2026-03-06 16:39:35 -05:00
|
|
|
import { useEffect, useMemo, useState } from "react";
|
2026-02-26 16:33:20 -06:00
|
|
|
import { cn } from "../lib/utils";
|
|
|
|
|
|
|
|
|
|
const BAYER_4X4 = [
|
|
|
|
|
[0, 8, 2, 10],
|
|
|
|
|
[12, 4, 14, 6],
|
|
|
|
|
[3, 11, 1, 9],
|
|
|
|
|
[15, 7, 13, 5],
|
|
|
|
|
] as const;
|
|
|
|
|
|
|
|
|
|
interface CompanyPatternIconProps {
|
|
|
|
|
companyName: string;
|
2026-03-06 16:39:35 -05:00
|
|
|
logoUrl?: string | null;
|
2026-02-26 16:33:20 -06:00
|
|
|
brandColor?: string | null;
|
|
|
|
|
className?: string;
|
feat: implement multi-user access and invite flows (#3784)
## Thinking Path
> - Paperclip is the control plane for autonomous AI companies.
> - V1 needs to stay local-first while also supporting shared,
authenticated deployments.
> - Human operators need real identities, company membership, invite
flows, profile surfaces, and company-scoped access controls.
> - Agents and operators also need the existing issue, inbox, workspace,
approval, and plugin flows to keep working under those authenticated
boundaries.
> - This branch accumulated the multi-user implementation, follow-up QA
fixes, workspace/runtime refinements, invite UX improvements,
release-branch conflict resolution, and review hardening.
> - This pull request consolidates that branch onto the current `master`
branch as a single reviewable PR.
> - The benefit is a complete multi-user implementation path with tests
and docs carried forward without dropping existing branch work.
## What Changed
- Added authenticated human-user access surfaces: auth/session routes,
company user directory, profile settings, company access/member
management, join requests, and invite management.
- Added invite creation, invite landing, onboarding, logo/branding,
invite grants, deduped join requests, and authenticated multi-user E2E
coverage.
- Tightened company-scoped and instance-admin authorization across
board, plugin, adapter, access, issue, and workspace routes.
- Added profile-image URL validation hardening, avatar preservation on
name-only profile updates, and join-request uniqueness migration cleanup
for pending human requests.
- Added an atomic member role/status/grants update path so Company
Access saves no longer leave partially updated permissions.
- Improved issue chat, inbox, assignee identity rendering,
sidebar/account/company navigation, workspace routing, and execution
workspace reuse behavior for multi-user operation.
- Added and updated server/UI tests covering auth, invites, membership,
issue workspace inheritance, plugin authz, inbox/chat behavior, and
multi-user flows.
- Merged current `public-gh/master` into this branch, resolved all
conflicts, and verified no `pnpm-lock.yaml` change is included in this
PR diff.
## Verification
- `pnpm exec vitest run server/src/__tests__/issues-service.test.ts
ui/src/components/IssueChatThread.test.tsx ui/src/pages/Inbox.test.tsx`
- `pnpm run preflight:workspace-links && pnpm exec vitest run
server/src/__tests__/plugin-routes-authz.test.ts`
- `pnpm exec vitest run server/src/__tests__/plugin-routes-authz.test.ts
server/src/__tests__/workspace-runtime-service-authz.test.ts
server/src/__tests__/access-validators.test.ts`
- `pnpm exec vitest run
server/src/__tests__/authz-company-access.test.ts
server/src/__tests__/routines-routes.test.ts
server/src/__tests__/sidebar-preferences-routes.test.ts
server/src/__tests__/approval-routes-idempotency.test.ts
server/src/__tests__/openclaw-invite-prompt-route.test.ts
server/src/__tests__/agent-cross-tenant-authz-routes.test.ts
server/src/__tests__/routines-e2e.test.ts`
- `pnpm exec vitest run server/src/__tests__/auth-routes.test.ts
ui/src/pages/CompanyAccess.test.tsx`
- `pnpm --filter @paperclipai/shared typecheck && pnpm --filter
@paperclipai/db typecheck && pnpm --filter @paperclipai/server
typecheck`
- `pnpm --filter @paperclipai/shared typecheck && pnpm --filter
@paperclipai/server typecheck`
- `pnpm --filter @paperclipai/ui typecheck`
- `pnpm db:generate`
- `npx playwright test --config tests/e2e/playwright.config.ts --list`
- Confirmed branch has no uncommitted changes and is `0` commits behind
`public-gh/master` before PR creation.
- Confirmed no `pnpm-lock.yaml` change is staged or present in the PR
diff.
## Risks
- High review surface area: this PR contains the accumulated multi-user
branch plus follow-up fixes, so reviewers should focus especially on
company-boundary enforcement and authenticated-vs-local deployment
behavior.
- UI behavior changed across invites, inbox, issue chat, access
settings, and sidebar navigation; no browser screenshots are included in
this branch-consolidation PR.
- Plugin install, upgrade, and lifecycle/config mutations now require
instance-admin access, which is intentional but may change expectations
for non-admin board users.
- A join-request dedupe migration rejects duplicate pending human
requests before creating unique indexes; deployments with unusual
historical duplicates should review the migration behavior.
- Company member role/status/grant saves now use a new combined
endpoint; older separate endpoints remain for compatibility.
- Full production build was not run locally in this heartbeat; CI should
cover the full matrix.
## Model Used
- OpenAI Codex coding agent, GPT-5-based model, CLI/tool-use
environment. Exact deployed model identifier and context window were not
exposed by the runtime.
## Checklist
- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge
Note on screenshots: this is a branch-consolidation PR for an
already-developed multi-user branch, and no browser screenshots were
captured during this heartbeat.
---------
Co-authored-by: dotta <dotta@example.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-17 09:44:19 -05:00
|
|
|
logoFit?: "cover" | "contain";
|
2026-02-26 16:33:20 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function hashString(value: string): number {
|
|
|
|
|
let hash = 2166136261;
|
|
|
|
|
for (let i = 0; i < value.length; i++) {
|
|
|
|
|
hash ^= value.charCodeAt(i);
|
|
|
|
|
hash = Math.imul(hash, 16777619);
|
|
|
|
|
}
|
|
|
|
|
return hash >>> 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function mulberry32(seed: number): () => number {
|
|
|
|
|
let state = seed >>> 0;
|
|
|
|
|
return () => {
|
|
|
|
|
state = (state + 0x6d2b79f5) >>> 0;
|
|
|
|
|
let t = Math.imul(state ^ (state >>> 15), 1 | state);
|
|
|
|
|
t ^= t + Math.imul(t ^ (t >>> 7), 61 | t);
|
|
|
|
|
return ((t ^ (t >>> 14)) >>> 0) / 4294967296;
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function hslToRgb(h: number, s: number, l: number): [number, number, number] {
|
|
|
|
|
const hue = ((h % 360) + 360) % 360;
|
|
|
|
|
const sat = Math.max(0, Math.min(100, s)) / 100;
|
|
|
|
|
const light = Math.max(0, Math.min(100, l)) / 100;
|
|
|
|
|
|
|
|
|
|
const c = (1 - Math.abs(2 * light - 1)) * sat;
|
|
|
|
|
const x = c * (1 - Math.abs(((hue / 60) % 2) - 1));
|
|
|
|
|
const m = light - c / 2;
|
|
|
|
|
|
|
|
|
|
let r = 0;
|
|
|
|
|
let g = 0;
|
|
|
|
|
let b = 0;
|
|
|
|
|
|
|
|
|
|
if (hue < 60) {
|
|
|
|
|
r = c;
|
|
|
|
|
g = x;
|
|
|
|
|
} else if (hue < 120) {
|
|
|
|
|
r = x;
|
|
|
|
|
g = c;
|
|
|
|
|
} else if (hue < 180) {
|
|
|
|
|
g = c;
|
|
|
|
|
b = x;
|
|
|
|
|
} else if (hue < 240) {
|
|
|
|
|
g = x;
|
|
|
|
|
b = c;
|
|
|
|
|
} else if (hue < 300) {
|
|
|
|
|
r = x;
|
|
|
|
|
b = c;
|
|
|
|
|
} else {
|
|
|
|
|
r = c;
|
|
|
|
|
b = x;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return [
|
|
|
|
|
Math.round((r + m) * 255),
|
|
|
|
|
Math.round((g + m) * 255),
|
|
|
|
|
Math.round((b + m) * 255),
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function hexToHue(hex: string): number {
|
|
|
|
|
const r = parseInt(hex.slice(1, 3), 16) / 255;
|
|
|
|
|
const g = parseInt(hex.slice(3, 5), 16) / 255;
|
|
|
|
|
const b = parseInt(hex.slice(5, 7), 16) / 255;
|
|
|
|
|
const max = Math.max(r, g, b);
|
|
|
|
|
const min = Math.min(r, g, b);
|
|
|
|
|
const d = max - min;
|
|
|
|
|
if (d === 0) return 0;
|
|
|
|
|
let h = 0;
|
|
|
|
|
if (max === r) h = ((g - b) / d) % 6;
|
|
|
|
|
else if (max === g) h = (b - r) / d + 2;
|
|
|
|
|
else h = (r - g) / d + 4;
|
|
|
|
|
return ((h * 60) + 360) % 360;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function makeCompanyPatternDataUrl(seed: string, brandColor?: string | null, logicalSize = 22, cellSize = 2): string {
|
|
|
|
|
if (typeof document === "undefined") return "";
|
|
|
|
|
|
|
|
|
|
const canvas = document.createElement("canvas");
|
|
|
|
|
canvas.width = logicalSize * cellSize;
|
|
|
|
|
canvas.height = logicalSize * cellSize;
|
|
|
|
|
|
|
|
|
|
const ctx = canvas.getContext("2d");
|
|
|
|
|
if (!ctx) return "";
|
|
|
|
|
|
|
|
|
|
const rand = mulberry32(hashString(seed));
|
|
|
|
|
|
|
|
|
|
const hue = brandColor ? hexToHue(brandColor) : Math.floor(rand() * 360);
|
|
|
|
|
const [offR, offG, offB] = hslToRgb(
|
|
|
|
|
hue,
|
|
|
|
|
54 + Math.floor(rand() * 14),
|
|
|
|
|
36 + Math.floor(rand() * 12),
|
|
|
|
|
);
|
|
|
|
|
const [onR, onG, onB] = hslToRgb(
|
|
|
|
|
hue + (rand() > 0.5 ? 10 : -10),
|
|
|
|
|
86 + Math.floor(rand() * 10),
|
|
|
|
|
82 + Math.floor(rand() * 10),
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
const center = (logicalSize - 1) / 2;
|
|
|
|
|
const half = Math.max(center, 1);
|
|
|
|
|
const gradientAngle = rand() * Math.PI * 2;
|
|
|
|
|
const gradientDirX = Math.cos(gradientAngle);
|
|
|
|
|
const gradientDirY = Math.sin(gradientAngle);
|
|
|
|
|
const maxProjection = Math.abs(gradientDirX * half) + Math.abs(gradientDirY * half);
|
|
|
|
|
const diagonalFrequency = 0.34 + rand() * 0.12;
|
|
|
|
|
const antiDiagonalFrequency = 0.33 + rand() * 0.12;
|
|
|
|
|
const diagonalPhase = rand() * Math.PI * 2;
|
|
|
|
|
const antiDiagonalPhase = rand() * Math.PI * 2;
|
|
|
|
|
|
|
|
|
|
ctx.fillStyle = `rgb(${offR} ${offG} ${offB})`;
|
|
|
|
|
ctx.fillRect(0, 0, canvas.width, canvas.height);
|
|
|
|
|
|
|
|
|
|
ctx.fillStyle = `rgb(${onR} ${onG} ${onB})`;
|
|
|
|
|
const dotRadius = cellSize * 0.46;
|
|
|
|
|
|
|
|
|
|
for (let y = 0; y < logicalSize; y++) {
|
|
|
|
|
const dy = y - center;
|
|
|
|
|
|
|
|
|
|
for (let x = 0; x < logicalSize; x++) {
|
|
|
|
|
const dx = x - center;
|
|
|
|
|
|
|
|
|
|
// Side-to-side signal where visible gradient is produced by dither density.
|
|
|
|
|
const projection = dx * gradientDirX + dy * gradientDirY;
|
|
|
|
|
const gradient = (projection / maxProjection + 1) * 0.5;
|
|
|
|
|
const diagonal = Math.sin((dx + dy) * diagonalFrequency + diagonalPhase) * 0.5 + 0.5;
|
|
|
|
|
const antiDiagonal = Math.sin((dx - dy) * antiDiagonalFrequency + antiDiagonalPhase) * 0.5 + 0.5;
|
|
|
|
|
const hatch = diagonal * 0.5 + antiDiagonal * 0.5;
|
|
|
|
|
const signal = Math.max(0, Math.min(1, gradient + (hatch - 0.5) * 0.22));
|
|
|
|
|
|
|
|
|
|
// Canonical 16-level ordered dither: level 0..15 compared to Bayer 4x4 threshold index.
|
|
|
|
|
const level = Math.max(0, Math.min(15, Math.floor(signal * 16)));
|
|
|
|
|
const thresholdIndex = BAYER_4X4[y & 3]![x & 3]!;
|
|
|
|
|
if (level <= thresholdIndex) continue;
|
|
|
|
|
|
|
|
|
|
const cx = x * cellSize + cellSize / 2;
|
|
|
|
|
const cy = y * cellSize + cellSize / 2;
|
|
|
|
|
ctx.beginPath();
|
|
|
|
|
ctx.arc(cx, cy, dotRadius, 0, Math.PI * 2);
|
|
|
|
|
ctx.fill();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return canvas.toDataURL("image/png");
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-06 16:39:35 -05:00
|
|
|
export function CompanyPatternIcon({
|
|
|
|
|
companyName,
|
|
|
|
|
logoUrl,
|
|
|
|
|
brandColor,
|
|
|
|
|
className,
|
feat: implement multi-user access and invite flows (#3784)
## Thinking Path
> - Paperclip is the control plane for autonomous AI companies.
> - V1 needs to stay local-first while also supporting shared,
authenticated deployments.
> - Human operators need real identities, company membership, invite
flows, profile surfaces, and company-scoped access controls.
> - Agents and operators also need the existing issue, inbox, workspace,
approval, and plugin flows to keep working under those authenticated
boundaries.
> - This branch accumulated the multi-user implementation, follow-up QA
fixes, workspace/runtime refinements, invite UX improvements,
release-branch conflict resolution, and review hardening.
> - This pull request consolidates that branch onto the current `master`
branch as a single reviewable PR.
> - The benefit is a complete multi-user implementation path with tests
and docs carried forward without dropping existing branch work.
## What Changed
- Added authenticated human-user access surfaces: auth/session routes,
company user directory, profile settings, company access/member
management, join requests, and invite management.
- Added invite creation, invite landing, onboarding, logo/branding,
invite grants, deduped join requests, and authenticated multi-user E2E
coverage.
- Tightened company-scoped and instance-admin authorization across
board, plugin, adapter, access, issue, and workspace routes.
- Added profile-image URL validation hardening, avatar preservation on
name-only profile updates, and join-request uniqueness migration cleanup
for pending human requests.
- Added an atomic member role/status/grants update path so Company
Access saves no longer leave partially updated permissions.
- Improved issue chat, inbox, assignee identity rendering,
sidebar/account/company navigation, workspace routing, and execution
workspace reuse behavior for multi-user operation.
- Added and updated server/UI tests covering auth, invites, membership,
issue workspace inheritance, plugin authz, inbox/chat behavior, and
multi-user flows.
- Merged current `public-gh/master` into this branch, resolved all
conflicts, and verified no `pnpm-lock.yaml` change is included in this
PR diff.
## Verification
- `pnpm exec vitest run server/src/__tests__/issues-service.test.ts
ui/src/components/IssueChatThread.test.tsx ui/src/pages/Inbox.test.tsx`
- `pnpm run preflight:workspace-links && pnpm exec vitest run
server/src/__tests__/plugin-routes-authz.test.ts`
- `pnpm exec vitest run server/src/__tests__/plugin-routes-authz.test.ts
server/src/__tests__/workspace-runtime-service-authz.test.ts
server/src/__tests__/access-validators.test.ts`
- `pnpm exec vitest run
server/src/__tests__/authz-company-access.test.ts
server/src/__tests__/routines-routes.test.ts
server/src/__tests__/sidebar-preferences-routes.test.ts
server/src/__tests__/approval-routes-idempotency.test.ts
server/src/__tests__/openclaw-invite-prompt-route.test.ts
server/src/__tests__/agent-cross-tenant-authz-routes.test.ts
server/src/__tests__/routines-e2e.test.ts`
- `pnpm exec vitest run server/src/__tests__/auth-routes.test.ts
ui/src/pages/CompanyAccess.test.tsx`
- `pnpm --filter @paperclipai/shared typecheck && pnpm --filter
@paperclipai/db typecheck && pnpm --filter @paperclipai/server
typecheck`
- `pnpm --filter @paperclipai/shared typecheck && pnpm --filter
@paperclipai/server typecheck`
- `pnpm --filter @paperclipai/ui typecheck`
- `pnpm db:generate`
- `npx playwright test --config tests/e2e/playwright.config.ts --list`
- Confirmed branch has no uncommitted changes and is `0` commits behind
`public-gh/master` before PR creation.
- Confirmed no `pnpm-lock.yaml` change is staged or present in the PR
diff.
## Risks
- High review surface area: this PR contains the accumulated multi-user
branch plus follow-up fixes, so reviewers should focus especially on
company-boundary enforcement and authenticated-vs-local deployment
behavior.
- UI behavior changed across invites, inbox, issue chat, access
settings, and sidebar navigation; no browser screenshots are included in
this branch-consolidation PR.
- Plugin install, upgrade, and lifecycle/config mutations now require
instance-admin access, which is intentional but may change expectations
for non-admin board users.
- A join-request dedupe migration rejects duplicate pending human
requests before creating unique indexes; deployments with unusual
historical duplicates should review the migration behavior.
- Company member role/status/grant saves now use a new combined
endpoint; older separate endpoints remain for compatibility.
- Full production build was not run locally in this heartbeat; CI should
cover the full matrix.
## Model Used
- OpenAI Codex coding agent, GPT-5-based model, CLI/tool-use
environment. Exact deployed model identifier and context window were not
exposed by the runtime.
## Checklist
- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge
Note on screenshots: this is a branch-consolidation PR for an
already-developed multi-user branch, and no browser screenshots were
captured during this heartbeat.
---------
Co-authored-by: dotta <dotta@example.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-17 09:44:19 -05:00
|
|
|
logoFit = "cover",
|
2026-03-06 16:39:35 -05:00
|
|
|
}: CompanyPatternIconProps) {
|
2026-02-26 16:33:20 -06:00
|
|
|
const initial = companyName.trim().charAt(0).toUpperCase() || "?";
|
2026-03-06 16:39:35 -05:00
|
|
|
const [imageError, setImageError] = useState(false);
|
|
|
|
|
const logo = !imageError && typeof logoUrl === "string" && logoUrl.trim().length > 0 ? logoUrl : null;
|
|
|
|
|
useEffect(() => {
|
|
|
|
|
setImageError(false);
|
|
|
|
|
}, [logoUrl]);
|
2026-02-26 16:33:20 -06:00
|
|
|
const patternDataUrl = useMemo(
|
|
|
|
|
() => makeCompanyPatternDataUrl(companyName.trim().toLowerCase(), brandColor),
|
|
|
|
|
[companyName, brandColor],
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
return (
|
|
|
|
|
<div
|
|
|
|
|
className={cn(
|
|
|
|
|
"relative flex items-center justify-center w-11 h-11 text-base font-semibold text-white overflow-hidden",
|
|
|
|
|
className,
|
|
|
|
|
)}
|
|
|
|
|
>
|
2026-03-06 16:39:35 -05:00
|
|
|
{logo ? (
|
|
|
|
|
<img
|
|
|
|
|
src={logo}
|
|
|
|
|
alt={`${companyName} logo`}
|
|
|
|
|
onError={() => setImageError(true)}
|
feat: implement multi-user access and invite flows (#3784)
## Thinking Path
> - Paperclip is the control plane for autonomous AI companies.
> - V1 needs to stay local-first while also supporting shared,
authenticated deployments.
> - Human operators need real identities, company membership, invite
flows, profile surfaces, and company-scoped access controls.
> - Agents and operators also need the existing issue, inbox, workspace,
approval, and plugin flows to keep working under those authenticated
boundaries.
> - This branch accumulated the multi-user implementation, follow-up QA
fixes, workspace/runtime refinements, invite UX improvements,
release-branch conflict resolution, and review hardening.
> - This pull request consolidates that branch onto the current `master`
branch as a single reviewable PR.
> - The benefit is a complete multi-user implementation path with tests
and docs carried forward without dropping existing branch work.
## What Changed
- Added authenticated human-user access surfaces: auth/session routes,
company user directory, profile settings, company access/member
management, join requests, and invite management.
- Added invite creation, invite landing, onboarding, logo/branding,
invite grants, deduped join requests, and authenticated multi-user E2E
coverage.
- Tightened company-scoped and instance-admin authorization across
board, plugin, adapter, access, issue, and workspace routes.
- Added profile-image URL validation hardening, avatar preservation on
name-only profile updates, and join-request uniqueness migration cleanup
for pending human requests.
- Added an atomic member role/status/grants update path so Company
Access saves no longer leave partially updated permissions.
- Improved issue chat, inbox, assignee identity rendering,
sidebar/account/company navigation, workspace routing, and execution
workspace reuse behavior for multi-user operation.
- Added and updated server/UI tests covering auth, invites, membership,
issue workspace inheritance, plugin authz, inbox/chat behavior, and
multi-user flows.
- Merged current `public-gh/master` into this branch, resolved all
conflicts, and verified no `pnpm-lock.yaml` change is included in this
PR diff.
## Verification
- `pnpm exec vitest run server/src/__tests__/issues-service.test.ts
ui/src/components/IssueChatThread.test.tsx ui/src/pages/Inbox.test.tsx`
- `pnpm run preflight:workspace-links && pnpm exec vitest run
server/src/__tests__/plugin-routes-authz.test.ts`
- `pnpm exec vitest run server/src/__tests__/plugin-routes-authz.test.ts
server/src/__tests__/workspace-runtime-service-authz.test.ts
server/src/__tests__/access-validators.test.ts`
- `pnpm exec vitest run
server/src/__tests__/authz-company-access.test.ts
server/src/__tests__/routines-routes.test.ts
server/src/__tests__/sidebar-preferences-routes.test.ts
server/src/__tests__/approval-routes-idempotency.test.ts
server/src/__tests__/openclaw-invite-prompt-route.test.ts
server/src/__tests__/agent-cross-tenant-authz-routes.test.ts
server/src/__tests__/routines-e2e.test.ts`
- `pnpm exec vitest run server/src/__tests__/auth-routes.test.ts
ui/src/pages/CompanyAccess.test.tsx`
- `pnpm --filter @paperclipai/shared typecheck && pnpm --filter
@paperclipai/db typecheck && pnpm --filter @paperclipai/server
typecheck`
- `pnpm --filter @paperclipai/shared typecheck && pnpm --filter
@paperclipai/server typecheck`
- `pnpm --filter @paperclipai/ui typecheck`
- `pnpm db:generate`
- `npx playwright test --config tests/e2e/playwright.config.ts --list`
- Confirmed branch has no uncommitted changes and is `0` commits behind
`public-gh/master` before PR creation.
- Confirmed no `pnpm-lock.yaml` change is staged or present in the PR
diff.
## Risks
- High review surface area: this PR contains the accumulated multi-user
branch plus follow-up fixes, so reviewers should focus especially on
company-boundary enforcement and authenticated-vs-local deployment
behavior.
- UI behavior changed across invites, inbox, issue chat, access
settings, and sidebar navigation; no browser screenshots are included in
this branch-consolidation PR.
- Plugin install, upgrade, and lifecycle/config mutations now require
instance-admin access, which is intentional but may change expectations
for non-admin board users.
- A join-request dedupe migration rejects duplicate pending human
requests before creating unique indexes; deployments with unusual
historical duplicates should review the migration behavior.
- Company member role/status/grant saves now use a new combined
endpoint; older separate endpoints remain for compatibility.
- Full production build was not run locally in this heartbeat; CI should
cover the full matrix.
## Model Used
- OpenAI Codex coding agent, GPT-5-based model, CLI/tool-use
environment. Exact deployed model identifier and context window were not
exposed by the runtime.
## Checklist
- [x] I have included a thinking path that traces from project context
to this change
- [x] I have specified the model used (with version and capability
details)
- [x] I have run tests locally and they pass
- [x] I have added or updated tests where applicable
- [x] If this change affects the UI, I have included before/after
screenshots
- [x] I have updated relevant documentation to reflect my changes
- [x] I have considered and documented any risks above
- [x] I will address all Greptile and reviewer comments before
requesting merge
Note on screenshots: this is a branch-consolidation PR for an
already-developed multi-user branch, and no browser screenshots were
captured during this heartbeat.
---------
Co-authored-by: dotta <dotta@example.com>
Co-authored-by: Paperclip <noreply@paperclip.ing>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-17 09:44:19 -05:00
|
|
|
className={cn(
|
|
|
|
|
"absolute inset-0 h-full w-full",
|
|
|
|
|
logoFit === "contain" ? "object-contain" : "object-cover",
|
|
|
|
|
)}
|
2026-03-06 16:39:35 -05:00
|
|
|
/>
|
|
|
|
|
) : patternDataUrl ? (
|
2026-02-26 16:33:20 -06:00
|
|
|
<img
|
|
|
|
|
src={patternDataUrl}
|
|
|
|
|
alt=""
|
|
|
|
|
aria-hidden="true"
|
|
|
|
|
className="absolute inset-0 h-full w-full"
|
|
|
|
|
style={{ imageRendering: "pixelated" }}
|
|
|
|
|
/>
|
|
|
|
|
) : (
|
|
|
|
|
<div className="absolute inset-0 bg-muted" />
|
|
|
|
|
)}
|
2026-03-06 16:39:35 -05:00
|
|
|
{!logo && (
|
|
|
|
|
<span className="relative z-10 drop-shadow-[0_1px_2px_rgba(0,0,0,0.65)]">
|
|
|
|
|
{initial}
|
|
|
|
|
</span>
|
|
|
|
|
)}
|
2026-02-26 16:33:20 -06:00
|
|
|
</div>
|
|
|
|
|
);
|
|
|
|
|
}
|