🔖(minor) release 1.7.0

Added:
- 📝Contributing.md
- 🌐(frontend) add localization to editor
- ✨Public and restricted doc editable
- ✨(frontend) Add full name if available

Changed:
- ♻️(frontend) avoid documents indexing in search engine

Fixed:
- 🐛(backend) require right to manage document
  accesses to see invitations
- 🐛(i18n) same frontend and backend language using
  shared cookies
- 🐛(frontend) add default toolbar buttons
- 🐛(frontend) throttle error correctly display

Removed:
- 🔥(helm) remove infra related codes

CHANGELOG.md

@@ -9,29 +9,6 @@ and this project adheres to
 
 ## [Unreleased]
 
-## Added
-
-- ✨(backend) annotate number of accesses on documents in list view #411
-- ✨(backend) allow users to mark/unmark documents as favorite #411
-- 🌐(frontend) Add German translation #255
-- ✨(frontend) Add a broadcast store #387
-
-
-## Changed
-
-- ⚡️(backend) optimize number of queries on document list view #411
-- 🚸(backend) improve users similarity search and sort results #391
-- 🌐(backend) add german translation #259
-- ♻️(frontend) simplify stores #402
-- ✨(frontend) update $css Box props type to add styled components RuleSet #423
-
-## Fixed
-
-- 🦺(backend) add comma to sub regex #408
-- 🐛(editor) collaborative user tag hidden when read only #385
-- 🐛(frontend) user have view access when revoked #387
-
-
 ## [1.7.0] - 2024-10-24
 
 ## Added
@@ -40,13 +17,10 @@ and this project adheres to
 - 🌐(frontend) add localization to editor #368
 - ✨Public and restricted doc editable #357
 - ✨(frontend) Add full name if available #380
-- ✨(backend) Add view accesses ability #376
 
 ## Changed
 
-- ♻️(frontend) list accesses if user has abilities #376
 - ♻️(frontend) avoid documents indexing in search engine #372
-- 👔(backend) doc restricted by default #388
 
 ## Fixed
 

src/backend/core/api/serializers.py

@@ -137,65 +137,32 @@ class BaseResourceSerializer(serializers.ModelSerializer):
         return {}
 
 
-class ListDocumentSerializer(BaseResourceSerializer):
-    """Serialize documents with limited fields for display in lists."""
-
-    is_favorite = serializers.BooleanField(read_only=True)
-    nb_accesses = serializers.IntegerField(read_only=True)
-
-    class Meta:
-        model = models.Document
-        fields = [
-            "id",
-            "abilities",
-            "content",
-            "created_at",
-            "is_favorite",
-            "link_role",
-            "link_reach",
-            "nb_accesses",
-            "title",
-            "updated_at",
-        ]
-        read_only_fields = [
-            "id",
-            "abilities",
-            "created_at",
-            "is_favorite",
-            "link_role",
-            "link_reach",
-            "nb_accesses",
-            "updated_at",
-        ]
-
-
-class DocumentSerializer(ListDocumentSerializer):
-    """Serialize documents with all fields for display in detail views."""
+class DocumentSerializer(BaseResourceSerializer):
+    """Serialize documents."""
 
     content = serializers.CharField(required=False)
+    accesses = DocumentAccessSerializer(many=True, read_only=True)
 
     class Meta:
         model = models.Document
         fields = [
             "id",
-            "abilities",
             "content",
-            "created_at",
-            "is_favorite",
+            "title",
+            "accesses",
+            "abilities",
             "link_role",
             "link_reach",
-            "nb_accesses",
-            "title",
+            "created_at",
             "updated_at",
         ]
         read_only_fields = [
             "id",
+            "accesses",
             "abilities",
-            "created_at",
-            "is_avorite",
             "link_role",
             "link_reach",
-            "nb_accesses",
+            "created_at",
             "updated_at",
         ]
 

src/backend/core/api/viewsets.py

@@ -6,17 +6,13 @@ from urllib.parse import urlparse
 
 from django.conf import settings
 from django.contrib.postgres.aggregates import ArrayAgg
-from django.contrib.postgres.search import TrigramSimilarity
 from django.core.exceptions import ValidationError
 from django.core.files.storage import default_storage
 from django.db.models import (
-    Count,
-    Exists,
     Min,
     OuterRef,
     Q,
     Subquery,
-    Value,
 )
 from django.http import Http404
 
@@ -160,21 +156,8 @@ class UserViewSet(
 
             # Filter users by email similarity
             if query := self.request.GET.get("q", ""):
-                # For performance reasons we filter first by similarity, which relies on an index,
-                # then only calculate precise similarity scores for sorting purposes
                 queryset = queryset.filter(email__trigram_word_similar=query)
 
-                queryset = queryset.annotate(
-                    similarity=TrigramSimilarity("email", query)
-                )
-                # When the query only is on the name part, we should try to make many proposals
-                # But when the query looks like an email we should only propose serious matches
-                threshold = 0.6 if "@" in query else 0.1
-
-                queryset = queryset.filter(similarity__gt=threshold).order_by(
-                    "-similarity"
-                )
-
         return queryset
 
     @decorators.action(
@@ -194,6 +177,42 @@ class UserViewSet(
         )
 
 
+class ResourceViewsetMixin:
+    """Mixin with methods common to all resource viewsets that are managed with accesses."""
+
+    filter_backends = [filters.OrderingFilter]
+    ordering_fields = ["created_at", "updated_at", "title"]
+    ordering = ["-created_at"]
+
+    def get_queryset(self):
+        """Custom queryset to get user related resources."""
+        queryset = super().get_queryset()
+        user = self.request.user
+
+        if not user.is_authenticated:
+            return queryset
+
+        user_roles_query = (
+            self.access_model_class.objects.filter(
+                Q(user=user) | Q(team__in=user.teams),
+                **{self.resource_field_name: OuterRef("pk")},
+            )
+            .values(self.resource_field_name)
+            .annotate(roles_array=ArrayAgg("role"))
+            .values("roles_array")
+        )
+        return queryset.annotate(user_roles=Subquery(user_roles_query)).distinct()
+
+    def perform_create(self, serializer):
+        """Set the current user as owner of the newly created object."""
+        obj = serializer.save()
+        self.access_model_class.objects.create(
+            user=self.request.user,
+            role=models.RoleChoices.OWNER,
+            **{self.resource_field_name: obj},
+        )
+
+
 class ResourceAccessViewsetMixin:
     """Mixin with methods common to all access viewsets."""
 
@@ -303,6 +322,7 @@ class DocumentMetadata(metadata.SimpleMetadata):
 
 
 class DocumentViewSet(
+    ResourceViewsetMixin,
     mixins.CreateModelMixin,
     mixins.DestroyModelMixin,
     mixins.UpdateModelMixin,
@@ -310,59 +330,20 @@ class DocumentViewSet(
 ):
     """Document ViewSet"""
 
-    filter_backends = [filters.OrderingFilter]
-    metadata_class = DocumentMetadata
-    ordering = ["-updated_at"]
-    ordering_fields = ["created_at", "is_favorite", "updated_at", "title"]
     permission_classes = [
         permissions.AccessPermission,
     ]
-    queryset = models.Document.objects.all()
     serializer_class = serializers.DocumentSerializer
-
-    def get_serializer_class(self):
-        """
-        Use ListDocumentSerializer for list actions, otherwise use DocumentSerializer.
-        """
-        if self.action == "list":
-            return serializers.ListDocumentSerializer
-        return self.serializer_class
-
-    def get_queryset(self):
-        """Optimize queryset to include favorite status for the current user."""
-        queryset = super().get_queryset()
-        user = self.request.user
-
-        # Annotate the number of accesses associated with each document
-        queryset = queryset.annotate(nb_accesses=Count("accesses"))
-
-        if not user.is_authenticated:
-            # If the user is not authenticated, annotate `is_favorite` as False
-            return queryset.annotate(is_favorite=Value(False))
-
-        # Annotate the queryset to indicate if the document is favorited by the current user
-        favorite_exists = models.DocumentFavorite.objects.filter(
-            document_id=OuterRef("pk"), user=user
-        )
-        queryset = queryset.annotate(is_favorite=Exists(favorite_exists))
-
-        # Annotate the queryset with the logged-in user roles
-        user_roles_query = (
-            models.DocumentAccess.objects.filter(
-                Q(user=user) | Q(team__in=user.teams),
-                document_id=OuterRef("pk"),
-            )
-            .values("document")
-            .annotate(roles_array=ArrayAgg("role"))
-            .values("roles_array")
-        )
-        return queryset.annotate(user_roles=Subquery(user_roles_query)).distinct()
+    access_model_class = models.DocumentAccess
+    resource_field_name = "document"
+    queryset = models.Document.objects.all()
+    ordering = ["-updated_at"]
+    metadata_class = DocumentMetadata
 
     def list(self, request, *args, **kwargs):
         """Restrict resources returned by the list endpoint"""
         queryset = self.filter_queryset(self.get_queryset())
         user = self.request.user
-
         if user.is_authenticated:
             queryset = queryset.filter(
                 Q(accesses__user=user)
@@ -406,15 +387,6 @@ class DocumentViewSet(
 
         return drf_response.Response(serializer.data)
 
-    def perform_create(self, serializer):
-        """Set the current user as owner of the newly created object."""
-        obj = serializer.save()
-        models.DocumentAccess.objects.create(
-            document=obj,
-            user=self.request.user,
-            role=models.RoleChoices.OWNER,
-        )
-
     @decorators.action(detail=True, methods=["get"], url_path="versions")
     def versions_list(self, request, *args, **kwargs):
         """
@@ -508,43 +480,6 @@ class DocumentViewSet(
         serializer.save()
         return drf_response.Response(serializer.data, status=status.HTTP_200_OK)
 
-    @decorators.action(detail=True, methods=["post", "delete"], url_path="favorite")
-    def favorite(self, request, *args, **kwargs):
-        """
-        Mark or unmark the document as a favorite for the logged-in user based on the HTTP method.
-        """
-        # Check permissions first
-        document = self.get_object()
-        user = request.user
-
-        if request.method == "POST":
-            # Try to mark as favorite
-            try:
-                models.DocumentFavorite.objects.create(document=document, user=user)
-            except ValidationError:
-                return drf_response.Response(
-                    {"detail": "Document already marked as favorite"},
-                    status=status.HTTP_200_OK,
-                )
-            return drf_response.Response(
-                {"detail": "Document marked as favorite"},
-                status=status.HTTP_201_CREATED,
-            )
-
-        # Handle DELETE method to unmark as favorite
-        deleted, _ = models.DocumentFavorite.objects.filter(
-            document=document, user=user
-        ).delete()
-        if deleted:
-            return drf_response.Response(
-                {"detail": "Document unmarked as favorite"},
-                status=status.HTTP_204_NO_CONTENT,
-            )
-        return drf_response.Response(
-            {"detail": "Document was already not marked as favorite"},
-            status=status.HTTP_200_OK,
-        )
-
     @decorators.action(detail=True, methods=["post"], url_path="attachment-upload")
     def attachment_upload(self, request, *args, **kwargs):
         """Upload a file related to a given document"""
@@ -728,6 +663,7 @@ class DocumentAccessViewSet(
 
 
 class TemplateViewSet(
+    ResourceViewsetMixin,
     mixins.CreateModelMixin,
     mixins.DestroyModelMixin,
     mixins.RetrieveModelMixin,
@@ -736,35 +672,15 @@ class TemplateViewSet(
 ):
     """Template ViewSet"""
 
-    filter_backends = [filters.OrderingFilter]
     permission_classes = [
         permissions.IsAuthenticatedOrSafe,
         permissions.AccessPermission,
     ]
-    ordering = ["-created_at"]
-    ordering_fields = ["created_at", "updated_at", "title"]
     serializer_class = serializers.TemplateSerializer
+    access_model_class = models.TemplateAccess
+    resource_field_name = "template"
     queryset = models.Template.objects.all()
 
-    def get_queryset(self):
-        """Custom queryset to get user related templates."""
-        queryset = super().get_queryset()
-        user = self.request.user
-
-        if not user.is_authenticated:
-            return queryset
-
-        user_roles_query = (
-            models.TemplateAccess.objects.filter(
-                Q(user=user) | Q(team__in=user.teams),
-                template_id=OuterRef("pk"),
-            )
-            .values("template")
-            .annotate(roles_array=ArrayAgg("role"))
-            .values("roles_array")
-        )
-        return queryset.annotate(user_roles=Subquery(user_roles_query)).distinct()
-
     def list(self, request, *args, **kwargs):
         """Restrict templates returned by the list endpoint"""
         queryset = self.filter_queryset(self.get_queryset())
@@ -786,15 +702,6 @@ class TemplateViewSet(
         serializer = self.get_serializer(queryset, many=True)
         return drf_response.Response(serializer.data)
 
-    def perform_create(self, serializer):
-        """Set the current user as owner of the newly created object."""
-        obj = serializer.save()
-        models.TemplateAccess.objects.create(
-            template=obj,
-            user=self.request.user,
-            role=models.RoleChoices.OWNER,
-        )
-
     @decorators.action(
         detail=True,
         methods=["post"],

src/backend/core/factories.py

@@ -80,13 +80,6 @@ class DocumentFactory(factory.django.DjangoModelFactory):
             for item in extracted:
                 models.LinkTrace.objects.create(document=self, user=item)
 
-    @factory.post_generation
-    def favorited_by(self, create, extracted, **kwargs):
-        """Mark document as favorited by a list of users."""
-        if create and extracted:
-            for item in extracted:
-                models.DocumentFavorite.objects.create(document=self, user=item)
-
 
 class UserDocumentAccessFactory(factory.django.DjangoModelFactory):
     """Create fake document user accesses for testing."""

src/backend/core/migrations/0008_alter_document_link_reach.py

@@ -1,18 +0,0 @@
-# Generated by Django 5.1.2 on 2024-10-25 11:41
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('core', '0007_fix_users_duplicate'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='document',
-            name='link_reach',
-            field=models.CharField(choices=[('restricted', 'Restricted'), ('authenticated', 'Authenticated'), ('public', 'Public')], default='restricted', max_length=20),
-        ),
-    ]

src/backend/core/migrations/0009_add_document_favorite.py

@@ -1,37 +0,0 @@
-# Generated by Django 5.1.2 on 2024-11-08 07:59
-
-import django.db.models.deletion
-import uuid
-from django.conf import settings
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('core', '0008_alter_document_link_reach'),
-    ]
-
-    operations = [
-        migrations.AlterField(
-            model_name='user',
-            name='language',
-            field=models.CharField(choices="(('en-us', 'English'), ('fr-fr', 'French'), ('de-de', 'German'))", default='en-us', help_text='The language in which the user wants to see the interface.', max_length=10, verbose_name='language'),
-        ),
-        migrations.CreateModel(
-            name='DocumentFavorite',
-            fields=[
-                ('id', models.UUIDField(default=uuid.uuid4, editable=False, help_text='primary key for the record as UUID', primary_key=True, serialize=False, verbose_name='id')),
-                ('created_at', models.DateTimeField(auto_now_add=True, help_text='date and time at which a record was created', verbose_name='created on')),
-                ('updated_at', models.DateTimeField(auto_now=True, help_text='date and time at which a record was last updated', verbose_name='updated on')),
-                ('document', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='favorited_by_users', to='core.document')),
-                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='favorite_documents', to=settings.AUTH_USER_MODEL)),
-            ],
-            options={
-                'verbose_name': 'Document favorite',
-                'verbose_name_plural': 'Document favorites',
-                'db_table': 'impress_document_favorite',
-                'constraints': [models.UniqueConstraint(fields=('user', 'document'), name='unique_document_favorite_user', violation_error_message='This document is already targeted by a favorite relation instance for the same user.')],
-            },
-        ),
-    ]

src/backend/core/models.py

@@ -130,17 +130,17 @@ class User(AbstractBaseUser, BaseModel, auth_models.PermissionsMixin):
     """User model to work with OIDC only authentication."""
 
     sub_validator = validators.RegexValidator(
-        regex=r"^[\w.@+-:]+\Z",
+        regex=r"^[\w.@+-]+\Z",
         message=_(
             "Enter a valid sub. This value may contain only letters, "
-            "numbers, and @/./+/-/_/: characters."
+            "numbers, and @/./+/-/_ characters."
         ),
     )
 
     sub = models.CharField(
         _("sub"),
         help_text=_(
-            "Required. 255 characters or fewer. Letters, numbers, and @/./+/-/_/: characters only."
+            "Required. 255 characters or fewer. Letters, numbers, and @/./+/-/_ characters only."
         ),
         max_length=255,
         unique=True,
@@ -336,7 +336,7 @@ class Document(BaseModel):
     link_reach = models.CharField(
         max_length=20,
         choices=LinkReachChoices.choices,
-        default=LinkReachChoices.RESTRICTED,
+        default=LinkReachChoices.AUTHENTICATED,
     )
     link_role = models.CharField(
         max_length=20, choices=LinkRoleChoices.choices, default=LinkRoleChoices.READER
@@ -496,8 +496,7 @@ class Document(BaseModel):
         # Compute version roles before adding link roles because we don't
         # want anonymous users to access versions (we wouldn't know from
         # which date to allow them anyway)
-        # Anonymous users should also not see document accesses
-        has_role = bool(roles)
+        can_get_versions = bool(roles)
 
         # Add role provided by the document link
         if self.link_reach == LinkReachChoices.PUBLIC or (
@@ -512,21 +511,19 @@ class Document(BaseModel):
         can_get = bool(roles)
 
         return {
-            "accesses_manage": is_owner_or_admin,
-            "accesses_view": has_role,
             "ai_transform": is_owner_or_admin or is_editor,
             "ai_translate": is_owner_or_admin or is_editor,
             "attachment_upload": is_owner_or_admin or is_editor,
             "destroy": RoleChoices.OWNER in roles,
-            "favorite": can_get and user.is_authenticated,
             "link_configuration": is_owner_or_admin,
+            "manage_accesses": is_owner_or_admin,
             "invite_owner": RoleChoices.OWNER in roles,
             "partial_update": is_owner_or_admin or is_editor,
             "retrieve": can_get,
             "update": is_owner_or_admin or is_editor,
             "versions_destroy": is_owner_or_admin,
-            "versions_list": has_role,
-            "versions_retrieve": has_role,
+            "versions_list": can_get_versions,
+            "versions_retrieve": can_get_versions,
         }
 
     def email_invitation(self, language, email, role, sender):
@@ -601,37 +598,6 @@ class LinkTrace(BaseModel):
         return f"{self.user!s} trace on document {self.document!s}"
 
 
-class DocumentFavorite(BaseModel):
-    """Relation model to store a user's favorite documents."""
-
-    document = models.ForeignKey(
-        Document,
-        on_delete=models.CASCADE,
-        related_name="favorited_by_users",
-    )
-    user = models.ForeignKey(
-        User, on_delete=models.CASCADE, related_name="favorite_documents"
-    )
-
-    class Meta:
-        db_table = "impress_document_favorite"
-        verbose_name = _("Document favorite")
-        verbose_name_plural = _("Document favorites")
-        constraints = [
-            models.UniqueConstraint(
-                fields=["user", "document"],
-                name="unique_document_favorite_user",
-                violation_error_message=_(
-                    "This document is already targeted by a favorite relation instance "
-                    "for the same user."
-                ),
-            ),
-        ]
-
-    def __str__(self):
-        return f"{self.user!s} favorite on document {self.document!s}"
-
-
 class DocumentAccess(BaseAccess):
     """Relation model to give access to a document for a user or a team with a role."""
 
@@ -713,7 +679,7 @@ class Template(BaseModel):
         return {
             "destroy": RoleChoices.OWNER in roles,
             "generate_document": can_get,
-            "accesses_manage": is_owner_or_admin,
+            "manage_accesses": is_owner_or_admin,
             "update": is_owner_or_admin or is_editor,
             "partial_update": is_owner_or_admin or is_editor,
             "retrieve": can_get,

src/backend/core/tests/documents/test_api_documents_create.py

@@ -47,7 +47,6 @@ def test_api_documents_create_authenticated_success():
     assert response.status_code == 201
     document = Document.objects.get()
     assert document.title == "my document"
-    assert document.link_reach == "restricted"
     assert document.accesses.filter(role="owner", user=user).exists()
 
 

src/backend/core/tests/documents/test_api_documents_favorite.py

@@ -1,308 +0,0 @@
-"""Test favorite document API endpoint for users in impress's core app."""
-
-import pytest
-from rest_framework.test import APIClient
-
-from core import factories, models
-
-pytestmark = pytest.mark.django_db
-
-
-@pytest.mark.parametrize(
-    "reach",
-    [
-        "restricted",
-        "authenticated",
-        "public",
-    ],
-)
-@pytest.mark.parametrize("method", ["post", "delete"])
-def test_api_document_favorite_anonymous_user(method, reach):
-    """Anonymous users should not be able to mark/unmark documents as favorites."""
-    document = factories.DocumentFactory(link_reach=reach)
-
-    response = getattr(APIClient(), method)(
-        f"/api/v1.0/documents/{document.id!s}/favorite/"
-    )
-
-    assert response.status_code == 401
-    assert response.json() == {
-        "detail": "Authentication credentials were not provided."
-    }
-
-    # Verify in database
-    assert models.DocumentFavorite.objects.exists() is False
-
-
-@pytest.mark.parametrize(
-    "reach, has_role",
-    [
-        ["restricted", True],
-        ["authenticated", False],
-        ["authenticated", True],
-        ["public", False],
-        ["public", True],
-    ],
-)
-def test_api_document_favorite_authenticated_post_allowed(reach, has_role):
-    """Authenticated users should be able to mark a document as favorite using POST."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach=reach)
-    client = APIClient()
-    client.force_login(user)
-
-    if has_role:
-        models.DocumentAccess.objects.create(document=document, user=user)
-
-    # Mark as favorite
-    response = client.post(f"/api/v1.0/documents/{document.id!s}/favorite/")
-
-    assert response.status_code == 201
-    assert response.json() == {"detail": "Document marked as favorite"}
-
-    # Verify in database
-    assert models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-
-    # Verify document format
-    response = client.get(f"/api/v1.0/documents/{document.id!s}/")
-    assert response.json()["is_favorite"] is True
-
-
-def test_api_document_favorite_authenticated_post_forbidden():
-    """Authenticated users should be able to mark a document as favorite using POST."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach="restricted")
-    client = APIClient()
-    client.force_login(user)
-
-    # Try marking as favorite
-    response = client.post(f"/api/v1.0/documents/{document.id!s}/favorite/")
-
-    assert response.status_code == 403
-    assert response.json() == {
-        "detail": "You do not have permission to perform this action."
-    }
-
-    # Verify in database
-    assert (
-        models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-        is False
-    )
-
-
-@pytest.mark.parametrize(
-    "reach, has_role",
-    [
-        ["restricted", True],
-        ["authenticated", False],
-        ["authenticated", True],
-        ["public", False],
-        ["public", True],
-    ],
-)
-def test_api_document_favorite_authenticated_post_already_favorited_allowed(
-    reach, has_role
-):
-    """POST should not create duplicate favorites if already marked."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach=reach, favorited_by=[user])
-    client = APIClient()
-    client.force_login(user)
-
-    if has_role:
-        models.DocumentAccess.objects.create(document=document, user=user)
-
-    # Try to mark as favorite again
-    response = client.post(f"/api/v1.0/documents/{document.id!s}/favorite/")
-
-    assert response.status_code == 200
-    assert response.json() == {"detail": "Document already marked as favorite"}
-
-    # Verify in database
-    assert models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-
-    # Verify document format
-    response = client.get(f"/api/v1.0/documents/{document.id!s}/")
-    assert response.json()["is_favorite"] is True
-
-
-def test_api_document_favorite_authenticated_post_already_favorited_forbidden():
-    """POST should not create duplicate favorites if already marked."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach="restricted", favorited_by=[user])
-    client = APIClient()
-    client.force_login(user)
-
-    # Try to mark as favorite again
-    response = client.post(f"/api/v1.0/documents/{document.id!s}/favorite/")
-
-    assert response.status_code == 403
-    assert response.json() == {
-        "detail": "You do not have permission to perform this action."
-    }
-
-    # Verify in database
-    assert models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-
-
-@pytest.mark.parametrize(
-    "reach, has_role",
-    [
-        ["restricted", True],
-        ["authenticated", False],
-        ["authenticated", True],
-        ["public", False],
-        ["public", True],
-    ],
-)
-def test_api_document_favorite_authenticated_delete_allowed(reach, has_role):
-    """Authenticated users should be able to unmark a document as favorite using DELETE."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach=reach, favorited_by=[user])
-    client = APIClient()
-    client.force_login(user)
-
-    if has_role:
-        models.DocumentAccess.objects.create(document=document, user=user)
-
-    # Unmark as favorite
-    response = client.delete(f"/api/v1.0/documents/{document.id!s}/favorite/")
-    assert response.status_code == 204
-
-    # Verify in database
-    assert (
-        models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-        is False
-    )
-
-    # Verify document format
-    response = client.get(f"/api/v1.0/documents/{document.id!s}/")
-    assert response.json()["is_favorite"] is False
-
-
-def test_api_document_favorite_authenticated_delete_forbidden():
-    """Authenticated users should be able to unmark a document as favorite using DELETE."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach="restricted", favorited_by=[user])
-    client = APIClient()
-    client.force_login(user)
-
-    # Unmark as favorite
-    response = client.delete(f"/api/v1.0/documents/{document.id!s}/favorite/")
-
-    assert response.status_code == 403
-    assert response.json() == {
-        "detail": "You do not have permission to perform this action."
-    }
-
-    # Verify in database
-    assert (
-        models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-        is True
-    )
-
-
-@pytest.mark.parametrize(
-    "reach, has_role",
-    [
-        ["restricted", True],
-        ["authenticated", False],
-        ["authenticated", True],
-        ["public", False],
-        ["public", True],
-    ],
-)
-def test_api_document_favorite_authenticated_delete_not_favorited_allowed(
-    reach, has_role
-):
-    """DELETE should be idempotent if the document is not marked as favorite."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach=reach)
-    client = APIClient()
-    client.force_login(user)
-
-    if has_role:
-        models.DocumentAccess.objects.create(document=document, user=user)
-
-    # Try to unmark as favorite when no favorite entry exists
-    response = client.delete(f"/api/v1.0/documents/{document.id!s}/favorite/")
-
-    assert response.status_code == 200
-    assert response.json() == {"detail": "Document was already not marked as favorite"}
-
-    # Verify in database
-    assert (
-        models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-        is False
-    )
-
-    # Verify document format
-    response = client.get(f"/api/v1.0/documents/{document.id!s}/")
-    assert response.json()["is_favorite"] is False
-
-
-def test_api_document_favorite_authenticated_delete_not_favorited_forbidden():
-    """DELETE should be idempotent if the document is not marked as favorite."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach="restricted")
-    client = APIClient()
-    client.force_login(user)
-
-    # Try to unmark as favorite when no favorite entry exists
-    response = client.delete(f"/api/v1.0/documents/{document.id!s}/favorite/")
-
-    assert response.status_code == 403
-    assert response.json() == {
-        "detail": "You do not have permission to perform this action."
-    }
-
-    # Verify in database
-    assert (
-        models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-        is False
-    )
-
-
-@pytest.mark.parametrize(
-    "reach, has_role",
-    [
-        ["restricted", True],
-        ["authenticated", False],
-        ["authenticated", True],
-        ["public", False],
-        ["public", True],
-    ],
-)
-def test_api_document_favorite_authenticated_post_unmark_then_mark_again_allowed(
-    reach, has_role
-):
-    """A user should be able to mark, unmark, and mark a document again as favorite."""
-    user = factories.UserFactory()
-    document = factories.DocumentFactory(link_reach=reach)
-    client = APIClient()
-    client.force_login(user)
-
-    if has_role:
-        models.DocumentAccess.objects.create(document=document, user=user)
-
-    url = f"/api/v1.0/documents/{document.id!s}/favorite/"
-
-    # Mark as favorite
-    response = client.post(url)
-    assert response.status_code == 201
-
-    # Unmark as favorite
-    response = client.delete(url)
-    assert response.status_code == 204
-
-    # Mark as favorite again
-    response = client.post(url)
-    assert response.status_code == 201
-    assert response.json() == {"detail": "Document marked as favorite"}
-
-    # Verify in database
-    assert models.DocumentFavorite.objects.filter(document=document, user=user).exists()
-
-    # Verify document format
-    response = client.get(f"/api/v1.0/documents/{document.id!s}/")
-    assert response.json()["is_favorite"] is True

src/backend/core/tests/documents/test_api_documents_list.py

@@ -32,44 +32,7 @@ def test_api_documents_list_anonymous(reach, role):
     assert len(results) == 0
 
 
-def test_api_documents_list_format():
-    """Validate the format of documents as returned by the list view."""
-    user = factories.UserFactory()
-
-    client = APIClient()
-    client.force_login(user)
-
-    document = factories.DocumentFactory(
-        users=[user, *factories.UserFactory.create_batch(2)],
-        favorited_by=[user, *factories.UserFactory.create_batch(2)],
-    )
-
-    response = client.get("/api/v1.0/documents/")
-
-    assert response.status_code == 200
-    content = response.json()
-    results = content.pop("results")
-    assert content == {
-        "count": 1,
-        "next": None,
-        "previous": None,
-    }
-    assert len(results) == 1
-    assert results[0] == {
-        "id": str(document.id),
-        "abilities": document.get_abilities(user),
-        "content": document.content,
-        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
-        "is_favorite": True,
-        "link_reach": document.link_reach,
-        "link_role": document.link_role,
-        "nb_accesses": 3,
-        "title": document.title,
-        "updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
-    }
-
-
-def test_api_documents_list_authenticated_direct(django_assert_num_queries):
+def test_api_documents_list_authenticated_direct():
     """
     Authenticated users should be able to list documents they are a direct
     owner/administrator/member of or documents that have a link reach other
@@ -92,8 +55,9 @@ def test_api_documents_list_authenticated_direct(django_assert_num_queries):
 
     expected_ids = {str(document.id) for document in documents}
 
-    with django_assert_num_queries(3):
-        response = client.get("/api/v1.0/documents/")
+    response = client.get(
+        "/api/v1.0/documents/",
+    )
 
     assert response.status_code == 200
     results = response.json()["results"]
@@ -102,9 +66,7 @@ def test_api_documents_list_authenticated_direct(django_assert_num_queries):
     assert expected_ids == results_id
 
 
-def test_api_documents_list_authenticated_via_team(
-    django_assert_num_queries, mock_user_teams
-):
+def test_api_documents_list_authenticated_via_team(mock_user_teams):
     """
     Authenticated users should be able to list documents they are a
     owner/administrator/member of via a team.
@@ -127,8 +89,7 @@ def test_api_documents_list_authenticated_via_team(
 
     expected_ids = {str(document.id) for document in documents_team1 + documents_team2}
 
-    with django_assert_num_queries(3):
-        response = client.get("/api/v1.0/documents/")
+    response = client.get("/api/v1.0/documents/")
 
     assert response.status_code == 200
     results = response.json()["results"]
@@ -137,9 +98,7 @@ def test_api_documents_list_authenticated_via_team(
     assert expected_ids == results_id
 
 
-def test_api_documents_list_authenticated_link_reach_restricted(
-    django_assert_num_queries,
-):
+def test_api_documents_list_authenticated_link_reach_restricted():
     """
     An authenticated user who has link traces to a document that is restricted should not
     see it on the list view
@@ -156,10 +115,9 @@ def test_api_documents_list_authenticated_link_reach_restricted(
     other_document = factories.DocumentFactory(link_reach="public")
     models.LinkTrace.objects.create(document=other_document, user=user)
 
-    with django_assert_num_queries(3):
-        response = client.get(
-            "/api/v1.0/documents/",
-        )
+    response = client.get(
+        "/api/v1.0/documents/",
+    )
 
     assert response.status_code == 200
     results = response.json()["results"]
@@ -169,9 +127,7 @@ def test_api_documents_list_authenticated_link_reach_restricted(
     assert results[0]["id"] == str(other_document.id)
 
 
-def test_api_documents_list_authenticated_link_reach_public_or_authenticated(
-    django_assert_num_queries,
-):
+def test_api_documents_list_authenticated_link_reach_public_or_authenticated():
     """
     An authenticated user who has link traces to a document with public or authenticated
     link reach should see it on the list view.
@@ -188,10 +144,9 @@ def test_api_documents_list_authenticated_link_reach_public_or_authenticated(
     ]
     expected_ids = {str(document.id) for document in documents}
 
-    with django_assert_num_queries(3):
-        response = client.get(
-            "/api/v1.0/documents/",
-        )
+    response = client.get(
+        "/api/v1.0/documents/",
+    )
 
     assert response.status_code == 200
     results = response.json()["results"]
@@ -299,8 +254,6 @@ def test_api_documents_list_ordering_by_fields():
     for parameter in [
         "created_at",
         "-created_at",
-        "is_favorite",
-        "-is_favorite",
         "updated_at",
         "-updated_at",
         "title",
@@ -319,45 +272,3 @@ def test_api_documents_list_ordering_by_fields():
         compare = operator.ge if is_descending else operator.le
         for i in range(4):
             assert compare(results[i][field], results[i + 1][field])
-
-
-def test_api_documents_list_favorites_no_extra_queries(django_assert_num_queries):
-    """
-    Ensure that marking documents as favorite does not generate additional queries
-    when fetching the document list.
-    """
-    user = factories.UserFactory()
-    client = APIClient()
-    client.force_login(user)
-
-    special_documents = factories.DocumentFactory.create_batch(3, users=[user])
-    factories.DocumentFactory.create_batch(2, users=[user])
-
-    url = "/api/v1.0/documents/"
-    with django_assert_num_queries(3):
-        response = client.get(url)
-
-    assert response.status_code == 200
-    results = response.json()["results"]
-    assert len(results) == 5
-
-    assert all(result["is_favorite"] is False for result in results)
-
-    # Mark documents as favorite and check results again
-    for document in special_documents:
-        models.DocumentFavorite.objects.create(document=document, user=user)
-
-    with django_assert_num_queries(3):
-        response = client.get(url)
-
-    assert response.status_code == 200
-    results = response.json()["results"]
-    assert len(results) == 5
-
-    # Check if the "is_favorite" annotation is correctly set for the favorited documents
-    favorited_ids = {str(doc.id) for doc in special_documents}
-    for result in results:
-        if result["id"] in favorited_ids:
-            assert result["is_favorite"] is True
-        else:
-            assert result["is_favorite"] is False

src/backend/core/tests/documents/test_api_documents_retrieve.py

@@ -21,16 +21,13 @@ def test_api_documents_retrieve_anonymous_public():
     assert response.json() == {
         "id": str(document.id),
         "abilities": {
-            "accesses_manage": False,
-            "accesses_view": False,
             "ai_transform": document.link_role == "editor",
             "ai_translate": document.link_role == "editor",
             "attachment_upload": document.link_role == "editor",
             "destroy": False,
-            # Anonymous user can't favorite a document even with read access
-            "favorite": False,
             "invite_owner": False,
             "link_configuration": False,
+            "manage_accesses": False,
             "partial_update": document.link_role == "editor",
             "retrieve": True,
             "update": document.link_role == "editor",
@@ -38,13 +35,12 @@ def test_api_documents_retrieve_anonymous_public():
             "versions_list": False,
             "versions_retrieve": False,
         },
-        "nb_accesses": 0,
-        "content": document.content,
-        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
-        "is_favorite": False,
+        "accesses": [],
         "link_reach": "public",
         "link_role": document.link_role,
         "title": document.title,
+        "content": document.content,
+        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
         "updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
     }
 
@@ -82,15 +78,13 @@ def test_api_documents_retrieve_authenticated_unrelated_public_or_authenticated(
     assert response.json() == {
         "id": str(document.id),
         "abilities": {
-            "accesses_manage": False,
-            "accesses_view": False,
             "ai_transform": document.link_role == "editor",
             "ai_translate": document.link_role == "editor",
             "attachment_upload": document.link_role == "editor",
-            "destroy": False,
-            "favorite": True,
-            "invite_owner": False,
             "link_configuration": False,
+            "destroy": False,
+            "invite_owner": False,
+            "manage_accesses": False,
             "partial_update": document.link_role == "editor",
             "retrieve": True,
             "update": document.link_role == "editor",
@@ -98,13 +92,12 @@ def test_api_documents_retrieve_authenticated_unrelated_public_or_authenticated(
             "versions_list": False,
             "versions_retrieve": False,
         },
-        "content": document.content,
-        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
-        "is_favorite": False,
+        "accesses": [],
         "link_reach": reach,
         "link_role": document.link_role,
-        "nb_accesses": 0,
         "title": document.title,
+        "content": document.content,
+        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
         "updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
     }
     assert (
@@ -173,25 +166,43 @@ def test_api_documents_retrieve_authenticated_related_direct():
     client.force_login(user)
 
     document = factories.DocumentFactory()
-    factories.UserDocumentAccessFactory(document=document, user=user)
+    access1 = factories.UserDocumentAccessFactory(document=document, user=user)
     access2 = factories.UserDocumentAccessFactory(document=document)
-    serializers.UserSerializer(instance=user)
-    serializers.UserSerializer(instance=access2.user)
+    access1_user = serializers.UserSerializer(instance=user).data
+    access2_user = serializers.UserSerializer(instance=access2.user).data
 
     response = client.get(
         f"/api/v1.0/documents/{document.id!s}/",
     )
     assert response.status_code == 200
+    content = response.json()
+    assert sorted(content.pop("accesses"), key=lambda x: x["id"]) == sorted(
+        [
+            {
+                "id": str(access1.id),
+                "user": access1_user,
+                "team": "",
+                "role": access1.role,
+                "abilities": access1.get_abilities(user),
+            },
+            {
+                "id": str(access2.id),
+                "user": access2_user,
+                "team": "",
+                "role": access2.role,
+                "abilities": access2.get_abilities(user),
+            },
+        ],
+        key=lambda x: x["id"],
+    )
     assert response.json() == {
         "id": str(document.id),
-        "abilities": document.get_abilities(user),
+        "title": document.title,
         "content": document.content,
-        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
-        "is_favorite": False,
+        "abilities": document.get_abilities(user),
         "link_reach": document.link_reach,
         "link_role": document.link_role,
-        "nb_accesses": 2,
-        "title": document.title,
+        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
         "updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
     }
 
@@ -244,7 +255,7 @@ def test_api_documents_retrieve_authenticated_related_team_members(
 ):
     """
     Authenticated users should be allowed to retrieve a document to which they
-    are related via a team whatever the role.
+    are related via a team whatever the role and see all its accesses.
     """
     mock_user_teams.return_value = teams
 
@@ -255,33 +266,81 @@ def test_api_documents_retrieve_authenticated_related_team_members(
 
     document = factories.DocumentFactory(link_reach="restricted")
 
-    factories.TeamDocumentAccessFactory(
+    access_reader = factories.TeamDocumentAccessFactory(
         document=document, team="readers", role="reader"
     )
-    factories.TeamDocumentAccessFactory(
+    access_editor = factories.TeamDocumentAccessFactory(
         document=document, team="editors", role="editor"
     )
-    factories.TeamDocumentAccessFactory(
+    access_administrator = factories.TeamDocumentAccessFactory(
         document=document, team="administrators", role="administrator"
     )
-    factories.TeamDocumentAccessFactory(document=document, team="owners", role="owner")
-    factories.TeamDocumentAccessFactory(document=document)
+    access_owner = factories.TeamDocumentAccessFactory(
+        document=document, team="owners", role="owner"
+    )
+    other_access = factories.TeamDocumentAccessFactory(document=document)
     factories.TeamDocumentAccessFactory()
 
     response = client.get(f"/api/v1.0/documents/{document.id!s}/")
 
     # pylint: disable=R0801
     assert response.status_code == 200
+    content = response.json()
+    expected_abilities = {
+        "destroy": False,
+        "retrieve": True,
+        "set_role_to": [],
+        "update": False,
+        "partial_update": False,
+    }
+    assert sorted(content.pop("accesses"), key=lambda x: x["id"]) == sorted(
+        [
+            {
+                "id": str(access_reader.id),
+                "user": None,
+                "team": "readers",
+                "role": access_reader.role,
+                "abilities": expected_abilities,
+            },
+            {
+                "id": str(access_editor.id),
+                "user": None,
+                "team": "editors",
+                "role": access_editor.role,
+                "abilities": expected_abilities,
+            },
+            {
+                "id": str(access_administrator.id),
+                "user": None,
+                "team": "administrators",
+                "role": access_administrator.role,
+                "abilities": expected_abilities,
+            },
+            {
+                "id": str(access_owner.id),
+                "user": None,
+                "team": "owners",
+                "role": access_owner.role,
+                "abilities": expected_abilities,
+            },
+            {
+                "id": str(other_access.id),
+                "user": None,
+                "team": other_access.team,
+                "role": other_access.role,
+                "abilities": expected_abilities,
+            },
+        ],
+        key=lambda x: x["id"],
+    )
     assert response.json() == {
         "id": str(document.id),
-        "abilities": document.get_abilities(user),
-        "nb_accesses": 5,
+        "title": document.title,
         "content": document.content,
-        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
-        "is_favorite": False,
+        "abilities": document.get_abilities(user),
         "link_reach": "restricted",
         "link_role": document.link_role,
-        "title": document.title,
+        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
         "updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
     }
 
@@ -299,7 +358,7 @@ def test_api_documents_retrieve_authenticated_related_team_administrators(
 ):
     """
     Authenticated users should be allowed to retrieve a document to which they
-    are related via a team whatever the role.
+    are related via a team whatever the role and see all its accesses.
     """
     mock_user_teams.return_value = teams
 
@@ -310,33 +369,98 @@ def test_api_documents_retrieve_authenticated_related_team_administrators(
 
     document = factories.DocumentFactory(link_reach="restricted")
 
-    factories.TeamDocumentAccessFactory(
+    access_reader = factories.TeamDocumentAccessFactory(
         document=document, team="readers", role="reader"
     )
-    factories.TeamDocumentAccessFactory(
+    access_editor = factories.TeamDocumentAccessFactory(
         document=document, team="editors", role="editor"
     )
-    factories.TeamDocumentAccessFactory(
+    access_administrator = factories.TeamDocumentAccessFactory(
         document=document, team="administrators", role="administrator"
     )
-    factories.TeamDocumentAccessFactory(document=document, team="owners", role="owner")
-    factories.TeamDocumentAccessFactory(document=document)
+    access_owner = factories.TeamDocumentAccessFactory(
+        document=document, team="owners", role="owner"
+    )
+    other_access = factories.TeamDocumentAccessFactory(document=document)
     factories.TeamDocumentAccessFactory()
 
     response = client.get(f"/api/v1.0/documents/{document.id!s}/")
 
     # pylint: disable=R0801
     assert response.status_code == 200
+    content = response.json()
+    assert sorted(content.pop("accesses"), key=lambda x: x["id"]) == sorted(
+        [
+            {
+                "id": str(access_reader.id),
+                "user": None,
+                "team": "readers",
+                "role": "reader",
+                "abilities": {
+                    "destroy": True,
+                    "retrieve": True,
+                    "set_role_to": ["administrator", "editor"],
+                    "update": True,
+                    "partial_update": True,
+                },
+            },
+            {
+                "id": str(access_editor.id),
+                "user": None,
+                "team": "editors",
+                "role": "editor",
+                "abilities": {
+                    "destroy": True,
+                    "retrieve": True,
+                    "set_role_to": ["administrator", "reader"],
+                    "update": True,
+                    "partial_update": True,
+                },
+            },
+            {
+                "id": str(access_administrator.id),
+                "user": None,
+                "team": "administrators",
+                "role": "administrator",
+                "abilities": {
+                    "destroy": True,
+                    "retrieve": True,
+                    "set_role_to": ["editor", "reader"],
+                    "update": True,
+                    "partial_update": True,
+                },
+            },
+            {
+                "id": str(access_owner.id),
+                "user": None,
+                "team": "owners",
+                "role": "owner",
+                "abilities": {
+                    "destroy": False,
+                    "retrieve": True,
+                    "set_role_to": [],
+                    "update": False,
+                    "partial_update": False,
+                },
+            },
+            {
+                "id": str(other_access.id),
+                "user": None,
+                "team": other_access.team,
+                "role": other_access.role,
+                "abilities": other_access.get_abilities(user),
+            },
+        ],
+        key=lambda x: x["id"],
+    )
     assert response.json() == {
         "id": str(document.id),
-        "abilities": document.get_abilities(user),
-        "nb_accesses": 5,
+        "title": document.title,
         "content": document.content,
-        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
-        "is_favorite": False,
+        "abilities": document.get_abilities(user),
         "link_reach": "restricted",
         "link_role": document.link_role,
-        "title": document.title,
+        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
         "updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
     }
 
@@ -355,7 +479,7 @@ def test_api_documents_retrieve_authenticated_related_team_owners(
 ):
     """
     Authenticated users should be allowed to retrieve a restricted document to which
-    they are related via a team whatever the role.
+    they are related via a team whatever the role and see all its accesses.
     """
     mock_user_teams.return_value = teams
 
@@ -366,32 +490,100 @@ def test_api_documents_retrieve_authenticated_related_team_owners(
 
     document = factories.DocumentFactory(link_reach="restricted")
 
-    factories.TeamDocumentAccessFactory(
+    access_reader = factories.TeamDocumentAccessFactory(
         document=document, team="readers", role="reader"
     )
-    factories.TeamDocumentAccessFactory(
+    access_editor = factories.TeamDocumentAccessFactory(
         document=document, team="editors", role="editor"
     )
-    factories.TeamDocumentAccessFactory(
+    access_administrator = factories.TeamDocumentAccessFactory(
         document=document, team="administrators", role="administrator"
     )
-    factories.TeamDocumentAccessFactory(document=document, team="owners", role="owner")
-    factories.TeamDocumentAccessFactory(document=document)
+    access_owner = factories.TeamDocumentAccessFactory(
+        document=document, team="owners", role="owner"
+    )
+    other_access = factories.TeamDocumentAccessFactory(document=document)
     factories.TeamDocumentAccessFactory()
 
     response = client.get(f"/api/v1.0/documents/{document.id!s}/")
 
     # pylint: disable=R0801
     assert response.status_code == 200
+    content = response.json()
+    assert sorted(content.pop("accesses"), key=lambda x: x["id"]) == sorted(
+        [
+            {
+                "id": str(access_reader.id),
+                "user": None,
+                "team": "readers",
+                "role": "reader",
+                "abilities": {
+                    "destroy": True,
+                    "retrieve": True,
+                    "set_role_to": ["owner", "administrator", "editor"],
+                    "update": True,
+                    "partial_update": True,
+                },
+            },
+            {
+                "id": str(access_editor.id),
+                "user": None,
+                "team": "editors",
+                "role": "editor",
+                "abilities": {
+                    "destroy": True,
+                    "retrieve": True,
+                    "set_role_to": ["owner", "administrator", "reader"],
+                    "update": True,
+                    "partial_update": True,
+                },
+            },
+            {
+                "id": str(access_administrator.id),
+                "user": None,
+                "team": "administrators",
+                "role": "administrator",
+                "abilities": {
+                    "destroy": True,
+                    "retrieve": True,
+                    "set_role_to": ["owner", "editor", "reader"],
+                    "update": True,
+                    "partial_update": True,
+                },
+            },
+            {
+                "id": str(access_owner.id),
+                "user": None,
+                "team": "owners",
+                "role": "owner",
+                "abilities": {
+                    # editable only if there is another owner role than the user's team...
+                    "destroy": other_access.role == "owner",
+                    "retrieve": True,
+                    "set_role_to": ["administrator", "editor", "reader"]
+                    if other_access.role == "owner"
+                    else [],
+                    "update": other_access.role == "owner",
+                    "partial_update": other_access.role == "owner",
+                },
+            },
+            {
+                "id": str(other_access.id),
+                "user": None,
+                "team": other_access.team,
+                "role": other_access.role,
+                "abilities": other_access.get_abilities(user),
+            },
+        ],
+        key=lambda x: x["id"],
+    )
     assert response.json() == {
         "id": str(document.id),
-        "abilities": document.get_abilities(user),
-        "nb_accesses": 5,
+        "title": document.title,
         "content": document.content,
-        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
-        "is_favorite": False,
+        "abilities": document.get_abilities(user),
         "link_reach": "restricted",
         "link_role": document.link_role,
-        "title": document.title,
+        "created_at": document.created_at.isoformat().replace("+00:00", "Z"),
         "updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
     }

src/backend/core/tests/documents/test_api_documents_update.py

@@ -216,7 +216,7 @@ def test_api_documents_update_authenticated_editor_administrator_or_owner(
     document = models.Document.objects.get(pk=document.pk)
     document_values = serializers.DocumentSerializer(instance=document).data
     for key, value in document_values.items():
-        if key in ["id", "created_at", "link_reach", "link_role", "nb_accesses"]:
+        if key in ["id", "accesses", "created_at", "link_reach", "link_role"]:
             assert value == old_document_values[key]
         elif key == "updated_at":
             assert value > old_document_values[key]
@@ -255,7 +255,7 @@ def test_api_documents_update_authenticated_owners(via, mock_user_teams):
     document = models.Document.objects.get(pk=document.pk)
     document_values = serializers.DocumentSerializer(instance=document).data
     for key, value in document_values.items():
-        if key in ["id", "created_at", "link_reach", "link_role", "nb_accesses"]:
+        if key in ["id", "accesses", "created_at", "link_reach", "link_role"]:
             assert value == old_document_values[key]
         elif key == "updated_at":
             assert value > old_document_values[key]

src/backend/core/tests/templates/test_api_templates_retrieve.py

@@ -22,7 +22,7 @@ def test_api_templates_retrieve_anonymous_public():
         "abilities": {
             "destroy": False,
             "generate_document": True,
-            "accesses_manage": False,
+            "manage_accesses": False,
             "partial_update": False,
             "retrieve": True,
             "update": False,
@@ -68,7 +68,7 @@ def test_api_templates_retrieve_authenticated_unrelated_public():
         "abilities": {
             "destroy": False,
             "generate_document": True,
-            "accesses_manage": False,
+            "manage_accesses": False,
             "partial_update": False,
             "retrieve": True,
             "update": False,

src/backend/core/tests/test_api_users.py

@@ -69,48 +69,6 @@ def test_api_users_list_query_email():
     assert user_ids == [str(nicole.id), str(frank.id)]
 
 
-def test_api_users_list_query_email_matching():
-    """While filtering by email, results should be filtered and sorted by similarity"""
-    user = factories.UserFactory()
-
-    client = APIClient()
-    client.force_login(user)
-
-    alice = factories.UserFactory(email="alice.johnson@example.gouv.fr")
-    factories.UserFactory(email="jane.smith@example.gouv.fr")
-    michael_wilson = factories.UserFactory(email="michael.wilson@example.gouv.fr")
-    factories.UserFactory(email="david.jones@example.gouv.fr")
-    michael_brown = factories.UserFactory(email="michael.brown@example.gouv.fr")
-    factories.UserFactory(email="sophia.taylor@example.gouv.fr")
-
-    response = client.get(
-        "/api/v1.0/users/?q=michael.johnson@example.gouv.f",
-    )
-    assert response.status_code == 200
-    user_ids = [user["id"] for user in response.json()["results"]]
-    assert user_ids == [str(michael_wilson.id)]
-
-    response = client.get("/api/v1.0/users/?q=michael.johnson@example.gouv.fr")
-
-    assert response.status_code == 200
-    user_ids = [user["id"] for user in response.json()["results"]]
-    assert user_ids == [str(michael_wilson.id), str(alice.id), str(michael_brown.id)]
-
-    response = client.get(
-        "/api/v1.0/users/?q=ajohnson@example.gouv.f",
-    )
-    assert response.status_code == 200
-    user_ids = [user["id"] for user in response.json()["results"]]
-    assert user_ids == [str(alice.id)]
-
-    response = client.get(
-        "/api/v1.0/users/?q=michael.wilson@example.gouv.f",
-    )
-    assert response.status_code == 200
-    user_ids = [user["id"] for user in response.json()["results"]]
-    assert user_ids == [str(michael_wilson.id)]
-
-
 def test_api_users_list_query_email_exclude_doc_user():
     """
     Authenticated users should be able to list users

src/backend/core/tests/test_models_documents.py

@@ -83,15 +83,13 @@ def test_models_documents_get_abilities_forbidden(is_authenticated, reach, role)
     user = factories.UserFactory() if is_authenticated else AnonymousUser()
     abilities = document.get_abilities(user)
     assert abilities == {
-        "accesses_manage": False,
-        "accesses_view": False,
         "ai_transform": False,
         "ai_translate": False,
         "attachment_upload": False,
-        "destroy": False,
-        "favorite": False,
-        "invite_owner": False,
         "link_configuration": False,
+        "destroy": False,
+        "invite_owner": False,
+        "manage_accesses": False,
         "partial_update": False,
         "retrieve": False,
         "update": False,
@@ -118,15 +116,13 @@ def test_models_documents_get_abilities_reader(is_authenticated, reach):
     user = factories.UserFactory() if is_authenticated else AnonymousUser()
     abilities = document.get_abilities(user)
     assert abilities == {
-        "accesses_manage": False,
-        "accesses_view": False,
         "ai_transform": False,
         "ai_translate": False,
         "attachment_upload": False,
         "destroy": False,
-        "favorite": is_authenticated,
-        "invite_owner": False,
         "link_configuration": False,
+        "invite_owner": False,
+        "manage_accesses": False,
         "partial_update": False,
         "retrieve": True,
         "update": False,
@@ -153,15 +149,13 @@ def test_models_documents_get_abilities_editor(is_authenticated, reach):
     user = factories.UserFactory() if is_authenticated else AnonymousUser()
     abilities = document.get_abilities(user)
     assert abilities == {
-        "accesses_manage": False,
-        "accesses_view": False,
         "ai_transform": True,
         "ai_translate": True,
         "attachment_upload": True,
         "destroy": False,
-        "favorite": is_authenticated,
-        "invite_owner": False,
         "link_configuration": False,
+        "invite_owner": False,
+        "manage_accesses": False,
         "partial_update": True,
         "retrieve": True,
         "update": True,
@@ -177,15 +171,13 @@ def test_models_documents_get_abilities_owner():
     access = factories.UserDocumentAccessFactory(role="owner", user=user)
     abilities = access.document.get_abilities(access.user)
     assert abilities == {
-        "accesses_manage": True,
-        "accesses_view": True,
         "ai_transform": True,
         "ai_translate": True,
         "attachment_upload": True,
         "destroy": True,
-        "favorite": True,
-        "invite_owner": True,
         "link_configuration": True,
+        "invite_owner": True,
+        "manage_accesses": True,
         "partial_update": True,
         "retrieve": True,
         "update": True,
@@ -200,15 +192,13 @@ def test_models_documents_get_abilities_administrator():
     access = factories.UserDocumentAccessFactory(role="administrator")
     abilities = access.document.get_abilities(access.user)
     assert abilities == {
-        "accesses_manage": True,
-        "accesses_view": True,
         "ai_transform": True,
         "ai_translate": True,
         "attachment_upload": True,
         "destroy": False,
-        "favorite": True,
-        "invite_owner": False,
         "link_configuration": True,
+        "invite_owner": False,
+        "manage_accesses": True,
         "partial_update": True,
         "retrieve": True,
         "update": True,
@@ -226,15 +216,13 @@ def test_models_documents_get_abilities_editor_user(django_assert_num_queries):
         abilities = access.document.get_abilities(access.user)
 
     assert abilities == {
-        "accesses_manage": False,
-        "accesses_view": True,
         "ai_transform": True,
         "ai_translate": True,
         "attachment_upload": True,
         "destroy": False,
-        "favorite": True,
-        "invite_owner": False,
         "link_configuration": False,
+        "invite_owner": False,
+        "manage_accesses": False,
         "partial_update": True,
         "retrieve": True,
         "update": True,
@@ -254,15 +242,13 @@ def test_models_documents_get_abilities_reader_user(django_assert_num_queries):
         abilities = access.document.get_abilities(access.user)
 
     assert abilities == {
-        "accesses_manage": False,
-        "accesses_view": True,
         "ai_transform": False,
         "ai_translate": False,
         "attachment_upload": False,
         "destroy": False,
-        "favorite": True,
-        "invite_owner": False,
         "link_configuration": False,
+        "invite_owner": False,
+        "manage_accesses": False,
         "partial_update": False,
         "retrieve": True,
         "update": False,
@@ -283,15 +269,13 @@ def test_models_documents_get_abilities_preset_role(django_assert_num_queries):
         abilities = access.document.get_abilities(access.user)
 
     assert abilities == {
-        "accesses_manage": False,
-        "accesses_view": True,
         "ai_transform": False,
         "ai_translate": False,
         "attachment_upload": False,
         "destroy": False,
-        "favorite": True,
-        "invite_owner": False,
         "link_configuration": False,
+        "invite_owner": False,
+        "manage_accesses": False,
         "partial_update": False,
         "retrieve": True,
         "update": False,

src/backend/core/tests/test_models_templates.py

@@ -62,7 +62,7 @@ def test_models_templates_get_abilities_anonymous_public():
         "destroy": False,
         "retrieve": True,
         "update": False,
-        "accesses_manage": False,
+        "manage_accesses": False,
         "partial_update": False,
         "generate_document": True,
     }
@@ -76,7 +76,7 @@ def test_models_templates_get_abilities_anonymous_not_public():
         "destroy": False,
         "retrieve": False,
         "update": False,
-        "accesses_manage": False,
+        "manage_accesses": False,
         "partial_update": False,
         "generate_document": False,
     }
@@ -90,7 +90,7 @@ def test_models_templates_get_abilities_authenticated_public():
         "destroy": False,
         "retrieve": True,
         "update": False,
-        "accesses_manage": False,
+        "manage_accesses": False,
         "partial_update": False,
         "generate_document": True,
     }
@@ -104,7 +104,7 @@ def test_models_templates_get_abilities_authenticated_not_public():
         "destroy": False,
         "retrieve": False,
         "update": False,
-        "accesses_manage": False,
+        "manage_accesses": False,
         "partial_update": False,
         "generate_document": False,
     }
@@ -119,7 +119,7 @@ def test_models_templates_get_abilities_owner():
         "destroy": True,
         "retrieve": True,
         "update": True,
-        "accesses_manage": True,
+        "manage_accesses": True,
         "partial_update": True,
         "generate_document": True,
     }
@@ -133,7 +133,7 @@ def test_models_templates_get_abilities_administrator():
         "destroy": False,
         "retrieve": True,
         "update": True,
-        "accesses_manage": True,
+        "manage_accesses": True,
         "partial_update": True,
         "generate_document": True,
     }
@@ -150,7 +150,7 @@ def test_models_templates_get_abilities_editor_user(django_assert_num_queries):
         "destroy": False,
         "retrieve": True,
         "update": True,
-        "accesses_manage": False,
+        "manage_accesses": False,
         "partial_update": True,
         "generate_document": True,
     }
@@ -167,7 +167,7 @@ def test_models_templates_get_abilities_reader_user(django_assert_num_queries):
         "destroy": False,
         "retrieve": True,
         "update": False,
-        "accesses_manage": False,
+        "manage_accesses": False,
         "partial_update": False,
         "generate_document": True,
     }
@@ -185,7 +185,7 @@ def test_models_templates_get_abilities_preset_role(django_assert_num_queries):
         "destroy": False,
         "retrieve": True,
         "update": False,
-        "accesses_manage": False,
+        "manage_accesses": False,
         "partial_update": False,
         "generate_document": True,
     }

src/backend/impress/settings.py

@@ -237,7 +237,6 @@ class Base(Configuration):
         (
             ("en-us", _("English")),
             ("fr-fr", _("French")),
-            ("de-de", _("German")),
         )
     )
 

src/backend/locale/de_DE/LC_MESSAGES/django.po

@@ -1,349 +0,0 @@
-msgid ""
-msgstr ""
-"Project-Id-Version: lasuite-people\n"
-"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-09-25 10:15+0000\n"
-"PO-Revision-Date: 2024-09-25 10:21\n"
-"Last-Translator: \n"
-"Language-Team: German\n"
-"Language: de_DE\n"
-"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=UTF-8\n"
-"Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=2; plural=(n > 1);\n"
-"X-Crowdin-Project: lasuite-people\n"
-"X-Crowdin-Project-ID: 637934\n"
-"X-Crowdin-Language: de\n"
-"X-Crowdin-File: backend-impress.pot\n"
-"X-Crowdin-File-ID: 8\n"
-
-#: core/admin.py:32
-msgid "Personal info"
-msgstr "Persönliche Angaben"
-
-#: core/admin.py:34
-msgid "Permissions"
-msgstr "Berechtigungen"
-
-#: core/admin.py:46
-msgid "Important dates"
-msgstr "Wichtige Termine"
-
-#: core/api/serializers.py:253
-msgid "Body"
-msgstr ""
-
-#: core/api/serializers.py:256
-msgid "Body type"
-msgstr ""
-
-#: core/api/serializers.py:262
-msgid "Format"
-msgstr ""
-
-#: core/authentication/backends.py:56
-msgid "Invalid response format or token verification failed"
-msgstr ""
-
-#: core/authentication/backends.py:81
-msgid "User info contained no recognizable user identification"
-msgstr ""
-
-#: core/authentication/backends.py:101
-msgid "Claims contained no recognizable user identification"
-msgstr ""
-
-#: core/models.py:62 core/models.py:69
-msgid "Reader"
-msgstr "Leser"
-
-#: core/models.py:63 core/models.py:70
-msgid "Editor"
-msgstr "Bearbeiter"
-
-#: core/models.py:71
-msgid "Administrator"
-msgstr "Administrator"
-
-#: core/models.py:72
-msgid "Owner"
-msgstr "Eigentümer"
-
-#: core/models.py:80
-msgid "Restricted"
-msgstr "Eingeschränkt"
-
-#: core/models.py:84
-msgid "Authenticated"
-msgstr "Authentifiziert"
-
-#: core/models.py:86
-msgid "Public"
-msgstr "Öffentlich"
-
-#: core/models.py:98
-msgid "id"
-msgstr ""
-
-#: core/models.py:99
-msgid "primary key for the record as UUID"
-msgstr ""
-
-#: core/models.py:105
-msgid "created on"
-msgstr ""
-
-#: core/models.py:106
-msgid "date and time at which a record was created"
-msgstr ""
-
-#: core/models.py:111
-msgid "updated on"
-msgstr ""
-
-#: core/models.py:112
-msgid "date and time at which a record was last updated"
-msgstr ""
-
-#: core/models.py:132
-msgid "Enter a valid sub. This value may contain only letters, numbers, and @/./+/-/_ characters."
-msgstr ""
-
-#: core/models.py:138
-msgid "sub"
-msgstr ""
-
-#: core/models.py:140
-msgid "Required. 255 characters or fewer. Letters, numbers, and @/./+/-/_ characters only."
-msgstr ""
-
-#: core/models.py:148
-msgid "identity email address"
-msgstr ""
-
-#: core/models.py:153
-msgid "admin email address"
-msgstr ""
-
-#: core/models.py:160
-msgid "language"
-msgstr ""
-
-#: core/models.py:161
-msgid "The language in which the user wants to see the interface."
-msgstr ""
-
-#: core/models.py:167
-msgid "The timezone in which the user wants to see times."
-msgstr ""
-
-#: core/models.py:170
-msgid "device"
-msgstr ""
-
-#: core/models.py:172
-msgid "Whether the user is a device or a real user."
-msgstr ""
-
-#: core/models.py:175
-msgid "staff status"
-msgstr ""
-
-#: core/models.py:177
-msgid "Whether the user can log into this admin site."
-msgstr ""
-
-#: core/models.py:180
-msgid "active"
-msgstr ""
-
-#: core/models.py:183
-msgid "Whether this user should be treated as active. Unselect this instead of deleting accounts."
-msgstr ""
-
-#: core/models.py:195
-msgid "user"
-msgstr ""
-
-#: core/models.py:196
-msgid "users"
-msgstr ""
-
-#: core/models.py:328 core/models.py:644
-msgid "title"
-msgstr ""
-
-#: core/models.py:343
-msgid "Document"
-msgstr ""
-
-#: core/models.py:344
-msgid "Documents"
-msgstr ""
-
-#: core/models.py:347
-msgid "Untitled Document"
-msgstr ""
-
-#: core/models.py:537
-#, python-format
-msgid "%(username)s shared a document with you: %(document)s"
-msgstr "%(username)s hat ein Dokument mit Ihnen geteilt: %(document)s"
-
-#: core/models.py:580
-msgid "Document/user link trace"
-msgstr ""
-
-#: core/models.py:581
-msgid "Document/user link traces"
-msgstr ""
-
-#: core/models.py:587
-msgid "A link trace already exists for this document/user."
-msgstr ""
-
-#: core/models.py:608
-msgid "Document/user relation"
-msgstr ""
-
-#: core/models.py:609
-msgid "Document/user relations"
-msgstr ""
-
-#: core/models.py:615
-msgid "This user is already in this document."
-msgstr ""
-
-#: core/models.py:621
-msgid "This team is already in this document."
-msgstr ""
-
-#: core/models.py:627 core/models.py:816
-msgid "Either user or team must be set, not both."
-msgstr ""
-
-#: core/models.py:645
-msgid "description"
-msgstr ""
-
-#: core/models.py:646
-msgid "code"
-msgstr ""
-
-#: core/models.py:647
-msgid "css"
-msgstr ""
-
-#: core/models.py:649
-msgid "public"
-msgstr ""
-
-#: core/models.py:651
-msgid "Whether this template is public for anyone to use."
-msgstr ""
-
-#: core/models.py:657
-msgid "Template"
-msgstr ""
-
-#: core/models.py:658
-msgid "Templates"
-msgstr ""
-
-#: core/models.py:797
-msgid "Template/user relation"
-msgstr ""
-
-#: core/models.py:798
-msgid "Template/user relations"
-msgstr ""
-
-#: core/models.py:804
-msgid "This user is already in this template."
-msgstr ""
-
-#: core/models.py:810
-msgid "This team is already in this template."
-msgstr ""
-
-#: core/models.py:833
-msgid "email address"
-msgstr ""
-
-#: core/models.py:850
-msgid "Document invitation"
-msgstr ""
-
-#: core/models.py:851
-msgid "Document invitations"
-msgstr ""
-
-#: core/models.py:868
-msgid "This email is already associated to a registered user."
-msgstr ""
-
-#: core/templates/mail/html/invitation.html:160
-#: core/templates/mail/html/invitation2.html:160
-#: core/templates/mail/text/invitation.txt:3
-#: core/templates/mail/text/invitation2.txt:3
-msgid "La Suite Numérique"
-msgstr ""
-
-#: core/templates/mail/html/invitation.html:190
-#: core/templates/mail/text/invitation.txt:6
-#, python-format
-msgid " %(username)s shared a document with you ! "
-msgstr " %(username)s hat ein Dokument mit Ihnen geteilt! "
-
-#: core/templates/mail/html/invitation.html:197
-#: core/templates/mail/text/invitation.txt:8
-#, python-format
-msgid " %(username)s invited you as an %(role)s on the following document : "
-msgstr " %(username)s hat Sie als %(role)s zum folgenden Dokument eingeladen: "
-
-#: core/templates/mail/html/invitation.html:206
-#: core/templates/mail/html/invitation2.html:211
-#: core/templates/mail/text/invitation.txt:10
-#: core/templates/mail/text/invitation2.txt:11
-msgid "Open"
-msgstr "Öffnen"
-
-#: core/templates/mail/html/invitation.html:223
-#: core/templates/mail/text/invitation.txt:14
-msgid " Docs, your new essential tool for organizing, sharing and collaborate on your documents as a team. "
-msgstr " Docs, Ihr neues unverzichtbares Werkzeug zum Organisieren, Teilen und Zusammenarbeiten an Dokumenten im Team. "
-
-#: core/templates/mail/html/invitation.html:230
-#: core/templates/mail/html/invitation2.html:235
-#: core/templates/mail/text/invitation.txt:16
-#: core/templates/mail/text/invitation2.txt:17
-msgid "Brought to you by La Suite Numérique"
-msgstr "Bereitgestellt von La Suite Numérique"
-
-#: core/templates/mail/html/invitation2.html:190
-#, python-format
-msgid "%(username)s shared a document with you"
-msgstr "%(username)s hat ein Dokument mit Ihnen geteilt"
-
-#: core/templates/mail/html/invitation2.html:197
-#: core/templates/mail/text/invitation2.txt:8
-#, python-format
-msgid "%(username)s invited you as an %(role)s on the following document :"
-msgstr "%(username)s hat Sie als %(role)s zum folgenden Dokument eingeladen:"
-
-#: core/templates/mail/html/invitation2.html:228
-#: core/templates/mail/text/invitation2.txt:15
-msgid "Docs, your new essential tool for organizing, sharing and collaborate on your document as a team."
-msgstr "Docs, Ihr neues unverzichtbares Werkzeug zum Organisieren, Teilen und gemeinsamen Arbeiten an Dokumenten im Team."
-
-#: impress/settings.py:177
-msgid "English"
-msgstr ""
-
-#: impress/settings.py:178
-msgid "French"
-msgstr ""
-
-#: impress/settings.py:176
-msgid "German"
-msgstr ""

src/backend/locale/en_US/LC_MESSAGES/django.po

@@ -345,14 +345,11 @@ msgstr ""
 msgid "This mail has been sent to %(email)s by %(name)s [%(href)s]"
 msgstr ""
 
-#: impress/settings.py:177
+#: impress/settings.py:176
 msgid "English"
 msgstr ""
 
-#: impress/settings.py:178
+#: impress/settings.py:177
 msgid "French"
 msgstr ""
 
-#: impress/settings.py:176
-msgid "German"
-msgstr ""

src/backend/locale/fr_FR/LC_MESSAGES/django.po

@@ -345,14 +345,11 @@ msgstr "Proposé par La Suite Numérique"
 msgid "This mail has been sent to %(email)s by %(name)s [%(href)s]"
 msgstr ""
 
-#: impress/settings.py:177
+#: impress/settings.py:176
 msgid "English"
 msgstr ""
 
-#: impress/settings.py:178
+#: impress/settings.py:177
 msgid "French"
 msgstr ""
 
-#: impress/settings.py:176
-msgid "German"
-msgstr ""

src/frontend/apps/e2e/__tests__/app-impress/common.ts

@@ -144,7 +144,7 @@ export const mockedDocument = async (page: Page, json: object) => {
             versions_destroy: false,
             versions_list: true,
             versions_retrieve: true,
-            accesses_manage: false, // Means not admin
+            manage_accesses: false, // Means not admin
             update: false,
             partial_update: false, // Means not editor
             retrieve: true,

src/frontend/apps/e2e/__tests__/app-impress/doc-editor.spec.ts

@@ -215,7 +215,7 @@ test.describe('Doc Editor', () => {
         versions_destroy: false,
         versions_list: true,
         versions_retrieve: true,
-        accesses_manage: false, // Means not admin
+        manage_accesses: false, // Means not admin
         update: false,
         partial_update: false, // Means not editor
         retrieve: true,

src/frontend/apps/e2e/__tests__/app-impress/doc-grid.spec.ts

@@ -303,7 +303,7 @@ test.describe('Documents Grid mobile', () => {
                   attachment_upload: true,
                   destroy: true,
                   link_configuration: true,
-                  accesses_manage: true,
+                  manage_accesses: true,
                   partial_update: true,
                   retrieve: true,
                   update: true,

src/frontend/apps/e2e/__tests__/app-impress/doc-header.spec.ts

@@ -45,7 +45,7 @@ test.describe('Doc Header', () => {
         versions_destroy: true,
         versions_list: true,
         versions_retrieve: true,
-        accesses_manage: true,
+        manage_accesses: true,
         update: true,
         partial_update: true,
         retrieve: true,
@@ -177,13 +177,12 @@ test.describe('Doc Header', () => {
   test('it checks the options available if administrator', async ({ page }) => {
     await mockedDocument(page, {
       abilities: {
-        accesses_manage: true, // Means admin
-        accesses_view: true,
         destroy: false, // Means not owner
         link_configuration: true,
         versions_destroy: true,
         versions_list: true,
         versions_retrieve: true,
+        manage_accesses: true, // Means admin
         update: true,
         partial_update: true,
         retrieve: true,
@@ -248,13 +247,12 @@ test.describe('Doc Header', () => {
   test('it checks the options available if editor', async ({ page }) => {
     await mockedDocument(page, {
       abilities: {
-        accesses_manage: false, // Means not admin
-        accesses_view: true,
         destroy: false, // Means not owner
         link_configuration: false,
         versions_destroy: true,
         versions_list: true,
         versions_retrieve: true,
+        manage_accesses: false, // Means not admin
         update: true,
         partial_update: true, // Means editor
         retrieve: true,
@@ -326,13 +324,12 @@ test.describe('Doc Header', () => {
   test('it checks the options available if reader', async ({ page }) => {
     await mockedDocument(page, {
       abilities: {
-        accesses_manage: false, // Means not admin
-        accesses_view: true,
         destroy: false, // Means not owner
         link_configuration: false,
         versions_destroy: false,
         versions_list: true,
         versions_retrieve: true,
+        manage_accesses: false, // Means not admin
         update: false,
         partial_update: false, // Means not editor
         retrieve: true,
@@ -492,7 +489,7 @@ test.describe('Documents Header mobile', () => {
         versions_destroy: true,
         versions_list: true,
         versions_retrieve: true,
-        accesses_manage: true,
+        manage_accesses: true,
         update: true,
         partial_update: true,
         retrieve: true,

src/frontend/apps/e2e/__tests__/app-impress/doc-visibility.spec.ts

@@ -40,20 +40,20 @@ test.describe('Doc Visibility', () => {
       name: 'Visibility',
     });
 
-    await expect(selectVisibility.getByText('Restricted')).toBeVisible();
+    await expect(selectVisibility.getByText('Authenticated')).toBeVisible();
 
-    await expect(page.getByLabel('Read only')).toBeHidden();
-    await expect(page.getByLabel('Can read and edit')).toBeHidden();
+    await expect(page.getByLabel('Read only')).toBeVisible();
+    await expect(page.getByLabel('Can read and edit')).toBeVisible();
 
     await selectVisibility.click();
     await page
       .getByRole('option', {
-        name: 'Authenticated',
+        name: 'Restricted',
       })
       .click();
 
-    await expect(page.getByLabel('Read only')).toBeVisible();
-    await expect(page.getByLabel('Can read and edit')).toBeVisible();
+    await expect(page.getByLabel('Read only')).toBeHidden();
+    await expect(page.getByLabel('Can read and edit')).toBeHidden();
 
     await selectVisibility.click();
 
@@ -87,6 +87,26 @@ test.describe('Doc Visibility: Restricted', () => {
 
     await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
 
+    await page.getByRole('button', { name: 'Share' }).click();
+    await page
+      .getByRole('combobox', {
+        name: 'Visibility',
+      })
+      .click();
+    await page
+      .getByRole('option', {
+        name: 'Restricted',
+      })
+      .click();
+
+    await expect(
+      page.getByText('The document visibility has been updated.'),
+    ).toBeVisible();
+
+    await page.locator('.c__modal__backdrop').click({
+      position: { x: 0, y: 0 },
+    });
+
     const urlDoc = page.url();
 
     await page
@@ -113,6 +133,26 @@ test.describe('Doc Visibility: Restricted', () => {
 
     await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
 
+    await page.getByRole('button', { name: 'Share' }).click();
+    await page
+      .getByRole('combobox', {
+        name: 'Visibility',
+      })
+      .click();
+    await page
+      .getByRole('option', {
+        name: 'Restricted',
+      })
+      .click();
+
+    await expect(
+      page.getByText('The document visibility has been updated.'),
+    ).toBeVisible();
+
+    await page.locator('.c__modal__backdrop').click({
+      position: { x: 0, y: 0 },
+    });
+
     const urlDoc = page.url();
 
     await page
@@ -142,6 +182,20 @@ test.describe('Doc Visibility: Restricted', () => {
     await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
 
     await page.getByRole('button', { name: 'Share' }).click();
+    await page
+      .getByRole('combobox', {
+        name: 'Visibility',
+      })
+      .click();
+    await page
+      .getByRole('option', {
+        name: 'Restricted',
+      })
+      .click();
+
+    await expect(
+      page.getByText('The document visibility has been updated.'),
+    ).toBeVisible();
 
     const inputSearch = page.getByLabel(/Find a member to add to the document/);
 
@@ -335,26 +389,6 @@ test.describe('Doc Visibility: Authenticated', () => {
 
     await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
 
-    await page.getByRole('button', { name: 'Share' }).click();
-    await page
-      .getByRole('combobox', {
-        name: 'Visibility',
-      })
-      .click();
-    await page
-      .getByRole('option', {
-        name: 'Authenticated',
-      })
-      .click();
-
-    await expect(
-      page.getByText('The document visibility has been updated.'),
-    ).toBeVisible();
-
-    await page.locator('.c__modal__backdrop').click({
-      position: { x: 0, y: 0 },
-    });
-
     const urlDoc = page.url();
 
     await page
@@ -387,26 +421,6 @@ test.describe('Doc Visibility: Authenticated', () => {
 
     await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
 
-    await page.getByRole('button', { name: 'Share' }).click();
-    await page
-      .getByRole('combobox', {
-        name: 'Visibility',
-      })
-      .click();
-    await page
-      .getByRole('option', {
-        name: 'Authenticated',
-      })
-      .click();
-
-    await expect(
-      page.getByText('The document visibility has been updated.'),
-    ).toBeVisible();
-
-    await page.locator('.c__modal__backdrop').click({
-      position: { x: 0, y: 0 },
-    });
-
     const urlDoc = page.url();
 
     await page
@@ -421,20 +435,10 @@ test.describe('Doc Visibility: Authenticated', () => {
     await page.goto(urlDoc);
 
     await expect(page.locator('h2').getByText(docTitle)).toBeVisible();
-    await page.getByRole('button', { name: 'Share' }).click();
+    await expect(page.getByRole('button', { name: 'Share' })).toBeVisible();
     await expect(
       page.getByText('Read only, you cannot edit this document'),
     ).toBeVisible();
-
-    const shareModal = page.getByLabel('Share modal');
-
-    await expect(
-      shareModal.getByRole('combobox', {
-        name: 'Visibility',
-      }),
-    ).toHaveAttribute('disabled');
-    await expect(shareModal.getByText('Search by email')).toBeHidden();
-    await expect(shareModal.getByLabel('List members card')).toBeHidden();
   });
 
   test('It checks a authenticated doc in editable mode', async ({
@@ -453,26 +457,6 @@ test.describe('Doc Visibility: Authenticated', () => {
 
     await expect(page.getByRole('heading', { name: docTitle })).toBeVisible();
 
-    await page.getByRole('button', { name: 'Share' }).click();
-    await page
-      .getByRole('combobox', {
-        name: 'Visibility',
-      })
-      .click();
-    await page
-      .getByRole('option', {
-        name: 'Authenticated',
-      })
-      .click();
-
-    await expect(
-      page.getByText('The document visibility has been updated.'),
-    ).toBeVisible();
-
-    await page.locator('.c__modal__backdrop').click({
-      position: { x: 0, y: 0 },
-    });
-
     const urlDoc = page.url();
 
     await page.getByRole('button', { name: 'Share' }).click();
@@ -499,19 +483,9 @@ test.describe('Doc Visibility: Authenticated', () => {
     await page.goto(urlDoc);
 
     await expect(page.locator('h2').getByText(docTitle)).toBeVisible();
-    await page.getByRole('button', { name: 'Share' }).click();
+    await expect(page.getByRole('button', { name: 'Share' })).toBeVisible();
     await expect(
       page.getByText('Read only, you cannot edit this document'),
     ).toBeHidden();
-
-    const shareModal = page.getByLabel('Share modal');
-
-    await expect(
-      shareModal.getByRole('combobox', {
-        name: 'Visibility',
-      }),
-    ).toHaveAttribute('disabled');
-    await expect(shareModal.getByText('Search by email')).toBeHidden();
-    await expect(shareModal.getByLabel('List members card')).toBeHidden();
   });
 });

src/frontend/apps/e2e/__tests__/app-impress/language.spec.ts

@@ -24,18 +24,6 @@ test.describe('Language', () => {
         name: 'Créer un nouveau document',
       }),
     ).toBeVisible();
-
-    await header.getByRole('combobox').getByText('Français').click();
-    await header.getByRole('option', { name: 'Deutsch' }).click();
-    await expect(
-      header.getByRole('combobox').getByText('Deutsch'),
-    ).toBeVisible();
-
-    await expect(
-      page.getByRole('button', {
-        name: 'Neues Dokument erstellen',
-      }),
-    ).toBeVisible();
   });
 
   test('checks that backend uses the same language as the frontend', async ({

src/frontend/apps/e2e/package.json

@@ -12,7 +12,7 @@
     "test:ui::chromium": "yarn test:ui --project=chromium"
   },
   "devDependencies": {
-    "@playwright/test": "1.48.2",
+    "@playwright/test": "1.48.1",
     "@types/node": "*",
     "@types/pdf-parse": "1.1.4",
     "eslint-config-impress": "*",

src/frontend/apps/impress/package.json

@@ -21,35 +21,35 @@
     "@gouvfr-lasuite/integration": "1.0.2",
     "@hocuspocus/provider": "2.13.7",
     "@openfun/cunningham-react": "2.9.4",
-    "@tanstack/react-query": "5.59.20",
-    "i18next": "23.16.5",
+    "@tanstack/react-query": "5.59.15",
+    "i18next": "23.16.2",
     "i18next-browser-languagedetector": "8.0.0",
     "idb": "8.0.0",
     "lodash": "4.17.21",
     "luxon": "3.5.0",
-    "next": "15.0.3",
+    "next": "14.2.15",
     "react": "*",
     "react-aria-components": "1.4.1",
     "react-dom": "*",
-    "react-i18next": "15.1.1",
-    "react-select": "5.8.3",
+    "react-i18next": "15.0.3",
+    "react-select": "5.8.1",
     "styled-components": "6.1.13",
     "y-protocols": "1.0.6",
     "yjs": "*",
-    "zustand": "5.0.1"
+    "zustand": "5.0.0"
   },
   "devDependencies": {
     "@svgr/webpack": "8.1.0",
-    "@tanstack/react-query-devtools": "5.59.20",
+    "@tanstack/react-query-devtools": "5.59.15",
     "@testing-library/dom": "10.4.0",
-    "@testing-library/jest-dom": "6.6.3",
+    "@testing-library/jest-dom": "6.6.2",
     "@testing-library/react": "16.0.1",
     "@testing-library/user-event": "14.5.2",
-    "@types/jest": "29.5.14",
-    "@types/lodash": "4.17.13",
+    "@types/jest": "29.5.13",
+    "@types/lodash": "4.17.12",
     "@types/luxon": "3.4.2",
     "@types/node": "*",
-    "@types/react": "18.3.12",
+    "@types/react": "18.3.11",
     "@types/react-dom": "*",
     "cross-env": "*",
     "dotenv": "16.4.5",
@@ -63,7 +63,7 @@
     "stylelint-config-standard": "36.0.1",
     "stylelint-prettier": "5.0.2",
     "typescript": "*",
-    "webpack": "5.96.1",
-    "workbox-webpack-plugin": "7.3.0"
+    "webpack": "5.95.0",
+    "workbox-webpack-plugin": "7.1.0"
   }
 }

src/frontend/apps/impress/src/__tests__/pages.test.tsx

@@ -5,7 +5,7 @@ import { AppWrapper } from '@/tests/utils';
 
 import Page from '../pages';
 
-jest.mock('next/router', () => ({
+jest.mock('next/navigation', () => ({
   useRouter() {
     return {
       push: jest.fn(),

src/frontend/apps/impress/src/components/Box.tsx

@@ -1,6 +1,6 @@
 import { ComponentPropsWithRef, ReactHTML } from 'react';
 import styled from 'styled-components';
-import { CSSProperties, RuleSet } from 'styled-components/dist/types';
+import { CSSProperties } from 'styled-components/dist/types';
 
 import {
   MarginPadding,
@@ -15,7 +15,7 @@ export interface BoxProps {
   $align?: CSSProperties['alignItems'];
   $background?: CSSProperties['background'];
   $color?: CSSProperties['color'];
-  $css?: string | RuleSet<object>;
+  $css?: string;
   $direction?: CSSProperties['flexDirection'];
   $display?: CSSProperties['display'];
   $effect?: 'show' | 'hide';
@@ -73,7 +73,7 @@ export const Box = styled('div')<BoxProps>`
   ${({ $transition }) => $transition && `transition: ${$transition};`}
   ${({ $width }) => $width && `width: ${$width};`}
   ${({ $wrap }) => $wrap && `flex-wrap: ${$wrap};`}
-  ${({ $css }) => $css && (typeof $css === 'string' ? `${$css};` : $css)}
+  ${({ $css }) => $css && `${$css};`}
   ${({ $zIndex }) => $zIndex && `z-index: ${$zIndex};`}
   ${({ $effect }) => {
     let effect;

src/frontend/apps/impress/src/components/BoxButton.tsx

@@ -1,5 +1,4 @@
 import { ComponentPropsWithRef, forwardRef } from 'react';
-import { css } from 'styled-components';
 
 import { Box, BoxType } from './Box';
 
@@ -27,7 +26,7 @@ const BoxButton = forwardRef<HTMLDivElement, BoxType>(
         $background="none"
         $margin="none"
         $padding="none"
-        $css={css`
+        $css={`
           cursor: pointer;
           border: none;
           outline: none;

src/frontend/apps/impress/src/components/Card.tsx

@@ -1,5 +1,4 @@
 import { PropsWithChildren } from 'react';
-import { css } from 'styled-components';
 
 import { useCunninghamTheme } from '@/cunningham';
 
@@ -16,7 +15,7 @@ export const Card = ({
     <Box
       $background="white"
       $radius="4px"
-      $css={css`
+      $css={`
         box-shadow: 2px 2px 5px ${colorsTokens()['greyscale-300']};
         border: 1px solid ${colorsTokens()['card-border']};
         ${$css}

src/frontend/apps/impress/src/features/docs/doc-editor/components/AIButton.tsx

@@ -14,13 +14,14 @@ import { useTranslation } from 'react-i18next';
 
 import { isAPIError } from '@/api';
 import { Box, Text } from '@/components';
-import { useDocOptions, useDocStore } from '@/features/docs/doc-management/';
+import { useDocOptions } from '@/features/docs/doc-management/';
 
 import {
   AITransformActions,
   useDocAITransform,
   useDocAITranslate,
 } from '../api/';
+import { useDocStore } from '../stores';
 
 type LanguageTranslate = {
   value: string;

src/frontend/apps/impress/src/features/docs/doc-editor/components/BlockNoteEditor.tsx

@@ -1,10 +1,9 @@
-import { Dictionary, locales } from '@blocknote/core';
+import { locales } from '@blocknote/core';
 import '@blocknote/core/fonts/inter.css';
 import { BlockNoteView } from '@blocknote/mantine';
 import '@blocknote/mantine/style.css';
 import { useCreateBlockNote } from '@blocknote/react';
 import { HocuspocusProvider } from '@hocuspocus/provider';
-import { t } from 'i18next';
 import React, { useCallback, useEffect } from 'react';
 import { useTranslation } from 'react-i18next';
 
@@ -12,10 +11,11 @@ import { Box, TextErrors } from '@/components';
 import { mediaUrl } from '@/core';
 import { useAuthStore } from '@/core/auth';
 import { Doc } from '@/features/docs/doc-management';
+import { Version } from '@/features/docs/doc-versioning/';
 
 import { useCreateDocAttachment } from '../api/useCreateDocUpload';
 import useSaveDoc from '../hook/useSaveDoc';
-import { useEditorStore, useHeadingStore } from '../stores';
+import { useDocStore, useHeadingStore } from '../stores';
 import { randomColor } from '../utils';
 
 import { BlockNoteToolbar } from './BlockNoteToolbar';
@@ -26,13 +26,7 @@ const cssEditor = (readonly: boolean) => `
   };
   & .bn-editor {
     padding-right: 30px;
-    ${
-      readonly &&
-      `
-        padding-left: 30px;
-        pointer-events: none;
-      `
-    }
+    ${readonly && `padding-left: 30px;`}
   };
   & .collaboration-cursor__caret.ProseMirror-widget{
     word-wrap: initial;
@@ -42,11 +36,6 @@ const cssEditor = (readonly: boolean) => `
     padding: 2px;
     border-radius: 4px;
   }
-  /* @TODO: A fix is made in v0.19.1 - This code can be removed after the upgrade  */
-  .bn-block-content[data-content-type=codeBlock]>div>select option{
-    color: black;
-    background-color: white;
-  }
   @media screen and (width <= 560px) {
     & .bn-editor {
       padding-left: 40px;
@@ -79,22 +68,47 @@ const cssEditor = (readonly: boolean) => `
 `;
 
 interface BlockNoteEditorProps {
+  doc: Doc;
+  version?: Version;
+}
+
+export const BlockNoteEditor = ({ doc, version }: BlockNoteEditorProps) => {
+  const { createProvider, docsStore } = useDocStore();
+  const storeId = version?.id || doc.id;
+  const initialContent = version?.content || doc.content;
+  const provider = docsStore?.[storeId]?.provider;
+
+  useEffect(() => {
+    if (!provider || provider.document.guid !== storeId) {
+      createProvider(storeId, initialContent);
+    }
+  }, [createProvider, initialContent, provider, storeId]);
+
+  if (!provider) {
+    return null;
+  }
+
+  return <BlockNoteContent doc={doc} provider={provider} storeId={storeId} />;
+};
+
+interface BlockNoteContentProps {
   doc: Doc;
   provider: HocuspocusProvider;
   storeId: string;
 }
 
-export const BlockNoteEditor = ({
+export const BlockNoteContent = ({
   doc,
   provider,
   storeId,
-}: BlockNoteEditorProps) => {
+}: BlockNoteContentProps) => {
   const isVersion = doc.id !== storeId;
   const { userData } = useAuthStore();
-  const { setEditor } = useEditorStore();
+  const { setStore, docsStore } = useDocStore();
 
   const readOnly = !doc.abilities.partial_update || isVersion;
   useSaveDoc(doc.id, provider.document, !readOnly);
+  const storedEditor = docsStore?.[storeId]?.editor;
   const {
     mutateAsync: createDocAttachment,
     isError: isErrorAttachment,
@@ -125,23 +139,19 @@ export const BlockNoteEditor = ({
         provider,
         fragment: provider.document.getXmlFragment('document-store'),
         user: {
-          name: userData?.full_name || userData?.email || t('Anonymous'),
+          name: userData?.email || 'Anonymous',
           color: randomColor(),
         },
       },
-      dictionary: locales[lang as keyof typeof locales] as Dictionary,
+      dictionary: locales[lang as keyof typeof locales],
       uploadFile,
     },
-    [lang, provider, uploadFile, userData?.email, userData?.full_name],
+    [provider, uploadFile, userData?.email, lang],
   );
 
   useEffect(() => {
-    setEditor(editor);
-
-    return () => {
-      setEditor(undefined);
-    };
-  }, [setEditor, editor]);
+    setStore(storeId, { editor });
+  }, [setStore, storeId, editor]);
 
   useEffect(() => {
     setHeadings(editor);
@@ -168,7 +178,7 @@ export const BlockNoteEditor = ({
       )}
 
       <BlockNoteView
-        editor={editor}
+        editor={storedEditor ?? editor}
         formattingToolbar={false}
         editable={!readOnly}
         theme="light"

src/frontend/apps/impress/src/features/docs/doc-editor/components/DocEditor.tsx

@@ -1,12 +1,13 @@
 import { Alert, Loader, VariantType } from '@openfun/cunningham-react';
+import { useRouter as useNavigate } from 'next/navigation';
 import { useRouter } from 'next/router';
-import React, { useEffect } from 'react';
+import React from 'react';
 import { useTranslation } from 'react-i18next';
 
 import { Box, Card, Text, TextErrors } from '@/components';
 import { useCunninghamTheme } from '@/cunningham';
 import { DocHeader } from '@/features/docs/doc-header';
-import { Doc, useDocStore } from '@/features/docs/doc-management';
+import { Doc } from '@/features/docs/doc-management';
 import { Versions, useDocVersion } from '@/features/docs/doc-versioning/';
 import { useResponsiveStore } from '@/stores';
 
@@ -31,13 +32,6 @@ export const DocEditor = ({ doc }: DocEditorProps) => {
 
   const { colorsTokens } = useCunninghamTheme();
 
-  const { providers } = useDocStore();
-  const provider = providers?.[doc.id];
-
-  if (!provider) {
-    return null;
-  }
-
   return (
     <>
       <DocHeader doc={doc} versionId={versionId as Versions['version_id']} />
@@ -72,7 +66,7 @@ export const DocEditor = ({ doc }: DocEditorProps) => {
           {isVersion ? (
             <DocVersionEditor doc={doc} versionId={versionId} />
           ) : (
-            <BlockNoteEditor doc={doc} storeId={doc.id} provider={provider} />
+            <BlockNoteEditor doc={doc} />
           )}
           {!isMobile && <IconOpenPanelEditor headings={headings} />}
         </Card>
@@ -97,24 +91,12 @@ export const DocVersionEditor = ({ doc, versionId }: DocVersionEditorProps) => {
     docId: doc.id,
     versionId,
   });
-  const { createProvider, providers } = useDocStore();
 
-  const { replace } = useRouter();
-
-  useEffect(() => {
-    if (!version?.id) {
-      return;
-    }
-
-    const provider = providers?.[version.id];
-    if (!provider || provider.document.guid !== version.id) {
-      createProvider(version.id, version.content);
-    }
-  }, [createProvider, providers, version]);
+  const navigate = useNavigate();
 
   if (isError && error) {
     if (error.status === 404) {
-      void replace(`/404`);
+      navigate.replace(`/404`);
       return null;
     }
 
@@ -142,11 +124,5 @@ export const DocVersionEditor = ({ doc, versionId }: DocVersionEditorProps) => {
     );
   }
 
-  const provider = providers?.[version.id];
-
-  if (!provider) {
-    return null;
-  }
-
-  return <BlockNoteEditor doc={doc} storeId={version.id} provider={provider} />;
+  return <BlockNoteEditor doc={doc} version={version} />;
 };

src/frontend/apps/impress/src/features/docs/doc-editor/components/PanelEditor.tsx

@@ -127,7 +127,9 @@ export const PanelEditor = ({
             </BoxButton>
           )}
         </Box>
-        {isPanelTableContentOpen && <TableContent headings={headings} />}
+        {isPanelTableContentOpen && (
+          <TableContent doc={doc} headings={headings} />
+        )}
         {!isPanelTableContentOpen && doc.abilities.versions_list && (
           <VersionList doc={doc} />
         )}

src/frontend/apps/impress/src/features/docs/doc-editor/stores/index.ts

@@ -1,3 +1,3 @@
-export * from './useEditorStore';
+export * from './useDocStore';
 export * from './useHeadingStore';
 export * from './usePanelEditorStore';

src/frontend/apps/impress/src/features/docs/doc-editor/stores/useDocStore.tsx

@@ -1,23 +1,31 @@
+import { BlockNoteEditor } from '@blocknote/core';
 import { HocuspocusProvider } from '@hocuspocus/provider';
 import * as Y from 'yjs';
 import { create } from 'zustand';
 
 import { providerUrl } from '@/core';
-import { Base64, Doc, blocksToYDoc } from '@/features/docs/doc-management';
+import { Base64, Doc } from '@/features/docs/doc-management';
+
+import { blocksToYDoc } from '../utils';
+
+interface DocStore {
+  provider: HocuspocusProvider;
+  editor?: BlockNoteEditor;
+}
 
 export interface UseDocStore {
   currentDoc?: Doc;
-  providers: {
-    [storeId: string]: HocuspocusProvider;
+  docsStore: {
+    [storeId: string]: DocStore;
   };
   createProvider: (storeId: string, initialDoc: Base64) => HocuspocusProvider;
-  setProviders: (storeId: string, providers: HocuspocusProvider) => void;
+  setStore: (storeId: string, props: Partial<DocStore>) => void;
   setCurrentDoc: (doc: Doc | undefined) => void;
 }
 
 export const useDocStore = create<UseDocStore>((set, get) => ({
   currentDoc: undefined,
-  providers: {},
+  docsStore: {},
   createProvider: (storeId: string, initialDoc: Base64) => {
     const doc = new Y.Doc({
       guid: storeId,
@@ -42,17 +50,23 @@ export const useDocStore = create<UseDocStore>((set, get) => ({
       document: doc,
     });
 
-    get().setProviders(storeId, provider);
+    get().setStore(storeId, { provider });
 
     return provider;
   },
-  setProviders: (storeId, provider) => {
-    set(({ providers }) => ({
-      providers: {
-        ...providers,
-        [storeId]: provider,
-      },
-    }));
+  setStore: (storeId, props) => {
+    set(({ docsStore }, ...store) => {
+      return {
+        ...store,
+        docsStore: {
+          ...docsStore,
+          [storeId]: {
+            ...docsStore[storeId],
+            ...props,
+          },
+        },
+      };
+    });
   },
   setCurrentDoc: (doc) => {
     set({ currentDoc: doc });

src/frontend/apps/impress/src/features/docs/doc-editor/stores/useEditorStore.tsx

@@ -1,14 +0,0 @@
-import { BlockNoteEditor } from '@blocknote/core';
-import { create } from 'zustand';
-
-export interface UseEditorstore {
-  editor?: BlockNoteEditor;
-  setEditor: (editor: BlockNoteEditor | undefined) => void;
-}
-
-export const useEditorStore = create<UseEditorstore>((set) => ({
-  editor: undefined,
-  setEditor: (editor) => {
-    set({ editor });
-  },
-}));

src/frontend/apps/impress/src/features/docs/doc-editor/utils.ts

@@ -1,3 +1,5 @@
+import * as Y from 'yjs';
+
 export const randomColor = () => {
   const randomInt = (min: number, max: number) => {
     return Math.floor(Math.random() * (max - min + 1)) + min;
@@ -26,3 +28,20 @@ function hslToHex(h: number, s: number, l: number) {
 export const toBase64 = (
   str: WithImplicitCoercion<ArrayBuffer | SharedArrayBuffer>,
 ) => Buffer.from(str).toString('base64');
+
+type BasicBlock = {
+  type: string;
+  content: string;
+};
+export const blocksToYDoc = (blocks: BasicBlock[], doc: Y.Doc) => {
+  const xmlFragment = doc.getXmlFragment('document-store');
+
+  blocks.forEach((block) => {
+    const xmlElement = new Y.XmlElement(block.type);
+    if (block.content) {
+      xmlElement.insert(0, [new Y.XmlText(block.content)]);
+    }
+
+    xmlFragment.push([xmlElement]);
+  });
+};

src/frontend/apps/impress/src/features/docs/doc-header/components/DocHeader.tsx

@@ -1,6 +1,5 @@
-import { Fragment } from 'react';
+import React, { Fragment } from 'react';
 import { useTranslation } from 'react-i18next';
-import { css } from 'styled-components';
 
 import { Box, Card, StyledLink, Text } from '@/components';
 import { useCunninghamTheme } from '@/cunningham';
@@ -47,11 +46,7 @@ export const DocHeader = ({ doc, versionId }: DocHeaderProps) => {
               $theme="primary"
               $variation="600"
               $size="2rem"
-              $css={css`
-                &:hover {
-                  background-color: ${colorsTokens()['primary-100']};
-                }
-              `}
+              $css={`&:hover {background-color: ${colorsTokens()['primary-100']}; };`}
               $hasTransition
               $radius="5px"
               $padding="tiny"

src/frontend/apps/impress/src/features/docs/doc-header/components/DocTitle.tsx

@@ -18,7 +18,7 @@ import {
   useTrans,
   useUpdateDoc,
 } from '@/features/docs/doc-management';
-import { useBroadcastStore, useResponsiveStore } from '@/stores';
+import { useResponsiveStore } from '@/stores';
 import { isFirefox } from '@/utils/userAgent';
 
 interface DocTitleProps {
@@ -54,7 +54,6 @@ const DocTitleInput = ({ doc }: DocTitleProps) => {
   const headingText = headings?.[0]?.contentText;
   const debounceRef = useRef<NodeJS.Timeout>();
   const { isMobile } = useResponsiveStore();
-  const { broadcast } = useBroadcastStore();
 
   const { mutate: updateDoc } = useUpdateDoc({
     listInvalideQueries: [KEY_DOC, KEY_LIST_DOC],
@@ -62,9 +61,6 @@ const DocTitleInput = ({ doc }: DocTitleProps) => {
       if (data.title !== untitledDocument) {
         toast(t('Document title updated successfully'), VariantType.SUCCESS);
       }
-
-      // Broadcast to every user connected to the document
-      broadcast(`${KEY_DOC}-${data.id}`);
     },
   });
 

src/frontend/apps/impress/src/features/docs/doc-header/components/DocToolBox.tsx

@@ -8,18 +8,16 @@ import { useTranslation } from 'react-i18next';
 
 import { Box, DropButton, IconOptions } from '@/components';
 import { useAuthStore } from '@/core';
-import {
-  useEditorStore,
-  usePanelEditorStore,
-} from '@/features/docs/doc-editor/';
+import { useDocStore, usePanelEditorStore } from '@/features/docs/doc-editor/';
 import {
   Doc,
   ModalRemoveDoc,
   ModalShare,
 } from '@/features/docs/doc-management';
-import { ModalVersion, Versions } from '@/features/docs/doc-versioning';
 import { useResponsiveStore } from '@/stores';
 
+import { ModalVersion, Versions } from '../../doc-versioning';
+
 import { ModalPDF } from './ModalExport';
 
 interface DocToolBoxProps {
@@ -37,12 +35,13 @@ export const DocToolBox = ({ doc, versionId }: DocToolBoxProps) => {
   const [isModalVersionOpen, setIsModalVersionOpen] = useState(false);
   const { isSmallMobile } = useResponsiveStore();
   const { authenticated } = useAuthStore();
-  const { editor } = useEditorStore();
+  const { docsStore } = useDocStore();
   const { toast } = useToastProvider();
 
   const copyCurrentEditorToClipboard = async (
     asFormat: 'html' | 'markdown',
   ) => {
+    const editor = docsStore[doc.id]?.editor;
     if (!editor) {
       toast(t('Editor unavailable'), VariantType.ERROR, { duration: 3000 });
       return;

src/frontend/apps/impress/src/features/docs/doc-header/components/ModalExport.tsx

@@ -14,7 +14,7 @@ import { t } from 'i18next';
 import { useEffect, useMemo, useState } from 'react';
 
 import { Box, Text } from '@/components';
-import { useEditorStore } from '@/features/docs/doc-editor';
+import { useDocStore } from '@/features/docs/doc-editor/';
 import { Doc } from '@/features/docs/doc-management';
 
 import { useExport } from '../api/useExport';
@@ -31,7 +31,7 @@ export const ModalPDF = ({ onClose, doc }: ModalPDFProps) => {
     ordering: TemplatesOrdering.BY_CREATED_ON_DESC,
   });
   const { toast } = useToastProvider();
-  const { editor } = useEditorStore();
+  const { docsStore } = useDocStore();
   const {
     mutate: createExport,
     data: documentGenerated,
@@ -104,6 +104,8 @@ export const ModalPDF = ({ onClose, doc }: ModalPDFProps) => {
       return;
     }
 
+    const editor = docsStore[doc.id].editor;
+
     if (!editor) {
       toast(t('No editor found'), VariantType.ERROR);
       return;

src/frontend/apps/impress/src/features/docs/doc-header/types.ts

@@ -5,7 +5,7 @@ export interface Template {
   abilities: {
     destroy: boolean;
     generate_document: boolean;
-    accesses_manage: boolean;
+    manage_accesses: boolean;
     retrieve: boolean;
     update: boolean;
     partial_update: boolean;

src/frontend/apps/impress/src/features/docs/doc-management/api/useUpdateDocLink.tsx

@@ -1,8 +1,7 @@
 import { useMutation, useQueryClient } from '@tanstack/react-query';
 
 import { APIError, errorCauses, fetchAPI } from '@/api';
-import { Doc, KEY_DOC } from '@/features/docs/doc-management';
-import { useBroadcastStore } from '@/stores';
+import { Doc } from '@/features/docs';
 
 export type UpdateDocLinkParams = Pick<Doc, 'id'> &
   Partial<Pick<Doc, 'link_role' | 'link_reach'>>;
@@ -38,20 +37,14 @@ export function useUpdateDocLink({
   listInvalideQueries,
 }: UpdateDocLinkProps = {}) {
   const queryClient = useQueryClient();
-  const { broadcast } = useBroadcastStore();
-
   return useMutation<Doc, APIError, UpdateDocLinkParams>({
     mutationFn: updateDocLink,
-    onSuccess: (data, variable) => {
+    onSuccess: (data) => {
       listInvalideQueries?.forEach((queryKey) => {
         void queryClient.resetQueries({
           queryKey: [queryKey],
         });
       });
-
-      // Broadcast to every user connected to the document
-      broadcast(`${KEY_DOC}-${variable.id}`);
-
       onSuccess?.(data);
     },
   });

src/frontend/apps/impress/src/features/docs/doc-management/components/ModalRemoveDoc.tsx

@@ -7,7 +7,7 @@ import {
   useToastProvider,
 } from '@openfun/cunningham-react';
 import { t } from 'i18next';
-import { useRouter } from 'next/router';
+import { useRouter } from 'next/navigation';
 
 import { Box, Text, TextErrors } from '@/components';
 import useCunninghamTheme from '@/cunningham/useCunninghamTheme';
@@ -24,7 +24,7 @@ interface ModalRemoveDocProps {
 export const ModalRemoveDoc = ({ onClose, doc }: ModalRemoveDocProps) => {
   const { colorsTokens } = useCunninghamTheme();
   const { toast } = useToastProvider();
-  const { push } = useRouter();
+  const router = useRouter();
 
   const {
     mutate: removeDoc,
@@ -35,7 +35,7 @@ export const ModalRemoveDoc = ({ onClose, doc }: ModalRemoveDocProps) => {
       toast(t('The document has been deleted.'), VariantType.SUCCESS, {
         duration: 4000,
       });
-      void push('/');
+      router.push('/');
     },
   });
 

src/frontend/apps/impress/src/features/docs/doc-management/components/ModalShare.tsx

@@ -115,7 +115,7 @@ export const ModalShare = ({ onClose, doc }: ModalShareProps) => {
               </Box>
             </Card>
             <DocVisibility doc={doc} />
-            {doc.abilities.accesses_manage && (
+            {doc.abilities.manage_accesses && (
               <AddMembers
                 doc={doc}
                 currentRole={currentDocRole(doc.abilities)}
@@ -123,12 +123,8 @@ export const ModalShare = ({ onClose, doc }: ModalShareProps) => {
             )}
           </Box>
           <Box $minHeight="0">
-            {doc.abilities.accesses_view && (
-              <>
-                <InvitationList doc={doc} />
-                <MemberList doc={doc} />
-              </>
-            )}
+            <InvitationList doc={doc} />
+            <MemberList doc={doc} />
           </Box>
         </Box>
       </SideModal>

src/frontend/apps/impress/src/features/docs/doc-management/index.ts

@@ -1,6 +1,5 @@
 export * from './api';
 export * from './components';
 export * from './hooks';
-export * from './stores';
 export * from './types';
 export * from './utils';

src/frontend/apps/impress/src/features/docs/doc-management/stores/index.tsx

@@ -1 +0,0 @@
-export * from './useDocStore';

src/frontend/apps/impress/src/features/docs/doc-management/types.tsx

@@ -44,11 +44,10 @@ export interface Doc {
   created_at: string;
   updated_at: string;
   abilities: {
-    accesses_manage: boolean;
-    accesses_view: boolean;
     attachment_upload: true;
     destroy: boolean;
     link_configuration: boolean;
+    manage_accesses: boolean;
     partial_update: boolean;
     retrieve: boolean;
     update: boolean;

src/frontend/apps/impress/src/features/docs/doc-management/utils.ts

@@ -1,30 +1,11 @@
-import * as Y from 'yjs';
-
 import { Doc, Role } from './types';
 
 export const currentDocRole = (abilities: Doc['abilities']): Role => {
   return abilities.destroy
     ? Role.OWNER
-    : abilities.accesses_manage
+    : abilities.manage_accesses
       ? Role.ADMIN
       : abilities.partial_update
         ? Role.EDITOR
         : Role.READER;
 };
-
-type BasicBlock = {
-  type: string;
-  content: string;
-};
-export const blocksToYDoc = (blocks: BasicBlock[], doc: Y.Doc) => {
-  const xmlFragment = doc.getXmlFragment('document-store');
-
-  blocks.forEach((block) => {
-    const xmlElement = new Y.XmlElement(block.type);
-    if (block.content) {
-      xmlElement.insert(0, [new Y.XmlText(block.content)]);
-    }
-
-    xmlFragment.push([xmlElement]);
-  });
-};

src/frontend/apps/impress/src/features/docs/doc-table-content/components/TableContent.tsx

@@ -2,19 +2,22 @@ import React, { useEffect, useState } from 'react';
 import { useTranslation } from 'react-i18next';
 
 import { Box, BoxButton, Text } from '@/components';
-import { HeadingBlock, useEditorStore } from '@/features/docs/doc-editor';
+import { HeadingBlock, useDocStore } from '@/features/docs/doc-editor';
+import { Doc } from '@/features/docs/doc-management';
 import { useResponsiveStore } from '@/stores';
 
 import { Heading } from './Heading';
 
 interface TableContentProps {
+  doc: Doc;
   headings: HeadingBlock[];
 }
 
-export const TableContent = ({ headings }: TableContentProps) => {
-  const { editor } = useEditorStore();
+export const TableContent = ({ doc, headings }: TableContentProps) => {
+  const { docsStore } = useDocStore();
   const { isMobile } = useResponsiveStore();
   const { t } = useTranslation();
+  const editor = docsStore?.[doc.id]?.editor;
   const [headingIdHighlight, setHeadingIdHighlight] = useState<string>();
 
   // To highlight the first heading in the viewport

src/frontend/apps/impress/src/features/docs/doc-versioning/components/ModalVersion.tsx

@@ -7,12 +7,12 @@ import {
   useToastProvider,
 } from '@openfun/cunningham-react';
 import { t } from 'i18next';
-import { useRouter } from 'next/router';
+import { useRouter } from 'next/navigation';
 import * as Y from 'yjs';
 
 import { Box, Text } from '@/components';
-import { toBase64 } from '@/features/docs/doc-editor';
-import { Doc, useDocStore, useUpdateDoc } from '@/features/docs/doc-management';
+import { toBase64, useDocStore } from '@/features/docs/doc-editor';
+import { Doc, useUpdateDoc } from '@/features/docs/doc-management';
 
 import { KEY_LIST_DOC_VERSIONS } from '../api/useDocVersions';
 import { Versions } from '../types';
@@ -31,25 +31,29 @@ export const ModalVersion = ({
   versionId,
 }: ModalVersionProps) => {
   const { toast } = useToastProvider();
-  const { push } = useRouter();
-  const { providers } = useDocStore();
+  const router = useRouter();
+  const { docsStore, setStore } = useDocStore();
   const { mutate: updateDoc } = useUpdateDoc({
     listInvalideQueries: [KEY_LIST_DOC_VERSIONS],
     onSuccess: () => {
       const onDisplaySuccess = () => {
         toast(t('Version restored successfully'), VariantType.SUCCESS);
-        void push(`/docs/${docId}`);
+        router.push(`/docs/${docId}`);
       };
 
-      if (!providers?.[docId] || !providers?.[versionId]) {
+      if (!docsStore?.[docId]?.provider || !docsStore?.[versionId]?.provider) {
         onDisplaySuccess();
         return;
       }
 
+      setStore(docId, {
+        editor: undefined,
+      });
+
       revertUpdate(
-        providers[docId].document,
-        providers[docId].document,
-        providers[versionId].document,
+        docsStore[docId].provider.document,
+        docsStore[docId].provider.document,
+        docsStore[versionId].provider.document,
       );
 
       onDisplaySuccess();
@@ -79,7 +83,7 @@ export const ModalVersion = ({
           fullWidth
           onClick={() => {
             const newDoc = toBase64(
-              Y.encodeStateAsUpdate(providers?.[versionId].document),
+              Y.encodeStateAsUpdate(docsStore?.[versionId]?.provider.document),
             );
 
             updateDoc({

src/frontend/apps/impress/src/features/docs/docs-grid/components/DocsGridContainer.tsx

@@ -1,5 +1,5 @@
 import { Button } from '@openfun/cunningham-react';
-import { useRouter } from 'next/router';
+import { useRouter } from 'next/navigation';
 import React from 'react';
 import { useTranslation } from 'react-i18next';
 
@@ -12,12 +12,12 @@ import { DocsGrid } from './DocsGrid';
 export const DocsGridContainer = () => {
   const { t } = useTranslation();
   const { untitledDocument } = useTrans();
-  const { push } = useRouter();
+  const router = useRouter();
   const { isMobile } = useResponsiveStore();
 
   const { mutate: createDoc } = useCreateDoc({
     onSuccess: (doc) => {
-      void push(`/docs/${doc.id}`);
+      router.push(`/docs/${doc.id}`);
     },
   });
 

src/frontend/apps/impress/src/features/docs/members/invitation-list/components/InvitationItem.tsx

@@ -112,7 +112,7 @@ export const InvitationItem = ({
                 }}
               />
             </Box>
-            {doc.abilities.accesses_manage && (
+            {doc.abilities.manage_accesses && (
               <Box $margin={isSmallMobile ? 'auto' : ''}>
                 <Button
                   color="tertiary-text"

src/frontend/apps/impress/src/features/docs/members/members-add/api/useCreateDocAccess.tsx

@@ -5,13 +5,11 @@ import { User } from '@/core/auth';
 import {
   Access,
   Doc,
-  KEY_DOC,
   KEY_LIST_DOC,
   Role,
 } from '@/features/docs/doc-management';
 import { KEY_LIST_DOC_ACCESSES } from '@/features/docs/members/members-list';
 import { ContentLanguage } from '@/i18n/types';
-import { useBroadcastStore } from '@/stores';
 
 import { OptionType } from '../types';
 
@@ -55,11 +53,9 @@ export const createDocAccess = async ({
 
 export function useCreateDocAccess() {
   const queryClient = useQueryClient();
-  const { broadcast } = useBroadcastStore();
-
   return useMutation<Access, APIError, CreateDocAccessParams>({
     mutationFn: createDocAccess,
-    onSuccess: (_data, variable) => {
+    onSuccess: () => {
       void queryClient.resetQueries({
         queryKey: [KEY_LIST_DOC],
       });
@@ -69,9 +65,6 @@ export function useCreateDocAccess() {
       void queryClient.resetQueries({
         queryKey: [KEY_LIST_DOC_ACCESSES],
       });
-
-      // Broadcast to every user connected to the document
-      broadcast(`${KEY_DOC}-${variable.docId}`);
     },
   });
 }

src/frontend/apps/impress/src/features/docs/members/members-add/components/AddMembers.tsx

@@ -170,14 +170,14 @@ export const AddMembers = ({ currentRole, doc }: ModalAddMembersProps) => {
               doc={doc}
               setSelectedUsers={setSelectedUsers}
               selectedUsers={selectedUsers}
-              disabled={isPending || !doc.abilities.accesses_manage}
+              disabled={isPending || !doc.abilities.manage_accesses}
             />
           </Box>
           <Box $css="flex: auto;">
             <ChooseRole
               key={resetKey}
               currentRole={currentRole}
-              disabled={isPending || !doc.abilities.accesses_manage}
+              disabled={isPending || !doc.abilities.manage_accesses}
               setRole={setSelectedRole}
             />
           </Box>
@@ -189,7 +189,7 @@ export const AddMembers = ({ currentRole, doc }: ModalAddMembersProps) => {
               !selectedUsers.length ||
               isPending ||
               !selectedRole ||
-              !doc.abilities.accesses_manage
+              !doc.abilities.manage_accesses
             }
             onClick={() => void handleValidate()}
             style={{ height: '100%', maxHeight: '55px' }}

src/frontend/apps/impress/src/features/docs/members/members-list/api/useDeleteDocAccess.ts

@@ -7,7 +7,6 @@ import {
 import { APIError, errorCauses, fetchAPI } from '@/api';
 import { KEY_DOC, KEY_LIST_DOC } from '@/features/docs/doc-management';
 import { KEY_LIST_USER } from '@/features/docs/members/members-add';
-import { useBroadcastStore } from '@/stores';
 
 import { KEY_LIST_DOC_ACCESSES } from './useDocAccesses';
 
@@ -40,8 +39,6 @@ type UseDeleteDocAccessOptions = UseMutationOptions<
 
 export const useDeleteDocAccess = (options?: UseDeleteDocAccessOptions) => {
   const queryClient = useQueryClient();
-  const { broadcast } = useBroadcastStore();
-
   return useMutation<void, APIError, DeleteDocAccessProps>({
     mutationFn: deleteDocAccess,
     ...options,
@@ -52,10 +49,6 @@ export const useDeleteDocAccess = (options?: UseDeleteDocAccessOptions) => {
       void queryClient.invalidateQueries({
         queryKey: [KEY_DOC],
       });
-
-      // Broadcast to every user connected to the document
-      broadcast(`${KEY_DOC}-${variables.docId}`);
-
       void queryClient.resetQueries({
         queryKey: [KEY_LIST_DOC],
       });

src/frontend/apps/impress/src/features/docs/members/members-list/api/useUpdateDocAccess.ts

@@ -11,7 +11,6 @@ import {
   KEY_LIST_DOC,
   Role,
 } from '@/features/docs/doc-management';
-import { useBroadcastStore } from '@/stores';
 
 import { KEY_LIST_DOC_ACCESSES } from './useDocAccesses';
 
@@ -50,8 +49,6 @@ type UseUpdateDocAccessOptions = UseMutationOptions<
 
 export const useUpdateDocAccess = (options?: UseUpdateDocAccessOptions) => {
   const queryClient = useQueryClient();
-  const { broadcast } = useBroadcastStore();
-
   return useMutation<Access, APIError, UpdateDocAccessProps>({
     mutationFn: updateDocAccess,
     ...options,
@@ -62,10 +59,6 @@ export const useUpdateDocAccess = (options?: UseUpdateDocAccessOptions) => {
       void queryClient.invalidateQueries({
         queryKey: [KEY_DOC],
       });
-
-      // Broadcast to every user connected to the document
-      broadcast(`${KEY_DOC}-${variables.docId}`);
-
       void queryClient.invalidateQueries({
         queryKey: [KEY_LIST_DOC],
       });

src/frontend/apps/impress/src/features/docs/members/members-list/components/MemberItem.tsx

@@ -5,7 +5,7 @@ import {
   VariantType,
   useToastProvider,
 } from '@openfun/cunningham-react';
-import { useRouter } from 'next/router';
+import { useRouter } from 'next/navigation';
 import React, { useState } from 'react';
 import { useTranslation } from 'react-i18next';
 
@@ -35,7 +35,7 @@ export const MemberItem = ({
   const { isSmallMobile, screenWidth } = useResponsiveStore();
   const [localRole, setLocalRole] = useState(role);
   const { toast } = useToastProvider();
-  const { push } = useRouter();
+  const router = useRouter();
   const { mutate: updateDocAccess, error: errorUpdate } = useUpdateDocAccess({
     onSuccess: () => {
       toast(t('The role has been updated'), VariantType.SUCCESS, {
@@ -55,13 +55,13 @@ export const MemberItem = ({
       );
 
       if (isMyself) {
-        void push('/');
+        router.push('/');
       }
     },
   });
 
   const isNotAllowed =
-    isOtherOwner || isLastOwner || !doc.abilities.accesses_manage;
+    isOtherOwner || isLastOwner || !doc.abilities.manage_accesses;
 
   if (!access.user) {
     return (
@@ -112,7 +112,7 @@ export const MemberItem = ({
                 }}
               />
             </Box>
-            {doc.abilities.accesses_manage && (
+            {doc.abilities.manage_accesses && (
               <Box $margin={isSmallMobile ? 'auto' : ''}>
                 <Button
                   color="tertiary-text"
@@ -136,7 +136,7 @@ export const MemberItem = ({
           <TextErrors causes={errorUpdate?.cause || errorDelete?.cause} />
         </Box>
       )}
-      {(isLastOwner || isOtherOwner) && doc.abilities.accesses_manage && (
+      {(isLastOwner || isOtherOwner) && doc.abilities.manage_accesses && (
         <Box $margin={{ top: 'tiny' }}>
           <Alert
             canClose={false}

src/frontend/apps/impress/src/features/footer/Footer.tsx

@@ -1,4 +1,5 @@
 import Image from 'next/image';
+import React from 'react';
 import { useTranslation } from 'react-i18next';
 import styled from 'styled-components';
 

src/frontend/apps/impress/src/features/service-worker/ApiPlugin.ts

@@ -194,17 +194,16 @@ export class ApiPlugin implements WorkboxPlugin {
       created_at: new Date().toISOString(),
       updated_at: new Date().toISOString(),
       abilities: {
-        accesses_manage: true,
-        accesses_view: true,
-        attachment_upload: true,
         destroy: true,
         link_configuration: true,
-        partial_update: true,
-        retrieve: true,
-        update: true,
         versions_destroy: true,
         versions_list: true,
         versions_retrieve: true,
+        manage_accesses: true,
+        update: true,
+        partial_update: true,
+        retrieve: true,
+        attachment_upload: true,
       },
       accesses: [
         {

src/frontend/apps/impress/src/i18n/conf.ts

@@ -1,7 +1,6 @@
 export const LANGUAGES_ALLOWED: { [key: string]: string } = {
   en: 'English',
   fr: 'Français',
-  de: 'Deutsch',
 };
 export const LANGUAGE_COOKIE_NAME = 'docs_language';
 export const BASE_LANGUAGE = 'en';

src/frontend/apps/impress/src/i18n/translations.json

@@ -1,118 +1,4 @@
 {
-  "de": {
-    "translation": {
-      "\"{{email}}\" is already invited to the document.": "\"{{email}}\" ist bereits zum Dokument eingeladen.",
-      "Accessibility": "Barrierefreiheit",
-      "Accessibility statement": "Erklärung zur Barrierefreiheit",
-      "Address:": "Anschrift:",
-      "Administrator": "Administrator",
-      "Anyone on the internet with the link can view": "Für jeden im Internet mit diesem Link sichtbar",
-      "Are you sure you want to delete the document \"{{title}}\"?": "Sind Sie sicher, dass Sie das Dokument \"{{title}}\" löschen möchten?",
-      "Back to home page": "Zurück zur Startseite",
-      "Back to top": "Zurück nach oben",
-      "Can't load this page, please check your internet connection.": "Diese Seite kann nicht geladen werden. Bitte überprüfen Sie Ihre Internetverbindung.",
-      "Cancel": "Abbrechen",
-      "Choose a role": "Wählen Sie eine Rolle",
-      "Close the modal": "Pop up schliessen",
-      "Close the panel": "Fenster schließen",
-      "Compliance status": "Konformitätsstatus",
-      "Confirm deletion": "Löschung bestätigen",
-      "Content modal to delete document": "Inhalts-Modal zum Löschen des Dokuments",
-      "Content modal to export the document": "Inhalte zum Exportieren des Dokuments",
-      "Copy link": "Link kopieren",
-      "Create a new document": "Neues Dokument erstellen",
-      "Created at": "Erstellt am",
-      "Current version": "Aktuelle Version",
-      "Delete document": "Dokument löschen",
-      "Delete the document": "Dokument löschen",
-      "Deleting the document \"{{title}}\"": "Lösche das Dokument \"{{title}}\"",
-      "Doc visibility card": "Dokumenten-Sichtbarkeitskarte",
-      "Docs": "Docs",
-      "Docs: Your new companion to collaborate on documents efficiently, intuitively, and securely.": "Pages: Ihr neuer Begleiter für eine effiziente, intuitive und sichere Zusammenarbeit bei Dokumenten.",
-      "Document icon": "Dokumentensymbol",
-      "Document name": "Dokumentenname",
-      "Document panel": "Dokumenten-Panel",
-      "Document title updated successfully": "Titel des Dokuments erfolgreich aktualisiert",
-      "Documents": "Dokumente",
-      "Docx": "Docx",
-      "Download": "Herunterladen",
-      "E-mail:": "E-Mail:",
-      "Editor": "Editor",
-      "Export": "Exportieren",
-      "Export your document, it will be inserted in the selected template.": "Exportieren Sie Ihr Dokument, es wird in die gewählte Vorlage eingefügt.",
-      "Failed to add the member in the document.": "Fehler beim Hinzufügen des Mitglieds zum Dokument.",
-      "Failed to copy link": "Link konnte nicht kopiert werden",
-      "Failed to create the invitation for {{email}}.": "Fehler beim Erstellen der Einladung für {{email}}.",
-      "Find a member to add to the document": "Suchen Sie ein Mitglied, das dem Dokument hinzugefügt werden soll",
-      "Go to bottom": "Gehe nach unten",
-      "If a member is editing, his works can be lost.": "Wenn ein Mitglied editiert, können seine Änderungen verloren gehen.",
-      "Improvement and contact": "Verbesserungen und Kontakt",
-      "Invitation sent to {{email}}.": "Einladung an {{email}} gesendet.",
-      "Invite new members to {{title}}": "Neue Mitglieder zu {{title}} einladen",
-      "Invited": "Eingeladen",
-      "It is the card information about the document.": "Es handelt sich um die Karteninformationen zum Dokument.",
-      "It seems that the page you are looking for does not exist or cannot be displayed correctly.": "Es scheint, dass die von Ihnen gesuchte Seite nicht existiert oder nicht korrekt angezeigt werden kann.",
-      "Language": "Sprache",
-      "Legal Notice": "Impressum",
-      "Legal notice": "Impressum",
-      "Link Copied !": "Link kopiert!",
-      "Login": "Anmelden",
-      "Logout": "Abmelden",
-      "Members": "Mitglieder",
-      "No editor found": "Kein Editor gefunden",
-      "Offline ?!": "Offline?!",
-      "Only for people with access": "Nur für Personen mit Zugriff",
-      "Open the document options": "Öffnen Sie die Dokumentoptionen",
-      "Open the panel": "Panel öffnen",
-      "Open the version options": "Öffnen Sie die Versionsoptionen",
-      "Ouch !": "Autsch!",
-      "Owner": "Besitzer",
-      "Owners:": "Besitzer:",
-      "PDF": "PDF",
-      "Personal data and cookies": "Personenbezogene Daten und Cookies",
-      "Public": "Öffentlich",
-      "Read only, you cannot edit document versions.": "Nur lesen: Sie können Dokumentenversionen nicht bearbeiten.",
-      "Read only, you cannot edit this document.": "Nur lesen: Sie können dieses Dokument nicht bearbeiten.",
-      "Reader": "Leser",
-      "Rename": "Umbenennen",
-      "Restore": "Wiederherstellen",
-      "Restore the version": "Version wiederherstellen",
-      "Restore this version": "Version wiederherstellen",
-      "Restore this version?": "Diese Version wiederherstellen?",
-      "Role": "Rolle",
-      "Search by email": "Nach E-Mail suchen",
-      "Share": "Teilen",
-      "Share modal": "Teilen-Modal",
-      "Something bad happens, please retry.": "Etwas ist schiefgelaufen, bitte versuchen Sie es erneut.",
-      "Table of content": "Inhaltsverzeichnis",
-      "Table of contents": "Inhaltsverzeichnis",
-      "Template": "Vorlage",
-      "The document has been deleted.": "Das Dokument wurde gelöscht.",
-      "The invitation has been removed.": "Die Einladung wurde zurückgenommen.",
-      "The member has been removed from the document": "Das Mitglied wurde aus dem Dokument entfernt",
-      "The role has been updated": "Die Rolle wurde aktualisiert",
-      "The role has been updated.": "Die Rolle wurde aktualisiert.",
-      "This accessibility statement applies to the site hosted on": "Diese Erklärung zur Barrierefreiheit gilt für die gehostete Seite",
-      "This site does not display a cookie consent banner, why?": "",
-      "Unless otherwise stated, all content on this site is under": "Sofern nicht anders angegeben, steht der gesamte Inhalt dieser Website unter",
-      "Untitled document": "Unbenanntes Dokument",
-      "Updated at": "Aktualisiert am",
-      "User {{email}} added to the document.": "Benutzer {{email}} wurde dem Dokument hinzugefügt.",
-      "Validate": "Bestätigen",
-      "Version history": "Versionsverlauf",
-      "Version restored successfully": "Version erfolgreich wiederhergestellt",
-      "Versions": "Versionen",
-      "We didn't find a mail matching, try to be more accurate": "Wir haben keine übereinstimmende E-Mail gefunden, versuchen Sie genauer zu sein",
-      "We try to respond within 2 working days.": "Wir versuchen, innerhalb von 2 Arbeitstagen zu antworten.",
-      "You are the sole owner of this group, make another member the group owner before you can change your own role or be removed from your document.": "Sie sind der einzige Besitzer dieser Gruppe. Machen Sie ein anderes Mitglied zum Gruppenbesitzer, bevor Sie Ihre eigene Rolle ändern oder aus Ihrem Dokument entfernen können.",
-      "You cannot update the role or remove other owner.": "Sie können die Rolle nicht aktualisieren oder einen anderen Besitzer entfernen.",
-      "You don't have any document yet.": "Sie haben noch kein Dokument.",
-      "Your current document will revert to this version.": "Ihr aktuelles Dokument wird auf diese Version zurückgesetzt.",
-      "Your role": "Ihre Rolle",
-      "Your role:": "Ihre Rolle:",
-      "Your {{format}} was downloaded succesfully": "Ihr {{format}} wurde erfolgreich heruntergeladen"
-    }
-  },
   "en": { "translation": {} },
   "fr": {
     "translation": {

src/frontend/apps/impress/src/pages/docs/[id]/index.tsx

@@ -1,16 +1,15 @@
 import { Loader } from '@openfun/cunningham-react';
-import { useQueryClient } from '@tanstack/react-query';
 import Head from 'next/head';
+import { useRouter as useNavigate } from 'next/navigation';
 import { useRouter } from 'next/router';
 import { useEffect, useState } from 'react';
 
 import { Box, Text } from '@/components';
 import { TextErrors } from '@/components/TextErrors';
 import { useAuthStore } from '@/core/auth';
-import { DocEditor } from '@/features/docs/doc-editor';
-import { KEY_DOC, useDoc, useDocStore } from '@/features/docs/doc-management';
+import { DocEditor, useDocStore } from '@/features/docs';
+import { useDoc } from '@/features/docs/doc-management';
 import { MainLayout } from '@/layouts';
-import { useBroadcastStore } from '@/stores';
 import { NextPageWithLayout } from '@/types/next';
 
 export function DocLayout() {
@@ -42,11 +41,9 @@ const DocPage = ({ id }: DocProps) => {
   const { login } = useAuthStore();
   const { data: docQuery, isError, error } = useDoc({ id });
   const [doc, setDoc] = useState(docQuery);
-  const { setCurrentDoc, createProvider, providers } = useDocStore();
-  const { setBroadcastProvider, addTask } = useBroadcastStore();
-  const queryClient = useQueryClient();
-  const { replace } = useRouter();
-  const provider = providers?.[id];
+  const { setCurrentDoc } = useDocStore();
+
+  const navigate = useNavigate();
 
   useEffect(() => {
     if (doc?.title) {
@@ -69,38 +66,9 @@ const DocPage = ({ id }: DocProps) => {
     };
   }, [docQuery, setCurrentDoc]);
 
-  useEffect(() => {
-    if (!doc?.id) {
-      return;
-    }
-
-    let newProvider = provider;
-    if (!provider || provider.document.guid !== doc.id) {
-      newProvider = createProvider(doc.id, doc.content);
-    }
-
-    setBroadcastProvider(newProvider);
-  }, [createProvider, doc, provider, setBroadcastProvider]);
-
-  /**
-   * We add a broadcast task to reset the query cache
-   * when the document visibility changes.
-   */
-  useEffect(() => {
-    if (!doc?.id) {
-      return;
-    }
-
-    addTask(`${KEY_DOC}-${doc.id}`, () => {
-      void queryClient.resetQueries({
-        queryKey: [KEY_DOC, { id: doc.id }],
-      });
-    });
-  }, [addTask, doc?.id, queryClient]);
-
   if (isError && error) {
     if (error.status === 404) {
-      void replace(`/404`);
+      navigate.replace(`/404`);
       return null;
     }
 

src/frontend/apps/impress/src/stores/index.ts

@@ -1,2 +1 @@
-export * from './useBroadcastStore';
 export * from './useResponsiveStore';

src/frontend/apps/impress/src/stores/useBroadcastStore.tsx

@@ -1,54 +0,0 @@
-import { HocuspocusProvider } from '@hocuspocus/provider';
-import * as Y from 'yjs';
-import { create } from 'zustand';
-
-interface BroadcastState {
-  addTask: (taskLabel: string, action: () => void) => void;
-  broadcast: (taskLabel: string) => void;
-  getBroadcastProvider: () => HocuspocusProvider | undefined;
-  provider?: HocuspocusProvider;
-  setBroadcastProvider: (provider: HocuspocusProvider) => void;
-  tasks: { [taskLabel: string]: Y.Array<string> };
-}
-
-export const useBroadcastStore = create<BroadcastState>((set, get) => ({
-  provider: undefined,
-  tasks: {},
-  setBroadcastProvider: (provider) => set({ provider }),
-  getBroadcastProvider: () => {
-    const provider = get().provider;
-    if (!provider) {
-      console.warn('Provider is not defined');
-      return;
-    }
-
-    return provider;
-  },
-  addTask: (taskLabel, action) => {
-    const taskExistAlready = get().tasks[taskLabel];
-    const provider = get().getBroadcastProvider();
-    if (taskExistAlready || !provider) {
-      return;
-    }
-
-    const task = provider.document.getArray<string>(taskLabel);
-    task.observe(() => {
-      action();
-    });
-
-    set((state) => ({
-      tasks: {
-        ...state.tasks,
-        [taskLabel]: task,
-      },
-    }));
-  },
-  broadcast: (taskLabel) => {
-    const task = get().tasks[taskLabel];
-    if (!task) {
-      console.warn(`Task ${taskLabel} is not defined`);
-      return;
-    }
-    task.push([`broadcast: ${taskLabel}`]);
-  },
-}));

src/frontend/package.json

@@ -25,13 +25,13 @@
     "i18n:test": "yarn I18N run test"
   },
   "resolutions": {
-    "@blocknote/core": "0.19.0",
-    "@blocknote/mantine": "0.19.0",
-    "@blocknote/react": "0.19.0",
-    "@types/node": "22.9.0",
+    "@blocknote/core": "0.17.1",
+    "@blocknote/mantine": "0.17.1",
+    "@blocknote/react": "0.17.1",
+    "@types/node": "20.16.13",
     "@types/react-dom": "18.3.1",
-    "@typescript-eslint/eslint-plugin": "8.14.0",
-    "@typescript-eslint/parser": "8.14.0",
+    "@typescript-eslint/eslint-plugin": "8.10.0",
+    "@typescript-eslint/parser": "8.10.0",
     "cross-env": "7.0.3",
     "eslint": "8.57.0",
     "react": "18.3.1",

src/frontend/packages/eslint-config-impress/package.json

@@ -6,19 +6,19 @@
     "lint": "eslint --ext .js ."
   },
   "dependencies": {
-    "@next/eslint-plugin-next": "15.0.3",
-    "@tanstack/eslint-plugin-query": "5.60.1",
+    "@next/eslint-plugin-next": "14.2.15",
+    "@tanstack/eslint-plugin-query": "5.59.7",
     "@typescript-eslint/eslint-plugin": "*",
     "@typescript-eslint/parser": "*",
     "eslint": "*",
-    "eslint-config-next": "15.0.3",
+    "eslint-config-next": "14.2.15",
     "eslint-config-prettier": "9.1.0",
     "eslint-plugin-import": "2.31.0",
-    "eslint-plugin-jest": "28.9.0",
-    "eslint-plugin-jsx-a11y": "6.10.2",
-    "eslint-plugin-playwright": "2.0.1",
+    "eslint-plugin-jest": "28.8.3",
+    "eslint-plugin-jsx-a11y": "6.10.1",
+    "eslint-plugin-playwright": "1.8.0",
     "eslint-plugin-prettier": "5.2.1",
-    "eslint-plugin-react": "7.37.2",
+    "eslint-plugin-react": "7.37.1",
     "eslint-plugin-testing-library": "6.4.0",
     "prettier": "3.3.3"
   }

src/frontend/packages/i18n/package.json

@@ -12,7 +12,7 @@
     "test": "jest"
   },
   "dependencies": {
-    "@types/jest": "29.5.14",
+    "@types/jest": "29.5.13",
     "@types/node": "*",
     "eslint-config-impress": "*",
     "eslint-plugin-import": "2.31.0",