insert next-gen permission paths alongside currently active permission paths + classification (#27911)

* implement move, which returns v2 paths

- TODO: insert these into the db

(move v1-path) => [v2 paths]

* cleanup + add some schemas

* generative tests 4 permission path classification

* whitespace lint

* detect data, query, and paths for v2

* calling move on v2 paths is a no-op

* differentiate between v1 and v2 permissions

quickchecking for move, classify-path, and classify-data-path

* fix tests + add idempotency test

* add tests for classification of permission paths

- rename move to ->v2-path
- move some fxns around
- ascii art in test

* making the legos line up

- need to insert both v1 and v2 versions of paths (of course)
- valid-path? has to allow v2 paths to be inserted

* replace mu/with-api-error-message

* linter + code quality fixes

* privatize rx->kind

* remove some changes that should be 4 anotherbranch

* revert ns

* delete v2 permissions in

- they aren't handled by the perm graph parser, so they don't get propagated into "old graph", so the diff between old and new indicates that they need to be rewritten.

* only delete v2 paths for the current group_id

- reorder declarations in models.permissions

* remove extra line break

* Update src/metabase/models/permissions.clj

fix typo

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

Added bans for print and friends. Fixed issues in kondo config where a macroexpansion put in a print by replacing with (constantly nil) as a no-op.

* Switch Audit App to Honey SQL 2

* Compile using Honey SQL 2

* Mark some more tests as ^:parallel

* Remove unused namespace

* Backport sql.qp/current-datetime-honeysql-form :mysql Honey SQL 2 support

* Add `hx/call` and `hx/raw`

* Update enterprise/backend/src/metabase_enterprise/audit_app/pages/common.clj

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* `#schema` => `#hawk/schema`

* Mark `metabase.async.streaming-response-test` as `^:mb/once`

---------

Co-authored-by: metamben <103100869+metamben@users.noreply.github.com>

* initial migrations

* autofill permission_id when adding new sandbox

* use new table name in backend code

* add test for migration

* fix migration lint errors

* WIP fix tests

* small cleanup

* use CONCAT to fix migration on mysql

* break out fk constraint into a separate migration

* address feedback

* fix GET api/session endpoint for settings managers

* fix test

Parameter with source is a card:
- deduplicates values
- remove null/empty values
- properly search number

* Switch to the new Hawk test runner

* Fix some stuff

* Fix everything

* Commentz

* Bump init timeout?

* Fix Kondo config

* Remove unused

* Bump test runner version to get `:exclude-tags` support

Removed pulses from search API and corresponding tests. There _may_ be cruft tied to pulse search elsewhere because we can't blindly remove pulses yet (need to provide legacy support at the model level), but I think I got it all.

Fixing check such that a create-table check failure shows correctly instead of showing as a can-read failure.

* Add migration to remove defaults

* Add rollback

* Fix migration

* Fix migration

* Fix migrations

* whitespace

* Add test defaults for DashboardCard

* Remove defaults from create-dashboard-card!

* Fix test

* Fix tests

* Tighten API endpoints

* Fix endpoints

* Formatting

* Fix tests

* Fix tests

* Fix tests

* Fix tests

* Fix test

* Fix e2e tests

* Update e2e tests

* Fix e2e tests

* subscription permissions refactor (https://github.com/metabase/metabase/security/advisories/GHSA-ch8f-hhq9-7gv5)

* move recipient filtering to API-level (https://github.com/metabase/metabase/security/advisories/GHSA-492f-qxr3-9rrv)

Replaced, as needed, instances of str/lower|upper-case with the -en version. Also updated rules in our kondo config.

* Add actions.creator_id

* Add creator_id and hydrated creator to actions

* Punt on locking down time types

* Workaround for DB migration issue

* Move hydration down the pipe

* HydratedUser -> DefaultUser

* Remove experimental-enable-actions setting

* Ensure actions are enabled before executing custom actions

* Fixes MongoDB OrderedMap encoding with nippy
* Removes flatland/ordered from build-drivers deps

We can now filter out any ns tag for tests.

Added new endpoint "/db/:id/new-table".

This work removes a spec and a p.schema for data graph permissions.

There are still some specs but they are for execution, and collection graph permissions. Those should be targeted next.

* decoded + verified FIXME

* still good

* some cleanup

* a little more cleaning up

* bit more cleaning

* converted update-group-permissions! -> mu/defn

* use the correct shape for new-group-perms

* remove bunch of pschemas

* linter appeasement

* update test for setting dissallowed schema

* respond to review comments

* fix some tests + improve mu/defn error messages

* a lint fix

* lint fix

* read and query are optional

* update expected error message to the improved one

* stop calling trs at the top level

* fix function signature

* improve test

* Add import vars to metabase.test

* Adjust clj-kondo config

* Import more vars to metabase.test

* Remove unused vars from clj-kondo

* Import another var

* Replace actions.test-util with mt

* Fix merge

* Import another var

* Resolve cyclic deps

* Sort ns

* Fix quoted namespace

* Switch to Toucan 2 part 1

* Fix Kondo errors

* Switch to Toucan 2, part 2

* Fix Kondo errors

* Bump clj-kondo to 2022.12.10

[Fixes #27512]

* Use Kondo's :config-in-call instead of grosser hacks

Ordering in nested queries doesn't have to affect how rows are returned
from the embedding queries.

* Switch to Toucan 2 part 1

* Fix Kondo errors

Use the vertica/vertica-ce:12.0.2-0 image.

* fix throwing exceptions in handle-paging mw

* FE gets `value_field` for `/api/table/card__id/query_metadata`
by search the fields from calling `/api/table/card__id/query_metadata`.
if a field has id is a number, then use `field_ref`, else use `id`.

This commit add tests for that behavior

Co-authored-by: Tim Macdonald <tim@metabase.com>

* API for getting database usage

* use defmulti

* handle cases when database has no tables and add docstring

* sacrifice powerness in the light of beauty

* FieldValues skipping but not updating last used at

Related to #26863

When fieldvalues synching was being skipped, the
`get-or-create-full-field-values!` call was erroneously forgetting to
update the `last_used_at` time; the time was only being updated if new
field values came in since the last sync.

* Add test for inactive field values

* Only update last_used_at when there's an existing fieldvalues

* Fixed regex for latitude name type matching

* Grouping regexes by lon/lat