tenseleyflow/shithub / c6d6c16

+| Effective private org collaborators | Up to 3 | Unlimited while active/in grace | Contact sales |

+PAYMENTS SP06a adds the first private-collaboration limit:

+

+- Free organizations may have up to 3 unique humans with effective

+  access to at least one private organization repository.

+- Team organizations with active, trialing, or in-grace subscriptions

+  have unlimited private collaborators.

+- The effective private-collaborator set counts org owners, direct

+  collaborators on private org repos, and team members who inherit a

+  private repo grant through direct team membership or one-level parent

+  team inheritance. Plain org members do not count unless they gain

+  private repo access through one of those paths.

+- Public repository collaboration never counts toward the limit.

+- Downgrades preserve existing access even when the org is already over

+  the Free limit, but writes that add a new effective private

+  collaborator are blocked until the org upgrades or removes access.

+- Creating/importing a private org repository and changing an org repo

+  from public to private are blocked on Free when the resulting private

+  collaborator set would exceed the limit.

+- Cleanup writes remain available: removing org members, team members,

+  direct collaborators, team repo grants, and gated configuration must

+  not require Team.

+

+func TestOwnerInvitationsRespectPrivateCollaborationLimitAtSendAndAccept(t *testing.T) {

+	pool, deps, alice := setup(t)

+	ctx := context.Background()

+	org, err := orgs.Create(ctx, deps, orgs.CreateParams{Slug: "acme", CreatedByUserID: alice})

+	if err != nil {

+		t.Fatalf("create org: %v", err)

+	}

+	repo := mustOrgRepo(t, pool, org.ID, "secret", "private")

+	insertDirectCollab(t, pool, repo.ID, mustUser(t, pool, "bob"))

+	insertDirectCollab(t, pool, repo.ID, mustUser(t, pool, "carol"))

+

+	dave := mustUser(t, pool, "dave")

+	if _, err := orgs.Invite(ctx, deps, orgs.InviteParams{

+		OrgID:           org.ID,

+		InvitedByUserID: alice,

+		TargetUsername:  "dave",

+		Role:            "owner",

+	}); !errors.Is(err, entitlements.ErrPrivateCollaborationLimitExceeded) {

+		t.Fatalf("Invite owner err=%v, want private collaboration limit", err)

+	}

+

+	if _, err := pool.Exec(ctx, `DELETE FROM repo_collaborators WHERE repo_id = $1 AND user_id = $2`, repo.ID, dave); err != nil {

+		t.Fatalf("cleanup accidental dave collab: %v", err)

+	}

+	if _, err := pool.Exec(ctx, `DELETE FROM repo_collaborators WHERE repo_id = $1 AND user_id = (SELECT id FROM users WHERE username = 'carol')`, repo.ID); err != nil {

+		t.Fatalf("remove carol collab: %v", err)

+	}

+	res, err := orgs.Invite(ctx, deps, orgs.InviteParams{

+		OrgID:           org.ID,

+		InvitedByUserID: alice,

+		TargetUsername:  "dave",

+		Role:            "owner",

+	})

+	if err != nil {

+		t.Fatalf("Invite owner under limit: %v", err)

+	}

+	insertDirectCollab(t, pool, repo.ID, mustUser(t, pool, "erin"))

+	if err := orgs.AcceptInvitation(ctx, deps, res.Invitation, dave); !errors.Is(err, entitlements.ErrPrivateCollaborationLimitExceeded) {

+		t.Fatalf("AcceptInvitation err=%v, want private collaboration limit", err)

+	}

+}

+

+	"github.com/tenseleyFlow/shithub/internal/entitlements"

+type billingPrivateCollaborationBreakdown struct {

+	Count      int64

+	LimitLabel string

+	Detail     string

+}

+

+	privateCollab := h.billingPrivateCollaborationBreakdown(r, org.ID)

+		"PrivateCollaboration":  privateCollab,

+func (h *Handlers) billingPrivateCollaborationBreakdown(r *http.Request, orgID int64) billingPrivateCollaborationBreakdown {

+	usage, err := entitlements.PrivateCollaborationUsageForOrg(r.Context(), entitlements.Deps{Pool: h.d.Pool}, orgID)

+	if err != nil {

+		h.d.Logger.WarnContext(r.Context(), "org billing: private collaboration usage", "org_id", orgID, "error", err)

+		return billingPrivateCollaborationBreakdown{

+			LimitLabel: "Unavailable",

+			Detail:     "Private collaborator usage could not be calculated right now.",

+		}

+	}

+	if usage.Unlimited {

+		return billingPrivateCollaborationBreakdown{

+			Count:      usage.Count,

+			LimitLabel: "Unlimited",

+			Detail:     "Team billing allows unlimited effective private collaborators while the subscription is active or in grace.",

+		}

+	}

+	return billingPrivateCollaborationBreakdown{

+		Count:      usage.Count,

+		LimitLabel: fmt.Sprintf("%d", usage.Limit),

+		Detail:     "Free organizations can add up to 3 unique people with effective access to private org repositories. Public collaboration is not counted.",

+	}

+}

+

+                <tr>

+                  <td>Private collaborators</td>

+                  <td>{{ .PrivateCollaboration.Count }} / {{ .PrivateCollaboration.LimitLabel }}</td>

+                  <td>{{ .PrivateCollaboration.Detail }}</td>

+                </tr>

+                <tr>

+                  <td>Private org collaborators</td>

+                  <td>Up to 3 effective collaborators</td>

+                  <td>Unlimited while active</td>

+                  <td>Contact sales</td>

+                </tr>