fixes https://github.com/TryGhost/Ghost/issues/15190
refs https://github.com/TryGhost/framework/pull/76
- log output always uses UTC timestamps, but it may be desirable to
configure logs to use the local machine timezone
- a new config option has been added to `@tryghost/logging` so you can
switch the logs to the local timezone
- this commit bumps the package and sets the default config option to
`false`, so it doesn't suddenly change the timezone of the logs
- docs will be updated soon but if you'd like to use the
timezone-altered timestamps, you can set `logging.useLocalTime` to
`true`
- credits to https://github.com/levee223 for the implementation and PR
- in its current form, bundling will happen before we build Admin
- Admin complains because the version in its package.json for
`@tryghost/members-csv` is different to the one linked in the monorepo
- by putting bundling at the end, we write the new package versions
after we've already built Admin, so this issue should go away
fixes https://github.com/TryGhost/Team/issues/1860
**Problem:**
Members were not able to comment on a post that was only visible for members with a specific tier.
**Causes:**
Content gating was done on models with missing relations.
- The products relation was not loaded on the member when doing content gating
- The tiers relation was not loaded on the post when doing content gating
**Tests:**
- Added for tier-only posts
- Added for paid-only commenting
fixes https://github.com/TryGhost/Team/issues/1859
**Problem:**
When for some reason a member has an active subscription (or legacy comped subscription) for product A, and a comped subscription for product B. You cannot remove comped subscription B.
**Fixed by:**
Updating the API to allow more flexible product changes on members.
- Allow the removal of (comped) products on a member, as long as that product doesn't have a related subscription
- (still) allow the addition of comped products to a member, as long as that member doesn't have other active subscriptions. This matches the existing behaviour, but now this is only checked for added products.
- Includes tests for these edge cases
refs https://github.com/TryGhost/Ghost/issues/14101
refs https://github.com/TryGhost/Team/issues/1734
- use of the helper was generating deprecation warnings when building Admin
- removed the single usage in favor of using `{{perform}}` directly on a controller task property as there was no need to go via the route
- changed naming of task properties to include a `...Task` suffix so it's clear when dealing with a task object
fixes https://github.com/TryGhost/Team/issues/1860
**Problem:**
Members were not able to comment on a post that was only visible for members with a specific tier.
**Causes:**
Content gating was done on models with missing relations.
- The products relation was not loaded on the member when doing content gating
- The tiers relation was not loaded on the post when doing content gating
**Tests:**
- Added for tier-only posts
- Added for paid-only commenting
fixes https://github.com/TryGhost/Team/issues/1859
**Problem:**
When for some reason a member has an active subscription (or legacy comped subscription) for product A, and a comped subscription for product B. You cannot remove comped subscription B.
**Fixed by:**
Updating the API to allow more flexible product changes on members.
- Allow the removal of (comped) products on a member, as long as that product doesn't have a related subscription
- (still) allow the addition of comped products to a member, as long as that member doesn't have other active subscriptions. This matches the existing behaviour, but now this is only checked for added products.
- Includes tests for these edge cases
- the code in question had the intention of returning early if no new
email batches had been created for an Email
- there were 2 minor bugs here:
- `batchIds` would end up being an array of an array of strings
because we just push an array in without the spread operator
- we would compare that the returned array equaled zero, which was
never the case
- this commit fixes these minor issues and adds JSDoc to document the
function's return type
no issue
- While auditing the access rights to endpoints have come across the "stable" / "experimental" notes that do not make any sense in the current approach towards the API. Every endpoint that's documented and exposed just "is" there no stable/unstable/canary/whatever distinction in the Admin API since Ghost v5
- Staff tokens were also acked as a separate way to access the API, so we have them in mind when modifying the access-list
fixes https://github.com/TryGhost/Team/issues/1679
These endpoints are safe to be removed, as they are only used by the admin app and usage has been removed over there. It is very unlikely that this endpoint has been used in a third party integration (in which case they will get a notification email).
no issue
- Return was missing for `res.end` if an invalid subscription_id was passed
- Added explicit `text/plain` `Content-Type` headers to error messages to avoid MIME sniffing
Signed-off-by: Elijah Conners <business@elijahpepe.com>
Co-authored-by: Simon Backx <simon@ghost.org>
In case there is an issue with the filtering of items in our client
side attribution script, we also check for and remove out of date
items here. This ensures that we do not erroneously attribute signups
or conversions to webpages from more than 24h ago.
This keeps the constructor clean, relying on types for validation,
whilst preserving the validation when creating the instance. The
constructor is now private so that the factory which handles
validation is always used.
The tests have also been updated to test the public factory interface
rather than the internal validation methods. Validation has been
rolled into a single method and slightly improved in the way of
readability.
We promote from alpha -> beta so that we don't require the
enableDeveloperExperiments flag, the toggle in the UI is behind the
flag still, so it will only be visible to developers or people using
alpha features.
refs https://github.com/TryGhost/Team/issues/1826
Geolocation was prev. loaded after member was created and updated on existing member. this was mostly due to historical context where we couldn't store data on magic link token.
Since email alerts go out at the time of member creation, this flow missed out on attaching member's location to email.
This change -
- stores request ip when a member asks for magic link in the token
- loads request ip from token when member uses magic link, and for new members loads their geolocation and stores it with member creation
- More adjustments to make the event stronger and the link lighter and less messy
- Checking in the icons but need to wire them up
refs https://github.com/TryGhost/Team/issues/1851
refs TryGhost/Team#1826
- triggers paid subscription cancellation alert for staff users
- passes tier and subscription information for the email - loads tier info from DB for the subscription tier
refs. https://github.com/TryGhost/Toolbox/issues/356
- the list needed avatars and action icons to be able to easily scan who's doing a lot of actions and what actions have been done at the same time
- The extra column made sense logically but was causing too many issues
- Going to try the single setence again but change visual style to be easier to parse
- Making sure this works around the feature flag
refs https://github.com/TryGhost/Team/issues/1851
refs TryGhost/Team#1826
- adds new service package that manages all the email alert notifications for free members and paid subscriptions
- includes email templates for free member signup and paid subscription start/cancel
- initializes staff service before members to allow managing email alert notifications
- passes staff service to members api for triggering alerts
refs TryGhost/Team#1826
- adds a method on user model which fetches all eligible users for a type of email alert
- restricts users to active `Owner` and `Administrators` with setting turned on
fixes https://github.com/TryGhost/Team/issues/1850
When member attribution is enabled, the signup or conversion columns are shown when filtering on them. This data is not yet available via the API when browsing members. So these columns are now hidden.
fixes https://github.com/TryGhost/Team/issues/1344
fixes https://github.com/TryGhost/Team/issues/1127
This fixes a couple of bugs with the filter menu on the members page in admin:
- When opening the members page, the filters property was passed back from the filter component to the members controller. This caused a bug that the filter columns where not visible on reload.
- Fixed handling invalid filter parameters
- When updating the URL, the members page now properly reloads
- Fixed a bug that 'falsy' values in the NQL filter were removed on reload:
- Filtering on unsubscribed members was gone after a page reload
- Filtering on 0 emails was gone after a page reload
- This is fixed by converting numbers and booleans to strings after parsing the NQL-filter
- Fixed a bug where boolean values didn't match any value in the select menu, causing the default option to be visible
- Filtering members by 'unsubscribed' -> parsed as false (boolean) -> select menu opened -> false value (boolean) didn't match 'false' (string) so the first option was shown instead (subscribed).
- This is also fixed by converting numbers and booleans to strings after parsing the NQL-filter
The way this is currently handled is not great. The parsing happens in the filter component, but should happen on a different layer, maybe in a different helper.
This is tracked here: https://github.com/TryGhost/Team/issues/1849
refs. https://github.com/TryGhost/Toolbox/issues/356
- the readability of the Audit log table wasn't great as the very repetitive "actor" was the primary info
- the link to the actor (staff user) was missing
refs TryGhost/Team#1826
- allows staff users to manage their email alert settings behind the flag
- only owner and admin users are able to toggle their email alerts
refs https://github.com/TryGhost/Team/issues/1843
- Added link to filtered members list when clicking the signup or conversion member counts in the posts and pages table
- Temporary hover style added
refs https://github.com/TryGhost/Toolbox/issues/387
- The limit values should be as configurable as possible to adjust verification thresholds dinamically per-usecase. This solves a problem of doing a separate version release when we need to adjust the verification thresholds.
- Before this "importThreshold" was the same concept as "apiThreshold", which makes it hard&confusing to reason about and hard to parameterize each specific case.
refs https://github.com/TryGhost/Toolbox/issues/387
- Similar reasoning as to previous renames - the variables were named with a single trigger source in mind and now would be confusing with multiple verification trigger sources.
refs https://github.com/TryGhost/Toolbox/issues/387
- The "amountImported" was to specific to one verification trigger source. There can be multiple sources that start the verification process.
- Changed `startVerificationProcess` method signature to reflect it's a private method that's only used internally - exposed for testing purposes only.
refs https://github.com/TryGhost/Toolbox/issues/387
- There will three distinct verification limits soon. To keep the naming clear "configThreshold" would be too generic/confusing to use.
- Introduced jsdoc descriptions for the "source" parameter, which will be corelating with each new config parameter ("apiTriggerThreshold", "importTriggerThreshold", "adminTriggerThreshold", etc.). This should give a better visibility into parameters we are dealing in this area.
refs https://github.com/TryGhost/Toolbox/issues/387
- I'm about to add another event source - "admin". Before doing that made the method more parameter dependent, so it can handle limit triggering logic from multiple source and based on multiple configuration parameters.
closes: https://github.com/TryGhost/Team/issues/1732
- adds a theme helper which outputs a working search button with a standard icon
- the icon adopts whatever the current color is from css, and has a set of default styles
- styles can be overridden with !important or the data attribute
- alternatively, any element in a theme may be turned into a search button by adding data-ghost-search
- this is meant to be a simple tool for non-theme-developers to easily add a search icon to their themes in a way that doesn't require css or html knowledge
refs: 203c8036fa
refs: 1fadbacdec
refs: 22fd7f289c
- There is something seriously weird about how content-length changes...
- It's different on CI to local sometimes...
- This particular test should not change IMO
- Some events take up quite a bit of space and so want to be less verbose
- Playing with where to add joins in the interface
- Remove references of subscription unless it's for email
refs https://github.com/TryGhost/Team/issues/1840
- Adding sticky headers so columns are easier to read and parse
- These are working only behind the feature flag
- Checked against narrower viewports and dark mode
refs https://github.com/TryGhost/Team/issues/1837
refs https://github.com/TryGhost/Team/issues/1833
refs https://github.com/TryGhost/Team/issues/1834
We've added the attribution property to subscription and signup events when the
flag is enabled. The attributions resource is fetched by creating multiple relations
on the model, rather than polymorphic as we ran into issues with that as they can't
be nullable/optional.
The parse-member-event structure has been updated to make it easier to work with,
specifically `getObject` is only used when the event is clickable, and there is now a
join property which makes it easier to join the action and the object.
- after a while of browsing around filtering Actions, the endpoint will
suddenly lock up and start throwing stack exceeded errors
- this is because every time we initialize an Actions model, we push to
the `candidates` array with a list of the current models
- this was producing a `candidates` array with a length of several
thousand models after a few clicks, which would cause errors when
joining the data down the line
- the code was like this because we need to lazy-initialize the models,
so the order of requiring the Actions model doesn't matter
- this commit switches the code to using a `candidates` function to get
the models
- this seems to work and the performance cost is negligible given it now
doesn't error
refs https://github.com/TryGhost/Toolbox/issues/356
- the existing structure of 1 checkbox per resource was becoming unsustainable
as we added events for more resources
- instead, we're going to group resources together into categories so
they can be disabled/enabled together
- this implements that, and also enables showing Tier and Offer events
now we have something that works nicely
refs: https://github.com/TryGhost/Ghost/issues/14882
- Usage of bluebird is deprecated in favour of using native promises
Co-authored-by: Navarjun <navarjun@Navarjuns-MBP.hitronhub.home>
refs https://github.com/TryGhost/Team/issues/1833
refs https://github.com/TryGhost/Team/issues/1834
We've added the attribution property to subscription and signup events when the
flag is enabled. The attributions resource is fetched by creating multiple relations
on the model, rather than polymorphic as we ran into issues with that as they can't
be nullable/optional.
The parse-member-event structure has been updated to make it easier to work with,
specifically `getObject` is only used when the event is clickable, and there is now a
join property which makes it easier to join the action and the object.
closes https://github.com/TryGhost/Team/issues/1727
- allows site owners to give cardless free trials to members by setting expiry on complimentary subscriptions
- also allows complimentary members to upgrade as paid member
closes https://github.com/TryGhost/Team/issues/1836
- Uses the timestamps from the members table to determine the timestamps for the events
- Clears the table when downgrading to prevent having multiple rows for the same member
Co-authored-by: Fabien "egg" O'Carroll <fabien@allou.is>
- without this, the model doesn't have the context on who was
adding/editing it
- this resulted in being unable to store actions for Offers because the
`actor` is unknown
- this is the pattern we use elsewhere in the code so I've copied it
into here
- Made sure feature flag works for new design with table
- Made adjustments to the narrow width look of the table
- Tested across browers and dark mode
refs https://github.com/TryGhost/Toolbox/issues/356
- this allows collection of CRUD events for Offers but we currently don't
show them in the UI until it's overhauled to avoid being monotonously
long
refs https://github.com/TryGhost/Toolbox/issues/356
- this allows collection of CRUD events for Tiers but we currently don't
show them in the UI until it's overhauled to avoid being monotonously
long
refs: https://github.com/TryGhost/Ghost/issues/14882
- The use of predicates is deprecated, and we're working to remove them from everywhere, so that we can remove bluebird
- This should be the final piece of the puzzle in terms of predicates, from here we can start removing bluebird without concern that a predicate somewhere will explode
- Note: some of this code is poorly tested, but the refactors are very straightforward and minimal
refs: https://github.com/TryGhost/Ghost/issues/14882
- I found a common pattern where catch predicates were being used to catch non-existent models in destroy methods, and sometimes elsewhere in the API endpoints
- The use of predicates is deprecated, and we're working to remove them from everywhere, so that we can remove bluebird
- In order to still handle these errors correctly, we needed a small change to mw-error-handler so that it can detect EmptyResponse errors from bookshelf, as well as 404s
Note: there is a small change as a result of this - the context on these errors now says "Resource not found" instead of "{ModelName} not found".
- I think this is acceptable for now, as we will be reviewing these errors in more depth later. It's quite easy to make changes, we just have to decide what with proper design input
- this shouldn't ever be the case, but if we forget to label the
resource type, we shouldn't proceed with storing the event because
it'll throw an error
refs https://github.com/TryGhost/Toolbox/issues/164
- see referenced issue for more context but Ghost sometimes has issues
with the email analytics job getting stuck
- we don't provide a timeout to the Mailgun library, so we just
sit there idling for eternity if something between us and Mailgun is
causing issues
- this commit adds a 60s timeout so we can at least error out and try
again next time
refs https://github.com/TryGhost/Toolbox/issues/356
- we should store the `primary_name` on `added` events too because if
the resource is eventually deleted, we won't have the pretty name to
refer to it
refs https://github.com/TryGhost/Toolbox/issues/356
refs 3a9016639c
- I misunderstood the purpose of a column, and changed the values that
are inserted into it, which broke relation includes in Bookshelf
- I've since reverted that in the commit above but this migration is to
fixup the data that got stored in the DB
- we want to replace `resource_type` = `page` back to `post`, but then
use the `context` column as described in the referenced commit to
store that the type is actually a `page`, so we can link to it
from the audit log accordingly
- I'm overwriting the `context` column without taking into account the
current contents but that's ok because this bug existed before we
started using `context`
refs https://github.com/TryGhost/Toolbox/issues/387
- The constructor should be light initialization logic only. Putting business logic into constructor is quite dirty and not really testable!
- Created a new tag type with max width
- Made sure tags didn't get to large for the box
- Double checked page or post title length
refs https://github.com/TryGhost/Team/issues/1832
refs https://github.com/TryGhost/Team/issues/1825
- adds 3 new columns to users table for storing email alert preferences for member signups/cancellation
- adds column for new member signup alert
- adds column for paid subscription started alert
- adds column for paid subscription canceled alert
- Updated default fixtures and tests for new columns
refs https://github.com/TryGhost/Toolbox/issues/356
- we have a very crude version of this before but it just wasn't
maintainable
- one of the first things I did here was to add `include=resource` on
the API call, so it returns the fields we need without extra API
requests
- after we have the id/slug, I could build a route and model array
dynamically, or return null if we can't redirect to the object (it
doesn't exist)
refs bde9b84221
- the commit above claimed to fix an issue where actions taken on pages
were stored using the `post` resource type
- whilst it does that, this actually breaks part of the API because we
use the `resource_type` to join on tables when doing an
`include=resource`
- this commit reverts that functionality and instead stores the type in
the `context` field so we can still differentiate between pages and
posts
- copied over and rewrote the deletion test from the legacy file
- added a new test that checks that we get a 404 when attempting to delete an unknown post
- this is a guard to protect and futureproof the API whilst we do refactoring to improve 404 handling from bookshelf
- in turn this is aimed at helping to get rid of a bunch of catch predicates from the API
- I want to start rewriting the post tests using the new e2e framework, but it's quite a big task
- For now I have renamed the existing file, and will use the correct file name for writing modern versions of tests
- Note: I have a specific test that I'd like to add which is far easier to write in the new framework
- This change should facilitate moving forward more with the new framework
refs https://github.com/TryGhost/Toolbox/issues/356
- in order to show data that we might not necessarily still have around
(ie. when you delete a post, you might want the title), we're going to
start utilizing the `context` column
- right now, we store the `primary_name` for deleted events, and we also
store the `setting` `key` and `group` so we can reference it in the
audit log
