This work removes a spec and a p.schema for data graph permissions.

There are still some specs but they are for execution, and collection graph permissions. Those should be targeted next.

* decoded + verified FIXME

* still good

* some cleanup

* a little more cleaning up

* bit more cleaning

* converted update-group-permissions! -> mu/defn

* use the correct shape for new-group-perms

* remove bunch of pschemas

* linter appeasement

* update test for setting dissallowed schema

* respond to review comments

* fix some tests + improve mu/defn error messages

* a lint fix

* lint fix

* read and query are optional

* update expected error message to the improved one

* stop calling trs at the top level

* fix function signature

* improve test

* Switch to Toucan 2 part 1

* Fix Kondo errors

* Switch to Toucan 2, part 2

* Fix Kondo errors

* Switch to Honey SQL 2 for some application DB things

* Fix Chain Filter query

* More fixes

* Test fixes :wrench

* Fix Kondo lint errors

* Test fixes 

* Test and formatting fixes for MySQL

* Fix new code using `db/query`

* Fix circular references

* Switch to Honey SQL 2, Part 1

* Test fix

* Revert deletion of ratios-test

* Fix Kondo error

* Fix stack overflow

* Update code to use new names for schemas

* move malli schema from metabase.util.schema to a new ns metabase.util.malli.schema

* revert name changes for plumatic schema. e.g: NonBlankStringPlumatic -> NonBlankString

* add clj-kondo rule to enforce consistent alias for metabase.util.malli.schema

* Install and enable plugins

* Run eslint auto fix

* Fix linter issues (part 1)

* Fix Visualization test

* Fix Pie Visualization test

* Add `getIcon` and `queryIcon` helpers

* Fix `VisibilityToggler` tests

* Fix `QuestionActivityTimeline` tests

* Fix formatting tests

* Fix `EntityMenuItem` tests

* Fix `ClampedText` tests

* Fix `ObjectRelationships` tests

* Fix `EmailAttachmentPicker` tests

* Fix `SavedQuestionHeaderButton` tests

* Fix `DatabaseEngineWarning` tests

* Fix `Tooltip` tests

* Fix `TippyPopoverWithTrigger` tests

* Fix `TippyPopover` tests

* Fix `TableLabel` tests

* Fix `TableInfo` tests

* Fix `ModerationStatusIcon` tests

* Fix `Sidebar` tests

* Fix `PermissionSelect` tests

* Fix `PinnedItemCard` tests

* Fix widget tests

* Fix `DimensionSemanticTypeLabel` tests

* Fix `ListSearchField` tests

* Fix `ControlledPopoverWithTrigger` tests

* Fix `FieldFingerprintInfo` tests

* Fix `ErrorActionButton` tests

* Fix `QueryValidationError` tests

* Fix `LineAreaBarRenderer` tests

* Fix `DataSelector` tests

* Fix `PivotTable` tests

* Fix `ItemPicker` tests

* Fix `TokenField` tests

* Fix `TagEditorParam` tests

* Fix tests

* Fix tests

* Run prettier

* Fix tests

* Remove `titleTemplateChange` from dashboard reducer

* Remove `breadcrumbs` from app reducers

* Always use real reducers in `renderWithProviders`

* Update `ModerationReviewButton` tests

* Update `QueryValidationError` tests

* Update `LastEditInfoLabel` tests

* Update `ProfileLink` tests

* Update table visualization tests

* Update `QuestionInfoSidebar` tests

* Remove `screen.debug` call

* Use `getByText` instead of `queryByText`

* Fix prop errors in `ViewHeader` tests

* Update `DatabaseEditApp` tests

* Remove `currentUser` prop from `renderWithProviders`

* Update `RenderWithProvidersOptions` type

* Fix failing tests

* Extract `setup` helper

* Use more readable test string

* Use `not.toBeInTheDocument` vs `toBeNull`

* Fix missing assertions

* Fix error about `widget` not being an element

* Fix missing `key` prop

* Improve new dashboard modal tests

* Remove not used import

* Fix typo

* Add missing `key` props

* Use `waitFor` instead of `act`

* fetch gtap from table and group

* make tests more repl-friendly

* Add `mockSettings` utility

* Use `mockSettings` in sidebar tests

* Use `mockSettings` in database edit app tests

* Use `mockSettings` in update info form

* Use `mockSettings` in caching utils

* Use `mockSettings` in question cache TTL field

* Use `mockSettings` in new dashboard modal

* Use `mockSettings` in question info sidebar

* Use `mockSettings` in save question modal

* Use `mockSettings` in profile link

* Ensure settings are passed to redux in tests

* Update signature

* Fix test

* Add missing fields to `Settings` type

* Make `MetabaseSettings` use up-to-date setting types

* Fix type errors

* Fix error about redux store fixture

* Always add settings and embedding reducers

* Add `value` to `SettingDefinition` type

* Add `settings` type to admin state branch type

* Add `users` to entities state

* Convert `__support__/ui` to TypeScript

* Fix error when rendering with router mock

* Remove `form` from redux state

* Address feedback

* Fix tests setup

* Add return type

* Limit session timeout amount to less than 1 million

* Limit the max timeout to 100 years

* Validate on BE too

* Typo

* Add comment to FE

* Fix BE validation

* Fix BE validation

* Add BE test

* Change FE validation to mirror BE validation

* Add unit test for SessionTimeoutSetting

* Refactor FE unit tests

* Move comment

* Add check for positive amount to BE validation

* Add more BE tests

* Refactor validate function

* Remove cleanup()

* Use ToBeInTheDocument instead

* Use getByText

* Remove conditional expect

* Remove unused import

* Refactor for clarity

* Formatting

* Validate session-timeout in getter too

* Add docstring to check-session-timeout and make private

* Change getter to print warning string instead of throw exception

* Format import

* i18n and use log/warn in getter, and throw 400 in setter

* Reorder require

* Use cam's suggestion

Co-authored-by: Cam Saul <1455846+camsaul@users.noreply.github.com>

Co-authored-by: Cam Saul <1455846+camsaul@users.noreply.github.com>

* Implicit action pre-fetch values (#25940)

* [Apps] Implicit action pre-fetch values

WIP To return a parameter-id: value map in order to prefill ui.

* Use jsonstring encoded parameters

* Change parameters exposed by implicit actions

Previously, we would look at a model's source-table to determine which
parameters were valid for implicit actions. So if an implicit action is
on a User model that hides the user.password column, you could still
update or insert the password.

With this commit, if the model doesn't expose a source table column, it
is not a valid parameter. In the example user.password could not be
inserted/updated or fetched for prefilling.

* Fixing tests

* Show data app page ID params in editing mode (#25943)

* Data apps layout updates (#25930)

* play with grid sizes to make apps feel appier [ci skip]

* move app nav to bar inside app

* only hide other header buttons outside of edit mode

* tweak overflow issue

* fix header width on data apps

* add control to see app contents

* set data apps layout constants contextually [ci skip]

* remove hardcoded value [ci skip]

* extract conextual header styles [ci skip]

* set max-width on paramaters for data apps [ci skip]

* move data apps nav deeper, only show if not editing [ci skip]

* add spacing to contents trigger, rm old code [ci skip]

* rm table thing for now [ci skip]

* Fixes for data app layout updates (#25962)

* Reorder import

* Fix type

* Fix missing translation, move out URL

* Remove not used import

* Rework `getSelectedItems` utility for data apps

* Fix selected data app page highlighting

* Don't reload app navbar on page change

* Change nav item links look

* Remove `DataAppPageSidebarLink`

* Turn nav into HTML list

* Use styled components

* Fix edit button covered by visualizations

* Fix opening homepage

* Remove redundant prop

Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>

* First take at parameterized data app page titles (#25938)

* Bring `DataAppContext` back

* Pass `onFocus` and `onBlur` to `EditableText`

* Export `EditableTextProps`

* Add basic `DataAppPageTitle` component

* Use `DataAppPageTitle`

* Fix component name

* Add primitive autocompletion to page title input

* Add `title_template` to `DataAppNavItem` type

* Tweak value management in `DataAppPageTitle`

* Handle `null` values in titles more gracefully

* Don't show suggestions without detail cards

* Don't add whitespace when pasting a token

* Don't update app's collection all the time

* Add data app related selectors to dashboard selectors

* Add redux state to keep title template changes

* Update page title template on page save

* Wire up `DataAppPageTitle` with dashboard code

* Fix unit tests

* Reset state on exiting editing mode

* Add back button to template data picker

* Fix test that didn't include pk on insert

* Use the actual pk value

Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>
Co-authored-by: Kyle Doherty <5248953+kdoh@users.noreply.github.com>

* Revert "Remove data app permission code (#26016)"

This reverts commit b8c92cf1.

* Remove unused imports

* Don't require the table_id on result_metadata elements (#26073)

In some cases (which ones still has to be clarified) the result metadata doesn't
contain the table_id and so no parameters are provided. In fact the table ID is
probably not needed anyway because fields are already table specific.

* Support filtering cards by used model (#26088)

This change adds a new filter option for the GET /card endpoint.

* Support filtering apps using a given model (#26124)

* Handle type errors more cleanly (#26120)

* [Apps] Handle type errors more cleanly

Adds a number of tests for different db datatypes, these can be expanded
on as we solve.

Catches most exceptions during execution and logs then throws a generic
message that leaks less of the details.

* Make sure we order-by expected results

* Fix tests, allow purposeful exception through

* Accept model-ids for scaffolding apps (#26139)

* [Apps] Accept model-ids for scaffolding apps

WIP - accept model-ids but there's still some issues, might be able to
start building UI from this point though.

* Maybe working model

* Work with card__n table-ids passed in. Fix problems with detail page

* Dynamically add actions that exist on models

* Update tests for existing custom actions

* Can't def tru

* Address review comments

* Add required to action parameters (#26296)

Looks at `database_required` field values for implicit actions, and
`required` template-tags for custom query actions. Bubble those values
up onto `action.parameters`. Finally, look at `requires_pk` to see if pk
fields should be marked as required regardless.

* Cleanup scaffolded back button (#26317)

* Forward action execution error messages to the frontend (#26469)

This is a crude temporary solution necessary to be able to debug problems related to executing actions.
Although error parsing has been implemented for Postgres (only) with the goal to provide information for
the FE like `{"errors":{"id":"violates foreign key constraint note_subject_id_fkey"}}`. This code doesn't
care about the error message itself, it just forwards the error message from the DB to the FE.

* Actions for public pages (#26554)

* [Apps] Testing out public dashboards

* Add WIP endpoints for public execution

* Add throttle check to public execution route

* Bump attempts-threshold to 1000

* Bump threshold to 5000

* Add test

* Fix linter

* Review changes

* Fix lint

* Run publicly shared actions with full permissions (#26610)

* Support actions with MySQL and MariaDB (#26573)

Support actions with MySQL/MariaDB

* Check permissions for implicit actions (#26652)

* Check permissions when executing implicit actions

* Fix some action tests and reduce permissions boilerplate

* Revert "[Apps] Disable data-apps prior to release (#25982)"

This reverts commit 51147027.

* WIP: Unify action representation (#26717) (#27349)

* [Apps] WIP initial db migrations for giving implicit actions an action_id and removing card from query_action

* Make crud work for http actions

* Make implicit crud work

* Rename implicit_action.namespace to kind. Rewrite merged-model-actions to actions-with-implicit-parameters

* Fix query action creation

* Make actions.test-util/with-action create a holding model

* Fix unified-action-create-test

* Fix get-action-test

* Add tests for creating implicit and http dashcard actions

* Enable query action in dashcard-action-create-update-test

* Fix metabase.api.dashboard-test/dashcard-query-action-execution-test

* Fix metabase.api.dashboard-test/dashcard-http-action-execution-test

* Fix metabase.api.dashboard-test/dashcard-action-execution-auth-test

* Fix metabase.api.dashboard-test/dashcard-action-execution-granular-auth-test

* Make implicit action execution work

* Scaffolding implicit actions from table

* Fix metabase.api.action-test

* Make scaffolding work with existing models. Update with-action macro to allow multiple actions

* Fix metabase.api.public-test

* Remove unused names from metabase.models.action

* Remove some unused imports

* Remove an unused import

* Remove model_action and fix a bunch of tests

* Fix dashcard-implicit-action-only-expose-and-allow-model-fields

* Fix action type inheritance

* Fill in remarks and add description to action

* Add forward migration for existing actions and rollbacks that remove existing actions

* Prevent overwriting parameters of custom actions

* Support setting description on actions

* Update migration to work with mysql - rollback is still not quite working in mysql due to database_id fk

* Rename with-action macro to with-actions and document it

* Remove report_card.is_write

* Fix some more tests

* Fix rollback across all appdb drivers, add not null constraints, use action.name to hold implicit slugs

* Pull name and description from is_write card

* Add name to scaffolded implicit actions

* Remove ModelAction

* Remove is_write from comments too

* Different databases reference capture groups in regexp_replace differently. Also drop model_action table

* Update migrations to pass linter.

Introduce ${capturegroup.ref} to handle the different ways to reference
capture groups within a regexp_replace. This allows collapsing large
data migrations into a single `sql` element that the linter requires.

* Add kind to action-mapper so we can sort as we wish

* Add name to with-temp Action

* Adjust FE to query actions migration (#26764)

* Remove `is_write` card notion

* Remove action `slug` from action types

* Fix typo in `estimateCardSize` name

* Remove hanging card's `is_write` prop

* Remove not used writeback actions

* Update endpoints

* Remove not used prop

* Remove action `slug` usage

* Update actions entity

* Tweak action creator to handle new actions shape

* Fix saving action dashcards

* Fix actions API usage

How did that work before? 



* Pass `database_id` when creating query actions

* Remove custom list API implementation for actions

* Clean up types

Co-authored-by: Tamás Benkő <tamas@metabase.com>

* Change regexp_replace to substring to support mysql - this is ok because we have consistent json serialization.

* Check permissions on the model in the action API

* Remove unused required namespace

* Throw an exception when demoting a model with actions to question

* Allow saved parameters on implicit actions to add to implicit parameters

Co-authored-by: Case Nelson <case@metabase.com>
Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>
Co-authored-by: Case Nelson <case@metabase.com>

* empty commit to kick CI

* bump CI

* Fix down migrations

 change v45.00-002 sets up a fk fk_query_action_ref_action_id. h2 v2 for
 some strange reason requires us to remove the constraint before we can
 remove the primary key. But then we have to restore the state that
 v45.00-002 creates manualy

* Allow for version for `(migrate! :down 45)`

* Remove data apps parts not planned for 0.46

Removed app container, app scaffolding and pages (dashboards with is_app_page)

* Address linter issues

* Make some cosmetic changes to reduce the diff

* Make new permission API endpoints use defendpoint-schema

* Fix bad automerge

* Skip Mongo 4.2 instead of 4.0

Co-authored-by: Case Nelson <case@metabase.com>
Co-authored-by: Anton Kulyk <kuliks.anton@gmail.com>
Co-authored-by: Kyle Doherty <5248953+kdoh@users.noreply.github.com>
Co-authored-by: dan sutton <dan@dpsutton.com>

Update data perms graph API to accept sandboxes and save them transactionally with the permissions graph (#27434)

* basic implementation and happy path tests

* error handling & include changed sandboxes in result

* whitespace fix

* [Toucan 2 Prep] Add helper for extending `IModel`; namespace Toucan properties

* Clean namespaces

* Test fixes 

The new macro is called defendpoint. The previous defendpoint is now defendpoint-schema, as per @camsaul's idea. It'll make it easier to realize that we should use the Malli version of defendpoint going forward.

* adds malli defendpoint + linting + tests

- I decided to add a new defendpoint macro -- it is nearly exactly the
  same as `defendpoint`. If the duplication is an issue I can handle that too.

* malli-defendpoint -> defendpoint-malli

* defendpoint -> defendpoint-schema

* defendpoint-malli -> defendpoint

* fine tuning error messages + comments

- fix kondo config

* put back dox-for-plumatic

* fix name collision

* adds local malli description ns + test

* update alias in test

* linting fix

* linting fix pt. 2

* hook up umd/describe

* standardize ns formatting in all src/ namespaces

* small fixes

* test formatting

* enterprise files

* fix whitespace linter error

* fix kondo error

* bin files

* reformat shared files

* fix errors

* fix another error

* mostly fix import to use parenthesis and have it at a new line

* fix wrong spacing

Co-authored-by: Ngoc Khuat <qn.khuat@gmail.com>

* check how much is broken after redux upgrade

* fix popovers could not use connected components

* fix a unit spec failure

* fix accessing a connected component ref which is a class instance

* supress typescript errors caused by better type inference of the newer react-redux

* error on null user attributes

* fix test

* BE endpoint to clear group membership

* update ee group manager tests with clear-memberships

* make auth settings adminOnly on FE

* WIP backend changes

* Update relevant settings

* address lint warning

* new tests, and a bunch of reorganization

* remove broken EE settings test, and fix validation in google & ldap endpoints

* fix cypress tests

* add clarifying table to setting docs

* Convert to TypeScript, handle ColumnItem and MetadataTable

* more progress

* handled numeric inputs

* Transition InputBlurChange to core Input component

* Removing input class from legacy date picker just incase

* Small style adjustments in Admin and Viz Settings

* working on tests

* Tests passing

* Adjusting styling

* PR Cleanup

* add input size=large (#27217)

* Suppress console log when using `with-log-messages-for-level` (#26468)

* disable additivity when using "with-log-level"

* only set when parent is root

* wording

* remove a test that is no longer needed

* fix indents

* one missing indent fix

* [CI] Add `concurrency` to the `drivers` workflow (#27223)

* Fix datetime-diff helper text (#27224)

* Improve datetimeDiff type error message (#27225)

* Update test

* Update implementations

* Relieve db pressure on api/health check (#27192)

* Relieve db pressure on api/health check

https://github.com/metabase/metabase/issues/26266

Servers under heavy load can be slow to respond to the api/health
check. This can lead to k8s killing healthy instances happily humming
along serving requests.

One idea floated was to use QoSFilters
https://www.eclipse.org/jetty/javadoc/jetty-9/org/eclipse/jetty/servlets/QoSFilter.html
to prioritize those requests in front of others. But I suspect this
might not be our bottleneck.

Our health endpoint was updated to see if it could acquire an endpoint
when we were dealing with connection pool issues. We were reporting the
instance was healthy once it has finished the init process, but would
report healthy if 60/15 app-db connections were used and no actual
queries could complete.

The remedy was adding
`(sql-jdbc.conn/can-connect-with-spec? {:datasource (mdb.connection/data-source)})`
to the endpoint. But now to get information about the health of the
system we have to wait in the queue to get a datasource.

The hope is that this change which monitors for recent db
checkins (query success) and checkouts (query begun) can be a proxy for
db activity without having to wait for a connection and hit the db ourselves.

Some simple and crude benchmarking:
- use `siege` to hit `api/database/<app-db>/sync_schema`
- in a separate tab, use `siege` to hit `api/health`

Three trials with unconditional db access and conditional db
access (look for recent activity set by the new `ConnectionCustomizer`).

One siege client is synching the app-db's schema with 80 clients each
sending 60 requests. the other has 1 client sending 60 requests to api/health.

Run             |  Elapsed Time | max tx  | tx rate
 before change  |    7.16s      |  0.79s  |  8.38 tx/s
 before change  |   23.91s      |  1.44s  |  2.51 tx/s
 before change  |   13.00s      |  0.50s  |  4.62 tx/s
----------------------------------------------------
 after change   |    4.46s      |  0.27s  |  13.45 tx/s
 after change   |    5.81s      |  0.61s  |  10.33 tx/s
 after change   |    4.54s      |  0.44s  |  13.22 tx/s

Full(er) results below:

```
Unconditional db access
=======================

siege -c80 -r 40 "http://localhost:3000/api/database/2/sync_schema POST" -H "Cookie: $SESSION"

siege -c 1 -r 60 "http://localhost:3000/api/health

"

Elapsed time:		        7.16 secs
Response time:		        0.12 secs
Transaction rate:	        8.38 trans/sec
Longest transaction:	        0.79
Shortest transaction:	        0.01

Elapsed time:		       23.91 secs
Response time:		        0.40 secs
Transaction rate:	        2.51 trans/sec
Longest transaction:	        1.44
Shortest transaction:	        0.02

Elapsed time:		       13.00 secs
Response time:		        0.22 secs
Transaction rate:	        4.62 trans/sec
Longest transaction:	        0.50
Shortest transaction:	        0.06

Conditional db access
==============================================================

Elapsed time:		        4.46 secs
Response time:		        0.07 secs
Transaction rate:	       13.45 trans/sec
Longest transaction:	        0.27
Shortest transaction:	        0.01

Elapsed time:		        5.81 secs
Response time:		        0.10 secs
Transaction rate:	       10.33 trans/sec
Longest transaction:	        0.61
Shortest transaction:	        0.00

Elapsed time:		        4.54 secs
Response time:		        0.08 secs
Transaction rate:	       13.22 trans/sec
Longest transaction:	        0.44
Shortest transaction:	        0.01
```

* Remove reflection in `.put` call (not the reflections trategy)

also remove the call to `classloader/the-classloader` as it did nothing

* Comment and settle on a single method

* tests

* select from db twice

had a failure in CI. give it time to do its thing with another db call

* block to wait for timestamp update?

* unflake the tests

tasks and events from outside the thread can hit the db. the
ConnectionCustomizer is also run from c3p0 controlled threads so we
can't easily isolate everything to our thread

Was running

```clojure
(comment
  (dotimes [n 5]
    (dotimes [_ 100]
      (recent-activity-test)
      (CheckinTracker-test))
    (println (* (inc n) 100)))
    )
```

to run the tests 500 times and would keep getting flakes at a rate
~1/100 to 1/500. Just frustration for the future.

* typehint

* Switch it up a bit

Tests were flaking in h2 and I don't know why. I'm switching to just
updating recent activity on most methods.

* final touches

Co-authored-by: Aleksandr Lesnenko <alxnddr@users.noreply.github.com>
Co-authored-by: Ngoc Khuat <qn.khuat@gmail.com>
Co-authored-by: Nemanja Glumac <31325167+nemanjaglumac@users.noreply.github.com>
Co-authored-by: Cal Herries <39073188+calherries@users.noreply.github.com>
Co-authored-by: dpsutton <dan@dpsutton.com>

Updates embedded H2 driver to v2.1.212. When a local H2 v1 file-based application database is detected, it will be
automatically updated in-place at startup. Migrations and tests have been updated to account for changes in H2
behavior. Sample data and test harness database files in the repo have all been updated to H2 v2 file format.

Co-authored-by: Braden Shepherdson <braden@metabase.com>
Co-authored-by: Cam Saul <github@camsaul.com>
Co-authored-by: Cam Saul <1455846+camsaul@users.noreply.github.com>

* Make Dimension unique on `field_id` and deduplicate

* Fix rollback for new migrations

* Don't require migration comments to contain 'added' anymore since it's part of the version ID now

* Don't require 'Added <version>' in migration comments anymore

* Fix SerDes test that created duplicate dimensions for one Field

* Silly fix to fix MySQL 5.7

* remove TextInput and use core/Input

* review

* Add `SnippetCollectionForm`

* Add `SnippetCollectionFormModal`

* Use new form

* Remove old form

* Clean up snippet collections entity

* Fix submit button title

* Fix initial values

* Move the config-from-file code into the advanced-config directory since that's the feature we want to flag on

* Always apply the :settings section first in the config file

* config-from-file should check that we have a premium token with the :advanced-config feature

* Sort namespace

* Settings does not have to come first anymore

* Remove empty `binding` forms

* Test fix? 

* Test fix? 



* Fix failing tests, for real this time

* Revert "Fix failing tests, for real this time"

This reverts commit 0a57055b1be249d9ba5b6b6ebe4f163e1f21e2b2.

* Don't make the tests parallel since that breaks other stuff

Co-authored-by: Nemanja Glumac <31325167+nemanjaglumac@users.noreply.github.com>