* feat(shared): rename user workspaces loader
* feat(gatekeeper): intoduce the enterprise plan
* chore(server): remove more "magic strings"
* refactor(shared): extract user is workspace admin to an auth fragment
* feat(shared): add can createWorkspacePolicy
* feat(workspaces): WIP block workspace creation
* feat(server): add can create workspace checks
* feat(workspaces): enforce canCreateWorkspace policy on the workspace
creation mutation
* feat(shared): allow workspace admins and guests to create workspaces
even if they are part of an exclusive workspace
* test(shared): use test fake properly
* fix(server): eligble workspace typing fixes
* test(shared): fix more workspace fakes
* fix(workspacesCore): add missing loader
* fix(shared): use proper exhaustive switch cases, they stop bugs from
happening
* feat(shared): introduce workspacePlanHasAccessToFeature function with tests
* chore(workspaces): fix more PR comments
* fix(workspaces): naming
* fix(workspaces): some more
* feat(workspaces): enable toggle for auto-join discoverable workspaces
* fix(workspaces): include auto-join flag on LimitedWorkspace
* chore(workspaces): gqlgen
* feat: getting rid of defaultProjectRole setting
* get stdout reporting in CI
* yarn lock fix
* fix package.json
* better CI test output
* pinning mocha-multi
* feat(workspaces): add workspace sso feature flag
* feat(workspaceSso): wip validate sso
* feat(workspaces): validate and add sso provider to the workspace with user sso sessions
* feat(workspaces): validate and add sso provider to the workspace with user sso sessions
* WIP
* fix(sso): restructure to handle all branches at end of flow
* fix(sso): add and validate emails used for sso
* fix(sso): park progress
* chore(workspaces): review sso login/valdate
* fix(sso): adjust validate url
* chore(sso): auth header puzzle
* fix(sso): happy-path config
* chore(gql): gqlgen
* fix(sso): almost almost
* fix(sso): auth endpoint
* a lil more terse
* fix(sso): light at the end of the tunnel
* fix(sso): improve catch block error messages
* fix(sso): session lifespan => validUntil
* fix(sso): I think we've got it
* feat(sso): limited workspace values for public sso login
* fix(sso): use factory functions
* fix(sso): til decrypt is single-use
* fix(sso): correct usage of access codes
* fix(sso): use finalize middleware in all routes
* chore(sso): cheeky tweak
* fix(sso): move some types around
* fix(sso): stencil final shape I'm sleepy
* fix(sso): more factories more factories
* fix(sso): on to final boss of factories
* fix(sso): needs a haircut but she works
* fix(sso): init rest w function, not side-effects
* fix(sso): /authn => /sso
* chore(sso): errors
* chore(sso): test test test
* chore(sso): test all the corners
* feat(sso): list workspace sso memberships
* chore(sso): tests, expose in rest
* fix(sso): expose search via gql
---------
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
Co-authored-by: Mike Tasset <mike.tasset@gmail.com>
* feat(workspaces): add workspace sso feature flag
* feat(workspaceSso): wip validate sso
* feat(workspaces): validate and add sso provider to the workspace with user sso sessions
* feat(workspaces): validate and add sso provider to the workspace with user sso sessions
* WIP
* fix(sso): restructure to handle all branches at end of flow
* fix(sso): add and validate emails used for sso
* fix(sso): park progress
* chore(workspaces): review sso login/valdate
* fix(sso): adjust validate url
* chore(sso): auth header puzzle
* fix(sso): happy-path config
* chore(gql): gqlgen
* fix(sso): almost almost
* fix(sso): auth endpoint
* a lil more terse
* fix(sso): light at the end of the tunnel
* fix(sso): improve catch block error messages
* fix(sso): session lifespan => validUntil
* fix(sso): I think we've got it
* feat(sso): limited workspace values for public sso login
* fix(sso): use factory functions
* fix(sso): til decrypt is single-use
* fix(sso): correct usage of access codes
* fix(sso): use finalize middleware in all routes
* chore(sso): cheeky tweak
* fix(sso): move some types around
* fix(sso): stencil final shape I'm sleepy
* fix(sso): more factories more factories
* fix(sso): on to final boss of factories
* fix(sso): needs a haircut but she works
* fix(sso): init rest w function, not side-effects
* fix(sso): /authn => /sso
* chore(sso): errors
* chore(sso): test test test
* chore(sso): test all the corners
---------
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
Co-authored-by: Mike Tasset <mike.tasset@gmail.com>
* feat(workspaces): enable default project role in workspace
* fix(workspaces): not satisfying
* chore(workspaces): phrasing
* fix(workspaces): use new field in role mapping
* chore(workspaces): use roles
* fix(workspaces): update tests
* fix(workspaces): more parallel role update errors
* chore(workspaces): like this now
* chore(workspaces): revert changes to deps
* fix(workspaces): assert domain type conversion at gql layer
* fix(workspaces): repair tests
* fix(workspaces): fix more tests
* fix(workspaces): transact all simultaneous workspace-project role changes
* fix(workspaces): more correct usage of transactions
* fix(workspaces): add tests for transaction-based role changes
* fix(workspaces): do not leak knex into domain
* fix(workspaces): transaction-ify factory functions
* fix(workspaces): factory-ify some old functions
* fix(workspaces): missed a resolver
* chore(workspaces): get tests in order
* park it
* chore(workspaces): failing tests
* WHAT DO YOU WANT
* fix(workspaces): i lived bitch
* fix(workspaces): remove test that is no longer true
* fix(workspaces): better repo/service boundaries
* right
* fix(workspaces): service in injected
* fix(workspaces): repair references
* refactor(workspaces): role management rework
* chore(workspaces): adjust tests to match new behaviour
* lint lint lint
* fix(workspaces): fix tests
---------
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
* fix(users): verified should be a public limited user field
* feat(workspaceSecurity): update security tab copy
* feat(workspaces): add limited user domain policy compliance check
Gergő Jedlicska