refs https://github.com/TryGhost/Team/issues/1061
- Stripe checkout metadata only accepts value as string for a key, and ghost_analytics was incorrectly attaching object for entry id and source url
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-65p7-pjj8-ggmr
We were originally overloading the signup/signin flow for changing email
addresses, which was a security flaw because this route is
unauthenticated. This functionality has been removed and replaced with a
dedicated flow.
refs https://github.com/TryGhost/Team/issues/1061
Member activity is a labs alpha feature which aims at capturing member events for site owner if switched on. The event metadata captures the site page/post where the event originates from, and the post/page id is included as content of new ghost analytics meta tag.
This change passes the event metadata to member frontend requests which allows server to capture event information for member actions when the analytics is switched on.
refs https://github.com/TryGhost/Team/issues/1063
refs https://github.com/TryGhost/Team/issues/1062
Member activity is a labs alpha feature which aims at capturing member events for site owner if switched on. The event metadata captures the site page/post where the event originates from, and the post/page id is included as content of new ghost analytics meta tag.
This change sets up new analytics script in portal if analytics is switched on, and fires post/page view event when a valid analytics id is found.
refs https://github.com/TryGhost/Team/issues/1062
Member activity is a labs alpha feature which aims at capturing member events for site owner if switched on. The event metadata captures the site page/post where the event originates from, and the post/page id is included as content of new ghost analytics meta tag.
This change adds a new alpha API endpoint for pushing events to new ingress endpoint, which Portal's new analytics script can use to push events upstream.
closes https://github.com/TryGhost/Team/issues/1038
- FirstPromoter integration needs the referral tracking id information as part of checkout session object to correctly attribute member referrals
- Adds `fp_tid` metadata key for FirstPromoter to correctly attribute paid signups
refs https://github.com/TryGhost/Team/issues/877
Refactors the change plan UI when a site has more than one product, using the Monthly/Yearly switch and the plan selection exactly how it's on the signup screen. To show the current plan, the M/Y switch is selected according to the user's subscription which lets us indicate the current price. To make the stacked prices lightweight, we also show benefits only for the price that is currently selected.
refs https://github.com/TryGhost/Team/issues/560
The endpoint `/members/api/session/` is used by Portal for fetching member session while setting up and redirecting to Stripe Checkout flow. The status code returned by API for logged out member is changed from 4xx Unauthorized to 204 No Content, which is consistent with member API response.
refs 859043e22e
- fixes context member incorrectly picking dev member state in some edge cases due to missing custom site url
- fixes complimentary member check to handle no member logged in
This reverts commit c2707d426a.
The changes for 1.7.3 were reverted as a temporary step due to a major bug in Portal link handling.
This commit brings back the changes followed by a patch for new release
closes https://github.com/TryGhost/Team/issues/825
With multiple products, it's possible to link to any products from themes. The links area in Portal settings now handles signup links for multiple products. This change -
- updates portal to handle custom product monthly/yearly signup links - `signup/PRODUCT_ID/monthly` OR `signup/PRODUCT_ID/yearly`
no refs
With multiple products, its possible to assign a member complimentary product without active subscription.
- updates complimentary member helper to check for `paid` without subscription
- updates account home page to consider complimentary member without subscription
closes https://github.com/TryGhost/Team/issues/835
- updates change flow to consider portal_plans setting
- updates confirm subscription screen to show product name
- removed discount benefit on yearly if only one plan
refs https://github.com/TryGhost/Team/issues/824
- updates the change plan flow for multiple products flag
- adds new plan components for change plan flow
- updates helpers
- updates fixtures
refs https://github.com/TryGhost/Team/issues/796
- adds new helper for explicit feature flag for multiple products
- updated single product signup ui to include benefits
- added new component for single product ui
no refs
- in a rare scenario when monthly/yearly price comes as empty object, which happens if the price is missing in DB, this adds a guard to ignore the product than cause an error
no refs
- in a rare edge case, its possible that `contentDocument` is not available due to component unmount, guards against erroring in such scenarios
no refs
By default, Sentry will pick up any uncaught error triggered from the site, which adds a lot of noise as we only want to listen to Portal specific errors. This change adds portal's unpkg script as the only allowed url for Sentry error reporting.
refs https://github.com/TryGhost/Team/issues/767
- updates plan upgrade page to use multiple products UI if available
- filters products based on active currency if logged in member
no refs
- since portal script is loaded with `crossorigin:anonymous` now, we need to pass in the access control headers for script to bypass cors check
no refs
- adds `access-control-allow-origin: *` headers for dev mode
- portal script will be loaded with `cross-origin=anonymous`, access control header is needed to allow script to load
- mimics unpkg which already adds `access-control-allow-origin: *`
refs https://github.com/TryGhost/Team/issues/768
- updates available prices data based on available products
- updates available products to check portal products (which is behind a flag)
no issues
- adds new start-combined script which combines all chunks in `yarn start` for local portal development
- allows easier loading of local portal bundle in ghost via load-portal script, which needs to inject single script
- updates `yarn start:dev` to use updated script which uses the combined mode for better local development
refs
https://gist.github.com/simpixelated/90a3c16c3ed268fe24f5e5c9585ced2f
refs https://github.com/TryGhost/Team/issues/767
- adds dynamic calculation of frame styles based on site data
- handles product grid style based on no of products available
refs https://github.com/TryGhost/Team/issues/767
- free product is shown based on other site settings like `allowSelfSignup` and `portalPlans`
- fixed product/price selection to handle selected interval
- updated default product/price handling
no refs
Using NODE_PATH is deprecated in future versions of Create React App in favor of using jsconfig.json , this change removes files relying on NODE_PATH and uses relative path instead till we update usage to jsconfig in future as needed.
refs https://github.com/TryGhost/Team/issues/767
- handles product selection on full product card instead of just small surface area on checkbox
- removes dummy product card method
refs https://github.com/TryGhost/Team/issues/767
- wires real products data from site/fixtures to multiple products UI
- adds new helpers to manage price display/UI
- cleans up switch default params to clear type errors
no refs
- takes advantage of new dev script by loading Portal in dev mode on ghost site with full features
- restricts some dev mode features only if no custom site url is passed, which is expected with fixture development
no refs
Adds a new `yarn start:dev` command to start portal in development mode that allows development script to be used directly on Ghost site without needing a build for each change. Allows faster development on Portal locally.
no refs
The new dev script allows running `yarn dev` on the Portal code to make Portal development easier as well as integrate more easily with Ghost config. The script runs a local development server that serves portal bundle, which allows for static `portal` config to be used in Ghost for pointing to Portal script. It also watches the files for any changes, and auto re-builds and bundles latest Portal code.
refs https://github.com/TryGhost/Team/issues/718
Instead of using default prices, Portal goes through active prices of all available products to use for query in data attributes
refs https://github.com/TryGhost/Team/issues/718
We passthrough any unknown price ids directly to checkout session as it currently Portal cannot verify prices across all products
refs https://github.com/TryGhost/Team/issues/753
We reverted back to using named plan values - `monthly`, `yearly` - in `portal_plans` setting to allow us to easily handle active prices for a product. This change handles the updated values in `portal_plans` to use new values.
no refs
The master -> main rename was missed for test workflows as well as Readme badge, which caused the error reporting to incorrectly report passing tests on `master` while they were failing on `main`
no refs
We need the Portal preview container on Admin to re-adjust based on height of Portal container. This change adds a resizeObserver for portal container and fires a postMessage with height for Admin to listen and update the iframe height based on height of portal container
Updated resize observer to fire on update
Cleanup
no refs
The purpose of broadcasting portal-ready event is it allows Preview in Admin to have better UX with showing Portal when its ready than show the site while its loading. Having a strict target origin like site url won't work when sites have custom domains as it browser security will block the event due to origin mismatch.
Since `portal-ready` is just an event message and doesn't contain any sensitive data that needs to be restricted to origin, this bumps it to `*` which allows any site listening to be able to read the message.
no refs
This adds a way for top level site/admin to detect when Portal is loaded on the site and is ready to render, which allows dynamic UI handling specially in Preview mode in Admin.
no refs
Previously, the site and member data needed by Portal were loaded sequentially, which delayed the first load slightly as both the requests can be instead made in parallel. This change updates the API init to load both requests in parallel.
no refs
Allows Portal preview to use `members_signup_access` setting from the URL instead of relying on saved setting to change the preview without saving on Admin.
no refs
For some boolean preview keys like `allowSelfSignup` and `disableBackground`, we ignored setting the falsy value which is incorrect and doesnt' load the expected Portal preview
refs https://github.com/TryGhost/Team/issues/695
refs 212be5fb02 (Patch)
Currently when we have a successful Stripe checkout session, we will always send the member an email confirming their signup when using data-members-* attributes.
This is considered a bug for members who have signed up as a free member first, meaning they have already received this email. This change passes a `checkoutType` metadata same as Portal to not send the email when member is already logged in.
refs https://github.com/TryGhost/Team/issues/560
refs 196cdafe6b
The endpoint `/members/api/member/` is used by Portal for fetching member details on site load to setup different flows. The response from this endpoint for logged out member has now changed from 401 Unauthorized to 204 No Content. This updates the API handling in Portal for updated response status.
This change also handles the visible error messages on console for Portal when it first loads and tries to establish member logged-in status, and instead handles it now behind the scenes. This also makes Portal functioning more transparent on the site.
no refs
Since custom prices now allow prices with multiple currencies to exist, till we have a default currency for a site, we use the currency for first paid price on the list as default currency for a free price visually on Portal UI
closes https://github.com/TryGhost/Team/issues/689
For invite only sites, the default page should be signin as it makes more sense and is actionable than a static signup page
refs https://github.com/TryGhost/Team/issues/643
With custom products and prices, the old data attributes for members functionality - `data-members-plan` - was still using the plan name for checkout session which won't work as it now expects a price ID. This change reworks how we setup to listen to `data-members-*` attributes and moves them inside App.js so they can work with API data fetched from site settings and use the price ID for the `monthly` and `yearly` names as fallback.
refs https://github.com/TryGhost/Team/issues/671
When turning on custom products, existing sites should have default price description that retains current behaviour. This change adds custom description with discount value for Yearly Plans to keep the existing behavior for sites that mimic the old setup.
refs https://github.com/TryGhost/Team/issues/637
Since we allow setting custom name and description for free price now, this wires up the values for free membership price settings to API
refs https://github.com/TryGhost/Team/issues/643
Previously, we always expected `Monthly` or `Yearly` prices to be available for attribtues/links as those were the only prices allowed in Portal. With custom prices, as prices can have dynamic names, we still support Monthly/Yearly prices for backwards compatibility.
The way Monthly/Yearly prices are determined with custom prices is first trying to find the first price by the name same as `Monthly` / `Yearly`, followed by finding a plan having interval `month`/`year`. This gives us the best possible window to continue supporting Monthly/Yearly till all themes have time to adapt to custom prices