Commit Graph

861 Commits

Author SHA1 Message Date
Naz
260ca0548a
Added test coverage to automatic collections
refs https://github.com/TryGhost/Team/issues/3170

- The test confirms `published_at` filtering works for automatic collections
2023-06-05 14:59:49 +07:00
Naz
bfefcfd4df
Added automatic collection creation based on filter
refs https://github.com/TryGhost/Team/issues/3170

- This implementation allows to create an automatic collection with a filter defining automatically populated posts that belong to a collection
- To populate collection using a filter the API client can send a `filter` property along with a collection request
- Filter values are compatible with the filters used in Content API (https://ghost.org/docs/content-api/#filter)
2023-06-05 13:39:52 +07:00
Naz
f64276b26e
Added basic test an automatic collection
refs https://github.com/TryGhost/Team/issues/3170

- This test confirms we can create a collection with "automatic" type and assign a "filter" value to it
2023-06-05 13:39:49 +07:00
Daniel Lockyer
f908a03fff
Enabled and tracked retries in CI tests (#16909) 2023-06-02 09:36:28 +02:00
Michael Barrett
09ded37d91
Removed emailErrors flag (#16900)
refs https://github.com/TryGhost/Team/issues/3337

Removed emailErrors flag as it is no longer needed
2023-06-01 12:11:01 +01:00
Simon Backx
7e27d3f3e8
Added signup form attribution (#16899)
fixes https://github.com/TryGhost/Team/issues/3331

This adds attribution tracking to the signup form. It sends a newly
created url history when sending the signup API call, this url history
will get translated to a proper attribution and saved on the backend. We
send a history with only a single item that contains the referrer
source, medium and path of the Embed form.

This also makes some changes to the E2E tests so that the tests run
in an https environment instead of about:blank.
2023-06-01 10:18:11 +02:00
Naz
e8220b1387
Added DEL /collections/:id/posts/:post_id to Admin API
refs https://github.com/TryGhost/Team/issues/3260

- We need a way to remove posts form collections without fetching the whole collection's content. This API method allows to remove posts from manual collections by collection id and post id.
- As a response it returns up to date collection state without the removed post.
2023-06-01 14:59:05 +07:00
Fabien "egg" O'Carroll
93bad82a24 Wired up adding post to collections to API 2023-06-01 14:25:49 +07:00
Naz
bf5becfb22 Added POST /collections/:id/posts to Admin API
refs https://github.com/TryGhost/Team/issues/3260

- We need a way to append posts to collections without sending over all of the posts that are already in the collection
- The API would receive post_id and collection_id as required fields and will optionally take in sort_order to control the ordering in the manual collection
2023-06-01 14:25:49 +07:00
Naz
87df8754ee Moved bookshelf posts repository to core
refs https://github.com/TryGhost/Team/issues/3260

- Moved the posts bookshelf repository into core codebase where it should belong.
2023-05-31 22:55:35 +07:00
Naz
4fe9e5fac0 Added posts editing to collections in Admin API
refs https://github.com/TryGhost/Team/issues/3260

- Allows to manually manage posts assigned to collections through Collections Admin API
2023-05-31 22:55:35 +07:00
Naz
c7954fa695 Refactored basic edit test case
refs https://github.com/TryGhost/Team/issues/3260

- We need to have a reusable collection to edit throughout the describe, so we don't do repeatable work over and over
2023-05-31 22:55:35 +07:00
Naz
988f7e69c2 Grouped edit collection test cases
refs https://github.com/TryGhost/Team/issues/3260

- Cleanup before adding more test cases to the suite
2023-05-31 22:55:35 +07:00
Michael Barrett
88f3161903
Fixed flaky legacy posts api test (#16871)
refs https://github.com/TryGhost/Team/issues/2808

Updated the test to ensure that the date assertions do not unexpectedly
fail if the dates used are computed precisely at the start of a second
(no milliseconds `.000Z`)
2023-05-25 15:40:17 +01:00
Michael Barrett
8fc4e0fdcc
Add e2e test for update check script (#16840)
refs https://github.com/TryGhost/Team/issues/3234

Added an e2e for the update check script to detect potential breakages
in the script due to uninitialised dependencies in the isolated
execution environment
2023-05-25 14:36:36 +01:00
Simon Backx
488aa983d0 Added signup form code generation to admin
fixes https://github.com/TryGhost/Team/issues/3296

Adds a new `signupForm` feature flag, that will enable/disable the new embeddable signup form code generation.

Since the new flag shares its name with a new config value (that contains the script location), this also fixes the feature helper to only use a config with the same name if it is a boolean.
2023-05-25 15:18:40 +02:00
Naz
4cb5cc9087
Added default collection values
refs https://github.com/TryGhost/Team/issues/3259

- For collection entity creation consistency have set defaults
2023-05-24 17:01:28 +07:00
Naz
b52ec948b0
Added property mapper to collections responses
closes https://github.com/TryGhost/Team/issues/3259

- API output mappers (soon to be serializers) are meant to work based on allowlist set of output properties. Having the allowlist early on will allow to track the API evolution consistently.
2023-05-24 17:01:28 +07:00
Fabien "egg" O'Carroll
82acf85b29 Tested filtering visibility in Tiers Content API
refs https://github.com/TryGhost/Team/issues/3248

The current test fixtures didn't include any hidden Tiers, so I've added
a new fixture to test the filtering of hidden Tiers. It's not enabled by
default to avoid breaking the existing tests.
2023-05-19 13:12:33 -04:00
Naz
e302f8cc1d Added DELETE /collections/id to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to delete collection resource
2023-05-19 20:42:46 +07:00
Naz
e82fcbfc5e Added GET /collections/:id to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to read a collection resource by id
2023-05-19 20:42:46 +07:00
Naz
735edf5f87 Fixed editing unexistent collection behavior
refs https://github.com/TryGhost/Team/issues/3167

- When editing collection that does not exist the API should be returning a 404 instead of creating a new collection
2023-05-19 20:42:46 +07:00
Naz
f3f3d58acf Added PUT /collections/id to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to edit collection resource
2023-05-19 20:42:46 +07:00
Naz
d3a8aad319 Added POST /collections to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to add new collection records
2023-05-19 20:42:46 +07:00
Naz
36eff3a481 Added GET /collections to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is scaffolding for collections API. Contains wiring for service wrapper, e2e test, and a browse endpoint
- Adds basic implementation of the GET /collections endpoint to build up upon
- Note, there are no permissions in this version as they will be added in later stages of development with migrations etc
2023-05-19 20:42:46 +07:00
Michael Barrett
cde30eb469
🐛 Fixed issue where single letter product slugs cause 500 error (#16821)
refs https://github.com/TryGhost/Team/issues/3224

When a product has a slug that is a single letter, checking if a user
had access to view a post associated with that product would cause a 500
error. The underlying cause of this issue is
https://github.com/TryGhost/NQL/issues/20 This fix circumvents this
issue by providing a value that the nql lexer will not error out on
2023-05-18 09:38:30 +01:00
Benjamin Rancourt
5841f30d30
🐛 Fixed trailing slash and space in HTML metadata elements (#16778) 2023-05-17 08:51:32 +02:00
Rishabh
f9866f97ae Updated config test to include adminX property
refs https://github.com/TryGhost/Team/issues/3151
2023-05-16 13:10:00 +05:30
Michael Barrett
59fe794b0c
Implemented duplicate post functionality (#16767)
refs: https://github.com/TryGhost/Team/issues/3139 https://github.com/TryGhost/Team/issues/3140

- Added duplicate post functionality to post list context menu
  - Currently only a single post can be duplicated at a time
  - Currently only enabled via the `Making it rain` flag
- Added admin API endpoint to copy a post - `POST ghost/api/admin/posts/<post_id>/copy/`
- Added admin API endpoint to copy a page - `POST ghost/api/admin/pages/<page_id>/copy/`
2023-05-15 09:30:32 +01:00
Fabien "egg" O'Carroll
08597b47ba Added unit test for TiersRepository
We were completely missing tests for this, and the new logic pushed us under
the coverage threshold.
2023-05-12 16:38:32 -04:00
Fabien "egg" O'Carroll
c0ca7b16f6 Added caching to TierRepository
refs https://github.com/TryGhost/Toolbox/issues/515

Tiers are very frequently queried and we want to reduce the number of DB calls
we're making. We can store the Tiers in-memory, using the existing in-memory
repository patterns, but still persisting writes the the database.

We also have to update our test helpers, because they were bypassing the
repository for writes, but using it for reads resulting in an invalid cache
2023-05-12 16:38:32 -04:00
Fabien "egg" O'Carroll
6ab862568c Used TierRepository in serializers
We want to cache access to Tiers, and it's easier to do that in the
TierRepository. So we update a heavy user of Tiers to use the Tier
service so it can take adv of caching. The serializers are a big
offender for making calls to fetch Tiers.
2023-05-12 16:38:32 -04:00
Fabien 'egg' O'Carroll
13a18711d0
🐛 Fixed site setup hanging when mail isn't configured
closes https://github.com/TryGhost/Team/issues/3176

We were waiting for the welcome email to send before responding to the
client that setup is complete, this was causing the client to hang when
running `ghost install local` as mail isn't configured by default.
2023-05-11 11:58:27 -04:00
Deepam Kapur
3a39aa361b
🐛 Fixed generating card assets with include allowlist (#16766)
fixes https://github.com/TryGhost/Ghost/issues/16652

- we need `@` keyword before '(' according to the globrex package used in tiny-glob
2023-05-11 14:20:35 +02:00
Sodbileg Gansukh
4898fd401b Updated signup confiramtion email snapshot
no issues

- updated the snapshot based on the changes added to the email template
2023-05-10 18:18:10 +08:00
Fabien "egg" O'Carroll
c5dc5a2675 Fixed @tryghost/mailgun-client import
We were incorrectly specifying the path of the file rather than relying on the
package exports, and this broke in the previous commit to a file rename. It
wasn't caught by CI because the browser tests are not run on pull requests
2023-05-09 13:00:18 -04:00
Fabien "egg" O'Carroll
104f84f252 Added eslint rule for file naming convention
As discussed with the product team we want to enforce kebab-case file names for
all files, with the exception of files which export a single class, in which
case they should be PascalCase and reflect the class which they export.

This will help find classes faster, and should push better naming for them too.

Some files and packages have been excluded from this linting, specifically when
a library or framework depends on the naming of a file for the functionality
e.g. Ember, knex-migrator, adapter-manager
2023-05-09 12:34:34 -04:00
Fabien 'egg' O'Carroll
0b8c3747c5
Supported inviting users using an Admin API Integration
Whilst Admin API Integrations had the permissions to create invites they were
blocked from doing so at the HTTP level. We've removed this restriction for
creating Invites as well as browsing Roles, because a Role ID is necessary to
create an invite. The code was also not setup to support Admin API Integrations
as it made assumptions about the existence of a User. That has been updated in
the permissions layer - so that the Invites are limited to Contributors,
Authors and Editors as well as at the email layer, which has has the copy and
from address updated to reflect the lack of a User creating the Invite.
2023-05-08 15:27:15 -04:00
Simon Backx
6566903df5
Cleaned up member attribution flag (#16745)
no issue

This commit removes the `memberAttribution` feature flag from the
codebase. Some CSS classes are not removed as removing them and updating
the associated CSS files have side effects sadly.
2023-05-05 15:04:14 +02:00
Elena Baidakova
4207c9d0d1
Added browser tests for announcement bar (#16742)
refs TryGhost/Team#3122

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 87727d9</samp>

Added `data-testid` attributes to various elements in the announcement
bar settings feature to enable Playwright testing. Fixed a potential bug
with the `visibilitySettings` getter in the `visibility.js` component.
Added Playwright tests for the announcement bar settings feature in
`announcement-bar-settings.spec.js`.
2023-05-05 14:11:26 +04:00
Simon Backx
05bba5135d
Cleaned up sourceAttribution flag (#16740)
no issue

This commit removes the `sourceAttribution` feature flag from the
codebase.
2023-05-05 10:57:26 +02:00
Chris Raible
27e4523aec
🐛 Improved error message for unauthorized YouTube embeds (#16374)
refs TryGhost/Ghost#16048

- When attempting to embed a Youtube video that has had embedding
disabled by its owner/author, Ghost displayed a generic error message
that didn't indicate the reason for the failed emebed.
- This change updated the error message when Youtube (or any provider)
returns 401: Unauthorized to indicate that the owner of the resource has
explicitly disabled embedding.
2023-05-04 16:04:58 -07:00
Simon Backx
848b2d82a1
Cleaned up suppressionList feature flag (#16736)
no issue

This pull request removes the `suppressionList` feature flag and all its
dependencies from the codebase. It makes the suppression list feature
the default and consistent behavior for all email events and
newsletters. It simplifies the UI, logic, and data related to email
events and newsletters. It affects several files in the
`ghost/admin/app`, `ghost/core/core`, and `ghost/members-api`
directories.
2023-05-04 14:47:04 +02:00
Fabien "egg" O'Carroll
b3caf16005 🔒 Fixed filtering on private Author fields in Content API
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9

Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
2023-05-03 08:43:20 -04:00
Simon Backx
514c8917c0 Readded matchMetadataSnapshot
refs bac2f4d4d4 (diff-473dc0c49e80df6c07569ed5730445ebdaaa8138fc819182548727db50eb55aa)
2023-05-03 14:14:10 +02:00
Simon Backx
fd69ab181d Removed duplicate matchHTMLSnapshot 2023-05-03 14:13:04 +02:00
Simon Backx
bac2f4d4d4 Fixed snapshot tests for MySQL only newsletter test
no issue

There was an error when generating the snapshot for this test. It never ran, so the snapshot was never committed. On top of that, the generated snapshot would change every time because the email verification token was not replaced with a static value.
2023-05-03 14:05:53 +02:00
Elena Baidakova
ef25e8dda7
Fixed tests (#16718)
no issue
2023-04-27 21:05:01 +04:00
Simon Backx
51473b3f7d Added tests for pages bulk API
fixes https://github.com/TryGhost/Team/issues/2925
2023-04-27 15:06:19 +02:00
Simon Backx
9fc98417b5 Added bulk post unpublishing test
refs https://github.com/TryGhost/Team/issues/2925
2023-04-27 14:58:27 +02:00