Commit Graph

63 Commits

Author SHA1 Message Date
Kevin McConnell dece2d08d1 Update namespacing & naming 2025-12-11 11:21:09 +00:00
Adam Haris f76309d116 Merge branch 'main' into single_tenant 2025-12-11 06:08:01 +01:00
Jeremy Daer 761d0b4a76 Speedy, auditable, deadlock-resistant storage tracking (#2026)
An append-only storage ledger replaces deadlock-prone synchronous
counter updates and drift-prone async updates.

All content storage (card images, card/comment/board description embeds)
is tracked. Account exports (which expire) and avatars are not tracked.

Storage is accounted for by Account and Board. Both consume the same
event stream independently: no bubble-up storage bumps triggering
deadlocks due to lock sequencing. Each calculates its own total from
the underlying ledger with independent cursors and materialization.

* Storage::Entry: Append-only ledger recording attach/detach/transfer
  events with delta bytes. Single event stream indexed for both
  Account and Board cursor queries.

* Storage::Total: Polymorphic snapshot cache with cursor (last_entry_id)
  tracking which entries have been materialized.

* Storage::Totaled concern: Provides bytes_used (fast snapshot) and
  bytes_used_exact (snapshot + pending) query modes, plus
  materialize_storage! to roll up pending entries.

* Storage::Tracked concern: For models owning attachments (Card,
  Comment, Board). Provides board_for_storage_tracking for models
  where board is determined differently (Board returns self).
  Handles board transfers by recording transfer_out/transfer_in entries.

* Storage::AttachmentTracking: Hooks ActiveStorage::Attachment lifecycle
  to record attach/detach entries. Handles ActionText::RichText embeds
  by traversing to the actual model. Snapshots context in before_destroy
  to handle cascading deletes where parent record may be gone by
  after_destroy_commit.

* MaterializeJob: Rolls up pending entries into snapshot. Concurrency
  limited per owner to prevent duplicate work.

* ReconcileJob: On-demand reconciliation against actual attachment
  storage for support/debugging. Compares ledger total to real bytes
  from card images, card embeds, comment embeds, and board embeds.

Usage:
* account.bytes_used / board.bytes_used: fast, slightly stale bytesize
* account.bytes_used_exact / board.bytes_used_exact: real-time bytesize
* Storage::Entry: audit trail for debugging and point-in-time queries
2025-12-10 16:04:30 -08:00
Adam Haris eb8655dc8e refactor: use MULTI_TENANT env variable, model concern instead of controller (#accepting_signups?) 2025-12-10 15:14:22 +01:00
Jeremy Daer bec46e15a9 Drop defunct Account upload attachments (#2030)
Controller and routes removed in 6a62df470c
2025-12-09 00:36:39 -08:00
Mike Dalessio 4602cd3cdd Add verified_at timestamp to use for spam prevention
User are marked as verified after a join code is redeemed. The user is
redirected to Users::VerificationsController, either:

- after submitting a valid magic link code,
- or immediately after redeeming the join code (if they're already
  authenticated with the correct identity)

Account owners are automatically verified when the account is
created (because they have already provided a magic link code at that
point).

This sets up for later commits that will backfill existing users and
require verification before sending notification emails.

Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-05 21:51:44 -05:00
Matheus Richard 7e95322776 Prefer find_by! over where + first! 2025-12-03 11:20:02 -03:00
Dave Kimura 2f740c81c0 (account): encode external_account_id in slug
- Use `AccountSlug.encode` to generate slug instead of raw ID
  - Fixes where slug is /1 and will be in the proper format of /0000001
2025-12-02 16:07:04 -05:00
Kevin McConnell e16cc21b0a Add "data export" feature
- Adds a button in Account Settings where you can request a ZIP export of your
  Fizzy data
- Export files are created in the background. When ready, a link to
  download them is sent to the requester.
- Exports expire after 24 hours. And are limited to 10 per day.
2025-12-01 15:23:26 +00:00
Mike Dalessio edf6b53469 Introduce an "owner" role, and prevent it from being administered
to prevent the owner from being demoted or kicked out.

ref: https://app.fizzy.do/5986089/cards/3213
2025-11-29 14:13:29 -05:00
Jorge Manrubia 2061ab4ab2 Use dedicated sequence record instead of deal with issues with ids and uuids when using the previous approach 2025-11-28 15:53:58 +01:00
Jorge Manrubia 07b4c55185 Auto-increment external_account_id automatically by default to allow upcoming simple signups 2025-11-28 15:53:58 +01:00
Mike Dalessio e0aa1d257e Drop User.system and replace with Account#system_user 2025-11-24 13:23:57 -05:00
Stanko K.R. 15eeba82f5 Scope model methods by account 2025-11-17 09:12:41 -05:00
Stanko K.R. e0693de7c3 Scope jobs and controllers by account 2025-11-17 09:12:41 -05:00
Mike Dalessio fe6df7085f Finish the rollout of account_id to all core data models
Schema:
- add account_id to tables it was missing from
- make account_id a required column everywhere
- add [account_id] indexes, or add `account_id` to existing indices

Models:
- add `belongs_to :account` to all models (default to using a domain
  model's account whenever possible)
- add account_id in all the necessary fixtures
- add account_id to insert_all hashes
- pass account_id to a few initialize calls

Miscellaneous:
- update the import script to set account_id

Note that I'm not adding account_id to the join tables primarily
because I couldn't think of an easy way to populate it without making
it a full Join model, and that was more work than I have time to take
on right now.
2025-11-17 09:12:40 -05:00
Donal McBreen fc56ad9d7c Combine uuid-old and uuid branch changes
- Switch to binary 16 for UUID keys
- Remove AccountScopedRecord base class, all model use binary uuids now
- Fix the search sql to serialize uuids properly
- Patch the MySQL schema dumper to output binary lengths
2025-11-17 09:12:34 -05:00
Mike Dalessio e4011ef211 Update primary keys on customer data to UUIDs
- schema changes to primary and foreign keys
- fixture changes
- customer data models subclass AccountScopedRecord
- import script updated
2025-11-17 09:12:30 -05:00
Kevin McConnell ab35c730d0 Scope account.cards 2025-11-17 09:12:25 -05:00
Mike Dalessio ff8d786144 Filter boards by account 2025-11-17 09:11:57 -05:00
Mike Dalessio dbf66f9a50 Constrain user queries to the current or relevant account 2025-11-17 09:11:57 -05:00
Stanko K.R. ba3f6b188e Add account_id to everything 2025-11-17 09:11:42 -05:00
Mike Dalessio 006aa4d6b3 Tests need to set up the script_name properly
which requires tweaking fixtures for the memberships and the account
2025-11-17 09:11:42 -05:00
Jason Zimdars e1159a06aa Merge branch 'main' into seed-new-accounts 2025-11-03 17:10:09 -06:00
David Heinemeier Hansson b3474ec97d Rename Entropy::Configuration to just Entropy 2025-11-02 13:11:41 +01:00
Jorge Manrubia 4e2f56f4c0 Extract concern, add tests 2025-11-02 09:44:50 +01:00
Jorge Manrubia e726335833 WIP for seeding accounts 2025-11-02 00:05:38 +01:00
Stanko K.R. dd583206ee Allow changes to the Account name 2025-10-31 16:26:08 +01:00
Stanko K.R. 79b012f319 Add Join Codes 2025-10-31 16:24:30 +01:00
Stanko K.R. c8843360fe Clean up and simplify magic links 2025-10-31 16:23:38 +01:00
Stanko K.R. 5cef4ffeb0 Add sign in flow using magic links 2025-10-31 16:22:12 +01:00
Jorge Manrubia 2a083bd82f Fix typo 2025-10-31 11:09:41 +01:00
Jorge Manrubia 3ee4eb731a Comment 2025-10-31 11:00:19 +01:00
Jorge Manrubia 3c8c4abc17 Invalidate cards when entropy configuration changes 2025-10-31 10:40:45 +01:00
Stanko Krtalić 6efeb03252 Create system user with account (#1345)
* Create system user with account

* Update tests
2025-10-17 20:23:34 +02:00
Jason Zimdars da413e7540 Remove closure reasons 2025-10-15 16:15:56 -05:00
Mike Dalessio f26b0b7256 Rename accounts.tenant_id to external_account_id
and simplify the params to Account.create_with_admin_user
2025-10-03 17:21:01 -04:00
Mike Dalessio 8e0cb930af Delete SignalId concerns from the codebase
including Signup for now, will rebuild it with just QB
2025-10-03 14:06:51 -04:00
Mike Dalessio fcd3c178ce Account#slug uses the virtual "tenant" attribute 2025-10-02 16:44:24 -04:00
Jorge Manrubia 0b0fb57e58 Fix tests 2025-09-28 20:31:41 +02:00
Mike Dalessio d5a4239d19 Rename the queenbee_id and signal_user_id columns
to be more generic for the open-source release.

Find the signal account via Account#external_account

Find the signal user via User#external_user
2025-09-15 13:57:53 -04:00
Mike Dalessio e7dcefb25b Extract SignalUser and SignalAccount, and QB routes 2025-09-13 16:03:02 -04:00
Mike Dalessio 9bdc273c76 Prefer Account#slug to Account.script_name
Caching the script name in a class instance variable seemed like a bug
to me.
2025-08-09 14:27:41 -04:00
Jorge Manrubia 8bb7783215 Extract "prompt generation" logic to models for events, comments and cards
So that we can reuse in other scenarios
2025-07-24 16:48:03 +02:00
Mike Dalessio 73ba0c074f Introduce a Signup model and integrate with QB/37id
- Creates a Queenbee::Account
- SignalId peer classes work properly
- Set up a basic template for the account (closure reasons, workflow, collection)
- Load signal_id fixtures during `bin/setup --reset`
- Update signal_id to pull in the Fizzy product
2025-06-20 15:16:57 -04:00
Mike Dalessio 192c6036bc Account belongs to Signal::Account 2025-06-20 15:16:56 -04:00
Jorge Manrubia db86d17880 Refactor to introduce an entropy model
Instead of keeping two tracks of similar logic (auto-reconsider / auto-close).
2025-06-04 14:40:02 +02:00
Jorge Manrubia 91787a3523 Revamp entropy configuraiton
- Move both settings to its dedicated model entropy configuration
- A collection can have an entropy configuration, or will default to the account if not
2025-06-04 10:41:08 +02:00
David Heinemeier Hansson 6bbf68a4f9 The tenanted db is the account scope 2025-04-12 20:06:34 +02:00
Jorge Manrubia 723e6d94f5 Rename bubbles => cards 2025-04-09 14:50:58 +02:00