Merge branch 'main' into feat/delete-archive

2025-11-15 17:21:41 +10:00 · 2024-08-21 11:44:05 +10:00
parent 16527f01e7 66fdc1d659
commit 6bf62e0ecb
124 changed files with 2129 additions and 772 deletions
--- a/packages/trpc/server/document-router/router.ts
+++ b/packages/trpc/server/document-router/router.ts
@ -30,6 +30,7 @@ import {
  ZCreateDocumentMutationSchema,
  ZDeleteDraftDocumentMutationSchema as ZDeleteDocumentMutationSchema,
  ZDownloadAuditLogsMutationSchema,
+  ZDownloadCertificateMutationSchema,
  ZFindDocumentAuditLogsQuerySchema,
  ZGetDocumentByIdQuerySchema,
  ZGetDocumentByTokenQuerySchema,
@ -441,7 +442,14 @@ export const documentRouter = router({
          id: documentId,
          userId: ctx.user.id,
          teamId,
-        });
+        }).catch(() => null);
+
+        if (!document || (teamId && document.teamId !== teamId)) {
+          throw new TRPCError({
+            code: 'FORBIDDEN',
+            message: 'You do not have access to this document.',
+          });
+        }

        const encrypted = encryptSecondaryData({
          data: document.id.toString(),
@ -463,7 +471,7 @@ export const documentRouter = router({
    }),

  downloadCertificate: authenticatedProcedure
-    .input(ZDownloadAuditLogsMutationSchema)
+    .input(ZDownloadCertificateMutationSchema)
    .mutation(async ({ input, ctx }) => {
      try {
        const { documentId, teamId } = input;
--- a/packages/trpc/server/document-router/schema.ts
+++ b/packages/trpc/server/document-router/schema.ts
@ -1,11 +1,11 @@
 import { z } from 'zod';

-import { URL_REGEX } from '@documenso/lib/constants/url-regex';
 import {
  ZDocumentAccessAuthTypesSchema,
  ZDocumentActionAuthTypesSchema,
 } from '@documenso/lib/types/document-auth';
 import { ZBaseTableSearchParamsSchema } from '@documenso/lib/types/search-params';
+import { isValidRedirectUrl } from '@documenso/lib/utils/is-valid-redirect-url';
 import { FieldType, RecipientRole } from '@documenso/prisma/client';

 export const ZFindDocumentAuditLogsQuerySchema = ZBaseTableSearchParamsSchema.extend({
@ -65,8 +65,9 @@ export const ZSetSettingsForDocumentMutationSchema = z.object({
    redirectUrl: z
      .string()
      .optional()
-      .refine((value) => value === undefined || value === '' || URL_REGEX.test(value), {
-        message: 'Please enter a valid URL',
+      .refine((value) => value === undefined || value === '' || isValidRedirectUrl(value), {
+        message:
+          'Please enter a valid URL, make sure you include http:// or https:// part of the url.',
      }),
  }),
 });
@ -131,8 +132,9 @@ export const ZSendDocumentMutationSchema = z.object({
    redirectUrl: z
      .string()
      .optional()
-      .refine((value) => value === undefined || value === '' || URL_REGEX.test(value), {
-        message: 'Please enter a valid URL',
+      .refine((value) => value === undefined || value === '' || isValidRedirectUrl(value), {
+        message:
+          'Please enter a valid URL, make sure you include http:// or https:// part of the url.',
      }),
  }),
 });
@ -175,6 +177,11 @@ export const ZDownloadAuditLogsMutationSchema = z.object({
  teamId: z.number().optional(),
 });

+export const ZDownloadCertificateMutationSchema = z.object({
+  documentId: z.number(),
+  teamId: z.number().optional(),
+});
+
 export const ZMoveDocumentsToTeamSchema = z.object({
  documentId: z.number(),
  teamId: z.number(),
--- a/packages/trpc/server/template-router/router.ts
+++ b/packages/trpc/server/template-router/router.ts
@ -66,6 +66,7 @@ export const templateRouter = router({
          directRecipientName,
          directRecipientEmail,
          directTemplateToken,
+          directTemplateExternalId,
          signedFieldValues,
          templateUpdatedAt,
        } = input;
@ -76,6 +77,7 @@ export const templateRouter = router({
          directRecipientName,
          directRecipientEmail,
          directTemplateToken,
+          directTemplateExternalId,
          signedFieldValues,
          templateUpdatedAt,
          user: ctx.user
--- a/packages/trpc/server/template-router/schema.ts
+++ b/packages/trpc/server/template-router/schema.ts
@ -1,11 +1,11 @@
 import { z } from 'zod';

-import { URL_REGEX } from '@documenso/lib/constants/url-regex';
 import {
  ZDocumentAccessAuthTypesSchema,
  ZDocumentActionAuthTypesSchema,
 } from '@documenso/lib/types/document-auth';
 import { ZBaseTableSearchParamsSchema } from '@documenso/lib/types/search-params';
+import { isValidRedirectUrl } from '@documenso/lib/utils/is-valid-redirect-url';
 import { TemplateType } from '@documenso/prisma/client';

 import { ZSignFieldWithTokenMutationSchema } from '../field-router/schema';
@ -20,6 +20,7 @@ export const ZCreateDocumentFromDirectTemplateMutationSchema = z.object({
  directRecipientName: z.string().optional(),
  directRecipientEmail: z.string().email(),
  directTemplateToken: z.string().min(1),
+  directTemplateExternalId: z.string().optional(),
  signedFieldValues: z.array(ZSignFieldWithTokenMutationSchema),
  templateUpdatedAt: z.date(),
 });
@ -96,8 +97,9 @@ export const ZUpdateTemplateSettingsMutationSchema = z.object({
      redirectUrl: z
        .string()
        .optional()
-        .refine((value) => value === undefined || value === '' || URL_REGEX.test(value), {
-          message: 'Please enter a valid URL',
+        .refine((value) => value === undefined || value === '' || isValidRedirectUrl(value), {
+          message:
+            'Please enter a valid URL, make sure you include http:// or https:// part of the url.',
        }),
    })
    .optional(),