Commit Graph

29302 Commits

Author SHA1 Message Date
James Morris
2a198c367e Reverting back some changes to try and fix failed tests
no issue
2022-08-31 16:07:12 +01:00
Kevin Ansfield
5985316b01 Only show failed tests in Admin CI output 2022-08-31 15:53:27 +01:00
Sanne de Vries
e7c25f84df Deleted unused image files
No issue
2022-08-31 15:48:17 +01:00
Fabien 'egg' O'Carroll
2ff81cc5d3
🔒 Fixed rate limiting for user login (#15336)
refs https://github.com/TryGhost/Team/issues/1074

Rather than relying on the global block to stop malicious actors from
enumerating email addresses to determine who is and isn't a user, we
want our user login brute force protection to be on an IP basis,
rather than tied to the username.
2022-08-31 10:33:42 -04:00
James Morris
ae28cdffbb Fixed the test for new member page based on changes
no issue
2022-08-31 15:16:32 +01:00
Sanne de Vries
038600c350 Prettified markup and added titles to all SVGs 2022-08-31 15:02:12 +01:00
Daniel Lockyer
874c696893
Fixed showing actor icons for deleted actors
refs https://github.com/TryGhost/Toolbox/issues/356

- if an actor has been deleted, their icon would just be blank
- we want to show the default user icon
- to accommodate this, and to improve some code along the way, I've also
  added `include=actor` to the API request so we get the actor inline in
  the response instead of sending off another request
- I should really switch to using models + the store at some point to
  cleanup parsing all the API responses manually
2022-08-31 14:57:41 +01:00
James Morris
d5bf2027dc Improved the members table on mobile
no issue
2022-08-31 14:48:06 +01:00
Daniel Lockyer
c2b399fc2c Fixed warning about aborted connection in tests
refs https://github.com/TryGhost/Toolbox/issues/389

- if we enable warning logs in E2E tests, we get a bunch of error
  messages saying `ERROR Unhandled rejection: aborted` coming from the
  SQLite DB reset code
- specifically, it's coming from the line that resets the DB by copying
  the file
- this line was initially added because we would see random SQLite
  "malformed database" errors
- I have a feeling that was due to something else, but I can't be sure
- I'm also not sure how else we should shut the DB connection, as this
  is the recommended way but it throws an unhandled rejection
- this commit is a bit of a gamble because I'm not actually sure what
  was causing the problem, but it gets rid of the errors locally and
  doesn't regress on the random failures
2022-08-31 12:15:30 +01:00
Daniel Lockyer
f04666ef52
Removed Admin production build test
- this was originally added because we had an issue with a production
  build of Admin during a release
- since then, we've got a canary build that runs for every commit on
  `main`
- I think this test is superfluous now, so this commit removes it and
  saves ~6 mins of CI time per commit
2022-08-31 11:21:22 +01:00
Peter Zimon
6483a068d4 Fixed responsive bug for What's new page
refs. https://github.com/TryGhost/Toolbox/issues/356

- The updated What's new page contained unnecessary buttons with external links on smaller size screens
2022-08-31 11:58:29 +02:00
Daniel Lockyer
7a2f766668
Added logging configuration option for timestamps to use the local timezone
fixes https://github.com/TryGhost/Ghost/issues/15190
refs https://github.com/TryGhost/framework/pull/76

- log output always uses UTC timestamps, but it may be desirable to
  configure logs to use the local machine timezone
- a new config option has been added to `@tryghost/logging` so you can
  switch the logs to the local timezone
- this commit bumps the package and sets the default config option to
  `false`, so it doesn't suddenly change the timezone of the logs
- docs will be updated soon but if you'd like to use the
  timezone-altered timestamps, you can set `logging.useLocalTime` to
  `true`
- credits to https://github.com/levee223 for the implementation and PR
2022-08-31 10:29:55 +01:00
Daniel Lockyer
e897efe842
Moved bundling to the end of prepack steps
- in its current form, bundling will happen before we build Admin
- Admin complains because the version in its package.json for
  `@tryghost/members-csv` is different to the one linked in the monorepo
- by putting bundling at the end, we write the new package versions
  after we've already built Admin, so this issue should go away
2022-08-31 08:48:47 +01:00
renovate[bot]
5a359be582 Update dependency knex-migrator to v5.0.4 2022-08-31 07:36:17 +00:00
David Kolosowski
0c28fc2286
Removed BB dep from url service (#14939)
refs: #14882

- Usage of bluebird is deprecated in favour of using native promises
2022-08-30 17:23:47 +01:00
Daniel Lockyer
d7500e0ad1
Merged v5.12.2 into main
v5.12.2
2022-08-30 16:58:46 +01:00
Ghost CI
a2edc7ea1b v5.12.2 2022-08-30 16:58:26 +01:00
Simon Backx
8cd2b3182a
🐛 Fixed commenting on tier-only posts (#15333)
fixes https://github.com/TryGhost/Team/issues/1860

**Problem:**
Members were not able to comment on a post that was only visible for members with a specific tier.

**Causes:**
Content gating was done on models with missing relations.
- The products relation was not loaded on the member when doing content gating
- The tiers relation was not loaded on the post when doing content gating

**Tests:**
- Added for tier-only posts
- Added for paid-only commenting
2022-08-30 16:48:47 +01:00
Simon Backx
aec2badc6c
🐛 Fixed removing comped subscriptions for members with active subs (#15332)
fixes https://github.com/TryGhost/Team/issues/1859

**Problem:**
When for some reason a member has an active subscription (or legacy comped subscription) for product A, and a comped subscription for product B. You cannot remove comped subscription B.

**Fixed by:**
Updating the API to allow more flexible product changes on members.
- Allow the removal of (comped) products on a member, as long as that product doesn't have a related subscription
- (still) allow the addition of comped products to a member, as long as that member doesn't have other active subscriptions. This matches the existing behaviour, but now this is only checked for added products.
- Includes tests for these edge cases
2022-08-30 16:48:44 +01:00
Kevin Ansfield
80400fd303 Fixed linter error
no issue

- removal of unused import was missed after removing it's usage
2022-08-30 16:48:37 +01:00
Kevin Ansfield
bc185665a4 Removed use of ember-route-action-helper
refs https://github.com/TryGhost/Ghost/issues/14101
refs https://github.com/TryGhost/Team/issues/1734

- use of the helper was generating deprecation warnings when building Admin
- removed the single usage in favor of using `{{perform}}` directly on a controller task property as there was no need to go via the route
- changed naming of task properties to include a `...Task` suffix so it's clear when dealing with a task object
2022-08-30 16:44:50 +01:00
Kevin Ansfield
5bd66fd8b7 Migrated users.index controller to Octane patterns
refs https://github.com/TryGhost/Ghost/issues/14101

- dropped use of `{{action}}`
- dropped use of computed properties in favor of getters
2022-08-30 16:44:50 +01:00
Kevin Ansfield
5eec9c8ce2 Migrated <GhUserInvited> to Glimmer component
refs https://github.com/TryGhost/Ghost/issues/14101
2022-08-30 16:44:50 +01:00
Simon Backx
4282ead3a7
🐛 Fixed commenting on tier-only posts (#15333)
fixes https://github.com/TryGhost/Team/issues/1860

**Problem:**
Members were not able to comment on a post that was only visible for members with a specific tier.

**Causes:**
Content gating was done on models with missing relations.
- The products relation was not loaded on the member when doing content gating
- The tiers relation was not loaded on the post when doing content gating

**Tests:**
- Added for tier-only posts
- Added for paid-only commenting
2022-08-30 17:38:58 +02:00
Simon Backx
e7786ca482
🐛 Fixed removing comped subscriptions for members with active subs (#15332)
fixes https://github.com/TryGhost/Team/issues/1859

**Problem:**
When for some reason a member has an active subscription (or legacy comped subscription) for product A, and a comped subscription for product B. You cannot remove comped subscription B.

**Fixed by:**
Updating the API to allow more flexible product changes on members.
- Allow the removal of (comped) products on a member, as long as that product doesn't have a related subscription
- (still) allow the addition of comped products to a member, as long as that member doesn't have other active subscriptions. This matches the existing behaviour, but now this is only checked for added products.
- Includes tests for these edge cases
2022-08-30 17:36:52 +02:00
Sanne de Vries
dbfcc5a733 Deleted all unused svg icons 2022-08-30 15:36:46 +01:00
Daniel Lockyer
0b0401d593 v5.12.1 2022-08-30 11:56:45 +01:00
Fabien 'egg' O'Carroll
21e473ff78
🐛 Fixed newsletters not rendering with non-HTML safe chars (#15331)
Co-authored-by: Kevin Ansfield <kevin@lookingsideways.co.uk>
2022-08-30 11:26:01 +01:00
renovate[bot]
9355c6d8fa
Update dependency mailgun.js to v8.0.1 2022-08-30 08:10:52 +00:00
Daniel Lockyer
8e3b611606
Fixed early return when there are no new email batches
- the code in question had the intention of returning early if no new
  email batches had been created for an Email
- there were 2 minor bugs here:
  - `batchIds` would end up being an array of an array of strings
    because we just push an array in without the spread operator
  - we would compare that the returned array equaled zero, which was
    never the case
- this commit fixes these minor issues and adds JSDoc to document the
  function's return type
2022-08-30 08:55:38 +01:00
Daniel Lockyer
fcd6360869
Cleaned up asset-delivery env config
- this is no longer needed because we don't do env-specific builds
2022-08-30 08:24:48 +01:00
Naz
8af8905fa9
Updated comments around API access
no issue

- While auditing the access rights to endpoints have come across the "stable" / "experimental" notes that do not make any sense in the current approach towards the API. Every endpoint that's documented and exposed just "is" there no stable/unstable/canary/whatever distinction in the Admin API since Ghost v5
- Staff tokens were also acked as a separate way to access the API, so we have them in mind when modifying the access-list
2022-08-30 11:41:18 +08:00
renovate[bot]
619af026d6
Update dependency luxon to v3.0.3 2022-08-29 18:37:24 +00:00
renovate[bot]
ced7f41112
Update Test & linting packages 2022-08-29 15:21:11 +00:00
renovate[bot]
df2a97032d Update dependency testem to v3.9.0 2022-08-29 16:19:01 +01:00
Simon Backx
f2da1229d8
Removed unused support email verificaton endpoints (#15328)
fixes https://github.com/TryGhost/Team/issues/1679

These endpoints are safe to be removed, as they are only used by the admin app and usage has been removed over there. It is very unlikely that this endpoint has been used in a third party integration (in which case they will get a notification email).
2022-08-29 15:16:13 +02:00
Elijah
3c94812ee5
Added missing return in create-stripe-update-session
no issue

- Return was missing for `res.end` if an invalid subscription_id was passed
- Added explicit `text/plain` `Content-Type` headers to error messages to avoid MIME sniffing

Signed-off-by: Elijah Conners <business@elijahpepe.com>
Co-authored-by: Simon Backx <simon@ghost.org>
2022-08-29 14:02:58 +02:00
Peter Zimon
16dc2be3cf Fixed post status UI bug
no refs.

- due to a regression the padding on the left of the post status indicator was set to zero
2022-08-29 10:59:56 +02:00
renovate[bot]
19befe7d56 Update peter-evans/create-or-update-comment digest to 5fdb3a6 2022-08-29 08:34:13 +01:00
Naz
113e2a6515 Improved verification email copy
refs https://github.com/TryGhost/Toolbox/issues/387

- Copy improvement afte a review
2022-08-29 12:18:46 +08:00
renovate[bot]
ea5942ef3d
Update dependency luxon to v3.0.2 2022-08-29 00:09:28 +00:00
Daniel Lockyer
d986059a50 v5.12.0 2022-08-26 16:00:32 +01:00
Rishabh
5e2613b6ed Fixed lint
refs 594ef34871
2022-08-26 15:31:10 +05:30
Rishabh
74f94e85a4 Fixed lint for staff user test 2022-08-26 15:29:06 +05:30
Rishabh
76419f8ed4 Removed email alerts UI for non admin staff
refs https://github.com/TryGhost/Team/issues/1825
2022-08-26 15:24:28 +05:30
Rishabh Garg
594ef34871
Enabled member email alerts (#15321)
closes https://github.com/TryGhost/Team/issues/1825
closes https://github.com/TryGhost/Team/issues/1826

- allows site owners/admins to receive email notifications when somebody signs up, becomes paid, or cancels subscription
- owners/admins can set their email preference from staff settings
2022-08-26 09:38:12 +05:30
renovate[bot]
0cbaa8f73d
Update dependency tough-cookie to v4.1.2 2022-08-25 23:44:35 +00:00
Rishabh
fbac9689c9 Removed empty cancellation reason from alert template
refs https://github.com/TryGhost/Team/issues/1826
2022-08-26 01:49:10 +05:30
Fabien "egg" O'Carroll
4718171b1d Removed out of date history items from UrlHistory
In case there is an issue with the filtering of items in our client
side attribution script, we also check for and remove out of date
items here. This ensures that we do not erroneously attribute signups
or conversions to webpages from more than 24h ago.
2022-08-25 16:09:34 -04:00
Fabien "egg" O'Carroll
f523e1eb6b Refactored UrlHistory to use static factory method
This keeps the constructor clean, relying on types for validation,
whilst preserving the validation when creating the instance. The
constructor is now private so that the factory which handles
validation is always used.

The tests have also been updated to test the public factory interface
rather than the internal validation methods. Validation has been
rolled into a single method and slightly improved in the way of
readability.
2022-08-25 16:09:34 -04:00