Consolidated view access hardening (+feature flag)

aerosol · aerosol · commit 87e593fd70b2 · 2025-11-10T13:46:17.000+01:00
- require team-wise feature flag instead of super admin role
- redirect to /sites if the team isn't eligible any more
- enforce regular site in shared links controller
diff --git a/assets/js/dashboard.tsx b/assets/js/dashboard.tsx
@@ -68,7 +68,7 @@ if (container && container.dataset) {
                       team: {
                         identifier: container.dataset.teamIdentifier ?? null,
                         hasConsolidatedView:
-                          container.dataset.teamHasConsolidatedView === 'true'
+                          container.dataset.consolidatedViewAvailable === 'true'
                       }
                     }
                   : {
diff --git a/extra/lib/plausible/consolidated_view.ex b/extra/lib/plausible/consolidated_view.ex
@@ -41,7 +41,8 @@ defmodule Plausible.ConsolidatedView do
          %User{} <- user,
          true <- flag_enabled?(team),
          true <- enabled?(team),
-         true <- has_sites_to_consolidate?(team) do
+         true <- has_sites_to_consolidate?(team),
+         :ok <- Plausible.Billing.Feature.ConsolidatedView.check_availability(team) do
       true
     else
       _ ->
diff --git a/extra/lib/plausible_web/live/customer_support/team/components/consolidated_views.ex b/extra/lib/plausible_web/live/customer_support/team/components/consolidated_views.ex
@@ -76,7 +76,7 @@ defmodule PlausibleWeb.CustomerSupport.Team.Components.ConsolidatedViews do
               <.delete_button
                 phx-click="delete-consolidated-view"
                 phx-target={@myself}
-                data-confirm="Are you sure you want to delete this consolidated view?"
+                data-confirm="Are you sure you want to delete this consolidated view? It will be recreated whenever eligible subscription/trial accesses /sites for that team."
               />
             </.td>
           </:tbody>
diff --git a/lib/plausible_web/controllers/stats_controller.ex b/lib/plausible_web/controllers/stats_controller.ex
@@ -63,7 +63,7 @@ defmodule PlausibleWeb.StatsController do
 
     consolidated_view? = Plausible.Sites.consolidated?(site)
 
-    team_has_consolidated_view? =
+    consolidated_view_available? =
       on_ee(do: Plausible.ConsolidatedView.ok_to_display?(site.team, current_user), else: false)
 
     team_identifier = site.team.identifier
@@ -74,6 +74,9 @@ defmodule PlausibleWeb.StatsController do
     {:ok, segments} = Plausible.Segments.get_all_for_site(site, site_role)
 
     cond do
+      consolidated_view? and not consolidated_view_available? and site_role != :super_admin ->
+        redirect(conn, to: Routes.site_path(conn, :index))
+
       (stats_start_date && can_see_stats?) || (can_see_stats? && skip_to_dashboard?) ->
         flags = get_flags(current_user, site)
 
@@ -96,7 +99,7 @@ defmodule PlausibleWeb.StatsController do
           load_dashboard_js: true,
           hide_footer?: if(ce?() || demo, do: false, else: site_role != :public),
           consolidated_view?: consolidated_view?,
-          team_has_consolidated_view?: team_has_consolidated_view?,
+          consolidated_view_available?: consolidated_view_available?,
           team_identifier: team_identifier
         )
 
@@ -402,9 +405,9 @@ defmodule PlausibleWeb.StatsController do
 
         embedded? = conn.params["embed"] == "true"
 
-        consolidated_view? = Plausible.Sites.consolidated?(shared_link.site)
+        true = Plausible.Sites.regular?(shared_link.site)
 
-        team_has_consolidated_view? =
+        consolidated_view_available? =
           on_ee(
             do: Plausible.ConsolidatedView.ok_to_display?(shared_link.site.team, current_user),
             else: false
@@ -435,8 +438,9 @@ defmodule PlausibleWeb.StatsController do
           segments: segments,
           load_dashboard_js: true,
           hide_footer?: if(ce?(), do: embedded?, else: embedded? || site_role != :public),
-          consolidated_view?: consolidated_view?,
-          team_has_consolidated_view?: team_has_consolidated_view?,
+          # no shared links for consolidated views
+          consolidated_view?: false,
+          consolidated_view_available?: consolidated_view_available?,
           team_identifier: team_identifier
         )
     end
diff --git a/lib/plausible_web/live/sites.ex b/lib/plausible_web/live/sites.ex
@@ -1079,7 +1079,7 @@ defmodule PlausibleWeb.Live.Sites do
     defp consolidated_view_ok_to_display?(_team, _user), do: false
 
     defp init_consolidated_view_assigns(_user, _team),
-      do: no_consolidated_view(no_consolidated_view_reason: :unabailable)
+      do: no_consolidated_view(no_consolidated_view_reason: :unavailable)
 
     defp load_consolidated_stats(_consolidated_view), do: nil
   end
diff --git a/lib/plausible_web/templates/stats/stats.html.heex b/lib/plausible_web/templates/stats/stats.html.heex
@@ -50,7 +50,7 @@
       Plausible.Stats.Interval.valid_by_period(site: @site) |> Jason.encode!()
     }
     data-is-consolidated-view={Jason.encode!(@consolidated_view?)}
-    data-team-has-consolidated-view={Jason.encode!(@team_has_consolidated_view?)}
+    data-consolidated-view-available={Jason.encode!(@consolidated_view_available?)}
     data-team-identifier={@team_identifier}
   >
   </div>
diff --git a/test/plausible_web/controllers/stats_controller_test.exs b/test/plausible_web/controllers/stats_controller_test.exs
@@ -30,7 +30,7 @@ defmodule PlausibleWeb.StatsControllerTest do
       assert text_of_attr(resp, @react_container, "data-current-user-id") == "null"
       assert text_of_attr(resp, @react_container, "data-embedded") == ""
       assert text_of_attr(resp, @react_container, "data-is-consolidated-view") == "false"
-      assert text_of_attr(resp, @react_container, "data-team-has-consolidated-view") == "false"
+      assert text_of_attr(resp, @react_container, "data-consolidated-view-available") == "false"
       assert text_of_attr(resp, @react_container, "data-team-identifier") == site.team.identifier
 
       assert "noindex, nofollow" ==
@@ -197,6 +197,23 @@ defmodule PlausibleWeb.StatsControllerTest do
         assert text_of_attr(resp, @react_container, "data-current-user-role") == "owner"
         assert text_of_attr(resp, @react_container, "data-current-user-id") == "#{user.id}"
       end
+
+      test "redirects to /sites if for some reason ineligible anymore", %{
+        conn: conn,
+        user: user
+      } do
+        new_site(owner: user)
+        new_site(owner: user)
+        cv = user |> team_of() |> new_consolidated_view()
+
+        user
+        |> team_of()
+        |> Plausible.Teams.Team.end_trial()
+        |> Plausible.Repo.update!()
+
+        conn = get(conn, "/" <> cv.domain)
+        assert redirected_to(conn, 302) == "/sites"
+      end
     end
 
     @tag :ee_only

Original file line number	Diff line number	Diff line change
`@@ -68,7 +68,7 @@ if (container && container.dataset) {`
`68`	`68`	`team: {`
`69`	`69`	`identifier: container.dataset.teamIdentifier ?? null,`
`70`	`70`	`hasConsolidatedView:`
`71`		`- container.dataset.teamHasConsolidatedView === 'true'`
	`71`	`+ container.dataset.consolidatedViewAvailable === 'true'`
`72`	`72`	`}`
`73`	`73`	`}`
`74`	`74`	`: {`
Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,7 @@`
`50`	`50`	`Plausible.Stats.Interval.valid_by_period(site: @site) \|> Jason.encode!()`
`51`	`51`	`}`
`52`	`52`	`data-is-consolidated-view={Jason.encode!(@consolidated_view?)}`
`53`		`- data-team-has-consolidated-view={Jason.encode!(@team_has_consolidated_view?)}`
	`53`	`+ data-consolidated-view-available={Jason.encode!(@consolidated_view_available?)}`
`54`	`54`	`data-team-identifier={@team_identifier}`
`55`	`55`	`>`
`56`	`56`	`</div>`