refs https://github.com/TryGhost/Team/issues/1674
- While preparing the changes had a look around and made small refactors to understand the codebase a little better. In general it's best to keep the method parameters as small and precise as possible instead of passing around a "bag-of-all-the-things" like "data" around
refs https://github.com/TryGhost/Team/issues/1674
- While preparing the changes had a look around and made small refactors to understand the codebase a little better. In general it's best to keep the method parameters as small and precise as possible instead of passing around a "bag-of-all-the-things" like "data" around
refs https://github.com/TryGhost/Team/issues/1526
We weren't using the `req.body.customerEmail` to load a member and
check their existing tiers, this meant that existing members which
were signed out and attempted to create a stripe checkout session were
able to.
refs https://github.com/TryGhost/Team/issues/1652
refs https://github.com/TryGhost/Ghost/issues/13319
- Added support for animated webp and gifs optimization and resizing
- Added optinal `format` option to `unsafeResizeFromBuffer` and `resizeFromBuffer`. E.g. allows you to convert a .svg file to a .png.
- Added optional `animated` option to `unsafeResizeFromBuffer` and `resizeFromBuffer`. Defaults to 'maintain animation'.
- Added optional `withoutEnlargement` option to `unsafeResizeFromBuffer` and `resizeFromBuffer`. Defaults to true. Required to increase SVG size.
- Removed gif and svg from `canTransformFileExtension`. They are supported by sharp now.
- Added `shouldResizeFileExtension` method, which returns if we should resize an image. This is required to prevent resizing SVG files (while it is supported, it is not desired), while allowing them to be converted to PNG (thats why a new method was needed).
- Added `canTransformToFormat` to validate the `format` option.
- Improved TS/JSDoc type inheritance when `makeSafe` is used.
refs https://github.com/TryGhost/Toolbox/issues/276
- this removes the PR numbers from commit messages that we prepate for
the changelog
- removing it prevents us needing to fix the path to the PR if the
commit was done in a different repo
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029
When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared. This update deletes newsletter relations on member_id, so we can return the count of members instead of newsletter relations that were deleted.
Tests in https://github.com/TryGhost/Ghost/pull/14871
- In case of an offer id present in stripe checkout session, the cadence and tier id values can be null
- this fixes the invalid 400 thrown on missing cadence value while creating stripe checkout session for offer
refs https://github.com/TryGhost/Ghost/pull/14780
refs https://github.com/TryGhost/Team/issues/1583
- We need transaction support in the limit-service so that we can run the count queries in the same transaction
- This is required to avoid deadlocks when we check the limits when a transaction is in progress on the same tables
- This issue specifically is required for newsletters, where we start a transaction when creating a newsletter.
- Bumped `eslint-plugin-ghost` so we have newer ECMA features available
- Updated README
- Renamed `metadata` to `options` in `limit-service`
refs: https://github.com/TryGhost/Ghost/issues/14446
- currently ghost will upgrade configured urls to https if a secure request comes into a http configured site
- we no longer want to support this feature
- instead, ghost will strictly honour the configured URL
refs https://github.com/TryGhost/Toolbox/issues/292
- There are couple of reasons why we don't want to include the query string information in the outgoing notification emails:
- 1. Security - we can expose the Content API key to an unauthorized person. The emails go out to administrators, so they have access to this data anyway. But for example they might forward full email content to someone from “tech team” or whoever is not really authorized to see it.
2. It looks a bit ugly and could be waaay to long breaking the email layou
no issue
- Setting a dedicated source for imported members was already done with 455778662c
- This unifies the same source but keeps the usage of context setting on init alive
refs https://github.com/TryGhost/Toolbox/issues/292
- Providing user-defined Integration name instead of API client's UserAgent gives a lot more control to instance administrators identifying which integration is being used incorrectly.
- It's best practice to create an Integration with a set of API keys per API client - which should be enough to identify an outdated one.
refs https://github.com/TryGhost/Toolbox/issues/292
- The version mismatch middleware middleware is the best place where the information can be assembled for the APIVersionCompatibilityService to handle. We need API key identification information to be able to pick up the integration name when sending a notification email to the administrators
refs https://github.com/TryGhost/Toolbox/issues/292
- This information is needed for the emails used to notify the instance admins about version mismatch.
- The identification information is different for Content and Admin keys because of their nature. Content API keys send the unique "secret" value in plaintext, Admin API keys send key id (kid) as a part of token payload and that's the easiest accessible information available without a need to query the db in another parts of the system.
refs https://github.com/TryGhost/Toolbox/issues/292
- Allows to detect and extract admin api key ID value. The reason why we are not dealing withe the "secret" value here in a similar way as Content API key is to keep the package independent from the model layer. It only provides "identification" information along with the key type so that the version mismatch data service can deal with this information in an optimal way (just one db query).
refs https://github.com/TryGhost/Toolbox/issues/292
- The package is meant to be one stop shop for extraction of any API keys from requests known to Ghost
- To start with it should detect and return keys for Content and Admin APIs for the purposes of api version mismatch handling
refs https://github.com/TryGhost/Toolbox/issues/292
- The version-notifications-data-service did not resolve correctly after it was removed from it's package.json. It should have been declared here from the get go!
refs https://github.com/TryGhost/Toolbox/issues/292
- The service used to take in a whole bunch of functions as parameters and did expect the client to know about the "version-notifications-data-service" which is not necessary and make the constructor API a notch complicated
- Putting in the data service initialization internally allows for the client to pass in less parameters and know less abou the internal working of the service - way easier to use!
refs https://github.com/TryGhost/Toolbox/issues/292
- There was a typo in the variable name - req.originalURL is NOT does not exist on express' reqest object
- Added tests to avoid similar mistake again
- As of Ghost 5.0 we only use the V2 version of jsonErrorRenderer
- Removed the old one, and renamed the V2 to not have a suffix any more
- Added 100% coverage to tests whilst here
refs https://github.com/TryGhost/Toolbox/issues/292
- When the handler recognizes a Zapier client it should send an email using Zapier-specific template with instructions more suitable for Zap failure
refs https://github.com/TryGhost/Toolbox/issues/292
- The html/text emails is a desired system that's used in Ghost core and should be reused with version mismatch notification emails too.
- Currently there's only one template defined "generic-mismatch" and the original file for it can be found under /templates/generic-mismatch.html
- If we need to distinguish user agents we can addd more templates to the `/templates/` folder
refs https://github.com/TryGhost/Toolbox/issues/292
- With the package being out of TryGhost/Ghost codebase the paths have changed and needed to introdude a concept of "fixtures" for the package to be able to funciton independently
refs https://github.com/TryGhost/Toolbox/issues/292
- This dependency is needed for the package to function properly. Have pinned it to a lower major than is currently available to avoid a unnecessary rabbithole of dealing with breaking changes
refs https://github.com/TryGhost/Toolbox/issues/292
- There's a need to reuse these utils in the version mismatch notification service. Having loads of tightly coupled dependencies makes it super hard to rip out this module for reuse
- It's a groundwork for extraction of the email-utils package
- Rewrote the unit tests that were written for these utils previously - they weren't testing anything useful. The goal of this util is to generate specific content based on provided data and available templates - now the tests do test those specific things, not the mailer itself!
- this is a small part of a bit of cleanup of our test files
- the goal is to make the existing tests clearer with a view to making it easier to write more tests
- this makes the test structure follow the codebase structure more closely
- eventually we will colocate the tests as we break the codebase down further
refs https://github.com/TryGhost/Toolbox/issues/292
- The audience of the notification emails for version missmatch could be less technical - site owneres are usually creators not programmers. Not using complex technical details in the email subject/body should make the incompatibility more approachable to deal with.
closes: https://github.com/TryGhost/Ghost/issues/14640
- eu mailgun domains have a different structure.
- we weren't accounting for this when fetching the next page of results, meaning that email stats didn't work on EU domains
refs https://github.com/TryGhost/Team/issues/1577
The call to `edit` was not loading the newsletter relations which is needed
by the serializer used by the webhooks service.
Co-authored-by: Fabien "egg" O'Carroll <fabien@allou.is>
- trying to call new RequestNotAcceptableError with a variable triggers a lint warning in newer versions of eslint-plugin-ghost
- this workaround is worth it for the safety of not allowing single strings to be passed in!
- this middleware block is used in v4 but not in v5
- we want to remove it and then rename handleJSONResponseV2 so that we have one single consistent error handling block
no issue
Using a designated source for members being added within the `importer` context will better describe the source in our members event table. It's more consistent with the usage of the other possible sources.
no issue
When importing members, the members-importer isn't aware of the context and therefore falls back to use `member` as a source in members event table. This makes it impossible to determine imported members from others.
- Added an `context` property to the options in the members-importer constructor
- Checked for `importer` context when creating member events and assigned the source `admin` to it
refs https://github.com/TryGhost/Team/issues/1478
- When creating or editing a member, we'll add the newsletter ids to the subscribe events
- When susbcribing to multiple newsletters, we'll create multiple subscribe events
- When removing newsletters from a member, we'll create one or more subscribe events
- Tests in https://github.com/TryGhost/Ghost/pull/14579
refs https://github.com/TryGhost/Toolbox/issues/292
- The version notification data service serves as data manger for version compatibility service
- There's not much logic mostly fetching data from proficed services and filtering/serializing it into a needed format
