v0.0.5
Workspace email-domain restriction release for the Next.js application template.
v0.0.5
v0.0.5 adds workspace-level allowed email-domain policies for invitations and member management. It also makes existing members outside the active policy visible and expands the shadcn/ui component foundation.
Highlights
- Added workspace settings for allowed email domains stored in organization metadata.
- Enforced allowed-domain restrictions when creating workspace invitations.
- Re-checks invitation acceptance against the workspace's current domain policy.
- Added direct member-add warnings with explicit override for out-of-policy users.
- Added users-page warnings and badges for existing members outside the active policy.
- Added domain normalization, validation, exact-domain matching, and localized error copy.
- Added more shadcn/ui components and a custom loading button helper.
What changed for template users
Workspace admins can configure allowed email domains in workspace settings. Domains can be entered one per line or comma-separated, are normalized before saving, and can be cleared to disable the restriction.
The policy affects new invitations and invitation acceptance. Existing members are not removed when the policy changes; instead, member lists show warnings and badges so admins can decide what to do. Directly adding an existing out-of-policy user is still possible, but only after an explicit confirmation.
Upgrade notes
- No Prisma migration is required for allowed-domain restrictions; the policy is stored in organization metadata.
- Domain matching is exact:
example.comdoes not automatically allowteam.example.com. - Existing workspace members remain members after a policy change.
- Existing pending invitations can become restricted if the policy changes after creation.
- Custom behavior for generated shadcn components should live under
src/components/ui/custom/.
Quality
The release adds tests for domain normalization, validation, metadata handling, invitation creation, invitation acceptance, direct member-add warnings, workspace settings, users-page warnings, domain-restricted invitation states, and stable loading-button behavior.