Ryan/documenso
1
0
Fork 1
mirror of https://github.com/documenso/documenso.git synced 2025-11-13 08:13:56 +10:00
Code Issues Packages Projects Releases Wiki Activity

feat: migrate templates and documents to envelope model

Browse Source
This commit is contained in:
David Nguyen
2025-09-11 18:23:38 +10:00
parent eec2307634
commit bf89bc781b
234 changed files with 8677 additions and 6054 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apps/openpage-api/lib/growth/get-monthly-completed-document.ts
View File

@ -1,4 +1,4 @@
import { DocumentStatus } from '@prisma/client';
import { DocumentStatus, EnvelopeType } from '@prisma/client';
import { DateTime } from 'luxon';
import { kyselyPrisma, sql } from '@documenso/prisma';
@ -7,18 +7,19 @@ import { addZeroMonth } from '../add-zero-month';
export const getCompletedDocumentsMonthly = async (type: 'count' | 'cumulative' = 'count') => {
const qb = kyselyPrisma.$kysely
.selectFrom('Document')
.selectFrom('Envelope')
.select(({ fn }) => [
fn<Date>('DATE_TRUNC', [sql.lit('MONTH'), 'Document.updatedAt']).as('month'),
fn<Date>('DATE_TRUNC', [sql.lit('MONTH'), 'Envelope.updatedAt']).as('month'),
fn.count('id').as('count'),
fn
.sum(fn.count('id'))
// Feels like a bug in the Kysely extension but I just can not do this orderBy in a type-safe manner
// eslint-disable-next-line @typescript-eslint/consistent-type-assertions, @typescript-eslint/no-explicit-any
.over((ob) => ob.orderBy(fn('DATE_TRUNC', [sql.lit('MONTH'), 'Document.updatedAt']) as any))
.over((ob) => ob.orderBy(fn('DATE_TRUNC', [sql.lit('MONTH'), 'Envelope.updatedAt']) as any))
.as('cume_count'),
])
.where(() => sql`"Document"."status" = ${DocumentStatus.COMPLETED}::"DocumentStatus"`)
.where(() => sql`"Envelope"."status" = ${DocumentStatus.COMPLETED}::"DocumentStatus"`)
.where(() => sql`"Envelope"."type" = ${EnvelopeType.DOCUMENT}::"EnvelopeType"`)
.groupBy('month')
.orderBy('month', 'desc')
.limit(12);

7
apps/remix/app/components/dialogs/admin-document-delete-dialog.tsx
View File

@ -3,7 +3,6 @@ import { useState } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { Document } from '@prisma/client';
import { useNavigate } from 'react-router';
import { trpc } from '@documenso/trpc/react';
@ -22,10 +21,10 @@ import { Input } from '@documenso/ui/primitives/input';
import { useToast } from '@documenso/ui/primitives/use-toast';
export type AdminDocumentDeleteDialogProps = {
document: Document;
envelopeId: string;
};
export const AdminDocumentDeleteDialog = ({ document }: AdminDocumentDeleteDialogProps) => {
export const AdminDocumentDeleteDialog = ({ envelopeId }: AdminDocumentDeleteDialogProps) => {
const { _ } = useLingui();
const { toast } = useToast();
@ -42,7 +41,7 @@ export const AdminDocumentDeleteDialog = ({ document }: AdminDocumentDeleteDialo
return;
}
await deleteDocument({ id: document.id, reason });
await deleteDocument({ id: envelopeId, reason });
toast({
title: _(msg`Document deleted`),

6
apps/remix/app/components/dialogs/document-move-to-folder-dialog.tsx
View File

@ -81,7 +81,7 @@ export const DocumentMoveToFolderDialog = ({
},
);
const { mutateAsync: moveDocumentToFolder } = trpc.folder.moveDocumentToFolder.useMutation();
const { mutateAsync: updateDocument } = trpc.document.update.useMutation();
useEffect(() => {
if (!open) {
@ -94,9 +94,11 @@ export const DocumentMoveToFolderDialog = ({
const onSubmit = async (data: TMoveDocumentFormSchema) => {
try {
await moveDocumentToFolder({
await updateDocument({
documentId,
data: {
folderId: data.folderId ?? null,
},
});
const documentsPath = formatDocumentsPath(team.url);

10
apps/remix/app/components/dialogs/document-resend-dialog.tsx
View File

@ -4,15 +4,15 @@ import { zodResolver } from '@hookform/resolvers/zod';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import { type Recipient, SigningStatus } from '@prisma/client';
import { type Recipient, SigningStatus, type Team, type User } from '@prisma/client';
import { History } from 'lucide-react';
import { useForm, useWatch } from 'react-hook-form';
import * as z from 'zod';
import { useSession } from '@documenso/lib/client-only/providers/session';
import { getRecipientType } from '@documenso/lib/client-only/recipient-type';
import type { TDocumentMany as TDocumentRow } from '@documenso/lib/types/document';
import { recipientAbbreviation } from '@documenso/lib/utils/recipient-formatter';
import type { Document } from '@documenso/prisma/types/document-legacy-schema';
import { trpc as trpcReact } from '@documenso/trpc/react';
import { cn } from '@documenso/ui/lib/utils';
import { Button } from '@documenso/ui/primitives/button';
@ -43,7 +43,11 @@ import { StackAvatar } from '../general/stack-avatar';
const FORM_ID = 'resend-email';
export type DocumentResendDialogProps = {
document: TDocumentRow;
document: Pick<Document, 'id' | 'userId' | 'teamId' | 'status'> & {
user: Pick<User, 'id' | 'name' | 'email'>;
recipients: Recipient[];
team: Pick<Team, 'id' | 'url'> | null;
};
recipients: Recipient[];
};

4
apps/remix/app/components/dialogs/public-profile-template-manage-dialog.tsx
View File

@ -4,14 +4,14 @@ import { zodResolver } from '@hookform/resolvers/zod';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Plural, Trans } from '@lingui/react/macro';
import type { Template, TemplateDirectLink } from '@prisma/client';
import { TemplateType } from '@prisma/client';
import { type TemplateDirectLink, TemplateType } from '@prisma/client';
import type * as DialogPrimitive from '@radix-ui/react-dialog';
import { CheckCircle2Icon, CircleIcon } from 'lucide-react';
import { useForm } from 'react-hook-form';
import { P, match } from 'ts-pattern';
import { z } from 'zod';
import { type Template } from '@documenso/prisma/types/template-legacy-schema';
import { trpc } from '@documenso/trpc/react';
import {
MAX_TEMPLATE_PUBLIC_DESCRIPTION_LENGTH,

2
apps/remix/app/components/dialogs/template-create-dialog.tsx
View File

@ -54,7 +54,7 @@ export const TemplateCreateDialog = ({ folderId }: TemplateCreateDialogProps) =>
try {
const response = await putPdfFile(file);
const { id } = await createTemplate({
const { legacyTemplateId: id } = await createTemplate({
title: file.name,
templateDocumentDataId: response.id,
folderId: folderId,

3
apps/remix/app/components/dialogs/template-direct-link-dialog-wrapper.tsx
View File

@ -1,9 +1,10 @@
import { useState } from 'react';
import { Trans } from '@lingui/react/macro';
import type { Recipient, Template, TemplateDirectLink } from '@prisma/client';
import type { Recipient, TemplateDirectLink } from '@prisma/client';
import { LinkIcon } from 'lucide-react';
import type { Template } from '@documenso/prisma/types/template-legacy-schema';
import { Button } from '@documenso/ui/primitives/button';
import { TemplateDirectLinkDialog } from '~/components/dialogs/template-direct-link-dialog';

8
apps/remix/app/components/dialogs/template-direct-link-dialog.tsx
View File

@ -3,12 +3,7 @@ import { useEffect, useMemo, useState } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import {
type Recipient,
RecipientRole,
type Template,
type TemplateDirectLink,
} from '@prisma/client';
import { type Recipient, RecipientRole, type TemplateDirectLink } from '@prisma/client';
import { CircleDotIcon, CircleIcon, ClipboardCopyIcon, InfoIcon, LoaderIcon } from 'lucide-react';
import { Link, useRevalidator } from 'react-router';
import { P, match } from 'ts-pattern';
@ -20,6 +15,7 @@ import { DIRECT_TEMPLATE_RECIPIENT_EMAIL } from '@documenso/lib/constants/direct
import { RECIPIENT_ROLES_DESCRIPTION } from '@documenso/lib/constants/recipient-roles';
import { DIRECT_TEMPLATE_DOCUMENTATION } from '@documenso/lib/constants/template';
import { formatDirectTemplatePath } from '@documenso/lib/utils/templates';
import type { Template } from '@documenso/prisma/types/template-legacy-schema';
import { trpc as trpcReact } from '@documenso/trpc/react';
import { AnimateGenericFadeInOut } from '@documenso/ui/components/animate/animate-generic-fade-in-out';
import { Alert, AlertDescription, AlertTitle } from '@documenso/ui/primitives/alert';

6
apps/remix/app/components/dialogs/template-move-to-folder-dialog.tsx
View File

@ -83,7 +83,7 @@ export function TemplateMoveToFolderDialog({
},
);
const { mutateAsync: moveTemplateToFolder } = trpc.folder.moveTemplateToFolder.useMutation();
const { mutateAsync: updateTemplate } = trpc.template.updateTemplate.useMutation();
useEffect(() => {
if (!isOpen) {
@ -96,9 +96,11 @@ export function TemplateMoveToFolderDialog({
const onSubmit = async (data: TMoveTemplateFormSchema) => {
try {
await moveTemplateToFolder({
await updateTemplate({
templateId,
data: {
folderId: data.folderId ?? null,
},
});
toast({

3
apps/remix/app/components/embed/authoring/configure-fields-view.tsx
View File

@ -118,6 +118,9 @@ export const ConfigureFieldsView = ({
sendStatus: signer.disabled ? SendStatus.SENT : SendStatus.NOT_SENT,
readStatus: signer.disabled ? ReadStatus.OPENED : ReadStatus.NOT_OPENED,
signingStatus: signer.disabled ? SigningStatus.SIGNED : SigningStatus.NOT_SIGNED,
// Todo: Envelopes - Dummy data
envelopeId: '',
}));
}, [configData.signers]);

6
apps/remix/app/components/embed/embed-document-signing-page.tsx
View File

@ -15,12 +15,14 @@ import { LucideChevronDown, LucideChevronUp } from 'lucide-react';
import { useThrottleFn } from '@documenso/lib/client-only/hooks/use-throttle-fn';
import { PDF_VIEWER_PAGE_SELECTOR } from '@documenso/lib/constants/pdf-viewer';
import type { DocumentField } from '@documenso/lib/server-only/field/get-fields-for-document';
import { isFieldUnsignedAndRequired } from '@documenso/lib/utils/advanced-fields-helpers';
import { validateFieldsInserted } from '@documenso/lib/utils/fields';
import type { RecipientWithFields } from '@documenso/prisma/types/recipient-with-fields';
import { trpc } from '@documenso/trpc/react';
import { DocumentReadOnlyFields } from '@documenso/ui/components/document/document-read-only-fields';
import {
type DocumentField,
DocumentReadOnlyFields,
} from '@documenso/ui/components/document/document-read-only-fields';
import { FieldToolTip } from '@documenso/ui/components/field/field-tooltip';
import { Button } from '@documenso/ui/primitives/button';
import { ElementVisible } from '@documenso/ui/primitives/element-visible';

8
apps/remix/app/components/general/document-signing/document-signing-auth-provider.tsx
View File

@ -1,6 +1,6 @@
import { createContext, useContext, useEffect, useMemo, useState } from 'react';
import { type Document, FieldType, type Passkey, type Recipient } from '@prisma/client';
import { type Envelope, FieldType, type Passkey, type Recipient } from '@prisma/client';
import type { SessionUser } from '@documenso/auth/server/lib/session/session';
import { MAXIMUM_PASSKEYS } from '@documenso/lib/constants/auth';
@ -26,9 +26,9 @@ type PasskeyData = {
export type DocumentSigningAuthContextValue = {
executeActionAuthProcedure: (_value: ExecuteActionAuthProcedureOptions) => Promise<void>;
documentAuthOptions: Document['authOptions'];
documentAuthOptions: Envelope['authOptions'];
documentAuthOption: TDocumentAuthOptions;
setDocumentAuthOptions: (_value: Document['authOptions']) => void;
setDocumentAuthOptions: (_value: Envelope['authOptions']) => void;
recipient: Recipient;
recipientAuthOption: TRecipientAuthOptions;
setRecipient: (_value: Recipient) => void;
@ -61,7 +61,7 @@ export const useRequiredDocumentSigningAuthContext = () => {
};
export interface DocumentSigningAuthProviderProps {
documentAuthOptions: Document['authOptions'];
documentAuthOptions: Envelope['authOptions'];
recipient: Recipient;
user?: SessionUser | null;
children: React.ReactNode;

2
apps/remix/app/components/general/document-signing/document-signing-reject-dialog.tsx
View File

@ -3,12 +3,12 @@ import { useEffect, useState } from 'react';
import { zodResolver } from '@hookform/resolvers/zod';
import { msg } from '@lingui/core/macro';
import { Trans } from '@lingui/react/macro';
import type { Document } from '@prisma/client';
import { useForm } from 'react-hook-form';
import { useNavigate } from 'react-router';
import { useSearchParams } from 'react-router';
import { z } from 'zod';
import type { Document } from '@documenso/prisma/types/document-legacy-schema';
import { trpc } from '@documenso/trpc/react';
import { Button } from '@documenso/ui/primitives/button';
import {

19
apps/remix/app/components/general/document/document-certificate-qr-view.tsx
View File

@ -4,6 +4,7 @@ import { Trans } from '@lingui/react/macro';
import type { DocumentData } from '@prisma/client';
import { DateTime } from 'luxon';
import { formatDocumentsPath } from '@documenso/lib/utils/teams';
import { trpc } from '@documenso/trpc/react';
import { Button } from '@documenso/ui/primitives/button';
import {
@ -23,6 +24,7 @@ export type DocumentCertificateQRViewProps = {
title: string;
documentData: DocumentData;
password?: string | null;
documentTeamUrl: string;
recipientCount?: number;
completedDate?: Date;
};
@ -32,29 +34,30 @@ export const DocumentCertificateQRView = ({
title,
documentData,
password,
documentTeamUrl,
recipientCount = 0,
completedDate,
}: DocumentCertificateQRViewProps) => {
const { data: documentUrl } = trpc.shareLink.getDocumentInternalUrlForQRCode.useQuery({
const { data: documentViaUser } = trpc.document.get.useQuery({
documentId,
});
const [isDialogOpen, setIsDialogOpen] = useState(() => !!documentUrl);
const [isDialogOpen, setIsDialogOpen] = useState(() => !!documentViaUser);
const formattedDate = completedDate
? DateTime.fromJSDate(completedDate).toLocaleString(DateTime.DATETIME_MED)
: '';
useEffect(() => {
if (documentUrl) {
if (documentViaUser) {
setIsDialogOpen(true);
}
}, [documentUrl]);
}, [documentViaUser]);
return (
<div className="mx-auto w-full max-w-screen-md">
{/* Dialog for internal document link */}
{documentUrl && (
{documentViaUser && (
<Dialog open={isDialogOpen} onOpenChange={setIsDialogOpen}>
<DialogContent>
<DialogHeader>
@ -72,7 +75,11 @@ export const DocumentCertificateQRView = ({
<DialogFooter className="flex flex-row justify-end gap-2">
<Button asChild>
<a href={documentUrl} target="_blank" rel="noopener noreferrer">
<a
href={`${formatDocumentsPath(documentTeamUrl)}/${documentViaUser.id}`}
target="_blank"
rel="noopener noreferrer"
>
<Trans>Go to document</Trans>
</a>
</Button>

2
apps/remix/app/components/general/document/document-drop-zone-wrapper.tsx
View File

@ -64,7 +64,7 @@ export const DocumentDropZoneWrapper = ({ children, className }: DocumentDropZon
const response = await putPdfFile(file);
const { id } = await createDocument({
const { legacyDocumentId: id } = await createDocument({
title: file.name,
documentDataId: response.id,
timezone: userTimezone, // Note: When migrating to v2 document upload remember to pass this through as a 'userTimezone' field.

3
apps/remix/app/components/general/document/document-page-view-button.tsx
View File

@ -1,7 +1,7 @@
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { Document, Recipient, Team, User } from '@prisma/client';
import type { Recipient, Team, User } from '@prisma/client';
import { DocumentStatus, RecipientRole, SigningStatus } from '@prisma/client';
import { CheckCircle, Download, EyeIcon, Pencil } from 'lucide-react';
import { Link } from 'react-router';
@ -11,6 +11,7 @@ import { downloadPDF } from '@documenso/lib/client-only/download-pdf';
import { useSession } from '@documenso/lib/client-only/providers/session';
import { isDocumentCompleted } from '@documenso/lib/utils/document';
import { formatDocumentsPath } from '@documenso/lib/utils/teams';
import type { Document } from '@documenso/prisma/types/document-legacy-schema';
import { trpc as trpcClient } from '@documenso/trpc/client';
import { Button } from '@documenso/ui/primitives/button';
import { useToast } from '@documenso/ui/primitives/use-toast';

5
apps/remix/app/components/general/document/document-page-view-dropdown.tsx
View File

@ -3,7 +3,7 @@ import { useState } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { Document, Recipient, Team, User } from '@prisma/client';
import type { Recipient, Team, User } from '@prisma/client';
import { DocumentStatus } from '@prisma/client';
import {
Copy,
@ -19,6 +19,7 @@ import { Link, useNavigate } from 'react-router';
import { downloadPDF } from '@documenso/lib/client-only/download-pdf';
import { useSession } from '@documenso/lib/client-only/providers/session';
import type { TDocument } from '@documenso/lib/types/document';
import { isDocumentCompleted } from '@documenso/lib/utils/document';
import { formatDocumentsPath } from '@documenso/lib/utils/teams';
import { trpc as trpcClient } from '@documenso/trpc/client';
@ -39,7 +40,7 @@ import { DocumentRecipientLinkCopyDialog } from '~/components/general/document/d
import { useCurrentTeam } from '~/providers/team';
export type DocumentPageViewDropdownProps = {
document: Document & {
document: TDocument & {
user: Pick<User, 'id' | 'name' | 'email'>;
recipients: Recipient[];
team: Pick<Team, 'id' | 'url'> | null;

3
apps/remix/app/components/general/document/document-page-view-information.tsx
View File

@ -3,10 +3,11 @@ import { useMemo } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { Document, Recipient, User } from '@prisma/client';
import type { Recipient, User } from '@prisma/client';
import { DateTime } from 'luxon';
import { useIsMounted } from '@documenso/lib/client-only/hooks/use-is-mounted';
import type { Document } from '@documenso/prisma/types/document-legacy-schema';
export type DocumentPageViewInformationProps = {
userId: number;

3
apps/remix/app/components/general/document/document-page-view-recipients.tsx
View File

@ -2,7 +2,7 @@ import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import { DocumentStatus, RecipientRole, SigningStatus } from '@prisma/client';
import type { Document, Recipient } from '@prisma/client';
import type { Recipient } from '@prisma/client';
import {
AlertTriangle,
CheckIcon,
@ -19,6 +19,7 @@ import { match } from 'ts-pattern';
import { RECIPIENT_ROLES_DESCRIPTION } from '@documenso/lib/constants/recipient-roles';
import { isDocumentCompleted } from '@documenso/lib/utils/document';
import { formatSigningLink } from '@documenso/lib/utils/recipients';
import type { Document } from '@documenso/prisma/types/document-legacy-schema';
import { CopyTextButton } from '@documenso/ui/components/common/copy-text-button';
import { SignatureIcon } from '@documenso/ui/icons/signature';
import { AvatarWithText } from '@documenso/ui/primitives/avatar';

2
apps/remix/app/components/general/document/document-upload.tsx
View File

@ -75,7 +75,7 @@ export const DocumentUploadDropzone = ({ className }: DocumentUploadDropzoneProp
const response = await putPdfFile(file);
const { id } = await createDocument({
const { legacyDocumentId: id } = await createDocument({
title: file.name,
documentDataId: response.id,
timezone: userTimezone, // Note: When migrating to v2 document upload remember to pass this through as a 'userTimezone' field.

2
apps/remix/app/components/general/template/template-drop-zone-wrapper.tsx
View File

@ -42,7 +42,7 @@ export const TemplateDropZoneWrapper = ({ children, className }: TemplateDropZon
const documentData = await putPdfFile(file);
const { id } = await createTemplate({
const { legacyTemplateId: id } = await createTemplate({
title: file.name,
templateDocumentDataId: documentData.id,
folderId: folderId ?? undefined,

3
apps/remix/app/components/general/template/template-page-view-information.tsx
View File

@ -3,10 +3,11 @@ import { useMemo } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { Template, User } from '@prisma/client';
import type { User } from '@prisma/client';
import { DateTime } from 'luxon';
import { useIsMounted } from '@documenso/lib/client-only/hooks/use-is-mounted';
import type { Template } from '@documenso/prisma/types/template-legacy-schema';
export type TemplatePageViewInformationProps = {
userId: number;

3
apps/remix/app/components/general/template/template-page-view-recipients.tsx
View File

@ -1,13 +1,14 @@
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { Recipient, Template } from '@prisma/client';
import type { Recipient } from '@prisma/client';
import { PenIcon, PlusIcon } from 'lucide-react';
import { Link } from 'react-router';
import { RECIPIENT_ROLES_DESCRIPTION } from '@documenso/lib/constants/recipient-roles';
import { isTemplateRecipientEmailPlaceholder } from '@documenso/lib/constants/template';
import { extractInitials } from '@documenso/lib/utils/recipient-formatter';
import type { Template } from '@documenso/prisma/types/template-legacy-schema';
import { AvatarWithText } from '@documenso/ui/primitives/avatar';
export type TemplatePageViewRecipientsProps = {

11
apps/remix/app/components/tables/admin-dashboard-users-table.tsx
View File

@ -2,7 +2,7 @@ import { useEffect, useMemo, useState, useTransition } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import type { Document, Role, Subscription } from '@prisma/client';
import type { Role, Subscription } from '@prisma/client';
import { Edit, Loader } from 'lucide-react';
import { Link } from 'react-router';
@ -20,7 +20,7 @@ type UserData = {
email: string;
roles: Role[];
subscriptions?: SubscriptionLite[] | null;
documents: DocumentLite[];
documentCount: number;
};
type SubscriptionLite = Pick<
@ -28,8 +28,6 @@ type SubscriptionLite = Pick<
'id' | 'status' | 'planId' | 'priceId' | 'createdAt' | 'periodEnd'
>;
type DocumentLite = Pick<Document, 'id'>;
type AdminDashboardUsersTableProps = {
users: UserData[];
totalPages: number;
@ -74,10 +72,7 @@ export const AdminDashboardUsersTable = ({
},
{
header: _(msg`Documents`),
accessorKey: 'documents',
cell: ({ row }) => {
return <div>{row.original.documents?.length}</div>;
},
accessorKey: 'documentCount',
},
{
header: '',

3
apps/remix/app/components/tables/settings-public-profile-templates-table.tsx
View File

@ -3,8 +3,7 @@ import { useMemo, useState } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { TemplateDirectLink } from '@prisma/client';
import { TemplateType } from '@prisma/client';
import { type TemplateDirectLink, TemplateType } from '@prisma/client';
import { EditIcon, FileIcon, LinkIcon, MoreHorizontalIcon, Trash2Icon } from 'lucide-react';
import { useCopyToClipboard } from '@documenso/lib/client-only/hooks/use-copy-to-clipboard';

3
apps/remix/app/components/tables/templates-table-action-dropdown.tsx
View File

@ -1,11 +1,12 @@
import { useState } from 'react';
import { Trans } from '@lingui/react/macro';
import type { Recipient, Template, TemplateDirectLink } from '@prisma/client';
import type { Recipient, TemplateDirectLink } from '@prisma/client';
import { Copy, Edit, FolderIcon, MoreHorizontal, Share2Icon, Trash2, Upload } from 'lucide-react';
import { Link } from 'react-router';
import { useSession } from '@documenso/lib/client-only/providers/session';
import type { Template } from '@documenso/prisma/types/template-legacy-schema';
import {
DropdownMenu,
DropdownMenuContent,

36
apps/remix/app/routes/_authenticated+/admin+/documents.$id.tsx
View File

@ -1,11 +1,11 @@
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import { SigningStatus } from '@prisma/client';
import { EnvelopeType, SigningStatus } from '@prisma/client';
import { DateTime } from 'luxon';
import { Link, redirect } from 'react-router';
import { getEntireDocument } from '@documenso/lib/server-only/admin/get-entire-document';
import { unsafeGetEntireEnvelope } from '@documenso/lib/server-only/admin/get-entire-document';
import { trpc } from '@documenso/trpc/react';
import {
Accordion,
@ -36,13 +36,19 @@ export async function loader({ params }: Route.LoaderArgs) {
throw redirect('/admin/documents');
}
const document = await getEntireDocument({ id });
const envelope = await unsafeGetEntireEnvelope({
id: {
type: 'documentId',
id,
},
type: EnvelopeType.DOCUMENT,
});
return { document };
return { envelope };
}
export default function AdminDocumentDetailsPage({ loaderData }: Route.ComponentProps) {
const { document } = loaderData;
const { envelope } = loaderData;
const { _, i18n } = useLingui();
const { toast } = useToast();
@ -68,11 +74,11 @@ export default function AdminDocumentDetailsPage({ loaderData }: Route.Component
<div>
<div className="flex items-start justify-between">
<div className="flex items-center gap-x-4">
<h1 className="text-2xl font-semibold">{document.title}</h1>
<DocumentStatus status={document.status} />
<h1 className="text-2xl font-semibold">{envelope.title}</h1>
<DocumentStatus status={envelope.status} />
</div>
{document.deletedAt && (
{envelope.deletedAt && (
<Badge size="large" variant="destructive">
<Trans>Deleted</Trans>
</Badge>
@ -81,11 +87,11 @@ export default function AdminDocumentDetailsPage({ loaderData }: Route.Component
<div className="text-muted-foreground mt-4 text-sm">
<div>
<Trans>Created on</Trans>: {i18n.date(document.createdAt, DateTime.DATETIME_MED)}
<Trans>Created on</Trans>: {i18n.date(envelope.createdAt, DateTime.DATETIME_MED)}
</div>
<div>
<Trans>Last updated at</Trans>: {i18n.date(document.updatedAt, DateTime.DATETIME_MED)}
<Trans>Last updated at</Trans>: {i18n.date(envelope.updatedAt, DateTime.DATETIME_MED)}
</div>
</div>
@ -102,12 +108,12 @@ export default function AdminDocumentDetailsPage({ loaderData }: Route.Component
<Button
variant="outline"
loading={isResealDocumentLoading}
disabled={document.recipients.some(
disabled={envelope.recipients.some(
(recipient) =>
recipient.signingStatus !== SigningStatus.SIGNED &&
recipient.signingStatus !== SigningStatus.REJECTED,
)}
onClick={() => resealDocument({ id: document.id })}
onClick={() => resealDocument({ id: envelope.id })}
>
<Trans>Reseal document</Trans>
</Button>
@ -123,7 +129,7 @@ export default function AdminDocumentDetailsPage({ loaderData }: Route.Component
</TooltipProvider>
<Button variant="outline" asChild>
<Link to={`/admin/users/${document.userId}`}>
<Link to={`/admin/users/${envelope.userId}`}>
<Trans>Go to owner</Trans>
</Link>
</Button>
@ -136,7 +142,7 @@ export default function AdminDocumentDetailsPage({ loaderData }: Route.Component
<div className="mt-4">
<Accordion type="multiple" className="space-y-4">
{document.recipients.map((recipient) => (
{envelope.recipients.map((recipient) => (
<AccordionItem
key={recipient.id}
value={recipient.id.toString()}
@ -161,7 +167,7 @@ export default function AdminDocumentDetailsPage({ loaderData }: Route.Component
<hr className="my-4" />
{document && <AdminDocumentDeleteDialog document={document} />}
{envelope && <AdminDocumentDeleteDialog envelopeId={envelope.id} />}
</div>
);
}

12
apps/remix/app/routes/_authenticated+/t.$teamUrl+/documents.$id._index.tsx
View File

@ -12,7 +12,10 @@ import { getTeamByUrl } from '@documenso/lib/server-only/team/get-team';
import { DocumentVisibility } from '@documenso/lib/types/document-visibility';
import { logDocumentAccess } from '@documenso/lib/utils/logger';
import { formatDocumentsPath } from '@documenso/lib/utils/teams';
import { DocumentReadOnlyFields } from '@documenso/ui/components/document/document-read-only-fields';
import {
DocumentReadOnlyFields,
mapFieldsWithRecipients,
} from '@documenso/ui/components/document/document-read-only-fields';
import { Badge } from '@documenso/ui/primitives/badge';
import { Card, CardContent } from '@documenso/ui/primitives/card';
import { PDFViewer } from '@documenso/ui/primitives/pdf-viewer';
@ -54,7 +57,10 @@ export async function loader({ params, request }: Route.LoaderArgs) {
}
const document = await getDocumentWithDetailsById({
documentId,
id: {
type: 'documentId',
id: documentId,
},
userId: user.id,
teamId: team.id,
}).catch(() => null);
@ -171,7 +177,7 @@ export default function DocumentPage() {
{document.status !== DocumentStatus.COMPLETED && (
<DocumentReadOnlyFields
fields={document.fields}
fields={mapFieldsWithRecipients(document.fields, recipients)}
documentMeta={documentMeta || undefined}
showRecipientTooltip={true}
showRecipientColors={true}

5
apps/remix/app/routes/_authenticated+/t.$teamUrl+/documents.$id.edit.tsx
View File

@ -42,7 +42,10 @@ export async function loader({ params, request }: Route.LoaderArgs) {
}
const document = await getDocumentWithDetailsById({
documentId,
id: {
type: 'documentId',
id: documentId,
},
userId: user.id,
teamId: team.id,
}).catch(() => null);

31
apps/remix/app/routes/_authenticated+/t.$teamUrl+/documents.$id.logs.tsx
View File

@ -2,15 +2,16 @@ import type { MessageDescriptor } from '@lingui/core';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import type { Recipient } from '@prisma/client';
import { EnvelopeType, type Recipient } from '@prisma/client';
import { ChevronLeft } from 'lucide-react';
import { DateTime } from 'luxon';
import { Link, redirect } from 'react-router';
import { getSession } from '@documenso/auth/server/lib/utils/get-session';
import { getDocumentById } from '@documenso/lib/server-only/document/get-document-by-id';
import { getEnvelopeById } from '@documenso/lib/server-only/envelope/get-envelope-by-id';
import { getRecipientsForDocument } from '@documenso/lib/server-only/recipient/get-recipients-for-document';
import { getTeamByUrl } from '@documenso/lib/server-only/team/get-team';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import { logDocumentAccess } from '@documenso/lib/utils/logger';
import { formatDocumentsPath } from '@documenso/lib/utils/teams';
import { Card } from '@documenso/ui/primitives/card';
@ -40,13 +41,17 @@ export async function loader({ params, request }: Route.LoaderArgs) {
throw redirect(documentRootPath);
}
const document = await getDocumentById({
documentId,
const envelope = await getEnvelopeById({
id: {
type: 'documentId',
id: documentId,
},
type: EnvelopeType.DOCUMENT,
userId: user.id,
teamId: team?.id,
teamId: team.id,
}).catch(() => null);
if (!document || !document.documentData) {
if (!envelope) {
throw redirect(documentRootPath);
}
@ -63,7 +68,19 @@ export async function loader({ params, request }: Route.LoaderArgs) {
});
return {
document,
// Only return necessary data
document: {
id: mapSecondaryIdToDocumentId(envelope.secondaryId),
title: envelope.title,
status: envelope.status,
user: {
name: envelope.user.name,
email: envelope.user.email,
},
createdAt: envelope.createdAt,
updatedAt: envelope.updatedAt,
documentMeta: envelope.documentMeta,
},
recipients,
documentRootPath,
};

3
apps/remix/app/routes/_authenticated+/t.$teamUrl+/settings.public-profile.tsx
View File

@ -2,8 +2,7 @@ import { useEffect, useMemo, useState } from 'react';
import { useLingui } from '@lingui/react/macro';
import { Trans } from '@lingui/react/macro';
import type { TemplateDirectLink } from '@prisma/client';
import { TemplateType } from '@prisma/client';
import { type TemplateDirectLink, TemplateType } from '@prisma/client';
import { getSession } from '@documenso/auth/server/lib/utils/get-session';
import { useSession } from '@documenso/lib/client-only/providers/session';

34
apps/remix/app/routes/_internal+/[__htmltopdf]+/audit-log.tsx
View File

@ -1,14 +1,16 @@
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { EnvelopeType } from '@prisma/client';
import { DateTime } from 'luxon';
import { redirect } from 'react-router';
import { DOCUMENT_STATUS } from '@documenso/lib/constants/document';
import { APP_I18N_OPTIONS, ZSupportedLanguageCodeSchema } from '@documenso/lib/constants/i18n';
import { RECIPIENT_ROLES_DESCRIPTION } from '@documenso/lib/constants/recipient-roles';
import { getEntireDocument } from '@documenso/lib/server-only/admin/get-entire-document';
import { unsafeGetEntireEnvelope } from '@documenso/lib/server-only/admin/get-entire-document';
import { decryptSecondaryData } from '@documenso/lib/server-only/crypto/decrypt';
import { findDocumentAuditLogs } from '@documenso/lib/server-only/document/find-document-audit-logs';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import { getTranslations } from '@documenso/lib/utils/i18n';
import { Card, CardContent } from '@documenso/ui/primitives/card';
@ -39,20 +41,24 @@ export async function loader({ request }: Route.LoaderArgs) {
const documentId = Number(rawDocumentId);
const document = await getEntireDocument({
const envelope = await unsafeGetEntireEnvelope({
id: {
type: 'documentId',
id: documentId,
},
type: EnvelopeType.DOCUMENT,
}).catch(() => null);
if (!document) {
if (!envelope) {
throw redirect('/');
}
const documentLanguage = ZSupportedLanguageCodeSchema.parse(document.documentMeta?.language);
const documentLanguage = ZSupportedLanguageCodeSchema.parse(envelope.documentMeta?.language);
const { data: auditLogs } = await findDocumentAuditLogs({
documentId: documentId,
userId: document.userId,
teamId: document.teamId,
userId: envelope.userId,
teamId: envelope.teamId,
perPage: 100_000,
});
@ -60,7 +66,20 @@ export async function loader({ request }: Route.LoaderArgs) {
return {
auditLogs,
document,
document: {
id: mapSecondaryIdToDocumentId(envelope.secondaryId),
title: envelope.title,
status: envelope.status,
user: {
name: envelope.user.name,
email: envelope.user.email,
},
recipients: envelope.recipients,
createdAt: envelope.createdAt,
updatedAt: envelope.updatedAt,
deletedAt: envelope.deletedAt,
documentMeta: envelope.documentMeta,
},
documentLanguage,
messages,
};
@ -90,6 +109,7 @@ export default function AuditLog({ loaderData }: Route.ComponentProps) {
<Card>
<CardContent className="grid grid-cols-2 gap-4 p-6 text-sm print:text-xs">
<p>
{/* Todo: Envelopes - Should we should envelope ID instead here? */}
<span className="font-medium">{_(msg`Document ID`)}</span>
<span className="mt-1 block break-words">{document.id}</span>

36
apps/remix/app/routes/_internal+/[__htmltopdf]+/certificate.tsx
View File

@ -1,6 +1,6 @@
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { FieldType, SigningStatus } from '@prisma/client';
import { EnvelopeType, FieldType, SigningStatus } from '@prisma/client';
import { DateTime } from 'luxon';
import { redirect } from 'react-router';
import { prop, sortBy } from 'remeda';
@ -14,12 +14,13 @@ import {
RECIPIENT_ROLES_DESCRIPTION,
RECIPIENT_ROLE_SIGNING_REASONS,
} from '@documenso/lib/constants/recipient-roles';
import { getEntireDocument } from '@documenso/lib/server-only/admin/get-entire-document';
import { unsafeGetEntireEnvelope } from '@documenso/lib/server-only/admin/get-entire-document';
import { decryptSecondaryData } from '@documenso/lib/server-only/crypto/decrypt';
import { getDocumentCertificateAuditLogs } from '@documenso/lib/server-only/document/get-document-certificate-audit-logs';
import { getOrganisationClaimByTeamId } from '@documenso/lib/server-only/organisation/get-organisation-claims';
import { DOCUMENT_AUDIT_LOG_TYPE } from '@documenso/lib/types/document-audit-logs';
import { extractDocumentAuthMethods } from '@documenso/lib/utils/document-auth';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import { getTranslations } from '@documenso/lib/utils/i18n';
import { Card, CardContent } from '@documenso/ui/primitives/card';
import {
@ -55,26 +56,45 @@ export async function loader({ request }: Route.LoaderArgs) {
const documentId = Number(rawDocumentId);
const document = await getEntireDocument({
const envelope = await unsafeGetEntireEnvelope({
id: {
type: 'documentId',
id: documentId,
},
type: EnvelopeType.DOCUMENT,
}).catch(() => null);
if (!document) {
if (!envelope) {
throw redirect('/');
}
const organisationClaim = await getOrganisationClaimByTeamId({ teamId: document.teamId });
const organisationClaim = await getOrganisationClaimByTeamId({ teamId: envelope.teamId });
const documentLanguage = ZSupportedLanguageCodeSchema.parse(document.documentMeta?.language);
const documentLanguage = ZSupportedLanguageCodeSchema.parse(envelope.documentMeta?.language);
const auditLogs = await getDocumentCertificateAuditLogs({
id: documentId,
envelopeId: envelope.id,
});
const messages = await getTranslations(documentLanguage);
return {
document,
document: {
id: mapSecondaryIdToDocumentId(envelope.secondaryId),
title: envelope.title,
status: envelope.status,
user: {
name: envelope.user.name,
email: envelope.user.email,
},
qrToken: envelope.qrToken,
authOptions: envelope.authOptions,
recipients: envelope.recipients,
createdAt: envelope.createdAt,
updatedAt: envelope.updatedAt,
deletedAt: envelope.deletedAt,
documentMeta: envelope.documentMeta,
},
hidePoweredBy: organisationClaim.flags.hidePoweredBy,
documentLanguage,
auditLogs,

3
apps/remix/app/routes/_recipient+/sign.$token+/complete.tsx
View File

@ -3,7 +3,7 @@ import { useEffect } from 'react';
import { msg } from '@lingui/core/macro';
import { useLingui } from '@lingui/react';
import { Trans } from '@lingui/react/macro';
import { type Document, DocumentStatus, FieldType, RecipientRole } from '@prisma/client';
import { DocumentStatus, FieldType, RecipientRole } from '@prisma/client';
import { CheckCircle2, Clock8, FileSearch } from 'lucide-react';
import { Link, useRevalidator } from 'react-router';
import { match } from 'ts-pattern';
@ -19,6 +19,7 @@ import { getRecipientSignatures } from '@documenso/lib/server-only/recipient/get
import { getUserByEmail } from '@documenso/lib/server-only/user/get-user-by-email';
import { isDocumentCompleted } from '@documenso/lib/utils/document';
import { env } from '@documenso/lib/utils/env';
import type { Document } from '@documenso/prisma/types/document-legacy-schema';
import DocumentDialog from '@documenso/ui/components/document/document-dialog';
import { DocumentDownloadButton } from '@documenso/ui/components/document/document-download-button';
import { DocumentShareButton } from '@documenso/ui/components/document/document-share-button';

14
apps/remix/app/routes/_recipient+/sign.$token+/waiting.tsx
View File

@ -1,11 +1,11 @@
import { Trans } from '@lingui/react/macro';
import type { Team } from '@prisma/client';
import { DocumentStatus } from '@prisma/client';
import { DocumentStatus, EnvelopeType } from '@prisma/client';
import { Link, redirect } from 'react-router';
import { getOptionalSession } from '@documenso/auth/server/lib/utils/get-session';
import { getDocumentById } from '@documenso/lib/server-only/document/get-document-by-id';
import { getDocumentAndSenderByToken } from '@documenso/lib/server-only/document/get-document-by-token';
import { getEnvelopeById } from '@documenso/lib/server-only/envelope/get-envelope-by-id';
import { getRecipientByToken } from '@documenso/lib/server-only/recipient/get-recipient-by-token';
import { getTeamById } from '@documenso/lib/server-only/team/get-team';
import { formatDocumentsPath } from '@documenso/lib/utils/teams';
@ -40,12 +40,16 @@ export async function loader({ params, request }: Route.LoaderArgs) {
let team: Team | null = null;
if (user) {
isOwnerOrTeamMember = await getDocumentById({
documentId: document.id,
isOwnerOrTeamMember = await getEnvelopeById({
id: {
type: 'documentId',
id: document.id,
},
type: EnvelopeType.DOCUMENT,
userId: user.id,
teamId: document.teamId ?? undefined,
})
.then((document) => !!document)
.then((envelope) => !!envelope)
.catch(() => false);
if (document.teamId) {

6
apps/remix/app/routes/_share+/share.$slug.tsx
View File

@ -81,9 +81,9 @@ export default function SharePage() {
<DocumentCertificateQRView
documentId={document.id}
title={document.title}
documentData={document.documentData}
password={document.documentMeta?.password}
recipientCount={document.recipients?.length ?? 0}
documentTeamUrl={document.documentTeamUrl}
documentData={document.documentData} // Todo: Envelopes
recipientCount={document.recipientCount}
completedDate={document.completedAt ?? undefined}
/>
);

5
apps/remix/app/routes/embed+/v1+/authoring+/document.edit.$id.tsx
View File

@ -54,7 +54,10 @@ export const loader = async ({ request, params }: Route.LoaderArgs) => {
}
const document = await getDocumentWithDetailsById({
documentId,
id: {
type: 'documentId',
id: documentId,
},
userId: result?.userId,
teamId: result?.teamId ?? undefined,
}).catch(() => null);

19
apps/remix/server/redirects.ts
View File

@ -1,6 +1,11 @@
import { EnvelopeType } from '@prisma/client';
import type { Context } from 'hono';
import { getSession } from '@documenso/auth/server/lib/utils/get-session';
import {
mapDocumentIdToSecondaryId,
mapTemplateIdToSecondaryId,
} from '@documenso/lib/utils/envelope';
import { buildTeamWhereQuery } from '@documenso/lib/utils/teams';
import { prisma } from '@documenso/prisma';
@ -104,9 +109,10 @@ async function hasAccessToDocument(c: Context, documentId: number): Promise<stri
const userId = session.user.id;
const document = await prisma.document.findUnique({
const envelope = await prisma.envelope.findUnique({
where: {
id: documentId,
type: EnvelopeType.DOCUMENT,
secondaryId: mapDocumentIdToSecondaryId(documentId),
team: buildTeamWhereQuery({
userId,
teamId: undefined,
@ -121,7 +127,7 @@ async function hasAccessToDocument(c: Context, documentId: number): Promise<stri
},
});
return document ? document.team.url : null;
return envelope ? envelope.team.url : null;
}
async function hasAccessToFolder(c: Context, folderId: string): Promise<string | null> {
@ -154,9 +160,10 @@ async function hasAccessToTemplate(c: Context, templateId: number): Promise<stri
const userId = session.user.id;
const template = await prisma.template.findUnique({
const envelope = await prisma.envelope.findUnique({
where: {
id: templateId,
type: EnvelopeType.TEMPLATE,
secondaryId: mapTemplateIdToSecondaryId(templateId),
team: buildTeamWhereQuery({
userId,
teamId: undefined,
@ -171,5 +178,5 @@ async function hasAccessToTemplate(c: Context, templateId: number): Promise<stri
},
});
return template ? template.team.url : null;
return envelope ? envelope.team.url : null;
}

846
packages/api/v1/implementation.ts
View File

File diff suppressed because it is too large Load Diff

4
packages/api/v1/schema.ts
View File

@ -8,8 +8,8 @@ import {
RecipientRole,
SendStatus,
SigningStatus,
TemplateType,
} from '@prisma/client';
import { TemplateType } from '@prisma/client';
import { z } from 'zod';
import { DATE_FORMATS, DEFAULT_DOCUMENT_DATE_FORMAT } from '@documenso/lib/constants/date-formats';
@ -49,7 +49,6 @@ export const ZSuccessfulDocumentResponseSchema = z.object({
teamId: z.number().nullish(),
title: z.string(),
status: z.string(),
documentDataId: z.string(),
createdAt: z.date(),
updatedAt: z.date(),
completedAt: z.date().nullable(),
@ -545,7 +544,6 @@ export const ZTemplateSchema = z.object({
title: z.string(),
userId: z.number(),
teamId: z.number().nullish(),
templateDocumentDataId: z.string(),
createdAt: z.date(),
updatedAt: z.date(),
});

19
packages/app-tests/e2e/api/v1/document-sending.spec.ts
View File

@ -2,6 +2,7 @@ import { expect, test } from '@playwright/test';
import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
import { createApiToken } from '@documenso/lib/server-only/public-api/create-api-token';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import { prisma } from '@documenso/prisma';
import { seedPendingDocumentWithFullFields } from '@documenso/prisma/seed/documents';
import { seedUser } from '@documenso/prisma/seed/users';
@ -25,7 +26,7 @@ test.describe('Document API', () => {
// Test with sendCompletionEmails: false
const response = await request.post(
`${NEXT_PUBLIC_WEBAPP_URL()}/api/v1/documents/${document.id}/send`,
`${NEXT_PUBLIC_WEBAPP_URL()}/api/v1/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/send`,
{
headers: {
Authorization: `Bearer ${token}`,
@ -41,7 +42,7 @@ test.describe('Document API', () => {
expect(response.status()).toBe(200);
// Verify email settings were updated
const updatedDocument = await prisma.document.findUnique({
const updatedDocument = await prisma.envelope.findUnique({
where: { id: document.id },
include: { documentMeta: true },
});
@ -53,7 +54,7 @@ test.describe('Document API', () => {
// Test with sendCompletionEmails: true
const response2 = await request.post(
`${NEXT_PUBLIC_WEBAPP_URL()}/api/v1/documents/${document.id}/send`,
`${NEXT_PUBLIC_WEBAPP_URL()}/api/v1/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/send`,
{
headers: {
Authorization: `Bearer ${token}`,
@ -69,7 +70,7 @@ test.describe('Document API', () => {
expect(response2.status()).toBe(200);
// Verify email settings were updated
const updatedDocument2 = await prisma.document.findUnique({
const updatedDocument2 = await prisma.envelope.findUnique({
where: { id: document.id },
include: { documentMeta: true },
});
@ -93,16 +94,16 @@ test.describe('Document API', () => {
// Set initial email settings
await prisma.documentMeta.upsert({
where: { documentId: document.id },
where: { id: document.documentMetaId },
create: {
documentId: document.id,
id: document.documentMetaId,
emailSettings: {
documentCompleted: true,
ownerDocumentCompleted: false,
},
},
update: {
documentId: document.id,
id: document.documentMetaId,
emailSettings: {
documentCompleted: true,
ownerDocumentCompleted: false,
@ -118,7 +119,7 @@ test.describe('Document API', () => {
});
const response = await request.post(
`${NEXT_PUBLIC_WEBAPP_URL()}/api/v1/documents/${document.id}/send`,
`${NEXT_PUBLIC_WEBAPP_URL()}/api/v1/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/send`,
{
headers: {
Authorization: `Bearer ${token}`,
@ -134,7 +135,7 @@ test.describe('Document API', () => {
expect(response.status()).toBe(200);
// Verify email settings were not modified
const updatedDocument = await prisma.document.findUnique({
const updatedDocument = await prisma.envelope.findUnique({
where: { id: document.id },
include: { documentMeta: true },
});

79
packages/app-tests/e2e/api/v1/template-field-prefill.spec.ts
View File

@ -3,6 +3,11 @@ import { expect, test } from '@playwright/test';
import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
import { createApiToken } from '@documenso/lib/server-only/public-api/create-api-token';
import type { TCheckboxFieldMeta, TRadioFieldMeta } from '@documenso/lib/types/field-meta';
import {
mapDocumentIdToSecondaryId,
mapSecondaryIdToDocumentId,
mapSecondaryIdToTemplateId,
} from '@documenso/lib/utils/envelope';
import { prisma } from '@documenso/prisma';
import { FieldType, RecipientRole } from '@documenso/prisma/client';
import { seedBlankTemplate } from '@documenso/prisma/seed/templates';
@ -35,10 +40,12 @@ test.describe('Template Field Prefill API v1', () => {
},
});
const firstEnvelopeItem = template.envelopeItems[0];
// 4. Create a recipient for the template
const recipient = await prisma.recipient.create({
data: {
templateId: template.id,
envelopeId: template.id,
email: 'recipient@example.com',
name: 'Test Recipient',
role: RecipientRole.SIGNER,
@ -53,7 +60,8 @@ test.describe('Template Field Prefill API v1', () => {
// Add TEXT field
const textField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.TEXT,
page: 1,
@ -73,7 +81,8 @@ test.describe('Template Field Prefill API v1', () => {
// Add NUMBER field
const numberField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.NUMBER,
page: 1,
@ -93,7 +102,8 @@ test.describe('Template Field Prefill API v1', () => {
// Add RADIO field
const radioField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.RADIO,
page: 1,
@ -117,7 +127,8 @@ test.describe('Template Field Prefill API v1', () => {
// Add CHECKBOX field
const checkboxField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.CHECKBOX,
page: 1,
@ -141,7 +152,8 @@ test.describe('Template Field Prefill API v1', () => {
// Add DROPDOWN field
const dropdownField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.DROPDOWN,
page: 1,
@ -166,11 +178,13 @@ test.describe('Template Field Prefill API v1', () => {
});
// 7. Navigate to the template
await page.goto(`${WEBAPP_BASE_URL}/templates/${template.id}`);
await page.goto(
`${WEBAPP_BASE_URL}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}`,
);
// 8. Create a document from the template with prefilled fields
const response = await request.post(
`${WEBAPP_BASE_URL}/api/v1/templates/${template.id}/generate-document`,
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/generate-document`,
{
headers: {
Authorization: `Bearer ${token}`,
@ -229,9 +243,9 @@ test.describe('Template Field Prefill API v1', () => {
expect(responseData.documentId).toBeDefined();
// 9. Verify the document was created with prefilled fields
const document = await prisma.document.findUnique({
const document = await prisma.envelope.findUnique({
where: {
id: responseData.documentId,
secondaryId: mapDocumentIdToSecondaryId(responseData.documentId),
},
include: {
fields: true,
@ -240,6 +254,10 @@ test.describe('Template Field Prefill API v1', () => {
expect(document).not.toBeNull();
if (!document) {
throw new Error('Document not found');
}
// 10. Verify each field has the correct prefilled values
const documentTextField = document?.fields.find(
(field) => field.type === FieldType.TEXT && field.fieldMeta?.type === 'text',
@ -297,14 +315,14 @@ test.describe('Template Field Prefill API v1', () => {
// 11. Sign in as the recipient and verify the prefilled fields are visible
const documentRecipient = await prisma.recipient.findFirst({
where: {
documentId: document?.id,
envelopeId: document?.id,
email: 'recipient@example.com',
},
});
// Send the document to the recipient
const sendResponse = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${document?.id}/send`,
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/send`,
{
headers: {
Authorization: `Bearer ${token}`,
@ -367,10 +385,12 @@ test.describe('Template Field Prefill API v1', () => {
},
});
const firstEnvelopeItem = template.envelopeItems[0];
// 4. Create a recipient for the template
const recipient = await prisma.recipient.create({
data: {
templateId: template.id,
envelopeId: template.id,
email: 'recipient@example.com',
name: 'Test Recipient',
role: RecipientRole.SIGNER,
@ -385,7 +405,8 @@ test.describe('Template Field Prefill API v1', () => {
// Add TEXT field
await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.TEXT,
page: 1,
@ -405,7 +426,8 @@ test.describe('Template Field Prefill API v1', () => {
// Add NUMBER field
await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.NUMBER,
page: 1,
@ -429,11 +451,13 @@ test.describe('Template Field Prefill API v1', () => {
});
// 7. Navigate to the template
await page.goto(`${WEBAPP_BASE_URL}/templates/${template.id}`);
await page.goto(
`${WEBAPP_BASE_URL}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}`,
);
// 8. Create a document from the template without prefilled fields
const response = await request.post(
`${WEBAPP_BASE_URL}/api/v1/templates/${template.id}/generate-document`,
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/generate-document`,
{
headers: {
Authorization: `Bearer ${token}`,
@ -461,9 +485,9 @@ test.describe('Template Field Prefill API v1', () => {
expect(responseData.documentId).toBeDefined();
// 9. Verify the document was created with default fields
const document = await prisma.document.findUnique({
const document = await prisma.envelope.findUnique({
where: {
id: responseData.documentId,
secondaryId: mapDocumentIdToSecondaryId(responseData.documentId),
},
include: {
fields: true,
@ -472,6 +496,10 @@ test.describe('Template Field Prefill API v1', () => {
expect(document).not.toBeNull();
if (!document) {
throw new Error('Document not found');
}
// 10. Verify fields have their default values
const documentTextField = document?.fields.find((field) => field.type === FieldType.TEXT);
expect(documentTextField?.fieldMeta).toMatchObject({
@ -488,7 +516,7 @@ test.describe('Template Field Prefill API v1', () => {
// 11. Sign in as the recipient and verify the default fields are visible
const documentRecipient = await prisma.recipient.findFirst({
where: {
documentId: document?.id,
envelopeId: document?.id,
email: 'recipient@example.com',
},
});
@ -496,7 +524,7 @@ test.describe('Template Field Prefill API v1', () => {
expect(documentRecipient).not.toBeNull();
const sendResponse = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${document?.id}/send`,
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/send`,
{
headers: {
Authorization: `Bearer ${token}`,
@ -539,10 +567,12 @@ test.describe('Template Field Prefill API v1', () => {
},
});
const firstEnvelopeItem = template.envelopeItems[0];
// 4. Create a recipient for the template
const recipient = await prisma.recipient.create({
data: {
templateId: template.id,
envelopeId: template.id,
email: 'recipient@example.com',
name: 'Test Recipient',
role: RecipientRole.SIGNER,
@ -556,7 +586,8 @@ test.describe('Template Field Prefill API v1', () => {
// 5. Add a field to the template
const field = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.RADIO,
page: 1,
@ -579,7 +610,7 @@ test.describe('Template Field Prefill API v1', () => {
// 6. Try to create a document with invalid prefill value
const response = await request.post(
`${WEBAPP_BASE_URL}/api/v1/templates/${template.id}/generate-document`,
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/generate-document`,
{
headers: {
Authorization: `Bearer ${token}`,

669
packages/app-tests/e2e/api/v1/test-unauthorized-api-access.spec.ts
View File

@ -2,6 +2,10 @@ import { expect, test } from '@playwright/test';
import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
import { createApiToken } from '@documenso/lib/server-only/public-api/create-api-token';
import {
mapSecondaryIdToDocumentId,
mapSecondaryIdToTemplateId,
} from '@documenso/lib/utils/envelope';
import { prisma } from '@documenso/prisma';
import { FieldType } from '@documenso/prisma/client';
import {
@ -10,7 +14,7 @@ import {
seedDraftDocument,
seedPendingDocumentWithFullFields,
} from '@documenso/prisma/seed/documents';
import { seedBlankTemplate } from '@documenso/prisma/seed/templates';
import { seedBlankTemplate, seedTemplate } from '@documenso/prisma/seed/templates';
import { seedUser } from '@documenso/prisma/seed/users';
const WEBAPP_BASE_URL = NEXT_PUBLIC_WEBAPP_URL();
@ -20,6 +24,7 @@ test.describe.configure({
});
test.describe('Document Access API V1', () => {
test.describe('Document GET endpoint', () => {
test('should block unauthorized access to documents not owned by the user', async ({
request,
}) => {
@ -36,14 +41,42 @@ test.describe('Document Access API V1', () => {
const documentA = await seedBlankDocument(userA, teamA.id);
// User B cannot access User A's document
const resB = await request.get(`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}`, {
const resB = await request.get(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
});
},
);
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(404);
});
test('should allow authorized access to documents owned by the user', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const documentA = await seedBlankDocument(userA, teamA.id);
// User A can access their own document
const resA = await request.get(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Document download endpoint', () => {
test('should block unauthorized access to document download endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -59,14 +92,52 @@ test.describe('Document Access API V1', () => {
createDocumentOptions: { title: 'Document 1 - Completed' },
});
const resB = await request.get(`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/download`, {
const resB = await request.get(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/download`,
{
headers: { Authorization: `Bearer ${tokenB}` },
});
},
);
const res = await resB.json();
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(500);
expect(resB.status()).toBe(404);
});
test('should allow authorized access to document download endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const documentA = await seedCompletedDocument(userA, teamA.id, ['test@example.com'], {
createDocumentOptions: { title: 'Document 1 - Completed' },
});
const resA = await request.get(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/download`,
{
headers: { Authorization: `Bearer ${tokenA}` },
},
);
const res = await resA.json();
if (res.message === 'Document downloads are only available when S3 storage is configured.') {
expect(resA.ok()).toBeFalsy();
expect(resA.status()).toBe(500);
} else {
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
}
});
});
test.describe('Document delete endpoint', () => {
test('should block unauthorized access to document delete endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -80,14 +151,41 @@ test.describe('Document Access API V1', () => {
const documentA = await seedBlankDocument(userA, teamA.id);
const resB = await request.delete(`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}`, {
const resB = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
});
},
);
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(404);
});
test('should allow authorized access to document delete endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const documentA = await seedBlankDocument(userA, teamA.id);
const resA = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Document send endpoint', () => {
test('should block unauthorized access to document send endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -105,15 +203,47 @@ test.describe('Document Access API V1', () => {
teamId: teamA.id,
});
const resB = await request.post(`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/send`, {
const resB = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/send`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: {},
});
},
);
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(500);
});
test('should allow authorized access to document send endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const { document: documentA } = await seedPendingDocumentWithFullFields({
owner: userA,
recipients: ['test@example.com'],
teamId: teamA.id,
});
const resA = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/send`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: {},
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Document resend endpoint', () => {
test('should block unauthorized access to document resend endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -133,18 +263,56 @@ test.describe('Document Access API V1', () => {
teamId: teamA.id,
});
const resB = await request.post(`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/resend`, {
const resB = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/resend`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: {
recipients: [recipients[0].id],
},
});
},
);
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(500);
});
test('should block unauthorized access to document recipients endpoint', async ({ request }) => {
test('should allow authorized access to document resend endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const { user: recipientUser } = await seedUser();
const { document: documentA, recipients } = await seedPendingDocumentWithFullFields({
owner: userA,
recipients: [recipientUser.email],
teamId: teamA.id,
});
const resA = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/resend`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: {
recipients: [recipients[0].id],
},
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Document recipients POST endpoint', () => {
test('should block unauthorized access to document recipients endpoint', async ({
request,
}) => {
const { user: userA, team: teamA } = await seedUser();
const { user: userB, team: teamB } = await seedUser();
@ -158,7 +326,7 @@ test.describe('Document Access API V1', () => {
const documentA = await seedBlankDocument(userA, teamA.id);
const resB = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/recipients`,
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/recipients`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: { name: 'Test', email: 'test@example.com' },
@ -169,7 +337,34 @@ test.describe('Document Access API V1', () => {
expect(resB.status()).toBe(401);
});
test('should block unauthorized access to PATCH on recipients endpoint', async ({ request }) => {
test('should allow authorized access to document recipients endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const documentA = await seedBlankDocument(userA, teamA.id);
const resA = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/recipients`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: { name: 'Test', email: 'test@example.com' },
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Document recipients PATCH endpoint', () => {
test('should block unauthorized access to PATCH on recipients endpoint', async ({
request,
}) => {
const { user: userA, team: teamA } = await seedUser();
const { user: userB, team: teamB } = await seedUser();
@ -186,13 +381,13 @@ test.describe('Document Access API V1', () => {
const recipient = await prisma.recipient.findFirst({
where: {
documentId: documentA.id,
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const patchRes = await request.patch(
`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/recipients/${recipient!.id}`,
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/recipients/${recipient!.id}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: {
@ -212,7 +407,52 @@ test.describe('Document Access API V1', () => {
expect(patchRes.status()).toBe(401);
});
test('should block unauthorized access to DELETE on recipients endpoint', async ({ request }) => {
test('should allow authorized access to PATCH on recipients endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const { user: userRecipient } = await seedUser();
const documentA = await seedDraftDocument(userA, teamA.id, [userRecipient.email]);
const recipient = await prisma.recipient.findFirst({
where: {
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const patchRes = await request.patch(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/recipients/${recipient!.id}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: {
name: 'New Name',
email: 'new@example.com',
role: 'SIGNER',
signingOrder: null,
authOptions: {
accessAuth: [],
actionAuth: [],
},
},
},
);
expect(patchRes.ok()).toBeTruthy();
expect(patchRes.status()).toBe(200);
});
});
test.describe('Document recipients DELETE endpoint', () => {
test('should block unauthorized access to DELETE on recipients endpoint', async ({
request,
}) => {
const { user: userA, team: teamA } = await seedUser();
const { user: userB, team: teamB } = await seedUser();
@ -229,13 +469,13 @@ test.describe('Document Access API V1', () => {
const recipient = await prisma.recipient.findFirst({
where: {
documentId: documentA.id,
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const deleteRes = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/recipients/${recipient!.id}`,
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/recipients/${recipient!.id}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: {},
@ -246,6 +486,40 @@ test.describe('Document Access API V1', () => {
expect(deleteRes.status()).toBe(401);
});
test('should allow authorized access to DELETE on recipients endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const { user: userRecipient } = await seedUser();
const documentA = await seedDraftDocument(userA, teamA.id, [userRecipient.email]);
const recipient = await prisma.recipient.findFirst({
where: {
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const deleteRes = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/recipients/${recipient!.id}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: {},
},
);
expect(deleteRes.ok()).toBeTruthy();
expect(deleteRes.status()).toBe(200);
});
});
test.describe('Document fields POST endpoint', () => {
test('should block unauthorized access to document fields endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -263,12 +537,14 @@ test.describe('Document Access API V1', () => {
const documentRecipient = await prisma.recipient.findFirst({
where: {
documentId: documentA.id,
envelopeId: documentA.id,
email: recipientUser.email,
},
});
const resB = await request.post(`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/fields`, {
const resB = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/fields`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: {
recipientId: documentRecipient!.id,
@ -279,12 +555,55 @@ test.describe('Document Access API V1', () => {
pageWidth: 1,
pageHeight: 1,
},
});
},
);
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(404);
});
test('should allow authorized access to document fields endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const { user: recipientUser } = await seedUser();
const documentA = await seedDraftDocument(userA, teamA.id, [recipientUser.email]);
const documentRecipient = await prisma.recipient.findFirst({
where: {
envelopeId: documentA.id,
email: recipientUser.email,
},
});
const resA = await request.post(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/fields`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: {
recipientId: documentRecipient!.id,
type: 'SIGNATURE',
pageNumber: 1,
pageX: 1,
pageY: 1,
pageWidth: 1,
pageHeight: 1,
},
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Template GET endpoint', () => {
test('should block unauthorized access to template get endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -298,14 +617,41 @@ test.describe('Document Access API V1', () => {
const templateA = await seedBlankTemplate(userA, teamA.id);
const resB = await request.get(`${WEBAPP_BASE_URL}/api/v1/templates/${templateA.id}`, {
const resB = await request.get(
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(templateA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
});
},
);
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(404);
});
test('should allow authorized access to template get endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const templateA = await seedBlankTemplate(userA, teamA.id);
const resA = await request.get(
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(templateA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Template DELETE endpoint', () => {
test('should block unauthorized access to template delete endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -319,14 +665,41 @@ test.describe('Document Access API V1', () => {
const templateA = await seedBlankTemplate(userA, teamA.id);
const resB = await request.delete(`${WEBAPP_BASE_URL}/api/v1/templates/${templateA.id}`, {
const resB = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(templateA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
});
},
);
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(404);
});
test('should allow authorized access to template delete endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const templateA = await seedBlankTemplate(userA, teamA.id);
const resA = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(templateA.secondaryId)}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
test.describe('Document fields PATCH endpoint', () => {
test('should block unauthorized access to PATCH on fields endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -341,16 +714,19 @@ test.describe('Document Access API V1', () => {
const { user: userRecipient } = await seedUser();
const documentA = await seedDraftDocument(userA, teamA.id, [userRecipient.email]);
const firstEnvelopeItem = documentA.envelopeItems[0];
const recipient = await prisma.recipient.findFirst({
where: {
documentId: documentA.id,
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const field = await prisma.field.create({
data: {
documentId: documentA.id,
envelopeId: documentA.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient!.id,
type: FieldType.TEXT,
page: 1,
@ -368,7 +744,7 @@ test.describe('Document Access API V1', () => {
});
const patchRes = await request.patch(
`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/fields/${field.id}`,
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/fields/${field.id}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: {
@ -390,6 +766,72 @@ test.describe('Document Access API V1', () => {
expect(patchRes.status()).toBe(401);
});
test('should allow authorized access to PATCH on fields endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const { user: userRecipient } = await seedUser();
const documentA = await seedDraftDocument(userA, teamA.id, [userRecipient.email]);
const firstEnvelopeItem = documentA.envelopeItems[0];
const recipient = await prisma.recipient.findFirst({
where: {
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const field = await prisma.field.create({
data: {
envelopeId: documentA.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient!.id,
type: FieldType.TEXT,
page: 1,
positionX: 5,
positionY: 5,
width: 10,
height: 5,
customText: '',
inserted: false,
fieldMeta: {
type: 'text',
label: 'Default Text Field',
},
},
});
const patchRes = await request.patch(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/fields/${field.id}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: {
recipientId: recipient!.id,
type: FieldType.TEXT,
pageNumber: 1,
pageX: 99,
pageY: 99,
pageWidth: 99,
pageHeight: 99,
fieldMeta: {
type: 'text',
label: 'My new field',
},
},
},
);
expect(patchRes.ok()).toBeTruthy();
expect(patchRes.status()).toBe(200);
});
});
test.describe('Document fields DELETE endpoint', () => {
test('should block unauthorized access to DELETE on fields endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -404,16 +846,19 @@ test.describe('Document Access API V1', () => {
const { user: userRecipient } = await seedUser();
const documentA = await seedDraftDocument(userA, teamA.id, [userRecipient.email]);
const firstEnvelopeItem = documentA.envelopeItems[0];
const recipient = await prisma.recipient.findFirst({
where: {
documentId: documentA.id,
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const field = await prisma.field.create({
data: {
documentId: documentA.id,
envelopeId: documentA.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient!.id,
type: FieldType.NUMBER,
page: 1,
@ -431,7 +876,7 @@ test.describe('Document Access API V1', () => {
});
const deleteRes = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/documents/${documentA.id}/fields/${field.id}`,
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/fields/${field.id}`,
{
headers: { Authorization: `Bearer ${tokenB}` },
data: {},
@ -442,6 +887,61 @@ test.describe('Document Access API V1', () => {
expect(deleteRes.status()).toBe(401);
});
test('should allow authorized access to DELETE on fields endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const { user: userRecipient } = await seedUser();
const documentA = await seedDraftDocument(userA, teamA.id, [userRecipient.email]);
const firstEnvelopeItem = documentA.envelopeItems[0];
const recipient = await prisma.recipient.findFirst({
where: {
envelopeId: documentA.id,
email: userRecipient.email,
},
});
const field = await prisma.field.create({
data: {
envelopeId: documentA.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient!.id,
type: FieldType.NUMBER,
page: 1,
positionX: 5,
positionY: 5,
width: 10,
height: 5,
customText: '',
inserted: false,
fieldMeta: {
type: 'number',
label: 'Default Number Field',
},
},
});
const deleteRes = await request.delete(
`${WEBAPP_BASE_URL}/api/v1/documents/${mapSecondaryIdToDocumentId(documentA.secondaryId)}/fields/${field.id}`,
{
headers: { Authorization: `Bearer ${tokenA}` },
data: {},
},
);
expect(deleteRes.ok()).toBeTruthy();
expect(deleteRes.status()).toBe(200);
});
});
test.describe('Documents list endpoint', () => {
test('should block unauthorized access to documents list endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -470,6 +970,33 @@ test.describe('Document Access API V1', () => {
expect(reqData.totalPages).toBe(0);
});
test('should allow authorized access to documents list endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
await seedBlankDocument(userA, teamA.id);
const resA = await request.get(`${WEBAPP_BASE_URL}/api/v1/documents`, {
headers: { Authorization: `Bearer ${tokenA}` },
});
const reqData = await resA.json();
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
expect(reqData.documents.length).toBeGreaterThan(0);
expect(reqData.documents.every((doc: { userId: number }) => doc.userId === userA.id)).toBe(
true,
);
});
});
test.describe('Templates list endpoint', () => {
test('should block unauthorized access to templates list endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
@ -498,6 +1025,33 @@ test.describe('Document Access API V1', () => {
expect(reqData.totalPages).toBe(0);
});
test('should allow authorized access to templates list endpoint', async ({ request }) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
await seedBlankTemplate(userA, teamA.id);
const resA = await request.get(`${WEBAPP_BASE_URL}/api/v1/templates`, {
headers: { Authorization: `Bearer ${tokenA}` },
});
const reqData = await resA.json();
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
expect(reqData.templates.length).toBeGreaterThan(0);
expect(reqData.templates.every((tpl: { userId: number }) => tpl.userId === userA.id)).toBe(
true,
);
});
});
test.describe('Create document from template endpoint', () => {
test('should block unauthorized access to create-document-from-template endpoint', async ({
request,
}) => {
@ -511,10 +1065,13 @@ test.describe('Document Access API V1', () => {
expiresIn: null,
});
const templateA = await seedBlankTemplate(userA, teamA.id);
const templateA = await seedTemplate({
teamId: teamA.id,
userId: userA.id,
});
const resB = await request.post(
`${WEBAPP_BASE_URL}/api/v1/templates/${templateA.id}/create-document`,
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(templateA.secondaryId)}/create-document`,
{
headers: {
Authorization: `Bearer ${tokenB}`,
@ -537,4 +1094,46 @@ test.describe('Document Access API V1', () => {
expect(resB.ok()).toBeFalsy();
expect(resB.status()).toBe(401);
});
test('should allow authorized access to create-document-from-template endpoint', async ({
request,
}) => {
const { user: userA, team: teamA } = await seedUser();
const { token: tokenA } = await createApiToken({
userId: userA.id,
teamId: teamA.id,
tokenName: 'userA',
expiresIn: null,
});
const templateA = await seedTemplate({
teamId: teamA.id,
userId: userA.id,
});
const resA = await request.post(
`${WEBAPP_BASE_URL}/api/v1/templates/${mapSecondaryIdToTemplateId(templateA.secondaryId)}/create-document`,
{
headers: {
Authorization: `Bearer ${tokenA}`,
'Content-Type': 'application/json',
},
data: {
title: 'Should work',
recipients: [{ name: 'Test user', email: 'test@example.com' }],
meta: {
subject: 'Test',
message: 'Test',
timezone: 'UTC',
dateFormat: 'yyyy-MM-dd',
redirectUrl: 'https://example.com',
},
},
},
);
expect(resA.ok()).toBeTruthy();
expect(resA.status()).toBe(200);
});
});
});

79
packages/app-tests/e2e/api/v2/template-field-prefill.spec.ts
View File

@ -3,6 +3,11 @@ import { expect, test } from '@playwright/test';
import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
import { createApiToken } from '@documenso/lib/server-only/public-api/create-api-token';
import type { TCheckboxFieldMeta, TRadioFieldMeta } from '@documenso/lib/types/field-meta';
import {
mapDocumentIdToSecondaryId,
mapSecondaryIdToDocumentId,
mapSecondaryIdToTemplateId,
} from '@documenso/lib/utils/envelope';
import { prisma } from '@documenso/prisma';
import { FieldType, RecipientRole } from '@documenso/prisma/client';
import { seedBlankTemplate } from '@documenso/prisma/seed/templates';
@ -35,10 +40,12 @@ test.describe('Template Field Prefill API v2', () => {
},
});
const firstEnvelopeItem = template.envelopeItems[0];
// 4. Create a recipient for the template
const recipient = await prisma.recipient.create({
data: {
templateId: template.id,
envelopeId: template.id,
email: 'recipient@example.com',
name: 'Test Recipient',
role: RecipientRole.SIGNER,
@ -53,7 +60,8 @@ test.describe('Template Field Prefill API v2', () => {
// Add TEXT field
const textField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.TEXT,
page: 1,
@ -73,7 +81,8 @@ test.describe('Template Field Prefill API v2', () => {
// Add NUMBER field
const numberField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.NUMBER,
page: 1,
@ -93,7 +102,8 @@ test.describe('Template Field Prefill API v2', () => {
// Add RADIO field
const radioField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.RADIO,
page: 1,
@ -117,7 +127,8 @@ test.describe('Template Field Prefill API v2', () => {
// Add CHECKBOX field
const checkboxField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.CHECKBOX,
page: 1,
@ -141,7 +152,8 @@ test.describe('Template Field Prefill API v2', () => {
// Add DROPDOWN field
const dropdownField = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.DROPDOWN,
page: 1,
@ -166,7 +178,9 @@ test.describe('Template Field Prefill API v2', () => {
});
// 7. Navigate to the template
await page.goto(`${WEBAPP_BASE_URL}/templates/${template.id}`);
await page.goto(
`${WEBAPP_BASE_URL}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}`,
);
// 8. Create a document from the template with prefilled fields using v2 API
const response = await request.post(`${WEBAPP_BASE_URL}/api/v2-beta/template/use`, {
@ -175,7 +189,7 @@ test.describe('Template Field Prefill API v2', () => {
'Content-Type': 'application/json',
},
data: {
templateId: template.id,
templateId: mapSecondaryIdToTemplateId(template.secondaryId),
recipients: [
{
id: recipient.id,
@ -226,9 +240,9 @@ test.describe('Template Field Prefill API v2', () => {
expect(responseData.id).toBeDefined();
// 9. Verify the document was created with prefilled fields
const document = await prisma.document.findUnique({
const document = await prisma.envelope.findUnique({
where: {
id: responseData.id,
secondaryId: mapDocumentIdToSecondaryId(responseData.id),
},
include: {
fields: true,
@ -237,6 +251,10 @@ test.describe('Template Field Prefill API v2', () => {
expect(document).not.toBeNull();
if (!document) {
throw new Error('Document not found');
}
// 10. Verify each field has the correct prefilled values
const documentTextField = document?.fields.find(
(field) => field.type === FieldType.TEXT && field.fieldMeta?.type === 'text',
@ -297,7 +315,7 @@ test.describe('Template Field Prefill API v2', () => {
'Content-Type': 'application/json',
},
data: {
documentId: document?.id,
documentId: mapSecondaryIdToDocumentId(document?.secondaryId),
meta: {
subject: 'Test Subject',
message: 'Test Message',
@ -311,7 +329,7 @@ test.describe('Template Field Prefill API v2', () => {
// 11. Sign in as the recipient and verify the prefilled fields are visible
const documentRecipient = await prisma.recipient.findFirst({
where: {
documentId: document?.id,
envelopeId: document?.id,
email: 'recipient@example.com',
},
});
@ -364,10 +382,12 @@ test.describe('Template Field Prefill API v2', () => {
},
});
const firstEnvelopeItem = template.envelopeItems[0];
// 4. Create a recipient for the template
const recipient = await prisma.recipient.create({
data: {
templateId: template.id,
envelopeId: template.id,
email: 'recipient@example.com',
name: 'Test Recipient',
role: RecipientRole.SIGNER,
@ -382,7 +402,8 @@ test.describe('Template Field Prefill API v2', () => {
// Add TEXT field
await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.TEXT,
page: 1,
@ -402,7 +423,8 @@ test.describe('Template Field Prefill API v2', () => {
// Add NUMBER field
await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.NUMBER,
page: 1,
@ -426,7 +448,9 @@ test.describe('Template Field Prefill API v2', () => {
});
// 7. Navigate to the template
await page.goto(`${WEBAPP_BASE_URL}/templates/${template.id}`);
await page.goto(
`${WEBAPP_BASE_URL}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}`,
);
// 8. Create a document from the template without prefilled fields using v2 API
const response = await request.post(`${WEBAPP_BASE_URL}/api/v2-beta/template/use`, {
@ -435,7 +459,7 @@ test.describe('Template Field Prefill API v2', () => {
'Content-Type': 'application/json',
},
data: {
templateId: template.id,
templateId: mapSecondaryIdToTemplateId(template.secondaryId),
recipients: [
{
id: recipient.id,
@ -454,9 +478,9 @@ test.describe('Template Field Prefill API v2', () => {
expect(responseData.id).toBeDefined();
// 9. Verify the document was created with default fields
const document = await prisma.document.findUnique({
const document = await prisma.envelope.findUnique({
where: {
id: responseData.id,
secondaryId: mapDocumentIdToSecondaryId(responseData.id),
},
include: {
fields: true,
@ -465,6 +489,10 @@ test.describe('Template Field Prefill API v2', () => {
expect(document).not.toBeNull();
if (!document) {
throw new Error('Document not found');
}
// 10. Verify fields have their default values
const documentTextField = document?.fields.find((field) => field.type === FieldType.TEXT);
expect(documentTextField?.fieldMeta).toMatchObject({
@ -484,7 +512,7 @@ test.describe('Template Field Prefill API v2', () => {
'Content-Type': 'application/json',
},
data: {
documentId: document?.id,
documentId: mapSecondaryIdToDocumentId(document?.secondaryId),
meta: {
subject: 'Test Subject',
message: 'Test Message',
@ -498,7 +526,7 @@ test.describe('Template Field Prefill API v2', () => {
// 11. Sign in as the recipient and verify the default fields are visible
const documentRecipient = await prisma.recipient.findFirst({
where: {
documentId: document?.id,
envelopeId: document?.id,
email: 'recipient@example.com',
},
});
@ -531,10 +559,12 @@ test.describe('Template Field Prefill API v2', () => {
},
});
const firstEnvelopeItem = template.envelopeItems[0];
// 4. Create a recipient for the template
const recipient = await prisma.recipient.create({
data: {
templateId: template.id,
envelopeId: template.id,
email: 'recipient@example.com',
name: 'Test Recipient',
role: RecipientRole.SIGNER,
@ -548,7 +578,8 @@ test.describe('Template Field Prefill API v2', () => {
// 5. Add a field to the template
const field = await prisma.field.create({
data: {
templateId: template.id,
envelopeId: template.id,
envelopeItemId: firstEnvelopeItem.id,
recipientId: recipient.id,
type: FieldType.RADIO,
page: 1,
@ -576,7 +607,7 @@ test.describe('Template Field Prefill API v2', () => {
'Content-Type': 'application/json',
},
data: {
templateId: template.id,
templateId: mapSecondaryIdToTemplateId(template.secondaryId),
recipients: [
{
id: recipient.id,

1569
packages/app-tests/e2e/api/v2/test-unauthorized-api-access.spec.ts
View File

File diff suppressed because it is too large Load Diff

4
packages/app-tests/e2e/document-auth/access-auth.spec.ts
View File

@ -19,7 +19,7 @@ test('[DOCUMENT_AUTH]: should grant access when not required', async ({ page })
const recipients = await prisma.recipient.findMany({
where: {
documentId: document.id,
envelopeId: document.id,
},
});
@ -52,7 +52,7 @@ test('[DOCUMENT_AUTH]: should allow or deny access when required', async ({ page
const recipients = await prisma.recipient.findMany({
where: {
documentId: document.id,
envelopeId: document.id,
},
});

8
packages/app-tests/e2e/document-auth/next-recipient-dictation.spec.ts
View File

@ -85,7 +85,7 @@ test('[NEXT_RECIPIENT_DICTATION]: should allow updating next recipient when dict
await page.waitForURL(`${signUrl}/complete`);
// Verify document and recipient states
const updatedDocument = await prisma.document.findUniqueOrThrow({
const updatedDocument = await prisma.envelope.findUniqueOrThrow({
where: { id: document.id },
include: {
recipients: {
@ -172,7 +172,7 @@ test('[NEXT_RECIPIENT_DICTATION]: should not show dictation UI when disabled', a
// Verify document and recipient states
const updatedDocument = await prisma.document.findUniqueOrThrow({
const updatedDocument = await prisma.envelope.findUniqueOrThrow({
where: { id: document.id },
include: {
recipients: {
@ -259,7 +259,7 @@ test('[NEXT_RECIPIENT_DICTATION]: should work with parallel signing flow', async
// Verify final document and recipient states
await expect(async () => {
const updatedDocument = await prisma.document.findUniqueOrThrow({
const updatedDocument = await prisma.envelope.findUniqueOrThrow({
where: { id: document.id },
include: {
recipients: {
@ -362,7 +362,7 @@ test('[NEXT_RECIPIENT_DICTATION]: should allow assistant to dictate next signer'
// Verify document and recipient states
await expect(async () => {
const updatedDocument = await prisma.document.findUniqueOrThrow({
const updatedDocument = await prisma.envelope.findUniqueOrThrow({
where: { id: document.id },
include: {
recipients: {

9
packages/app-tests/e2e/document-flow/settings-step.spec.ts
View File

@ -1,5 +1,6 @@
import { expect, test } from '@playwright/test';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import {
seedBlankDocument,
seedDraftDocument,
@ -16,7 +17,7 @@ test('[DOCUMENT_FLOW]: add settings', async ({ page }) => {
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
// Set title.
@ -52,13 +53,15 @@ test('[DOCUMENT_FLOW]: title should be disabled depending on document status', a
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${pendingDocument.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(pendingDocument.secondaryId)}/edit`,
});
// Should be disabled for pending documents.
await expect(page.getByLabel('Title')).toBeDisabled();
// Should be enabled for draft documents.
await page.goto(`/t/${team.url}/documents/${draftDocument.id}/edit`);
await page.goto(
`/t/${team.url}/documents/${mapSecondaryIdToDocumentId(draftDocument.secondaryId)}/edit`,
);
await expect(page.getByLabel('Title')).toBeEnabled();
});

3
packages/app-tests/e2e/document-flow/signers-step.spec.ts
View File

@ -1,5 +1,6 @@
import { expect, test } from '@playwright/test';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import { seedBlankDocument } from '@documenso/prisma/seed/documents';
import { seedUser } from '@documenso/prisma/seed/users';
@ -12,7 +13,7 @@ test('[DOCUMENT_FLOW]: add signers', async ({ page }) => {
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
// Save the settings by going to the next step.

51
packages/app-tests/e2e/document-flow/stepper-component.spec.ts
View File

@ -9,7 +9,10 @@ import {
import { DateTime } from 'luxon';
import path from 'node:path';
import { getRecipientByEmail } from '@documenso/lib/server-only/recipient/get-recipient-by-email';
import {
mapDocumentIdToSecondaryId,
mapSecondaryIdToDocumentId,
} from '@documenso/lib/utils/envelope';
import { prisma } from '@documenso/prisma';
import {
seedBlankDocument,
@ -23,7 +26,7 @@ import { signSignaturePad } from '../fixtures/signature';
// Can't use the function in server-only/document due to it indirectly using
// require imports.
const getDocumentByToken = async (token: string) => {
return await prisma.document.findFirstOrThrow({
return await prisma.envelope.findFirstOrThrow({
where: {
recipients: {
some: {
@ -69,7 +72,7 @@ test('[DOCUMENT_FLOW]: should be able to create a document', async ({ page }) =>
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
const documentTitle = `example-${Date.now()}.pdf`;
@ -130,7 +133,7 @@ test('[DOCUMENT_FLOW]: should be able to create a document with multiple recipie
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
const documentTitle = `example-${Date.now()}.pdf`;
@ -215,7 +218,7 @@ test('[DOCUMENT_FLOW]: should be able to create a document with multiple recipie
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
// Set title
@ -313,7 +316,7 @@ test('[DOCUMENT_FLOW]: should not be able to create a document without signature
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
const documentTitle = `example-${Date.now()}.pdf`;
@ -401,7 +404,7 @@ test('[DOCUMENT_FLOW]: should be able to create, send with redirect url, sign a
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
const documentTitle = `example-${Date.now()}.pdf`;
@ -442,9 +445,13 @@ test('[DOCUMENT_FLOW]: should be able to create, send with redirect url, sign a
const url = page.url().split('/');
const documentId = url[url.length - 1];
const { token } = await getRecipientByEmail({
const { token } = await prisma.recipient.findFirstOrThrow({
where: {
envelope: {
secondaryId: mapDocumentIdToSecondaryId(Number(documentId)),
},
email: 'user1@example.com',
documentId: Number(documentId),
},
});
await page.goto(`/sign/${token}`);
@ -500,7 +507,7 @@ test('[DOCUMENT_FLOW]: should be able to sign a document with custom date', asyn
recipient: {
email: 'user1@example.com',
},
documentId: Number(document.id),
envelopeId: document.id,
},
});
@ -525,7 +532,7 @@ test('[DOCUMENT_FLOW]: should be able to create and sign a document with 3 recip
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
const documentTitle = `Sequential-Signing-${Date.now()}.pdf`;
@ -587,7 +594,7 @@ test('[DOCUMENT_FLOW]: should be able to create and sign a document with 3 recip
await expect(page.getByRole('link', { name: documentTitle })).toBeVisible();
const createdDocument = await prisma.document.findFirst({
const createdDocument = await prisma.envelope.findFirst({
where: { title: documentTitle },
include: { recipients: true },
});
@ -602,13 +609,13 @@ test('[DOCUMENT_FLOW]: should be able to create and sign a document with 3 recip
expect(recipient).not.toBeNull();
const fields = await prisma.field.findMany({
where: { recipientId: recipient?.id, documentId: createdDocument?.id },
where: { recipientId: recipient?.id, envelopeId: createdDocument?.id },
});
const recipientField = fields[0];
if (i > 0) {
const previousRecipient = await prisma.recipient.findFirst({
where: { email: `user${i}@example.com`, documentId: createdDocument?.id },
where: { email: `user${i}@example.com`, envelopeId: createdDocument?.id },
});
expect(previousRecipient?.signingStatus).toBe(SigningStatus.SIGNED);
@ -636,7 +643,7 @@ test('[DOCUMENT_FLOW]: should be able to create and sign a document with 3 recip
// Wait for the document to be signed.
await page.waitForTimeout(10000);
const finalDocument = await prisma.document.findFirst({
const finalDocument = await prisma.envelope.findFirst({
where: { id: createdDocument?.id },
});
@ -648,19 +655,21 @@ test('[DOCUMENT_FLOW]: should prevent out-of-order signing in sequential mode',
}) => {
const { user, team } = await seedUser();
const { recipients } = await seedPendingDocumentWithFullFields({
const { document, recipients } = await seedPendingDocumentWithFullFields({
teamId: team.id,
owner: user,
recipients: ['user1@example.com', 'user2@example.com', 'user3@example.com'],
fields: [FieldType.SIGNATURE],
recipientsCreateOptions: [{ signingOrder: 1 }, { signingOrder: 2 }, { signingOrder: 3 }],
updateDocumentOptions: {
documentMeta: {
create: {
});
await prisma.documentMeta.update({
where: {
id: document.documentMetaId,
},
data: {
signingOrder: DocumentSigningOrder.SEQUENTIAL,
},
},
},
});
const pendingRecipient = recipients.find((r) => r.signingOrder === 2);

29
packages/app-tests/e2e/documents/test-unauthorized-document-access.spec.ts
View File

@ -1,6 +1,7 @@
import { expect, test } from '@playwright/test';
import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import {
seedBlankDocument,
seedCompletedDocument,
@ -27,7 +28,9 @@ test.describe('Unauthorized Access to Documents', () => {
redirectPath: `/t/${team.url}/documents`,
});
await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${document.id}`);
await page.goto(
`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}`,
);
await expect(page.getByRole('heading', { name: 'Oops! Something went wrong.' })).toBeVisible();
});
@ -40,10 +43,12 @@ test.describe('Unauthorized Access to Documents', () => {
await apiSignin({
page,
email: unauthorizedUser.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${document.id}/edit`);
await page.goto(
`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
);
await expect(page.getByRole('heading', { name: 'Oops! Something went wrong.' })).toBeVisible();
});
@ -57,10 +62,12 @@ test.describe('Unauthorized Access to Documents', () => {
await apiSignin({
page,
email: unauthorizedUser.email,
redirectPath: `/t/${team.url}/documents/${document.id}`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}`,
});
await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${document.id}`);
await page.goto(
`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}`,
);
await expect(page.getByRole('heading', { name: 'Oops! Something went wrong.' })).toBeVisible();
});
@ -74,10 +81,12 @@ test.describe('Unauthorized Access to Documents', () => {
await apiSignin({
page,
email: unauthorizedUser.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${document.id}/edit`);
await page.goto(
`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
);
await expect(page.getByRole('heading', { name: 'Oops! Something went wrong.' })).toBeVisible();
});
@ -91,10 +100,12 @@ test.describe('Unauthorized Access to Documents', () => {
await apiSignin({
page,
email: unauthorizedUser.email,
redirectPath: `/t/${team.url}/documents/${document.id}`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}`,
});
await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${document.id}`);
await page.goto(
`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}`,
);
await expect(page.getByRole('heading', { name: 'Oops! Something went wrong.' })).toBeVisible();
});
});

54
packages/app-tests/e2e/features/include-document-certificate.spec.ts
View File

@ -28,7 +28,9 @@ test.describe('Signing Certificate Tests', () => {
const documentData = await prisma.documentData
.findFirstOrThrow({
where: {
id: document.documentDataId,
envelopeItem: {
envelopeId: document.id,
},
},
})
.then(async (data) => getFile(data));
@ -65,12 +67,21 @@ test.describe('Signing Certificate Tests', () => {
await page.waitForTimeout(2500);
// Get the completed document
const completedDocument = await prisma.document.findFirstOrThrow({
const completedDocument = await prisma.envelope.findFirstOrThrow({
where: { id: document.id },
include: { documentData: true },
include: {
envelopeItems: {
include: {
documentData: true,
},
},
},
});
const completedDocumentData = await getFile(completedDocument.documentData);
// Todo: Envelopes
const firstDocumentData = completedDocument.envelopeItems[0].documentData;
const completedDocumentData = await getFile(firstDocumentData);
// Load the PDF and check number of pages
const pdfDoc = await PDFDocument.load(completedDocumentData);
@ -110,7 +121,9 @@ test.describe('Signing Certificate Tests', () => {
const documentData = await prisma.documentData
.findFirstOrThrow({
where: {
id: document.documentDataId,
envelopeItem: {
envelopeId: document.id,
},
},
})
.then(async (data) => getFile(data));
@ -145,12 +158,21 @@ test.describe('Signing Certificate Tests', () => {
await page.waitForTimeout(2500);
// Get the completed document
const completedDocument = await prisma.document.findFirstOrThrow({
const completedDocument = await prisma.envelope.findFirstOrThrow({
where: { id: document.id },
include: { documentData: true },
include: {
envelopeItems: {
include: {
documentData: true,
},
},
},
});
const completedDocumentData = await getFile(completedDocument.documentData);
// Todo: Envelopes
const firstDocumentData = completedDocument.envelopeItems[0].documentData;
const completedDocumentData = await getFile(firstDocumentData);
// Load the PDF and check number of pages
const completedPdf = await PDFDocument.load(completedDocumentData);
@ -190,7 +212,9 @@ test.describe('Signing Certificate Tests', () => {
const documentData = await prisma.documentData
.findFirstOrThrow({
where: {
id: document.documentDataId,
envelopeItem: {
envelopeId: document.id,
},
},
})
.then(async (data) => getFile(data));
@ -225,12 +249,18 @@ test.describe('Signing Certificate Tests', () => {
await page.waitForTimeout(2500);
// Get the completed document
const completedDocument = await prisma.document.findFirstOrThrow({
const completedDocument = await prisma.envelope.findFirstOrThrow({
where: { id: document.id },
include: { documentData: true },
include: {
envelopeItems: {
include: {
documentData: true,
},
},
},
});
const completedDocumentData = await getFile(completedDocument.documentData);
const completedDocumentData = await getFile(completedDocument.envelopeItems[0].documentData);
// Load the PDF and check number of pages
const completedPdf = await PDFDocument.load(completedDocumentData);

6
packages/app-tests/e2e/folders/team-account-folders.spec.ts
View File

@ -383,12 +383,10 @@ test('[TEAMS]: can create a template inside a template folder', async ({ page })
await page.waitForTimeout(3000);
await page.getByRole('button', { name: 'Create' }).click();
await page.waitForTimeout(1000);
// Expect redirect.
await expect(page.getByText('documenso-supporter-pledge.pdf')).toBeVisible();
// Return to folder and verify file is visible.
await page.goto(`/t/${team.url}/templates/f/${folder.id}`);
await expect(page.getByText('documenso-supporter-pledge.pdf')).toBeVisible();
});

6
packages/app-tests/e2e/organisations/organisation-team-preferences.spec.ts
View File

@ -96,7 +96,7 @@ test('[ORGANISATIONS]: manage document preferences', async ({ page }) => {
const documentMeta = await prisma.documentMeta.findFirstOrThrow({
where: {
documentId: document.id,
id: document.documentMetaId,
},
});
@ -272,7 +272,7 @@ test('[ORGANISATIONS]: manage email preferences', async ({ page }) => {
const teamOverrideDocumentMeta = await prisma.documentMeta.findFirstOrThrow({
where: {
documentId: teamOverrideDocument.id,
id: teamOverrideDocument.documentMetaId,
},
});
@ -317,7 +317,7 @@ test('[ORGANISATIONS]: manage email preferences', async ({ page }) => {
const documentMeta = await prisma.documentMeta.findFirstOrThrow({
where: {
documentId: document.id,
id: document.documentMetaId,
},
});

11
packages/app-tests/e2e/teams/team-documents.spec.ts
View File

@ -1,6 +1,7 @@
import { expect, test } from '@playwright/test';
import { DocumentStatus, DocumentVisibility, TeamMemberRole } from '@prisma/client';
import { mapSecondaryIdToDocumentId } from '@documenso/lib/utils/envelope';
import {
seedBlankDocument,
seedDocuments,
@ -750,7 +751,7 @@ test('[TEAMS]: check that ADMIN role can change document visibility', async ({ p
await apiSignin({
page,
email: adminUser.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
await page.getByTestId('documentVisibilitySelectValue').click();
@ -784,7 +785,7 @@ test('[TEAMS]: check that MEMBER role cannot change visibility of EVERYONE docum
await apiSignin({
page,
email: teamMember.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
await expect(page.getByTestId('documentVisibilitySelectValue')).toHaveText('Everyone');
@ -810,7 +811,7 @@ test('[TEAMS]: check that MEMBER role cannot change visibility of MANAGER_AND_AB
await apiSignin({
page,
email: teamMember.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
await expect(page.getByTestId('documentVisibilitySelectValue')).toHaveText('Managers and above');
@ -836,7 +837,7 @@ test('[TEAMS]: check that MEMBER role cannot change visibility of ADMIN document
await apiSignin({
page,
email: teamMember.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
await expect(page.getByTestId('documentVisibilitySelectValue')).toHaveText('Admins only');
@ -862,7 +863,7 @@ test('[TEAMS]: check that MANAGER role cannot change visibility of ADMIN documen
await apiSignin({
page,
email: teamManager.email,
redirectPath: `/t/${team.url}/documents/${document.id}/edit`,
redirectPath: `/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
});
await expect(page.getByTestId('documentVisibilitySelectValue')).toHaveText('Admins only');

15
packages/app-tests/e2e/teams/team-signature-settings.spec.ts
View File

@ -1,5 +1,9 @@
import { expect, test } from '@playwright/test';
import {
mapSecondaryIdToDocumentId,
mapSecondaryIdToTemplateId,
} from '@documenso/lib/utils/envelope';
import { prisma } from '@documenso/prisma';
import {
seedTeamDocumentWithMeta,
@ -21,7 +25,9 @@ test('[TEAMS]: check that default team signature settings are all enabled', asyn
const document = await seedTeamDocumentWithMeta(team);
// Create a document and check the settings
await page.goto(`/t/${team.url}/documents/${document.id}/edit`);
await page.goto(
`/t/${team.url}/documents/${mapSecondaryIdToDocumentId(document.secondaryId)}/edit`,
);
// Verify that the settings match
await page.getByRole('button', { name: 'Advanced Options' }).click();
@ -154,7 +160,7 @@ test('[TEAMS]: check signature modes work for templates', async ({ page }) => {
const template = await seedTeamTemplateWithMeta(team);
await page.goto(`/t/${team.url}/templates/${template.id}`);
await page.goto(`/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}`);
await page.getByRole('button', { name: 'Use' }).click();
// Check the send document checkbox to true
@ -162,9 +168,10 @@ test('[TEAMS]: check signature modes work for templates', async ({ page }) => {
await page.getByRole('button', { name: 'Create and send' }).click();
await page.waitForTimeout(1000);
const document = await prisma.document.findFirst({
const document = await prisma.envelope.findFirst({
where: {
templateId: template.id,
// Created from template
templateId: mapSecondaryIdToTemplateId(template.secondaryId),
},
include: {
documentMeta: true,

22
packages/app-tests/e2e/templates-flow/template-settings-step.spec.ts
View File

@ -1,6 +1,7 @@
import { expect, test } from '@playwright/test';
import { TeamMemberRole } from '@prisma/client';
import { mapSecondaryIdToTemplateId } from '@documenso/lib/utils/envelope';
import { seedTeam, seedTeamMember } from '@documenso/prisma/seed/teams';
import { seedBlankTemplate } from '@documenso/prisma/seed/templates';
import { seedUser } from '@documenso/prisma/seed/users';
@ -14,7 +15,7 @@ test('[TEMPLATE_FLOW]: add settings', async ({ page }) => {
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set title.
@ -48,7 +49,7 @@ test('[TEMPLATE_FLOW] add document visibility settings', async ({ page }) => {
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set document visibility.
@ -63,7 +64,9 @@ test('[TEMPLATE_FLOW] add document visibility settings', async ({ page }) => {
await expect(page.getByRole('heading', { name: 'Add Placeholders' })).toBeVisible();
// Navigate back to the edit page to check that the settings are saved correctly.
await page.goto(`/t/${team.url}/templates/${template.id}/edit`);
await page.goto(
`/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
);
await expect(page.getByRole('heading', { name: 'General' })).toBeVisible();
await expect(page.getByTestId('documentVisibilitySelectValue')).toContainText(
@ -96,7 +99,7 @@ test('[TEMPLATE_FLOW] team member visibility permissions', async ({ page }) => {
await apiSignin({
page,
email: managerUser.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Manager should be able to set visibility to managers and above
@ -115,11 +118,12 @@ test('[TEMPLATE_FLOW] team member visibility permissions', async ({ page }) => {
await apiSignin({
page,
email: memberUser.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Regular member should not be able to modify visibility when set to managers and above
await expect(page.getByTestId('documentVisibilitySelectValue')).toBeDisabled();
// A regular member should not be able to see the template.
// They should be redirected to the templates page.
expect(new URL(page.url()).pathname).toBe(`/t/${team.url}/templates`);
// Create a new template with 'everyone' visibility
const everyoneTemplate = await seedBlankTemplate(owner, team.id, {
@ -130,7 +134,9 @@ test('[TEMPLATE_FLOW] team member visibility permissions', async ({ page }) => {
});
// Navigate to the new template
await page.goto(`/t/${team.url}/templates/${everyoneTemplate.id}/edit`);
await page.goto(
`/t/${team.url}/templates/${mapSecondaryIdToTemplateId(everyoneTemplate.secondaryId)}/edit`,
);
// Regular member should be able to see but not modify visibility
await expect(page.getByTestId('documentVisibilitySelectValue')).toBeDisabled();

5
packages/app-tests/e2e/templates-flow/template-signers-step.spec.ts
View File

@ -1,5 +1,6 @@
import { expect, test } from '@playwright/test';
import { mapSecondaryIdToTemplateId } from '@documenso/lib/utils/envelope';
import { seedBlankTemplate } from '@documenso/prisma/seed/templates';
import { seedUser } from '@documenso/prisma/seed/users';
@ -29,7 +30,7 @@ import { apiSignin } from '../fixtures/authentication';
// await apiSignin({
// page,
// email: user.email,
// redirectPath: `/templates/${template.id}/edit`,
// redirectPath: `/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
// });
// // Save the settings by going to the next step.
@ -79,7 +80,7 @@ test('[TEMPLATE_FLOW]: add placeholder', async ({ page }) => {
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Save the settings by going to the next step.

101
packages/app-tests/e2e/templates/create-document-from-template.spec.ts
View File

@ -4,6 +4,10 @@ import fs from 'fs';
import path from 'path';
import { extractDocumentAuthMethods } from '@documenso/lib/utils/document-auth';
import {
mapDocumentIdToSecondaryId,
mapSecondaryIdToTemplateId,
} from '@documenso/lib/utils/envelope';
import { prisma } from '@documenso/prisma';
import { seedTeam, seedTeamMember } from '@documenso/prisma/seed/teams';
import { seedBlankTemplate } from '@documenso/prisma/seed/templates';
@ -29,7 +33,7 @@ test('[TEMPLATE]: should create a document from a template', async ({ page }) =>
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set template title.
@ -79,9 +83,9 @@ test('[TEMPLATE]: should create a document from a template', async ({ page }) =>
const documentId = Number(page.url().split('/').pop());
const document = await prisma.document.findFirstOrThrow({
const document = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
secondaryId: mapDocumentIdToSecondaryId(documentId),
},
include: {
recipients: true,
@ -132,7 +136,7 @@ test('[TEMPLATE]: should create a team document from a team template', async ({
await apiSignin({
page,
email: owner.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set template title.
@ -182,9 +186,9 @@ test('[TEMPLATE]: should create a team document from a team template', async ({
const documentId = Number(page.url().split('/').pop());
const document = await prisma.document.findFirstOrThrow({
const document = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
secondaryId: mapDocumentIdToSecondaryId(documentId),
},
include: {
recipients: true,
@ -240,7 +244,7 @@ test('[TEMPLATE]: should create a document from a template with custom document'
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set template title
@ -288,30 +292,36 @@ test('[TEMPLATE]: should create a document from a template with custom document'
const documentId = Number(page.url().split('/').pop());
const document = await prisma.document.findFirstOrThrow({
const document = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
secondaryId: mapDocumentIdToSecondaryId(documentId),
},
include: {
envelopeItems: {
include: {
documentData: true,
},
},
},
});
const firstDocumentData = document.envelopeItems[0].documentData;
const expectedDocumentDataType =
process.env.NEXT_PUBLIC_UPLOAD_TRANSPORT === 's3'
? DocumentDataType.S3_PATH
: DocumentDataType.BYTES_64;
expect(document.title).toEqual('TEMPLATE_WITH_CUSTOM_DOC');
expect(document.documentData.type).toEqual(expectedDocumentDataType);
expect(firstDocumentData.type).toEqual(expectedDocumentDataType);
if (expectedDocumentDataType === DocumentDataType.BYTES_64) {
expect(document.documentData.data).toEqual(pdfContent);
expect(document.documentData.initialData).toEqual(pdfContent);
expect(firstDocumentData.data).toEqual(pdfContent);
expect(firstDocumentData.initialData).toEqual(pdfContent);
} else {
// For S3, we expect the data/initialData to be the S3 path (non-empty string)
expect(document.documentData.data).toBeTruthy();
expect(document.documentData.initialData).toBeTruthy();
expect(firstDocumentData.data).toBeTruthy();
expect(firstDocumentData.initialData).toBeTruthy();
}
});
@ -333,7 +343,7 @@ test('[TEMPLATE]: should create a team document from a template with custom docu
await apiSignin({
page,
email: owner.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set template title
@ -381,13 +391,17 @@ test('[TEMPLATE]: should create a team document from a template with custom docu
const documentId = Number(page.url().split('/').pop());
const document = await prisma.document.findFirstOrThrow({
const document = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
secondaryId: mapDocumentIdToSecondaryId(documentId),
},
include: {
envelopeItems: {
include: {
documentData: true,
},
},
},
});
const expectedDocumentDataType =
@ -395,17 +409,19 @@ test('[TEMPLATE]: should create a team document from a template with custom docu
? DocumentDataType.S3_PATH
: DocumentDataType.BYTES_64;
const firstDocumentData = document.envelopeItems[0].documentData;
expect(document.teamId).toEqual(team.id);
expect(document.title).toEqual('TEAM_TEMPLATE_WITH_CUSTOM_DOC');
expect(document.documentData.type).toEqual(expectedDocumentDataType);
expect(firstDocumentData.type).toEqual(expectedDocumentDataType);
if (expectedDocumentDataType === DocumentDataType.BYTES_64) {
expect(document.documentData.data).toEqual(pdfContent);
expect(document.documentData.initialData).toEqual(pdfContent);
expect(firstDocumentData.data).toEqual(pdfContent);
expect(firstDocumentData.initialData).toEqual(pdfContent);
} else {
// For S3, we expect the data/initialData to be the S3 path (non-empty string)
expect(document.documentData.data).toBeTruthy();
expect(document.documentData.initialData).toBeTruthy();
expect(firstDocumentData.data).toBeTruthy();
expect(firstDocumentData.initialData).toBeTruthy();
}
});
@ -422,7 +438,7 @@ test('[TEMPLATE]: should create a document from a template using template docume
await apiSignin({
page,
email: user.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set template title
@ -455,30 +471,40 @@ test('[TEMPLATE]: should create a document from a template using template docume
const documentId = Number(page.url().split('/').pop());
const document = await prisma.document.findFirstOrThrow({
const document = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
secondaryId: mapDocumentIdToSecondaryId(documentId),
},
include: {
envelopeItems: {
include: {
documentData: true,
},
},
},
});
const templateWithData = await prisma.template.findFirstOrThrow({
const firstDocumentData = document.envelopeItems[0].documentData;
const templateWithData = await prisma.envelope.findFirstOrThrow({
where: {
id: template.id,
},
include: {
templateDocumentData: true,
envelopeItems: {
include: {
documentData: true,
},
},
},
});
expect(document.title).toEqual('TEMPLATE_WITH_ORIGINAL_DOC');
expect(document.documentData.data).toEqual(templateWithData.templateDocumentData.data);
expect(document.documentData.initialData).toEqual(
templateWithData.templateDocumentData.initialData,
expect(firstDocumentData.data).toEqual(templateWithData.envelopeItems[0].documentData.data);
expect(firstDocumentData.initialData).toEqual(
templateWithData.envelopeItems[0].documentData.initialData,
);
expect(document.documentData.type).toEqual(templateWithData.templateDocumentData.type);
expect(firstDocumentData.type).toEqual(templateWithData.envelopeItems[0].documentData.type);
});
test('[TEMPLATE]: should persist document visibility when creating from template', async ({
@ -493,7 +519,7 @@ test('[TEMPLATE]: should persist document visibility when creating from template
await apiSignin({
page,
email: owner.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
// Set template title and visibility
@ -536,9 +562,16 @@ test('[TEMPLATE]: should persist document visibility when creating from template
const documentId = Number(page.url().split('/').pop());
const document = await prisma.document.findFirstOrThrow({
const document = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
secondaryId: mapDocumentIdToSecondaryId(documentId),
},
include: {
envelopeItems: {
include: {
documentData: true,
},
},
},
});

3
packages/app-tests/e2e/templates/direct-templates.spec.ts
View File

@ -3,6 +3,7 @@ import { customAlphabet } from 'nanoid';
import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
import { createDocumentAuthOptions } from '@documenso/lib/utils/document-auth';
import { mapSecondaryIdToTemplateId } from '@documenso/lib/utils/envelope';
import { formatDirectTemplatePath } from '@documenso/lib/utils/templates';
import { seedTeam } from '@documenso/prisma/seed/teams';
import { seedDirectTemplate, seedTemplate } from '@documenso/prisma/seed/templates';
@ -34,7 +35,7 @@ test('[DIRECT_TEMPLATES]: create direct link for template', async ({ page }) =>
redirectPath: `/t/${team.url}/templates`,
});
const url = `${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/templates/${teamTemplate.id}`;
const url = `${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/templates/${mapSecondaryIdToTemplateId(teamTemplate.secondaryId)}`;
// Owner should see list of templates with no direct link badge.
await page.goto(url);

13
packages/app-tests/e2e/templates/test-unauthorized-template-access.spec.ts
View File

@ -1,6 +1,7 @@
import { expect, test } from '@playwright/test';
import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
import { mapSecondaryIdToTemplateId } from '@documenso/lib/utils/envelope';
import { seedBlankTemplate } from '@documenso/prisma/seed/templates';
import { seedUser } from '@documenso/prisma/seed/users';
@ -20,10 +21,12 @@ test.describe('Unauthorized Access to Templates', () => {
await apiSignin({
page,
email: unauthorizedUser.email,
redirectPath: `/t/${team.url}/templates/${template.id}`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}`,
});
await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/templates/${template.id}`);
await page.goto(
`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}`,
);
await expect(page.getByRole('heading', { name: 'Oops! Something went wrong.' })).toBeVisible();
});
@ -36,10 +39,12 @@ test.describe('Unauthorized Access to Templates', () => {
await apiSignin({
page,
email: unauthorizedUser.email,
redirectPath: `/t/${team.url}/templates/${template.id}/edit`,
redirectPath: `/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
});
await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/templates/${template.id}/edit`);
await page.goto(
`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/templates/${mapSecondaryIdToTemplateId(template.secondaryId)}/edit`,
);
await expect(page.getByRole('heading', { name: 'Oops! Something went wrong.' })).toBeVisible();
});
});

8
packages/ee/server-only/limits/server.ts
View File

@ -1,4 +1,4 @@
import { DocumentSource, SubscriptionStatus } from '@prisma/client';
import { DocumentSource, EnvelopeType, SubscriptionStatus } from '@prisma/client';
import { DateTime } from 'luxon';
import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';
@ -84,8 +84,9 @@ export const getServerLimits = async ({
}
const [documents, directTemplates] = await Promise.all([
prisma.document.count({
prisma.envelope.count({
where: {
type: EnvelopeType.DOCUMENT,
team: {
organisationId: organisation.id,
},
@ -97,8 +98,9 @@ export const getServerLimits = async ({
},
},
}),
prisma.template.count({
prisma.envelope.count({
where: {
type: EnvelopeType.TEMPLATE,
team: {
organisationId: organisation.id,
},

6
packages/lib/client-only/hooks/use-copy-share-link.ts
View File

@ -1,5 +1,5 @@
import { trpc } from '@documenso/trpc/react';
import type { TCreateOrGetShareLinkMutationSchema } from '@documenso/trpc/server/share-link-router/schema';
import type { TShareDocumentRequest } from '@documenso/trpc/server/document-router/share-document.types';
import { useCopyToClipboard } from './use-copy-to-clipboard';
@ -12,14 +12,14 @@ export function useCopyShareLink({ onSuccess, onError }: UseCopyShareLinkOptions
const [, copyToClipboard] = useCopyToClipboard();
const { mutateAsync: createOrGetShareLink, isPending: isCreatingShareLink } =
trpc.shareLink.createOrGetShareLink.useMutation();
trpc.document.share.useMutation();
/**
* Copy a newly created, or pre-existing share link to the user's clipboard.
*
* @param payload The payload to create or get a share link.
*/
const createAndCopyShareLink = async (payload: TCreateOrGetShareLinkMutationSchema) => {
const createAndCopyShareLink = async (payload: TShareDocumentRequest) => {
const valueToCopy = createOrGetShareLink(payload).then(
(result) => `${window.location.origin}/share/${result.slug}`,
);

4
packages/lib/client-only/hooks/use-field-page-coords.ts
View File

@ -5,7 +5,9 @@ import type { Field } from '@prisma/client';
import { getBoundingClientRect } from '@documenso/lib/client-only/get-bounding-client-rect';
import { PDF_VIEWER_PAGE_SELECTOR } from '@documenso/lib/constants/pdf-viewer';
export const useFieldPageCoords = (field: Field) => {
export const useFieldPageCoords = (
field: Pick<Field, 'positionX' | 'positionY' | 'width' | 'height' | 'page'>,
) => {
const [coords, setCoords] = useState({
x: 0,
y: 0,

12
packages/lib/constants/teams.ts
View File

@ -1,4 +1,4 @@
import { OrganisationGroupType, TeamMemberRole } from '@prisma/client';
import { DocumentVisibility, OrganisationGroupType, TeamMemberRole } from '@prisma/client';
export const TEAM_URL_ROOT_REGEX = new RegExp('^/t/[^/]+/?$');
export const TEAM_URL_REGEX = new RegExp('^/t/[^/]+');
@ -33,6 +33,16 @@ export const TEAM_MEMBER_ROLE_PERMISSIONS_MAP = {
MANAGE_TEAM: [TeamMemberRole.ADMIN, TeamMemberRole.MANAGER],
} satisfies Record<string, TeamMemberRole[]>;
export const TEAM_DOCUMENT_VISIBILITY_MAP = {
[TeamMemberRole.ADMIN]: [
DocumentVisibility.ADMIN,
DocumentVisibility.MANAGER_AND_ABOVE,
DocumentVisibility.EVERYONE,
],
[TeamMemberRole.MANAGER]: [DocumentVisibility.MANAGER_AND_ABOVE, DocumentVisibility.EVERYONE],
[TeamMemberRole.MEMBER]: [DocumentVisibility.EVERYONE],
} satisfies Record<TeamMemberRole, DocumentVisibility[]>;
/**
* A hierarchy of team member roles to determine which role has higher permission than another.
*

23
packages/lib/jobs/definitions/emails/send-document-cancelled-emails.handler.ts
View File

@ -1,7 +1,7 @@
import { createElement } from 'react';
import { msg } from '@lingui/core/macro';
import { ReadStatus, SendStatus, SigningStatus } from '@prisma/client';
import { EnvelopeType, ReadStatus, SendStatus, SigningStatus } from '@prisma/client';
import { mailer } from '@documenso/email/mailer';
import DocumentCancelTemplate from '@documenso/email/templates/document-cancel';
@ -11,6 +11,7 @@ import { getI18nInstance } from '../../../client-only/providers/i18n-server';
import { NEXT_PUBLIC_WEBAPP_URL } from '../../../constants/app';
import { getEmailContext } from '../../../server-only/email/get-email-context';
import { extractDerivedDocumentEmailSettings } from '../../../types/document-email';
import { unsafeBuildEnvelopeIdQuery } from '../../../utils/envelope';
import { renderEmailWithI18N } from '../../../utils/render-email-with-i18n';
import type { JobRunIO } from '../../client/_internal/job';
import type { TSendDocumentCancelledEmailsJobDefinition } from './send-document-cancelled-emails';
@ -24,10 +25,14 @@ export const run = async ({
}) => {
const { documentId, cancellationReason } = payload;
const document = await prisma.document.findFirstOrThrow({
where: {
const envelope = await prisma.envelope.findFirstOrThrow({
where: unsafeBuildEnvelopeIdQuery(
{
type: 'documentId',
id: documentId,
},
EnvelopeType.DOCUMENT,
),
include: {
user: {
select: {
@ -52,12 +57,12 @@ export const run = async ({
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const { documentMeta, user: documentOwner } = document;
const { documentMeta, user: documentOwner } = envelope;
// Check if document cancellation emails are enabled
const isEmailEnabled = extractDerivedDocumentEmailSettings(documentMeta).documentDeleted;
@ -69,7 +74,7 @@ export const run = async ({
const i18n = await getI18nInstance(emailLanguage);
// Send cancellation emails to all recipients who have been sent the document or viewed it
const recipientsToNotify = document.recipients.filter(
const recipientsToNotify = envelope.recipients.filter(
(recipient) =>
(recipient.sendStatus === SendStatus.SENT || recipient.readStatus === ReadStatus.OPENED) &&
recipient.signingStatus !== SigningStatus.REJECTED,
@ -79,7 +84,7 @@ export const run = async ({
await Promise.all(
recipientsToNotify.map(async (recipient) => {
const template = createElement(DocumentCancelTemplate, {
documentName: document.title,
documentName: envelope.title,
inviterName: documentOwner.name || undefined,
inviterEmail: documentOwner.email,
assetBaseUrl: NEXT_PUBLIC_WEBAPP_URL(),
@ -102,7 +107,7 @@ export const run = async ({
},
from: senderEmail,
replyTo: replyToEmail,
subject: i18n._(msg`Document "${document.title}" Cancelled`),
subject: i18n._(msg`Document "${envelope.title}" Cancelled`),
html,
text,
});

28
packages/lib/jobs/definitions/emails/send-recipient-signed-email.handler.ts
View File

@ -1,6 +1,7 @@
import { createElement } from 'react';
import { msg } from '@lingui/core/macro';
import { EnvelopeType } from '@prisma/client';
import { mailer } from '@documenso/email/mailer';
import { DocumentRecipientSignedEmailTemplate } from '@documenso/email/templates/document-recipient-signed';
@ -10,6 +11,7 @@ import { getI18nInstance } from '../../../client-only/providers/i18n-server';
import { NEXT_PUBLIC_WEBAPP_URL } from '../../../constants/app';
import { getEmailContext } from '../../../server-only/email/get-email-context';
import { extractDerivedDocumentEmailSettings } from '../../../types/document-email';
import { unsafeBuildEnvelopeIdQuery } from '../../../utils/envelope';
import { renderEmailWithI18N } from '../../../utils/render-email-with-i18n';
import type { JobRunIO } from '../../client/_internal/job';
import type { TSendRecipientSignedEmailJobDefinition } from './send-recipient-signed-email';
@ -23,9 +25,15 @@ export const run = async ({
}) => {
const { documentId, recipientId } = payload;
const document = await prisma.document.findFirst({
const envelope = await prisma.envelope.findFirst({
where: {
...unsafeBuildEnvelopeIdQuery(
{
type: 'documentId',
id: documentId,
},
EnvelopeType.DOCUMENT,
),
recipients: {
some: {
id: recipientId,
@ -49,25 +57,25 @@ export const run = async ({
},
});
if (!document) {
if (!envelope) {
throw new Error('Document not found');
}
if (document.recipients.length === 0) {
if (envelope.recipients.length === 0) {
throw new Error('Document has no recipients');
}
const isRecipientSignedEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).recipientSigned;
if (!isRecipientSignedEmailEnabled) {
return;
}
const [recipient] = document.recipients;
const [recipient] = envelope.recipients;
const { email: recipientEmail, name: recipientName } = recipient;
const { user: owner } = document;
const { user: owner } = envelope;
const recipientReference = recipientName || recipientEmail;
@ -80,9 +88,9 @@ export const run = async ({
emailType: 'INTERNAL',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
@ -90,7 +98,7 @@ export const run = async ({
const i18n = await getI18nInstance(emailLanguage);
const template = createElement(DocumentRecipientSignedEmailTemplate, {
documentName: document.title,
documentName: envelope.title,
recipientName,
recipientEmail,
assetBaseUrl,
@ -112,7 +120,7 @@ export const run = async ({
address: owner.email,
},
from: senderEmail,
subject: i18n._(msg`${recipientReference} has signed "${document.title}"`),
subject: i18n._(msg`${recipientReference} has signed "${envelope.title}"`),
html,
text,
});

35
packages/lib/jobs/definitions/emails/send-rejection-emails.handler.ts
View File

@ -1,7 +1,7 @@
import { createElement } from 'react';
import { msg } from '@lingui/core/macro';
import { SendStatus, SigningStatus } from '@prisma/client';
import { EnvelopeType, SendStatus, SigningStatus } from '@prisma/client';
import { mailer } from '@documenso/email/mailer';
import DocumentRejectedEmail from '@documenso/email/templates/document-rejected';
@ -13,6 +13,7 @@ import { NEXT_PUBLIC_WEBAPP_URL } from '../../../constants/app';
import { DOCUMENSO_INTERNAL_EMAIL } from '../../../constants/email';
import { getEmailContext } from '../../../server-only/email/get-email-context';
import { extractDerivedDocumentEmailSettings } from '../../../types/document-email';
import { unsafeBuildEnvelopeIdQuery } from '../../../utils/envelope';
import { renderEmailWithI18N } from '../../../utils/render-email-with-i18n';
import { formatDocumentsPath } from '../../../utils/teams';
import type { JobRunIO } from '../../client/_internal/job';
@ -27,11 +28,15 @@ export const run = async ({
}) => {
const { documentId, recipientId } = payload;
const [document, recipient] = await Promise.all([
prisma.document.findFirstOrThrow({
where: {
const [envelope, recipient] = await Promise.all([
prisma.envelope.findFirstOrThrow({
where: unsafeBuildEnvelopeIdQuery(
{
type: 'documentId',
id: documentId,
},
EnvelopeType.DOCUMENT,
),
include: {
user: {
select: {
@ -58,10 +63,10 @@ export const run = async ({
}),
]);
const { user: documentOwner } = document;
const { user: documentOwner } = envelope;
const isEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).recipientSigningRequest;
if (!isEmailEnabled) {
@ -72,9 +77,9 @@ export const run = async ({
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const i18n = await getI18nInstance(emailLanguage);
@ -83,8 +88,8 @@ export const run = async ({
await io.runTask('send-rejection-confirmation-email', async () => {
const recipientTemplate = createElement(DocumentRejectionConfirmedEmail, {
recipientName: recipient.name,
documentName: document.title,
documentOwnerName: document.user.name || document.user.email,
documentName: envelope.title,
documentOwnerName: envelope.user.name || envelope.user.email,
reason: recipient.rejectionReason || '',
assetBaseUrl: NEXT_PUBLIC_WEBAPP_URL(),
});
@ -105,7 +110,7 @@ export const run = async ({
},
from: senderEmail,
replyTo: replyToEmail,
subject: i18n._(msg`Document "${document.title}" - Rejection Confirmed`),
subject: i18n._(msg`Document "${envelope.title}" - Rejection Confirmed`),
html,
text,
});
@ -115,9 +120,9 @@ export const run = async ({
await io.runTask('send-owner-notification-email', async () => {
const ownerTemplate = createElement(DocumentRejectedEmail, {
recipientName: recipient.name,
documentName: document.title,
documentUrl: `${NEXT_PUBLIC_WEBAPP_URL()}${formatDocumentsPath(document.team?.url)}/${
document.id
documentName: envelope.title,
documentUrl: `${NEXT_PUBLIC_WEBAPP_URL()}${formatDocumentsPath(envelope.team?.url)}/${
envelope.id
}`,
rejectionReason: recipient.rejectionReason || '',
assetBaseUrl: NEXT_PUBLIC_WEBAPP_URL(),
@ -138,7 +143,7 @@ export const run = async ({
address: documentOwner.email,
},
from: DOCUMENSO_INTERNAL_EMAIL, // Purposefully using internal email here.
subject: i18n._(msg`Document "${document.title}" - Rejected by ${recipient.name}`),
subject: i18n._(msg`Document "${envelope.title}" - Rejected by ${recipient.name}`),
html,
text,
});

36
packages/lib/jobs/definitions/emails/send-signing-email.handler.ts
View File

@ -4,6 +4,7 @@ import { msg } from '@lingui/core/macro';
import {
DocumentSource,
DocumentStatus,
EnvelopeType,
OrganisationType,
RecipientRole,
SendStatus,
@ -23,6 +24,7 @@ import { getEmailContext } from '../../../server-only/email/get-email-context';
import { DOCUMENT_AUDIT_LOG_TYPE } from '../../../types/document-audit-logs';
import { extractDerivedDocumentEmailSettings } from '../../../types/document-email';
import { createDocumentAuditLogData } from '../../../utils/document-audit-logs';
import { unsafeBuildEnvelopeIdQuery } from '../../../utils/envelope';
import { renderCustomEmailTemplate } from '../../../utils/render-custom-email-template';
import { renderEmailWithI18N } from '../../../utils/render-email-with-i18n';
import type { JobRunIO } from '../../client/_internal/job';
@ -37,7 +39,7 @@ export const run = async ({
}) => {
const { userId, documentId, recipientId, requestMetadata } = payload;
const [user, document, recipient] = await Promise.all([
const [user, envelope, recipient] = await Promise.all([
prisma.user.findFirstOrThrow({
where: {
id: userId,
@ -48,9 +50,15 @@ export const run = async ({
name: true,
},
}),
prisma.document.findFirstOrThrow({
prisma.envelope.findFirstOrThrow({
where: {
...unsafeBuildEnvelopeIdQuery(
{
type: 'documentId',
id: documentId,
},
EnvelopeType.DOCUMENT,
),
status: DocumentStatus.PENDING,
},
include: {
@ -70,14 +78,14 @@ export const run = async ({
}),
]);
const { documentMeta, team } = document;
const { documentMeta, team } = envelope;
if (recipient.role === RecipientRole.CC) {
return;
}
const isRecipientSigningRequestEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).recipientSigningRequest;
if (!isRecipientSigningRequestEmailEnabled) {
@ -89,13 +97,13 @@ export const run = async ({
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const customEmail = document?.documentMeta;
const isDirectTemplate = document.source === DocumentSource.TEMPLATE_DIRECT_LINK;
const customEmail = envelope?.documentMeta;
const isDirectTemplate = envelope.source === DocumentSource.TEMPLATE_DIRECT_LINK;
const recipientEmailType = RECIPIENT_ROLE_TO_EMAIL_TYPE[recipient.role];
@ -113,7 +121,7 @@ export const run = async ({
if (selfSigner) {
emailMessage = i18n._(
msg`You have initiated the document ${`"${document.title}"`} that requires you to ${recipientActionVerb} it.`,
msg`You have initiated the document ${`"${envelope.title}"`} that requires you to ${recipientActionVerb} it.`,
);
emailSubject = i18n._(msg`Please ${recipientActionVerb} your document`);
}
@ -136,8 +144,8 @@ export const run = async ({
emailMessage = i18n._(
settings.includeSenderDetails
? msg`${inviterName} on behalf of "${team.name}" has invited you to ${recipientActionVerb} the document "${document.title}".`
: msg`${team.name} has invited you to ${recipientActionVerb} the document "${document.title}".`,
? msg`${inviterName} on behalf of "${team.name}" has invited you to ${recipientActionVerb} the document "${envelope.title}".`
: msg`${team.name} has invited you to ${recipientActionVerb} the document "${envelope.title}".`,
);
}
}
@ -145,14 +153,14 @@ export const run = async ({
const customEmailTemplate = {
'signer.name': name,
'signer.email': email,
'document.name': document.title,
'document.name': envelope.title,
};
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
const signDocumentLink = `${NEXT_PUBLIC_WEBAPP_URL()}/sign/${recipient.token}`;
const template = createElement(DocumentInviteEmailTemplate, {
documentName: document.title,
documentName: envelope.title,
inviterName: user.name || undefined,
inviterEmail:
organisationType === OrganisationType.ORGANISATION
@ -210,7 +218,7 @@ export const run = async ({
await prisma.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.EMAIL_SENT,
documentId: document.id,
envelopeId: envelope.id,
user,
requestMetadata,
data: {

12
packages/lib/jobs/definitions/internal/bulk-send-template.handler.ts
View File

@ -99,9 +99,12 @@ export const run = async ({
}
}
const document = await io.runTask(`create-document-${rowIndex}`, async () => {
const envelope = await io.runTask(`create-document-${rowIndex}`, async () => {
return await createDocumentFromTemplate({
templateId: template.id,
id: {
type: 'templateId',
id: template.id,
},
userId,
teamId,
recipients: recipients.map((recipient, index) => {
@ -124,7 +127,10 @@ export const run = async ({
if (sendImmediately) {
await io.runTask(`send-document-${rowIndex}`, async () => {
await sendDocument({
documentId: document.id,
id: {
type: 'envelopeId',
id: envelope.id,
},
userId,
teamId,
requestMetadata: {

87
packages/lib/jobs/definitions/internal/seal-document.handler.ts
View File

@ -1,4 +1,10 @@
import { DocumentStatus, RecipientRole, SigningStatus, WebhookTriggerEvents } from '@prisma/client';
import {
DocumentStatus,
EnvelopeType,
RecipientRole,
SigningStatus,
WebhookTriggerEvents,
} from '@prisma/client';
import { nanoid } from 'nanoid';
import path from 'node:path';
import { PDFDocument } from 'pdf-lib';
@ -22,7 +28,7 @@ import { triggerWebhook } from '../../../server-only/webhooks/trigger/trigger-we
import { DOCUMENT_AUDIT_LOG_TYPE } from '../../../types/document-audit-logs';
import {
ZWebhookDocumentSchema,
mapDocumentToWebhookDocumentPayload,
mapEnvelopeToWebhookDocumentPayload,
} from '../../../types/webhook-payload';
import { prefixedId } from '../../../universal/id';
import { getFileServerSide } from '../../../universal/upload/get-file.server';
@ -30,6 +36,7 @@ import { putPdfFileServerSide } from '../../../universal/upload/put-file.server'
import { fieldsContainUnsignedRequiredField } from '../../../utils/advanced-fields-helpers';
import { isDocumentCompleted } from '../../../utils/document';
import { createDocumentAuditLogData } from '../../../utils/document-audit-logs';
import { mapDocumentIdToSecondaryId } from '../../../utils/envelope';
import type { JobRunIO } from '../../client/_internal/job';
import type { TSealDocumentJobDefinition } from './seal-document';
@ -42,24 +49,35 @@ export const run = async ({
}) => {
const { documentId, sendEmail = true, isResealing = false, requestMetadata } = payload;
const document = await prisma.document.findFirstOrThrow({
const envelope = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
type: EnvelopeType.DOCUMENT,
secondaryId: mapDocumentIdToSecondaryId(documentId),
},
include: {
documentMeta: true,
recipients: true,
envelopeItems: {
select: {
documentDataId: true,
},
},
},
});
// Todo: Envelopes
if (envelope.envelopeItems.length !== 1) {
throw new Error('1 Envelope item required');
}
const settings = await getTeamSettings({
userId: document.userId,
teamId: document.teamId,
userId: envelope.userId,
teamId: envelope.teamId,
});
const isComplete =
document.recipients.some((recipient) => recipient.signingStatus === SigningStatus.REJECTED) ||
document.recipients.every((recipient) => recipient.signingStatus === SigningStatus.SIGNED);
envelope.recipients.some((recipient) => recipient.signingStatus === SigningStatus.REJECTED) ||
envelope.recipients.every((recipient) => recipient.signingStatus === SigningStatus.SIGNED);
if (!isComplete) {
throw new AppError(AppErrorCode.UNKNOWN_ERROR, {
@ -71,13 +89,13 @@ export const run = async ({
// after it has already run through the update task further below.
// eslint-disable-next-line @typescript-eslint/require-await
const documentStatus = await io.runTask('get-document-status', async () => {
return document.status;
return envelope.status;
});
// This is the same case as above.
// eslint-disable-next-line @typescript-eslint/require-await
const documentDataId = await io.runTask('get-document-data-id', async () => {
return document.documentDataId;
return envelope.envelopeItems[0].documentDataId;
});
const documentData = await prisma.documentData.findFirst({
@ -87,12 +105,12 @@ export const run = async ({
});
if (!documentData) {
throw new Error(`Document ${document.id} has no document data`);
throw new Error(`Document ${envelope.id} has no document data`);
}
const recipients = await prisma.recipient.findMany({
where: {
documentId: document.id,
envelopeId: envelope.id,
role: {
not: RecipientRole.CC,
},
@ -111,7 +129,7 @@ export const run = async ({
const fields = await prisma.field.findMany({
where: {
documentId: document.id,
envelopeId: envelope.id,
},
include: {
signature: true,
@ -120,7 +138,7 @@ export const run = async ({
// Skip the field check if the document is rejected
if (!isRejected && fieldsContainUnsignedRequiredField(fields)) {
throw new Error(`Document ${document.id} has unsigned required fields`);
throw new Error(`Document ${envelope.id} has unsigned required fields`);
}
if (isResealing) {
@ -129,10 +147,10 @@ export const run = async ({
documentData.data = documentData.initialData;
}
if (!document.qrToken) {
await prisma.document.update({
if (!envelope.qrToken) {
await prisma.envelope.update({
where: {
id: document.id,
id: envelope.id,
},
data: {
qrToken: prefixedId('qr'),
@ -145,7 +163,7 @@ export const run = async ({
const certificateData = settings.includeSigningCertificate
? await getCertificatePdf({
documentId,
language: document.documentMeta?.language,
language: envelope.documentMeta?.language,
}).catch((e) => {
console.log('Failed to get certificate PDF');
console.error(e);
@ -157,7 +175,7 @@ export const run = async ({
const auditLogData = settings.includeAuditLog
? await getAuditLogsPdf({
documentId,
language: document.documentMeta?.language,
language: envelope.documentMeta?.language,
}).catch((e) => {
console.log('Failed to get audit logs PDF');
console.error(e);
@ -204,7 +222,7 @@ export const run = async ({
for (const field of fields) {
if (field.inserted) {
document.useLegacyFieldInsertion
envelope.useLegacyFieldInsertion
? await legacy_insertFieldInPDF(pdfDoc, field)
: await insertFieldInPDF(pdfDoc, field);
}
@ -217,7 +235,8 @@ export const run = async ({
const pdfBytes = await pdfDoc.save();
const pdfBuffer = await signPdf({ pdf: Buffer.from(pdfBytes) });
const { name } = path.parse(document.title);
// Todo: Envelopes - Use the envelope item title instead.
const { name } = path.parse(envelope.title);
// Add suffix based on document status
const suffix = isRejected ? '_rejected.pdf' : '_signed.pdf';
@ -238,7 +257,7 @@ export const run = async ({
distinctId: nanoid(),
event: 'App: Document Sealed',
properties: {
documentId: document.id,
documentId: envelope.id,
isRejected,
},
});
@ -252,9 +271,9 @@ export const run = async ({
},
});
await tx.document.update({
await tx.envelope.update({
where: {
id: document.id,
id: envelope.id,
},
data: {
status: isRejected ? DocumentStatus.REJECTED : DocumentStatus.COMPLETED,
@ -274,7 +293,7 @@ export const run = async ({
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_COMPLETED,
documentId: document.id,
envelopeId: envelope.id,
requestMetadata,
user: null,
data: {
@ -289,21 +308,23 @@ export const run = async ({
await io.runTask('send-completed-email', async () => {
let shouldSendCompletedEmail = sendEmail && !isResealing && !isRejected;
if (isResealing && !isDocumentCompleted(document.status)) {
if (isResealing && !isDocumentCompleted(envelope.status)) {
shouldSendCompletedEmail = sendEmail;
}
if (shouldSendCompletedEmail) {
await sendCompletedEmail({ documentId, requestMetadata });
await sendCompletedEmail({
id: { type: 'envelopeId', id: envelope.id },
requestMetadata,
});
}
});
const updatedDocument = await prisma.document.findFirstOrThrow({
const updatedEnvelope = await prisma.envelope.findFirstOrThrow({
where: {
id: document.id,
id: envelope.id,
},
include: {
documentData: true,
documentMeta: true,
recipients: true,
},
@ -313,8 +334,8 @@ export const run = async ({
event: isRejected
? WebhookTriggerEvents.DOCUMENT_REJECTED
: WebhookTriggerEvents.DOCUMENT_COMPLETED,
data: ZWebhookDocumentSchema.parse(mapDocumentToWebhookDocumentPayload(updatedDocument)),
userId: updatedDocument.userId,
teamId: updatedDocument.teamId ?? undefined,
data: ZWebhookDocumentSchema.parse(mapEnvelopeToWebhookDocumentPayload(updatedEnvelope)),
userId: updatedEnvelope.userId,
teamId: updatedEnvelope.teamId ?? undefined,
});
};

24
packages/lib/server-only/admin/get-all-documents.ts → packages/lib/server-only/admin/admin-find-documents.ts
View File

@ -1,17 +1,21 @@
import type { Prisma } from '@prisma/client';
import { EnvelopeType, type Prisma } from '@prisma/client';
import { prisma } from '@documenso/prisma';
import type { FindResultResponse } from '../../types/search-params';
export interface FindDocumentsOptions {
export interface AdminFindDocumentsOptions {
query?: string;
page?: number;
perPage?: number;
}
export const findDocuments = async ({ query, page = 1, perPage = 10 }: FindDocumentsOptions) => {
const termFilters: Prisma.DocumentWhereInput | undefined = !query
export const adminFindDocuments = async ({
query,
page = 1,
perPage = 10,
}: AdminFindDocumentsOptions) => {
const termFilters: Prisma.EnvelopeWhereInput | undefined = !query
? undefined
: {
title: {
@ -21,8 +25,9 @@ export const findDocuments = async ({ query, page = 1, perPage = 10 }: FindDocum
};
const [data, count] = await Promise.all([
prisma.document.findMany({
prisma.envelope.findMany({
where: {
type: EnvelopeType.DOCUMENT,
...termFilters,
},
skip: Math.max(page - 1, 0) * perPage,
@ -39,10 +44,17 @@ export const findDocuments = async ({ query, page = 1, perPage = 10 }: FindDocum
},
},
recipients: true,
team: {
select: {
id: true,
url: true,
},
},
},
}),
prisma.document.count({
prisma.envelope.count({
where: {
type: EnvelopeType.DOCUMENT,
...termFilters,
},
}),

35
packages/lib/server-only/document/super-delete-document.ts → packages/lib/server-only/admin/admin-super-delete-document.ts
View File

@ -17,15 +17,18 @@ import { createDocumentAuditLogData } from '../../utils/document-audit-logs';
import { renderEmailWithI18N } from '../../utils/render-email-with-i18n';
import { getEmailContext } from '../email/get-email-context';
export type SuperDeleteDocumentOptions = {
id: number;
export type AdminSuperDeleteDocumentOptions = {
envelopeId: string;
requestMetadata?: RequestMetadata;
};
export const superDeleteDocument = async ({ id, requestMetadata }: SuperDeleteDocumentOptions) => {
const document = await prisma.document.findUnique({
export const adminSuperDeleteDocument = async ({
envelopeId,
requestMetadata,
}: AdminSuperDeleteDocumentOptions) => {
const envelope = await prisma.envelope.findUnique({
where: {
id,
id: envelopeId,
},
include: {
recipients: true,
@ -40,7 +43,7 @@ export const superDeleteDocument = async ({ id, requestMetadata }: SuperDeleteDo
},
});
if (!document) {
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document not found',
});
@ -50,38 +53,38 @@ export const superDeleteDocument = async ({ id, requestMetadata }: SuperDeleteDo
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const { status, user } = document;
const { status, user } = envelope;
const isDocumentDeletedEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).documentDeleted;
// if the document is pending, send cancellation emails to all recipients
if (
status === DocumentStatus.PENDING &&
document.recipients.length > 0 &&
envelope.recipients.length > 0 &&
isDocumentDeletedEmailEnabled
) {
await Promise.all(
document.recipients.map(async (recipient) => {
envelope.recipients.map(async (recipient) => {
if (recipient.sendStatus !== SendStatus.SENT) {
return;
}
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
const template = createElement(DocumentCancelTemplate, {
documentName: document.title,
documentName: envelope.title,
inviterName: user.name || undefined,
inviterEmail: user.email,
assetBaseUrl,
});
const lang = document.documentMeta?.language ?? settings.documentLanguage;
const lang = envelope.documentMeta?.language ?? settings.documentLanguage;
const [html, text] = await Promise.all([
renderEmailWithI18N(template, { lang, branding }),
@ -113,7 +116,7 @@ export const superDeleteDocument = async ({ id, requestMetadata }: SuperDeleteDo
return await prisma.$transaction(async (tx) => {
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
documentId: id,
envelopeId,
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_DELETED,
user,
requestMetadata,
@ -123,6 +126,6 @@ export const superDeleteDocument = async ({ id, requestMetadata }: SuperDeleteDo
}),
});
return await tx.document.delete({ where: { id } });
return await tx.envelope.delete({ where: { id: envelopeId } });
});
};

7
packages/lib/server-only/admin/get-documents-stats.ts
View File

@ -1,8 +1,13 @@
import { EnvelopeType } from '@prisma/client';
import { prisma } from '@documenso/prisma';
import { ExtendedDocumentStatus } from '@documenso/prisma/types/extended-document-status';
export const getDocumentStats = async () => {
const counts = await prisma.document.groupBy({
const counts = await prisma.envelope.groupBy({
where: {
type: EnvelopeType.DOCUMENT,
},
by: ['status'],
_count: {
_all: true,

30
packages/lib/server-only/admin/get-entire-document.ts
View File

@ -1,14 +1,22 @@
import type { EnvelopeType } from '@prisma/client';
import { prisma } from '@documenso/prisma';
export type GetEntireDocumentOptions = {
id: number;
import { AppError, AppErrorCode } from '../../errors/app-error';
import type { EnvelopeIdOptions } from '../../utils/envelope';
import { unsafeBuildEnvelopeIdQuery } from '../../utils/envelope';
export type unsafeGetEntireEnvelopeOptions = {
id: EnvelopeIdOptions;
type: EnvelopeType;
};
export const getEntireDocument = async ({ id }: GetEntireDocumentOptions) => {
const document = await prisma.document.findFirstOrThrow({
where: {
id,
},
/**
* An unauthenticated function that returns the whole envelope
*/
export const unsafeGetEntireEnvelope = async ({ id, type }: unsafeGetEntireEnvelopeOptions) => {
const envelope = await prisma.envelope.findFirst({
where: unsafeBuildEnvelopeIdQuery(id, type),
include: {
documentMeta: true,
user: {
@ -30,5 +38,11 @@ export const getEntireDocument = async ({ id }: GetEntireDocumentOptions) => {
},
});
return document;
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Envelope not found',
});
}
return envelope;
};

13
packages/lib/server-only/admin/get-signing-volume.ts
View File

@ -1,4 +1,4 @@
import { DocumentStatus, SubscriptionStatus } from '@prisma/client';
import { DocumentStatus, EnvelopeType, SubscriptionStatus } from '@prisma/client';
import { kyselyPrisma, sql } from '@documenso/prisma';
@ -31,22 +31,23 @@ export async function getSigningVolume({
.selectFrom('Subscription as s')
.innerJoin('Organisation as o', 's.organisationId', 'o.id')
.leftJoin('Team as t', 'o.id', 't.organisationId')
.leftJoin('Document as d', (join) =>
.leftJoin('Envelope as e', (join) =>
join
.onRef('t.id', '=', 'd.teamId')
.on('d.status', '=', sql.lit(DocumentStatus.COMPLETED))
.on('d.deletedAt', 'is', null),
.onRef('t.id', '=', 'e.teamId')
.on('e.status', '=', sql.lit(DocumentStatus.COMPLETED))
.on('e.deletedAt', 'is', null),
)
.where(sql`s.status = ${SubscriptionStatus.ACTIVE}::"SubscriptionStatus"`)
.where((eb) =>
eb.or([eb('o.name', 'ilike', `%${search}%`), eb('t.name', 'ilike', `%${search}%`)]),
)
.where('e.type', '=', EnvelopeType.DOCUMENT)
.select([
's.id as id',
's.createdAt as createdAt',
's.planId as planId',
sql<string>`COALESCE(o.name, 'Unknown')`.as('name'),
sql<number>`COUNT(DISTINCT d.id)`.as('signingVolume'),
sql<number>`COUNT(DISTINCT e.id)`.as('signingVolume'),
])
.groupBy(['s.id', 'o.name']);

61
packages/lib/server-only/document-meta/upsert-document-meta.ts
View File

@ -1,4 +1,8 @@
import type { DocumentDistributionMethod, DocumentSigningOrder } from '@prisma/client';
import {
type DocumentDistributionMethod,
type DocumentSigningOrder,
EnvelopeType,
} from '@prisma/client';
import { DOCUMENT_AUDIT_LOG_TYPE } from '@documenso/lib/types/document-audit-logs';
import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
@ -11,16 +15,16 @@ import { prisma } from '@documenso/prisma';
import type { SupportedLanguageCodes } from '../../constants/i18n';
import { AppError, AppErrorCode } from '../../errors/app-error';
import type { TDocumentEmailSettings } from '../../types/document-email';
import { getDocumentWhereInput } from '../document/get-document-by-id';
import type { EnvelopeIdOptions } from '../../utils/envelope';
import { getEnvelopeWhereInput } from '../envelope/get-envelope-by-id';
export type CreateDocumentMetaOptions = {
userId: number;
teamId: number;
documentId: number;
id: EnvelopeIdOptions;
subject?: string;
message?: string;
timezone?: string;
password?: string;
dateFormat?: string;
redirectUrl?: string;
emailId?: string | null;
@ -36,15 +40,14 @@ export type CreateDocumentMetaOptions = {
requestMetadata: ApiRequestMetadata;
};
export const upsertDocumentMeta = async ({
export const updateDocumentMeta = async ({
id,
userId,
teamId,
subject,
message,
timezone,
dateFormat,
documentId,
password,
redirectUrl,
signingOrder,
allowDictateNextSigner,
@ -58,26 +61,27 @@ export const upsertDocumentMeta = async ({
language,
requestMetadata,
}: CreateDocumentMetaOptions) => {
const { documentWhereInput, team } = await getDocumentWhereInput({
documentId,
const { envelopeWhereInput, team } = await getEnvelopeWhereInput({
id,
type: null, // Allow updating both documents and templates meta.
userId,
teamId,
});
const document = await prisma.document.findFirst({
where: documentWhereInput,
const envelope = await prisma.envelope.findFirst({
where: envelopeWhereInput,
include: {
documentMeta: true,
},
});
if (!document) {
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document not found',
});
}
const { documentMeta: originalDocumentMeta } = document;
const { documentMeta: originalDocumentMeta } = envelope;
// Validate the emailId belongs to the organisation.
if (emailId) {
@ -96,33 +100,13 @@ export const upsertDocumentMeta = async ({
}
return await prisma.$transaction(async (tx) => {
const upsertedDocumentMeta = await tx.documentMeta.upsert({
const upsertedDocumentMeta = await tx.documentMeta.update({
where: {
documentId,
id: envelope.documentMetaId,
},
create: {
data: {
subject,
message,
password,
dateFormat,
timezone,
documentId,
redirectUrl,
signingOrder,
allowDictateNextSigner,
emailId,
emailReplyTo,
emailSettings,
distributionMethod,
typedSignatureEnabled,
uploadSignatureEnabled,
drawSignatureEnabled,
language,
},
update: {
subject,
message,
password,
dateFormat,
timezone,
redirectUrl,
@ -141,11 +125,12 @@ export const upsertDocumentMeta = async ({
const changes = diffDocumentMetaChanges(originalDocumentMeta ?? {}, upsertedDocumentMeta);
if (changes.length > 0) {
// Create audit logs only for document type envelopes.
if (changes.length > 0 && envelope.type === EnvelopeType.DOCUMENT) {
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_META_UPDATED,
documentId,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {
changes: diffDocumentMetaChanges(originalDocumentMeta ?? {}, upsertedDocumentMeta),

88
packages/lib/server-only/document/complete-document-with-token.ts
View File

@ -1,6 +1,7 @@
import {
DocumentSigningOrder,
DocumentStatus,
EnvelopeType,
RecipientRole,
SendStatus,
SigningStatus,
@ -22,9 +23,11 @@ import type { TRecipientAccessAuth, TRecipientActionAuth } from '../../types/doc
import { DocumentAuth } from '../../types/document-auth';
import {
ZWebhookDocumentSchema,
mapDocumentToWebhookDocumentPayload,
mapEnvelopeToWebhookDocumentPayload,
} from '../../types/webhook-payload';
import { extractDocumentAuthMethods } from '../../utils/document-auth';
import type { EnvelopeIdOptions } from '../../utils/envelope';
import { mapSecondaryIdToDocumentId, unsafeBuildEnvelopeIdQuery } from '../../utils/envelope';
import { getIsRecipientsTurnToSign } from '../recipient/get-is-recipient-turn';
import { triggerWebhook } from '../webhooks/trigger/trigger-webhook';
import { isRecipientAuthorized } from './is-recipient-authorized';
@ -32,7 +35,7 @@ import { sendPendingEmail } from './send-pending-email';
export type CompleteDocumentWithTokenOptions = {
token: string;
documentId: number;
id: EnvelopeIdOptions;
userId?: number;
authOptions?: TRecipientActionAuth;
accessAuthOptions?: TRecipientAccessAuth;
@ -43,10 +46,17 @@ export type CompleteDocumentWithTokenOptions = {
};
};
const getDocument = async ({ token, documentId }: CompleteDocumentWithTokenOptions) => {
return await prisma.document.findFirstOrThrow({
export const completeDocumentWithToken = async ({
token,
id,
userId,
accessAuthOptions,
requestMetadata,
nextSigner,
}: CompleteDocumentWithTokenOptions) => {
const envelope = await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
...unsafeBuildEnvelopeIdQuery(id, EnvelopeType.DOCUMENT),
recipients: {
some: {
token,
@ -62,27 +72,18 @@ const getDocument = async ({ token, documentId }: CompleteDocumentWithTokenOptio
},
},
});
};
export const completeDocumentWithToken = async ({
token,
documentId,
userId,
accessAuthOptions,
requestMetadata,
nextSigner,
}: CompleteDocumentWithTokenOptions) => {
const document = await getDocument({ token, documentId });
const legacyDocumentId = mapSecondaryIdToDocumentId(envelope.secondaryId);
if (document.status !== DocumentStatus.PENDING) {
throw new Error(`Document ${document.id} must be pending`);
if (envelope.status !== DocumentStatus.PENDING) {
throw new Error(`Document ${envelope.id} must be pending`);
}
if (document.recipients.length === 0) {
throw new Error(`Document ${document.id} has no recipient with token ${token}`);
if (envelope.recipients.length === 0) {
throw new Error(`Document ${envelope.id} has no recipient with token ${token}`);
}
const [recipient] = document.recipients;
const [recipient] = envelope.recipients;
if (recipient.signingStatus === SigningStatus.SIGNED) {
throw new Error(`Recipient ${recipient.id} has already signed`);
@ -95,7 +96,7 @@ export const completeDocumentWithToken = async ({
});
}
if (document.documentMeta?.signingOrder === DocumentSigningOrder.SEQUENTIAL) {
if (envelope.documentMeta?.signingOrder === DocumentSigningOrder.SEQUENTIAL) {
const isRecipientsTurn = await getIsRecipientsTurnToSign({ token: recipient.token });
if (!isRecipientsTurn) {
@ -107,7 +108,7 @@ export const completeDocumentWithToken = async ({
const fields = await prisma.field.findMany({
where: {
documentId: document.id,
envelopeId: envelope.id, // Todo: Envelopes - Need to support multi docs.
recipientId: recipient.id,
},
});
@ -118,7 +119,7 @@ export const completeDocumentWithToken = async ({
// Check ACCESS AUTH 2FA validation during document completion
const { derivedRecipientAccessAuth } = extractDocumentAuthMethods({
documentAuth: document.authOptions,
documentAuth: envelope.authOptions,
recipientAuth: recipient.authOptions,
});
@ -131,7 +132,7 @@ export const completeDocumentWithToken = async ({
const isValid = await isRecipientAuthorized({
type: 'ACCESS_2FA',
documentAuthOptions: document.authOptions,
documentAuthOptions: envelope.authOptions,
recipient: recipient,
userId, // Can be undefined for non-account recipients
authOptions: accessAuthOptions,
@ -141,7 +142,7 @@ export const completeDocumentWithToken = async ({
await prisma.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_ACCESS_AUTH_2FA_FAILED,
documentId: document.id,
envelopeId: envelope.id,
data: {
recipientId: recipient.id,
recipientName: recipient.name,
@ -158,7 +159,7 @@ export const completeDocumentWithToken = async ({
await prisma.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_ACCESS_AUTH_2FA_VALIDATED,
documentId: document.id,
envelopeId: envelope.id,
data: {
recipientId: recipient.id,
recipientName: recipient.name,
@ -180,14 +181,14 @@ export const completeDocumentWithToken = async ({
});
const authOptions = extractDocumentAuthMethods({
documentAuth: document.authOptions,
documentAuth: envelope.authOptions,
recipientAuth: recipient.authOptions,
});
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_RECIPIENT_COMPLETED,
documentId: document.id,
envelopeId: envelope.id,
user: {
name: recipient.name,
email: recipient.email,
@ -207,7 +208,7 @@ export const completeDocumentWithToken = async ({
await jobs.triggerJob({
name: 'send.recipient.signed.email',
payload: {
documentId: document.id,
documentId: legacyDocumentId,
recipientId: recipient.id,
},
});
@ -221,7 +222,7 @@ export const completeDocumentWithToken = async ({
role: true,
},
where: {
documentId: document.id,
envelopeId: envelope.id,
signingStatus: {
not: SigningStatus.SIGNED,
},
@ -235,17 +236,17 @@ export const completeDocumentWithToken = async ({
});
if (pendingRecipients.length > 0) {
await sendPendingEmail({ documentId, recipientId: recipient.id });
await sendPendingEmail({ id, recipientId: recipient.id });
if (document.documentMeta?.signingOrder === DocumentSigningOrder.SEQUENTIAL) {
if (envelope.documentMeta?.signingOrder === DocumentSigningOrder.SEQUENTIAL) {
const [nextRecipient] = pendingRecipients;
await prisma.$transaction(async (tx) => {
if (nextSigner && document.documentMeta?.allowDictateNextSigner) {
if (nextSigner && envelope.documentMeta?.allowDictateNextSigner) {
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.RECIPIENT_UPDATED,
documentId: document.id,
envelopeId: envelope.id,
user: {
name: recipient.name,
email: recipient.email,
@ -277,7 +278,7 @@ export const completeDocumentWithToken = async ({
where: { id: nextRecipient.id },
data: {
sendStatus: SendStatus.SENT,
...(nextSigner && document.documentMeta?.allowDictateNextSigner
...(nextSigner && envelope.documentMeta?.allowDictateNextSigner
? {
name: nextSigner.name,
email: nextSigner.email,
@ -289,8 +290,8 @@ export const completeDocumentWithToken = async ({
await jobs.triggerJob({
name: 'send.signing.requested.email',
payload: {
userId: document.userId,
documentId: document.id,
userId: envelope.userId,
documentId: legacyDocumentId,
recipientId: nextRecipient.id,
requestMetadata,
},
@ -299,9 +300,9 @@ export const completeDocumentWithToken = async ({
}
}
const haveAllRecipientsSigned = await prisma.document.findFirst({
const haveAllRecipientsSigned = await prisma.envelope.findFirst({
where: {
id: document.id,
id: envelope.id,
recipients: {
every: {
OR: [{ signingStatus: SigningStatus.SIGNED }, { role: RecipientRole.CC }],
@ -314,15 +315,16 @@ export const completeDocumentWithToken = async ({
await jobs.triggerJob({
name: 'internal.seal-document',
payload: {
documentId: document.id,
documentId: legacyDocumentId,
requestMetadata,
},
});
}
const updatedDocument = await prisma.document.findFirstOrThrow({
const updatedDocument = await prisma.envelope.findFirstOrThrow({
where: {
id: document.id,
id: envelope.id,
type: EnvelopeType.DOCUMENT,
},
include: {
documentMeta: true,
@ -332,7 +334,7 @@ export const completeDocumentWithToken = async ({
await triggerWebhook({
event: WebhookTriggerEvents.DOCUMENT_SIGNED,
data: ZWebhookDocumentSchema.parse(mapDocumentToWebhookDocumentPayload(updatedDocument)),
data: ZWebhookDocumentSchema.parse(mapEnvelopeToWebhookDocumentPayload(updatedDocument)),
userId: updatedDocument.userId,
teamId: updatedDocument.teamId ?? undefined,
});

171
packages/lib/server-only/document/create-document.ts
View File

@ -1,171 +0,0 @@
import { DocumentSource, WebhookTriggerEvents } from '@prisma/client';
import type { DocumentVisibility } from '@prisma/client';
import { normalizePdf as makeNormalizedPdf } from '@documenso/lib/server-only/pdf/normalize-pdf';
import { DOCUMENT_AUDIT_LOG_TYPE } from '@documenso/lib/types/document-audit-logs';
import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
import { prisma } from '@documenso/prisma';
import { AppError, AppErrorCode } from '../../errors/app-error';
import {
ZWebhookDocumentSchema,
mapDocumentToWebhookDocumentPayload,
} from '../../types/webhook-payload';
import { prefixedId } from '../../universal/id';
import { getFileServerSide } from '../../universal/upload/get-file.server';
import { putPdfFileServerSide } from '../../universal/upload/put-file.server';
import { extractDerivedDocumentMeta } from '../../utils/document';
import { determineDocumentVisibility } from '../../utils/document-visibility';
import { buildTeamWhereQuery } from '../../utils/teams';
import { getTeamById } from '../team/get-team';
import { getTeamSettings } from '../team/get-team-settings';
import { triggerWebhook } from '../webhooks/trigger/trigger-webhook';
export type CreateDocumentOptions = {
title: string;
externalId?: string | null;
userId: number;
teamId: number;
documentDataId: string;
formValues?: Record<string, string | number | boolean>;
normalizePdf?: boolean;
timezone?: string;
userTimezone?: string;
requestMetadata: ApiRequestMetadata;
folderId?: string;
};
export const createDocument = async ({
userId,
title,
externalId,
documentDataId,
teamId,
normalizePdf,
formValues,
requestMetadata,
timezone,
userTimezone,
folderId,
}: CreateDocumentOptions) => {
const team = await getTeamById({ userId, teamId });
const settings = await getTeamSettings({
userId,
teamId,
});
let folderVisibility: DocumentVisibility | undefined;
if (folderId) {
const folder = await prisma.folder.findFirst({
where: {
id: folderId,
team: buildTeamWhereQuery({
teamId,
userId,
}),
},
select: {
visibility: true,
},
});
if (!folder) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Folder not found',
});
}
folderVisibility = folder.visibility;
}
if (normalizePdf) {
const documentData = await prisma.documentData.findFirst({
where: {
id: documentDataId,
},
});
if (documentData) {
const buffer = await getFileServerSide(documentData);
const normalizedPdf = await makeNormalizedPdf(Buffer.from(buffer));
const newDocumentData = await putPdfFileServerSide({
name: title.endsWith('.pdf') ? title : `${title}.pdf`,
type: 'application/pdf',
arrayBuffer: async () => Promise.resolve(normalizedPdf),
});
// eslint-disable-next-line require-atomic-updates
documentDataId = newDocumentData.id;
}
}
// userTimezone is last because it's always passed in regardless of the organisation/team settings
// for uploads from the frontend
const timezoneToUse = timezone || settings.documentTimezone || userTimezone;
return await prisma.$transaction(async (tx) => {
const document = await tx.document.create({
data: {
title,
qrToken: prefixedId('qr'),
externalId,
documentDataId,
userId,
teamId,
folderId,
visibility:
folderVisibility ??
determineDocumentVisibility(settings.documentVisibility, team.currentTeamRole),
formValues,
source: DocumentSource.DOCUMENT,
documentMeta: {
create: extractDerivedDocumentMeta(settings, {
timezone: timezoneToUse,
}),
},
},
});
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_CREATED,
documentId: document.id,
metadata: requestMetadata,
data: {
title,
source: {
type: DocumentSource.DOCUMENT,
},
},
}),
});
const createdDocument = await tx.document.findFirst({
where: {
id: document.id,
},
include: {
documentMeta: true,
recipients: true,
},
});
if (!createdDocument) {
throw new Error('Document not found');
}
await triggerWebhook({
event: WebhookTriggerEvents.DOCUMENT_CREATED,
data: ZWebhookDocumentSchema.parse(mapDocumentToWebhookDocumentPayload(createdDocument)),
userId,
teamId,
});
return createdDocument;
});
};

79
packages/lib/server-only/document/delete-document.ts
View File

@ -1,8 +1,8 @@
import { createElement } from 'react';
import { msg } from '@lingui/core/macro';
import type { Document, DocumentMeta, Recipient, User } from '@prisma/client';
import { DocumentStatus, SendStatus, WebhookTriggerEvents } from '@prisma/client';
import type { DocumentMeta, Envelope, Recipient, User } from '@prisma/client';
import { DocumentStatus, EnvelopeType, SendStatus, WebhookTriggerEvents } from '@prisma/client';
import { mailer } from '@documenso/email/mailer';
import DocumentCancelTemplate from '@documenso/email/templates/document-cancel';
@ -15,11 +15,12 @@ import { DOCUMENT_AUDIT_LOG_TYPE } from '../../types/document-audit-logs';
import { extractDerivedDocumentEmailSettings } from '../../types/document-email';
import {
ZWebhookDocumentSchema,
mapDocumentToWebhookDocumentPayload,
mapEnvelopeToWebhookDocumentPayload,
} from '../../types/webhook-payload';
import type { ApiRequestMetadata } from '../../universal/extract-request-metadata';
import { isDocumentCompleted } from '../../utils/document';
import { createDocumentAuditLogData } from '../../utils/document-audit-logs';
import { unsafeBuildEnvelopeIdQuery } from '../../utils/envelope';
import { renderEmailWithI18N } from '../../utils/render-email-with-i18n';
import { getEmailContext } from '../email/get-email-context';
import { getMemberRoles } from '../team/get-member-roles';
@ -50,24 +51,23 @@ export const deleteDocument = async ({
});
}
const document = await prisma.document.findUnique({
where: {
id,
},
// Note: This is an unsafe request, we validate the ownership later in the function.
const envelope = await prisma.envelope.findUnique({
where: unsafeBuildEnvelopeIdQuery({ type: 'documentId', id }, EnvelopeType.DOCUMENT),
include: {
recipients: true,
documentMeta: true,
},
});
if (!document) {
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document not found',
});
}
const isUserTeamMember = await getMemberRoles({
teamId: document.teamId,
teamId: envelope.teamId,
reference: {
type: 'User',
id: userId,
@ -76,8 +76,8 @@ export const deleteDocument = async ({
.then(() => true)
.catch(() => false);
const isUserOwner = document.userId === userId;
const userRecipient = document.recipients.find((recipient) => recipient.email === user.email);
const isUserOwner = envelope.userId === userId;
const userRecipient = envelope.recipients.find((recipient) => recipient.email === user.email);
if (!isUserOwner && !isUserTeamMember && !userRecipient) {
throw new AppError(AppErrorCode.UNAUTHORIZED, {
@ -88,7 +88,7 @@ export const deleteDocument = async ({
// Handle hard or soft deleting the actual document if user has permission.
if (isUserOwner || isUserTeamMember) {
await handleDocumentOwnerDelete({
document,
envelope,
user,
requestMetadata,
});
@ -113,27 +113,16 @@ export const deleteDocument = async ({
await triggerWebhook({
event: WebhookTriggerEvents.DOCUMENT_CANCELLED,
data: ZWebhookDocumentSchema.parse(mapDocumentToWebhookDocumentPayload(document)),
data: ZWebhookDocumentSchema.parse(mapEnvelopeToWebhookDocumentPayload(envelope)),
userId,
teamId,
});
// Return partial document for API v1 response.
return {
id: document.id,
userId: document.userId,
teamId: document.teamId,
title: document.title,
status: document.status,
documentDataId: document.documentDataId,
createdAt: document.createdAt,
updatedAt: document.updatedAt,
completedAt: document.completedAt,
};
return envelope;
};
type HandleDocumentOwnerDeleteOptions = {
document: Document & {
envelope: Envelope & {
recipients: Recipient[];
documentMeta: DocumentMeta | null;
};
@ -142,11 +131,11 @@ type HandleDocumentOwnerDeleteOptions = {
};
const handleDocumentOwnerDelete = async ({
document,
envelope,
user,
requestMetadata,
}: HandleDocumentOwnerDeleteOptions) => {
if (document.deletedAt) {
if (envelope.deletedAt) {
return;
}
@ -154,17 +143,17 @@ const handleDocumentOwnerDelete = async ({
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
// Soft delete completed documents.
if (isDocumentCompleted(document.status)) {
if (isDocumentCompleted(envelope.status)) {
return await prisma.$transaction(async (tx) => {
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
documentId: document.id,
envelopeId: envelope.id,
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_DELETED,
metadata: requestMetadata,
data: {
@ -173,9 +162,9 @@ const handleDocumentOwnerDelete = async ({
}),
});
return await tx.document.update({
return await tx.envelope.update({
where: {
id: document.id,
id: envelope.id,
},
data: {
deletedAt: new Date().toISOString(),
@ -185,12 +174,12 @@ const handleDocumentOwnerDelete = async ({
}
// Hard delete draft and pending documents.
const deletedDocument = await prisma.$transaction(async (tx) => {
const deletedEnvelope = await prisma.$transaction(async (tx) => {
// Currently redundant since deleting a document will delete the audit logs.
// However may be useful if we disassociate audit logs and documents if required.
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
documentId: document.id,
envelopeId: envelope.id,
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_DELETED,
metadata: requestMetadata,
data: {
@ -199,9 +188,9 @@ const handleDocumentOwnerDelete = async ({
}),
});
return await tx.document.delete({
return await tx.envelope.delete({
where: {
id: document.id,
id: envelope.id,
status: {
not: DocumentStatus.COMPLETED,
},
@ -209,17 +198,17 @@ const handleDocumentOwnerDelete = async ({
});
});
const isDocumentDeleteEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
const isEnvelopeDeleteEmailEnabled = extractDerivedDocumentEmailSettings(
envelope.documentMeta,
).documentDeleted;
if (!isDocumentDeleteEmailEnabled) {
return deletedDocument;
if (!isEnvelopeDeleteEmailEnabled) {
return deletedEnvelope;
}
// Send cancellation emails to recipients.
await Promise.all(
document.recipients.map(async (recipient) => {
envelope.recipients.map(async (recipient) => {
if (recipient.sendStatus !== SendStatus.SENT) {
return;
}
@ -227,7 +216,7 @@ const handleDocumentOwnerDelete = async ({
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
const template = createElement(DocumentCancelTemplate, {
documentName: document.title,
documentName: envelope.title,
inviterName: user.name || undefined,
inviterEmail: user.email,
assetBaseUrl,
@ -258,5 +247,5 @@ const handleDocumentOwnerDelete = async ({
}),
);
return deletedDocument;
return deletedEnvelope;
};

140
packages/lib/server-only/document/duplicate-document-by-id.ts
View File

@ -1,5 +1,5 @@
import type { Prisma, Recipient } from '@prisma/client';
import { DocumentSource, WebhookTriggerEvents } from '@prisma/client';
import type { Recipient } from '@prisma/client';
import { DocumentSource, EnvelopeType, WebhookTriggerEvents } from '@prisma/client';
import { omit } from 'remeda';
import { prisma } from '@documenso/prisma';
@ -7,34 +7,35 @@ import { prisma } from '@documenso/prisma';
import { AppError, AppErrorCode } from '../../errors/app-error';
import {
ZWebhookDocumentSchema,
mapDocumentToWebhookDocumentPayload,
mapEnvelopeToWebhookDocumentPayload,
} from '../../types/webhook-payload';
import { nanoid, prefixedId } from '../../universal/id';
import type { EnvelopeIdOptions } from '../../utils/envelope';
import { getEnvelopeWhereInput } from '../envelope/get-envelope-by-id';
import { incrementDocumentId } from '../envelope/increment-id';
import { triggerWebhook } from '../webhooks/trigger/trigger-webhook';
import { getDocumentWhereInput } from './get-document-by-id';
export interface DuplicateDocumentOptions {
documentId: number;
id: EnvelopeIdOptions;
userId: number;
teamId: number;
}
export const duplicateDocument = async ({
documentId,
userId,
teamId,
}: DuplicateDocumentOptions) => {
const { documentWhereInput } = await getDocumentWhereInput({
documentId,
export const duplicateDocument = async ({ id, userId, teamId }: DuplicateDocumentOptions) => {
const { envelopeWhereInput } = await getEnvelopeWhereInput({
id,
type: EnvelopeType.DOCUMENT,
userId,
teamId,
});
const document = await prisma.document.findFirst({
where: documentWhereInput,
const envelope = await prisma.envelope.findFirst({
where: envelopeWhereInput,
select: {
title: true,
userId: true,
envelopeItems: {
include: {
documentData: {
select: {
data: true,
@ -42,6 +43,8 @@ export const duplicateDocument = async ({
type: true,
},
},
},
},
authOptions: true,
visibility: true,
documentMeta: true,
@ -54,44 +57,36 @@ export const duplicateDocument = async ({
fields: true,
},
},
teamId: true,
},
});
if (!document) {
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document not found',
});
}
const documentData = await prisma.documentData.create({
const { documentId, formattedDocumentId } = await incrementDocumentId();
const createdDocumentMeta = await prisma.documentMeta.create({
data: {
type: document.documentData.type,
data: document.documentData.initialData,
initialData: document.documentData.initialData,
...omit(envelope.documentMeta, ['id']),
emailSettings: envelope.documentMeta.emailSettings || undefined,
},
});
let documentMeta: Prisma.DocumentCreateArgs['data']['documentMeta'] | undefined = undefined;
if (document.documentMeta) {
documentMeta = {
create: {
...omit(document.documentMeta, ['id', 'documentId']),
emailSettings: document.documentMeta.emailSettings || undefined,
},
};
}
const createdDocument = await prisma.document.create({
const duplicatedEnvelope = await prisma.envelope.create({
data: {
userId: document.userId,
teamId: teamId,
title: document.title,
documentDataId: documentData.id,
authOptions: document.authOptions || undefined,
visibility: document.visibility,
qrToken: prefixedId('qr'),
documentMeta,
id: prefixedId('envelope'),
secondaryId: formattedDocumentId,
type: EnvelopeType.DOCUMENT,
userId,
teamId,
title: envelope.title,
documentMetaId: createdDocumentMeta.id,
authOptions: envelope.authOptions || undefined,
visibility: envelope.visibility,
source: DocumentSource.DOCUMENT,
},
include: {
@ -100,8 +95,40 @@ export const duplicateDocument = async ({
},
});
const recipientsToCreate = document.recipients.map((recipient) => ({
documentId: createdDocument.id,
// Key = original envelope item ID
// Value = duplicated envelope item ID.
const oldEnvelopeItemToNewEnvelopeItemIdMap: Record<string, string> = {};
// Duplicate the envelope items.
await Promise.all(
envelope.envelopeItems.map(async (envelopeItem) => {
const duplicatedDocumentData = await prisma.documentData.create({
data: {
type: envelopeItem.documentData.type,
data: envelopeItem.documentData.initialData,
initialData: envelopeItem.documentData.initialData,
},
});
const duplicatedEnvelopeItem = await prisma.envelopeItem.create({
data: {
id: prefixedId('envelope_item'),
title: envelopeItem.title,
envelopeId: duplicatedEnvelope.id,
documentDataId: duplicatedDocumentData.id,
},
});
oldEnvelopeItemToNewEnvelopeItemIdMap[envelopeItem.id] = duplicatedEnvelopeItem.id;
}),
);
const recipients: Recipient[] = [];
for (const recipient of envelope.recipients) {
const duplicatedRecipient = await prisma.recipient.create({
data: {
envelopeId: duplicatedEnvelope.id,
email: recipient.email,
name: recipient.name,
role: recipient.role,
@ -110,7 +137,8 @@ export const duplicateDocument = async ({
fields: {
createMany: {
data: recipient.fields.map((field) => ({
documentId: createdDocument.id,
envelopeId: duplicatedEnvelope.id,
envelopeItemId: oldEnvelopeItemToNewEnvelopeItemIdMap[field.envelopeItemId],
type: field.type,
page: field.page,
positionX: field.positionX,
@ -123,30 +151,30 @@ export const duplicateDocument = async ({
})),
},
},
}));
const recipients: Recipient[] = [];
for (const recipientData of recipientsToCreate) {
const newRecipient = await prisma.recipient.create({
data: recipientData,
},
});
recipients.push(newRecipient);
recipients.push(duplicatedRecipient);
}
const refetchedEnvelope = await prisma.envelope.findFirstOrThrow({
where: {
id: duplicatedEnvelope.id,
},
include: {
documentMeta: true,
recipients: true,
},
});
await triggerWebhook({
event: WebhookTriggerEvents.DOCUMENT_CREATED,
data: ZWebhookDocumentSchema.parse({
...mapDocumentToWebhookDocumentPayload(createdDocument),
recipients,
documentMeta: createdDocument.documentMeta,
}),
data: ZWebhookDocumentSchema.parse(mapEnvelopeToWebhookDocumentPayload(refetchedEnvelope)),
userId: userId,
teamId: teamId,
});
return {
documentId: createdDocument.id,
documentId,
};
};

20
packages/lib/server-only/document/find-document-audit-logs.ts
View File

@ -1,4 +1,4 @@
import type { DocumentAuditLog, Prisma } from '@prisma/client';
import { type DocumentAuditLog, EnvelopeType, type Prisma } from '@prisma/client';
import { prisma } from '@documenso/prisma';
@ -6,7 +6,7 @@ import { AppError, AppErrorCode } from '../../errors/app-error';
import { DOCUMENT_AUDIT_LOG_TYPE } from '../../types/document-audit-logs';
import type { FindResultResponse } from '../../types/search-params';
import { parseDocumentAuditLogData } from '../../utils/document-audit-logs';
import { getDocumentWhereInput } from './get-document-by-id';
import { getEnvelopeWhereInput } from '../envelope/get-envelope-by-id';
export interface FindDocumentAuditLogsOptions {
userId: number;
@ -35,22 +35,26 @@ export const findDocumentAuditLogs = async ({
const orderByColumn = orderBy?.column ?? 'createdAt';
const orderByDirection = orderBy?.direction ?? 'desc';
const { documentWhereInput } = await getDocumentWhereInput({
documentId,
const { envelopeWhereInput } = await getEnvelopeWhereInput({
id: {
type: 'documentId',
id: documentId,
},
type: EnvelopeType.DOCUMENT,
userId,
teamId,
});
const document = await prisma.document.findFirst({
where: documentWhereInput,
const envelope = await prisma.envelope.findUnique({
where: envelopeWhereInput,
});
if (!document) {
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND);
}
const whereClause: Prisma.DocumentAuditLogWhereInput = {
documentId,
envelopeId: envelope.id,
};
// Filter events down to what we consider recent activity.

37
packages/lib/server-only/document/find-documents.ts
View File

@ -1,5 +1,5 @@
import type { Document, DocumentSource, Prisma, Team, TeamEmail, User } from '@prisma/client';
import { RecipientRole, SigningStatus, TeamMemberRole } from '@prisma/client';
import type { DocumentSource, Envelope, Prisma, Team, TeamEmail, User } from '@prisma/client';
import { EnvelopeType, RecipientRole, SigningStatus, TeamMemberRole } from '@prisma/client';
import { DateTime } from 'luxon';
import { match } from 'ts-pattern';
@ -22,7 +22,7 @@ export type FindDocumentsOptions = {
page?: number;
perPage?: number;
orderBy?: {
column: keyof Omit<Document, 'document'>;
column: keyof Pick<Envelope, 'createdAt'>;
direction: 'asc' | 'desc';
};
period?: PeriodSelectorValue;
@ -69,7 +69,7 @@ export const findDocuments = async ({
const orderByDirection = orderBy?.direction ?? 'desc';
const teamMemberRole = team?.currentTeamRole ?? null;
const searchFilter: Prisma.DocumentWhereInput = {
const searchFilter: Prisma.EnvelopeWhereInput = {
OR: [
{ title: { contains: query, mode: 'insensitive' } },
{ externalId: { contains: query, mode: 'insensitive' } },
@ -111,7 +111,7 @@ export const findDocuments = async ({
},
];
let filters: Prisma.DocumentWhereInput | null = findDocumentsFilter(status, user, folderId);
let filters: Prisma.EnvelopeWhereInput | null = findDocumentsFilter(status, user, folderId);
if (team) {
filters = findTeamDocumentsFilter(status, team, visibilityFilters, folderId);
@ -127,7 +127,7 @@ export const findDocuments = async ({
};
}
let deletedFilter: Prisma.DocumentWhereInput = {
let deletedFilter: Prisma.EnvelopeWhereInput = {
AND: {
OR: [
{
@ -180,7 +180,7 @@ export const findDocuments = async ({
};
}
const whereAndClause: Prisma.DocumentWhereInput['AND'] = [
const whereAndClause: Prisma.EnvelopeWhereInput['AND'] = [
{ ...filters },
{ ...deletedFilter },
{ ...searchFilter },
@ -198,7 +198,8 @@ export const findDocuments = async ({
});
}
const whereClause: Prisma.DocumentWhereInput = {
const whereClause: Prisma.EnvelopeWhereInput = {
type: EnvelopeType.DOCUMENT,
AND: whereAndClause,
};
@ -225,7 +226,7 @@ export const findDocuments = async ({
}
const [data, count] = await Promise.all([
prisma.document.findMany({
prisma.envelope.findMany({
where: whereClause,
skip: Math.max(page - 1, 0) * perPage,
take: perPage,
@ -249,7 +250,7 @@ export const findDocuments = async ({
},
},
}),
prisma.document.count({
prisma.envelope.count({
where: whereClause,
}),
]);
@ -275,7 +276,7 @@ const findDocumentsFilter = (
user: Pick<User, 'id' | 'email' | 'name'>,
folderId?: string | null,
) => {
return match<ExtendedDocumentStatus, Prisma.DocumentWhereInput>(status)
return match<ExtendedDocumentStatus, Prisma.EnvelopeWhereInput>(status)
.with(ExtendedDocumentStatus.ALL, () => ({
OR: [
{
@ -414,14 +415,14 @@ const findDocumentsFilter = (
const findTeamDocumentsFilter = (
status: ExtendedDocumentStatus,
team: Team & { teamEmail: TeamEmail | null },
visibilityFilters: Prisma.DocumentWhereInput[],
visibilityFilters: Prisma.EnvelopeWhereInput[],
folderId?: string,
) => {
const teamEmail = team.teamEmail?.email ?? null;
return match<ExtendedDocumentStatus, Prisma.DocumentWhereInput | null>(status)
return match<ExtendedDocumentStatus, Prisma.EnvelopeWhereInput | null>(status)
.with(ExtendedDocumentStatus.ALL, () => {
const filter: Prisma.DocumentWhereInput = {
const filter: Prisma.EnvelopeWhereInput = {
// Filter to display all documents that belong to the team.
OR: [
{
@ -483,7 +484,7 @@ const findTeamDocumentsFilter = (
};
})
.with(ExtendedDocumentStatus.DRAFT, () => {
const filter: Prisma.DocumentWhereInput = {
const filter: Prisma.EnvelopeWhereInput = {
OR: [
{
teamId: team.id,
@ -508,7 +509,7 @@ const findTeamDocumentsFilter = (
return filter;
})
.with(ExtendedDocumentStatus.PENDING, () => {
const filter: Prisma.DocumentWhereInput = {
const filter: Prisma.EnvelopeWhereInput = {
OR: [
{
teamId: team.id,
@ -550,7 +551,7 @@ const findTeamDocumentsFilter = (
return filter;
})
.with(ExtendedDocumentStatus.COMPLETED, () => {
const filter: Prisma.DocumentWhereInput = {
const filter: Prisma.EnvelopeWhereInput = {
status: ExtendedDocumentStatus.COMPLETED,
OR: [
{
@ -582,7 +583,7 @@ const findTeamDocumentsFilter = (
return filter;
})
.with(ExtendedDocumentStatus.REJECTED, () => {
const filter: Prisma.DocumentWhereInput = {
const filter: Prisma.EnvelopeWhereInput = {
status: ExtendedDocumentStatus.REJECTED,
OR: [
{

40
packages/lib/server-only/document/get-document-by-access-token.ts
View File

@ -1,5 +1,9 @@
import { DocumentStatus, EnvelopeType } from '@prisma/client';
import { prisma } from '@documenso/prisma';
import { mapSecondaryIdToDocumentId } from '../../utils/envelope';
export type GetDocumentByAccessTokenOptions = {
token: string;
};
@ -9,14 +13,25 @@ export const getDocumentByAccessToken = async ({ token }: GetDocumentByAccessTok
throw new Error('Missing token');
}
const result = await prisma.document.findFirstOrThrow({
const result = await prisma.envelope.findFirstOrThrow({
where: {
type: EnvelopeType.DOCUMENT,
status: DocumentStatus.COMPLETED,
qrToken: token,
},
// Do not provide extra information that is not needed.
select: {
id: true,
secondaryId: true,
title: true,
completedAt: true,
team: {
select: {
url: true,
},
},
envelopeItems: {
select: {
documentData: {
select: {
id: true,
@ -25,14 +40,27 @@ export const getDocumentByAccessToken = async ({ token }: GetDocumentByAccessTok
initialData: true,
},
},
documentMeta: {
},
},
_count: {
select: {
password: true,
},
},
recipients: true,
},
},
},
});
return result;
// Todo: Envelopes
if (!result.envelopeItems[0].documentData) {
throw new Error('Missing document data');
}
return {
id: mapSecondaryIdToDocumentId(result.secondaryId),
title: result.title,
completedAt: result.completedAt,
documentData: result.envelopeItems[0].documentData,
recipientCount: result._count.recipients,
documentTeamUrl: result.team.url,
};
};

156
packages/lib/server-only/document/get-document-by-id.ts
View File

@ -1,156 +0,0 @@
import type { Prisma } from '@prisma/client';
import { DocumentStatus, TeamMemberRole } from '@prisma/client';
import { match } from 'ts-pattern';
import { prisma } from '@documenso/prisma';
import { AppError, AppErrorCode } from '../../errors/app-error';
import { DocumentVisibility } from '../../types/document-visibility';
import { getTeamById } from '../team/get-team';
export type GetDocumentByIdOptions = {
documentId: number;
userId: number;
teamId: number;
folderId?: string;
};
export const getDocumentById = async ({
documentId,
userId,
teamId,
folderId,
}: GetDocumentByIdOptions) => {
const { documentWhereInput } = await getDocumentWhereInput({
documentId,
userId,
teamId,
});
const document = await prisma.document.findFirst({
where: {
...documentWhereInput,
folderId,
},
include: {
documentData: true,
documentMeta: true,
user: {
select: {
id: true,
name: true,
email: true,
},
},
recipients: {
select: {
email: true,
},
},
team: {
select: {
id: true,
url: true,
},
},
},
});
if (!document) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document could not be found',
});
}
return document;
};
export type GetDocumentWhereInputOptions = {
documentId: number;
userId: number;
teamId: number;
};
/**
* Generate the where input for a given Prisma document query.
*
* This will return a query that allows a user to get a document if they have valid access to it.
*/
export const getDocumentWhereInput = async ({
documentId,
userId,
teamId,
}: GetDocumentWhereInputOptions) => {
const team = await getTeamById({ teamId, userId });
const user = await prisma.user.findFirstOrThrow({
where: {
id: userId,
},
});
const teamVisibilityFilters = match(team.currentTeamRole)
.with(TeamMemberRole.ADMIN, () => [
DocumentVisibility.EVERYONE,
DocumentVisibility.MANAGER_AND_ABOVE,
DocumentVisibility.ADMIN,
])
.with(TeamMemberRole.MANAGER, () => [
DocumentVisibility.EVERYONE,
DocumentVisibility.MANAGER_AND_ABOVE,
])
.otherwise(() => [DocumentVisibility.EVERYONE]);
const documentOrInput: Prisma.DocumentWhereInput[] = [
// Allow access if they own the document.
{
userId,
},
// Or, if they belong to the team that the document is associated with.
{
visibility: {
in: teamVisibilityFilters,
},
teamId: team.id,
},
// Or, if they are a recipient of the document.
{
status: {
not: DocumentStatus.DRAFT,
},
recipients: {
some: {
email: user.email,
},
},
},
];
// Allow access to documents sent to or from the team email.
if (team.teamEmail) {
documentOrInput.push(
{
recipients: {
some: {
email: team.teamEmail.email,
},
},
},
{
user: {
email: team.teamEmail.email,
},
},
);
}
const documentWhereInput: Prisma.DocumentWhereUniqueInput = {
id: documentId,
OR: documentOrInput,
};
return {
documentWhereInput,
team,
};
};

86
packages/lib/server-only/document/get-document-by-token.ts
View File

@ -1,8 +1,10 @@
import { EnvelopeType } from '@prisma/client';
import { prisma } from '@documenso/prisma';
import type { DocumentWithRecipient } from '@documenso/prisma/types/document-with-recipient';
import { AppError, AppErrorCode } from '../../errors/app-error';
import type { TDocumentAuthMethods } from '../../types/document-auth';
import { mapSecondaryIdToDocumentId } from '../../utils/envelope';
import { isRecipientAuthorized } from './is-recipient-authorized';
export interface GetDocumentAndSenderByTokenOptions {
@ -39,8 +41,9 @@ export const getDocumentByToken = async ({ token }: GetDocumentByTokenOptions) =
throw new Error('Missing token');
}
const result = await prisma.document.findFirstOrThrow({
const result = await prisma.envelope.findFirstOrThrow({
where: {
type: EnvelopeType.DOCUMENT,
recipients: {
some: {
token,
@ -64,8 +67,9 @@ export const getDocumentAndSenderByToken = async ({
throw new Error('Missing token');
}
const result = await prisma.document.findFirstOrThrow({
const result = await prisma.envelope.findFirstOrThrow({
where: {
type: EnvelopeType.DOCUMENT,
recipients: {
some: {
token,
@ -80,13 +84,17 @@ export const getDocumentAndSenderByToken = async ({
name: true,
},
},
documentData: true,
documentMeta: true,
recipients: {
where: {
token,
},
},
envelopeItems: {
select: {
documentData: true,
},
},
team: {
select: {
name: true,
@ -102,6 +110,13 @@ export const getDocumentAndSenderByToken = async ({
},
});
// Todo: Envelopes
const firstDocumentData = result.envelopeItems[0].documentData;
if (!firstDocumentData) {
throw new Error('Missing document data');
}
const recipient = result.recipients[0];
// Sanity check, should not be possible.
@ -127,6 +142,8 @@ export const getDocumentAndSenderByToken = async ({
});
}
const legacyDocumentId = mapSecondaryIdToDocumentId(result.secondaryId);
return {
...result,
user: {
@ -134,64 +151,7 @@ export const getDocumentAndSenderByToken = async ({
email: result.user.email,
name: result.user.name,
},
documentData: firstDocumentData,
id: legacyDocumentId,
};
};
/**
* Get a Document and a Recipient by the recipient token.
*/
export const getDocumentAndRecipientByToken = async ({
token,
userId,
accessAuth,
requireAccessAuth = true,
}: GetDocumentAndRecipientByTokenOptions): Promise<DocumentWithRecipient> => {
if (!token) {
throw new Error('Missing token');
}
const result = await prisma.document.findFirstOrThrow({
where: {
recipients: {
some: {
token,
},
},
},
include: {
recipients: {
where: {
token,
},
},
documentData: true,
},
});
const [recipient] = result.recipients;
// Sanity check, should not be possible.
if (!recipient) {
throw new Error('Missing recipient');
}
let documentAccessValid = true;
if (requireAccessAuth) {
documentAccessValid = await isRecipientAuthorized({
type: 'ACCESS',
documentAuthOptions: result.authOptions,
recipient,
userId,
authOptions: accessAuth,
});
}
if (!documentAccessValid) {
throw new AppError(AppErrorCode.UNAUTHORIZED, {
message: 'Invalid access values',
});
}
return result;
};

6
packages/lib/server-only/document/get-document-certificate-audit-logs.ts
View File

@ -4,15 +4,15 @@ import { DOCUMENT_AUDIT_LOG_TYPE, DOCUMENT_EMAIL_TYPE } from '../../types/docume
import { parseDocumentAuditLogData } from '../../utils/document-audit-logs';
export type GetDocumentCertificateAuditLogsOptions = {
id: number;
envelopeId: string;
};
export const getDocumentCertificateAuditLogs = async ({
id,
envelopeId,
}: GetDocumentCertificateAuditLogsOptions) => {
const rawAuditLogs = await prisma.documentAuditLog.findMany({
where: {
documentId: id,
envelopeId,
type: {
in: [
DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_RECIPIENT_COMPLETED,

81
packages/lib/server-only/document/get-document-with-details-by-id.ts
View File

@ -1,67 +1,52 @@
import { prisma } from '@documenso/prisma';
import { EnvelopeType } from '@prisma/client';
import { AppError, AppErrorCode } from '../../errors/app-error';
import { getDocumentWhereInput } from './get-document-by-id';
import { type EnvelopeIdOptions, mapSecondaryIdToDocumentId } from '../../utils/envelope';
import { getEnvelopeById } from '../envelope/get-envelope-by-id';
export type GetDocumentWithDetailsByIdOptions = {
documentId: number;
id: EnvelopeIdOptions;
userId: number;
teamId: number;
};
export const getDocumentWithDetailsById = async ({
documentId,
id,
userId,
teamId,
}: GetDocumentWithDetailsByIdOptions) => {
const { documentWhereInput } = await getDocumentWhereInput({
documentId,
const envelope = await getEnvelopeById({
id,
type: EnvelopeType.DOCUMENT,
userId,
teamId,
});
const document = await prisma.document.findFirst({
where: {
...documentWhereInput,
},
include: {
documentData: true,
documentMeta: true,
recipients: true,
folder: true,
fields: {
include: {
signature: true,
recipient: {
select: {
name: true,
email: true,
signingStatus: true,
},
},
},
},
team: {
select: {
id: true,
url: true,
},
},
user: {
select: {
id: true,
name: true,
email: true,
},
},
},
});
const legacyDocumentId = mapSecondaryIdToDocumentId(envelope.secondaryId);
if (!document) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document not found',
});
// Todo: Envelopes
const firstDocumentData = envelope.envelopeItems[0].documentData;
if (!firstDocumentData) {
throw new Error('Document data not found');
}
return document;
return {
...envelope,
documentData: firstDocumentData,
id: legacyDocumentId,
fields: envelope.fields.map((field) => ({
...field,
documentId: legacyDocumentId,
})),
user: {
id: envelope.userId,
name: envelope.user.name,
email: envelope.user.email,
},
team: {
id: envelope.teamId,
url: envelope.team.url,
},
recipients: envelope.recipients,
};
};

6
packages/lib/server-only/document/get-recipient-or-sender-by-share-link-slug.ts
View File

@ -7,7 +7,7 @@ export type GetRecipientOrSenderByShareLinkSlugOptions = {
export const getRecipientOrSenderByShareLinkSlug = async ({
slug,
}: GetRecipientOrSenderByShareLinkSlugOptions) => {
const { documentId, email } = await prisma.documentShareLink.findFirstOrThrow({
const { envelopeId, email } = await prisma.documentShareLink.findFirstOrThrow({
where: {
slug,
},
@ -15,7 +15,7 @@ export const getRecipientOrSenderByShareLinkSlug = async ({
const sender = await prisma.user.findFirst({
where: {
documents: { some: { id: documentId } },
envelopes: { some: { id: envelopeId } },
email,
},
select: {
@ -31,7 +31,7 @@ export const getRecipientOrSenderByShareLinkSlug = async ({
const recipient = await prisma.recipient.findFirst({
where: {
documentId,
envelopeId,
email,
},
select: {

41
packages/lib/server-only/document/get-stats.ts
View File

@ -1,4 +1,4 @@
import { TeamMemberRole } from '@prisma/client';
import { EnvelopeType, TeamMemberRole } from '@prisma/client';
import type { Prisma, User } from '@prisma/client';
import { SigningStatus } from '@prisma/client';
import { DocumentVisibility } from '@prisma/client';
@ -25,7 +25,7 @@ export const getStats = async ({
folderId,
...options
}: GetStatsInput) => {
let createdAt: Prisma.DocumentWhereInput['createdAt'];
let createdAt: Prisma.EnvelopeWhereInput['createdAt'];
if (period) {
const daysAgo = parseInt(period.replace(/d$/, ''), 10);
@ -90,13 +90,13 @@ export const getStats = async ({
type GetCountsOption = {
user: Pick<User, 'id' | 'email'>;
createdAt: Prisma.DocumentWhereInput['createdAt'];
createdAt: Prisma.EnvelopeWhereInput['createdAt'];
search?: string;
folderId?: string | null;
};
const getCounts = async ({ user, createdAt, search, folderId }: GetCountsOption) => {
const searchFilter: Prisma.DocumentWhereInput = {
const searchFilter: Prisma.EnvelopeWhereInput = {
OR: [
{ title: { contains: search, mode: 'insensitive' } },
{ recipients: { some: { name: { contains: search, mode: 'insensitive' } } } },
@ -108,12 +108,13 @@ const getCounts = async ({ user, createdAt, search, folderId }: GetCountsOption)
return Promise.all([
// Owner counts.
prisma.document.groupBy({
prisma.envelope.groupBy({
by: ['status'],
_count: {
_all: true,
},
where: {
type: EnvelopeType.DOCUMENT,
userId: user.id,
createdAt,
deletedAt: null,
@ -121,12 +122,13 @@ const getCounts = async ({ user, createdAt, search, folderId }: GetCountsOption)
},
}),
// Not signed counts.
prisma.document.groupBy({
prisma.envelope.groupBy({
by: ['status'],
_count: {
_all: true,
},
where: {
type: EnvelopeType.DOCUMENT,
status: ExtendedDocumentStatus.PENDING,
recipients: {
some: {
@ -140,12 +142,13 @@ const getCounts = async ({ user, createdAt, search, folderId }: GetCountsOption)
},
}),
// Has signed counts.
prisma.document.groupBy({
prisma.envelope.groupBy({
by: ['status'],
_count: {
_all: true,
},
where: {
type: EnvelopeType.DOCUMENT,
createdAt,
user: {
email: {
@ -186,7 +189,7 @@ type GetTeamCountsOption = {
senderIds?: number[];
currentUserEmail: string;
userId: number;
createdAt: Prisma.DocumentWhereInput['createdAt'];
createdAt: Prisma.EnvelopeWhereInput['createdAt'];
currentTeamMemberRole?: TeamMemberRole;
search?: string;
folderId?: string | null;
@ -197,14 +200,14 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
const senderIds = options.senderIds ?? [];
const userIdWhereClause: Prisma.DocumentWhereInput['userId'] =
const userIdWhereClause: Prisma.EnvelopeWhereInput['userId'] =
senderIds.length > 0
? {
in: senderIds,
}
: undefined;
const searchFilter: Prisma.DocumentWhereInput = {
const searchFilter: Prisma.EnvelopeWhereInput = {
OR: [
{ title: { contains: options.search, mode: 'insensitive' } },
{ recipients: { some: { name: { contains: options.search, mode: 'insensitive' } } } },
@ -212,7 +215,8 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
],
};
let ownerCountsWhereInput: Prisma.DocumentWhereInput = {
let ownerCountsWhereInput: Prisma.EnvelopeWhereInput = {
type: EnvelopeType.DOCUMENT,
userId: userIdWhereClause,
createdAt,
teamId,
@ -223,7 +227,7 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
let notSignedCountsGroupByArgs = null;
let hasSignedCountsGroupByArgs = null;
const visibilityFiltersWhereInput: Prisma.DocumentWhereInput = {
const visibilityFiltersWhereInput: Prisma.EnvelopeWhereInput = {
AND: [
{ deletedAt: null },
{
@ -267,6 +271,7 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
if (teamEmail) {
ownerCountsWhereInput = {
type: EnvelopeType.DOCUMENT,
userId: userIdWhereClause,
createdAt,
OR: [
@ -288,6 +293,7 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
_all: true,
},
where: {
type: EnvelopeType.DOCUMENT,
userId: userIdWhereClause,
createdAt,
folderId,
@ -301,7 +307,7 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
},
deletedAt: null,
},
} satisfies Prisma.DocumentGroupByArgs;
} satisfies Prisma.EnvelopeGroupByArgs;
hasSignedCountsGroupByArgs = {
by: ['status'],
@ -309,6 +315,7 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
_all: true,
},
where: {
type: EnvelopeType.DOCUMENT,
userId: userIdWhereClause,
createdAt,
folderId,
@ -336,18 +343,18 @@ const getTeamCounts = async (options: GetTeamCountsOption) => {
},
],
},
} satisfies Prisma.DocumentGroupByArgs;
} satisfies Prisma.EnvelopeGroupByArgs;
}
return Promise.all([
prisma.document.groupBy({
prisma.envelope.groupBy({
by: ['status'],
_count: {
_all: true,
},
where: ownerCountsWhereInput,
}),
notSignedCountsGroupByArgs ? prisma.document.groupBy(notSignedCountsGroupByArgs) : [],
hasSignedCountsGroupByArgs ? prisma.document.groupBy(hasSignedCountsGroupByArgs) : [],
notSignedCountsGroupByArgs ? prisma.envelope.groupBy(notSignedCountsGroupByArgs) : [],
hasSignedCountsGroupByArgs ? prisma.envelope.groupBy(hasSignedCountsGroupByArgs) : [],
]);
};

7
packages/lib/server-only/document/is-recipient-authorized.ts
View File

@ -1,4 +1,4 @@
import type { Document, Recipient } from '@prisma/client';
import type { Envelope, Recipient } from '@prisma/client';
import { verifyAuthenticationResponse } from '@simplewebauthn/server';
import { match } from 'ts-pattern';
@ -17,8 +17,8 @@ import { extractDocumentAuthMethods } from '../../utils/document-auth';
type IsRecipientAuthorizedOptions = {
// !: Probably find a better name than 'ACCESS_2FA' if requirements change.
type: 'ACCESS' | 'ACCESS_2FA' | 'ACTION';
documentAuthOptions: Document['authOptions'];
recipient: Pick<Recipient, 'authOptions' | 'email' | 'documentId'>;
documentAuthOptions: Envelope['authOptions'];
recipient: Pick<Recipient, 'authOptions' | 'email'>;
/**
* The ID of the user who initiated the request.
@ -125,6 +125,7 @@ export const isRecipientAuthorized = async ({
}
if (type === 'ACCESS_2FA' && method === 'email') {
// Todo: Envelopes - Need to pass in the secondary ID to parse the document ID for.
if (!recipient.documentId) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document ID is required for email 2FA verification',

26
packages/lib/server-only/document/reject-document-with-token.ts
View File

@ -1,4 +1,4 @@
import { SigningStatus } from '@prisma/client';
import { EnvelopeType, SigningStatus } from '@prisma/client';
import { jobs } from '@documenso/lib/jobs/client';
import { prisma } from '@documenso/prisma';
@ -7,17 +7,19 @@ import { AppError, AppErrorCode } from '../../errors/app-error';
import { DOCUMENT_AUDIT_LOG_TYPE } from '../../types/document-audit-logs';
import type { RequestMetadata } from '../../universal/extract-request-metadata';
import { createDocumentAuditLogData } from '../../utils/document-audit-logs';
import type { EnvelopeIdOptions } from '../../utils/envelope';
import { mapSecondaryIdToDocumentId, unsafeBuildEnvelopeIdQuery } from '../../utils/envelope';
export type RejectDocumentWithTokenOptions = {
token: string;
documentId: number;
id: EnvelopeIdOptions;
reason: string;
requestMetadata?: RequestMetadata;
};
export async function rejectDocumentWithToken({
token,
documentId,
id,
reason,
requestMetadata,
}: RejectDocumentWithTokenOptions) {
@ -25,16 +27,16 @@ export async function rejectDocumentWithToken({
const recipient = await prisma.recipient.findFirst({
where: {
token,
documentId,
envelope: unsafeBuildEnvelopeIdQuery(id, EnvelopeType.DOCUMENT),
},
include: {
document: true,
envelope: true,
},
});
const document = recipient?.document;
const envelope = recipient?.envelope;
if (!recipient || !document) {
if (!recipient || !envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document or recipient not found',
});
@ -54,7 +56,7 @@ export async function rejectDocumentWithToken({
}),
prisma.documentAuditLog.create({
data: createDocumentAuditLogData({
documentId,
envelopeId: envelope.id,
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_RECIPIENT_REJECTED,
user: {
name: recipient.name,
@ -72,11 +74,13 @@ export async function rejectDocumentWithToken({
}),
]);
const legacyDocumentId = mapSecondaryIdToDocumentId(envelope.secondaryId);
// Trigger the seal document job to process the document asynchronously
await jobs.triggerJob({
name: 'internal.seal-document',
payload: {
documentId,
documentId: legacyDocumentId,
requestMetadata,
},
});
@ -86,7 +90,7 @@ export async function rejectDocumentWithToken({
name: 'send.signing.rejected.emails',
payload: {
recipientId: recipient.id,
documentId,
documentId: legacyDocumentId,
},
});
@ -94,7 +98,7 @@ export async function rejectDocumentWithToken({
await jobs.triggerJob({
name: 'send.document.cancelled.emails',
payload: {
documentId,
documentId: legacyDocumentId,
cancellationReason: reason,
requestMetadata,
},

69
packages/lib/server-only/document/resend-document.ts
View File

@ -1,7 +1,13 @@
import { createElement } from 'react';
import { msg } from '@lingui/core/macro';
import { DocumentStatus, OrganisationType, RecipientRole, SigningStatus } from '@prisma/client';
import {
DocumentStatus,
EnvelopeType,
OrganisationType,
RecipientRole,
SigningStatus,
} from '@prisma/client';
import { mailer } from '@documenso/email/mailer';
import { DocumentInviteEmailTemplate } from '@documenso/email/templates/document-invite';
@ -21,7 +27,7 @@ import { extractDerivedDocumentEmailSettings } from '../../types/document-email'
import { isDocumentCompleted } from '../../utils/document';
import { renderEmailWithI18N } from '../../utils/render-email-with-i18n';
import { getEmailContext } from '../email/get-email-context';
import { getDocumentWhereInput } from './get-document-by-id';
import { getEnvelopeWhereInput } from '../envelope/get-envelope-by-id';
export type ResendDocumentOptions = {
documentId: number;
@ -42,16 +48,25 @@ export const resendDocument = async ({
where: {
id: userId,
},
select: {
id: true,
email: true,
name: true,
},
});
const { documentWhereInput } = await getDocumentWhereInput({
documentId,
const { envelopeWhereInput } = await getEnvelopeWhereInput({
id: {
type: 'documentId',
id: documentId,
},
type: EnvelopeType.DOCUMENT,
userId,
teamId,
});
const document = await prisma.document.findUnique({
where: documentWhereInput,
const envelope = await prisma.envelope.findUnique({
where: envelopeWhereInput,
include: {
recipients: true,
documentMeta: true,
@ -64,31 +79,29 @@ export const resendDocument = async ({
},
});
const customEmail = document?.documentMeta;
if (!document) {
if (!envelope) {
throw new Error('Document not found');
}
if (document.recipients.length === 0) {
if (envelope.recipients.length === 0) {
throw new Error('Document has no recipients');
}
if (document.status === DocumentStatus.DRAFT) {
if (envelope.status === DocumentStatus.DRAFT) {
throw new Error('Can not send draft document');
}
if (isDocumentCompleted(document.status)) {
if (isDocumentCompleted(envelope.status)) {
throw new Error('Can not send completed document');
}
const recipientsToRemind = document.recipients.filter(
const recipientsToRemind = envelope.recipients.filter(
(recipient) =>
recipients.includes(recipient.id) && recipient.signingStatus === SigningStatus.NOT_SIGNED,
);
const isRecipientSigningRequestEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).recipientSigningRequest;
if (!isRecipientSigningRequestEmailEnabled) {
@ -100,9 +113,9 @@ export const resendDocument = async ({
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
await Promise.all(
@ -122,42 +135,42 @@ export const resendDocument = async ({
._(RECIPIENT_ROLES_DESCRIPTION[recipient.role].actionVerb)
.toLowerCase();
let emailMessage = customEmail?.message || '';
let emailMessage = envelope.documentMeta.message || '';
let emailSubject = i18n._(msg`Reminder: Please ${recipientActionVerb} this document`);
if (selfSigner) {
emailMessage = i18n._(
msg`You have initiated the document ${`"${document.title}"`} that requires you to ${recipientActionVerb} it.`,
msg`You have initiated the document ${`"${envelope.title}"`} that requires you to ${recipientActionVerb} it.`,
);
emailSubject = i18n._(msg`Reminder: Please ${recipientActionVerb} your document`);
}
if (organisationType === OrganisationType.ORGANISATION) {
emailSubject = i18n._(
msg`Reminder: ${document.team.name} invited you to ${recipientActionVerb} a document`,
msg`Reminder: ${envelope.team.name} invited you to ${recipientActionVerb} a document`,
);
emailMessage =
customEmail?.message ||
envelope.documentMeta.message ||
i18n._(
msg`${user.name || user.email} on behalf of "${document.team.name}" has invited you to ${recipientActionVerb} the document "${document.title}".`,
msg`${user.name || user.email} on behalf of "${envelope.team.name}" has invited you to ${recipientActionVerb} the document "${envelope.title}".`,
);
}
const customEmailTemplate = {
'signer.name': name,
'signer.email': email,
'document.name': document.title,
'document.name': envelope.title,
};
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
const signDocumentLink = `${NEXT_PUBLIC_WEBAPP_URL()}/sign/${recipient.token}`;
const template = createElement(DocumentInviteEmailTemplate, {
documentName: document.title,
documentName: envelope.title,
inviterName: user.name || undefined,
inviterEmail:
organisationType === OrganisationType.ORGANISATION
? document.team?.teamEmail?.email || user.email
? envelope.team?.teamEmail?.email || user.email
: user.email,
assetBaseUrl,
signDocumentLink,
@ -165,7 +178,7 @@ export const resendDocument = async ({
role: recipient.role,
selfSigner,
organisationType,
teamName: document.team?.name,
teamName: envelope.team?.name,
});
const [html, text] = await Promise.all([
@ -189,9 +202,9 @@ export const resendDocument = async ({
},
from: senderEmail,
replyTo: replyToEmail,
subject: customEmail?.subject
subject: envelope.documentMeta.subject
? renderCustomEmailTemplate(
i18n._(msg`Reminder: ${customEmail.subject}`),
i18n._(msg`Reminder: ${envelope.documentMeta.subject}`),
customEmailTemplate,
)
: emailSubject,
@ -202,7 +215,7 @@ export const resendDocument = async ({
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.EMAIL_SENT,
documentId: document.id,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {
emailType: recipientEmailType,

122
packages/lib/server-only/document/seal-document.ts
View File

@ -1,4 +1,10 @@
import { DocumentStatus, RecipientRole, SigningStatus, WebhookTriggerEvents } from '@prisma/client';
import {
DocumentStatus,
EnvelopeType,
RecipientRole,
SigningStatus,
WebhookTriggerEvents,
} from '@prisma/client';
import { nanoid } from 'nanoid';
import path from 'node:path';
import { PDFDocument } from 'pdf-lib';
@ -11,12 +17,17 @@ import { signPdf } from '@documenso/signing';
import {
ZWebhookDocumentSchema,
mapDocumentToWebhookDocumentPayload,
mapEnvelopeToWebhookDocumentPayload,
} from '../../types/webhook-payload';
import type { RequestMetadata } from '../../universal/extract-request-metadata';
import { getFileServerSide } from '../../universal/upload/get-file.server';
import { putPdfFileServerSide } from '../../universal/upload/put-file.server';
import { fieldsContainUnsignedRequiredField } from '../../utils/advanced-fields-helpers';
import {
type EnvelopeIdOptions,
mapSecondaryIdToDocumentId,
unsafeBuildEnvelopeIdQuery,
} from '../../utils/envelope';
import { getAuditLogsPdf } from '../htmltopdf/get-audit-logs-pdf';
import { getCertificatePdf } from '../htmltopdf/get-certificate-pdf';
import { addRejectionStampToPdf } from '../pdf/add-rejection-stamp-to-pdf';
@ -30,47 +41,61 @@ import { triggerWebhook } from '../webhooks/trigger/trigger-webhook';
import { sendCompletedEmail } from './send-completed-email';
export type SealDocumentOptions = {
documentId: number;
id: EnvelopeIdOptions;
sendEmail?: boolean;
isResealing?: boolean;
requestMetadata?: RequestMetadata;
};
export const sealDocument = async ({
documentId,
id,
sendEmail = true,
isResealing = false,
requestMetadata,
}: SealDocumentOptions) => {
const document = await prisma.document.findFirstOrThrow({
where: {
id: documentId,
const envelope = await prisma.envelope.findFirstOrThrow({
where: unsafeBuildEnvelopeIdQuery(id, EnvelopeType.DOCUMENT),
include: {
envelopeItems: {
select: {
id: true,
documentData: true,
},
include: {
documentData: true,
documentMeta: true,
recipients: true,
field: {
include: {
signature: true,
},
});
const { documentData } = document;
if (!documentData) {
throw new Error(`Document ${document.id} has no document data`);
}
const settings = await getTeamSettings({
userId: document.userId,
teamId: document.teamId,
});
const recipients = await prisma.recipient.findMany({
},
},
},
documentMeta: true,
recipients: {
where: {
documentId: document.id,
role: {
not: RecipientRole.CC,
},
},
},
},
});
// Todo: Envelopes
const envelopeItemToSeal = envelope.envelopeItems[0];
// Todo: Envelopes
if (envelope.envelopeItems.length !== 1 || !envelopeItemToSeal) {
throw new Error(`Document ${envelope.id} needs exactly 1 envelope item`);
}
const legacyDocumentId = mapSecondaryIdToDocumentId(envelope.secondaryId);
const documentData = envelopeItemToSeal.documentData;
const fields = envelopeItemToSeal.field; // Todo: Envelopes - This only takes in the first envelope item fields.
const recipients = envelope.recipients;
const settings = await getTeamSettings({
userId: envelope.userId,
teamId: envelope.teamId,
});
// Determine if the document has been rejected by checking if any recipient has rejected it
@ -88,21 +113,12 @@ export const sealDocument = async ({
!isRejected &&
recipients.some((recipient) => recipient.signingStatus !== SigningStatus.SIGNED)
) {
throw new Error(`Document ${document.id} has unsigned recipients`);
throw new Error(`Envelope ${envelope.id} has unsigned recipients`);
}
const fields = await prisma.field.findMany({
where: {
documentId: document.id,
},
include: {
signature: true,
},
});
// Skip the field check if the document is rejected
if (!isRejected && fieldsContainUnsignedRequiredField(fields)) {
throw new Error(`Document ${document.id} has unsigned required fields`);
throw new Error(`Document ${envelope.id} has unsigned required fields`);
}
if (isResealing) {
@ -116,8 +132,8 @@ export const sealDocument = async ({
const certificateData = settings.includeSigningCertificate
? await getCertificatePdf({
documentId,
language: document.documentMeta?.language,
documentId: legacyDocumentId,
language: envelope.documentMeta.language,
}).catch((e) => {
console.log('Failed to get certificate PDF');
console.error(e);
@ -128,8 +144,8 @@ export const sealDocument = async ({
const auditLogData = settings.includeAuditLog
? await getAuditLogsPdf({
documentId,
language: document.documentMeta?.language,
documentId: legacyDocumentId,
language: envelope.documentMeta.language,
}).catch((e) => {
console.log('Failed to get audit logs PDF');
console.error(e);
@ -171,7 +187,7 @@ export const sealDocument = async ({
}
for (const field of fields) {
document.useLegacyFieldInsertion
envelope.useLegacyFieldInsertion
? await legacy_insertFieldInPDF(doc, field)
: await insertFieldInPDF(doc, field);
}
@ -183,7 +199,8 @@ export const sealDocument = async ({
const pdfBuffer = await signPdf({ pdf: Buffer.from(pdfBytes) });
const { name } = path.parse(document.title);
// Todo: Envelopes use EnvelopeItem title instead.
const { name } = path.parse(envelope.title);
// Add suffix based on document status
const suffix = isRejected ? '_rejected.pdf' : '_signed.pdf';
@ -201,16 +218,16 @@ export const sealDocument = async ({
distinctId: nanoid(),
event: 'App: Document Sealed',
properties: {
documentId: document.id,
documentId: envelope.id,
isRejected,
},
});
}
await prisma.$transaction(async (tx) => {
await tx.document.update({
await tx.envelope.update({
where: {
id: document.id,
id: envelope.id,
},
data: {
status: isRejected ? DocumentStatus.REJECTED : DocumentStatus.COMPLETED,
@ -230,7 +247,7 @@ export const sealDocument = async ({
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_COMPLETED,
documentId: document.id,
envelopeId: envelope.id,
requestMetadata,
user: null,
data: {
@ -242,15 +259,14 @@ export const sealDocument = async ({
});
if (sendEmail && !isResealing) {
await sendCompletedEmail({ documentId, requestMetadata });
await sendCompletedEmail({ id, requestMetadata });
}
const updatedDocument = await prisma.document.findFirstOrThrow({
const updatedDocument = await prisma.envelope.findFirstOrThrow({
where: {
id: document.id,
id: envelope.id,
},
include: {
documentData: true,
documentMeta: true,
recipients: true,
},
@ -260,8 +276,8 @@ export const sealDocument = async ({
event: isRejected
? WebhookTriggerEvents.DOCUMENT_REJECTED
: WebhookTriggerEvents.DOCUMENT_COMPLETED,
data: ZWebhookDocumentSchema.parse(mapDocumentToWebhookDocumentPayload(updatedDocument)),
userId: document.userId,
teamId: document.teamId ?? undefined,
data: ZWebhookDocumentSchema.parse(mapEnvelopeToWebhookDocumentPayload(updatedDocument)),
userId: envelope.userId,
teamId: envelope.teamId ?? undefined,
});
};

42
packages/lib/server-only/document/search-documents-with-keyword.ts
View File

@ -1,5 +1,6 @@
import type { Document, Recipient, User } from '@prisma/client';
import { DocumentStatus, DocumentVisibility, TeamMemberRole } from '@prisma/client';
import { DocumentStatus, EnvelopeType } from '@prisma/client';
import type { Envelope, Recipient, User } from '@prisma/client';
import { DocumentVisibility, TeamMemberRole } from '@prisma/client';
import { match } from 'ts-pattern';
import {
@ -9,6 +10,8 @@ import {
} from '@documenso/lib/utils/teams';
import { prisma } from '@documenso/prisma';
import { mapSecondaryIdToDocumentId } from '../../utils/envelope';
export type SearchDocumentsWithKeywordOptions = {
query: string;
userId: number;
@ -26,8 +29,9 @@ export const searchDocumentsWithKeyword = async ({
},
});
const documents = await prisma.document.findMany({
const envelopes = await prisma.envelope.findMany({
where: {
type: EnvelopeType.DOCUMENT,
OR: [
{
title: {
@ -128,26 +132,26 @@ export const searchDocumentsWithKeyword = async ({
take: limit,
});
const isOwner = (document: Document, user: User) => document.userId === user.id;
const isOwner = (envelope: Envelope, user: User) => envelope.userId === user.id;
const getSigningLink = (recipients: Recipient[], user: User) =>
`/sign/${recipients.find((r) => r.email === user.email)?.token}`;
const maskedDocuments = documents
.filter((document) => {
if (!document.teamId || isOwner(document, user)) {
const maskedDocuments = envelopes
.filter((envelope) => {
if (!envelope.teamId || isOwner(envelope, user)) {
return true;
}
const teamMemberRole = getHighestTeamRoleInGroup(
document.team.teamGroups.filter((tg) => tg.teamId === document.teamId),
envelope.team.teamGroups.filter((tg) => tg.teamId === envelope.teamId),
);
if (!teamMemberRole) {
return false;
}
const canAccessDocument = match([document.visibility, teamMemberRole])
const canAccessDocument = match([envelope.visibility, teamMemberRole])
.with([DocumentVisibility.EVERYONE, TeamMemberRole.ADMIN], () => true)
.with([DocumentVisibility.EVERYONE, TeamMemberRole.MANAGER], () => true)
.with([DocumentVisibility.EVERYONE, TeamMemberRole.MEMBER], () => true)
@ -158,23 +162,29 @@ export const searchDocumentsWithKeyword = async ({
return canAccessDocument;
})
.map((document) => {
const { recipients, ...documentWithoutRecipient } = document;
.map((envelope) => {
const { recipients, ...documentWithoutRecipient } = envelope;
let documentPath;
if (isOwner(document, user)) {
documentPath = `${formatDocumentsPath(document.team?.url)}/${document.id}`;
} else if (document.teamId && document.team.teamGroups.length > 0) {
documentPath = `${formatDocumentsPath(document.team.url)}/${document.id}`;
const legacyDocumentId = mapSecondaryIdToDocumentId(envelope.secondaryId);
if (isOwner(envelope, user)) {
documentPath = `${formatDocumentsPath(envelope.team.url)}/${legacyDocumentId}`;
} else if (envelope.teamId && envelope.team.teamGroups.length > 0) {
documentPath = `${formatDocumentsPath(envelope.team.url)}/${legacyDocumentId}`;
} else {
documentPath = getSigningLink(recipients, user);
}
return {
...documentWithoutRecipient,
team: {
id: envelope.teamId,
url: envelope.team.url,
},
path: documentPath,
value: [document.id, document.title, ...document.recipients.map((r) => r.email)].join(' '),
value: [envelope.id, envelope.title, ...envelope.recipients.map((r) => r.email)].join(' '),
};
});

97
packages/lib/server-only/document/send-completed-email.ts
View File

@ -1,7 +1,7 @@
import { createElement } from 'react';
import { msg } from '@lingui/core/macro';
import { DocumentSource } from '@prisma/client';
import { DocumentSource, EnvelopeType } from '@prisma/client';
import { mailer } from '@documenso/email/mailer';
import { DocumentCompletedEmailTemplate } from '@documenso/email/templates/document-completed';
@ -14,23 +14,33 @@ import { extractDerivedDocumentEmailSettings } from '../../types/document-email'
import type { RequestMetadata } from '../../universal/extract-request-metadata';
import { getFileServerSide } from '../../universal/upload/get-file.server';
import { createDocumentAuditLogData } from '../../utils/document-audit-logs';
import type { EnvelopeIdOptions } from '../../utils/envelope';
import { unsafeBuildEnvelopeIdQuery } from '../../utils/envelope';
import { renderCustomEmailTemplate } from '../../utils/render-custom-email-template';
import { renderEmailWithI18N } from '../../utils/render-email-with-i18n';
import { formatDocumentsPath } from '../../utils/teams';
import { getEmailContext } from '../email/get-email-context';
export interface SendDocumentOptions {
documentId: number;
id: EnvelopeIdOptions;
requestMetadata?: RequestMetadata;
}
export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDocumentOptions) => {
const document = await prisma.document.findUnique({
where: {
id: documentId,
},
export const sendCompletedEmail = async ({ id, requestMetadata }: SendDocumentOptions) => {
const envelope = await prisma.envelope.findUnique({
where: unsafeBuildEnvelopeIdQuery(id, EnvelopeType.DOCUMENT),
include: {
documentData: true,
envelopeItems: {
include: {
documentData: {
select: {
type: true,
id: true,
data: true,
},
},
},
},
documentMeta: true,
recipients: true,
user: {
@ -49,13 +59,13 @@ export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDo
},
});
if (!document) {
if (!envelope) {
throw new Error('Document not found');
}
const isDirectTemplate = document?.source === DocumentSource.TEMPLATE_DIRECT_LINK;
const isDirectTemplate = envelope?.source === DocumentSource.TEMPLATE_DIRECT_LINK;
if (document.recipients.length === 0) {
if (envelope.recipients.length === 0) {
throw new Error('Document has no recipients');
}
@ -63,28 +73,37 @@ export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDo
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const { user: owner } = document;
const { user: owner } = envelope;
const completedDocument = await getFileServerSide(document.documentData);
const completedDocumentEmailAttachments = await Promise.all(
envelope.envelopeItems.map(async (document) => {
const file = await getFileServerSide(document.documentData);
return {
fileName: document.title.endsWith('.pdf') ? document.title : document.title + '.pdf',
content: Buffer.from(file),
};
}),
);
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
let documentOwnerDownloadLink = `${NEXT_PUBLIC_WEBAPP_URL()}${formatDocumentsPath(
document.team?.url,
)}/${document.id}`;
envelope.team?.url,
)}/${envelope.id}`;
if (document.team?.url) {
documentOwnerDownloadLink = `${NEXT_PUBLIC_WEBAPP_URL()}/t/${document.team.url}/documents/${
document.id
if (envelope.team?.url) {
documentOwnerDownloadLink = `${NEXT_PUBLIC_WEBAPP_URL()}/t/${envelope.team.url}/documents/${
envelope.id
}`;
}
const emailSettings = extractDerivedDocumentEmailSettings(document.documentMeta);
const emailSettings = extractDerivedDocumentEmailSettings(envelope.documentMeta);
const isDocumentCompletedEmailEnabled = emailSettings.documentCompleted;
const isOwnerDocumentCompletedEmailEnabled = emailSettings.ownerDocumentCompleted;
@ -95,11 +114,11 @@ export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDo
// - Recipient emails are disabled
if (
isOwnerDocumentCompletedEmailEnabled &&
(!document.recipients.find((recipient) => recipient.email === owner.email) ||
(!envelope.recipients.find((recipient) => recipient.email === owner.email) ||
!isDocumentCompletedEmailEnabled)
) {
const template = createElement(DocumentCompletedEmailTemplate, {
documentName: document.title,
documentName: envelope.title,
assetBaseUrl,
downloadLink: documentOwnerDownloadLink,
});
@ -127,18 +146,13 @@ export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDo
subject: i18n._(msg`Signing Complete!`),
html,
text,
attachments: [
{
filename: document.title.endsWith('.pdf') ? document.title : document.title + '.pdf',
content: Buffer.from(completedDocument),
},
],
attachments: completedDocumentEmailAttachments,
});
await prisma.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.EMAIL_SENT,
documentId: document.id,
envelopeId: envelope.id,
user: null,
requestMetadata,
data: {
@ -158,22 +172,22 @@ export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDo
}
await Promise.all(
document.recipients.map(async (recipient) => {
envelope.recipients.map(async (recipient) => {
const customEmailTemplate = {
'signer.name': recipient.name,
'signer.email': recipient.email,
'document.name': document.title,
'document.name': envelope.title,
};
const downloadLink = `${NEXT_PUBLIC_WEBAPP_URL()}/sign/${recipient.token}/complete`;
const template = createElement(DocumentCompletedEmailTemplate, {
documentName: document.title,
documentName: envelope.title,
assetBaseUrl,
downloadLink: recipient.email === owner.email ? documentOwnerDownloadLink : downloadLink,
customBody:
isDirectTemplate && document.documentMeta?.message
? renderCustomEmailTemplate(document.documentMeta.message, customEmailTemplate)
isDirectTemplate && envelope.documentMeta?.message
? renderCustomEmailTemplate(envelope.documentMeta.message, customEmailTemplate)
: undefined,
});
@ -198,23 +212,18 @@ export const sendCompletedEmail = async ({ documentId, requestMetadata }: SendDo
from: senderEmail,
replyTo: replyToEmail,
subject:
isDirectTemplate && document.documentMeta?.subject
? renderCustomEmailTemplate(document.documentMeta.subject, customEmailTemplate)
isDirectTemplate && envelope.documentMeta?.subject
? renderCustomEmailTemplate(envelope.documentMeta.subject, customEmailTemplate)
: i18n._(msg`Signing Complete!`),
html,
text,
attachments: [
{
filename: document.title.endsWith('.pdf') ? document.title : document.title + '.pdf',
content: Buffer.from(completedDocument),
},
],
attachments: completedDocumentEmailAttachments,
});
await prisma.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.EMAIL_SENT,
documentId: document.id,
envelopeId: envelope.id,
user: null,
requestMetadata,
data: {

21
packages/lib/server-only/document/send-delete-email.ts
View File

@ -14,14 +14,15 @@ import { renderEmailWithI18N } from '../../utils/render-email-with-i18n';
import { getEmailContext } from '../email/get-email-context';
export interface SendDeleteEmailOptions {
documentId: number;
envelopeId: string;
reason: string;
}
export const sendDeleteEmail = async ({ documentId, reason }: SendDeleteEmailOptions) => {
const document = await prisma.document.findFirst({
// Note: Currently only sent by Admin function
export const sendDeleteEmail = async ({ envelopeId, reason }: SendDeleteEmailOptions) => {
const envelope = await prisma.envelope.findFirst({
where: {
id: documentId,
id: envelopeId,
},
include: {
user: {
@ -35,14 +36,14 @@ export const sendDeleteEmail = async ({ documentId, reason }: SendDeleteEmailOpt
},
});
if (!document) {
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document not found',
});
}
const isDocumentDeletedEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).documentDeleted;
if (!isDocumentDeletedEmailEnabled) {
@ -53,17 +54,17 @@ export const sendDeleteEmail = async ({ documentId, reason }: SendDeleteEmailOpt
emailType: 'INTERNAL',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const { email, name } = document.user;
const { email, name } = envelope.user;
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
const template = createElement(DocumentSuperDeleteEmailTemplate, {
documentName: document.title,
documentName: envelope.title,
reason,
assetBaseUrl,
});

99
packages/lib/server-only/document/send-document.tsx → packages/lib/server-only/document/send-document.ts
View File

@ -1,6 +1,7 @@
import {
DocumentSigningOrder,
DocumentStatus,
EnvelopeType,
RecipientRole,
SendStatus,
SigningStatus,
@ -16,17 +17,18 @@ import { jobs } from '../../jobs/client';
import { extractDerivedDocumentEmailSettings } from '../../types/document-email';
import {
ZWebhookDocumentSchema,
mapDocumentToWebhookDocumentPayload,
mapEnvelopeToWebhookDocumentPayload,
} from '../../types/webhook-payload';
import { getFileServerSide } from '../../universal/upload/get-file.server';
import { putPdfFileServerSide } from '../../universal/upload/put-file.server';
import { isDocumentCompleted } from '../../utils/document';
import { type EnvelopeIdOptions, mapSecondaryIdToDocumentId } from '../../utils/envelope';
import { getEnvelopeWhereInput } from '../envelope/get-envelope-by-id';
import { insertFormValuesInPdf } from '../pdf/insert-form-values-in-pdf';
import { triggerWebhook } from '../webhooks/trigger/trigger-webhook';
import { getDocumentWhereInput } from './get-document-by-id';
export type SendDocumentOptions = {
documentId: number;
id: EnvelopeIdOptions;
userId: number;
teamId: number;
sendEmail?: boolean;
@ -34,75 +36,92 @@ export type SendDocumentOptions = {
};
export const sendDocument = async ({
documentId,
id,
userId,
teamId,
sendEmail,
requestMetadata,
}: SendDocumentOptions) => {
const { documentWhereInput } = await getDocumentWhereInput({
documentId,
const { envelopeWhereInput } = await getEnvelopeWhereInput({
id,
type: EnvelopeType.DOCUMENT,
userId,
teamId,
});
const document = await prisma.document.findFirst({
where: documentWhereInput,
const envelope = await prisma.envelope.findFirst({
where: envelopeWhereInput,
include: {
recipients: {
orderBy: [{ signingOrder: { sort: 'asc', nulls: 'last' } }, { id: 'asc' }],
},
documentMeta: true,
documentData: true,
envelopeItems: {
select: {
id: true,
documentData: {
select: {
type: true,
id: true,
data: true,
},
},
},
},
},
});
if (!document) {
if (!envelope) {
throw new Error('Document not found');
}
if (document.recipients.length === 0) {
if (envelope.recipients.length === 0) {
throw new Error('Document has no recipients');
}
if (isDocumentCompleted(document.status)) {
if (isDocumentCompleted(envelope.status)) {
throw new Error('Can not send completed document');
}
const signingOrder = document.documentMeta?.signingOrder || DocumentSigningOrder.PARALLEL;
const legacyDocumentId = mapSecondaryIdToDocumentId(envelope.secondaryId);
let recipientsToNotify = document.recipients;
const signingOrder = envelope.documentMeta?.signingOrder || DocumentSigningOrder.PARALLEL;
let recipientsToNotify = envelope.recipients;
if (signingOrder === DocumentSigningOrder.SEQUENTIAL) {
// Get the currently active recipient.
recipientsToNotify = document.recipients
recipientsToNotify = envelope.recipients
.filter((r) => r.signingStatus === SigningStatus.NOT_SIGNED && r.role !== RecipientRole.CC)
.slice(0, 1);
// Secondary filter so we aren't resending if the current active recipient has already
// received the document.
// received the envelope.
recipientsToNotify.filter((r) => r.sendStatus !== SendStatus.SENT);
}
const { documentData } = document;
const envelopeItem = envelope.envelopeItems[0];
const documentData = envelopeItem?.documentData;
if (!documentData.data) {
throw new Error('Document data not found');
// Todo: Envelopes
if (!envelopeItem || !documentData || envelope.envelopeItems.length !== 1) {
throw new Error('Invalid document data');
}
if (document.formValues) {
// Todo: Envelopes need to support multiple envelope items.
if (envelope.formValues) {
const file = await getFileServerSide(documentData);
const prefilled = await insertFormValuesInPdf({
pdf: Buffer.from(file),
// eslint-disable-next-line @typescript-eslint/consistent-type-assertions
formValues: document.formValues as Record<string, string | number | boolean>,
formValues: envelope.formValues as Record<string, string | number | boolean>,
});
let fileName = document.title;
let fileName = envelope.title;
if (!document.title.endsWith('.pdf')) {
fileName = `${document.title}.pdf`;
if (!envelope.title.endsWith('.pdf')) {
fileName = `${envelope.title}.pdf`;
}
const newDocumentData = await putPdfFileServerSide({
@ -111,9 +130,9 @@ export const sendDocument = async ({
arrayBuffer: async () => Promise.resolve(prefilled),
});
const result = await prisma.document.update({
const result = await prisma.envelopeItem.update({
where: {
id: document.id,
id: envelopeItem.id,
},
data: {
documentDataId: newDocumentData.id,
@ -133,7 +152,7 @@ export const sendDocument = async ({
// const fieldsWithSignerEmail = fields.map((field) => ({
// ...field,
// signerEmail:
// document.Recipient.find((recipient) => recipient.id === field.recipientId)?.email ?? '',
// envelope.Recipient.find((recipient) => recipient.id === field.recipientId)?.email ?? '',
// }));
// const everySignerHasSignature = document?.Recipient.every(
@ -148,7 +167,7 @@ export const sendDocument = async ({
// throw new Error('Some signers have not been assigned a signature field.');
// }
const allRecipientsHaveNoActionToTake = document.recipients.every(
const allRecipientsHaveNoActionToTake = envelope.recipients.every(
(recipient) =>
recipient.role === RecipientRole.CC || recipient.signingStatus === SigningStatus.SIGNED,
);
@ -157,15 +176,15 @@ export const sendDocument = async ({
await jobs.triggerJob({
name: 'internal.seal-document',
payload: {
documentId,
documentId: legacyDocumentId,
requestMetadata: requestMetadata?.requestMetadata,
},
});
// Keep the return type the same for the `sendDocument` method
return await prisma.document.findFirstOrThrow({
return await prisma.envelope.findFirstOrThrow({
where: {
id: documentId,
id: envelope.id,
},
include: {
documentMeta: true,
@ -174,21 +193,21 @@ export const sendDocument = async ({
});
}
const updatedDocument = await prisma.$transaction(async (tx) => {
if (document.status === DocumentStatus.DRAFT) {
const updatedEnvelope = await prisma.$transaction(async (tx) => {
if (envelope.status === DocumentStatus.DRAFT) {
await tx.documentAuditLog.create({
data: createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_SENT,
documentId: document.id,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {},
}),
});
}
return await tx.document.update({
return await tx.envelope.update({
where: {
id: documentId,
id: envelope.id,
},
data: {
status: DocumentStatus.PENDING,
@ -201,7 +220,7 @@ export const sendDocument = async ({
});
const isRecipientSigningRequestEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).recipientSigningRequest;
// Only send email if one of the following is true:
@ -218,7 +237,7 @@ export const sendDocument = async ({
name: 'send.signing.requested.email',
payload: {
userId,
documentId,
documentId: legacyDocumentId,
recipientId: recipient.id,
requestMetadata: requestMetadata?.requestMetadata,
},
@ -229,10 +248,10 @@ export const sendDocument = async ({
await triggerWebhook({
event: WebhookTriggerEvents.DOCUMENT_SENT,
data: ZWebhookDocumentSchema.parse(mapDocumentToWebhookDocumentPayload(updatedDocument)),
data: ZWebhookDocumentSchema.parse(mapEnvelopeToWebhookDocumentPayload(updatedEnvelope)),
userId,
teamId,
});
return updatedDocument;
return updatedEnvelope;
};

25
packages/lib/server-only/document/send-pending-email.ts
View File

@ -1,6 +1,7 @@
import { createElement } from 'react';
import { msg } from '@lingui/core/macro';
import { EnvelopeType } from '@prisma/client';
import { mailer } from '@documenso/email/mailer';
import { DocumentPendingEmailTemplate } from '@documenso/email/templates/document-pending';
@ -9,18 +10,20 @@ import { prisma } from '@documenso/prisma';
import { getI18nInstance } from '../../client-only/providers/i18n-server';
import { NEXT_PUBLIC_WEBAPP_URL } from '../../constants/app';
import { extractDerivedDocumentEmailSettings } from '../../types/document-email';
import type { EnvelopeIdOptions } from '../../utils/envelope';
import { unsafeBuildEnvelopeIdQuery } from '../../utils/envelope';
import { renderEmailWithI18N } from '../../utils/render-email-with-i18n';
import { getEmailContext } from '../email/get-email-context';
export interface SendPendingEmailOptions {
documentId: number;
id: EnvelopeIdOptions;
recipientId: number;
}
export const sendPendingEmail = async ({ documentId, recipientId }: SendPendingEmailOptions) => {
const document = await prisma.document.findFirst({
export const sendPendingEmail = async ({ id, recipientId }: SendPendingEmailOptions) => {
const envelope = await prisma.envelope.findFirst({
where: {
id: documentId,
...unsafeBuildEnvelopeIdQuery(id, EnvelopeType.DOCUMENT),
recipients: {
some: {
id: recipientId,
@ -37,11 +40,11 @@ export const sendPendingEmail = async ({ documentId, recipientId }: SendPendingE
},
});
if (!document) {
if (!envelope) {
throw new Error('Document not found');
}
if (document.recipients.length === 0) {
if (envelope.recipients.length === 0) {
throw new Error('Document has no recipients');
}
@ -49,27 +52,27 @@ export const sendPendingEmail = async ({ documentId, recipientId }: SendPendingE
emailType: 'RECIPIENT',
source: {
type: 'team',
teamId: document.teamId,
teamId: envelope.teamId,
},
meta: document.documentMeta,
meta: envelope.documentMeta,
});
const isDocumentPendingEmailEnabled = extractDerivedDocumentEmailSettings(
document.documentMeta,
envelope.documentMeta,
).documentPending;
if (!isDocumentPendingEmailEnabled) {
return;
}
const [recipient] = document.recipients;
const [recipient] = envelope.recipients;
const { email, name } = recipient;
const assetBaseUrl = NEXT_PUBLIC_WEBAPP_URL() || 'http://localhost:3000';
const template = createElement(DocumentPendingEmailTemplate, {
documentName: document.title,
documentName: envelope.title,
assetBaseUrl,
});

154
packages/lib/server-only/document/update-document.ts
View File

@ -1,7 +1,7 @@
import { DocumentVisibility } from '@prisma/client';
import { DocumentStatus, TeamMemberRole } from '@prisma/client';
import type { DocumentVisibility, Prisma } from '@prisma/client';
import { EnvelopeType, FolderType } from '@prisma/client';
import { DocumentStatus } from '@prisma/client';
import { isDeepEqual } from 'remeda';
import { match } from 'ts-pattern';
import { DOCUMENT_AUDIT_LOG_TYPE } from '@documenso/lib/types/document-audit-logs';
import type { ApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
@ -9,10 +9,12 @@ import type { CreateDocumentAuditLogDataResponse } from '@documenso/lib/utils/do
import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
import { prisma } from '@documenso/prisma';
import { TEAM_DOCUMENT_VISIBILITY_MAP } from '../../constants/teams';
import { AppError, AppErrorCode } from '../../errors/app-error';
import type { TDocumentAccessAuthTypes, TDocumentActionAuthTypes } from '../../types/document-auth';
import { createDocumentAuthOptions, extractDocumentAuthMethods } from '../../utils/document-auth';
import { getDocumentWhereInput } from './get-document-by-id';
import { buildTeamWhereQuery, canAccessTeamDocument } from '../../utils/teams';
import { getEnvelopeWhereInput } from '../envelope/get-envelope-by-id';
export type UpdateDocumentOptions = {
userId: number;
@ -25,6 +27,7 @@ export type UpdateDocumentOptions = {
globalAccessAuth?: TDocumentAccessAuthTypes[];
globalActionAuth?: TDocumentActionAuthTypes[];
useLegacyFieldInsertion?: boolean;
folderId?: string | null;
};
requestMetadata: ApiRequestMetadata;
};
@ -36,14 +39,18 @@ export const updateDocument = async ({
data,
requestMetadata,
}: UpdateDocumentOptions) => {
const { documentWhereInput, team } = await getDocumentWhereInput({
documentId,
const { envelopeWhereInput, team } = await getEnvelopeWhereInput({
id: {
type: 'documentId',
id: documentId,
},
type: EnvelopeType.DOCUMENT,
userId,
teamId,
});
const document = await prisma.document.findFirst({
where: documentWhereInput,
const envelope = await prisma.envelope.findFirst({
where: envelopeWhereInput,
include: {
team: {
select: {
@ -57,57 +64,70 @@ export const updateDocument = async ({
},
});
if (!document) {
if (!envelope) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Document not found',
});
}
const isDocumentOwner = document.userId === userId;
const requestedVisibility = data?.visibility;
if (!isDocumentOwner) {
match(team.currentTeamRole)
.with(TeamMemberRole.ADMIN, () => true)
.with(TeamMemberRole.MANAGER, () => {
const allowedVisibilities: DocumentVisibility[] = [
DocumentVisibility.EVERYONE,
DocumentVisibility.MANAGER_AND_ABOVE,
];
const isEnvelopeOwner = envelope.userId === userId;
// Validate whether the new visibility setting is allowed for the current user.
if (
!allowedVisibilities.includes(document.visibility) ||
(requestedVisibility && !allowedVisibilities.includes(requestedVisibility))
!isEnvelopeOwner &&
data?.visibility &&
!canAccessTeamDocument(team.currentTeamRole, data.visibility)
) {
throw new AppError(AppErrorCode.UNAUTHORIZED, {
message: 'You do not have permission to update the document visibility',
});
}
})
.with(TeamMemberRole.MEMBER, () => {
if (
document.visibility !== DocumentVisibility.EVERYONE ||
(requestedVisibility && requestedVisibility !== DocumentVisibility.EVERYONE)
) {
throw new AppError(AppErrorCode.UNAUTHORIZED, {
message: 'You do not have permission to update the document visibility',
});
}
})
.otherwise(() => {
throw new AppError(AppErrorCode.UNAUTHORIZED, {
message: 'You do not have permission to update the document',
});
});
}
// If no data just return the document since this function is normally chained after a meta update.
if (!data || Object.values(data).length === 0) {
return document;
return envelope;
}
let folderUpdateQuery: Prisma.FolderUpdateOneWithoutEnvelopesNestedInput | undefined = undefined;
// Validate folder ID.
if (data.folderId) {
const folder = await prisma.folder.findFirst({
where: {
id: data.folderId,
team: buildTeamWhereQuery({
teamId,
userId,
}),
type: FolderType.DOCUMENT,
visibility: {
in: TEAM_DOCUMENT_VISIBILITY_MAP[team.currentTeamRole],
},
},
});
if (!folder) {
throw new AppError(AppErrorCode.NOT_FOUND, {
message: 'Folder not found',
});
}
folderUpdateQuery = {
connect: {
id: data.folderId,
},
};
}
// Move to root folder if folderId is null.
if (data.folderId === null) {
folderUpdateQuery = {
disconnect: true,
};
}
const { documentAuthOption } = extractDocumentAuthMethods({
documentAuth: document.authOptions,
documentAuth: envelope.authOptions,
});
const documentGlobalAccessAuth = documentAuthOption?.globalAccessAuth ?? null;
@ -120,14 +140,14 @@ export const updateDocument = async ({
data?.globalActionAuth === undefined ? documentGlobalActionAuth : data.globalActionAuth;
// Check if user has permission to set the global action auth.
if (newGlobalActionAuth.length > 0 && !document.team.organisation.organisationClaim.flags.cfr21) {
if (newGlobalActionAuth.length > 0 && !envelope.team.organisation.organisationClaim.flags.cfr21) {
throw new AppError(AppErrorCode.UNAUTHORIZED, {
message: 'You do not have permission to set the action auth',
});
}
const isTitleSame = data.title === undefined || data.title === document.title;
const isExternalIdSame = data.externalId === undefined || data.externalId === document.externalId;
const isTitleSame = data.title === undefined || data.title === envelope.title;
const isExternalIdSame = data.externalId === undefined || data.externalId === envelope.externalId;
const isGlobalAccessSame =
documentGlobalAccessAuth === undefined ||
isDeepEqual(documentGlobalAccessAuth, newGlobalAccessAuth);
@ -135,11 +155,12 @@ export const updateDocument = async ({
documentGlobalActionAuth === undefined ||
isDeepEqual(documentGlobalActionAuth, newGlobalActionAuth);
const isDocumentVisibilitySame =
data.visibility === undefined || data.visibility === document.visibility;
data.visibility === undefined || data.visibility === envelope.visibility;
const isFolderSame = data.folderId === undefined || data.folderId === envelope.folderId;
const auditLogs: CreateDocumentAuditLogDataResponse[] = [];
if (!isTitleSame && document.status !== DocumentStatus.DRAFT) {
if (!isTitleSame && envelope.status !== DocumentStatus.DRAFT) {
throw new AppError(AppErrorCode.INVALID_BODY, {
message: 'You cannot update the title if the document has been sent',
});
@ -149,10 +170,10 @@ export const updateDocument = async ({
auditLogs.push(
createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_TITLE_UPDATED,
documentId,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {
from: document.title,
from: envelope.title,
to: data.title || '',
},
}),
@ -163,10 +184,10 @@ export const updateDocument = async ({
auditLogs.push(
createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_EXTERNAL_ID_UPDATED,
documentId,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {
from: document.externalId,
from: envelope.externalId,
to: data.externalId || '',
},
}),
@ -177,7 +198,7 @@ export const updateDocument = async ({
auditLogs.push(
createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_GLOBAL_AUTH_ACCESS_UPDATED,
documentId,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {
from: documentGlobalAccessAuth,
@ -191,7 +212,7 @@ export const updateDocument = async ({
auditLogs.push(
createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_GLOBAL_AUTH_ACTION_UPDATED,
documentId,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {
from: documentGlobalActionAuth,
@ -205,19 +226,34 @@ export const updateDocument = async ({
auditLogs.push(
createDocumentAuditLogData({
type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_VISIBILITY_UPDATED,
documentId,
envelopeId: envelope.id,
metadata: requestMetadata,
data: {
from: document.visibility,
from: envelope.visibility,
to: data.visibility || '',
},
}),
);
}
// Todo: Decide if we want to log moving the document around.
// if (!isFolderSame) {
// auditLogs.push(
// createDocumentAuditLogData({
// type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_FOLDER_UPDATED,
// envelopeId: envelope.id,
// metadata: requestMetadata,
// data: {
// from: envelope.folderId,
// to: data.folderId || '',
// },
// }),
// );
// }
// Early return if nothing is required.
if (auditLogs.length === 0 && data.useLegacyFieldInsertion === undefined) {
return document;
if (auditLogs.length === 0 && data.useLegacyFieldInsertion === undefined && isFolderSame) {
return envelope;
}
return await prisma.$transaction(async (tx) => {
@ -226,9 +262,10 @@ export const updateDocument = async ({
globalActionAuth: newGlobalActionAuth,
});
const updatedDocument = await tx.document.update({
const updatedDocument = await tx.envelope.update({
where: {
id: documentId,
id: envelope.id,
type: EnvelopeType.DOCUMENT,
},
data: {
title: data.title,
@ -236,6 +273,7 @@ export const updateDocument = async ({
visibility: data.visibility as DocumentVisibility,
useLegacyFieldInsertion: data.useLegacyFieldInsertion,
authOptions,
folder: folderUpdateQuery,
},
});

Some files were not shown because too many files have changed in this diff Show More