emailengine-app 2.69.0 → 2.71.0

package/translations/pl.po

@@ -1,7 +1,7 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: \n"
-"POT-Creation-Date: 2026-03-31 08:47+0000\n"
+"POT-Creation-Date: 2026-06-15 18:35+0000\n"
 "PO-Revision-Date: \n"
 "Last-Translator: \n"
 "Language-Team: \n"
@@ -13,7 +13,7 @@ msgstr ""
 "|| n%100>14) ? 1 : 2);\n"
 "X-Generator: Poedit 3.9\n"
 
-#: views/error.hbs:4 workers/api.js:7103
+#: views/error.hbs:4 workers/api.js:2957
 msgid "Something went wrong"
 msgstr "Ups... Coś poszło nie tak"
 
@@ -29,7 +29,7 @@ msgstr "Wstecz"
 msgid "Dashboard"
 msgstr "Pulpit"
 
-#: views/config/license.hbs:45 lib/routes-ui.js:2497
+#: views/config/license.hbs:45 lib/ui-routes/oauth-config-routes.js:217
 msgid "%d day"
 msgid_plural "%d days"
 msgstr[0] "%d dzień"
@@ -40,6 +40,34 @@ msgstr[2] "%d dni"
 msgid "Click <a href=\"%s\">here</a> to continue&mldr;"
 msgstr "Kliknij <a href=\"%s\">tutaj</a>, aby kontynuować&mldr;"
 
+#: views/oauth-scope-error.hbs:2
+msgid "Insufficient Permissions"
+msgstr "Niewystarczające uprawnienia"
+
+#: views/oauth-scope-error.hbs:8
+msgid ""
+"All requested permissions are required for this service to function "
+"properly. Some required permissions were not granted during sign-in."
+msgstr ""
+"Wszystkie wymagane uprawnienia są niezbędne do prawidłowego działania tej "
+"usługi. Niektóre z nich nie zostały przyznane podczas logowania."
+
+#: views/oauth-scope-error.hbs:12
+msgid "The following permissions were not granted:"
+msgstr "Nie przyznano następujących uprawnień:"
+
+#: views/oauth-scope-error.hbs:21
+msgid ""
+"Please try again and make sure all permission checkboxes are selected on the "
+"Google consent screen."
+msgstr ""
+"Spróbuj ponownie i upewnij się, że na ekranie zgody Google zaznaczone są "
+"wszystkie pola wyboru dotyczące uprawnień."
+
+#: views/oauth-scope-error.hbs:27
+msgid "Try Again"
+msgstr "Spróbuj ponownie"
+
 #: views/unsubscribe.hbs:3 views/unsubscribe.hbs:62 views/unsubscribe.hbs:85
 msgid "Unsubscribe"
 msgstr "Wypisz się"
@@ -85,34 +113,6 @@ msgstr "Adres e-mail"
 msgid "Enter your email address"
 msgstr "Wprowadź swój adres e-mail"
 
-#: views/oauth-scope-error.hbs:2
-msgid "Insufficient Permissions"
-msgstr "Niewystarczające uprawnienia"
-
-#: views/oauth-scope-error.hbs:8
-msgid ""
-"All requested permissions are required for this service to function properly. "
-"Some required permissions were not granted during sign-in."
-msgstr ""
-"Wszystkie wymagane uprawnienia są niezbędne do prawidłowego działania tej "
-"usługi. Niektóre z nich nie zostały przyznane podczas logowania."
-
-#: views/oauth-scope-error.hbs:12
-msgid "The following permissions were not granted:"
-msgstr "Nie przyznano następujących uprawnień:"
-
-#: views/oauth-scope-error.hbs:21
-msgid ""
-"Please try again and make sure all permission checkboxes are selected on the "
-"Google consent screen."
-msgstr ""
-"Spróbuj ponownie i upewnij się, że na ekranie zgody Google zaznaczone są "
-"wszystkie pola wyboru dotyczące uprawnień."
-
-#: views/oauth-scope-error.hbs:27
-msgid "Try Again"
-msgstr "Spróbuj ponownie"
-
 #: views/accounts/register/imap.hbs:11
 msgid "Your name"
 msgstr "Twoje imię"
@@ -190,8 +190,8 @@ msgstr "TLS dla IMAP"
 
 #: views/accounts/register/imap-server.hbs:100
 msgid ""
-"TLS (also known as SSL) is usually only needed when using port 993. For other "
-"ports EmailEngine falls back to using STARTTLS based encryption."
+"TLS (also known as SSL) is usually only needed when using port 993. For "
+"other ports EmailEngine falls back to using STARTTLS based encryption."
 msgstr ""
 "TLS (znany również jako SSL) jest zwykle potrzebny tylko w przypadku "
 "korzystania z portu 993. W przypadku innych portów EmailEngine powraca do "
@@ -212,8 +212,8 @@ msgstr "TLS dla SMTP"
 
 #: views/accounts/register/imap-server.hbs:191
 msgid ""
-"TLS (also known as SSL) is usually only needed when using port 465. For other "
-"ports EmailEngine falls back to using STARTTLS based encryption."
+"TLS (also known as SSL) is usually only needed when using port 465. For "
+"other ports EmailEngine falls back to using STARTTLS based encryption."
 msgstr ""
 "TLS (znany również jako SSL) jest zwykle potrzebny tylko w przypadku "
 "korzystania z portu 465. W przypadku innych portów EmailEngine powraca do "
@@ -264,150 +264,147 @@ msgstr "Nie udało się połączyć z serwerem SMTP"
 msgid "Request failed."
 msgstr "Żądanie nie powiodło się."
 
-#: lib/routes-ui.js:384 lib/ui-routes/account-routes.js:60
-msgid "Delegated"
-msgstr "Delegowany"
-
-#: lib/routes-ui.js:385 lib/ui-routes/account-routes.js:61
-msgid "Using credentials from \"%s\""
-msgstr "Używanie poświadczeń z \"%s\""
-
-#: lib/routes-ui.js:435 lib/ui-routes/account-routes.js:111
-msgid ""
-"Connection timed out. This usually occurs if you are behind a firewall or "
-"connecting to the wrong port."
-msgstr ""
-"Przekroczono limit czasu połączenia. Zwykle dzieje się tak, gdy użytkownik "
-"znajduje się za zaporą sieciową lub łączy się z niewłaściwym portem."
-
-#: lib/routes-ui.js:438 lib/ui-routes/account-routes.js:114
-msgid "The server unexpectedly closed the connection."
-msgstr "Serwer nieoczekiwanie zamknął połączenie."
-
-#: lib/routes-ui.js:441 lib/ui-routes/account-routes.js:117
-msgid ""
-"The server unexpectedly closed the connection. This usually happens when "
-"attempting to connect to a TLS port without TLS enabled."
-msgstr ""
-"Serwer nieoczekiwanie zamknął połączenie. Zwykle dzieje się tak podczas próby "
-"połączenia z portem TLS bez włączonego protokołu TLS."
-
-#: lib/routes-ui.js:446 lib/ui-routes/account-routes.js:122
+#: lib/autodetect-imap-settings.js:80
 msgid ""
-"The server refused the connection. This typically occurs if the server is not "
-"running, is overloaded, or you are connecting to the wrong host or port."
+"Microsoft has disabled password-based sign-ins (including app passwords) for "
+"Outlook.com, Hotmail.com, and Microsoft 365 email accounts. To continue, "
+"please use the \"Sign in with Microsoft\" button to securely connect your "
+"account."
 msgstr ""
-"Serwer odmówił połączenia. Zwykle dzieje się tak, gdy serwer nie działa, jest "
-"przeciążony lub łączysz się z niewłaściwym hostem lub portem."
+"Firma Microsoft wyłączyła logowanie oparte na hasłach (w tym hasłach "
+"aplikacji) dla kont e-mail w usługach Outlook.com, Hotmail.com i Microsoft "
+"365. Aby kontynuować, użyj przycisku \"Zaloguj się za pomocą Microsoft\", "
+"aby bezpiecznie połączyć swoje konto."
 
-#: lib/routes-ui.js:573
-msgid "Invalid API key for OpenAI"
-msgstr "Nieprawidłowy klucz API dla OpenAI"
+#: lib/tools.js:975 lib/ui-routes/unsubscribe-routes.js:28
+msgid "Invalid input"
+msgstr "Nieprawidłowe dane wejściowe"
 
-#: lib/routes-ui.js:2490
-msgid "Unknown"
-msgstr "Nieznany"
+#: lib/tools.js:1742
+msgid "Signature validation failed"
+msgstr "Walidacja podpisu nie powiodła się"
 
-#: lib/routes-ui.js:2499
-msgid "Indefinite"
-msgstr "Na czas nieokreślony"
+#: lib/tools.js:1751 lib/tools.js:1756
+msgid "Invalid or expired account setup URL"
+msgstr "Nieprawidłowy lub wygasły adres URL konfiguracji konta"
 
-#: lib/routes-ui.js:5133 lib/routes-ui.js:5168 lib/routes-ui.js:5283
-#: lib/routes-ui.js:5330 lib/routes-ui.js:5577 lib/routes-ui.js:5613
-#: workers/api.js:2279 workers/api.js:2607 lib/ui-routes/account-routes.js:554
-#: lib/ui-routes/account-routes.js:590 lib/ui-routes/account-routes.js:707
-#: lib/ui-routes/account-routes.js:754 lib/ui-routes/account-routes.js:1003
-#: lib/ui-routes/account-routes.js:1039
+#: lib/ui-routes/account-routes.js:402 lib/ui-routes/account-routes.js:437
+#: lib/ui-routes/account-routes.js:552 lib/ui-routes/account-routes.js:599
+#: lib/ui-routes/account-routes.js:846 lib/ui-routes/account-routes.js:882
+#: workers/api.js:2158 workers/api.js:2486
 msgid "Email Account Setup"
 msgstr "Konfiguracja konta e-mail"
 
-#: lib/routes-ui.js:5193 lib/routes-ui.js:5226 lib/routes-ui.js:8186
-#: lib/ui-routes/account-routes.js:615 lib/ui-routes/account-routes.js:649
+#: lib/ui-routes/account-routes.js:462 lib/ui-routes/account-routes.js:495
+#: lib/ui-routes/unsubscribe-routes.js:65
 msgid "Invalid request. Check your input and try again."
 msgstr "Nieprawidłowe żądanie. Sprawdź wprowadzone dane i spróbuj ponownie."
 
-#: lib/routes-ui.js:5386 lib/routes-ui.js:5397
-#: lib/ui-routes/account-routes.js:811 lib/ui-routes/account-routes.js:822
+#: lib/ui-routes/account-routes.js:592 lib/ui-routes/account-routes.js:875
+msgid "Couldn't set up account. Try again."
+msgstr "Nie udało się założyć konta. Spróbuj ponownie."
+
+#: lib/ui-routes/account-routes.js:655 lib/ui-routes/account-routes.js:666
 #: lib/ui-routes/admin-entities-routes.js:2020
 msgid "Server hostname was not found"
 msgstr "Nie znaleziono nazwy hosta serwera"
 
-#: lib/routes-ui.js:5389 lib/routes-ui.js:5400
-#: lib/ui-routes/account-routes.js:814 lib/ui-routes/account-routes.js:825
+#: lib/ui-routes/account-routes.js:658 lib/ui-routes/account-routes.js:669
 #: lib/ui-routes/admin-entities-routes.js:2023
 msgid "Invalid username or password"
 msgstr "Nieprawidłowa nazwa użytkownika lub hasło"
 
-#: lib/routes-ui.js:5403 lib/ui-routes/account-routes.js:828
+#: lib/ui-routes/account-routes.js:672
 #: lib/ui-routes/admin-entities-routes.js:2026
 msgid "Authentication credentials were not provided"
 msgstr "Nie podano danych uwierzytelniających"
 
-#: lib/routes-ui.js:5406 lib/ui-routes/account-routes.js:831
+#: lib/ui-routes/account-routes.js:675
 #: lib/ui-routes/admin-entities-routes.js:2029
 msgid "OAuth2 authentication failed"
 msgstr "Uwierzytelnianie OAuth2 nie powiodło się"
 
-#: lib/routes-ui.js:5409 lib/routes-ui.js:5413
-#: lib/ui-routes/account-routes.js:834 lib/ui-routes/account-routes.js:838
+#: lib/ui-routes/account-routes.js:678 lib/ui-routes/account-routes.js:682
 #: lib/ui-routes/admin-entities-routes.js:2032
 #: lib/ui-routes/admin-entities-routes.js:2036
 msgid "TLS protocol error"
 msgstr "Błąd protokołu TLS"
 
-#: lib/routes-ui.js:5417 lib/ui-routes/account-routes.js:842
+#: lib/ui-routes/account-routes.js:686
 #: lib/ui-routes/admin-entities-routes.js:2040
 msgid "Connection timed out"
 msgstr "Przekroczono limit czasu połączenia"
 
-#: lib/routes-ui.js:5420 lib/ui-routes/account-routes.js:845
+#: lib/ui-routes/account-routes.js:689
 #: lib/ui-routes/admin-entities-routes.js:2043
 msgid "Could not connect to server"
 msgstr "Nie można połączyć się z serwerem"
 
-#: lib/routes-ui.js:5423 lib/ui-routes/account-routes.js:848
+#: lib/ui-routes/account-routes.js:692
 #: lib/ui-routes/admin-entities-routes.js:2046
 msgid "Unexpected server response"
 msgstr "Nieoczekiwana odpowiedź serwera"
 
-#: lib/routes-ui.js:8149 lib/tools.js:950
-msgid "Invalid input"
-msgstr "Nieprawidłowe dane wejściowe"
+#: lib/ui-routes/admin-config-routes.js:145
+msgid "Invalid API key for OpenAI"
+msgstr "Nieprawidłowy klucz API dla OpenAI"
 
-#: lib/routes-ui.js:8159 lib/routes-ui.js:8277 lib/routes-ui.js:8294
-#: lib/routes-ui.js:8330
-msgid "Subscription Management"
-msgstr "Zarządzanie subskrypcjami"
+#: lib/ui-routes/oauth-config-routes.js:210
+msgid "Unknown"
+msgstr "Nieznany"
 
-#: workers/api.js:7102 workers/api.js:7219
-msgid "Requested page not found"
-msgstr "Nie znaleziono żądanej strony"
+#: lib/ui-routes/oauth-config-routes.js:219
+msgid "Indefinite"
+msgstr "Na czas nieokreślony"
 
-#: lib/tools.js:1653
-msgid "Signature validation failed"
-msgstr "Walidacja podpisu nie powiodła się"
+#: lib/ui-routes/route-helpers.js:81
+msgid "Delegated"
+msgstr "Delegowany"
 
-#: lib/tools.js:1662 lib/tools.js:1667
-msgid "Invalid or expired account setup URL"
-msgstr "Nieprawidłowy lub wygasły adres URL konfiguracji konta"
+#: lib/ui-routes/route-helpers.js:82
+msgid "Using credentials from \"%s\""
+msgstr "Używanie poświadczeń z \"%s\""
 
-#: lib/autodetect-imap-settings.js:80
+#: lib/ui-routes/route-helpers.js:132
 msgid ""
-"Microsoft has disabled password-based sign-ins (including app passwords) for "
-"Outlook.com, Hotmail.com, and Microsoft 365 email accounts. To continue, "
-"please use the \"Sign in with Microsoft\" button to securely connect your "
-"account."
+"Connection timed out. This usually occurs if you are behind a firewall or "
+"connecting to the wrong port."
 msgstr ""
-"Firma Microsoft wyłączyła logowanie oparte na hasłach (w tym hasłach "
-"aplikacji) dla kont e-mail w usługach Outlook.com, Hotmail.com i Microsoft "
-"365. Aby kontynuować, użyj przycisku \"Zaloguj się za pomocą Microsoft\", aby "
-"bezpiecznie połączyć swoje konto."
+"Przekroczono limit czasu połączenia. Zwykle dzieje się tak, gdy użytkownik "
+"znajduje się za zaporą sieciową lub łączy się z niewłaściwym portem."
 
-#: lib/ui-routes/account-routes.js:747 lib/ui-routes/account-routes.js:1032
-msgid "Couldn't set up account. Try again."
-msgstr "Nie udało się założyć konta. Spróbuj ponownie."
+#: lib/ui-routes/route-helpers.js:135
+msgid "The server unexpectedly closed the connection."
+msgstr "Serwer nieoczekiwanie zamknął połączenie."
+
+#: lib/ui-routes/route-helpers.js:138
+msgid ""
+"The server unexpectedly closed the connection. This usually happens when "
+"attempting to connect to a TLS port without TLS enabled."
+msgstr ""
+"Serwer nieoczekiwanie zamknął połączenie. Zwykle dzieje się tak podczas "
+"próby połączenia z portem TLS bez włączonego protokołu TLS."
 
-#, fuzzy
-#~| msgid "Failed to process request"
-#~ msgid "Couldn't process request. Try again."
-#~ msgstr "Nie udało się przetworzyć żądania"
+#: lib/ui-routes/route-helpers.js:143
+msgid ""
+"The server refused the connection. This typically occurs if the server is "
+"not running, is overloaded, or you are connecting to the wrong host or port."
+msgstr ""
+"Serwer odmówił połączenia. Zwykle dzieje się tak, gdy serwer nie działa, "
+"jest przeciążony lub łączysz się z niewłaściwym hostem lub portem."
+
+#: lib/ui-routes/unsubscribe-routes.js:38
+#: lib/ui-routes/unsubscribe-routes.js:156
+#: lib/ui-routes/unsubscribe-routes.js:173
+#: lib/ui-routes/unsubscribe-routes.js:209
+msgid "Subscription Management"
+msgstr "Zarządzanie subskrypcjami"
+
+#: lib/ui-routes/unsubscribe-routes.js:167
+#: lib/ui-routes/unsubscribe-routes.js:202
+msgid "Couldn't process request. Try again."
+msgstr "Nie udało się przetworzyć żądania. Spróbuj ponownie."
+
+#: workers/api.js:2956 workers/api.js:3071
+msgid "Requested page not found"
+msgstr "Nie znaleziono żądanej strony"

package/update-info.sh

@@ -1,6 +1,24 @@
 #!/bin/sh
 
-COMMIT_HASH=$(cat .git/refs/heads/master)
+# Resolve the commit hash for version-info.json:
+#  1. EE_COMMIT_HASH is the explicit override, set by the deploy workflow and
+#     by release builds that run from a git export without a .git directory
+#  2. git rev-parse works in any normal checkout, also when refs are packed;
+#     the toplevel check makes sure the hash comes from this repository and
+#     not from an unrelated parent repository when this directory is not a
+#     git repository itself
+#  3. the plain ref file is the fallback for the Docker image build, which
+#     only copies .git/refs/heads/master into the build context
+if [ -n "$EE_COMMIT_HASH" ]; then
+    COMMIT_HASH="$EE_COMMIT_HASH"
+elif [ "$(git rev-parse --show-toplevel 2>/dev/null)" = "$(pwd -P)" ] && git rev-parse HEAD >/dev/null 2>&1; then
+    COMMIT_HASH=$(git rev-parse HEAD)
+elif [ -f .git/refs/heads/master ]; then
+    COMMIT_HASH=$(cat .git/refs/heads/master)
+else
+    COMMIT_HASH=""
+fi
+
 TIMESTAMP=$(node -e 'console.log(Date.now())')
 cat >version-info.json <<EOL
 {

package/views/config/logging.hbs

@@ -49,6 +49,54 @@
         </div>
     </div>
 
+    <div class="card mb-4">
+        <div class="card-header py-3">
+            <h6 class="m-0 font-weight-bold text-primary">Error Reporting</h6>
+        </div>
+        <div class="card-body">
+
+            {{#if sentryEnvManaged}}
+            <div class="alert alert-info">Error reporting is currently managed by the <code>SENTRY_DSN</code>
+                environment variable. The settings below are ignored until that variable is removed.</div>
+            {{/if}}
+
+            <div class="form-group form-check">
+
+                <div class="text-muted float-right code-link">[<a href="/admin/swagger#/Settings/postV1Settings"
+                        target="_blank" rel="noopener noreferrer">sentryEnabled</a>]</div>
+
+                <input type="checkbox" class="form-check-input {{#if errors.sentryEnabled}}is-invalid{{/if}}"
+                    id="settingsSentryEnabled" name="sentryEnabled" {{#if values.sentryEnabled}}checked{{/if}}
+                    {{#if sentryEnvManaged}}disabled{{/if}} />
+                <label class="form-check-label" for="settingsSentryEnabled">Report Unhandled Errors to Sentry</label>
+                {{#if errors.sentryEnabled}}
+                <span class="invalid-feedback">{{errors.sentryEnabled}}</span>
+                {{/if}}
+                <small class="form-text text-muted">Send unhandled errors to a Sentry server. Reports include stack
+                    traces, account IDs, and error details, but never credentials or message content. Changes apply
+                    within a minute - no restart needed.</small>
+            </div>
+
+            <div class="form-group">
+
+                <div class="text-muted float-right code-link">[<a href="/admin/swagger#/Settings/postV1Settings"
+                        target="_blank" rel="noopener noreferrer">sentryDsn</a>]</div>
+
+                <label for="settingsSentryDsn">Sentry DSN</label>
+                <input type="text" class="form-control {{#if errors.sentryDsn}}is-invalid{{/if}}"
+                    id="settingsSentryDsn" name="sentryDsn" placeholder="https://public-key@sentry.example.com/1"
+                    value="{{values.sentryDsn}}" {{#if sentryEnvManaged}}disabled{{/if}} />
+                {{#if errors.sentryDsn}}
+                <span class="invalid-feedback">{{errors.sentryDsn}}</span>
+                {{/if}}
+                <small class="form-text text-muted">Leave empty to send reports to the Sentry instance run by the
+                    EmailEngine developers (sentry.emailengine.dev). Enabling this temporarily during a support case
+                    helps to debug problems with your installation. Set your own DSN to keep reports
+                    in-house.</small>
+            </div>
+        </div>
+    </div>
+
     <div class="mb-4">
         <button type="submit" class="btn btn-primary btn-icon-split">
             <span class="icon text-white-50">

package/views/dashboard.hbs

@@ -24,6 +24,28 @@
     </div>
     {{/each}}
 
+    {{#if documentStoreUnavailable}}
+    <div class="card border-left-danger mt-4">
+        <div class="card-body">
+            <div class="row no-gutters align-items-center">
+                <div class="col mr-2">
+                    <div class="text-xs font-weight-bold text-danger text-uppercase mb-1">Document Store unavailable</div>
+                    <p class="mb-0">The Document Store is enabled in the EmailEngine settings, but the feature is not
+                        available because EmailEngine was not started with the Document Store enabled. The deprecated
+                        Document Store only runs when started with the <code>--documentStore.enabled</code> command line
+                        flag or the <code>EENGINE_DOCUMENT_STORE_ENABLED=true</code> environment variable. Until then the
+                        document store worker is not running and all Document Store API and configuration endpoints
+                        return 404. Either restart EmailEngine with the flag, or disable the <code>documentStoreEnabled</code>
+                        setting to clear this warning.</p>
+                </div>
+                <div class="col-auto">
+                    <i class="fas fa-database fa-2x text-gray-300"></i>
+                </div>
+            </div>
+        </div>
+    </div>
+    {{/if}}
+
 
     {{#unless hasAccounts}}
 

package/workers/api.js

@@ -1,7 +1,5 @@
 'use strict';
 
-// NB! This file is processed by gettext parser and can not use newer syntax like ?.
-
 const { parentPort, workerData } = require('worker_threads');
 
 const packageData = require('../package.json');
@@ -40,28 +38,8 @@ const {
 } = require('../lib/tools');
 const { matchIp, detectAutomatedRequest } = require('../lib/utils/network');
 
-const Bugsnag = require('@bugsnag/js');
-if (readEnvValue('BUGSNAG_API_KEY')) {
-    Bugsnag.start({
-        apiKey: readEnvValue('BUGSNAG_API_KEY'),
-        appVersion: packageData.version,
-        logger: {
-            debug(...args) {
-                logger.debug({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            info(...args) {
-                logger.debug({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            warn(...args) {
-                logger.warn({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            error(...args) {
-                logger.error({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            }
-        }
-    });
-    logger.notifyError = Bugsnag.notify.bind(Bugsnag);
-}
+const { initSentry } = require('../lib/sentry');
+initSentry('api');
 
 const Hapi = require('@hapi/hapi');
 const Boom = require('@hapi/boom');
@@ -89,7 +67,7 @@ const { Account } = require('../lib/account');
 const settings = require('../lib/settings');
 
 const getSecret = require('../lib/get-secret');
-const { getESClient } = require('../lib/document-store');
+const { getESClient, documentStoreFeatureEnabled } = require('../lib/document-store');
 
 const routesUi = require('../lib/routes-ui');
 
@@ -135,7 +113,7 @@ const deliveryTestRoutes = require('../lib/api-routes/delivery-test-routes');
 const blocklistRoutes = require('../lib/api-routes/blocklist-routes');
 const submitRoutes = require('../lib/api-routes/submit-routes');
 
-const { imapSchema, smtpSchema, oauth2Schema, accountIdSchema, headerTimeoutSchema } = require('../lib/schemas');
+const { imapSchema, smtpSchema, oauth2Schema, accountIdSchema, headerTimeoutSchema, errorResponses } = require('../lib/schemas');
 
 const OAuth2ProviderSchema = Joi.string()
     .valid(...Object.keys(OAUTH_PROVIDERS))
@@ -145,9 +123,11 @@ const OAuth2ProviderSchema = Joi.string()
     .label('OAuth2Provider');
 
 const AccountTypeSchema = Joi.string()
-    .valid(...['imap'].concat(Object.keys(OAUTH_PROVIDERS)).concat('oauth2'))
+    .valid(...['imap'].concat(Object.keys(OAUTH_PROVIDERS)).concat(['oauth2', 'delegated', 'sending', 'invalid']))
     .example('outlook')
-    .description('Account type')
+    .description(
+        'Account type: "imap" for IMAP accounts, an OAuth2 provider name for OAuth2 accounts, "oauth2" when the OAuth2 application is missing, "delegated" for delegated accounts, "sending" for send-only accounts, "invalid" when delegation cannot be resolved'
+    )
     .required()
     .label('AccountType');
 
@@ -2558,8 +2538,10 @@ Include your token in requests using one of these methods:
     // setup template routes
     await templateRoutes({ server, call, CORS_CONFIG });
 
-    // setup "chat with email" routes
-    await chatRoutes({ server, call, CORS_CONFIG });
+    // setup "chat with email" routes (deprecated Document Store feature; only when enabled)
+    if (documentStoreFeatureEnabled) {
+        await chatRoutes({ server, call, CORS_CONFIG });
+    }
 
     // setup account CRUD routes
     await accountRoutes({
@@ -2582,7 +2564,8 @@ Include your token in requests using one of these methods:
         CORS_CONFIG,
         MAX_ATTACHMENT_SIZE,
         MAX_BODY_SIZE,
-        MAX_PAYLOAD_TIMEOUT
+        MAX_PAYLOAD_TIMEOUT,
+        documentStoreFeatureEnabled
     });
 
     // setup export routes
@@ -2659,7 +2642,8 @@ Include your token in requests using one of these methods:
 
             plugins: {
                 'hapi-swagger': {
-                    produces: ['text/event-stream']
+                    produces: ['text/event-stream'],
+                    responses: errorResponses(401, 403, 429, 500)
                 }
             },
 
@@ -2684,7 +2668,7 @@ Include your token in requests using one of these methods:
             skip: (request /*, h*/) => {
                 let tags = (request.route && request.route.settings && request.route.settings.tags) || [];
 
-                if (tags.includes('api') || tags.includes('metrics') || tags.includes('external')) {
+                if (tags.includes('api') || tags.includes('scope:metrics') || tags.includes('static') || tags.includes('external')) {
                     return true;
                 }
 
@@ -2754,6 +2738,10 @@ Include your token in requests using one of these methods:
             let systemAlerts = [];
             let authData;
 
+            // Deprecated Document Store: enabled in settings but unavailable because EmailEngine
+            // was not started with the document store gate (--documentStore.enabled / EENGINE_DOCUMENT_STORE_ENABLED).
+            let documentStoreUnavailable = !documentStoreFeatureEnabled && !!showDocumentStore;
+
             switch (request.auth.artifacts && request.auth.artifacts.provider) {
                 case 'okta': {
                     let profile = request.auth.artifacts.profile || {};
@@ -2880,6 +2868,15 @@ Include your token in requests using one of these methods:
                 });
             }
 
+            if (documentStoreUnavailable) {
+                systemAlerts.push({
+                    url: '/admin',
+                    level: 'danger',
+                    icon: 'database',
+                    message: `The Document Store is enabled in settings but unavailable. Start EmailEngine with the document store gate to use it, or disable the setting.`
+                });
+            }
+
             if (consts.EE_DOCKER_LEGACY) {
                 systemAlerts.push({
                     url: 'https://emailengine.app/docker',
@@ -2913,7 +2910,8 @@ Include your token in requests using one of these methods:
                 embeddedTemplateHeader,
                 embeddedTemplateHtmlHead,
                 currentYear: new Date().getFullYear(),
-                showDocumentStore,
+                showDocumentStore: documentStoreFeatureEnabled && showDocumentStore,
+                documentStoreUnavailable,
                 updateBrowserInfo: !serviceUrl || !language || !timezone,
 
                 // Suppress large banner warnings when EENGINE_DISABLE_SETUP_WARNINGS is set
@@ -3055,9 +3053,7 @@ Include your token in requests using one of these methods:
 
         async handler(request, h) {
             const renderedMetrics = await call({ cmd: 'metrics', timeout: request.headers['x-ee-timeout'] });
-            const response = h.response('success');
-            response.type('text/plain');
-            return renderedMetrics;
+            return h.response(renderedMetrics).type('text/plain');
         },
         options: {
             tags: ['scope:metrics'],