mirror of
https://github.com/multica-ai/multica.git
synced 2026-07-05 21:39:54 +02:00
* feat(self-host): DISABLE_WORKSPACE_CREATION env var (MUL-2777, #3433) When self-hosters set DISABLE_WORKSPACE_CREATION=true, POST /api/workspaces returns 403 for every caller and the UI hides every "Create workspace" affordance (sidebar, modal, /workspaces/new page, onboarding Step 2). This closes the gap where ALLOW_SIGNUP=false still let any signed-in user open an isolated workspace the platform admin couldn't see. - server: new Config.DisableWorkspaceCreation, gate in CreateWorkspace, workspace_creation_disabled in /api/config, Go tests. - frontend: new workspaceCreationDisabled in configStore, hide sidebar entry, swap NewWorkspacePage / CreateWorkspaceModal / onboarding StepWorkspace to a "creation disabled, ask for invite" state when the flag is on, EN + zh-Hans locale strings. - ops: .env.example, docker-compose.selfhost, helm values + configmap, SELF_HOSTING.md, SELF_HOSTING_ADVANCED.md, environment-variables docs (EN + zh). Co-authored-by: multica-agent <github@multica.ai> * fix(onboarding): drive create path off workspaceCreationAllowed (#3433) PR #3441 review: when DISABLE_WORKSPACE_CREATION=true and the user already has a workspace, StepWorkspace still walked the resume copy (`headline_resume` / `lede_resume` mentioning "or start another") and `creatingActive` ignored the flag, leaving a stale clickable create CTA possible if /api/config arrived late. Refactor StepWorkspace to derive a single `workspaceCreationAllowed` boolean from the config store. It now drives: - Initial `mode` state (defaults to "existing" when disabled + reusing so the CTA is pre-armed for the only valid action). - `creatingActive` so the footer CTA cannot fall back into the create branch even mid-render. - Eyebrow / headline / lede strings — adds `creation_disabled_{eyebrow,headline,lede}_resume` (EN + zh-Hans) for the disabled + reusing variant. Tests: cover the three reachable shapes — flag off + no existing, flag on + no existing, flag on + existing. Co-authored-by: multica-agent <github@multica.ai> --------- Co-authored-by: J <j@multica.ai> Co-authored-by: multica-agent <github@multica.ai>
61 lines
2.4 KiB
Go
61 lines
2.4 KiB
Go
package handler
|
|
|
|
import (
|
|
"net/http"
|
|
"os"
|
|
|
|
"github.com/multica-ai/multica/server/internal/analytics"
|
|
)
|
|
|
|
type AppConfig struct {
|
|
CdnDomain string `json:"cdn_domain"`
|
|
// Public auth config consumed by the web app at runtime so self-hosted
|
|
// deployments do not need to rebuild the frontend image when operators
|
|
// toggle signup or wire Google OAuth.
|
|
AllowSignup bool `json:"allow_signup"`
|
|
GoogleClientID string `json:"google_client_id,omitempty"`
|
|
// WorkspaceCreationDisabled mirrors the server-side
|
|
// DISABLE_WORKSPACE_CREATION env var so the UI can hide every
|
|
// "Create workspace" affordance on self-hosted instances. Omitted
|
|
// from the JSON when false to keep responses identical to the
|
|
// previous shape for the common managed-cloud case (#3433).
|
|
WorkspaceCreationDisabled bool `json:"workspace_creation_disabled,omitempty"`
|
|
|
|
// PostHog public config for the frontend. The key is the same Project
|
|
// API Key the backend uses; returning it here (instead of baking it
|
|
// into the frontend bundle via NEXT_PUBLIC_*) means self-hosted
|
|
// instances — whose server returns an empty key — automatically
|
|
// disable frontend event shipping too.
|
|
PosthogKey string `json:"posthog_key"`
|
|
PosthogHost string `json:"posthog_host"`
|
|
AnalyticsEnvironment string `json:"analytics_environment"`
|
|
}
|
|
|
|
// GetConfig is mounted on the public (unauthenticated) route group because
|
|
// the web app calls it before login to decide whether to render the Google
|
|
// sign-in button and signup UI. Only add fields here that are safe to expose
|
|
// to anonymous callers — never user- or tenant-scoped data.
|
|
func (h *Handler) GetConfig(w http.ResponseWriter, r *http.Request) {
|
|
config := AppConfig{
|
|
AllowSignup: os.Getenv("ALLOW_SIGNUP") != "false",
|
|
GoogleClientID: os.Getenv("GOOGLE_CLIENT_ID"),
|
|
WorkspaceCreationDisabled: os.Getenv("DISABLE_WORKSPACE_CREATION") == "true",
|
|
}
|
|
if h.Storage != nil {
|
|
config.CdnDomain = h.Storage.CdnDomain()
|
|
}
|
|
|
|
// Re-read from env on every request so operators can rotate keys via
|
|
// secret refresh without a server restart.
|
|
if v := os.Getenv("ANALYTICS_DISABLED"); v != "true" && v != "1" {
|
|
config.PosthogKey = os.Getenv("POSTHOG_API_KEY")
|
|
config.PosthogHost = os.Getenv("POSTHOG_HOST")
|
|
config.AnalyticsEnvironment = analytics.EnvironmentFromEnv()
|
|
if config.PosthogHost == "" && config.PosthogKey != "" {
|
|
config.PosthogHost = "https://us.i.posthog.com"
|
|
}
|
|
}
|
|
|
|
writeJSON(w, http.StatusOK, config)
|
|
}
|