Commit Graph

2570 Commits

Author SHA1 Message Date
Naz
9236b8a397 Relaxed validation rules + removed unknown properties
refs https://github.com/TryGhost/Toolbox/issues/314

- The API principle guiding this change is the Robustness Principle: "be conservative in what you send, be liberal in what you accept". The API will start accepting any additional properties that are not explicitly defined in the schema for the resource and will be trimming any rogue properties that are sent in the payload
2022-05-12 18:06:38 +08:00
Matt Hanley
371f9996f5
Fixed filter mapping from subscribed to newsletters for bulk operations (#14787)
closes https://github.com/TryGhost/Team/issues/1606

- Fixed filter mapping from subscribed to newsletters for bulk operations
- Updated members-api package
2022-05-12 10:54:20 +01:00
Naz
d3f432f745 🔥 Removed versioning from json schema validation
refs https://github.com/TryGhost/Toolbox/issues/314

- With versioned API concept being dropped there's no need to rely on a specific version in validations either!
2022-05-12 16:08:23 +08:00
Hannah Wolfe
b29852b012
🔥 Removed support for http/https mixed mode (#14783)
closes: https://github.com/TryGhost/Toolbox/issues/324
refs: https://github.com/TryGhost/Ghost/issues/14446

- Currently, if url is configured to http but a request is marked secure, Ghost will handle upgrading all internal URLs to https so that there are no mixed content warnings
- From 5.0 that feature is going away, in favour of strictly honouring the configured URL
- Ghost will serve URLs exactly as configured and won't upgrade http to https anymore
- This use case was common when Ghost was first built, but in 2022 the web is mostly https.
- The code needed to support the feature creates a lot of additional complexity & maintenance overhead, so removing this gives us space to do more cool and useful stuff in 2022
2022-05-11 14:53:23 +01:00
Rishabh
7ab00c8eda Updated admin api schema for tiers
- added `id` and `description` to tiers schema
- added `tiers` column to members schema
2022-05-11 16:14:10 +05:30
Naz
f10f224668 Improved version mismatch notification email copy
refs https://github.com/TryGhost/Toolbox/issues/292

- Copy improvements were done base on feedback. Makes the information in the email more concise and removes unecessary/unsecure bits like query strings.
2022-05-11 10:53:42 +08:00
Renovate Bot
c0d82122b0 Update dependency grunt to v1.5.3 2022-05-10 14:57:10 +00:00
Naz
6934595053 Added Integration Name in version mismatch emails
refs https://github.com/TryGhost/Toolbox/issues/292

- Providing user-defined Integration name instead of API client's UserAgent gives a lot more control to instance administrators identifying which integration is being used incorrectly.
- It's best practice to create an Integration with a set of API keys per API client - which should be enough to identify an outdated one.
2022-05-10 17:55:18 +08:00
Simon Backx
fb60a0199c
Fixed editing members throwing when setting avatar_image (#14751)
refs https://ghost.slack.com/archives/C02G9E68C/p1652126859737159?thread_ts=1652126765.251419&cid=C02G9E68C

When you try to edit a member in the admin frontend, the `avatar_image` property is passed. But that field is not editable and should be ignored. Currently an error is thrown, but this update from `admin-api-schema` adds it as a skipped property to remove this error.
2022-05-10 10:00:27 +02:00
Renovate Bot
c753d61be6
Update dependency sinon to v14 2022-05-09 19:14:13 +00:00
Naz
b2db80c9fe Fixed missing failed request URL if version emails
refs https://github.com/TryGhost/Toolbox/issues/292

- The version mismatch notification emails were missing a URL of the endpoint that was being accessed by an outdated integraton
- Also squeezed in a refactor simplifying APIVersionCompatibilityService initialization
2022-05-09 20:11:25 +08:00
Simon Backx
21d9d20e3e
Included newsletter relation by default in posts (#14723)
refs https://github.com/TryGhost/Team/issues/1569

**Changes in admin-api-schema:**
- https://github.com/TryGhost/SDK/compare/%40tryghost/admin-api-schema%402.14.1...%40tryghost/admin-api-schema%402.15.0
- Ignore `newsletter` when used in input

**Changes**
- Added the `newsletter` relation as a default include for posts
- Removed the newsletter_id from the API output

**Tests**
- Test the newsletter relation is always loaded for browse, read, add and edit, unless the include option is added explicitly

Co-authored-by: Matt Hanley <git@matthanley.co.uk>
2022-05-09 11:06:59 +02:00
Renovate Bot
7d951f96f0 Update dependency jwks-rsa to v2.1.1 2022-05-09 08:37:13 +01:00
Renovate Bot
f5d4174e0d
Update dependency luxon to v2.4.0 2022-05-09 03:40:41 +00:00
Renovate Bot
b3c6801352
Update dependency eslint to v8.15.0 2022-05-09 00:38:13 +00:00
renovate[bot]
abd90be910
Update dependency @tryghost/mw-error-handler to v1 (#14719)
- Replaced usage of handleJSONResponseV2 with the newly renamed handleJSONResponse

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-07 15:28:28 +01:00
Renovate Bot
fb017d496e
Update dependency express-jwt to v7.7.0 2022-05-06 17:28:38 +00:00
Renovate Bot
4019964b15
Update dependency knex-migrator to v4.2.9 2022-05-06 16:54:08 +00:00
renovate[bot]
e0ce8995a7
Update dependency @tryghost/security to v0.3.0 (#14718)
- Swapped instances of createSecret for security.secret.create

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-06 17:53:10 +01:00
Renovate Bot
d7399faa81
Update dependency sqlite3 to v5.0.8 2022-05-06 12:52:08 +00:00
Daniel Lockyer
f6fb823ce9
Updated all @tryghost packages
- these packages have had minor code changes or dependency updates that
  have forced us to publish the packages in Lerna
- this commit updates all packages in one rollup commit
2022-05-06 12:55:29 +01:00
Renovate Bot
1afe52c657
Update dependency sqlite3 to v5.0.7 2022-05-05 18:34:13 +00:00
renovate[bot]
9aa8e3e7ff
Update dependency @tryghost/url-utils to v3 (#14705)
- updated usage of url-utils.urlFor to work with v3

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-05 16:10:18 +01:00
Naz
648530009d Added use of email templates for version mismatch notifications
refs https://github.com/TryGhost/Toolbox/issues/292

- This change allows to reuse existing pattern present in Ghost on the version mismatch service layer, where we define the contents of the sent email through email templates instead of plain text.
- Apart form templates, there's now failed request URL present in the data passed to the email template along with site title and site url
2022-05-05 18:26:08 +08:00
renovate[bot]
45695ef2d5
Update dependency @tryghost/mw-error-handler to v0.2.4 (#14677)
- Updated accept-version error message copy

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-05 08:57:32 +01:00
Fabien 'egg' O'Carroll
2da52130a6
Removed hasActiveStripeSubscriptions endpoint (#14689)
refs https://github.com/TryGhost/Team/issues/1147

This endpoint is no longer used in 5.0
2022-05-04 17:25:21 +01:00
Simon Backx
473ac3b5a4
Fixed updating a non-existent member internal error (#14658)
refs https://github.com/TryGhost/Team/issues/1580

- When you try to edit a member that doesn't exist, a 500 error is thrown. We should throw a 404 error instead
- This is fixed by https://github.com/TryGhost/Members/pull/395
2022-05-04 13:51:35 +02:00
Simon Backx
ad1ebe6a47
Fixed error when firing Members webhooks (#14645)
refs https://github.com/TryGhost/Team/issues/1577

The last seen at was being updated via the model rather than the
respository, which mean that the default relations were not being
loaded.

This fix updates the repository to load the newseletters relation,
updates the last seen at updated to use the repository and updates the
output serializer to handle missing newsletter relation.

We also update all packages relying on the domain-events package to
ensure that they're all using the same version.

Co-authored-by: Fabien 'egg' O'Carroll <fabien@allou.is>
2022-05-04 12:42:27 +02:00
Naz
c627779948 Extracted email-content-generator into a package
refs https://github.com/TryGhost/Toolbox/issues/292

- Following the concept of having as little code in Ghost core as possible :) The email content generation is also needed to be reused in the version mismatch handling package.
2022-05-04 17:28:09 +08:00
Renovate Bot
7c992ef099
Update dependency express-jwt to v7.6.2 2022-05-03 15:17:44 +00:00
Renovate Bot
073b1f8dad Update dependency postcss to v8.4.13 2022-05-02 06:54:31 +01:00
Renovate Bot
e418630737
Update dependency mocha to v10 2022-05-02 01:29:26 +00:00
Renovate Bot
21b0ab0a8e
Update dependency express to v4.18.1 2022-04-29 21:07:20 +00:00
Simon Backx
104a0f5181
Fixed issue with new members always subscribing to defaults (#14629)
no issue

The member was updated when setting the geolocation, but that also included setting subscribed to true.
2022-04-28 13:21:38 +02:00
Daniel Lockyer
d5e7893212
Updated all @tryghost packages
- these packages contain minor code or dependency updates but we're
  forced to publish them because of Lerna
- this commit rolls up all pending updates into one commit to save noise
2022-04-28 11:54:29 +01:00
Renovate Bot
148779b74c Update dependency knex-migrator to v4.2.8 2022-04-28 11:24:13 +01:00
Renovate Bot
b58e7af65e Updated dependency express-jwt to v7
- also requires a small change to the imports to reflect an API change
2022-04-28 11:15:04 +01:00
Simon Backx
efdc42c257
Fixed bulk unsubscribe and updated member import tests (#14610)
refs https://github.com/TryGhost/Team/issues/1567

**Changes in members-api**
- Compare changes: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.1.0...%40tryghost/members-api%406.2.2
- Fixed bulk unsubscribe
- Deletes the newsletter relations instead of setting subscribed to false

**Test fail fix**
refs https://github.com/TryGhost/Ghost/pull/14621
refs https://ghost.slack.com/archives/C02G9E68C/p1651126990299689?thread_ts=1651072733.859939&cid=C02G9E68C

- Events didn't always have the same created_at as created members
- This caused a test to fail randomly in the main repo

**Changes**
- Added required helpers for members-api package
- Version bumps of other packages are only tooling related

**Tests**
- Tests if member import still works with the legacy `subscribed` flag
- Updated member importer to use multipleNewsletters flag
- Dropped legacy members tests
2022-04-28 09:50:05 +02:00
Renovate Bot
ad2903a196
Update dependency sqlite3 to v5.0.6 2022-04-27 21:40:10 +00:00
Fabien 'egg' O'Carroll
810c3077e8
Wired up LimitService to NewsletterService (#14602)
refs https://github.com/TryGhost/Team/issues/1549

This allows us to restrict certain sites to a single newsletter
2022-04-27 17:44:16 +01:00
Simon Backx
21af34a0d4
Added mapping from member subscribed to newsletters on edit/create (#14596)
refs https://github.com/TryGhost/Team/issues/1545

**Changes (`members-api`)**
- Compare via https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.0.0...%40tryghost/members-api%406.1.0
- Added mapping from member subscribed to newsletters on edit/create
- When editing or creating a member with the subscribed property, it is mapped to the corresponding newletters value
- Defaults to all active newsletters with visibility = members and subscribe_on_signup = true

**Tests**
- Adds test that adds a member with subscribed = true
- Adds test that adds a member with subscribed = false
- Adds test that edits a member with subscribed = true
- Adds test that edits a member with subscribed = false
2022-04-27 17:04:55 +02:00
Simon Backx
2cf76cb031
Added newsletter relation to subscribe events (#14585)
refs https://github.com/TryGhost/Team/issues/1478

**Changes**
- Added the newsletter relation to subscribe events

**Changes in `members-api`**
- Compare: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%406.0.0-alpha.0...%40tryghost/members-api%406.0.0
- Makes sure the newsletter relation is returned in the activity feed for susbcribe events (aka newsletter events).

**Tests**
- Added first test for activity feed to check if the newsletter relation is correctly fetched
2022-04-27 16:44:27 +02:00
Fabien 'egg' O'Carroll
d94859f2e5
Added /stats/subscriptions API (#14547)
refs https://github.com/TryGhost/Team/issues/1505
refs https://github.com/TryGhost/Team/issues/1466

Exposes an API for historical counts broken down by tier and cadence.

Counts backwards from the current stats like MRR to minimize inaccruate
data due to missing/superfluous events.
2022-04-27 14:53:32 +01:00
Renovate Bot
0a5fb7166a Update dependency supertest to v6.2.3 2022-04-27 06:49:47 +01:00
Renovate Bot
eec0c502d9
Update dependency @sentry/node to v6.19.7 2022-04-26 16:27:46 +00:00
Renovate Bot
2d08324238 Update dependency grunt-contrib-clean to v2.0.1 2022-04-26 17:25:59 +01:00
Renovate Bot
863c409ca3 Update dependency @playwright/test to v1.21.1 2022-04-26 17:25:39 +01:00
Renovate Bot
2a5af9c0c5 Update dependency jwks-rsa to v2.1.0 2022-04-26 17:21:23 +01:00
Daniel Lockyer
6747f3a93a Updated @tryghost packages
- these packages contain only code changes or dependency updates but
  we're force to publish new versions due to Lerna's limitations
- this commit bulk updates the packages to save having many commits
2022-04-26 16:54:44 +01:00
Daniel Lockyer
1122ce9cc6
🐛 Fixed credentials issue with SES mail transport
refs 58ace0af76

- please see the referenced commit above for full context but this
  commit bumps `@tryghost/nodemailer`, which contains a fix for reading
  credentials when using the SES mail transport
- credits to @touzoku
2022-04-26 16:40:45 +01:00