Commit Graph

10334 Commits

Author SHA1 Message Date
Rish
2d9963fbd8 Allowed comment_id and uuid in post API input
refs https://github.com/TryGhost/Ghost/pull/11462

Allows `comment_id` and `uuid` to be passed in post `add`/`edit` API calls instead of failing requests with validation error, though both properties are stripped out in serializer as we don't allow editing them.
2019-12-16 18:22:48 +05:30
Renovate Bot
52e23192c0 Update dependency sqlite3 to v4.1.1 2019-12-16 11:15:42 +00:00
Renovate Bot
10a4ba306f Update dependency sharp to v0.23.4 2019-12-16 09:18:07 +00:00
Renovate Bot
a67b2d5c8a Update dependency metascraper-url to v5.8.10 2019-12-16 08:19:06 +00:00
Renovate Bot
dde5220377 Update dependency metascraper-logo-favicon to v5.8.10 2019-12-16 07:16:39 +00:00
Renovate Bot
ff9c6df418 Update dependency metascraper-image to v5.8.10 2019-12-16 06:13:46 +00:00
Renovate Bot
a54e28b962 Update dependency metascraper-publisher to v5.8.10 2019-12-16 05:15:51 +00:00
renovate[bot]
b9458475bb Update dependency juice to v6 (#11429) 2019-12-16 11:55:32 +07:00
Renovate Bot
2fe25daff4 Update dependency metascraper-logo to v5.8.10 2019-12-16 04:23:41 +00:00
Renovate Bot
a1dee8fbc8 Update dependency metascraper-author to v5.8.10 2019-12-16 03:15:12 +00:00
Renovate Bot
04e4b4d28c Update dependency metascraper-description to v5.8.10 2019-12-16 02:16:53 +00:00
Renovate Bot
c59cc557da Update dependency metascraper to v5.8.10 2019-12-16 01:16:49 +00:00
Naz Gargol
e277c6bad3
Added member's subscription cancellation helper {{cancel_link}} (#11434)
no issue

- The helper allows generating HTML needed to cancel or continue the member's subscription depending on subscription state.
- Added public members endpoint to allow updating subscription's `cancel_at_period_end` attribute available at: `PUT /api/canary/members/subscriptions/:id/`
- Added client-side hook to allow calling subscription cancellation. Allows to create elements with `data-members-cancel-subscription` / `data-members-continue-subscription` attributes which would call subscription update.
- Updated schema and added migration for `current_period_end` column
- As discussed we only add a single column to  subscriptions table to avoid preoptimizing for future cases
- Added {{cancel_link}} helper
- Added error handling for {{cancel_link}} when members are disabled
- Added test coverage for {{cancel_link}} helper
- Bumped @tryghost/members-api version to 0.10.2. Needed to use `updateSubscription` middleware
- Bumped gscan to 3.2.0. Needed to recognize new {{cancel_link}} helper
2019-12-12 19:59:15 +07:00
Fabien O'Carroll
5997343279 Installed @tryghost/members-api@0.10.1
no-issue

Fixes issue with Stripe webhooks when running on localhost url
2019-12-09 14:33:04 +02:00
Nazar Gargol
75e8caa76c Removed unexisting member endpoints from API key access whitelist
no issue

- /members endpoints are not available under API v2, removed them from the whitelist to avoid confusion
2019-12-09 13:21:38 +07:00
Naz Gargol
bcddeeadf1
Removed redundant member manipulation proxy methods (#11423)
no issue

- This includes the interface change for members-api constructor - now accepts the member's model instead of proxy methods. These methods have been moved ton @tryghost/members-api in favor of using the model directly (ref: https://github.com/TryGhost/Members/pull/105)
- Moved error handling from the service layer to controller
- Bumped @tryghost/member-api package to 0.10.0
2019-12-06 12:04:10 +07:00
Nazar Gargol
59143de19d Removed flaky test
no issue

- This test was checking for a very edge casy scenario (blog timezone change when scheduled date for a post changes at the same time). It's been hard to keep it maintaned so had to go.
2019-12-04 21:14:24 +07:00
Nazar Gargol
acd96c19a7 Version bump to 3.1.1 2019-12-04 20:39:08 +07:00
Nazar Gargol
ae21f604c9 Updated Ghost-Admin to 3.1.1 2019-12-04 20:39:08 +07:00
Nazar Gargol
67091f6ae5 Updated Casper to 3.0.5 2019-12-04 20:39:08 +07:00
Fabien O'Carroll
2cd8f89933 🐛 Fixed 500 errors for incorrect Origin headers (#11433)
no-issue

Our function for determining cors options created a new instance of URL
without wrapping it in a try/catch which meant any failures to parse the
URL bubbled down as a 500 error.

500 errors are commonly used for alerting at the infrastructure level,
and this error is definitely one caused by a badly configured client, so
we wrap the construction and crap out with a Bad Request Error (HTTP
400) if it fails.
2019-12-04 18:06:30 +07:00
Nazar Gargol
3d49f3ed15 Renamed authentication middleware to createSessionFromToken
no issue

- This rename comes in to describe better what actually happens behind the middleware instead of catch-all "authentication"
2019-12-04 09:49:13 +02:00
Nazar Gargol
0be2c21f68 Renamed logout middleware to deleteSession
no issue

- This rename is meant to clarify what exactly happens behind the logout and be inline with `login`-> `getIdentityToken` rename
2019-12-04 09:49:13 +02:00
Fabien O'Carroll
046bd652e5 Renamed login middleware to getIdentityToken
no-issue

This name `login` was misleading as this middleware didn't login
members, that was handled by the `authentication` middleware,
specifically `exchangeTokenForSession`
2019-12-04 09:49:13 +02:00
Hannah Wolfe
419e12d90a Added support for secondary navigation (#11409)
no issue

- Secondary navigation means most nav concepts are supported, e.g. header & footer, or left & right
- The UI is added separately, this PR adds supporting concepts:
  - make sure the default value is an empty array
  - add support in the API (v3 only)
  - add handling in the navigation helper
2019-12-04 11:12:02 +07:00
Peter Zimon
60c44d360b 🎨 Fixed test newsletter email subject
no issue.

- "[Test]" being appended (at the end of) the test email subject made it hard to scan for test emails. This fixes it by prepending "[Test]" to the subject.
2019-12-03 16:26:25 +01:00
Naz Gargol
2e28bc2a5f
Added fallback to excerpt in {{excerpt}} helper for gated content (#11430)
refs https://github.com/TryGhost/Ghost/issues/10062

- When content gating is in place a lot of times both `html` and `custom_excerpt` fields on posts/pages are empty and the output of `{{excerpt}}` helper is also empty. We do return an `excerpt` property as a part of post resource which can serve as a safe fallback for when the above fields are not filled. It massively improves the experience of using the helper with gated content 
- Refactored nested ternaries to be more readable
- Added fallback to excerpt property when HTML is hidden from members
- Removed note about the review of excerpt helper
- Added test case for 'excerpt' property
2019-12-03 11:32:46 +07:00
Renovate Bot
3b90ac7095 Update dependency knex-migrator to v3.4.1 2019-12-02 02:23:18 +00:00
Renovate Bot
99721a72cd Update dependency bluebird to v3.7.2 2019-12-02 01:23:34 +00:00
Nazar Gargol
b774d66966 Fixed linter
- Stray whitespace was commited
2019-11-28 18:23:27 +07:00
Kevin Ansfield
3e0881c9d0 Version bump to 3.1.0 2019-11-27 14:11:19 +00:00
Kevin Ansfield
c95cf2811c Updated Ghost-Admin to 3.1.0 2019-11-27 14:11:19 +00:00
Kevin Ansfield
1737a3fb85 Updated Casper to 3.0.4 2019-11-27 14:11:18 +00:00
Rish
3328200695 Fixed members test
no issue
2019-11-27 18:54:49 +05:30
Kevin Ansfield
69c210b5cb Fixed permissions fixtures regression test
no issue

- updated to include bulk email permissions
2019-11-27 13:01:55 +00:00
Kevin Ansfield
f9f2d36f53 Merge branch 'mega' 2019-11-27 12:12:27 +00:00
Naz Gargol
201bef31f0 Added transaction support to pagination plugin (#11421)
Adds transaction support to `fetchPage` method. This is needed to be able to count members during the post publish transaction. 

This is the next iteration over initial quick-fix: 90905b0212

* Added transaction support to pagination plugin
    - This support is needed to be able to use `fetchPage` method in transactional context (example usecase was counting members when publishing post for emails)
* Passed transaction related options during email creation
    - Without this SQLite would hang in a transaction and eventually timeout
* Updated parameter name for consistency
2019-11-27 10:00:27 +00:00
Rish
b122b683f4 🏗 Removed reschedule method from scheduling adapter
no issue

We changed `reschedule` event to trigger adapter's `unschedule` and  `schedule` methods since we now generate separate tokens(urls) for consistency as two different url(token) is needed to complete the reschedule functionality.
2019-11-27 13:38:30 +05:30
Rish
d42d112eba 🐛 Fixed incorrect url generation for post reschedule/unschedule
no issue

The default scheduling generates a known, independent URL for publishing a resource. In case of resource being rescheduled or unscheduled, the adapter expects the the same URL to remove/update existing jobs. The URL includes a JWT token for API auth which is calculated from post model and appended to URL.

There was a bug in token generation which meant If we go to update or delete the job i.e. unschedule a post then a new token is used which means the existing scheduled job cannot be removed. This PR:

- removes issued at (`iat`) timestamp from token generation which lead to a different token being generated for same payload
- Fixes timestamp being used for URL calculation from resource model
2019-11-27 13:38:30 +05:30
Rish
628f9179dc Fixed URL import for post email serializer
no issue
2019-11-27 13:18:44 +05:30
Rish
9a53177544 Refactored unsubsribe url and getemailData methods
no issue
2019-11-27 10:58:32 +05:30
Rish
a3802c495d Fixed post serialization to keep plaintext in json
no issue

- Fixes missing plaintext on email preview
- Fixes tests
2019-11-27 10:58:32 +05:30
Nazar Gargol
63e6dd59fa Added missing await statement
no issue

- The 90905b0212 refactor missed the statment which is causing email to not being sent
2019-11-27 09:39:48 +07:00
Kevin Ansfield
90905b0212 Fixed emails sending when scheduled post is published
no issue

- the schedules controller wraps the post creation in a transaction
- we need to pass that transaction through to all other queries, especially on sqlite where a non-transaction query inside a transaction will lock up because there's only 1 connection available
- updates our model method calls to pass through the transaction options
- switches the members service `list()` call to a direct model `findAll()` call to avoid going through our pagination plugin because the raw knex query does not respect the transacting option
2019-11-26 17:43:29 +00:00
Rish
b9dd0d2b94 Refactored email handling to be consistent for test and newsletter emails
no issue
2019-11-26 21:41:01 +05:30
Hannah Wolfe
8ad764aa2f 🐛 Fixed csv file uploads on Windows w/Excel installed
no issue

- refs https://forum.ghost.org/t/import-json-file-from-v-2-34-0-to-v-3-0-3-ignores-my-subscribers/10324
- Windows machines that have excel installed use a weird mime type for CSV files
- Users can fix this by adjusting their registry, but that's annoying
- We should just allow this, it doesn't really change anything & we still require .csv as the extension
2019-11-26 15:11:05 +00:00
Nazar Gargol
9ff5fecbaf Fixed knex connection pool errors when scheduling a posts
no issue

- A subquery in mege service that creates email record wasn't using 'options' object needed to track transactions
2019-11-26 17:44:42 +07:00
Peter Zimon
4790e64256 Updated unsubscribe copy 2019-11-26 11:03:14 +01:00
Rish
7209abb729 Updated unsubscribe url for preview email
no issue
2019-11-26 15:14:52 +05:30
Rish
e6f74c63db Fixed post serialization for test emails
no issue
2019-11-26 11:59:41 +05:30