* Increase max_parser_depth setting
This is currently causing issues in production with exports w/ comparisons, but
would blow up in other cases with sufficient data.
The reason this is now blowing up is that we create a large AND/OR condition
for breakdown comparisons. ecto-ch nests each conditional in its separate parentheses
causing us to reach the default 1000 max_parser_depth limit
We can improve this in a couple of ways:
- Not add unneccessary parentheses in ecto-ch
- Adding a new operator to make the AND/OR nesting require less conditionals, using
arrays and tuples instead
* Don't query comparisons for exports
csv exports don't actually output any comparison data, so querying for
it just causes issues.
* Stop typescript command clearing previous server start output in dev
* Allow auth site access plug to specify that domain is found in request body at some key
* Fix init order
* Make domain retrieval part of the role pipeline
* Add tests
* Refactor how is_binary is applied in get_domain/2
* Make plug tests rely on dedicated test routes for more stability
* Consistently treat empty `allowed_roles` list as permitting all roles
* Fix async test param, add extra case for init
* Make `DocsQueryTest` async again
* Improve a bit and document plug configuration
* Make docs more legible when viewed from source directly
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* auto https
* changelog
* enable auto-tls only when http_port is 80
* make erlang ssl less verbose
* simplify config
* simplify config
* fix ce_dev typo
* fix another typo
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Turn `Plausible.Auth.UserSession` into full schema
* Implement token based sessions and use them as default
* Ignore expired user sessions during retrieval from DB
* Implement plug bumping user session last used and timeout timestamps
* Implement Oban worker removing expired user sessions with grace period
* Implement legacy session conversion on touch, when applicable
* Update `UserAuth` moduledoc
* Extend `UserAuth` tests to account for db-backed session tokens
* Update CHANGELOG
* Add tests for `UserSessionTouch` plug
* Add test for `CleanUserSessions` worker
* Add logging of legacy session retrievals
* Use single update permitting stale records when touching user session
* Don't fetch session and user for external API endpoints (/api/event too)
* Refactor `Users.with_subscription/1` and expose helper query
* Skip fetching session in legacy `SessionTimeoutPlug`
* Rely on user session assign from `AuthContext` in `SentryContext`
* Silence legacy session warnings in `UserSessionTouchTest`
* Rely on session assign from `AuthPlug` in `SuperAdminOnlyPlug`
* Change `UserAuth` to get session, user and last subscription in one go
* Avoid refetching user session in `AuthorizeSiteAccess` plug
* Fix code formatting
* Refactor `UserAuth.get_user_token/1` (h/t @aerosol)
* Remove bogus empty opts from `scope` declarations in router
* Only touch session once an hour and keep `user.last_seen` in sync
* Bring back logging of legacy token use
* Migration: add installation meta
* Update site schema with installation meta
* Remove VERIFICATION_ENABLED env var
* Add context API to create/remove special goals
* Add context api to update installation meta
* Remove verification enabled check
* Update new progress flow definitions
* Update generic components
* Remove internal /status API
* Implement installation live view
* Update traffic change notifier link
* Update verification, no more modal
* Update routes
* Remove focus.html - will unify everything under app layout
* Fix broken link
* Update templates with focus_box mostly
* Update controller tests
* Update controllers and stop using the focus layout
* copy changes
* Update verification.ex
* Remove dead template
* Update settings_general.html.heex
* Update copy in tests
* Update installation.ex
* Remove dangling dot
* Fix link
* Update installation.ex
* Update installation.ex
* Better tooltips?
* Simpler labels
* Revert "Simpler labels"
This reverts commit 797560ef82f2067458b03b884be5aecc8fdc72bc.
* Add copy to clipboard link and fix snippet's dark mode
* Offer installation detection skip only if ws connected
* Put COPY link at the bottom with background
* Make tooltips link to docs
* Fix cherry-pick gone wrong
* Hide tooltips on mobile screens
* WIP: 404 tracking wizard
* Revert "WIP: 404 tracking wizard"
This reverts commit a9c9c79bbd.
* Update lib/plausible_web/live/components/verification.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Update lib/plausible_web/live/installation.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Use current_user from socket.assigns
* Update lib/plausible_web/live/installation.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Use current_user from socket.assigns
* Use conn.private to steer verification tests
* Drop non-sticky tooltip in favour of component parametrization
Co-authored-by: Artur Pata <artur.pata@gmail.com>
* Reapply "WIP: 404 tracking wizard"
This reverts commit 3ba81671d7.
* Fix installation tests including 404 tracking
* Fixup the tooltip component
* Format
* Update installation.ex
* Put flash whenever installation option changes
* Use last known installation type on domain change
* Extract user flow definition to provide compile-time checks
* See if this helps running CE migrations successfully
* Use `styled_link` on registration/login views
* Don't crash when there's no conn.private carried over
* Format
* Push "Determining installation type" message a bit lower
* Use links and footer lists uniformly
This commit introduces a `<.focus_list/>` component
for rendering focus box footer links with colored
discs. It also equips generic link components
with the ability of sending non-GET requests
along with CSRF token, so we can apply uniform
styling and stop using legacy Phoenix link tags.
cc @zoldar @apata
* ws 👾
* Render more descriptive flashes on script config change
---------
Co-authored-by: Marko Saric <34340819+metmarkosaric@users.noreply.github.com>
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
Co-authored-by: Artur Pata <artur.pata@gmail.com>
* Add typescript, rewrite Countries map
* Add back DB IP geolocation notice
* Silence all current eslint warnings: to be removed gradually
* Reconfigure eslint import plugin for typescript
* Insert formatting pragma by default, but ignore files without pragma in CI
* Add data migration for creating and syncing location_data table and dictionary
* Migration to populate location data
* Daily cron to refresh location dataset if changed
* Add support for visit:country_name, visit:region_name and visit:city_name dimensions
Under the hood this relies on a `location_data` table in clickhouse being regularly synced with
plausible/location repo and dictionary lookups used in ALIAS columns
* Update queue name
* Update documentation
* Explicit structs
* Improve docs further
* Migration comment
* Add queues
* Add error when already loaded
* Test for filtering by new dimensions
* Update deps
* dimension -> select_dimension
* Update a test
* Update tailwind config
Turns out `extra` wasn't scanned properly with
previous wildcards. I don't care any more, it's not slow.
* Add interface for updating funnels
* Extend ComboBox with the ability to preselect an initial value
* Implement editing funnels UI
* Update CHANGELOG
* s/add_funnel/setup_funnel
* modal width 2/5 => 2/3
* Let's not make the list disappear on modal pop-up
* Fix the damn modal width again
* Watch extra dir
* Format
* Remove commented code
The test is implemented elsewhere
* Track funnel modified to drop default selection
* Fix screen size adoption and format large numbers
* Preserve currency so that string casting includes it
* Format
* Fix ComboBox attribute for preselected option
* Implement basic HelpScout integration
* Set 127.0.0.1 as a default customer IP in `Plans.with_prices/2`
* Use `is_nil/1` instead of `... == nil` (h/t @aerosol)
* Use `Path.join/1,2` to build API URLs a bit more safely (h/t @aerosol)
* Check for locked sites entirely within query logic
* Move conditional start of HelpScout vault to compile-time
* Include customer_id in error sent to Sentry
* Use `Plug.Crypto.secure_compare/2` for constant-time signature comparison
* Refactor token request function
* Use `Path.join/1` in one more spot
* Use route helper to build CRM URL
- `:verification` flag is no longer needed,
however we'll keep the old "awaiting first pageview" flow
for Community Edition where verification is not available
by default
- `:traffic_drop_notifications` have been tested and should
be enabled for everyone
* Expose current visitors 12h aggregate
* Remove unused site association
* Distinct drop/spike notification factories
* Rename modules accordingly + implement drop handling
* Rename periodic oban service
* Implement drop email
* Rest of the owl
* Update changelog
* Update moduledoc
* Update moduledoc
* Min threshold to 1
* Threshold 1
* Remove merge artifact
* Put panel behind a feature flag
* Format
* Link subscription status to Paddle profile whenever available
* Display usage info directly in user form in CRM
* Handle pageview limit fallback gracefully when rendering subscription quota
* Remove usage page link from users list view in CRM
* Add tests for usage page
* Apply `raw/1` only to the one (and only) element of the list
* Bootstrap OpenAPI Funnel schemas
* Implement Plugins API Funnel view
* Allow casting funnel step directly from `%Goal{}`
* Check feature availability on funnel creation
just like it's done when inserting goals
* Implement Plugins API context module for Funnels
* Implement GET/PUT funnels via Plugins API
* Fix typo
* A rare event in which dialyzer found an actual bug, wow!
* Format
* Wrap creation request with a root `funnel` key
* Format
* Extract common funnel get query
* Remove redundant tag
* Refactor queries a bit
* Allow running browserless.io locally
* Compile tailwind classes based on extra/ too
* Add browserless runtime configuration
* Ignore verification events on ingestion
* Improve extracting HTML text in tests
* Update dependencies
- Floki will be used on production to parse site contents
- Req will be used to handle redundant stuff like retrying etc.
* Add shuttle SVG to generic components
Later on we'll use it to indicate verification errors
* Connect live socket & allow skipping awaiting the first pageview
* Connect live socket in general settings
* Implement verification checks & diagnostics
* Stub remote services with Req for testing
* Change snippet screen copy
* Update tracker script, so that:
1. headless browsers aren't ignored if `window.__plausible` is defined
2. callback optionally supplies the event response HTTP status
This will be later used to check whether the server acknowledged
the verification event.
* Implement LiveView verification UI
* Embed the verification UIs into settings and onboarding
* Implement browserless puppeteer verification script
It:
- tries to visit the site
- defines window.__plausible, so the tracker doesn't ignore test events
- sends a verification event and instruments the callback
- awaits the callback to fire and returns the result
* Improve diagnostics for CSP
Only report CSP error if the snippet is already found
* Put verification behind a feature flag/env setting
* Contact Us hint only for Enterprise Edition
* For headless code, use JS context instead of EEx interpolation
* Update diagnostics test with WordPress scenarios
* Shorten exception/throw interception
* Rename test
* Tidy up
* Bust URL always on headless check
* Update moduledoc
* Detect official Plausible WordPress Plugin
and act accordingly on diagnostics interoperation
* Stop using 'rating' in favour of 'interpretation'
* Only report CSP error if no proxy is likely
* Update CHANGELOG
* Allow event-* attributes on snippet elements
* Improve naive GTM detection, not to confuse it with GA4
* Update lib/plausible/verification.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Update test/plausible/site/verification/checks_test.exs
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* s/perform_wrapped/perform_safe
* Update lib/plausible/verification/checks/installation.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Remove garbage
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Implement `Auth.TOTP.force_disable/1`
* Add "Reset 2FA" action to users CRM
* Add `Purge.reset!/2` variant allowing to set arbitrary cutoff time
* Add ability to set native stats start time from CRM
* Revert "Add `Purge.reset!/2` variant allowing to set arbitrary cutoff time"
This reverts commit 6f294d5d58.
* Add test for CRM site update action
* Reapply "Local CSV exports/imports and S3/UI updates (#3989)" (#3995)
This reverts commit aee69e44c8.
* remove unused functions
* eh, that one was actually used
* ugh, they were both used
---------
Co-authored-by: ruslandoga <67764432+ruslandoga@users.noreply.github.com>
* local CSV exports/imports and S3 updates
* credo
* dialyzer
* refactor input columns
* fix ci minio/clickhouse tests
* Update lib/plausible_web/live/csv_export.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* fix date range filter in export_pages_q and process only pageviews
* remove toTimeZone(zero_timestamp) note
* use SiteImport.pending(), SiteImport.importing()
* escape [SiteImport.pending(), SiteImport.importing()]
* use random s3 keys for imports to avoid collisions (sometimes makes the upload get stuck)
* clamp import date ranges
* site is already in assigns
* recompute cutoff date each time
* use toDate(timestamp[, timezone]) shortcut
* show alreats on export cancel/delete and extract hint into a component
* switch to Imported.clamp_dates/4
* reprocess tables when imports are added
* recompute cutoff_date on each call
* actually use clamped_date_range on submit
* add warning message
* add expiry rules to buckets in make minio
* add site_id to imports notifications and use it in csv_importer
* try/catch safer
* return :ok
* date range is not available when no uploads
* improve ui and warning messages
* use Generic.notice
* fix flaky exports test
* begin tests
* Improve `Importer` notification payload shape
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* encode/decode date range in filenames
* Update lib/plausible/imported/csv_importer.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Update lib/plausible/imported/csv_importer.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* drop unused functions
* send failure email if there is no data to export
* use PlausibleWeb.Email.mailer_email_from()
* ensure we get dates from minmax date query
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
