Commit Graph

1375 Commits

Author SHA1 Message Date
renovate[bot]
0ca3031df1 Update sentry-javascript monorepo to v7.21.1 2022-11-23 15:15:14 +00:00
renovate[bot]
e4e8df44dd Update sentry-javascript monorepo to v7.21.0 2022-11-23 12:29:15 +07:00
Rishabh
33b959257c Released Portal v2.20.1 2022-11-18 14:32:46 +05:30
Rishabh
2487a314f5 Added guard for missing portal plans in portal site data
refs https://github.com/TryGhost/Team/issues/2276

Portal died with an unintelligible error about portal plans/includes being undefined when there was another react error on the page. The other error somehow caused the `site` data to be empty object for Portal, and there was one place where we didn't check for the empty object while transforming the site data which caused the failure.

This change adds the guard for failing check so we don't throw the error in such cases and process as normal.
2022-11-18 14:31:35 +05:30
Rishabh
ee55892c74 Updated portal tests
refs dc032fac02
2022-11-17 13:16:12 +05:30
Rishabh
97f358c389 Released Portal v2.20.0 2022-11-17 12:28:48 +05:30
Rishabh
dc032fac02 Fixed incorrectly showing magic link page on paid checkout
closes https://github.com/TryGhost/Team/issues/2274

When clicking on a tier, just before being redirected to the Stripe checkout, a Portal modal incorrectly showed the "Now check your email" message. Instead, this now shows a loading popup as expected while the checkout session is being created and redirected to.
2022-11-17 12:20:57 +05:30
Rishabh
9a290b6f77 Cleaned up old analytics setup in Portal
refs https://github.com/TryGhost/Team/issues/2216

- the analytics tag was an old alpha concept and has been moved away from since so its safe to remove
- the flag that enabled this feature no longer exists so its completely inaccessible
2022-11-14 10:44:10 +05:30
Simon Backx
28e4eb60ae
🐛 Fixed offer links with an archived tier (#15792)
refs https://github.com/TryGhost/Team/issues/2233

**Problem**
When a user clicks an offer link that has an archived tier, the site
blocks and you are no longer able to scroll. This is because the product
for that offer can't be found. This has been fixed by updating the
`isActiveOffer` helper to also check for the existence of the
corresponding tier.

**Solution**
- You no longer are able to create new offers if there are no active
tiers
- A custom message is shown that instructs the user to create a new tier
if there are not active tiers on the offers page
- Improved detection of changes in tiers by correctly reloading the
members utils service after tier changes
- Portal redirects to the homepage for offers with an archived tier
(same behaviour as invalid offers)
- Offers of an archived tier are no longer visible in the dashboard
2022-11-11 10:11:34 +01:00
James Morris
79147bc837 Released Portal v2.19.9 2022-11-09 10:45:25 +00:00
James Morris
c99685de2c Toning down the audience feedback error modal
refs https://github.com/TryGhost/Team/issues/2234
2022-11-09 10:15:37 +00:00
Fabien "egg" O'Carroll
c5ad1b0531 Released Portal v2.19.8 2022-11-03 09:46:43 +07:00
Fabien 'egg' O'Carroll
f9c31dd902
Fixed upgrades for paid members (#15760)
closes https://github.com/TryGhost/Team/issues/2202

Some parts of the codebase were not using the isSameCurrency helper
which meant that we were incorrectly filtering out tiers from the
upgrade screen. Tiers used to *usually* have a lowercased currency
property, but they now _always_ have an uppercased.
2022-11-03 09:45:34 +07:00
renovate[bot]
6afd6b6c75 Update dependency serve-handler to v6.1.5 2022-11-02 16:22:44 +07:00
Fabien "egg" O'Carroll
fb5e8fb2f3 Released Portal v2.19.7 2022-11-02 16:01:54 +07:00
Fabien "egg" O'Carroll
66b317ef78 Ensured plan is lowercased before being passed
This makes sure that we can correctly match the plan against either
"monthly" or "yearly"
2022-11-02 16:00:41 +07:00
Fabien "egg" O'Carroll
4785e25fe4 Released Portal v2.19.6 2022-11-02 15:58:36 +07:00
Fabien "egg" O'Carroll
bd5243b3bd Fixed creating checkout sessions with data-attribute-plan
refs https://github.com/TryGhost/Team/issues/2199

The data-attribute handler was not using the utils/api package but
instead reimplemnted the logic to create checkout sessions, this was
missed when moving to a redirect for checkout and so wasn't working
correctly.
2022-11-02 15:57:52 +07:00
Fabien "egg" O'Carroll
592e282f5b Updated data-members-plan handling to send Tier & Cadence
refs https://github.com/TryGhost/Team/issues/2199

Sending a price id was supposed to have been cleaned up but the
data-attributes file was missed.
2022-11-02 15:57:52 +07:00
Fabien "egg" O'Carroll
be66078a31 Released Portal v2.19.5 2022-11-02 00:32:35 +07:00
Fabien "egg" O'Carroll
743228ff1c 🐛 Fixed Portal showing paid Tiers when Stripe not connected
closes https://github.com/TryGhost/Team/issues/2197

Portal was relying on monthlyPrice or yearlyPrice being undefined as a
proxy to determine whether or not to show paid plans, this fixes it to
check for whether or not stripe is enabled.

I did consider using the portal_plans array to filter out unselected
Tiers, but wasn't sure of the repercussions, though it does seem like
the correct fix long term.
2022-11-02 00:11:33 +07:00
Fabien "egg" O'Carroll
68d887202a Released Portal v2.19.3 2022-10-28 18:39:04 +07:00
Fabien 'egg' O'Carroll
0396f59fec
Fixed error showing on Stripe Checkout (#15719)
`window.location.assign` does not return anything, so `result.error` was
failing because `result` was undefined. We've moved the handling of the
result of `redirectToCheckout` to be specific to that promise. We've
also removed the use of `catch` because all it did was rethrow the
error, which is default behaviour.
2022-10-28 16:48:22 +07:00
e.baidakova
657fe565f5 Released Portal v2.19.2 2022-10-27 23:29:19 +04:00
e.baidakova
3e97e47c39 Fix unauth error 2022-10-27 23:28:18 +04:00
e.baidakova
f2ba88e6e0 Released Portal v2.19.0 2022-10-27 20:25:30 +04:00
Elena Baidakova
310b70828f
Updated feedback confirmation modal styles (#15706)
closes TryGhost/Team#2173
2022-10-27 18:45:34 +04:00
James Morris
1cfaadbaf5 Updated the login copy in the Portal login modal
refs https://github.com/TryGhost/Team/issues/2182
2022-10-27 15:30:25 +01:00
Simon Backx
c7ef22d4df
Updated feedback button links (#15701)
fixes https://github.com/TryGhost/Team/issues/2174

The feedback links now use a hash instead of a querystring, so it won't pass by the server.

New format: https://site.ghost/post-slug/#/feedback/6359174f2eb251019d14d6fb/0?uuid=13924399-c3ae-413b-a045-0b8294d71f64
2022-10-26 18:04:11 +02:00
Simon Backx
310459c3b9 Cleaned up FeedbackPage 2022-10-26 14:26:57 +02:00
Simon Backx
3cb56bad94 Added confirmation step when sending feedback
fixes https://github.com/TryGhost/Team/issues/2161

Confirmation step is skipped when already signed in.
2022-10-26 14:18:07 +02:00
James Morris
4c6a57c8f3 Updated the feedback copy for Portal modal based on recent feedback
refs https://github.com/TryGhost/Team/issues/2170
2022-10-26 11:59:57 +01:00
James Morris
7b0bf8191d Released Portal v2.18.0 2022-10-24 12:36:57 +01:00
James Morris
4f934ac94f Released Portal v2.17.0 2022-10-24 12:36:04 +01:00
James Morris
627b35aee4 Improved the error modals for audience feedback and newsletter unsubscribe
- Main goal to improve modal when audience feedback fails
- Felt right to also improve the newsletter unsubscribe issue, too
- Makes this more pleasing to read and look at, nothing fancy

refs https://github.com/TryGhost/Team/issues/2081
2022-10-24 12:11:30 +01:00
Fabien "egg" O'Carroll
0f03b5eddb Released Portal v2.16.0 2022-10-24 15:12:02 +07:00
Fabien "egg" O'Carroll
4f54cbc37a Supported payment URL in Portal
refs https://github.com/TryGhost/Team/issues/2078

As part of decoupling Stripe from the members feature, we are going to be using
payment URLs rather than Stripe sepcific session ids and publick keys.

This prepares Portal to work with the new system, whilst retainign the existing
functionality
2022-10-19 11:06:10 +07:00
Rishabh
fdff8814b1 Bumped portal package.json to latest version
refs d381ff87b8

- portal was bumped to 2.15 but the version in package json didn't get auto-updated
2022-10-14 22:15:02 +05:30
renovate[bot]
ab598dd7ea Update dependency minimist to v1.2.7 2022-10-12 10:16:31 +07:00
Simon Backx
c670209c82
Added audience feedback handling to Portal (#15590)
fixes https://github.com/TryGhost/Team/issues/2048

Changes so Portal can handle feedback links and use the members API to store a vote.
2022-10-11 17:14:43 +02:00
renovate[bot]
3b62e8c52f Update sentry-javascript monorepo to v7.15.0 2022-10-11 09:24:03 +07:00
renovate[bot]
84549838a4 Update sentry-javascript monorepo to v7.14.2 2022-10-07 08:41:20 +07:00
Daniel Lockyer
be46f8e9a8
Removed eslint-plugin-ghost from Portal package.json
- we don't need it here anymore because it's brought in through the
  top-level repo package.json
2022-10-07 08:36:23 +07:00
Daniel Lockyer
12aaaa6d6e
Removed Portal's .editorconfig file
- this should no longer be needed because we have a top-level
  .editorconfig file
2022-10-06 11:23:39 +07:00
Simon Backx
eac8fbfdfd Released Portal v2.14.0 2022-10-05 12:44:18 +02:00
Simon Backx
e7378520a0
🔒 Prevented member creation when logging in (#15526)
fixes https://github.com/TryGhost/Ghost/issues/14508

This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour.

**Problem:**
When a member tries to login and that member doesn't exist, we created a new member in the past.

- This caused the creation of duplicate accounts when members were guessing the email address they used.
- This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion.

**Fixed:**
- Trying to login with an email address that doesn't exist will throw an error now.
- Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset.
- Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware.
- The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token.

**Notes:**
- Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 12:42:42 +02:00
Daniel Lockyer
609fcb17c0
Removed main from yarn ship
- we might not necessarily be pushing to `main`, for example, if we're
  doing a patch release
2022-10-05 16:47:39 +07:00
Daniel Lockyer
8b7a573a1d
Released Portal v2.13.2 2022-10-05 16:03:46 +07:00
Daniel Lockyer
e60fc167e4
Improved yarn ship for Portal
refs https://github.com/TryGhost/Toolbox/issues/426

- with the existing `ship` command, it publishes to npm before pushing
  to GitHub
- I fear we're likely to run into a scenario where the HEAD of `main` is
  behind, so the git push fails, and then rebasing the HEAD will break
  the tags that we created
- in this scenario, I think it's better to hard reset back, git pull and
  then try again
- in that case, we need to publish to npm after GitHub
- this commit should implement that
2022-10-05 15:48:10 +07:00
Daniel Lockyer
700a62e048
Added quotes to version-tag-prefix
- without this, the following line does not apply for some reason
2022-10-05 15:27:20 +07:00