Feature release adding document owner management, container healthcheck, and several security and compatibility fixes.
⚠️ Important: Query Parameter Renamed (ref → doc) (#19)
The ref query parameter used to reference documents (e.g. https://your-instance.com/?ref=my-doc) has been renamed to doc.
Browser privacy extensions (ClearURLs and similar) were silently stripping the ref parameter from URLs, as it is commonly associated with referrer tracking. This caused documents to fail to load for affected users.
New format: https://your-instance.com/?doc=my-doc
Backward compatible: The old
?ref=parameter is still accepted as a fallback, so existing integrations and external tools will continue to work. However, we recommend updating your links to use?doc=to avoid issues with privacy extensions.
New Features
Owner-Based Document & Signers Management (#16, #17)
Non-admin document owners can now manage their own documents and expected signers without requiring admin privileges (when ACKIFY_ONLY_ADMIN_CAN_CREATE=false).
New endpoints for document owners:
POST /api/v1/users/me/documents/{docId}/signers- Add an expected signerDELETE /api/v1/users/me/documents/{docId}/signers/{email}- Remove an expected signer
Also includes:
- New
CanManageDocumentmethod on theAuthorizerinterface for ownership checks - Properly quoted PostgreSQL identifiers in migrations to support database names containing special characters (e.g. hyphens)
- Returns
403 Forbiddenon owner routes whenACKIFY_ONLY_ADMIN_CAN_CREATE=true
Docker Healthcheck Support (#21)
The container image now includes a built-in healthcheck for better orchestration support.
- New
healthsubcommand on the ackify binary forHEALTHCHECKusage HEALTHCHECKdirective added to the Dockerfile- Healthcheck configuration added to all compose files
- Supports custom port via
ACKIFY_LISTEN_ADDR
Bug Fixes
Signature List Visibility Restricted to Owner/Admin (#20)
Previously, any authenticated user could see all signatures on a document. The signatures endpoint now enforces proper access control:
- Owner/Admin: can see all signatures
- Other users: can only see their own signature (if they signed)
signatureCountis now included in theFindOrCreateDocumentresponse so the frontend can display the total count without exposing individual signatures
Signature Count Not Updated After Signing
The frontend did not refresh the signature count after a user signed a document. Also, the embed page relied on signatures.length instead of the API-provided signatureCount, which was incorrect under the new visibility model.
Fixed: HomePage.vue now updates signatureCount after signing, and EmbedPage.vue uses the API value.
Documentation
- Created comprehensive API documentation (
docs/en/api.md,docs/fr/api.md) - Documented Docker healthcheck in deployment guides
- Documented signature endpoint access control rules
- Fixed MagicLink auto-detection description in READMEs
Useful Links
- Documentation: https://github.com/btouchard/ackify-ce/blob/main/README.md
- Diff: v1.3.1...v1.3.2
Upgrading from v1.3.1
This version includes a new database migration (owner management). The migration runs automatically on startup.
Query parameter rename: The ?ref= parameter is now ?doc=. The old ?ref= still works as a fallback, but we recommend updating your integrations to use ?doc= to avoid privacy extension issues.
New environment variable behavior: When ACKIFY_ONLY_ADMIN_CAN_CREATE=true, owner-based management routes return 403 Forbidden.
Update
Via the installation script (recommended)
bash <(curl -fsSL https://raw.githubusercontent.com/btouchard/ackify-ce/main/install/install.sh)The script automatically detects the existing installation and performs the upgrade.
Manually with Docker Compose
docker compose pull
docker compose up -d