Commit Graph

41 Commits

Author SHA1 Message Date
Jorge Manrubia 0be8041953 Revert "Add 1GB storage cap with self-host notice" 2026-03-17 17:51:07 +01:00
Jorge Manrubia a761d809ae Add 1GB storage limit with self-host notice for SaaS
Limit free storage to 1GB on the SaaS version. When exceeded, card
publishing, comment creation, and JSON card creation are blocked,
and the card footer shows a "self-host Fizzy for unlimited storage"
notice instead of the create buttons. A nearing-limit warning
appears when usage exceeds 500MB.

Uses the same SaaS engine patterns as the removed billing system:
model concern on Account, controller concerns included via
config.to_prepare, view partials in saas/ with Fizzy.saas? guards
in the main app.
2026-03-17 12:21:32 +01:00
Jorge Manrubia 964915bc66 Remove payment/subscription system and card/storage limits
Fizzy is now free. Remove the entire Stripe billing system,
subscription management, and card/storage limit enforcement.

Removes from saas/: Plan model, Account::Billing, Account::Subscription,
Account::Limited, Account::OverriddenLimits, Account::BillingWaiver,
all subscription/billing controllers and views, Stripe webhook handler,
card creation/publishing limit enforcement, admin account override UI,
usage report rake task, and all related tests.

Removes from main app: Fizzy.saas? guards for subscription panel,
SaaS card footer override, near-limit notices, and saas.css stylesheet.

Adds migration to drop billing tables from the SaaS database.

Non-billing SaaS features (push notifications, signup, authorization,
telemetry, console1984/audits1984) are preserved.
2026-03-17 09:22:04 +01:00
Mike Dalessio ab5283441d SaaS usage reporting (#2690)
* Add saas:usage_report rake task and extract Subscription.paid scope

Add a rake task to generate a CSV usage report with per-account data:
Queenbee ID, sign up date, paid date, card count, storage used, and
last active date.

Extract the paid subscriptions query from Admin::StatsController into
an Account::Subscription.paid scope so both the controller and the
new rake task can share it.

* Add comped and account name columns to usage report

* Update saas/lib/tasks/fizzy/usage_report.rake

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Preload storage_total to avoid N+1 in usage report

* Batch last_active_at queries to avoid per-account aggregates

* Add tests for Account::Subscription.paid scope

* Update saas/app/models/account/subscription.rb

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Aggregate paid dates in SQL instead of loading all subscriptions

* Fix paid scope to derive plan keys from Plan.all instead of PLANS hash

* Move paid dates and comped lookups into per-batch queries

* Materialize batch IDs to avoid cross-database subquery

SaasRecord models live on a separate database (fizzy_saas) that doesn't
have the accounts table. Using batch.select(:id) generated a subquery
that ran on the saas database, causing a table-not-found error. Using
pluck(:id) materializes the IDs into an array instead.

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-11 10:11:13 -04:00
Rosa Gutierrez 53df0e405b Move devices endpoint from /devices to /my/devices
Keep legacy /devices routes for backwards compatibility with mobile
apps not yet updated.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 16:30:41 +01:00
Adrien Maston 0fc2ea4af0 Use public layout 2026-02-26 17:15:02 +01:00
Rosa Gutierrez 1b53396050 Make devices controller untenanted with engine routes
- Add disallow_account_scope to skip tenant requirement
- Move routes to saas/config/routes.rb (engine routes)
- Use saas.devices_path/saas.device_path for engine route helpers
- Update tests to work without tenant context

Devices belong to Identity (global), not Account, so they don't
need tenant context in the URL.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-25 19:31:13 +01:00
Rosa Gutierrez ab6bc256eb Link devices to sessions for automatic cleanup on logout
When a session is destroyed (user logs out), all devices registered
to that session are automatically destroyed, preventing push
notifications from being sent to logged-out devices.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-25 19:31:13 +01:00
Rosa Gutierrez 555132bbef Change device ownership from User to Identity
Devices now belong to Identity instead of User, allowing a single
device registration to work across all accounts an identity has
access to.

- Move User::Devices to Identity::Devices
- Update DevicesController to use Current.identity
- Update NotificationPusher::Native to use user.identity.devices
- Clean up tests to use @identity directly

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Fix reference to `user.devices`, left-over from the identity switch
2026-02-25 19:31:13 +01:00
Rosa Gutierrez d3cc79a5bc Simplify device routes and use ActiveRecord validations
- Use RESTful DELETE /devices/:id where :id can be token or database ID
- Remove redundant unregister collection route
- Remove old Users::DevicesController
- Return 404 when device not found instead of silently succeeding
- Return 422 for invalid platform via ActiveRecord validation
- Update action_push_native to main branch (includes validate: true on enum)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-25 19:31:13 +01:00
Rosa Gutierrez 9d32f3e845 Refactor devices controller and extract registration to model
- Remove Users namespace from DevicesController (now just DevicesController)
- Create ApplicationPushDevice model extending ActionPushNative::Device
- Move device registration logic (find_or_initialize + update) to model
- Update User::Devices concern to use ApplicationPushDevice
- Fix push notification tests (endpoint validation, job count expectations)
- Update push_config_test to use ActionPushNative.config

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-25 19:31:13 +01:00
Fernando Olivares 29d3960a3c Remove UUID requirement from push notification device registration
- Remove UUID column from devices table entirely
- Update unique index from (owner, uuid) to (owner, token)
- Simplify create action to just create device records
- Add token-based unregister route for API clients
- Consolidate error handling with rescue_from
- Update fixtures to remove uuid references

Devices are now identified by (owner, token) instead of UUID.
This simplifies the client-side registration flow.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-25 19:31:13 +01:00
Fernando Olivares 55336873b2 Fix database issues and add APNS configuration
- Fix owner_id type to UUID in devices migration
- Fix NOT NULL crash in device registration
- Add APNS config and 1Password integration
- Add --apns flag to bin/dev for local development
- Clean up devices controller
2026-02-25 19:31:13 +01:00
Fernando Olivares 3c54cd84fc Add native push notification infrastructure
- Add action_push_native gem and SaaS configuration
- Add device registration API and UI
- Add User::Devices concern
- Add NotificationPusher::Native for push delivery
- Add tests and fixtures for native push
2026-02-25 19:31:13 +01:00
Mike Dalessio 89d2f2d0fc saas: Add bearer token authentication for audit console
- Rename SaasAdminController to Admin::AuditController
- Override require_authentication to support bearer tokens alongside
  session auth, allowing API access to audit console
- Add migration for audits1984_auditor_tokens table
- Add controller tests for authentication scenarios including staff
  validation on token-based access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-28 14:13:54 -05:00
Stanko K.R. 2fa3056e14 Show only active subscriptions 2026-01-15 08:00:19 +01:00
Mike Dalessio 5615b9f6f5 Add paid accounts stats to admin dashboard
Shows total, 7-day, and 24-hour counts of paid accounts based on
subscription created_at. Excludes comped accounts and avoids
double-counting accounts with multiple subscriptions.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-14 16:45:43 -05:00
secretpray 6895135977 Fix deprecation warnings for skip_before_action :verify_authenticity_token
Replace deprecated `skip_before_action :verify_authenticity_token` with
`skip_forgery_protection` to resolve Rails deprecation warnings.

Changes:
- app/controllers/notifications/unsubscribes_controller.rb
- saas/app/controllers/stripe/webhooks_controller.rb
2026-01-12 18:44:35 +02:00
Jorge Manrubia b44b7ba992 Add method to locate plans by the stripe price id 2025-12-18 10:05:13 +01:00
Jorge Manrubia 4e6274d59a Consider storage when preventing backend card creation and publishing too 2025-12-18 10:04:15 +01:00
Jorge Manrubia 68cec74436 Extract parent class, validate plans can be downgraded/upgraded 2025-12-18 10:04:15 +01:00
Jorge Manrubia c56dbb5f1e Add upgrade/downgrade options 2025-12-18 10:04:15 +01:00
Jorge Manrubia 823cf9fbb9 Add some methods to deal with storage limits 2025-12-18 10:04:15 +01:00
Jorge Manrubia 8205823588 Add button to buy extra-storage subscriptions 2025-12-18 10:04:15 +01:00
Jorge Manrubia 3c197debd2 Format 2025-12-16 12:00:46 +01:00
Jorge Manrubia 8d11c62b7c Rename to stripe_session to avoid confusions 2025-12-16 12:00:23 +01:00
Jorge Manrubia 20b5e57dd3 Prefer if/else over early return 2025-12-16 12:00:23 +01:00
Jorge Manrubia 973b4e4aed Rename param to remove redundant bit
Co-authored-by: Matt Almeida <matt7@hey.com>
2025-12-16 12:00:23 +01:00
Jorge Manrubia c0050415f5 This is needed for vat id collection 2025-12-16 12:00:23 +01:00
Jorge Manrubia f68aa0d947 Enable tax id collection 2025-12-16 12:00:23 +01:00
Jorge Manrubia 3395b8d6ed Grab and show the next amount to pay from Stripe 2025-12-16 12:00:23 +01:00
Jorge Manrubia 8dd31e3635 Add system to comp accounts 2025-12-16 12:00:23 +01:00
Jorge Manrubia 3ef5e4eeef Add record to track overridden limits
Before, we were relying on just changing the cards_count in account, but this
could create problems where the system to calculate the next card number fails due
to the unique constraint.
2025-12-16 12:00:23 +01:00
Jorge Manrubia 725e850802 Enable automatic taxes and calculate based on mandatory billing address
https://app.fizzy.do/5986089/cards/3465
2025-12-16 12:00:23 +01:00
Jorge Manrubia c8330a7be8 Don't prevent creating drafts, or you won't get to see the upgrade banner
Instead:

- Always let you create drafts when pressing "Add card"
- Prevent creations of published cards via API
- Prevent publication of cards in all cases when the limit is exceeded
2025-12-16 12:00:23 +01:00
Jorge Manrubia 5be4dca80e Refresh the subscription instead of relying on event payloads
Events can land out of order. See https://github.com/basecamp/fizzy-saas/pull/23#discussion_r2609909558
2025-12-16 12:00:23 +01:00
Jorge Manrubia 984a5dd4ce Add Stripe-based billing system
🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Jason Zimdars <jz@37signals.com>
2025-12-16 12:00:23 +01:00
Mike Dalessio 8f73e1e1be Add console1984 and audits1984
To keep as much of this as we can in the `fizzy-saas` gem, this PR
opts to store console/audits models in a separate database, and so:

- the gem contains the migrations and the database config
- the app contains a separate schema file distinctly for SaaS concerns
  - Rails' current behavior prevents us from easily keeping this file in the gem

Also note that the stock `audits1984` schema is updated to reference
the auditor via a UUID foreign key.

Finally, in order for the database schema file to be located in the
gem directory (and not the application directory), it's necessary to
monkeypatch `AR::DatabaseTasks.schema_dump_path` to support absolute
paths. This functionality has been proposed upstream in
https://github.com/rails/rails/pull/56290 but is awaiting a decision
from the core team.

ref: https://app.fizzy.do/5986089/cards/2469
ref: #17
2025-12-04 11:43:48 -05:00
Jorge Manrubia 3d849a202a Move signup code back to the app, leave only queenbee hooks 2025-11-27 12:52:12 +01:00
Jorge Manrubia 2232caf778 Remove empty dir 2025-11-24 15:17:39 +01:00
Jorge Manrubia db57a7ba0f Initial commit: Move fizzy-saas to separate repository 2025-11-23 06:04:20 +01:00