Cleanup

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

apps/server/src/common/events/event.contants.ts

@@ -1,6 +1,5 @@
 export enum EventName {
   COLLAB_PAGE_UPDATED = 'collab.page.updated',
-
   PAGE_CREATED = 'page.created',
   PAGE_UPDATED = 'page.updated',
   PAGE_CONTENT_UPDATED = 'page-content-updated',

apps/server/src/common/helpers/nanoid.utils.ts

@@ -5,4 +5,4 @@ export const nanoIdGen = customAlphabet(alphabet, 10);
 
 const slugIdAlphabet =
   '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
-export const generateSlugId = customAlphabet(slugIdAlphabet, 10);
+export const generateSlugId = customAlphabet(slugIdAlphabet, 10);

apps/server/src/common/helpers/types/permission.ts

@@ -10,12 +10,6 @@ export enum SpaceRole {
   READER = 'reader', // can only read pages in space
 }
 
-export enum PageRole {
-  WRITER = 'writer', // can read and write pages in space
-  READER = 'reader', // can only read pages in space
-  RESTRICTED = 'restricted', // cannot access page
-}
-
 export enum SpaceVisibility {
   OPEN = 'open', // any workspace member can see that it exists and join.
   PRIVATE = 'private', // only added space users can see

apps/server/src/common/logger/internal-log-filter.ts

@@ -14,18 +14,11 @@ export class InternalLogFilter extends ConsoleLogger {
     super();
     const isProduction = process.env.NODE_ENV === 'production';
     const isDebugMode = process.env.DEBUG_MODE === 'true';
-
+    
     if (isProduction && !isDebugMode) {
       this.allowedLogLevels = ['log', 'error', 'fatal'];
     } else {
-      this.allowedLogLevels = [
+      this.allowedLogLevels = ['log', 'debug', 'verbose', 'warn', 'error', 'fatal'];
-        'log',
-        'debug',
-        'verbose',
-        'warn',
-        'error',
-        'fatal',
-      ];
     }
   }
 

apps/server/src/core/casl/abilities/page-ability.factory.ts

@@ -1,168 +0,0 @@
-import { Injectable, Logger, NotFoundException } from '@nestjs/common';
-import {
-  AbilityBuilder,
-  createMongoAbility,
-  MongoAbility,
-} from '@casl/ability';
-import { PageRole, SpaceRole } from '../../../common/helpers/types/permission';
-import { User } from '@docmost/db/types/entity.types';
-import {
-  PagePermissionRepo,
-  PageMemberRole,
-} from '@docmost/db/repos/page/page-permission-repo.service';
-import { PageRepo } from '@docmost/db/repos/page/page.repo';
-import {
-  PageCaslAction,
-  IPageAbility,
-  PageCaslSubject,
-} from '../interfaces/page-ability.type';
-import { findHighestUserSpaceRole } from '@docmost/db/repos/Space/utils';
-import { UserSpaceRole } from '@docmost/db/repos/space/types';
-import { SpaceMemberRepo } from '@docmost/db/repos/space/space-member.repo';
-
-@Injectable()
-export default class PageAbilityFactory {
-  private readonly logger = new Logger(PageAbilityFactory.name);
-
-  constructor(
-    private readonly pagePermissionRepo: PagePermissionRepo,
-    private readonly pageRepo: PageRepo,
-    private readonly spaceMemberRepo: SpaceMemberRepo,
-  ) {}
-
-  async createForUser(user: User, pageId: string) {
-    //user.id = '0197750c-a70c-73a6-83ad-65a193433f5c';
-
-    // This opens the possibility to share pages with individual users from other Spaces
-
-    /*     
-    //TODO: we might account for space permission here too.
-    // we could just do it all here. no need to call two abilities.
-    const userSpaceRoles = await this.spaceMemberRepo.getUserSpaceRoles(
-      user.id,
-      spaceId,
-    );
-    */
-
-    // const userPageRole = findHighestUserPageRole(userPageRoles);
-    // if no role abort
-
-    // Check page-level permissions first if pageId provided
-
-    const permission = await this.pagePermissionRepo.getUserPagePermission({
-      pageId: pageId,
-      userId: user.id,
-    });
-
-    // does it pick one? what if the user has permissions via groups? what roles takes precedence?
-
-    if (!permission) {
-      //TODO: it means we should use the space level permission
-      // need deeper understanding here though
-      // call the space factory?
-    }
-
-    this.logger.log('permissions', permission);
-    if (permission) {
-      // make sure the permission is for this page
-      // or cascaded/inherited from a parent page
-      /*this.logger.debug('role', permission.role, 'cascade', permission.cascade);
-      if (permission.pageId !== pageId && !permission.cascade) {
-        this.logger.debug('no permission');
-        // No explicit access and not inheriting - deny
-        return new AbilityBuilder<MongoAbility<IPageAbility>>(
-          createMongoAbility,
-        ).build();
-      }*/
-    }
-
-    // if no permission should we use space permission here?
-    // if non, skip for default to take precedence
-
-    switch (permission.role) {
-      case PageRole.WRITER:
-        return buildPageWriterAbility();
-      case PageRole.READER:
-        return buildPageReaderAbility();
-      case PageRole.RESTRICTED:
-        return buildPageRestrictedAbility();
-      default:
-        throw new NotFoundException('Page permissions not found');
-    }
-  }
-
-  private buildAbilityForRole(role: string) {
-    switch (role) {
-      case PageRole.WRITER:
-        return buildPageWriterAbility();
-      case PageRole.READER:
-        return buildPageReaderAbility();
-      case PageRole.RESTRICTED:
-        return buildPageRestrictedAbility();
-      default:
-        return new AbilityBuilder<MongoAbility<IPageAbility>>(
-          createMongoAbility,
-        ).build();
-    }
-  }
-}
-
-function buildPageWriterAbility() {
-  const { can, build } = new AbilityBuilder<MongoAbility<IPageAbility>>(
-    createMongoAbility,
-  );
-  can(PageCaslAction.Read, PageCaslSubject.Settings);
-  can(PageCaslAction.Read, PageCaslSubject.Member);
-  can(PageCaslAction.Manage, PageCaslSubject.Page);
-  can(PageCaslAction.Manage, PageCaslSubject.Share);
-  return build();
-}
-
-function buildPageReaderAbility() {
-  const { can, build } = new AbilityBuilder<MongoAbility<IPageAbility>>(
-    createMongoAbility,
-  );
-  can(PageCaslAction.Read, PageCaslSubject.Settings);
-  can(PageCaslAction.Read, PageCaslSubject.Member);
-  can(PageCaslAction.Read, PageCaslSubject.Page);
-  can(PageCaslAction.Read, PageCaslSubject.Share);
-  return build();
-}
-
-function buildPageRestrictedAbility() {
-  const { cannot, build } = new AbilityBuilder<MongoAbility<IPageAbility>>(
-    createMongoAbility,
-  );
-  cannot(PageCaslAction.Read, PageCaslSubject.Settings);
-  cannot(PageCaslAction.Read, PageCaslSubject.Member);
-  cannot(PageCaslAction.Read, PageCaslSubject.Page);
-  cannot(PageCaslAction.Read, PageCaslSubject.Share);
-  return build();
-}
-
-export interface UserPageRole {
-  userId: string;
-  role: string;
-}
-
-export function findHighestUserPageRole(userPageRoles: UserPageRole[]) {
-  //TODO: perhaps, we want the lowest here?
-  if (!userPageRoles) {
-    return undefined;
-  }
-
-  const roleOrder: { [key in PageRole]: number } = {
-    [PageRole.WRITER]: 3,
-    [PageRole.READER]: 2,
-    [PageRole.RESTRICTED]: 1,
-  };
-  let highestRole: string;
-
-  for (const userPageRole of userPageRoles) {
-    const currentRole = userPageRole.role;
-    if (!highestRole || roleOrder[currentRole] > roleOrder[highestRole]) {
-      highestRole = currentRole;
-    }
-  }
-  return highestRole;
-}

apps/server/src/core/casl/casl.module.ts

@@ -1,11 +1,10 @@
 import { Global, Module } from '@nestjs/common';
 import SpaceAbilityFactory from './abilities/space-ability.factory';
 import WorkspaceAbilityFactory from './abilities/workspace-ability.factory';
-import PageAbilityFactory from './abilities/page-ability.factory';
 
 @Global()
 @Module({
-  providers: [WorkspaceAbilityFactory, SpaceAbilityFactory, PageAbilityFactory],
+  providers: [WorkspaceAbilityFactory, SpaceAbilityFactory],
-  exports: [WorkspaceAbilityFactory, SpaceAbilityFactory, PageAbilityFactory],
+  exports: [WorkspaceAbilityFactory, SpaceAbilityFactory],
 })
 export class CaslModule {}

apps/server/src/core/casl/interfaces/page-ability.type.ts

@@ -1,19 +0,0 @@
-export enum PageCaslAction {
-  Manage = 'manage',
-  Create = 'create',
-  Read = 'read',
-  Edit = 'edit',
-  Delete = 'delete',
-}
-export enum PageCaslSubject {
-  Settings = 'settings',
-  Member = 'member',
-  Page = 'page',
-  Share = 'share',
-}
-
-export type IPageAbility =
-  | [PageCaslAction, PageCaslSubject.Settings]
-  | [PageCaslAction, PageCaslSubject.Member]
-  | [PageCaslAction, PageCaslSubject.Page]
-  | [PageCaslAction, PageCaslSubject.Share];

apps/server/src/core/group/dto/create-group.dto.ts

@@ -7,7 +7,7 @@ import {
   MaxLength,
   MinLength,
 } from 'class-validator';
-import { Transform, TransformFnParams } from 'class-transformer';
+import {Transform, TransformFnParams} from "class-transformer";
 
 export class CreateGroupDto {
   @MinLength(2)

apps/server/src/core/page/dto/add-page-members.dto.ts

@@ -1,34 +0,0 @@
-import {
-  ArrayMaxSize,
-  IsArray,
-  IsBoolean,
-  IsEnum,
-  IsOptional,
-  IsUUID,
-} from 'class-validator';
-import { PageIdDto } from './page.dto';
-import { PageMemberRole } from '@docmost/db/repos/page/page-permission-repo.service';
-
-export class AddPageMembersDto extends PageIdDto {
-  @IsEnum(PageMemberRole)
-  role: string;
-  // optional
-  @IsArray()
-  @ArrayMaxSize(25, {
-    message: 'userIds must be an array with no more than 25 elements',
-  })
-  @IsUUID('all', { each: true })
-  userIds: string[];
-
-  @IsOptional()
-  @IsArray()
-  @ArrayMaxSize(25, {
-    message: 'groupIds must be an array with no more than 25 elements',
-  })
-  @IsUUID('all', { each: true })
-  groupIds: string[];
-
-  @IsBoolean()
-  @IsOptional()
-  cascade?: boolean; // Apply to all child pages
-}

apps/server/src/core/page/dto/deleted-page.dto.ts

@@ -4,4 +4,4 @@ export class DeletedPageDto {
   @IsNotEmpty()
   @IsString()
   spaceId: string;
-}
+}

apps/server/src/core/page/dto/duplicate-page.dto.ts

@@ -17,8 +17,8 @@ export type CopyPageMapEntry = {
 };
 
 export type ICopyPageAttachment = {
-  newPageId: string;
+  newPageId: string,
-  oldPageId: string;
+  oldPageId: string,
-  oldAttachmentId: string;
+  oldAttachmentId: string,
-  newAttachmentId: string;
+  newAttachmentId: string,
 };

apps/server/src/core/page/dto/get-page-members.dto.ts

@@ -1,22 +0,0 @@
-import { IsOptional, IsNumber, IsString, Min, Max } from 'class-validator';
-import { PageIdDto } from './page.dto';
-import { Type } from 'class-transformer';
-
-export class GetPageMembersDto extends PageIdDto {
-  @IsOptional()
-  @Type(() => Number)
-  @IsNumber()
-  @Min(1)
-  page?: number = 1;
-
-  @IsOptional()
-  @Type(() => Number)
-  @IsNumber()
-  @Min(1)
-  @Max(100)
-  limit?: number = 20;
-
-  @IsOptional()
-  @IsString()
-  query?: string;
-}

apps/server/src/core/page/dto/remove-page-member.dto.ts

@@ -1,7 +0,0 @@
-import { IsUUID } from 'class-validator';
-import { PageIdDto } from './page.dto';
-
-export class RemovePageMemberDto extends PageIdDto {
-  @IsUUID()
-  memberId: string;
-}

apps/server/src/core/page/dto/update-page-member-role.dto.ts

@@ -1,11 +0,0 @@
-import { IsEnum, IsUUID } from 'class-validator';
-import { PageIdDto } from './page.dto';
-import { PageMemberRole } from '@docmost/db/repos/page/page-permission-repo.service';
-
-export class UpdatePageMemberRoleDto extends PageIdDto {
-  @IsUUID()
-  memberId: string;
-
-  @IsEnum(PageMemberRole)
-  role: string;
-}

apps/server/src/core/page/dto/update-page-permission.dto.ts

@@ -1,21 +0,0 @@
-import { IsBoolean, IsEnum, IsOptional, IsUUID } from 'class-validator';
-import { PageMemberRole } from '@docmost/db/repos/page/page-permission-repo.service';
-
-export class UpdatePagePermissionDto {
-  @IsUUID()
-  pageId: string;
-
-  @IsUUID()
-  @IsOptional()
-  userId?: string;
-
-  @IsUUID()
-  @IsOptional()
-  groupId?: string;
-
-  @IsEnum(PageMemberRole)
-  role: string;
-
-  @IsBoolean()
-  cascade: boolean; // Apply to all child pages
-}

apps/server/src/core/page/page.controller.ts

@@ -32,24 +32,9 @@ import {
 } from '../casl/interfaces/space-ability.type';
 import SpaceAbilityFactory from '../casl/abilities/space-ability.factory';
 import { PageRepo } from '@docmost/db/repos/page/page.repo';
-import { SharedPagesRepo } from '@docmost/db/repos/page/shared-pages.repo';
 import { RecentPageDto } from './dto/recent-page.dto';
 import { DuplicatePageDto } from './dto/duplicate-page.dto';
 import { DeletedPageDto } from './dto/deleted-page.dto';
-import { AddPageMembersDto } from './dto/add-page-members.dto';
-import { RemovePageMemberDto } from './dto/remove-page-member.dto';
-import { UpdatePageMemberRoleDto } from './dto/update-page-member-role.dto';
-import { UpdatePagePermissionDto } from './dto/update-page-permission.dto';
-import { GetPageMembersDto } from './dto/get-page-members.dto';
-import {
-  PagePermissionService,
-  PagePermissionsResponse,
-} from './services/page-member.service';
-import PageAbilityFactory from '../casl/abilities/page-ability.factory';
-import {
-  PageCaslAction,
-  PageCaslSubject,
-} from '../casl/interfaces/page-ability.type';
 
 @UseGuards(JwtAuthGuard)
 @Controller('pages')
@@ -59,9 +44,6 @@ export class PageController {
     private readonly pageRepo: PageRepo,
     private readonly pageHistoryService: PageHistoryService,
     private readonly spaceAbility: SpaceAbilityFactory,
-    private readonly pageAbility: PageAbilityFactory,
-    private readonly pagePermissionService: PagePermissionService,
-    private readonly sharedPagesRepo: SharedPagesRepo,
   ) {}
 
   @HttpCode(HttpStatus.OK)
@@ -79,20 +61,10 @@ export class PageController {
       throw new NotFoundException('Page not found');
     }
 
-    const pageAbility = await this.pageAbility.createForUser(user, page.id);
+    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-
-    if (pageAbility.cannot(PageCaslAction.Read, PageCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    /*const ability = await this.spaceAbility.createForUser(
-      user,
-      page.spaceId,
-    );
-    
     if (ability.cannot(SpaceCaslAction.Read, SpaceCaslSubject.Page)) {
       throw new ForbiddenException();
-    }*/
+    }
 
     return page;
   }
@@ -417,162 +389,4 @@ export class PageController {
     }
     return this.pageService.getPageBreadCrumbs(page.id);
   }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('permissions/restrict')
-  async restrictPage(@Body() dto: PageIdDto, @AuthUser() user: User) {
-    const page = await this.pageRepo.findById(dto.pageId);
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    // TODO: make sure they have access to the page, and can restrict
-    // And the page is not already restricted
-    // They can add and remove page restriction
-    // When a page restriction is removed, we remove the entries in page permissions table.
-    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-    if (ability.cannot(SpaceCaslAction.Manage, SpaceCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    return this.pagePermissionService.restrictPage(user, page.id);
-  }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('permissions/add')
-  async addPageMembers(
-    @Body() dto: AddPageMembersDto,
-    @AuthUser() user: User,
-    @AuthWorkspace() workspace: Workspace,
-  ) {
-    const page = await this.pageRepo.findById(dto.pageId);
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-    if (ability.cannot(SpaceCaslAction.Manage, SpaceCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    return this.pagePermissionService.addMembersToPageBatch(
-      dto,
-      user,
-      workspace.id,
-    );
-  }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('permissions/remove')
-  async removePageMember(
-    @Body() dto: RemovePageMemberDto,
-    @AuthUser() user: User,
-    @AuthWorkspace() workspace: Workspace,
-  ) {
-    const page = await this.pageRepo.findById(dto.pageId);
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-    if (ability.cannot(SpaceCaslAction.Manage, SpaceCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    return this.pagePermissionService.removePageMember(dto, workspace.id);
-  }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('permissions/update-role')
-  async updatePageMemberRole(
-    @Body() dto: UpdatePageMemberRoleDto,
-    @AuthUser() user: User,
-    @AuthWorkspace() workspace: Workspace,
-  ) {
-    const page = await this.pageRepo.findById(dto.pageId);
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-    if (ability.cannot(SpaceCaslAction.Manage, SpaceCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    return this.pagePermissionService.updatePageMemberRole(dto, workspace.id);
-  }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('permissions/update')
-  async updatePagePermissions(
-    @Body() dto: UpdatePagePermissionDto,
-    @AuthUser() user: User,
-  ): Promise<PagePermissionsResponse> {
-    const page = await this.pageRepo.findById(dto.pageId);
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-    if (ability.cannot(SpaceCaslAction.Manage, SpaceCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    return this.pagePermissionService.updatePagePermission(dto);
-  }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('permissions/info')
-  async getPagePermissions(
-    @Body() dto: PageIdDto,
-    @AuthUser() user: User,
-  ): Promise<PagePermissionsResponse> {
-    const page = await this.pageRepo.findById(dto.pageId);
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-    if (ability.cannot(SpaceCaslAction.Read, SpaceCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    return this.pagePermissionService.getPagePermissions(dto.pageId);
-  }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('permissions/list')
-  async getPageMembers(
-    @Body() dto: GetPageMembersDto,
-    @AuthUser() user: User,
-    @AuthWorkspace() workspace: Workspace,
-  ) {
-    const page = await this.pageRepo.findById(dto.pageId);
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const ability = await this.spaceAbility.createForUser(user, page.spaceId);
-    if (ability.cannot(SpaceCaslAction.Read, SpaceCaslSubject.Page)) {
-      throw new ForbiddenException();
-    }
-
-    const pagination: PaginationOptions = {
-      page: dto.page || 1,
-      limit: dto.limit || 20,
-      query: dto.query,
-    };
-
-    return this.pagePermissionService.getPageMembers(
-      dto.pageId,
-      workspace.id,
-      pagination,
-    );
-  }
-
-  @HttpCode(HttpStatus.OK)
-  @Post('shared')
-  async getUserSharedPages(@AuthUser() user: User) {
-    return this.sharedPagesRepo.getUserSharedPages(user.id);
-  }
 }

apps/server/src/core/page/page.module.ts

@@ -3,20 +3,12 @@ import { PageService } from './services/page.service';
 import { PageController } from './page.controller';
 import { PageHistoryService } from './services/page-history.service';
 import { TrashCleanupService } from './services/trash-cleanup.service';
-import { PagePermissionService } from './services/page-member.service';
-import { SharedPagesRepo } from '@docmost/db/repos/page/shared-pages.repo';
 import { StorageModule } from '../../integrations/storage/storage.module';
 
 @Module({
   controllers: [PageController],
-  providers: [
+  providers: [PageService, PageHistoryService, TrashCleanupService],
-    PageService,
+  exports: [PageService, PageHistoryService],
-    PageHistoryService,
-    TrashCleanupService,
-    PagePermissionService,
-    SharedPagesRepo,
-  ],
-  exports: [PageService, PageHistoryService, PagePermissionService],
   imports: [StorageModule],
 })
 export class PageModule {}

apps/server/src/core/page/services/page-member.service.ts

@@ -1,648 +0,0 @@
-import {
-  BadRequestException,
-  Injectable,
-  NotFoundException,
-} from '@nestjs/common';
-import { PaginationOptions } from '@docmost/db/pagination/pagination-options';
-import { KyselyDB, KyselyTransaction } from '@docmost/db/types/kysely.types';
-import {
-  PagePermissionRepo,
-  PageMemberRole,
-} from '@docmost/db/repos/page/page-permission-repo.service';
-import { SharedPagesRepo } from '@docmost/db/repos/page/shared-pages.repo';
-import { AddPageMembersDto } from '../dto/add-page-members.dto';
-import { InjectKysely } from 'nestjs-kysely';
-import { Page, PagePermission, User } from '@docmost/db/types/entity.types';
-import { PageRepo } from '@docmost/db/repos/page/page.repo';
-import { RemovePageMemberDto } from '../dto/remove-page-member.dto';
-import { UpdatePageMemberRoleDto } from '../dto/update-page-member-role.dto';
-import { UpdatePagePermissionDto } from '../dto/update-page-permission.dto';
-import { UserRepo } from '@docmost/db/repos/user/user.repo';
-import { GroupRepo } from '@docmost/db/repos/group/group.repo';
-import { SpaceMemberRepo } from '@docmost/db/repos/space/space-member.repo';
-import { executeTx } from '@docmost/db/utils';
-
-export interface IPagePermission {
-  id: string;
-  cascade: boolean;
-  member: {
-    id: string;
-    type: 'user' | 'group' | 'public';
-    email?: string;
-    displayName?: string;
-    avatarUrl?: string;
-    workspaceRole?: string;
-    name?: string;
-    memberCount?: number;
-  };
-  membershipRole: {
-    id: string;
-    level: string;
-    source: 'direct' | 'inherited';
-  };
-  grantedBy: {
-    id: string;
-    type: 'page' | 'space';
-    title?: string;
-    name?: string;
-    parentId?: string;
-  };
-}
-
-export interface PagePermissionsResponse {
-  page: {
-    id: string;
-    title: string;
-    hasCustomPermissions: boolean;
-    inheritPermissions: boolean;
-    permissions: IPagePermission[];
-  };
-}
-
-@Injectable()
-export class PagePermissionService {
-  constructor(
-    private pageMemberRepo: PagePermissionRepo,
-    private pageRepo: PageRepo,
-    private sharedPagesRepo: SharedPagesRepo,
-    private userRepo: UserRepo,
-    private groupRepo: GroupRepo,
-    private spaceMemberRepo: SpaceMemberRepo,
-    @InjectKysely() private readonly db: KyselyDB,
-  ) {}
-
-  async addUserToPage(
-    userId: string,
-    pageId: string,
-    role: string,
-    workspaceId: string,
-    trx?: KyselyTransaction,
-  ): Promise<void> {
-    await this.pageMemberRepo.insertPageMember(
-      {
-        userId: userId,
-        pageId: pageId,
-        role: role,
-      },
-      trx,
-    );
-  }
-
-  async addGroupToPage(
-    groupId: string,
-    pageId: string,
-    role: string,
-    workspaceId: string,
-    trx?: KyselyTransaction,
-  ): Promise<void> {
-    await this.pageMemberRepo.insertPageMember(
-      {
-        groupId: groupId,
-        pageId: pageId,
-        role: role,
-      },
-      trx,
-    );
-  }
-
-  async getPageMembers(
-    pageId: string,
-    workspaceId: string,
-    pagination: PaginationOptions,
-  ) {
-    const page = await this.pageRepo.findById(pageId);
-    // const page = await this.pageRepo.findById(pageId, { workspaceId });
-
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const members = await this.pageMemberRepo.getPageMembersPaginated(
-      pageId,
-      pagination,
-    );
-
-    return members;
-  }
-
-  async restrictPage(authUser: User, pageId: string) {
-    // to add custom permissions to a page,
-    // we have to restrict the page first.
-    // the user is here because they can restrict this page
-    // TODO: make sure page is not in trash
-    // Not sure if normal users can see restricted pages in trash.
-    await this.db
-      .updateTable('pages')
-      .set({
-        isRestricted: true,
-        restrictedById: authUser.id,
-      })
-      .where('id', '=', pageId)
-      .execute();
-  }
-
-  async addMembersToPageBatch(
-    dto: AddPageMembersDto,
-    authUser: User,
-    workspaceId: string,
-  ): Promise<void> {
-    try {
-      const page = await this.pageRepo.findById(dto.pageId);
-      //const page = await this.pageRepo.findById(dto.pageId, { workspaceId });
-
-      if (!page) {
-        throw new NotFoundException('Page not found');
-      }
-
-      // Validate role
-      if (!Object.values(PageMemberRole).includes(dto.role as PageMemberRole)) {
-        throw new BadRequestException(`Invalid role: ${dto.role}`);
-      }
-
-      // Enable custom permissions if adding first member
-      /*if (!page.hasCustomPermissions) {
-        await this.pageRepo.update(dto.pageId, {
-          hasCustomPermissions: true,
-          inheritPermissions: false,
-        });
-      }*/
-
-      // Make sure we have valid workspace users
-      const validUsersQuery = this.db
-        .selectFrom('users')
-        .select(['id', 'name'])
-        .where('users.id', 'in', dto.userIds)
-        .where('users.workspaceId', '=', workspaceId)
-        .where(({ not, exists, selectFrom }) =>
-          not(
-            exists(
-              selectFrom('pagePermissions')
-                .select('id')
-                .whereRef('pagePermissions.userId', '=', 'users.id')
-                .where('pagePermissions.pageId', '=', dto.pageId),
-            ),
-          ),
-        );
-
-      const validGroupsQuery = this.db
-        .selectFrom('groups')
-        .select(['id', 'name'])
-        .where('groups.id', 'in', dto.groupIds)
-        .where('groups.workspaceId', '=', workspaceId)
-        .where(({ not, exists, selectFrom }) =>
-          not(
-            exists(
-              selectFrom('pagePermissions')
-                .select('id')
-                .whereRef('pagePermissions.groupId', '=', 'groups.id')
-                .where('pagePermissions.pageId', '=', dto.pageId),
-            ),
-          ),
-        );
-
-      let validUsers = [],
-        validGroups = [];
-      if (dto.userIds && dto.userIds.length > 0) {
-        validUsers = await validUsersQuery.execute();
-      }
-      if (dto.groupIds && dto.groupIds.length > 0) {
-        validGroups = await validGroupsQuery.execute();
-      }
-
-      const usersToAdd = [];
-      for (const user of validUsers) {
-        usersToAdd.push({
-          pageId: dto.pageId,
-          userId: user.id,
-          role: dto.role,
-          addedById: authUser.id,
-        });
-
-        // Track orphaned page access if user doesn't have parent access
-        if (page.parentPageId && dto.role !== PageMemberRole.NONE) {
-          const hasParentAccess = await this.checkParentAccess(
-            user.id,
-            page.parentPageId,
-          );
-          if (!hasParentAccess) {
-            await this.sharedPagesRepo.addSharedPage(user.id, dto.pageId);
-          }
-        }
-      }
-
-      const groupsToAdd = [];
-      for (const group of validGroups) {
-        groupsToAdd.push({
-          pageId: dto.pageId,
-          groupId: group.id,
-          role: dto.role,
-          addedById: authUser.id,
-        });
-      }
-
-      const membersToAdd = [...usersToAdd, ...groupsToAdd];
-      if (membersToAdd.length > 0) {
-        await this.db
-          .insertInto('pagePermissions')
-          .values(membersToAdd)
-          .execute();
-      }
-
-      // Apply to child pages if requested
-      if (dto.cascade) {
-        await this.cascadeToChildren(dto.pageId, membersToAdd);
-      }
-    } catch (error) {
-      if (
-        error instanceof NotFoundException ||
-        error instanceof BadRequestException
-      ) {
-        throw error;
-      }
-      throw new BadRequestException(
-        'Failed to add members to page. Please try again.',
-      );
-    }
-  }
-
-  async removePageMember(
-    dto: RemovePageMemberDto,
-    workspaceId: string,
-  ): Promise<void> {
-    const member = await this.db
-      .selectFrom('pagePermissions')
-      .innerJoin('pages', 'pages.id', 'pagePermissions.pageId')
-      .select(['pagePermissions.id', 'pagePermissions.userId'])
-      .where('pagePermissions.id', '=', dto.memberId)
-      .where('pagePermissions.pageId', '=', dto.pageId)
-      .where('pages.workspaceId', '=', workspaceId)
-      .executeTakeFirst();
-
-    if (!member) {
-      throw new NotFoundException('Page member not found');
-    }
-
-    // Check if this is the last admin
-    const adminCount = await this.pageMemberRepo.roleCountByPageId(
-      PageMemberRole.ADMIN,
-      dto.pageId,
-    );
-
-    if (adminCount === 1) {
-      const memberToRemove = await this.pageMemberRepo.getPageMemberByTypeId(
-        dto.pageId,
-        { userId: member.userId },
-      );
-      if (memberToRemove?.role === PageMemberRole.ADMIN) {
-        throw new BadRequestException('Cannot remove the last admin from page');
-      }
-    }
-
-    await this.pageMemberRepo.removePageMemberById(dto.memberId, dto.pageId);
-
-    // Remove from shared pages if it was tracked
-    if (member.userId) {
-      await this.sharedPagesRepo.removeSharedPage(member.userId, dto.pageId);
-    }
-  }
-
-  async updatePageMemberRole(
-    dto: UpdatePageMemberRoleDto,
-    workspaceId: string,
-  ): Promise<void> {
-    const member = await this.db
-      .selectFrom('pagePermissions')
-      .innerJoin('pages', 'pages.id', 'pagePermissions.pageId')
-      .select(['pagePermissions.id', 'pagePermissions.role'])
-      .where('pagePermissions.id', '=', dto.memberId)
-      .where('pagePermissions.pageId', '=', dto.pageId)
-      .where('pages.workspaceId', '=', workspaceId)
-      .executeTakeFirst();
-
-    if (!member) {
-      throw new NotFoundException('Page member not found');
-    }
-
-    if (
-      member.role === PageMemberRole.ADMIN &&
-      dto.role !== PageMemberRole.ADMIN
-    ) {
-      const adminCount = await this.pageMemberRepo.roleCountByPageId(
-        PageMemberRole.ADMIN,
-        dto.pageId,
-      );
-      if (adminCount === 1) {
-        throw new BadRequestException('Cannot change role of the last admin');
-      }
-    }
-
-    await this.pageMemberRepo.updatePageMember(
-      { role: dto.role },
-      dto.memberId,
-      dto.pageId,
-    );
-  }
-
-  async updatePagePermission(
-    dto: UpdatePagePermissionDto,
-  ): Promise<PagePermissionsResponse> {
-    const { pageId, userId, groupId, role, cascade } = dto;
-
-    try {
-      // Validate inputs
-      if (!userId && !groupId) {
-        throw new BadRequestException(
-          'Either userId or groupId must be provided',
-        );
-      }
-
-      if (userId && groupId) {
-        throw new BadRequestException('Cannot provide both userId and groupId');
-      }
-
-      if (!Object.values(PageMemberRole).includes(role as PageMemberRole)) {
-        throw new BadRequestException(`Invalid role: ${role}`);
-      }
-
-      await executeTx(this.db, async (trx) => {
-        // Update the role
-        if (userId) {
-          await this.pageMemberRepo.upsertPageMember(
-            {
-              pageId,
-              userId,
-              role,
-            },
-            trx,
-          );
-        } else if (groupId) {
-          await this.pageMemberRepo.upsertPageMember(
-            {
-              pageId,
-              groupId,
-              role,
-            },
-            trx,
-          );
-        }
-
-        // Mark page as having custom permissions
-        /* await this.pageRepo.update(
-          pageId,
-          {
-            hasCustomPermissions: true,
-            inheritPermissions: false,
-          },
-          trx,
-        );*/
-
-        // Cascade to children if requested
-        if (cascade) {
-          const descendants = await this.pageRepo.getAllDescendants(
-            pageId,
-            trx,
-          );
-          for (const childId of descendants) {
-            if (userId) {
-              await this.pageMemberRepo.upsertPageMember(
-                {
-                  pageId: childId,
-                  userId,
-                  role,
-                },
-                trx,
-              );
-            } else if (groupId) {
-              await this.pageMemberRepo.upsertPageMember(
-                {
-                  pageId: childId,
-                  groupId,
-                  role,
-                },
-                trx,
-              );
-            }
-          }
-        }
-      });
-
-      // Return comprehensive permission data
-      return this.getPagePermissions(pageId);
-    } catch (error) {
-      if (error instanceof BadRequestException) {
-        throw error;
-      }
-      throw new BadRequestException(
-        'Failed to update page permissions. Please try again.',
-      );
-    }
-  }
-
-  async getPagePermissions(pageId: string): Promise<PagePermissionsResponse> {
-    const page = await this.pageRepo.findById(pageId, { includeSpace: true });
-    if (!page) {
-      throw new NotFoundException('Page not found');
-    }
-
-    const permissions: IPagePermission[] = [];
-
-    // 1. Get direct page members
-    const directMembers = await this.pageMemberRepo.getPageMembers(pageId);
-
-    // Batch fetch all users and groups
-    const userIds = directMembers.filter((m) => m.userId).map((m) => m.userId);
-    const groupIds = directMembers
-      .filter((m) => m.groupId)
-      .map((m) => m.groupId);
-
-    const [users, groups] = await Promise.all([
-      userIds.length > 0
-        ? this.db
-            .selectFrom('users')
-            .selectAll()
-            .where('id', 'in', userIds)
-            .execute()
-        : Promise.resolve([]),
-      groupIds.length > 0
-        ? this.db
-            .selectFrom('groups')
-            .selectAll()
-            .where('id', 'in', groupIds)
-            .execute()
-        : Promise.resolve([]),
-    ]);
-
-    const userMap = new Map(users.map((u) => [u.id, u] as const));
-    const groupMap = new Map(groups.map((g) => [g.id, g] as const));
-
-    // Build permissions with batch-fetched data
-    for (const member of directMembers) {
-      let memberData: any = null;
-
-      if (member.userId) {
-        const user = userMap.get(member.userId);
-        if (user) {
-          memberData = {
-            id: user.id,
-            type: 'user' as const,
-            email: user.email,
-            displayName: user.name,
-            avatarUrl: user.avatarUrl,
-            workspaceRole: user.role,
-          };
-        }
-      } else if (member.groupId) {
-        const group = groupMap.get(member.groupId);
-        if (group) {
-          memberData = {
-            id: group.id,
-            type: 'group' as const,
-            name: group.name,
-            memberCount: await this.db
-              .selectFrom('groupUsers')
-              .select((eb) => eb.fn.count('userId').as('count'))
-              .where('groupId', '=', group.id)
-              .executeTakeFirst()
-              .then((result) => Number(result?.count || 0)),
-          };
-        }
-      }
-
-      if (memberData) {
-        permissions.push({
-          id: member.id,
-          cascade: true, // Page permissions cascade by default
-          member: memberData,
-          membershipRole: {
-            id: member.id,
-            level: member.role,
-            source: 'direct',
-          },
-          grantedBy: {
-            id: pageId,
-            type: 'page',
-            title: page.title,
-          },
-        });
-      }
-    }
-
-    // 2. Get inherited space members (if page inherits)
-    if (page) {
-      //if (page.inheritPermissions || !page.hasCustomPermissions) {
-      const spaceMembers = await this.spaceMemberRepo.getSpaceMembersPaginated(
-        page.spaceId,
-        { page: 1, limit: 100 },
-      );
-
-      for (const spaceMember of spaceMembers.items as any[]) {
-        // Skip if user has direct page permission
-        const hasDirect = directMembers.some(
-          (dm) =>
-            (dm.userId === spaceMember.id && spaceMember.type === 'user') ||
-            (dm.groupId === spaceMember.id && spaceMember.type === 'group'),
-        );
-        if (!hasDirect) {
-          permissions.push({
-            id: `space-${spaceMember.id}`,
-            cascade: false, // Space permissions don't cascade to page children
-            member: {
-              id: spaceMember.id,
-              type: spaceMember.type as 'user' | 'group',
-              email: spaceMember.email,
-              displayName: spaceMember.name,
-              avatarUrl: spaceMember.avatarUrl,
-              name: spaceMember.name,
-              memberCount: Number(spaceMember.memberCount || 0),
-            },
-            membershipRole: {
-              id: `space-role-${spaceMember.id}`,
-              level: spaceMember.role,
-              source: 'inherited',
-            },
-            grantedBy: {
-              id: page.spaceId,
-              type: 'space',
-              name: (page as any).space?.name,
-            },
-          });
-        }
-      }
-    }
-
-    return {
-      page: {
-        id: page.id,
-        title: page.title,
-        hasCustomPermissions: true,
-        inheritPermissions: false,
-        permissions,
-      },
-    };
-  }
-
-  private async checkParentAccess(
-    userId: string,
-    parentPageId: string | null,
-  ): Promise<boolean> {
-    if (!parentPageId) return true; // Root pages always accessible
-
-    const parentAccess = await this.pageMemberRepo.resolveUserPageAccess(
-      userId,
-      parentPageId,
-    );
-    return parentAccess !== null && parentAccess !== PageMemberRole.NONE;
-  }
-
-  private async cascadeToChildren(
-    pageId: string,
-    membersToAdd: any[],
-  ): Promise<void> {
-    const descendants = await this.pageRepo.getAllDescendants(pageId);
-    if (descendants.length === 0) return;
-
-    // Separate user and group members for proper conflict handling
-    const userMembers = membersToAdd.filter((m) => m.userId);
-    const groupMembers = membersToAdd.filter((m) => m.groupId);
-
-    for (const childId of descendants) {
-      // Handle user members with proper conflict resolution
-      if (userMembers.length > 0) {
-        const childUserMembers = userMembers.map((m) => ({
-          ...m,
-          pageId: childId,
-        }));
-
-        await this.db
-          .insertInto('pagePermissions')
-          .values(childUserMembers)
-          .onConflict((oc) =>
-            oc.columns(['pageId', 'userId']).doUpdateSet({
-              role: (eb) => eb.ref('excluded.role'),
-              updatedAt: new Date(),
-            }),
-          )
-          .execute();
-      }
-
-      // Handle group members separately
-      if (groupMembers.length > 0) {
-        const childGroupMembers = groupMembers.map((m) => ({
-          ...m,
-          pageId: childId,
-        }));
-
-        await this.db
-          .insertInto('pagePermissions')
-          .values(childGroupMembers)
-          .onConflict((oc) =>
-            oc.columns(['pageId', 'groupId']).doUpdateSet({
-              role: (eb) => eb.ref('excluded.role'),
-              updatedAt: new Date(),
-            }),
-          )
-          .execute();
-      }
-    }
-  }
-}

apps/server/src/core/space/dto/create-space.dto.ts

@@ -5,7 +5,7 @@ import {
   MaxLength,
   MinLength,
 } from 'class-validator';
-import { Transform, TransformFnParams } from 'class-transformer';
+import {Transform, TransformFnParams} from "class-transformer";
 
 export class CreateSpaceDto {
   @MinLength(2)

apps/server/src/core/user/user.service.ts

@@ -70,9 +70,7 @@ export class UserService {
       );
 
       if (!isPasswordMatch) {
-        throw new BadRequestException(
+        throw new BadRequestException('You must provide the correct password to change your email');
-          'You must provide the correct password to change your email',
-        );
       }
 
       if (await this.userRepo.findByEmail(updateUserDto.email, workspace.id)) {

apps/server/src/database/database.module.ts

@@ -26,7 +26,6 @@ import { UserTokenRepo } from './repos/user-token/user-token.repo';
 import { BacklinkRepo } from '@docmost/db/repos/backlink/backlink.repo';
 import { ShareRepo } from '@docmost/db/repos/share/share.repo';
 import { PageListener } from '@docmost/db/listeners/page.listener';
-import { PagePermissionRepo } from '@docmost/db/repos/page/page-permission-repo.service';
 
 // https://github.com/brianc/node-postgres/issues/811
 types.setTypeParser(types.builtins.INT8, (val) => Number(val));
@@ -79,7 +78,6 @@ types.setTypeParser(types.builtins.INT8, (val) => Number(val));
     BacklinkRepo,
     ShareRepo,
     PageListener,
-    PagePermissionRepo,
   ],
   exports: [
     WorkspaceRepo,
@@ -95,7 +93,6 @@ types.setTypeParser(types.builtins.INT8, (val) => Number(val));
     UserTokenRepo,
     BacklinkRepo,
     ShareRepo,
-    PagePermissionRepo,
   ],
 })
 export class DatabaseModule

apps/server/src/database/migrations/20250327T145832-add-contributorIds-to-pages.ts

@@ -3,7 +3,7 @@ import { type Kysely, sql } from 'kysely';
 export async function up(db: Kysely<any>): Promise<void> {
   await db.schema
     .alterTable('pages')
-    .addColumn('contributor_ids', sql`uuid[]`, (col) => col.defaultTo('{}'))
+    .addColumn('contributor_ids', sql`uuid[]`, (col) => col.defaultTo("{}"))
     .execute();
 }
 

apps/server/src/database/migrations/20250812T000805-add-page-permissions.ts

@@ -1,102 +0,0 @@
-import { Kysely, sql } from 'kysely';
-
-export async function up(db: Kysely<any>): Promise<void> {
-  await db.schema
-    .createTable('page_permissions')
-    .addColumn('id', 'uuid', (col) =>
-      col.primaryKey().defaultTo(sql`gen_uuid_v7()`),
-    )
-    .addColumn('user_id', 'uuid', (col) =>
-      col.references('users.id').onDelete('cascade'),
-    )
-    .addColumn('group_id', 'uuid', (col) =>
-      col.references('groups.id').onDelete('cascade'),
-    )
-    .addColumn('page_id', 'uuid', (col) =>
-      col.notNull().references('pages.id').onDelete('cascade'),
-    )
-    .addColumn('role', 'varchar', (col) => col.notNull())
-    .addColumn('cascade', 'boolean', (col) => col.defaultTo(true).notNull()) // children can inherit
-    .addColumn('added_by_id', 'uuid', (col) =>
-      col.references('users.id').onDelete('set null'),
-    )
-    .addColumn('created_at', 'timestamptz', (col) =>
-      col.notNull().defaultTo(sql`now()`),
-    )
-    .addColumn('updated_at', 'timestamptz', (col) =>
-      col.notNull().defaultTo(sql`now()`),
-    )
-    .addColumn('deleted_at', 'timestamptz')
-    .addUniqueConstraint('unique_page_user', ['page_id', 'user_id'])
-    .addUniqueConstraint('unique_page_group', ['page_id', 'group_id'])
-    .addCheckConstraint(
-      'allow_either_user_id_or_group_id_check',
-      sql`(user_id IS NOT NULL AND group_id IS NULL) OR (user_id IS NULL AND group_id IS NOT NULL)`,
-    )
-    .execute();
-
-  await db.schema
-    .alterTable('pages')
-    .addColumn('is_restricted', 'boolean', (col) =>
-      col.defaultTo(false).notNull(),
-    )
-    .addColumn('restricted_by_id', 'uuid', (col) =>
-      col.references('users.id').onDelete('set null'),
-    )
-    .execute();
-
-  // Add indexes for performance
-  await db.schema
-    .createIndex('idx_page_permissions_page_id')
-    .on('page_permissions')
-    .column('page_id')
-    .execute();
-
-  await db.schema
-    .createIndex('idx_page_permissions_user_id')
-    .on('page_permissions')
-    .column('user_id')
-    .execute();
-
-  await db.schema
-    .createIndex('idx_page_permissions_group_id')
-    .on('page_permissions')
-    .column('group_id')
-    .execute();
-
-  // Create user_shared_pages table for tracking orphaned page access
-  await db.schema
-    .createTable('user_shared_pages')
-    .addColumn('user_id', 'uuid', (col) =>
-      col.notNull().references('users.id').onDelete('cascade'),
-    )
-    .addColumn('page_id', 'uuid', (col) =>
-      col.notNull().references('pages.id').onDelete('cascade'),
-    )
-    .addColumn('shared_at', 'timestamptz', (col) =>
-      col.notNull().defaultTo(sql`now()`),
-    )
-    .addPrimaryKeyConstraint('user_shared_pages_pkey', ['user_id', 'page_id'])
-    .execute();
-
-  await db.schema
-    .createIndex('idx_user_shared_pages_user_id')
-    .on('user_shared_pages')
-    .column('user_id')
-    .execute();
-
-  await db.schema
-    .createIndex('idx_user_shared_pages_shared_at')
-    .on('user_shared_pages')
-    .column('shared_at')
-    .execute();
-}
-
-export async function down(db: Kysely<any>): Promise<void> {
-  await db.schema.alterTable('pages').dropColumn('is_restricted').execute();
-  await db.schema.alterTable('pages').dropColumn('restricted_by_id').execute();
-
-  await db.schema.dropTable('user_shared_pages').execute();
-
-  await db.schema.dropTable('page_permissions').execute();
-}

apps/server/src/database/migrations/20260111T163516-add-new-indexes.ts

@@ -0,0 +1,196 @@
+import { type Kysely, sql } from 'kysely';
+
+export async function up(db: Kysely<any>): Promise<void> {
+  await db.schema
+    .createIndex('idx_group_users_user_id')
+    .ifNotExists()
+    .on('group_users')
+    .column('user_id')
+    .execute();
+
+  await db.schema
+    .createIndex('idx_space_members_user_id')
+    .ifNotExists()
+    .on('space_members')
+    .column('user_id')
+    .execute();
+
+  await db.schema
+    .createIndex('idx_space_members_group_id')
+    .ifNotExists()
+    .on('space_members')
+    .column('group_id')
+    .execute();
+
+  // Page tree
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_pages_space_parent_position
+    ON pages (space_id, parent_page_id, position COLLATE "C")
+    WHERE deleted_at IS NULL
+  `.execute(db);
+
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_pages_parent_page_id
+    ON pages (parent_page_id)
+    WHERE deleted_at IS NULL
+  `.execute(db);
+
+  // Recent pages query
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_pages_space_updated
+    ON pages (space_id, updated_at DESC)
+    WHERE deleted_at IS NULL
+  `.execute(db);
+
+  // Trash view
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_pages_space_deleted
+    ON pages (space_id, deleted_at DESC)
+    WHERE deleted_at IS NOT NULL
+  `.execute(db);
+
+  await sql`
+    CREATE UNIQUE INDEX IF NOT EXISTS idx_workspaces_hostname_lower
+    ON workspaces (LOWER(hostname))
+  `.execute(db);
+
+  await db.schema
+    .createIndex('idx_workspaces_created_at')
+    .ifNotExists()
+    .on('workspaces')
+    .column('created_at')
+    .execute();
+
+  await db.schema
+    .createIndex('idx_users_workspace_deleted_created')
+    .ifNotExists()
+    .on('users')
+    .columns(['workspace_id', 'deleted_at', 'created_at'])
+    .execute();
+
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_users_workspace_email_lower
+    ON users (workspace_id, LOWER(email))
+  `.execute(db);
+
+  await sql`
+    CREATE UNIQUE INDEX IF NOT EXISTS idx_spaces_workspace_slug_lower
+    ON spaces (workspace_id, LOWER(slug))
+  `.execute(db);
+
+  await db.schema
+    .createIndex('idx_spaces_workspace_created')
+    .ifNotExists()
+    .on('spaces')
+    .columns(['workspace_id', 'created_at'])
+    .execute();
+
+  await sql`
+    CREATE UNIQUE INDEX IF NOT EXISTS idx_groups_workspace_name_lower
+    ON groups (workspace_id, LOWER(name))
+  `.execute(db);
+
+  await db.schema
+    .createIndex('idx_groups_workspace_id')
+    .ifNotExists()
+    .on('groups')
+    .column('workspace_id')
+    .execute();
+
+  await db.schema
+    .createIndex('idx_shares_page_id')
+    .ifNotExists()
+    .on('shares')
+    .column('page_id')
+    .execute();
+
+  await sql`
+    CREATE UNIQUE INDEX IF NOT EXISTS idx_shares_key_lower
+    ON shares (LOWER(key))
+  `.execute(db);
+
+  await db.schema
+    .createIndex('idx_attachments_page_id')
+    .ifNotExists()
+    .on('attachments')
+    .column('page_id')
+    .execute();
+
+  await db.schema
+    .createIndex('idx_attachments_space_id')
+    .ifNotExists()
+    .on('attachments')
+    .column('space_id')
+    .execute();
+
+  await db.schema
+    .createIndex('idx_comments_page_id')
+    .ifNotExists()
+    .on('comments')
+    .columns(['page_id', 'created_at'])
+    .execute();
+
+  await db.schema
+    .createIndex('idx_comments_parent_comment_id')
+    .ifNotExists()
+    .on('comments')
+    .column('parent_comment_id')
+    .execute();
+
+  await sql`
+    CREATE INDEX IF NOT EXISTS idx_page_history_page_created
+    ON page_history (page_id, created_at DESC)
+  `.execute(db);
+}
+
+export async function down(db: Kysely<any>): Promise<void> {
+  await db.schema.dropIndex('idx_group_users_user_id').ifExists().execute();
+  await db.schema.dropIndex('idx_space_members_user_id').ifExists().execute();
+  await db.schema.dropIndex('idx_space_members_group_id').ifExists().execute();
+  await db.schema
+    .dropIndex('idx_pages_space_parent_position')
+    .ifExists()
+    .execute();
+  await db.schema.dropIndex('idx_pages_parent_page_id').ifExists().execute();
+  await db.schema.dropIndex('idx_pages_space_updated').ifExists().execute();
+  await db.schema.dropIndex('idx_pages_space_deleted').ifExists().execute();
+  await db.schema
+    .dropIndex('idx_workspaces_hostname_lower')
+    .ifExists()
+    .execute();
+  await db.schema.dropIndex('idx_workspaces_created_at').ifExists().execute();
+  await db.schema
+    .dropIndex('idx_users_workspace_deleted_created')
+    .ifExists()
+    .execute();
+  await db.schema
+    .dropIndex('idx_users_workspace_email_lower')
+    .ifExists()
+    .execute();
+  await db.schema
+    .dropIndex('idx_spaces_workspace_slug_lower')
+    .ifExists()
+    .execute();
+  await db.schema
+    .dropIndex('idx_spaces_workspace_created')
+    .ifExists()
+    .execute();
+  await db.schema
+    .dropIndex('idx_groups_workspace_name_lower')
+    .ifExists()
+    .execute();
+  await db.schema.dropIndex('idx_groups_workspace_id').ifExists().execute();
+  await db.schema.dropIndex('idx_shares_page_id').ifExists().execute();
+  await db.schema.dropIndex('idx_shares_key_lower').ifExists().execute();
+  await db.schema.dropIndex('idx_attachments_page_id').ifExists().execute();
+  await db.schema.dropIndex('idx_attachments_space_id').ifExists().execute();
+  await db.schema.dropIndex('idx_comments_page_id').ifExists().execute();
+  await db.schema
+    .dropIndex('idx_comments_parent_comment_id')
+    .ifExists()
+    .execute();
+  await db.schema
+    .dropIndex('idx_page_history_page_created')
+    .ifExists()
+    .execute();
+}

apps/server/src/database/pagination/pagination-options.ts

@@ -23,9 +23,9 @@ export class PaginationOptions {
 
   @IsOptional()
   @IsString()
-  query?: string;
+  query: string;
 
   @IsOptional()
   @IsBoolean()
-  adminView?: boolean;
+  adminView: boolean;
 }

apps/server/src/database/repos/comment/comment.repo.ts

@@ -105,10 +105,7 @@ export class CommentRepo {
     return Number(result?.count) > 0;
   }
 
-  async hasChildrenFromOtherUsers(
+  async hasChildrenFromOtherUsers(commentId: string, userId: string): Promise<boolean> {
-    commentId: string,
-    userId: string,
-  ): Promise<boolean> {
     const result = await this.db
       .selectFrom('comments')
       .select((eb) => eb.fn.count('id').as('count'))

apps/server/src/database/repos/group/group-user.repo.ts

@@ -57,11 +57,7 @@ export class GroupUserRepo {
 
     if (pagination.query) {
       query = query.where((eb) =>
-        eb(
+        eb(sql`f_unaccent(users.name)`, 'ilike', sql`f_unaccent(${'%' + pagination.query + '%'})`),
-          sql`f_unaccent(users.name)`,
-          'ilike',
-          sql`f_unaccent(${'%' + pagination.query + '%'})`,
-        ),
       );
     }
 

apps/server/src/database/repos/group/group.repo.ts

@@ -114,11 +114,7 @@ export class GroupRepo {
 
     if (pagination.query) {
       query = query.where((eb) =>
-        eb(
+        eb(sql`f_unaccent(name)`, 'ilike', sql`f_unaccent(${'%' + pagination.query + '%'})`).or(
-          sql`f_unaccent(name)`,
-          'ilike',
-          sql`f_unaccent(${'%' + pagination.query + '%'})`,
-        ).or(
           sql`f_unaccent(description)`,
           'ilike',
           sql`f_unaccent(${'%' + pagination.query + '%'})`,

apps/server/src/database/repos/page/page.repo.ts

@@ -454,46 +454,4 @@ export class PageRepo {
       .selectAll()
       .execute();
   }
-
-  async update(
-    pageId: string,
-    updatablePage: UpdatablePage,
-    trx?: KyselyTransaction,
-  ): Promise<void> {
-    const db = dbOrTx(this.db, trx);
-    await db
-      .updateTable('pages')
-      .set({ ...updatablePage, updatedAt: new Date() })
-      .where('id', '=', pageId)
-      .execute();
-  }
-
-  async getAllDescendants(
-    pageId: string,
-    trx?: KyselyTransaction,
-  ): Promise<string[]> {
-    const db = dbOrTx(this.db, trx);
-
-    // Recursive CTE to get all descendants
-    const descendants = await db
-      .withRecursive('page_tree', (qb) =>
-        qb
-          .selectFrom('pages')
-          .select(['id', 'parentPageId'])
-          .where('parentPageId', '=', pageId)
-          .where('deletedAt', 'is', null)
-          .unionAll((eb) =>
-            eb
-              .selectFrom('pages as p')
-              .innerJoin('page_tree as pt', 'p.parentPageId', 'pt.id')
-              .select(['p.id', 'p.parentPageId'])
-              .where('p.deletedAt', 'is', null),
-          ),
-      )
-      .selectFrom('page_tree')
-      .select('id')
-      .execute();
-
-    return descendants.map((d) => d.id);
-  }
 }

apps/server/src/database/repos/page/shared-pages.repo.ts

@@ -1,58 +0,0 @@
-import { Injectable } from '@nestjs/common';
-import { InjectKysely } from 'nestjs-kysely';
-import { KyselyDB } from '../../types/kysely.types';
-import { Page } from '../../types/entity.types';
-import { PageMemberRole } from './page-permission-repo.service';
-
-@Injectable()
-export class SharedPagesRepo {
-  constructor(@InjectKysely() private readonly db: KyselyDB) {}
-
-  async addSharedPage(userId: string, pageId: string): Promise<void> {
-    await this.db
-      .insertInto('userSharedPages')
-      .values({
-        userId,
-        pageId,
-        sharedAt: new Date(),
-      })
-      .onConflict((oc) => oc.columns(['userId', 'pageId']).doNothing())
-      .execute();
-  }
-
-  async removeSharedPage(userId: string, pageId: string): Promise<void> {
-    await this.db
-      .deleteFrom('userSharedPages')
-      .where('userId', '=', userId)
-      .where('pageId', '=', pageId)
-      .execute();
-  }
-
-  async getUserSharedPages(userId: string): Promise<Page[]> {
-    return await this.db
-      .selectFrom('userSharedPages as usp')
-      .innerJoin('pages as p', 'p.id', 'usp.pageId')
-      .innerJoin('pagePermissions as pm', (join) =>
-        join
-          .onRef('pm.pageId', '=', 'p.id')
-          .on('pm.userId', '=', userId)
-          .on('pm.role', '!=', PageMemberRole.NONE),
-      )
-      .selectAll('p')
-      .where('usp.userId', '=', userId)
-      .where('p.deletedAt', 'is', null)
-      .orderBy('usp.sharedAt', 'desc')
-      .execute();
-  }
-
-  async isPageSharedWithUser(userId: string, pageId: string): Promise<boolean> {
-    const result = await this.db
-      .selectFrom('userSharedPages')
-      .select('userId')
-      .where('userId', '=', userId)
-      .where('pageId', '=', pageId)
-      .executeTakeFirst();
-
-    return !!result;
-  }
-}

apps/server/src/database/types/db.d.ts

@@ -214,19 +214,6 @@ export interface PageHistory {
   workspaceId: string;
 }
 
-export interface PagePermissions {
-  addedById: string | null;
-  cascade: Generated<boolean>;
-  createdAt: Generated<Timestamp>;
-  deletedAt: Timestamp | null;
-  groupId: string | null;
-  id: Generated<string>;
-  pageId: string;
-  role: string;
-  updatedAt: Generated<Timestamp>;
-  userId: string | null;
-}
-
 export interface Pages {
   content: Json | null;
   contributorIds: Generated<string[] | null>;
@@ -238,11 +225,9 @@ export interface Pages {
   icon: string | null;
   id: Generated<string>;
   isLocked: Generated<boolean>;
-  isRestricted: Generated<boolean>;
   lastUpdatedById: string | null;
   parentPageId: string | null;
   position: string | null;
-  restrictedById: string | null;
   slugId: string;
   spaceId: string;
   textContent: string | null;
@@ -328,12 +313,6 @@ export interface Users {
   workspaceId: string | null;
 }
 
-export interface UserSharedPages {
-  pageId: string;
-  sharedAt: Generated<Timestamp>;
-  userId: string;
-}
-
 export interface UserTokens {
   createdAt: Generated<Timestamp>;
   expiresAt: Timestamp | null;
@@ -393,14 +372,12 @@ export interface DB {
   groups: Groups;
   groupUsers: GroupUsers;
   pageHistory: PageHistory;
-  pagePermissions: PagePermissions;
   pages: Pages;
   shares: Shares;
   spaceMembers: SpaceMembers;
   spaces: Spaces;
   userMfa: UserMfa;
   users: Users;
-  userSharedPages: UserSharedPages;
   userTokens: UserTokens;
   workspaceInvitations: WorkspaceInvitations;
   workspaces: Workspaces;

apps/server/src/database/types/db.interface.ts

@@ -10,14 +10,12 @@ import {
   Groups,
   GroupUsers,
   PageHistory,
-  PagePermissions,
   Pages,
   Shares,
   SpaceMembers,
   Spaces,
   UserMfa,
   Users,
-  UserSharedPages,
   UserTokens,
   WorkspaceInvitations,
   Workspaces,
@@ -35,7 +33,6 @@ export interface DbInterface {
   groups: Groups;
   groupUsers: GroupUsers;
   pageEmbeddings: PageEmbeddings;
-  pagePermissions: PagePermissions;
   pageHistory: PageHistory;
   pages: Pages;
   shares: Shares;
@@ -43,7 +40,6 @@ export interface DbInterface {
   spaces: Spaces;
   userMfa: UserMfa;
   users: Users;
-  userSharedPages: UserSharedPages;
   userTokens: UserTokens;
   workspaceInvitations: WorkspaceInvitations;
   workspaces: Workspaces;

apps/server/src/database/types/entity.types.ts

@@ -4,10 +4,8 @@ import {
   Comments,
   Groups,
   Pages,
-  PagePermissions,
   Spaces,
   Users,
-  UserSharedPages,
   Workspaces,
   PageHistory as History,
   GroupUsers,
@@ -52,15 +50,6 @@ export type SpaceMember = Selectable<SpaceMembers>;
 export type InsertableSpaceMember = Insertable<SpaceMembers>;
 export type UpdatableSpaceMember = Updateable<Omit<SpaceMembers, 'id'>>;
 
-// PageMember
-export type PagePermission = Selectable<PagePermissions>;
-export type InsertablePagePermission = Insertable<PagePermissions>;
-export type UpdatablePagePermission = Updateable<Omit<PagePermissions, 'id'>>;
-
-// UserSharedPage
-export type UserSharedPage = Selectable<UserSharedPages>;
-export type InsertableUserSharedPage = Insertable<UserSharedPages>;
-
 // Group
 export type ExtendedGroup = Groups & { memberCount: number };
 

apps/server/src/integrations/export/dto/export-dto.ts

@@ -41,4 +41,4 @@ export class ExportSpaceDto {
   @IsOptional()
   @IsBoolean()
   includeAttachments?: boolean;
-}
+}

apps/server/src/integrations/export/export.service.ts

@@ -107,7 +107,7 @@ export class ExportService {
       const page = await this.pageRepo.findById(pageId, {
         includeContent: true,
       });
-      if (page) {
+      if (page){
         pages = [page];
       }
     }

apps/server/src/integrations/export/turndown-utils.ts

@@ -69,21 +69,17 @@ function taskList(turndownService: TurndownService) {
         'input[type="checkbox"]',
       ) as HTMLInputElement;
       const isChecked = checkbox.checked;
-
+      
       // Process content like regular list items
       content = content
         .replace(/^\n+/, '') // remove leading newlines
         .replace(/\n+$/, '\n') // replace trailing newlines with just a single one
         .replace(/\n/gm, '\n  '); // indent nested content with 2 spaces
-
+      
       // Create the checkbox prefix
       const prefix = `- ${isChecked ? '[x]' : '[ ]'} `;
-
+      
-      return (
+      return prefix + content + (node.nextSibling && !/\n$/.test(content) ? '\n' : '');
-        prefix +
-        content +
-        (node.nextSibling && !/\n$/.test(content) ? '\n' : '')
-      );
     },
   });
 }

apps/server/src/integrations/import/dto/file-task-dto.ts

@@ -15,4 +15,4 @@ export type ImportPageNode = {
   parentPageId: string | null;
   fileExtension: string;
   filePath: string;
-};
+};

apps/server/src/integrations/queue/constants/queue.interface.ts

@@ -1,4 +1,5 @@
-import { MentionNode } from '../../../common/helpers/prosemirror/utils';
+import { MentionNode } from "../../../common/helpers/prosemirror/utils";
+
 
 export interface IPageBacklinkJob {
   pageId: string;
@@ -8,4 +9,4 @@ export interface IPageBacklinkJob {
 
 export interface IStripeSeatsSyncJob {
   workspaceId: string;
-}
+}

apps/server/src/integrations/storage/drivers/local.driver.ts

@@ -42,7 +42,7 @@ export class LocalDriver implements StorageDriver {
     try {
       const fromFullPath = this._fullPath(fromFilePath);
       const toFullPath = this._fullPath(toFilePath);
-
+      
       if (await this.exists(fromFilePath)) {
         await fs.copy(fromFullPath, toFullPath);
       }

apps/server/src/integrations/storage/providers/storage.provider.ts

@@ -40,8 +40,8 @@ export const storageDriverConfigProvider = {
           },
         };
 
-      case StorageOption.S3: {
+      case StorageOption.S3:
-        const s3Config = {
+        { const s3Config = {
           driver,
           config: {
             region: environmentService.getAwsS3Region(),
@@ -68,8 +68,7 @@ export const storageDriverConfigProvider = {
           };
         }
 
-        return s3Config;
+        return s3Config; }
-      }
 
       default:
         throw new Error(`Unknown storage driver: ${driver}`);