Commit Graph

602 Commits

Author SHA1 Message Date
Stanko K.R. 84213265e7 Render friendly error message when using an invalid token 2025-12-03 15:37:27 +01:00
Stanko K.R. 6e9381abb8 Fix crash in join code redemption race condition 2025-12-03 13:29:20 +01:00
Mike Dalessio a2e024c1b5 Disconnect action cable when user is deactivated
ref: https://app.fizzy.do/5986089/cards/2785
2025-12-02 14:26:04 -05:00
Kevin McConnell d24726c1d3 Merge pull request #1768 from basecamp/data-exports
Add "data export" feature
2025-12-02 09:56:40 +00:00
Jorge Manrubia af0113c9ee After touch should trigger board touch too
The change in https://github.com/basecamp/fizzy/commit/c606de7b41f57734c4c859c5fc3d98c952b26d58#diff-1ecde9fb1ee2494e5d94e807f51f861928f77cfcfb0884889911b62a32c2ff4cL4-R23 was preventing marking cards as golden from broadcasting
2025-12-02 05:55:49 +01:00
Kevin McConnell e16cc21b0a Add "data export" feature
- Adds a button in Account Settings where you can request a ZIP export of your
  Fizzy data
- Export files are created in the background. When ready, a link to
  download them is sent to the requester.
- Exports expire after 24 hours. And are limited to 10 per day.
2025-12-01 15:23:26 +00:00
Jorge Manrubia 7dd3497d3a Extract common setup step 2025-12-01 15:42:03 +01:00
Jorge Manrubia 29d07e7326 Fix: not detecting mentions when publishing saved drafts
The problem was that publishing a card with `#publish` was tracking the event
after updating the status, which was clearing the saved changes and preventing the
code from detecting the mention.

See:
https://app.fizzy.do/5986089/cards/2835
2025-12-01 15:39:45 +01:00
Mike Dalessio edf6b53469 Introduce an "owner" role, and prevent it from being administered
to prevent the owner from being demoted or kicked out.

ref: https://app.fizzy.do/5986089/cards/3213
2025-11-29 14:13:29 -05:00
Stanko K.R. 2311efd03e Make sign up Magic Links work across devices
Previously if someone started signing in on their phone, but finished it on their laptop, they'd end up on the menu screen with no account. Bu tracking the purpose of a Magic Link we can always direct the user to sign up if they requested a magic link through sign up. This also makes the logic for changing the copy in the email more robust.
2025-11-29 12:36:00 +01:00
Mike Dalessio 434a9671cc Ensure Account::ExternalIdSequenceTest.value is never nil
If no record exists, create it. This fixes a test in fizzy-saas in
test/models/signup_test.rb that was not actually testing with a valid
external account id.
2025-11-28 14:27:14 -05:00
Jorge Manrubia 6bfed6d048 Format 2025-11-28 15:53:58 +01:00
Jorge Manrubia 166ff83611 Rename tests 2025-11-28 15:53:58 +01:00
Jorge Manrubia 4e09352c09 Bring simple signup flow from the fizzy-saas gem
We skip the QB code and we fill external account ids automatically on creation with a sequence

See:
https://github.com/basecamp/fizzy-saas/pull/7
2025-11-28 15:53:58 +01:00
Jorge Manrubia 2061ab4ab2 Use dedicated sequence record instead of deal with issues with ids and uuids when using the previous approach 2025-11-28 15:53:58 +01:00
Jorge Manrubia 07b4c55185 Auto-increment external_account_id automatically by default to allow upcoming simple signups 2025-11-28 15:53:58 +01:00
Mike Dalessio 3f8d10d679 Merge pull request #1747 from basecamp/flavorjones/perf-20251127
Address some N+1 query situations
2025-11-27 12:46:56 -05:00
Stanko K.R. e3d91f4ba2 Fix join codes skipping user setup
If someone joined an account with the same identity as they were signed in with the old logic would skip the user setup step
2025-11-27 17:59:17 +01:00
Mike Dalessio 79c9ea2ce1 Remove a bunch of N+1s
related to notification and comment rendering
2025-11-27 11:08:45 -05:00
Mike Dalessio 7f46063c25 Introduce gitleaks to the codebase
- `bin/setup` installs gitleaks
- add `gitleaks dir` command to CI
- configure gitleaks to ignore tmp, log, and encrypted files
- tag existing false positives with `gitleaks:allow`
- add historical false positives to the ignore list
2025-11-26 15:46:47 -05:00
Donal McBreen c4498212dc Merge branch 'main' into sqlite
* main: (116 commits)
  Ensure avatar thumbnails are square
  Update useragent to recognize twitterbot/facebot
  Add defensive styles for non-square avatar images
  Update test for copy changes
  Missed commit
  AI: standardize on https://agents.md
  Make it clear this is just notifications, not comprehensive activity
  AI: configure MCP servers for Chrome, Grafana, and Sentry (#1727)
  Allow requests from Google Image Proxy
  Update to basecamp's useragent fork
  Clean up a little bit the CSRF reporting code
  Claude: production observability guidance (#1725)
  Prevent autoscroll to the root columns container to prevent jump on page load
  Include full name string so you can type your name to filter
  Prioritize current user and assigned users in assignment dropdown
  Check and report on Sec-Fetch-Site header for forgery protection
  bundle update
  Bump bootsnap from 1.18.6 to 1.19.0
  Bump rails from `077c3ad` to `17f6e00`
  Fix cards getting stuck in edit mode
  ...
2025-11-26 10:07:41 +00:00
Donal McBreen 9c86205510 Enforce SQLite column limits via CHECK constraints
Patch the sqlite adapter to add CHECK constraints for string and text
column limits. We'll do them inline, so that any column changes
automatically update the constraints.
2025-11-26 09:50:29 +00:00
Jason Zimdars 88765f5244 Update test for copy changes 2025-11-25 16:10:34 -06:00
Donal McBreen 97bcdf1853 Enforce column limits via concern
SQLite columns lengths are purely informational, so we'll enforce the
limits via a concern that checks the lengths from the schema.
2025-11-25 15:32:34 +00:00
Stanko K.R. f64a49dcc0 Determine staff members based on flag
This replaces the old system based on email addresses, the aim is to make it more generic and thus appropriate for OSS/self-hosting

See: https://3.basecamp.com/2914079/buckets/37331921/todos/9302705265#__recording_9320051455
2025-11-25 14:09:31 +01:00
Donal McBreen b571303385 Don't use Current.account for search records
It doesn't actually work, and even if we could make it work reliably
we are better off if the records always know to go to the right shard.

It does make the interface a bit more complicated as we need to select
the right shard class with `for(account_id)`.
2025-11-25 11:34:41 +00:00
Mike Dalessio e0aa1d257e Drop User.system and replace with Account#system_user 2025-11-24 13:23:57 -05:00
Mike Dalessio db51b616bb Handle notifs created before the current bundle starts_at 2025-11-22 22:38:23 -05:00
Mike Dalessio a29dd89683 Make sure Bundle#ends_at is set before validation
otherwise we risk creating overlapping bundles and not catching it.
2025-11-22 22:19:05 -05:00
Donal McBreen 525e53a2f7 Add FTS ActiveRecord model
Needs some special handling for the FTS virtual table format. Set the
primary key to rowid and manually specify the columns.
2025-11-21 15:21:11 +00:00
Donal McBreen 04c9d9268b Remove wrapper methods and kwargs 2025-11-21 14:53:17 +00:00
Donal McBreen 01d16f96d4 Remove Search::Record.for_account
Instead we'll compute the table name dynamically based on
Current.account where needed. Also we'll prevent searchable records
from being saved if Current.account is not set, otherwise the after
commit callbacks will fail.
2025-11-21 12:09:21 +00:00
Mike Dalessio 1bbb6d0c03 Fix race condition in Card::ActivitySpike::DetectionJob
The check-then-act pattern in `register_activity_spike` has been
replaced with `find_or_create_by!` to eliminate the race condition
that could lead to creating multiple activity spikes for a card. To
support this change, the `card_id` index on `cards_activity_spikes`
has been made unique.

ref: https://app.fizzy.do/5986089/cards/3063
2025-11-20 15:40:42 -05:00
Mike Dalessio 88750a3498 Prefer Time.current to Time.now 2025-11-20 09:13:17 -05:00
Mike Dalessio 378705a30d Deduplicate filter results
when both a card and that card's comments match the search term, we
don't want to show it multiple times.

ref: https://app.fizzy.do/5986089/cards/3030
2025-11-19 17:51:38 -05:00
Mike Dalessio a5f5b592c2 test: remove redundant session setup 2025-11-19 17:43:40 -05:00
Mike Dalessio dbbee2c661 Stalled cards are unstalled by anything that touches updated_at
ref: https://app.fizzy.do/5986089/cards/2492
2025-11-18 17:46:56 -05:00
Mike Dalessio 97a6916ae1 Update a card's created_at when it is published
ref: https://app.fizzy.do/5986089/cards/2854
2025-11-17 17:39:25 -05:00
Stanko K.R. 3b56b3f970 Fix failing test due to duplicate user 2025-11-17 09:12:41 -05:00
Mike Dalessio 73812817e9 Improve card entropic test 2025-11-17 09:12:41 -05:00
Mike Dalessio 4976e4a7bb Update Card::Entropic so its scopes work cross-accounts
with an eye towards making the postpone_all_due recurring job work efficiently.
2025-11-17 09:12:41 -05:00
Mike Dalessio e3d86bb21e Clean up some spots where "current account" is ambiguous
Primarily this is in tests (which were caught by temporarily
introducing acts_as_tenant and enabling safety checks), but notably
action cable connections were not working properly, and that's now
fixed.
2025-11-17 09:12:41 -05:00
Stanko K.R. 01367c097f Fix skipped tests 2025-11-17 09:12:41 -05:00
Stanko K.R. e0693de7c3 Scope jobs and controllers by account 2025-11-17 09:12:41 -05:00
Donal McBreen 28efe28f24 Replace Search::Index with Search::Records
Lean on ActiveRecord models for searching and strip out the raw SQL.
Replaces the search_index_* tables with sharded search_records_* tables
as that allows us to use a Search::Record model name.

A Class is dynamically created for each record table shard so that we
and we can access it via the Search::Record.for_account(account_id)
method.
2025-11-17 09:12:40 -05:00
Stanko K.R. 56c41d45eb Reinstate email changes 2025-11-17 09:12:40 -05:00
Kevin McConnell 59dd8ca549 Make IDs more time-sortable in tests
In order for model ordering to work as expected in tests, we need to
keep two properties:

- Fixtures are all created in the past
- Models sort in the order that they were created

This allows us to do things like this:

    post cards_path, params: { ... }
    created_card = Card.last

When using UUIDv7 PKs rather than sequential integers, we have to make
sure a couple of things happen in order for this still to be true:

- Fixtures should generate deterministic IDs that translate to UUIDs
  that would have been created in the past (i.e. before today)
- Newly created objects must have enough precision in their timestamps
  so that they sort in the order they were created, and their random
  component doesn't come into play.

To solve this, we use the deterministic numeric ID as a number of
milliseconds after an early year. And we ensure that the new timestamps
we create have sub-millisecond precision.
2025-11-17 09:12:40 -05:00
Stanko K.R. 34d83aaa7c Fix tests after the removal of memberships 2025-11-17 09:12:40 -05:00
Mike Dalessio 6df681991f rubocop: fix style warnings 2025-11-17 09:12:36 -05:00
Donal McBreen 0e3084f9d3 Fix up join code fixtures and tests 2025-11-17 09:12:36 -05:00