TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-30 01:42:29 +03:00
Code Issues Projects Releases Wiki Activity
6161f94910
Ghost/ghost/verification-trigger/test/verification-trigger.test.js

518 lines
17 KiB
JavaScript
Raw Normal View History

Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
// Switch these lines once there are useful utils
// const testUtils = require('./utils');
const sinon = require('sinon');
Updated to use assert/strict everywhere (#17047) refs: https://github.com/TryGhost/Toolbox/issues/595 We're rolling out new rules around the node assert library, the first of which is enforcing the use of assert/strict. This means we don't need to use the strict version of methods, as the standard version will work that way by default. This caught some gotchas in our existing usage of assert where the lack of strict mode had unexpected results: - Url matching needs to be done on `url.href` see https://github.com/TryGhost/Ghost/pull/17047/commits/aa58b354a40751326fe3c00902b202099b2223d2 - Null and undefined are not the same thing, there were a few cases of this being confused - Particularly questionable changes in [PostExporter tests](https://github.com/TryGhost/Ghost/pull/17047/commits/c1a468744beeca4c09ebfe4ac4f87fb3a685f25e) tracked [here](https://github.com/TryGhost/Team/issues/3505). - A typo see https://github.com/TryGhost/Ghost/pull/17047/commits/eaac9c293a87fe0c9646eb52f5f5ef3ecd6d56b0 Moving forward, using assert strict should help us to catch unexpected behaviour, particularly around nulls and undefineds during implementation.
2023-06-21 11:56:59 +03:00
const assert = require('assert/strict');
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
require('./utils');
Email verification for imports based on 30 days of import refs: https://github.com/TryGhost/Toolbox/issues/293 Things needed to create this: * MemberSubscriptionEvent now has an import source * Importer now creates events with this type * Verification trigger logic changed to use 30 day window of imports
2022-04-13 19:35:24 +03:00
const VerificationTrigger = require('../index');
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
const DomainEvents = require('@tryghost/domain-events');
Swapped member limit verification trigger event closes https://github.com/TryGhost/Toolbox/issues/399 - The MemberCreatedEvent event is more accurate representation of the limit nature - counting the number of members created. The previous MemberSubscribeEvent was slightly hacky solution because a member could be subscribed/unsubscribed multiple times and distorting the limit counts.
2022-10-06 08:50:27 +03:00
const {MemberCreatedEvent} = require('@tryghost/member-events');
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
describe('Import threshold', function () {
Prevent errors during the verification trigger tests no issue These tests were erroring because they subscribed to events but didn't have the handler injected.
2023-03-24 15:32:28 +03:00
beforeEach(function () {
// Stub this method to prevent unnecessary subscriptions to domain events
sinon.stub(DomainEvents, 'subscribe');
});
afterEach(function () {
sinon.restore();
});
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
it('Creates a threshold based on config', async function () {
const trigger = new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getImportTriggerThreshold: () => 2,
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
eventRepository: {
getSignupEvents: async () => ({
meta: {
pagination: {
total: 1
}
}
})
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
}
});
const result = await trigger.getImportThreshold();
result.should.eql(2);
});
it('Increases the import threshold to the number of members', async function () {
const trigger = new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getImportTriggerThreshold: () => 2,
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
eventRepository: {
getSignupEvents: async () => ({
meta: {
pagination: {
total: 3
}
}
})
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
}
});
const result = await trigger.getImportThreshold();
result.should.eql(3);
});
it('Does not check members count when config threshold is infinite', async function () {
const membersStub = sinon.stub().resolves(null);
const trigger = new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getImportTriggerThreshold: () => Infinity,
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
eventRepository: {
getSignupEvents: membersStub
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
}
});
const result = await trigger.getImportThreshold();
result.should.eql(Infinity);
membersStub.callCount.should.eql(0);
});
});
describe('Email verification flow', function () {
Prevent errors during the verification trigger tests no issue These tests were erroring because they subscribed to events but didn't have the handler injected.
2023-03-24 15:32:28 +03:00
let domainEventsStub;
beforeEach(function () {
domainEventsStub = sinon.stub(DomainEvents, 'subscribe');
});
afterEach(function () {
sinon.restore();
});
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
it('Triggers verification process', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
const trigger = new VerificationTrigger({
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub
});
Renamed verification parameters refs https://github.com/TryGhost/Toolbox/issues/387 - The "amountImported" was to specific to one verification trigger source. There can be multiple sources that start the verification process. - Changed `startVerificationProcess` method signature to reflect it's a private method that's only used internally - exposed for testing purposes only.
2022-08-25 04:47:59 +03:00
const result = await trigger._startVerificationProcess({
amount: 10,
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
throwOnTrigger: false
});
result.needsVerification.should.eql(true);
emailStub.callCount.should.eql(1);
settingsStub.callCount.should.eql(1);
});
it('Does not trigger verification when already verified', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
const trigger = new VerificationTrigger({
Settings: {
edit: settingsStub
},
isVerified: () => true,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub
});
Renamed verification parameters refs https://github.com/TryGhost/Toolbox/issues/387 - The "amountImported" was to specific to one verification trigger source. There can be multiple sources that start the verification process. - Changed `startVerificationProcess` method signature to reflect it's a private method that's only used internally - exposed for testing purposes only.
2022-08-25 04:47:59 +03:00
const result = await trigger._startVerificationProcess({
amount: 10,
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
throwOnTrigger: false
});
result.needsVerification.should.eql(false);
emailStub.callCount.should.eql(0);
settingsStub.callCount.should.eql(0);
});
it('Does not trigger verification when already in progress', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
const trigger = new VerificationTrigger({
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => true,
sendVerificationEmail: emailStub
});
Renamed verification parameters refs https://github.com/TryGhost/Toolbox/issues/387 - The "amountImported" was to specific to one verification trigger source. There can be multiple sources that start the verification process. - Changed `startVerificationProcess` method signature to reflect it's a private method that's only used internally - exposed for testing purposes only.
2022-08-25 04:47:59 +03:00
const result = await trigger._startVerificationProcess({
amount: 10,
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
throwOnTrigger: false
});
result.needsVerification.should.eql(false);
emailStub.callCount.should.eql(0);
settingsStub.callCount.should.eql(0);
});
it('Throws when `throwsOnTrigger` is true', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
const trigger = new VerificationTrigger({
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub
});
Renamed verification parameters refs https://github.com/TryGhost/Toolbox/issues/387 - The "amountImported" was to specific to one verification trigger source. There can be multiple sources that start the verification process. - Changed `startVerificationProcess` method signature to reflect it's a private method that's only used internally - exposed for testing purposes only.
2022-08-25 04:47:59 +03:00
await trigger._startVerificationProcess({
amount: 10,
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
throwOnTrigger: true
}).should.be.rejected();
});
it('Sends a message containing the number of members imported', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
const trigger = new VerificationTrigger({
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub
});
Renamed verification parameters refs https://github.com/TryGhost/Toolbox/issues/387 - The "amountImported" was to specific to one verification trigger source. There can be multiple sources that start the verification process. - Changed `startVerificationProcess` method signature to reflect it's a private method that's only used internally - exposed for testing purposes only.
2022-08-25 04:47:59 +03:00
await trigger._startVerificationProcess({
amount: 10,
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
throwOnTrigger: false
});
emailStub.lastCall.firstArg.should.eql({
subject: 'Email needs verification',
Fixed tests fixes https://github.com/TryGhost/Ghost/commit/7e3b8ff4042478c45cc02253ccf0d7f60471e742 refs https://github.com/TryGhost/Toolbox/issues/387 - The tests were not run properly after the referenced changes were made.
2022-08-25 10:38:19 +03:00
message: 'Email verification needed for site: {siteUrl}, has imported: {amountTriggered} members in the last 30 days.',
Renamed trigger amount variable refs https://github.com/TryGhost/Toolbox/issues/387 - Similar reasoning as to previous renames - the variables were named with a single trigger source in mind and now would be confusing with multiple verification trigger sources.
2022-08-25 05:43:46 +03:00
amountTriggered: 10
Added email verification trigger package refs: https://github.com/TryGhost/Toolbox/issues/166 New package handles the email verification workflow to prevent spammers. It currently handles MembersSubscribeEvent to detect potential abuse of the API to add members, and exposes methods for checking the threshold / starting the verification process for use by other areas of the code (at the moment - just member imports). The import package no longer needs to handle anything related to verification since it can be handled in the wrapper function in Ghost, and the API package doesn't need to do anything other than dispatch the new event.
2022-01-27 13:57:51 +03:00
});
});
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
it('Triggers when a number of API events are dispatched', async function () {
Prevent errors during the verification trigger tests no issue These tests were erroring because they subscribed to events but didn't have the handler injected.
2023-03-24 15:32:28 +03:00
// We need to use the real event repository here to test event handling
domainEventsStub.restore();
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
const eventStub = sinon.stub().callsFake(async (_unused, {source}) => {
if (source === 'member') {
return {
meta: {
pagination: {
total: 15
}
}
};
} else {
return {
meta: {
pagination: {
total: 10
}
}
};
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
}
});
Fixed verification trigger test no issue
2022-02-04 15:03:59 +03:00
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getApiTriggerThreshold: () => 2,
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub,
eventRepository: {
Removed getCreatedEvents and added verification trigger test (#15832) refs https://github.com/TryGhost/Team/issues/2266 This removes the deprecated `getCreatedEvents` method in the event repository and adds tests to the verification trigger to see if we don't break anything. Changes extracted from https://github.com/TryGhost/Ghost/pull/15831
2022-11-18 17:05:15 +03:00
getSignupEvents: eventStub
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
}
});
Swapped member limit verification trigger event closes https://github.com/TryGhost/Toolbox/issues/399 - The MemberCreatedEvent event is more accurate representation of the limit nature - counting the number of members created. The previous MemberSubscribeEvent was slightly hacky solution because a member could be subscribed/unsubscribed multiple times and distorting the limit counts.
2022-10-06 08:50:27 +03:00
DomainEvents.dispatch(MemberCreatedEvent.create({
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
memberId: 'hello!',
source: 'api'
}, new Date()));
eventStub.callCount.should.eql(1);
Fixed verification trigger usage of Event Repository refs https://github.com/TryGhost/Team/issues/2192 The method signatures of the Event Repository have been updated to take mongo filter objects, but this call-site was not updated. Long term we should really be using NQL filter strings for our filtering API and the mongo filter objects should be an implementation detail, however we don't have time right now to rectify this.
2022-11-01 07:31:49 +03:00
eventStub.lastCall.lastArg.should.have.property('source');
eventStub.lastCall.lastArg.source.should.eql('api');
eventStub.lastCall.lastArg.should.have.property('created_at');
eventStub.lastCall.lastArg.created_at.should.have.property('$gt');
eventStub.lastCall.lastArg.created_at.$gt.should.match(/\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}/);
Add API verification trigger with new filter no issue Previous API verification trigger didn't work because the way filters work also changed. Re-implemented with a new filter.
2022-02-03 18:02:33 +03:00
});
Email verification for imports based on 30 days of import refs: https://github.com/TryGhost/Toolbox/issues/293 Things needed to create this: * MemberSubscriptionEvent now has an import source * Importer now creates events with this type * Verification trigger logic changed to use 30 day window of imports
2022-04-13 19:35:24 +03:00
it('Triggers when a number of members are imported', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
const eventStub = sinon.stub().callsFake(async (_unused, {source}) => {
if (source === 'member') {
return {
meta: {
pagination: {
total: 15
}
}
};
} else {
return {
meta: {
pagination: {
total: 10
}
}
};
Email verification for imports based on 30 days of import refs: https://github.com/TryGhost/Toolbox/issues/293 Things needed to create this: * MemberSubscriptionEvent now has an import source * Importer now creates events with this type * Verification trigger logic changed to use 30 day window of imports
2022-04-13 19:35:24 +03:00
}
});
const trigger = new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getImportTriggerThreshold: () => 2,
Email verification for imports based on 30 days of import refs: https://github.com/TryGhost/Toolbox/issues/293 Things needed to create this: * MemberSubscriptionEvent now has an import source * Importer now creates events with this type * Verification trigger logic changed to use 30 day window of imports
2022-04-13 19:35:24 +03:00
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub,
eventRepository: {
Removed getCreatedEvents and added verification trigger test (#15832) refs https://github.com/TryGhost/Team/issues/2266 This removes the deprecated `getCreatedEvents` method in the event repository and adds tests to the verification trigger to see if we don't break anything. Changes extracted from https://github.com/TryGhost/Ghost/pull/15831
2022-11-18 17:05:15 +03:00
getSignupEvents: eventStub
Email verification for imports based on 30 days of import refs: https://github.com/TryGhost/Toolbox/issues/293 Things needed to create this: * MemberSubscriptionEvent now has an import source * Importer now creates events with this type * Verification trigger logic changed to use 30 day window of imports
2022-04-13 19:35:24 +03:00
}
});
await trigger.testImportThreshold();
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
eventStub.callCount.should.eql(2);
eventStub.firstCall.lastArg.should.have.property('source');
eventStub.firstCall.lastArg.source.should.eql('import');
eventStub.firstCall.lastArg.should.have.property('created_at');
eventStub.firstCall.lastArg.created_at.should.have.property('$gt');
eventStub.firstCall.lastArg.created_at.$gt.should.match(/\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}/);
Email verification for imports based on 30 days of import refs: https://github.com/TryGhost/Toolbox/issues/293 Things needed to create this: * MemberSubscriptionEvent now has an import source * Importer now creates events with this type * Verification trigger logic changed to use 30 day window of imports
2022-04-13 19:35:24 +03:00
emailStub.callCount.should.eql(1);
emailStub.lastCall.firstArg.should.eql({
subject: 'Email needs verification',
Fixed tests fixes https://github.com/TryGhost/Ghost/commit/7e3b8ff4042478c45cc02253ccf0d7f60471e742 refs https://github.com/TryGhost/Toolbox/issues/387 - The tests were not run properly after the referenced changes were made.
2022-08-25 10:38:19 +03:00
message: 'Email verification needed for site: {siteUrl}, has imported: {amountTriggered} members in the last 30 days.',
Renamed trigger amount variable refs https://github.com/TryGhost/Toolbox/issues/387 - Similar reasoning as to previous renames - the variables were named with a single trigger source in mind and now would be confusing with multiple verification trigger sources.
2022-08-25 05:43:46 +03:00
amountTriggered: 10
Email verification for imports based on 30 days of import refs: https://github.com/TryGhost/Toolbox/issues/293 Things needed to create this: * MemberSubscriptionEvent now has an import source * Importer now creates events with this type * Verification trigger logic changed to use 30 day window of imports
2022-04-13 19:35:24 +03:00
});
});
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
it('checkVerificationRequired also checks import', async function () {
const emailStub = sinon.stub().resolves(null);
let isVerificationRequired = false;
const isVerificationRequiredStub = sinon.stub().callsFake(() => {
return isVerificationRequired;
});
const settingsStub = sinon.stub().callsFake(() => {
isVerificationRequired = true;
return Promise.resolve();
});
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
const eventStub = sinon.stub().callsFake(async (_unused, {source}) => {
if (source === 'member') {
return {
meta: {
pagination: {
total: 15
}
}
};
} else {
return {
meta: {
pagination: {
total: 10
}
}
};
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
}
});
const trigger = new VerificationTrigger({
getImportTriggerThreshold: () => 2,
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: isVerificationRequiredStub,
sendVerificationEmail: emailStub,
eventRepository: {
getSignupEvents: eventStub
}
});
assert.equal(await trigger.checkVerificationRequired(), true);
sinon.assert.calledOnce(emailStub);
});
it('testImportThreshold does not calculate anything if already verified', async function () {
const trigger = new VerificationTrigger({
getImportTriggerThreshold: () => 2,
isVerified: () => true
});
assert.equal(await trigger.testImportThreshold(), undefined);
});
it('testImportThreshold does not calculate anything if already pending', async function () {
const trigger = new VerificationTrigger({
getImportTriggerThreshold: () => 2,
isVerified: () => false,
isVerificationRequired: () => true
});
assert.equal(await trigger.testImportThreshold(), undefined);
});
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
it('Triggers when a number of members are added from Admin', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
const eventStub = sinon.stub().callsFake(async (_unused, {source}) => {
if (source === 'member') {
return {
meta: {
pagination: {
total: 0
}
}
};
} else {
return {
meta: {
pagination: {
total: 10
}
}
};
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
}
});
const trigger = new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getAdminTriggerThreshold: () => 2,
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub,
eventRepository: {
Removed getCreatedEvents and added verification trigger test (#15832) refs https://github.com/TryGhost/Team/issues/2266 This removes the deprecated `getCreatedEvents` method in the event repository and adds tests to the verification trigger to see if we don't break anything. Changes extracted from https://github.com/TryGhost/Ghost/pull/15831
2022-11-18 17:05:15 +03:00
getSignupEvents: eventStub
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
}
});
Swapped member limit verification trigger event closes https://github.com/TryGhost/Toolbox/issues/399 - The MemberCreatedEvent event is more accurate representation of the limit nature - counting the number of members created. The previous MemberSubscribeEvent was slightly hacky solution because a member could be subscribed/unsubscribed multiple times and distorting the limit counts.
2022-10-06 08:50:27 +03:00
await trigger._handleMemberCreatedEvent({
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
data: {
source: 'admin'
}
});
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
eventStub.callCount.should.eql(2);
eventStub.firstCall.lastArg.should.have.property('source');
eventStub.firstCall.lastArg.source.should.eql('admin');
eventStub.firstCall.lastArg.should.have.property('created_at');
eventStub.firstCall.lastArg.created_at.should.have.property('$gt');
eventStub.firstCall.lastArg.created_at.$gt.should.match(/\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}/);
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
emailStub.callCount.should.eql(1);
emailStub.lastCall.firstArg.should.eql({
subject: 'Email needs verification',
Fixed tests fixes https://github.com/TryGhost/Ghost/commit/7e3b8ff4042478c45cc02253ccf0d7f60471e742 refs https://github.com/TryGhost/Toolbox/issues/387 - The tests were not run properly after the referenced changes were made.
2022-08-25 10:38:19 +03:00
message: 'Email verification needed for site: {siteUrl} has added: {amountTriggered} members through the Admin client in the last 30 days.',
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
amountTriggered: 10
});
});
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
it('Triggers when a number of members are added from API', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
const eventStub = sinon.stub().callsFake(async (_unused, {source}) => {
if (source === 'member') {
return {
meta: {
pagination: {
total: 0
}
}
};
} else {
return {
meta: {
pagination: {
total: 10
}
}
};
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
}
});
const trigger = new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getAdminTriggerThreshold: () => 2,
getApiTriggerThreshold: () => 2,
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub,
eventRepository: {
Removed getCreatedEvents and added verification trigger test (#15832) refs https://github.com/TryGhost/Team/issues/2266 This removes the deprecated `getCreatedEvents` method in the event repository and adds tests to the verification trigger to see if we don't break anything. Changes extracted from https://github.com/TryGhost/Ghost/pull/15831
2022-11-18 17:05:15 +03:00
getSignupEvents: eventStub
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
}
});
Swapped member limit verification trigger event closes https://github.com/TryGhost/Toolbox/issues/399 - The MemberCreatedEvent event is more accurate representation of the limit nature - counting the number of members created. The previous MemberSubscribeEvent was slightly hacky solution because a member could be subscribed/unsubscribed multiple times and distorting the limit counts.
2022-10-06 08:50:27 +03:00
await trigger._handleMemberCreatedEvent({
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
data: {
source: 'api'
}
});
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
eventStub.callCount.should.eql(2);
eventStub.firstCall.lastArg.should.have.property('source');
eventStub.firstCall.lastArg.source.should.eql('api');
eventStub.firstCall.lastArg.should.have.property('created_at');
eventStub.firstCall.lastArg.created_at.should.have.property('$gt');
eventStub.firstCall.lastArg.created_at.$gt.should.match(/\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}/);
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
emailStub.callCount.should.eql(1);
emailStub.lastCall.firstArg.should.eql({
subject: 'Email needs verification',
Fixed tests fixes https://github.com/TryGhost/Ghost/commit/7e3b8ff4042478c45cc02253ccf0d7f60471e742 refs https://github.com/TryGhost/Toolbox/issues/387 - The tests were not run properly after the referenced changes were made.
2022-08-25 10:38:19 +03:00
message: 'Email verification needed for site: {siteUrl} has added: {amountTriggered} members through the API in the last 30 days.',
Added email verification trigger for admin requests refs https://github.com/TryGhost/Toolbox/issues/387 - When members are added through the Admin client they have to be a part of instance validation process to prevent service misuse.
2022-08-25 09:26:26 +03:00
amountTriggered: 10
});
Renamed trigger amount variable refs https://github.com/TryGhost/Toolbox/issues/387 - Similar reasoning as to previous renames - the variables were named with a single trigger source in mind and now would be confusing with multiple verification trigger sources.
2022-08-25 05:43:46 +03:00
});
Avoided loading newsletter subscription events if threshold is Infinity - if the threshold is Infinity, we shouldn't be loading the newsletter subscription events because we are saying there is no threshold - the code has a quick path to avoid comparing the values, but it still loads the events upfront - this commit moves the quick path up to return earlier - this has the nice side-effect of producing 100% coverage on this package
2022-07-26 12:35:48 +03:00
it('Does not fetch events and trigger when threshold is Infinity', async function () {
const emailStub = sinon.stub().resolves(null);
const settingsStub = sinon.stub().resolves(null);
Made verification trigger depend on the number of members no issue This change makes the verification trigger behave closer to the original idea. As well as having a threshold to trigger email verification, the trigger should also rely on the number of "organic" / verified members. This means that large publications will not trigger the verification flow when they import members, but spammers / suspicious sites worth verifying will not have the organic member count to allow for larger imports.
2023-03-21 21:00:14 +03:00
const eventStub = sinon.stub().callsFake(async (_unused, {source}) => {
if (source === 'member') {
return {
meta: {
pagination: {
total: 15
}
}
};
} else {
return {
meta: {
pagination: {
total: 10
}
}
};
Avoided loading newsletter subscription events if threshold is Infinity - if the threshold is Infinity, we shouldn't be loading the newsletter subscription events because we are saying there is no threshold - the code has a quick path to avoid comparing the values, but it still loads the events upfront - this commit moves the quick path up to return earlier - this has the nice side-effect of producing 100% coverage on this package
2022-07-26 12:35:48 +03:00
}
});
const trigger = new VerificationTrigger({
Improved email verification required checks (#16060) fixes https://github.com/TryGhost/Team/issues/2366 refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209 Probem described in issue. In the old MEGA flow: - The `email_verification_required` check is now repeated inside the job In the new email service flow: - The `email_verification_required` is now checked (didn't happen before) - When generating the email batch recipients, we only include members that were created before the email was created. That way it is impossible to avoid limit checks by inserting new members between creating an email and sending an email. - We don't need to repeat the check inside the job because of the above changes Improved handling of large imports: - When checking `email_verification_required`, we now also check if the import threshold is reached (a new method is introduced in vertificationTrigger specifically for this usage). If it is, we start the verification progress. This is required for long running imports that only check the verification threshold at the very end. - This change increases the concurrency of fastq to 3 (refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when running a long import, it is now possible to send emails without having to wait for the import. Above change makes sure it is not possible to get around the verification limits. Refactoring: - Removed the need to use `updateVerificationTrigger` by making thresholds getters instead of fixed variables. - Improved awaiting of members import job in regression test
2023-01-04 13:22:12 +03:00
getImportTriggerThreshold: () => Infinity,
Avoided loading newsletter subscription events if threshold is Infinity - if the threshold is Infinity, we shouldn't be loading the newsletter subscription events because we are saying there is no threshold - the code has a quick path to avoid comparing the values, but it still loads the events upfront - this commit moves the quick path up to return earlier - this has the nice side-effect of producing 100% coverage on this package
2022-07-26 12:35:48 +03:00
Settings: {
edit: settingsStub
},
isVerified: () => false,
isVerificationRequired: () => false,
sendVerificationEmail: emailStub,
eventRepository: {
Removed getCreatedEvents and added verification trigger test (#15832) refs https://github.com/TryGhost/Team/issues/2266 This removes the deprecated `getCreatedEvents` method in the event repository and adds tests to the verification trigger to see if we don't break anything. Changes extracted from https://github.com/TryGhost/Ghost/pull/15831
2022-11-18 17:05:15 +03:00
getSignupEvents: eventStub
Avoided loading newsletter subscription events if threshold is Infinity - if the threshold is Infinity, we shouldn't be loading the newsletter subscription events because we are saying there is no threshold - the code has a quick path to avoid comparing the values, but it still loads the events upfront - this commit moves the quick path up to return earlier - this has the nice side-effect of producing 100% coverage on this package
2022-07-26 12:35:48 +03:00
}
});
await trigger.testImportThreshold();
// We shouldn't be fetching the events if the threshold is Infinity
eventStub.callCount.should.eql(0);
Fixed typo
2022-08-25 04:41:45 +03:00
// We shouldn't be sending emails if the threshold is Infinity
Avoided loading newsletter subscription events if threshold is Infinity - if the threshold is Infinity, we shouldn't be loading the newsletter subscription events because we are saying there is no threshold - the code has a quick path to avoid comparing the values, but it still loads the events upfront - this commit moves the quick path up to return earlier - this has the nice side-effect of producing 100% coverage on this package
2022-07-26 12:35:48 +03:00
emailStub.callCount.should.eql(0);
});
Fixed verification trigger test no issue
2022-02-04 15:03:59 +03:00
});
Reference in New Issue Copy Permalink