From de91822ce72fe6a8ba26d5d6d104d2e35b39e6d1 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 27 May 2021 11:45:17 +0100
Subject: [PATCH 1/7] Adding test case for issue found by Andrew with formulas,
 HBS in deep context objects was being evaluated which is not valid and breaks
 things.

---
 .../src/processors/postprocessor.js           |   2 +-
 .../string-templates/test/examples/table.json | 305 ++++++++++++++++++
 .../string-templates/test/helpers.spec.js     |  14 +
 3 files changed, 320 insertions(+), 1 deletion(-)
 create mode 100644 packages/string-templates/test/examples/table.json

diff --git a/packages/string-templates/src/processors/postprocessor.js b/packages/string-templates/src/processors/postprocessor.js
index adc8362abe..4d1c84013a 100644
--- a/packages/string-templates/src/processors/postprocessor.js
+++ b/packages/string-templates/src/processors/postprocessor.js
@@ -18,7 +18,7 @@ class Postprocessor {
 
 module.exports.processors = [
   new Postprocessor(PostProcessorNames.CONVERT_LITERALS, statement => {
-    if (!statement.includes(LITERAL_MARKER)) {
+    if (typeof statement !== "string" || !statement.includes(LITERAL_MARKER)) {
       return statement
     }
     const splitMarkerIndex = statement.indexOf("-")
diff --git a/packages/string-templates/test/examples/table.json b/packages/string-templates/test/examples/table.json
new file mode 100644
index 0000000000..4d982e012b
--- /dev/null
+++ b/packages/string-templates/test/examples/table.json
@@ -0,0 +1,305 @@
+{
+  "user":{
+    "_id":"ro_ta_users_us_b0bc7ba0ce304294accc1ced8165dd23",
+    "_rev":"1-e9199d92e7286005a9c11c614fdbcc51",
+    "email":"test2@test.com",
+    "status":"active",
+    "roleId":"PUBLIC",
+    "test-Created By_text":"",
+    "test-Updated By_text":""
+  },
+  "closestComponentId":"c670254c9e74e40518ee5becff53aa5be",
+  "url":{
+
+  },
+  "c670254c9e74e40518ee5becff53aa5be":{
+    "rows":[
+      {
+        "_id":"ro_ta_1399af8a08d244a9885c674dd5555c84_8c1940e906254db5ac79c51011255d6c",
+        "_rev":"1-49ff5a4094a251a7767155eb85f4c9b7",
+        "sef":"sefesfesf",
+        "Name":"sefesf",
+        "tableId":"ta_1399af8a08d244a9885c674dd5555c84",
+        "Auto ID":1,
+        "Created At":"2021-05-27T10:30:37.386Z",
+        "Updated At":"2021-05-27T10:30:37.386Z",
+        "type":"row",
+        "Created By":[
+          {
+            "_id":"ro_ta_users_us_de1bd7fe710146db990d92845008c763"
+          }
+        ],
+        "Updated By":[
+          {
+            "_id":"ro_ta_users_us_de1bd7fe710146db990d92845008c763"
+          }
+        ],
+        "testing":"2",
+        "Created By_text":"",
+        "Updated By_text":""
+      }
+    ],
+    "schema":{
+      "Auto ID":{
+        "name":"Auto ID",
+        "type":"number",
+        "subtype":"autoID",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"number",
+          "presence":false,
+          "numericality":{
+            "greaterThanOrEqualTo":"",
+            "lessThanOrEqualTo":""
+          }
+        },
+        "lastID":1
+      },
+      "Created By":{
+        "name":"Created By",
+        "type":"link",
+        "subtype":"createdBy",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"array",
+          "presence":false
+        },
+        "tableId":"ta_users",
+        "fieldName":"test-Created By",
+        "relationshipType":"many-to-many"
+      },
+      "Created At":{
+        "name":"Created At",
+        "type":"datetime",
+        "subtype":"createdAt",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"string",
+          "length":{
+
+          },
+          "presence":false,
+          "datetime":{
+            "latest":"",
+            "earliest":""
+          }
+        }
+      },
+      "Updated By":{
+        "name":"Updated By",
+        "type":"link",
+        "subtype":"updatedBy",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"array",
+          "presence":false
+        },
+        "tableId":"ta_users",
+        "fieldName":"test-Updated By",
+        "relationshipType":"many-to-many"
+      },
+      "Updated At":{
+        "name":"Updated At",
+        "type":"datetime",
+        "subtype":"updatedAt",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"string",
+          "length":{
+
+          },
+          "presence":false,
+          "datetime":{
+            "latest":"",
+            "earliest":""
+          }
+        }
+      },
+      "Name":{
+        "type":"string",
+        "constraints":{
+          "type":"string",
+          "length":{
+            "maximum":null
+          },
+          "presence":false
+        },
+        "fieldName":"test",
+        "name":"Name"
+      },
+      "sef":{
+        "type":"string",
+        "constraints":{
+          "type":"string",
+          "length":{
+            "maximum":null
+          },
+          "presence":false
+        },
+        "fieldName":"test",
+        "name":"sef"
+      },
+      "testing":{
+        "type":"formula",
+        "constraints":{
+          "type":"string",
+          "presence":false
+        },
+        "fieldName":"test",
+        "name":"testing",
+        "formula":"{{ add [Auto ID] 1 }}"
+      }
+    },
+    "rowsLength":1
+  },
+  "data":{
+    "rows":[
+      {
+        "_id":"ro_ta_1399af8a08d244a9885c674dd5555c84_8c1940e906254db5ac79c51011255d6c",
+        "_rev":"1-49ff5a4094a251a7767155eb85f4c9b7",
+        "sef":"sefesfesf",
+        "Name":"sefesf",
+        "tableId":"ta_1399af8a08d244a9885c674dd5555c84",
+        "Auto ID":1,
+        "Created At":"2021-05-27T10:30:37.386Z",
+        "Updated At":"2021-05-27T10:30:37.386Z",
+        "type":"row",
+        "Created By":[
+          {
+            "_id":"ro_ta_users_us_de1bd7fe710146db990d92845008c763"
+          }
+        ],
+        "Updated By":[
+          {
+            "_id":"ro_ta_users_us_de1bd7fe710146db990d92845008c763"
+          }
+        ],
+        "testing":"2",
+        "Created By_text":"",
+        "Updated By_text":""
+      }
+    ],
+    "schema":{
+      "Auto ID":{
+        "name":"Auto ID",
+        "type":"number",
+        "subtype":"autoID",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"number",
+          "presence":false,
+          "numericality":{
+            "greaterThanOrEqualTo":"",
+            "lessThanOrEqualTo":""
+          }
+        },
+        "lastID":1
+      },
+      "Created By":{
+        "name":"Created By",
+        "type":"link",
+        "subtype":"createdBy",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"array",
+          "presence":false
+        },
+        "tableId":"ta_users",
+        "fieldName":"test-Created By",
+        "relationshipType":"many-to-many"
+      },
+      "Created At":{
+        "name":"Created At",
+        "type":"datetime",
+        "subtype":"createdAt",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"string",
+          "length":{
+
+          },
+          "presence":false,
+          "datetime":{
+            "latest":"",
+            "earliest":""
+          }
+        }
+      },
+      "Updated By":{
+        "name":"Updated By",
+        "type":"link",
+        "subtype":"updatedBy",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"array",
+          "presence":false
+        },
+        "tableId":"ta_users",
+        "fieldName":"test-Updated By",
+        "relationshipType":"many-to-many"
+      },
+      "Updated At":{
+        "name":"Updated At",
+        "type":"datetime",
+        "subtype":"updatedAt",
+        "icon":"ri-magic-line",
+        "autocolumn":true,
+        "constraints":{
+          "type":"string",
+          "length":{
+
+          },
+          "presence":false,
+          "datetime":{
+            "latest":"",
+            "earliest":""
+          }
+        }
+      },
+      "Name":{
+        "type":"string",
+        "constraints":{
+          "type":"string",
+          "length":{
+            "maximum":null
+          },
+          "presence":false
+        },
+        "fieldName":"test",
+        "name":"Name"
+      },
+      "sef":{
+        "type":"string",
+        "constraints":{
+          "type":"string",
+          "length":{
+            "maximum":null
+          },
+          "presence":false
+        },
+        "fieldName":"test",
+        "name":"sef"
+      },
+      "testing":{
+        "type":"formula",
+        "constraints":{
+          "type":"string",
+          "presence":false
+        },
+        "fieldName":"test",
+        "name":"testing",
+        "formula":"{{ add [Auto ID] 1 }}"
+      }
+    },
+    "rowsLength":1
+  }
+}
\ No newline at end of file
diff --git a/packages/string-templates/test/helpers.spec.js b/packages/string-templates/test/helpers.spec.js
index 0d14133aad..0217395537 100644
--- a/packages/string-templates/test/helpers.spec.js
+++ b/packages/string-templates/test/helpers.spec.js
@@ -1,4 +1,5 @@
 const { processString, processObject, isValid } = require("../src/index.cjs")
+const tableJson = require("./examples/table.json")
 
 describe("test the custom helpers we have applied", () => {
   it("should be able to use the object helper", async () => {
@@ -388,4 +389,17 @@ describe("Cover a few complex use cases", () => {
     const output = await processObject(input, context)
     expect(output.text).toBe("12-01")
   })
+
+  it("should only invalidate a single string in an object", async () => {
+    const input = {
+      dataProvider:"{{ literal [c670254c9e74e40518ee5becff53aa5be] }}",
+      theme:"spectrum--lightest",
+      showAutoColumns:false,
+      quiet:true,
+      size:"spectrum--medium",
+      rowCount:8,
+    }
+    const output = await processObject(input, tableJson)
+    expect(output.dataProvider).not.toBe("Invalid Binding")
+  })
 })

From 88b31d740671219551f79c1768a4ab0faf221ca8 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 27 May 2021 12:05:31 +0100
Subject: [PATCH 2/7] Fixing an issue with redirect loop in auth,

---
 packages/auth/src/security/permissions.js              | 3 +++
 packages/builder/src/pages/builder/auth/_layout.svelte | 4 ++--
 packages/server/src/api/routes/analytics.js            | 2 +-
 packages/server/src/api/routes/application.js          | 6 +++---
 4 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/packages/auth/src/security/permissions.js b/packages/auth/src/security/permissions.js
index 03fa5fa562..3b03ccb8ee 100644
--- a/packages/auth/src/security/permissions.js
+++ b/packages/auth/src/security/permissions.js
@@ -17,6 +17,7 @@ const PermissionTypes = {
   BUILDER: "builder",
   VIEW: "view",
   QUERY: "query",
+  APP: "app",
 }
 
 function Permission(type, level) {
@@ -86,6 +87,7 @@ const BUILTIN_PERMISSIONS = {
       new Permission(PermissionTypes.QUERY, PermissionLevels.READ),
       new Permission(PermissionTypes.TABLE, PermissionLevels.READ),
       new Permission(PermissionTypes.VIEW, PermissionLevels.READ),
+      new Permission(PermissionTypes.APP, PermissionLevels.READ),
     ],
   },
   WRITE: {
@@ -118,6 +120,7 @@ const BUILTIN_PERMISSIONS = {
       new Permission(PermissionTypes.VIEW, PermissionLevels.ADMIN),
       new Permission(PermissionTypes.WEBHOOK, PermissionLevels.READ),
       new Permission(PermissionTypes.QUERY, PermissionLevels.ADMIN),
+      new Permission(PermissionTypes.APP, PermissionLevels.ADMIN),
     ],
   },
 }
diff --git a/packages/builder/src/pages/builder/auth/_layout.svelte b/packages/builder/src/pages/builder/auth/_layout.svelte
index ac224a41db..eb9e229a9d 100644
--- a/packages/builder/src/pages/builder/auth/_layout.svelte
+++ b/packages/builder/src/pages/builder/auth/_layout.svelte
@@ -7,12 +7,12 @@
   // Check this onMount rather than a reactive statement to avoid trumping
   // the login return URL functionality.
   onMount(() => {
-    if ($auth.user) {
+    if ($auth.user && !$auth.user.forceResetPassword) {
       $redirect("../")
     }
   })
 </script>
 
-{#if !$auth.user}
+{#if !$auth.user || $auth.user.forceResetPassword}
   <slot />
 {/if}
diff --git a/packages/server/src/api/routes/analytics.js b/packages/server/src/api/routes/analytics.js
index fc05ecfecd..f8e9c8c8e7 100644
--- a/packages/server/src/api/routes/analytics.js
+++ b/packages/server/src/api/routes/analytics.js
@@ -5,6 +5,6 @@ const { BUILDER } = require("@budibase/auth/permissions")
 
 const router = Router()
 
-router.get("/api/analytics", authorized(BUILDER), controller.isEnabled)
+router.get("/api/analytics", controller.isEnabled)
 
 module.exports = router
diff --git a/packages/server/src/api/routes/application.js b/packages/server/src/api/routes/application.js
index edb6957144..51ac4335fd 100644
--- a/packages/server/src/api/routes/application.js
+++ b/packages/server/src/api/routes/application.js
@@ -1,16 +1,16 @@
 const Router = require("@koa/router")
 const controller = require("../controllers/application")
 const authorized = require("../../middleware/authorized")
-const { BUILDER } = require("@budibase/auth/permissions")
+const { BUILDER, PermissionTypes, PermissionLevels } = require("@budibase/auth/permissions")
 
 const router = Router()
 
 router
   .get("/api/applications/:appId/definition", controller.fetchAppDefinition)
-  .get("/api/applications", authorized(BUILDER), controller.fetch)
+  .get("/api/applications", authorized(PermissionTypes.APP, PermissionLevels.READ), controller.fetch)
   .get(
     "/api/applications/:appId/appPackage",
-    authorized(BUILDER),
+    authorized(PermissionTypes.APP, PermissionLevels.READ),
     controller.fetchAppPackage
   )
   .put("/api/applications/:appId", authorized(BUILDER), controller.update)

From aab11fa9329f012e08fa91e64790c66ab5ed06c3 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 27 May 2021 14:53:41 +0100
Subject: [PATCH 3/7] Updating permissions to allow roles other than
 builder/admin to use apps properly.

---
 packages/auth/src/security/permissions.js       | 3 ---
 packages/server/src/api/routes/application.js   | 5 ++---
 packages/server/src/middleware/currentapp.js    | 8 +++++---
 packages/server/src/utilities/workerRequests.js | 7 +++++--
 4 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/packages/auth/src/security/permissions.js b/packages/auth/src/security/permissions.js
index 3b03ccb8ee..03fa5fa562 100644
--- a/packages/auth/src/security/permissions.js
+++ b/packages/auth/src/security/permissions.js
@@ -17,7 +17,6 @@ const PermissionTypes = {
   BUILDER: "builder",
   VIEW: "view",
   QUERY: "query",
-  APP: "app",
 }
 
 function Permission(type, level) {
@@ -87,7 +86,6 @@ const BUILTIN_PERMISSIONS = {
       new Permission(PermissionTypes.QUERY, PermissionLevels.READ),
       new Permission(PermissionTypes.TABLE, PermissionLevels.READ),
       new Permission(PermissionTypes.VIEW, PermissionLevels.READ),
-      new Permission(PermissionTypes.APP, PermissionLevels.READ),
     ],
   },
   WRITE: {
@@ -120,7 +118,6 @@ const BUILTIN_PERMISSIONS = {
       new Permission(PermissionTypes.VIEW, PermissionLevels.ADMIN),
       new Permission(PermissionTypes.WEBHOOK, PermissionLevels.READ),
       new Permission(PermissionTypes.QUERY, PermissionLevels.ADMIN),
-      new Permission(PermissionTypes.APP, PermissionLevels.ADMIN),
     ],
   },
 }
diff --git a/packages/server/src/api/routes/application.js b/packages/server/src/api/routes/application.js
index 51ac4335fd..22cb617cfa 100644
--- a/packages/server/src/api/routes/application.js
+++ b/packages/server/src/api/routes/application.js
@@ -1,16 +1,15 @@
 const Router = require("@koa/router")
 const controller = require("../controllers/application")
 const authorized = require("../../middleware/authorized")
-const { BUILDER, PermissionTypes, PermissionLevels } = require("@budibase/auth/permissions")
+const { BUILDER } = require("@budibase/auth/permissions")
 
 const router = Router()
 
 router
   .get("/api/applications/:appId/definition", controller.fetchAppDefinition)
-  .get("/api/applications", authorized(PermissionTypes.APP, PermissionLevels.READ), controller.fetch)
+  .get("/api/applications", controller.fetch)
   .get(
     "/api/applications/:appId/appPackage",
-    authorized(PermissionTypes.APP, PermissionLevels.READ),
     controller.fetchAppPackage
   )
   .put("/api/applications/:appId", authorized(BUILDER), controller.update)
diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js
index f808403bac..d3c72fe83a 100644
--- a/packages/server/src/middleware/currentapp.js
+++ b/packages/server/src/middleware/currentapp.js
@@ -1,7 +1,7 @@
 const { getAppId, setCookie, getCookie } = require("@budibase/auth").utils
 const { Cookies } = require("@budibase/auth").constants
 const { getRole } = require("@budibase/auth/roles")
-const { getGlobalUsers } = require("../utilities/workerRequests")
+const { getGlobalUsers, getGlobalSelf } = require("../utilities/workerRequests")
 const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
 const { generateUserMetadataID } = require("../db/utils")
 
@@ -25,10 +25,11 @@ module.exports = async (ctx, next) => {
     requestAppId != null &&
     (appCookie == null ||
       requestAppId !== appCookie.appId ||
-      appCookie.roleId === BUILTIN_ROLE_IDS.PUBLIC)
+      appCookie.roleId === BUILTIN_ROLE_IDS.PUBLIC ||
+      !appCookie.roleId)
   ) {
     // Different App ID means cookie needs reset, or if the same public user has logged in
-    const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user._id)
+    const globalUser = await getGlobalSelf(ctx, requestAppId)
     updateCookie = true
     appId = requestAppId
     // retrieving global user gets the right role
@@ -51,6 +52,7 @@ module.exports = async (ctx, next) => {
       // override userID with metadata one
       _id: userId,
       userId,
+      roleId,
       role: await getRole(appId, roleId),
     }
   }
diff --git a/packages/server/src/utilities/workerRequests.js b/packages/server/src/utilities/workerRequests.js
index 49e24e5d60..d111293256 100644
--- a/packages/server/src/utilities/workerRequests.js
+++ b/packages/server/src/utilities/workerRequests.js
@@ -119,16 +119,19 @@ exports.getGlobalUsers = async (ctx, appId = null, globalId = null) => {
   return users
 }
 
-exports.getGlobalSelf = async ctx => {
+exports.getGlobalSelf = async (ctx, appId = null) => {
   const endpoint = `/api/admin/users/self`
   const response = await fetch(
     checkSlashesInUrl(env.WORKER_URL + endpoint),
     request(ctx, { method: "GET" })
   )
-  const json = await response.json()
+  let json = await response.json()
   if (json.status !== 200 && response.status !== 200) {
     ctx.throw(400, "Unable to get self globally.")
   }
+  if (appId) {
+    json = getAppRole(appId, json)
+  }
   return json
 }
 

From bf91cb35a69065aab28b08c4642d72411953c0aa Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 27 May 2021 14:53:47 +0100
Subject: [PATCH 4/7] Formatting.

---
 packages/server/src/api/routes/application.js | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/packages/server/src/api/routes/application.js b/packages/server/src/api/routes/application.js
index 22cb617cfa..a7209df3e9 100644
--- a/packages/server/src/api/routes/application.js
+++ b/packages/server/src/api/routes/application.js
@@ -8,10 +8,7 @@ const router = Router()
 router
   .get("/api/applications/:appId/definition", controller.fetchAppDefinition)
   .get("/api/applications", controller.fetch)
-  .get(
-    "/api/applications/:appId/appPackage",
-    controller.fetchAppPackage
-  )
+  .get("/api/applications/:appId/appPackage", controller.fetchAppPackage)
   .put("/api/applications/:appId", authorized(BUILDER), controller.update)
   .post("/api/applications", authorized(BUILDER), controller.create)
   .delete("/api/applications/:appId", authorized(BUILDER), controller.delete)

From 9fb5e973300f36760b8428770db35fa694715dce Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 27 May 2021 14:55:48 +0100
Subject: [PATCH 5/7] Linting.

---
 packages/server/src/api/routes/analytics.js  | 2 --
 packages/server/src/middleware/currentapp.js | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/packages/server/src/api/routes/analytics.js b/packages/server/src/api/routes/analytics.js
index f8e9c8c8e7..781a959acb 100644
--- a/packages/server/src/api/routes/analytics.js
+++ b/packages/server/src/api/routes/analytics.js
@@ -1,7 +1,5 @@
 const Router = require("@koa/router")
-const authorized = require("../../middleware/authorized")
 const controller = require("../controllers/analytics")
-const { BUILDER } = require("@budibase/auth/permissions")
 
 const router = Router()
 
diff --git a/packages/server/src/middleware/currentapp.js b/packages/server/src/middleware/currentapp.js
index d3c72fe83a..ae83da8ba6 100644
--- a/packages/server/src/middleware/currentapp.js
+++ b/packages/server/src/middleware/currentapp.js
@@ -1,7 +1,7 @@
 const { getAppId, setCookie, getCookie } = require("@budibase/auth").utils
 const { Cookies } = require("@budibase/auth").constants
 const { getRole } = require("@budibase/auth/roles")
-const { getGlobalUsers, getGlobalSelf } = require("../utilities/workerRequests")
+const { getGlobalSelf } = require("../utilities/workerRequests")
 const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
 const { generateUserMetadataID } = require("../db/utils")
 

From 3d01ac17e94da28dfa2c7561887c9ab34ccd9825 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 27 May 2021 15:21:00 +0100
Subject: [PATCH 6/7] Updating date helper to use UTC.

---
 packages/string-templates/src/helpers/date.js  | 7 ++++++-
 packages/string-templates/test/helpers.spec.js | 9 +++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/packages/string-templates/src/helpers/date.js b/packages/string-templates/src/helpers/date.js
index 0d9bd78036..ce845eee3f 100644
--- a/packages/string-templates/src/helpers/date.js
+++ b/packages/string-templates/src/helpers/date.js
@@ -2,6 +2,7 @@ const dayjs = require("dayjs")
 dayjs.extend(require("dayjs/plugin/duration"))
 dayjs.extend(require("dayjs/plugin/advancedFormat"))
 dayjs.extend(require("dayjs/plugin/relativeTime"))
+dayjs.extend(require("dayjs/plugin/utc"))
 
 /**
  * This file was largely taken from the helper-date package - we did this for two reasons:
@@ -88,7 +89,11 @@ module.exports.date = (str, pattern, options) => {
 
   setLocale(config.str, config.pattern, config.options)
 
-  return dayjs(new Date(config.str)).format(config.pattern)
+  const date = dayjs(new Date(config.str)).utc()
+  if (config.pattern === "") {
+    return date.toISOString()
+  }
+  return date.format(config.pattern)
 }
 
 module.exports.duration = (str, pattern, format) => {
diff --git a/packages/string-templates/test/helpers.spec.js b/packages/string-templates/test/helpers.spec.js
index 0217395537..6be8e2ed0e 100644
--- a/packages/string-templates/test/helpers.spec.js
+++ b/packages/string-templates/test/helpers.spec.js
@@ -356,6 +356,15 @@ describe("Cover a few complex use cases", () => {
     expect(validity).toBe(true)
   })
 
+  it("should test a case of attempting to get a UTC ISO back out after processing", async () => {
+    const date = new Date()
+    const input = `{{ date (subtract (date dateThing "x") 300000) "" }}`
+    const output = await processString(input, {
+      dateThing: date.toISOString(),
+    })
+    expect(output).toEqual(new Date(date.getTime() - 300000).toISOString())
+  })
+
   it("test a very complex duration output", async () => {
     const currentTime = new Date(1612432082000).toISOString(),
       eventTime = new Date(1612432071000).toISOString()

From c9a352bee78a7ea5239835a2364c257661b30531 Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Thu, 27 May 2021 15:40:55 +0100
Subject: [PATCH 7/7] Fixing server test cases.

---
 packages/server/src/api/routes/tests/application.spec.js | 8 --------
 packages/server/src/api/routes/tests/user.spec.js        | 4 +++-
 packages/server/src/api/routes/tests/utilities/index.js  | 5 +++++
 packages/server/src/integrations/postgres.js             | 4 ++--
 packages/server/src/middleware/tests/currentapp.spec.js  | 2 +-
 5 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/packages/server/src/api/routes/tests/application.spec.js b/packages/server/src/api/routes/tests/application.spec.js
index dc550cd237..ac353ffb03 100644
--- a/packages/server/src/api/routes/tests/application.spec.js
+++ b/packages/server/src/api/routes/tests/application.spec.js
@@ -61,14 +61,6 @@ describe("/applications", () => {
       // two created apps + the inited app
       expect(res.body.length).toBe(3)
     })
-
-    it("should apply authorization to endpoint", async () => {
-      await checkBuilderEndpoint({
-        config,
-        method: "GET",
-        url: `/api/applications`,
-      })
-    })
   })
 
   describe("fetchAppDefinition", () => {
diff --git a/packages/server/src/api/routes/tests/user.spec.js b/packages/server/src/api/routes/tests/user.spec.js
index 129a5f44fa..30aa711524 100644
--- a/packages/server/src/api/routes/tests/user.spec.js
+++ b/packages/server/src/api/routes/tests/user.spec.js
@@ -1,13 +1,15 @@
 const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
 const { checkPermissionsEndpoint } = require("./utilities/TestFunctions")
 const setup = require("./utilities")
-const { basicUser } = setup.structures
 const workerRequests = require("../../../utilities/workerRequests")
 
 jest.mock("../../../utilities/workerRequests", () => ({
   getGlobalUsers: jest.fn(() => {
     return {}
   }),
+  getGlobalSelf: jest.fn(() => {
+    return {}
+  }),
   addAppRoleToUser: jest.fn(),
   deleteGlobalUser: jest.fn(),
 }))
diff --git a/packages/server/src/api/routes/tests/utilities/index.js b/packages/server/src/api/routes/tests/utilities/index.js
index 6a9f982bcb..713a3f799e 100644
--- a/packages/server/src/api/routes/tests/utilities/index.js
+++ b/packages/server/src/api/routes/tests/utilities/index.js
@@ -8,6 +8,11 @@ jest.mock("../../../../utilities/workerRequests", () => ({
       _id: "us_uuid1",
     }
   }),
+  getGlobalSelf: jest.fn(() => {
+    return {
+      _id: "us_uuid1",
+    }
+  }),
 }))
 
 exports.delay = ms => new Promise(resolve => setTimeout(resolve, ms))
diff --git a/packages/server/src/integrations/postgres.js b/packages/server/src/integrations/postgres.js
index 47790764a9..ed49e42f1c 100644
--- a/packages/server/src/integrations/postgres.js
+++ b/packages/server/src/integrations/postgres.js
@@ -58,9 +58,9 @@ const SCHEMA = {
 class PostgresIntegration {
   constructor(config) {
     this.config = config
-    if (this.config.ssl.rejectUnauthorized) {
+    if (this.config.ssl && this.config.ssl.rejectUnauthorized) {
       this.config.ssl.rejectUnauthorized =
-        this.config.ssl.rejectUnauthorized === "true" ? true : false
+        this.config.ssl.rejectUnauthorized === "true"
     }
 
     if (!pool) {
diff --git a/packages/server/src/middleware/tests/currentapp.spec.js b/packages/server/src/middleware/tests/currentapp.spec.js
index fd5a6623af..2b4a815542 100644
--- a/packages/server/src/middleware/tests/currentapp.spec.js
+++ b/packages/server/src/middleware/tests/currentapp.spec.js
@@ -3,7 +3,7 @@ mockWorker()
 
 function mockWorker() {
   jest.mock("../../utilities/workerRequests", () => ({
-    getGlobalUsers: () => {
+    getGlobalSelf: () => {
       return {
         _id: "us_uuid1",
         roles: {