chore: changes for CD tech debt

app/server/appsmith-server/src/main/java/com/appsmith/server/acl/AclPermission.java

@@ -85,6 +85,12 @@ public enum AclPermission {
 
     APPLICATION_CREATE_PAGES("create:pages", Application.class),
 
+    /**
+     * This permission would be used to provide delete permission to pages where the user does not have
+     * permission to delete application.
+     */
+    APPLICATION_DELETE_PAGES("delete:applicationPages", Application.class),
+
     MANAGE_PAGES("manage:pages", NewPage.class),
     READ_PAGES("read:pages", NewPage.class),
     DELETE_PAGES("delete:pages", NewPage.class),

app/server/appsmith-server/src/main/java/com/appsmith/server/acl/ce/PolicyGeneratorCE.java

@@ -24,6 +24,7 @@
 import java.util.stream.Collectors;
 
 import static com.appsmith.server.acl.AclPermission.APPLICATION_CREATE_PAGES;
+import static com.appsmith.server.acl.AclPermission.APPLICATION_DELETE_PAGES;
 import static com.appsmith.server.acl.AclPermission.COMMENT_ON_APPLICATIONS;
 import static com.appsmith.server.acl.AclPermission.CONNECT_TO_GIT;
 import static com.appsmith.server.acl.AclPermission.DELETE_ACTIONS;
@@ -210,7 +211,8 @@ protected void createApplicationPolicyGraph() {
 
         // If the user is being given MANAGE_APPLICATION permission, they must also be given READ_APPLICATION perm
         lateralGraph.addEdge(MANAGE_APPLICATIONS, READ_APPLICATIONS);
-
+        // If the user has permission to delete application, they must have permission to delete application-pages,
+        lateralGraph.addEdge(DELETE_APPLICATIONS, APPLICATION_DELETE_PAGES);
         // If the user can read an application, the should be able to comment on it.
         lateralGraph.addEdge(READ_APPLICATIONS, COMMENT_ON_APPLICATIONS);
     }
@@ -229,6 +231,7 @@ protected void createPagePolicyGraph() {
         hierarchyGraph.addEdge(MANAGE_APPLICATIONS, MANAGE_PAGES);
         hierarchyGraph.addEdge(READ_APPLICATIONS, READ_PAGES);
         hierarchyGraph.addEdge(DELETE_APPLICATIONS, DELETE_PAGES);
+        hierarchyGraph.addEdge(APPLICATION_DELETE_PAGES, DELETE_PAGES);
         hierarchyGraph.addEdge(APPLICATION_CREATE_PAGES, PAGE_CREATE_PAGE_ACTIONS);
 
         lateralGraph.addEdge(MANAGE_PAGES, READ_PAGES);

app/server/appsmith-server/src/main/java/com/appsmith/server/domains/Application.java

@@ -488,6 +488,8 @@ public static class Fields extends BaseDomain.Fields {
                 dotted(gitApplicationMetadata, GitArtifactMetadata.Fields.gitAuth);
         public static final String gitApplicationMetadata_defaultApplicationId =
                 dotted(gitApplicationMetadata, GitArtifactMetadata.Fields.defaultApplicationId);
+        public static final String gitApplicationMetadata_isAutoDeploymentEnabled =
+                dotted(gitApplicationMetadata, GitArtifactMetadata.Fields.isAutoDeploymentEnabled);
         public static final String gitApplicationMetadata_branchName =
                 dotted(gitApplicationMetadata, GitArtifactMetadata.Fields.branchName);
         public static final String gitApplicationMetadata_isRepoPrivate =

app/server/appsmith-server/src/main/java/com/appsmith/server/migrations/db/ce/Migration053AddApplicationDeletePagePermissionToApplications.java

@@ -0,0 +1,97 @@
+package com.appsmith.server.migrations.db.ce;
+
+import com.appsmith.external.models.BaseDomain;
+import com.appsmith.server.acl.AclPermission;
+import com.appsmith.server.domains.Application;
+import io.mongock.api.annotations.ChangeUnit;
+import io.mongock.api.annotations.Execution;
+import io.mongock.api.annotations.RollbackExecution;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.bson.Document;
+import org.springframework.data.mongodb.core.MongoTemplate;
+import org.springframework.data.mongodb.core.aggregation.Aggregation;
+import org.springframework.data.mongodb.core.aggregation.AggregationOperation;
+import org.springframework.data.mongodb.core.query.Criteria;
+import org.springframework.data.mongodb.core.query.Query;
+
+import java.util.List;
+
+import static com.appsmith.server.migrations.db.ce.Migration047AddMissingFieldsInDefaultAppsmithAiDatasource.newerCheckForDeletedCriteria;
+import static com.appsmith.server.migrations.db.ce.Migration047AddMissingFieldsInDefaultAppsmithAiDatasource.olderCheckForDeletedCriteria;
+
+/**
+ * This class adds a new policy delete:applicationPages to all non deleted applications.
+ * The permissionGroups of the new policy is copied from the policy having permission delete application
+ * in the same application.
+ *
+ */
+@Slf4j
+@ChangeUnit(order = "053", id = "add-app-delete-pages-permission-to-application", author = " ")
+@RequiredArgsConstructor
+public class Migration053AddApplicationDeletePagePermissionToApplications {
+
+    private final MongoTemplate mongoTemplate;
+
+    private static final String APPLICATION_DELETE_PAGES_VALUE = AclPermission.APPLICATION_DELETE_PAGES.getValue();
+    private static final String DELETE_APPLICATIONS_VALUE = AclPermission.DELETE_APPLICATIONS.getValue();
+
+    private static final String POLICIES = BaseDomain.Fields.policies;
+    private static final String PERMISSION = "permission";
+    private static final String PERMISSION_GROUPS = "permissionGroups";
+
+    @RollbackExecution
+    public void rollbackExecution() {}
+
+    @Execution
+    public void addApplicationDeletePagesPermissionToApplication() {
+
+        // selection of all the applications which have not been deleted.
+        Criteria applicationCriteria =
+                new Criteria().andOperator(olderCheckForDeletedCriteria(), newerCheckForDeletedCriteria());
+
+        // conditional to match delete:applications permission
+        Document equalityConditionDoc = new Document("$eq", List.of("$$this.permission", DELETE_APPLICATIONS_VALUE));
+
+        // filtering the policy from the policies based on equality condition
+        Document filterPermissionGroupsDoc = new Document(
+                "$filter", new Document().append("input", "$policies").append("cond", equalityConditionDoc));
+
+        // selecting the permissionGroups set present at array index,
+        // (the list is dynamically created after filtering policies on permission and then returning permissionGroups)
+        Document permissionGroupArrayElementAtDoc = new Document("$arrayElemAt", List.of(filterPermissionGroupsDoc, 0));
+
+        // creating a new policy with permission delete:applicationPages and permissionGroups from delete:app policy
+        List<Document> singletonPolicyList = List.of(new Document(PERMISSION, APPLICATION_DELETE_PAGES_VALUE)
+                .append(
+                        PERMISSION_GROUPS,
+                        new Document(
+                                "$let",
+                                new Document()
+                                        .append(
+                                                "vars",
+                                                new Document("existingPolicy", permissionGroupArrayElementAtDoc))
+                                        .append("in", "$$existingPolicy.permissionGroups"))));
+
+        // concatenating existing policies set with the newly created policy which is in set
+        Document concatPolicySets = new Document("$concatArrays", List.of("$policies", singletonPolicyList));
+
+        AggregationOperation aggregationOperation = Aggregation.addFields()
+                .addFieldWithValue(POLICIES, concatPolicySets)
+                .build();
+
+        try {
+            mongoTemplate.updateMulti(
+                    new Query().addCriteria(applicationCriteria),
+                    Aggregation.newUpdate(aggregationOperation),
+                    Application.class);
+        } catch (Exception exception) {
+            log.debug(
+                    "Migration with change-id : add-app-delete-pages-permission-to-application failed due to reason {}."
+                            + "skipping addition of policy to applications ",
+                    exception.getMessage());
+
+            throw exception;
+        }
+    }
+}

app/server/appsmith-server/src/main/java/com/appsmith/server/solutions/ce/ApplicationPermissionCE.java

@@ -16,4 +16,8 @@ public interface ApplicationPermissionCE extends ArtifactPermission {
     AclPermission getManageDefaultBranchPermission();
 
     AclPermission getManageAutoCommitPermission();
+
+    AclPermission getPublishPermission();
+
+    AclPermission getApplicationDeletePagesPermission();
 }

app/server/appsmith-server/src/main/java/com/appsmith/server/solutions/ce/ApplicationPermissionCEImpl.java

@@ -70,4 +70,13 @@ public AclPermission getManageDefaultBranchPermission() {
     public AclPermission getManageAutoCommitPermission() {
         return AclPermission.MANAGE_AUTO_COMMIT;
     }
+
+    public AclPermission getPublishPermission() {
+        return AclPermission.PUBLISH_APPLICATIONS;
+    }
+
+    @Override
+    public AclPermission getApplicationDeletePagesPermission() {
+        return AclPermission.APPLICATION_DELETE_PAGES;
+    }
 }