* Add data retention field to plans
* Display data retention as benefit when choosing plan
* Split fields in two module attributes
* Remove extra whitespace
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Improve subscription status checking code
This commit improves the subscription status checking in code, and
creates convinience functions to work with it, including nil-checking
and in?/2 function.
* Change in?/2 to macro
* Update over_limit.html.eex
* Update dashboard_locked.html.eex
* Update dashboard_locked.html.eex
* Update over_limit.html.eex
* Update dashboard_locked.html.eex
* fix tests
* stop querying owned_site_ids three times
... when querying for billing cycles. Adds an optional `owned_site_ids`
argument to the `usage_cycle` function.
* add penultimate billing cycle info to emails
This commit also refactors some code and adds unit tests to email templates
* use delimit_integer instead of large_number_format
... to display usage with exact numbers such as 1,099,999 instead of 1M
* add penultimate cycle date ranges and linebreaks
---------
Co-authored-by: RobertJoonas <56999674+RobertJoonas@users.noreply.github.com>
Co-authored-by: Robert Joonas <robertjoonas16@gmail.com>
* End polymorphic response in goals create
Being part of the v3 spec, this isn't well
(or at all) supported by OpenAPI generators.
Always respond with `Goal.ListResponse`
* Implement `PUT /custom_props`
* Implement bulk `DELETE /goals`
* Expose API for (bulk-)disabling custom props
* Add controller typespecs
* Delegate list wrapping to `Plausible.API.*`
* Add 2FA actions to `AuthController`
* Hook up new `AuthController` actions to router
* Add `qr_code` to project dependencies
* Implement generic `qr_code` component rendering SVG QR code from text
* Implement enabled and disabled 2FA setting state in user settings view
* Implement view for initiating 2FA setup
* Implement view for verifying 2FA setup
* Implement view for rendering generated 2FA recovery codes
* Implement view for verifying 2FA code
* Implement view for verifying 2FA recovery code
* Improve `input_with_clipboard` component
* Improve view for initiating 2FA setup
* Improve verify 2FA setup view
* Implement `verify_2fa_input` component
* Improve view for verifying 2FA setup
* Improve view rendering generated 2FA recovery codes
* Use `verify_2fa_input` component in verify 2FA view
* Do not render PA contact on self-hosted instances
* Improve flash message phrasing on generated recovery codes
* Add byline with a warning to disable 2FA modal
* Extract modal to component and move 2FA components to dedicated module
* First pass on loading state for "generate new codes"
* Adjust modal button logic
* Fix button in verify_2fa_input component
* Use button component in activate view
* Implement wait states for recovery code related actions properly
* Apply rate limiting to 2FA verification
* Log failed 2FA code input attempts
* Add ability to trust device and skip 2FA for 30 days
* Improve styling in dark mode
* Fix waiting state under Chrome and Safari
* Delete trust cookie when disabling 2FA
* Put 2FA behind a feature flag
* Extract 2FA cookie deletion
* ff fixup
* Improve session management during 2FA login
* Extract part of 2FA controller logic to a separate module and clean up a bit
* Clear 2FA user session when rate limit hit
* Add id to form in verify 2FA setup view
* Add controller tests for 2FA actions and login action
* Update CHANGELOG.md
* Use `full_build?()` instead of `@is_selfhost` removed after rebase
* Update `Auth.TOTP` moduledoc
* Add TOTP token management and make `TOTP.enable` more test-friendly
* Use TOTP token for device trust feature
* Use zero-deps `eqrcode` instead of deps-heavy `qr_code`
* Improve flash messages copy
Co-authored-by: hq1 <hq@mtod.org>
* Make one more copy improvement
Co-authored-by: hq1 <hq@mtod.org>
* Fix copy in remaining spots
* Change redirect after login to accept URLs from #3560 (h/t @aerosol)
* Add tests checking handling login_dest on login and 2FA verification
* Fix regression in email activation form submit button behavior
* Rename `PlausibleWeb.TwoFactor` -> `PlausibleWeb.TwoFactor.Session`
* Move `qr_code` component under `Components.TwoFactor`
* Set domain and secure options for new cookies
---------
Co-authored-by: hq1 <hq@mtod.org>
* Avoid redirect in site settings
* Fix unicode in SiteController existing tests
* Fix various tests
* Add CHANGELOG
* Make sure test site is example.com
* Use Route helpers in site_controller
* Fix UTF redirect in change domain submit action
* Fix UTF site domain in reset stats action
* Move input range bubble to JavaScript
This commit switches the input range bubble on the choose plan page from
LiveView to JavaScript. The reason for this change is the input range
is a regular HTML input rendered by the browser, not LV, therefore
bubble was not in sync when sliding the input.
* Apply suggestions from code review
* refactor asking for the monthly pageview usage
* add tests for usage and limits section in account settings
* display pageview usage per billing cycle for active subscribers
* disable cycle tabs if no usage
* make current billing cycle whole
...instead of capping it at today's date
* run queries for different cycles concurrently
* fix linebreak bug
* add calculate usage action into CRM
* change some names of assigns
* block subscribing to a plan by pageview usage
Depending on whether the customer has already subscribed or not, checking
their pageview usage is different:
* If they're not subscribed yet, we allow them to subscribe to a plan If
it their last 30 days usage does not exceed the plan pageview limit by
more than 15% (30% for when subscribing to a 10k plan)
* For existing subscribers, we'll use the exact same mechanism that we're
using for locking sites - the last two billing cycles usage. If both
cycles exceed the plan limit by more than 10% - we don't allow them to
subscribe to the plan
* apply credo suggestion
* prevent highlight bar overflow
* move disabled classes to button element
* optimize for darkmode
* unify link and text styling on the same horizontal line
'Upgrade' & 'Update billing details' links + billing interval text were
positioned on the same line. The font size was similar, but not the same
* improve exceeded_limits function readability
* Refactor some tests and remove code duplication
* override allow upgrade when limits exceeded
In cases where limits are exceeded, we can set the boolean flag
`allow_next_upgrade_override` to `true` in the CRM. This will allow
the user to upgrade to any plan they want. After they've upgraded or
changed their plan - the flag will automatically reset to `false`.
* only apply upgrade override for exceeded pageview limit
* fix tests on the CI
* make current_cycle usage always displayed by default
* make pageview allowance margin more clear
* add comment
* Disable super-admin checks on small build
* Mute a test writing to stdout
* Move sampling outside of small build
* Convert waiting_first_pageview to heex and stop relying on env vars
* Set site limit unlimited on small build
* Stop relying on app env to get trial expiry
* Remove custom domains - including migration
* Remove is_selfhosted from layout view
* Quota fixup
* Stop relying on app env for self hosted registration
* Stop relying on app env for pass reset success
* Apply on_trial? check only on full build
* Update templates relying on app env
* Adjusts auth controller tests for small build
* Trial fixup
* Fixup
* Stop relying on app env
* Rest of the fsckn owl
* Update typespecs
* Fix dialyzer warning
* Remove unused module
* Credo + format
* GeoIP is not, for full build
* Use `small_build?()` where applicable
* Implement bypassing FirstLaunchPlug without insertions
* Get Marko's patch de58a18a85
* Test is-dbip=false presence
* Fix typespec
* Remove future hardcodes
* Handle `nil` from `Plausible.Geo.database_type()`
* Remove XXX marker
* Use one typespec for two clauses
* Introduce `MIX_ENV=small_dev`
* Revert "Use one typespec for two clauses"
This reverts commit 8d8cd21764.
* Modify API of `Auth.TOTP` to work with simplified flow
* Send email when 2FA is enabled and disabled
* Add tests for `initiated?/1`
* Add tests for email submission and improve recipient address composition
* Fix email tags
* Rename email templates to HEEx
* Fix formatting in email templates
This commit moves the dump_plans Mix task to the Plausible.Release
module so it can run in production.
Usage: `./bin/plausible eval Plausible.Release.dump_plans`
* Update applications
* Clone community config
* Move modules to experimental dir
* Update runtime config
* Apply first set of compile-time conditionals
* Move funnel schemas to experimental
* Make funnel schema-less build compile
* Use experimental/lib for elixir code
* Move JS funnels to experimental
* Clean up conditional rendering
* Tidy up the pipeline
* Make two builds pass tests without warnings
* Reuse existing dotenvs
* Do a bunch of renames
* Clean up naming
* Run secondary CI
* Update router
* Remove RewriteFunnelDupes migration
Tests were disabled already and it was a one-off shot
* Fixup quota mixins
* Add moduledoc
* Change MIX_ENV for seconary test run
* Skip crm on small
* !fixup
* Exclude flags pipeline
* Update lib/plausible_web/controllers/stats_controller.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Bugfix: allow ownership transfers when premium features enabled but not used
Fields like `props_enabled` and `funnels_enabled` are true by default,
and these fields do not indicate whether the user/site is actually using
these features or not.
* allow site transfers if they will be at limit after transfer
* small refactor