Commit Graph

166 Commits

Author SHA1 Message Date
Kevin Ansfield
9b1f79f601
Cleaned up lexicalEditor labs flag, switched Post model to lexical-by-default (#18607)
no issue

- flag is no longer used in Admin so we can clean it up in Core too
- updated Post model to set blank document to `lexical` field rather than `mobiledoc` as a default value
- switched over to returning `mobiledoc,lexical` as default formats in Admin API
2023-10-23 17:51:34 +01:00
Chris Raible
5a5a756415
Updated theme fixtures for casper and source (#18677)
no issue

- Casper and Source theme files were out of date — this commit updates the theme fixtures, and fixes up a few tests to pass with the updated themes
2023-10-18 14:51:35 -07:00
Chris Raible
80a6fe17d0 Added Source as the new default theme
refs TryGhost/Product#3510

- Added `TryGhost/Source` as a submodule in `ghost/core/content/themes` so `Source` will ship with Ghost (along with Casper)
- With this change, new installs will use `Source` as the default theme. Existing sites will have `Source` installed, but not activated, as this is a large change and we don't want to drastically change existing sites without warning. Users can upgrade to use `Source` simply by clicking 'Activate' in design settings.
- Updated protections to prevent users from uploading their own conflicting version of `Source`
2023-10-03 14:02:08 +02:00
Simon Backx
b82a93beac
Added recommendation_notifications column to users table (#18304)
fixes https://github.com/TryGhost/Product/issues/3939
2023-09-22 15:35:55 +00:00
Kevin Ansfield
f98467611c
Added page html reset and re-render to handle dynamic collection card content (#18265)
no issue

Collection cards contain dynamic data that can change when there's any change to a published post but in Ghost all post/page content is rendered once on save and stored as a static string meaning we need a new approach for triggering a re-render of pages that plays well with caching.

- fixed typo in the relations/authors code that meant we weren't correctly calling the prototype method on the Post model inside the `onFetchedCollection` event handler
- updated Post model to clear the `html` field of all pages when saving or deleting a published post
- updated Post model to re-render `html` fields when fetching individual posts or a collection of posts
- modified `insertExtraPostsTags` fixture util to wrap it's concurrent post edits in a transaction otherwise MySQL errors because it hits a deadlock
2023-09-21 14:51:08 +00:00
Simon Backx
098f4353a7
Disabled network retries for webmentions in tests (#18269)
refs https://ghost.slack.com/archives/C02G9E68C/p1695296293667689

- We block all outgoing networking by default in tests. When editing a
post/page, Ghost tries to send a webmention. Because of my earlier
changes
(1e3232cf82)
it tries 3 times - all network requests fail instantly when networking
is disabled - but it adds a delay in between those retries. So my change
disables retries during tests.
- Adds a warning when afterEach hook tooks longer than 2s due to
awaiting jobs/events
- We reduce the amount of webmentions that are send, by only sending
webmentions for added or removed urls, no longer when a post html is
changed (unless post is published/removed).
2023-09-21 16:17:05 +02:00
Kevin Ansfield
ff3eb63fd8
Revert "Added page html reset and re-render to handle dynamic collection card content (#18146)" (#18229)
This reverts commit 3e9da6df0c.

- changes introduced an error fetching `/admin/pages/` when using MySQL
- "The values in where clause must not be object or array"
2023-09-19 16:59:56 +00:00
Kevin Ansfield
3e9da6df0c
Added page html reset and re-render to handle dynamic collection card content (#18146)
no issue

Collection cards contain dynamic data that can change when there's any change to a published post but in Ghost all post/page content is rendered once on save and stored as a static string meaning we need a new approach for triggering a re-render of pages that plays well with caching.

- fixed typo in the relations/authors code that meant we weren't correctly calling the prototype method on the Post model inside the `onFetchedCollection` event handler
- updated Post model to clear the `html` field of all pages when saving or deleting a published post
- updated Post model to re-render `html` fields when fetching individual posts or a collection of posts
- modified `insertExtraPostsTags` fixture util to wrap it's concurrent post edits in a transaction otherwise MySQL errors because it hits a deadlock
2023-09-19 16:46:38 +01:00
Sag
f1cd6432a8
Added new setting to enable Recommendations (#17856)
closes https://github.com/TryGhost/Product/issues/3772

- Recommendations are disabled by default and will get enabled when a
first recommendation is added. The "recommendations_enabled" setting
will be not shown explicitly in Admin, it will rather be set implicitly
based on whether there is at least one recommendation
- The "recommendations_enabled" setting belongs to a new setting group
called "recommendations"

Tech Spec: https://www.notion.so/ghost/Recommentions-Tech-Spec-598f09e4109f4eef8d9e32db7245a90c?pvs=4
2023-08-30 08:56:21 +00:00
Simon Backx
935ac43584
Added recommendations CRUD api (#17845)
fixes https://github.com/TryGhost/Product/issues/3784

- Includes migrations for new permissions needed for the new endpoints
2023-08-29 15:06:57 +00:00
Simon Backx
a011151e24
🐛 Fixed handling multiple Stripe subscriptions for same member (#17773)
fixes https://github.com/TryGhost/Product/issues/3752

- Added some extra tests for edge cases
- Updated handling of multiple subscriptions so they are handled better
- Canceling a subscription when the member still has other subscriptions will now get handled correctly where the status and products of the member stay intact
2023-08-22 13:27:21 +02:00
Simon Backx
13b732f905
Added Playwright tests for donations (#17699)
fixes https://github.com/TryGhost/Product/issues/3723

This also fixes usage of localhost instead of 127.0.0.1 as a test URL
for playwright. This caused issues for cookies because the member
impersonation navigated to 127.0.0.1 instead of localhost, meaning that
the next page.goto call would go to localhost and lose the cookies.
2023-08-15 15:20:18 +02:00
Simon Backx
690fbf3f73
🔒 Fixed arbitrary file read via symlinks in content import
refs https://github.com/TryGhost/Product/issues/3726
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg

- credits to https://github.com/ixSly
2023-08-15 13:01:11 +02:00
Simon Backx
e14df6479b
Added E2E tests for donations API (#17694)
fixes https://github.com/TryGhost/Product/issues/3722
2023-08-11 14:25:53 +02:00
Simon Backx
4c8179312d
🎨 Added support for relative links in emails (#17630)
fixes https://github.com/TryGhost/Product/issues/3687

After this change, relative URLs in emails will be replaced with
absolute URLs using the post URL. Making relative Portal URLs possible
etc.

Updates the test data generator to fix invalid URL encoding (somehow a
backslash + escaped double quote was added when it wasn't required).
2023-08-08 13:22:56 +02:00
Simon Backx
66675a1383
Added donation notifications column (#17607)
fixes https://github.com/TryGhost/Product/issues/3691

When a site receives a donation, we'll send an email to all
administrator. They can disable this in their profile settings. This
migration adds the required column to make this possible. It defaults to
true.

Link to tech spec:
https://www.notion.so/ghost/Tech-Spec-5cd6929f7960462ebcbf198176e0d899?pvs=4#156834b0231d4968a203d797c6817d21
2023-08-07 15:31:36 +02:00
Sag
19bdb0efef
Added migrations for Tips & Donations' settings (#17576)
closes https://github.com/TryGhost/Product/issues/3668

- Tips and Donations feature offers two settings: "donations_currency", and "donations_suggested_amount"
    - "donation_currency": the currency to be used for the donation. Defaults to "USD", not nullable.
    - "donation_suggested_amount": an anchor price for the donation. Defaults to 0, not nullable.
- Both settings belong to a new group "donations"

Tech Spec: https://www.notion.so/ghost/Tech-Spec-5cd6929f7960462ebcbf198176e0d899?pvs=4#6e8b34c45f0c4c78b48c9e7725a307c8
2023-08-03 22:13:47 +02:00
John O'Nolan
265e62229f
2023 2023-08-03 20:40:44 +01:00
Steve Larson
6936007052
🐛 Updated gscan error handling for page errors (#17575)
refs https://github.com/TryGhost/Product/issues/3676

- add filter for sidebar display of theme errors (angry red box)
- filter specific to each page feature, will need to add each one by this approach
2023-08-02 09:56:40 -05:00
Steve Larson
5fe72462bc
Enabled page features (#17544)
no refs
-moved hide page title and feature image to GA
-updated gscan
2023-07-31 14:22:19 -05:00
Steve Larson
e45b947d61
Updated gscan (#17521)
no refs
- add check for unknown global use in themes
- removed `@page` check until ready for release
2023-07-27 15:43:22 +00:00
Steve Larson
b77521ece9
Updated gscan (#17509)
no refs
2023-07-26 15:58:22 +00:00
Steve Larson
005e80b466
Updated gscan (#17507)
no refs
2023-07-26 13:06:23 +00:00
Michael Barrett
184c6ae951
Retain newsletter subscriptions on suppression (#17373)
refs https://github.com/TryGhost/Product/issues/2610
2023-07-24 10:47:57 +01:00
Steve Larson
22441fe730
Made lexical rendering async (#17438)
-moved lexical rendering to async
-includes rendering for front end and email
-necessary to pull dynamic data into render method, e.g. collections
2023-07-20 17:48:48 -05:00
Naz
ea2defb76c Updated collection descriptions
refs https://github.com/TryGhost/Arch/issues/25

- Updated collection descriptions to be less wordy and avoid a redundant "Collection" in them.
2023-07-17 18:43:21 +08:00
Naz
9bfb197a85 Added fixtures for collection posts
refs https://github.com/TryGhost/Arch/issues/25

- Adds collection_posts fixtures
2023-07-17 18:43:21 +08:00
Naz
acbe3a250e Added built in collection fixtures
refs https://github.com/TryGhost/Arch/issues/25

- The instance should have two built-in collections "latest" (prviously known as "index") and "featured". These have been filled through in-memory tricks before, now they should come pre-populated through fixtures mechanism.
2023-07-17 18:43:21 +08:00
Simon Backx
8b610d46b1
Cleaned up batch email utils (#17165)
no issue
2023-06-29 15:29:16 +02:00
Simon Backx
c41694f5e6
Added E2E Koenig Lexical card tests for paragraphs and signup card (#17159)
refs https://ghost.slack.com/archives/C04TMVA1D7A/p1687987311455289
2023-06-29 11:10:56 +02:00
Daniel Lockyer
08e2fbeacb Removed Bluebird from tests
refs https://github.com/TryGhost/Ghost/issues/14882

- we're moving away from using Bluebird in favor of native Promises, so
  this commit removes nearly all instances from tests
2023-06-23 10:03:03 +02:00
Princi Vershwal
2798d43663
Removed Bluebird Promise.each from db.utils (#17032)
refs https://github.com/TryGhost/Ghost/issues/14882

Co-authored-by: Princi Vershwal <princi.vershwal@Princis-MacBook-Pro.local>
Co-authored-by: Daniel Lockyer <hi@daniellockyer.com>
2023-06-23 09:46:41 +02:00
Hannah Wolfe
6161f94910
Updated to use assert/strict everywhere (#17047)
refs: https://github.com/TryGhost/Toolbox/issues/595

We're rolling out new rules around the node assert library, the first of which is enforcing the use of assert/strict. This means we don't need to use the strict version of methods, as the standard version will work that way by default.

This caught some gotchas in our existing usage of assert where the lack of strict mode had unexpected results:
- Url matching needs to be done on `url.href` see aa58b354a4
- Null and undefined are not the same thing,  there were a few cases of this being confused
- Particularly questionable changes in [PostExporter tests](c1a468744b) tracked [here](https://github.com/TryGhost/Team/issues/3505).
- A typo see eaac9c293a

Moving forward, using assert strict should help us to catch unexpected behaviour, particularly around nulls and undefineds during implementation.
2023-06-21 09:56:59 +01:00
Daniel Lockyer
99aeb73ecc Optimized DB reset during tests
refs https://github.com/TryGhost/Toolbox/issues/592

- it turns out that `TRUNCATE` in CI takes ~300ms for all tables, but
  `DELETE FROM` takes ~30ms
- whilst truncating is generally known to be faster, I believe it's only
  faster on large tables
- this saves 90% of the time it takes to reset the DB in MySQL
2023-06-16 13:15:17 +02:00
Daniel Lockyer
082ab6dc3e Refactored truncateAll util to async-await
refs https://github.com/TryGhost/Toolbox/issues/592

- async-await makes the code easier to read
- also performs a small optimization to only load the foreign_keys
  pragma once for SQLite
2023-06-13 14:46:57 +02:00
Daniel Lockyer
264773ccd1 Reset URL service between test boots
refs https://github.com/TryGhost/Toolbox/issues/592

- we should reset the URL service to avoid event listeners piling up and
  slowing down CI due to the number of events it has to process
2023-06-13 12:52:03 +02:00
Daniel Lockyer
4639396c3a
Collected Ghost boot timing in test framework
refs https://github.com/TryGhost/Toolbox/issues/592

- this should help us track and calculate how much time is being spent
  in the boot/DB reset process during tests
2023-06-12 12:07:04 +02:00
Naz
05bb82cf1a Added collections CRUD permissions
refs https://github.com/TryGhost/Team/issues/3220

- Added permissions for collection resources
2023-06-09 21:13:06 +07:00
Rishabh Garg
5c209abdc0
Updated default value for image editor integration setting (#16897)
refs https://github.com/TryGhost/Team/issues/3145

Updates pintura integration to be switched on by default for all sites by adding a migration to update the default value for the setting.
2023-06-06 18:15:01 +05:30
Daniel Lockyer
f908a03fff
Enabled and tracked retries in CI tests (#16909) 2023-06-02 09:36:28 +02:00
Fabien "egg" O'Carroll
82acf85b29 Tested filtering visibility in Tiers Content API
refs https://github.com/TryGhost/Team/issues/3248

The current test fixtures didn't include any hidden Tiers, so I've added
a new fixture to test the filtering of hidden Tiers. It's not enabled by
default to avoid breaking the existing tests.
2023-05-19 13:12:33 -04:00
Fabien "egg" O'Carroll
c0ca7b16f6 Added caching to TierRepository
refs https://github.com/TryGhost/Toolbox/issues/515

Tiers are very frequently queried and we want to reduce the number of DB calls
we're making. We can store the Tiers in-memory, using the existing in-memory
repository patterns, but still persisting writes the the database.

We also have to update our test helpers, because they were bypassing the
repository for writes, but using it for reads resulting in an invalid cache
2023-05-12 16:38:32 -04:00
Fabien "egg" O'Carroll
104f84f252 Added eslint rule for file naming convention
As discussed with the product team we want to enforce kebab-case file names for
all files, with the exception of files which export a single class, in which
case they should be PascalCase and reflect the class which they export.

This will help find classes faster, and should push better naming for them too.

Some files and packages have been excluded from this linting, specifically when
a library or framework depends on the naming of a file for the functionality
e.g. Ember, knex-migrator, adapter-manager
2023-05-09 12:34:34 -04:00
Fabien 'egg' O'Carroll
0b8c3747c5
Supported inviting users using an Admin API Integration
Whilst Admin API Integrations had the permissions to create invites they were
blocked from doing so at the HTTP level. We've removed this restriction for
creating Invites as well as browsing Roles, because a Role ID is necessary to
create an invite. The code was also not setup to support Admin API Integrations
as it made assumptions about the existence of a User. That has been updated in
the permissions layer - so that the Invites are limited to Contributors,
Authors and Editors as well as at the email layer, which has has the copy and
from address updated to reflect the lack of a User creating the Invite.
2023-05-08 15:27:15 -04:00
Fabien "egg" O'Carroll
b3caf16005 🔒 Fixed filtering on private Author fields in Content API
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9

Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
2023-05-03 08:43:20 -04:00
Naz
c21f136834 Corrected announcement_visibility setting type
refs https://github.com/TryGhost/Ghost/pull/14264

- With a requirement change we need to transform `announcement_visibility` setting to be an "array" instead of a "string". Array structure will allow us to hold multiple filters at once giving more coverage to the audience targetting usecases.
- Example filter variations we'll support are:
[ ] Logged out visitors
[ ] Members
[ ] Free members
[ ] Paid members
2023-04-21 10:18:50 +02:00
Rishabh Garg
d3c6d8ad13
Added Pintura integration page in Admin (#16686)
refs https://github.com/TryGhost/Team/issues/3034

- adds new integration page for Pintura in Admin
- allows site owners to enable/disable the image editor integration
- allows self-hosters to upload the files for enabling Pintura image
editor

---------

Co-authored-by: Sodbileg Gansukh <sodbileg.gansukh@gmail.com>
2023-04-20 21:20:07 +05:30
naz
865df1e143
Added announcement fields to settings table (#16654)
refs https://github.com/TryGhost/Team/issues/3011

- This is a data structure needed to support Announcement Bar feature -
allows to create custom site-wide announcements tailored to the
audience.
- The `announcement_content` is meant to hold displayed HTML content of
the announcement and will be exposed through unauthenticated Content
Site API

- The `announcement_visibility` sets the target audience to display the
Announcement Bart to:
  - `public` - Everyone
  - `visitors` - Logged out visitors only
  - `members` - Members only
  - `paid` - Paid members only

- The `announcement_background` sets the CSS class that should be
applied to the Announcement Bar. and will be exposed through
unauthenticated Content Site API. Three styles are available:
  - `accent` - matches the color of the site accent
  - `dark` - dark style
  - `light` - light style
2023-04-19 14:25:25 +02:00
Chris Raible
7a800ec06e
Fixed flaky test: posts API export can export with order (#16605)
closes Tryghost/Team#2975

- The test was failing because the order of the posts was not guaranteed
- The posts receive a published_at timestamp = new Date() when they are
created, unless a published_at date is passed in
- ~1/3 times the tests would run, the ordering would change and this
test would fail
- This commit fixes the test by passing in a published_at date to ensure
the order is always the same
2023-04-10 18:40:03 -07:00
Naz
53fd78cc86
Added email snapshot tests to newsletter suites
https://github.com/TryGhost/Team/issues/2691

- This change is meant to serve as an example for testing outbound emails. It uses emailMockReceiver and it's html/test/metadata snapshotting features.
- The wider goal is to move away from using "mockManager.assert.sentEmail" that only tested some of the outgoing email contents to more wide range testing through "emailMockReceiver"
- For more on best practices using emailMockReceiver check out codex section on "email testing" - https://ghost.notion.site/End-to-end-Testing-6a2ef073b1754b18aff42e24a632a007#cf33c7f0-fba6-4951-bf50-09080374719c
2023-04-07 14:34:57 +02:00