docuseal

Commit Graph

Author	SHA1	Message	Date
Wabo	07f6883a37	Fix container boot crash when Google SSO env vars are not set Devise raises "Mapping omniauth_callbacks on a resource that is not omniauthable" at route-load time if `controllers[:omniauth_callbacks]` is set on `devise_for`, regardless of whether `:omniauth_callbacks` is in the `only:` list (see devise-5.0.3 lib/devise/rails/routes.rb:251). The previous routes.rb only gated the `only:` array. Adding the same gate to the `controllers:` hash so the omniauth callback controller is only declared when GOOGLE_CLIENT_ID + GOOGLE_CLIENT_SECRET are present. Reproduced the crash by running the image without the env vars; fix verified in both states: - No env vars: container boots, /sign_in renders 200, no Google button present. - Env vars set + admin user created: container boots, /sign_in renders 200, "Sign in with Google" form posts to /auth/google_oauth2 with the /google_g.svg logo. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	1 month ago
Wabo	ad12ef7fb5	Add Google Workspace SSO via omniauth-google-oauth2 Adds "Sign in with Google" as an additive auth path next to email and password. When GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET are set, the Google button appears on the sign-in page and the SSO settings page shows an env-driven status panel. Access is restricted to Workspace domains listed in GOOGLE_ALLOWED_DOMAINS (CSV); the hd claim is re-verified server-side on every callback so a misconfigured Google consent screen cannot bypass it. New users from an allowed domain are JIT-provisioned in the default account (oldest, or pinned via GOOGLE_DEFAULT_ACCOUNT_ID). Existing users with a matching email get linked to their Google identity on first sign-in; identity collisions (same email, different Google uid) are rejected. Google's MFA is trusted: users signed in via Google do not see the WaboSign OTP prompt or the FORCE_MFA setup redirect. Password sign-in keeps working unchanged, including its existing OTP gate. Implementation: - Devise gains :omniauthable when SSO is enabled; users get provider/uid columns with a partial unique index that allows NULL for password-only rows. - Users::OmniauthCallbacksController handles /users/auth/google_oauth2/ callback, sets session[:bypass_otp_for_sso], and redirects on failure. - SessionsController#destroy clears the bypass flag on sign-out. - DashboardController#maybe_redirect_mfa_setup honours the flag and User#signed_in_via_sso?. - The previously empty _omniauthable.html.erb stub now renders the Google button. Request specs cover happy path, link-existing-user, domain rejection, identity collision, and 2FA bypass. GOOGLE_SSO.md is the operator-facing setup, behaviour, verification, and troubleshooting guide. README links to it. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	1 month ago
Wabo	2796ddf424	Rebrand DocuSeal to WaboSign and unlock Pro features Renames the product to WaboSign across UI, mailers, locales, assets, and internal Ruby module. Keeps the upstream DocuSeal attribution required by AGPLv3 §7(b) in the powered-by footer, email attribution, README, and a new NOTICE file. Migration renames the AATL cert identifier in encrypted configs from docuseal_aatl to wabosign_aatl. Removes multitenant-gated Pro upsell UI (Plans/Console/Upgrade links, SMS/SSO/bulk-send/logo placeholders, reminder-duration restriction, the "DocuSeal Pro" email-attribution toggle, conditions/formula/payment pricing links) so every shipped feature is reachable on a self-hosted deployment. Multitenant routing logic is preserved. Drops Discord, Twitter, and ChatGPT/AI-assistant chrome. Embedding modal keeps the upstream <docuseal-form> / @docuseal/* SDK contract so existing embedded forms continue to work; documented in NOTICE. REBRANDING.md captures the change inventory for future maintainers. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	1 month ago
Pete Matsyburka	10fd624bec	add revisions	1 month ago
Pete Matsyburka	45ae954c0c	add hmac webhook secret	1 month ago
Pete Matsyburka	d96d252df3	use post for test mode	2 months ago
Pete Matsyburka	7cdf263da1	add screen reader mode	2 months ago
Pete Matsyburka	f995e1864c	add shared link qr code	2 months ago
Pete Matsyburka	bb2fb7a0c2	refactor download	2 months ago
Pete Matsyburka	8f8b36617a	fix first party download from preview	2 months ago
Pete Matsyburka	3eb0b8a89f	allow to delegate	3 months ago
Alex Turchyn	62a969d8fe	add MCP support	4 months ago
Pete Matsyburka	37196ff89f	add dynamic documents	4 months ago
Pete Matsyburka	ed8c313bd4	timestamp controller multitenant	4 months ago
Pete Matsyburka	91814ca105	custom fields	5 months ago
Pete Matsyburka	c4ba892559	refactor clone	5 months ago
Alex Turchyn	6e43a42274	add email 2FA	6 months ago
Pete Matsyburka	dc178ef03f	adjust router	7 months ago
Alex Turchyn	6c73c82a27	add ability to reset custom template emails to default	7 months ago
Pete Matsyburka	daba2505bc	fix detection	7 months ago
Pete Matsyburka	72dd2c6bc5	add template download	8 months ago
Pete Matsyburka	1c8a7b6a7c	detect fields	8 months ago
Pete Matsyburka	39eb67b162	refactor csp	9 months ago
Pete Matsyburka	b64a84a362	add csp	9 months ago
Pete Matsyburka	2a4e6435f1	adjust api settings	9 months ago
Pete Matsyburka	284204fd78	refactor, use invalid class	10 months ago
Alex Turchyn	f7be74eb73	improve user password reset	10 months ago
Alex Turchyn	f40f1d25de	reveal API key with user password	10 months ago
Pete Matsyburka	b2b97a313a	prefillable fields	11 months ago
Alex Turchyn	a61c3e798d	shared link 2fa	11 months ago
Pete Matsyburka	4615e3e48f	refresh webhook status	12 months ago
Alex Turchyn	988a5361a6	add webhook events	12 months ago
Pete Matsyburka	35852ef6ab	add onprem search reindex	1 year ago
Pete Matsyburka	4e94664008	refactor start form	1 year ago
Alex Turchyn	e77b5fa2c9	add optional shared link to templates	1 year ago
Pete Matsyburka	91a96f06c8	remove account config action	1 year ago
Pete Matsyburka	24fe2a1192	fix refactor dropzone	1 year ago
Alex Turchyn	97b8ac4444	add builder dashboard dropzone	1 year ago
Pete Matsyburka	06415ad869	add routes hook	1 year ago
Alex Turchyn	e406620044	add 'Event Log' modal	1 year ago
Alex Turchyn	83b6ce8574	fix logos	1 year ago
Alex Turchyn	fa74ee1755	add Progressive Web App	1 year ago
Pete Matsyburka	37de5e0d0d	add resubmit from dashboard	1 year ago
Pete Matsyburka	9beaaa0851	adjust filters	2 years ago
Alex Turchyn	b86aac86d1	add template submissions filters	2 years ago
Pete Matsyburka	ca7ab5aab7	adjust webhooks controller	2 years ago
Alex Turchyn	fd3530ac62	update Webhooks UI	2 years ago
Pete Matsyburka	2542f26d96	adjust webhooks	2 years ago
Alex Turchyn	84edb6dbda	use webhook urls instead of encrypted configs	2 years ago
Pete Matsyburka	22d4833496	allow to unarchive submissions	2 years ago

1 2 3

148 Commits (07f6883a37c8c4749ec7d248c94de9add302fe76)