Commit Graph

1298 Commits

Author SHA1 Message Date
Tessa Walsh
d41647e6c2
Document all API endpoints with response models (#1928)
Fixes #1920 

Adds response models to all API endpoints that were missing them,
documenting current behavior without making any changes at this stage to
standardize responses.

Follow-up work will involve adding generics to some of the response models
2024-07-16 12:48:38 -07:00
Tessa Walsh
aaf18e70a0
Add created date to Organization and fix datetimes across backend (#1921)
Fixes #1916

- Add `created` field to Organization and OrgOut, set on org creation
- Add migration to backfill `created` dates from first workflow
`created`
- Replace `datetime.now()` and `datetime.utcnow()` across app with
consistent timezone-aware `utils.dt_now` helper function, which now uses
`datetime.now(timezone.utc)`. This is in part to ensure consistency in
how we handle datetimes, and also to get ahead of timezone naive
datetime creation methods like `datetime.utcnow()` being deprecated in
Python 3.12. For more, see:
https://blog.miguelgrinberg.com/post/it-s-time-for-a-change-datetime-utcnow-is-now-deprecated
2024-07-15 19:46:32 -07:00
sua yoo
a234a36057
standarize slugify 2024-07-15 12:06:43 -07:00
sua yoo
bafc96ac94
check org slug 2024-07-15 12:05:19 -07:00
sua yoo
adea46640e
standardize max length 2024-07-15 11:40:15 -07:00
sua yoo
6f031f1059
show correct field when validating 2024-07-15 11:02:10 -07:00
sua yoo
bdd279c4f8
show validation message 2024-07-15 10:36:16 -07:00
Tessa Walsh
a546fb6fe0
Improve handling of duplicate org name/slug (#1917)
Initial implementation of #1892 

- Modifies the backend to return `duplicate_org_name` or
`duplicate_org_slug` as appropriate on a pymongo `DuplicateKeyError`
- Updates frontend to handle `duplicate_org_name`, `duplicate_org_slug`,
and `invalid_slug` error details
- Update errors to be more consistent, also return `duplicate_org_subscription.subId` for duplicate subscription instead of the more generic `already_exists`
---------
Co-authored-by: Ilya Kreymer <ikreymer@gmail.com>
2024-07-10 19:24:50 -07:00
Ilya Kreymer
9a67e28f13
Adds Subscription API (#1914)
Fixes https://github.com/webrecorder/browsertrix/issues/1905

- adds a new top-level `/api/subscriptions` endpoint and SubOps handler on
the backend.
- enable subscriptions API endpoints available only if `billing_enabled` is
set in helm chart
- new POST /subscriptions/create, /subscriptions/update,
/subscriptions/cancel API endpoints
- Subscriptions mongo collection storing timestamped /subscription
API events
- GET /subscriptions/events API to get subscription events, support for filtering and sorting
- Subscription data model 
- Support for setting and handling readOnlyOnCancel on org
- /orgs/<id>/billing-portal to lookup portalUrl using external API
- subscription in org getter and list views
- mark org as readOnly for subscription status `paused_payment_failed`, clears it on status `active`

---------
Co-authored-by: Tessa Walsh <tessa@bitarchivist.net>
2024-07-10 17:41:16 -07:00
sua yoo
d4334d42bc
feat: Enable self-service user access to billing portal (#1908)
Resolves https://github.com/webrecorder/browsertrix/issues/1875
Follows https://github.com/webrecorder/browsertrix/pull/1914

### Changes

- When billing is enabled, adds billing tab to org settings that
displays billing information if applicable
- Handles external link to manage plan
- Refactors org quota type to always be present
- Refactors org settings into `TailwindComponent`
2024-07-10 17:11:01 -07:00
sua yoo
020c9dc1b8
feat: Allow superadmins to delete org (#1788)
Resolves https://github.com/webrecorder/browsertrix/issues/1453

<!-- Fixes #issue_number -->

### Changes

Allows super-admins to delete an org via UI
2024-07-10 17:02:00 -07:00
Tessa Walsh
5aa0ab62cb
Add nightly backend tests for org deletion while browsers are running (#1919)
Fixes #1918
2024-07-10 16:52:27 -07:00
sua yoo
4207cc0116
chore: fix frontend test dependencies 2024-07-08 17:18:16 -07:00
sua yoo
d6977069ef
feat: Manage org read-only state + superadmin view refresh (#1909)
- Displays org status in superadmin view
- Enables superadmins to update org read-only status
- Sorts orgs alphabetically
- Refactors org list to `TailwindComponent`
2024-07-08 11:41:27 -07:00
sua yoo
c97900ec2b
Merge branch 'main' into frontend-org-manage-readonly 2024-07-08 11:20:30 -07:00
sua yoo
6cd5295a31
update copy 2024-07-08 11:16:22 -07:00
sua yoo
dd63c4d980
Update frontend/src/components/orgs-list.ts
Co-authored-by: Henry Wilkinson <henry@wilkinson.graphics>
2024-07-08 11:05:25 -07:00
Tessa Walsh
f1274a6ffc
Add counts for HTML pages, files, and errors to QA tab (#1913)
Fixes #1859 

Adds a section on the QA page showing the breakdown of HTML Pages, non-html files captured as pages, and failed pages in the crawl
2024-07-03 14:23:34 -07:00
sua yoo
aa961493fd
test: Remove temporary commonjs module mocks (#1910)
No issue created, but noticed issue here
ed0d489cda

### Changes

- Removes unused node module mocks and use commonjs plugin to import
modules in tests
- Fixes org form test after removing temporary stub
2024-07-03 16:45:56 -04:00
Tessa Walsh
192737ea99
Add API endpoint to delete org (#1448)
Fixes #903 

Adds superuser-only API endpoint to delete an org and all of its data

---------

Co-authored-by: Ilya Kreymer <ikreymer@gmail.com>
2024-07-03 16:00:11 -04:00
Noah
9088101ef6
feat: support both ipv6 and ipv4 nginx resolver
updates the script to generate the nginx resolver to support both ipv6 and ipv4
2024-07-03 12:00:16 -07:00
Vinzenz Sinapius
01d8bdc5e6
Crawler network policy (#1727)
Limit egress traffic from crawler/profilebrowser pods to the internet
and limited internal services like dns, redis, frontend, auth-signer on certain ports

---------
Co-authored-by: Ilya Kreymer <ikreymer@gmail.com>
2024-07-03 10:55:03 -07:00
Tessa Walsh
bca05ac185 Fix typing 2024-07-03 11:25:01 -04:00
Tessa Walsh
497cfdc561
Merge branch 'main' into frontend-org-manage-readonly 2024-07-03 11:15:47 -04:00
Tessa Walsh
787ebc8738 Add one more pylint disable comment 2024-07-03 11:14:46 -04:00
Tessa Walsh
5a563d20d9 Fix linting issues 2024-07-03 11:10:10 -04:00
Tessa Walsh
d3fb33a78a Add and apply backend sorting for org list
The default org will always be sorted first, regardless of sort options.
Orgs after the first will be sorted by name ascending by default.
Sorting currently supported on name, slug, and readOnly.
2024-07-03 11:01:01 -04:00
Ilya Kreymer
1c42e21b8a
Refactor Invites and Registration, Flatten Per-User Invites (#1902)
Fixes #1432

Refactors the invite + registration system to be simpler and more consistent
with regards to existing user invites. Previously, per-user invites are
stored in the user.invites dict instead of in the invites collection,
which creates a few issues:
- Existing user do not show up in Org Invites list: #1432 
- Existing user invites also do not expire, unlike new user invites,
creating potential security issue.

Instead, existing user invites should be treated like new user invites.
This PR moves them into the same collection,
adding a `userid` field to InvitePending to match with an existing user.

If a user already exists, it will be matched by userid, instead of by
email. This allows for user to update their email while still being
invited. Note that the email of the invited existing user will not
change in the invite email. This is also by design: an admin of one org
should not be given any hint that an invited user already has an
account, such as by having their email automatically update. For an org
admin, the invite to a new or existing user should be indistinguishable.

The sha256 of invite token is stored instead of actual token for better
security.

The registration system has also been refactored with the following
changes:
- Auto-creation of new orgs for new users has been removed
- User.create_user() replaces the old User._create() and just creates the user with
additional complex logic around org auto-add
- Users are added to org in org add_user_to_org()
- Users are added to org through invites with add_user_with_invite()

Tests:
- Additional tests include verifying that existing and new pending
invites appear in the pending invites list
- Tests for `/users/invite/<token>?email=` and
`/users/me/invite/<token>` endpoints
- Deleting pending invites
- Additional tests added for user self-registration, including existing
user self-registration to default org of existing user (in nightly
tests)
2024-07-02 15:13:27 -07:00
Tessa Walsh
f076e7d9e3
Add superuser API endpoints to export and import org data (#1394)
Fixes #890 

This PR introduces new streaming superuser-only API endpoints to export
and import database information for an organization. New Adminstrator
deployment documentation on how to manage the process and copy files
between S3 buckets as needed is also included.

---------

Co-authored-by: Henry Wilkinson <henry@wilkinson.graphics>
Co-authored-by: Ilya Kreymer <ikreymer@gmail.com>
2024-07-02 17:14:34 -04:00
Tessa Walsh
bdfc0948d3
Disable uploading and creating browser profiles when org is read-only (#1907)
Fixes #1904 

Follow-up to read-only enforcement, with improved tests.
2024-07-01 23:15:38 -07:00
sua yoo
ed0d489cda
fix tests 2024-07-01 23:03:47 -07:00
sua yoo
04e3b2f163
make read only 2024-07-01 22:12:44 -07:00
sua yoo
350fb06d36
update layout 2024-07-01 20:57:48 -07:00
sua yoo
e7028ce64a
show quota status 2024-07-01 14:09:58 -07:00
sua yoo
ad2902ee2f
show additional data 2024-07-01 14:09:58 -07:00
sua yoo
35469915a8
refactor org list 2024-07-01 14:09:58 -07:00
sua yoo
2664fd0f0e
sort orgs alphabetically 2024-07-01 14:09:58 -07:00
sua yoo
e7df805b51
check confirmation string 2024-07-01 14:09:57 -07:00
sua yoo
13b6a5b15f
add dialog 2024-07-01 14:09:57 -07:00
sua yoo
ebb9dc826a
fix dialog 2024-07-01 14:09:57 -07:00
Ilya Kreymer
e1ef894275
Extends Org Create endpont + shared secret auth (#1897)
Updates the /api/orgs/create endpoint to:
- not have name / slug be required, will be renamed on first user via
#1870
- support optional quotas
- support optional first admin user email, who will receive an invite to
join the org.

Also supports a new shared secret mechanism, to allow an external
automation to access the /api/orgs/create endpoint (and only that
endpoint thus far) via a shared secret instead of normal login.
2024-07-01 09:37:02 -07:00
Ilya Kreymer
3cd52342a7
Remove Crawl Workflow Configmaps (#1894)
Fixes #1893 

- Removes crawl workflow-scoped configmaps, and replaces with operator-controlled
per-crawl configmaps that only contain the json config passed to Browsertrix
Crawler (as a volume).
- Other configmap settings replaced are replaced the custom CrawlJob options
(mostly already were, just added profile_filename and storage_filename)
- Cron jobs also updated to create CrawlJob without relying on configmaps,
querying the db for additional settings.
- The `userid` associated with cron jobs is set to the user that last modified
 the schedule of the crawl, rather than whomever last modified the workflow
- Various functions that deal with updating configmaps have been removed,
including in migrations.
- New migration 0029 added to remove all crawl workflow configmaps
2024-06-28 15:25:23 -07:00
Ilya Kreymer
946739b08b
Update authsigner to 0.5.2 (#1899)
- needed to support js-wacz signing requests in upcoming crawler versions
- Also has slightly increased memory requirements due to new versions of
some libraries.
- 0.5.2 adds a fix to dropping the fractional part of the second, to make
it work with ISO date strings that have microseconds, such as those from
js-wacz.
2024-06-28 13:38:24 -07:00
Tessa Walsh
8a904c9031
feat: Rename org when accepting org invite for first admin (#1870)
Resolves https://github.com/webrecorder/browsertrix/issues/1874

Support for new two-part sign up flow if first admin user is added to org
- If new user, user registers first, then is able to change the org name / slug on following screen
- If existing user, user accepts invite, then is able to change the org name / slug on following screen
- After confirming org slug name, user is taken to dashboard, or error is shown if org name or slug already taken.
- If org name == org id, org name and slug is automatically set to `{Your Name}'s Archive` when first user is registered / accepts invite
- Email templates updated to better reflect new / existing users and not show org name if it is 'unset' (org name == org id internally)
- tests: frontend unit testing for accept + invite screens.

---------
Co-authored-by: Ilya Kreymer <ikreymer@gmail.com>
Co-authored-by: sua yoo <sua@suayoo.com>
Co-authored-by: sua yoo <sua@webrecorder.org>
Co-authored-by: Henry Wilkinson <henry@wilkinson.graphics>
Co-authored-by: Ilya Kreymer <ikreymer@users.noreply.github.com>
Co-authored-by: Emma Segal-Grossman <hi@emma.cafe>
2024-06-27 16:08:31 -07:00
Tessa Walsh
b7631d1b91
Add slug validation and test (#1891)
Fixes #1890 

Adds validation for org slugs, ensuring that they contain only ASCII
alphanumeric characters and dashes (`-`). If an invalid slug is
provided, an HTTPException is returned with status code 400 and detail
`invalid_slug`.
2024-06-26 15:04:54 -04:00
Ilya Kreymer
6df10d5fb0
Improved Scale Handling (#1889)
Fixes #1888 

Refactors scale handling:
- Ensures number of scaled instances does not exceed number of pages,
but is also at minimum 1
- Checks for finish condition to be numFailed + numDone >= desired scale
- If at least one instance succeeds, crawl considers successful / done.
- If all instances fail, crawl considered failed
- Ensures that pod done count >= redis done count

---------
Co-authored-by: Tessa Walsh <tessa@bitarchivist.net>
2024-06-26 10:24:45 -07:00
Tessa Walsh
9140dd75bc
Add and enforce readOnly field in Organization (#1886)
Fixes https://github.com/webrecorder/browsertrix/issues/1883
Backend work for https://github.com/webrecorder/browsertrix/issues/1876

- If readOnly is set true, disallow crawls and QA analysis runs
- If readOnly is set to true, skip scheduled crawls
- Add endpoint to set `readOnly` with optional `readOnlyReason` (which
is automatically set back to an empty string when `readOnly` is being
set to false), which can be displayed in banner
- Operator: ensures cronjobs that are skipped due to internal logic (eg. readonly mode) simply succeed right away and do not leave a k8s job dangling.

---------
Co-authored-by: Ilya Kreymer <ikreymer@users.noreply.github.com>
Co-authored-by: Ilya Kreymer <ikreymer@gmail.com>
2024-06-25 19:30:53 -07:00
Henry Wilkinson
48dfa485e5
Adds GitHub and Forum to the email invite template (#1887)
- Adds Browsertrix GitHub repo and Webrecorder forum to the bottom of
the support email.
- Adds note about having an applicable plan to contact support

---------

Co-authored-by: Tessa Walsh <tessa@bitarchivist.net>
2024-06-25 19:27:03 -04:00
Ilya Kreymer
3bd714ea9d
QA stats aggregation: exclude isFile / isError pages from stats (#1879)
Follow-up to: #1868, exclude pages that have isFile or isError set to
true from the stats aggregation.
2024-06-25 08:54:42 -07:00
Tessa Walsh
7af3980323
Add billing enabled and sales email to Helm chart and /settings API endpoint (#1873)
Backend work for first two tasks of
https://github.com/webrecorder/browsertrix/issues/1875

New /billing API endpoint to be added separately once we have a better
idea of what data we can get from the payment processor.
2024-06-25 10:55:29 -04:00