mirror of
https://github.com/documenso/documenso.git
synced 2025-11-14 00:32:43 +10:00
23a0537648
## Description This PR introduces global settings for teams. At the moment, it allows team admins to configure the following: * The default visibility of the documents uploaded to the team account * Whether to include the document owner (sender) details when sending emails to the recipients. ### Include Sender Details If the Sender Details setting is enabled, the emails sent by the team will include the sender's name: > "Example User" on behalf of "Example Team" has invited you to sign "document.pdf" Otherwise, the email will say: > "Example Team" has invited you to sign "document.pdf" ### Default Document Visibility This new option allows users to set the default visibility for the documents uploaded to the team account. It can have the following values: * Everyone * Manager and above * Admins only If the default document visibility isn't set, the document will be set to the role of the user who created the document: * If a user with the "User" role creates a document, the document's visibility is set to "Everyone". * Manager role -> "Manager and above" * Admin role -> "Admins only" Otherwise, if there is a default document visibility value, it uses that value. #### Gotcha To avoid issues, the `document owner` and the `recipient` can access the document irrespective of their role. For example: * If a team member with the role "Member" uploads a document and the default document visibility is "Admins", only the document owner and admins can access the document. * Similar to the other scenarios. * If an admin uploads a document and the default document visibility is "Admins", the recipient can access the document. * The admins have access to all the documents. * Managers have access to documents with the visibility set to "Everyone" and "Manager and above" * Members have access only to the documents with the visibility set to "Everyone". ## Testing Performed Tested it locally.
82 lines
1.8 KiB
TypeScript
82 lines
1.8 KiB
TypeScript
import { TEAM_MEMBER_ROLE_PERMISSIONS_MAP } from '@documenso/lib/constants/teams';
|
|
import { AppError } from '@documenso/lib/errors/app-error';
|
|
import { prisma } from '@documenso/prisma';
|
|
|
|
import { sendTeamMemberInviteEmail } from './create-team-member-invites';
|
|
|
|
export type ResendTeamMemberInvitationOptions = {
|
|
/**
|
|
* The ID of the user who is initiating this action.
|
|
*/
|
|
userId: number;
|
|
|
|
/**
|
|
* The name of the user who is initiating this action.
|
|
*/
|
|
userName: string;
|
|
|
|
/**
|
|
* The ID of the team.
|
|
*/
|
|
teamId: number;
|
|
|
|
/**
|
|
* The IDs of the invitations to resend.
|
|
*/
|
|
invitationId: number;
|
|
};
|
|
|
|
/**
|
|
* Resend an email for a given team member invite.
|
|
*/
|
|
export const resendTeamMemberInvitation = async ({
|
|
userId,
|
|
userName,
|
|
teamId,
|
|
invitationId,
|
|
}: ResendTeamMemberInvitationOptions) => {
|
|
await prisma.$transaction(
|
|
async (tx) => {
|
|
const team = await tx.team.findUniqueOrThrow({
|
|
where: {
|
|
id: teamId,
|
|
members: {
|
|
some: {
|
|
userId,
|
|
role: {
|
|
in: TEAM_MEMBER_ROLE_PERMISSIONS_MAP['MANAGE_TEAM'],
|
|
},
|
|
},
|
|
},
|
|
},
|
|
include: {
|
|
teamGlobalSettings: true,
|
|
},
|
|
});
|
|
|
|
if (!team) {
|
|
throw new AppError('TeamNotFound', 'User is not a valid member of the team.');
|
|
}
|
|
|
|
const teamMemberInvite = await tx.teamMemberInvite.findUniqueOrThrow({
|
|
where: {
|
|
id: invitationId,
|
|
teamId,
|
|
},
|
|
});
|
|
|
|
if (!teamMemberInvite) {
|
|
throw new AppError('InviteNotFound', 'No invite exists for this user.');
|
|
}
|
|
|
|
await sendTeamMemberInviteEmail({
|
|
email: teamMemberInvite.email,
|
|
token: teamMemberInvite.token,
|
|
senderName: userName,
|
|
team,
|
|
});
|
|
},
|
|
{ timeout: 30_000 },
|
|
);
|
|
};
|