fix: enforce users to have stripe account (#1131 )

## Description Currently users who sign in via Google SSO do not get assigned a Stripe customer account. This enforces the Stripe customer requirement on sign in. There might be a better place to put this so it's open to any suggestions.
fix: improve sealing process (#1133 )
2025-11-10 04:22:32 +10:00 · 2024-05-01 16:48:05 +10:00 · 2024-05-01 16:47:11 +10:00 · 2024-05-01 16:16:04 +10:00 · 2024-05-01 14:18:01 +10:00 · 2024-04-30 20:53:18 +07:00
10 changed files with 102 additions and 42 deletions
--- a/apps/web/src/app/(unauthenticated)/articles/signature-disclosure/page.tsx
+++ b/apps/web/src/app/(unauthenticated)/articles/signature-disclosure/page.tsx
@ -5,7 +5,7 @@ import { Button } from '@documenso/ui/primitives/button';
 export default function SignatureDisclosure() {
  return (
    <div>
-      <article className="prose">
+      <article className="prose dark:prose-invert">
        <h1>Electronic Signature Disclosure</h1>

        <h2>Welcome</h2>
--- a/apps/web/src/pages/api/auth/[...nextauth].ts
+++ b/apps/web/src/pages/api/auth/[...nextauth].ts
@ -2,6 +2,8 @@ import type { NextApiRequest, NextApiResponse } from 'next';

 import NextAuth from 'next-auth';

+import { getStripeCustomerByUser } from '@documenso/ee/server-only/stripe/get-customer';
+import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';
 import { NEXT_AUTH_OPTIONS } from '@documenso/lib/next-auth/auth-options';
 import { extractNextApiRequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
 import { prisma } from '@documenso/prisma';
@ -18,15 +20,29 @@ export default async function auth(req: NextApiRequest, res: NextApiResponse) {
      error: '/signin',
    },
    events: {
-      signIn: async ({ user }) => {
-        await prisma.userSecurityAuditLog.create({
-          data: {
-            userId: user.id,
-            ipAddress,
-            userAgent,
-            type: UserSecurityAuditLogType.SIGN_IN,
-          },
-        });
+      signIn: async ({ user: { id: userId } }) => {
+        const [user] = await Promise.all([
+          await prisma.user.findFirstOrThrow({
+            where: {
+              id: userId,
+            },
+          }),
+          await prisma.userSecurityAuditLog.create({
+            data: {
+              userId,
+              ipAddress,
+              userAgent,
+              type: UserSecurityAuditLogType.SIGN_IN,
+            },
+          }),
+        ]);
+
+        // Create the Stripe customer and attach it to the user if it doesn't exist.
+        if (user.customerId === null && IS_BILLING_ENABLED()) {
+          await getStripeCustomerByUser(user).catch((err) => {
+            console.error(err);
+          });
+        }
      },
      signOut: async ({ token }) => {
        const userId = typeof token.id === 'string' ? parseInt(token.id) : token.id;
--- a/apps/web/src/pages/api/trpc/[trpc].ts
+++ b/apps/web/src/pages/api/trpc/[trpc].ts
@ -3,7 +3,7 @@ import { createTrpcContext } from '@documenso/trpc/server/context';
 import { appRouter } from '@documenso/trpc/server/router';

 export const config = {
-  maxDuration: 60,
+  maxDuration: 120,
  api: {
    bodyParser: {
      sizeLimit: '50mb',
--- a/packages/api/v1/implementation.ts
+++ b/packages/api/v1/implementation.ts
@ -229,6 +229,13 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
        requestMetadata: extractNextApiRequestMetadata(args.req),
      });

+      await upsertDocumentMeta({
+        documentId: document.id,
+        userId: user.id,
+        ...body.meta,
+        requestMetadata: extractNextApiRequestMetadata(args.req),
+      });
+
      const recipients = await setRecipientsForDocument({
        userId: user.id,
        teamId: team?.id,
@ -324,10 +331,7 @@ export const ApiContractV1Implementation = createNextRoute(ApiContractV1, {
      await upsertDocumentMeta({
        documentId: document.id,
        userId: user.id,
-        subject: body.meta.subject,
-        message: body.meta.message,
-        dateFormat: body.meta.dateFormat,
-        timezone: body.meta.timezone,
+        ...body.meta,
        requestMetadata: extractNextApiRequestMetadata(args.req),
      });
    }
--- a/packages/lib/server-only/document/complete-document-with-token.ts
+++ b/packages/lib/server-only/document/complete-document-with-token.ts
@ -137,7 +137,7 @@ export const completeDocumentWithToken = async ({
    await sendPendingEmail({ documentId, recipientId: recipient.id });
  }

-  const documents = await prisma.document.updateMany({
+  const haveAllRecipientsSigned = await prisma.document.findFirst({
    where: {
      id: document.id,
      Recipient: {
@ -146,13 +146,9 @@ export const completeDocumentWithToken = async ({
        },
      },
    },
-    data: {
-      status: DocumentStatus.COMPLETED,
-      completedAt: new Date(),
-    },
  });

-  if (documents.count > 0) {
+  if (haveAllRecipientsSigned) {
    await sealDocument({ documentId: document.id, requestMetadata });
  }

--- a/packages/lib/server-only/document/delete-document.ts
+++ b/packages/lib/server-only/document/delete-document.ts
@ -75,18 +75,20 @@ export const deleteDocument = async ({
  }

  // Continue to hide the document from the user if they are a recipient.
+  // Dirty way of doing this but it's faster than refetching the document.
  if (userRecipient?.documentDeletedAt === null) {
-    await prisma.recipient.update({
-      where: {
-        documentId_email: {
-          documentId: document.id,
-          email: user.email,
+    await prisma.recipient
+      .update({
+        where: {
+          id: userRecipient.id,
        },
-      },
-      data: {
-        documentDeletedAt: new Date().toISOString(),
-      },
-    });
+        data: {
+          documentDeletedAt: new Date().toISOString(),
+        },
+      })
+      .catch(() => {
+        // Do nothing.
+      });
  }

  // Return partial document for API v1 response.
--- a/packages/lib/server-only/document/seal-document.ts
+++ b/packages/lib/server-only/document/seal-document.ts
@ -40,6 +40,11 @@ export const sealDocument = async ({
  const document = await prisma.document.findFirstOrThrow({
    where: {
      id: documentId,
+      Recipient: {
+        every: {
+          signingStatus: SigningStatus.SIGNED,
+        },
+      },
    },
    include: {
      documentData: true,
@ -53,10 +58,6 @@ export const sealDocument = async ({
    throw new Error(`Document ${document.id} has no document data`);
  }

-  if (document.status !== DocumentStatus.COMPLETED) {
-    throw new Error(`Document ${document.id} has not been completed`);
-  }
-
  const recipients = await prisma.recipient.findMany({
    where: {
      documentId: document.id,
@ -92,9 +93,9 @@ export const sealDocument = async ({
  // !: Need to write the fields onto the document as a hard copy
  const pdfData = await getFile(documentData);

-  const certificate = await getCertificatePdf({ documentId }).then(async (doc) =>
-    PDFDocument.load(doc),
-  );
+  const certificate = await getCertificatePdf({ documentId })
+    .then(async (doc) => PDFDocument.load(doc))
+    .catch(() => null);

  const doc = await PDFDocument.load(pdfData);

@ -103,11 +104,13 @@ export const sealDocument = async ({
  doc.getForm().flatten();
  flattenAnnotations(doc);

-  const certificatePages = await doc.copyPages(certificate, certificate.getPageIndices());
+  if (certificate) {
+    const certificatePages = await doc.copyPages(certificate, certificate.getPageIndices());

-  certificatePages.forEach((page) => {
-    doc.addPage(page);
-  });
+    certificatePages.forEach((page) => {
+      doc.addPage(page);
+    });
+  }

  for (const field of fields) {
    await insertFieldInPDF(doc, field);
@ -138,6 +141,16 @@ export const sealDocument = async ({
  }

  await prisma.$transaction(async (tx) => {
+    await tx.document.update({
+      where: {
+        id: document.id,
+      },
+      data: {
+        status: DocumentStatus.COMPLETED,
+        completedAt: new Date(),
+      },
+    });
+
    await tx.documentData.update({
      where: {
        id: documentData.id,
--- a/packages/lib/server-only/document/send-document.tsx
+++ b/packages/lib/server-only/document/send-document.tsx
@ -4,6 +4,8 @@ import { mailer } from '@documenso/email/mailer';
 import { render } from '@documenso/email/render';
 import { DocumentInviteEmailTemplate } from '@documenso/email/templates/document-invite';
 import { FROM_ADDRESS, FROM_NAME } from '@documenso/lib/constants/email';
+import { sealDocument } from '@documenso/lib/server-only/document/seal-document';
+import { updateDocument } from '@documenso/lib/server-only/document/update-document';
 import { DOCUMENT_AUDIT_LOG_TYPE } from '@documenso/lib/types/document-audit-logs';
 import type { RequestMetadata } from '@documenso/lib/universal/extract-request-metadata';
 import { createDocumentAuditLogData } from '@documenso/lib/utils/document-audit-logs';
@ -211,6 +213,31 @@ export const sendDocument = async ({
    }),
  );

+  const allRecipientsHaveNoActionToTake = document.Recipient.every(
+    (recipient) => recipient.role === RecipientRole.CC,
+  );
+
+  if (allRecipientsHaveNoActionToTake) {
+    const updatedDocument = await updateDocument({
+      documentId,
+      userId,
+      teamId,
+      data: { status: DocumentStatus.COMPLETED },
+    });
+
+    await sealDocument({ documentId: updatedDocument.id, requestMetadata });
+
+    // Keep the return type the same for the `sendDocument` method
+    return await prisma.document.findFirstOrThrow({
+      where: {
+        id: documentId,
+      },
+      include: {
+        Recipient: true,
+      },
+    });
+  }
+
  const updatedDocument = await prisma.$transaction(async (tx) => {
    if (document.status === DocumentStatus.DRAFT) {
      await tx.documentAuditLog.create({
--- a/packages/lib/server-only/htmltopdf/get-certificate-pdf.ts
+++ b/packages/lib/server-only/htmltopdf/get-certificate-pdf.ts
@ -35,6 +35,7 @@ export const getCertificatePdf = async ({ documentId }: GetCertificatePdfOptions

  await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/__htmltopdf/certificate?d=${encryptedId}`, {
    waitUntil: 'networkidle',
+    timeout: 10_000,
  });

  const result = await page.pdf({
--- a/packages/ui/primitives/template-flow/add-template-placeholder-recipients.tsx
+++ b/packages/ui/primitives/template-flow/add-template-placeholder-recipients.tsx
@ -282,6 +282,7 @@ export const AddTemplatePlaceholderRecipientsFormPartial = ({
          <Button
            type="button"
            className="dark:bg-muted dark:hover:bg-muted/80 bg-black/5 hover:bg-black/10"
+            variant="secondary"
            disabled={
              isSubmitting || getValues('signers').some((signer) => signer.email === user?.email)
            }
Author	SHA1	Message	Date
Lucas Smith	15dee5ef35	fix: enforce users to have stripe account (#1131 ) ## Description Currently users who sign in via Google SSO do not get assigned a Stripe customer account. This enforces the Stripe customer requirement on sign in. There might be a better place to put this so it's open to any suggestions.	2024-05-01 16:48:05 +10:00
Lucas Smith	28d6f6e2e8	fix: improve sealing process (#1133 ) ## Description Improves the sealing process by being strict on how long certificate generation can take, opting to fail generation and continue sealing. Also changes the ordering of sealing so an error in the process won't also cause a document to be "COMPLETED" since it hasn't been cryptographically sealed yet. The downside to this change is that documents that fail during sealing will require manual intervention as a signer or owner won't be able to complete the document. ## Testing Performed - Modified code to force specific failure modes to occur and verified that documents were either gracefully sealed without a certificate or not sealed and not completed.	2024-05-01 16:47:11 +10:00
Mythie	78dc57a6eb	fix: improvements from review	2024-05-01 16:16:04 +10:00
Mythie	d3528f74f0	fix: improve sealing process Improves the sealing process by being strict on how long certificate generation can take, opting to fail generation and continue sealing. Also changes the ordering of sealing so an error in the process won't also cause a document to be "COMPLETED" since it hasn't been cryptographically sealed yet. The downside to this change is that documents that fail during sealing will require manual intervention as a signer or owner won't be able to complete the document.	2024-05-01 14:18:01 +10:00
David Nguyen	dbd452be97	fix: delete pending documents (#1118 ) ## Description Currently deleting a pending document where you are a recipient off will delete the document, but will also throw an error. This is due to the recipient being updated after the document deleted, which is only supposed to happen for completed documents.	2024-04-30 20:53:18 +07:00
Adithya Krishna	5109bb17d6	chore: fix button styling (#1132 ) Description: This PR fixes the button styling issue Before: ![image](https://github.com/documenso/documenso/assets/23498248/0af045aa-3714-48d8-9c22-6cd171b07079) After: <img width="1280" alt="Screenshot 2024-04-30 at 6 48 47 PM" src="https://github.com/documenso/documenso/assets/23498248/e7dd99de-60fc-4cc2-aefc-21b130aa0116">	2024-04-30 18:57:29 +05:30
Adithya Krishna	6974a76ed4	chore: fix button styling	2024-04-30 18:47:49 +05:30
Adithya Krishna	5efb0894e6	chore: updated dark mode text (#1129 ) Description: This PR updates the dark mode text for this article, https://app.documenso.com/articles/signature-disclosure	2024-04-30 17:14:28 +05:30
David Nguyen	cfec366c1a	fix: refactor	2024-04-30 15:54:24 +07:00
David Nguyen	8622e68853	fix: add logging	2024-04-30 15:50:22 +07:00
Adithya Krishna	0e16a86e74	chore: updated dark mode text	2024-04-30 11:55:01 +05:30
David Nguyen	97d334a1da	fix: force users to have a Stripe customer on sign in	2024-04-29 20:15:40 +07:00
Mythie	345e42537a	fix: include all document meta when using the public api	2024-04-29 12:42:22 +10:00
Lucas Smith	8a24ca2065	fix: complete document when all recipients are CC (#1113 ) ## Description Automatically marks the document as completed if all the recipients are CC. ## Changes Made Added an if statement in the last form step (`onAddSubjectFormSubmit`) that checks if all the recipients are CC. If so, the document status is updated to `COMPLETED`. ## Testing Performed Tested the changes and they work as expected. ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [x] I have tested these changes locally and they work as expected. - [ ] I have added/updated tests that prove the effectiveness of these changes. - [ ] I have updated the documentation to reflect these changes, if applicable. - [x] I have followed the project's coding style guidelines. - [ ] I have addressed the code review feedback from the previous submission, if applicable. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Enhanced document sending logic to update document status based on recipient roles. - Bug Fixes - Removed redundant form submission handling in the document editing feature. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2024-04-27 21:39:25 +10:00
Lucas Smith	06dd8219a5	fix: increase trpc max duration (#1121 ) ## Description Increase the max duration of the TRPC API endpoint to 120 seconds.	2024-04-27 21:38:21 +10:00
David Nguyen	74b9bc786b	fix: extend	2024-04-27 18:29:52 +07:00
David Nguyen	364c499927	fix: increase trpc max duration	2024-04-27 15:21:46 +07:00
David Nguyen	b0ce06f6fe	Merge branch 'main' into fix/doc-status-cc-role	2024-04-26 17:17:07 +07:00
Lucas Smith	4080806606	fix: minor updates	2024-04-26 02:17:56 +00:00
David Nguyen	1e33bc2aa3	Merge branch 'main' into fix/doc-status-cc-role	2024-04-24 20:30:10 +07:00
Catalin Pit	d7959950e2	fix: edit-document line	2024-04-24 09:41:34 +03:00
Catalin Pit	bb43547a45	fix: complete document when all recipients are CC	2024-04-24 09:39:47 +03:00
Catalin Pit	3fb69422e8	Merge branch 'main' into fix/doc-status-cc-role	2024-04-23 14:26:37 +03:00
Catalin Pit	4d5365bddc	fix: complete document when all recipients are CC	2024-04-23 14:24:58 +03:00
Catalin Pit	0eee570781	fix: complete document when all recipients are CC	2024-04-23 12:33:40 +03:00