add template access

2026-06-23 04:10:11 +00:00 · 2024-12-08 01:37:20 +02:00
parent bacbc4309c
commit 1746920eb5
21 changed files with 139 additions and 17 deletions
@@ -8,6 +8,9 @@ class SubmissionsArchivedController < ApplicationController
    @submissions = @submissions.where.not(archived_at: nil)
                               .or(@submissions.where.not(templates: { archived_at: nil }))
                               .preload(:created_by_user, template: :author)
+
+    @submissions = @submissions.preload(:template_accesses) unless current_user.role.in?(%w[admin superadmin])
+
    @submissions = Submissions.search(@submissions, params[:q], search_template: true)
    @submissions = Submissions::Filter.call(@submissions, current_user, params)

@@ -10,6 +10,8 @@ class SubmissionsDashboardController < ApplicationController
                               .where(templates: { archived_at: nil })
                               .preload(:created_by_user, template: :author)

+    @submissions = @submissions.preload(:template_accesses) unless current_user.role.in?(%w[admin superadmin])
+
    @submissions = Submissions.search(@submissions, params[:q], search_template: true)
    @submissions = Submissions::Filter.call(@submissions, current_user, params)

@@ -9,7 +9,8 @@ class SubmittersAutocompleteController < ApplicationController
  def index
    submitters = search_submitters(@submitters)

-    values = submitters.limit(LIMIT).group(SELECT_COLUMNS.join(', ')).pluck(SELECT_COLUMNS.join(', '))
+    arel_columns = SELECT_COLUMNS.map { |col| Submitter.arel_table[col] }
+    values = submitters.limit(LIMIT).group(arel_columns).pluck(arel_columns)

    attrs = values.map { |row| SELECT_COLUMNS.zip(row).to_h }
    attrs = attrs.uniq { |e| e[params[:field]] } if params[:field].present?
@@ -4,7 +4,7 @@ class TemplateFoldersController < ApplicationController
  load_and_authorize_resource :template_folder

  def show
-    @templates = @template_folder.templates.active.preload(:author).order(id: :desc)
+    @templates = @template_folder.templates.active.preload(:author, :template_accesses).order(id: :desc)
    @templates = Templates.search(@templates, params[:q])

    @pagy, @templates = pagy(@templates, limit: 12)
@@ -4,7 +4,7 @@ class TemplatesArchivedController < ApplicationController
  load_and_authorize_resource :template, parent: false

  def index
-    @templates = @templates.where.not(archived_at: nil).preload(:author, :folder).order(id: :desc)
+    @templates = @templates.where.not(archived_at: nil).preload(:author, :folder, :template_accesses).order(id: :desc)
    @templates = Templates.search(@templates, params[:q])

    @pagy, @templates = pagy(@templates, limit: 12)
@@ -22,6 +22,8 @@ class TemplatesController < ApplicationController
                    submissions.order(id: :desc)
                  end

+    submissions = submissions.preload(:template_accesses) unless current_user.role.in?(%w[admin superadmin])
+
    @pagy, @submissions = pagy(submissions.preload(submitters: :start_form_submission_events))
  rescue ActiveRecord::RecordNotFound
    redirect_to root_path
@@ -45,7 +45,7 @@ class TemplatesDashboardController < ApplicationController
  end

  def filter_templates(templates)
-    rel = templates.active.preload(:author).order(id: :desc)
+    rel = templates.active.preload(:author, :template_accesses).order(id: :desc)

    if params[:q].blank?
      if Docuseal.multitenant? && !current_account.testing?
@@ -57,6 +57,8 @@ class Submission < ApplicationRecord

  has_many_attached :preview_documents

+  has_many :template_accesses, primary_key: :template_id, foreign_key: :template_id, dependent: nil, inverse_of: false
+
  has_many :template_schema_documents,
           ->(e) { where(uuid: (e.template_schema.presence || e.template.schema).pluck('attachment_uuid')) },
           through: :template, source: :documents_attachments
@@ -54,6 +54,7 @@ class Submitter < ApplicationRecord
  has_many_attached :documents
  has_many_attached :attachments
  has_many_attached :preview_documents
+  has_many :template_accesses, through: :template

  has_many :document_generation_events, dependent: :destroy
  has_many :submission_events, dependent: :destroy
@@ -62,6 +62,7 @@ class Template < ApplicationRecord

  has_many :submissions, dependent: :destroy
  has_many :template_sharings, dependent: :destroy
+  has_many :template_accesses, dependent: :destroy

  scope :active, -> { where(archived_at: nil) }
  scope :archived, -> { where.not(archived_at: nil) }
@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+# == Schema Information
+#
+# Table name: template_accesses
+#
+#  id          :bigint           not null, primary key
+#  created_at  :datetime         not null
+#  updated_at  :datetime         not null
+#  template_id :bigint           not null
+#  user_id     :bigint           not null
+#
+# Indexes
+#
+#  index_template_accesses_on_template_id_and_user_id  (template_id,user_id) UNIQUE
+#
+# Foreign Keys
+#
+#  fk_rails_...  (template_id => templates.id)
+#
+class TemplateAccess < ApplicationRecord
+  ADMIN_USER_ID = -1
+
+  belongs_to :template
+  belongs_to :user, optional: true
+end
@@ -122,7 +122,7 @@
                  <%= (@submission.template_submitters || @submission.template.submitters).find { |e| e['uuid'] == submitter&.uuid }&.dig('name') || "#{(index + 1).ordinalize} Submitter" %>
                </span>
              </div>
-              <% if signed_in? && can?(:update, submitter) && !submitter.completed_at? && !submitter.declined_at? && !@submission.archived_at? && !@submission.expired? && !submitter.start_form_submission_events.any? %>
+              <% if signed_in? && can?(:update, @submission) && !submitter.completed_at? && !submitter.declined_at? && !@submission.archived_at? && !@submission.expired? && !submitter.start_form_submission_events.any? %>
                <span class="tooltip tooltip-left" data-tip="<%= t('edit') %>">
                  <%= link_to edit_submitter_path(submitter), class: 'shrink-0 inline md:hidden md:group-hover:inline', data: { turbo_frame: 'modal' } do %>
                    <%= svg_icon('pencil', class: 'w-5 h-5') %>
@@ -174,15 +174,15 @@
                </span>
              </div>
            <% end %>
-            <% if signed_in? && submitter && submitter.email && !submitter.completed_at && !@submission.archived_at? && can?(:update, submitter) && Accounts.can_send_emails?(current_account) && !@submission.expired? && !submitter.declined_at? %>
+            <% if signed_in? && submitter && submitter.email && !submitter.completed_at && !@submission.archived_at? && can?(:update, @submission) && Accounts.can_send_emails?(current_account) && !@submission.expired? && !submitter.declined_at? %>
              <div class="mt-2 mb-1">
                <%= button_to button_title(title: submitter.sent_at? ? t('re_send_email') : t('send_email'), disabled_with: t('sending')), submitter_send_email_index_path(submitter_slug: submitter.slug), class: 'btn btn-sm btn-primary w-full' %>
              </div>
            <% end %>
-            <% if signed_in? && submitter && submitter.phone && !submitter.completed_at && !@submission.archived_at? && can?(:update, submitter) && !@submission.expired? && !submitter.declined_at? %>
+            <% if signed_in? && submitter && submitter.phone && !submitter.completed_at && !@submission.archived_at? && can?(:update, @submission) && !@submission.expired? && !submitter.declined_at? %>
              <%= render 'submissions/send_sms_button', submitter: %>
            <% end %>
-            <% if signed_in? && submitter && !submitter.completed_at? && !@submission.archived_at? && can?(:create, submitter) && !@submission.expired? && !submitter.declined_at? %>
+            <% if signed_in? && submitter && !submitter.completed_at? && !@submission.archived_at? && can?(:create, @submission) && !@submission.expired? && !submitter.declined_at? %>
              <div class="mt-2 mb-1">
                <a class="btn btn-sm btn-primary w-full" target="_blank" href="<%= submit_form_path(slug: submitter.slug) %>">
                  <%= t('sign_in_person') %>
@@ -51,7 +51,7 @@
              <a href="<%= submission_path(submission) %>" class="text-lg break-all peer">
                <%= submitter.name || submitter.email || submitter.phone %>
              </a>
-              <% if can?(:update, submitter) && !submitter.start_form_submission_events.any? && !submission.archived_at? && !submission.expired? && !submitter.declined_at? %>
+              <% if can?(:update, submission) && !submitter.start_form_submission_events.any? && !submission.archived_at? && !submission.expired? && !submitter.declined_at? %>
                <span class="pl-0.5 tooltip tooltip-top md:opacity-0 md:hover:opacity-100 md:peer-hover:opacity-100" data-tip="<%= t('edit') %>">
                  <%= link_to edit_submitter_path(submitter), class: 'shrink-0', data: { turbo_frame: 'modal' } do %>
                    <%= svg_icon('pencil', class: 'w-5 h-5') %>
@@ -144,7 +144,7 @@
                    <a href="<%= submission_path(submission) %>" class="text-lg break-all peer">
                      <%= submitter.name || submitter.email || submitter.phone %>
                    </a>
-                    <% if can?(:update, submitter) && !submitter.start_form_submission_events.any? && !submission.archived_at? && !submission.expired? && !submitter.declined_at? %>
+                    <% if can?(:update, submission) && !submitter.start_form_submission_events.any? && !submission.archived_at? && !submission.expired? && !submitter.declined_at? %>
                      <span class="pl-0.5 tooltip tooltip-top md:opacity-0 md:hover:opacity-100 md:peer-hover:opacity-100" data-tip="<%= t('edit') %>">
                        <%= link_to edit_submitter_path(submitter), class: 'shrink-0', data: { turbo_frame: 'modal' } do %>
                          <%= svg_icon('pencil', class: 'w-5 h-5') %>
@@ -1,6 +1,9 @@
 <div class="h-36 relative group">
  <a href="<%= template_path(template) %>" class="flex h-full flex-col justify-between rounded-2xl pt-6 px-7 w-full bg-base-200 peer">
    <div class="pb-4 text-xl font-semibold" style="overflow: hidden; display: -webkit-box; -webkit-box-orient: vertical; -webkit-line-clamp: 2;">
+      <% if template.template_accesses.present? %>
+        <%= svg_icon('lock', class: 'w-6 h-6 inline -translate-y-[4px]') %>
+      <% end %>
      <% template.name.split(/(_)/).each do |item| %><%= item %><wbr><% end %>
    </div>
    <div class="pb-6 pt-1 space-y-1">
@@ -1,12 +1,15 @@
 <div class="flex flex-col items-start md:flex-row space-y-2 md:space-y-0 md:space-x-2 md:justify-between md:items-start mb-6 md:mb-3">
  <div class="relative flex items-start justify-between w-full space-x-0">
    <div>
-      <h1 class="text-3xl md:text-[2em] font-semibold" style="overflow: hidden; display: -webkit-box; -webkit-box-orient: vertical; -webkit-line-clamp: 2;">
-        <% template.name.split(/(_)/).each do |item| %><%= item %><wbr><% end %>
-        <% if template.archived_at? %>
-          <span class="ml-1 badge badge-outline badge-lg align-middle"><%= t('archived') %></span>
-        <% end %>
-      </h1>
+      <div id="template_title" class="flex">
+        <h1 class="text-3xl md:text-[2em] font-semibold" style="overflow: hidden; display: -webkit-box; -webkit-box-orient: vertical; -webkit-line-clamp: 2;">
+          <% template.name.split(/(_)/).each do |item| %><%= item %><wbr><% end %>
+          <% if template.archived_at? %>
+            <span class="ml-1 badge badge-outline badge-lg align-middle"><%= t('archived') %></span>
+          <% end %>
+        </h1>
+        <%= render 'templates/access_icon', template: @template %>
+      </div>
      <% if @template.account_id == current_account.id %>
        <div class="flex items-center justify-between">
          <div class="flex items-center">
@@ -19,6 +19,7 @@
    </toggle-visible>
  <% end %>
  <div id="general" class="px-5 mb-4">
+    <%= render 'access' %>
    <%= form_for @template, url: template_preferences_path(@template), method: :post, html: { autocomplete: 'off', class: 'mt-2' }, data: { close_on_submit: false } do |f| %>
      <toggle-on-submit data-element-id="bcc_saved_alert"></toggle-on-submit>
      <%= f.fields_for :preferences, Struct.new(:bcc_completed).new(@template.preferences['bcc_completed']) do |ff| %>
@@ -23,6 +23,15 @@ en: &en
  unarchive: Unarchive
  first_party: 'First Party'
  remove_filter: Remove filter
+  add: Add
+  adding: Adding
+  owner: Owner
+  select_user: Select user
+  team_member_permissions: Team member permissions
+  entire_team: Entire team
+  admin_only: Admin only
+  accessiable_by: Accessiable by
+  team_access: Team access
  document_download_filename_format: Document download filename format
  document_name: Document Name
  docuseal_trusted_signature: DocuSeal Trusted Signature
@@ -689,6 +698,15 @@ en: &en
      read: Read your data

 es: &es
+  add: Agregar
+  adding: Agregando
+  owner: Propietario
+  select_user: Seleccionar usuario
+  team_member_permissions: Permisos de miembros del equipo
+  entire_team: Todo el equipo
+  admin_only: Solo administrador
+  accessiable_by: Accesible por
+  team_access: Acceso del equipo
  remove_filter: Eliminar filtro
  document_download_filename_format: Formato del nombre del archivo de descarga del documento
  document_name: Nombre del documento
@@ -1360,6 +1378,15 @@ es: &es
      read: Leer tus datos

 it: &it
+  add: Aggiungi
+  adding: Aggiungendo
+  owner: Proprietario
+  select_user: Seleziona utente
+  team_member_permissions: Permessi membri del team
+  entire_team: Intero team
+  admin_only: Solo amministratore
+  accessiable_by: Accessibile da
+  team_access: Accesso al team
  remove_filter: Rimuovi filtro
  document_download_filename_format: Formato del nome file scaricato
  document_name: Nome del Documento
@@ -2031,6 +2058,15 @@ it: &it
      read: Leggi i tuoi dati

 fr: &fr
+  add: Ajouter
+  adding: Ajout
+  owner: Propriétaire
+  select_user: Sélectionner un utilisateur
+  team_member_permissions: Permissions des membres de l'équipe
+  entire_team: Équipe entière
+  admin_only: Administrateur uniquement
+  accessiable_by: Accessible par
+  team_access: Accès à l'équipe
  remove_filter: Supprimer le filtre
  document_download_filename_format: Format du nom de fichier du téléchargement de document
  document_name: Nom du document
@@ -2703,6 +2739,15 @@ fr: &fr
      read: Lire vos données

 pt: &pt
+  add: Adicionar
+  adding: Adicionando
+  owner: Proprietário
+  select_user: Selecionar usuário
+  team_member_permissions: Permissões de membro da equipe
+  entire_team: Toda a equipe
+  admin_only: Somente administrador
+  accessiable_by: Acessível por
+  team_access: Acesso à equipe
  remove_filter: Remover filtro
  document_download_filename_format: Formato do nome do arquivo de download do documento
  document_name: Nome do documento
@@ -3374,6 +3419,15 @@ pt: &pt
      read: Ler seus dados

 de: &de
+  add: Hinzufügen
+  adding: Hinzufügen
+  owner: Eigentümer
+  select_user: Benutzer auswählen
+  team_member_permissions: Berechtigungen für Teammitglieder
+  entire_team: Gesamtes Team
+  admin_only: Nur Administratoren
+  accessiable_by: Zugänglich für
+  team_access: Teamzugang
  remove_filter: Filter entfernen
  document_download_filename_format: Format des Dateinamens beim Herunterladen von Dokumenten
  document_name: Dokumentname
@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+class CreateTemplateAccesses < ActiveRecord::Migration[7.2]
+  def change
+    create_table :template_accesses do |t|
+      t.references :template, null: false, foreign_key: true, index: false
+      t.references :user, null: false, foreign_key: false, index: false
+
+      t.index %i[template_id user_id], unique: true
+
+      t.timestamps
+    end
+  end
+end
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema[7.2].define(version: 2024_10_29_192232) do
+ActiveRecord::Schema[7.2].define(version: 2024_12_07_172237) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"

@@ -275,6 +275,14 @@ ActiveRecord::Schema[7.2].define(version: 2024_10_29_192232) do
    t.index ["submission_id"], name: "index_submitters_on_submission_id"
  end

+  create_table "template_accesses", force: :cascade do |t|
+    t.bigint "template_id", null: false
+    t.bigint "user_id", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["template_id", "user_id"], name: "index_template_accesses_on_template_id_and_user_id", unique: true
+  end
+
  create_table "template_folders", force: :cascade do |t|
    t.string "name", null: false
    t.bigint "author_id", null: false
@@ -393,6 +401,7 @@ ActiveRecord::Schema[7.2].define(version: 2024_10_29_192232) do
  add_foreign_key "submissions", "templates"
  add_foreign_key "submissions", "users", column: "created_by_user_id"
  add_foreign_key "submitters", "submissions"
+  add_foreign_key "template_accesses", "templates"
  add_foreign_key "template_folders", "accounts"
  add_foreign_key "template_folders", "users", column: "author_id"
  add_foreign_key "template_sharings", "templates"