while-basic
diff --git a/‎apps/backend/prisma/migrations/20250619200740_user_notification_pref/migration.sql‎
Lines changed: 19 additions & 0 deletions b/‎apps/backend/prisma/migrations/20250619200740_user_notification_pref/migration.sql‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎apps/backend/prisma/schema.prisma‎
Lines changed: 24 additions & 8 deletions b/‎apps/backend/prisma/schema.prisma‎
Lines changed: 24 additions & 8 deletions
diff --git a/‎apps/backend/src/app/api/latest/emails/notification-preference/[user_id]/[notification_category_id]/route.tsx‎
Lines changed: 3 additions & 0 deletions b/‎apps/backend/src/app/api/latest/emails/notification-preference/[user_id]/[notification_category_id]/route.tsx‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎apps/backend/src/app/api/latest/emails/notification-preference/[user_id]/route.tsx‎
Lines changed: 3 additions & 0 deletions b/‎apps/backend/src/app/api/latest/emails/notification-preference/[user_id]/route.tsx‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎apps/backend/src/app/api/latest/emails/notification-preference/crud.tsx‎
Lines changed: 103 additions & 0 deletions b/‎apps/backend/src/app/api/latest/emails/notification-preference/crud.tsx‎
Lines changed: 103 additions & 0 deletions
diff --git a/‎apps/backend/src/app/api/latest/emails/send-email/route.tsx‎
Lines changed: 87 additions & 0 deletions b/‎apps/backend/src/app/api/latest/emails/send-email/route.tsx‎
Lines changed: 87 additions & 0 deletions
diff --git a/‎apps/backend/src/app/api/latest/emails/unsubscribe-link/route.tsx‎
Lines changed: 66 additions & 0 deletions b/‎apps/backend/src/app/api/latest/emails/unsubscribe-link/route.tsx‎
Lines changed: 66 additions & 0 deletions
diff --git a/‎apps/backend/src/app/api/latest/emails/unsubscribe-link/verification-handler.tsx‎
Lines changed: 15 additions & 0 deletions b/‎apps/backend/src/app/api/latest/emails/unsubscribe-link/verification-handler.tsx‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎apps/backend/src/lib/emails.tsx‎
Lines changed: 1 addition & 1 deletion b/‎apps/backend/src/lib/emails.tsx‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,19 @@
+-- CreateTable
+CREATE TABLE "UserNotificationPreference" (
+    "id" UUID NOT NULL,
+    "tenancyId" UUID NOT NULL,
+    "projectUserId" UUID NOT NULL,
+    "notificationCategoryId" UUID NOT NULL,
+    "enabled" BOOLEAN NOT NULL,
+
+    CONSTRAINT "UserNotificationPreference_pkey" PRIMARY KEY ("tenancyId","id")
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "UserNotificationPreference_tenancyId_projectUserId_notifica_key" ON "UserNotificationPreference"("tenancyId", "projectUserId", "notificationCategoryId");
+
+-- AddForeignKey
+ALTER TABLE "UserNotificationPreference" ADD CONSTRAINT "UserNotificationPreference_tenancyId_fkey" FOREIGN KEY ("tenancyId") REFERENCES "Tenancy"("id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+-- AddForeignKey
+ALTER TABLE "UserNotificationPreference" ADD CONSTRAINT "UserNotificationPreference_tenancyId_projectUserId_fkey" FOREIGN KEY ("tenancyId", "projectUserId") REFERENCES "ProjectUser"("tenancyId", "projectUserId") ON DELETE CASCADE ON UPDATE CASCADE;
@@ -51,14 +51,15 @@ model Tenancy {
   organizationId    String?      @db.Uuid
   hasNoOrganization BooleanTrue?
 
-  teams             Team[]             @relation("TenancyTeams")
-  projectUsers      ProjectUser[]      @relation("TenancyProjectUsers")
-  authMethods       AuthMethod[]       @relation("TenancyAuthMethods")
-  contactChannels   ContactChannel[]   @relation("TenancyContactChannels")
-  connectedAccounts ConnectedAccount[] @relation("TenancyConnectedAccounts")
-  SentEmail         SentEmail[]
-  cliAuthAttempts   CliAuthAttempt[]
-  projectApiKey     ProjectApiKey[]
+  teams                       Team[]                       @relation("TenancyTeams")
+  projectUsers                ProjectUser[]                @relation("TenancyProjectUsers")
+  authMethods                 AuthMethod[]                 @relation("TenancyAuthMethods")
+  contactChannels             ContactChannel[]             @relation("TenancyContactChannels")
+  connectedAccounts           ConnectedAccount[]           @relation("TenancyConnectedAccounts")
+  SentEmail                   SentEmail[]
+  cliAuthAttempts             CliAuthAttempt[]
+  projectApiKey               ProjectApiKey[]
+  userNotificationPreferences UserNotificationPreference[]
 
@@unique([projectId, branchId, organizationId])
@@unique([projectId, branchId, hasNoOrganization])
@@ -192,6 +193,7 @@ model ProjectUser {
   contactChannels               ContactChannel[]
   authMethods                   AuthMethod[]
   connectedAccounts             ConnectedAccount[]
+  userNotificationPreferences   UserNotificationPreference[]
 
   // some backlinks for the unique constraints on some auth methods
   passwordAuthMethod PasswordAuthMethod[]
@@ -736,3 +738,17 @@ model CliAuthAttempt {
 
@@id([tenancyId, id])
 }
+
+model UserNotificationPreference {
+  id                     String @default(uuid()) @db.Uuid
+  tenancyId              String @db.Uuid
+  projectUserId          String @db.Uuid
+  notificationCategoryId String @db.Uuid
+
+  enabled     Boolean
+  tenancy     Tenancy     @relation(fields: [tenancyId], references: [id], onDelete: Cascade)
+  projectUser ProjectUser @relation(fields: [tenancyId, projectUserId], references: [tenancyId, projectUserId], onDelete: Cascade)
+
+  @@id([tenancyId, id])
+  @@unique([tenancyId, projectUserId, notificationCategoryId])
+}
@@ -0,0 +1,3 @@
+import { notificationPreferencesCrudHandlers } from "../../crud";
+
+export const PATCH = notificationPreferencesCrudHandlers.updateHandler;
@@ -0,0 +1,3 @@
+import { notificationPreferencesCrudHandlers } from "../crud";
+
+export const GET = notificationPreferencesCrudHandlers.listHandler;
@@ -0,0 +1,103 @@
+import { listNotificationCategories } from "@/lib/notification-categories";
+import { ensureUserExists } from "@/lib/request-checks";
+import { prismaClient } from "@/prisma-client";
+import { createCrudHandlers } from "@/route-handlers/crud-handler";
+import { KnownErrors } from "@stackframe/stack-shared";
+import { notificationPreferenceCrud, NotificationPreferenceCrud } from "@stackframe/stack-shared/dist/interface/crud/notification-preferences";
+import { userIdOrMeSchema, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+import { StatusError, throwErr } from "@stackframe/stack-shared/dist/utils/errors";
+import { createLazyProxy } from "@stackframe/stack-shared/dist/utils/proxies";
+
+export const notificationPreferencesCrudHandlers = createLazyProxy(() => createCrudHandlers(notificationPreferenceCrud, {
+  paramsSchema: yupObject({
+    user_id: userIdOrMeSchema.defined(),
+    notification_category_id: yupString().uuid().optional(),
+  }),
+  onUpdate: async ({ auth, params, data }) => {
+    const userId = params.user_id === 'me' ? (auth.user?.id ?? throwErr(new KnownErrors.UserAuthenticationRequired())) : params.user_id;
+    const notificationCategories = listNotificationCategories();
+    const notificationCategory = notificationCategories.find(c => c.id === params.notification_category_id);
+    if (!notificationCategory || !params.notification_category_id) {
+      throw new StatusError(404, "Notification category not found");
+    }
+
+    if (auth.type === 'client') {
+      if (!auth.user) {
+        throw new KnownErrors.UserAuthenticationRequired();
+      }
+      if (userId !== auth.user.id) {
+        throw new StatusError(StatusError.Forbidden, "You can only manage your own notification preferences");
+      }
+    }
+    await ensureUserExists(prismaClient, { tenancyId: auth.tenancy.id, userId });
+
+    const notificationPreference = await prismaClient.userNotificationPreference.upsert({
+      where: {
+        tenancyId_projectUserId_notificationCategoryId: {
+          tenancyId: auth.tenancy.id,
+          projectUserId: userId,
+          notificationCategoryId: params.notification_category_id,
+        },
+      },
+      update: {
+        enabled: data.enabled,
+      },
+      create: {
+        tenancyId: auth.tenancy.id,
+        projectUserId: userId,
+        notificationCategoryId: params.notification_category_id,
+        enabled: data.enabled,
+      },
+    });
+
+    return {
+      notification_category_id: notificationPreference.notificationCategoryId,
+      notification_category_name: notificationCategory.name,
+      enabled: notificationPreference.enabled,
+      can_disable: notificationCategory.can_disable,
+    };
+  },
+  onList: async ({ auth, params }) => {
+    const userId = params.user_id === 'me' ? (auth.user?.id ?? throwErr(new KnownErrors.UserAuthenticationRequired)) : params.user_id;
+
+    if (!userId) {
+      throw new KnownErrors.UserAuthenticationRequired;
+    }
+    if (auth.type === 'client') {
+      if (!auth.user) {
+        throw new KnownErrors.UserAuthenticationRequired;
+      }
+      if (userId && userId !== auth.user.id) {
+        throw new StatusError(StatusError.Forbidden, "You can only view your own notification preferences");
+      }
+    }
+    await ensureUserExists(prismaClient, { tenancyId: auth.tenancy.id, userId });
+
+    const notificationPreferences = await prismaClient.userNotificationPreference.findMany({
+      where: {
+        tenancyId: auth.tenancy.id,
+        projectUserId: userId,
+      },
+      select: {
+        notificationCategoryId: true,
+        enabled: true,
+      },
+    });
+
+    const notificationCategories = listNotificationCategories();
+    const items: NotificationPreferenceCrud["Client"]["Read"][] = notificationCategories.map(category => {
+      const preference = notificationPreferences.find(p => p.notificationCategoryId === category.id);
+      return {
+        notification_category_id: category.id,
+        notification_category_name: category.name,
+        enabled: preference?.enabled ?? category.default_enabled,
+        can_disable: category.can_disable,
+      };
+    });
+
+    return {
+      items,
+      is_paginated: false,
+    };
+  },
+}));
@@ -0,0 +1,87 @@
+import { getEmailConfig, sendEmail } from "@/lib/emails";
+import { getNotificationCategoryByName, hasNotificationEnabled } from "@/lib/notification-categories";
+import { createSmartRouteHandler } from "@/route-handlers/smart-route-handler";
+import { adaptSchema, serverOrHigherAuthTypeSchema, yupNumber, yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+import { StatusError } from "@stackframe/stack-shared/dist/utils/errors";
+import { getUser } from "../../users/crud";
+import { unsubscribeLinkVerificationCodeHandler } from "../unsubscribe-link/verification-handler";
+import { getEnvVariable } from "@stackframe/stack-shared/dist/utils/env";
+
+export const POST = createSmartRouteHandler({
+  metadata: {
+    hidden: true,
+  },
+  request: yupObject({
+    auth: yupObject({
+      type: serverOrHigherAuthTypeSchema,
+      tenancy: adaptSchema.defined(),
+    }).defined(),
+    body: yupObject({
+      user_id: yupString().defined(),
+      html: yupString().defined(),
+      subject: yupString().defined(),
+      notification_category_name: yupString().defined(),
+    }),
+    method: yupString().oneOf(["POST"]).defined(),
+  }),
+  response: yupObject({
+    statusCode: yupNumber().oneOf([200]).defined(),
+    bodyType: yupString().oneOf(["json"]).defined(),
+    body: yupObject({
+      user_email: yupString().defined(),
+    }).defined(),
+  }),
+  handler: async ({ body, auth }) => {
+    if (auth.tenancy.config.email_config.type === "shared") {
+      throw new StatusError(400, "Cannot send custom emails when using shared email config");
+    }
+    const user = await getUser({ userId: body.user_id, tenancyId: auth.tenancy.id });
+    if (!user) {
+      throw new StatusError(404, "User not found");
+    }
+    if (!user.primary_email) {
+      throw new StatusError(400, "User does not have a primary email");
+    }
+    const notificationCategory = getNotificationCategoryByName(body.notification_category_name);
+    if (!notificationCategory) {
+      throw new StatusError(404, "Notification category not found");
+    }
+    const isNotificationEnabled = await hasNotificationEnabled(auth.tenancy.id, user.id, notificationCategory.id);
+    if (!isNotificationEnabled) {
+      throw new StatusError(400, "User has disabled notifications for this category");
+    }
+
+    let html = body.html;
+    if (notificationCategory.can_disable) {
+      const { code } = await unsubscribeLinkVerificationCodeHandler.createCode({
+        tenancy: auth.tenancy,
+        method: {},
+        data: {
+          user_id: user.id,
+          notification_category_id: notificationCategory.id,
+        },
+        callbackUrl: undefined
+      });
+      const unsubscribeLink = new URL(getEnvVariable("NEXT_PUBLIC_STACK_API_URL"));
+      unsubscribeLink.pathname = "/api/v1/emails/unsubscribe-link";
+      unsubscribeLink.searchParams.set("code", code);
+      html += `<br /><a href="${unsubscribeLink.toString()}">Click here to unsubscribe</a>`;
+    }
+
+    await sendEmail({
+      tenancyId: auth.tenancy.id,
+      emailConfig: await getEmailConfig(auth.tenancy),
+      to: user.primary_email,
+      subject: body.subject,
+      html,
+    });
+
+    return {
+      statusCode: 200,
+      bodyType: 'json',
+      body: {
+        user_email: user.primary_email,
+      },
+    };
+  },
+});
@@ -0,0 +1,66 @@
+import { KnownErrors } from "@stackframe/stack-shared/dist/known-errors";
+import { prismaClient } from "@/prisma-client";
+import { VerificationCodeType } from "@prisma/client";
+import { getSoleTenancyFromProjectBranch } from "@/lib/tenancies";
+import { NextRequest } from "next/server";
+
+export async function GET(request: NextRequest) {
+  const { searchParams } = new URL(request.url);
+  const code = searchParams.get('code');
+  if (!code || code.length !== 45)
+    return new Response('Invalid code', { status: 400 });
+
+  const codeLower = code.toLowerCase();
+  const verificationCode = await prismaClient.verificationCode.findFirst({
+    where: {
+      code: codeLower,
+      type: VerificationCodeType.ONE_TIME_PASSWORD,
+    },
+  });
+
+  if (!verificationCode) throw new KnownErrors.VerificationCodeNotFound();
+  if (verificationCode.expiresAt < new Date()) throw new KnownErrors.VerificationCodeExpired();
+  if (verificationCode.usedAt) {
+    return new Response('<p>You have already unsubscribed from this notification group</p>', {
+      status: 200,
+      headers: { 'Content-Type': 'text/html' },
+    });
+  }
+  const { user_id, notification_category_id } = verificationCode.data as { user_id: string, notification_category_id: string };
+
+  await prismaClient.verificationCode.update({
+    where: {
+      projectId_branchId_code: {
+        projectId: verificationCode.projectId,
+        branchId: verificationCode.branchId,
+        code: codeLower,
+      },
+    },
+    data: { usedAt: new Date() },
+  });
+
+  const tenancy = await getSoleTenancyFromProjectBranch(verificationCode.projectId, verificationCode.branchId);
+  await prismaClient.userNotificationPreference.upsert({
+    where: {
+      tenancyId_projectUserId_notificationCategoryId: {
+        tenancyId: tenancy.id,
+        projectUserId: user_id,
+        notificationCategoryId: notification_category_id,
+      },
+    },
+    update: {
+      enabled: false,
+    },
+    create: {
+      tenancyId: tenancy.id,
+      projectUserId: user_id,
+      notificationCategoryId: notification_category_id,
+      enabled: false,
+    },
+  });
+
+  return new Response('<p>Successfully unsubscribed from notification group</p>', {
+    status: 200,
+    headers: { 'Content-Type': 'text/html' },
+  });
+}
@@ -0,0 +1,15 @@
+import { createVerificationCodeHandler } from "@/route-handlers/verification-code-handler";
+import { VerificationCodeType } from "@prisma/client";
+import { yupObject, yupString } from "@stackframe/stack-shared/dist/schema-fields";
+
+export const unsubscribeLinkVerificationCodeHandler = createVerificationCodeHandler({
+  type: VerificationCodeType.ONE_TIME_PASSWORD,
+  data: yupObject({
+    user_id: yupString().defined(),
+    notification_category_id: yupString().defined(),
+  }),
+  // @ts-expect-error handler functions are not used for this verificationCodeHandler
+  async handler() {
+    return null;
+  },
+});
@@ -332,7 +332,7 @@ export async function sendEmailFromTemplate(options: {
   });
 }
 
-async function getEmailConfig(tenancy: Tenancy): Promise<EmailConfig> {
+export async function getEmailConfig(tenancy: Tenancy): Promise<EmailConfig> {
   const projectEmailConfig = tenancy.config.email_config;
 
   if (projectEmailConfig.type === 'shared') {
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+import { notificationPreferencesCrudHandlers } from "../../crud";`
	`2`	`+`
	`3`	`+export const PATCH = notificationPreferencesCrudHandlers.updateHandler;`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+import { notificationPreferencesCrudHandlers } from "../crud";`
	`2`	`+`
	`3`	`+export const GET = notificationPreferencesCrudHandlers.listHandler;`
Original file line number	Diff line number	Diff line change
`@@ -332,7 +332,7 @@ export async function sendEmailFromTemplate(options: {`
`332`	`332`	`});`
`333`	`333`	`}`
`334`	`334`
`335`		`-async function getEmailConfig(tenancy: Tenancy): Promise<EmailConfig> {`
	`335`	`+export async function getEmailConfig(tenancy: Tenancy): Promise<EmailConfig> {`
`336`	`336`	`const projectEmailConfig = tenancy.config.email_config;`
`337`	`337`
`338`	`338`	`if (projectEmailConfig.type === 'shared') {`