mirror of
https://github.com/stack-auth/stack.git
synced 2026-06-04 21:04:37 +08:00
7a35751f8e
<!-- CURSOR_SUMMARY --> > [!NOTE] > **High Risk** > Touches core sign-up/auth flows and user restriction semantics (including new DB constraints) and introduces dynamic rule evaluation/logging; misconfiguration or CEL/parser bugs could block sign-ups or incorrectly restrict users. > > **Overview** > Introduces **CEL-based sign-up rules** (config-driven) that are evaluated during password/OTP/OAuth sign-ups and anonymous upgrades; matching rules can reject sign-ups or mark users as admin-restricted, and triggers are logged for analytics. > > Extends `ProjectUser` with `restrictedByAdmin` plus public/private restriction details, updates restriction computation/filtering, and exposes these fields via user CRUD (including validation + DB constraint enforcing consistency when unrestricted). > > Adds a new dashboard **Sign-up Rules** page with a visual condition builder (CEL <-> visual tree), drag-reorder by priority, per-rule 48h sparkline analytics via a new hidden internal endpoint, and adds user-page UI to view/edit manual restrictions. Also refactors ClickHouse client initialization to require env vars (removing `isClickhouseConfigured` checks) and adjusts CI container startup wait time. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 2141e689e8c1b72303b805e9234f996010d0880. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Sign-up Rules: visual rule builder, in-project CRUD with drag-reorder, per-rule analytics, backend evaluation, and admin UI. * Admin user restrictions: dashboard controls, banners/status, public/private admin details surfaced in user views. * **APIs & Schema** * Config and user schemas extended; new SignUpRejected error and sign-up rule types added. * **Tests** * Extensive unit and E2E coverage for rules, parser, evaluator, analytics, and restricted-user flows. * **Docs** * Editorial guidance added to AGENTS.md. * **Chores** * DB statement timeout, updated clean script, minor dependency additions. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| all-good.yaml | ||
| auto-assign.yaml | ||
| auto-update.yaml | ||
| check-prisma-migrations.yaml | ||
| claude.yml | ||
| db-migration-backwards-compatibility.yaml | ||
| docker-emulator-test.yaml | ||
| docker-server-build-push.yaml | ||
| docker-server-build-run.yaml | ||
| e2e-api-tests.yaml | ||
| e2e-custom-base-port-api-tests.yaml | ||
| e2e-source-of-truth-api-tests.yaml | ||
| lint-and-build.yaml | ||
| mirror-to-wdb.yaml | ||
| npm-publish.yaml | ||
| restart-dev-and-test-with-custom-base-port.yaml | ||
| restart-dev-and-test.yaml | ||
| reviewers-assignees.yml | ||
| setup-tests-with-custom-base-port.yaml | ||
| setup-tests.yaml | ||
| swift-sdk-publish.yaml | ||
| sync-main-to-dev.yml | ||
| table-of-contents.yaml | ||