feat: add global settings for teams (#1391)

## Description This PR introduces global settings for teams. At the moment, it allows team admins to configure the following: * The default visibility of the documents uploaded to the team account * Whether to include the document owner (sender) details when sending emails to the recipients. ### Include Sender Details If the Sender Details setting is enabled, the emails sent by the team will include the sender's name: > "Example User" on behalf of "Example Team" has invited you to sign "document.pdf" Otherwise, the email will say: > "Example Team" has invited you to sign "document.pdf" ### Default Document Visibility This new option allows users to set the default visibility for the documents uploaded to the team account. It can have the following values: * Everyone * Manager and above * Admins only If the default document visibility isn't set, the document will be set to the role of the user who created the document: * If a user with the "User" role creates a document, the document's visibility is set to "Everyone". * Manager role -> "Manager and above" * Admin role -> "Admins only" Otherwise, if there is a default document visibility value, it uses that value. #### Gotcha To avoid issues, the `document owner` and the `recipient` can access the document irrespective of their role. For example: * If a team member with the role "Member" uploads a document and the default document visibility is "Admins", only the document owner and admins can access the document. * Similar to the other scenarios. * If an admin uploads a document and the default document visibility is "Admins", the recipient can access the document. * The admins have access to all the documents. * Managers have access to documents with the visibility set to "Everyone" and "Manager and above" * Members have access only to the documents with the visibility set to "Everyone". ## Testing Performed Tested it locally.
2025-11-12 07:43:16 +10:00 · 2024-11-08 13:50:49 +02:00
parent f6bcf921d5
commit 23a0537648
99 changed files with 4372 additions and 1037 deletions
--- a/packages/ui/components/document/document-visibility-select.tsx
+++ b/packages/ui/components/document/document-visibility-select.tsx
@ -16,14 +16,17 @@ import { Tooltip, TooltipContent, TooltipTrigger } from '@documenso/ui/primitive

 export type DocumentVisibilitySelectType = SelectProps & {
  currentMemberRole?: string;
+  isTeamSettings?: boolean;
+  disabled?: boolean;
 };

 export const DocumentVisibilitySelect = forwardRef<HTMLButtonElement, DocumentVisibilitySelectType>(
-  ({ currentMemberRole, ...props }, ref) => {
-    const canUpdateVisibility = currentMemberRole === 'ADMIN' || currentMemberRole === 'MANAGER';
+  ({ currentMemberRole, isTeamSettings = false, disabled, ...props }, ref) => {
+    const canUpdateVisibility =
+      currentMemberRole === 'ADMIN' || currentMemberRole === 'MANAGER' || isTeamSettings;

    return (
-      <Select {...props} disabled={!canUpdateVisibility}>
+      <Select {...props} disabled={(!canUpdateVisibility && !isTeamSettings) || disabled}>
        <SelectTrigger ref={ref} className="bg-background text-muted-foreground">
          <SelectValue data-testid="documentVisibilitySelectValue" placeholder="Everyone" />
        </SelectTrigger>
@ -32,18 +35,15 @@ export const DocumentVisibilitySelect = forwardRef<HTMLButtonElement, DocumentVi
          <SelectItem value={DocumentVisibility.EVERYONE}>
            {DOCUMENT_VISIBILITY.EVERYONE.value}
          </SelectItem>
-
-          {(currentMemberRole === 'ADMIN' || currentMemberRole === 'MANAGER') && (
-            <SelectItem value={DocumentVisibility.MANAGER_AND_ABOVE}>
-              {DOCUMENT_VISIBILITY.MANAGER_AND_ABOVE.value}
-            </SelectItem>
-          )}
-
-          {currentMemberRole === 'ADMIN' && (
-            <SelectItem value={DocumentVisibility.ADMIN}>
-              {DOCUMENT_VISIBILITY.ADMIN.value}
-            </SelectItem>
-          )}
+          <SelectItem value={DocumentVisibility.MANAGER_AND_ABOVE} disabled={!canUpdateVisibility}>
+            {DOCUMENT_VISIBILITY.MANAGER_AND_ABOVE.value}
+          </SelectItem>
+          <SelectItem
+            value={DocumentVisibility.ADMIN}
+            disabled={currentMemberRole !== 'ADMIN' && !isTeamSettings}
+          >
+            {DOCUMENT_VISIBILITY.ADMIN.value}
+          </SelectItem>
        </SelectContent>
      </Select>
    );
--- a/packages/ui/primitives/document-flow/add-settings.types.ts
+++ b/packages/ui/primitives/document-flow/add-settings.types.ts
@ -8,6 +8,7 @@ import {
  ZDocumentActionAuthTypesSchema,
 } from '@documenso/lib/types/document-auth';
 import { isValidRedirectUrl } from '@documenso/lib/utils/is-valid-redirect-url';
+import { DocumentVisibility } from '@documenso/prisma/client';

 export const ZMapNegativeOneToUndefinedSchema = z
  .string()
@ -23,7 +24,7 @@ export const ZMapNegativeOneToUndefinedSchema = z
 export const ZAddSettingsFormSchema = z.object({
  title: z.string().trim().min(1, { message: "Title can't be empty" }),
  externalId: z.string().optional(),
-  visibility: z.string().optional(),
+  visibility: z.nativeEnum(DocumentVisibility).optional(),
  globalAccessAuth: ZMapNegativeOneToUndefinedSchema.pipe(
    ZDocumentAccessAuthTypesSchema.optional(),
  ),