4381be5f3e
This change blocks Help Center access for default/Hacker-plan accounts and closes the downgrade gap that could leave `help_center` enabled after a subscription falls back to the default cloud plan. Fixes: none Closes: none ## Why Default-plan accounts should not be able to access the Help Center, but the downgrade fallback path only reset the plan name and did not reconcile premium feature flags. That meant some accounts could keep `help_center` enabled even after landing back on the Hacker/default plan. ## What this change does - blocks Help Center portal and article access for default/Hacker-plan accounts - reconciles premium feature flags when a subscription falls back to the default cloud plan, so `help_center` is disabled immediately instead of waiting for a later webhook - preserves existing account `custom_attributes` during Stripe customer recreation instead of overwriting them - adds Enterprise coverage for the default-plan access checks on hosted and custom-domain Help Center routes - fixes the public access check to use the resolved portal object so blocked requests return the intended response instead of raising an error ## Validation 1. Create or use an account on the default/Hacker cloud plan with an active portal. 2. Visit the portal home page and a published article on both the Chatwoot-hosted URL and a configured custom domain. 3. Confirm the Help Center is blocked for that account. 4. Downgrade a paid account back to the default/Hacker plan through the Stripe webhook flow. 5. Confirm `help_center` is disabled right after the downgrade fallback is processed and the account can no longer access the Help Center. --------- Co-authored-by: Muhsin Keloth <muhsinkeramam@gmail.com> Co-authored-by: Sojan Jose <sojan@pepalo.com>
69 lines
2.0 KiB
Ruby
69 lines
2.0 KiB
Ruby
class Internal::Accounts::InternalAttributesService
|
|
attr_reader :account
|
|
|
|
# List of keys that can be managed through this service
|
|
# TODO: Add account_notes field in future
|
|
# This field can be used to store notes about account on Chatwoot cloud
|
|
VALID_KEYS = %w[manually_managed_features].freeze
|
|
|
|
def initialize(account)
|
|
@account = account
|
|
end
|
|
|
|
# Get a value from internal_attributes
|
|
def get(key)
|
|
validate_key!(key)
|
|
account.internal_attributes[key]
|
|
end
|
|
|
|
# Set a value in internal_attributes
|
|
def set(key, value)
|
|
validate_key!(key)
|
|
|
|
# Create a new hash to avoid modifying the original
|
|
new_attrs = account.internal_attributes.dup || {}
|
|
new_attrs[key] = value
|
|
|
|
# Update the account
|
|
account.internal_attributes = new_attrs
|
|
account.save
|
|
end
|
|
|
|
# Get manually managed features
|
|
def manually_managed_features
|
|
get('manually_managed_features') || []
|
|
end
|
|
|
|
# Set manually managed features
|
|
def manually_managed_features=(features)
|
|
features = [] if features.nil?
|
|
features = [features] unless features.is_a?(Array)
|
|
|
|
# Clean up the array: remove empty strings, whitespace, and validate against valid features
|
|
valid_features = valid_feature_list
|
|
features = features.compact
|
|
.map(&:strip)
|
|
.reject(&:empty?)
|
|
.select { |f| valid_features.include?(f) }
|
|
.uniq
|
|
|
|
set('manually_managed_features', features)
|
|
end
|
|
|
|
# Get list of valid features that can be manually managed
|
|
def valid_feature_list
|
|
# Business and Enterprise plan features only
|
|
Enterprise::Billing::ReconcilePlanFeaturesService::BUSINESS_PLAN_FEATURES +
|
|
Enterprise::Billing::ReconcilePlanFeaturesService::ENTERPRISE_PLAN_FEATURES
|
|
end
|
|
|
|
# Account notes functionality removed for now
|
|
# Will be re-implemented when UI is ready
|
|
|
|
private
|
|
|
|
def validate_key!(key)
|
|
raise ArgumentError, "Invalid internal attribute key: #{key}" unless VALID_KEYS.include?(key)
|
|
end
|
|
end
|