* Implement plug for checking SSO team access
* Add the new plug to the `browser` pipeline and adjust routes
* Don't log in on failed provisioning and display issue notice instead
* Require user to be provisioned as SSO before toggling "Force SSO"
* Label SSO members explicitly in team management LV
* Make slight layout and copy adjustments in provision issue view
* Improve copy (h/t @aerosol)
* Team members setup: indicate disabled with color
* Bugfix: grey-out guest role picker if insufficient permissions.
This wasn't any critical though, the UI would act janky but
permissions were enforced anyway on change.
* First pass: store login preference
* Only set login preference if SSO is used
* Change mock DNS to use port 5354 and `domain_id` for parameter
* Make login forms use flash message for error passing
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Setup MFA properly in SSO tests
* Move `new_identity` test helper to common helpers
* Make standard login only allow Owner SSO users
* Implement `Plausible.Users.type/1` for determining user type
* Implement plug restricting action based on user type
* Restrict or adjust access to settings actions to SSO users
* Make a very small refactor to `Auth.SSO` helper
* Prevent SSO users from acceptig team invitations
* Prevent SSO users from adding websites under "My Presonal Sites"
* Prevent implicit team creation by SSO users
* Add workaround for compiler warning under CE
* Remove SSO user on removing membership
* Prevent changing role to owner when 2FA not enabled
* Prevent provisioning from standard user with active personal team
* Fix `Auth.lookup/1` to not break for standard users on multiple teams
* Use `Plausible.always/1` (h/t @aerosol)
* Revert "Use `Plausible.always/1` (h/t @aerosol)"
This reverts commit 0ee7dd84d3.
* Rename `RestrictType` -> `RestrictUserType`
* Make the configuration intent more explicit in `RestrictUserType` plug
* Rename plug file
* Allow caching tracker script on CE
Open questions with this approach:
- `ingestion_url`: Using `PlausibleWeb.Endpoint.url()` requires that endpoint has started, but we
want to pre-warm the cache _before_ the endpoint starts. To work around this, a different approach
is used to get the right url.
- caching: Other caches currently cache database models, this caches a string. Will this cause issues?
* Slightly better workaround
* Lazier timers
* Scriptv2 onboarding: review flow
* Make sure bundled features are enabled by default in v2 onboarding
* Call get_or_create correctly
* Refactor custom plan form to use boolean-based checkboxes
* Revert "Log warning when m/meta parameter used in ingestion (#5478)"
This reverts commit d4bec6d9e3.
* Support `meta` argument only on legacy scripts + test
* Changelog
* Bump version
* make starter tier flag team based not user
* old upgrade page for active or recently ended trials
* adjustments to plan benefits
* mention losing grandfathering when on v4
* extract plan benefits into separate module
* unit tests for plan benefits + fix enterprise site/team_member benefits
* hide Starter tier from grandfathered Growth
Also get rid of the grandfathered notice in Growth plan box
* choose_plan_test.exs to ee_only
* fix ci
* actually fix ci
* stop displaying new starter features for grandfathered teams
* bump starter tier launch date
* Revert "stop displaying new starter features for grandfathered teams"
This reverts commit e024a82d14.
* Extend core APIs for better insight into SSO state during setup
* Adjust `toggle_switch` compoenent to accept global attributes
* Improve textarea variant of input component
* Make first very crude pass on SSO setup UI
* Display "Single Sign-On" settings option only when enabled
* Extract SP identity ID function to SAMLConfig as a public one
* Move SAML controller logic behind an adapter
* Don't apply CSRF protection to SAML consume endpoint
* Make copy adjustments
* Change SSO sidebar icon
* Fix `fake_domain_verify` handling before integration is set up
* Tweak configuration markup
* Sanitize PEM input
* Tweak SSO settings sections + prevent domain deletion if applicable
* Minor tweaks to SSO settings tiles
* Bootstrap basic test suite
* Ensure SSO settings are guarded by env var
* Make sure to retry fake domain validation on integration-less cycle
* Trim idp entity id input
* Dedup assertions
* Fix domain identifier interpolation
* Tidy up integration fetching
* Expand tests for SSOManagement LV with fixes
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* Log warning when m/meta parameter used in ingestion
This parameter was added in October 2020 and then renamed 2 days later: 40900c7653 and 0b6e645b44
We are hoping we may be able to remove it which this logging will help with.
* Log only domain
* feature gate creating shared links
* feature gate GET shared_link
* stop granting shared links access in code + organize tests
* allow GET shared_link for WP
* prevent shared link creation with special name
unless created by the Plugins API, the name WordPress - Shared Dashboard
will be considered reserved.
* do not render special shared links in site settings > visibility
* remove hardcoded special name from test
* add function doc for special names
* prevent updates to special name as well
* warn about losing access to shared links
* make features_usage return empty list on ce
* Update lib/plausible/sites.ex
Co-authored-by: hq1 <hq@mtod.org>
* move special name check to changeset
* fix tests
---------
Co-authored-by: hq1 <hq@mtod.org>
* Redefine what `on_trial?` means
No subscription combined with
non-zero trial_days_left designates an ongoing trial.
Conversely, any subscription in any state means
the trial is inactive.
* Fix cancellation notices
We now show the cancellation warning
when the subscription is about to expire.
* Implement the ability to lock cancelled subscriptions
in case a refund is made
* Dedup notice body
* Spawn confirmation alert before locking
* Revert "CRM: team (un)lock regardless of grace period (#5440)"
This reverts commit bb63c0d0e4.
* Implement grace period (un)lock just like in kaffy
* Test grace period handling
* Implement `SSO.Domains.remove/1,2` and `SSO.Domains.check_can_remove/1`
* Add `sso_domain` relation to `Auth.User` schema
* Populate `user.sso_domain` on provisioning and validate identity domain
* Simplify lookup by domain in `SSO.Domains.remove/1,2`
* Extend tests
* Derive user name from email in fake SAML controller
* Fix formatting
* keep teams feature explicitly for UI
* keep devsubscriptions in sync with prod
On prod, when a subscription is created without a current team in assings,
a new team is force created for that user.
* disable team creation when no point to create it
* fix ce_test compile warning
* fix tests on CE
* Update lib/plausible/teams/billing.ex
Co-authored-by: hq1 <hq@mtod.org>
* add solo team in seeds
* fix top border blur + stop autofocusing input when blurred
---------
Co-authored-by: hq1 <hq@mtod.org>
* Add SSO user as a team member on provisioning
* Implement fake SSO actions and basic login form
* Handle team member limit error and adjust login redirect in `UserAuth`
* Always switch to related SSO team on SSO user login
* Ensure `timeout_at` is set when creating new standard user session
* Add env var flag for gating SSO
* Hide SSO login link when SSO disabled
* Hide SSO routes when SSO disabled
* Implement nonce-based allowance for js in SSO content security policy
* Test controller actions
* Add more tests for UserAuth
* Add sync tests for `GateSSO` plug and env var flag in disabled state
* Add test for SSO owner logging in via standard login
* Ensure team locked state is updated on site creation and removal
* Do not lock team when there are no sites
* Ensure SiteLocker is only run on EE
* Get rid of troublesome alias
* Update tracker config in scriptv2 onboarding
* Use actual scriptv2 installation script
* Unwrap result from transaction
* Only run cache purge tests on ee
* replace yellow warning notice with more inviting cta (funnels)
* align VAT notice with /year on the upgrade page
* improve tooltip component
do not hide the tooltip when the mouse enters the tooltip itself directly
from the trigger element. This allows clicking links in tooltips.
* improve site segments feature gate UI
Disable the save button when site segment option is selected in create or
edit form. Also render a different upgrade notice if the user is not the owner.
* replace upgrade notices with blur UI
To fully get rid of Notice.premium_feature, we will also display a
"not allowed" cursor with tooltips asking to upgrade where necessary.
* extract toggle switch component
* Hide currency toggle from goal edit form
The currency field cannot be changed for an existing goal anyway. Therefore
it makes sense not to show it at all. This commit makes the currency picker
always visible when editing a revenue goal, and always hidden for custom
event edit form.
* simplify api key creation form
Turn "Sites API access" into a toggle switch identical to "Enable revenue
tracking" in goal creation form.
* remove team setup CTAs for Starter tier
* fix team member limit for starter
* adjust v5 plan limits and limit exceeded notices
* do not display global notices on upgrade-success page
* fix settings/subscription monthly quota boxes alignment
* fix CI
* use tailwind backdrop-blur
* remove dangling log + avoid passing setSaveDisabled
* remove duplicate function clauses revenue goals
* revert create api key UI change but disable button still
* optimize for darkmode
* blur team settings > team members for Starter
* rename team accounts to team management
* Add `locked_by_admin` to teams schema
* Implement team locking
* Look up `teams.locked_by_admin` in relevant background services
* Add background servive tests
* Type faster than think!
* Purge bunny cdn cache when tracker script config is updated
* Only allow one purge task scheduled per site
Tested by adding logging and toggling a checkbox a few times. Only one job got executed.
* Typo
* Add `SSO.Identity` struct
* Ensure timestamps are set to second resolution to avoid issues
* Implement `SSO.provision_user/1`
* Implement `UserAuth.log_in_user/3` clause accepting identity
* Fix type declaration in `UserAuth`
* Plugins API for tracker script configuration
* no support for track_404_pages in plugins api
* Update lib/plausible_web/plugins/api/controllers/tracker_script_configuration.ex
Co-authored-by: Uku Taht <Uku.taht@gmail.com>
* Restructure update code
* Remove dead code
---------
Co-authored-by: Uku Taht <Uku.taht@gmail.com>
* tracker_script_configuration table migration
* tracker_script_configuration schema + upsert tests
* TrackerScriptConfiguration: read from installation_meta, double-write, refactor installation flow to work off of new model
* Fix a test
* Backfill tracker script configuration
* tracker_script_configuration table migration
* tracker_script_configuration schema + upsert tests
* TrackerScriptConfiguration: read from installation_meta, double-write, refactor installation flow to work off of new model
* Fix a test
* add a new (feature flagged) upgrade page offering v5 plans
* include starter tier plans in available_plans_for + use dev prices in test
* upgrade page remodelling with starter tier
* mobile optimizations
* optimize for darkmode
* add embedded dashboards as a growth benefit
* do not hide header on LegacyChoosePlan
* consistent v5 plan feature order
* slight grandfathering notice adjustment
* display monthly price too on yearly plans
* default to v5 plans unlesss legacy? is true
* refactor: suggest volume not plan for emails
* align back link with page title
* render grandfathering notice for growth v4 too
* WIP: init() for plausible.js
* Reformat whitespace
* Handle double-initialization gracefully
* Script customProperties option
* Remove pageview-props from tracker script interpolation - its now an advanced config
* Add compile option for compiling the web snippet. This can then be copied to e.g. onboarding
* Switch minification from uglify-js to swc
* Use 4 passes for optimal output
* Remove use strict to remove it from output. Uglifyjs already removed this
* Minor optimization: Remove nulls from output via runningEngagementStart
* Minor optimization: Reduce onIgnoredEvent
* config_json -> config_js
* Dead attribute
* Remove guard for engagements
* More protective customProperties
* Object.assign
* chore: Bump tracker_script_version to 10
* No need for default in Object.assign
* Remove dead guard
* Add flag for scriptv2 onboarding, render different installation screen
* Manual installation screen mockup
* Use phoenix form helpers
* Format
* Move manual tagging to advanced options
* Slightly refactor `Teams.owned_sites/1`
* Don't use `Teams.owned_sites/1` when there are better functions
* Refactor `Teams.owned_sites/2` and add typespecs
* CS: list only team's sites at all times
Previously, when team was not set up, we'd include
all the guest sites in the list
* Add rejecting traffic info
* PlausibleWeb.Tracker -> PlausibleWeb.TrackerPlug
* Support getting plausible-main.js via app from `/js/s-${tag}`
tag currently is site.installation_meta["id"] but im planning (separately) to
introduce a different, shorter id version (using something like NanoId/HashId).
This will be introduced in a separate PR though
* Mark some variables as legacy
* Remove compile-time dependency on plausible-main.js
* Fix build
* moduledoc
* Bump CACHE_VERSION to ensure plausible-main is compiled
* 404 consistently
* Revert "Remove compile-time dependency on plausible-main.js"
This reverts commit 4b533ef0f6.
* Ensure file exists at compile-time
* flat_map over reject
* assert -> refute
* JSON.encode!
* fix sandbox plans v4 to be in sync with prod ones
* sync sandbox plans + unify formatting
* create v5 plans in paddle prod + sandbox + Mix.tasks
* add teams and shared links features
* remove unused line of code
* paddle credentials as module attrs
* remove teams and shared links as growth benefits for time being
* Add profile_url helper clause
* Add notes
* Sort features alphabetically
* Fix checkbox/textarea components
* Unrlelated: update combobox docs
* Initial customer support UI
* Unrelated: don't expand member dropdown if disabled
* Cross link both CRMs
* Remove unused things
* Stop polluting history with tab navigation
* Truncate search results
* Format
* Use routes in favour of phx-click events
* Fix / keypress to search focus
* Rename phx event
* Rename remaining save events
* Fix up x-data
* Fix alpine placeholder event
* Enable progress animation with topbar
* Team: separate assign clauses per tab
* Site: separate assign clauses per tab
* lint
* Replace URI patch on filter text update
* Unifyu filter_bar component usage
* !fixup
* Fix up filter form event name
* Fix number formatting as you type
* Fix enterprise plan number inputs
* Link CS from HelpScout
* Remove target=_blank from kaffy URLs
* Pre-fill custom plans
* Rework the billing tab
* Make checkbox labels clickable
* Put Stats API first
* Format
* Credo
* !fixup
* Don't show empty labels
* Migrate some
* Making progress
* All fixed
* Convert interval picker to tsx
* Fix format
* Fix tests
* Make sure focus outline looks right on DropdownTabButton
* Refactor Site Switcher to Popover
* Fix site switcher test
* Better jsdom mocks in assets tests
* Try svg placeholder favicon
* Update favicon test
* Try giving transition config directly
* Remove empty props
* Remove unnecessary closeDropdown to prevent Firefox transition issue
* Register open dropmenus globally
This is needed to prevent invalid state when navigating with site hotkeys with Firefox while a dropdown is open and coming back using browser
* Colocate popover-specific component
* Clarify behaviour on hitting hotkey for current site
* Try fix Firefox issue
* Try 1.7.19
* Commit to @headlessui/react v1.7.x
* Fix last two transition origins
* Align active tab on baseline
* Remove unneeded global dropmenu state
* Add changelog
* Funnels menu is searchable and scrollable
* Fix transform origin
* Stop funnels menu from holding onto search state
* Mandate ref be passed to SearchInput from the outside
* Extend API key creation with support for Sites API keys
* Remove unnecessary disabled state and improve radio component styling
* Add more tests
* Don't expose Sites API keys in CE
* Only show the notice if Sites API feature is actually disabled
* Adjust API keys subtitle
* Fix condition in one of actions
* Revert "Temporarily disable ingest metrics (#5369)"
This reverts commit b96e96a7f6.
* Add :tools to MIX_ENV=dev
* Stop tracking caches hit ratio in favour of raw counters
* Avoid compiling pageleave variant
Instead, it's treated as a no-op. Tracker still serves it.
Compile wall time went down from 86s -> 46s.
* Vendor, no longer compile p.js
This was a legacy script variant which we keep for backwards
compatibility but little else.
* chore: Bump tracker_script_version to 6
* Change how generic notices refer the account
It's now "This team", unless no team is selected.
* Only owner and billing roles can access/manage subscriptions
* Change how Team Settings options are exposed:
- Subscription only available to owner/billing roles
- Invoices only available to owner/billing roles
- API Keys only available to owner/billing/admin/editor roles
* s/team members/members - to avoid repetition
* Only owner/billing can manage dev subscriptions
* Adjust existing tests
* Add test
* streamline dev subscriptions
* spawn -> Task
* fix button alignment
* do not define routes in test env
* remove explicit mentions of dev env when deciding whether to sandbox paddle
* decide checkout behaviour at compile time
* Timex -> Date
* hum
* make it work for enterprise plans too
* allow convenient subscription status change
* fix ci warnings
* remove redundant commented out code
* fix crash + review suggestion
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
We're seeing warnings as follows:
```
(plausible 0.0.1) lib/plausible/stats/legacy/legacy_query_builder.ex:32: Plausible.Stats.Legacy.QueryBuilder.from/4 |
| (plausible 0.0.1) lib/plausible/stats/query.ex:143: Plausible.Stats.Query.put_imported_opts/2 |
| (plausible 0.0.1) lib/plausible/stats/query.ex:163: Plausible.Stats.Query.get_imports_in_range/2 |
| (plausible 0.0.1) lib/plausible/imported.ex:98: Plausible.Imported.completed_imports_in_query_range/2 |
| (plausible 0.0.1) lib/plausible/stats/query.ex:65: Plausible.Stats.Query.date_range/2 |
| (elixir 1.17.3) lib/calendar/date.ex:111: Date.range/2 |
|
warning: a negative range was inferred for Date.range/2, call Date.range/3 instead with -1 as third argument
```
As well as some Stats API queries with the date time range reversed.
This PR makes it explicit we support passing the range in reverse and
handles that without warnings. Along the way added some tests.
Ref: https://3.basecamp.com/5308029/buckets/36789884/card_tables/cards/8415153184
* improve the error message on the change teams screen
* Update membership_controller.ex
* Adjust tests
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Change `:forbidden` error to `:permission_denied` for consistency
* Stop force-filling timestamp fields on personal team and membership
* Fix password field name in (re)generate 2FA recovery codes form
* Update User schema with a field required by teams migration
* Start cloak vault for self-hosted release migrations.
Since this one is using schemas, existing encrypted columns
do require cloak to be up.
* Update changelog
* Make trial notification ee-only
* Replace `Plausible.ee?/0` with `ee?/0` across the codebase
* Bump release date
* Stop showing footer with stats, except when user is not logged in / viewing shared dashboard
* Add testsfor Site Settings menu CE and EE
* Fix test titles, test org and tags
* Add `locked` to Team schema and add predicate helper in Teams
* Update `team.locked` in parallel with `sites.locked` in SiteLocker
* Adjust team backfill migration to ignore locked team field
* APIv2: More tolerant shorthands for date ranges
I was using APIv2 today and got pissed off that I couldn't do
`"date_range": "3d"`. So I went ahead and fixed this issue...
* Changelog
* typegen
* fix
* More invalid tests
* Set site and member limits to unlimited for CE
* Don't even compile billing tests that trigger warnings in `ce_test`
* Split layout test into 2 distinct tests for CE and EE due to limits
* Update CHANGELOG.md
* Remove redundant test tag
* OG script
* Adapt to CE
* Remove commented line
* Backfill teams CE in a single transaction (#4985)
* single tx
* add migration
* Reorder migrations
So that identifier is already present and
can be fetched using schema-based queries.
* Reorder again on top of master + use data migration utils
---------
Co-authored-by: ruslandoga <ruslandoga+gh@icloud.com>
* Make `site_role/2` return whether real is team or site scoped
* Rename `has_admin_access?` => `has_editor_access?`
* Switch current team if user is a team member in site's team
* Remove new_time_on_page feature flag
* Update tests to use new time on page
* Mark time-on-page as a public metric in APIv2
* CHANGELOG.md
* Validate time_on_page in APIv2
* Update typing
* Remove redudant arguments
* Update GA4 test
* Update stats_controller_test
* Remove assertion from csv_importer
* Add nil case to new time on page tests
* CSV import/export support for time-on-page
Note only the new time-on-page metric is exported this way
* visibility check for graphing of time_on_page
* FE no longer receives/sends legacy_time_on_page_cutoff
* Remove current_user from exports
* Remove legacy_time_on_page_cutoff from query.include, make behavior work off of site.legacy_time_on_page_cutoff explicitly
* Remove dead function
* More current_user_id removals
* Remove editor->admin mapping from Site Settings > People
* Restrict editor role and allow admin to update site role
* Disable actions in Site Settings > People for roles other than admin and owner
* Fix test
* Update labeling of guest members in CRM for clarity
* Update phrasing in other spots of UI
* Update CHANGELONG.md
* Revise team related banners displayed under Site Settings > People
* Fix permissions check for role update
* Send e-mail to new owners when site team is changed
* Improve subject copy
Co-authored-by: hq1 <hq@mtod.org>
* Update copy in test
---------
Co-authored-by: hq1 <hq@mtod.org>
* Append `__team` parameter to URLs in notification e-mails
* Improve copy in guest to team member promotion email
* Make "return_to" set in redirect in `RequireAccountPlug` actually work
* Improve accepted site transfer e-mail phrasing and link
* Set team when creating API key
* Create API key with team ID and adjust API key CRM
* Make CRM work with team-less API keys still
* Scope owner's API keys by team on setup
* Rate limit team scoped API keys by their team
* Enforce team scoping for API key with a team
* Prevent using legacy API keys against setup teams
* Enforce team scoping in Sites API too
* Scope API keys list in settings by team
* Do not prevent legacy API keys from accessing setup teams
* List legacy API keys across all teams
* Display "API Keys" under "Team Settings" when team is setup
* Scope teams index in Sites API as well
* Test Sites API actions
* Revert "Scope owner's API keys by team on setup"
This reverts commit 08fd5b4e801417a28ebb9937457cf3e59f7386a0.
* Test and slightly simplify API key CRM logic
* Test API key provisioning from Account Settings
* Test `AuthorizePublicApi` plug adjustments
* Simplify conditionals (h/t @aerosol)
* Change back to using `schema` in CRM logic
* Don't run tests triggering Kaffy warning locally
* Run quirky Kaffy tests only on CI in EE env
* site.legacy_time_on_page_cutoff migration
* Update migration logic
* Cronjob for setting legacy_time_on_page_cutoff
* Test site creation default legacy_time_on_page_cutoff
* Use site.legacy_time_on_page_cutoff
Leaving the query param logic for now for testing purposes
* tweak cron
* Work around defaults in tests
* Fixes
* Make cutoff date in job configurable - useful for backfilling
* Make column width of time-on-page wider
This will accomodate for the warnings
* Update warning messsage
* Breakdown table: Show space between * and warning in tooltip
* change 7d and 30d periods in API v2
* change 7d and 30d periods in legacy API
* add 28d and 90d into the dashboard
* add tests
* add 28d and 90d to public API v2
* changelog
* npm run generate-types
* typo
* fix NPM test
* fix interval_test
* add P shortcut for last month
* hide last 30d from datepicker but keep keybind functional
* fix keybind hints
* Timex to Date + helpful comment
* prettier format
* adjust comment
* mention 30d -> 28d in changelog as well
* make period hidden param new default
* Expose change_team/3 interface
* Extend `Teams.Users` context
* Update tests
* Implement change site's team UI
* Update tests
* Fixup for CE/EE
* Mark more tests as EE only
* Add extra plug-level protection
* fix typo to stop logging error in test output
* add time:minute interval to internal api schema
* always get visitors and visits from sessions table when time:minute dimension used
* query-api generate types
* changelog update
* Limit rate of requests for Stats/Sites API via Team directly
* Add logging of guest and non-member API key access for tracking
* Add more tests
* Don't log super admin and capture logs in test output
* Fix a typo in existing `capture_log` tag
* Add `Team.hourly_api_request_limit` and update it on plan change
* Fix tests for CE
* Fix CE tests once more
* Add backfill script
* Fix backfill script tests for CE
* List only sites under team in Sites API if team id provided
* Add tests for Sites API create site with team_id provided
* Implement `GET /api/v1/sites/teams` endpoint
* Remove team identifier input from Team settings
* Use feature availability function
* Fix tests setup
* List site guests via Sites API
* Create guests via sites API
* Delete guest memberships/invitations via Sites API
* Credo
* Test e-mail delivery
* Format
* Update extra/lib/plausible_web/controllers/api/external_sites_controller.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Update lib/plausible/sites.ex
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Use aliases for optional where clauses
* Swap order columns
* Use GuestMembership.id in the union query
* Prefer explicit enums over boolean status
---------
Co-authored-by: Adrian Gruntkowski <adrian.gruntkowski@gmail.com>
* Implement team deletion and refactor user deletion
* Secure team deletion endpoints with team access plug
* Add dedicated tests for `Teams.delete/1`
* Test new controller actions and views
* Rephrase "Setup a team" => "Create a team"
* Improve team-related copy
* Fix personal team removal on user delete with multiple teams
* Wrap `delete_user!` contents in a transaction
* Add notice in user deletion view in case of multiple teams ownership
* Add a basic test and fix copy
* Allow site transfer between different teams of the same user
* Fix typespec
* More type and branching fixes to satisfy dialyzer
* Alter when site transfers are included in sites listing
As now it's possible to transfer site between teams of the same user,
the site listing logic has to account for that. With this change, site
transfers are shown along sites under the condition that user is either
switched to personal sites view without a team or the team they
are currently switched to is different from the one the site belongs to
now.
* Make site danger zone available to admins
* Authorize admins to transfer sites on plug level
* Allow admin to initiate site transfer
For when both GTM & WordPress Plugin are detected,
give WP priority. Also, consider `data-cfasync`
a known attribute since it's the plugin that
adds that.
* Backend: get rid of scroll_depth.ex
This commit starts treating the scroll depth feature as *always visible*,
removing the ClickHouse queries on dashboard loads and starting to always
include scroll_depth in dashboard reports and export queries.
* Frontend: remove site.scrollDepthVisible
* adjust csv_importer_test
* remove site.scroll_depth_visible_at
* Replace GET /segments and GET /segments/:segment_id with server-rendered list, fix issue with dashboard report columns
* Remove WIP comments and throw earlier for invalid dashboard state
* Fix Segments details issue on public / shared link sites, add tests
* Get rid of `billable_user` in favour of `current_role`
* s/current_role/current_team_role
* Sort it out (tm)
* Remove unresolvable property from sentry context
* Test & adjust dashboard locked box
* Satisfy a test
* parse scroll depth from string in ingestion
* drop engagement that are missing both sd and e
* parse engagement time from string too
* fix flaky test
* move dropping into a more suitable place in code
* add test
* silence credo
* Support passing `include` as a query parameter for dashboard APIs
* Mark time-on-page metric sortable
It now is thanks to the changed query
* new-time-on-page flag with cutoff being sent to the frontend
* Add correct tooltip title
* Implement metric warning for when legacy and new time_on_page metrics are mixed
* Send legacy_time_on_page_cutoff to backend
* Make time-on-page graphable with the new metric
* Only show metric warnings for time_on_page if flag is enabled
* Changelog
* Solve an clickhouse error when querying timeseries with only legacy time-on-page
* Add tests for timeseries of new time-on-page
Along the way fix an issue with comparisons not working properly
* Solve a typing issue
* Allow toggling legacy_time_on_page_cutoff off in dashboard
* Slightly better workaround
* Solve typing issue
* Prettier
* Guard against no warning
* Solve warning
* Update role enums with billing
* [wip] Ensure no team management can be done for roles other than admin/editor
* Track `current_role` at plug/mount level
* Some team role policy enforcement
* Guard remaining routes based on current team role
* Notify billing members via check usage worker
* Include billing members in trial/locked notifications
* Permissive team access policy when no current team assigned
Effectively the plug should no-op, so that existing user
notices/alerts can be displayed.
* Send cancellation notifications to billing role members
* Include billing members in renewal notifications
* Update moduledoc
* Exclude :guest role from team access auth plug
* Default to time_on_page
* Add new columns to schema
* Read from new column in legacy query
* Read/write new imported_pages columns
* Remove time_on_page column from imported_pages
* Simple, stupid new_time_on_page metric
* Update csv_importer schema
* Refactor: consistent __internal helpers, this will help with joining the query
* Refactor select_joined_metrics
* Refactor: pass `query` to event_metric
* Refactor: remove needless site argument from various calls
* Legacy joining query attempt
* Move test around
* Add more tests for both legacy and new time_on_page metrics in query API
* time_on_page reported in seconds
* timeseries test for metric
* WIP
* Wrap main query in subquery - without this run into trouble performing the join
* Calculate time_on_page in main query, no more new_time_on_page
* Add some TODOs
* Return NULL over 0 when no visits with time-on-page data
* Update moduledoc
* Update some tests that were not expecting integers
* Add a TODO
* Update tests
* Make graphing time series with combined metrics work.
* Slightly more consistent approach to flag updating in APIv2
* Seeds with engagement data
* Make graphing time series when cutoff is in the middle work
Bakes less assumptions into everything as well.
* Rename to legacy_time_on_page_cutoff
* Fixup lib/plausible_web/controllers/api/external_query_api_controller.ex
* Remove a todo and dead/misleading code
* Remove a resolved todo
* Remove needless rounding
* gen types
* Update pages test
* Remove needless columns from select
* Update tests: timestamps and remove comment
* Flip branches
* Rename "My Team" to "My Personal Sites"
* Rename "Create" to "Setup" in context of teams
* Set default Team Name to "Username's Team"
* wip
* end
* Expose team identifier
* fixup
* team id
* wip
* Rename `Teams.name()` -> `Teams.default_name()` for clarity
* Update test name
* Always reset team name when navigating to Team CTA
* Always use default team name for non-setup team
* Add tests for team name function
* Put sites list heading change behind FF
* Don't rely on FF for implicit team existence check
* Remove unnecessary team pick by parameter in site creation action
* Put first 3 teams in auth assigns context
* Fix setting current team from session
* Make `dropdown_item` component accept method for link
* Implement embedded team switcher in nav bar
* Store only personal team under my_team
* WIP
* Minor team switcher visual tweak
* Fix personal team selection
* Show only guest sites when no team picked
* Show CTA only in reference to `@my_team`
* Fix dedicated team switcher view
* Move picker indicator to the right in dedicated team select
* Alter site listing logic and fix tests
* Add viewer invitation to seeds
* Fix embedded team switch display condition
* Switch current team after setup
* Explicitly clean current team session value when no longer valid
* Remove redundant team switching logic
* Add quick link to team settings
* Don't show quick link when there's no current team
* Fix dedicated team switcher for no current team case
* Add test for my team fallback case
* Don't allow opening team settings for personal team
* Fix formatting
* Add site listing tests
* Fix team switching to avoid clash with existing conn params
* Fix formatting
* Remove unneeded `method` from `dropdown_item` component
* Decalre attributes for `team_switcher` component
* Render Invoices/Subscription sections based on team state
* Fix formatting
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* make scroll depth public in json schema
* add test for 400 response
* add info paragraphs in 'add goal' form
* changelog update
* fix typo
---------
Co-authored-by: Uku Taht <Uku.taht@gmail.com>
This was unexpected breakage from releasing new tracker script with engagement tracking to the world. Users are seeing inflated current visitors counts compared to top sources report.
* Remove Segments API feature gate since flag is globally true
* Include auth param with all requests when on shared dashboard
* Update changelog
* Remove feature flag check plug
* Unify logic, refactor names
* Refactor name
* Remove "team layout updated" flash message
* Remove flash when switching team
* Prevent illegal UI states when at team members limit already
* Test UI states at team members limit
* Remove unnecessary socket assign
* Main graph: Graph revenue metrics as zeroes instead of nils.
This has no effect on existing APIs as:
- Comparisons/empty data point logic only affects APIv1 which does not expose revenue metrics
Also changes semantics for visit_duration to be more in-line with the
rest.
* Improve dashboard main graph
- Graph tooltip for revenue metrics now shows revenue with the relevant
monetary unit.
- Graph tooltips for scroll depth, visit duration and so on now shows `-`
instead of 0 on dates where no relevant visits occurred.
* Remove business logic duplication
* Revert "Ensure no export button is rendered for public roles"
This reverts commit 213fafe041.
* Revert "Restrict public CSV export access (#5089)"
This reverts commit d3d0547484.
* Keep the Role.public enum needed elsewhere
* Implement Site Segments billing feature
* Make sure Site Segments benefit appears only when feature flag is present
* Add site_segments flag to v3 plans
* Refactor new filter menu back to ghost button
* Stop error state from persisting (#5131)
* Refactor how Segments appear on Choose Plan page
* Limit to 500 segments per site
* Resolve segment owner names and dates in site timezone in the BE
* Fix SegmentAuthorship
* Fix issue with updating dangling segment
* Refactor flaky PATCH segment test
* Unify segment type label logic
* Refactor SegmentOwnership type definitions for clarity
* Deal with segments when guest member is removed
* Handle segments when user removed from team
* Deal with user deletion
* Fix spelling
* Fix postgres client make task
* Remove migration
* WIP
* Load members
* Assert that we know has_not_done will not work without changes
* Add tests
* Assert that dates are in the expected format
* Add tests, better authorship dates, api.js -> api.ts
* Add error panels
* Flatten errors on the API side
* Stop name copy from getting too long
* Make comparison mode and edit segment modes exclusive
* Fix flicker calculating space
* Fix issue with definite state not persisting
* Unhitch modals from query-context
* Separate API format and dashboard format of segment_data
* Clarify purpose of useDefiniteLocationState
* Tweak UI: site switcher, save as segment
* Fix issues with modals
* Remove commented and unnecessary code, better query context
* Fix too permissive site members dataset
* Make sure Segment doesn't show up as an option to customer without the FF
* Fix issue with 'See more' menu being present when it should not be
* Permit :has_not_done filter in segments
* Refactor to matching on filter list structure
* Flatten :and stemming from segment filters on first level
* Update test
* Refactor: remove metrics argument from merge_imported()
* Support querying percentage without visitors metric
* Fix ordering by special metrics with imports causing a 500
We don't calculate all metrics directly on imports, hence cannot order
the import by them either.
* Changelog
* dont let blue background overflow rounded corners
* move scroll goal creation into a separate tab
* render goal type as Scroll
* add scroll goal edit capability
* implement automatic display name update in create form
* make UX more user-friendly
* autoselect the entire display name on first focus
* adjust tests
* set min value to 1 in scroll_threshold input
* rename goal trigger tab
* Add tests for `Teams.get_or_create/1` and `Teams.get_by_owner/1`
* Start populating `current_team` in assigns fetching value from session
* Clean up team passing in invitation services
* Make site transfer service handle multi-team scenario
* Handle multi-team and permission transfer errors on controller level
* Handle multi-teams in site creation on service and controller level
* Drop validation limiting full membership to a single team
* Make user deletion account for public team ownership
* Adjust feature availability checks for Stats API key
* Use current_team when determining limits on site transfer invitation
* Adjust trial upgrade email submission to account for multiple owners
* Remove unnecessary `Teams.load_for_site/1`
* Spike renaming `owner` and `ownership` relationships to plural versions
* Make HelpScout integration handle owner of multiple teams gracefully
* Add FIXME note
* Resolve paddle callback issue by always provisioning a new team when none passed
* Set `current_team` as `my_team` only when user is an owner
* Implement basics of Teams CRM
* Extend Teams CRM
* Further adjust User and Site CRM and refine Team CRM
* Convert Enterprise Plan CRM to refer to team directly and not via user
* Remove unused virtual fields from User schema
* Add note to HelpScout integration
* Allow listing multiple owners under Site Settings / People
* Remove unused User schema relations
* Fix current team fetch in auth plug and context
* Implement basic team switcher
* Ensure (site) editor role is properly handled in site actions auth
* Don't set `site_limit_exceeded` error marker on `permission_denied` error
* Link from HS integration to Team CRM instead of User CRM when available
* Ensure consistent ordering of preloaded owners
* Add `with_subscription` preload for optimisitation
* Add ability to search sites by team identifier
* Add ability to pick team when transferring ownership directly
* Fix failing HelpScout tests
* Scope by team when listing sites in dashboard and via API (optional)
* Add ability to search by team identifier in plans CRM lookup widget
* Add subscription plan, status and grace period to team status info
* Expose teams list in user CRM edit form and fix team details CRM view
* Fix Team Switcher styling
* Reorganise header nav menu
* Avoid additional queries when authenticating user
* Hide the pay/site transfer message on lock screen when teams FF is on
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* Restrict public CSV export access
* restrict export
* Restrict public CSV export access
* Revert "restrict export"
This reverts commit f756486420.
* Don't show CSV export option for viewers who are not logged in
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* write comparison_utc_time_range into query
* write site_imports into query
* use struct! over Query.set
* variable to module attr
* remove redundant comment
* reject over filter
* Map.reject over Enum.reject
* Revert "Disable scroll depth exports temporarily"
This reverts commit 48ad691f53.
* Remove support for pageleave events being equivelent to engagement in ingestion
* Explicit column ordering inside csv imports
Subtle change, but this ensures that CSVs that contain extra columns or differently named columns do not cause trouble
* Add scale_sample fragment helper
* Update scroll depth queries to be based on visits rather than visitors
* Add test demonstrating session-based results
* Update csv test (session vs user-based difference)
* Attempt to update csv tests
* PR feedback
* Implement very rudimentary support for cache partitioning for sessions
* Convenience for starting partitioned caches
* Test basic partitioning expectations
* Include put_many in test
* Use div/2
* Remove unused alias
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
* Engagement events should refresh in-memory session cache
This will drop less events when session was actually active but didn't
have any pageviews/custom events arrive
* unwrap error
* Different handling of response types
* First attempt to update goal in segment
* Use transform_filters function for updating segments
* Use site id index in segment update query
* Escape regex
* Remove IO.inspect
* Stop double-wrapping goal :ok after update
* Expand segments goal update test
* Add whitespace matchers around square brackets
* Add comment for regex
* Use update_all to avoid bumping timestamp
* Refactor test suite to allow seeking multiple sessions
* Fix mismatch between session and event user_ids after salts are rotated
Consider the following scenario
1. We receive a pageview from a user A
2. Salts are rotated after day end
3. We receive another pageview
Previously, this would result in:
- 2 different sessions with mismatching user_ids
- 2 events where each would have different user_ids
This fixes the problem by removing the previous faulty session updating
and forcing the event.user_id to be updated after we found a session
with the previous salt.
* Remove an assertion
* Hide top stat if value is null
* Handle nulls in events metric on dashboard - rendering - instead
* Return nulls for `event` metric when dealing with scroll goals
Counting conversions doesn't really make sense in this scenario.
If there are multiple goals, nulls are only returned for those affected.
If there is at least one scroll goal included by the filter, conversions
cannot be counted.
* Prettier
* Handle case with goal dimension AND filters correctly
* Remove todo
* Separate liveness and readiness checks
* Changelog
* Make sure /api/health uses readiness check
* Do not expose internal error
* Make healthcheck repo calls parallel
* add migration
* add schema field
* mark site_imports with has_scroll_depth
* add function to get imports in query range
* add scroll_depth metric warning in QueryResult
* return scroll_depth warning in top stats
* render minimalistic warning in top stats
* minimalistic warning in Top Pages breakdown
* prettier format
* silence credo
* add test
* use a snapshot of SiteImport schema in data migration
* also use a snapshot list of imported_* tables
* moduledoc (credo)
* change tooltip message
* change metric warnings structure in top stats response
* pass meta from queryresult directly
* revert top_stats_entry refactor
* prettier
* stop using SiteImport module in data migration
* Start PromEx first; don't run the Oban plugin in test
* Implement `find_team_invitations`
* Implement `all_members`
* Allow disabling e-mail notifications on team member removal
Will be needed later, when operations are applied
in bulk and notifications go out only when transaction
succeeded.
* Fix visuals per @ukutath's suggestions
* Add `:setup_team` test context function
* Don't show team settings in the sidebar, if setup incomplete
* Add high-level interface for team layout arrangement
Will be used in setup but also later on, in membership settings.
* Update team/setup to use `Team.Management.Layout`
* Implement team general settings allowing layout arrangement
* Format
* Remove unused setup_team
* Add id attributes to member dropdown elements
* Format
* Unify team management experience
By sharing the same form layout in both views,
and enabling promoting guests to team members
in a separate section.
* Rename Invitations/Memberships getters
* Tweak team setup layout
* Update team setup markers only once
* Update tests
* Add another future regression test
* Fix typo
* Prune guest memberships on guest->team member promotion
* Remove now unnecessary `Candidates` module
* Add missing tests
* Catch up on multiple owners fixes
* Add missing describe-block setup
* Hopefully make Layout easier to follow
* Remove default prevention from dropdown
* Remove unused assign
* Make `sorted_for_display` skip scheduled for deletion
* `use PlausibleWeb.Component`
* Use `data-test-kind` for test specific selectors
* Remove `class="relative"` from `.dropdown` instances
* migration: add scroll_threshold to goals
* update goal schema
* setup simple UI for creating scroll goals
* add ability to filter and breakdown scroll goals
* fix goals form tests
* add valiation for page path exists
* move todo comments to expression.ex
* move tests
* make it clear that scroll_threshold is optional
* avoid calling Plausible.Goal.type() too many times
* do not consider 255 scroll depth a conversion
* migration: add scroll_threshold to goals
* do not drop the old index yet
* More efficient goals join again
* Refactor: move goals stats code explicitly under Stats.Goals module
* Move code under Plausible.Stats.Goals
* 254 -> 100
* add scroll_threshold field to goal schema + new unique constraint
* adjust test to test what it claims to
* mix format
* add migration
* consider imported query unsupported when page scroll goal filter
* add missing tests
* pattern match imported argument
* silence credo
* Update lib/plausible/stats/sql/expression.ex
Co-authored-by: Karl-Aksel Puulmann <macobo@users.noreply.github.com>
* use site_imports populated in test setup
---------
Co-authored-by: Karl-Aksel Puulmann <oxymaccy@gmail.com>
Co-authored-by: Karl-Aksel Puulmann <macobo@users.noreply.github.com>
* migration: add scroll_threshold to goals
* do not drop the old index yet
* add scroll_threshold field to goal schema + new unique constraint
* adjust test to test what it claims to
* mix format
* WIP: Update scroll_depth_visible_at in ingestion
* Simplify code and test genserver directly
* No more check_scroll_depth_visible!
* Update a test
* Update a test
* GenServer -> ets
* Additional where
* Fix a test
`fetch` allows us to use the keepalive flag, which more reliably
delivers data to us. It's also required for reliable scroll depth
capturing down the line.
The only major browser not to support fetch is Internet Explorer.
Clients who care about IE traffic can use the `.compat` variant of our
script (documented in
https://plausible.io/docs/script-extensions#scriptcompatjs). As of this
commit, IE makes up less than ~0.003% of incoming traffic to plausible.
* add very basic info box in site settings > integrations
* add looker studio as plan benefit
* add paragraph of text
* remove unwanted comma
* hide new settings section on ce
* moduledoc
* organize files and modules better + call ee-only condition in template
* move everything into a single template
* Don't preload goal settings modal to avoid issues with opening in edit mode
* Remove test which is no longer holding ture
* Still enable preload for tests, as it's needed
* Fix and move test env switch inside the modal component
* Fix for release build
* Move `GracePeriod` under `Teams` and clean it up a bit
* Switch to relying on new team membership constraint when creating my team
* Remove unused unique_constraint from Teams.Membership schema changeset
* add migration
* move scroll_depth_enabled? fn
* maybe set engagement_metrics_enabled_at when requesting dashboard
* maybe set engagement_metrics_enabled_at in shared_link action
* maybe set engagement_metrics_enabled_at on full export
* fix tests
* feature gate scroll depth on the dashboard with site.engagement_metrics_enabled_at
* feature gate scroll depth in full export too
* fix npm ci
* Rename things into FE, remove unneccessary flag checks
* Continue with renaming
* Rename site flag to be more descriptive
* Move business logic, calculate based on scroll depth, make more precalculatable
* Some docs
* Rename to site.scrollDepthVisible in frontend
* Update migration
* Fix template
* Remove boilerplate from tests
* Update tests
* More straight-forward test
* Update condition
---------
Co-authored-by: Robert Joonas <robertjoonas16@gmail.com>
* Separate `engagement` event triggered on visibilitychange
* Set up shared tests for engagement requests and pageleaves
* Store scroll_depth on engagement events
* Move test to be shared
* Update cache_store
* preload completed site_imports for site when needed
* remove unused field from top stats response
* refactor imports meta
* remove redundant function clause
* fix ordering in queryresult
* preload completed_imports in plugs
* write code more short
* add special goal with special prop
* rename form to path
* enable WP Form Completion in exports/imports
* get internal keys from public function in test
* also test including imported data
* improve test coverage
* rename goal
Currently the following query results in a 500:
```json
{
"site_id": "plausible.io",
"metrics": ["visitors", "events", "pageviews"],
"dimensions": ["visit:exit_page"],
"date_range": "7d"
}
```
This adds proper validation for that case that was previously missing.
* Simple frontend for has_done_not
* Simple UI for goal filter adding or removal
* Better alignment on trash icons, avoid moving around if row expands
* Refactor filter text functions, share code
* has_not_done, special casing for has not done when formatting filter text
* Changelog
* Fix lint
* prettier format
* Add tests
* Lowercase Goal
* Update changelog
* has_not_done for goals is now named `is not` in the UI
* prettier
* Document and test serializeApiFilters
* Fix doc string
* Allow keybind listeners to be registered on any element
* Support custom placeholders in search input
* Support modals that aren't treated as pages
* Test out fetch-with-keepalive on plausible.io
Fetch with keepalive is a
[widely-supported](https://developer.mozilla.org/en-US/docs/Web/API/Request/keepalive)
which indicates whether the browser will keep the associated request alive if the page that initiated it is unloaded before the request is complete.
We're hoping it will improve event capture rates for `pageleave` and
`pageview` events when the user closes the tab
To use it, we also need to start using `fetch` (with fallback to xhr).
For extra safety, we will only deploy this on `plausible.io` initially.
This will ensure that if there are issues we will be able to react
without affecting any other customers.
TODO after this PR:
- [ ] Companion docs PR
- [ ] Purge bunny cache
- [ ] Make fetch the default request method without data-property
* Mark some code conditional
* Revert "Remove support for legacy Paddle webhook passthrough formats (#4939)"
This reverts commit 48bd2fbd88.
* Drop support for legacy passthrough formats _but_ leave new user only one
* Remove support for legacy Paddle webhook passthrough formats
* Drop support for legacy and user_id only passthrough entirely
* Make codespell CI check happy
* Remove filter_key terminology from the backend
This resurfaced in a recent review, `dimension` or `filter_dimension` is the correct terminology in the backend
* Update table_decider
* Solve new issues
* Expose site_id and site_native_stats_start_at via query
This allows to do more query-building without exposing and passing `site` directly.
* Very basic has_done/has_done_not operator support
No event:goal support yet, no validations
* Add validations that only event: dimensions can be used within has_done/has_done_not
* Allow event:goal filters nested within has_done/has_done_not behavioral filters
* Minor fix for do_decide_custom_prop_table
* has_done support for goals
Minor changes along the way:
- preloaded_goals structure changes
- event:goal restrictions were loosened within has_done
- we don't allow nesting has_done anymore
* Dont query imports when behavioral filters are present
* Update callsites of filtering_on_dimension? to work with new behavioral filters
* has_done_not -> has_not_done
* Changelog entry
* Typegen
* credo cleanup
* Fix changelog
* Remove changelog
* Mark has_done as internal-only
* combine two validations into a single loop
* has_done is now session-based not user-based
* Update a test
* Update transform_tree
* Implement scaffolding for team member and invite mgmt actions
* Implement updating team role
* Prevent changing role if the subject is the only remaining owner
* Implement removing team membership
* Fix only remaining owner removal checks
* Fix remove team membership service
* Fix and clean up imports
* Implement team invitation removal
* Fix errors surfaced by dialyzer
* Test and fix removing team invitations
* Make accept invitation action work for team invitations
* Test rejecting team invitation
* Test team membership role update and removal actions
* Fix flash message interpolation and missing team in transfer result
* Implement migration adding UUID identifier to team
* Set UUID identifier on team creation
* Implement get team by identifier
* Display team invitations on /sites
* Test rendering team invitations on /sites
* Add team management notices on /settings/people
* Test showing team management notices on /settings/people
* Stop drawing double horizontal rule
* Add modueldoc
* Handle guest member trying to call team membership endpoints gracefully
---------
Co-authored-by: Adam Rutkowski <hq@mtod.org>
Adrian Gruntkowski
Adam Rutkowski
Karl-Aksel Puulmann
Uku Taht
RobertJoonas
ruslandoga
Marko Saric
Artur Pata
Cenk Kücük