Commit Graph

286 Commits

Author SHA1 Message Date
Thibaut Patel
1370682a60 Added a function to parse a NQL subset
refs https://github.com/TryGhost/Team/issues/1277

- This will allow to filter events within `getEventTimeline`
- The subset of NQL has the following rules:
  - Only one level of filters, now parenthesis allowed
  - Only three filter keys allowed
  - No `or` allowed outside of the bracket notation (this is allowed: `type:-[email_opened_event,email_failed_event]` but this isn't: `type:1,data.created_at:1`)
- The return is an object with a NQL filter by allowed filter key
2022-01-24 18:53:14 +01:00
Fabien "egg" O'Carroll
7950de49ac Removed archived Tiers from Portal display
refs https://github.com/TryGhost/Team/issues/1252

Although we filter out archived tiers from being shown in Portal - we
must also persist this information, so that when they are unarchived,
they continue to not be shown in Portal.

Unfortunately this information is stored in a setting, rather than on
the Tier object itself, two things to consider for the future are:
1. Representing the display value on the Tier object in the API
2. Updating the DB tables to allow storing the display value on the Tier
2022-01-24 13:13:48 +02:00
Fabien "egg" O'Carroll
73f8db0e37 Restricted Members from being given archived Tiers
refs https://github.com/TryGhost/Team/issues/1252
2022-01-24 11:45:54 +02:00
Thibaut Patel
c65a9e0bb2 Moved the getEventTimeline filtering in memory
refs https://github.com/TryGhost/Team/issues/1277

- Doing a filtered DB query wasn't a good solution because we query several tables with different shapes.
- Filtering in memory is done with the NQL library
- Removed the side-effect of changing options.filter for each query, now that options.filter will already contain NQL
- The filtering is done in the reduce function to avoid looping one more time over the in-memory events
2022-01-21 17:56:15 +01:00
Thibaut Patel
5ff5301b1d Fixed the getEventTimeline filtering in case there is no defined filter
refs https://github.com/TryGhost/Team/issues/1277

- `(undefined)` isn't valid NQL so we make sure options.filter is defined
2022-01-21 14:03:33 +01:00
Fabien "egg" O'Carroll
5a9cb1ab83 Restricted changing Subscription to archived Tier
refs https://github.com/TryGhost/Team/issues/1252
2022-01-21 14:08:31 +02:00
Thibaut Patel
3ad8d9ab8b Added the option to filter events from getEventTimeline
refs https://github.com/TryGhost/Team/issues/1277

- Added the pre-existing framework filters to each event query.
- Made sure we aren't modifying the original `options.filter` to avoid side-effects between event queries.
2022-01-21 11:16:24 +01:00
Fabien "egg" O'Carroll
2661ddcde2 Restricted signing up with archived Tiers
refs https://github.com/TryGhost/Team/issues/1252
2022-01-21 11:13:23 +02:00
Fabien "egg" O'Carroll
f7a1aac926 Removed stripe_prices from Products API
refs https://github.com/TryGhost/Team/issues/713

This is a hangover from the multiple products feature and is no longer used.
2022-01-20 17:47:50 +02:00
Fabien "egg" O'Carroll
c59a42c87b Added support for the active flag to Products API
refs https://github.com/TryGhost/Team/issues/1252

This will be used to archive and unarchive Tiers. There is a restriction
on archiving "free" Tiers because our current system expects only one,
and it should always be active.
2022-01-20 17:47:50 +02:00
Thibaut Patel
de0dc7a9a0 Added the full related email in email recipient events
refs https://github.com/TryGhost/Team/issues/1277

- Prevents the admin from doing extra api calls to retrieve the email records
2022-01-19 11:47:35 +01:00
Thibaut Patel
83fe60cb66 🐛 Fixed the email recipient events in getEventTimeline
refs https://github.com/TryGhost/Team/issues/1277

- The members weren't included in the serialized version of the new events
- Some properties weren't using the bookshelf `get` method as they should have
2022-01-19 09:55:02 +01:00
Thibaut Patel
a7098aee46 Added members to all member events in getEventTimeline
refs https://github.com/TryGhost/Team/issues/1277

- This makes the three new email recipient events similar to the preexisting events
2022-01-18 19:02:44 +01:00
Thibaut Patel
ae967c449c Added EmailRecipient events to getEventTimeline
refs https://github.com/TryGhost/Team/issues/1277

- Adds 3 new requests to the `email_recipients` table in the `getEventTimeline` method
- This allows to extract new member events from the table: `email_delivered_event`, `email_opened_event`, `email_failed_event`
2022-01-18 15:53:51 +01:00
Fabien "egg" O'Carroll
74225779a2 Moved webhook handling into Stripe service
no-issue

Handling Stripe webhooks is a Stripe concern and so we're moving it into
the Stripe module.
2022-01-18 10:37:47 +02:00
Fabien "egg" O'Carroll
94d97d1168 Removed Migrations&disconnectStripe
no-issue

These have been moved the the @tryghost/members-stripe-service
2022-01-18 10:37:47 +02:00
Fabien "egg" O'Carroll
8dee8752d3 Moved Stripe migrations into Stripe package
refs https://github.com/TryGhost/Team/issues/1257

This will allow us to run the Stripe migrations without rebooting the
Members service.
2022-01-18 10:25:37 +02:00
Rishabh Garg
ca18f140c4 Handled new type column for tiers (#356)
refs https://github.com/TryGhost/Team/issues/1037

Tiers have a new `type` column to differentiate between `free` and `paid` tiers. This change -

- sets type as paid for all new tiers created, as `free` tier is created by default
- excludes any price/stripe data change for free tier
- updates all usages of default product to fetch the first paid product from the products list in DB instead of just the first product it finds.
2022-01-17 23:02:02 +05:30
Fabien "egg" O'Carroll
cacc74f3b4 Added "api" source to MemberSubscribedEvents
refs https://github.com/TryGhost/Team/issues/1275

We want to be able to track where member subscriptions came from, so
that we can use the information to reduce spam imports of members.

We were missing information when members were uploaded via the Admin
API, and setting the source to 'member' be default - this fixes that
both when creating members and when updating their subscription status.
2022-01-14 12:19:43 +02:00
Fabien "egg" O'Carroll
a7588e3c6b Fixed transactions for linkSubscription
no-issue

This was missed when transactions were implemented for this method.
2022-01-10 17:53:30 +02:00
Fabien "egg" O'Carroll
1c108bce95 Updated migrations to run in transactions
no-issue

Running these in a transaction ensures that they do not partially execute or run
into race conditions with simultaneous operations via the API.
2022-01-10 17:53:30 +02:00
Fabien "egg" O'Carroll
69df4b7c05 Added support for dynamic allowSelfSignup config
refs https://github.com/TryGhost/Team/issues/1257

This gets us closer to not having to reload the MembersAPI when config
is changed which will help stop bugs arising from multiple instances of
the MembersAPI being created.
2022-01-10 17:53:30 +02:00
Kevin Ansfield
381e0c1f2a Removed membersAutoLogin labs flag
refs https://github.com/TryGhost/Team/issues/1258

- feature is GA so conditionals are no longer needed
2022-01-04 14:50:24 +00:00
Fabien egg O'Carroll
2e7bb3e67e Handled EENVELOPE errors when generating magic link
refs https://github.com/TryGhost/Team/issues/1259

These errors are thrown by nodemailer and can occur when an invalid
email address is used. Without special handling these cause a 500 error.
2021-12-16 09:25:32 +02:00
Sam Lord
7f6d3a3178 members-api: Switch from GhostError to ConflictError
no issue
2021-12-06 16:57:19 +00:00
Sam Lord
ba2c0818e0 Use @tryghost/logging instead of injected argument 2021-12-02 14:46:58 +00:00
Fabien egg O'Carroll
c99ebe589d Responded with 409 when we have DB conflicts
refs https://github.com/TryGhost/Team/issues/789

We are still having issues with duplicate subscriptions being inserted,
despite running our code in transactions. For now we will catch these
errors and response ot Stripe with a 409 so that it'll retry later - and
it stops us from throwing 500's
2021-12-01 20:44:21 +02:00
Rishabh
43642216c8 Cleaned up fix for 500 errors on invalid Stripe subscription webhooks
no refs

- moves up check for invalid subscription before making any DB requests to fail fast
2021-12-01 20:26:33 +05:30
Rishabh Garg
dec16bd27c 🐛 Fixed 500 webhook errors for subscription with multiple prices (#350)
closes https://github.com/TryGhost/Team/issues/1238

- previously returned 500 errors when a subscription had multiple prices due to external tampering on Stripe directly
- instead now returns 400 Bad Request error when subscriptions don't have right number of prices
2021-12-01 20:09:55 +05:30
Fabien egg O'Carroll
cef8cadd21 Used the paid signup email when auto login is enabled
refs https://github.com/TryGhost/Team/issues/1067
refs https://github.com/TryGhost/Ghost/commit/579b3443

This will eventually be the only type of email sent from this function,
but for now is behind a feature flag for testing.
2021-12-01 13:17:23 +02:00
Fabien egg O'Carroll
985fd5bb5e Simplified interface for sending paid signup emails
refs https://github.com/TryGhost/Team/issues/1067

This decouples the contents/type of email from the webhooks service,
allowing us to easily make changes to the type of email sent, without
having to make changes to the webhooks service.
2021-12-01 13:17:23 +02:00
Fabien egg O'Carroll
188423b1ed Removed Subscriptions without Prices from BREAD API
refs https://github.com/TryGhost/Team/issues/1243

It's possible to get into strange states where a subscription in Ghost
doesn't have an associated Price. This then has knock on effects because
we're dealing with data in an undefined state. Rather than add guards
against this throughout the entire stack, we stop returning it from the
BREAD API. It might be worth considering removing these subscriptions
from the response of the repository, but for now this is the most
minimal change that fixes the problem.
2021-12-01 10:45:50 +02:00
Fabien O'Carroll
b20f5a8b1f Updated linkSubscription to call method in transaction
no-issue

This was missing the options object which would force the DB call to be
run inside the same transaction as the rest
2021-11-09 11:19:05 +02:00
Fabien O'Carroll
2fcafcc8dc Removed coupons from subscriptions when the price changes
refs https://github.com/TryGhost/Team/issues/1092
refs https://github.com/TryGhost/Team/issues/1135

This was missed in the initial due to the issue tracking the task being
superceded, and the task not being copied across to the superceding
issue.

A new method to remove coupons has been added, as opposed to updating
the existing change subscription price method, because the removal of a
coupon is not the concern of an auxillary stripe service, but a busines
concern that should be explicit in the members-api codebase.
2021-11-09 11:12:13 +02:00
Fabien O'Carroll
47a7bd8555 Disabled auto-login when a success url is provided
refs https://github.com/TryGhost/Team/issues/1067

The auto-login behaviour obliterates the concept of a success URL,
because the Member is redirected in a logged in state, to the welcome
URL - rather than a logged out state to the success URL.

In order to not disrupt existing flows, we disable auto login if a
success URL is provided.
2021-11-05 10:18:43 +02:00
Fabien O'Carroll
a9871f1ab9 Removed references to Offers labs flag
refs https://github.com/TryGhost/Team/issues/1115

This flag is now enabled by default - so we can clean up all uses of it.
2021-11-03 16:13:11 +02:00
Fabien O'Carroll
81868c1850 Added alpha version of auto-login for Members
refs https://github.com/TryGhost/Team/issues/1067

This is the MVP for auto-login of Members, it does not support custom
redirects, and will always just redirect to the same place that the
signin & signup links do. Behind a feature flag whilst we iron out the
functionality.
2021-11-03 10:57:28 +02:00
Fabien O'Carroll
635c2614a3 Fixed errors for non-subscription invoices
refs https://github.com/TryGhost/Team/issues/887

Our invoice webhook handling code assumed that every invoice would be
for a subscription, but that is not the case. There are valid use-cases
of using the same Stripe account in order to sell items with a one-off
purchase. Here we update the handling to ignore all invoices which are
not for subscriptions.
2021-11-02 15:34:02 +02:00
Fabien O'Carroll
02bf858903 Fixed behaviour of sending emails when adding member
no-issue

When adding a new member, we allow an email to be sent, and the type of
email to be chosen. This choice was being overriden by our signup email
logic - here we allow the BREAD API to have full control over which
email is sent.
2021-11-02 12:37:07 +02:00
Fabien O'Carroll
68163863c2 Removed invoice.payment_failed webhook handling
refs https://github.com/TryGhost/Team/issues/885

This webhook isn't used and can cause issues when Checkout Sessions are
completed but with a failed payment. Removing it will remove those
errors.
2021-10-25 14:31:44 +02:00
Fabien O'Carroll
ed8a3ca27c Updated browse to not include products by default
no-issue

The Members API does not currently include 'products' by default when
browsing. This ensures the functionality is maintained.
2021-10-25 13:34:20 +02:00
Fabien O'Carroll
c154be4581 Included Offer information for Subscriptions
refs https://github.com/TryGhost/Team/issues/1135

We use the OffersAPI to fetch Offers, so that we can be using the same
format for Offers in all of our APIs.

We will not attach the Offer to the Subscription if either the Tier or
the Cadence do not match. This is because the Offer would no longer
apply to this Subscription.

We do however retain the data, so that a Member can still be filtered on
the Offers which they've redeemed.
2021-10-21 18:10:08 +02:00
Fabien O'Carroll
e78b2f80bc Fixed issues with checkout when not using coupon
no-issue

We were incorrectly checking for the existence of a coupon id - instead
we simplify the signature, and make sure the check is correct.
2021-10-21 18:06:36 +02:00
Fabien O'Carroll
efe5164eff Wired up payments service
refs https://github.com/TryGhost/Team/issues/1166

By using the PaymentsService to fetch coupon information - we ensure
that the coupons are created if they're missing. Like in the case of a
Stripe disconnect/connect cycle.
2021-10-21 15:40:55 +02:00
Fabien O'Carroll
1ae6a2ac44 Handled Stripe Disconnect for Offers
refs https://github.com/TryGhost/Team/issues/1166

As usual we want to delete all Stripe related data on disconnect.
2021-10-21 15:40:55 +02:00
Fabien O'Carroll
8051015bb8 Fixed race condition when linking subscriptions
no-issue

Without forcing linkSubscription to run inside a transaction - it's
possible to have race conditions where it is called twice, and attempt
to insert duplicate rows into the database.
2021-10-18 17:26:34 +02:00
Fabien O'Carroll
c58e83c9d7 Wired up OfferRedemption storage
refs https://github.com/TryGhost/Team/issues/1132

We have to include the Offer on the metadata for the Stripe Checkout -
as Offers with a duration of 'once' will not always be present on the
Subscription after fetching it.

Once we receive the Stripe Checkout webhook we emit an event for
subscription created - the reason we use an event is because this logic
should eventually live in a Payments/Stripe module - and we'd want to
decouple it from the Members module.

The Members module is in charge of writing Offer Redemptions - rather
than the Offers module - because Offer Redemptions are "owned" by a
Member - and merely reference and Offer. Eventually Offer Redemptions
could be replaced by Subscriptions.
2021-10-18 17:26:34 +02:00
Fabien 'egg' O'Carroll
9e3136cdbc Fixed incomplete subscription flow (#341)
refs https://github.com/TryGhost/Team/issues/1156

Because we were only attempting to add the product to the members if the
subscription was new AND active - we would not add it for incomplete
subscriptions transitioning to active.

Instead we always attempt to add the product to a member for an active
subscription - it doesn't matter if it's a new one. We later have logic
to filter out duplicate products if the member already has access to the
product.
2021-10-18 14:25:28 +02:00
Fabien O'Carroll
53d24e501d Fixed Stripe Checkout using Offers
refs https://github.com/TryGhost/Members/commit/5172e40646

When we updated to use the OffersAPI instead of OfferRepository this was
missed, and we were passing blank coupon to Stripe Checkout. This should
eventually be replaced with a call like `getCoupon(offerId)` from a
payments service.
2021-10-14 12:02:39 +02:00
Fabien O'Carroll
9e7891fef7 Restricted archived Offers from being used
refs https://github.com/TryGhost/Team/issues/1133

An archived Offer is intended to be disabled from a redemption point of
view. This ensures that we do not allow Stripe Checkout Sessions to be
created for them.
2021-10-13 11:19:35 +02:00