* Allow e-mail exclusion in team members quota
* Exclude invitee from quota on invitation create
* Enable invitation submission but report errors on quota violation
* Use a single interface for team members quota
* Check the `Keyword.validate/2` result
* Update test/plausible_web/controllers/site/membership_controller_test.exs
Co-authored-by: Uku Taht <Uku.taht@gmail.com>
---------
Co-authored-by: Uku Taht <Uku.taht@gmail.com>
* Move limit enforcement to accepting site ownerhsip transfer
* enforce pageview limit on ownership transfer accept
* Refactor plan limit check logic
* Extract `ensure_can_take_ownership` to `Invitations` context and refactor
* Improve styling of exceeded limits notice in invitation dialog and disable button
* styling improvements to notice
* make transfer_ownership return transfer to self error
* do not allow transferring to user without active subscription WIP
* Add missing typespec and improve existing ones
* Fix formatting
* Explicitly label direct match on function argument for clarity
* Slightly refactor `CreateInvitation.bulk_transfer_ownership_direct`
* Exclude quota enforcement tests from small build test suite
* Remove unused return type from `invite_error()` union type
* Do not block plan upgrade when there's pending ownership transfer
* Don't block and only warn about missing features on transfer
* Remove `x-init` attribute used for debugging
* Add tests for `Quota.monthly_pageview_usage/2`
* Test and improve site admin ownership transfer actions
* Extend tests for `AcceptInvitation.transfer_ownership`
* Test transfer ownership controller level accept action error cases
* Test choosing plan by user without sites but with a pending ownership transfer
* Test invitation x-data in sites LV
* Remove sitelocker trigger in invitation acceptance code and simplify logic
* Add Quota test for `user.allow_next_upgrade_override` being set
* ignore pageview limit only when subscribing to plan
* Use sandbox Paddle instance for staging
* Use sandbox paddle key for staging and dev
---------
Co-authored-by: Robert Joonas <robertjoonas16@gmail.com>
* Avoid redirect in site settings
* Fix unicode in SiteController existing tests
* Fix various tests
* Add CHANGELOG
* Make sure test site is example.com
* Use Route helpers in site_controller
* Fix UTF redirect in change domain submit action
* Fix UTF site domain in reset stats action
* price formatting
* fix space underlined
* add a redirect from :upgrade to :choose_plan
* Add premium feature notice to revenue goals
* add the number of API request to plan benefits
* be more explicit about Stats API requests
* start linking to the new upgrade page if FF enabled
* add redirect to :upgrade_to_enterprise_plan from :choose_plan
This commit intends to keep the existing behaviour of redirecting users
directly to the enterprise upgrade page when they click on an upgrade
link in an email and have an enterprise plan configured.
Hence, we can also simplify the /settings template and only link to
'/billing/choose-plan', even for enterprise plans.
* deprecate /billing/change-plan route based on FF
* Move new site template to HEEX
* Move new team member invitation template to HEEX
* Standardize exceeded limits error message
* Fix failing tests
* Limit Stats API access to unlimited trials
---------
Co-authored-by: Vinicius Brasil <vini@hey.com>
* Make membership creation and role updates more explicit in terms of changesets
* Extract invitation accept flow logic and refactor it slightly
* Improve acceptation logic
* Update moduledoc
* Improve SiteLocker API and add typespecs
* Stop naming function not returning a boolean like a predicate
* Refactor rest of invitation actions and safeguard against rogue requests
* Update code docs slightly
* Extend `Billing.check_needs_update/1` tests
* Parametrize selfhost flag and toggle SiteLocker logic on it
* Add tests for newly extracted services
* Add test case and a fix for locking site on grace period ended
* Make invitation controller tests async as there's no more env patching
* Add test cases for self-invites and fix one bug
* Add and refactor tests for rejecting and removing invitations
* Prevent issuing ownership transfer to existing owner
* Improve name of the test
* Improve `Billing.check_needs_to_upgrade/1` return value
* Improve `Billing.SiteLocker.update_sites_for/1` and its tests
* Fix typos
Co-authored-by: hq1 <hq@mtod.org>
* Make invitation removal and rejection resilient to races
---------
Co-authored-by: hq1 <hq@mtod.org>
* Move inline functions to module
* Extend invite/4 for ownership transfers
* Verify inviter has sufficient permissions
* Ensure ownership transfers don't count as team member
This commit changes the team member usage query to exclude ownership
transfer invitations. Previously, when an ownership transfer was
pending, the team member usage was incremented.
* Draw attention to payment notice when transferring ownership
* Remove duplicate mail sending from membership_controller
---------
Co-authored-by: Uku Taht <uku.taht@gmail.com>
* Refactor MembershipController.invite_member/2
This commit refactors the controller action used for creating new
invitations. It moves the code to Plausible.Sites.invite/4 and replaces
`ifs` and `cases` with `with`.
* Add team_member_limit to plan definition
* Create usage and limits functions for team members
* Apply team member limit when inviting new users
* Add team members to Usage & Limits section
* Change invite function to receive email address instead of %User{}
* Wrap invite function in a DB transaction
* Remove unnecessary joins from team member usage query
* Replace UNION ALL with UNION to remove duplicates
* Make sure admin can grant the admin role
* Use `site` and `current_user_role` from conn.assigns to avoid extra lookups
* Add some missing documentation
* Restrict owners in the `update_role` action
* Move @moduledoc to appropriate location
* Use Ecto.Enum to get role atoms
* Remove unused functionality
* Ensure that owners cannot lock themselves out
* Add question mark to `can_grant_role`
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* Use strict short-circuit operator for booleans
Co-authored-by: Adam Rutkowski <hq@mtod.org>
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* Invite existing user to a site
* Add invitation flow for non-existing users
* Accept and reject invitations
* Use invitation flow for existing users
* Locking mechanism for sites
* Authorization for site settings
* Show usage based on site ownership
* Add ability to remove members from a site
* Do not show settings link to viewer roles
* Ability to remove invitations
* Remove `Plausible.Sites.count_for/1`
* Fix tests
* Do not show the trial banner after the trial
* Correct trial emails
* Transfer ownership
* Send invitation email to existing user
* Add invitation email flows
* Add plug for role-based authorization
* Rename AuthorizeStatsPlug -> AuthorizeSiteAccess
* Add email flow for ownership transfer
* Fix URLs in emails
* Fix small copy issues
* Make 'People' its own section in site settings
* Notify user via email if their access has been removed
* Check site lock status when invitation is accepted
* Check lock status when user subscribes
* Make sure only admins and owners can create shared links
* Changelog
* Add LockSites to daily cron
* Clean invitations after 48 hours
* Add notices about expiry
* Add invitation expired page
* Add doc link
