284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
37 lines
2.0 KiB
Markdown
37 lines
2.0 KiB
Markdown
# Teams and Enterprise Add-ons
|
|
|
|
## Problem
|
|
Teams integration and Microsoft Entra Sync are currently unlocked by tier. We want them purchased and activated as independent add-ons, matching the AI Assistant add-on model.
|
|
|
|
## Goals
|
|
- Add a Teams add-on that gates Microsoft Teams integration.
|
|
- Add an Enterprise add-on that gates Microsoft Entra Sync.
|
|
- Stop granting either feature solely because a tenant is on Pro or Premium.
|
|
- Reuse the existing `tenant_addons`, session, `TierContext.hasAddOn`, and Stripe add-on lifecycle.
|
|
|
|
## Non-goals
|
|
- No migration/backfill for existing Pro or Premium tenants.
|
|
- No changes to Entra sync data model or Teams integration data model.
|
|
- No removal of existing edition checks, RBAC checks, or PostHog feature flags.
|
|
|
|
## User Value
|
|
Tenants can buy targeted capabilities without upgrading their entire plan, and product packaging can price Teams and Entra Sync independently.
|
|
|
|
## Requirements
|
|
- Define `ADD_ONS.TEAMS` and `ADD_ONS.ENTERPRISE` with labels and descriptions.
|
|
- Client settings surfaces must use add-on entitlement for Teams and Entra visibility/access decisions.
|
|
- Server-side Entra guard must require the Enterprise add-on in addition to existing permissions and UI flag.
|
|
- Teams runtime/actions must require the Teams add-on in addition to EE/tenant availability checks.
|
|
- Stripe add-on purchase/cancel must support AI, Teams, and Enterprise add-ons using per-add-on monthly/annual env vars.
|
|
- Account Management must show Teams and Enterprise add-ons alongside AI.
|
|
|
|
## Rollout Notes
|
|
No automatic `tenant_addons` rows are created. Existing tier-entitled tenants lose access until an add-on row is created by purchase or manual grant.
|
|
|
|
## Acceptance Criteria
|
|
- Pro/Premium tier alone does not unlock Teams or Entra Sync.
|
|
- Active `teams` add-on unlocks Teams integration surfaces and runtime paths.
|
|
- Active `enterprise` add-on unlocks Entra Sync surfaces and API paths.
|
|
- CE bypass behavior remains intact.
|
|
- Stripe checkout metadata uses the selected add-on key.
|