diff --git a/astro.config.mjs b/astro.config.mjs index 51bd4da..8bb6aa5 100644 --- a/astro.config.mjs +++ b/astro.config.mjs @@ -367,6 +367,44 @@ export default defineConfig({ }, ], }, + { + label: "Workspace Access Center", + collapsed: true, + items: [ + { + label: "Overview", + link: "/workspace-access-center/overview/", + }, + { + label: "People", + link: "/workspace-access-center/people/", + }, + { + label: "Resources", + link: "/workspace-access-center/resources/", + }, + { + label: "My Access", + link: "/workspace-access-center/my-access/", + }, + { + label: "Audit", + link: "/workspace-access-center/audit/", + }, + { + label: "Guest Settings", + link: "/workspace-access-center/guest-settings/", + }, + { + label: "Legacy routes", + link: "/workspace-access-center/legacy-routes/", + }, + { + label: "Preview features", + link: "/workspace-access-center/preview-features/", + }, + ], + }, ], }), ], diff --git a/src/assets/screenshots/huly/wac/audit.png b/src/assets/screenshots/huly/wac/audit.png new file mode 100644 index 0000000..6f2a6dc Binary files /dev/null and b/src/assets/screenshots/huly/wac/audit.png differ diff --git a/src/assets/screenshots/huly/wac/guest-settings.png b/src/assets/screenshots/huly/wac/guest-settings.png new file mode 100644 index 0000000..78bfd0f Binary files /dev/null and b/src/assets/screenshots/huly/wac/guest-settings.png differ diff --git a/src/assets/screenshots/huly/wac/inheritance-tree.png b/src/assets/screenshots/huly/wac/inheritance-tree.png new file mode 100644 index 0000000..29c6f9b Binary files /dev/null and b/src/assets/screenshots/huly/wac/inheritance-tree.png differ diff --git a/src/assets/screenshots/huly/wac/my-access.png b/src/assets/screenshots/huly/wac/my-access.png new file mode 100644 index 0000000..4e5ebc3 Binary files /dev/null and b/src/assets/screenshots/huly/wac/my-access.png differ diff --git a/src/assets/screenshots/huly/wac/people-all.png b/src/assets/screenshots/huly/wac/people-all.png new file mode 100644 index 0000000..40a772f Binary files /dev/null and b/src/assets/screenshots/huly/wac/people-all.png differ diff --git a/src/assets/screenshots/huly/wac/people-bulkbar-active.png b/src/assets/screenshots/huly/wac/people-bulkbar-active.png new file mode 100644 index 0000000..8c0d501 Binary files /dev/null and b/src/assets/screenshots/huly/wac/people-bulkbar-active.png differ diff --git a/src/assets/screenshots/huly/wac/people-by-role.png b/src/assets/screenshots/huly/wac/people-by-role.png new file mode 100644 index 0000000..f9e9957 Binary files /dev/null and b/src/assets/screenshots/huly/wac/people-by-role.png differ diff --git a/src/assets/screenshots/huly/wac/people-inactive.png b/src/assets/screenshots/huly/wac/people-inactive.png new file mode 100644 index 0000000..2ee63ae Binary files /dev/null and b/src/assets/screenshots/huly/wac/people-inactive.png differ diff --git a/src/assets/screenshots/huly/wac/person-drawer.png b/src/assets/screenshots/huly/wac/person-drawer.png new file mode 100644 index 0000000..6328670 Binary files /dev/null and b/src/assets/screenshots/huly/wac/person-drawer.png differ diff --git a/src/assets/screenshots/huly/wac/resources-all.png b/src/assets/screenshots/huly/wac/resources-all.png new file mode 100644 index 0000000..f8d6048 Binary files /dev/null and b/src/assets/screenshots/huly/wac/resources-all.png differ diff --git a/src/assets/screenshots/huly/wac/settings-sidebar.png b/src/assets/screenshots/huly/wac/settings-sidebar.png new file mode 100644 index 0000000..4170866 Binary files /dev/null and b/src/assets/screenshots/huly/wac/settings-sidebar.png differ diff --git a/src/assets/screenshots/huly/wac/space-drawer.png b/src/assets/screenshots/huly/wac/space-drawer.png new file mode 100644 index 0000000..525a1be Binary files /dev/null and b/src/assets/screenshots/huly/wac/space-drawer.png differ diff --git a/src/content/docs/workspace-access-center/audit.mdx b/src/content/docs/workspace-access-center/audit.mdx new file mode 100644 index 0000000..32746f6 --- /dev/null +++ b/src/content/docs/workspace-access-center/audit.mdx @@ -0,0 +1,54 @@ +--- +title: Audit +description: Review the chronological log of access-related actions in a workspace, filter by action and actor, and export to CSV. +--- + +import { Image } from "astro:assets"; +import wacAudit from "../../../assets/screenshots/huly/wac/audit.png"; + +The **Audit** tab is the workspace's access-change ledger. Every state-changing edit made from the People and Resources tabs — and a number of related actions raised by other parts of Huly, such as space archive / unarchive triggered by an automation — is written here with the actor's UUID, a canonical action name, the affected entity, and a timestamp. + +Audit tab with action dropdown, date range pickers, and table + +Retention is shown as a banner above the WAC tab strip: + +> Workspace audit retention is 365 days. Edits from the People / Resources panels below are logged with the actor's UUID. + +The retention default is 365 days. Self-hosted operators can change it via the `AUDIT_RETENTION_DAYS` environment variable on the workspace service (see [Configuration](/admin-panel/configuration) for the equivalent setting on the instance audit log; the workspace audit follows the same variable). + +## Filters + +Three filters sit above the table: + +- **Action** — a dropdown of canonical action names (`role_changed`, `member_added`, `member_removed`, `space_archived`, `space_unarchived`, `space_privacy_changed`, `grant_issued`, `grant_revoked`, `ownership_transferred`, …). Default is `Any action`. +- **From** — start date. `No date` leaves the lower bound open. +- **To** — end date. `No date` leaves the upper bound open. +- **Clear** — resets all three filters. + +A fourth filter on the **Actor** column allows substring search on actor display name or UUID. + +## Columns + +- **Timestamp** — ISO-8601 timestamp with timezone (UTC by default). +- **Actor** — the user who performed the action, or `system` for actions raised by automations and prune jobs. +- **Action** — canonical action name. +- **Entity** — the affected entity (member name, space name, grant ID, …). +- **Detail** — short human-readable description of what changed. + +The table is sorted by timestamp descending. Click the timestamp header to invert. + +## CSV Export (Owner-only) + +The **Export CSV** button in the top-right is visible to Owners only. Clicking it opens a confirmation dialog: + +> Exporting the audit log creates a file containing user UUIDs, action names, and timestamps. This data is subject to your organisation's data-handling policy. Continue? + +The dialog is intentional — the export carries personally identifiable references (UUIDs and display names) and may fall under your organisation's data-protection rules. Acknowledge the dialog to download a UTF-8 CSV with a header row. + +The export respects the active filters. To export only `role_changed` events in the last 30 days, set the filters first and then click **Export CSV**. + +## Retention behaviour + +A daily prune job removes audit rows older than `AUDIT_RETENTION_DAYS`. On instances where the prune job has not run yet — for example a fresh install — older rows may still be visible. The prune job is idempotent and skips rows that are already gone. + +Setting `AUDIT_RETENTION_DAYS=0` disables the prune entirely. Use this if you forward audit rows to an external SIEM and want the database to be the source of truth indefinitely. diff --git a/src/content/docs/workspace-access-center/guest-settings.mdx b/src/content/docs/workspace-access-center/guest-settings.mdx new file mode 100644 index 0000000..f4512d4 --- /dev/null +++ b/src/content/docs/workspace-access-center/guest-settings.mdx @@ -0,0 +1,70 @@ +--- +title: Guest Settings +description: Owner-only per-application permission editor for the Guest and Anonymous guest workspace roles. +--- + +import { Image } from "astro:assets"; +import wacGuest from "../../../assets/screenshots/huly/wac/guest-settings.png"; + +The **Guest Settings** tab is the per-application permission editor for the workspace's two guest roles: + +- **Guest** — a signed-in user who has been invited as a guest of this workspace. +- **Anonymous guest** — an unauthenticated visitor following a public link or a guest-link. + +The tab is visible to Owners only. Maintainers and Users do not see it in the tab strip. + +Guest Settings tab with Guest and Anonymous guest tabs and per-application permission editors + +## Role selector + +Two top-level tabs at the top of the panel select which guest role you are editing: + +- **Guest** — settings for signed-in guests. +- **Anonymous guest** — settings for unauthenticated visitors. + +Both roles share the same set of applications below; the per-application permissions are independent. + +## Application permissions + +A guidance line above the application list explains the model: + +> Choose which applications guests can use, then adjust permissions for each application below. + +Each application has its own card with two parts: + +- **Enabled toggle** — whether guests of this role have any access to the application at all. Toggling off hides the application's UI for guests of this role. +- **Permissions** — per-application capability flags such as `Allow creating issues` (Tracker) or `Allow creating cards` (Cards). Capabilities that the application does not yet expose to guests are greyed out with a `coming soon` label. + +Below the capability flags every application card has an **Auto-join spaces** picker: + +> When enabled, workspace guests are added to this space on activation. + +Pick the spaces a guest of this role should be added to when they activate their invite. Multiple spaces can be selected. The picker is per-application, so a Guest can be auto-joined to a Tracker project and a Documents teamspace independently. + +Currently the following application cards are present: + +- **Tracker** — issue creation, assignee picker. +- **Cards** — card creation. +- **Chat** — auto-join to chat spaces only (no creation rights today). +- **Documents** — read / comment / edit. +- **Office** — auto-join only (rooms and devices are managed inside Office). +- **Planner** — auto-join only. +- **Drive** — auto-join only. +- **Test Management (beta)** — auto-join only. + +The card set is driven by the installed Huly applications. If your instance has additional applications enabled, additional cards appear. + +## Global toggles + +Two top-level toggles sit outside the per-application list: + +- **allowReadOnlyGuests** — whether the workspace exposes the `Read-only Guest` role at all. Turning this off hides the role in the People-tab role picker and rejects new Read-only guest invites server-side. +- **allowGuestSignUp** — whether the public sign-up endpoint for this workspace accepts guest registrations. Turning this off keeps the guest application set but stops new guests from joining without an explicit invite. + +## Guest communication settings + +A dedicated section at the bottom controls fine-grained per-card permissions for the **chat** application: + +- **allowedCards** — a multi-select of card classes that guests are allowed to comment on. Default is empty (no comment rights). Add classes to opt them in. + +Every change in Guest Settings is written to the workspace audit log under the `guest_settings_changed` action. diff --git a/src/content/docs/workspace-access-center/legacy-routes.mdx b/src/content/docs/workspace-access-center/legacy-routes.mdx new file mode 100644 index 0000000..ca4cd0f --- /dev/null +++ b/src/content/docs/workspace-access-center/legacy-routes.mdx @@ -0,0 +1,48 @@ +--- +title: Legacy routes and Settings IA +description: How the Workspace Access Center consolidates the legacy Workspace Members, Guests, and Global Space Admins entries, and which deep-links still work. +--- + +import { Image } from "astro:assets"; +import wacSettingsSidebar from "../../../assets/screenshots/huly/wac/settings-sidebar.png"; + +Before the Workspace Access Center, four separate entries under workspace **Settings** covered access concerns: + +- `Workspace Members` — list and edit workspace members. +- `Guests` — manage guest invitations and per-application guest permissions. +- `Global Space Admins` — assign workspace-wide space admin rights. +- `Admin panel` — the instance-wide administrative UI. + +WAC consolidates the first three under a single **Access Center** entry. The fourth is renamed for disambiguation. + +Workspace settings sidebar with the new Access Center entry replacing legacy items + +## Sidebar changes + +In the workspace settings sidebar: + +- **Workspace Members** — hidden. Use [Access Center → People](/workspace-access-center/people). +- **Guests** — hidden. Use [Access Center → Guest Settings](/workspace-access-center/guest-settings). +- **Global Space Admins** — hidden. Equivalent functionality lives under [Access Center → Resources](/workspace-access-center/resources) via the per-space Transfer ownership and member-role pickers. +- **Admin panel** — renamed to **Global Admin Panel** to distinguish it from the per-workspace Access Center. + +## Deep-links still work + +The legacy URLs are kept alive. Existing bookmarks, links in third-party documentation, and external workflow tooling continue to resolve to a working page: + +| Legacy path | Behaviour today | +|---|---| +| `/setting/owners` | Loads the legacy Workspace Members page. A banner suggests opening **Access Center → People** instead. | +| `/setting/guestPermissions` | Loads the legacy Guest Permissions page. A banner suggests opening **Access Center → Guest Settings** instead. | +| `/setting/allSpaces` | Loads the legacy All Spaces page. A banner suggests opening **Access Center → Resources** instead. | + +There is no scheduled date to retire the legacy pages. The banners are advisory only. + +## Why the rename + +`Admin panel` previously referred to two different things depending on context: + +- the workspace-internal admin tools (members, guests, space admins); +- the instance-wide admin UI documented under [Global Admin Panel](/admin-panel/overview). + +The Access Center consolidation is the right opportunity to disambiguate: workspace-internal access lives under **Access Center**, instance-wide access lives under **Global Admin Panel**. The terms are kept distinct everywhere in the workbench and in this documentation. diff --git a/src/content/docs/workspace-access-center/my-access.mdx b/src/content/docs/workspace-access-center/my-access.mdx new file mode 100644 index 0000000..4680efa --- /dev/null +++ b/src/content/docs/workspace-access-center/my-access.mdx @@ -0,0 +1,62 @@ +--- +title: My Access +description: See your own workspace role, the spaces you are in, the spaces you own, and the per-resource grants involving you. +--- + +import { Image } from "astro:assets"; +import wacMyAccess from "../../../assets/screenshots/huly/wac/my-access.png"; + +The **My Access** tab is the self-service view of WAC. Every workspace member — including Guests and Read-only Guests — can open this tab to see their own role, the spaces they belong to, the spaces they own, and the per-resource grants involving them. + +My Access tab showing workspace role with My role sub-tab + +## Sub-tabs + +- **My role** — your current workspace role, shown as a large badge. A help line explains that role changes are made by a workspace Owner from the People tab. +- **Spaces I'm in** — every space you are a direct member of, with your role per space and an `Open ↗` link. +- **Spaces I own** — every space whose Owner is you. Useful when you want to step through "what would happen to this space if I left the workspace?" +- **Granted to me** — per-resource grants given to you (mention-grants, document-grants, link-grants). Each grant carries scope (read / comment / edit) and an expiry if one was set. +- **Granted by me** — per-resource grants you have given to other members. Useful to review and revoke grants you issued earlier. + +## My workspace role + +The header of the **My role** sub-tab shows your current role as a coloured badge: + +- `OWNER` — full control of the workspace. +- `MAINTAINER` — broad administrative rights, no ability to transfer ownership. +- `USER` — standard editor role. +- `GUEST` — limited editor role, scoped to spaces a Guest has been added to. +- `READ-ONLY GUEST` — read access only. +- `DOCUMENT GUEST` — read access scoped to a specific document. + +Below the badge: + +> Role changes are managed by a workspace Owner from the People view. + +If you need a different role, ask any Owner of the workspace. + +## Spaces I'm in / Spaces I own + +Both lists show the same columns: + +- **Type** — emoji + class label. +- **Name** — space name with an `Open ↗` link to the space root. +- **My role** (Spaces I'm in) or **Members** (Spaces I own) — context-specific. +- **Last activity** — when you last touched the space. + +Both tables are sortable. + +## Granted to me / Granted by me + +These two sub-tabs list per-resource grants — the fine-grained access primitives that sit below the workspace role. They are typically created when a member shares a document, mentions someone in a private space, or generates a link-grant from the share menu. + +Each row shows: + +- **Resource** — the document, card, or other entity the grant is attached to. +- **Scope** — `read`, `comment`, or `edit`. +- **Granted by** (or **Granted to**) — the actor on the other side of the grant. +- **Expires** — expiry timestamp, or `—` for non-expiring grants. + +### Self-service Leave and Decline (preview) + +A **Leave** action on **Spaces I'm in** and a **Decline** action on **Granted to me** are part of the preview-features set and are hidden unless the workspace has `WAC_PREVIEW_FEATURES` enabled. See [Preview features](/workspace-access-center/preview-features). When the flag is off, the only way to leave a space today is to ask an Owner to remove you from the People tab. diff --git a/src/content/docs/workspace-access-center/overview.mdx b/src/content/docs/workspace-access-center/overview.mdx new file mode 100644 index 0000000..ff9a5c9 --- /dev/null +++ b/src/content/docs/workspace-access-center/overview.mdx @@ -0,0 +1,57 @@ +--- +title: Workspace Access Center +description: Single-pane view for managing per-workspace people, resources, access grants, and audit history. +--- + +import { Image } from "astro:assets"; +import wacPeopleAll from "../../../assets/screenshots/huly/wac/people-all.png"; +import wacSettingsSidebar from "../../../assets/screenshots/huly/wac/settings-sidebar.png"; + +The **Workspace Access Center** (WAC) is the per-workspace home for everything related to who can do what inside a single Huly workspace. It collects the People list, the Spaces list, your own access view, the audit trail, and the Guest application permissions in one place under workspace **Settings → Access Center**. + +WAC replaces the legacy `Workspace Members`, `Guests`, and `Global Space Admins` entries in the workspace settings sidebar. The deep-link URLs for those legacy pages still work (see [Legacy routes](/workspace-access-center/legacy-routes)) so existing bookmarks and links continue to resolve. + +Workspace Access Center, People tab showing the All sub-tab with members and their roles + +## Who can use it + +Every workspace member can open the Access Center, but what they see depends on their workspace role: + +- **Owner** — full access to all five tabs and every sub-tab. Owners can change roles, transfer ownership, archive spaces, edit Guest application permissions, and export the audit log. +- **Maintainer** — full access to People, Resources, My Access, and Audit. Cannot edit Guest Settings and cannot export audit CSV. +- **User** — read-only People and Resources, full My Access, and a limited (workspace-scoped) Audit view. +- **Guest / Read-only Guest / Document Guest** — only the My Access tab is shown. Guests see their own role, the spaces they are in, and the access grants they have received. + +The tab list adapts automatically — guests do not see tabs they cannot use. + +## How to open it + +From any workspace, click your workspace name in the top-left, choose **Settings**, then **Access Center** in the workspace settings sidebar. + +Settings sidebar with Access Center entry under WORKSPACE SETTINGS + +The direct URL is: + +``` +/workbench//setting/setting/accessCenter +``` + +## The five tabs + +WAC has five top-level tabs. Each tab is documented on its own page: + +- **[People](/workspace-access-center/people)** — list members, change roles, manage invites, surface inactive accounts. +- **[Resources](/workspace-access-center/resources)** — list spaces (Projects, Funnels, Teamspaces, Drives, Cards) with privacy, auto-join, and archive state. Walk the workspace hierarchy. +- **[My Access](/workspace-access-center/my-access)** — see your own role, the spaces you are in, the spaces you own, and the per-resource grants given to or by you. +- **[Audit](/workspace-access-center/audit)** — review the chronological log of access-related actions in this workspace, with filters and CSV export. +- **[Guest Settings](/workspace-access-center/guest-settings)** — Owner-only. Per-application permission editor for the `Guest` and `Anonymous guest` workspace roles. + +A sixth **Presets** tab is shown when the preview-features flag is on; see [Preview features](/workspace-access-center/preview-features) for details. + +## What it is not + +WAC is **not** the instance-wide [Global Admin Panel](/admin-panel/overview). The Global Admin Panel covers account-level concerns across all workspaces of a self-hosted Huly instance (`ADMIN_EMAILS` allowlist, force-disable accounts, mass-archive workspaces, instance audit log). WAC is scoped to a single workspace and runs for every workspace member that has permission to use it — not just instance admins. + +## Audit logging + +Every state-changing edit made through the People and Resources tabs is written to the workspace audit log with the actor's UUID, the action name, the affected entity, and a timestamp. The retention period (default 365 days) is shown as a banner above the tab strip. See [Audit](/workspace-access-center/audit) for the full list of actions and the CSV-export procedure. diff --git a/src/content/docs/workspace-access-center/people.mdx b/src/content/docs/workspace-access-center/people.mdx new file mode 100644 index 0000000..0785607 --- /dev/null +++ b/src/content/docs/workspace-access-center/people.mdx @@ -0,0 +1,78 @@ +--- +title: People +description: Manage workspace members, change roles, bulk-edit, and surface inactive accounts. +--- + +import { Image } from "astro:assets"; +import wacPeopleAll from "../../../assets/screenshots/huly/wac/people-all.png"; +import wacPeopleByRole from "../../../assets/screenshots/huly/wac/people-by-role.png"; +import wacPeopleInactive from "../../../assets/screenshots/huly/wac/people-inactive.png"; +import wacPersonDrawer from "../../../assets/screenshots/huly/wac/person-drawer.png"; +import wacPeopleBulkbarActive from "../../../assets/screenshots/huly/wac/people-bulkbar-active.png"; + +The **People** tab lists every member of the workspace and is the place to change roles, batch-edit memberships, find inactive accounts, and triage pending invites. + +People tab, All sub-tab with member table + +## Sub-tabs + +The sub-tab strip narrows the table by category: + +- **All** — every member of the workspace, regardless of role or activity. +- **By role** — same table grouped by role (Owner → Maintainer → User → Guest → Read-only Guest → Document Guest). Each group is collapsible. +- **Inactive (90d+)** — members whose last activity is older than 90 days. The threshold is fixed. +- **Granted access (N)** — members who hold at least one explicit per-resource grant (mention-grant, document-grant, link-grant). The number in parentheses is the current count. +- **Pending invites** — invite tokens that have been issued but not yet accepted. Cancel invites from here. + +People tab, By role sub-tab grouping members by workspace role + +## Columns and sorting + +The table has four columns: + +- **Name** — display name and avatar. Click to open the [Person Drawer](#person-drawer). +- **Role** — the member's workspace role (Owner, Maintainer, User, Guest, Read-only Guest, Document Guest). +- **Last activity** — `today`, `Nd`, `90d+`, or `never`. Used by the **Inactive** sub-tab to filter. +- **Spaces** — count of spaces this member belongs to. + +Every column header is sortable. Click to toggle ascending/descending. A small arrow shows on the active sort column only. + +Inactive (90d+) sub-tab with members whose last activity is older than 90 days + +## Bulk actions + +Selecting one or more rows with the checkbox in the first column reveals a **bulk actions bar** above the table: + +People tab with two members selected, showing the active bulk-actions bar: Add to Space, Remove from Space, Change role dropdown, Apply, Cancel + +The selection counter (`2 selected`) appears at the left of the bar, followed by the available actions. The `Add to Space` and `Remove from Space` buttons are gated behind the `WAC_PREVIEW_FEATURES` flag — see [Preview features](/workspace-access-center/preview-features) for how operators opt in. + +- **Add to Space** — opens a space picker. Selected members are added to the chosen space at their existing workspace role (or as `Member`, depending on the space type). +- **Remove from Space** — opens a space picker scoped to spaces the selection currently belongs to. Members are removed from the chosen space. +- **Change role** — a role dropdown plus **Apply**. The role change applies to every selected member. +- **Cancel** — clears the selection and hides the bar. + +### Last-Owner protection + +When a bulk **Change role** would leave the workspace with zero Owners, a confirmation MessageBox is shown: + +> Workspace currently has 2 Owners. Demoting both will leave the workspace without an Owner. Continue? + +Click **Cancel** to abort, or **Continue** to acknowledge and proceed. The check runs server-side as well — the UI confirmation is a guard, not the security primitive. + +## Person Drawer + +Clicking a row opens a right-side drawer with the member's full per-workspace view: + +Person drawer with workspace role picker, save button, and effective-permissions section + +The drawer header shows the member's name, avatar, and current role. Below that: + +- **Workspace role** — a dropdown to change the role. The picker disables choices the calling user cannot grant (for example, a Maintainer cannot set someone to Owner). **Save Role** commits the change. The Owner-count guard from the bulk bar also applies here. +- **Effective permissions** — a collapsible list of every space the member has access to with the effective role per space. Expand to drill down by Space ID. Useful when a Maintainer or Owner wants to verify what a member can actually see and edit. + +Press `Escape` or click outside the drawer to dismiss. + +## Search + +A search box above the table filters on display name and email substring (case-insensitive, 300 ms debounce). Search composes with the active sub-tab — searching while on **Inactive (90d+)** restricts the search to inactive members only. diff --git a/src/content/docs/workspace-access-center/preview-features.mdx b/src/content/docs/workspace-access-center/preview-features.mdx new file mode 100644 index 0000000..8175593 --- /dev/null +++ b/src/content/docs/workspace-access-center/preview-features.mdx @@ -0,0 +1,52 @@ +--- +title: Preview features +description: WAC preview features behind the WAC_PREVIEW_FEATURES env flag — what is gated, what works today, and what is on the roadmap. +--- + +A handful of WAC features are shipped as **preview** — the UI is in the tree, the i18n strings are translated, the routing wires up, but the server-side backend either returns `501 Not Implemented` or is intentionally simplified. Preview features are hidden by default and are revealed when the `WAC_PREVIEW_FEATURES` environment variable on the workspace front service is set to `true`. + +The intent is to ship the UI early so feedback can be collected before the backend lands, and so self-hosters can enable individual previews per workspace if they want to dogfood them. + +## Enabling previews + +Set the env flag on the workspace front service: + +```bash +# docker-compose.yml or .env on the front pod +WAC_PREVIEW_FEATURES=true +``` + +Restart the front pod for the change to take effect. The flag is read at workspace mount time; existing browser sessions need a reload. + +When the flag is on, an extra **Presets** tab appears in the WAC tab strip and several inline preview affordances become visible. When the flag is off, none of the preview UI is shown. + +## What is in preview today + +Six features are currently gated behind the flag: + +1. **Self-service Leave (Spaces I'm in)** — a **Leave** action on the My Access → Spaces I'm in sub-tab. Server stub returns `501`. +2. **Self-service Decline (Granted to me)** — a **Decline** action on Granted to me. Server stub returns `501`. +3. **Per-resource grant management** — inline edit / revoke for grants on the Granted by me sub-tab. Read works; write returns `501`. +4. **Effective-permissions resolver** — a richer drill-down view in the Person Drawer that resolves the effective permissions for a given member across all spaces in real time. Today the off-flag drawer shows a static list; the preview version walks the live tree. +5. **Bulk-bar preset chips** — preset chips above the People bulk bar (`All inactive`, `All guests`, `All without recent activity`) that pre-select rows matching the preset. Selection works client-side; the underlying queries are stable. +6. **Presets tab** — the sixth top-level tab that lets Owners save named filter combinations across People and Resources for re-use. + +## Roadmap signal + +Preview features are not abandoned — they are the next iteration's primary backlog. The follow-up release schedules real backends for items 1, 2, and 3 first, and richer backends for items 4, 5, 6 after. The env flag will continue to exist after the backends land, so operators can keep the chrome hidden if they prefer. + +## How preview status is shown + +Preview-only controls are decorated: + +- **Buttons** carry a small `preview` chip next to the label. +- **Tabs** (the Presets tab) carry the same `preview` chip in the tab label. +- **Network calls** that would return `501` are caught client-side and a non-fatal toast is shown: + +> This action is in preview. The server-side backend is not implemented yet. + +No data is mutated for preview actions that return `501`. Audit log entries are written only when the server confirms the mutation. + +## Disabling previews + +Set `WAC_PREVIEW_FEATURES=false` (or unset it) and restart the front pod. Preview UI disappears on next workspace mount. Users with the preview UI cached in an old session see it until they reload. diff --git a/src/content/docs/workspace-access-center/resources.mdx b/src/content/docs/workspace-access-center/resources.mdx new file mode 100644 index 0000000..0853d96 --- /dev/null +++ b/src/content/docs/workspace-access-center/resources.mdx @@ -0,0 +1,87 @@ +--- +title: Resources +description: List, filter, and manage workspace spaces — Projects, Funnels, Teamspaces, Drives, Cards — from one table. +--- + +import { Image } from "astro:assets"; +import wacResourcesAll from "../../../assets/screenshots/huly/wac/resources-all.png"; +import wacSpaceDrawer from "../../../assets/screenshots/huly/wac/space-drawer.png"; +import wacInheritanceTree from "../../../assets/screenshots/huly/wac/inheritance-tree.png"; + +The **Resources** tab lists every space in the workspace and lets Owners and Maintainers review, search, archive, and re-privatize them from one table. A *space* in this context is anything that holds member-scoped data: a tracker Project, a Funnel, a Teamspace, a Drive, a Cards space, and so on. + +Resources tab, All sub-tab showing spaces with type, members, privacy, auto-join, and state + +## Sub-tabs + +The sub-tab strip narrows the table: + +- **All** — every space, regardless of privacy or state. +- **Private only** — spaces whose privacy flag is `private`. Membership is explicit. +- **Public only** — spaces whose privacy flag is `public`. Workspace members can self-join (subject to space-type rules). +- **Archived** — spaces that have been archived. They are read-only by default and excluded from the workbench navigators. +- **Auto-join** — spaces with `autoJoin = true`. New workspace members are added automatically on activation. + +## Columns + +The table has six columns: + +- **Type** — emoji + class label (`Project`, `Funnel`, `Teamspace`, `Drive`, `Cards`, `Chat`, `Office`, `Guest-Links`). +- **Name** — the space's display name. Click to open the [Space Drawer](#space-drawer). +- **Members** — count of direct members of the space. +- **Privacy** — `Public` or `Private`. +- **Auto-join** — `✓ Auto-join` if the space has auto-join enabled, `—` otherwise. +- **State** — `Active`, `Archived`, or `v2 coming soon` for capability-matrix placeholders (see below). + +All columns are sortable. Click a header to toggle ascending/descending. + +## Search + +A full-text search box above the table matches against space name. The substring matcher is case-insensitive and runs against the workspace-side index, so it is fast even on workspaces with thousands of spaces. + +## Bulk actions + +Selecting one or more rows reveals a bulk-actions bar: + +- **Archive selected** — archives the selected spaces. Archived spaces become read-only and disappear from the workbench navigators. The Resources table still lists them on the **Archived** sub-tab. +- **Make private** — flips `privacy` to `private` on the selected spaces. Public membership is dissolved; only members listed in the space remain. +- **Transfer ownership** — opens a person picker. The selected member becomes the new Owner of every selected space. The previous Owner retains Maintainer. +- **Cancel** — clears the selection. + +## View hierarchy + +A **View hierarchy** button at the top opens a modal that shows the workspace structure top-down: + +``` +Workspace +└── SpaceType (Project, Funnel, …) + └── Space +``` + +This is read-only and useful when you want to understand which space-types exist and how spaces nest under them. + +Resource hierarchy modal showing Workspace → SpaceType → Space tree with Cards, Teamspace, Drive, and Funnel branches + +## Space Drawer + +Clicking a row opens a right-side drawer with the space's full membership editor: + +Space Drawer with Members editor, Owners section, and Flags (Private, Auto-join, Archived) toggles + +- **Members** — the direct membership of the space with per-member role pickers. Add and remove members from here. +- **Owners** — chip-style editor that lists the space's Owners. Owners are surfaced as a distinct group with their own `Save Owners` button so role-changes are explicit and audit-logged separately from member edits. +- **Privacy** — toggle public/private. Toggling to private dissolves implicit public membership. +- **Auto-join** — toggle whether new workspace members are auto-added. +- **Archive / Unarchive** — flip the archived flag. + +Every edit is written to the workspace audit log with the actor's UUID, the action name, and the space ID. + +## Capability matrix (v2 coming soon) + +Three space classes appear in the Resources table with a `v2 coming soon` state: + +- **Chat** (`Chat Channels`) +- **Office** (`Office Rooms`) +- **Guest-Links** (`Guest Links`) + +These rows are placeholders so administrators can see that the capability is recognized by WAC. The membership and privacy editors for these classes are scheduled for a follow-up release. Today they are still managed inside the respective application UIs.