Commit Graph

12985 Commits

Author SHA1 Message Date
Naz
33696b8244 Extracted scheduling token generation into separate module
refs https://github.com/TryGhost/Team/issues/694

- This is a tiny step towards more decoupled scheduler's code organization
2021-05-24 17:34:36 +04:00
Fabien O'Carroll
2000c3c156 Errored when Stripe is used without a connection
refs https://github.com/TryGhost/Team/issues/704

Currently when attempting to create stripe_prices without a Stripe
connection, it will fail silently. This is an issue when initially
configuring Members as the Stripe connection can take some time to be
established. By erroring we allow the client to be notifed that the
connection does not yet exist, so that it can be retried later.
2021-05-24 11:54:45 +01:00
Fabien O'Carroll
b3aff29a3e Fixed tests for auth service mmbers auth
no-issue

These tests were previously skipped due to the NONE algorithm tests
failing. These were failing for good reason, we do NOT want the none
algorithm to be accepted. The tests have been updated to reflect that,
and unskipped.
2021-05-24 11:36:35 +01:00
Fabien O'Carroll
f4c40249ce Fixed members auth middleware
no-issue

The JWT library we used does not throw an error which can be used by
Ghost. So we need to catch and wrap it in our own errors from
@tryghost/errors.
2021-05-24 11:28:15 +01:00
Fabien O'Carroll
2b5e22524b Fixed Stripe customer model tests
no-issue

These tests were skipped out due to adding with the subscriptions
relation not working. However this functionality is redundant, as it is
not used anywhere. The tests have been updated to test that we can read
the subscriptions relation correctly.
2021-05-24 11:28:15 +01:00
Fabien O'Carroll
e106a1b137 Removed tests dependent on stripe mocking
no-issue

We no longer want to include skipped tests in the codebase. These tests
were added as placeholders until a point at which we were able to mock
Stripe.

We haven't got time during cleanup to mock Stripe so removing these
tests for now.
2021-05-24 11:26:45 +01:00
Naz
ae85b92899 Unskipped and fixed a test suite for post models' findPage
refs https://github.com/TryGhost/Team/issues/694

- Unskipping the test does not seem to be causing a failure any longer. Removed the skip as it would be causing linting errors as we tighten up the `.skip` rules
2021-05-24 22:19:17 +12:00
renovate[bot]
01ac1acfcb
Fixed indescribable error in custom themes limit
refs f51c640fb0

- This should not affect any of the current code but should improve edge case errors related to "allowlist" types of limits
- See referenced commit for details when this edgecase was happening
2021-05-24 22:09:18 +12:00
Naz
48d5d4c93d Refactored scheduling tests logic using async/await
refs https://github.com/TryGhost/Team/issues/694

- The previous `.then` chaining was outdated, while in this part of code did a tiny cleanup which should improve future maintenance slightly
2021-05-24 13:20:11 +04:00
Naz
ba50241fde Refactored scheduling tests setup using async/await
refs https://github.com/TryGhost/Team/issues/694

- The previous `.then` chaining was outdated and was causing 2x ghost instance initialization per test suite
- With a refactor there's only one intance initialization per suite (saves running time!) and we use more readable async/await syntax, which should make things more maintainable
2021-05-24 13:11:33 +04:00
Naz
46ef52cc7d Unskipped Schedules API tests
refs https://github.com/TryGhost/Team/issues/694

- The tests were skipped and were throwing an eslint warning, which soon will become an error.
- They were skipped initially as they used an outdated authorization mechanism. With migration to token based auth the tests are green again
2021-05-24 12:59:52 +04:00
Renovate Bot
2cd687b7cf Update dependency cssnano to v5.0.4 2021-05-24 08:50:36 +01:00
Naz
7ea91df628 Fixed skipped test for fetching setting by group
no issue

- The test was skipped, which should not have been commited into the trunk in the first place. The checks were reworked to reflect the reality - the endpoint ignores the "group" qurey parameter
2021-05-24 11:39:14 +04:00
Renovate Bot
e03f99a8f3
Update dependency eslint to v7.27.0 2021-05-24 00:31:56 +00:00
Hannah Wolfe
7658572a7d
Removed ancient paged routing tests
- these are slow, and we have unit tests in place to ensure that routing works correctly
2021-05-21 20:09:42 +01:00
Hannah Wolfe
9c6466c4ed
Removed other ancient skipped storge test
- My IDE "fixed" this skipped test by unskipping it without me realising when I removed the other one 🙈
2021-05-21 19:53:38 +01:00
Hannah Wolfe
b749fed5b9
Removed ancient skipped storage test
- this has been skipped for 4 years, it must not be needed :D
2021-05-21 19:48:34 +01:00
Fabien O'Carroll
730811fb6e Handled week & day interval in population of mrr events
refs https://github.com/TryGhost/Team/issues/635

This is to ensure we don't break migrations for any sites which have
imported external subscriptions which have an interval of 'week' or
'day'

The bump to members-api includes the handling of these intervals for
ongoing population of mrr events
2021-05-21 17:57:17 +01:00
Daniel Lockyer
bbeeb83235
Updated Canary builds to use preminor versioning
no issue

- we want to use `preminor` so it'll run migrations for the unreleased
  version if they are present
2021-05-21 16:40:06 +01:00
Naz
5680c93b83 Added exporter fields integrity check
refs https://github.com/TryGhost/Team/issues/610

- When either schema or default settings changes it's often forgotten to check if exporter handles updated tables/keys properly
- These tests are meant to serve as a reminder to check exporter and modify what's needed when changes are introduced into schema/default settings
2021-05-21 19:13:55 +04:00
Naz
459e8215b9 Split data exporter's index file into separate module
refs https://github.com/TryGhost/Team/issues/610

- This is a next step removing bloat from export module's index.js file, which get's rid of eslisn error completely
2021-05-21 19:13:55 +04:00
Naz
79439bdac5 Extracted table allowlists into a separate module
refs https://github.com/TryGhost/Team/issues/610

- Before introducing a new test for the refed issue doing a linting cleanup. The result will be removing one of `File has too many lines ` lint warnings
2021-05-21 19:13:55 +04:00
Renovate Bot
6d2890c1a8
Update metascraper to v5.21.9 2021-05-21 10:16:46 +00:00
Thibaut Patel
1d5c8ccf2b Fix the OAuth callback
https://github.com/TryGhost/Team/issues/614

By binding the user session to the Ghost instance domain
2021-05-21 10:50:03 +02:00
Renovate Bot
d08ea611b7 Update dependency cssnano to v5.0.3 2021-05-21 09:14:36 +01:00
Renovate Bot
5aaa910a2e Update dependency @tryghost/job-manager to v0.8.6 2021-05-21 09:08:54 +01:00
Thibaut Patel
55a0c69451 Added the customThemes limits to all api versions
https://github.com/TryGhost/Team/issues/663
2021-05-21 09:56:22 +02:00
Renovate Bot
9010932466
Update dependency sanitize-html to v2.4.0 2021-05-20 16:28:50 +00:00
Fabien O'Carroll
f4017cc439 🐛 Fixed creating members linked to stripe customers
closes https://github.com/TryGhost/Ghost/issues/12942

The signature of the `linkStripeCustomer` method was updated and this
usage was missed.
2021-05-20 13:44:35 +01:00
Fabien O'Carroll
253eee627c Removed boot precondition checks from members-api
refs https://github.com/TryGhost/Team/issues/598
refs https://github.com/TryGhost/Ghost/commit/5cdf910e

Since we have moved the preconditon checks into this codebase, we no
longer need the members-api module to run them. This bump includes the
changes to remove the last of those checks.
2021-05-20 12:14:14 +01:00
Fabien O'Carroll
17a2083c05 Added precondition for Stripe Connect Admin API
refs https://github.com/TryGhost/Team/issues/598

Stripe Webhooks require SSL in production, and so we should not be
allowing connecting to Stripe in production mode unless the site is
running with SSL.
2021-05-20 12:08:45 +01:00
Fabien O'Carroll
b668d6fc9c Added members service init to boot sequence
refs https://github.com/TryGhost/Team/issues/598

This method contains precondition checks for booting Ghost, and should
be called as early as possible.
2021-05-20 12:08:45 +01:00
Fabien O'Carroll
5cdf910e63 Checked boot preconditions in members service init
refs https://github.com/TryGhost/Team/issues/598

We now have several pre-conditions related to members which determine
whether or not Ghost is allowed to start. Rather than burying this
within the members-api module, we have now surfaced them to an init
method which can be called during the boot sequence of Ghost. This will
allow us to exit early and explicitly.
2021-05-20 12:08:45 +01:00
Fabien O'Carroll
3f6544bebc Renamed index.js -> service.js for lint reasons
no-issue

Our linter now requires that files named index.js have less than 50
lines, so this renames the index.js file to service.js and reexports
service.js from index.js so that linting will pass.
2021-05-20 12:08:45 +01:00
Hannah Wolfe
05a16948a3
Moved testmode routes into a correctly named file
- testmode routing was in an index.js file, this breaks our coding standards
- these routes belong in routes file, same as all other routes
2021-05-20 11:42:27 +01:00
Renovate Bot
d98334eb89
Update dependency express-session to v1.17.2 2021-05-19 20:47:30 +00:00
Renovate Bot
fd394f0c3a
Update dependency @sentry/node to v6.4.1 2021-05-19 18:16:24 +00:00
Fabien O'Carroll
1d36afbc41 Updated dynamic whitelist from schema to static array
no-issue

This protects our tests against changes to the database schema, which
helps us decouple the API from the database, and make tests less
brittle. It also forces us to manually update the tests if we do make a
change to the API!
2021-05-19 18:49:18 +01:00
Fabien O'Carroll
5880edd722 Replaced members 'comped' status with 'paid'
refs https://github.com/TryGhost/Team/issues/693

Since we've got rid of the concept of Complimentary with the Custom
Prices work, we're removing the 'comped' status from members. This
involves a migration for existing members, a schema update for the
validation, and a bump to members-api to no longer use the 'comped'
status for new members.

We also update the aggregation of the MemberStatusEvent to consider the
'comped' status as 'paid', and that there are 0 'comped' status events
in the database.

We can consider a migration for this data in the future, either adding
new status events moving from 'comped' to 'paid', or by modifying
existing status events. However both of these are very difficulty to
write a down migration for, and might be best saved for a major version.

- @tryghost/members-api@1.7.0 is the version that includes the required
  changes, however we have already bumped to 1.8.0 in Ghost
2021-05-19 18:49:18 +01:00
Fabien O'Carroll
278ad8eaea Updated comped flag for v3 Members Admin API
refs https://github.com/TryGhost/Team/issues/693

Since we no longer have the concept the "comped" we update the v3 API to
always have a `comped` flag of `false` - maintaining backwards
compatibility.
2021-05-19 18:49:18 +01:00
Fabien O'Carroll
57a176ff3d Removed comped flag from canary Members Admin API
refs https://github.com/TryGhost/Team/issues/693

Since we no longer have a concept of "comped" we're removing the flag
from the unstable canary api.
2021-05-19 18:49:18 +01:00
Rishabh
5cabc39124 Fixed products data in members api on changing comped status
refs a4c78dbf19

Updates member data on edit to include products data when comped status is changed, as by default we don't include products data when member goes from free to paid subscription due to comped being added.
2021-05-19 23:14:04 +05:30
Rishabh
a4c78dbf19 🐛 Fixed error on saving member with susbcriptions
closes https://github.com/TryGhost/Team/issues/699

With custom products, saving a member with subscriptions on member detail page in Admin throws errors on console, though the save is successful. This breaks the Admin as user needs to refresh the screen again to get rid of error. This change -

- updates the response on member save to return `price` object in subscription
- updates tests
2021-05-19 22:32:15 +05:30
Fabien O'Carroll
0e77b378a6 Migrated members_{monthly,yearly}_price_id settings
refs https://github.com/TryGhost/Team/issues/698

The migrations to populate these settings are handled by the members-api
module, as they depend on the stripe_prices table being populated. This
cannot be guarunteed at boot, so we're unable to do this as a standard
migration.
2021-05-19 15:37:20 +01:00
Thibaut Patel
2bcc934eb4 Disable CSRF on the oauth callback route
no issue

Keeping CSRF enabled there would prevent oauth from working as users are redirected from the provider domain to the /callback route, where they are logged-in
2021-05-18 20:44:21 +02:00
Rishabh
2e8db93ab6 Filtered selected prices in Portal settings
no refs

Filters active prices in Portal settings to only contain the selected prices by site owner in new monthly/yearly price id settings, ignoring all other prices for now.
2021-05-18 20:27:20 +05:30
Hannah Wolfe
d9367f5b20
Added debug to gscan checks for timings
- added a couple of extra debug calls to see how long gscan checks take in the boot process
2021-05-18 15:22:04 +01:00
Renovate Bot
ae98bf5a6d Update dependency mock-knex to v0.4.10 2021-05-18 11:05:31 +01:00
Rishabh
76adf920da Updated Portal to handle logged out API response
refs https://github.com/TryGhost/Team/issues/560
refs 196cdafe6b

The endpoint `/members/api/member/` used by Portal for fetching member details was updated to return 204 No Content instead of 401. This change updates Portal to handle updated API response for logged out member, along with couple of bug patches -

- 🐛 Fixed extra email sent for logged in members on upgrade
- 🐛 Fixed falsy value not used in preview
2021-05-18 15:01:33 +05:30
Rishabh
4627d1c26a Added settings for monthly/yearly price ids
no refs

Since backend now allows multiple prices but we want the prices to be currently limited to monthly/yearly on UI, we need new settings to store the current monthly/yearly price by the site owner. These settings determine the active prices shown in Admin / Portal for the site till we allow all custom products/prices again.
2021-05-18 13:34:31 +05:30