feat: assistant role (#1588)

## Description Introduces the ability for users with the **Assistant** role to prefill fields on behalf of other signers. Assistants can fill in various field types such as text, checkboxes, dates, and more, streamlining the document preparation process before it reaches the final signers. https://github.com/user-attachments/assets/c1321578-47ec-405b-a70a-7d9578385895
2025-11-15 01:01:49 +10:00 · 2025-02-01 03:31:18 +00:00
parent 4017b250fb
commit 332e0657e0
53 changed files with 1638 additions and 700 deletions
--- a/packages/lib/constants/document-audit-logs.ts
+++ b/packages/lib/constants/document-audit-logs.ts
@ -10,6 +10,9 @@ export const DOCUMENT_AUDIT_LOG_EMAIL_FORMAT = {
  [DOCUMENT_EMAIL_TYPE.APPROVE_REQUEST]: {
    description: 'Approval request',
  },
+  [DOCUMENT_EMAIL_TYPE.ASSISTING_REQUEST]: {
+    description: 'Assisting request',
+  },
  [DOCUMENT_EMAIL_TYPE.CC]: {
    description: 'CC',
  },
--- a/packages/lib/constants/recipient-roles.ts
+++ b/packages/lib/constants/recipient-roles.ts
@ -32,12 +32,26 @@ export const RECIPIENT_ROLES_DESCRIPTION = {
    roleName: msg`Viewer`,
    roleNamePlural: msg`Viewers`,
  },
+  [RecipientRole.ASSISTANT]: {
+    actionVerb: msg`Assist`,
+    actioned: msg`Assisted`,
+    progressiveVerb: msg`Assisting`,
+    roleName: msg`Assistant`,
+    roleNamePlural: msg`Assistants`,
+  },
 } satisfies Record<keyof typeof RecipientRole, unknown>;

+export const RECIPIENT_ROLE_TO_DISPLAY_TYPE = {
+  [RecipientRole.SIGNER]: `SIGNING_REQUEST`,
+  [RecipientRole.VIEWER]: `VIEW_REQUEST`,
+  [RecipientRole.APPROVER]: `APPROVE_REQUEST`,
+} as const;
+
 export const RECIPIENT_ROLE_TO_EMAIL_TYPE = {
  [RecipientRole.SIGNER]: `SIGNING_REQUEST`,
  [RecipientRole.VIEWER]: `VIEW_REQUEST`,
  [RecipientRole.APPROVER]: `APPROVE_REQUEST`,
+  [RecipientRole.ASSISTANT]: `ASSISTING_REQUEST`,
 } as const;

 export const RECIPIENT_ROLE_SIGNING_REASONS = {
@ -45,4 +59,5 @@ export const RECIPIENT_ROLE_SIGNING_REASONS = {
  [RecipientRole.APPROVER]: msg`I am an approver of this document`,
  [RecipientRole.CC]: msg`I am required to receive a copy of this document`,
  [RecipientRole.VIEWER]: msg`I am a viewer of this document`,
+  [RecipientRole.ASSISTANT]: msg`I am an assistant of this document`,
 } satisfies Record<keyof typeof RecipientRole, MessageDescriptor>;
--- a/packages/lib/server-only/document/resend-document.tsx
+++ b/packages/lib/server-only/document/resend-document.tsx
@ -14,8 +14,8 @@ import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-reques
 import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
 import { renderCustomEmailTemplate } from '@documenso/lib/utils/render-custom-email-template';
 import { prisma } from '@documenso/prisma';
-import { DocumentStatus, RecipientRole, SigningStatus } from '@documenso/prisma/client';
 import type { Prisma } from '@documenso/prisma/client';
+import { DocumentStatus, RecipientRole, SigningStatus } from '@documenso/prisma/client';

 import { getI18nInstance } from '../../client-only/providers/i18n.server';
 import { NEXT_PUBLIC_WEBAPP_URL } from '../../constants/app';
--- a/packages/lib/server-only/field/get-fields-for-token.ts
+++ b/packages/lib/server-only/field/get-fields-for-token.ts
@ -1,15 +1,55 @@
 import { prisma } from '@documenso/prisma';
+import { FieldType, RecipientRole, SigningStatus } from '@documenso/prisma/client';

 export type GetFieldsForTokenOptions = {
  token: string;
 };

 export const getFieldsForToken = async ({ token }: GetFieldsForTokenOptions) => {
+  if (!token) {
+    throw new Error('Missing token');
+  }
+
+  const recipient = await prisma.recipient.findFirst({
+    where: { token },
+  });
+
+  if (!recipient) {
+    return [];
+  }
+
+  if (recipient.role === RecipientRole.ASSISTANT) {
+    return await prisma.field.findMany({
+      where: {
+        OR: [
+          {
+            type: {
+              not: FieldType.SIGNATURE,
+            },
+            recipient: {
+              signingStatus: {
+                not: SigningStatus.SIGNED,
+              },
+              signingOrder: {
+                gte: recipient.signingOrder ?? 0,
+              },
+            },
+            documentId: recipient.documentId,
+          },
+          {
+            recipientId: recipient.id,
+          },
+        ],
+      },
+      include: {
+        signature: true,
+      },
+    });
+  }
+
  return await prisma.field.findMany({
    where: {
-      recipient: {
-        token,
-      },
+      recipientId: recipient.id,
    },
    include: {
      signature: true,
--- a/packages/lib/server-only/field/remove-signed-field-with-token.ts
+++ b/packages/lib/server-only/field/remove-signed-field-with-token.ts
@ -4,7 +4,7 @@ import { DOCUMENT_AUDIT_LOG_TYPE } from '@documenso/lib/types/document-audit-log
 import type { RequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
 import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
 import { prisma } from '@documenso/prisma';
-import { DocumentStatus, SigningStatus } from '@documenso/prisma/client';
+import { DocumentStatus, RecipientRole, SigningStatus } from '@documenso/prisma/client';

 export type RemovedSignedFieldWithTokenOptions = {
  token: string;
@ -17,11 +17,28 @@ export const removeSignedFieldWithToken = async ({
  fieldId,
  requestMetadata,
 }: RemovedSignedFieldWithTokenOptions) => {
+  const recipient = await prisma.recipient.findFirstOrThrow({
+    where: {
+      token,
+    },
+  });
+
  const field = await prisma.field.findFirstOrThrow({
    where: {
      id: fieldId,
      recipient: {
-        token,
+        ...(recipient.role !== RecipientRole.ASSISTANT
+          ? {
+              id: recipient.id,
+            }
+          : {
+              signingOrder: {
+                gte: recipient.signingOrder ?? 0,
+              },
+              signingStatus: {
+                not: SigningStatus.SIGNED,
+              },
+            }),
      },
    },
    include: {
@ -30,7 +47,7 @@ export const removeSignedFieldWithToken = async ({
    },
  });

-  const { document, recipient } = field;
+  const { document } = field;

  if (!document) {
    throw new Error(`Document not found for field ${field.id}`);
@ -40,7 +57,10 @@ export const removeSignedFieldWithToken = async ({
    throw new Error(`Document ${document.id} must be pending`);
  }

-  if (recipient?.signingStatus === SigningStatus.SIGNED) {
+  if (
+    recipient?.signingStatus === SigningStatus.SIGNED ||
+    field.recipient.signingStatus === SigningStatus.SIGNED
+  ) {
    throw new Error(`Recipient ${recipient.id} has already signed`);
  }

@ -66,20 +86,22 @@ export const removeSignedFieldWithToken = async ({
      },
    });

-    await tx.documentAuditLog.create({
-      data: createDocumentAuditLogData({
-        type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FIELD_UNINSERTED,
-        documentId: document.id,
-        user: {
-          name: recipient?.name,
-          email: recipient?.email,
-        },
-        requestMetadata,
-        data: {
-          field: field.type,
-          fieldId: field.secondaryId,
-        },
-      }),
-    });
+    if (recipient.role !== RecipientRole.ASSISTANT) {
+      await tx.documentAuditLog.create({
+        data: createDocumentAuditLogData({
+          type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FIELD_UNINSERTED,
+          documentId: document.id,
+          user: {
+            name: recipient.name,
+            email: recipient.email,
+          },
+          requestMetadata,
+          data: {
+            field: field.type,
+            fieldId: field.secondaryId,
+          },
+        }),
+      });
+    }
  });
 };
--- a/packages/lib/server-only/field/sign-field-with-token.ts
+++ b/packages/lib/server-only/field/sign-field-with-token.ts
@ -10,7 +10,7 @@ import { validateRadioField } from '@documenso/lib/advanced-fields-validation/va
 import { validateTextField } from '@documenso/lib/advanced-fields-validation/validate-text';
 import { fromCheckboxValue } from '@documenso/lib/universal/field-checkbox';
 import { prisma } from '@documenso/prisma';
-import { DocumentStatus, FieldType, SigningStatus } from '@documenso/prisma/client';
+import { DocumentStatus, FieldType, RecipientRole, SigningStatus } from '@documenso/prisma/client';

 import { DEFAULT_DOCUMENT_DATE_FORMAT } from '../../constants/date-formats';
 import { DEFAULT_DOCUMENT_TIME_ZONE } from '../../constants/time-zones';
@ -56,20 +56,41 @@ export const signFieldWithToken = async ({
  authOptions,
  requestMetadata,
 }: SignFieldWithTokenOptions) => {
+  const recipient = await prisma.recipient.findFirstOrThrow({
+    where: {
+      token,
+    },
+  });
+
  const field = await prisma.field.findFirstOrThrow({
    where: {
      id: fieldId,
      recipient: {
-        token,
+        ...(recipient.role !== RecipientRole.ASSISTANT
+          ? {
+              id: recipient.id,
+            }
+          : {
+              signingStatus: {
+                not: SigningStatus.SIGNED,
+              },
+              signingOrder: {
+                gte: recipient.signingOrder ?? 0,
+              },
+            }),
      },
    },
    include: {
-      document: true,
+      document: {
+        include: {
+          recipients: true,
+        },
+      },
      recipient: true,
    },
  });

-  const { document, recipient } = field;
+  const { document } = field;

  if (!document) {
    throw new Error(`Document not found for field ${field.id}`);
@ -87,7 +108,10 @@ export const signFieldWithToken = async ({
    throw new Error(`Document ${document.id} must be pending for signing`);
  }

-  if (recipient?.signingStatus === SigningStatus.SIGNED) {
+  if (
+    recipient.signingStatus === SigningStatus.SIGNED ||
+    field.recipient.signingStatus === SigningStatus.SIGNED
+  ) {
    throw new Error(`Recipient ${recipient.id} has already signed`);
  }

@ -183,6 +207,8 @@ export const signFieldWithToken = async ({
    throw new Error('Typed signatures are not allowed. Please draw your signature');
  }

+  const assistant = recipient.role === RecipientRole.ASSISTANT ? recipient : undefined;
+
  return await prisma.$transaction(async (tx) => {
    const updatedField = await tx.field.update({
      where: {
@ -219,11 +245,14 @@ export const signFieldWithToken = async ({

    await tx.documentAuditLog.create({
      data: createDocumentAuditLogData({
-        type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FIELD_INSERTED,
+        type:
+          assistant && field.recipientId !== assistant.id
+            ? DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FIELD_PREFILLED
+            : DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FIELD_INSERTED,
        documentId: document.id,
        user: {
-          email: recipient.email,
-          name: recipient.name,
+          email: assistant?.email ?? recipient.email,
+          name: assistant?.name ?? recipient.name,
        },
        requestMetadata,
        data: {
--- a/packages/lib/server-only/recipient/get-recipient-by-token.ts
+++ b/packages/lib/server-only/recipient/get-recipient-by-token.ts
@ -9,5 +9,8 @@ export const getRecipientByToken = async ({ token }: GetRecipientByTokenOptions)
    where: {
      token,
    },
+    include: {
+      fields: true,
+    },
  });
 };
--- a/packages/lib/server-only/recipient/get-recipients-for-assistant.ts
+++ b/packages/lib/server-only/recipient/get-recipients-for-assistant.ts
@ -0,0 +1,57 @@
+import { prisma } from '@documenso/prisma';
+import { FieldType } from '@documenso/prisma/client';
+
+import { AppError, AppErrorCode } from '../../errors/app-error';
+
+export interface GetRecipientsForAssistantOptions {
+  token: string;
+}
+
+export const getRecipientsForAssistant = async ({ token }: GetRecipientsForAssistantOptions) => {
+  const assistant = await prisma.recipient.findFirst({
+    where: {
+      token,
+    },
+  });
+
+  if (!assistant) {
+    throw new AppError(AppErrorCode.NOT_FOUND, {
+      message: 'Assistant not found',
+    });
+  }
+
+  let recipients = await prisma.recipient.findMany({
+    where: {
+      documentId: assistant.documentId,
+      signingOrder: {
+        gte: assistant.signingOrder ?? 0,
+      },
+    },
+    include: {
+      fields: {
+        where: {
+          OR: [
+            {
+              recipientId: assistant.id,
+            },
+            {
+              type: {
+                not: FieldType.SIGNATURE,
+              },
+              documentId: assistant.documentId,
+            },
+          ],
+        },
+      },
+    },
+  });
+
+  // Omit the token for recipients other than the assistant so
+  // it doesn't get sent to the client.
+  recipients = recipients.map((recipient) => ({
+    ...recipient,
+    token: recipient.id === assistant.id ? token : '',
+  }));
+
+  return recipients;
+};
--- a/packages/lib/types/document-audit-logs.ts
+++ b/packages/lib/types/document-audit-logs.ts
@ -28,6 +28,7 @@ export const ZDocumentAuditLogTypeSchema = z.enum([
  'DOCUMENT_DELETED', // When the document is soft deleted.
  'DOCUMENT_FIELD_INSERTED', // When a field is inserted (signed/approved/etc) by a recipient.
  'DOCUMENT_FIELD_UNINSERTED', // When a field is uninserted by a recipient.
+  'DOCUMENT_FIELD_PREFILLED', // When a field is prefilled by an assistant.
  'DOCUMENT_VISIBILITY_UPDATED', // When the document visibility scope is updated
  'DOCUMENT_GLOBAL_AUTH_ACCESS_UPDATED', // When the global access authentication is updated.
  'DOCUMENT_GLOBAL_AUTH_ACTION_UPDATED', // When the global action authentication is updated.
@ -45,6 +46,7 @@ export const ZDocumentAuditLogEmailTypeSchema = z.enum([
  'SIGNING_REQUEST',
  'VIEW_REQUEST',
  'APPROVE_REQUEST',
+  'ASSISTING_REQUEST',
  'CC',
  'DOCUMENT_COMPLETED',
 ]);
@ -313,6 +315,83 @@ export const ZDocumentAuditLogEventDocumentFieldUninsertedSchema = z.object({
  }),
 });

+/**
+ * Event: Document field prefilled by assistant.
+ */
+export const ZDocumentAuditLogEventDocumentFieldPrefilledSchema = z.object({
+  type: z.literal(DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FIELD_PREFILLED),
+  data: ZBaseRecipientDataSchema.extend({
+    fieldId: z.string(),
+
+    // Organised into union to allow us to extend each field if required.
+    field: z.union([
+      z.object({
+        type: z.literal(FieldType.INITIALS),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.EMAIL),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.DATE),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.NAME),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.TEXT),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.union([z.literal(FieldType.SIGNATURE), z.literal(FieldType.FREE_SIGNATURE)]),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.RADIO),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.CHECKBOX),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.DROPDOWN),
+        data: z.string(),
+      }),
+      z.object({
+        type: z.literal(FieldType.NUMBER),
+        data: z.string(),
+      }),
+    ]),
+    fieldSecurity: z.preprocess(
+      (input) => {
+        const legacyNoneSecurityType = JSON.stringify({
+          type: 'NONE',
+        });
+
+        // Replace legacy 'NONE' field security type with undefined.
+        if (
+          typeof input === 'object' &&
+          input !== null &&
+          JSON.stringify(input) === legacyNoneSecurityType
+        ) {
+          return undefined;
+        }
+
+        return input;
+      },
+      z
+        .object({
+          type: ZRecipientActionAuthTypesSchema,
+        })
+        .optional(),
+    ),
+  }),
+});
+
 export const ZDocumentAuditLogEventDocumentVisibilitySchema = z.object({
  type: z.literal(DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_VISIBILITY_UPDATED),
  data: ZGenericFromToSchema,
@ -493,6 +572,7 @@ export const ZDocumentAuditLogSchema = ZDocumentAuditLogBaseSchema.and(
    ZDocumentAuditLogEventDocumentMovedToTeamSchema,
    ZDocumentAuditLogEventDocumentFieldInsertedSchema,
    ZDocumentAuditLogEventDocumentFieldUninsertedSchema,
+    ZDocumentAuditLogEventDocumentFieldPrefilledSchema,
    ZDocumentAuditLogEventDocumentVisibilitySchema,
    ZDocumentAuditLogEventDocumentGlobalAuthAccessUpdatedSchema,
    ZDocumentAuditLogEventDocumentGlobalAuthActionUpdatedSchema,
--- a/packages/lib/utils/document-audit-logs.ts
+++ b/packages/lib/utils/document-audit-logs.ts
@ -314,6 +314,10 @@ export const formatDocumentAuditLogAction = (
      anonymous: msg`Field unsigned`,
      identified: msg`${prefix} unsigned a field`,
    }))
+    .with({ type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FIELD_PREFILLED }, () => ({
+      anonymous: msg`Field prefilled by assistant`,
+      identified: msg`${prefix} prefilled a field`,
+    }))
    .with({ type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_VISIBILITY_UPDATED }, () => ({
      anonymous: msg`Document visibility updated`,
      identified: msg`${prefix} updated the document visibility`,