From 4f2f76db2239510fe833828daefc9e628ddc2a08 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Ba=C4=8Do?= <matejbaco2000@gmail.com>
Date: Tue, 14 Nov 2023 14:11:54 +0100
Subject: [PATCH 1/6] Improve deletion relation with IDs

---
 src/Appwrite/Platform/Workers/Deletes.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Appwrite/Platform/Workers/Deletes.php b/src/Appwrite/Platform/Workers/Deletes.php
index 4b888b9fd6..b95a13a12e 100644
--- a/src/Appwrite/Platform/Workers/Deletes.php
+++ b/src/Appwrite/Platform/Workers/Deletes.php
@@ -735,10 +735,10 @@ class Deletes extends Action
             Query::equal('resourceType', ['function']),
         ], $dbForConsole, function (Document $document) use ($dbForConsole) {
             $providerRepositoryId = $document->getAttribute('providerRepositoryId', '');
-            $projectId = $document->getAttribute('projectId', '');
+            $projectInternalId = $document->getAttribute('projectInternalId', '');
             $this->deleteByGroup('vcsComments', [
                 Query::equal('providerRepositoryId', [$providerRepositoryId]),
-                Query::equal('projectId', [$projectId]),
+                Query::equal('projectInternalId', [$projectInternalId]),
             ], $dbForConsole);
         });
 

From fb6455b783c554536aac864753301b840708e432 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Ba=C4=8Do?= <matejbaco2000@gmail.com>
Date: Tue, 14 Nov 2023 14:43:33 +0100
Subject: [PATCH 2/6] Add script to patch missing repos documents

---
 Dockerfile                                    |   1 +
 bin/patch-recreate-repositories-documents     |   3 +
 .../patchRecreateRepositoriesDocuments.php    | 141 ++++++++++++++++++
 3 files changed, 145 insertions(+)
 create mode 100644 bin/patch-recreate-repositories-documents
 create mode 100644 src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php

diff --git a/Dockerfile b/Dockerfile
index 33b1434659..059c499bd9 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -100,6 +100,7 @@ RUN chmod +x /usr/local/bin/doctor && \
 RUN chmod +x /usr/local/bin/hamster && \
     chmod +x /usr/local/bin/volume-sync && \
     chmod +x /usr/local/bin/patch-delete-schedule-updated-at-attribute && \
+    chmod +x /usr/local/bin/patch-recreate-repositories-documents && \
     chmod +x /usr/local/bin/patch-delete-project-collections && \
     chmod +x /usr/local/bin/delete-orphaned-projects && \
     chmod +x /usr/local/bin/clear-card-cache && \
diff --git a/bin/patch-recreate-repositories-documents b/bin/patch-recreate-repositories-documents
new file mode 100644
index 0000000000..8c6c4157f4
--- /dev/null
+++ b/bin/patch-recreate-repositories-documents
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+php /usr/src/code/app/cli.php patch-recreate-repositories-documents $@
\ No newline at end of file
diff --git a/src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php b/src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php
new file mode 100644
index 0000000000..5749380d0a
--- /dev/null
+++ b/src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php
@@ -0,0 +1,141 @@
+<?php
+
+namespace Appwrite\Platform\Tasks;
+
+use Utopia\Platform\Action;
+use Appwrite\Event\Certificate;
+use Utopia\App;
+use Utopia\CLI\Console;
+use Utopia\Database\Database;
+use Utopia\Database\Document;
+use Utopia\Database\Helpers\ID;
+use Utopia\Database\Helpers\Permission;
+use Utopia\Database\Helpers\Role;
+use Utopia\Database\Query;
+use Utopia\Validator\Hostname;
+use Utopia\Validator\Text;
+
+class patchRecreateRepositoriesDocuments extends Action
+{
+    public static function getName(): string
+    {
+        return 'patch-recreate-repositories-documents';
+    }
+
+    public function __construct()
+    {
+        $this
+            ->desc('Recreate missing repositories in consoleDB from projectDBs. They can be missing if you used Appwrite 1.4.10 or 1.4.11, and deleted a function.')
+            ->param('after', '', new Text(36), 'After cursor', true)
+            ->param('projectId', '', new Text(36), 'Select project to validate', true)
+            ->inject('dbForConsole')
+            ->inject('getProjectDB')
+            ->callback(fn ($after, $projectId, $dbForConsole, $getProjectDB) => $this->action($after, $projectId, $dbForConsole, $getProjectDB));
+    }
+
+    public function action($after, $projectId, Database $dbForConsole, callable $getProjectDB): void
+    { 
+        Console::info("Starting the patch");
+
+        $startTime = microtime(true);
+
+        if(!empty($projectId)) {
+            $project = $dbForConsole->getDocument('projects', $projectId);
+            $dbForProject = call_user_func($getProjectDB, $project);
+            $this->recreateRepositories($dbForConsole, $dbForProject, $project);
+        } else {
+            $queries = [];
+            if(!empty($after)) {
+                Console::info("Iterating remaining projects after project with ID {$after}");
+                $project = $dbForConsole->getDocument('projects', $after);
+                $queries = [Query::cursorAfter($project)];
+            } else {
+                Console::info("Iterating all projects");
+            }
+            $this->foreachDocument($dbForConsole, 'projects', $queries, function(Document $project) use($getProjectDB, $dbForConsole){
+                $dbForProject = call_user_func($getProjectDB, $project);
+                $this->recreateRepositories($dbForConsole, $dbForProject, $project);
+            });
+        }
+
+        $endTime = microtime(true);
+        $timeTaken = $endTime - $startTime;
+
+        $hours = (int)($timeTaken / 3600);
+        $timeTaken -= $hours * 3600;
+        $minutes = (int)($timeTaken / 60);
+        $timeTaken -= $minutes * 60;
+        $seconds = (int)$timeTaken;
+        $milliseconds = ($timeTaken - $seconds) * 1000;
+        Console::info("Recreate patch completed in $hours h, $minutes m, $seconds s, $milliseconds mis ( total $timeTaken milliseconds)");
+    }
+
+    protected function foreachDocument(Database $database, string $collection, array $queries = [], callable $callback = null): void
+    {
+        $limit = 1000;
+        $results = [];
+        $sum = $limit;
+        $latestDocument = null;
+
+        while ($sum === $limit) {
+            $newQueries = $queries;
+
+            if ($latestDocument != null) {
+                array_unshift($newQueries, Query::cursorAfter($latestDocument));
+            }
+            $newQueries[] = Query::limit($limit);
+            $results = $database->find($collection, $newQueries);
+
+            if (empty($results)) {
+                return;
+            }
+
+            $sum = count($results);
+
+            foreach ($results as $document) {
+                if (is_callable($callback)) {
+                    $callback($document);
+                }
+            }
+            $latestDocument = $results[array_key_last($results)];
+        }
+    }
+
+    public function recreateRepositories(Database $dbForConsole, Database $dbForProject, Document $project): void
+    {
+        $projectId = $project->getId();
+        Console::log("Running patch for project {$projectId}");
+
+        $this->foreachDocument($dbForProject, 'functions', [], function(Document $function) use ($dbForConsole, $project) {
+            $isConnected = !empty($function->getAttribute('providerRepositoryId', ''));
+
+            if($isConnected) {
+                $repository = $dbForConsole->getDocument('repositories', $function->getAttribute('repositoryId', ''));
+
+                if($repository->isEmpty()) {
+                    $projectId = $project->getId();
+                    $functionId = $function->getId();
+                    Console::success("Recreating repositories document for project ID {$projectId}, function ID {$functionId}");
+
+                    $repository = $dbForConsole->createDocument('repositories', new Document([
+                        '$id' => ID::unique(),
+                        '$permissions' => [
+                            Permission::read(Role::any()),
+                            Permission::update(Role::any()),
+                            Permission::delete(Role::any()),
+                        ],
+                        'installationId' => $function->getAttribute('installationId', ''),
+                        'installationInternalId' => $function->getAttribute('installationInternalId', ''),
+                        'projectId' => $project->getId(),
+                        'projectInternalId' => $project->getInternalId(),
+                        'providerRepositoryId' => $function->getAttribute('providerRepositoryId', ''),
+                        'resourceId' => $function->getId(),
+                        'resourceInternalId' => $function->getInternalId(),
+                        'resourceType' => 'function',
+                        'providerPullRequestIds' => []
+                    ]));
+                }
+            }
+        });
+    }
+}

From c133bccfa93b52cca8dd9e0210f4d2ee8fc2d921 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Ba=C4=8Do?= <matejbaco2000@gmail.com>
Date: Tue, 14 Nov 2023 15:06:58 +0100
Subject: [PATCH 3/6] Finish recreate repos docs script

---
 .env                                          | 38 ++++++++++++++++---
 src/Appwrite/Platform/Services/Tasks.php      |  2 +
 .../patchRecreateRepositoriesDocuments.php    | 32 ++++++++++------
 3 files changed, 55 insertions(+), 17 deletions(-)

diff --git a/.env b/.env
index ad551e705a..759ddcc051 100644
--- a/.env
+++ b/.env
@@ -90,12 +90,38 @@ _APP_GRAPHQL_MAX_COMPLEXITY=250
 _APP_GRAPHQL_MAX_DEPTH=3
 _APP_DOCKER_HUB_USERNAME=
 _APP_DOCKER_HUB_PASSWORD=
-_APP_VCS_GITHUB_APP_NAME=
-_APP_VCS_GITHUB_PRIVATE_KEY=disabled
-_APP_VCS_GITHUB_APP_ID=
-_APP_VCS_GITHUB_CLIENT_ID=
-_APP_VCS_GITHUB_CLIENT_SECRET=
-_APP_VCS_GITHUB_WEBHOOK_SECRET=
+_APP_VCS_GITHUB_APP_NAME=appwrite-generated-on-22-5-2023
+_APP_VCS_GITHUB_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEApUP3k7ratjenwOA1AtnmvZbNIm9Mhu181ryrnb7M1z1/OLUo
+jZ1iS8u1K/GQtoqCNI8RR38rBXW1hzfC34qAL3XrJr4caK+AKzV7B4y9e2Zn+VlF
+ZZ2rknNPlRLCwll6V60M7suqLONUADs6bvEs8GIR926gwNi8SmomtIj8k8UZFW00
+9L0OM0pvajJKASPynZ7jXfxic5Yu060BQq+IAtOkOaxyBF1xiGQRBuAt2movTI2X
+4PwGcSCy7YD6v2DRgHIoYehtdWx0DrbRgCXsmwMin5BR/7ZhBSJE7YVH9vSqWThe
+V8VmLKPiZZC5ZW2Vf28kM/FlkCgjfd0tNXs8lQIDAQABAoIBAQCWaFYhODSnE93z
+ttnoH2JVd7J4PW0be3ZbhNh3t1d8KPbpKE6hG/SC4QGg3bgDuekoZnCmbkE8NdWh
+G4maotVo3FvIJct7JwZxzLmMtHUaoqfMEogLJEUrAxERrkJcWMz0kIUtq2PUeIxR
+rZXPtGVe3RJW63MYL+ilnRhexDGDVa5I50jFCTT5GXXHl6tw6tei1rDc2kI7pb3k
+BGAxsRGXUK6Di9EmR2Z8xFHvM3LeuSWR2WalR8+abn661P3J+InMqh0s+TBB86kH
+6NUxoWKSCXjPfMWj15M0Wwm4CBlzgc6GS106hmHPi3YAQLCV4x0l4qmq+bdsQOnN
+VAOnPAohAoGBANidEYsMm5jaTklFnIExBkm5OHcKRuMgplMoEsVE/dglBPCJB3Uf
+JUmhMRVazztDGD0ciImypt4j9klR4zqSQv4Aa8OdwW/jcuNPm3qQrdSm86iP2Lbe
+V9DNKK0vQ/3srwIYxl9qabOLaQrKAeiPxfUuL91iyDIYtsPPIgfvVGfdAoGBAMNQ
+v5wruODDgf0mMm1nA9LNHlkMi8uaVvxFAhjWtmPOH4FHXgzMDGC6syvL+d1XIdtF
+tA/j/f/A1zFsYzeZRVBqVmpd8rvRzFTaRrBgLjI/vxmbJ7syr9rT7iZYvFYUv3c+
+mr8m5AIGULiGmMYnSWttIi2prlA17FC5Qp/lq/gZAoGAVrBlePSOwNl9Qy2suLda
+AN8zjdB7FiLW7ai3+mLmBD6sf2cXqPPSBGmSLy2sidcMOEjXC+SHi5dw1V8ERUiL
+rwOUHTFhXNn1/Kq7Wo3UQ6qdEPSgkm7hThsNEGI+H709POWVXlJEAyrj2wGFSgFg
+BAN7/GmwHPxvCGY5BFvvt7ECgYBIWqOA4RmN+h8vfnTz3lOmReJWLrWi6TwMHCxY
+s0HB21wEckG/D+AN/Vvef6PCgULDjiDUOiugEPonDvX6ZMcusRXuNXt0ZJYDYREK
+ybaTWtYaUEX5rR9EO3pfrkOmx+zd6c09vtR8g4ZntUTnMyqZp0YgEFnI0REIHnk1
+7sk0EQKBgGTzNU9Ir6cEZh4j+Qf5rA38bejkD8aRAYg5ozQcbNRJnrC7QnpmZPeD
+X/E9MZ6wj1BVXEn2oNC63n3QB+B8OhrIDAYDbnaCLzVDl/BTuom3uTCYk0beKncz
+AurSDpc15RFYjqn0DPBSii/DTaQIz0Rg+seZrOp5Ii2LrSlsnDPf
+-----END RSA PRIVATE KEY-----"
+_APP_VCS_GITHUB_APP_ID=337303
+_APP_VCS_GITHUB_CLIENT_ID=Iv1.306ee38582d3f948
+_APP_VCS_GITHUB_CLIENT_SECRET=eafc638eaeebe95c0db0fdf59a0a99b9e41832eb
+_APP_VCS_GITHUB_WEBHOOK_SECRET=gzbrfuenqodiefbrg39u
 _APP_MIGRATIONS_FIREBASE_CLIENT_ID=
 _APP_MIGRATIONS_FIREBASE_CLIENT_SECRET=
 _APP_ASSISTANT_OPENAI_API_KEY=
\ No newline at end of file
diff --git a/src/Appwrite/Platform/Services/Tasks.php b/src/Appwrite/Platform/Services/Tasks.php
index e725ff5f3e..28d7046dd1 100644
--- a/src/Appwrite/Platform/Services/Tasks.php
+++ b/src/Appwrite/Platform/Services/Tasks.php
@@ -19,6 +19,7 @@ use Appwrite\Platform\Tasks\VolumeSync;
 use Appwrite\Platform\Tasks\CalcTierStats;
 use Appwrite\Platform\Tasks\Upgrade;
 use Appwrite\Platform\Tasks\DeleteOrphanedProjects;
+use Appwrite\Platform\Tasks\PatchRecreateRepositoriesDocuments;
 
 class Tasks extends Service
 {
@@ -42,6 +43,7 @@ class Tasks extends Service
             ->addAction(Specs::getName(), new Specs())
             ->addAction(CalcTierStats::getName(), new CalcTierStats())
             ->addAction(DeleteOrphanedProjects::getName(), new DeleteOrphanedProjects())
+            ->addAction(PatchRecreateRepositoriesDocuments::getName(), new PatchRecreateRepositoriesDocuments())
 
         ;
     }
diff --git a/src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php b/src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php
index 5749380d0a..4d04802f50 100644
--- a/src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php
+++ b/src/Appwrite/Platform/Tasks/patchRecreateRepositoriesDocuments.php
@@ -3,8 +3,6 @@
 namespace Appwrite\Platform\Tasks;
 
 use Utopia\Platform\Action;
-use Appwrite\Event\Certificate;
-use Utopia\App;
 use Utopia\CLI\Console;
 use Utopia\Database\Database;
 use Utopia\Database\Document;
@@ -12,10 +10,9 @@ use Utopia\Database\Helpers\ID;
 use Utopia\Database\Helpers\Permission;
 use Utopia\Database\Helpers\Role;
 use Utopia\Database\Query;
-use Utopia\Validator\Hostname;
 use Utopia\Validator\Text;
 
-class patchRecreateRepositoriesDocuments extends Action
+class PatchRecreateRepositoriesDocuments extends Action
 {
     public static function getName(): string
     {
@@ -34,25 +31,25 @@ class patchRecreateRepositoriesDocuments extends Action
     }
 
     public function action($after, $projectId, Database $dbForConsole, callable $getProjectDB): void
-    { 
+    {
         Console::info("Starting the patch");
 
         $startTime = microtime(true);
 
-        if(!empty($projectId)) {
+        if (!empty($projectId)) {
             $project = $dbForConsole->getDocument('projects', $projectId);
             $dbForProject = call_user_func($getProjectDB, $project);
             $this->recreateRepositories($dbForConsole, $dbForProject, $project);
         } else {
             $queries = [];
-            if(!empty($after)) {
+            if (!empty($after)) {
                 Console::info("Iterating remaining projects after project with ID {$after}");
                 $project = $dbForConsole->getDocument('projects', $after);
                 $queries = [Query::cursorAfter($project)];
             } else {
                 Console::info("Iterating all projects");
             }
-            $this->foreachDocument($dbForConsole, 'projects', $queries, function(Document $project) use($getProjectDB, $dbForConsole){
+            $this->foreachDocument($dbForConsole, 'projects', $queries, function (Document $project) use ($getProjectDB, $dbForConsole) {
                 $dbForProject = call_user_func($getProjectDB, $project);
                 $this->recreateRepositories($dbForConsole, $dbForProject, $project);
             });
@@ -106,13 +103,13 @@ class patchRecreateRepositoriesDocuments extends Action
         $projectId = $project->getId();
         Console::log("Running patch for project {$projectId}");
 
-        $this->foreachDocument($dbForProject, 'functions', [], function(Document $function) use ($dbForConsole, $project) {
+        $this->foreachDocument($dbForProject, 'functions', [], function (Document $function) use ($dbForProject, $dbForConsole, $project) {
             $isConnected = !empty($function->getAttribute('providerRepositoryId', ''));
 
-            if($isConnected) {
+            if ($isConnected) {
                 $repository = $dbForConsole->getDocument('repositories', $function->getAttribute('repositoryId', ''));
 
-                if($repository->isEmpty()) {
+                if ($repository->isEmpty()) {
                     $projectId = $project->getId();
                     $functionId = $function->getId();
                     Console::success("Recreating repositories document for project ID {$projectId}, function ID {$functionId}");
@@ -134,6 +131,19 @@ class patchRecreateRepositoriesDocuments extends Action
                         'resourceType' => 'function',
                         'providerPullRequestIds' => []
                     ]));
+
+                    $function = $dbForProject->updateDocument('functions', $function->getId(), $function
+                        ->setAttribute('repositoryId', $repository->getId())
+                        ->setAttribute('repositoryInternalId', $repository->getInternalId()));
+
+                    $this->foreachDocument($dbForProject, 'deployments', [
+                        Query::equal('resourceInternalId', [$function->getInternalId()]),
+                        Query::equal('resourceType', ['functions'])
+                    ], function (Document $deployment) use ($dbForProject, $repository) {
+                        $dbForProject->updateDocument('deployments', $deployment->getId(), $deployment
+                            ->setAttribute('repositoryId', $repository->getId())
+                            ->setAttribute('repositoryInternalId', $repository->getInternalId()));
+                    });
                 }
             }
         });

From 2572cb43c2007829bb4f91dd58fc0a680cc3f7d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Ba=C4=8Do?= <matejbaco2000@gmail.com>
Date: Tue, 14 Nov 2023 15:11:17 +0100
Subject: [PATCH 4/6] Code cleanup

---
 .env | 38 ++++++--------------------------------
 1 file changed, 6 insertions(+), 32 deletions(-)

diff --git a/.env b/.env
index 759ddcc051..ad551e705a 100644
--- a/.env
+++ b/.env
@@ -90,38 +90,12 @@ _APP_GRAPHQL_MAX_COMPLEXITY=250
 _APP_GRAPHQL_MAX_DEPTH=3
 _APP_DOCKER_HUB_USERNAME=
 _APP_DOCKER_HUB_PASSWORD=
-_APP_VCS_GITHUB_APP_NAME=appwrite-generated-on-22-5-2023
-_APP_VCS_GITHUB_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEApUP3k7ratjenwOA1AtnmvZbNIm9Mhu181ryrnb7M1z1/OLUo
-jZ1iS8u1K/GQtoqCNI8RR38rBXW1hzfC34qAL3XrJr4caK+AKzV7B4y9e2Zn+VlF
-ZZ2rknNPlRLCwll6V60M7suqLONUADs6bvEs8GIR926gwNi8SmomtIj8k8UZFW00
-9L0OM0pvajJKASPynZ7jXfxic5Yu060BQq+IAtOkOaxyBF1xiGQRBuAt2movTI2X
-4PwGcSCy7YD6v2DRgHIoYehtdWx0DrbRgCXsmwMin5BR/7ZhBSJE7YVH9vSqWThe
-V8VmLKPiZZC5ZW2Vf28kM/FlkCgjfd0tNXs8lQIDAQABAoIBAQCWaFYhODSnE93z
-ttnoH2JVd7J4PW0be3ZbhNh3t1d8KPbpKE6hG/SC4QGg3bgDuekoZnCmbkE8NdWh
-G4maotVo3FvIJct7JwZxzLmMtHUaoqfMEogLJEUrAxERrkJcWMz0kIUtq2PUeIxR
-rZXPtGVe3RJW63MYL+ilnRhexDGDVa5I50jFCTT5GXXHl6tw6tei1rDc2kI7pb3k
-BGAxsRGXUK6Di9EmR2Z8xFHvM3LeuSWR2WalR8+abn661P3J+InMqh0s+TBB86kH
-6NUxoWKSCXjPfMWj15M0Wwm4CBlzgc6GS106hmHPi3YAQLCV4x0l4qmq+bdsQOnN
-VAOnPAohAoGBANidEYsMm5jaTklFnIExBkm5OHcKRuMgplMoEsVE/dglBPCJB3Uf
-JUmhMRVazztDGD0ciImypt4j9klR4zqSQv4Aa8OdwW/jcuNPm3qQrdSm86iP2Lbe
-V9DNKK0vQ/3srwIYxl9qabOLaQrKAeiPxfUuL91iyDIYtsPPIgfvVGfdAoGBAMNQ
-v5wruODDgf0mMm1nA9LNHlkMi8uaVvxFAhjWtmPOH4FHXgzMDGC6syvL+d1XIdtF
-tA/j/f/A1zFsYzeZRVBqVmpd8rvRzFTaRrBgLjI/vxmbJ7syr9rT7iZYvFYUv3c+
-mr8m5AIGULiGmMYnSWttIi2prlA17FC5Qp/lq/gZAoGAVrBlePSOwNl9Qy2suLda
-AN8zjdB7FiLW7ai3+mLmBD6sf2cXqPPSBGmSLy2sidcMOEjXC+SHi5dw1V8ERUiL
-rwOUHTFhXNn1/Kq7Wo3UQ6qdEPSgkm7hThsNEGI+H709POWVXlJEAyrj2wGFSgFg
-BAN7/GmwHPxvCGY5BFvvt7ECgYBIWqOA4RmN+h8vfnTz3lOmReJWLrWi6TwMHCxY
-s0HB21wEckG/D+AN/Vvef6PCgULDjiDUOiugEPonDvX6ZMcusRXuNXt0ZJYDYREK
-ybaTWtYaUEX5rR9EO3pfrkOmx+zd6c09vtR8g4ZntUTnMyqZp0YgEFnI0REIHnk1
-7sk0EQKBgGTzNU9Ir6cEZh4j+Qf5rA38bejkD8aRAYg5ozQcbNRJnrC7QnpmZPeD
-X/E9MZ6wj1BVXEn2oNC63n3QB+B8OhrIDAYDbnaCLzVDl/BTuom3uTCYk0beKncz
-AurSDpc15RFYjqn0DPBSii/DTaQIz0Rg+seZrOp5Ii2LrSlsnDPf
------END RSA PRIVATE KEY-----"
-_APP_VCS_GITHUB_APP_ID=337303
-_APP_VCS_GITHUB_CLIENT_ID=Iv1.306ee38582d3f948
-_APP_VCS_GITHUB_CLIENT_SECRET=eafc638eaeebe95c0db0fdf59a0a99b9e41832eb
-_APP_VCS_GITHUB_WEBHOOK_SECRET=gzbrfuenqodiefbrg39u
+_APP_VCS_GITHUB_APP_NAME=
+_APP_VCS_GITHUB_PRIVATE_KEY=disabled
+_APP_VCS_GITHUB_APP_ID=
+_APP_VCS_GITHUB_CLIENT_ID=
+_APP_VCS_GITHUB_CLIENT_SECRET=
+_APP_VCS_GITHUB_WEBHOOK_SECRET=
 _APP_MIGRATIONS_FIREBASE_CLIENT_ID=
 _APP_MIGRATIONS_FIREBASE_CLIENT_SECRET=
 _APP_ASSISTANT_OPENAI_API_KEY=
\ No newline at end of file

From 141b864a56c509f4adb561b98244a8edfdda7fc0 Mon Sep 17 00:00:00 2001
From: Khushboo Verma <43381712+vermakhushboo@users.noreply.github.com>
Date: Tue, 14 Nov 2023 19:49:23 +0530
Subject: [PATCH 5/6] Update permissions for create repository document

---
 app/controllers/api/functions.php | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/app/controllers/api/functions.php b/app/controllers/api/functions.php
index 268acc0692..9720a68889 100644
--- a/app/controllers/api/functions.php
+++ b/app/controllers/api/functions.php
@@ -761,11 +761,9 @@ App::put('/v1/functions/:functionId')
             $repository = $dbForConsole->createDocument('repositories', new Document([
                 '$id' => ID::unique(),
                 '$permissions' => [
-                    Permission::read(Role::team(ID::custom($teamId))),
-                    Permission::update(Role::team(ID::custom($teamId), 'owner')),
-                    Permission::update(Role::team(ID::custom($teamId), 'developer')),
-                    Permission::delete(Role::team(ID::custom($teamId), 'owner')),
-                    Permission::delete(Role::team(ID::custom($teamId), 'developer')),
+                    Permission::read(Role::any()),
+                    Permission::update(Role::any()),
+                    Permission::delete(Role::any()),
                 ],
                 'installationId' => $installation->getId(),
                 'installationInternalId' => $installation->getInternalId(),

From 7e1b618769448fd222d51551f64080d49443c1fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Ba=C4=8Do?= <matejbaco2000@gmail.com>
Date: Tue, 14 Nov 2023 16:50:59 +0100
Subject: [PATCH 6/6] Fix permission issues with repositories collection

---
 app/controllers/api/functions.php | 18 ++++++++++++------
 app/controllers/api/vcs.php       | 24 ++++++++++++------------
 2 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/app/controllers/api/functions.php b/app/controllers/api/functions.php
index 9720a68889..cbdbd3a1cb 100644
--- a/app/controllers/api/functions.php
+++ b/app/controllers/api/functions.php
@@ -242,12 +242,16 @@ App::post('/v1/functions')
 
         // Git connect logic
         if (!empty($providerRepositoryId)) {
+            $teamId = $project->getAttribute('teamId', '');
+
             $repository = $dbForConsole->createDocument('repositories', new Document([
                 '$id' => ID::unique(),
                 '$permissions' => [
-                    Permission::read(Role::any()),
-                    Permission::update(Role::any()),
-                    Permission::delete(Role::any()),
+                    Permission::read(Role::team(ID::custom($teamId))),
+                    Permission::update(Role::team(ID::custom($teamId), 'owner')),
+                    Permission::update(Role::team(ID::custom($teamId), 'developer')),
+                    Permission::delete(Role::team(ID::custom($teamId), 'owner')),
+                    Permission::delete(Role::team(ID::custom($teamId), 'developer')),
                 ],
                 'installationId' => $installation->getId(),
                 'installationInternalId' => $installation->getInternalId(),
@@ -761,9 +765,11 @@ App::put('/v1/functions/:functionId')
             $repository = $dbForConsole->createDocument('repositories', new Document([
                 '$id' => ID::unique(),
                 '$permissions' => [
-                    Permission::read(Role::any()),
-                    Permission::update(Role::any()),
-                    Permission::delete(Role::any()),
+                    Permission::read(Role::team(ID::custom($teamId))),
+                    Permission::update(Role::team(ID::custom($teamId), 'owner')),
+                    Permission::update(Role::team(ID::custom($teamId), 'developer')),
+                    Permission::delete(Role::team(ID::custom($teamId), 'owner')),
+                    Permission::delete(Role::team(ID::custom($teamId), 'developer')),
                 ],
                 'installationId' => $installation->getId(),
                 'installationInternalId' => $installation->getInternalId(),
diff --git a/app/controllers/api/vcs.php b/app/controllers/api/vcs.php
index 8b61580b76..68a84d0a1d 100644
--- a/app/controllers/api/vcs.php
+++ b/app/controllers/api/vcs.php
@@ -857,10 +857,10 @@ App::post('/v1/vcs/github/events')
                 $github->initializeVariables($providerInstallationId, $privateKey, $githubAppId);
 
                 //find functionId from functions table
-                $repositories = $dbForConsole->find('repositories', [
+                $repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
                     Query::equal('providerRepositoryId', [$providerRepositoryId]),
                     Query::limit(100),
-                ]);
+                ]));
 
                 // create new deployment only on push and not when branch is created
                 if (!$providerBranchCreated) {
@@ -877,13 +877,13 @@ App::post('/v1/vcs/github/events')
                     ]);
 
                     foreach ($installations as $installation) {
-                        $repositories = $dbForConsole->find('repositories', [
+                        $repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
                             Query::equal('installationInternalId', [$installation->getInternalId()]),
                             Query::limit(1000)
-                        ]);
+                        ]));
 
                         foreach ($repositories as $repository) {
-                            $dbForConsole->deleteDocument('repositories', $repository->getId());
+                            Authorization::skip(fn () => $dbForConsole->deleteDocument('repositories', $repository->getId()));
                         }
 
                         $dbForConsole->deleteDocument('installations', $installation->getId());
@@ -915,10 +915,10 @@ App::post('/v1/vcs/github/events')
                     $providerCommitAuthor = $commitDetails["commitAuthor"] ?? '';
                     $providerCommitMessage = $commitDetails["commitMessage"] ?? '';
 
-                    $repositories = $dbForConsole->find('repositories', [
+                    $repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
                         Query::equal('providerRepositoryId', [$providerRepositoryId]),
                         Query::orderDesc('$createdAt')
-                    ]);
+                    ]));
 
                     $createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthor, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, $providerPullRequestId, $external, $dbForConsole, $queueForBuilds, $getProjectDB, $request);
                 } elseif ($parsedPayload["action"] == "closed") {
@@ -929,10 +929,10 @@ App::post('/v1/vcs/github/events')
                     $external = $parsedPayload["external"] ?? true;
 
                     if ($external) {
-                        $repositories = $dbForConsole->find('repositories', [
+                        $repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
                             Query::equal('providerRepositoryId', [$providerRepositoryId]),
                             Query::orderDesc('$createdAt')
-                        ]);
+                        ]));
 
                         foreach ($repositories as $repository) {
                             $providerPullRequestIds = $repository->getAttribute('providerPullRequestIds', []);
@@ -1092,9 +1092,9 @@ App::patch('/v1/vcs/github/installations/:installationId/repositories/:repositor
             throw new Exception(Exception::INSTALLATION_NOT_FOUND);
         }
 
-        $repository = $dbForConsole->getDocument('repositories', $repositoryId, [
+        $repository = Authorization::skip(fn () => $dbForConsole->getDocument('repositories', $repositoryId, [
             Query::equal('projectInternalId', [$project->getInternalId()])
-        ]);
+        ]));
 
         if ($repository->isEmpty()) {
             throw new Exception(Exception::REPOSITORY_NOT_FOUND);
@@ -1109,7 +1109,7 @@ App::patch('/v1/vcs/github/installations/:installationId/repositories/:repositor
 
         // TODO: Delete from array when PR is closed
 
-        $repository = $dbForConsole->updateDocument('repositories', $repository->getId(), $repository);
+        $repository = Authorization::skip(fn () => $dbForConsole->updateDocument('repositories', $repository->getId(), $repository));
 
         $privateKey = App::getEnv('_APP_VCS_GITHUB_PRIVATE_KEY');
         $githubAppId = App::getEnv('_APP_VCS_GITHUB_APP_ID');