* Add Ecto.Network dependency
* Migration: Add ip block list table
* If Cachex errors out, mark the cache as not ready
* Add IPRule schema
* Seed IPRules
* Add Shields context module
* Implement IPRuleCache
* Start IPRuleCache
* Drop blocklisted IPs on ingestion
* Cosmetic rename
* Add settings sidebar item
* Consider IPRuleCache readiness on health checks
* Fix typo
* Implement IP blocklist live view
* Update moduledocs
* Extend contextual module tests
* Convert IPRules LiveView into LiveComponent
* Keep live flashes on the tabs view
* Update changelog
* Format
* Credo
* Remove garbage
* Update drop reason typespecs
* Update typespecs for cache keys
* Keep track of who added a rule and when
* Test if adding via LV prefills the updated_by tooltip
* Update ecto_network dependency
* s/updated_by/added_by
* s/drop_blocklist_ip/drop_shield_rule_ip
* Add docs link
* s/Updated/Added
We just released support for multiple custom property filters, but our demo/live setup
does not have many useful custom properties. This PR adds a few more to allow
better slicing-and-dicing.
* Reorganize how subscriptions/trials are evaluated
* Bugfix: expired trial+no subscriptions should not have access to extra features
* Make self-hosted users always on trial
* Seed secondary user with password
* Format
* Fix docs
* Fix small_test run
* Run the test only on full_build
* More tweaks to small builds
* Allow [Goals] for expired trials with no subscription
* Remove allowance_required field from grace_period
Since we are now preventing customers from subscribing to a plan that
does not accommodate their pageview usage, there is no need for an extra
check on removing the grace period after a successful upgrade.
This extra check is the reason why the automatic unlocks have recently
failed in several cases.
* refactor outgrown subscription notices
* make a test actually test the described functionality
* Apply greater pageview allowance margin only for trial upgrades
...in order to prevent cancelled or paused subscriptions from subscribing
to plans that would still leave their account locked.
* Mark the entire ChoosePlanTest module full build only
* remove account locking guide
This is irrelevant for self-hosters, and the internal knowledge base is
a better place for this document. Moved it there.
* refactor Keyword get clause
* add a pattern matching assertion in code
* Reapply "Sentry context in live views (#3672)"
This reverts commit 5449fead160064b8a0081c458cc5dcd34399eb0b.
* Make sure `:selection_made` is handled in `GoalSettings.Form`
That was a bit unepexcted.. normally `handle_info` is injected
by the LiveView use macro and it discards any message gracefully.
After switching to `use PlausibleWeb, :live_view` we're also
using `PlausibleWeb.Live.Flash` that happens to inject its own receive
clause for closing the flash. Which then renders the original,
overridable, `handle_info` catch-all obsolete.
* Update LV SentryContext only on connected sockets
(first mount already has the right context coming from Sentry plug)
* Make sure Live.ChoosePlan passes `current_user_id` session key
* Display premium features tabs on the dashboard
This commit makes the funnels and props tab on the dashboard visible
even when the site owner's plan does not have access to that feature.
This is to raise awareness of those features, and if the site owner does
not want to see that tab, they can still click "Hide this report" to
hide it.
Previously, when the plan did not support a feature, the feature module
`enabled/1` function returned `false`, regardless of the
`sites.feature_enabled` toggle. This commit creates a new function
called `opted_out/1` to differentiate access from explicitly opting out
a feature.
* Remove unused data-conversions-enabled attribute
* DRY Plausible.Billing.Feature.check_availability/1 function
* Allow opting out features the user doesn't have access to
* add upgrade CTA to FeatureSetupNotice
* fix JS linting errors
* simplify notice.js
* fix behaviour when deleting funnels saved to localstorage
In case some other funnel exists, we will use that as the default
selected one. If not, a feature setup notice will be displayed again.
---------
Co-authored-by: RobertJoonas <56999674+RobertJoonas@users.noreply.github.com>
Co-authored-by: Robert Joonas <robertjoonas16@gmail.com>
* Add a note about site settings being available on the locked screen
some people are not aware that they can access site settings when the dashboard is locked. i've tried to add that to the note here as it should improve the user experience and minimize the number of people reaching out to support
* Adjust markup a bit
* Convert view to HEEx and apply predefined components
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Update communication
* Remove an unreachable function (mistyped)
* [migration] Make accept_traffic_until a date
* Fix typo
* Set `accept_traffic_until` when creating a site
* Update sites `accept_traffic_until` on subscription change
* Add a note to yearly cancellation notification
* Rephrase annual e-mail for clarity
* Pass the small build test
* Add email notifications
* Fixup
* Implement `accept_traffic_until` notification worker
* Fixup - no need to test this for small build
* Update moduledoc
* Move moduletag
* s/sent_at/sent_on
* Use WHERE NOT EXISTS instead of LEFT JOIN
* Use upsert when tracking notifications sent
* Store sent marker before actually sending notification
* Prefer to keep `accept_traffic_until` on the user record
This gives us a single source of truth, addresses cases like
ownership transparently, simplifies the code and enables CRM toggles.
The only downside is that there's another join performed in the
Sites.Cache full refresh - in this case, small refreshes are
skipped - but this is fine, since the traffic will be let in
anyway.
* Expose `accepted_traffic_until` in the CRM
* Update lib/plausible/auth/user.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Preload owner in CRM
* Use the offset parameter in trial over e-mail contents
* Format
* Harden cache test
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* move format_price to Plausible.Billing
* move PlausibleWeb.Components.Billing file to subfolder
* extract new Notice module
* rename test file and module name
* move growth_grandfathered notice to notice.ex
* extract a PlanBenefits module
* extract PlanBox component
* extract PageviewSlider component
* fix plan benefits text color
* Remove business tier feature flag
This commit removes all code branches related to the business tier
feature flag, as we're not flipping this flag off anymore. It also
removes unused routes, e.g. /billing/change-plan and /billing/upgrade
* remove unused billing templates
* refactor with clause to case instead
* assert on the url in email tests
---------
Co-authored-by: Robert Joonas <robertjoonas16@gmail.com>
* Inline theme script to layout
* Extract theme_script as Heex component
* Remove unused function
* Reference assigns directly
* Clean up current user
* Clean up theme javascript
* Use new theme script in focus.html layout
* Use `assigns` instead of `@conn.assigns` in `focus.html.heex` template too
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* remove unused functionality
We can now safely delete all the logic around users who are on trial and
signed up *before* the business tiers release, since that's no longer
possible
* add monthly_pageview_limit fn clause that takes a user
* make Quota.site_limit return enterprise site limit
...not `:unlimited`, as we still need to display it
in the account settings.
* make `team_member_limit/1` return :unlimited on small_build
* improve team_member_usage/1 function doc
* stop displaying unlimited symbol in usage section
These unlimited limits include:
* `monthly_pageview_limit` for trials
* `team_member_limit` for old enterprise plans
* `site limit` for old accounts (before 2021-05-05)
* format
* small refactor case clause + move mod vars
* review suggestions
* Improve subscription status checking code
This commit improves the subscription status checking in code, and
creates convinience functions to work with it, including nil-checking
and in?/2 function.
* Change in?/2 to macro
* Update over_limit.html.eex
* Update dashboard_locked.html.eex
* Update dashboard_locked.html.eex
* Update over_limit.html.eex
* Update dashboard_locked.html.eex
* fix tests
* stop querying owned_site_ids three times
... when querying for billing cycles. Adds an optional `owned_site_ids`
argument to the `usage_cycle` function.
* add penultimate billing cycle info to emails
This commit also refactors some code and adds unit tests to email templates
* use delimit_integer instead of large_number_format
... to display usage with exact numbers such as 1,099,999 instead of 1M
* add penultimate cycle date ranges and linebreaks
---------
Co-authored-by: RobertJoonas <56999674+RobertJoonas@users.noreply.github.com>
Co-authored-by: Robert Joonas <robertjoonas16@gmail.com>
* Add 2FA actions to `AuthController`
* Hook up new `AuthController` actions to router
* Add `qr_code` to project dependencies
* Implement generic `qr_code` component rendering SVG QR code from text
* Implement enabled and disabled 2FA setting state in user settings view
* Implement view for initiating 2FA setup
* Implement view for verifying 2FA setup
* Implement view for rendering generated 2FA recovery codes
* Implement view for verifying 2FA code
* Implement view for verifying 2FA recovery code
* Improve `input_with_clipboard` component
* Improve view for initiating 2FA setup
* Improve verify 2FA setup view
* Implement `verify_2fa_input` component
* Improve view for verifying 2FA setup
* Improve view rendering generated 2FA recovery codes
* Use `verify_2fa_input` component in verify 2FA view
* Do not render PA contact on self-hosted instances
* Improve flash message phrasing on generated recovery codes
* Add byline with a warning to disable 2FA modal
* Extract modal to component and move 2FA components to dedicated module
* First pass on loading state for "generate new codes"
* Adjust modal button logic
* Fix button in verify_2fa_input component
* Use button component in activate view
* Implement wait states for recovery code related actions properly
* Apply rate limiting to 2FA verification
* Log failed 2FA code input attempts
* Add ability to trust device and skip 2FA for 30 days
* Improve styling in dark mode
* Fix waiting state under Chrome and Safari
* Delete trust cookie when disabling 2FA
* Put 2FA behind a feature flag
* Extract 2FA cookie deletion
* ff fixup
* Improve session management during 2FA login
* Extract part of 2FA controller logic to a separate module and clean up a bit
* Clear 2FA user session when rate limit hit
* Add id to form in verify 2FA setup view
* Add controller tests for 2FA actions and login action
* Update CHANGELOG.md
* Use `full_build?()` instead of `@is_selfhost` removed after rebase
* Update `Auth.TOTP` moduledoc
* Add TOTP token management and make `TOTP.enable` more test-friendly
* Use TOTP token for device trust feature
* Use zero-deps `eqrcode` instead of deps-heavy `qr_code`
* Improve flash messages copy
Co-authored-by: hq1 <hq@mtod.org>
* Make one more copy improvement
Co-authored-by: hq1 <hq@mtod.org>
* Fix copy in remaining spots
* Change redirect after login to accept URLs from #3560 (h/t @aerosol)
* Add tests checking handling login_dest on login and 2FA verification
* Fix regression in email activation form submit button behavior
* Rename `PlausibleWeb.TwoFactor` -> `PlausibleWeb.TwoFactor.Session`
* Move `qr_code` component under `Components.TwoFactor`
* Set domain and secure options for new cookies
---------
Co-authored-by: hq1 <hq@mtod.org>
* refactor asking for the monthly pageview usage
* add tests for usage and limits section in account settings
* display pageview usage per billing cycle for active subscribers
* disable cycle tabs if no usage
* make current billing cycle whole
...instead of capping it at today's date
* run queries for different cycles concurrently
* fix linebreak bug
* add calculate usage action into CRM
* change some names of assigns
* block subscribing to a plan by pageview usage
Depending on whether the customer has already subscribed or not, checking
their pageview usage is different:
* If they're not subscribed yet, we allow them to subscribe to a plan If
it their last 30 days usage does not exceed the plan pageview limit by
more than 15% (30% for when subscribing to a 10k plan)
* For existing subscribers, we'll use the exact same mechanism that we're
using for locking sites - the last two billing cycles usage. If both
cycles exceed the plan limit by more than 10% - we don't allow them to
subscribe to the plan
* apply credo suggestion
* prevent highlight bar overflow
* move disabled classes to button element
* optimize for darkmode
* unify link and text styling on the same horizontal line
'Upgrade' & 'Update billing details' links + billing interval text were
positioned on the same line. The font size was similar, but not the same
* improve exceeded_limits function readability
* Refactor some tests and remove code duplication
* override allow upgrade when limits exceeded
In cases where limits are exceeded, we can set the boolean flag
`allow_next_upgrade_override` to `true` in the CRM. This will allow
the user to upgrade to any plan they want. After they've upgraded or
changed their plan - the flag will automatically reset to `false`.
* only apply upgrade override for exceeded pageview limit
* fix tests on the CI
* make current_cycle usage always displayed by default
* make pageview allowance margin more clear
* add comment
* Disable super-admin checks on small build
* Mute a test writing to stdout
* Move sampling outside of small build
* Convert waiting_first_pageview to heex and stop relying on env vars
* Set site limit unlimited on small build
* Stop relying on app env to get trial expiry
* Remove custom domains - including migration
* Remove is_selfhosted from layout view
* Quota fixup
* Stop relying on app env for self hosted registration
* Stop relying on app env for pass reset success
* Apply on_trial? check only on full build
* Update templates relying on app env
* Adjusts auth controller tests for small build
* Trial fixup
* Fixup
* Stop relying on app env
* Rest of the fsckn owl
* Update typespecs
* Fix dialyzer warning
* Remove unused module
* Credo + format
* GeoIP is not, for full build
* Use `small_build?()` where applicable
* Implement bypassing FirstLaunchPlug without insertions
* Get Marko's patch de58a18a85
* Test is-dbip=false presence
* Fix typespec
* Remove future hardcodes
* Handle `nil` from `Plausible.Geo.database_type()`
* Remove XXX marker
* Use one typespec for two clauses
* Introduce `MIX_ENV=small_dev`
* Revert "Use one typespec for two clauses"
This reverts commit 8d8cd21764.
* Modify API of `Auth.TOTP` to work with simplified flow
* Send email when 2FA is enabled and disabled
* Add tests for `initiated?/1`
* Add tests for email submission and improve recipient address composition
* Fix email tags
* Rename email templates to HEEx
* Fix formatting in email templates
* Update applications
* Clone community config
* Move modules to experimental dir
* Update runtime config
* Apply first set of compile-time conditionals
* Move funnel schemas to experimental
* Make funnel schema-less build compile
* Use experimental/lib for elixir code
* Move JS funnels to experimental
* Clean up conditional rendering
* Tidy up the pipeline
* Make two builds pass tests without warnings
* Reuse existing dotenvs
* Do a bunch of renames
* Clean up naming
* Run secondary CI
* Update router
* Remove RewriteFunnelDupes migration
Tests were disabled already and it was a one-off shot
* Fixup quota mixins
* Add moduledoc
* Change MIX_ENV for seconary test run
* Skip crm on small
* !fixup
* Exclude flags pipeline
* Update lib/plausible_web/controllers/stats_controller.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* refactor asserting plan generation in plans_test.exs
* stop grandfathering old expired trials
For users who registered before the business tiers release, we want to
offer a chance to subscribe to a grandfathered plan. However, if they
let their trial expire and don't subscribe in the next 10 days, they'll
lose that opportunity.
* stop grandfathering expired subscriptions
* remove default title and icon from Generic.notice
* fix bug with dismissable notice
classList is null when dismissable_id is not given
* alias Plausible.Auth.User
* Refactor Generic.notice component
Make it easy to apply different colors
* move subscription_cancelled_notice across the app
And remove from user settings > subscription box. Also, include a note
about losing grandfathered status when letting the subscription expire.
* allow full width in Generic.notice
* use Generic.notice for subscription_past_due_notice
* use Generic.notice for subscription_paused_notice
* prevent two notices clashing into each other with gap-y-2
* define attrs for phx components
* optimize for light mode
* make subscription cancelled notice dismissable
but if it's dismiss, show it in the place where it was before in the
account settings > subscription box
* make function private
* replace function doc with regular comment to avoid compile warning
* use array for classnames
Co-authored-by: Vinicius Brasil <vini@hey.com>
* fix typos in function doc
---------
Co-authored-by: Vinicius Brasil <vini@hey.com>
* change upgrade CTA notice message for enterprise and business plans
* add dismissable option to Generic.notice
* more general notice about losing premium features in X days
* save notice dismissed per user
... more than one Plausible account can use the same device, so we should
scope the fact that the notice has been dismissed by user id.
* fix bug applying classes to Generic.notice
* apply shadow to the new notice on light mode
* use Heroicons.x_mark instead of raw SVG
* use Enum.filter instead of list comprehension
* fix underlined blank space in upgrade link
* Add :if clause to site limit notice
* Change test description
* Move growth? and trial? conditionals to CTA function
* Improve wording in billing notices
---------
Co-authored-by: Vinicius Brasil <vini@hey.com>
* Fix private preview notice typo
* fix link to choose-plan instead of upgrade
* do not display premium feature notice if legacy feature access
* register trial message
* change enterprise contact us copy
* fix test
---------
Co-authored-by: Robert Joonas <robertjoonas16@gmail.com>
* price formatting
* fix space underlined
* add a redirect from :upgrade to :choose_plan
* Add premium feature notice to revenue goals
* add the number of API request to plan benefits
* be more explicit about Stats API requests
* start linking to the new upgrade page if FF enabled
* add redirect to :upgrade_to_enterprise_plan from :choose_plan
This commit intends to keep the existing behaviour of redirecting users
directly to the enterprise upgrade page when they click on an upgrade
link in an email and have an enterprise plan configured.
Hence, we can also simplify the /settings template and only link to
'/billing/choose-plan', even for enterprise plans.
* deprecate /billing/change-plan route based on FF
* Move new site template to HEEX
* Move new team member invitation template to HEEX
* Standardize exceeded limits error message
* Fix failing tests
* Limit Stats API access to unlimited trials
---------
Co-authored-by: Vinicius Brasil <vini@hey.com>
* Add button component
* Use new button in settings screen
* Use button component in registration screens
* Use new button component for Billing.upgrade_link
* Separate .button and .button_link
* Add attr definiton for disabled
* Fix funnels test
* use a different article in the email copies
... for recommending a plan, since the user can choose between Growth
and Business.
* small refactoring improvement
Rename `Plans.available_plans_with_prices` to `Plans.available_plans_for`,
taking an optional `with_prices` argument.
* highlight recommended tier for trial users on the ugprade page
* review suggestion
* Implement complete basics of LV sites
* Reimplement everything in LV except pagination
* Implement basic search capability
* PoC: plot visitors on sites index
* Add rudimentary clipped gradient in minicharts
* Fix clipping gradient, define once
* Format
* Add moduledoc to visitors component
* Move paginator helpers to the top core namespace
* Fix typespec of `Plausible.Sites.list`
* Split sites component into subcomponents
* Add function to uniformly calculate 24h intervals
and visitor totals across multiple sites.
* Integrate batch 24h interval query with plots on sites view
* Don't confuse heex compiler with alpine @ shorthands
* Make linear gradient svg definition truly invisible
* Implement basic pagination
* Extract `site_stats` from site and invitation cards
* Improve pagination
* Tweak css
* Improve filtering on pagination and make WSS fail graceful
* Test `last_24h_visitors_hourly_intervals/2`
* Replace /sites with LV implementation
* Add debounce to search filter
* Fix typespecs
* Fix styling
* Fix mini graph scaling factor calculation
* Fix search consuming itself
* Minimal tweaks to the plots
* Fixup
* Remove magic numbers from the plot
* Create `site_pins` table
* Add `SitePin` schema
* Implement listing invitations, sites and pins in a single query
* Add FIXME note
* Remove site pins for now
* Add tests for `Plausible.Sites.list/3`
* Add a couple more tests to sites dead view
* Remove unnecessary FIXME
* Add LV tests for Sites
* Calculate and display 24h visitors change
* Render the change in bold
* Add clarfying comment on virtual field in `Site` schema
* Remove unnecessary function from Invitations API
* Remove unused list opt from type definition in `Sites`
* Improve joins in list query slightly
* Add comment on manually computing sites list total
* Start searching from a singly character in domain field
* Add typespec to `last_24h_visitors_hourly_intervals`
* Extend moduledoc in visitors component
* Simplify loading sites in LV
* Simplify assigns in LV
* Add missing group for shadow under site card
* Make invitation modal render
* Make HTML in sites LV semantically correct
* Remove autofocus and focus search on `/`
* Remove shadow from search input
* Make search cancel on escape
* Fix tests relying on outdated HTML structure
* Make visitor chart color scheme consistent with dashboard chart
* Update styling of trend labels
* Fix empty state and improve search blur/focus handling
* Use live navigation for pagination
* Implement spinner on load from search
* Remove unused `Plausible.Stats.Clickhouse.last_24h_visitors/1`
* Calculate uniques correctly across hour boundaries
* Swap inlined svg for Heroicons component in invitation modal
* Add order by to base query in 24h hourly intervals
* Revert "Add order by to base query in 24h hourly intervals"
This reverts commit a6be5e3026.
* Query clickhouse 24h visitors only on second mount
* Remove redundant sign from percentage change when negative
* Switch to offset-based pagination
- offset seems easier to deal with for when actions on
paginated list will be performed such as site pinning;
tracking cursor data makes some entries disappear in
edge cases. The data set is still fairly small and
static, even for large customers.
- we're removing Phoenix.Pagination as it doesn't really
fir any use case, and it was only used to limit the number
of sites in the site picker
- site picker is now limited to 9 sites (future: pinned
sites will be prioritized there)
- no need to re-query for total count any more
- BTW, the old /sites template was removed
* Refine the plot queries; Tests pass snapshot
* Add PromEx plugin for LiveView
* Fix tiny plot cut-off at the top
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* fix the styling of the red text notice under checkout link
* avoid some code repetition
* simplify rendering the change_plan_link
* refactor disabling checkout link and showing disabled message
* disable change plan and upgrade link when exceeding pageview limit
* disable checkout when exceeding team member limit
* disable checkout when site limit exceeded
* extract checkout related code in a separate function
* stick to a single order of features
* losing features warning
* fix back link from change-plan-preview
* create Quota.exceeded_limits function
* restrict subscribing with exceeded limits on the API level too
* use with instead of case
Co-authored-by: Vini Brasil <vini@hey.com>
* use :map type instead of :any for user
Co-authored-by: Vini Brasil <vini@hey.com>
* create Quota.usage function
---------
Co-authored-by: Vini Brasil <vini@hey.com>
* fix text color in dark mode
* rename a function
* use aliases in quota.ex
* rename a function
* make Goals a similar feature to others but with a free option
* rename a function
* mix format
* Read feature status from Billing.Feature instead of %Site{}
This commit changes data attributes passed to React. Previously the
controller read feature statuses directly from the %Site{} schema. The
Billing.Feature context is aware of the user plan and the features
available.
* Limit funnels internal API based on site owner plan
* Limit props internal API based on site owner plan
* Use site factory in QueryTest
* Limit custom property filter based on site owner plan
* Limit revenue goals queries based on site owner plan
