Commit Graph

9651 Commits

Author SHA1 Message Date
Thibaut Patel
c32cc3e48b 🐛 Fixed broken assets for theme/design preview
refs https://github.com/TryGhost/Team/issues/1190

- The assets were broken in Admin when the frontend and admin urls were different
- Fixed the issue by changing the `asset` helper to output absolute URLs when the frontend/admin urls are differents
2021-11-03 11:20:04 +01:00
Sanne de Vries
6c487ca2c9 Fixed links overflowing in mobile email preview in Chrome 2021-11-03 11:12:32 +01:00
Naz
0ccf31cdb5 Fixed error message when booting with no redirects
refs 91efa4605c

- When the instance is booted without any redirects files configured it's not supposed to error but rather default to an "empty" [] redirects configuration.
- Ideally the logic shoudl not contain try/catch block at all and fail as soon as there's any error during the initialization. This wasn't changed at this time due to possible break of existing Ghost instances
2021-11-03 13:50:24 +04:00
Fabien O'Carroll
1386d6ca5c Added membersAutoLogin labs flag
refs https://github.com/TryGhost/Team/issues/1067

- To be used whilst developing the auto-login functionality so we can
  test this on production sites.
2021-11-03 11:17:02 +02:00
Naz
e1d16a55e1 Fixed DynamicRedirectManager initialization
refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- After a bump of the '@tryghost/express-dynamic-redirects' the constructor has changed it's signature, so this needed an adjustment
2021-11-03 07:41:55 +13:00
Naz
c3edd4b3d4 Fixed redirects regression tests
refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- The problem this change is addressing is inability to override config values once the code is extracted into a class+DI pattern
- The work around is restarting the instance with the configuration testing expected behavior - in this case missing or existing types of redirects files
2021-11-03 07:41:55 +13:00
Fabien O'Carroll
91efa4605c Used DynamicRedirectManager for Custom Redirects
refs https://github.com/TryGhost/Members/commit/9e59f5a9

Since we have a DynamicRedirectManager for handling adding/removing
redirects at runtime, we no longer need the custom-redirects middleware.
The redirects service does however need an init method now to add the
custom redirects at Ghost boot, so it's been refactored into our Class &
DI pattern.
2021-11-03 07:41:55 +13:00
Naz
d657432531 Cleaned up use of 'content/media' magic string
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- `content/media` path is now a part of the constants package and should've been used instead of a magic-string.
2021-11-03 00:33:28 +13:00
Naz
d20732ce34 Imroved media validation middleware
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- Error messages are now more specific when uploaded media files fail the validation check
2021-11-03 00:33:28 +13:00
Naz
02da62ee48 Added limit service check for uploaded media filesize
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- Uploading large files is costly and might cause DDoS. Limits would allow fair use of the site instance.
- The configureation in hostSettings to enable an "uploads" limit would look like following:
```
"hostSettings": {
    "limits": {
            "uploads": {
                "max": 5,
                "error": "Your plan supports uploads of max size up to {{max}}MB. Please upgrade to reenable uploading."
            }
    }
}
```
- Read more at ba37890be4/packages/limit-service (usage)
2021-11-03 00:33:28 +13:00
Naz
d5b1552dc9 Simlified limit service initialization
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- Init function for the limits service initialization is never called with parameters, so it doesn't make sense to keep that option around and have unnecessary logic handling it
2021-11-03 00:33:28 +13:00
Naz
f9a8edb1a0 Refactored upload middleware
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- Using a wrapping object to store enableClear/multer instances didn't make any sense
2021-11-03 00:33:28 +13:00
Naz
4a551661d9 Implemented '/media/upload' API endpoint
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- This is an experimental implementation of video file upload support
- Also the output serializer skipped use of url utils in favor of inline implementatoin - this should almost certainly be it's own package
2021-11-03 00:33:28 +13:00
Naz
5242566252 Added local media storage adapter
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- This is an experimental implementation of video file upload support (audio is yet to follow)
- The storage adapter still needs more thinking as it's almost the same as the "LocalStorgeAdapter" that stores images.
- Also the output serializer skipped use of url utils in favor of inline implementatoin - this should almost certainly be it's own package
2021-11-03 00:33:28 +13:00
Fabien O'Carroll
c45afc7f26 🐛 Fixed email type when creating Members via API
refs https://github.com/TryGhost/Team/issues/1197

We were always sending the 'signin' email, rather than respecting the
email_type param passed to the API. This updates our email sending when
creating members to force the requested type if it's present.
2021-11-02 12:56:00 +02:00
Kevin Ansfield
b690fce219 Added cardSettingsPanel labs flag
no issue

- used to toggle editor UI experiments/exploration for cards with settings
2021-11-02 09:55:55 +00:00
Rishabh
1a9705b824 🐛 Fixed error in setting page access to tiers
closes https://github.com/TryGhost/Ghost/issues/13704
closes https://github.com/TryGhost/Team/issues/1186

- updates page serializer to handle new `visibility_filter` property for filtering access on specific tier
- this change was already added for `posts` but was missed on `pages`, so parsing filter on `visibility` filter was failing
2021-11-02 13:36:32 +05:30
Fabien 'egg' O'Carroll
b36d0cc1c4
🐛 Fixed idempotentcy of addPermissionToRole util (#13685)
refs https://github.com/TryGhost/Team/issues/1178

The "up" migration that this util generates correctly throws if the
pre-requisite data cannot be found in the database. The "down" migration
however was incorrectly mirroring this behaviour of throwing - which
meant that it wasn't idempotent, as it does not require a permission or
role to existing if it wants to move relations between them.
2021-11-01 09:27:50 +00:00
Daniel Lockyer
5b5240cab8 Updated Admin to v4.21.0 2021-10-29 16:00:28 +01:00
Enrique Benitez
7f001a4758
Replaced moment with luxon in amp helper (#13683)
refs: #13648

- We are replacing moment with luxon as it is now recommended.
2021-10-28 20:10:53 +01:00
Thibaut Patel
d0933c51ad Revert "Switched AMP to be 'off' by default in all new Ghost instances"
This reverts commit 98fd48cb32.
2021-10-28 18:52:31 +02:00
Thibaut Patel
98fd48cb32 Switched AMP to be 'off' by default in all new Ghost instances
refs https://github.com/TryGhost/Team/issues/1189

- The world & internet is slowly moving away from AMP
2021-10-28 18:13:25 +02:00
Naz
d89b8448ab Added a not to the Images API ref field
refs https://github.com/TryGhost/Ghost/pull/10534

- The original PR has no explanation around the purpose of the ref field and it's easy to forget without knowing a wider context. Documented it to remember next time we come around working on this part of the codebase!
2021-10-28 16:05:54 +04:00
Thibaut Patel
6e0bd7e7b5 Added fallbacks when the site title is undefined
refs https://github.com/TryGhost/Team/issues/1180

- An undefined site title was causing the `null` string to show in the html title tag on tag and author pages
2021-10-27 12:18:57 +02:00
John O'Nolan
297e173544 Updated member signup email copy 2021-10-26 17:53:35 -04:00
Daniel Lockyer
6802a61307
Merged v4.20.4 into main
v4.20.4
2021-10-26 13:21:41 +01:00
Daniel Lockyer
3c4419f717 Updated Admin to v4.20.4 2021-10-26 13:20:31 +01:00
Naz
f6c81033d7
🐛 Fixed 500 error when visiting an email-only post link
refs 74280cfbea

- We allow to send email-only posts when using v4 Admin API, but it's possible to configure a v3 Theme with a site instance which resulta in an unsupported behavior throwing a 500.
- With this fix a 404 will be returned when an email-only post is viewed through the public email-only post URL
2021-10-26 13:04:09 +01:00
Naz
6e6f427149 🐛 Fixed 500 error when visiting an email-only post link
refs 74280cfbea

- We allow to send email-only posts when using v4 Admin API, but it's possible to configure a v3 Theme with a site instance which resulta in an unsupported behavior throwing a 500.
- With this fix a 404 will be returned when an email-only post is viewed through the public email-only post URL
2021-10-26 16:01:10 +04:00
Fabien O'Carroll
bccc8790f0 Fixed max-complexity-warnings for stripe_connect API
no-issue

This removes the logic to check if stripe connect is allowed into the
stripe connect service, which makes the feature easier to maintain, as
well as fixes the v3 API - which previously did not have this check.
2021-10-25 14:06:28 +02:00
Fabien O'Carroll
a68b96001c Fixed max-complexity-warnings for members API
no-issue

This removes logic from the Members API controller, and into the Members
BREAD service, this allows our controllers to be simpler and easier to
maintain, as well as keeping the important logic all together.
2021-10-25 14:06:12 +02:00
Daniel Lockyer
df51c757a1 Updated Admin to v4.20.3 2021-10-25 10:28:23 +01:00
Daniel Lockyer
6d9ee79ad8 Updated Admin to v4.20.2 2021-10-25 08:19:06 +01:00
Daniel Lockyer
85911658b3 Updated Admin to v4.20.1 2021-10-22 20:08:55 +01:00
Kevin Ansfield
a485509a2f
🐛 Fixed GA labs flags not appearing enabled in settings API (#13681)
no issue

The way GA flags were introduced means that they stop existing in the `'labs'` setting in the db and are instead forced to always return `true` when checking the flag in the labs service. However, Admin which uses the flags fetches them via the `/settings/` API endpoint which was only returning the raw labs setting db value meaning GA flags appeared to be disabled unless the flag had previously been enabled and no settings save had occured.

- updated the settings bread service to replace the labs setting value with the JSON stringified output of `labs.getAll()` which is the ultimate source-of-truth for a feature being enabled/disabled
  - extracted `browse()` behaviour to an internal `_formatBrowse()` method so we can apply the same filtering/modification for output of `browse()` and `edit()`

Co-authored-by: Fabien O'Carroll <fabien@allou.is>
2021-10-22 19:59:13 +01:00
Daniel Lockyer
0e844989f1 Updated Admin to v4.20.0 2021-10-22 17:19:47 +01:00
Fabien O'Carroll
f3bb6b43a5 Added Offers feature to Ghost
refs https://github.com/TryGhost/Team/issues/1115

This allows users to create Offers for Tier/Cadence pairs in order to
provide discounted subscriptions to Members! We have support for
percentage based discounts & fixed price discounts, either for the first
payment, all payments, or a number of monthly payments.

Offers also have a code, which can be used as an easy way to share them,
as visiting https://site.com/offer-code will automatically open Portal
with the Offer prepopulated.
2021-10-22 17:55:34 +02:00
Fabien O'Carroll
696d8e3c49 Added 404 handling for edit Offer
no-issue

This was also missing as part of the Offers API.
2021-10-22 16:16:39 +02:00
Kevin Ansfield
a6982d5606
Added ability for themes to define custom settings (#13661)
closes https://github.com/TryGhost/Team/issues/1164

Themes can now define custom settings via their `package.json` file, and use them in templates via `@custom.{setting}`. Values for custom settings can be changed by site owners through a redesigned "Design settings" area in the admin interface.

Full announcement, documentation, and examples will be made available soon.

Co-authored-by:
- Sanne de Vries (@sanne-san)
- Thibaut Patel (@tpatel)
2021-10-22 15:02:16 +01:00
Kevin Ansfield
0c6cd37679 Fixed missing space between authors in emails
no issue

- author line was appearing as "Author One,Author Two,..." with no space
- fixed the generation of `post.authors` when serializing a post before it's rendered for email
2021-10-22 14:41:15 +01:00
Daniel Lockyer
e834904125
Fixed verification threshold when set to 0
no issue

- if the verification threshold is 0, `_.get(..)` becomes falsy so we
  fallback to Infinity
- this is not correct - we only want to default to Infinity if the value
  is not set
- this commit explicitly compares the config value to `undefined` and sets
  the fallback accordingly
2021-10-22 15:33:59 +02:00
Kevin Ansfield
d7fbf94d91
Fixed ETag header for admin templates not changing between versions (#13680)
refs https://github.com/TryGhost/Team/issues/1175

We found the ETag header sent when serving the Admin template for /ghost/ was not changing between versions which after an upgrade could result in out of date cached content being served containing links to JS/CSS files that no longer existed.

The culprit is weak etags served by Node's `send` package, coupled with Admin template filesize not changing between versions and `npm pack` setting a fixed modification date for every file. See https://github.com/pillarjs/send/issues/176 for more details.

- updated the Admin app's controller to read the template and generate an md5 hash of the contents so we can serve a strong ETag header value when serving the `/ghost/` html
2021-10-22 14:25:58 +01:00
Fabien O'Carroll
363eb94aee Handled 404 for Offer not found
no-issue

This was missing handling! We need to throw a NotFoundError so we
return with the correct response.
2021-10-22 14:22:33 +02:00
Fabien 'egg' O'Carroll
d962f0e18e
Removed NOT NULL constraint from portal_title (#13659)
refs https://github.com/TryGhost/Team/issues/1163

We want to make the title for Offers optional, our nullable validation
means that we cannot store an empty string, so we must remove the NOT
NULL constraint from the column if we want to store either an empty
value or null.

There is a bug with editing columns in SQLite with `knex` which strips all
the indexes, so we have to manually add them afterwards.
2021-10-22 14:14:49 +02:00
Daniel Lockyer
ed6a8dca76 Inlined package requires to save boot time and memory
no issue

- following on from f4fb0fcbaa,
  this commit moves around some package requires in Ghost
- these are often niche packages that do something in a subsystem of
  Ghost, and are not necessarily be needed to boot the application
- these packages use non-negligible CPU and memory when they are
  required, so it makes sense to lazy-require them
- the concern here is that we obscure the code too much by moving
  random requires further into code, but the changes are small and the
  improvements big
- this commit bring the boot time since 4.19.0 down ~31% and initial
  memory usage down by a total of ~12%
2021-10-22 09:57:59 +02:00
Hannah Wolfe
2d0b5c872f
Renamed frontend/web/app to site
- This leaves us room to bring the frontend app in as app.js
2021-10-21 19:54:50 +01:00
Hannah Wolfe
faea2da596
Moved server/web/site to frontend/web
- we're slowly trying to draw the lines between the backend and the frontend correctly
- these files deal only with serving the frontend so they should live there
- there are lots of mixed requires in these files, so having them in the right place makes that clear
2021-10-21 19:28:18 +01:00
Fabien O'Carroll
8c9b4d18bf Fixed error when enabling Offers via labs
no-issue

The listOffers method requires an options object. This was missed during
the update.
2021-10-21 20:05:42 +02:00
Hannah Wolfe
2777093c76
Refactored model init to be implicit
- no more need to explictly add a model file to be loaded!
- this makes building Ghost just the tiniest smidge easier
2021-10-21 17:01:26 +01:00
Hannah Wolfe
99fde5154f
Fixed dependency on the order of models
- this has been a niggle for ages, we shouldn't need to care what order our models are loaded in
- this is stopping us from having a built-in model loader and "frameworkizing" models
2021-10-21 16:57:36 +01:00