Ghost/ghost/admin/app/components/gh-billing-iframe.js

import Component from '@ember/component';
import {htmlSafe} from '@ember/template';
import {inject as service} from '@ember/service';

export default Component.extend({
    billing: service(),
    config: service(),
    ghostPaths: service(),
    ajax: service(),
    notifications: service(),

    didInsertElement() {
        this._super(...arguments);

        let fetchingSubscription = false;
        this.billing.getBillingIframe().src = this.billing.getIframeURL();

        window.addEventListener('message', (event) => {
            let token;

            if (event && event.data && event.data.request === 'token') {
                const ghostIdentityUrl = this.get('ghostPaths.url').api('identities');

                this.ajax.request(ghostIdentityUrl).then((response) => {
                    token = response && response.identities && response.identities[0] && response.identities[0].token;
                    this.billing.getBillingIframe().contentWindow.postMessage({
                        request: 'token',
                        response: token
                    }, '*');
                }).catch((error) => {
                    if (error.payload?.errors && error.payload.errors[0]?.type === 'NoPermissionError') {
                        // noop - user doesn't have permission to access billing
                        return;
                    }

                    throw error;
                });

                // NOTE: the handler is placed here to avoid additional logic to check if iframe has loaded
                //       receiving a 'token' request is an indication that page is ready
                if (!fetchingSubscription && !this.billing.get('subscription') && token) {
                    fetchingSubscription = true;
                    this.billing.getBillingIframe().contentWindow.postMessage({
                        query: 'getSubscription',
                        response: 'subscription'
                    }, '*');
                }
            }

            if (event && event.data && event.data.subscription) {
                this.billing.set('subscription', event.data.subscription);
                this.billing.set('checkoutRoute', event.data?.checkoutRoute || '/plans');

                // Detect if the current subscription is in a grace state and render a notification
                if (event.data.subscription.status === 'past_due' || event.data.subscription.status === 'unpaid') {
                    // This notification needs to be shown to every user regardless their permissions to see billing
                    this.notifications.showAlert('Billing error: This site is queued for suspension. The owner of this site must update payment information.', {type: 'error', key: 'billing.overdue'});
                }

                // Detect if the current member limits are exceeded and render a notification
                if (
                    event.data?.exceededLimits
                    && event.data?.exceededLimits.length
                    && event.data?.exceededLimits.indexOf('members') >= 0
                    && event.data?.checkoutRoute
                ) {
                    // The action param will be picked up on a transition from the router and can
                    // then send the destination route as a message to the BMA, which then handles the redirect.
                    const checkoutAction = this.billing.get('billingRouteRoot') + '?action=checkout';

                    this.notifications.showAlert(htmlSafe(`Your audience has grown! To continue publishing, the site owner must confirm pricing for this number of members <a href="${checkoutAction}">here</a>`), {type: 'warn', key: 'billing.exceeded'});
                }
            }
        });
    }
});
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`import Component from '@ember/component';`
Show notifications for overdue subscriptions and exceeded limits no issue - Overdue subscriptions: when a subscription is in overdue state, we'd like to inform the customers so that the owner is aware and can take action - Exceeded limits: - Show a warning when the members limit is exceeded so users are aware before trying to publish a post and hitting the limit - Allow to redirect directly to a child route in the Ghost(Pro) app, so plan updates get easier 2021-09-30 15:54:54 +03:00			`import {htmlSafe} from '@ember/template';`
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`import {inject as service} from '@ember/service';`

			`export default Component.extend({`
Added billing "update" CTA button no issue - Added billing update button to navigation menu. Ghost-Admin communicates with billing iframe and displays this button based on the plan data that iframe returns - Ghost-Admin communicates with an iframe using same mechanism as with token exchange - throu `window.postMessage` API 2020-04-21 09:54:29 +03:00			`billing: service(),`
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`config: service(),`
			`ghostPaths: service(),`
			`ajax: service(),`
Show notifications for overdue subscriptions and exceeded limits no issue - Overdue subscriptions: when a subscription is in overdue state, we'd like to inform the customers so that the owner is aware and can take action - Exceeded limits: - Show a warning when the members limit is exceeded so users are aware before trying to publish a post and hitting the limit - Allow to redirect directly to a child route in the Ghost(Pro) app, so plan updates get easier 2021-09-30 15:54:54 +03:00			`notifications: service(),`
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00
Fixed browser URL syncronization with embeded iframe state no issue - Opted in to use explicit `hisotry.replaceState` and setting iframe's `src` using assignment instead of tracking it through computed property. This allows for tighter control over when iframe's history is updated which was causing problems when `src` was bound to computed property - Added billing page metadata. This way browser history records appear with nicer signature - Removed "update button" iframe and rewrote "global iframe" to not use modals. This allows to have single iframe on a page, which simplifies `postMessage` communication and preserve history inside iframe to be able to navigate it after closure - Added route change handler responding to BMA app route changes. Allows to sync browser URL visible to the user with active route in BMA iframe. The sync is based on `hisory.replaceState` method that makes sure singular history records are kept in the browser history - Added nested wildcard billing route. This is meant to catch all the nested routes inside of BMA iframe 2020-05-22 05:44:37 +03:00			`didInsertElement() {`
Bumped eslint-plugin-ghost and fixed linter errors no issue - new linting rules that needed fixing: - calling `super` in lifecycle hooks - no usage of String prototype extensions 2021-07-15 17:27:29 +03:00			`this._super(...arguments);`

Fixed browser URL syncronization with embeded iframe state no issue - Opted in to use explicit `hisotry.replaceState` and setting iframe's `src` using assignment instead of tracking it through computed property. This allows for tighter control over when iframe's history is updated which was causing problems when `src` was bound to computed property - Added billing page metadata. This way browser history records appear with nicer signature - Removed "update button" iframe and rewrote "global iframe" to not use modals. This allows to have single iframe on a page, which simplifies `postMessage` communication and preserve history inside iframe to be able to navigate it after closure - Added route change handler responding to BMA app route changes. Allows to sync browser URL visible to the user with active route in BMA iframe. The sync is based on `hisory.replaceState` method that makes sure singular history records are kept in the browser history - Added nested wildcard billing route. This is meant to catch all the nested routes inside of BMA iframe 2020-05-22 05:44:37 +03:00			`let fetchingSubscription = false;`
			`this.billing.getBillingIframe().src = this.billing.getIframeURL();`

Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`window.addEventListener('message', (event) => {`
Fixed requesting subscription before sending token no issue - The Ghost(Pro) billing app would request a token once mounted to which Ghost sends the response to - Before, we wouldn't wait for the token to be sent and request subscription information from the Ghost(Pro) app straight away, which resulted in another token request (because it's not there yet) - This change will wait for the token to be sent before requesting subscription information from the Ghost(Pro) app to avoid duplicated requests to our servers 2021-05-20 07:15:29 +03:00			`let token;`

Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`if (event && event.data && event.data.request === 'token') {`
Updated URL and response handling for identity token no-issue This just keeps the admin in line with the changes made in https://github.com/TryGhost/Ghost/pull/11559/files 2020-03-12 15:15:54 +03:00			`const ghostIdentityUrl = this.get('ghostPaths.url').api('identities');`
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00
Updated URL and response handling for identity token no-issue This just keeps the admin in line with the changes made in https://github.com/TryGhost/Ghost/pull/11559/files 2020-03-12 15:15:54 +03:00			`this.ajax.request(ghostIdentityUrl).then((response) => {`
Fixed requesting subscription before sending token no issue - The Ghost(Pro) billing app would request a token once mounted to which Ghost sends the response to - Before, we wouldn't wait for the token to be sent and request subscription information from the Ghost(Pro) app straight away, which resulted in another token request (because it's not there yet) - This change will wait for the token to be sent before requesting subscription information from the Ghost(Pro) app to avoid duplicated requests to our servers 2021-05-20 07:15:29 +03:00			`token = response && response.identities && response.identities[0] && response.identities[0].token;`
Fixed browser URL syncronization with embeded iframe state no issue - Opted in to use explicit `hisotry.replaceState` and setting iframe's `src` using assignment instead of tracking it through computed property. This allows for tighter control over when iframe's history is updated which was causing problems when `src` was bound to computed property - Added billing page metadata. This way browser history records appear with nicer signature - Removed "update button" iframe and rewrote "global iframe" to not use modals. This allows to have single iframe on a page, which simplifies `postMessage` communication and preserve history inside iframe to be able to navigate it after closure - Added route change handler responding to BMA app route changes. Allows to sync browser URL visible to the user with active route in BMA iframe. The sync is based on `hisory.replaceState` method that makes sure singular history records are kept in the browser history - Added nested wildcard billing route. This is meant to catch all the nested routes inside of BMA iframe 2020-05-22 05:44:37 +03:00			`this.billing.getBillingIframe().contentWindow.postMessage({`
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`request: 'token',`
			`response: token`
			`}, '*');`
Fixed unhandled errors from billing app for non-owner users no issue - if the identities endpoint returned an expected 403 for non-owner/admin users we weren't handling it resulting in an error that could bubble up into error reporting services 2021-06-18 12:34:30 +03:00			`}).catch((error) => {`
			`if (error.payload?.errors && error.payload.errors[0]?.type === 'NoPermissionError') {`
			`// noop - user doesn't have permission to access billing`
			`return;`
			`}`

			`throw error;`
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`});`
Fixed browser URL syncronization with embeded iframe state no issue - Opted in to use explicit `hisotry.replaceState` and setting iframe's `src` using assignment instead of tracking it through computed property. This allows for tighter control over when iframe's history is updated which was causing problems when `src` was bound to computed property - Added billing page metadata. This way browser history records appear with nicer signature - Removed "update button" iframe and rewrote "global iframe" to not use modals. This allows to have single iframe on a page, which simplifies `postMessage` communication and preserve history inside iframe to be able to navigate it after closure - Added route change handler responding to BMA app route changes. Allows to sync browser URL visible to the user with active route in BMA iframe. The sync is based on `hisory.replaceState` method that makes sure singular history records are kept in the browser history - Added nested wildcard billing route. This is meant to catch all the nested routes inside of BMA iframe 2020-05-22 05:44:37 +03:00
			`// NOTE: the handler is placed here to avoid additional logic to check if iframe has loaded`
			`// receiving a 'token' request is an indication that page is ready`
Fixed requesting subscription before sending token no issue - The Ghost(Pro) billing app would request a token once mounted to which Ghost sends the response to - Before, we wouldn't wait for the token to be sent and request subscription information from the Ghost(Pro) app straight away, which resulted in another token request (because it's not there yet) - This change will wait for the token to be sent before requesting subscription information from the Ghost(Pro) app to avoid duplicated requests to our servers 2021-05-20 07:15:29 +03:00			`if (!fetchingSubscription && !this.billing.get('subscription') && token) {`
Fixed browser URL syncronization with embeded iframe state no issue - Opted in to use explicit `hisotry.replaceState` and setting iframe's `src` using assignment instead of tracking it through computed property. This allows for tighter control over when iframe's history is updated which was causing problems when `src` was bound to computed property - Added billing page metadata. This way browser history records appear with nicer signature - Removed "update button" iframe and rewrote "global iframe" to not use modals. This allows to have single iframe on a page, which simplifies `postMessage` communication and preserve history inside iframe to be able to navigate it after closure - Added route change handler responding to BMA app route changes. Allows to sync browser URL visible to the user with active route in BMA iframe. The sync is based on `hisory.replaceState` method that makes sure singular history records are kept in the browser history - Added nested wildcard billing route. This is meant to catch all the nested routes inside of BMA iframe 2020-05-22 05:44:37 +03:00			`fetchingSubscription = true;`
			`this.billing.getBillingIframe().contentWindow.postMessage({`
			`query: 'getSubscription',`
			`response: 'subscription'`
			`}, '*');`
			`}`
			`}`

			`if (event && event.data && event.data.subscription) {`
			`this.billing.set('subscription', event.data.subscription);`
Show notifications for overdue subscriptions and exceeded limits no issue - Overdue subscriptions: when a subscription is in overdue state, we'd like to inform the customers so that the owner is aware and can take action - Exceeded limits: - Show a warning when the members limit is exceeded so users are aware before trying to publish a post and hitting the limit - Allow to redirect directly to a child route in the Ghost(Pro) app, so plan updates get easier 2021-09-30 15:54:54 +03:00			`this.billing.set('checkoutRoute', event.data?.checkoutRoute \|\| '/plans');`

			`// Detect if the current subscription is in a grace state and render a notification`
			`if (event.data.subscription.status === 'past_due' \|\| event.data.subscription.status === 'unpaid') {`
			`// This notification needs to be shown to every user regardless their permissions to see billing`
			`this.notifications.showAlert('Billing error: This site is queued for suspension. The owner of this site must update payment information.', {type: 'error', key: 'billing.overdue'});`
			`}`

			`// Detect if the current member limits are exceeded and render a notification`
			`if (`
			`event.data?.exceededLimits`
			`&& event.data?.exceededLimits.length`
			`&& event.data?.exceededLimits.indexOf('members') >= 0`
			`&& event.data?.checkoutRoute`
			`) {`
			`// The action param will be picked up on a transition from the router and can`
			`// then send the destination route as a message to the BMA, which then handles the redirect.`
			`const checkoutAction = this.billing.get('billingRouteRoot') + '?action=checkout';`

			this.notifications.showAlert(htmlSafe(`Your audience has grown! To continue publishing, the site owner must confirm pricing for this number of members <a href="${checkoutAction}">here</a>`), {type: 'warn', key: 'billing.exceeded'});
			`}`
Added billing route and iframe behind config no-issue * Updated the iframe src * Moved billing behind config * Transition to home route for missing billing config * Replaced jquery element selection with native 2020-03-02 08:06:54 +03:00			`}`
			`});`
			`}`
			`});`