* Parse wildcards in native queries

Add query_field.direct_reference

* Do away with old Model refs in Card model test

* Do not show stale cards with a select *

* wip - collection moving

fix subcollection detection

make stuff nice

update e2e tests

prettier

new e2e coverage

fix unit tests

fix stacked modals

cleanup

less diff

sneaky-ass modal wrappers

fix some e2e tests

* rebase rejigger

* fix tricky e2e flake

* Upgrade node to 18.20

* Trigger CI

* Try 20 again

* Revert "Try 20 again"

This reverts commit 8f4b39e7a64f1fae7c60decfb91ea87aff81f587.

* Revert change

* Add nvmrc to the frontend_sources list

Fixes #40328

[Our documentation](https://www.metabase.com/docs/latest/people-and-groups/managing#group-managers) states that:

> Group managers can:
>
> - View all people in the Admin settings > People tab.

This fixes enforcement to be aligned with the documentation. This behavior makes sense, because as the docs also state, Group Managers should be allowed to *add* people to the group they manage, which they can only do if they can see those people!

Initially, I also removed a faulty test, which was described as:
```
;; Non-segmented users are allowed to ask for a list of all of the users in the Metabase instance. Pulse email lists
;; are an example usage of this. Segmented users should not have that ability. Instead they should only see
;; themselves. This test checks that GET /api/user for a segmented user only returns themselves
```

but actually failed to test this in a relevant way (because it was testing the `GET /api/user` endpoint rather than the `GET /api/user/recipients` endpoint). The test had continued to pass only because the user was the only member of the group they managed.

I initially thought this behavior wasn't desired, but as it turns out, it *is* in fact documented behavior to disallow sandboxed users from seeing any email suggestions. Investigating, I found that a bug was allowing sandboxed users to see all users on the `/api/user/recipients` endpoint if the user-visibility setting was set to `:all`.

Thus, the second commit fixes the bug and re-adds the (fixed) test. A sandboxed user now only sees their own user when hitting `/api/user/recipients`.

* Deprecate entity hooks still in use

* Remove unused entity hooks

* Move entity framework hooks to a separate directory

* Trigger the query limit change on blur

* Use named export

* Add a unit test

* Fix E2E tests

* Fix unit tests

* Additional E2E test fix

* Address review comments

* Revert "Remove Models from Browse data (#40108)"

This reverts commit 45a2e868.

* Make rtl friendly

* Add 'no description' for blank-description models

* Fix vertical position of collection header toggle

* Move FixedSizeIcon into metabase/ui and increase height of empty state

* Move FixedSizeIcon back into BrowseModels.styled.tsx

* Localize 'No description'

* Add comment

* Fix type issue

* Minimal SDK code

* Fix viz, styles

* Move SDK code to enterprise folder

* Fix files structure

* Clean-up

* Review fixes

* Review fixes

* Review fixes

* Remove elementid

* Reuse some options from main webpack config

* Actualize package.json

* Actualize package.json

* Use expression fix on both pk-ref and value-ref

The gist: inside the query expressions are referred to as [:expression
"foo"]. But as a nested query, it's just another field, and the fact
that it was an expression is irrelevant and should not leak from that
stage. So "downstream" should just be [:field "foo" base-type].

Oddly, if you just fix one field or the other, the query would be
"valid", would log an error, but no valid values would be returned.

It seems like the invalid expression reference was just dropped so we
only selected a single column and those were removed (we run `(filter
valid-tuples?)` as we only want valid key/value pairs).

So let's add a `(> (count values) 0)` which was failing previously.

* Fix indexing error

When updating the model index, it diffs the existing values vs the new
values and deletes appropriate and adds the new values. But it was using
the wrong column when updating the model index values. It used `pk_ref`
but that table uses `model_pk`. This led to the following errors on
stats:

```sql
select pk_ref, value_ref, state, error from model_index where state = 'error'

pk_ref,value_ref,state,error
"[""field"",563028,null]","[""field"",563018,null]",error,"ERROR: column ""pk_ref"" does not exist Position: 68"
"[""field"",534030,null]","[""field"",534037,null]",error,"ERROR: column ""pk_ref"" does not exist Position: 68"
"[""field"",545945,null]","[""field"",545948,null]",error,"ERROR: column ""pk_ref"" does not exist Position: 68"
```

Now those errors will be fixed and the model indexes will correctly
track the values

* Bump indexing threshold to 25,000

Had been limited to 5,000 rows of model indexing. This was a made up
number as we went into this endeavor. But it's proving to be far too
small. Bumping to 25,000

* Parititon deletions and inserts

With a higher limit need to ensure that we don't send too large of a
query.

```clojure
model-index=> (t2/insert! ModelIndexValue
                          (map (fn [id]
                                 {:name           (str (gensym "value"))
                                  :model_pk       id
                                  :model_index_id 1})
                               (range 25000)))
Execution error (PSQLException) at org.postgresql.jdbc.PgPreparedStatement/<init> (PgPreparedStatement.java:105).
PreparedStatement can have at most 65,535 parameters. Please consider using arrays, or splitting the query in several ones, or using COPY. Given query has 75,000 parameters
```

* move comment and fix test failure explanation

comment should be next to the number? check. and also need to use
`mc/explain` which returns info rather than `mc/validate` which returns
a bool:

```clojure
;; bad
model-index-test=> (let [values [[1 "foo"] [2 "foo"] ["foo" "foo"]]]
                     (-> (mc/validate [:sequential [:tuple number? string?]] values)
                         (me/humanize)))
nil
;; good
model-index-test=> (let [values [[1 "foo"] [2 "foo"] ["foo" "foo"]]]
                     (-> (mc/explain [:sequential [:tuple number? string?]] values)
                         (me/humanize)))
[nil nil [["should be a number"]]]
```

* Split from #40146: only the filter changes

* Don't include format-rows changes here.

* Test fixes 

* Test fix 

* Misc test fixes 

* Test fix 

* Tweak SQL Server fix

They were showing "break out by" and quick filters, when they should be
showing "break out by" and "See these Orders".

These are the `pivot` and `underlying-records` drills, internally.

Fixes #40174.

* add UI for CSV replace

* update e2e tests

* update unit tests

* use enums everywhere + delete commented code block

* all the enums

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.17.1...4.19.2

)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Chris Truter <chris@metabase.com>

* Show SQL in a notebook sidebar [PoC/task-1] (#40279)

* Display SQL in the notebook sidebar

* Remove unused modal

* Rename the component to `SQLPreviewSidebar`

* Hide the close button in a SQL sidebar

* Rename the component to `NativeQueryPreviewSidebar`

* Toggle a native query sidebar preview [PoC/task-2] (#40327)

* Use Mantine components where possible

* Rename the button to `ToggleNativeQueryPreview`

* Toggle the native query preview sidebar on and off

* Update the button tooltip based on the sidebar state

* Shorten var names

* Read the state directly from the store

* Re-enable the button that converts a query into its native counterpart [PoC/task-3] (#40362)

* Re-enable the button that converts a query into its native counterpart

* Use Mantine button

* Remove references to the modal

* Fix tests

* Use RTKQuery for API calls in the native preview sidebar [PoC/extras] (#40430)

* Use RTKQuery for API calls

* Fetch question inside the component

* Export named component

* Add type guard

* Use RTK query for the native dataset endpoint

* Improve semantics around error message

* Improve native sidebar basic styling [PoC/task-4]  (#40463)

* Refactor sidebar to use `AceEditor`

* Fix the query display condition

* Style the code as in the native query editor

* Style the toggle icon

* Make native preview usable on small screens

* Cover "Show SQL/native query in a sidebar" with E2E tests [PoC/task-5] (#40540)

* Fix query formatting for Mongo

* Add initial smoke tests

* Cover "converting a question to SQL" scenarios

* Cover "converting a question to a native query" scenarios

* Add test that covers behavior on small screens

* Adjust the viewport width to counter CI's behavior

* Revert "Adjust the viewport width to counter CI's behavior"

This reverts commit 370a76b621306732d7e82dfdcca6e5206a4cddaf.

* Add E2E repro for #38181

* Add repro for #40557

* Try a workaround for the failing test in CI

* Show empty sidebar if query has no data source

* Add E2E coverage for an empty sidebar state

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.5...v1.15.6

)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* export List from metabase/ui

* fix text color

* adds WithIcon example

* fix typos

* Fix e2e utils

* Update e2e/support/commands/api/composite/createDashboardWithQuestions.js

Co-authored-by: Kamil Mielnik <kamil@kamilmielnik.com>

* Remove unnecessary return

Co-authored-by: Kamil Mielnik <kamil@kamilmielnik.com>

---------

Co-authored-by: Kamil Mielnik <kamil@kamilmielnik.com>