Merge branch 'main' into feat/customize-doc-audit-log-certificate

README.md

@@ -1,4 +1,4 @@
-> 🚨 We are live on Product Hunt 🎉  Check out our latest launch: <a href="https://documen.so/sign-everywhere">The Platform Plan</a>!
+> 🚨 We are live on Product Hunt 🎉  Check out our latest launch: <a href="documen.so/sign-everywhere">The Platform Plan</a>!
 
 <a href="https://www.producthunt.com/posts/documenso-platform-plan?embed=true&utm_source=badge-featured&utm_medium=badge&utm_souce=badge-documenso&#0045;platform&#0045;plan" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=670576&theme=light" alt="Documenso&#0032;Platform&#0032;Plan - Whitelabeled&#0032;signing&#0032;flows&#0032;in&#0032;your&#0032;product | Product Hunt" style="width: 250px; height: 54px;" width="250" height="54" /></a>
 

apps/documentation/pages/developers/embedding/_meta.json

@@ -6,6 +6,5 @@
   "solid": "Solid Integration",
   "preact": "Preact Integration",
   "angular": "Angular Integration",
-  "css-variables": "CSS Variables",
-  "web-components": "Web Components"
+  "css-variables": "CSS Variables"
 }

apps/documentation/pages/developers/embedding/index.mdx

@@ -73,15 +73,14 @@ These customization options are available for both Direct Templates and Signing
 
 We support embedding across a range of popular JavaScript frameworks, including:
 
-| Framework        | Package                                                                                      |
-| ---------        | ----------------------------------------------------------------------------------           |
-| React            | [@documenso/embed-react](https://www.npmjs.com/package/@documenso/embed-react)               |
-| Preact           | [@documenso/embed-preact](https://www.npmjs.com/package/@documenso/embed-preact)             |
-| Vue              | [@documenso/embed-vue](https://www.npmjs.com/package/@documenso/embed-vue)                   |
-| Svelte           | [@documenso/embed-svelte](https://www.npmjs.com/package/@documenso/embed-svelte)             |
-| Solid            | [@documenso/embed-solid](https://www.npmjs.com/package/@documenso/embed-solid)               |
-| Angular          | [@documenso/embed-angular](https://www.npmjs.com/package/@documenso/embed-angular)           |
-| Web Components   | [@documenso/embed-webcomponent](https://www.npmjs.com/package/@documenso/embed-webcomponent) |
+| Framework | Package                                                                            |
+| --------- | ---------------------------------------------------------------------------------- |
+| React     | [@documenso/embed-react](https://www.npmjs.com/package/@documenso/embed-react)     |
+| Preact    | [@documenso/embed-preact](https://www.npmjs.com/package/@documenso/embed-preact)   |
+| Vue       | [@documenso/embed-vue](https://www.npmjs.com/package/@documenso/embed-vue)         |
+| Svelte    | [@documenso/embed-svelte](https://www.npmjs.com/package/@documenso/embed-svelte)   |
+| Solid     | [@documenso/embed-solid](https://www.npmjs.com/package/@documenso/embed-solid)     |
+| Angular   | [@documenso/embed-angular](https://www.npmjs.com/package/@documenso/embed-angular) |
 
 Additionally, we provide **web components** for more generalized use. However, please note that web components are still in their early stages and haven't been extensively tested.
 
@@ -167,7 +166,6 @@ Once you've obtained the appropriate tokens, you can integrate the signing exper
 - [Svelte](/developers/embedding/svelte)
 - [Solid](/developers/embedding/solid)
 - [Angular](/developers/embedding/angular)
-- [Web Components](/developers/embedding/web-components)
 
 If you're using **web components**, the integration process is slightly different. Keep in mind that web components are currently less tested but can still provide flexibility for general use cases.
 
@@ -179,5 +177,4 @@ If you're using **web components**, the integration process is slightly differen
 - [Solid Integration](/developers/embedding/solid)
 - [Preact Integration](/developers/embedding/preact)
 - [Angular Integration](/developers/embedding/angular)
-- [Web Components](/developers/embedding/web-components)
 - [CSS Variables](/developers/embedding/css-variables)

apps/documentation/pages/developers/embedding/web-components.mdx

@@ -1,89 +0,0 @@
----
-title: Web Components Integration
-description: Learn how to use our embedding SDK via Web Components on a framework-less web application.
----
-
-# Web Components Integration
-
-Our Web Components SDK provides a simple way to embed a signing experience within your framework-less web application. It supports both direct link templates and signing tokens.
-
-## Installation
-
-To install the SDK, run the following command:
-
-```bash
-npm install @documenso/embed-webcomponent
-```
-
-Then in your html file, add the following to add the script, replacing the path with the proper path to the web component script.
-
-```html
-<script src="YOUR_PATH_HERE"></script>
-```
-
-## Usage
-
-To embed a signing experience, you'll need to provide the token for the document you want to embed. This can be done in a few different ways, depending on your use case.
-
-### Direct Link Template
-
-If you have a direct link template, you can simply provide the token for the template to the `documenso-embed-direct-template` tag.
-
-```html
-<documenso-embed-direct-template
-  token="YOUR_TOKEN_HERE"
-</documenso-embed-direct-template>
-```
-
-#### Attributes
-
-| Attribute                | Type                | Description                                                                                |
-| ------------------- | ------------------- | ------------------------------------------------------------------------------------------ |
-| token               | string              | The token for the document you want to embed                                               |
-| host                | string (optional)   | The host to be used for the signing experience, relevant for self-hosters                  |
-| name                | string (optional)   | The name the signer that will be used by default for signing                               |
-| lockName            | boolean (optional)  | Whether or not the name field should be locked disallowing modifications                   |
-| email               | string (optional)   | The email the signer that will be used by default for signing                              |
-| lockEmail           | boolean (optional)  | Whether or not the email field should be locked disallowing modifications                  |
-| onDocumentReady     | function (optional) | A callback function that will be called when the document is loaded and ready to be signed |
-| onDocumentCompleted | function (optional) | A callback function that will be called when the document has been completed               |
-| onDocumentError     | function (optional) | A callback function that will be called when an error occurs with the document             |
-| onFieldSigned       | function (optional) | A callback function that will be called when a field is signed                             |
-| onFieldUnsigned     | function (optional) | A callback function that will be called when a field is unsigned                           |
-
-### Signing Token
-
-If you have a signing token, you can provide it to the `documenso-embed-sign-document` tag.
-
-```html
-<documenso-embed-sign-document
-  token="YOUR_TOKEN_HERE"
-</documenso-embed-sign-document>
-```
-
-#### Attributes
-
-| Attribute                | Type                | Description                                                                                |
-| ------------------- | ------------------- | ------------------------------------------------------------------------------------------ |
-| token               | string              | The token for the document you want to embed                                               |
-| host                | string (optional)   | The host to be used for the signing experience, relevant for self-hosters                  |
-| name                | string (optional)   | The name the signer that will be used by default for signing                               |
-| lockName            | boolean (optional)  | Whether or not the name field should be locked disallowing modifications                   |
-| onDocumentReady     | function (optional) | A callback function that will be called when the document is loaded and ready to be signed |
-| onDocumentCompleted | function (optional) | A callback function that will be called when the document has been completed               |
-| onDocumentError     | function (optional) | A callback function that will be called when an error occurs with the document             |
-
-### Creating via JavaScript
-
-You can also create the tag element using javascript, for dynamic generation of either modes. For example, this would add the sign document embed to the DOM.
-
-```javascript
-document.getElementById('my-wrapper-here').innerHTML = '';
-
-const tag = document.createElement('documenso-embed-sign-document');
-tag.setAttribute('token', data.token);
-tag.style.width = '100%';
-tag.style.height = '100%';
-
-document.getElementById('my-wrapper-here').appendChild(tag);
-```

apps/documentation/pages/developers/public-api/index.mdx

@@ -21,25 +21,14 @@ Check out the [API V1 documentation](https://app.documenso.com/api/v1/openapi) f
 
 ## API V2 - Beta
 
-<Callout type="warning">API V2 is currently beta, and will be subject to breaking changes</Callout>
+Our new API V2 is currently in Beta. The new API features typed SDKs for TypeScript, Python and Go and example code for many more.
 
-Check out the [API V2 documentation](https://documen.so/api-v2-docs) for details about the API endpoints, request parameters, response formats, and authentication methods.
-
-Our new API V2 supports the following typed SDKs:
-
-- [TypeScript](https://github.com/documenso/sdk-typescript)
-- [Python](https://github.com/documenso/sdk-python)
-- [Go](https://github.com/documenso/sdk-go)
-
-<Callout type="info">
-  For the staging API, please use the following base URL:
-  `https://stg-app.documenso.dev/api/v2-beta/`
+<Callout type="warning">
+  NOW IN BETA: [API V2 Documentation](https://documen.so/api-v2-docs)
 </Callout>
 
 🚀 [V2 Announcement](https://documen.so/sdk-blog)
 
-📖 [Documentation](https://documen.so/api-v2-docs)
-
 💬 [Leave Feedback](https://documen.so/sdk-feedback)
 
 🔔 [Breaking Changes](https://documen.so/sdk-breaking)

apps/web/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@documenso/web",
-  "version": "1.9.1-rc.7",
+  "version": "1.9.1-rc.2",
   "private": true,
   "license": "AGPL-3.0",
   "scripts": {

apps/web/src/app/(dashboard)/documents/[id]/document-page-view-button.tsx

@@ -14,6 +14,12 @@ import type { Document, Recipient, Team, User } from '@documenso/prisma/client';
 import { DocumentStatus, RecipientRole, SigningStatus } from '@documenso/prisma/client';
 import { trpc as trpcClient } from '@documenso/trpc/client';
 import { Button } from '@documenso/ui/primitives/button';
+import {
+  SplitButton,
+  SplitButtonAction,
+  SplitButtonDropdown,
+  SplitButtonDropdownItem,
+} from '@documenso/ui/primitives/split-button';
 import { useToast } from '@documenso/ui/primitives/use-toast';
 
 export type DocumentPageViewButtonProps = {
@@ -25,7 +31,9 @@ export type DocumentPageViewButtonProps = {
   team?: Pick<Team, 'id' | 'url'>;
 };
 
-export const DocumentPageViewButton = ({ document }: DocumentPageViewButtonProps) => {
+export const DocumentPageViewButton = ({
+  document: activeDocument,
+}: DocumentPageViewButtonProps) => {
   const { data: session } = useSession();
   const { toast } = useToast();
   const { _ } = useLingui();
@@ -34,25 +42,27 @@ export const DocumentPageViewButton = ({ document }: DocumentPageViewButtonProps
     return null;
   }
 
-  const recipient = document.recipients.find((recipient) => recipient.email === session.user.email);
+  const recipient = activeDocument.recipients.find(
+    (recipient) => recipient.email === session.user.email,
+  );
 
   const isRecipient = !!recipient;
-  const isPending = document.status === DocumentStatus.PENDING;
-  const isComplete = document.status === DocumentStatus.COMPLETED;
+  const isPending = activeDocument.status === DocumentStatus.PENDING;
+  const isComplete = activeDocument.status === DocumentStatus.COMPLETED;
   const isSigned = recipient?.signingStatus === SigningStatus.SIGNED;
   const role = recipient?.role;
 
-  const documentsPath = formatDocumentsPath(document.team?.url);
+  const documentsPath = formatDocumentsPath(activeDocument.team?.url);
 
   const onDownloadClick = async () => {
     try {
       const documentWithData = await trpcClient.document.getDocumentById.query(
         {
-          documentId: document.id,
+          documentId: activeDocument.id,
         },
         {
           context: {
-            teamId: document.team?.id?.toString(),
+            teamId: activeDocument.team?.id?.toString(),
           },
         },
       );
@@ -63,7 +73,10 @@ export const DocumentPageViewButton = ({ document }: DocumentPageViewButtonProps
         throw new Error('No document available');
       }
 
-      await downloadPDF({ documentData, fileName: documentWithData.title });
+      await downloadPDF({
+        documentData,
+        fileName: documentWithData.title,
+      });
     } catch (err) {
       toast({
         title: _(msg`Something went wrong`),
@@ -73,6 +86,100 @@ export const DocumentPageViewButton = ({ document }: DocumentPageViewButtonProps
     }
   };
 
+  const onDownloadAuditLogClick = async () => {
+    try {
+      const { url } = await trpcClient.document.downloadAuditLogs.mutate({
+        documentId: activeDocument.id,
+      });
+
+      const iframe = Object.assign(document.createElement('iframe'), {
+        src: url,
+      });
+
+      Object.assign(iframe.style, {
+        position: 'fixed',
+        top: '0',
+        left: '0',
+        width: '0',
+        height: '0',
+      });
+
+      const onLoaded = () => {
+        if (iframe.contentDocument?.readyState === 'complete') {
+          iframe.contentWindow?.print();
+
+          iframe.contentWindow?.addEventListener('afterprint', () => {
+            document.body.removeChild(iframe);
+          });
+        }
+      };
+
+      // When the iframe has loaded, print the iframe and remove it from the dom
+      iframe.addEventListener('load', onLoaded);
+
+      document.body.appendChild(iframe);
+
+      onLoaded();
+    } catch (error) {
+      console.error(error);
+
+      toast({
+        title: _(msg`Something went wrong`),
+        description: _(
+          msg`Sorry, we were unable to download the audit logs. Please try again later.`,
+        ),
+        variant: 'destructive',
+      });
+    }
+  };
+
+  const onDownloadSigningCertificateClick = async () => {
+    try {
+      const { url } = await trpcClient.document.downloadCertificate.mutate({
+        documentId: activeDocument.id,
+      });
+
+      const iframe = Object.assign(document.createElement('iframe'), {
+        src: url,
+      });
+
+      Object.assign(iframe.style, {
+        position: 'fixed',
+        top: '0',
+        left: '0',
+        width: '0',
+        height: '0',
+      });
+
+      const onLoaded = () => {
+        if (iframe.contentDocument?.readyState === 'complete') {
+          iframe.contentWindow?.print();
+
+          iframe.contentWindow?.addEventListener('afterprint', () => {
+            document.body.removeChild(iframe);
+          });
+        }
+      };
+
+      // When the iframe has loaded, print the iframe and remove it from the dom
+      iframe.addEventListener('load', onLoaded);
+
+      document.body.appendChild(iframe);
+
+      onLoaded();
+    } catch (error) {
+      console.error(error);
+
+      toast({
+        title: _(msg`Something went wrong`),
+        description: _(
+          msg`Sorry, we were unable to download the certificate. Please try again later.`,
+        ),
+        variant: 'destructive',
+      });
+    }
+  };
+
   return match({
     isRecipient,
     isPending,
@@ -106,16 +213,27 @@ export const DocumentPageViewButton = ({ document }: DocumentPageViewButtonProps
     ))
     .with({ isComplete: false }, () => (
       <Button className="w-full" asChild>
-        <Link href={`${documentsPath}/${document.id}/edit`}>
+        <Link href={`${documentsPath}/${activeDocument.id}/edit`}>
           <Trans>Edit</Trans>
         </Link>
       </Button>
     ))
     .with({ isComplete: true }, () => (
-      <Button className="w-full" onClick={onDownloadClick}>
-        <Download className="-ml-1 mr-2 inline h-4 w-4" />
-        <Trans>Download</Trans>
-      </Button>
+      <SplitButton className="flex w-full">
+        <SplitButtonAction className="w-full" onClick={() => void onDownloadClick()}>
+          <Download className="-ml-1 mr-2 inline h-4 w-4" />
+          <Trans>Download</Trans>
+        </SplitButtonAction>
+        <SplitButtonDropdown>
+          <SplitButtonDropdownItem onClick={() => void onDownloadAuditLogClick()}>
+            <Trans>Only Audit Log</Trans>
+          </SplitButtonDropdownItem>
+
+          <SplitButtonDropdownItem onClick={() => void onDownloadSigningCertificateClick()}>
+            <Trans>Only Signing Certificate</Trans>
+          </SplitButtonDropdownItem>
+        </SplitButtonDropdown>
+      </SplitButton>
     ))
     .otherwise(() => null);
 };

apps/web/src/app/(dashboard)/documents/[id]/edit-document.tsx

@@ -187,6 +187,8 @@ export const EditDocumentForm = ({
           title: data.title,
           externalId: data.externalId || null,
           visibility: data.visibility,
+          includeSigningCertificate: data.includeSigningCertificate,
+          includeAuditTrailLog: data.includeAuditTrailLog,
           globalAccessAuth: data.globalAccessAuth ?? null,
           globalActionAuth: data.globalActionAuth ?? null,
         },

apps/web/src/app/(signing)/sign/[token]/checkbox-field.tsx

@@ -44,12 +44,7 @@ export const CheckboxField = ({ field, onSignField, onUnsignField }: CheckboxFie
   const [isPending, startTransition] = useTransition();
   const { executeActionAuthProcedure } = useRequiredDocumentAuthContext();
 
-  const parsedFieldMeta = ZCheckboxFieldMeta.parse(
-    field.fieldMeta ?? {
-      type: 'checkbox',
-      values: [{ id: 1, checked: false, value: '' }],
-    },
-  );
+  const parsedFieldMeta = ZCheckboxFieldMeta.parse(field.fieldMeta);
 
   const values = parsedFieldMeta.values?.map((item) => ({
     ...item,

apps/web/src/app/(signing)/sign/[token]/complete/page.tsx

@@ -4,6 +4,7 @@ import { notFound } from 'next/navigation';
 import { Trans, msg } from '@lingui/macro';
 import { useLingui } from '@lingui/react';
 import { CheckCircle2, Clock8 } from 'lucide-react';
+import { getServerSession } from 'next-auth';
 import { env } from 'next-runtime-env';
 import { match } from 'ts-pattern';
 
@@ -15,12 +16,10 @@ import { isRecipientAuthorized } from '@documenso/lib/server-only/document/is-re
 import { getFieldsForToken } from '@documenso/lib/server-only/field/get-fields-for-token';
 import { getRecipientByToken } from '@documenso/lib/server-only/recipient/get-recipient-by-token';
 import { getRecipientSignatures } from '@documenso/lib/server-only/recipient/get-recipient-signatures';
-import { getNextInboxDocument } from '@documenso/lib/server-only/user/get-next-inbox-document';
 import { getUserByEmail } from '@documenso/lib/server-only/user/get-user-by-email';
 import { DocumentStatus, FieldType, RecipientRole } from '@documenso/prisma/client';
 import { DocumentDownloadButton } from '@documenso/ui/components/document/document-download-button';
 import { DocumentShareButton } from '@documenso/ui/components/document/document-share-button';
-import { NextInboxItemButton } from '@documenso/ui/components/document/next-inbox-item-button';
 import { SigningCard3D } from '@documenso/ui/components/signing-card';
 import { cn } from '@documenso/ui/lib/utils';
 import { Badge } from '@documenso/ui/primitives/badge';
@@ -62,10 +61,9 @@ export default async function CompletedSigningPage({
 
   const { documentData } = document;
 
-  const [fields, recipient, nextInboxDocument] = await Promise.all([
+  const [fields, recipient] = await Promise.all([
     getFieldsForToken({ token }),
     getRecipientByToken({ token }).catch(() => null),
-    getNextInboxDocument({ email: user?.email }).catch(() => null),
   ]);
 
   if (!recipient) {
@@ -93,7 +91,8 @@ export default async function CompletedSigningPage({
     fields.find((field) => field.type === FieldType.NAME)?.customText ||
     recipient.email;
 
-  const isLoggedIn = !!user;
+  const sessionData = await getServerSession();
+  const isLoggedIn = !!sessionData?.user;
   const canSignUp = !isExistingUser && NEXT_PUBLIC_DISABLE_SIGNUP !== 'true';
 
   return (
@@ -183,16 +182,12 @@ export default async function CompletedSigningPage({
               </p>
             ))}
 
-          <div
-            className={cn('mt-8 flex w-full items-center justify-center gap-4', {
-              'max-w-sm': !nextInboxDocument,
-            })}
-          >
+          <div className="mt-8 flex w-full max-w-sm items-center justify-center gap-4">
             <DocumentShareButton documentId={document.id} token={recipient.token} />
 
             {document.status === DocumentStatus.COMPLETED ? (
               <DocumentDownloadButton
-                className="flex-1 text-xs"
+                className="flex-1"
                 fileName={document.title}
                 documentData={documentData}
                 disabled={document.status !== DocumentStatus.COMPLETED}
@@ -204,15 +199,6 @@ export default async function CompletedSigningPage({
                 documentData={documentData}
               />
             )}
-
-            {isLoggedIn && nextInboxDocument && (
-              <NextInboxItemButton
-                className="text-xs"
-                userEmail={user?.email}
-                documentData={documentData}
-                nextInboxDocument={nextInboxDocument}
-              />
-            )}
           </div>
         </div>
 
@@ -234,7 +220,7 @@ export default async function CompletedSigningPage({
           )}
 
           {isLoggedIn && (
-            <Link href="/documents" className="text-documenso-700 hover:text-documenso-600 mt-4">
+            <Link href="/documents" className="text-documenso-700 hover:text-documenso-600 mt-2">
               <Trans>Go Back Home</Trans>
             </Link>
           )}

apps/web/src/app/(signing)/sign/[token]/signing-field-container.tsx

@@ -182,23 +182,6 @@ export const SigningFieldContainer = ({
           </button>
         )}
 
-        {(field.type === FieldType.RADIO || field.type === FieldType.CHECKBOX) &&
-          field.fieldMeta?.label && (
-            <div
-              className={cn(
-                'absolute -top-16 left-0 right-0 rounded-md p-2 text-center text-xs text-gray-700',
-                {
-                  'bg-foreground/5 border-border border': !field.inserted,
-                },
-                {
-                  'bg-documenso-200 border-primary border': field.inserted,
-                },
-              )}
-            >
-              {field.fieldMeta.label}
-            </div>
-          )}
-
         {children}
       </FieldRootContainer>
     </div>

apps/web/src/app/(teams)/t/[teamUrl]/settings/preferences/document-preferences.tsx

@@ -41,6 +41,7 @@ const ZTeamDocumentPreferencesFormSchema = z.object({
   includeSenderDetails: z.boolean(),
   typedSignatureEnabled: z.boolean(),
   includeSigningCertificate: z.boolean(),
+  includeAuditTrailLog: z.boolean(),
 });
 
 type TTeamDocumentPreferencesFormSchema = z.infer<typeof ZTeamDocumentPreferencesFormSchema>;
@@ -72,6 +73,7 @@ export const TeamDocumentPreferencesForm = ({
       includeSenderDetails: settings?.includeSenderDetails ?? false,
       typedSignatureEnabled: settings?.typedSignatureEnabled ?? true,
       includeSigningCertificate: settings?.includeSigningCertificate ?? true,
+      includeAuditTrailLog: settings?.includeAuditTrailLog ?? false,
     },
     resolver: zodResolver(ZTeamDocumentPreferencesFormSchema),
   });
@@ -86,6 +88,7 @@ export const TeamDocumentPreferencesForm = ({
         includeSenderDetails,
         includeSigningCertificate,
         typedSignatureEnabled,
+        includeAuditTrailLog,
       } = data;
 
       await updateTeamDocumentPreferences({
@@ -96,6 +99,7 @@ export const TeamDocumentPreferencesForm = ({
           includeSenderDetails,
           typedSignatureEnabled,
           includeSigningCertificate,
+          includeAuditTrailLog,
         },
       });
 
@@ -300,6 +304,37 @@ export const TeamDocumentPreferencesForm = ({
             )}
           />
 
+          <FormField
+            control={form.control}
+            name="includeAuditTrailLog"
+            render={({ field }) => (
+              <FormItem className="flex-1">
+                <FormLabel>
+                  <Trans>Include the Audit Trail Log in the Document</Trans>
+                </FormLabel>
+
+                <div>
+                  <FormControl className="block">
+                    <Switch
+                      ref={field.ref}
+                      name={field.name}
+                      checked={field.value}
+                      onCheckedChange={field.onChange}
+                    />
+                  </FormControl>
+                </div>
+
+                <FormDescription>
+                  <Trans>
+                    Controls whether the audit trail log will be included in the document when it is
+                    downloaded. The audit trail log can still be downloaded from the logs page
+                    separately.
+                  </Trans>
+                </FormDescription>
+              </FormItem>
+            )}
+          />
+
           <div className="flex flex-row justify-end space-x-4">
             <Button type="submit" loading={form.formState.isSubmitting}>
               <Trans>Save</Trans>

apps/web/src/app/embed/direct/[[...url]]/client.tsx

@@ -49,7 +49,7 @@ export type EmbedDirectTemplateClientPageProps = {
   fields: Field[];
   metadata?: DocumentMeta | TemplateMeta | null;
   hidePoweredBy?: boolean;
-  allowWhiteLabelling?: boolean;
+  isPlatformOrEnterprise?: boolean;
 };
 
 export const EmbedDirectTemplateClientPage = ({
@@ -60,7 +60,7 @@ export const EmbedDirectTemplateClientPage = ({
   fields,
   metadata,
   hidePoweredBy = false,
-  allowWhiteLabelling = false,
+  isPlatformOrEnterprise = false,
 }: EmbedDirectTemplateClientPageProps) => {
   const { _ } = useLingui();
   const { toast } = useToast();
@@ -288,7 +288,7 @@ export const EmbedDirectTemplateClientPage = ({
         document.documentElement.classList.add('dark-mode-disabled');
       }
 
-      if (allowWhiteLabelling) {
+      if (isPlatformOrEnterprise) {
         injectCss({
           css: data.css,
           cssVars: data.cssVars,
@@ -349,7 +349,7 @@ export const EmbedDirectTemplateClientPage = ({
         {/* Widget */}
         <div
           key={isExpanded ? 'expanded' : 'collapsed'}
-          className="group/document-widget fixed bottom-8 left-0 z-50 h-fit max-h-[calc(100dvh-2rem)] w-full flex-shrink-0 px-6 md:sticky md:top-4 md:z-auto md:w-[350px] md:px-0"
+          className="group/document-widget fixed bottom-8 left-0 z-50 h-fit w-full flex-shrink-0 px-6 md:sticky md:top-4 md:z-auto md:w-[350px] md:px-0"
           data-expanded={isExpanded || undefined}
         >
           <div className="border-border bg-widget flex h-fit w-full flex-col rounded-xl border px-4 py-4 md:min-h-[min(calc(100dvh-2rem),48rem)] md:py-6">
@@ -360,34 +360,19 @@ export const EmbedDirectTemplateClientPage = ({
                   <Trans>Sign document</Trans>
                 </h3>
 
-                {isExpanded ? (
-                  <Button
-                    variant="outline"
-                    className="h-8 w-8 p-0 md:hidden"
-                    onClick={() => setIsExpanded(false)}
-                  >
-                    <LucideChevronDown className="text-muted-foreground h-5 w-5" />
-                  </Button>
-                ) : pendingFields.length > 0 ? (
-                  <Button
-                    variant="outline"
-                    className="h-8 w-8 p-0 md:hidden"
-                    onClick={() => setIsExpanded(true)}
-                  >
-                    <LucideChevronUp className="text-muted-foreground h-5 w-5" />
-                  </Button>
-                ) : (
-                  <Button
-                    variant="default"
-                    size="sm"
-                    className="md:hidden"
-                    disabled={isThrottled || (hasSignatureField && !signatureValid)}
-                    loading={isSubmitting}
-                    onClick={() => throttledOnCompleteClick()}
-                  >
-                    <Trans>Complete</Trans>
-                  </Button>
-                )}
+                <Button variant="outline" className="h-8 w-8 p-0 md:hidden">
+                  {isExpanded ? (
+                    <LucideChevronDown
+                      className="text-muted-foreground h-5 w-5"
+                      onClick={() => setIsExpanded(false)}
+                    />
+                  ) : (
+                    <LucideChevronUp
+                      className="text-muted-foreground h-5 w-5"
+                      onClick={() => setIsExpanded(true)}
+                    />
+                  )}
+                </Button>
               </div>
             </div>
 

apps/web/src/app/embed/direct/[[...url]]/page.tsx

@@ -2,7 +2,6 @@ import { notFound } from 'next/navigation';
 
 import { match } from 'ts-pattern';
 
-import { isCommunityPlan as isUserCommunityPlan } from '@documenso/ee/server-only/util/is-community-plan';
 import { isUserEnterprise } from '@documenso/ee/server-only/util/is-document-enterprise';
 import { isDocumentPlatform } from '@documenso/ee/server-only/util/is-document-platform';
 import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';
@@ -56,16 +55,12 @@ export default async function EmbedDirectTemplatePage({ params }: EmbedDirectTem
     documentAuth: template.authOptions,
   });
 
-  const [isPlatformDocument, isEnterpriseDocument, isCommunityPlan] = await Promise.all([
+  const [isPlatformDocument, isEnterpriseDocument] = await Promise.all([
     isDocumentPlatform(template),
     isUserEnterprise({
       userId: template.userId,
       teamId: template.teamId ?? undefined,
     }),
-    isUserCommunityPlan({
-      userId: template.userId,
-      teamId: template.teamId ?? undefined,
-    }),
   ]);
 
   const isAccessAuthValid = match(derivedRecipientAccessAuth)
@@ -110,10 +105,8 @@ export default async function EmbedDirectTemplatePage({ params }: EmbedDirectTem
             recipient={recipient}
             fields={fields}
             metadata={template.templateMeta}
-            hidePoweredBy={
-              isCommunityPlan || isPlatformDocument || isEnterpriseDocument || hidePoweredBy
-            }
-            allowWhiteLabelling={isCommunityPlan || isPlatformDocument || isEnterpriseDocument}
+            hidePoweredBy={isPlatformDocument || isEnterpriseDocument || hidePoweredBy}
+            isPlatformOrEnterprise={isPlatformDocument || isEnterpriseDocument}
           />
         </RecipientProvider>
       </DocumentAuthProvider>

apps/web/src/app/embed/sign/[[...url]]/client.tsx

@@ -51,7 +51,7 @@ export type EmbedSignDocumentClientPageProps = {
   metadata?: DocumentMeta | TemplateMeta | null;
   isCompleted?: boolean;
   hidePoweredBy?: boolean;
-  allowWhitelabelling?: boolean;
+  isPlatformOrEnterprise?: boolean;
   allRecipients?: RecipientWithFields[];
 };
 
@@ -64,7 +64,7 @@ export const EmbedSignDocumentClientPage = ({
   metadata,
   isCompleted,
   hidePoweredBy = false,
-  allowWhitelabelling = false,
+  isPlatformOrEnterprise = false,
   allRecipients = [],
 }: EmbedSignDocumentClientPageProps) => {
   const { _ } = useLingui();
@@ -212,7 +212,7 @@ export const EmbedSignDocumentClientPage = ({
         document.documentElement.classList.add('dark-mode-disabled');
       }
 
-      if (allowWhitelabelling) {
+      if (isPlatformOrEnterprise) {
         injectCss({
           css: data.css,
           cssVars: data.cssVars,
@@ -288,7 +288,7 @@ export const EmbedSignDocumentClientPage = ({
           {/* Widget */}
           <div
             key={isExpanded ? 'expanded' : 'collapsed'}
-            className="embed--DocumentWidgetContainer group/document-widget fixed bottom-8 left-0 z-50 h-fit max-h-[calc(100dvh-2rem)] w-full flex-shrink-0 px-6 md:sticky md:top-4 md:z-auto md:w-[350px] md:px-0"
+            className="embed--DocumentWidgetContainer group/document-widget fixed bottom-8 left-0 z-50 h-fit w-full flex-shrink-0 px-6 md:sticky md:top-4 md:z-auto md:w-[350px] md:px-0"
             data-expanded={isExpanded || undefined}
           >
             <div className="embed--DocumentWidget border-border bg-widget flex w-full flex-col rounded-xl border px-4 py-4 md:py-6">
@@ -303,36 +303,19 @@ export const EmbedSignDocumentClientPage = ({
                     )}
                   </h3>
 
-                  {isExpanded ? (
-                    <Button
-                      variant="outline"
-                      className="bg-background dark:bg-foreground h-8 w-8 p-0 md:hidden"
-                      onClick={() => setIsExpanded(false)}
-                    >
-                      <LucideChevronDown className="text-muted-foreground dark:text-background h-5 w-5" />
-                    </Button>
-                  ) : pendingFields.length > 0 ? (
-                    <Button
-                      variant="outline"
-                      className="bg-background dark:bg-foreground h-8 w-8 p-0 md:hidden"
-                      onClick={() => setIsExpanded(true)}
-                    >
-                      <LucideChevronUp className="text-muted-foreground dark:text-background h-5 w-5" />
-                    </Button>
-                  ) : (
-                    <Button
-                      variant="default"
-                      size="sm"
-                      className="md:hidden"
-                      disabled={
-                        isThrottled || (!isAssistantMode && hasSignatureField && !signatureValid)
-                      }
-                      loading={isSubmitting}
-                      onClick={() => throttledOnCompleteClick()}
-                    >
-                      <Trans>Complete</Trans>
-                    </Button>
-                  )}
+                  <Button variant="outline" className="h-8 w-8 p-0 md:hidden">
+                    {isExpanded ? (
+                      <LucideChevronDown
+                        className="text-muted-foreground h-5 w-5"
+                        onClick={() => setIsExpanded(false)}
+                      />
+                    ) : (
+                      <LucideChevronUp
+                        className="text-muted-foreground h-5 w-5"
+                        onClick={() => setIsExpanded(true)}
+                      />
+                    )}
+                  </Button>
                 </div>
               </div>
 

apps/web/src/app/embed/sign/[[...url]]/page.tsx

@@ -2,7 +2,6 @@ import { notFound } from 'next/navigation';
 
 import { match } from 'ts-pattern';
 
-import { isCommunityPlan as isUserCommunityPlan } from '@documenso/ee/server-only/util/is-community-plan';
 import { isUserEnterprise } from '@documenso/ee/server-only/util/is-document-enterprise';
 import { isDocumentPlatform } from '@documenso/ee/server-only/util/is-document-platform';
 import { IS_BILLING_ENABLED } from '@documenso/lib/constants/app';
@@ -63,16 +62,12 @@ export default async function EmbedSignDocumentPage({ params }: EmbedSignDocumen
     return <EmbedPaywall />;
   }
 
-  const [isPlatformDocument, isEnterpriseDocument, isCommunityPlan] = await Promise.all([
+  const [isPlatformDocument, isEnterpriseDocument] = await Promise.all([
     isDocumentPlatform(document),
     isUserEnterprise({
       userId: document.userId,
       teamId: document.teamId ?? undefined,
     }),
-    isUserCommunityPlan({
-      userId: document.userId,
-      teamId: document.teamId ?? undefined,
-    }),
   ]);
 
   const { derivedRecipientAccessAuth } = extractDocumentAuthMethods({
@@ -131,10 +126,8 @@ export default async function EmbedSignDocumentPage({ params }: EmbedSignDocumen
           fields={fields}
           metadata={document.documentMeta}
           isCompleted={document.status === DocumentStatus.COMPLETED}
-          hidePoweredBy={
-            isCommunityPlan || isPlatformDocument || isEnterpriseDocument || hidePoweredBy
-          }
-          allowWhitelabelling={isCommunityPlan || isPlatformDocument || isEnterpriseDocument}
+          hidePoweredBy={isPlatformDocument || isEnterpriseDocument || hidePoweredBy}
+          isPlatformOrEnterprise={isPlatformDocument || isEnterpriseDocument}
           allRecipients={allRecipients}
         />
       </DocumentAuthProvider>

apps/web/src/components/document/document-history-sheet.tsx

@@ -363,6 +363,40 @@ export const DocumentHistorySheet = ({
                       ]}
                     />
                   ))
+                  .with(
+                    { type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_SIGNING_CERTIFICATE_UPDATED },
+                    ({ data }) => (
+                      <DocumentHistorySheetChanges
+                        values={[
+                          {
+                            key: 'Old',
+                            value: data.from,
+                          },
+                          {
+                            key: 'New',
+                            value: data.to,
+                          },
+                        ]}
+                      />
+                    ),
+                  )
+                  .with(
+                    { type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_AUDIT_TRAIL_UPDATED },
+                    ({ data }) => (
+                      <DocumentHistorySheetChanges
+                        values={[
+                          {
+                            key: 'Old',
+                            value: data.from,
+                          },
+                          {
+                            key: 'New',
+                            value: data.to,
+                          },
+                        ]}
+                      />
+                    ),
+                  )
                   .exhaustive()}
 
                 {isUserDetailsVisible && (

package.json

@@ -1,6 +1,6 @@
 {
   "private": true,
-  "version": "1.9.1-rc.7",
+  "version": "1.9.1-rc.2",
   "scripts": {
     "build": "turbo run build",
     "build:web": "turbo run build --filter=@documenso/web",

packages/ee/server-only/stripe/get-prices-by-plan.ts

@@ -4,14 +4,15 @@ import { stripe } from '@documenso/lib/server-only/stripe';
 type PlanType = (typeof STRIPE_PLAN_TYPE)[keyof typeof STRIPE_PLAN_TYPE];
 
 export const getPricesByPlan = async (plan: PlanType | PlanType[]) => {
-  const planTypes: string[] = typeof plan === 'string' ? [plan] : plan;
+  const planTypes = typeof plan === 'string' ? [plan] : plan;
 
-  const prices = await stripe.prices.list({
+  const query = planTypes.map((planType) => `metadata['plan']:'${planType}'`).join(' OR ');
+
+  const { data: prices } = await stripe.prices.search({
+    query,
     expand: ['data.product'],
     limit: 100,
   });
 
-  return prices.data.filter(
-    (price) => price.type === 'recurring' && planTypes.includes(price.metadata.plan),
-  );
+  return prices.filter((price) => price.type === 'recurring');
 };

packages/ee/server-only/util/is-community-plan.ts

@@ -1,56 +0,0 @@
-import { subscriptionsContainsActivePlan } from '@documenso/lib/utils/billing';
-import { prisma } from '@documenso/prisma';
-import type { Subscription } from '@documenso/prisma/client';
-
-import { getCommunityPlanPriceIds } from '../stripe/get-community-plan-prices';
-
-export type IsCommunityPlanOptions = {
-  userId: number;
-  teamId?: number;
-};
-
-/**
- * Whether the user or team is on the community plan.
- */
-export const isCommunityPlan = async ({
-  userId,
-  teamId,
-}: IsCommunityPlanOptions): Promise<boolean> => {
-  let subscriptions: Subscription[] = [];
-
-  if (teamId) {
-    subscriptions = await prisma.team
-      .findFirstOrThrow({
-        where: {
-          id: teamId,
-        },
-        select: {
-          owner: {
-            include: {
-              subscriptions: true,
-            },
-          },
-        },
-      })
-      .then((team) => team.owner.subscriptions);
-  } else {
-    subscriptions = await prisma.user
-      .findFirstOrThrow({
-        where: {
-          id: userId,
-        },
-        select: {
-          subscriptions: true,
-        },
-      })
-      .then((user) => user.subscriptions);
-  }
-
-  if (subscriptions.length === 0) {
-    return false;
-  }
-
-  const communityPlanPriceIds = await getCommunityPlanPriceIds();
-
-  return subscriptionsContainsActivePlan(subscriptions, communityPlanPriceIds);
-};

packages/lib/jobs/definitions/emails/send-team-deleted-email.ts

@@ -17,6 +17,7 @@ const SEND_TEAM_DELETED_EMAIL_JOB_DEFINITION_SCHEMA = z.object({
         documentLanguage: z.string(),
         includeSenderDetails: z.boolean(),
         includeSigningCertificate: z.boolean(),
+        includeAuditTrailLog: z.boolean(),
         brandingEnabled: z.boolean(),
         brandingLogo: z.string(),
         brandingUrl: z.string(),

packages/lib/jobs/definitions/internal/seal-document.handler.ts

@@ -13,6 +13,7 @@ import { signPdf } from '@documenso/signing';
 
 import { sendCompletedEmail } from '../../../server-only/document/send-completed-email';
 import PostHogServerClient from '../../../server-only/feature-flags/get-post-hog-server-client';
+import { getAuditLogsPdf } from '../../../server-only/htmltopdf/get-audit-logs-pdf';
 import { getCertificatePdf } from '../../../server-only/htmltopdf/get-certificate-pdf';
 import { flattenAnnotations } from '../../../server-only/pdf/flatten-annotations';
 import { flattenForm } from '../../../server-only/pdf/flatten-form';
@@ -57,6 +58,7 @@ export const run = async ({
           teamGlobalSettings: {
             select: {
               includeSigningCertificate: true,
+              includeAuditTrailLog: true,
             },
           },
         },
@@ -121,13 +123,36 @@ export const run = async ({
 
   const pdfData = await getFile(documentData);
 
-  const certificateData =
-    (document.team?.teamGlobalSettings?.includeSigningCertificate ?? true)
-      ? await getCertificatePdf({
-          documentId,
-          language: document.documentMeta?.language,
-        }).catch(() => null)
-      : null;
+  let includeSigningCertificate;
+
+  if (document.teamId) {
+    includeSigningCertificate =
+      document.team?.teamGlobalSettings?.includeSigningCertificate ?? true;
+  } else {
+    includeSigningCertificate = document.includeSigningCertificate ?? true;
+  }
+
+  const certificateData = includeSigningCertificate
+    ? await getCertificatePdf({
+        documentId,
+        language: document.documentMeta?.language,
+      }).catch(() => null)
+    : null;
+
+  let includeAuditTrailLog;
+
+  if (document.teamId) {
+    includeAuditTrailLog = document.team?.teamGlobalSettings?.includeAuditTrailLog ?? true;
+  } else {
+    includeAuditTrailLog = document.includeAuditTrailLog ?? true;
+  }
+
+  const auditLogData = includeAuditTrailLog
+    ? await getAuditLogsPdf({
+        documentId,
+        language: document.documentMeta?.language,
+      }).catch(() => null)
+    : null;
 
   const newDataId = await io.runTask('decorate-and-sign-pdf', async () => {
     const pdfDoc = await PDFDocument.load(pdfData);
@@ -150,6 +175,16 @@ export const run = async ({
       });
     }
 
+    if (auditLogData) {
+      const auditLog = await PDFDocument.load(auditLogData);
+
+      const auditLogPages = await pdfDoc.copyPages(auditLog, auditLog.getPageIndices());
+
+      auditLogPages.forEach((page) => {
+        pdfDoc.addPage(page);
+      });
+    }
+
     for (const field of fields) {
       if (field.inserted) {
         await insertFieldInPDF(pdfDoc, field);

packages/lib/server-only/document/create-document.ts

@@ -124,6 +124,8 @@ export const createDocument = async ({
           team?.teamGlobalSettings?.documentVisibility,
           userTeamRole ?? TeamMemberRole.MEMBER,
         ),
+        includeSigningCertificate: team?.teamGlobalSettings?.includeSigningCertificate ?? true,
+        includeAuditTrailLog: team?.teamGlobalSettings?.includeAuditTrailLog ?? true,
         formValues,
         source: DocumentSource.DOCUMENT,
         documentMeta: {

packages/lib/server-only/document/find-documents.ts

@@ -88,7 +88,6 @@ export const findDocuments = async ({
   const searchFilter: Prisma.DocumentWhereInput = {
     OR: [
       { title: { contains: query, mode: 'insensitive' } },
-      { externalId: { contains: query, mode: 'insensitive' } },
       { recipients: { some: { name: { contains: query, mode: 'insensitive' } } } },
       { recipients: { some: { email: { contains: query, mode: 'insensitive' } } } },
     ],

packages/lib/server-only/document/seal-document.ts

@@ -22,6 +22,7 @@ import type { RequestMetadata } from '../../universal/extract-request-metadata';
 import { getFile } from '../../universal/upload/get-file';
 import { putPdfFile } from '../../universal/upload/put-file';
 import { fieldsContainUnsignedRequiredField } from '../../utils/advanced-fields-helpers';
+import { getAuditLogsPdf } from '../htmltopdf/get-audit-logs-pdf';
 import { getCertificatePdf } from '../htmltopdf/get-certificate-pdf';
 import { flattenAnnotations } from '../pdf/flatten-annotations';
 import { flattenForm } from '../pdf/flatten-form';
@@ -61,6 +62,7 @@ export const sealDocument = async ({
           teamGlobalSettings: {
             select: {
               includeSigningCertificate: true,
+              includeAuditTrailLog: true,
             },
           },
         },
@@ -109,13 +111,36 @@ export const sealDocument = async ({
   // !: Need to write the fields onto the document as a hard copy
   const pdfData = await getFile(documentData);
 
-  const certificateData =
-    (document.team?.teamGlobalSettings?.includeSigningCertificate ?? true)
-      ? await getCertificatePdf({
-          documentId,
-          language: document.documentMeta?.language,
-        }).catch(() => null)
-      : null;
+  let includeSigningCertificate;
+
+  if (document.teamId) {
+    includeSigningCertificate =
+      document.team?.teamGlobalSettings?.includeSigningCertificate ?? true;
+  } else {
+    includeSigningCertificate = document.includeSigningCertificate ?? true;
+  }
+
+  const certificateData = includeSigningCertificate
+    ? await getCertificatePdf({
+        documentId,
+        language: document.documentMeta?.language,
+      }).catch(() => null)
+    : null;
+
+  let includeAuditTrailLog;
+
+  if (document.teamId) {
+    includeAuditTrailLog = document.team?.teamGlobalSettings?.includeAuditTrailLog ?? true;
+  } else {
+    includeAuditTrailLog = document.includeAuditTrailLog ?? true;
+  }
+
+  const auditLogData = includeAuditTrailLog
+    ? await getAuditLogsPdf({
+        documentId,
+        language: document.documentMeta?.language,
+      }).catch(() => null)
+    : null;
 
   const doc = await PDFDocument.load(pdfData);
 
@@ -134,6 +159,16 @@ export const sealDocument = async ({
     });
   }
 
+  if (auditLogData) {
+    const auditLog = await PDFDocument.load(auditLogData);
+
+    const auditLogPages = await doc.copyPages(auditLog, auditLog.getPageIndices());
+
+    auditLogPages.forEach((page) => {
+      doc.addPage(page);
+    });
+  }
+
   for (const field of fields) {
     await insertFieldInPDF(doc, field);
   }

packages/lib/server-only/document/search-documents-with-keyword.ts

@@ -34,14 +34,6 @@ export const searchDocumentsWithKeyword = async ({
           userId: userId,
           deletedAt: null,
         },
-        {
-          externalId: {
-            contains: query,
-            mode: 'insensitive',
-          },
-          userId: userId,
-          deletedAt: null,
-        },
         {
           recipients: {
             some: {
@@ -96,23 +88,6 @@ export const searchDocumentsWithKeyword = async ({
           },
           deletedAt: null,
         },
-        {
-          externalId: {
-            contains: query,
-            mode: 'insensitive',
-          },
-          teamId: {
-            not: null,
-          },
-          team: {
-            members: {
-              some: {
-                userId: userId,
-              },
-            },
-          },
-          deletedAt: null,
-        },
       ],
     },
     include: {

packages/lib/server-only/document/update-document.ts

@@ -21,6 +21,8 @@ export type UpdateDocumentOptions = {
     title?: string;
     externalId?: string | null;
     visibility?: DocumentVisibility | null;
+    includeSigningCertificate?: boolean;
+    includeAuditTrailLog?: boolean;
     globalAccessAuth?: TDocumentAccessAuthTypes | null;
     globalActionAuth?: TDocumentActionAuthTypes | null;
   };
@@ -156,6 +158,12 @@ export const updateDocument = async ({
     documentGlobalActionAuth === undefined || documentGlobalActionAuth === newGlobalActionAuth;
   const isDocumentVisibilitySame =
     data.visibility === undefined || data.visibility === document.visibility;
+  const isIncludeSigningCertificateSame =
+    data.includeSigningCertificate === undefined ||
+    data.includeSigningCertificate === document.includeSigningCertificate;
+  const isIncludeAuditTrailLogSame =
+    data.includeAuditTrailLog === undefined ||
+    data.includeAuditTrailLog === document.includeAuditTrailLog;
 
   const auditLogs: CreateDocumentAuditLogDataResponse[] = [];
 
@@ -235,6 +243,34 @@ export const updateDocument = async ({
     );
   }
 
+  if (!isIncludeSigningCertificateSame) {
+    auditLogs.push(
+      createDocumentAuditLogData({
+        type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_SIGNING_CERTIFICATE_UPDATED,
+        documentId,
+        metadata: requestMetadata,
+        data: {
+          from: String(document.includeSigningCertificate),
+          to: String(data.includeSigningCertificate || false),
+        },
+      }),
+    );
+  }
+
+  if (!isIncludeAuditTrailLogSame) {
+    auditLogs.push(
+      createDocumentAuditLogData({
+        type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_AUDIT_TRAIL_UPDATED,
+        documentId,
+        metadata: requestMetadata,
+        data: {
+          from: String(document.includeAuditTrailLog),
+          to: String(data.includeAuditTrailLog || false),
+        },
+      }),
+    );
+  }
+
   // Early return if nothing is required.
   if (auditLogs.length === 0) {
     return document;
@@ -254,6 +290,8 @@ export const updateDocument = async ({
         title: data.title,
         externalId: data.externalId,
         visibility: data.visibility as DocumentVisibility,
+        includeSigningCertificate: data.includeSigningCertificate,
+        includeAuditTrailLog: data.includeAuditTrailLog,
         authOptions,
       },
     });

packages/lib/server-only/htmltopdf/get-audit-logs-pdf.ts

@@ -0,0 +1,74 @@
+import { DateTime } from 'luxon';
+import type { Browser } from 'playwright';
+
+import { NEXT_PUBLIC_WEBAPP_URL } from '../../constants/app';
+import { type SupportedLanguageCodes, isValidLanguageCode } from '../../constants/i18n';
+import { encryptSecondaryData } from '../crypto/encrypt';
+
+export type GetAuditLogsPdfParams = {
+  documentId: number;
+  // eslint-disable-next-line @typescript-eslint/ban-types
+  language?: SupportedLanguageCodes | (string & {});
+};
+
+export const getAuditLogsPdf = async ({ documentId, language }: GetAuditLogsPdfParams) => {
+  const { chromium } = await import('playwright');
+
+  const encryptedId = encryptSecondaryData({
+    data: documentId.toString(),
+    expiresAt: DateTime.now().plus({ minutes: 5 }).toJSDate().valueOf(),
+  });
+
+  let browser: Browser;
+
+  if (process.env.NEXT_PRIVATE_BROWSERLESS_URL) {
+    // !: Use CDP rather than the default `connect` method to avoid coupling to the playwright version.
+    // !: Previously we would have to keep the playwright version in sync with the browserless version to avoid errors.
+    browser = await chromium.connectOverCDP(process.env.NEXT_PRIVATE_BROWSERLESS_URL);
+  } else {
+    browser = await chromium.launch();
+  }
+
+  if (!browser) {
+    throw new Error(
+      'Failed to establish a browser, please ensure you have either a Browserless.io url or chromium browser installed',
+    );
+  }
+
+  const browserContext = await browser.newContext();
+
+  const page = await browserContext.newPage();
+
+  const lang = isValidLanguageCode(language) ? language : 'en';
+
+  await page.context().addCookies([
+    {
+      name: 'language',
+      value: lang,
+      url: NEXT_PUBLIC_WEBAPP_URL(),
+    },
+  ]);
+
+  try {
+    await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/__htmltopdf/audit-log?d=${encryptedId}`, {
+      waitUntil: 'networkidle',
+      timeout: 10_000,
+    });
+
+    const result = await page.pdf({
+      format: 'A4',
+    });
+
+    await browserContext.close();
+
+    void browser.close();
+
+    return result;
+  } catch (error) {
+    await browserContext.close();
+
+    void browser.close();
+
+    throw error;
+  }
+};

packages/lib/server-only/team/update-team-document-settings.ts

@@ -17,6 +17,7 @@ export type UpdateTeamDocumentSettingsOptions = {
     includeSenderDetails: boolean;
     typedSignatureEnabled: boolean;
     includeSigningCertificate: boolean;
+    includeAuditTrailLog: boolean;
   };
 };
 
@@ -36,6 +37,7 @@ export const updateTeamDocumentSettings = async ({
     documentLanguage,
     includeSenderDetails,
     includeSigningCertificate,
+    includeAuditTrailLog,
     typedSignatureEnabled,
   } = settings;
 
@@ -61,6 +63,7 @@ export const updateTeamDocumentSettings = async ({
       includeSenderDetails,
       typedSignatureEnabled,
       includeSigningCertificate,
+      includeAuditTrailLog,
     },
     update: {
       documentVisibility,
@@ -68,6 +71,7 @@ export const updateTeamDocumentSettings = async ({
       includeSenderDetails,
       typedSignatureEnabled,
       includeSigningCertificate,
+      includeAuditTrailLog,
     },
   });
 };

packages/lib/server-only/user/get-next-inbox-document.ts

@@ -1,46 +0,0 @@
-import { DocumentStatus, RecipientRole, SigningStatus } from '@prisma/client';
-
-import { prisma } from '@documenso/prisma';
-
-type GetNextInboxDocumentOptions = {
-  email: string | undefined;
-};
-
-export const getNextInboxDocument = async ({ email }: GetNextInboxDocumentOptions) => {
-  if (!email) {
-    throw new Error('User is required');
-  }
-
-  return await prisma.document.findMany({
-    where: {
-      recipients: {
-        some: {
-          email,
-          signingStatus: SigningStatus.NOT_SIGNED,
-          role: {
-            not: RecipientRole.CC,
-          },
-        },
-      },
-      status: { not: DocumentStatus.DRAFT },
-      deletedAt: null,
-    },
-    select: {
-      id: true,
-      createdAt: true,
-      title: true,
-      status: true,
-      recipients: {
-        where: {
-          email,
-        },
-        select: {
-          token: true,
-          role: true,
-        },
-      },
-      documentMeta: true,
-    },
-    orderBy: [{ createdAt: 'asc' }],
-  });
-};

packages/lib/types/document-audit-logs.ts

@@ -29,7 +29,9 @@ export const ZDocumentAuditLogTypeSchema = z.enum([
   'DOCUMENT_FIELD_INSERTED', // When a field is inserted (signed/approved/etc) by a recipient.
   'DOCUMENT_FIELD_UNINSERTED', // When a field is uninserted by a recipient.
   'DOCUMENT_FIELD_PREFILLED', // When a field is prefilled by an assistant.
-  'DOCUMENT_VISIBILITY_UPDATED', // When the document visibility scope is updated
+  'DOCUMENT_VISIBILITY_UPDATED', // When the document visibility scope is updated.
+  'DOCUMENT_SIGNING_CERTIFICATE_UPDATED', // When the include signing certificate is updated.
+  'DOCUMENT_AUDIT_TRAIL_UPDATED', // When the include audit trail is updated.
   'DOCUMENT_GLOBAL_AUTH_ACCESS_UPDATED', // When the global access authentication is updated.
   'DOCUMENT_GLOBAL_AUTH_ACTION_UPDATED', // When the global action authentication is updated.
   'DOCUMENT_META_UPDATED', // When the document meta data is updated.
@@ -397,6 +399,16 @@ export const ZDocumentAuditLogEventDocumentVisibilitySchema = z.object({
   data: ZGenericFromToSchema,
 });
 
+export const ZDocumentAuditLogEventDocumentSigningCertificateUpdatedSchema = z.object({
+  type: z.literal(DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_SIGNING_CERTIFICATE_UPDATED),
+  data: ZGenericFromToSchema,
+});
+
+export const ZDocumentAuditLogEventDocumentAuditTrailUpdatedSchema = z.object({
+  type: z.literal(DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_AUDIT_TRAIL_UPDATED),
+  data: ZGenericFromToSchema,
+});
+
 /**
  * Event: Document global authentication access updated.
  */
@@ -574,6 +586,8 @@ export const ZDocumentAuditLogSchema = ZDocumentAuditLogBaseSchema.and(
     ZDocumentAuditLogEventDocumentFieldUninsertedSchema,
     ZDocumentAuditLogEventDocumentFieldPrefilledSchema,
     ZDocumentAuditLogEventDocumentVisibilitySchema,
+    ZDocumentAuditLogEventDocumentSigningCertificateUpdatedSchema,
+    ZDocumentAuditLogEventDocumentAuditTrailUpdatedSchema,
     ZDocumentAuditLogEventDocumentGlobalAuthAccessUpdatedSchema,
     ZDocumentAuditLogEventDocumentGlobalAuthActionUpdatedSchema,
     ZDocumentAuditLogEventDocumentMetaUpdatedSchema,

packages/lib/types/document.ts

@@ -18,6 +18,8 @@ import { ZRecipientLiteSchema } from './recipient';
  */
 export const ZDocumentSchema = DocumentSchema.pick({
   visibility: true,
+  includeSigningCertificate: true,
+  includeAuditTrailLog: true,
   status: true,
   source: true,
   id: true,
@@ -82,6 +84,8 @@ export const ZDocumentLiteSchema = DocumentSchema.pick({
   deletedAt: true,
   teamId: true,
   templateId: true,
+  includeSigningCertificate: true,
+  includeAuditTrailLog: true,
 });
 
 /**
@@ -104,6 +108,8 @@ export const ZDocumentManySchema = DocumentSchema.pick({
   deletedAt: true,
   teamId: true,
   templateId: true,
+  includeSigningCertificate: true,
+  includeAuditTrailLog: true,
 }).extend({
   user: UserSchema.pick({
     id: true,

packages/lib/utils/document-audit-logs.ts

@@ -322,6 +322,14 @@ export const formatDocumentAuditLogAction = (
       anonymous: msg`Document visibility updated`,
       identified: msg`${prefix} updated the document visibility`,
     }))
+    .with({ type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_SIGNING_CERTIFICATE_UPDATED }, () => ({
+      anonymous: msg`Document signing certificate updated`,
+      identified: msg`${prefix} updated the document signing certificate`,
+    }))
+    .with({ type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_AUDIT_TRAIL_UPDATED }, () => ({
+      anonymous: msg`Document audit trail updated`,
+      identified: msg`${prefix} updated the document audit trail`,
+    }))
     .with({ type: DOCUMENT_AUDIT_LOG_TYPE.DOCUMENT_GLOBAL_AUTH_ACCESS_UPDATED }, () => ({
       anonymous: msg`Document access auth updated`,
       identified: msg`${prefix} updated the document access auth requirements`,

packages/prisma/migrations/20250217090902_add_audit_trail_log_team_preferences/migration.sql

@@ -0,0 +1,2 @@
+-- AlterTable
+ALTER TABLE "TeamGlobalSettings" ADD COLUMN     "includeAuditTrailLog" BOOLEAN NOT NULL DEFAULT false;

packages/prisma/migrations/20250219075352_add_document_properties/migration.sql

@@ -0,0 +1,3 @@
+-- AlterTable
+ALTER TABLE "Document" ADD COLUMN     "includeAuditTrail" BOOLEAN NOT NULL DEFAULT true,
+ADD COLUMN     "includeSigningCertificate" BOOLEAN NOT NULL DEFAULT true;

packages/prisma/migrations/20250219100115_update_property_name/migration.sql

@@ -0,0 +1,9 @@
+/*
+  Warnings:
+
+  - You are about to drop the column `includeAuditTrail` on the `Document` table. All the data in the column will be lost.
+
+*/
+-- AlterTable
+ALTER TABLE "Document" DROP COLUMN "includeAuditTrail",
+ADD COLUMN     "includeAuditTrailLog" BOOLEAN NOT NULL DEFAULT false;

packages/prisma/schema.prisma

@@ -311,30 +311,32 @@ enum DocumentVisibility {
 
 /// @zod.import(["import { ZDocumentAuthOptionsSchema } from '@documenso/lib/types/document-auth';", "import { ZDocumentFormValuesSchema } from '@documenso/lib/types/document-form-values';"])
 model Document {
-  id             Int                 @id @default(autoincrement())
-  externalId     String? /// @zod.string.describe("A custom external ID you can use to identify the document.")
-  userId         Int /// @zod.number.describe("The ID of the user that created this document.")
-  user           User                @relation(fields: [userId], references: [id], onDelete: Cascade)
-  authOptions    Json? /// [DocumentAuthOptions] @zod.custom.use(ZDocumentAuthOptionsSchema)
-  formValues     Json? /// [DocumentFormValues] @zod.custom.use(ZDocumentFormValuesSchema)
-  visibility     DocumentVisibility  @default(EVERYONE)
-  title          String
-  status         DocumentStatus      @default(DRAFT)
-  recipients     Recipient[]
-  fields         Field[]
-  shareLinks     DocumentShareLink[]
-  documentDataId String
-  documentData   DocumentData        @relation(fields: [documentDataId], references: [id], onDelete: Cascade)
-  documentMeta   DocumentMeta?
-  createdAt      DateTime            @default(now())
-  updatedAt      DateTime            @default(now()) @updatedAt
-  completedAt    DateTime?
-  deletedAt      DateTime?
-  teamId         Int?
-  team           Team?               @relation(fields: [teamId], references: [id])
-  templateId     Int?
-  template       Template?           @relation(fields: [templateId], references: [id], onDelete: SetNull)
-  source         DocumentSource
+  id                        Int                 @id @default(autoincrement())
+  externalId                String? /// @zod.string.describe("A custom external ID you can use to identify the document.")
+  userId                    Int /// @zod.number.describe("The ID of the user that created this document.")
+  user                      User                @relation(fields: [userId], references: [id], onDelete: Cascade)
+  authOptions               Json? /// [DocumentAuthOptions] @zod.custom.use(ZDocumentAuthOptionsSchema)
+  formValues                Json? /// [DocumentFormValues] @zod.custom.use(ZDocumentFormValuesSchema)
+  visibility                DocumentVisibility  @default(EVERYONE)
+  includeSigningCertificate Boolean             @default(true)
+  includeAuditTrailLog      Boolean             @default(false)
+  title                     String
+  status                    DocumentStatus      @default(DRAFT)
+  recipients                Recipient[]
+  fields                    Field[]
+  shareLinks                DocumentShareLink[]
+  documentDataId            String
+  documentData              DocumentData        @relation(fields: [documentDataId], references: [id], onDelete: Cascade)
+  documentMeta              DocumentMeta?
+  createdAt                 DateTime            @default(now())
+  updatedAt                 DateTime            @default(now()) @updatedAt
+  completedAt               DateTime?
+  deletedAt                 DateTime?
+  teamId                    Int?
+  team                      Team?               @relation(fields: [teamId], references: [id])
+  templateId                Int?
+  template                  Template?           @relation(fields: [templateId], references: [id], onDelete: SetNull)
+  source                    DocumentSource
 
   auditLogs DocumentAuditLog[]
 
@@ -543,6 +545,7 @@ model TeamGlobalSettings {
   includeSenderDetails      Boolean            @default(true)
   typedSignatureEnabled     Boolean            @default(true)
   includeSigningCertificate Boolean            @default(true)
+  includeAuditTrailLog      Boolean            @default(false)
 
   brandingEnabled        Boolean @default(false)
   brandingLogo           String  @default("")

packages/trpc/server/document-router/router.ts

@@ -65,7 +65,7 @@ export const documentRouter = router({
     .input(ZGetDocumentByIdQuerySchema)
     .query(async ({ input, ctx }) => {
       const { teamId } = ctx;
-      const { documentId } = input;
+      const { documentId, includeCertificate, includeAuditLog } = input;
 
       return await getDocumentById({
         userId: ctx.user.id,

packages/trpc/server/document-router/schema.ts

@@ -63,6 +63,16 @@ export const ZDocumentVisibilitySchema = z
   .nativeEnum(DocumentVisibility)
   .describe('The visibility of the document.');
 
+export const ZDocumentIncludeSigningCertificateSchema = z
+  .boolean()
+  .default(true)
+  .describe('Whether to include a signing certificate in the document.');
+
+export const ZDocumentIncludeAuditTrailSchema = z
+  .boolean()
+  .default(true)
+  .describe('Whether to include an audit trail in the document.');
+
 export const ZDocumentMetaTimezoneSchema = z
   .string()
   .describe(
@@ -141,6 +151,8 @@ export const ZFindDocumentAuditLogsQuerySchema = ZFindSearchParamsSchema.extend(
 
 export const ZGetDocumentByIdQuerySchema = z.object({
   documentId: z.number(),
+  includeCertificate: z.boolean().default(true).optional(),
+  includeAuditLog: z.boolean().default(true).optional(),
 });
 
 export const ZDuplicateDocumentRequestSchema = z.object({
@@ -235,6 +247,8 @@ export const ZUpdateDocumentRequestSchema = z.object({
       title: ZDocumentTitleSchema.optional(),
       externalId: ZDocumentExternalIdSchema.nullish(),
       visibility: ZDocumentVisibilitySchema.optional(),
+      includeSigningCertificate: ZDocumentIncludeSigningCertificateSchema.optional(),
+      includeAuditTrailLog: ZDocumentIncludeAuditTrailSchema.optional(),
       globalAccessAuth: ZDocumentAccessAuthTypesSchema.nullish(),
       globalActionAuth: ZDocumentActionAuthTypesSchema.nullish(),
     })

packages/trpc/server/team-router/schema.ts

@@ -206,6 +206,7 @@ export const ZUpdateTeamDocumentSettingsMutationSchema = z.object({
     includeSenderDetails: z.boolean().optional().default(false),
     typedSignatureEnabled: z.boolean().optional().default(true),
     includeSigningCertificate: z.boolean().optional().default(true),
+    includeAuditTrailLog: z.boolean().optional().default(true),
   }),
 });
 

packages/ui/components/document/document-status.tsx

@@ -1,79 +0,0 @@
-import type { HTMLAttributes } from 'react';
-
-import type { MessageDescriptor } from '@lingui/core';
-import { msg } from '@lingui/macro';
-import { useLingui } from '@lingui/react';
-import { CheckCircle2, Clock, File } from 'lucide-react';
-import type { LucideIcon } from 'lucide-react/dist/lucide-react';
-
-import type { ExtendedDocumentStatus } from '@documenso/prisma/types/extended-document-status';
-import { SignatureIcon } from '@documenso/ui/icons/signature';
-import { cn } from '@documenso/ui/lib/utils';
-
-type FriendlyStatus = {
-  label: MessageDescriptor;
-  labelExtended: MessageDescriptor;
-  icon?: LucideIcon;
-  color: string;
-};
-
-export const FRIENDLY_STATUS_MAP: Record<ExtendedDocumentStatus, FriendlyStatus> = {
-  PENDING: {
-    label: msg`Pending`,
-    labelExtended: msg`Document pending`,
-    icon: Clock,
-    color: 'text-blue-600 dark:text-blue-300',
-  },
-  COMPLETED: {
-    label: msg`Completed`,
-    labelExtended: msg`Document completed`,
-    icon: CheckCircle2,
-    color: 'text-green-500 dark:text-green-300',
-  },
-  DRAFT: {
-    label: msg`Draft`,
-    labelExtended: msg`Document draft`,
-    icon: File,
-    color: 'text-yellow-500 dark:text-yellow-200',
-  },
-  INBOX: {
-    label: msg`Inbox`,
-    labelExtended: msg`Document inbox`,
-    icon: SignatureIcon,
-    color: 'text-muted-foreground',
-  },
-  ALL: {
-    label: msg`All`,
-    labelExtended: msg`Document All`,
-    color: 'text-muted-foreground',
-  },
-};
-
-export type DocumentStatusProps = HTMLAttributes<HTMLSpanElement> & {
-  status: ExtendedDocumentStatus;
-  inheritColor?: boolean;
-};
-
-export const DocumentStatus = ({
-  className,
-  status,
-  inheritColor,
-  ...props
-}: DocumentStatusProps) => {
-  const { _ } = useLingui();
-
-  const { label, icon: Icon, color } = FRIENDLY_STATUS_MAP[status];
-
-  return (
-    <span className={cn('flex items-center', className)} {...props}>
-      {Icon && (
-        <Icon
-          className={cn('mr-2 inline-block h-4 w-4', {
-            [color]: !inheritColor,
-          })}
-        />
-      )}
-      {_(label)}
-    </span>
-  );
-};

packages/ui/components/document/next-inbox-item-button.tsx

@@ -1,131 +0,0 @@
-'use client';
-
-import type { HTMLAttributes } from 'react';
-
-import Link from 'next/link';
-
-import { Trans } from '@lingui/macro';
-import { CheckCircle, EyeIcon, Pencil } from 'lucide-react';
-import { DateTime } from 'luxon';
-import { match } from 'ts-pattern';
-
-import { type DocumentData, type Prisma, RecipientRole } from '@documenso/prisma/client';
-import { SignatureIcon } from '@documenso/ui/icons/signature';
-import { Button } from '@documenso/ui/primitives/button';
-import {
-  Sheet,
-  SheetContent,
-  SheetDescription,
-  SheetHeader,
-  SheetTitle,
-  SheetTrigger,
-} from '@documenso/ui/primitives/sheet';
-
-import { DocumentStatus } from './document-status';
-
-type GetNextInboxDocumentResult =
-  | Prisma.DocumentGetPayload<{
-      select: {
-        id: true;
-        createdAt: true;
-        title: true;
-        status: true;
-        recipients: {
-          select: {
-            token: true;
-            role: true;
-          };
-        };
-        documentMeta: true;
-      };
-    }>[]
-  | null;
-
-export type NextInboxItemButtonProps = HTMLAttributes<HTMLButtonElement> & {
-  disabled?: boolean;
-  documentData?: DocumentData;
-  userEmail: string | undefined;
-  nextInboxDocument: GetNextInboxDocumentResult;
-};
-
-export const NextInboxItemButton = ({
-  className,
-  documentData,
-  nextInboxDocument,
-  userEmail,
-  disabled,
-  ...props
-}: NextInboxItemButtonProps) => {
-  return (
-    <Sheet>
-      <SheetTrigger asChild>
-        <Button
-          type="button"
-          variant="outline"
-          className={className}
-          disabled={disabled || !documentData || !userEmail}
-          {...props}
-        >
-          <SignatureIcon className="mr-2 h-5 w-5" />
-          <Trans>Sign Next Document</Trans>
-        </Button>
-      </SheetTrigger>
-      <SheetContent>
-        <SheetHeader>
-          <SheetTitle className="text-2xl">Inbox</SheetTitle>
-          <SheetDescription>Documents awaiting your signature or review</SheetDescription>
-        </SheetHeader>
-
-        <div className="mt-8 space-y-6">
-          {nextInboxDocument?.map((document) => {
-            const recipient = document.recipients[0];
-
-            return (
-              <div key={document.id} className="flex items-center justify-between space-y-1">
-                <div>
-                  <p className="text-foreground text-lg font-semibold">{document.title}</p>
-
-                  <div className="flex items-center gap-x-2">
-                    <DocumentStatus status={document.status} />
-
-                    {document.createdAt && (
-                      <p className="text-muted-foreground">
-                        <Trans>
-                          Created {DateTime.fromJSDate(document.createdAt).toFormat('LLL ‘yy')}
-                        </Trans>
-                      </p>
-                    )}
-                  </div>
-                </div>
-
-                <Button asChild className="w-28">
-                  <Link href={`/sign/${recipient?.token}`}>
-                    {match(recipient?.role)
-                      .with(RecipientRole.SIGNER, () => (
-                        <>
-                          <Pencil className="-ml-1 mr-2 h-4 w-4" />
-                          <Trans>Sign</Trans>
-                        </>
-                      ))
-                      .with(RecipientRole.APPROVER, () => (
-                        <>
-                          <CheckCircle className="-ml-1 mr-2 h-4 w-4" />
-                          <Trans>Approve</Trans>
-                        </>
-                      ))
-                      .otherwise(() => (
-                        <>
-                          <EyeIcon className="-ml-1 mr-2 h-4 w-4" />
-                          <Trans>View</Trans>
-                        </>
-                      ))}
-                  </Link>
-                </Button>
-              </div>
-            );
-          })}
-        </div>
-      </SheetContent>
-    </Sheet>
-  );
-};

packages/ui/package.json

@@ -78,7 +78,6 @@
     "tailwind-merge": "^1.12.0",
     "tailwindcss-animate": "^1.0.5",
     "ts-pattern": "^5.0.5",
-    "vaul": "^1.0.0",
     "zod": "3.24.1"
   }
-}
+}

packages/ui/primitives/document-flow/add-settings.tsx

@@ -42,6 +42,7 @@ import {
   FormMessage,
 } from '@documenso/ui/primitives/form/form';
 
+import { Checkbox } from '../checkbox';
 import { Combobox } from '../combobox';
 import { Input } from '../input';
 import { Select, SelectContent, SelectItem, SelectTrigger, SelectValue } from '../select';
@@ -92,6 +93,8 @@ export const AddSettingsFormPartial = ({
       visibility: document.visibility || '',
       globalAccessAuth: documentAuthOption?.globalAccessAuth || undefined,
       globalActionAuth: documentAuthOption?.globalActionAuth || undefined,
+      includeSigningCertificate: document.includeSigningCertificate ?? true,
+      includeAuditTrailLog: document.includeAuditTrailLog ?? true,
       meta: {
         timezone:
           TIME_ZONES.find((timezone) => timezone === document.documentMeta?.timezone) ??
@@ -259,6 +262,111 @@ export const AddSettingsFormPartial = ({
               />
             )}
 
+            <FormField
+              control={form.control}
+              name="globalActionAuth"
+              render={({ field }) => (
+                <FormItem>
+                  <FormLabel className="flex flex-row items-center">
+                    <Trans>Recipient action authentication</Trans>
+                    <DocumentGlobalAuthActionTooltip />
+                  </FormLabel>
+
+                  <FormControl>
+                    <DocumentGlobalAuthActionSelect {...field} onValueChange={field.onChange} />
+                  </FormControl>
+                </FormItem>
+              )}
+            />
+
+            <Accordion type="multiple" className="mt-6">
+              <AccordionItem value="advanced-options" className="border-none">
+                <AccordionTrigger className="text-foreground mb-2 rounded border px-3 py-2 text-left hover:bg-neutral-200/30 hover:no-underline">
+                  <Trans>Certificates</Trans>
+                </AccordionTrigger>
+
+                <AccordionContent className="text-muted-foreground -mx-1 px-1 pt-2 text-sm leading-relaxed">
+                  <div className="flex flex-col space-y-6">
+                    <FormField
+                      control={form.control}
+                      name="includeSigningCertificate"
+                      render={({ field }) => (
+                        <FormItem>
+                          <div className="flex flex-row items-center gap-4">
+                            <FormControl>
+                              <Checkbox
+                                checked={field.value}
+                                className="h-5 w-5"
+                                onCheckedChange={field.onChange}
+                              />
+                            </FormControl>
+                            <FormLabel className="m-0 flex flex-row items-center">
+                              <Trans>Include signing certificate</Trans>{' '}
+                              <Tooltip>
+                                <TooltipTrigger>
+                                  <InfoIcon className="mx-2 h-4 w-4" />
+                                </TooltipTrigger>
+
+                                <TooltipContent className="text-muted-foreground max-w-xs">
+                                  <Trans>
+                                    Including the signing certificate means that the certificate
+                                    will be attached to the document. You won't be able to remove
+                                    it. <br />
+                                    <br />
+                                    If you don't include it, you can download it individually.
+                                  </Trans>
+                                </TooltipContent>
+                              </Tooltip>
+                            </FormLabel>
+                          </div>
+
+                          <FormMessage />
+                        </FormItem>
+                      )}
+                    />
+
+                    <FormField
+                      control={form.control}
+                      name="includeAuditTrailLog"
+                      render={({ field }) => (
+                        <FormItem>
+                          <div className="flex flex-row items-center gap-4">
+                            <FormControl>
+                              <Checkbox
+                                checked={field.value}
+                                className="h-5 w-5"
+                                onCheckedChange={field.onChange}
+                              />
+                            </FormControl>
+                            <FormLabel className="m-0 flex flex-row items-center">
+                              <Trans>Include audit trail</Trans>{' '}
+                              <Tooltip>
+                                <TooltipTrigger>
+                                  <InfoIcon className="mx-2 h-4 w-4" />
+                                </TooltipTrigger>
+
+                                <TooltipContent className="text-muted-foreground max-w-xs">
+                                  <Trans>
+                                    Including the audit trail means that the log of all actions will
+                                    be attached to the document. You won't be able to remove it.{' '}
+                                    <br />
+                                    <br />
+                                    If you don't include it, you can download it individually.
+                                  </Trans>
+                                </TooltipContent>
+                              </Tooltip>
+                            </FormLabel>
+                          </div>
+
+                          <FormMessage />
+                        </FormItem>
+                      )}
+                    />
+                  </div>
+                </AccordionContent>
+              </AccordionItem>
+            </Accordion>
+
             {isDocumentEnterprise && (
               <FormField
                 control={form.control}

packages/ui/primitives/document-flow/add-settings.types.ts

@@ -29,6 +29,8 @@ export const ZAddSettingsFormSchema = z.object({
   title: z.string().trim().min(1, { message: "Title can't be empty" }),
   externalId: z.string().optional(),
   visibility: z.nativeEnum(DocumentVisibility).optional(),
+  includeSigningCertificate: z.boolean().default(true).optional(),
+  includeAuditTrailLog: z.boolean().default(true).optional(),
   globalAccessAuth: ZMapNegativeOneToUndefinedSchema.pipe(
     ZDocumentAccessAuthTypesSchema.optional(),
   ),

packages/ui/primitives/document-flow/field-item.tsx

@@ -12,7 +12,6 @@ import { match } from 'ts-pattern';
 import { PDF_VIEWER_PAGE_SELECTOR } from '@documenso/lib/constants/pdf-viewer';
 import type { TFieldMetaSchema } from '@documenso/lib/types/field-meta';
 import { ZCheckboxFieldMeta, ZRadioFieldMeta } from '@documenso/lib/types/field-meta';
-import { FieldType } from '@documenso/prisma/client';
 
 import { useSignerColors } from '../../lib/signer-colors';
 import { cn } from '../../lib/utils';
@@ -186,35 +185,11 @@ export const FieldItem = ({
     () => hasFieldMetaValues('CHECKBOX', field.fieldMeta, ZCheckboxFieldMeta),
     [field.fieldMeta],
   );
-
   const radioHasValues = useMemo(
     () => hasFieldMetaValues('RADIO', field.fieldMeta, ZRadioFieldMeta),
     [field.fieldMeta],
   );
 
-  const hasCheckedValues = (fieldMeta: TFieldMetaSchema, type: FieldType) => {
-    if (!fieldMeta || (type !== FieldType.RADIO && type !== FieldType.CHECKBOX)) {
-      return false;
-    }
-
-    if (type === FieldType.RADIO) {
-      const parsed = ZRadioFieldMeta.parse(fieldMeta);
-      return parsed.values?.some((value) => value.checked) ?? false;
-    }
-
-    if (type === FieldType.CHECKBOX) {
-      const parsed = ZCheckboxFieldMeta.parse(fieldMeta);
-      return parsed.values?.some((value) => value.checked) ?? false;
-    }
-
-    return false;
-  };
-
-  const fieldHasCheckedValues = useMemo(
-    () => hasCheckedValues(field.fieldMeta, field.type),
-    [field.fieldMeta, field.type],
-  );
-
   const fixedSize = checkBoxHasValues || radioHasValues;
 
   return createPortal(
@@ -254,21 +229,6 @@ export const FieldItem = ({
         onMove?.(d.node);
       }}
     >
-      {(field.type === FieldType.RADIO || field.type === FieldType.CHECKBOX) &&
-        field.fieldMeta?.label && (
-          <div
-            className={cn(
-              'absolute -top-16 left-0 right-0 rounded-md p-2 text-center text-xs text-gray-700',
-              {
-                'bg-foreground/5 border-primary border': !fieldHasCheckedValues,
-                'bg-documenso-200 border-primary border': fieldHasCheckedValues,
-              },
-            )}
-          >
-            {field.fieldMeta.label}
-          </div>
-        )}
-
       <div
         className={cn(
           'relative flex h-full w-full items-center justify-center bg-white',

packages/ui/primitives/document-flow/field-items-advanced-settings/checkbox-field.tsx

@@ -126,18 +126,6 @@ export const CheckboxFieldAdvancedSettings = ({
 
   return (
     <div className="flex flex-col gap-4">
-      <div className="mb-2">
-        <Label>
-          <Trans>Label</Trans>
-        </Label>
-        <Input
-          id="label"
-          className="bg-background mt-2"
-          placeholder={_(msg`Field label`)}
-          value={fieldState.label}
-          onChange={(e) => handleFieldChange('label', e.target.value)}
-        />
-      </div>
       <div className="flex flex-row items-center gap-x-4">
         <div className="flex w-2/3 flex-col">
           <Label>

packages/ui/primitives/document-flow/field-items-advanced-settings/radio-field.tsx

@@ -2,8 +2,7 @@
 
 import { useEffect, useState } from 'react';
 
-import { Trans, msg } from '@lingui/macro';
-import { useLingui } from '@lingui/react';
+import { Trans } from '@lingui/macro';
 import { ChevronDown, ChevronUp, Trash } from 'lucide-react';
 
 import { validateRadioField } from '@documenso/lib/advanced-fields-validation/validate-radio';
@@ -28,8 +27,6 @@ export const RadioFieldAdvancedSettings = ({
   handleFieldChange,
   handleErrors,
 }: RadioFieldAdvancedSettingsProps) => {
-  const { _ } = useLingui();
-
   const [showValidation, setShowValidation] = useState(false);
   const [values, setValues] = useState(
     fieldState.values ?? [{ id: 1, checked: false, value: 'Default value' }],
@@ -105,18 +102,6 @@ export const RadioFieldAdvancedSettings = ({
   return (
     <div className="flex flex-col gap-4">
       <div className="flex flex-col gap-4">
-        <div>
-          <Label>
-            <Trans>Label</Trans>
-          </Label>
-          <Input
-            id="label"
-            className="bg-background mt-2"
-            placeholder={_(msg`Field label`)}
-            value={fieldState.label}
-            onChange={(e) => handleFieldChange('label', e.target.value)}
-          />
-        </div>
         <div className="flex flex-row items-center gap-2">
           <Switch
             className="bg-background"

packages/ui/primitives/split-button.tsx

@@ -0,0 +1,83 @@
+'use client';
+
+import * as React from 'react';
+
+import { ChevronDown } from 'lucide-react';
+
+import { cn } from '../lib/utils';
+import { Button } from './button';
+import {
+  DropdownMenu,
+  DropdownMenuContent,
+  DropdownMenuItem,
+  DropdownMenuTrigger,
+} from './dropdown-menu';
+
+const SplitButtonContext = React.createContext<{
+  variant?: React.ComponentProps<typeof Button>['variant'];
+  size?: React.ComponentProps<typeof Button>['size'];
+}>({});
+
+const SplitButton = React.forwardRef<
+  HTMLDivElement,
+  React.HTMLAttributes<HTMLDivElement> & {
+    variant?: React.ComponentProps<typeof Button>['variant'];
+    size?: React.ComponentProps<typeof Button>['size'];
+  }
+>(({ className, children, variant = 'default', size = 'default', ...props }, ref) => {
+  return (
+    <SplitButtonContext.Provider value={{ variant, size }}>
+      <div ref={ref} className={cn('inline-flex', className)} {...props}>
+        {children}
+      </div>
+    </SplitButtonContext.Provider>
+  );
+});
+SplitButton.displayName = 'SplitButton';
+
+const SplitButtonAction = React.forwardRef<
+  HTMLButtonElement,
+  React.ButtonHTMLAttributes<HTMLButtonElement>
+>(({ className, children, ...props }, ref) => {
+  const { variant, size } = React.useContext(SplitButtonContext);
+  return (
+    <Button
+      ref={ref}
+      variant={variant}
+      size={size}
+      className={cn('rounded-r-none border-r-0', className)}
+      {...props}
+    >
+      {children}
+    </Button>
+  );
+});
+SplitButtonAction.displayName = 'SplitButtonAction';
+
+const SplitButtonDropdown = React.forwardRef<HTMLDivElement, React.HTMLAttributes<HTMLDivElement>>(
+  ({ children, ...props }, ref) => {
+    const { variant, size } = React.useContext(SplitButtonContext);
+    return (
+      <DropdownMenu>
+        <DropdownMenuTrigger asChild>
+          <Button
+            variant={variant}
+            size={size}
+            className="rounded-l-none px-2 focus-visible:ring-offset-0"
+          >
+            <ChevronDown className="h-4 w-4" />
+            <span className="sr-only">More options</span>
+          </Button>
+        </DropdownMenuTrigger>
+        <DropdownMenuContent align="end" {...props} ref={ref}>
+          {children}
+        </DropdownMenuContent>
+      </DropdownMenu>
+    );
+  },
+);
+SplitButtonDropdown.displayName = 'SplitButtonDropdown';
+
+const SplitButtonDropdownItem = DropdownMenuItem;
+
+export { SplitButton, SplitButtonAction, SplitButtonDropdown, SplitButtonDropdownItem };