2021-06-16 15:00:07 +03:00
|
|
|
defmodule PlausibleWeb.InvitationController do
|
|
|
|
use PlausibleWeb, :controller
|
|
|
|
use Plausible.Repo
|
|
|
|
alias Ecto.Multi
|
|
|
|
alias Plausible.Auth.Invitation
|
|
|
|
alias Plausible.Site.Membership
|
|
|
|
|
|
|
|
plug PlausibleWeb.RequireAccountPlug
|
|
|
|
|
2022-10-27 09:39:34 +03:00
|
|
|
@require_owner [:remove_invitation]
|
|
|
|
|
|
|
|
plug PlausibleWeb.AuthorizeSiteAccess,
|
|
|
|
[:owner, :admin] when action in @require_owner
|
|
|
|
|
2021-06-16 15:00:07 +03:00
|
|
|
def accept_invitation(conn, %{"invitation_id" => invitation_id}) do
|
|
|
|
invitation =
|
2023-07-11 11:52:09 +03:00
|
|
|
Repo.get_by(Invitation, invitation_id: invitation_id)
|
2021-06-16 15:00:07 +03:00
|
|
|
|> Repo.preload([:site, :inviter])
|
|
|
|
|
2023-07-11 11:52:09 +03:00
|
|
|
if invitation do
|
|
|
|
user = conn.assigns[:current_user]
|
|
|
|
existing_membership = Repo.get_by(Membership, user_id: user.id, site_id: invitation.site.id)
|
2021-06-16 15:00:07 +03:00
|
|
|
|
2023-07-11 11:52:09 +03:00
|
|
|
multi =
|
|
|
|
if invitation.role == :owner do
|
|
|
|
Multi.new()
|
|
|
|
|> downgrade_previous_owner(invitation.site)
|
|
|
|
|> maybe_end_trial_of_new_owner(user)
|
|
|
|
else
|
|
|
|
Multi.new()
|
|
|
|
end
|
2021-06-16 15:00:07 +03:00
|
|
|
|
2023-07-11 11:52:09 +03:00
|
|
|
membership_changeset =
|
|
|
|
(existing_membership ||
|
|
|
|
%Membership{user_id: user.id, site_id: invitation.site.id})
|
|
|
|
|> Membership.changeset(%{role: invitation.role})
|
2021-06-16 15:00:07 +03:00
|
|
|
|
2023-07-11 11:52:09 +03:00
|
|
|
multi =
|
|
|
|
multi
|
|
|
|
|> Multi.insert_or_update(:membership, membership_changeset)
|
|
|
|
|> Multi.delete(:invitation, invitation)
|
2021-06-16 15:00:07 +03:00
|
|
|
|
2023-07-11 11:52:09 +03:00
|
|
|
case Repo.transaction(multi) do
|
|
|
|
{:ok, changes} ->
|
|
|
|
updated_user = Map.get(changes, :user, user)
|
|
|
|
notify_invitation_accepted(invitation)
|
|
|
|
Plausible.Billing.SiteLocker.check_sites_for(updated_user)
|
2021-06-16 15:00:07 +03:00
|
|
|
|
2023-07-11 11:52:09 +03:00
|
|
|
conn
|
|
|
|
|> put_flash(:success, "You now have access to #{invitation.site.domain}")
|
|
|
|
|> redirect(to: "/#{URI.encode_www_form(invitation.site.domain)}")
|
2021-06-16 15:00:07 +03:00
|
|
|
|
2023-07-11 11:52:09 +03:00
|
|
|
{:error, _operation, _value, _changes} ->
|
|
|
|
conn
|
|
|
|
|> put_flash(:error, "Something went wrong, please try again")
|
|
|
|
|> redirect(to: "/sites")
|
|
|
|
end
|
|
|
|
else
|
|
|
|
conn
|
|
|
|
|> put_flash(:error, "Invitation missing or already accepted")
|
|
|
|
|> redirect(to: "/sites")
|
2021-06-16 15:00:07 +03:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
defp downgrade_previous_owner(multi, site) do
|
|
|
|
prev_owner =
|
|
|
|
from(
|
|
|
|
sm in Plausible.Site.Membership,
|
|
|
|
where: sm.site_id == ^site.id,
|
|
|
|
where: sm.role == :owner
|
|
|
|
)
|
|
|
|
|
|
|
|
Multi.update_all(multi, :prev_owner, prev_owner, set: [role: :admin])
|
|
|
|
end
|
|
|
|
|
2021-12-17 12:16:18 +03:00
|
|
|
defp maybe_end_trial_of_new_owner(multi, new_owner) do
|
2022-11-24 17:18:29 +03:00
|
|
|
if Application.get_env(:plausible, :is_selfhost) do
|
|
|
|
multi
|
|
|
|
else
|
2021-12-17 12:16:18 +03:00
|
|
|
end_trial_of_new_owner(multi, new_owner)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-08 15:15:37 +03:00
|
|
|
defp end_trial_of_new_owner(multi, new_owner) do
|
2021-10-12 11:28:32 +03:00
|
|
|
if Plausible.Billing.on_trial?(new_owner) || is_nil(new_owner.trial_expiry_date) do
|
2021-09-08 15:15:37 +03:00
|
|
|
Ecto.Multi.update(multi, :user, Plausible.Auth.User.end_trial(new_owner))
|
|
|
|
else
|
|
|
|
multi
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-06-16 15:00:07 +03:00
|
|
|
def reject_invitation(conn, %{"invitation_id" => invitation_id}) do
|
|
|
|
invitation =
|
|
|
|
Repo.get_by!(Invitation, invitation_id: invitation_id)
|
|
|
|
|> Repo.preload([:site, :inviter])
|
|
|
|
|
|
|
|
Repo.delete!(invitation)
|
|
|
|
notify_invitation_rejected(invitation)
|
|
|
|
|
|
|
|
conn
|
|
|
|
|> put_flash(:success, "You have rejected the invitation to #{invitation.site.domain}")
|
|
|
|
|> redirect(to: "/sites")
|
|
|
|
end
|
|
|
|
|
|
|
|
defp notify_invitation_accepted(%Invitation{role: :owner} = invitation) do
|
|
|
|
PlausibleWeb.Email.ownership_transfer_accepted(invitation)
|
2022-10-24 13:13:23 +03:00
|
|
|
|> Plausible.Mailer.send()
|
2021-06-16 15:00:07 +03:00
|
|
|
end
|
|
|
|
|
|
|
|
defp notify_invitation_accepted(invitation) do
|
|
|
|
PlausibleWeb.Email.invitation_accepted(invitation)
|
2022-10-24 13:13:23 +03:00
|
|
|
|> Plausible.Mailer.send()
|
2021-06-16 15:00:07 +03:00
|
|
|
end
|
|
|
|
|
|
|
|
defp notify_invitation_rejected(%Invitation{role: :owner} = invitation) do
|
|
|
|
PlausibleWeb.Email.ownership_transfer_rejected(invitation)
|
2022-10-24 13:13:23 +03:00
|
|
|
|> Plausible.Mailer.send()
|
2021-06-16 15:00:07 +03:00
|
|
|
end
|
|
|
|
|
|
|
|
defp notify_invitation_rejected(invitation) do
|
|
|
|
PlausibleWeb.Email.invitation_rejected(invitation)
|
2022-10-24 13:13:23 +03:00
|
|
|
|> Plausible.Mailer.send()
|
2021-06-16 15:00:07 +03:00
|
|
|
end
|
|
|
|
|
|
|
|
def remove_invitation(conn, %{"invitation_id" => invitation_id}) do
|
|
|
|
invitation =
|
2022-10-27 09:39:34 +03:00
|
|
|
Repo.get_by!(Invitation, invitation_id: invitation_id, site_id: conn.assigns[:site].id)
|
2021-06-16 15:00:07 +03:00
|
|
|
|> Repo.preload(:site)
|
|
|
|
|
|
|
|
Repo.delete!(invitation)
|
|
|
|
|
|
|
|
conn
|
|
|
|
|> put_flash(:success, "You have removed the invitation for #{invitation.email}")
|
|
|
|
|> redirect(to: Routes.site_path(conn, :settings_general, invitation.site.domain))
|
|
|
|
end
|
|
|
|
end
|