feat: add global settings for teams (#1391)

## Description

This PR introduces global settings for teams. At the moment, it allows
team admins to configure the following:
* The default visibility of the documents uploaded to the team account
* Whether to include the document owner (sender) details when sending
emails to the recipients.

### Include Sender Details

If the Sender Details setting is enabled, the emails sent by the team
will include the sender's name:

> "Example User" on behalf of "Example Team" has invited you to sign
"document.pdf"

Otherwise, the email will say:

> "Example Team" has invited you to sign "document.pdf"

### Default Document Visibility

This new option allows users to set the default visibility for the
documents uploaded to the team account. It can have the following
values:
* Everyone
* Manager and above
* Admins only

If the default document visibility isn't set, the document will be set
to the role of the user who created the document:
* If a user with the "User" role creates a document, the document's
visibility is set to "Everyone".
* Manager role -> "Manager and above"
* Admin role -> "Admins only"

Otherwise, if there is a default document visibility value, it uses that
value.

#### Gotcha

To avoid issues, the `document owner` and the `recipient` can access the
document irrespective of their role. For example:
* If a team member with the role "Member" uploads a document and the
default document visibility is "Admins", only the document owner and
admins can access the document.
  * Similar to the other scenarios.

* If an admin uploads a document and the default document visibility is
"Admins", the recipient can access the document.

* The admins have access to all the documents.
* Managers have access to documents with the visibility set to
"Everyone" and "Manager and above"
* Members have access only to the documents with the visibility set to
"Everyone".

## Testing Performed

Tested it locally.

packages/app-tests/e2e/teams/team-documents.spec.ts

@@ -462,6 +462,45 @@ test('[TEAMS]: check document visibility based on team member role', async ({ pa
   }
 });
 
+test('[TEAMS]: ensure document owner can see document regardless of visibility', async ({
+  page,
+}) => {
+  const team = await seedTeam();
+
+  // Seed a member user
+  const memberUser = await seedTeamMember({
+    teamId: team.id,
+    role: TeamMemberRole.MEMBER,
+  });
+
+  // Seed a document with ADMIN visibility but make the member user a recipient
+  await seedDocuments([
+    {
+      sender: memberUser,
+      recipients: [],
+      type: DocumentStatus.COMPLETED,
+      documentOptions: {
+        teamId: team.id,
+        visibility: 'ADMIN',
+        title: 'Admin Document with Member Document Owner',
+      },
+    },
+  ]);
+
+  await apiSignin({
+    page,
+    email: memberUser.email,
+    redirectPath: `/t/${team.url}/documents?status=COMPLETED`,
+  });
+
+  // Check that the member user can see the document
+  await expect(
+    page.getByRole('link', { name: 'Admin Document with Member Document Owner', exact: true }),
+  ).toBeVisible();
+
+  await apiSignout({ page });
+});
+
 test('[TEAMS]: ensure recipient can see document regardless of visibility', async ({ page }) => {
   const team = await seedTeam();
 

packages/app-tests/e2e/teams/team-global-settings.spec.ts

@@ -0,0 +1,62 @@
+import { expect, test } from '@playwright/test';
+
+import { seedTeam } from '@documenso/prisma/seed/teams';
+
+import { apiSignin } from '../fixtures/authentication';
+
+test.describe.configure({ mode: 'parallel' });
+
+test('[TEAMS]: update the default document visibility in the team global settings', async ({
+  page,
+}) => {
+  const team = await seedTeam({
+    createTeamMembers: 1,
+  });
+
+  await apiSignin({
+    page,
+    email: team.owner.email,
+    password: 'password',
+    redirectPath: `/t/${team.url}/settings`,
+  });
+
+  await page.getByRole('combobox').click();
+  await page.getByRole('option', { name: 'Admin' }).click();
+  await page.getByRole('button', { name: 'Update team' }).click();
+
+  const toast = page.locator('li[role="status"][data-state="open"]').first();
+  await expect(toast).toBeVisible();
+  await expect(toast.getByText('Success', { exact: true })).toBeVisible();
+  await expect(
+    toast.getByText('Your team has been successfully updated.', { exact: true }),
+  ).toBeVisible();
+});
+
+test('[TEAMS]: update the sender details in the team global settings', async ({ page }) => {
+  const team = await seedTeam({
+    createTeamMembers: 1,
+  });
+
+  await apiSignin({
+    page,
+    email: team.owner.email,
+    password: 'password',
+    redirectPath: `/t/${team.url}/settings`,
+  });
+
+  const checkbox = page.getByLabel('Send on Behalf of Team');
+  await checkbox.check();
+
+  await expect(checkbox).toBeChecked();
+
+  await page.getByRole('button', { name: 'Update team' }).click();
+
+  const toast = page.locator('li[role="status"][data-state="open"]').first();
+  await expect(toast).toBeVisible();
+  await expect(toast.getByText('Success', { exact: true })).toBeVisible();
+  await expect(
+    toast.getByText('Your team has been successfully updated.', { exact: true }),
+  ).toBeVisible();
+
+  await expect(checkbox).toBeChecked();
+});

packages/app-tests/e2e/teams/transfer-team.spec.ts

@@ -29,7 +29,7 @@ test('[TEAMS]: initiate and cancel team transfer', async ({ page }) => {
   await page.getByLabel('Confirm by typing transfer').fill('transfer');
   await page.getByRole('button', { name: 'Transfer' }).click();
 
-  await expect(page.locator('[id="\\:r2\\:-form-item-message"]')).toContainText(
+  await expect(page.locator('[id*="form-item-message"]').first()).toContainText(
     `You must enter 'transfer ${team.name}' to proceed`,
   );