we don't need to do anymore as 'nil' is
valid for first/last names of users.

* Remove unused namespaces/refers

* Adjust LDAP so that even nil name values update the Metabase user

Also changed a test in both the OSS and EE LDAP tests to make sure this is indeed true that 'nil' values are correctly
set in the app-db when LDAP does not send `givenName` and/or `sn`.

Write `storage.yaml` and `ingest.yaml` to serialize all the way to YAML files and back.

Lots of generative testing to check it's isomorphic.

* update prettier

* update prettier styling

* Add test for user list endpoint when user is a sandboxed group manager

* Improve test description

* larger description text

* massage description area styling

* fix spacing in question info sidebar

* Using Emotion for style changes

Co-authored-by: Nick Fitzpatrick <nick@metabase.com>

* Store Sandboxed FieldValues

* locked-filter -> linked-filter

* resolve Noah and Braden comments

* Ensure current code does not confuse with the new added FieldValues type (#23601)

* makes sure the old code returns the correct FieldValues after adding new FieldValues types

* use threading macro to make at test easier to read

* Job to clean expired advanced field values (#23437)

* add a clean job

* merge upstream

* use java-time for max-age var

* simplify a reduce function and update some tests to make it easier to understand

* Send alert emails on persisted model refresh fail

* Fixing formatting and making sure all the information is available for template

* Fix circular dependency

* Fixing tests and only check advanced perm users if they exist

* Fix merge cruft that was renamed

* Only send emails in persist-refresh

* Add temporary endpoint for testing persist failure emails

* Use `border-box` box sizing in emails

* Use Lato font in emails

* Style model caching error email

* Revert "Add temporary endpoint for testing persist failure emails"

This reverts commit 3d3b8f123060f278374aa5a9301c67d547eb42f7.

* Add is-not-first to error context to help styling

* Only send to admins if advanced-permissions is off

From @noahmoss:
> This is an edge case, but it's possible for an EE instance to downgrade back to OSS. When this happens, users with DB and/or monitoring perms lose these permissions in the app, since it's an EE-only feature. But we don't run any migrations on the permissions table when downgrading happens, so they'll still show up here.
> To fix this you'll need to call metabase.public-settings.premium-features/enable-advanced-permissions? to check whether the instance is EE and advanced perms are enabled before including these users in this query.

* Test private fn

* More robust admin email handling and tests

* Remove commented out code

* Avoid `nth-child` selector for padded sections

* Don't hardcode colors

* Fix line-height

* Use line-height fix for Outlook

* Avoid media-queries and `box-sizing`

* Fix E2E test

Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>

* Update invitation email CTA link when SSO is active

* Update FE copy when inviting members with SSO configured

* Remove irrelevant comment

* Add relevant comments

* Match FE logic with BE

* Address feedback: Fix smtp setup

* Make BE function condition more obvious

* Address review

* Address feedback move code to settings.ts

* Fix the logic to not only send new email for EE but also OSS

* Fix SSO check logic to not require BE change.

* add a test for invitation email when sso is enabled and password login is disabled

Co-authored-by: Ngoc Khuat <qn.khuat@gmail.com>