71 Commits

Author SHA1 Message Date
Stanko K.R. 36ee253a1a Stack notifications everywhere
We had client-side notification stacking in the tray since launch, but now we want to stack notifications in the notifications page, in API responses and in email bundles.
2026-02-12 10:29:50 +01:00
Stanko K.R. 5c929238b7 Rename jobs 2026-02-02 18:22:07 +01:00
Stanko K.R. 992f15066b Replace RubyZip with ZipKit
ZipKit can read and write files directly from S3 which makes both imports and exports way more efficient in terms of disk usage.
2026-02-02 12:36:48 +01:00
Stanko K.R. 19ae555c2e Convert Account::SingleUserExport to User::DataExport 2026-02-02 12:36:48 +01:00
Jorge Manrubia 85bfa7aa48 Rename method 2026-01-05 16:01:25 +01:00
Jorge Manrubia 5f38e8957e Reapply "Make sure new card drafts are refreshed when reused"
This reverts commit 045ddf78f3.
2026-01-05 15:58:29 +01:00
Jorge Manrubia 045ddf78f3 Revert "Make sure new card drafts are refreshed when reused"
This reverts commit 3008011175.
2026-01-05 15:58:16 +01:00
Jorge Manrubia 3008011175 Make sure new card drafts are refreshed when reused
To deal with old timestamps messing with card ordering and so.

https://app.fizzy.do/5986089/cards/3495
2026-01-05 15:57:48 +01:00
Mike Dalessio 139bf3cf81 Validate avatar sizes 2025-12-13 13:05:30 -05:00
Jeremy Daer 49c4f2adc6 Fix ActiveStorage FileNotFoundError with immediate variant processing (#2022)
When ActiveStorage::Record uses `connects_to` for read replica support,
it creates a separate connection pool from ApplicationRecord. This causes
`after_commit` callbacks to fire in non-deterministic order - the
Attachment's `create_variants` callback can fire before the User model's
upload callback completes, resulting in FileNotFoundError.

The fix removes replica connection configuration from ActiveStorage::Record
so it shares the same connection pool as application models, ensuring
proper callback ordering.

Also reverts test workarounds that were added to work around this issue,
since the root cause is now fixed.

See: https://github.com/rails/rails/issues/53694
2025-12-08 14:44:49 -08:00
Jorge Manrubia cb0e9b9962 Immediate avatar and embed variants (#2002)
Reverts #2001
Restores #1955
2025-12-08 14:17:06 -08:00
Jorge Manrubia c8c91259c7 Revert "Immediate avatar and embed variants" 2025-12-07 12:06:03 +01:00
Jorge Manrubia 91017c9208 Merge pull request #1955 from basecamp/immediate-variants
Immediate avatar and embed variants
2025-12-07 11:50:02 +01:00
Mike Dalessio 1ad52d2590 Only send notification emails to verified users
Adds verified? check to bundling_emails? to prevent notification emails
from being sent to users who have never authenticated. This closes the
spam vector where bad actors could create users for known email
addresses and trigger unwanted notifications by mentioning them.

Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-05 21:51:44 -05:00
Jeremy Daer 21f3f72647 Immediate avatar and embed variants
Process variants synchronously on attachment to close the window between
image upload and variant availability, guaranteeing that we won't have
lazy variant processing attempts in GET requests.

Tradeoff is that we do variant processing in upload requests, which is
actually desirable. We're working with images that should take
milliseconds to resize given that we'll already have the file on hand.

References https://github.com/rails/rails/pull/51951
2025-12-04 23:54:37 -08:00
Kevin McConnell 2e47749739 Don't allow SVG avatar uploads in the first place 2025-12-04 14:27:28 +00:00
Kevin McConnell 6475ad3425 Don't try to resize non-variable avatars 2025-12-04 13:36:21 +00:00
Stanko K.R. 84213265e7 Render friendly error message when using an invalid token 2025-12-03 15:37:27 +01:00
Mike Dalessio edf6b53469 Introduce an "owner" role, and prevent it from being administered
to prevent the owner from being demoted or kicked out.

ref: https://app.fizzy.do/5986089/cards/3213
2025-11-29 14:13:29 -05:00
Stanko K.R. 3b56b3f970 Fix failing test due to duplicate user 2025-11-17 09:12:41 -05:00
Stanko K.R. 01367c097f Fix skipped tests 2025-11-17 09:12:41 -05:00
Stanko K.R. e0693de7c3 Scope jobs and controllers by account 2025-11-17 09:12:41 -05:00
Stanko K.R. 56c41d45eb Reinstate email changes 2025-11-17 09:12:40 -05:00
Stanko K.R. 34d83aaa7c Fix tests after the removal of memberships 2025-11-17 09:12:40 -05:00
Mike Dalessio ff8d786144 Filter boards by account 2025-11-17 09:11:57 -05:00
Mike Dalessio 7bd697f75e test: Skip search tests, fix others, and skip a few hard ones 2025-11-17 09:11:42 -05:00
Jorge Manrubia 3b34703db3 Make sure that only admins or card creators can delete cards 2025-11-05 16:37:43 +01:00
Jorge Manrubia 193cc26a98 Make sure only admins or collection creators can toggle the all access setting 2025-11-05 15:51:19 +01:00
Jorge Manrubia 03a345609e Baseline replacing collection with board across code 2025-11-05 13:31:54 +01:00
Stanko K.R. fd7a9330e8 Remove email_address & password_digest from User 2025-11-04 07:20:16 +01:00
Mike Dalessio 18f70c3312 Do not bundle notifications for inactive users
https://app.box-car.com/5986089/cards/2671
2025-10-31 14:51:09 -04:00
Stanko Krtalić 98755844a1 Remove the internal API
* Bind sessions to identities
* Remove references to the identity token
* Move email changes to identity
* Move account menu into a turbo-frame
* Create tenants from a tenanted route
2025-10-31 16:26:08 +01:00
Stanko K.R. 201c3e27d3 Update tests for the Internal API 2025-10-31 16:26:08 +01:00
Stanko K.R. 79b012f319 Add Join Codes 2025-10-31 16:24:30 +01:00
Stanko K.R. 5cef4ffeb0 Add sign in flow using magic links 2025-10-31 16:22:12 +01:00
Jorge Manrubia aa1ffb3357 Remove AI summaries and semantic searches
We were not using either. We can restore if we revisit.
2025-10-29 11:55:32 +01:00
Jorge Manrubia cc84904d20 Fix time-dependent test 2025-10-28 16:26:03 +01:00
Jorge Manrubia 392bdae316 Rename highlights -> summary 2025-10-25 20:06:57 +02:00
Mike Dalessio 3399e45130 Introduce an "Identity" model to ease login
- New untenanted Identity and Membership models
- New `identity_token` cookie with path "/" holds state across tenants

We're not sure whether the untenanted database will be sqlite or
MySQL, and so I've been careful to minimize

- database reads, placing them behind etags and caching
- database writes, only writing when a new Session is created (login)

Note that we track two things in the identity_token cookie: a signed
id, and the updated_at for the underlying Identity object. This allows
us to effectively cache on the Identity without having to hit the
database, by using an Identity::Mock object that is compatible with
etag and cache methods.

The new integration test shows the desired user-facing behavior, which
is to make it easy to login without a tenanted URL and to jump between
tenants.

- the untenanted "login_help" page shows all linked memberships
- the jump menu shows all linked memberships (except the current)

Also introduced a utility script to populate existing employee
Identities, grouping accounts by email address.
2025-10-10 10:12:25 -04:00
Jorge Manrubia 69be750eb9 Remove vcr record 2025-10-06 15:20:46 +02:00
Jorge Manrubia 969d971616 Use a more consistent approach to highligts dates 2025-10-06 15:17:28 +02:00
Mike Dalessio c1a66e5ecb test: Make sure tests pass on the weekend 2025-10-04 14:37:06 -04:00
Mike Dalessio 320558919c Rename LOCAL_AUTHENTICATION to OSS_CONFIG 2025-10-02 16:44:24 -04:00
Jorge Manrubia bfe0f5a68b Fix: missing highlights due to not interpreting timezones right 2025-09-23 13:38:25 +02:00
Jorge Manrubia 90617e8e3d Rename redundant name 2025-09-17 13:57:07 +02:00
Jorge Manrubia f1d76a7cb7 Exclude inactive users
The system user should never be a subsriber but we should not serve it if it is
2025-09-17 13:26:53 +02:00
Jorge Manrubia a6eb928688 Fix: update ends_at when flushing bundles
If not, it can happen that the bundlers remains in a delivered state
even when it is not covering its window anymore because it has been delivered.
2025-09-16 12:10:06 +02:00
Jorge Manrubia 09325403e5 Add missing test (we were only testing this logic via the bundle test) 2025-09-16 11:22:14 +02:00
Mike Dalessio 2630e4bd74 Extract 37id and QB controllers, models, and tests 2025-09-13 16:03:02 -04:00
Mike Dalessio 8f39c015ea Tests now pass with local authentication
This is the first step of a multi-step SaaS engine extraction.

Looking ahead to an open source release, we need to make sure that
local authentication is treated as an "official" option, and not just
a hack I added for Kevin to do load testing outside our DC. So this PR
gets to green, and adds a CI step in "local authentication" mode.

This all probably feels a little hacky to you, Reader, but the goal of
this change is to ease the next step, which will be extracting the
37id and Queenbee integrations into a proprietary "SaaS mode" engine.

In service of that goal, this commit simply wraps all of the dependent
code and tests with a conditional check on
`config.x.local_authentication`.
2025-09-13 15:21:00 -04:00