Commit Graph

206 Commits

Author SHA1 Message Date
Denis Švara 3f44ff286e Add apple-app-site-association file to support associated domains. 2026-02-03 12:48:30 +01:00
Andy Smith 4f2cb01143 Polish up notification settings to match 2026-02-02 12:36:48 +01:00
Mike Dalessio 89d2f2d0fc saas: Add bearer token authentication for audit console
- Rename SaasAdminController to Admin::AuditController
- Override require_authentication to support bearer tokens alongside
  session auth, allowing API access to audit console
- Add migration for audits1984_auditor_tokens table
- Add controller tests for authentication scenarios including staff
  validation on token-based access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-28 14:13:54 -05:00
Mike Dalessio 3b13c8573e saas: Backfill tests for admin audit endpoints 2026-01-28 12:55:28 -05:00
Mike Dalessio dbcf54de91 saas: Set lifetime of console1984 sessions to 60 days 2026-01-28 12:55:28 -05:00
Jay Ohms 28fc7148da Fix indentation 2026-01-28 08:51:51 -05:00
Jay Ohms 3fdb79a5a4 Add the Android debug fingerprint for verified app links 2026-01-28 08:48:31 -05:00
Kevin McConnell a293151220 Add middleware to serve SaaS engine's public files 2026-01-28 12:17:22 +00:00
Jay Ohms 345fd8cdbb Add the public Digital Asset Links file to verify app links on Android 2026-01-28 06:26:33 -05:00
Jeremy Daer f2ff5af4f5 Sync email to Stripe when user changes email address (#2432)
* Sync owner email to Stripe when changed

When an account owner changes their email address, update the
corresponding Stripe customer record via a background job.

Also handles ownership transfers: when a user becomes the account
owner, their email is synced to Stripe.

Responsibility chain:
- User::NotifiesAccountOfEmailChange triggers on owner identity change
  or when a user becomes owner
- Account::Billing#owner_email_changed enqueues sync job
- Account::SyncStripeCustomerEmailJob performs the update with
  polynomial backoff retries
- Account::Subscription#sync_customer_email_to_stripe calls Stripe API

* Address PR feedback: error handling and test coverage

- Handle Stripe::InvalidRequestError in sync_customer_email_to_stripe
  (mirrors cancel method behavior for deleted customers)
- Add test for deactivated owner (owner with nil identity)
- Add test for deleted Stripe customer scenario
2026-01-25 14:20:39 -08:00
Stanko K.R. 2fa3056e14 Show only active subscriptions 2026-01-15 08:00:19 +01:00
Mike Dalessio 5615b9f6f5 Add paid accounts stats to admin dashboard
Shows total, 7-day, and 24-hour counts of paid accounts based on
subscription created_at. Excludes comped accounts and avoids
double-counting accounts with multiple subscriptions.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-14 16:45:43 -05:00
Stanko Krtalić ceff6ea4df Merge pull request #2344 from secretpray/fix/deprecation-warnings-only
Fix deprecation warnings for skip_before_action :verify_authenticity_token
2026-01-13 08:59:15 +01:00
Andy Smith 6192fc5be8 Merge pull request #2347 from basecamp/andy-12-jan
Andy 12 jan
2026-01-12 13:56:08 -06:00
Rosa Gutierrez 025d70dd13 Use separate cache namespaces for each beta instance
Otherwise we end up with views including URLs from all the betas,
leading to some confusion and problems with the CSP.
2026-01-12 20:28:18 +01:00
Andy Smith af3fa177aa Phrasing tweak for exceeding storage limit 2026-01-12 13:07:34 -06:00
Andy Smith 99e89606b4 Keep strong tags words on same line 2026-01-12 13:06:30 -06:00
secretpray 6895135977 Fix deprecation warnings for skip_before_action :verify_authenticity_token
Replace deprecated `skip_before_action :verify_authenticity_token` with
`skip_forgery_protection` to resolve Rails deprecation warnings.

Changes:
- app/controllers/notifications/unsubscribes_controller.rb
- saas/app/controllers/stripe/webhooks_controller.rb
2026-01-12 18:44:35 +02:00
Stanko Krtalić eceb6c9b43 Add self-service account deletion (#2246)
* Add self-service account deletion

* Disable access to cancelled accounts & implement Stripe interactions

* Add tests

* Fix failing tests

* Remove cancelled accounts from lists

* Fix incorrect redirect

* Use _path instead of _url for consistency

* Don't track how far the inicieration job got

We still want the step tracking so that the job can be interrupted. But, since the scope is idempotent, we don't need to track how far it got.

* Specify the exact time when the data will be deleted

* Fix crash due to unadvancable cursor

* Rename up_for_incineration to due_for_incineration

* Regenrate the schema

* Fix incorrect path check

* Migrate the SQLite schema

* Only show the cancel button on cancellable accounts

* Check that a subscirption method exists before calling it

* Ignore job failures due to missing records when an account gets deleted

* Skip sending notifications on cancelled accounts

* Use collbacks to integrate

* Add a blank line between queue_as and discard_on

* Break checks into methods

* Inline methods

* Rename Account::IncinerateJob

* Run migrations

* Migrate SQLite
2026-01-12 14:21:05 +01:00
Jorge Manrubia f58a1aeb31 Use a dedicated resource for showing cards in draft mode
Mobile team needs this. Also, this lets us get rid from some conditionals for handling
both modes with a single template.

https://3.basecamp.com/2914079/buckets/44843469/messages/9437287330
2026-01-08 10:40:21 +01:00
Mike Dalessio a7c9b7479c saas: move log_level setting into an environment variable 2026-01-07 11:24:22 -05:00
Jeremy Daer 0634ddaebd Fix 1Password account ID (was user UUID) (#2278) 2025-12-31 13:58:01 -08:00
Jeremy Daer cda4f93e4a Switch 1Password account to 37signals.1password.com (#2276) 2025-12-31 10:15:39 -08:00
Andy Smith 4ca13516be Add padding to upgrade message on larger screens 2025-12-29 13:54:43 -06:00
Jason Zimdars d977d51501 This link is reduntant if you're over the limits
No need to show this link and the big upgrade button. The subtle footer
link is for people who *want* to ugprade but don't *need* to.
2025-12-23 12:30:37 -06:00
Jason Zimdars 2f9d6bf7cd Add obvious upgrade button when you're out of storage 2025-12-23 12:28:15 -06:00
Jason Zimdars 0875d7369c Merge pull request #2241 from basecamp/improve-account-admin
Internaly only view
2025-12-23 12:21:19 -06:00
Andy Smith fdcdd5b542 Merge pull request #2214 from basecamp/billing-decimals
Ensure 2 decimal precision when dealing with currency decimals
2025-12-23 12:18:19 -06:00
Jason Zimdars 472b1a1cad Internaly only view
Adds plan name and indicates when overrides exceed limits; cleans up UI
at bit
2025-12-23 12:02:18 -06:00
Andy Smith 64970feb24 Better name for helper method 2025-12-23 10:53:00 -06:00
Fernando Álvarez 037559fb25 Set beta site automatically in deployment 2025-12-23 12:27:03 +01:00
Fernando Álvarez 78d3a72cc4 Update script to configure betas load balancers 2025-12-23 12:27:03 +01:00
Fernando Álvarez dbb8113080 Extend the number of Beta environments 2025-12-23 12:27:03 +01:00
Fernando Álvarez 43dd149ff2 Cleanup beta deployment
Current beta runs in Chicago only.
2025-12-23 10:17:30 +01:00
Andy Smith 1f16936b2e Move currency helper to existing subscriptions helpers file 2025-12-19 15:47:04 -06:00
Andy Smith 43b67e92ad Ensure 2 decimal precision when dealing with currency decimals 2025-12-19 15:43:49 -06:00
Jorge Manrubia 766cde4775 Tidy up test 2025-12-19 15:15:00 +01:00
Mike Dalessio 28250b340c Move the :fatal log setting into the SaaS config
This should only be set if the app is using the
rails-structured-logging gem, which means it should only be set in the
SAAS config. I think this is just something we missed in one of the
decoupling exercises we did.
2025-12-19 09:09:40 -05:00
Jorge Manrubia 5ab6b1299e Restoring kamal secrets we lost when moving back to Fizzy 2025-12-19 10:49:16 +01:00
Jason Zimdars dd59771c94 Use current plan because you might be on the extra storage plan 2025-12-18 07:25:20 -06:00
Jorge Manrubia b44b7ba992 Add method to locate plans by the stripe price id 2025-12-18 10:05:13 +01:00
Jorge Manrubia d9ce1577c0 Fix upgrade/downgrade buttons
- Remove old buttons I had added before the UI work.
- Fix: make new upgrade button use the dedicated action.
- Add symmetric downgrade button.
2025-12-18 10:05:13 +01:00
Jorge Manrubia 7bf701095c Fix tests after the UI/copy changes 2025-12-18 10:05:13 +01:00
Jorge Manrubia 0f9d1df31b Format 2025-12-18 10:05:13 +01:00
Jason Zimdars 8bb59f507b Cherry-pick changes in b87ae1494a 2025-12-18 10:05:13 +01:00
Jason Zimdars d8b3485812 Copy edits for limit notices 2025-12-18 10:04:15 +01:00
Jason Zimdars b1a65bd698 Consistency 2025-12-18 10:04:15 +01:00
Jason Zimdars cfd2033d15 Design paid plan screen 2025-12-18 10:04:15 +01:00
Jason Zimdars 95bfc40392 Tweak plan name 2025-12-18 10:04:15 +01:00
Jason Zimdars 5f4330cbcc Update free plan partial to include storage limits 2025-12-18 10:04:15 +01:00