merge v0.23.0-rc changes

forms/admin_login.go

@@ -1,80 +0,0 @@
-package forms
-
-import (
-	"database/sql"
-	"errors"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-)
-
-// AdminLogin is an admin email/pass login form.
-type AdminLogin struct {
-	app core.App
-	dao *daos.Dao
-
-	Identity string `form:"identity" json:"identity"`
-	Password string `form:"password" json:"password"`
-}
-
-// NewAdminLogin creates a new [AdminLogin] form initialized with
-// the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewAdminLogin(app core.App) *AdminLogin {
-	return &AdminLogin{
-		app: app,
-		dao: app.Dao(),
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *AdminLogin) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *AdminLogin) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(&form.Identity, validation.Required, validation.Length(1, 255), is.EmailFormat),
-		validation.Field(&form.Password, validation.Required, validation.Length(1, 255)),
-	)
-}
-
-// Submit validates and submits the admin form.
-// On success returns the authorized admin model.
-//
-// You can optionally provide a list of InterceptorFunc to
-// further modify the form behavior before persisting it.
-func (form *AdminLogin) Submit(interceptors ...InterceptorFunc[*models.Admin]) (*models.Admin, error) {
-	if err := form.Validate(); err != nil {
-		return nil, err
-	}
-
-	admin, fetchErr := form.dao.FindAdminByEmail(form.Identity)
-
-	// ignore not found errors to allow custom fetch implementations
-	if fetchErr != nil && !errors.Is(fetchErr, sql.ErrNoRows) {
-		return nil, fetchErr
-	}
-
-	interceptorsErr := runInterceptors(admin, func(m *models.Admin) error {
-		admin = m
-
-		if admin == nil || !admin.ValidatePassword(form.Password) {
-			return errors.New("Invalid login credentials.")
-		}
-
-		return nil
-	}, interceptors...)
-
-	if interceptorsErr != nil {
-		return nil, interceptorsErr
-	}
-
-	return admin, nil
-}

forms/admin_login_test.go

@@ -1,100 +0,0 @@
-package forms_test
-
-import (
-	"errors"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestAdminLoginValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	form := forms.NewAdminLogin(app)
-
-	scenarios := []struct {
-		email       string
-		password    string
-		expectError bool
-	}{
-		{"", "", true},
-		{"", "1234567890", true},
-		{"test@example.com", "", true},
-		{"test", "test", true},
-		{"missing@example.com", "1234567890", true},
-		{"test@example.com", "123456789", true},
-		{"test@example.com", "1234567890", false},
-	}
-
-	for i, s := range scenarios {
-		form.Identity = s.email
-		form.Password = s.password
-
-		admin, err := form.Submit()
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-
-		if !s.expectError && admin == nil {
-			t.Errorf("(%d) Expected admin model to be returned, got nil", i)
-		}
-
-		if admin != nil && admin.Email != s.email {
-			t.Errorf("(%d) Expected admin with email %s to be returned, got %v", i, s.email, admin)
-		}
-	}
-}
-
-func TestAdminLoginInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	form := forms.NewAdminLogin(testApp)
-	form.Identity = "test@example.com"
-	form.Password = "123456"
-	var interceptorAdmin *models.Admin
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(admin *models.Admin) error {
-			interceptor1Called = true
-			return next(admin)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(admin *models.Admin) error {
-			interceptorAdmin = admin
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	_, submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorAdmin == nil || interceptorAdmin.Email != form.Identity {
-		t.Fatalf("Expected Admin model with email %s, got %v", form.Identity, interceptorAdmin)
-	}
-}

forms/admin_password_reset_confirm.go

@@ -1,96 +0,0 @@
-package forms
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/forms/validators"
-	"github.com/pocketbase/pocketbase/models"
-)
-
-// AdminPasswordResetConfirm is an admin password reset confirmation form.
-type AdminPasswordResetConfirm struct {
-	app core.App
-	dao *daos.Dao
-
-	Token           string `form:"token" json:"token"`
-	Password        string `form:"password" json:"password"`
-	PasswordConfirm string `form:"passwordConfirm" json:"passwordConfirm"`
-}
-
-// NewAdminPasswordResetConfirm creates a new [AdminPasswordResetConfirm]
-// form initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewAdminPasswordResetConfirm(app core.App) *AdminPasswordResetConfirm {
-	return &AdminPasswordResetConfirm{
-		app: app,
-		dao: app.Dao(),
-	}
-}
-
-// SetDao replaces the form Dao instance with the provided one.
-//
-// This is useful if you want to use a specific transaction Dao instance
-// instead of the default app.Dao().
-func (form *AdminPasswordResetConfirm) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *AdminPasswordResetConfirm) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(&form.Token, validation.Required, validation.By(form.checkToken)),
-		validation.Field(&form.Password, validation.Required, validation.Length(10, 72)),
-		validation.Field(&form.PasswordConfirm, validation.Required, validation.By(validators.Compare(form.Password))),
-	)
-}
-
-func (form *AdminPasswordResetConfirm) checkToken(value any) error {
-	v, _ := value.(string)
-	if v == "" {
-		return nil // nothing to check
-	}
-
-	admin, err := form.dao.FindAdminByToken(v, form.app.Settings().AdminPasswordResetToken.Secret)
-	if err != nil || admin == nil {
-		return validation.NewError("validation_invalid_token", "Invalid or expired token.")
-	}
-
-	return nil
-}
-
-// Submit validates and submits the admin password reset confirmation form.
-// On success returns the updated admin model associated to `form.Token`.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *AdminPasswordResetConfirm) Submit(interceptors ...InterceptorFunc[*models.Admin]) (*models.Admin, error) {
-	if err := form.Validate(); err != nil {
-		return nil, err
-	}
-
-	admin, err := form.dao.FindAdminByToken(
-		form.Token,
-		form.app.Settings().AdminPasswordResetToken.Secret,
-	)
-	if err != nil {
-		return nil, err
-	}
-
-	if err := admin.SetPassword(form.Password); err != nil {
-		return nil, err
-	}
-
-	interceptorsErr := runInterceptors(admin, func(m *models.Admin) error {
-		admin = m
-		return form.dao.SaveAdmin(m)
-	}, interceptors...)
-
-	if interceptorsErr != nil {
-		return nil, interceptorsErr
-	}
-
-	return admin, nil
-}

forms/admin_password_reset_confirm_test.go

@@ -1,154 +0,0 @@
-package forms_test
-
-import (
-	"errors"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/security"
-)
-
-func TestAdminPasswordResetConfirmValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	form := forms.NewAdminPasswordResetConfirm(app)
-
-	scenarios := []struct {
-		token           string
-		password        string
-		passwordConfirm string
-		expectError     bool
-	}{
-		{"", "", "", true},
-		{"", "123", "", true},
-		{"", "", "123", true},
-		{"test", "", "", true},
-		{"test", "123", "", true},
-		{"test", "123", "123", true},
-		{
-			// expired
-			"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImV4cCI6MTY0MDk5MTY2MX0.GLwCOsgWTTEKXTK-AyGW838de1OeZGIjfHH0FoRLqZg",
-			"1234567890",
-			"1234567890",
-			true,
-		},
-		{
-			// valid with mismatched passwords
-			"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4MTYwMH0.kwFEler6KSMKJNstuaSDvE1QnNdCta5qSnjaIQ0hhhc",
-			"1234567890",
-			"1234567891",
-			true,
-		},
-		{
-			// valid with matching passwords
-			"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4MTYwMH0.kwFEler6KSMKJNstuaSDvE1QnNdCta5qSnjaIQ0hhhc",
-			"1234567891",
-			"1234567891",
-			false,
-		},
-	}
-
-	for i, s := range scenarios {
-		form.Token = s.token
-		form.Password = s.password
-		form.PasswordConfirm = s.passwordConfirm
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-			return func(m *models.Admin) error {
-				interceptorCalls++
-				return next(m)
-			}
-		}
-
-		admin, err := form.Submit(interceptor)
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if s.expectError {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-			continue
-		}
-
-		if s.expectError {
-			continue
-		}
-
-		claims, _ := security.ParseUnverifiedJWT(s.token)
-		tokenAdminId := claims["id"]
-
-		if admin.Id != tokenAdminId {
-			t.Errorf("(%d) Expected admin with id %s to be returned, got %v", i, tokenAdminId, admin)
-		}
-
-		if !admin.ValidatePassword(form.Password) {
-			t.Errorf("(%d) Expected the admin password to have been updated to %q", i, form.Password)
-		}
-	}
-}
-
-func TestAdminPasswordResetConfirmInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	admin, err := testApp.Dao().FindAdminByEmail("test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewAdminPasswordResetConfirm(testApp)
-	form.Token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InN5d2JoZWNuaDQ2cmhtMCIsInR5cGUiOiJhZG1pbiIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4MTYwMH0.kwFEler6KSMKJNstuaSDvE1QnNdCta5qSnjaIQ0hhhc"
-	form.Password = "1234567891"
-	form.PasswordConfirm = "1234567891"
-	interceptorTokenKey := admin.TokenKey
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(admin *models.Admin) error {
-			interceptor1Called = true
-			return next(admin)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(admin *models.Admin) error {
-			interceptorTokenKey = admin.TokenKey
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	_, submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorTokenKey == admin.TokenKey {
-		t.Fatalf("Expected the form model to be filled before calling the interceptors")
-	}
-}

forms/admin_password_reset_request.go

@@ -1,89 +0,0 @@
-package forms
-
-import (
-	"errors"
-	"fmt"
-	"time"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/mails"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-// AdminPasswordResetRequest is an admin password reset request form.
-type AdminPasswordResetRequest struct {
-	app             core.App
-	dao             *daos.Dao
-	resendThreshold float64 // in seconds
-
-	Email string `form:"email" json:"email"`
-}
-
-// NewAdminPasswordResetRequest creates a new [AdminPasswordResetRequest]
-// form initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewAdminPasswordResetRequest(app core.App) *AdminPasswordResetRequest {
-	return &AdminPasswordResetRequest{
-		app:             app,
-		dao:             app.Dao(),
-		resendThreshold: 120, // 2min
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *AdminPasswordResetRequest) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-//
-// This method doesn't verify that admin with `form.Email` exists (this is done on Submit).
-func (form *AdminPasswordResetRequest) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.Email,
-			validation.Required,
-			validation.Length(1, 255),
-			is.EmailFormat,
-		),
-	)
-}
-
-// Submit validates and submits the form.
-// On success sends a password reset email to the `form.Email` admin.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *AdminPasswordResetRequest) Submit(interceptors ...InterceptorFunc[*models.Admin]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	admin, err := form.dao.FindAdminByEmail(form.Email)
-	if err != nil {
-		return fmt.Errorf("Failed to fetch admin with email %s: %w", form.Email, err)
-	}
-
-	now := time.Now().UTC()
-	lastResetSentAt := admin.LastResetSentAt.Time()
-	if now.Sub(lastResetSentAt).Seconds() < form.resendThreshold {
-		return errors.New("You have already requested a password reset.")
-	}
-
-	return runInterceptors(admin, func(m *models.Admin) error {
-		if err := mails.SendAdminPasswordReset(form.app, m); err != nil {
-			return err
-		}
-
-		// update last sent timestamp
-		m.LastResetSentAt = types.NowDateTime()
-
-		return form.dao.SaveAdmin(m)
-	}, interceptors...)
-}

forms/admin_password_reset_request_test.go

@@ -1,127 +0,0 @@
-package forms_test
-
-import (
-	"errors"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestAdminPasswordResetRequestValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	form := forms.NewAdminPasswordResetRequest(testApp)
-
-	scenarios := []struct {
-		email       string
-		expectError bool
-	}{
-		{"", true},
-		{"", true},
-		{"invalid", true},
-		{"missing@example.com", true},
-		{"test@example.com", false},
-		{"test@example.com", true}, // already requested
-	}
-
-	for i, s := range scenarios {
-		testApp.TestMailer.TotalSend = 0 // reset
-		form.Email = s.email
-
-		adminBefore, _ := testApp.Dao().FindAdminByEmail(s.email)
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-			return func(m *models.Admin) error {
-				interceptorCalls++
-				return next(m)
-			}
-		}
-
-		err := form.Submit(interceptor)
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if s.expectError {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-
-		adminAfter, _ := testApp.Dao().FindAdminByEmail(s.email)
-
-		if !s.expectError && (adminBefore.LastResetSentAt == adminAfter.LastResetSentAt || adminAfter.LastResetSentAt.IsZero()) {
-			t.Errorf("(%d) Expected admin.LastResetSentAt to change, got %q", i, adminAfter.LastResetSentAt)
-		}
-
-		expectedMails := 1
-		if s.expectError {
-			expectedMails = 0
-		}
-		if testApp.TestMailer.TotalSend != expectedMails {
-			t.Errorf("(%d) Expected %d mail(s) to be sent, got %d", i, expectedMails, testApp.TestMailer.TotalSend)
-		}
-	}
-}
-
-func TestAdminPasswordResetRequestInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	admin, err := testApp.Dao().FindAdminByEmail("test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewAdminPasswordResetRequest(testApp)
-	form.Email = admin.Email
-	interceptorLastResetSentAt := admin.LastResetSentAt
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(admin *models.Admin) error {
-			interceptor1Called = true
-			return next(admin)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(admin *models.Admin) error {
-			interceptorLastResetSentAt = admin.LastResetSentAt
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorLastResetSentAt.String() != admin.LastResetSentAt.String() {
-		t.Fatalf("Expected the form model to NOT be filled before calling the interceptors")
-	}
-}

forms/admin_upsert.go

@@ -1,123 +0,0 @@
-package forms
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/forms/validators"
-	"github.com/pocketbase/pocketbase/models"
-)
-
-// AdminUpsert is a [models.Admin] upsert (create/update) form.
-type AdminUpsert struct {
-	app   core.App
-	dao   *daos.Dao
-	admin *models.Admin
-
-	Id              string `form:"id" json:"id"`
-	Avatar          int    `form:"avatar" json:"avatar"`
-	Email           string `form:"email" json:"email"`
-	Password        string `form:"password" json:"password"`
-	PasswordConfirm string `form:"passwordConfirm" json:"passwordConfirm"`
-}
-
-// NewAdminUpsert creates a new [AdminUpsert] form with initializer
-// config created from the provided [core.App] and [models.Admin] instances
-// (for create you could pass a pointer to an empty Admin - `&models.Admin{}`).
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewAdminUpsert(app core.App, admin *models.Admin) *AdminUpsert {
-	form := &AdminUpsert{
-		app:   app,
-		dao:   app.Dao(),
-		admin: admin,
-	}
-
-	// load defaults
-	form.Id = admin.Id
-	form.Avatar = admin.Avatar
-	form.Email = admin.Email
-
-	return form
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *AdminUpsert) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *AdminUpsert) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.Id,
-			validation.When(
-				form.admin.IsNew(),
-				validation.Length(models.DefaultIdLength, models.DefaultIdLength),
-				validation.Match(idRegex),
-				validation.By(validators.UniqueId(form.dao, form.admin.TableName())),
-			).Else(validation.In(form.admin.Id)),
-		),
-		validation.Field(
-			&form.Avatar,
-			validation.Min(0),
-			validation.Max(9),
-		),
-		validation.Field(
-			&form.Email,
-			validation.Required,
-			validation.Length(1, 255),
-			is.EmailFormat,
-			validation.By(form.checkUniqueEmail),
-		),
-		validation.Field(
-			&form.Password,
-			validation.When(form.admin.IsNew(), validation.Required),
-			validation.Length(10, 72),
-		),
-		validation.Field(
-			&form.PasswordConfirm,
-			validation.When(form.Password != "", validation.Required),
-			validation.By(validators.Compare(form.Password)),
-		),
-	)
-}
-
-func (form *AdminUpsert) checkUniqueEmail(value any) error {
-	v, _ := value.(string)
-
-	if form.dao.IsAdminEmailUnique(v, form.admin.Id) {
-		return nil
-	}
-
-	return validation.NewError("validation_admin_email_exists", "Admin email already exists.")
-}
-
-// Submit validates the form and upserts the form admin model.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *AdminUpsert) Submit(interceptors ...InterceptorFunc[*models.Admin]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	// custom insertion id can be set only on create
-	if form.admin.IsNew() && form.Id != "" {
-		form.admin.MarkAsNew()
-		form.admin.SetId(form.Id)
-	}
-
-	form.admin.Avatar = form.Avatar
-	form.admin.Email = form.Email
-
-	if form.Password != "" {
-		form.admin.SetPassword(form.Password)
-	}
-
-	return runInterceptors(form.admin, func(admin *models.Admin) error {
-		return form.dao.SaveAdmin(admin)
-	}, interceptors...)
-}

forms/admin_upsert_test.go

@@ -1,341 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestNewAdminUpsert(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	admin := &models.Admin{}
-	admin.Avatar = 3
-	admin.Email = "new@example.com"
-
-	form := forms.NewAdminUpsert(app, admin)
-
-	// test defaults
-	if form.Avatar != admin.Avatar {
-		t.Errorf("Expected Avatar %d, got %d", admin.Avatar, form.Avatar)
-	}
-	if form.Email != admin.Email {
-		t.Errorf("Expected Email %q, got %q", admin.Email, form.Email)
-	}
-}
-
-func TestAdminUpsertValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	scenarios := []struct {
-		id          string
-		jsonData    string
-		expectError bool
-	}{
-		{
-			// create empty
-			"",
-			`{}`,
-			true,
-		},
-		{
-			// update empty
-			"sywbhecnh46rhm0",
-			`{}`,
-			false,
-		},
-		{
-			// create failure - existing email
-			"",
-			`{
-				"email":           "test@example.com",
-				"password":        "1234567890",
-				"passwordConfirm": "1234567890"
-			}`,
-			true,
-		},
-		{
-			// create failure - passwords mismatch
-			"",
-			`{
-				"email":           "test_new@example.com",
-				"password":        "1234567890",
-				"passwordConfirm": "1234567891"
-			}`,
-			true,
-		},
-		{
-			// create success
-			"",
-			`{
-				"email":           "test_new@example.com",
-				"password":        "1234567890",
-				"passwordConfirm": "1234567890"
-			}`,
-			false,
-		},
-		{
-			// update failure - existing email
-			"sywbhecnh46rhm0",
-			`{
-				"email": "test2@example.com"
-			}`,
-			true,
-		},
-		{
-			// update failure - mismatching passwords
-			"sywbhecnh46rhm0",
-			`{
-				"password":        "1234567890",
-				"passwordConfirm": "1234567891"
-			}`,
-			true,
-		},
-		{
-			// update success - new email
-			"sywbhecnh46rhm0",
-			`{
-				"email": "test_update@example.com"
-			}`,
-			false,
-		},
-		{
-			// update success - new password
-			"sywbhecnh46rhm0",
-			`{
-				"password":        "1234567890",
-				"passwordConfirm": "1234567890"
-			}`,
-			false,
-		},
-	}
-
-	for i, s := range scenarios {
-		isCreate := true
-		admin := &models.Admin{}
-		if s.id != "" {
-			isCreate = false
-			admin, _ = app.Dao().FindAdminById(s.id)
-		}
-		initialTokenKey := admin.TokenKey
-
-		form := forms.NewAdminUpsert(app, admin)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("(%d) Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-
-		err := form.Submit(func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-			return func(m *models.Admin) error {
-				interceptorCalls++
-				return next(m)
-			}
-		})
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-
-		foundAdmin, _ := app.Dao().FindAdminByEmail(form.Email)
-
-		if !s.expectError && isCreate && foundAdmin == nil {
-			t.Errorf("(%d) Expected admin to be created, got nil", i)
-			continue
-		}
-
-		expectInterceptorCall := 1
-		if s.expectError {
-			expectInterceptorCall = 0
-		}
-		if interceptorCalls != expectInterceptorCall {
-			t.Errorf("(%d) Expected interceptor to be called %d, got %d", i, expectInterceptorCall, interceptorCalls)
-		}
-
-		if s.expectError {
-			continue // skip persistence check
-		}
-
-		if foundAdmin.Email != form.Email {
-			t.Errorf("(%d) Expected email %s, got %s", i, form.Email, foundAdmin.Email)
-		}
-
-		if foundAdmin.Avatar != form.Avatar {
-			t.Errorf("(%d) Expected avatar %d, got %d", i, form.Avatar, foundAdmin.Avatar)
-		}
-
-		if form.Password != "" && initialTokenKey == foundAdmin.TokenKey {
-			t.Errorf("(%d) Expected token key to be renewed when setting a new password", i)
-		}
-	}
-}
-
-func TestAdminUpsertSubmitInterceptors(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	admin := &models.Admin{}
-	form := forms.NewAdminUpsert(app, admin)
-	form.Email = "test_new@example.com"
-	form.Password = "1234567890"
-	form.PasswordConfirm = form.Password
-
-	testErr := errors.New("test_error")
-	interceptorAdminEmail := ""
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(m *models.Admin) error {
-			interceptor1Called = true
-			return next(m)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Admin]) forms.InterceptorNextFunc[*models.Admin] {
-		return func(m *models.Admin) error {
-			interceptorAdminEmail = admin.Email // to check if the record was filled
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	err := form.Submit(interceptor1, interceptor2)
-	if err != testErr {
-		t.Fatalf("Expected error %v, got %v", testErr, err)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorAdminEmail != form.Email {
-		t.Fatalf("Expected the form model to be filled before calling the interceptors")
-	}
-}
-
-func TestAdminUpsertWithCustomId(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	existingAdmin, err := app.Dao().FindAdminByEmail("test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	scenarios := []struct {
-		name        string
-		jsonData    string
-		collection  *models.Admin
-		expectError bool
-	}{
-		{
-			"empty data",
-			"{}",
-			&models.Admin{},
-			false,
-		},
-		{
-			"empty id",
-			`{"id":""}`,
-			&models.Admin{},
-			false,
-		},
-		{
-			"id < 15 chars",
-			`{"id":"a23"}`,
-			&models.Admin{},
-			true,
-		},
-		{
-			"id > 15 chars",
-			`{"id":"a234567890123456"}`,
-			&models.Admin{},
-			true,
-		},
-		{
-			"id = 15 chars (invalid chars)",
-			`{"id":"a@3456789012345"}`,
-			&models.Admin{},
-			true,
-		},
-		{
-			"id = 15 chars (valid chars)",
-			`{"id":"a23456789012345"}`,
-			&models.Admin{},
-			false,
-		},
-		{
-			"changing the id of an existing item",
-			`{"id":"b23456789012345"}`,
-			existingAdmin,
-			true,
-		},
-		{
-			"using the same existing item id",
-			`{"id":"` + existingAdmin.Id + `"}`,
-			existingAdmin,
-			false,
-		},
-		{
-			"skipping the id for existing item",
-			`{}`,
-			existingAdmin,
-			false,
-		},
-	}
-
-	for i, scenario := range scenarios {
-		form := forms.NewAdminUpsert(app, scenario.collection)
-		if form.Email == "" {
-			form.Email = fmt.Sprintf("test_id_%d@example.com", i)
-		}
-		form.Password = "1234567890"
-		form.PasswordConfirm = form.Password
-
-		// load data
-		loadErr := json.Unmarshal([]byte(scenario.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("[%s] Failed to load form data: %v", scenario.name, loadErr)
-			continue
-		}
-
-		submitErr := form.Submit()
-		hasErr := submitErr != nil
-
-		if hasErr != scenario.expectError {
-			t.Errorf("[%s] Expected hasErr to be %v, got %v (%v)", scenario.name, scenario.expectError, hasErr, submitErr)
-		}
-
-		if !hasErr && form.Id != "" {
-			_, err := app.Dao().FindAdminById(form.Id)
-			if err != nil {
-				t.Errorf("[%s] Expected to find record with id %s, got %v", scenario.name, form.Id, err)
-			}
-		}
-	}
-}

forms/backup_create.go

@@ -1,79 +0,0 @@
-package forms
-
-import (
-	"context"
-	"regexp"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-)
-
-var backupNameRegex = regexp.MustCompile(`^[a-z0-9_-]+\.zip$`)
-
-// BackupCreate is a request form for creating a new app backup.
-type BackupCreate struct {
-	app core.App
-	ctx context.Context
-
-	Name string `form:"name" json:"name"`
-}
-
-// NewBackupCreate creates new BackupCreate request form.
-func NewBackupCreate(app core.App) *BackupCreate {
-	return &BackupCreate{
-		app: app,
-		ctx: context.Background(),
-	}
-}
-
-// SetContext replaces the default form context with the provided one.
-func (form *BackupCreate) SetContext(ctx context.Context) {
-	form.ctx = ctx
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *BackupCreate) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.Name,
-			validation.Length(1, 100),
-			validation.Match(backupNameRegex),
-			validation.By(form.checkUniqueName),
-		),
-	)
-}
-
-func (form *BackupCreate) checkUniqueName(value any) error {
-	v, _ := value.(string)
-	if v == "" {
-		return nil // nothing to check
-	}
-
-	fsys, err := form.app.NewBackupsFilesystem()
-	if err != nil {
-		return err
-	}
-	defer fsys.Close()
-
-	fsys.SetContext(form.ctx)
-
-	if exists, err := fsys.Exists(v); err != nil || exists {
-		return validation.NewError("validation_backup_name_exists", "The backup file name is invalid or already exists.")
-	}
-
-	return nil
-}
-
-// Submit validates the form and creates the app backup.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before creating the backup.
-func (form *BackupCreate) Submit(interceptors ...InterceptorFunc[string]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	return runInterceptors(form.Name, func(name string) error {
-		return form.app.CreateBackup(form.ctx, name)
-	}, interceptors...)
-}

forms/backup_create_test.go

@@ -1,104 +0,0 @@
-package forms_test
-
-import (
-	"strings"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestBackupCreateValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	scenarios := []struct {
-		name           string
-		backupName     string
-		expectedErrors []string
-	}{
-		{
-			"invalid length",
-			strings.Repeat("a", 97) + ".zip",
-			[]string{"name"},
-		},
-		{
-			"valid length + invalid format",
-			strings.Repeat("a", 96),
-			[]string{"name"},
-		},
-		{
-			"valid length + valid format",
-			strings.Repeat("a", 96) + ".zip",
-			[]string{},
-		},
-		{
-			"auto generated name",
-			"",
-			[]string{},
-		},
-	}
-
-	for _, s := range scenarios {
-		t.Run(s.name, func(t *testing.T) {
-			app, _ := tests.NewTestApp()
-			defer app.Cleanup()
-
-			fsys, err := app.NewBackupsFilesystem()
-			if err != nil {
-				t.Fatal(err)
-			}
-			defer fsys.Close()
-
-			form := forms.NewBackupCreate(app)
-			form.Name = s.backupName
-
-			result := form.Submit()
-
-			// parse errors
-			errs, ok := result.(validation.Errors)
-			if !ok && result != nil {
-				t.Fatalf("Failed to parse errors %v", result)
-				return
-			}
-
-			// check errors
-			if len(errs) > len(s.expectedErrors) {
-				t.Fatalf("Expected error keys %v, got %v", s.expectedErrors, errs)
-			}
-			for _, k := range s.expectedErrors {
-				if _, ok := errs[k]; !ok {
-					t.Fatalf("Missing expected error key %q in %v", k, errs)
-				}
-			}
-
-			// retrieve all created backup files
-			files, err := fsys.List("")
-			if err != nil {
-				t.Fatal("Failed to retrieve backup files")
-				return
-			}
-
-			if result != nil {
-				if total := len(files); total != 0 {
-					t.Fatalf("Didn't expected backup files, found %d", total)
-				}
-				return
-			}
-
-			if total := len(files); total != 1 {
-				t.Fatalf("Expected 1 backup file, got %d", total)
-				return
-			}
-
-			if s.backupName == "" {
-				prefix := "pb_backup_"
-				if !strings.HasPrefix(files[0].Key, prefix) {
-					t.Fatalf("Expected the backup file, to have prefix %q: %q", prefix, files[0].Key)
-				}
-			} else if s.backupName != files[0].Key {
-				t.Fatalf("Expected backup file %q, got %q", s.backupName, files[0].Key)
-			}
-		})
-	}
-}

forms/backup_upload.go

@@ -1,85 +0,0 @@
-package forms
-
-import (
-	"context"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/forms/validators"
-	"github.com/pocketbase/pocketbase/tools/filesystem"
-)
-
-// BackupUpload is a request form for uploading a new app backup.
-type BackupUpload struct {
-	app core.App
-	ctx context.Context
-
-	File *filesystem.File `json:"file"`
-}
-
-// NewBackupUpload creates new BackupUpload request form.
-func NewBackupUpload(app core.App) *BackupUpload {
-	return &BackupUpload{
-		app: app,
-		ctx: context.Background(),
-	}
-}
-
-// SetContext replaces the default form upload context with the provided one.
-func (form *BackupUpload) SetContext(ctx context.Context) {
-	form.ctx = ctx
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *BackupUpload) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.File,
-			validation.Required,
-			validation.By(validators.UploadedFileMimeType([]string{"application/zip"})),
-			validation.By(form.checkUniqueName),
-		),
-	)
-}
-
-func (form *BackupUpload) checkUniqueName(value any) error {
-	v, _ := value.(*filesystem.File)
-	if v == nil {
-		return nil // nothing to check
-	}
-
-	fsys, err := form.app.NewBackupsFilesystem()
-	if err != nil {
-		return err
-	}
-	defer fsys.Close()
-
-	fsys.SetContext(form.ctx)
-
-	if exists, err := fsys.Exists(v.OriginalName); err != nil || exists {
-		return validation.NewError("validation_backup_name_exists", "Backup file with the specified name already exists.")
-	}
-
-	return nil
-}
-
-// Submit validates the form and upload the backup file.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before uploading the backup.
-func (form *BackupUpload) Submit(interceptors ...InterceptorFunc[*filesystem.File]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	return runInterceptors(form.File, func(file *filesystem.File) error {
-		fsys, err := form.app.NewBackupsFilesystem()
-		if err != nil {
-			return err
-		}
-
-		fsys.SetContext(form.ctx)
-
-		return fsys.UploadFile(file, file.OriginalName)
-	}, interceptors...)
-}

forms/backup_upload_test.go

@@ -1,120 +0,0 @@
-package forms_test
-
-import (
-	"archive/zip"
-	"bytes"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/filesystem"
-)
-
-func TestBackupUploadValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	var zb bytes.Buffer
-	zw := zip.NewWriter(&zb)
-	if err := zw.Close(); err != nil {
-		t.Fatal(err)
-	}
-
-	f0, _ := filesystem.NewFileFromBytes([]byte("test"), "existing")
-	f1, _ := filesystem.NewFileFromBytes([]byte("456"), "nozip")
-	f2, _ := filesystem.NewFileFromBytes(zb.Bytes(), "existing")
-	f3, _ := filesystem.NewFileFromBytes(zb.Bytes(), "zip")
-
-	scenarios := []struct {
-		name           string
-		file           *filesystem.File
-		expectedErrors []string
-	}{
-		{
-			"missing file",
-			nil,
-			[]string{"file"},
-		},
-		{
-			"non-zip file",
-			f1,
-			[]string{"file"},
-		},
-		{
-			"zip file with non-unique name",
-			f2,
-			[]string{"file"},
-		},
-		{
-			"zip file with unique name",
-			f3,
-			[]string{},
-		},
-	}
-
-	for _, s := range scenarios {
-		t.Run(s.name, func(t *testing.T) {
-			app, _ := tests.NewTestApp()
-			defer app.Cleanup()
-
-			fsys, err := app.NewBackupsFilesystem()
-			if err != nil {
-				t.Fatal(err)
-			}
-			defer fsys.Close()
-			// create a dummy backup file to simulate existing backups
-			if err := fsys.UploadFile(f0, f0.OriginalName); err != nil {
-				t.Fatal(err)
-			}
-
-			form := forms.NewBackupUpload(app)
-			form.File = s.file
-
-			result := form.Submit()
-
-			// parse errors
-			errs, ok := result.(validation.Errors)
-			if !ok && result != nil {
-				t.Fatalf("Failed to parse errors %v", result)
-			}
-
-			// check errors
-			if len(errs) > len(s.expectedErrors) {
-				t.Fatalf("Expected error keys %v, got %v", s.expectedErrors, errs)
-			}
-			for _, k := range s.expectedErrors {
-				if _, ok := errs[k]; !ok {
-					t.Fatalf("Missing expected error key %q in %v", k, errs)
-				}
-			}
-
-			expectedFiles := []*filesystem.File{f0}
-			if result == nil {
-				expectedFiles = append(expectedFiles, s.file)
-			}
-
-			// retrieve all uploaded backup files
-			files, err := fsys.List("")
-			if err != nil {
-				t.Fatal("Failed to retrieve backup files")
-			}
-
-			if len(files) != len(expectedFiles) {
-				t.Fatalf("Expected %d files, got %d", len(expectedFiles), len(files))
-			}
-
-			for _, ef := range expectedFiles {
-				exists := false
-				for _, f := range files {
-					if f.Key == ef.OriginalName {
-						exists = true
-						break
-					}
-				}
-				if !exists {
-					t.Fatalf("Missing expected backup file %v", ef.OriginalName)
-				}
-			}
-		})
-	}
-}

forms/base.go

@@ -1,31 +0,0 @@
-// Package models implements various services used for request data
-// validation and applying changes to existing DB models through the app Dao.
-package forms
-
-import (
-	"regexp"
-)
-
-// base ID value regex pattern
-var idRegex = regexp.MustCompile(`^[^\@\#\$\&\|\.\,\'\"\\\/\s]+$`)
-
-// InterceptorNextFunc is a interceptor handler function.
-// Usually used in combination with InterceptorFunc.
-type InterceptorNextFunc[T any] func(t T) error
-
-// InterceptorFunc defines a single interceptor function that
-// will execute the provided next func handler.
-type InterceptorFunc[T any] func(next InterceptorNextFunc[T]) InterceptorNextFunc[T]
-
-// runInterceptors executes the provided list of interceptors.
-func runInterceptors[T any](
-	data T,
-	next InterceptorNextFunc[T],
-	interceptors ...InterceptorFunc[T],
-) error {
-	for i := len(interceptors) - 1; i >= 0; i-- {
-		next = interceptors[i](next)
-	}
-
-	return next(data)
-}

forms/collection_upsert.go

@@ -1,540 +0,0 @@
-package forms
-
-import (
-	"encoding/json"
-	"fmt"
-	"regexp"
-	"strconv"
-	"strings"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/forms/validators"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
-	"github.com/pocketbase/pocketbase/resolvers"
-	"github.com/pocketbase/pocketbase/tools/dbutils"
-	"github.com/pocketbase/pocketbase/tools/list"
-	"github.com/pocketbase/pocketbase/tools/search"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-var collectionNameRegex = regexp.MustCompile(`^[a-zA-Z0-9][a-zA-Z0-9_]*$`)
-
-// CollectionUpsert is a [models.Collection] upsert (create/update) form.
-type CollectionUpsert struct {
-	app        core.App
-	dao        *daos.Dao
-	collection *models.Collection
-
-	Id         string                  `form:"id" json:"id"`
-	Type       string                  `form:"type" json:"type"`
-	Name       string                  `form:"name" json:"name"`
-	System     bool                    `form:"system" json:"system"`
-	Schema     schema.Schema           `form:"schema" json:"schema"`
-	Indexes    types.JsonArray[string] `form:"indexes" json:"indexes"`
-	ListRule   *string                 `form:"listRule" json:"listRule"`
-	ViewRule   *string                 `form:"viewRule" json:"viewRule"`
-	CreateRule *string                 `form:"createRule" json:"createRule"`
-	UpdateRule *string                 `form:"updateRule" json:"updateRule"`
-	DeleteRule *string                 `form:"deleteRule" json:"deleteRule"`
-	Options    types.JsonMap           `form:"options" json:"options"`
-}
-
-// NewCollectionUpsert creates a new [CollectionUpsert] form with initializer
-// config created from the provided [core.App] and [models.Collection] instances
-// (for create you could pass a pointer to an empty Collection - `&models.Collection{}`).
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewCollectionUpsert(app core.App, collection *models.Collection) *CollectionUpsert {
-	form := &CollectionUpsert{
-		app:        app,
-		dao:        app.Dao(),
-		collection: collection,
-	}
-
-	// load defaults
-	form.Id = form.collection.Id
-	form.Type = form.collection.Type
-	form.Name = form.collection.Name
-	form.System = form.collection.System
-	form.Indexes = form.collection.Indexes
-	form.ListRule = form.collection.ListRule
-	form.ViewRule = form.collection.ViewRule
-	form.CreateRule = form.collection.CreateRule
-	form.UpdateRule = form.collection.UpdateRule
-	form.DeleteRule = form.collection.DeleteRule
-	form.Options = form.collection.Options
-
-	if form.Type == "" {
-		form.Type = models.CollectionTypeBase
-	}
-
-	clone, _ := form.collection.Schema.Clone()
-	if clone != nil && form.Type != models.CollectionTypeView {
-		form.Schema = *clone
-	} else {
-		form.Schema = schema.Schema{}
-	}
-
-	return form
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *CollectionUpsert) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *CollectionUpsert) Validate() error {
-	isAuth := form.Type == models.CollectionTypeAuth
-	isView := form.Type == models.CollectionTypeView
-
-	// generate schema from the query (overwriting any explicit user defined schema)
-	if isView {
-		options := models.CollectionViewOptions{}
-		if err := decodeOptions(form.Options, &options); err != nil {
-			return err
-		}
-		form.Schema, _ = form.dao.CreateViewSchema(options.Query)
-	}
-
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.Id,
-			validation.When(
-				form.collection.IsNew(),
-				validation.Length(models.DefaultIdLength, models.DefaultIdLength),
-				validation.Match(idRegex),
-				validation.By(validators.UniqueId(form.dao, form.collection.TableName())),
-			).Else(validation.In(form.collection.Id)),
-		),
-		validation.Field(
-			&form.System,
-			validation.By(form.ensureNoSystemFlagChange),
-		),
-		validation.Field(
-			&form.Type,
-			validation.Required,
-			validation.In(
-				models.CollectionTypeBase,
-				models.CollectionTypeAuth,
-				models.CollectionTypeView,
-			),
-			validation.By(form.ensureNoTypeChange),
-		),
-		validation.Field(
-			&form.Name,
-			validation.Required,
-			validation.Length(1, 255),
-			validation.Match(collectionNameRegex),
-			validation.By(form.ensureNoSystemNameChange),
-			validation.By(form.checkUniqueName),
-			validation.By(form.checkForVia),
-		),
-		// validates using the type's own validation rules + some collection's specifics
-		validation.Field(
-			&form.Schema,
-			validation.By(form.checkMinSchemaFields),
-			validation.By(form.ensureNoSystemFieldsChange),
-			validation.By(form.ensureNoFieldsTypeChange),
-			validation.By(form.checkRelationFields),
-			validation.When(isAuth, validation.By(form.ensureNoAuthFieldName)),
-		),
-		validation.Field(&form.ListRule, validation.By(form.checkRule)),
-		validation.Field(&form.ViewRule, validation.By(form.checkRule)),
-		validation.Field(
-			&form.CreateRule,
-			validation.When(isView, validation.Nil),
-			validation.By(form.checkRule),
-		),
-		validation.Field(
-			&form.UpdateRule,
-			validation.When(isView, validation.Nil),
-			validation.By(form.checkRule),
-		),
-		validation.Field(
-			&form.DeleteRule,
-			validation.When(isView, validation.Nil),
-			validation.By(form.checkRule),
-		),
-		validation.Field(&form.Indexes, validation.By(form.checkIndexes)),
-		validation.Field(&form.Options, validation.By(form.checkOptions)),
-	)
-}
-
-func (form *CollectionUpsert) checkForVia(value any) error {
-	v, _ := value.(string)
-	if v == "" {
-		return nil
-	}
-
-	if strings.Contains(strings.ToLower(v), "_via_") {
-		return validation.NewError("validation_invalid_name", "The name of the collection cannot contain '_via_'.")
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) checkUniqueName(value any) error {
-	v, _ := value.(string)
-
-	// ensure unique collection name
-	if !form.dao.IsCollectionNameUnique(v, form.collection.Id) {
-		return validation.NewError("validation_collection_name_exists", "Collection name must be unique (case insensitive).")
-	}
-
-	// ensure that the collection name doesn't collide with the id of any collection
-	if form.dao.FindById(&models.Collection{}, v) == nil {
-		return validation.NewError("validation_collection_name_id_duplicate", "The name must not match an existing collection id.")
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) ensureNoSystemNameChange(value any) error {
-	v, _ := value.(string)
-
-	if !form.collection.IsNew() && form.collection.System && v != form.collection.Name {
-		return validation.NewError("validation_collection_system_name_change", "System collections cannot be renamed.")
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) ensureNoSystemFlagChange(value any) error {
-	v, _ := value.(bool)
-
-	if !form.collection.IsNew() && v != form.collection.System {
-		return validation.NewError("validation_collection_system_flag_change", "System collection state cannot be changed.")
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) ensureNoTypeChange(value any) error {
-	v, _ := value.(string)
-
-	if !form.collection.IsNew() && v != form.collection.Type {
-		return validation.NewError("validation_collection_type_change", "Collection type cannot be changed.")
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) ensureNoFieldsTypeChange(value any) error {
-	v, _ := value.(schema.Schema)
-
-	for i, field := range v.Fields() {
-		oldField := form.collection.Schema.GetFieldById(field.Id)
-
-		if oldField != nil && oldField.Type != field.Type {
-			return validation.Errors{fmt.Sprint(i): validation.NewError(
-				"validation_field_type_change",
-				"Field type cannot be changed.",
-			)}
-		}
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) checkRelationFields(value any) error {
-	v, _ := value.(schema.Schema)
-
-	for i, field := range v.Fields() {
-		if field.Type != schema.FieldTypeRelation {
-			continue
-		}
-
-		options, _ := field.Options.(*schema.RelationOptions)
-		if options == nil {
-			return validation.Errors{fmt.Sprint(i): validation.Errors{
-				"options": validation.NewError(
-					"validation_schema_invalid_relation_field_options",
-					"The relation field has invalid field options.",
-				)},
-			}
-		}
-
-		// prevent collectionId change
-		oldField := form.collection.Schema.GetFieldById(field.Id)
-		if oldField != nil {
-			oldOptions, _ := oldField.Options.(*schema.RelationOptions)
-			if oldOptions != nil && oldOptions.CollectionId != options.CollectionId {
-				return validation.Errors{fmt.Sprint(i): validation.Errors{
-					"options": validation.Errors{
-						"collectionId": validation.NewError(
-							"validation_field_relation_change",
-							"The relation collection cannot be changed.",
-						),
-					}},
-				}
-			}
-		}
-
-		relCollection, _ := form.dao.FindCollectionByNameOrId(options.CollectionId)
-
-		// validate collectionId
-		if relCollection == nil || relCollection.Id != options.CollectionId {
-			return validation.Errors{fmt.Sprint(i): validation.Errors{
-				"options": validation.Errors{
-					"collectionId": validation.NewError(
-						"validation_field_invalid_relation",
-						"The relation collection doesn't exist.",
-					),
-				}},
-			}
-		}
-
-		// allow only views to have relations to other views
-		// (see https://github.com/pocketbase/pocketbase/issues/3000)
-		if form.Type != models.CollectionTypeView && relCollection.IsView() {
-			return validation.Errors{fmt.Sprint(i): validation.Errors{
-				"options": validation.Errors{
-					"collectionId": validation.NewError(
-						"validation_field_non_view_base_relation_collection",
-						"Non view collections are not allowed to have a view relation.",
-					),
-				}},
-			}
-		}
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) ensureNoAuthFieldName(value any) error {
-	v, _ := value.(schema.Schema)
-
-	if form.Type != models.CollectionTypeAuth {
-		return nil // not an auth collection
-	}
-
-	authFieldNames := schema.AuthFieldNames()
-	// exclude the meta RecordUpsert form fields
-	authFieldNames = append(authFieldNames, "password", "passwordConfirm", "oldPassword")
-
-	errs := validation.Errors{}
-	for i, field := range v.Fields() {
-		if list.ExistInSlice(field.Name, authFieldNames) {
-			errs[fmt.Sprint(i)] = validation.Errors{
-				"name": validation.NewError(
-					"validation_reserved_auth_field_name",
-					"The field name is reserved and cannot be used.",
-				),
-			}
-		}
-	}
-
-	if len(errs) > 0 {
-		return errs
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) checkMinSchemaFields(value any) error {
-	v, _ := value.(schema.Schema)
-
-	switch form.Type {
-	case models.CollectionTypeAuth, models.CollectionTypeView:
-		return nil // no schema fields constraint
-	default:
-		if len(v.Fields()) == 0 {
-			return validation.ErrRequired
-		}
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) ensureNoSystemFieldsChange(value any) error {
-	v, _ := value.(schema.Schema)
-
-	for _, oldField := range form.collection.Schema.Fields() {
-		if !oldField.System {
-			continue
-		}
-
-		newField := v.GetFieldById(oldField.Id)
-
-		if newField == nil || oldField.String() != newField.String() {
-			return validation.NewError("validation_system_field_change", "System fields cannot be deleted or changed.")
-		}
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) checkRule(value any) error {
-	v, _ := value.(*string)
-	if v == nil || *v == "" {
-		return nil // nothing to check
-	}
-
-	dummy := *form.collection
-	dummy.Type = form.Type
-	dummy.Schema = form.Schema
-	dummy.System = form.System
-	dummy.Options = form.Options
-
-	r := resolvers.NewRecordFieldResolver(form.dao, &dummy, nil, true)
-
-	_, err := search.FilterData(*v).BuildExpr(r)
-	if err != nil {
-		return validation.NewError("validation_invalid_rule", "Invalid filter rule. Raw error: "+err.Error())
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) checkIndexes(value any) error {
-	v, _ := value.(types.JsonArray[string])
-
-	if form.Type == models.CollectionTypeView && len(v) > 0 {
-		return validation.NewError(
-			"validation_indexes_not_supported",
-			"The collection doesn't support indexes.",
-		)
-	}
-
-	for i, rawIndex := range v {
-		parsed := dbutils.ParseIndex(rawIndex)
-
-		if !parsed.IsValid() {
-			return validation.Errors{
-				strconv.Itoa(i): validation.NewError(
-					"validation_invalid_index_expression",
-					"Invalid CREATE INDEX expression.",
-				),
-			}
-		}
-
-		// note: we don't check the index table because it is always
-		// overwritten by the daos.SyncRecordTableSchema to allow
-		// easier partial modifications (eg. changing only the collection name).
-		// if !strings.EqualFold(parsed.TableName, form.Name) {
-		// 	return validation.Errors{
-		// 		strconv.Itoa(i): validation.NewError(
-		// 			"validation_invalid_index_table",
-		// 			fmt.Sprintf("The index table must be the same as the collection name."),
-		// 		),
-		// 	}
-		// }
-	}
-
-	return nil
-}
-
-func (form *CollectionUpsert) checkOptions(value any) error {
-	v, _ := value.(types.JsonMap)
-
-	switch form.Type {
-	case models.CollectionTypeAuth:
-		options := models.CollectionAuthOptions{}
-		if err := decodeOptions(v, &options); err != nil {
-			return err
-		}
-
-		// check the generic validations
-		if err := options.Validate(); err != nil {
-			return err
-		}
-
-		// additional form specific validations
-		if err := form.checkRule(options.ManageRule); err != nil {
-			return validation.Errors{"manageRule": err}
-		}
-	case models.CollectionTypeView:
-		options := models.CollectionViewOptions{}
-		if err := decodeOptions(v, &options); err != nil {
-			return err
-		}
-
-		// check the generic validations
-		if err := options.Validate(); err != nil {
-			return err
-		}
-
-		// check the query option
-		if _, err := form.dao.CreateViewSchema(options.Query); err != nil {
-			return validation.Errors{
-				"query": validation.NewError(
-					"validation_invalid_view_query",
-					fmt.Sprintf("Invalid query - %s", err.Error()),
-				),
-			}
-		}
-	}
-
-	return nil
-}
-
-func decodeOptions(options types.JsonMap, result any) error {
-	raw, err := options.MarshalJSON()
-	if err != nil {
-		return validation.NewError("validation_invalid_options", "Invalid options.")
-	}
-
-	if err := json.Unmarshal(raw, result); err != nil {
-		return validation.NewError("validation_invalid_options", "Invalid options.")
-	}
-
-	return nil
-}
-
-// Submit validates the form and upserts the form's Collection model.
-//
-// On success the related record table schema will be auto updated.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *CollectionUpsert) Submit(interceptors ...InterceptorFunc[*models.Collection]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	if form.collection.IsNew() {
-		// type can be set only on create
-		form.collection.Type = form.Type
-
-		// system flag can be set only on create
-		form.collection.System = form.System
-
-		// custom insertion id can be set only on create
-		if form.Id != "" {
-			form.collection.MarkAsNew()
-			form.collection.SetId(form.Id)
-		}
-	}
-
-	// system collections cannot be renamed
-	if form.collection.IsNew() || !form.collection.System {
-		form.collection.Name = form.Name
-	}
-
-	// view schema is autogenerated on save and cannot have indexes
-	if !form.collection.IsView() {
-		form.collection.Schema = form.Schema
-
-		// normalize indexes format
-		form.collection.Indexes = make(types.JsonArray[string], len(form.Indexes))
-		for i, rawIdx := range form.Indexes {
-			form.collection.Indexes[i] = dbutils.ParseIndex(rawIdx).Build()
-		}
-	}
-
-	form.collection.ListRule = form.ListRule
-	form.collection.ViewRule = form.ViewRule
-	form.collection.CreateRule = form.CreateRule
-	form.collection.UpdateRule = form.UpdateRule
-	form.collection.DeleteRule = form.DeleteRule
-	form.collection.SetOptions(form.Options)
-
-	return runInterceptors(form.collection, func(collection *models.Collection) error {
-		return form.dao.SaveCollection(collection)
-	}, interceptors...)
-}

forms/collection_upsert_test.go

@@ -1,827 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/dbutils"
-	"github.com/pocketbase/pocketbase/tools/security"
-	"github.com/spf13/cast"
-)
-
-func TestNewCollectionUpsert(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	collection := &models.Collection{}
-	collection.Name = "test_name"
-	collection.Type = "test_type"
-	collection.System = true
-	listRule := "test_list"
-	collection.ListRule = &listRule
-	viewRule := "test_view"
-	collection.ViewRule = &viewRule
-	createRule := "test_create"
-	collection.CreateRule = &createRule
-	updateRule := "test_update"
-	collection.UpdateRule = &updateRule
-	deleteRule := "test_delete"
-	collection.DeleteRule = &deleteRule
-	collection.Schema = schema.NewSchema(&schema.SchemaField{
-		Name: "test",
-		Type: schema.FieldTypeText,
-	})
-
-	form := forms.NewCollectionUpsert(app, collection)
-
-	if form.Name != collection.Name {
-		t.Errorf("Expected Name %q, got %q", collection.Name, form.Name)
-	}
-
-	if form.Type != collection.Type {
-		t.Errorf("Expected Type %q, got %q", collection.Type, form.Type)
-	}
-
-	if form.System != collection.System {
-		t.Errorf("Expected System %v, got %v", collection.System, form.System)
-	}
-
-	if form.ListRule != collection.ListRule {
-		t.Errorf("Expected ListRule %v, got %v", collection.ListRule, form.ListRule)
-	}
-
-	if form.ViewRule != collection.ViewRule {
-		t.Errorf("Expected ViewRule %v, got %v", collection.ViewRule, form.ViewRule)
-	}
-
-	if form.CreateRule != collection.CreateRule {
-		t.Errorf("Expected CreateRule %v, got %v", collection.CreateRule, form.CreateRule)
-	}
-
-	if form.UpdateRule != collection.UpdateRule {
-		t.Errorf("Expected UpdateRule %v, got %v", collection.UpdateRule, form.UpdateRule)
-	}
-
-	if form.DeleteRule != collection.DeleteRule {
-		t.Errorf("Expected DeleteRule %v, got %v", collection.DeleteRule, form.DeleteRule)
-	}
-
-	// store previous state and modify the collection schema to verify
-	// that the form.Schema is a deep clone
-	loadedSchema, _ := collection.Schema.MarshalJSON()
-	collection.Schema.AddField(&schema.SchemaField{
-		Name: "new_field",
-		Type: schema.FieldTypeBool,
-	})
-
-	formSchema, _ := form.Schema.MarshalJSON()
-
-	if string(formSchema) != string(loadedSchema) {
-		t.Errorf("Expected Schema %v, got %v", string(loadedSchema), string(formSchema))
-	}
-}
-
-func TestCollectionUpsertValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	scenarios := []struct {
-		testName       string
-		existingName   string
-		jsonData       string
-		expectedErrors []string
-	}{
-		{"empty create (base)", "", "{}", []string{"name", "schema"}},
-		{"empty create (auth)", "", `{"type":"auth"}`, []string{"name"}},
-		{"empty create (view)", "", `{"type":"view"}`, []string{"name", "options"}},
-		{"empty update", "demo2", "{}", []string{}},
-		{
-			"collection and field with _via_ names",
-			"",
-			`{
-				"name": "a_via_b",
-				"schema": [
-					{"name":"c_via_d","type":"text"}
-				]
-			}`,
-			[]string{"name", "schema"},
-		},
-		{
-			"create failure",
-			"",
-			`{
-				"name": "test ?!@#$",
-				"type": "invalid",
-				"system": true,
-				"schema": [
-					{"name":"","type":"text"}
-				],
-				"listRule": "missing = '123'",
-				"viewRule": "missing = '123'",
-				"createRule": "missing = '123'",
-				"updateRule": "missing = '123'",
-				"deleteRule": "missing = '123'",
-				"indexes": ["create index '' on '' ()"]
-			}`,
-			[]string{"name", "type", "schema", "listRule", "viewRule", "createRule", "updateRule", "deleteRule", "indexes"},
-		},
-		{
-			"create failure - existing name",
-			"",
-			`{
-				"name": "demo1",
-				"system": true,
-				"schema": [
-					{"name":"test","type":"text"}
-				],
-				"listRule": "test='123'",
-				"viewRule": "test='123'",
-				"createRule": "test='123'",
-				"updateRule": "test='123'",
-				"deleteRule": "test='123'"
-			}`,
-			[]string{"name"},
-		},
-		{
-			"create failure - existing internal table",
-			"",
-			`{
-				"name": "_admins",
-				"schema": [
-					{"name":"test","type":"text"}
-				]
-			}`,
-			[]string{"name"},
-		},
-		{
-			"create failure - name starting with underscore",
-			"",
-			`{
-				"name": "_test_new",
-				"schema": [
-					{"name":"test","type":"text"}
-				]
-			}`,
-			[]string{"name"},
-		},
-		{
-			"create failure - duplicated field names (case insensitive)",
-			"",
-			`{
-				"name": "test_new",
-				"schema": [
-					{"name":"test","type":"text"},
-					{"name":"tESt","type":"text"}
-				]
-			}`,
-			[]string{"schema"},
-		},
-		{
-			"create failure - check auth options validators",
-			"",
-			`{
-				"name": "test_new",
-				"type": "auth",
-				"schema": [
-					{"name":"test","type":"text"}
-				],
-				"options": { "minPasswordLength": 3 }
-			}`,
-			[]string{"options"},
-		},
-		{
-			"create failure - check view options validators",
-			"",
-			`{
-				"name": "test_new",
-				"type": "view",
-				"options": { "query": "invalid query" }
-			}`,
-			[]string{"options"},
-		},
-		{
-			"create success",
-			"",
-			`{
-				"name": "test_new",
-				"type": "auth",
-				"system": true,
-				"schema": [
-					{"id":"a123456","name":"test1","type":"text"},
-					{"id":"b123456","name":"test2","type":"email"},
-					{
-						"name":"test3",
-						"type":"relation",
-						"options":{
-							"collectionId":"v851q4r790rhknl",
-							"displayFields":["name","id","created","updated","username","email","emailVisibility","verified"]
-						}
-					}
-				],
-				"listRule": "test1='123' && verified = true",
-				"viewRule": "test1='123' && emailVisibility = true",
-				"createRule": "test1='123' && email != ''",
-				"updateRule": "test1='123' && username != ''",
-				"deleteRule": "test1='123' && id != ''",
-				"indexes": ["create index idx_test_new on anything (test1)"]
-			}`,
-			[]string{},
-		},
-		{
-			"update failure - changing field type",
-			"test_new",
-			`{
-				"schema": [
-					{"id":"a123456","name":"test1","type":"url"},
-					{"id":"b123456","name":"test2","type":"bool"}
-				],
-				"indexes": ["create index idx_test_new on test_new (test1)", "invalid"]
-			}`,
-			[]string{"schema", "indexes"},
-		},
-		{
-			"update success - rename fields to existing field names (aka. reusing field names)",
-			"test_new",
-			`{
-				"schema": [
-					{"id":"a123456","name":"test2","type":"text"},
-					{"id":"b123456","name":"test1","type":"email"}
-				]
-			}`,
-			[]string{},
-		},
-		{
-			"update failure - existing name",
-			"demo2",
-			`{"name": "demo3"}`,
-			[]string{"name"},
-		},
-		{
-			"update failure - changing system collection",
-			"nologin",
-			`{
-				"name": "update",
-				"system": false,
-				"schema": [
-					{"id":"koih1lqx","name":"abc","type":"text"}
-				],
-				"listRule": "abc = '123'",
-				"viewRule": "abc = '123'",
-				"createRule": "abc = '123'",
-				"updateRule": "abc = '123'",
-				"deleteRule": "abc = '123'"
-			}`,
-			[]string{"name", "system"},
-		},
-		{
-			"update failure - changing collection type",
-			"demo3",
-			`{
-				"type": "auth"
-			}`,
-			[]string{"type"},
-		},
-		{
-			"update failure - changing relation collection",
-			"users",
-			`{
-				"schema": [
-					{
-						"id": "lkeigvv3",
-						"name": "rel",
-						"type": "relation",
-						"options": {
-							"collectionId": "wzlqyes4orhoygb",
-							"cascadeDelete": false,
-							"maxSelect": 1,
-							"displayFields": null
-						}
-					}
-				]
-			}`,
-			[]string{"schema"},
-		},
-		{
-			"update failure - all fields",
-			"demo2",
-			`{
-				"name": "test ?!@#$",
-				"type": "invalid",
-				"system": true,
-				"schema": [
-					{"name":"","type":"text"}
-				],
-				"listRule": "missing = '123'",
-				"viewRule": "missing = '123'",
-				"createRule": "missing = '123'",
-				"updateRule": "missing = '123'",
-				"deleteRule": "missing = '123'",
-				"options": {"test": 123},
-				"indexes": ["create index '' from demo2 on (id)"]
-			}`,
-			[]string{"name", "type", "system", "schema", "listRule", "viewRule", "createRule", "updateRule", "deleteRule", "indexes"},
-		},
-		{
-			"update success - update all fields",
-			"clients",
-			`{
-				"name": "demo_update",
-				"type": "auth",
-				"schema": [
-					{"id":"_2hlxbmp","name":"test","type":"text"}
-				],
-				"listRule": "test='123' && verified = true",
-				"viewRule": "test='123' && emailVisibility = true",
-				"createRule": "test='123' && email != ''",
-				"updateRule": "test='123' && username != ''",
-				"deleteRule": "test='123' && id != ''",
-				"options": {"minPasswordLength": 10},
-				"indexes": [
-					"create index idx_clients_test1 on anything (id, email, test)",
-					"create unique index idx_clients_test2 on clients (id, username, email)"
-				]
-			}`,
-			[]string{},
-		},
-		// (fail due to filters old field references)
-		{
-			"update failure - rename the schema field of the last updated collection",
-			"demo_update",
-			`{
-				"schema": [
-					{"id":"_2hlxbmp","name":"test_renamed","type":"text"}
-				]
-			}`,
-			[]string{"listRule", "viewRule", "createRule", "updateRule", "deleteRule"},
-		},
-		// (cleared filter references)
-		{
-			"update success - rename the schema field of the last updated collection",
-			"demo_update",
-			`{
-				"schema": [
-					{"id":"_2hlxbmp","name":"test_renamed","type":"text"}
-				],
-				"listRule": null,
-				"viewRule": null,
-				"createRule": null,
-				"updateRule": null,
-				"deleteRule": null,
-				"indexes": []
-			}`,
-			[]string{},
-		},
-		{
-			"update success - system collection",
-			"nologin",
-			`{
-				"listRule": "name='123'",
-				"viewRule": "name='123'",
-				"createRule": "name='123'",
-				"updateRule": "name='123'",
-				"deleteRule": "name='123'"
-			}`,
-			[]string{},
-		},
-
-		// view tests
-		// -----------------------------------------------------------
-		{
-			"base->view relation",
-			"",
-			`{
-				"name": "test_view_relation",
-				"type": "base",
-				"schema": [
-					{
-						"name": "test",
-						"type": "relation",
-						"options":{
-							"collectionId": "v9gwnfh02gjq1q0"
-						}
-					}
-				]
-			}`,
-			[]string{"schema"}, // not allowed
-		},
-		{
-			"auth->view relation",
-			"",
-			`{
-				"name": "test_view_relation",
-				"type": "auth",
-				"schema": [
-					{
-						"name": "test",
-						"type": "relation",
-						"options": {
-							"collectionId": "v9gwnfh02gjq1q0"
-						}
-					}
-				]
-			}`,
-			[]string{"schema"}, // not allowed
-		},
-		{
-			"view->view relation",
-			"",
-			`{
-				"name": "test_view_relation",
-				"type": "view",
-				"options": {
-					"query": "select view1.id, view1.id as rel from view1"
-				}
-			}`,
-			[]string{}, // allowed
-		},
-		{
-			"view create failure",
-			"",
-			`{
-				"name": "upsert_view",
-				"type": "view",
-				"listRule": "id='123' && verified = true",
-				"viewRule": "id='123' && emailVisibility = true",
-				"schema": [
-					{"id":"abc123","name":"some invalid field name that will be overwritten !@#$","type":"bool"}
-				],
-				"options": {
-					"query": "select id, email from users; drop table _admins;"
-				},
-				"indexes": ["create index idx_test_view on upsert_view (id)"]
-			}`,
-			[]string{
-				"listRule",
-				"viewRule",
-				"options",
-				"indexes", // views don't have indexes
-			},
-		},
-		{
-			"view create success",
-			"",
-			`{
-				"name": "upsert_view",
-				"type": "view",
-				"listRule": "id='123' && verified = true",
-				"viewRule": "id='123' && emailVisibility = true",
-				"schema": [
-					{"id":"abc123","name":"some invalid field name that will be overwritten !@#$","type":"bool"}
-				],
-				"options": {
-					"query": "select id, emailVisibility, verified from users"
-				}
-			}`,
-			[]string{
-				// "schema", should be overwritten by an autogenerated from the query
-			},
-		},
-		{
-			"view update failure (schema autogeneration and rule fields check)",
-			"upsert_view",
-			`{
-				"name": "upsert_view_2",
-				"listRule": "id='456' && verified = true",
-				"viewRule": "id='456'",
-				"createRule": "id='123'",
-				"updateRule": "id='123'",
-				"deleteRule": "id='123'",
-				"schema": [
-					{"id":"abc123","name":"verified","type":"bool"}
-				],
-				"options": {
-					"query": "select 1 as id"
-				}
-			}`,
-			[]string{
-				"listRule",   // missing field (ignoring the old or explicit schema)
-				"createRule", // not allowed
-				"updateRule", // not allowed
-				"deleteRule", // not allowed
-			},
-		},
-		{
-			"view update failure (check query identifiers format)",
-			"upsert_view",
-			`{
-				"listRule": null,
-				"viewRule": null,
-				"options": {
-					"query": "select 1 as id, 2 as [invalid!@#]"
-				}
-			}`,
-			[]string{
-				"schema", // should fail due to invalid field name
-			},
-		},
-		{
-			"view update success",
-			"upsert_view",
-			`{
-				"listRule": null,
-				"viewRule": null,
-				"options": {
-					"query": "select 1 as id, 2 as valid"
-				}
-			}`,
-			[]string{},
-		},
-	}
-
-	for _, s := range scenarios {
-		t.Run(s.testName, func(t *testing.T) {
-			collection := &models.Collection{}
-			if s.existingName != "" {
-				var err error
-				collection, err = app.Dao().FindCollectionByNameOrId(s.existingName)
-				if err != nil {
-					t.Fatal(err)
-				}
-			}
-
-			form := forms.NewCollectionUpsert(app, collection)
-
-			// load data
-			loadErr := json.Unmarshal([]byte(s.jsonData), form)
-			if loadErr != nil {
-				t.Fatalf("Failed to load form data: %v", loadErr)
-			}
-
-			interceptorCalls := 0
-			interceptor := func(next forms.InterceptorNextFunc[*models.Collection]) forms.InterceptorNextFunc[*models.Collection] {
-				return func(c *models.Collection) error {
-					interceptorCalls++
-					return next(c)
-				}
-			}
-
-			// parse errors
-			result := form.Submit(interceptor)
-			errs, ok := result.(validation.Errors)
-			if !ok && result != nil {
-				t.Fatalf("Failed to parse errors %v", result)
-			}
-
-			// check interceptor calls
-			expectInterceptorCalls := 1
-			if len(s.expectedErrors) > 0 {
-				expectInterceptorCalls = 0
-			}
-			if interceptorCalls != expectInterceptorCalls {
-				t.Fatalf("Expected interceptor to be called %d, got %d", expectInterceptorCalls, interceptorCalls)
-			}
-
-			// check errors
-			if len(errs) > len(s.expectedErrors) {
-				t.Fatalf("Expected error keys %v, got %v", s.expectedErrors, errs)
-			}
-			for _, k := range s.expectedErrors {
-				if _, ok := errs[k]; !ok {
-					t.Fatalf("Missing expected error key %q in %v", k, errs)
-				}
-			}
-
-			if len(s.expectedErrors) > 0 {
-				return
-			}
-
-			collection, _ = app.Dao().FindCollectionByNameOrId(form.Name)
-			if collection == nil {
-				t.Fatalf("Expected to find collection %q, got nil", form.Name)
-			}
-
-			if form.Name != collection.Name {
-				t.Fatalf("Expected Name %q, got %q", collection.Name, form.Name)
-			}
-
-			if form.Type != collection.Type {
-				t.Fatalf("Expected Type %q, got %q", collection.Type, form.Type)
-			}
-
-			if form.System != collection.System {
-				t.Fatalf("Expected System %v, got %v", collection.System, form.System)
-			}
-
-			if cast.ToString(form.ListRule) != cast.ToString(collection.ListRule) {
-				t.Fatalf("Expected ListRule %v, got %v", collection.ListRule, form.ListRule)
-			}
-
-			if cast.ToString(form.ViewRule) != cast.ToString(collection.ViewRule) {
-				t.Fatalf("Expected ViewRule %v, got %v", collection.ViewRule, form.ViewRule)
-			}
-
-			if cast.ToString(form.CreateRule) != cast.ToString(collection.CreateRule) {
-				t.Fatalf("Expected CreateRule %v, got %v", collection.CreateRule, form.CreateRule)
-			}
-
-			if cast.ToString(form.UpdateRule) != cast.ToString(collection.UpdateRule) {
-				t.Fatalf("Expected UpdateRule %v, got %v", collection.UpdateRule, form.UpdateRule)
-			}
-
-			if cast.ToString(form.DeleteRule) != cast.ToString(collection.DeleteRule) {
-				t.Fatalf("Expected DeleteRule %v, got %v", collection.DeleteRule, form.DeleteRule)
-			}
-
-			rawFormSchema, _ := form.Schema.MarshalJSON()
-			rawCollectionSchema, _ := collection.Schema.MarshalJSON()
-
-			if len(form.Schema.Fields()) != len(collection.Schema.Fields()) {
-				t.Fatalf("Expected Schema \n%v, \ngot \n%v", string(rawCollectionSchema), string(rawFormSchema))
-			}
-
-			for _, f := range form.Schema.Fields() {
-				if collection.Schema.GetFieldByName(f.Name) == nil {
-					t.Fatalf("Missing field %s \nin \n%v", f.Name, string(rawFormSchema))
-				}
-			}
-
-			// check indexes (if any)
-			allIndexes, _ := app.Dao().TableIndexes(form.Name)
-			for _, formIdx := range form.Indexes {
-				parsed := dbutils.ParseIndex(formIdx)
-				parsed.TableName = form.Name
-				normalizedIdx := parsed.Build()
-
-				var exists bool
-				for _, idx := range allIndexes {
-					if dbutils.ParseIndex(idx).Build() == normalizedIdx {
-						exists = true
-						continue
-					}
-				}
-
-				if !exists {
-					t.Fatalf("Missing index %s \nin \n%v", normalizedIdx, allIndexes)
-				}
-			}
-		})
-	}
-}
-
-func TestCollectionUpsertSubmitInterceptors(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	collection, err := app.Dao().FindCollectionByNameOrId("demo2")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewCollectionUpsert(app, collection)
-	form.Name = "test_new"
-
-	testErr := errors.New("test_error")
-	interceptorCollectionName := ""
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Collection]) forms.InterceptorNextFunc[*models.Collection] {
-		return func(c *models.Collection) error {
-			interceptor1Called = true
-			return next(c)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Collection]) forms.InterceptorNextFunc[*models.Collection] {
-		return func(c *models.Collection) error {
-			interceptorCollectionName = collection.Name // to check if the record was filled
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorCollectionName != form.Name {
-		t.Fatalf("Expected the form model to be filled before calling the interceptors")
-	}
-}
-
-func TestCollectionUpsertWithCustomId(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	existingCollection, err := app.Dao().FindCollectionByNameOrId("demo2")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	newCollection := func() *models.Collection {
-		return &models.Collection{
-			Name:   "c_" + security.PseudorandomString(4),
-			Schema: existingCollection.Schema,
-		}
-	}
-
-	scenarios := []struct {
-		name        string
-		jsonData    string
-		collection  *models.Collection
-		expectError bool
-	}{
-		{
-			"empty data",
-			"{}",
-			newCollection(),
-			false,
-		},
-		{
-			"empty id",
-			`{"id":""}`,
-			newCollection(),
-			false,
-		},
-		{
-			"id < 15 chars",
-			`{"id":"a23"}`,
-			newCollection(),
-			true,
-		},
-		{
-			"id > 15 chars",
-			`{"id":"a234567890123456"}`,
-			newCollection(),
-			true,
-		},
-		{
-			"id = 15 chars (invalid chars)",
-			`{"id":"a@3456789012345"}`,
-			newCollection(),
-			true,
-		},
-		{
-			"id = 15 chars (valid chars)",
-			`{"id":"a23456789012345"}`,
-			newCollection(),
-			false,
-		},
-		{
-			"changing the id of an existing item",
-			`{"id":"b23456789012345"}`,
-			existingCollection,
-			true,
-		},
-		{
-			"using the same existing item id",
-			`{"id":"` + existingCollection.Id + `"}`,
-			existingCollection,
-			false,
-		},
-		{
-			"skipping the id for existing item",
-			`{}`,
-			existingCollection,
-			false,
-		},
-	}
-
-	for _, s := range scenarios {
-		form := forms.NewCollectionUpsert(app, s.collection)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("[%s] Failed to load form data: %v", s.name, loadErr)
-			continue
-		}
-
-		submitErr := form.Submit()
-		hasErr := submitErr != nil
-
-		if hasErr != s.expectError {
-			t.Errorf("[%s] Expected hasErr to be %v, got %v (%v)", s.name, s.expectError, hasErr, submitErr)
-		}
-
-		if !hasErr && form.Id != "" {
-			_, err := app.Dao().FindCollectionByNameOrId(form.Id)
-			if err != nil {
-				t.Errorf("[%s] Expected to find record with id %s, got %v", s.name, form.Id, err)
-			}
-		}
-	}
-}

forms/collections_import.go

@@ -1,132 +0,0 @@
-package forms
-
-import (
-	"encoding/json"
-	"fmt"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-)
-
-// CollectionsImport is a form model to bulk import
-// (create, replace and delete) collections from a user provided list.
-type CollectionsImport struct {
-	app core.App
-	dao *daos.Dao
-
-	Collections   []*models.Collection `form:"collections" json:"collections"`
-	DeleteMissing bool                 `form:"deleteMissing" json:"deleteMissing"`
-}
-
-// NewCollectionsImport creates a new [CollectionsImport] form with
-// initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewCollectionsImport(app core.App) *CollectionsImport {
-	return &CollectionsImport{
-		app: app,
-		dao: app.Dao(),
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *CollectionsImport) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *CollectionsImport) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(&form.Collections, validation.Required),
-	)
-}
-
-// Submit applies the import, aka.:
-// - imports the form collections (create or replace)
-// - sync the collection changes with their related records table
-// - ensures the integrity of the imported structure (aka. run validations for each collection)
-// - if [form.DeleteMissing] is set, deletes all local collections that are not found in the imports list
-//
-// All operations are wrapped in a single transaction that are
-// rollbacked on the first encountered error.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *CollectionsImport) Submit(interceptors ...InterceptorFunc[[]*models.Collection]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	return runInterceptors(form.Collections, func(collections []*models.Collection) error {
-		return form.dao.RunInTransaction(func(txDao *daos.Dao) error {
-			importErr := txDao.ImportCollections(
-				collections,
-				form.DeleteMissing,
-				form.afterSync,
-			)
-			if importErr == nil {
-				return nil
-			}
-
-			// validation failure
-			if err, ok := importErr.(validation.Errors); ok {
-				return err
-			}
-
-			// generic/db failure
-			return validation.Errors{"collections": validation.NewError(
-				"collections_import_failure",
-				"Failed to import the collections configuration. Raw error:\n"+importErr.Error(),
-			)}
-		})
-	}, interceptors...)
-}
-
-func (form *CollectionsImport) afterSync(txDao *daos.Dao, mappedNew, mappedOld map[string]*models.Collection) error {
-	// refresh the actual persisted collections list
-	refreshedCollections := []*models.Collection{}
-	if err := txDao.CollectionQuery().OrderBy("updated ASC").All(&refreshedCollections); err != nil {
-		return err
-	}
-
-	// trigger the validator for each existing collection to
-	// ensure that the app is not left in a broken state
-	for _, collection := range refreshedCollections {
-		upsertModel := mappedOld[collection.GetId()]
-		if upsertModel == nil {
-			upsertModel = collection
-		}
-		upsertModel.MarkAsNotNew()
-
-		upsertForm := NewCollectionUpsert(form.app, upsertModel)
-		upsertForm.SetDao(txDao)
-
-		// load form fields with the refreshed collection state
-		upsertForm.Id = collection.Id
-		upsertForm.Type = collection.Type
-		upsertForm.Name = collection.Name
-		upsertForm.System = collection.System
-		upsertForm.ListRule = collection.ListRule
-		upsertForm.ViewRule = collection.ViewRule
-		upsertForm.CreateRule = collection.CreateRule
-		upsertForm.UpdateRule = collection.UpdateRule
-		upsertForm.DeleteRule = collection.DeleteRule
-		upsertForm.Schema = collection.Schema
-		upsertForm.Options = collection.Options
-
-		if err := upsertForm.Validate(); err != nil {
-			// serialize the validation error(s)
-			serializedErr, _ := json.MarshalIndent(err, "", "  ")
-
-			return validation.Errors{"collections": validation.NewError(
-				"collections_import_validate_failure",
-				fmt.Sprintf("Data validations failed for collection %q (%s):\n%s", collection.Name, collection.Id, serializedErr),
-			)}
-		}
-	}
-
-	return nil
-}

forms/collections_import_test.go

@@ -1,511 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestCollectionsImportValidate(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	form := forms.NewCollectionsImport(app)
-
-	scenarios := []struct {
-		collections []*models.Collection
-		expectError bool
-	}{
-		{nil, true},
-		{[]*models.Collection{}, true},
-		{[]*models.Collection{{}}, false},
-	}
-
-	for i, s := range scenarios {
-		form.Collections = s.collections
-
-		err := form.Validate()
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-	}
-}
-
-func TestCollectionsImportSubmit(t *testing.T) {
-	t.Parallel()
-
-	totalCollections := 11
-
-	scenarios := []struct {
-		name                   string
-		jsonData               string
-		expectError            bool
-		expectCollectionsCount int
-		expectEvents           map[string]int
-	}{
-		{
-			name: "empty collections",
-			jsonData: `{
-				"deleteMissing": true,
-				"collections": []
-			}`,
-			expectError:            true,
-			expectCollectionsCount: totalCollections,
-			expectEvents:           nil,
-		},
-		{
-			name: "one of the collections has invalid data",
-			jsonData: `{
-				"collections": [
-					{
-						"name": "import1",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					},
-					{
-						"name": "import 2",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					}
-				]
-			}`,
-			expectError:            true,
-			expectCollectionsCount: totalCollections,
-			expectEvents: map[string]int{
-				"OnModelBeforeCreate": 2,
-			},
-		},
-		{
-			name: "test empty base collection schema",
-			jsonData: `{
-				"collections": [
-					{
-						"name": "import1"
-					},
-					{
-						"name": "import2",
-						"type": "auth"
-					}
-				]
-			}`,
-			expectError:            true,
-			expectCollectionsCount: totalCollections,
-			expectEvents: map[string]int{
-				"OnModelBeforeCreate": 2,
-			},
-		},
-		{
-			name: "all imported collections has valid data",
-			jsonData: `{
-				"collections": [
-					{
-						"name": "import1",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					},
-					{
-						"name": "import2",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					},
-					{
-						"name": "import3",
-						"type": "auth"
-					}
-				]
-			}`,
-			expectError:            false,
-			expectCollectionsCount: totalCollections + 3,
-			expectEvents: map[string]int{
-				"OnModelBeforeCreate": 3,
-				"OnModelAfterCreate":  3,
-			},
-		},
-		{
-			name: "new collection with existing name",
-			jsonData: `{
-				"collections": [
-					{
-						"name": "demo2",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					}
-				]
-			}`,
-			expectError:            true,
-			expectCollectionsCount: totalCollections,
-			expectEvents: map[string]int{
-				"OnModelBeforeCreate": 1,
-			},
-		},
-		{
-			name: "delete system + modified + new collection",
-			jsonData: `{
-				"deleteMissing": true,
-				"collections": [
-					{
-						"id":"sz5l5z67tg7gku0",
-						"name":"demo2",
-						"schema":[
-							{
-								"id":"_2hlxbmp",
-								"name":"title",
-								"type":"text",
-								"system":false,
-								"required":true,
-								"unique":false,
-								"options":{
-									"min":3,
-									"max":null,
-									"pattern":""
-								}
-							}
-						]
-					},
-					{
-						"name": "import1",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					}
-				]
-			}`,
-			expectError:            true,
-			expectCollectionsCount: totalCollections,
-			expectEvents: map[string]int{
-				"OnModelBeforeDelete": 1,
-			},
-		},
-		{
-			name: "modified + new collection",
-			jsonData: `{
-				"collections": [
-					{
-						"id":"sz5l5z67tg7gku0",
-						"name":"demo2_rename",
-						"schema":[
-							{
-								"id":"_2hlxbmp",
-								"name":"title_new",
-								"type":"text",
-								"system":false,
-								"required":true,
-								"unique":false,
-								"options":{
-									"min":3,
-									"max":null,
-									"pattern":""
-								}
-							}
-						]
-					},
-					{
-						"name": "import1",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					},
-					{
-						"name": "import2",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					}
-				]
-			}`,
-			expectError:            false,
-			expectCollectionsCount: totalCollections + 2,
-			expectEvents: map[string]int{
-				"OnModelBeforeUpdate": 1,
-				"OnModelAfterUpdate":  1,
-				"OnModelBeforeCreate": 2,
-				"OnModelAfterCreate":  2,
-			},
-		},
-		{
-			name: "delete non-system + modified + new collection",
-			jsonData: `{
-				"deleteMissing": true,
-				"collections": [
-					{
-						"id": "kpv709sk2lqbqk8",
-						"system": true,
-						"name": "nologin",
-						"type": "auth",
-						"options": {
-							"allowEmailAuth": false,
-							"allowOAuth2Auth": false,
-							"allowUsernameAuth": false,
-							"exceptEmailDomains": [],
-							"manageRule": "@request.auth.collectionName = 'users'",
-							"minPasswordLength": 8,
-							"onlyEmailDomains": [],
-							"requireEmail": true
-						},
-						"listRule": "",
-						"viewRule": "",
-						"createRule": "",
-						"updateRule": "",
-						"deleteRule": "",
-						"schema": [
-							{
-								"id": "x8zzktwe",
-								"name": "name",
-								"type": "text",
-								"system": false,
-								"required": false,
-								"unique": false,
-								"options": {
-									"min": null,
-									"max": null,
-									"pattern": ""
-								}
-							}
-						]
-					},
-					{
-						"id":"sz5l5z67tg7gku0",
-						"name":"demo2",
-						"schema":[
-							{
-								"id":"_2hlxbmp",
-								"name":"title",
-								"type":"text",
-								"system":false,
-								"required":true,
-								"unique":false,
-								"options":{
-									"min":3,
-									"max":null,
-									"pattern":""
-								}
-							}
-						]
-					},
-					{
-						"id": "test_deleted_collection_name_reuse",
-						"name": "demo1",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					}
-				]
-			}`,
-			expectError:            false,
-			expectCollectionsCount: 3,
-			expectEvents: map[string]int{
-				"OnModelBeforeUpdate": 2,
-				"OnModelAfterUpdate":  2,
-				"OnModelBeforeCreate": 1,
-				"OnModelAfterCreate":  1,
-				"OnModelBeforeDelete": totalCollections - 2,
-				"OnModelAfterDelete":  totalCollections - 2,
-			},
-		},
-		{
-			name: "lazy system table name error",
-			jsonData: `{
-				"collections": [
-					{
-						"name": "_admins",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					}
-				]
-			}`,
-			expectError:            true,
-			expectCollectionsCount: totalCollections,
-			expectEvents: map[string]int{
-				"OnModelBeforeCreate": 1,
-			},
-		},
-		{
-			name: "lazy view evaluation",
-			jsonData: `{
-				"collections": [
-					{
-						"name": "view_before",
-						"type": "view",
-						"options": {
-							"query": "select id, active from base_test"
-						}
-					},
-					{
-						"name": "base_test",
-						"schema": [
-							{
-								"id":"fz6iql2m",
-								"name":"active",
-								"type":"bool"
-							}
-						]
-					},
-					{
-						"name": "view_after_new",
-						"type": "view",
-						"options": {
-							"query": "select id, active from base_test"
-						}
-					},
-					{
-						"name": "view_after_old",
-						"type": "view",
-						"options": {
-							"query": "select id from demo1"
-						}
-					}
-				]
-			}`,
-			expectError:            false,
-			expectCollectionsCount: totalCollections + 4,
-			expectEvents: map[string]int{
-				"OnModelBeforeUpdate": 3,
-				"OnModelAfterUpdate":  3,
-				"OnModelBeforeCreate": 4,
-				"OnModelAfterCreate":  4,
-			},
-		},
-	}
-
-	for _, s := range scenarios {
-		t.Run(s.name, func(t *testing.T) {
-			testApp, _ := tests.NewTestApp()
-			defer testApp.Cleanup()
-
-			form := forms.NewCollectionsImport(testApp)
-
-			// load data
-			loadErr := json.Unmarshal([]byte(s.jsonData), form)
-			if loadErr != nil {
-				t.Fatalf("Failed to load form data: %v", loadErr)
-			}
-
-			err := form.Submit()
-
-			hasErr := err != nil
-			if hasErr != s.expectError {
-				t.Fatalf("Expected hasErr to be %v, got %v (%v)", s.expectError, hasErr, err)
-			}
-
-			// check collections count
-			collections := []*models.Collection{}
-			if err := testApp.Dao().CollectionQuery().All(&collections); err != nil {
-				t.Fatal(err)
-			}
-			if len(collections) != s.expectCollectionsCount {
-				t.Fatalf("Expected %d collections, got %d", s.expectCollectionsCount, len(collections))
-			}
-
-			// check events
-			if len(testApp.EventCalls) > len(s.expectEvents) {
-				t.Fatalf("Expected events %v, got %v", s.expectEvents, testApp.EventCalls)
-			}
-			for event, expectedCalls := range s.expectEvents {
-				actualCalls := testApp.EventCalls[event]
-				if actualCalls != expectedCalls {
-					t.Fatalf("Expected event %s to be called %d, got %d", event, expectedCalls, actualCalls)
-				}
-			}
-		})
-	}
-}
-
-func TestCollectionsImportSubmitInterceptors(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	collections := []*models.Collection{}
-	if err := app.Dao().CollectionQuery().All(&collections); err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewCollectionsImport(app)
-	form.Collections = collections
-
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[[]*models.Collection]) forms.InterceptorNextFunc[[]*models.Collection] {
-		return func(imports []*models.Collection) error {
-			interceptor1Called = true
-			return next(imports)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[[]*models.Collection]) forms.InterceptorNextFunc[[]*models.Collection] {
-		return func(imports []*models.Collection) error {
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-}

forms/realtime_subscribe.go

@@ -1,23 +0,0 @@
-package forms
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-)
-
-// RealtimeSubscribe is a realtime subscriptions request form.
-type RealtimeSubscribe struct {
-	ClientId      string   `form:"clientId" json:"clientId"`
-	Subscriptions []string `form:"subscriptions" json:"subscriptions"`
-}
-
-// NewRealtimeSubscribe creates new RealtimeSubscribe request form.
-func NewRealtimeSubscribe() *RealtimeSubscribe {
-	return &RealtimeSubscribe{}
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *RealtimeSubscribe) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(&form.ClientId, validation.Required, validation.Length(1, 255)),
-	)
-}

forms/realtime_subscribe_test.go

@@ -1,33 +0,0 @@
-package forms_test
-
-import (
-	"strings"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-)
-
-func TestRealtimeSubscribeValidate(t *testing.T) {
-	t.Parallel()
-
-	scenarios := []struct {
-		clientId    string
-		expectError bool
-	}{
-		{"", true},
-		{strings.Repeat("a", 256), true},
-		{"test", false},
-	}
-
-	for i, s := range scenarios {
-		form := forms.NewRealtimeSubscribe()
-		form.ClientId = s.clientId
-
-		err := form.Validate()
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-	}
-}

forms/record_email_change_confirm.go

@@ -1,145 +0,0 @@
-package forms
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
-	"github.com/pocketbase/pocketbase/tools/security"
-)
-
-// RecordEmailChangeConfirm is an auth record email change confirmation form.
-type RecordEmailChangeConfirm struct {
-	app        core.App
-	dao        *daos.Dao
-	collection *models.Collection
-
-	Token    string `form:"token" json:"token"`
-	Password string `form:"password" json:"password"`
-}
-
-// NewRecordEmailChangeConfirm creates a new [RecordEmailChangeConfirm] form
-// initialized with from the provided [core.App] and [models.Collection] instances.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordEmailChangeConfirm(app core.App, collection *models.Collection) *RecordEmailChangeConfirm {
-	return &RecordEmailChangeConfirm{
-		app:        app,
-		dao:        app.Dao(),
-		collection: collection,
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordEmailChangeConfirm) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *RecordEmailChangeConfirm) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.Token,
-			validation.Required,
-			validation.By(form.checkToken),
-		),
-		validation.Field(
-			&form.Password,
-			validation.Required,
-			validation.Length(1, 100),
-			validation.By(form.checkPassword),
-		),
-	)
-}
-
-func (form *RecordEmailChangeConfirm) checkToken(value any) error {
-	v, _ := value.(string)
-	if v == "" {
-		return nil // nothing to check
-	}
-
-	authRecord, _, err := form.parseToken(v)
-	if err != nil {
-		return err
-	}
-
-	if authRecord.Collection().Id != form.collection.Id {
-		return validation.NewError("validation_token_collection_mismatch", "The provided token is for different auth collection.")
-	}
-
-	return nil
-}
-
-func (form *RecordEmailChangeConfirm) checkPassword(value any) error {
-	v, _ := value.(string)
-	if v == "" {
-		return nil // nothing to check
-	}
-
-	authRecord, _, _ := form.parseToken(form.Token)
-	if authRecord == nil || !authRecord.ValidatePassword(v) {
-		return validation.NewError("validation_invalid_password", "Missing or invalid auth record password.")
-	}
-
-	return nil
-}
-
-func (form *RecordEmailChangeConfirm) parseToken(token string) (*models.Record, string, error) {
-	// check token payload
-	claims, _ := security.ParseUnverifiedJWT(token)
-	newEmail, _ := claims["newEmail"].(string)
-	if newEmail == "" {
-		return nil, "", validation.NewError("validation_invalid_token_payload", "Invalid token payload - newEmail must be set.")
-	}
-
-	// ensure that there aren't other users with the new email
-	if !form.dao.IsRecordValueUnique(form.collection.Id, schema.FieldNameEmail, newEmail) {
-		return nil, "", validation.NewError("validation_existing_token_email", "The new email address is already registered: "+newEmail)
-	}
-
-	// verify that the token is not expired and its signature is valid
-	authRecord, err := form.dao.FindAuthRecordByToken(
-		token,
-		form.app.Settings().RecordEmailChangeToken.Secret,
-	)
-	if err != nil || authRecord == nil {
-		return nil, "", validation.NewError("validation_invalid_token", "Invalid or expired token.")
-	}
-
-	return authRecord, newEmail, nil
-}
-
-// Submit validates and submits the auth record email change confirmation form.
-// On success returns the updated auth record associated to `form.Token`.
-//
-// You can optionally provide a list of InterceptorFunc to
-// further modify the form behavior before persisting it.
-func (form *RecordEmailChangeConfirm) Submit(interceptors ...InterceptorFunc[*models.Record]) (*models.Record, error) {
-	if err := form.Validate(); err != nil {
-		return nil, err
-	}
-
-	authRecord, newEmail, err := form.parseToken(form.Token)
-	if err != nil {
-		return nil, err
-	}
-
-	authRecord.SetEmail(newEmail)
-	authRecord.SetVerified(true)
-
-	// @todo consider removing if not necessary anymore
-	authRecord.RefreshTokenKey() // invalidate old tokens
-
-	interceptorsErr := runInterceptors(authRecord, func(m *models.Record) error {
-		authRecord = m
-		return form.dao.SaveRecord(m)
-	}, interceptors...)
-
-	if interceptorsErr != nil {
-		return nil, interceptorsErr
-	}
-
-	return authRecord, nil
-}

forms/record_email_change_confirm_test.go

@@ -1,204 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/security"
-)
-
-func TestRecordEmailChangeConfirmValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	scenarios := []struct {
-		jsonData       string
-		expectedErrors []string
-	}{
-		// empty payload
-		{"{}", []string{"token", "password"}},
-		// empty data
-		{
-			`{"token": "", "password": ""}`,
-			[]string{"token", "password"},
-		},
-		// invalid token payload
-		{
-			`{
-				"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZXhwIjoyMjA4OTg1MjYxfQ.quDgaCi2rGTRx3qO06CrFvHdeCua_5J7CCVWSaFhkus",
-				"password": "123456"
-			}`,
-			[]string{"token", "password"},
-		},
-		// expired token
-		{
-			`{
-				"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZW1haWwiOiJ0ZXN0QGV4YW1wbGUuY29tIiwibmV3RW1haWwiOiJ0ZXN0X25ld0BleGFtcGxlLmNvbSIsImV4cCI6MTYwOTQ1NTY2MX0.n1OJXJEACMNPT9aMTO48cVJexIiZEtHsz4UNBIfMcf4",
-				"password": "123456"
-			}`,
-			[]string{"token", "password"},
-		},
-		// existing new email
-		{
-			`{
-				"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZW1haWwiOiJ0ZXN0QGV4YW1wbGUuY29tIiwibmV3RW1haWwiOiJ0ZXN0MkBleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4NTI2MX0.Q_o6zpc2URggTU0mWv2CS0rIPbQhFdmrjZ-ASwHh1Ww",
-				"password": "1234567890"
-			}`,
-			[]string{"token", "password"},
-		},
-		// wrong confirmation password
-		{
-			`{
-				"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZW1haWwiOiJ0ZXN0QGV4YW1wbGUuY29tIiwibmV3RW1haWwiOiJ0ZXN0X25ld0BleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4NTI2MX0.hmR7Ye23C68tS1LgHgYgT7NBJczTad34kzcT4sqW3FY",
-				"password": "123456"
-			}`,
-			[]string{"password"},
-		},
-		// valid data
-		{
-			`{
-				"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZW1haWwiOiJ0ZXN0QGV4YW1wbGUuY29tIiwibmV3RW1haWwiOiJ0ZXN0X25ld0BleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4NTI2MX0.hmR7Ye23C68tS1LgHgYgT7NBJczTad34kzcT4sqW3FY",
-				"password": "1234567890"
-			}`,
-			[]string{},
-		},
-	}
-
-	for i, s := range scenarios {
-		form := forms.NewRecordEmailChangeConfirm(testApp, authCollection)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("(%d) Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-			return func(r *models.Record) error {
-				interceptorCalls++
-				return next(r)
-			}
-		}
-
-		record, err := form.Submit(interceptor)
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if len(s.expectedErrors) > 0 {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		// parse errors
-		errs, ok := err.(validation.Errors)
-		if !ok && err != nil {
-			t.Errorf("(%d) Failed to parse errors %v", i, err)
-			continue
-		}
-
-		// check errors
-		if len(errs) > len(s.expectedErrors) {
-			t.Errorf("(%d) Expected error keys %v, got %v", i, s.expectedErrors, errs)
-		}
-		for _, k := range s.expectedErrors {
-			if _, ok := errs[k]; !ok {
-				t.Errorf("(%d) Missing expected error key %q in %v", i, k, errs)
-			}
-		}
-
-		if len(errs) > 0 {
-			continue
-		}
-
-		claims, _ := security.ParseUnverifiedJWT(form.Token)
-		newEmail, _ := claims["newEmail"].(string)
-
-		// check whether the user was updated
-		// ---
-		if record.Email() != newEmail {
-			t.Errorf("(%d) Expected record email %q, got %q", i, newEmail, record.Email())
-		}
-
-		if !record.Verified() {
-			t.Errorf("(%d) Expected record to be verified, got false", i)
-		}
-
-		// shouldn't validate second time due to refreshed record token
-		if err := form.Validate(); err == nil {
-			t.Errorf("(%d) Expected error, got nil", i)
-		}
-	}
-}
-
-func TestRecordEmailChangeConfirmInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	authRecord, err := testApp.Dao().FindAuthRecordByEmail("users", "test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewRecordEmailChangeConfirm(testApp, authCollection)
-	form.Token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiY29sbGVjdGlvbklkIjoiX3BiX3VzZXJzX2F1dGhfIiwiZW1haWwiOiJ0ZXN0QGV4YW1wbGUuY29tIiwibmV3RW1haWwiOiJ0ZXN0X25ld0BleGFtcGxlLmNvbSIsImV4cCI6MjIwODk4NTI2MX0.hmR7Ye23C68tS1LgHgYgT7NBJczTad34kzcT4sqW3FY"
-	form.Password = "1234567890"
-	interceptorEmail := authRecord.Email()
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor1Called = true
-			return next(record)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptorEmail = record.Email()
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	_, submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorEmail == authRecord.Email() {
-		t.Fatalf("Expected the form model to be filled before calling the interceptors")
-	}
-}

forms/record_email_change_request.go

@@ -1,75 +0,0 @@
-package forms
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/mails"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
-)
-
-// RecordEmailChangeRequest is an auth record email change request form.
-type RecordEmailChangeRequest struct {
-	app    core.App
-	dao    *daos.Dao
-	record *models.Record
-
-	NewEmail string `form:"newEmail" json:"newEmail"`
-}
-
-// NewRecordEmailChangeRequest creates a new [RecordEmailChangeRequest] form
-// initialized with from the provided [core.App] and [models.Record] instances.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordEmailChangeRequest(app core.App, record *models.Record) *RecordEmailChangeRequest {
-	return &RecordEmailChangeRequest{
-		app:    app,
-		dao:    app.Dao(),
-		record: record,
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordEmailChangeRequest) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *RecordEmailChangeRequest) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.NewEmail,
-			validation.Required,
-			validation.Length(1, 255),
-			is.EmailFormat,
-			validation.By(form.checkUniqueEmail),
-		),
-	)
-}
-
-func (form *RecordEmailChangeRequest) checkUniqueEmail(value any) error {
-	v, _ := value.(string)
-
-	if !form.dao.IsRecordValueUnique(form.record.Collection().Id, schema.FieldNameEmail, v) {
-		return validation.NewError("validation_record_email_invalid", "User email already exists or it is invalid.")
-	}
-
-	return nil
-}
-
-// Submit validates and sends the change email request.
-//
-// You can optionally provide a list of InterceptorFunc to
-// further modify the form behavior before persisting it.
-func (form *RecordEmailChangeRequest) Submit(interceptors ...InterceptorFunc[*models.Record]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	return runInterceptors(form.record, func(m *models.Record) error {
-		return mails.SendRecordChangeEmail(form.app, m, form.NewEmail)
-	}, interceptors...)
-}

forms/record_email_change_request_test.go

@@ -1,153 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestRecordEmailChangeRequestValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	user, err := testApp.Dao().FindAuthRecordByEmail("users", "test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	scenarios := []struct {
-		jsonData       string
-		expectedErrors []string
-	}{
-		// empty payload
-		{"{}", []string{"newEmail"}},
-		// empty data
-		{
-			`{"newEmail": ""}`,
-			[]string{"newEmail"},
-		},
-		// invalid email
-		{
-			`{"newEmail": "invalid"}`,
-			[]string{"newEmail"},
-		},
-		// existing email token
-		{
-			`{"newEmail": "test2@example.com"}`,
-			[]string{"newEmail"},
-		},
-		// valid new email
-		{
-			`{"newEmail": "test_new@example.com"}`,
-			[]string{},
-		},
-	}
-
-	for i, s := range scenarios {
-		testApp.TestMailer.TotalSend = 0 // reset
-		form := forms.NewRecordEmailChangeRequest(testApp, user)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("(%d) Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-			return func(r *models.Record) error {
-				interceptorCalls++
-				return next(r)
-			}
-		}
-
-		err := form.Submit(interceptor)
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if len(s.expectedErrors) > 0 {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		// parse errors
-		errs, ok := err.(validation.Errors)
-		if !ok && err != nil {
-			t.Errorf("(%d) Failed to parse errors %v", i, err)
-			continue
-		}
-
-		// check errors
-		if len(errs) > len(s.expectedErrors) {
-			t.Errorf("(%d) Expected error keys %v, got %v", i, s.expectedErrors, errs)
-		}
-		for _, k := range s.expectedErrors {
-			if _, ok := errs[k]; !ok {
-				t.Errorf("(%d) Missing expected error key %q in %v", i, k, errs)
-			}
-		}
-
-		expectedMails := 1
-		if len(s.expectedErrors) > 0 {
-			expectedMails = 0
-		}
-		if testApp.TestMailer.TotalSend != expectedMails {
-			t.Errorf("(%d) Expected %d mail(s) to be sent, got %d", i, expectedMails, testApp.TestMailer.TotalSend)
-		}
-	}
-}
-
-func TestRecordEmailChangeRequestInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authRecord, err := testApp.Dao().FindAuthRecordByEmail("users", "test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewRecordEmailChangeRequest(testApp, authRecord)
-	form.NewEmail = "test_new@example.com"
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor1Called = true
-			return next(record)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-}

forms/record_oauth2_login.go

@@ -1,294 +0,0 @@
-package forms
-
-import (
-	"context"
-	"errors"
-	"fmt"
-	"time"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/dbx"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tools/auth"
-	"github.com/pocketbase/pocketbase/tools/security"
-	"golang.org/x/oauth2"
-)
-
-// RecordOAuth2LoginData defines the OA
-type RecordOAuth2LoginData struct {
-	ExternalAuth   *models.ExternalAuth
-	Record         *models.Record
-	OAuth2User     *auth.AuthUser
-	ProviderClient auth.Provider
-}
-
-// BeforeOAuth2RecordCreateFunc defines a callback function that will
-// be called before OAuth2 new Record creation.
-type BeforeOAuth2RecordCreateFunc func(createForm *RecordUpsert, authRecord *models.Record, authUser *auth.AuthUser) error
-
-// RecordOAuth2Login is an auth record OAuth2 login form.
-type RecordOAuth2Login struct {
-	app        core.App
-	dao        *daos.Dao
-	collection *models.Collection
-
-	beforeOAuth2RecordCreateFunc BeforeOAuth2RecordCreateFunc
-
-	// Optional auth record that will be used if no external
-	// auth relation is found (if it is from the same collection)
-	loggedAuthRecord *models.Record
-
-	// The name of the OAuth2 client provider (eg. "google")
-	Provider string `form:"provider" json:"provider"`
-
-	// The authorization code returned from the initial request.
-	Code string `form:"code" json:"code"`
-
-	// The optional PKCE code verifier as part of the code_challenge sent with the initial request.
-	CodeVerifier string `form:"codeVerifier" json:"codeVerifier"`
-
-	// The redirect url sent with the initial request.
-	RedirectUrl string `form:"redirectUrl" json:"redirectUrl"`
-
-	// Additional data that will be used for creating a new auth record
-	// if an existing OAuth2 account doesn't exist.
-	CreateData map[string]any `form:"createData" json:"createData"`
-}
-
-// NewRecordOAuth2Login creates a new [RecordOAuth2Login] form with
-// initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordOAuth2Login(app core.App, collection *models.Collection, optAuthRecord *models.Record) *RecordOAuth2Login {
-	form := &RecordOAuth2Login{
-		app:              app,
-		dao:              app.Dao(),
-		collection:       collection,
-		loggedAuthRecord: optAuthRecord,
-	}
-
-	return form
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordOAuth2Login) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// SetBeforeNewRecordCreateFunc sets a before OAuth2 record create callback handler.
-func (form *RecordOAuth2Login) SetBeforeNewRecordCreateFunc(f BeforeOAuth2RecordCreateFunc) {
-	form.beforeOAuth2RecordCreateFunc = f
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *RecordOAuth2Login) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(&form.Provider, validation.Required, validation.By(form.checkProviderName)),
-		validation.Field(&form.Code, validation.Required),
-		validation.Field(&form.RedirectUrl, validation.Required),
-	)
-}
-
-func (form *RecordOAuth2Login) checkProviderName(value any) error {
-	name, _ := value.(string)
-
-	config, ok := form.app.Settings().NamedAuthProviderConfigs()[name]
-	if !ok || !config.Enabled {
-		return validation.NewError("validation_invalid_provider", fmt.Sprintf("%q is missing or is not enabled.", name))
-	}
-
-	return nil
-}
-
-// Submit validates and submits the form.
-//
-// If an auth record doesn't exist, it will make an attempt to create it
-// based on the fetched OAuth2 profile data via a local [RecordUpsert] form.
-// You can intercept/modify the Record create form with [form.SetBeforeNewRecordCreateFunc()].
-//
-// You can also optionally provide a list of InterceptorFunc to
-// further modify the form behavior before persisting it.
-//
-// On success returns the authorized record model and the fetched provider's data.
-func (form *RecordOAuth2Login) Submit(
-	interceptors ...InterceptorFunc[*RecordOAuth2LoginData],
-) (*models.Record, *auth.AuthUser, error) {
-	if err := form.Validate(); err != nil {
-		return nil, nil, err
-	}
-
-	if !form.collection.AuthOptions().AllowOAuth2Auth {
-		return nil, nil, errors.New("OAuth2 authentication is not allowed for the auth collection.")
-	}
-
-	provider, err := auth.NewProviderByName(form.Provider)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
-	defer cancel()
-
-	provider.SetContext(ctx)
-
-	// load provider configuration
-	providerConfig := form.app.Settings().NamedAuthProviderConfigs()[form.Provider]
-	if err := providerConfig.SetupProvider(provider); err != nil {
-		return nil, nil, err
-	}
-
-	provider.SetRedirectUrl(form.RedirectUrl)
-
-	var opts []oauth2.AuthCodeOption
-
-	if provider.PKCE() {
-		opts = append(opts, oauth2.SetAuthURLParam("code_verifier", form.CodeVerifier))
-	}
-
-	// fetch token
-	token, err := provider.FetchToken(form.Code, opts...)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	// fetch external auth user
-	authUser, err := provider.FetchAuthUser(token)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	var authRecord *models.Record
-
-	// check for existing relation with the auth record
-	rel, _ := form.dao.FindFirstExternalAuthByExpr(dbx.HashExp{
-		"collectionId": form.collection.Id,
-		"provider":     form.Provider,
-		"providerId":   authUser.Id,
-	})
-	switch {
-	case rel != nil:
-		authRecord, err = form.dao.FindRecordById(form.collection.Id, rel.RecordId)
-		if err != nil {
-			return nil, authUser, err
-		}
-	case form.loggedAuthRecord != nil && form.loggedAuthRecord.Collection().Id == form.collection.Id:
-		// fallback to the logged auth record (if any)
-		authRecord = form.loggedAuthRecord
-	case authUser.Email != "":
-		// look for an existing auth record by the external auth record's email
-		authRecord, _ = form.dao.FindAuthRecordByEmail(form.collection.Id, authUser.Email)
-	}
-
-	interceptorData := &RecordOAuth2LoginData{
-		ExternalAuth:   rel,
-		Record:         authRecord,
-		OAuth2User:     authUser,
-		ProviderClient: provider,
-	}
-
-	interceptorsErr := runInterceptors(interceptorData, func(newData *RecordOAuth2LoginData) error {
-		return form.submit(newData)
-	}, interceptors...)
-
-	if interceptorsErr != nil {
-		return nil, interceptorData.OAuth2User, interceptorsErr
-	}
-
-	return interceptorData.Record, interceptorData.OAuth2User, nil
-}
-
-func (form *RecordOAuth2Login) submit(data *RecordOAuth2LoginData) error {
-	return form.dao.RunInTransaction(func(txDao *daos.Dao) error {
-		if data.Record == nil {
-			data.Record = models.NewRecord(form.collection)
-			data.Record.RefreshId()
-			data.Record.MarkAsNew()
-			createForm := NewRecordUpsert(form.app, data.Record)
-			createForm.SetFullManageAccess(true)
-			createForm.SetDao(txDao)
-			if data.OAuth2User.Username != "" &&
-				len(data.OAuth2User.Username) >= 3 &&
-				len(data.OAuth2User.Username) <= 150 &&
-				usernameRegex.MatchString(data.OAuth2User.Username) {
-				createForm.Username = form.dao.SuggestUniqueAuthRecordUsername(
-					form.collection.Id,
-					data.OAuth2User.Username,
-				)
-			}
-
-			// load custom data
-			createForm.LoadData(form.CreateData)
-
-			// load the OAuth2 user data
-			createForm.Email = data.OAuth2User.Email
-			createForm.Verified = true // mark as verified as long as it matches the OAuth2 data (even if the email is empty)
-
-			// generate a random password if not explicitly set
-			if createForm.Password == "" {
-				createForm.Password = security.RandomString(30)
-				createForm.PasswordConfirm = createForm.Password
-			}
-
-			if form.beforeOAuth2RecordCreateFunc != nil {
-				if err := form.beforeOAuth2RecordCreateFunc(createForm, data.Record, data.OAuth2User); err != nil {
-					return err
-				}
-			}
-
-			// create the new auth record
-			if err := createForm.Submit(); err != nil {
-				return err
-			}
-		} else {
-			isLoggedAuthRecord := form.loggedAuthRecord != nil &&
-				form.loggedAuthRecord.Id == data.Record.Id &&
-				form.loggedAuthRecord.Collection().Id == data.Record.Collection().Id
-
-			// set random password for users with unverified email
-			// (this is in case a malicious actor has registered via password using the user email)
-			if !isLoggedAuthRecord && data.Record.Email() != "" && !data.Record.Verified() {
-				data.Record.SetPassword(security.RandomString(30))
-				if err := txDao.SaveRecord(data.Record); err != nil {
-					return err
-				}
-			}
-
-			// update the existing auth record empty email if the data.OAuth2User has one
-			// (this is in case previously the auth record was created
-			// with an OAuth2 provider that didn't return an email address)
-			if data.Record.Email() == "" && data.OAuth2User.Email != "" {
-				data.Record.SetEmail(data.OAuth2User.Email)
-				if err := txDao.SaveRecord(data.Record); err != nil {
-					return err
-				}
-			}
-
-			// update the existing auth record verified state
-			// (only if the auth record doesn't have an email or the auth record email match with the one in data.OAuth2User)
-			if !data.Record.Verified() && (data.Record.Email() == "" || data.Record.Email() == data.OAuth2User.Email) {
-				data.Record.SetVerified(true)
-				if err := txDao.SaveRecord(data.Record); err != nil {
-					return err
-				}
-			}
-		}
-
-		// create ExternalAuth relation if missing
-		if data.ExternalAuth == nil {
-			data.ExternalAuth = &models.ExternalAuth{
-				CollectionId: data.Record.Collection().Id,
-				RecordId:     data.Record.Id,
-				Provider:     form.Provider,
-				ProviderId:   data.OAuth2User.Id,
-			}
-			if err := txDao.SaveExternalAuth(data.ExternalAuth); err != nil {
-				return err
-			}
-		}
-
-		return nil
-	})
-}

forms/record_oauth2_login_test.go

@@ -1,98 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestUserOauth2LoginValidate(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	scenarios := []struct {
-		testName       string
-		collectionName string
-		jsonData       string
-		expectedErrors []string
-	}{
-		{
-			"empty payload",
-			"users",
-			"{}",
-			[]string{"provider", "code", "redirectUrl"},
-		},
-		{
-			"empty data",
-			"users",
-			`{"provider":"","code":"","codeVerifier":"","redirectUrl":""}`,
-			[]string{"provider", "code", "redirectUrl"},
-		},
-		{
-			"missing provider",
-			"users",
-			`{"provider":"missing","code":"123","codeVerifier":"123","redirectUrl":"https://example.com"}`,
-			[]string{"provider"},
-		},
-		{
-			"disabled provider",
-			"users",
-			`{"provider":"github","code":"123","codeVerifier":"123","redirectUrl":"https://example.com"}`,
-			[]string{"provider"},
-		},
-		{
-			"enabled provider",
-			"users",
-			`{"provider":"gitlab","code":"123","codeVerifier":"123","redirectUrl":"https://example.com"}`,
-			[]string{},
-		},
-		{
-			"[#3689] any redirectUrl value",
-			"users",
-			`{"provider":"gitlab","code":"123","codeVerifier":"123","redirectUrl":"something"}`,
-			[]string{},
-		},
-	}
-
-	for _, s := range scenarios {
-		authCollection, _ := app.Dao().FindCollectionByNameOrId(s.collectionName)
-		if authCollection == nil {
-			t.Errorf("[%s] Failed to fetch auth collection", s.testName)
-		}
-
-		form := forms.NewRecordOAuth2Login(app, authCollection, nil)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("[%s] Failed to load form data: %v", s.testName, loadErr)
-			continue
-		}
-
-		err := form.Validate()
-
-		// parse errors
-		errs, ok := err.(validation.Errors)
-		if !ok && err != nil {
-			t.Errorf("[%s] Failed to parse errors %v", s.testName, err)
-			continue
-		}
-
-		// check errors
-		if len(errs) > len(s.expectedErrors) {
-			t.Errorf("[%s] Expected error keys %v, got %v", s.testName, s.expectedErrors, errs)
-		}
-		for _, k := range s.expectedErrors {
-			if _, ok := errs[k]; !ok {
-				t.Errorf("[%s] Missing expected error key %q in %v", s.testName, k, errs)
-			}
-		}
-	}
-}
-
-// @todo consider mocking a Oauth2 provider to test Submit

forms/record_password_login.go

@@ -1,95 +0,0 @@
-package forms
-
-import (
-	"database/sql"
-	"errors"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-)
-
-// RecordPasswordLogin is record username/email + password login form.
-type RecordPasswordLogin struct {
-	app        core.App
-	dao        *daos.Dao
-	collection *models.Collection
-
-	Identity string `form:"identity" json:"identity"`
-	Password string `form:"password" json:"password"`
-}
-
-// NewRecordPasswordLogin creates a new [RecordPasswordLogin] form initialized
-// with from the provided [core.App] and [models.Collection] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordPasswordLogin(app core.App, collection *models.Collection) *RecordPasswordLogin {
-	return &RecordPasswordLogin{
-		app:        app,
-		dao:        app.Dao(),
-		collection: collection,
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordPasswordLogin) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *RecordPasswordLogin) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(&form.Identity, validation.Required, validation.Length(1, 255)),
-		validation.Field(&form.Password, validation.Required, validation.Length(1, 255)),
-	)
-}
-
-// Submit validates and submits the form.
-// On success returns the authorized record model.
-//
-// You can optionally provide a list of InterceptorFunc to
-// further modify the form behavior before persisting it.
-func (form *RecordPasswordLogin) Submit(interceptors ...InterceptorFunc[*models.Record]) (*models.Record, error) {
-	if err := form.Validate(); err != nil {
-		return nil, err
-	}
-
-	authOptions := form.collection.AuthOptions()
-
-	var authRecord *models.Record
-	var fetchErr error
-
-	isEmail := is.EmailFormat.Validate(form.Identity) == nil
-
-	if isEmail {
-		if authOptions.AllowEmailAuth {
-			authRecord, fetchErr = form.dao.FindAuthRecordByEmail(form.collection.Id, form.Identity)
-		}
-	} else if authOptions.AllowUsernameAuth {
-		authRecord, fetchErr = form.dao.FindAuthRecordByUsername(form.collection.Id, form.Identity)
-	}
-
-	// ignore not found errors to allow custom fetch implementations
-	if fetchErr != nil && !errors.Is(fetchErr, sql.ErrNoRows) {
-		return nil, fetchErr
-	}
-
-	interceptorsErr := runInterceptors(authRecord, func(m *models.Record) error {
-		authRecord = m
-
-		if authRecord == nil || !authRecord.ValidatePassword(form.Password) {
-			return errors.New("Invalid login credentials.")
-		}
-
-		return nil
-	}, interceptors...)
-
-	if interceptorsErr != nil {
-		return nil, interceptorsErr
-	}
-
-	return authRecord, nil
-}

forms/record_password_login_test.go

@@ -1,186 +0,0 @@
-package forms_test
-
-import (
-	"errors"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestRecordPasswordLoginValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	scenarios := []struct {
-		testName       string
-		collectionName string
-		identity       string
-		password       string
-		expectError    bool
-	}{
-		{
-			"empty data",
-			"users",
-			"",
-			"",
-			true,
-		},
-
-		// username
-		{
-			"existing username + wrong password",
-			"users",
-			"users75657",
-			"invalid",
-			true,
-		},
-		{
-			"missing username + valid password",
-			"users",
-			"clients57772", // not in the "users" collection
-			"1234567890",
-			true,
-		},
-		{
-			"existing username + valid password but in restricted username auth collection",
-			"clients",
-			"clients57772",
-			"1234567890",
-			true,
-		},
-		{
-			"existing username + valid password but in restricted username and email auth collection",
-			"nologin",
-			"test_username",
-			"1234567890",
-			true,
-		},
-		{
-			"existing username + valid password",
-			"users",
-			"users75657",
-			"1234567890",
-			false,
-		},
-
-		// email
-		{
-			"existing email + wrong password",
-			"users",
-			"test@example.com",
-			"invalid",
-			true,
-		},
-		{
-			"missing email + valid password",
-			"users",
-			"test_missing@example.com",
-			"1234567890",
-			true,
-		},
-		{
-			"existing username + valid password but in restricted username auth collection",
-			"clients",
-			"test@example.com",
-			"1234567890",
-			false,
-		},
-		{
-			"existing username + valid password but in restricted username and email auth collection",
-			"nologin",
-			"test@example.com",
-			"1234567890",
-			true,
-		},
-		{
-			"existing email + valid password",
-			"users",
-			"test@example.com",
-			"1234567890",
-			false,
-		},
-	}
-
-	for _, s := range scenarios {
-		authCollection, err := testApp.Dao().FindCollectionByNameOrId(s.collectionName)
-		if err != nil {
-			t.Errorf("[%s] Failed to fetch auth collection: %v", s.testName, err)
-		}
-
-		form := forms.NewRecordPasswordLogin(testApp, authCollection)
-		form.Identity = s.identity
-		form.Password = s.password
-
-		record, err := form.Submit()
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("[%s] Expected hasErr to be %v, got %v (%v)", s.testName, s.expectError, hasErr, err)
-			continue
-		}
-
-		if hasErr {
-			continue
-		}
-
-		if record.Email() != s.identity && record.Username() != s.identity {
-			t.Errorf("[%s] Expected record with identity %q, got \n%v", s.testName, s.identity, record)
-		}
-	}
-}
-
-func TestRecordPasswordLoginInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewRecordPasswordLogin(testApp, authCollection)
-	form.Identity = "test@example.com"
-	form.Password = "123456"
-	var interceptorRecord *models.Record
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor1Called = true
-			return next(record)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptorRecord = record
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	_, submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorRecord == nil || interceptorRecord.Email() != form.Identity {
-		t.Fatalf("Expected auth Record model with email %s, got %v", form.Identity, interceptorRecord)
-	}
-}

forms/record_password_reset_confirm.go

@@ -1,118 +0,0 @@
-package forms
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/forms/validators"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tools/security"
-	"github.com/spf13/cast"
-)
-
-// RecordPasswordResetConfirm is an auth record password reset confirmation form.
-type RecordPasswordResetConfirm struct {
-	app        core.App
-	collection *models.Collection
-	dao        *daos.Dao
-
-	Token           string `form:"token" json:"token"`
-	Password        string `form:"password" json:"password"`
-	PasswordConfirm string `form:"passwordConfirm" json:"passwordConfirm"`
-}
-
-// NewRecordPasswordResetConfirm creates a new [RecordPasswordResetConfirm]
-// form initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordPasswordResetConfirm(app core.App, collection *models.Collection) *RecordPasswordResetConfirm {
-	return &RecordPasswordResetConfirm{
-		app:        app,
-		dao:        app.Dao(),
-		collection: collection,
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordPasswordResetConfirm) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *RecordPasswordResetConfirm) Validate() error {
-	minPasswordLength := form.collection.AuthOptions().MinPasswordLength
-
-	return validation.ValidateStruct(form,
-		validation.Field(&form.Token, validation.Required, validation.By(form.checkToken)),
-		validation.Field(&form.Password, validation.Required, validation.Length(minPasswordLength, 100)),
-		validation.Field(&form.PasswordConfirm, validation.Required, validation.By(validators.Compare(form.Password))),
-	)
-}
-
-func (form *RecordPasswordResetConfirm) checkToken(value any) error {
-	v, _ := value.(string)
-	if v == "" {
-		return nil // nothing to check
-	}
-
-	record, err := form.dao.FindAuthRecordByToken(
-		v,
-		form.app.Settings().RecordPasswordResetToken.Secret,
-	)
-	if err != nil || record == nil {
-		return validation.NewError("validation_invalid_token", "Invalid or expired token.")
-	}
-
-	if record.Collection().Id != form.collection.Id {
-		return validation.NewError("validation_token_collection_mismatch", "The provided token is for different auth collection.")
-	}
-
-	return nil
-}
-
-// Submit validates and submits the form.
-// On success returns the updated auth record associated to `form.Token`.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *RecordPasswordResetConfirm) Submit(interceptors ...InterceptorFunc[*models.Record]) (*models.Record, error) {
-	if err := form.Validate(); err != nil {
-		return nil, err
-	}
-
-	authRecord, err := form.dao.FindAuthRecordByToken(
-		form.Token,
-		form.app.Settings().RecordPasswordResetToken.Secret,
-	)
-	if err != nil {
-		return nil, err
-	}
-
-	if err := authRecord.SetPassword(form.Password); err != nil {
-		return nil, err
-	}
-
-	if !authRecord.Verified() {
-		payload, err := security.ParseUnverifiedJWT(form.Token)
-		if err != nil {
-			return nil, err
-		}
-
-		// mark as verified if the email hasn't changed
-		if authRecord.Email() == cast.ToString(payload["email"]) {
-			authRecord.SetVerified(true)
-		}
-	}
-
-	interceptorsErr := runInterceptors(authRecord, func(m *models.Record) error {
-		authRecord = m
-		return form.dao.SaveRecord(authRecord)
-	}, interceptors...)
-
-	if interceptorsErr != nil {
-		return nil, interceptorsErr
-	}
-
-	return authRecord, nil
-}

forms/record_password_reset_confirm_test.go

@@ -1,196 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/security"
-)
-
-func TestRecordPasswordResetConfirmValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	scenarios := []struct {
-		jsonData       string
-		expectedErrors []string
-	}{
-		// empty data (Validate call check)
-		{
-			`{}`,
-			[]string{"token", "password", "passwordConfirm"},
-		},
-		// expired token
-		{
-			`{
-				"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoxNjQwOTkxNjYxfQ.TayHoXkOTM0w8InkBEb86npMJEaf6YVUrxrRmMgFjeY",
-				"password":"12345678",
-				"passwordConfirm":"12345678"
-			}`,
-			[]string{"token"},
-		},
-		// valid token but invalid passwords lengths
-		{
-			`{
-				"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoyMjA4OTg1MjYxfQ.R_4FOSUHIuJQ5Crl3PpIPCXMsoHzuTaNlccpXg_3FOg",
-				"password":"1234567",
-				"passwordConfirm":"1234567"
-			}`,
-			[]string{"password"},
-		},
-		// valid token but mismatched passwordConfirm
-		{
-			`{
-				"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoyMjA4OTg1MjYxfQ.R_4FOSUHIuJQ5Crl3PpIPCXMsoHzuTaNlccpXg_3FOg",
-				"password":"12345678",
-				"passwordConfirm":"12345679"
-			}`,
-			[]string{"passwordConfirm"},
-		},
-		// valid token and password
-		{
-			`{
-				"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoyMjA4OTg1MjYxfQ.R_4FOSUHIuJQ5Crl3PpIPCXMsoHzuTaNlccpXg_3FOg",
-				"password":"12345678",
-				"passwordConfirm":"12345678"
-			}`,
-			[]string{},
-		},
-	}
-
-	for i, s := range scenarios {
-		form := forms.NewRecordPasswordResetConfirm(testApp, authCollection)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("(%d) Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-			return func(r *models.Record) error {
-				interceptorCalls++
-				return next(r)
-			}
-		}
-
-		record, submitErr := form.Submit(interceptor)
-
-		// parse errors
-		errs, ok := submitErr.(validation.Errors)
-		if !ok && submitErr != nil {
-			t.Errorf("(%d) Failed to parse errors %v", i, submitErr)
-			continue
-		}
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if len(s.expectedErrors) > 0 {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		// check errors
-		if len(errs) > len(s.expectedErrors) {
-			t.Errorf("(%d) Expected error keys %v, got %v", i, s.expectedErrors, errs)
-		}
-		for _, k := range s.expectedErrors {
-			if _, ok := errs[k]; !ok {
-				t.Errorf("(%d) Missing expected error key %q in %v", i, k, errs)
-			}
-		}
-
-		if len(errs) > 0 || len(s.expectedErrors) > 0 {
-			continue
-		}
-
-		claims, _ := security.ParseUnverifiedJWT(form.Token)
-		tokenRecordId := claims["id"]
-
-		if record.Id != tokenRecordId {
-			t.Errorf("(%d) Expected record with id %s, got %v", i, tokenRecordId, record)
-		}
-
-		if !record.LastResetSentAt().IsZero() {
-			t.Errorf("(%d) Expected record.LastResetSentAt to be empty, got %v", i, record.LastResetSentAt())
-		}
-
-		if !record.ValidatePassword(form.Password) {
-			t.Errorf("(%d) Expected the record password to have been updated to %q", i, form.Password)
-		}
-	}
-}
-
-func TestRecordPasswordResetConfirmInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	authRecord, err := testApp.Dao().FindAuthRecordByEmail("users", "test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewRecordPasswordResetConfirm(testApp, authCollection)
-	form.Token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoyMjA4OTg1MjYxfQ.R_4FOSUHIuJQ5Crl3PpIPCXMsoHzuTaNlccpXg_3FOg"
-	form.Password = "1234567890"
-	form.PasswordConfirm = "1234567890"
-	interceptorTokenKey := authRecord.TokenKey()
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor1Called = true
-			return next(record)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptorTokenKey = record.TokenKey()
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	_, submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorTokenKey == authRecord.TokenKey() {
-		t.Fatalf("Expected the form model to be filled before calling the interceptors")
-	}
-}

forms/record_password_reset_request.go

@@ -1,92 +0,0 @@
-package forms
-
-import (
-	"errors"
-	"fmt"
-	"time"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/mails"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-// RecordPasswordResetRequest is an auth record reset password request form.
-type RecordPasswordResetRequest struct {
-	app             core.App
-	dao             *daos.Dao
-	collection      *models.Collection
-	resendThreshold float64 // in seconds
-
-	Email string `form:"email" json:"email"`
-}
-
-// NewRecordPasswordResetRequest creates a new [RecordPasswordResetRequest]
-// form initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordPasswordResetRequest(app core.App, collection *models.Collection) *RecordPasswordResetRequest {
-	return &RecordPasswordResetRequest{
-		app:             app,
-		dao:             app.Dao(),
-		collection:      collection,
-		resendThreshold: 120, // 2 min
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordPasswordResetRequest) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-//
-// This method doesn't check whether auth record with `form.Email` exists (this is done on Submit).
-func (form *RecordPasswordResetRequest) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.Email,
-			validation.Required,
-			validation.Length(1, 255),
-			is.EmailFormat,
-		),
-	)
-}
-
-// Submit validates and submits the form.
-// On success, sends a password reset email to the `form.Email` auth record.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *RecordPasswordResetRequest) Submit(interceptors ...InterceptorFunc[*models.Record]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	authRecord, err := form.dao.FindAuthRecordByEmail(form.collection.Id, form.Email)
-	if err != nil {
-		return fmt.Errorf("Failed to fetch %s record with email %s: %w", form.collection.Id, form.Email, err)
-	}
-
-	now := time.Now().UTC()
-	lastResetSentAt := authRecord.LastResetSentAt().Time()
-	if now.Sub(lastResetSentAt).Seconds() < form.resendThreshold {
-		return errors.New("You've already requested a password reset.")
-	}
-
-	return runInterceptors(authRecord, func(m *models.Record) error {
-		if err := mails.SendRecordPasswordReset(form.app, m); err != nil {
-			return err
-		}
-
-		// update last sent timestamp
-		m.Set(schema.FieldNameLastResetSentAt, types.NowDateTime())
-
-		return form.dao.SaveRecord(m)
-	}, interceptors...)
-}

forms/record_password_reset_request_test.go

@@ -1,174 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-	"time"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-func TestRecordPasswordResetRequestSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	scenarios := []struct {
-		jsonData    string
-		expectError bool
-	}{
-		// empty field (Validate call check)
-		{
-			`{"email":""}`,
-			true,
-		},
-		// invalid email field (Validate call check)
-		{
-			`{"email":"invalid"}`,
-			true,
-		},
-		// nonexisting user
-		{
-			`{"email":"missing@example.com"}`,
-			true,
-		},
-		// existing user
-		{
-			`{"email":"test@example.com"}`,
-			false,
-		},
-		// existing user - reached send threshod
-		{
-			`{"email":"test@example.com"}`,
-			true,
-		},
-	}
-
-	now := types.NowDateTime()
-	time.Sleep(1 * time.Millisecond)
-
-	for i, s := range scenarios {
-		testApp.TestMailer.TotalSend = 0 // reset
-		form := forms.NewRecordPasswordResetRequest(testApp, authCollection)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("(%d) Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-			return func(r *models.Record) error {
-				interceptorCalls++
-				return next(r)
-			}
-		}
-
-		err := form.Submit(interceptor)
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if s.expectError {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-
-		expectedMails := 1
-		if s.expectError {
-			expectedMails = 0
-		}
-		if testApp.TestMailer.TotalSend != expectedMails {
-			t.Errorf("(%d) Expected %d mail(s) to be sent, got %d", i, expectedMails, testApp.TestMailer.TotalSend)
-		}
-
-		if s.expectError {
-			continue
-		}
-
-		// check whether LastResetSentAt was updated
-		user, err := testApp.Dao().FindAuthRecordByEmail(authCollection.Id, form.Email)
-		if err != nil {
-			t.Errorf("(%d) Expected user with email %q to exist, got nil", i, form.Email)
-			continue
-		}
-
-		if user.LastResetSentAt().Time().Sub(now.Time()) < 0 {
-			t.Errorf("(%d) Expected LastResetSentAt to be after %v, got %v", i, now, user.LastResetSentAt())
-		}
-	}
-}
-
-func TestRecordPasswordResetRequestInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	authRecord, err := testApp.Dao().FindAuthRecordByEmail("users", "test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewRecordPasswordResetRequest(testApp, authCollection)
-	form.Email = authRecord.Email()
-	interceptorLastResetSentAt := authRecord.LastResetSentAt()
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor1Called = true
-			return next(record)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptorLastResetSentAt = record.LastResetSentAt()
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorLastResetSentAt.String() != authRecord.LastResetSentAt().String() {
-		t.Fatalf("Expected the form model to NOT be filled before calling the interceptors")
-	}
-}

forms/record_verification_confirm.go

@@ -1,116 +0,0 @@
-package forms
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tools/security"
-	"github.com/spf13/cast"
-)
-
-// RecordVerificationConfirm is an auth record email verification confirmation form.
-type RecordVerificationConfirm struct {
-	app        core.App
-	collection *models.Collection
-	dao        *daos.Dao
-
-	Token string `form:"token" json:"token"`
-}
-
-// NewRecordVerificationConfirm creates a new [RecordVerificationConfirm]
-// form initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordVerificationConfirm(app core.App, collection *models.Collection) *RecordVerificationConfirm {
-	return &RecordVerificationConfirm{
-		app:        app,
-		dao:        app.Dao(),
-		collection: collection,
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordVerificationConfirm) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *RecordVerificationConfirm) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(&form.Token, validation.Required, validation.By(form.checkToken)),
-	)
-}
-
-func (form *RecordVerificationConfirm) checkToken(value any) error {
-	v, _ := value.(string)
-	if v == "" {
-		return nil // nothing to check
-	}
-
-	claims, _ := security.ParseUnverifiedJWT(v)
-	email := cast.ToString(claims["email"])
-	if email == "" {
-		return validation.NewError("validation_invalid_token_claims", "Missing email token claim.")
-	}
-
-	record, err := form.dao.FindAuthRecordByToken(
-		v,
-		form.app.Settings().RecordVerificationToken.Secret,
-	)
-	if err != nil || record == nil {
-		return validation.NewError("validation_invalid_token", "Invalid or expired token.")
-	}
-
-	if record.Collection().Id != form.collection.Id {
-		return validation.NewError("validation_token_collection_mismatch", "The provided token is for different auth collection.")
-	}
-
-	if record.Email() != email {
-		return validation.NewError("validation_token_email_mismatch", "The record email doesn't match with the requested token claims.")
-	}
-
-	return nil
-}
-
-// Submit validates and submits the form.
-// On success returns the verified auth record associated to `form.Token`.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *RecordVerificationConfirm) Submit(interceptors ...InterceptorFunc[*models.Record]) (*models.Record, error) {
-	if err := form.Validate(); err != nil {
-		return nil, err
-	}
-
-	record, err := form.dao.FindAuthRecordByToken(
-		form.Token,
-		form.app.Settings().RecordVerificationToken.Secret,
-	)
-	if err != nil {
-		return nil, err
-	}
-
-	wasVerified := record.Verified()
-
-	if !wasVerified {
-		record.SetVerified(true)
-	}
-
-	interceptorsErr := runInterceptors(record, func(m *models.Record) error {
-		record = m
-
-		if wasVerified {
-			return nil // already verified
-		}
-
-		return form.dao.SaveRecord(m)
-	}, interceptors...)
-
-	if interceptorsErr != nil {
-		return nil, interceptorsErr
-	}
-
-	return record, nil
-}

forms/record_verification_confirm_test.go

@@ -1,156 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/security"
-)
-
-func TestRecordVerificationConfirmValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	scenarios := []struct {
-		jsonData    string
-		expectError bool
-	}{
-		// empty data (Validate call check)
-		{
-			`{}`,
-			true,
-		},
-		// expired token (Validate call check)
-		{
-			`{"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoxNjQwOTkxNjYxfQ.Avbt9IP8sBisVz_2AGrlxLDvangVq4PhL2zqQVYLKlE"}`,
-			true,
-		},
-		// valid token (already verified record)
-		{
-			`{"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6Im9hcDY0MGNvdDR5cnUycyIsImVtYWlsIjoidGVzdDJAZXhhbXBsZS5jb20iLCJjb2xsZWN0aW9uSWQiOiJfcGJfdXNlcnNfYXV0aF8iLCJ0eXBlIjoiYXV0aFJlY29yZCIsImV4cCI6MjIwODk4NTI2MX0.PsOABmYUzGbd088g8iIBL4-pf7DUZm0W5Ju6lL5JVRg"}`,
-			false,
-		},
-		// valid token (unverified record)
-		{
-			`{"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoyMjA4OTg1MjYxfQ.hL16TVmStHFdHLc4a860bRqJ3sFfzjv0_NRNzwsvsrc"}`,
-			false,
-		},
-	}
-
-	for i, s := range scenarios {
-		form := forms.NewRecordVerificationConfirm(testApp, authCollection)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("(%d) Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-			return func(r *models.Record) error {
-				interceptorCalls++
-				return next(r)
-			}
-		}
-
-		record, err := form.Submit(interceptor)
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if s.expectError {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-
-		if hasErr {
-			continue
-		}
-
-		claims, _ := security.ParseUnverifiedJWT(form.Token)
-		tokenRecordId := claims["id"]
-
-		if record.Id != tokenRecordId {
-			t.Errorf("(%d) Expected record.Id %q, got %q", i, tokenRecordId, record.Id)
-		}
-
-		if !record.Verified() {
-			t.Errorf("(%d) Expected record.Verified() to be true, got false", i)
-		}
-	}
-}
-
-func TestRecordVerificationConfirmInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	authRecord, err := testApp.Dao().FindAuthRecordByEmail("users", "test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewRecordVerificationConfirm(testApp, authCollection)
-	form.Token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjRxMXhsY2xtZmxva3UzMyIsImVtYWlsIjoidGVzdEBleGFtcGxlLmNvbSIsImNvbGxlY3Rpb25JZCI6Il9wYl91c2Vyc19hdXRoXyIsInR5cGUiOiJhdXRoUmVjb3JkIiwiZXhwIjoyMjA4OTg1MjYxfQ.hL16TVmStHFdHLc4a860bRqJ3sFfzjv0_NRNzwsvsrc"
-	interceptorVerified := authRecord.Verified()
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor1Called = true
-			return next(record)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptorVerified = record.Verified()
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	_, submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorVerified == authRecord.Verified() {
-		t.Fatalf("Expected the form model to be filled before calling the interceptors")
-	}
-}

forms/record_verification_request.go

@@ -1,101 +0,0 @@
-package forms
-
-import (
-	"errors"
-	"time"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/mails"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-// RecordVerificationRequest is an auth record email verification request form.
-type RecordVerificationRequest struct {
-	app             core.App
-	collection      *models.Collection
-	dao             *daos.Dao
-	resendThreshold float64 // in seconds
-
-	Email string `form:"email" json:"email"`
-}
-
-// NewRecordVerificationRequest creates a new [RecordVerificationRequest]
-// form initialized with from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewRecordVerificationRequest(app core.App, collection *models.Collection) *RecordVerificationRequest {
-	return &RecordVerificationRequest{
-		app:             app,
-		dao:             app.Dao(),
-		collection:      collection,
-		resendThreshold: 120, // 2 min
-	}
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *RecordVerificationRequest) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-//
-// // This method doesn't verify that auth record with `form.Email` exists (this is done on Submit).
-func (form *RecordVerificationRequest) Validate() error {
-	return validation.ValidateStruct(form,
-		validation.Field(
-			&form.Email,
-			validation.Required,
-			validation.Length(1, 255),
-			is.EmailFormat,
-		),
-	)
-}
-
-// Submit validates and sends a verification request email
-// to the `form.Email` auth record.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *RecordVerificationRequest) Submit(interceptors ...InterceptorFunc[*models.Record]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	record, err := form.dao.FindFirstRecordByData(
-		form.collection.Id,
-		schema.FieldNameEmail,
-		form.Email,
-	)
-	if err != nil {
-		return err
-	}
-
-	if !record.Verified() {
-		now := time.Now().UTC()
-		lastVerificationSentAt := record.LastVerificationSentAt().Time()
-		if (now.Sub(lastVerificationSentAt)).Seconds() < form.resendThreshold {
-			return errors.New("A verification email was already sent.")
-		}
-	}
-
-	return runInterceptors(record, func(m *models.Record) error {
-		if m.Verified() {
-			return nil // already verified
-		}
-
-		if err := mails.SendRecordVerification(form.app, m); err != nil {
-			return err
-		}
-
-		// update last sent timestamp
-		m.SetLastVerificationSentAt(types.NowDateTime())
-
-		return form.dao.SaveRecord(m)
-	}, interceptors...)
-}

forms/record_verification_request_test.go

@@ -1,192 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"testing"
-	"time"
-
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-func TestRecordVerificationRequestSubmit(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("clients")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	scenarios := []struct {
-		jsonData    string
-		expectError bool
-		expectMail  bool
-	}{
-		// empty field (Validate call check)
-		{
-			`{"email":""}`,
-			true,
-			false,
-		},
-		// invalid email field (Validate call check)
-		{
-			`{"email":"invalid"}`,
-			true,
-			false,
-		},
-		// nonexisting user
-		{
-			`{"email":"missing@example.com"}`,
-			true,
-			false,
-		},
-		// existing user (already verified)
-		{
-			`{"email":"test@example.com"}`,
-			false,
-			false,
-		},
-		// existing user (already verified) - repeating request to test threshod skip
-		{
-			`{"email":"test@example.com"}`,
-			false,
-			false,
-		},
-		// existing user (unverified)
-		{
-			`{"email":"test2@example.com"}`,
-			false,
-			true,
-		},
-		// existing user (inverified) - reached send threshod
-		{
-			`{"email":"test2@example.com"}`,
-			true,
-			false,
-		},
-	}
-
-	now := types.NowDateTime()
-	time.Sleep(1 * time.Millisecond)
-
-	for i, s := range scenarios {
-		testApp.TestMailer.TotalSend = 0 // reset
-		form := forms.NewRecordVerificationRequest(testApp, authCollection)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("[%d] Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-			return func(r *models.Record) error {
-				interceptorCalls++
-				return next(r)
-			}
-		}
-
-		err := form.Submit(interceptor)
-
-		// check interceptor calls
-		expectInterceptorCalls := 1
-		if s.expectError {
-			expectInterceptorCalls = 0
-		}
-		if interceptorCalls != expectInterceptorCalls {
-			t.Errorf("[%d] Expected interceptor to be called %d, got %d", i, expectInterceptorCalls, interceptorCalls)
-		}
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("[%d] Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-
-		expectedMails := 0
-		if s.expectMail {
-			expectedMails = 1
-		}
-		if testApp.TestMailer.TotalSend != expectedMails {
-			t.Errorf("[%d] Expected %d mail(s) to be sent, got %d", i, expectedMails, testApp.TestMailer.TotalSend)
-		}
-
-		if s.expectError {
-			continue
-		}
-
-		user, err := testApp.Dao().FindAuthRecordByEmail(authCollection.Id, form.Email)
-		if err != nil {
-			t.Errorf("[%d] Expected user with email %q to exist, got nil", i, form.Email)
-			continue
-		}
-
-		// check whether LastVerificationSentAt was updated
-		if !user.Verified() && user.LastVerificationSentAt().Time().Sub(now.Time()) < 0 {
-			t.Errorf("[%d] Expected LastVerificationSentAt to be after %v, got %v", i, now, user.LastVerificationSentAt())
-		}
-	}
-}
-
-func TestRecordVerificationRequestInterceptors(t *testing.T) {
-	t.Parallel()
-
-	testApp, _ := tests.NewTestApp()
-	defer testApp.Cleanup()
-
-	authCollection, err := testApp.Dao().FindCollectionByNameOrId("users")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	authRecord, err := testApp.Dao().FindAuthRecordByEmail("users", "test@example.com")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	form := forms.NewRecordVerificationRequest(testApp, authCollection)
-	form.Email = authRecord.Email()
-	interceptorLastVerificationSentAt := authRecord.LastVerificationSentAt()
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptor1Called = true
-			return next(record)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*models.Record]) forms.InterceptorNextFunc[*models.Record] {
-		return func(record *models.Record) error {
-			interceptorLastVerificationSentAt = record.LastVerificationSentAt()
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-
-	if interceptorLastVerificationSentAt.String() != authRecord.LastVerificationSentAt().String() {
-		t.Fatalf("Expected the form model to NOT be filled before calling the interceptors")
-	}
-}

forms/settings_upsert.go

@@ -1,90 +0,0 @@
-package forms
-
-import (
-	"os"
-	"time"
-
-	"github.com/pocketbase/dbx"
-	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/settings"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-// SettingsUpsert is a [settings.Settings] upsert (create/update) form.
-type SettingsUpsert struct {
-	*settings.Settings
-
-	app core.App
-	dao *daos.Dao
-}
-
-// NewSettingsUpsert creates a new [SettingsUpsert] form with initializer
-// config created from the provided [core.App] instance.
-//
-// If you want to submit the form as part of a transaction,
-// you can change the default Dao via [SetDao()].
-func NewSettingsUpsert(app core.App) *SettingsUpsert {
-	form := &SettingsUpsert{
-		app: app,
-		dao: app.Dao(),
-	}
-
-	// load the application settings into the form
-	form.Settings, _ = app.Settings().Clone()
-
-	return form
-}
-
-// SetDao replaces the default form Dao instance with the provided one.
-func (form *SettingsUpsert) SetDao(dao *daos.Dao) {
-	form.dao = dao
-}
-
-// Validate makes the form validatable by implementing [validation.Validatable] interface.
-func (form *SettingsUpsert) Validate() error {
-	return form.Settings.Validate()
-}
-
-// Submit validates the form and upserts the loaded settings.
-//
-// On success the app settings will be refreshed with the form ones.
-//
-// You can optionally provide a list of InterceptorFunc to further
-// modify the form behavior before persisting it.
-func (form *SettingsUpsert) Submit(interceptors ...InterceptorFunc[*settings.Settings]) error {
-	if err := form.Validate(); err != nil {
-		return err
-	}
-
-	return runInterceptors(form.Settings, func(s *settings.Settings) error {
-		form.Settings = s
-
-		// persists settings change
-		encryptionKey := os.Getenv(form.app.EncryptionEnv())
-		if err := form.dao.SaveSettings(form.Settings, encryptionKey); err != nil {
-			return err
-		}
-
-		// reload app settings
-		if err := form.app.RefreshSettings(); err != nil {
-			return err
-		}
-
-		// try to clear old logs not matching the new settings
-		createdBefore := time.Now().AddDate(0, 0, -1*form.Settings.Logs.MaxDays).UTC().Format(types.DefaultDateLayout)
-		expr := dbx.NewExp("[[created]] <= {:date} OR [[level]] < {:level}", dbx.Params{
-			"date":  createdBefore,
-			"level": form.Settings.Logs.MinLevel,
-		})
-		form.app.LogsDao().NonconcurrentDB().Delete((&models.Log{}).TableName(), expr).Execute()
-
-		// no logs are allowed -> try to reclaim preserved disk space after the previous delete operation
-		if form.Settings.Logs.MaxDays == 0 {
-			form.app.LogsDao().Vacuum()
-		}
-
-		return nil
-	}, interceptors...)
-}

forms/settings_upsert_test.go

@@ -1,172 +0,0 @@
-package forms_test
-
-import (
-	"encoding/json"
-	"errors"
-	"os"
-	"testing"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/forms"
-	"github.com/pocketbase/pocketbase/models/settings"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/security"
-)
-
-func TestNewSettingsUpsert(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	app.Settings().Meta.AppName = "name_update"
-
-	form := forms.NewSettingsUpsert(app)
-
-	formSettings, _ := json.Marshal(form.Settings)
-	appSettings, _ := json.Marshal(app.Settings())
-
-	if string(formSettings) != string(appSettings) {
-		t.Errorf("Expected settings \n%s, got \n%s", string(appSettings), string(formSettings))
-	}
-}
-
-func TestSettingsUpsertValidateAndSubmit(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	scenarios := []struct {
-		jsonData       string
-		encryption     bool
-		expectedErrors []string
-	}{
-		// empty (plain)
-		{"{}", false, nil},
-		// empty (encrypt)
-		{"{}", true, nil},
-		// failure - invalid data
-		{
-			`{"meta": {"appName": ""}, "logs": {"maxDays": -1}}`,
-			false,
-			[]string{"meta", "logs"},
-		},
-		// success - valid data (plain)
-		{
-			`{"meta": {"appName": "test"}, "logs": {"maxDays": 0}}`,
-			false,
-			nil,
-		},
-		// success - valid data (encrypt)
-		{
-			`{"meta": {"appName": "test"}, "logs": {"maxDays": 7}}`,
-			true,
-			nil,
-		},
-	}
-
-	for i, s := range scenarios {
-		if s.encryption {
-			os.Setenv(app.EncryptionEnv(), security.RandomString(32))
-		} else {
-			os.Unsetenv(app.EncryptionEnv())
-		}
-
-		form := forms.NewSettingsUpsert(app)
-
-		// load data
-		loadErr := json.Unmarshal([]byte(s.jsonData), form)
-		if loadErr != nil {
-			t.Errorf("(%d) Failed to load form data: %v", i, loadErr)
-			continue
-		}
-
-		interceptorCalls := 0
-		interceptor := func(next forms.InterceptorNextFunc[*settings.Settings]) forms.InterceptorNextFunc[*settings.Settings] {
-			return func(s *settings.Settings) error {
-				interceptorCalls++
-				return next(s)
-			}
-		}
-
-		// parse errors
-		result := form.Submit(interceptor)
-		errs, ok := result.(validation.Errors)
-		if !ok && result != nil {
-			t.Errorf("(%d) Failed to parse errors %v", i, result)
-			continue
-		}
-
-		// check interceptor calls
-		expectInterceptorCall := 1
-		if len(s.expectedErrors) > 0 {
-			expectInterceptorCall = 0
-		}
-		if interceptorCalls != expectInterceptorCall {
-			t.Errorf("(%d) Expected interceptor to be called %d, got %d", i, expectInterceptorCall, interceptorCalls)
-		}
-
-		// check errors
-		if len(errs) > len(s.expectedErrors) {
-			t.Errorf("(%d) Expected error keys %v, got %v", i, s.expectedErrors, errs)
-		}
-		for _, k := range s.expectedErrors {
-			if _, ok := errs[k]; !ok {
-				t.Errorf("(%d) Missing expected error key %q in %v", i, k, errs)
-			}
-		}
-
-		if len(s.expectedErrors) > 0 {
-			continue
-		}
-
-		formSettings, _ := json.Marshal(form.Settings)
-		appSettings, _ := json.Marshal(app.Settings())
-
-		if string(formSettings) != string(appSettings) {
-			t.Errorf("Expected app settings \n%s, got \n%s", string(appSettings), string(formSettings))
-		}
-	}
-}
-
-func TestSettingsUpsertSubmitInterceptors(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	form := forms.NewSettingsUpsert(app)
-	form.Meta.AppName = "test_new"
-
-	testErr := errors.New("test_error")
-
-	interceptor1Called := false
-	interceptor1 := func(next forms.InterceptorNextFunc[*settings.Settings]) forms.InterceptorNextFunc[*settings.Settings] {
-		return func(s *settings.Settings) error {
-			interceptor1Called = true
-			return next(s)
-		}
-	}
-
-	interceptor2Called := false
-	interceptor2 := func(next forms.InterceptorNextFunc[*settings.Settings]) forms.InterceptorNextFunc[*settings.Settings] {
-		return func(s *settings.Settings) error {
-			interceptor2Called = true
-			return testErr
-		}
-	}
-
-	submitErr := form.Submit(interceptor1, interceptor2)
-	if submitErr != testErr {
-		t.Fatalf("Expected submitError %v, got %v", testErr, submitErr)
-	}
-
-	if !interceptor1Called {
-		t.Fatalf("Expected interceptor1 to be called")
-	}
-
-	if !interceptor2Called {
-		t.Fatalf("Expected interceptor2 to be called")
-	}
-}

forms/test_email_send.go

@@ -1,26 +1,29 @@
 package forms
 
 import (
+	"errors"
+
 	validation "github.com/go-ozzo/ozzo-validation/v4"
 	"github.com/go-ozzo/ozzo-validation/v4/is"
 	"github.com/pocketbase/pocketbase/core"
 	"github.com/pocketbase/pocketbase/mails"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
 )
 
 const (
-	templateVerification  = "verification"
-	templatePasswordReset = "password-reset"
-	templateEmailChange   = "email-change"
+	TestTemplateVerification  = "verification"
+	TestTemplatePasswordReset = "password-reset"
+	TestTemplateEmailChange   = "email-change"
+	TestTemplateOTP           = "otp"
+	TestTemplateAuthAlert     = "login-alert"
 )
 
 // TestEmailSend is a email template test request form.
 type TestEmailSend struct {
 	app core.App
 
-	Template string `form:"template" json:"template"`
-	Email    string `form:"email" json:"email"`
+	Email      string `form:"email" json:"email"`
+	Template   string `form:"template" json:"template"`
+	Collection string `form:"collection" json:"collection"` // optional, fallbacks to _superusers
 }
 
 // NewTestEmailSend creates and initializes new TestEmailSend form.
@@ -31,6 +34,11 @@ func NewTestEmailSend(app core.App) *TestEmailSend {
 // Validate makes the form validatable by implementing [validation.Validatable] interface.
 func (form *TestEmailSend) Validate() error {
 	return validation.ValidateStruct(form,
+		validation.Field(
+			&form.Collection,
+			validation.Length(1, 255),
+			validation.By(form.checkAuthCollection),
+		),
 		validation.Field(
 			&form.Email,
 			validation.Required,
@@ -40,38 +48,69 @@ func (form *TestEmailSend) Validate() error {
 		validation.Field(
 			&form.Template,
 			validation.Required,
-			validation.In(templateVerification, templatePasswordReset, templateEmailChange),
+			validation.In(
+				TestTemplateVerification,
+				TestTemplatePasswordReset,
+				TestTemplateEmailChange,
+				TestTemplateOTP,
+				TestTemplateAuthAlert,
+			),
 		),
 	)
 }
 
+func (form *TestEmailSend) checkAuthCollection(value any) error {
+	v, _ := value.(string)
+	if v == "" {
+		return nil // nothing to check
+	}
+
+	c, _ := form.app.FindCollectionByNameOrId(v)
+	if c == nil || !c.IsAuth() {
+		return validation.NewError("validation_invalid_auth_collection", "Must be a valid auth collection id or name.")
+	}
+
+	return nil
+}
+
 // Submit validates and sends a test email to the form.Email address.
 func (form *TestEmailSend) Submit() error {
 	if err := form.Validate(); err != nil {
 		return err
 	}
 
-	// create a test auth record
-	collection := &models.Collection{
-		BaseModel: models.BaseModel{Id: "__pb_test_collection_id__"},
-		Name:      "__pb_test_collection_name__",
-		Type:      models.CollectionTypeAuth,
+	collectionIdOrName := form.Collection
+	if collectionIdOrName == "" {
+		collectionIdOrName = core.CollectionNameSuperusers
 	}
 
-	record := models.NewRecord(collection)
-	record.Id = "__pb_test_id__"
-	record.Set(schema.FieldNameUsername, "pb_test")
-	record.Set(schema.FieldNameEmail, form.Email)
+	collection, err := form.app.FindCollectionByNameOrId(collectionIdOrName)
+	if err != nil {
+		return err
+	}
+
+	record := core.NewRecord(collection)
+	for _, field := range collection.Fields {
+		if field.GetHidden() {
+			continue
+		}
+		record.Set(field.GetName(), "__pb_test_"+field.GetName()+"__")
+	}
 	record.RefreshTokenKey()
+	record.SetEmail(form.Email)
 
 	switch form.Template {
-	case templateVerification:
+	case TestTemplateVerification:
 		return mails.SendRecordVerification(form.app, record)
-	case templatePasswordReset:
+	case TestTemplatePasswordReset:
 		return mails.SendRecordPasswordReset(form.app, record)
-	case templateEmailChange:
+	case TestTemplateEmailChange:
 		return mails.SendRecordChangeEmail(form.app, record, form.Email)
+	case TestTemplateOTP:
+		return mails.SendRecordOTP(form.app, record, "OTP_ID", "123456")
+	case TestTemplateAuthAlert:
+		return mails.SendRecordAuthAlert(form.app, record)
+	default:
+		return errors.New("unknown template " + form.Template)
 	}
-
-	return nil
 }

forms/test_email_send_test.go

@@ -1,6 +1,7 @@
 package forms_test
 
 import (
+	"fmt"
 	"strings"
 	"testing"
 
@@ -15,43 +16,46 @@ func TestEmailSendValidateAndSubmit(t *testing.T) {
 	scenarios := []struct {
 		template       string
 		email          string
+		collection     string
 		expectedErrors []string
 	}{
-		{"", "", []string{"template", "email"}},
-		{"invalid", "test@example.com", []string{"template"}},
-		{"verification", "invalid", []string{"email"}},
-		{"verification", "test@example.com", nil},
-		{"password-reset", "test@example.com", nil},
-		{"email-change", "test@example.com", nil},
+		{"", "", "", []string{"template", "email"}},
+		{"invalid", "test@example.com", "", []string{"template"}},
+		{forms.TestTemplateVerification, "invalid", "", []string{"email"}},
+		{forms.TestTemplateVerification, "test@example.com", "invalid", []string{"collection"}},
+		{forms.TestTemplateVerification, "test@example.com", "demo1", []string{"collection"}},
+		{forms.TestTemplateVerification, "test@example.com", "users", nil},
+		{forms.TestTemplatePasswordReset, "test@example.com", "", nil},
+		{forms.TestTemplateEmailChange, "test@example.com", "", nil},
+		{forms.TestTemplateOTP, "test@example.com", "", nil},
+		{forms.TestTemplateAuthAlert, "test@example.com", "", nil},
 	}
 
 	for i, s := range scenarios {
-		func() {
+		t.Run(fmt.Sprintf("%d_%s", i, s.template), func(t *testing.T) {
 			app, _ := tests.NewTestApp()
 			defer app.Cleanup()
 
 			form := forms.NewTestEmailSend(app)
 			form.Email = s.email
 			form.Template = s.template
+			form.Collection = s.collection
 
 			result := form.Submit()
 
 			// parse errors
 			errs, ok := result.(validation.Errors)
 			if !ok && result != nil {
-				t.Errorf("(%d) Failed to parse errors %v", i, result)
-				return
+				t.Fatalf("Failed to parse errors %v", result)
 			}
 
 			// check errors
 			if len(errs) > len(s.expectedErrors) {
-				t.Errorf("(%d) Expected error keys %v, got %v", i, s.expectedErrors, errs)
-				return
+				t.Fatalf("Expected error keys %v, got %v", s.expectedErrors, errs)
 			}
 			for _, k := range s.expectedErrors {
 				if _, ok := errs[k]; !ok {
-					t.Errorf("(%d) Missing expected error key %q in %v", i, k, errs)
-					return
+					t.Fatalf("Missing expected error key %q in %v", k, errs)
 				}
 			}
 
@@ -60,24 +64,33 @@ func TestEmailSendValidateAndSubmit(t *testing.T) {
 				expectedEmails = 0
 			}
 
-			if app.TestMailer.TotalSend != expectedEmails {
-				t.Errorf("(%d) Expected %d email(s) to be sent, got %d", i, expectedEmails, app.TestMailer.TotalSend)
+			if app.TestMailer.TotalSend() != expectedEmails {
+				t.Fatalf("Expected %d email(s) to be sent, got %d", expectedEmails, app.TestMailer.TotalSend())
 			}
 
 			if len(s.expectedErrors) > 0 {
 				return
 			}
 
-			expectedContent := "Verify"
-			if s.template == "password-reset" {
+			var expectedContent string
+			switch s.template {
+			case forms.TestTemplatePasswordReset:
 				expectedContent = "Reset password"
-			} else if s.template == "email-change" {
+			case forms.TestTemplateEmailChange:
 				expectedContent = "Confirm new email"
+			case forms.TestTemplateVerification:
+				expectedContent = "Verify"
+			case forms.TestTemplateOTP:
+				expectedContent = "one-time password"
+			case forms.TestTemplateAuthAlert:
+				expectedContent = "from a new location"
+			default:
+				expectedContent = "__UNKNOWN_TEMPLATE__"
 			}
 
-			if !strings.Contains(app.TestMailer.LastMessage.HTML, expectedContent) {
-				t.Errorf("(%d) Expected the email to contains %s, got \n%v", i, expectedContent, app.TestMailer.LastMessage.HTML)
+			if !strings.Contains(app.TestMailer.LastMessage().HTML, expectedContent) {
+				t.Errorf("Expected the email to contains %q, got\n%v", expectedContent, app.TestMailer.LastMessage().HTML)
 			}
-		}()
+		})
 	}
 }

forms/test_s3_filesystem.go

@@ -6,7 +6,6 @@ import (
 
 	validation "github.com/go-ozzo/ozzo-validation/v4"
 	"github.com/pocketbase/pocketbase/core"
-	"github.com/pocketbase/pocketbase/models/settings"
 	"github.com/pocketbase/pocketbase/tools/filesystem"
 	"github.com/pocketbase/pocketbase/tools/security"
 )
@@ -46,7 +45,7 @@ func (form *TestS3Filesystem) Submit() error {
 		return err
 	}
 
-	var s3Config settings.S3Config
+	var s3Config core.S3Config
 
 	if form.Filesystem == s3FilesystemBackups {
 		s3Config = form.app.Settings().Backups.S3

forms/test_s3_filesystem_test.go

@@ -11,9 +11,6 @@ import (
 func TestS3FilesystemValidate(t *testing.T) {
 	t.Parallel()
 
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
 	scenarios := []struct {
 		name           string
 		filesystem     string
@@ -42,28 +39,31 @@ func TestS3FilesystemValidate(t *testing.T) {
 	}
 
 	for _, s := range scenarios {
-		form := forms.NewTestS3Filesystem(app)
-		form.Filesystem = s.filesystem
+		t.Run(s.name, func(t *testing.T) {
+			app, _ := tests.NewTestApp()
+			defer app.Cleanup()
 
-		result := form.Validate()
+			form := forms.NewTestS3Filesystem(app)
+			form.Filesystem = s.filesystem
 
-		// parse errors
-		errs, ok := result.(validation.Errors)
-		if !ok && result != nil {
-			t.Errorf("[%s] Failed to parse errors %v", s.name, result)
-			continue
-		}
+			result := form.Validate()
 
-		// check errors
-		if len(errs) > len(s.expectedErrors) {
-			t.Errorf("[%s] Expected error keys %v, got %v", s.name, s.expectedErrors, errs)
-			continue
-		}
-		for _, k := range s.expectedErrors {
-			if _, ok := errs[k]; !ok {
-				t.Errorf("[%s] Missing expected error key %q in %v", s.name, k, errs)
+			// parse errors
+			errs, ok := result.(validation.Errors)
+			if !ok && result != nil {
+				t.Fatalf("Failed to parse errors %v", result)
 			}
-		}
+
+			// check errors
+			if len(errs) > len(s.expectedErrors) {
+				t.Fatalf("Expected error keys %v, got %v", s.expectedErrors, errs)
+			}
+			for _, k := range s.expectedErrors {
+				if _, ok := errs[k]; !ok {
+					t.Fatalf("Missing expected error key %q in %v", k, errs)
+				}
+			}
+		})
 	}
 }
 

forms/validators/file.go

@@ -1,85 +0,0 @@
-package validators
-
-import (
-	"fmt"
-	"strings"
-
-	"github.com/gabriel-vasile/mimetype"
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/pocketbase/tools/filesystem"
-)
-
-// UploadedFileSize checks whether the validated `rest.UploadedFile`
-// size is no more than the provided maxBytes.
-//
-// Example:
-//
-//	validation.Field(&form.File, validation.By(validators.UploadedFileSize(1000)))
-func UploadedFileSize(maxBytes int) validation.RuleFunc {
-	return func(value any) error {
-		v, _ := value.(*filesystem.File)
-		if v == nil {
-			return nil // nothing to validate
-		}
-
-		if int(v.Size) > maxBytes {
-			return validation.NewError(
-				"validation_file_size_limit",
-				fmt.Sprintf("Failed to upload %q - the maximum allowed file size is %v bytes.", v.OriginalName, maxBytes),
-			)
-		}
-
-		return nil
-	}
-}
-
-// UploadedFileMimeType checks whether the validated `rest.UploadedFile`
-// mimetype is within the provided allowed mime types.
-//
-// Example:
-//
-//	validMimeTypes := []string{"test/plain","image/jpeg"}
-//	validation.Field(&form.File, validation.By(validators.UploadedFileMimeType(validMimeTypes)))
-func UploadedFileMimeType(validTypes []string) validation.RuleFunc {
-	return func(value any) error {
-		v, _ := value.(*filesystem.File)
-		if v == nil {
-			return nil // nothing to validate
-		}
-
-		baseErr := validation.NewError(
-			"validation_invalid_mime_type",
-			fmt.Sprintf("Failed to upload %q due to unsupported file type.", v.OriginalName),
-		)
-
-		if len(validTypes) == 0 {
-			return baseErr
-		}
-
-		f, err := v.Reader.Open()
-		if err != nil {
-			return baseErr
-		}
-		defer f.Close()
-
-		filetype, err := mimetype.DetectReader(f)
-		if err != nil {
-			return baseErr
-		}
-
-		for _, t := range validTypes {
-			if filetype.Is(t) {
-				return nil // valid
-			}
-		}
-
-		return validation.NewError(
-			"validation_invalid_mime_type",
-			fmt.Sprintf(
-				"%q mime type must be one of: %s.",
-				v.Name,
-				strings.Join(validTypes, ", "),
-			),
-		)
-	}
-}

forms/validators/file_test.go

@@ -1,97 +0,0 @@
-package validators_test
-
-import (
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms/validators"
-	"github.com/pocketbase/pocketbase/tests"
-	"github.com/pocketbase/pocketbase/tools/filesystem"
-	"github.com/pocketbase/pocketbase/tools/rest"
-)
-
-func TestUploadedFileSize(t *testing.T) {
-	t.Parallel()
-
-	data, mp, err := tests.MockMultipartData(nil, "test")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	req := httptest.NewRequest(http.MethodPost, "/", data)
-	req.Header.Add("Content-Type", mp.FormDataContentType())
-
-	files, err := rest.FindUploadedFiles(req, "test")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if len(files) != 1 {
-		t.Fatalf("Expected one test file, got %d", len(files))
-	}
-
-	scenarios := []struct {
-		maxBytes    int
-		file        *filesystem.File
-		expectError bool
-	}{
-		{0, nil, false},
-		{4, nil, false},
-		{3, files[0], true}, // all test files have "test" as content
-		{4, files[0], false},
-		{5, files[0], false},
-	}
-
-	for i, s := range scenarios {
-		err := validators.UploadedFileSize(s.maxBytes)(s.file)
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-	}
-}
-
-func TestUploadedFileMimeType(t *testing.T) {
-	t.Parallel()
-
-	data, mp, err := tests.MockMultipartData(nil, "test")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	req := httptest.NewRequest(http.MethodPost, "/", data)
-	req.Header.Add("Content-Type", mp.FormDataContentType())
-
-	files, err := rest.FindUploadedFiles(req, "test")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	if len(files) != 1 {
-		t.Fatalf("Expected one test file, got %d", len(files))
-	}
-
-	scenarios := []struct {
-		types       []string
-		file        *filesystem.File
-		expectError bool
-	}{
-		{nil, nil, false},
-		{[]string{"image/jpeg"}, nil, false},
-		{[]string{}, files[0], true},
-		{[]string{"image/jpeg"}, files[0], true},
-		// test files are detected as "text/plain; charset=utf-8" content type
-		{[]string{"image/jpeg", "text/plain; charset=utf-8"}, files[0], false},
-	}
-
-	for i, s := range scenarios {
-		err := validators.UploadedFileMimeType(s.types)(s.file)
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-	}
-}

forms/validators/model.go

@@ -1,39 +0,0 @@
-package validators
-
-import (
-	"database/sql"
-	"errors"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/pocketbase/dbx"
-	"github.com/pocketbase/pocketbase/daos"
-)
-
-// UniqueId checks whether the provided model id already exists.
-//
-// Example:
-//
-//	validation.Field(&form.Id, validation.By(validators.UniqueId(form.dao, tableName)))
-func UniqueId(dao *daos.Dao, tableName string) validation.RuleFunc {
-	return func(value any) error {
-		v, _ := value.(string)
-		if v == "" {
-			return nil // nothing to check
-		}
-
-		var foundId string
-
-		err := dao.DB().
-			Select("id").
-			From(tableName).
-			Where(dbx.HashExp{"id": v}).
-			Limit(1).
-			Row(&foundId)
-
-		if (err != nil && !errors.Is(err, sql.ErrNoRows)) || foundId != "" {
-			return validation.NewError("validation_invalid_id", "The model id is invalid or already exists.")
-		}
-
-		return nil
-	}
-}

forms/validators/model_test.go

@@ -1,36 +0,0 @@
-package validators_test
-
-import (
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms/validators"
-	"github.com/pocketbase/pocketbase/tests"
-)
-
-func TestUniqueId(t *testing.T) {
-	t.Parallel()
-
-	app, _ := tests.NewTestApp()
-	defer app.Cleanup()
-
-	scenarios := []struct {
-		id          string
-		tableName   string
-		expectError bool
-	}{
-		{"", "", false},
-		{"test", "", true},
-		{"wsmn24bux7wo113", "_collections", true},
-		{"test_unique_id", "unknown_table", true},
-		{"test_unique_id", "_collections", false},
-	}
-
-	for i, s := range scenarios {
-		err := validators.UniqueId(app.Dao(), s.tableName)(s.id)
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-	}
-}

forms/validators/record_data.go

@@ -1,393 +0,0 @@
-package validators
-
-import (
-	"fmt"
-	"net/url"
-	"regexp"
-	"strings"
-
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-	"github.com/go-ozzo/ozzo-validation/v4/is"
-	"github.com/pocketbase/dbx"
-	"github.com/pocketbase/pocketbase/daos"
-	"github.com/pocketbase/pocketbase/models"
-	"github.com/pocketbase/pocketbase/models/schema"
-	"github.com/pocketbase/pocketbase/tools/filesystem"
-	"github.com/pocketbase/pocketbase/tools/list"
-	"github.com/pocketbase/pocketbase/tools/types"
-)
-
-var requiredErr = validation.NewError("validation_required", "Missing required value")
-
-// NewRecordDataValidator creates new [models.Record] data validator
-// using the provided record constraints and schema.
-//
-// Example:
-//
-//	validator := NewRecordDataValidator(app.Dao(), record, nil)
-//	err := validator.Validate(map[string]any{"test":123})
-func NewRecordDataValidator(
-	dao *daos.Dao,
-	record *models.Record,
-	uploadedFiles map[string][]*filesystem.File,
-) *RecordDataValidator {
-	return &RecordDataValidator{
-		dao:           dao,
-		record:        record,
-		uploadedFiles: uploadedFiles,
-	}
-}
-
-// RecordDataValidator defines a  model.Record data validator
-// using the provided record constraints and schema.
-type RecordDataValidator struct {
-	dao           *daos.Dao
-	record        *models.Record
-	uploadedFiles map[string][]*filesystem.File
-}
-
-// Validate validates the provided `data` by checking it against
-// the validator record constraints and schema.
-func (validator *RecordDataValidator) Validate(data map[string]any) error {
-	keyedSchema := validator.record.Collection().Schema.AsMap()
-	if len(keyedSchema) == 0 {
-		return nil // no fields to check
-	}
-
-	if len(data) == 0 {
-		return validation.NewError("validation_empty_data", "No data to validate")
-	}
-
-	errs := validation.Errors{}
-
-	// check for unknown fields
-	for key := range data {
-		if _, ok := keyedSchema[key]; !ok {
-			errs[key] = validation.NewError("validation_unknown_field", "Unknown field")
-		}
-	}
-	if len(errs) > 0 {
-		return errs
-	}
-
-	for key, field := range keyedSchema {
-		// normalize value to emulate the same behavior
-		// when fetching or persisting the record model
-		value := field.PrepareValue(data[key])
-
-		// check required constraint
-		if field.Required && validation.Required.Validate(value) != nil {
-			errs[key] = requiredErr
-			continue
-		}
-
-		// validate field value by its field type
-		if err := validator.checkFieldValue(field, value); err != nil {
-			errs[key] = err
-			continue
-		}
-	}
-
-	if len(errs) == 0 {
-		return nil
-	}
-
-	return errs
-}
-
-func (validator *RecordDataValidator) checkFieldValue(field *schema.SchemaField, value any) error {
-	switch field.Type {
-	case schema.FieldTypeText:
-		return validator.checkTextValue(field, value)
-	case schema.FieldTypeNumber:
-		return validator.checkNumberValue(field, value)
-	case schema.FieldTypeBool:
-		return validator.checkBoolValue(field, value)
-	case schema.FieldTypeEmail:
-		return validator.checkEmailValue(field, value)
-	case schema.FieldTypeUrl:
-		return validator.checkUrlValue(field, value)
-	case schema.FieldTypeEditor:
-		return validator.checkEditorValue(field, value)
-	case schema.FieldTypeDate:
-		return validator.checkDateValue(field, value)
-	case schema.FieldTypeSelect:
-		return validator.checkSelectValue(field, value)
-	case schema.FieldTypeJson:
-		return validator.checkJsonValue(field, value)
-	case schema.FieldTypeFile:
-		return validator.checkFileValue(field, value)
-	case schema.FieldTypeRelation:
-		return validator.checkRelationValue(field, value)
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkTextValue(field *schema.SchemaField, value any) error {
-	val, _ := value.(string)
-	if val == "" {
-		return nil // nothing to check (skip zero-defaults)
-	}
-
-	options, _ := field.Options.(*schema.TextOptions)
-
-	// note: casted to []rune to count multi-byte chars as one
-	length := len([]rune(val))
-
-	if options.Min != nil && length < *options.Min {
-		return validation.NewError("validation_min_text_constraint", fmt.Sprintf("Must be at least %d character(s)", *options.Min))
-	}
-
-	if options.Max != nil && length > *options.Max {
-		return validation.NewError("validation_max_text_constraint", fmt.Sprintf("Must be less than %d character(s)", *options.Max))
-	}
-
-	if options.Pattern != "" {
-		match, _ := regexp.MatchString(options.Pattern, val)
-		if !match {
-			return validation.NewError("validation_invalid_format", "Invalid value format")
-		}
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkNumberValue(field *schema.SchemaField, value any) error {
-	val, _ := value.(float64)
-	if val == 0 {
-		return nil // nothing to check (skip zero-defaults)
-	}
-
-	options, _ := field.Options.(*schema.NumberOptions)
-
-	if options.NoDecimal && val != float64(int64(val)) {
-		return validation.NewError("validation_no_decimal_constraint", "Decimal numbers are not allowed")
-	}
-
-	if options.Min != nil && val < *options.Min {
-		return validation.NewError("validation_min_number_constraint", fmt.Sprintf("Must be larger than %f", *options.Min))
-	}
-
-	if options.Max != nil && val > *options.Max {
-		return validation.NewError("validation_max_number_constraint", fmt.Sprintf("Must be less than %f", *options.Max))
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkBoolValue(field *schema.SchemaField, value any) error {
-	return nil
-}
-
-func (validator *RecordDataValidator) checkEmailValue(field *schema.SchemaField, value any) error {
-	val, _ := value.(string)
-	if val == "" {
-		return nil // nothing to check
-	}
-
-	if is.EmailFormat.Validate(val) != nil {
-		return validation.NewError("validation_invalid_email", "Must be a valid email")
-	}
-
-	options, _ := field.Options.(*schema.EmailOptions)
-	domain := val[strings.LastIndex(val, "@")+1:]
-
-	// only domains check
-	if len(options.OnlyDomains) > 0 && !list.ExistInSlice(domain, options.OnlyDomains) {
-		return validation.NewError("validation_email_domain_not_allowed", "Email domain is not allowed")
-	}
-
-	// except domains check
-	if len(options.ExceptDomains) > 0 && list.ExistInSlice(domain, options.ExceptDomains) {
-		return validation.NewError("validation_email_domain_not_allowed", "Email domain is not allowed")
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkUrlValue(field *schema.SchemaField, value any) error {
-	val, _ := value.(string)
-	if val == "" {
-		return nil // nothing to check
-	}
-
-	if is.URL.Validate(val) != nil {
-		return validation.NewError("validation_invalid_url", "Must be a valid url")
-	}
-
-	options, _ := field.Options.(*schema.UrlOptions)
-
-	// extract host/domain
-	u, _ := url.Parse(val)
-	host := u.Host
-
-	// only domains check
-	if len(options.OnlyDomains) > 0 && !list.ExistInSlice(host, options.OnlyDomains) {
-		return validation.NewError("validation_url_domain_not_allowed", "Url domain is not allowed")
-	}
-
-	// except domains check
-	if len(options.ExceptDomains) > 0 && list.ExistInSlice(host, options.ExceptDomains) {
-		return validation.NewError("validation_url_domain_not_allowed", "Url domain is not allowed")
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkEditorValue(field *schema.SchemaField, value any) error {
-	return nil
-}
-
-func (validator *RecordDataValidator) checkDateValue(field *schema.SchemaField, value any) error {
-	val, _ := value.(types.DateTime)
-	if val.IsZero() {
-		if field.Required {
-			return requiredErr
-		}
-		return nil // nothing to check
-	}
-
-	options, _ := field.Options.(*schema.DateOptions)
-
-	if !options.Min.IsZero() {
-		if err := validation.Min(options.Min.Time()).Validate(val.Time()); err != nil {
-			return err
-		}
-	}
-
-	if !options.Max.IsZero() {
-		if err := validation.Max(options.Max.Time()).Validate(val.Time()); err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkSelectValue(field *schema.SchemaField, value any) error {
-	normalizedVal := list.ToUniqueStringSlice(value)
-	if len(normalizedVal) == 0 {
-		if field.Required {
-			return requiredErr
-		}
-		return nil // nothing to check
-	}
-
-	options, _ := field.Options.(*schema.SelectOptions)
-
-	// check max selected items
-	if len(normalizedVal) > options.MaxSelect {
-		return validation.NewError("validation_too_many_values", fmt.Sprintf("Select no more than %d", options.MaxSelect))
-	}
-
-	// check against the allowed values
-	for _, val := range normalizedVal {
-		if !list.ExistInSlice(val, options.Values) {
-			return validation.NewError("validation_invalid_value", "Invalid value "+val)
-		}
-	}
-
-	return nil
-}
-
-var emptyJsonValues = []string{
-	"null", `""`, "[]", "{}",
-}
-
-func (validator *RecordDataValidator) checkJsonValue(field *schema.SchemaField, value any) error {
-	if is.JSON.Validate(value) != nil {
-		return validation.NewError("validation_invalid_json", "Must be a valid json value")
-	}
-
-	raw, _ := types.ParseJsonRaw(value)
-
-	options, _ := field.Options.(*schema.JsonOptions)
-
-	if len(raw) > options.MaxSize {
-		return validation.NewError("validation_json_size_limit", fmt.Sprintf("The maximum allowed JSON size is %v bytes", options.MaxSize))
-	}
-
-	rawStr := strings.TrimSpace(raw.String())
-	if field.Required && list.ExistInSlice(rawStr, emptyJsonValues) {
-		return requiredErr
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkFileValue(field *schema.SchemaField, value any) error {
-	names := list.ToUniqueStringSlice(value)
-	if len(names) == 0 && field.Required {
-		return requiredErr
-	}
-
-	options, _ := field.Options.(*schema.FileOptions)
-
-	if len(names) > options.MaxSelect {
-		return validation.NewError("validation_too_many_values", fmt.Sprintf("Select no more than %d", options.MaxSelect))
-	}
-
-	// extract the uploaded files
-	files := make([]*filesystem.File, 0, len(validator.uploadedFiles[field.Name]))
-	for _, file := range validator.uploadedFiles[field.Name] {
-		if list.ExistInSlice(file.Name, names) {
-			files = append(files, file)
-		}
-	}
-
-	for _, file := range files {
-		// check size
-		if err := UploadedFileSize(options.MaxSize)(file); err != nil {
-			return err
-		}
-
-		// check type
-		if len(options.MimeTypes) > 0 {
-			if err := UploadedFileMimeType(options.MimeTypes)(file); err != nil {
-				return err
-			}
-		}
-	}
-
-	return nil
-}
-
-func (validator *RecordDataValidator) checkRelationValue(field *schema.SchemaField, value any) error {
-	ids := list.ToUniqueStringSlice(value)
-	if len(ids) == 0 {
-		if field.Required {
-			return requiredErr
-		}
-		return nil // nothing to check
-	}
-
-	options, _ := field.Options.(*schema.RelationOptions)
-
-	if options.MinSelect != nil && len(ids) < *options.MinSelect {
-		return validation.NewError("validation_not_enough_values", fmt.Sprintf("Select at least %d", *options.MinSelect))
-	}
-
-	if options.MaxSelect != nil && len(ids) > *options.MaxSelect {
-		return validation.NewError("validation_too_many_values", fmt.Sprintf("Select no more than %d", *options.MaxSelect))
-	}
-
-	// check if the related records exist
-	// ---
-	relCollection, err := validator.dao.FindCollectionByNameOrId(options.CollectionId)
-	if err != nil {
-		return validation.NewError("validation_missing_rel_collection", "Relation connection is missing or cannot be accessed")
-	}
-
-	var total int
-	validator.dao.RecordQuery(relCollection).
-		Select("count(*)").
-		AndWhere(dbx.In("id", list.ToInterfaceSlice(ids)...)).
-		Row(&total)
-	if total != len(ids) {
-		return validation.NewError("validation_missing_rel_records", "Failed to find all relation records with the provided ids")
-	}
-	// ---
-
-	return nil
-}

forms/validators/string.go

@@ -1,22 +0,0 @@
-package validators
-
-import (
-	validation "github.com/go-ozzo/ozzo-validation/v4"
-)
-
-// Compare checks whether the validated value matches another string.
-//
-// Example:
-//
-//	validation.Field(&form.PasswordConfirm, validation.By(validators.Compare(form.Password)))
-func Compare(valueToCompare string) validation.RuleFunc {
-	return func(value any) error {
-		v, _ := value.(string)
-
-		if v != valueToCompare {
-			return validation.NewError("validation_values_mismatch", "Values don't match.")
-		}
-
-		return nil
-	}
-}

forms/validators/string_test.go

@@ -1,32 +0,0 @@
-package validators_test
-
-import (
-	"testing"
-
-	"github.com/pocketbase/pocketbase/forms/validators"
-)
-
-func TestCompare(t *testing.T) {
-	t.Parallel()
-
-	scenarios := []struct {
-		valA        string
-		valB        string
-		expectError bool
-	}{
-		{"", "", false},
-		{"", "456", true},
-		{"123", "", true},
-		{"123", "456", true},
-		{"123", "123", false},
-	}
-
-	for i, s := range scenarios {
-		err := validators.Compare(s.valA)(s.valB)
-
-		hasErr := err != nil
-		if hasErr != s.expectError {
-			t.Errorf("(%d) Expected hasErr to be %v, got %v (%v)", i, s.expectError, hasErr, err)
-		}
-	}
-}

forms/validators/validators.go

@@ -1,2 +0,0 @@
-// Package validators implements custom shared PocketBase validators.
-package validators