All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Add new store user token validation directive to some APIs
- Add permission createQuote to organization
- Add new admin token validation directive to getOrganizationsWithoutSalesManager
- Change GetOrganizationRequests API cache control scope to private
- Add new admin token validation directive to some APIs
- Remove error log when file not found for marketing's tags.
- Add logging for store token validation
Adds a new getAccount
query to retrieve account information. It includes fields such as id
, name
, accountName
, tradingName
, and isActive
. This query is implemented in both the GraphQL schema and the LMClient class.
- Add paymentTerms field to cost center input on mutations
- Add new
getSellersPaginated
query to allow pagination on sellers query
- Add paymentTerms field on create cost center mutation
- New admin user token validation directive
- Provide app token on calls to storefront-permissions app
- Audit metrics for some graphql APIs
- Improve access directives
- Removed 0.50.0 version changes which contained a bug
Trade Name
to be searchable (Admin)Trade Name
to the Organization listing page (Admin)Trade Name
to the Organization Requests listing page (Admin)- Event listener to update schemas once new app version is released
- Fix check access directive by allowing appkey tokens for authentication
- Improve logging and metrics for checkUserAccess and checkAdminAccess directives
- Add metric to check access directives
- Provide correct tokens to clients
- Use b2b-organizations app name on checkUserPermission to correctly get the user permissions
- Fix getCostCenterById query when the cost center is not found
- Add new removeUserWithEmail graphql API for bulk import use case
- Skip auth token validation when the x-vtex-caller is b2b-checkout-settings
- Policies config rollback for graphql operations. Enable configuration.
- add a check condition for the caller, to allow requests from storefront-permissions in the flow create session.
- Add analytics client to properly send metrics to redshift
- Add retries to
sendMetric
to avoid connection errors
- Allow
paymentTerms
,collections
andsellers
to be provided by name only oncreateOrganizationAndCostCenterWithAdminUser
- Validate if the session token is not undefined to set as headers to call storefront-permissions
- Add token validation in graphql operations and token to call storefront-permission
- Add new createUserWithEmail graphql API for bulk import use case
- allow creation of cost center with an user provided id
- Remove get permissions from access audit metrics
- add an authentication metric to check if the access is authenticated
- Fix costCenterId null in the response when using 'createOrganization' mutation
- use cost center ID created on approve organization request
- fallback to check an admin token on the header
- add new mutation to create organization and cost center specifying the id
- Fix to impersonate user with the role
sales
- Add change organization status metrics(approved or declined)
- Add metrics to maintain buyer organization users
- Add metrics on updating organization data
- Added event trigger on delete a user
- Use Orders endpoint instead of OMS to obtain order information
- Added metrics for impersonate user
- Load impersonated user email when using OOTB impersonation
- Fixed error when fetching a user's role slug
- Fix auth problem when fetching orders history
- Added the custom fields to the graphql query
- Add
/_v/private
prefix to service routes to allow session token to be forwarded to resolver
- Fixed messages errors on impersonate
- Added flag for not uploading log on Cabueta execution
- Fix Cabueta config
- Added security scan on pipeline
- Fix auth problem when fetching orders history
- Setup unit tests and fix lint errors
- Bug fixed on creating the organization with marketing tags and sellers
- Added marketing tags to the cost center payload
- Added sellers by cost center (scope)
- Fixed adding multiple cost centers from an organization request
- Fixed users when there are multiple cost centers
- Not able to add User
- Hotfix to force housekeeper to update the app
- Fixed impersonation user
- Security issue fixed
- [ENGINEERS-1247] - Disable cypress tests in PR level
- Added two new boolean values in order to prevent user from changing state and business field in the cost center
- Added the businessDocument as search field
- Fixed createOrganization schema to accept customFields
- Fixed VtexIdclientAutCookie when send the headers properly
- Run schedule job only on saturday
- Bug fix on checking app and api keys
- Bug fixed on save user (last name data)
- Added the email transactional to the organization request and the options for disabling/enabling them.
- Fixed the adminToken when get the users queries
- Added custom fields for organizations and cost centers
- added sellers to orgs
- added ui modal options to settings
- added sellers to organization request
- Added the apiToken apiKey validation
ListOrders
policy
- Added the field to add multiple cost centers to an organization request
- Added the paymentTerms, sales channel and price tables do the organization request to add when the organization is created
- Added the notifyUser flag throughout the organization mutations which implies that the user will be notified when the organization is created or updated by email
- Removing JWT dependency
- Allow users to set auto approval for new organization with a new setting fields
- Cypress improvements
- Added the state registration number to cost center schema
- Split bindings testcase into two files
- Change app settings to store settings in VBase
- Added the salesChannel field to Organization type
- Updated graphql schema and added and fix a bug when the query is called
- Added marketing tags to the b2b scope
- Update GitHub reusable workflow to version 2
- Fixed the default accessibility for binding selection setting
- Added permission to save the app settings
- Added sales channels binding selection setting
- Added a check verification if the organization is active
- Bug fixed on impersonation user
- Added a graphql query to fetch all organizations from a user by email parameter
- Added the cookie header to storefront permissions requests passing the authentication token.
- If a cost center address is missing an
addressId
, one will be automatically generated and saved when querying a cost center by ID
- App Review: Added logging, fixed security issues and code cleanup
- Fixed on update the user data, and it disappeared from the list
- Allow emails associated with declined requests to request new organization
- Add error messages improvement
- Allow
tradeName
andphoneNumber
fields to be emptied when organization or cost center are updated
- Add optional
tradeName
argument toupdateOrganization
mutation
- Github Action to trigger manual tests by dispatch
- Support for organization
tradeName
field and cost centerphoneNumber
field (both optional)
- Added the query to get the organizations without a sales manager
- Added handling to the addUser mutation by showing the correct message when the user already exists.
- Added the pagination to getUsers query
- Cancellation request route to support
vtex.b2b-orders-history
- Checkout client
- Permission check in
order
route
- Use admin OMS API to get order details, to ensure we have the user's email
- Added duplicate check for create organization request
- the structure of the components has been improved;
- Added 2 mutations in order to follow the mutations from storefront permissions (updateUser and addUser);
- Remove a couple of conditionals nested;
- Remove unnecessary variables, some changes to inline returns;
- add subfield
email
of theb2bCustomerAdmin
field to check duplicate requests by email
Added 2 mutations to handle the cost center addresses
- updateCostCenterAddress
- createCostCenterAddress see schema/schema.graphql for more details
- Optional
businessDocument
field for cost centers
- Adjust
getPaymentTerms
query so that it now returns all enabled payment methods, not just promissories
- In the
orders
route handler, request the user's permissions forvtex.b2b-orders-history
instead ofvtex.b2b-organizations
- In
impersonateUser
resolver, ifclId
is provided butuserId
is not, check CL document to see if userId exists there and then update storefront-permissions' user record - Similarly, when editing a user, if
userId
is null, check CL document to see if userId exists there and then sync it with storefront-permissions
- Use storefront-permissions' GraphQL interface directly instead of sending requests through
vtex.graphql-server
impersonateUser
mutation- Permission checks related to sales roles
- Increase timeout
checkConfig
promise bug that prevented MD schema from being created
- Correctly handle spaces when searching masterdata
- Use CL id instead of user id in
saveUser
andremoveUser
operations
- SonarCloud PR integration
- Organization admins will be notified via email if an organization's status changes
- App no longer stores data in AppSettings, to allow app to function without being explicitly installed
- Enable immediate indexing for MD schemas
costCenters
property in organization schema (expect this to be an empty array)
- Support for enabling/disabling specific payment terms per cost center
- When an organization request is approved, the user specified as the organization admin is now created and/or the appropriate permissions and organization / cost center are assigned to them.
- Improved email templates for organization creation / approval / denial
- Format of creation date MD schema fields to allow for proper date sorting
- Properly return ID of created MD document in GraphQL mutations that create documents
- Use returned value
DocumentId
from MD creation operations instead ofId
to eliminate unnecessaryreplace()
functions
- Permissions check to
getUsers
query andsaveUser
,removeUser
mutations
getCostCenterByIdStorefront
query ID argument is now optional, will use user's cost center ID as default
- Made storefront queries private
- Send email to Sales Admins and Customer Admin on organization and request updates.
/b2b/oms/user/checkout/
route to returnpaymentTerms
and Cost Center addresses
- Create separate queries for storefront users that check user's permissions
- Initialize
B2BUser
query field resolvers - Don't set
sessionToken
header inGraphQLServer
client if token is null
getUsers
querysaveUser
andremoveUser
mutationswithSession
directivegetOrganizationById
andgetCostCenterByOrganizationId
queries will now use the user's organization ID if no ID argument is provided
- Allow organization names to be changed
- App sender from
[email protected]
to[email protected]
- Payment Term support
- Orders history support
getCostCenters
query
- handle spaces in masterdata search terms
- Add
schema
argument toupdateCostCenter
masterdata call - Utilize
where
argument for masterdata searches (instead of unsupportedkeyword
argument)
- Correct handling of masterdata document IDs in
createOrganization
andcreateCostCenter
resolvers
- Initial release