From e65ae2041c3d77ed7daa498afe9014f0ae6cae02 Mon Sep 17 00:00:00 2001
From: Simon Backx <simon@ghost.org>
Date: Mon, 4 Dec 2023 15:07:30 +0100
Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=90=9B=20Fixed=20deleting=20members?=
 =?UTF-8?q?=20with=20email=20disabled=20(#19222)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

refs https://ghost.slack.com/archives/CTH5NDJMS/p1701688836406919

Deleting members with email disabled, results in deleting all members
due to a broken NQL filter.

The filter `(email_disabled:1)` results in selecting all members because
of the surrounding brackets, which cause a `yg` filter to be generated
by NQL which is not supported by code that handles the Mongo filters.

This is a quick fix to reduce damage, this will need a proper fix in NQL
/ lower level.
---
 ghost/admin/app/controllers/members.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ghost/admin/app/controllers/members.js b/ghost/admin/app/controllers/members.js
index 0149df9f62..45598c6d5c 100644
--- a/ghost/admin/app/controllers/members.js
+++ b/ghost/admin/app/controllers/members.js
@@ -222,10 +222,10 @@ export default class MembersController extends Controller {
         if (filterParam) {
             // If the provided filter param is a single filter related to newsletter subscription status
             // remove the surrounding brackets to prevent https://github.com/TryGhost/NQL/issues/16
-            const NEWSLETTER_SUBSCRIPTION_STATUS_RE = /^\(subscribed:(?:true|false)[+,]email_disabled:[01]\)$/;
-            const SPECIFIC_NEWSLETTER_SUBSCRIPTION_STATUS_RE = /^\(newsletters\.slug:[^()]+[+,]email_disabled:[01]\)$/;
+            const BRACKETS_SURROUNDED_RE = /^\(.*\)$/;
+            const MULTIPLE_GROUPS_RE = /\).*\(/;
 
-            if (NEWSLETTER_SUBSCRIPTION_STATUS_RE.test(filterParam) || SPECIFIC_NEWSLETTER_SUBSCRIPTION_STATUS_RE.test(filterParam)) {
+            if (BRACKETS_SURROUNDED_RE.test(filterParam) && !MULTIPLE_GROUPS_RE.test(filterParam)) {
                 filterParam = filterParam.slice(1, -1);
             }
         }

From 9ac050dfe90351d5f80b219782dccb6351ed07b3 Mon Sep 17 00:00:00 2001
From: Ghost CI <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 4 Dec 2023 14:56:05 +0000
Subject: [PATCH 2/2] v5.75.1

---
 ghost/admin/package.json | 2 +-
 ghost/core/package.json  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ghost/admin/package.json b/ghost/admin/package.json
index c76d8b8260..a4d1114d91 100644
--- a/ghost/admin/package.json
+++ b/ghost/admin/package.json
@@ -1,6 +1,6 @@
 {
   "name": "ghost-admin",
-  "version": "5.75.0",
+  "version": "5.75.1",
   "description": "Ember.js admin client for Ghost",
   "author": "Ghost Foundation",
   "homepage": "http://ghost.org",
diff --git a/ghost/core/package.json b/ghost/core/package.json
index ea03a5f713..b490c188f2 100644
--- a/ghost/core/package.json
+++ b/ghost/core/package.json
@@ -1,6 +1,6 @@
 {
   "name": "ghost",
-  "version": "5.75.0",
+  "version": "5.75.1",
   "description": "The professional publishing platform",
   "author": "Ghost Foundation",
   "homepage": "https://ghost.org",