* fix: Normalize IP addresses to avoid validation errors on audit columns
Koa's `ctx.request.ip` can yield values that fail Sequelize's `isIP`
validation (X-Forwarded-For chains, IPv6 zone identifiers, "unknown"
from misconfigured proxies). This drops the IP metadata silently
instead of raising a 500 on Event/User writes.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* test: Cover IP normalization on User setters
Reviewer feedback. Also switches the column-options `set` to TypeScript
get/set accessors — the original approach was shadowed by the class
field declaration and never actually fired, which the new tests would
have caught.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
* wip
* Remove obsolete snapshots
* simplify
* chore(test): Convert mocks to TypeScript and tighten fetch mock types
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* Remove unneccessary patches
* Migrate to msw instead of custom fetch mock
* Address PR review comments
- Split chained vi.useFakeTimers().setSystemTime() into separate calls.
- Switch test setup to dynamic imports so EventEmitter.defaultMaxListeners
assignment runs before module init (static imports were hoisted above it).
- Drop redundant NODE_ENV guard in monkeyPatchSequelizeErrorsForJest; its
sole caller already gates on env.isTest.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
* fix: rename to group_permissions
* fix: delete null collectionId records before setting non null constraint
* fix: use scope with collectionId not null
* fix: update model with documentId
* fix: rename to GroupPermission
* fix: rename collection_users to user_permissions
* fix: teamPermanentDeleter test
* fix: use scope with collectionId not null
* fix: update model with documentId
* fix: rename to UserPermission
* fix: create views upon table rename for zero downtime
* fix: remove comments
* Index emails migration
* feat: Add available teams to auth.info endpoint
* test
* separate presenter
* Include data from sessions cookie, include likely logged in state
* test
* test: Add test for team only in session cookie
* Suggested query change in PR feedback
* Improve types
* More types, fix default permission for viewers added to collection
* fix change of default role for CollectionGroup
* Restore policy
* test
* tests
This PR moves the entire project to Typescript. Due to the ~1000 ignores this will lead to a messy codebase for a while, but the churn is worth it – all of those ignore comments are places that were never type-safe previously.
closes#1282
Tom Moor