Commit Graph

9290 Commits

Author SHA1 Message Date
Daniel Lockyer
fa19ef7f0b v4.12.1
-----BEGIN PGP SIGNATURE-----
 
 iHQEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRviGQAKCRDSEYbwtHKV
 rfxSAPi1I0TdH6rbtpNCqaAmm0kAShomDM0IOajwm2bSwFIGAQDYgzablHFGAhv7
 fsFe7t66zHs2fGZ7jakF+vC/NEsMBw==
 =ci9A
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRvi/wAKCRDSEYbwtHKV
 rdv+AP9sExkMA4Yqn13vs8Lh6vApLi5BmAYipbVZr7/htx9XVAEA2sd4iQBLvS7H
 KRxwT/4YMvT985cdPrsYL39hRa0ltwc=
 =dpmX
 -----END PGP SIGNATURE-----

Merged v4.12.1 into main

v4.12.1
2021-08-17 17:25:28 +01:00
Daniel Lockyer
1e712b9eab
Updated Admin to v4.12.1 2021-08-17 17:21:45 +01:00
Daniel Lockyer
f8aa065891 v4.12.0
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRuK8QAKCRDSEYbwtHKV
 rXv7AP9tKQEpGwis3ZjVpWcE7EWkYfrwzTmTGnFMAOrqeCPlNQEAyaROjVd2qiGc
 xzHsLOu8fIHjhlbQtkbc0fh4ZMiZ2gw=
 =kec3
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYRuL4wAKCRDSEYbwtHKV
 rdLcAQCYNn+jTXH+QaBu2XBPLfwQltXuhTKe0oMoZA8YUFtC1gEA3tGWtXgZNIGH
 BoG+GubHsjSAxpMnxZjQ2dbaUMlZiQo=
 =xy1l
 -----END PGP SIGNATURE-----

Merged v4.12.0 into main

v4.12.0
2021-08-17 11:13:49 +01:00
Daniel Lockyer
1c2efb8731
Updated Admin to v4.12.0 2021-08-17 11:09:53 +01:00
Fabien 'egg' O'Carroll
26940bea3d
Fixed labs.enabledMiddleware isSet reference (#13227)
no-issue

The `this` used by enabledMiddleware is not bound to `module.exports`.
This updates the middleware to reference the `isSet` method correctly
2021-08-16 17:05:47 +01:00
Kevin Ansfield
23fe99e289 Added snippetReplacements to allowed labs flags
refs https://github.com/TryGhost/Team/issues/973

- alpha flag for Admin feature that allows for replacing a snippet's content without having to delete and recreate it manually
2021-08-16 10:40:57 +01:00
Fabien 'egg' O'Carroll
8abd344048
Removed non-existent labs file export
refs 9e2b21578a

Since the ref'd commit the labs middleware was moved to the shared labs module
and this require path no longer exists. This does not break anything as any module
still using this would error when reading the labs property
2021-08-13 13:41:38 +01:00
Hannah Wolfe
59a3a67683
Added eslint override for index.js false positives
- Unquestionably, at some point we need to rework the API code so that we have less stuff everywhere
- However, the max-lines index.js rule exists as a proxy to find index.js files which are not exposing Public API, but rather contain logic
- These 6 cases are all valid index.js files as the expose the Public API of the module
- Therefore, I've added an override and an override notice explaining.
2021-08-13 12:48:49 +01:00
Fabien 'egg' O'Carroll
1dd520754d
Added bulkEdit to bulk-operations bookshelf plugin (#13223)
refs https://github.com/TryGhost/Team/issues/946

This refactor pulls out the core logic so that we can easily add other
bulk operations without having to duplicate even more logic.

It also gives a consistent return value between bulk operations, renaming
`unsuccessfulIds` and `unsuccessfulRecords` to `unsuccessfulData`

We also add a bulkEdit method which will be used to bulk unsubscribe members
from the newsletter.
2021-08-13 12:19:02 +01:00
Fabien O'Carroll
de9efba30c Fixed existing members status properties
refs https://github.com/TryGhost/Team/issues/959

Since we had a bug where members with a canceled subscription would have
a status of 'comped' we must fix any existing members in this state.

We update all members which have no products to a status of 'free',
which is the definition of a 'free' member.
2021-08-13 11:39:19 +02:00
Naz
74280cfbea Added "email post" frontend routing
refs https://github.com/TryGhost/Team/issues/953

- Emails posts should be not explorable by the rest of the frontend similarly to the draft or scheduled posts. Email posts should also keep the content gating, so that specific parts of content can still be gated based on the post's visibility setup
- A separate frontend router was chosen to implement this part of the system instead of a moutable express app due to increased complexity to introduce the latter approach.
- All "sent" email-only posts will be accessible through the `/email/:slug/` route
2021-08-13 12:09:11 +04:00
Naz
2cae064575 Swapped to American English spellings
refs 16728a3ef1
2021-08-13 10:26:33 +04:00
Naz
0d7f253582 Added an internal API for email-only posts
refs https://github.com/TryGhost/Team/issues/899

- The internal API is needed to be able to fetch email-only posts through email router. The concept is similar to Preview API with a difference that only posts with `sent` status are accessible and there is content-gating present.
2021-08-13 10:12:54 +04:00
Naz
59a60d77b9 Fixed JSDoc apiType in the frame pipeline
no issue

- The apiType parameter is optional and was causing type checking to fail in many palces
2021-08-13 10:08:50 +04:00
Naz
9bc5a279ca Added a 'sent' status to post model
refs https://github.com/TryGhost/Team/issues/953

- We need to track email-only posts that have been sent out. New status was chosen as a way to differenciate such posts.
- Introducing a new "email post" type, conceptually like "page", was considered. Because there is no clear roadmap for "email post" becoming a bigger part of the product yet and a lot of uncertainty around this concept, overhead needed to introduce a new type was just too much to do at this moment. It's still a possibility in the future
2021-08-13 10:06:15 +04:00
Fabien 'egg' O'Carroll
235597a5e4
Refactored Members controller bulkDestroy (#13221)
no-issue

This moves the logic out of the controller and into the members-api
member repository. Removing complexity from the controllers and
out into services is desirable to reduce code in the Ghost codebase
and move logic into modules which can be tested easier.
2021-08-12 15:26:25 +01:00
Naz
cf14b5f433 Fixed function complexity linting warning
no issue

- Touched this file while looking into use of config.user_name/user_email and it was almost criminal to not do a tiny improvement
2021-08-12 15:38:58 +04:00
Naz
cb16675e29 Added "from" parameter to email verification
refs https://github.com/TryGhost/Team/issues/961

- More specific "from" address should improve handling when escalated. See refed issue for details.
2021-08-12 14:07:16 +04:00
Naz
41c70dfc96 Improved GhostMailer JSDocs
refs https://github.com/TryGhost/Team/issues/961

- The "from" parameter was not documented, so made it vary clear that it exists and is optional
2021-08-12 14:07:16 +04:00
Naz
fa13ff2798 Updated use of "blog" in variable to "site"
no issue

- The coding standard/preference in variable naming is to go with "site" where possible when referring to current instance instead of "blog".
2021-08-12 14:07:16 +04:00
Fabien 'egg' O'Carroll
6dba643ef9
Added ability to filter members on subscription data (#13214)
refs https://github.com/TryGhost/Team/issues/944

This will allow us to filter for members which have a canceled
subscription or for members which are currently on trial.
2021-08-12 10:10:51 +01:00
Naz
01f8737d39 Added /email/ route to robots.txt
closes https://github.com/TryGhost/Team/issues/952

- The `/email/` route will be a home for email only posts. We are adding the route preemptively to have the crowlers update their caches before the feature sees the light of The Internet
2021-08-10 13:45:53 +04:00
Naz
c9821a123a Swapped to American English spellings
refs 16728a3ef1
2021-08-09 13:35:01 +04:00
Naz
06a6dcb2d1 Added an /email/ root route for email-only posts
refs https://github.com/TryGhost/Team/issues/948

- The  frontend route `/email/:uuid` is aliased to the preview as a temporary solution. It fulfills the premise of the email-only post anyway - not being accessible publicly and only shared through email.
- The tests for the new route are missing as adding them was way more problematic than I envisoned. They are in the works and will be added as a follow up commit next.
2021-08-06 18:10:19 +04:00
Naz
db9e3a01ab Fixed invalid variable naming
refs ccab6117b4

- The change was meant to go with refed commit but was missed
2021-08-06 13:21:28 +04:00
Naz
ccab6117b4 Removed i18n dependency from psots service
refs https://github.com/TryGhost/Team/issues/949

- Use of i18n module is deprecated in favour of `tpl`/'messages` pattern
2021-08-06 12:21:23 +04:00
Naz
3c822e0457 Added ability to send newsletter and not publish the post
refs https://github.com/TryGhost/Team/issues/949

- When post is marked as "email-only" we can send it out to the selected audience when publishing without making the post publicly available
- The feature is available for experimentation behind "email only" alpha flag available in labs
2021-08-06 11:57:54 +04:00
Naz
a7503b9c0f Refactored posts service instantiation logic
refs https://github.com/TryGhost/Team/issues/949

- Initializing PostsService with almost identical parameters is burdensome, having a single factory method in create instances is far more maintainable
2021-08-06 11:57:54 +04:00
Naz
3a7bc1349d Reformatted big if statement
refs https://github.com/TryGhost/Team/issues/949

- It's relly hard to grasp what's going on in ifs with multiple conditions that are written down in a signle, gazzilion-line format. Having a nice column as way more readable
2021-08-06 11:57:54 +04:00
Naz
bd8a45d094 Extracted post edit logic to posts service
refs https://github.com/TryGhost/Team/issues/949

- The post model handling related to newsletter sending and email recipient filter logic were duplicating across v3/v4(canary) APIs and it made sense to extract it into a posts service.
- This will allow for a central place to handle about to land logic for email_only newsletter handling.
2021-08-05 15:18:29 +04:00
Naz
15073bad29 Extracted post/page cache invalidation logic to service
refs https://github.com/TryGhost/Team/issues/949

- The code is exactly the same in six (!) places. It's beyond unmaintainable to add another line to any of these place, which will be needed for `email_only` handling.
- The newly created posts service is a temporary, slightly better solution that complies with codebase's best practice of extracting new services using class with DI pattern
2021-08-05 14:51:47 +04:00
Naz
accf0c645a Refactored Pages API v3/canary controllers
refs https://github.com/TryGhost/Team/issues/949
refs e64274bb45

- This refactor is needed to bring the code in line with the rest of pages API controllers
- Next step will extract shared code patterns into a separate module
2021-08-05 14:42:16 +04:00
Naz
87ad210624 Refactored Pages API v2 controller
refs https://github.com/TryGhost/Team/issues/949
refs e64274bb45

- This refactor is needed to bring the code in line with the rest of pages API controllers
- Next step will extract shared code patterns into a separate module
2021-08-05 14:21:05 +04:00
Naz
ec19b01088 Fixed missing semicolon after the refactor
refs https://github.com/TryGhost/Team/issues/949

-  See previous commit
2021-08-05 14:14:58 +04:00
Naz
e64274bb45 Refactored Posts API v2 controller
refs https://github.com/TryGhost/Team/issues/949

- This refactor is needed to bring the code in line with the rest of post API controllers
- Next step will extract shared code patterns into a separate module
2021-08-05 14:13:02 +04:00
Naz
8b5d0f559d Added clarifying comment to the email_only mapping
https://github.com/TryGhost/Team/issues/893

- The assignment is not that obvious and might be confusing without wider context, which is why it warrants to have a clarifying comment. This became apparent during code review
2021-08-05 19:44:35 +12:00
Naz
838e94e535 Added email_only property in Posts Admin API v4
https://github.com/TryGhost/Team/issues/893

- The property is only added to Admin API v4 and is invisible in all Content APIs as well as v2/v3 Posts APIs
2021-08-05 19:44:35 +12:00
Naz
755a3a320e Added email_only column to posts_meta table
closes https://github.com/TryGhost/Team/issues/893

- We need a place to store email-only flag and posts_meta is the best place for it
2021-08-05 19:44:35 +12:00
Fabien 'egg' O'Carroll
424f621414
Moved NQL relations and expansions into the models (#13204)
refs https://github.com/TryGhost/framework/pull/19

The @tryghost/bookshelf-filter plugin no longer bundles hardcoded
relations and expansion definitions, instead leaving it up to the
library consumer to implement.

This PR adds the preexisting relations and expansions to the relevant
models, in order to preserve our existing filtering functionality.
2021-08-04 15:30:53 +01:00
Kevin Ansfield
482a93ac7a Added dashboardTwo to allowed labs flags
no issue

- flag for Admin to switch to a more comprehensive dashboard
- may be used in Ghost for changes to stats endpoints
2021-08-04 11:09:13 +01:00
Sanne de Vries
2be601d25e Fixed hr element and button overlapping in cta card in email template 2021-08-03 18:43:29 +02:00
Daniel Lockyer
5cce9818eb v4.11.0
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYQk0mQAKCRDSEYbwtHKV
 raAxAQCWNrrS6ixKZlzFkjv8opyMQ1b0HV25NBjg8rAkD8YRVQEAsvUM2Vu/G0+Y
 mbb7qeWAzK1L8tNP686Khc84TbeSBQY=
 =NBs1
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYQk1CAAKCRDSEYbwtHKV
 rcPcAP9eW3OIVa5eO05BTVt7Dgi6sqLkry7AKU1KA6yWANJS4wEAi+EygDpPjxXu
 HTIkCXAJRV8VAKPHbO6ESUcqtMTEOAc=
 =PoHi
 -----END PGP SIGNATURE-----

Merged v4.11.0 into main

v4.11.0
2021-08-03 13:22:26 +01:00
Daniel Lockyer
e32ad5ea6d
Updated Admin to v4.11.0 2021-08-03 13:20:40 +01:00
Naz
7471c98df2 Updated email sending error copy
refs https://github.com/TryGhost/Team/issues/912
2021-08-03 10:13:14 +04:00
Naz
5868fff1b9 Added emailOnlyPosts alpha labs flag
refs https://github.com/TryGhost/Team/issues/902

- The flag will be controlling upcoming feature with the same name enabling exactly how it reads - ability to create posts available through the newsletter only
2021-08-02 13:11:07 +04:00
Rishabh
12f5e03f61 Handled member session API response in Portal
refs 24b2a82461

Updates Portal to handle updated 204 response for member session API in case of logged out member
2021-07-30 10:57:24 +05:30
Rishabh
24b2a82461 Updated session API status code for logged out member
refs https://github.com/TryGhost/Team/issues/560
refs 69b773d112

The endpoint `/members/api/session/` is used by Portal for fetching member session while setting up and redirecting to Stripe Checkout flow. The status code returned by API for logged out member is changed from 4xx Unauthorized to 204 No Content, which is consistent with the status code returned while fetching member data when logged out. This API is made just before initiating the checkout session, and is not noticable in most cases due to redirect to Stripe Checkout and got missed.
2021-07-30 10:34:51 +05:30
Kevin Ansfield
10b7b31e6b Adjusted .btn-accent colors in emails for a white background
refs https://github.com/TryGhost/Team/issues/928

- applied same darkening of accent color in emails as we use in editor when there's insufficient contrast of accent color against a white background
2021-07-29 15:39:04 +01:00
Kevin Ansfield
eb92610df2 Added accent color button styles to labs email template
refs https://github.com/TryGhost/Team/issues/928

- duplicated email template so email-cta changes can go into the labs version
- added `accentContrastColor` to template settings for using white/black depending on the accent color
- added `.gh-btn-accent` styles to the email template (email-cta card already uses those for the button)
2021-07-29 15:25:09 +01:00
Naz
5fd1ed5bcb Added an escalation email when import triggers a limit
refs https://github.com/TryGhost/Team/issues/912

- When the improt acceedes the threshold for the first time we need a way to notify configured escalationAddress to verify the instance owner's email address.
2021-07-29 20:30:30 +12:00
Naz
fa33235fd9 Moved email verification logic into separate method
refs https://github.com/TryGhost/Team/issues/912

- The processImport method was becoming to big and unreadable
- Having small methods is easier to extract if needed later
2021-07-29 20:30:30 +12:00
Naz
93e8814589 Moved sending email error into MEGA
closes https://github.com/TryGhost/Team/issues/913

- Having a limit service rule triggered was a temporary hack to get a basic email blocking version working
- As the freeze value is now persisted in the DB it's possible to read and rely on it to throw an error straight from MEGA.
2021-07-29 20:30:30 +12:00
Naz
086840873e Moved verified email check closer to freeze logic
refs https://github.com/TryGhost/Team/issues/912

- Previous logic was a bit misleading because it prevented from reading the real threshold configured with an instance once the verified flag was present in the config.
- The reshuffle made here allows to check the freeze logic based on the threshold and then process the returned result accordingly instead of having hidden logic behind "importThreshold" config value
2021-07-29 20:30:30 +12:00
Naz
8bc4d00fe6 Added email unfreeze for verified email config
refs https://github.com/TryGhost/Team/issues/912

- When instance has "verified" email configuration it should remove email freeze and disallow future feezes
2021-07-29 20:30:30 +12:00
Naz
06788f0b6a Persisted email freeze in settings table
refs https://github.com/TryGhost/Team/issues/912

- The email freeze state has to be stored somewhere to make it through the instance restart and settings table is the best place for it.
2021-07-29 20:30:30 +12:00
Naz
2fbc1af165 Added email disabling flag to settings records
refs https://github.com/TryGhost/Team/issues/912

- We need a place to persist the email freeze state between instance restarts - settings table record is the best place for it
2021-07-29 20:30:30 +12:00
Thibaut Patel
ba4f8cc857 Added OAuth user data
issue https://github.com/TryGhost/Team/issues/614

- This allows keeping each user oauth data, to compare on future logins
2021-07-27 17:56:07 +02:00
Kevin Ansfield
dfca0abc93 Added support for segmented email content in previews and test emails
refs https://github.com/TryGhost/Team/issues/927

- the `email-cta` card can be segmented so only free or paid members can see the content, it should be possible for authors to preview what that will look like in either case
2021-07-27 16:31:41 +01:00
Naz
633d4f4771 Fixed typo 2021-07-27 14:07:57 +04:00
Naz
1a64af103a Fixed MemberCSVImporter initialization
refs https://github.com/TryGhost/Team/issues/912

- The membersApi variable can be in uninitialized state. It should be accessed through membersService getter to make sure it's always correctly referenced
2021-07-27 13:09:04 +04:00
Naz
8fbbd524df Swapped to American English spellings
refs 16728a3ef1
2021-07-27 12:15:19 +04:00
Daniel Lockyer
04b5a1c6c5 v4.10.2
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYP6iagAKCRDSEYbwtHKV
 rR/dAPsGjY89fheicUdZfWbVUGunIQAKCYWj4sNMR5ZJbFQ8IAD8Dbx5XLR1IYmX
 7uzjx7ayuHt+o9jJkaRFGpETIRln4w0=
 =JY+u
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYP6kDQAKCRDSEYbwtHKV
 rVJ1AQCDiGWEJNVItQbPoAURACUtQPtg8GH1O62We+LUNdKQ5gEA2+snzZAi9fag
 60k5eyYxcB4JOwSVLIS19FcybgnhuAg=
 =1a74
 -----END PGP SIGNATURE-----

Merged v4.10.2 into main

v4.10.2
2021-07-26 13:01:12 +01:00
Daniel Lockyer
469a2f32ad
Updated Admin to v4.10.2 2021-07-26 12:54:17 +01:00
Kevin Ansfield
8d5e7ed695
🐛 Fixed unsubscribed members receiving email when a post is sent to all members (#13181)
refs https://github.com/TryGhost/Team/issues/935

The problem was incorrect operator precedence when multiple statements existed in the filter original filter when we transform it to enforce `subscribed:true` before sending.

- free only - subscribed:true+status:free - no issue
- paid only - subscribed:true+status:-free - no issue
- all - subscribed:true+status:-free,status:free - the ,status:free part is treated as a separate OR statement meaning the subscribed:true is not applied to it and free members that are unsubscribed will receive the email

- extracted the filter transform into a separate function so it can be unit tested
- updated the transform to use `()` for operator precedence, eg: `subscribed:true+(status:-free,status:free)`
- used transform function in `addEmail()` and `getEmailMemberRows()`
- fixed `sent/send` typo in error message
2021-07-26 12:47:03 +01:00
Naz
ac3602cced Fixed empty response when import triggers a job
refs d60d348c88

- When the import triggers a background job the meta response should contain no data otherwise the client can mistake it for completed import
2021-07-23 21:14:06 +04:00
Naz
d60d348c88 Fixed error when hostLimits are undefined
refs a7dd7bb64b

- The error was introduced in the refed commit. Object.assign method only works when the first parameter is an object otherwise it fails.
2021-07-23 20:46:52 +04:00
Naz
a7dd7bb64b Added email verification limit check
refs https://github.com/TryGhost/Team/issues/912

- When the import threshold is reached we want to trigger an "email" limit. See details in the refed issue
2021-07-23 20:37:29 +04:00
Naz
ec8b49ea42 Moved member importer declaration for readability
refs https://github.com/TryGhost/Team/issues/912

- Exposing a single method out of the service makes the API surface smaller - more readable.
- Additionlally having a wrapping method in service will be helpful for other triggers that are going to be executed in later iterations
2021-07-23 16:58:46 +04:00
Daniel Lockyer
dcca28a45b v4.10.1
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYPmn5QAKCRDSEYbwtHKV
 rZ7GAP44uQbWr4HFW7cAdEBG3YRDA5EC7S0uy2fdizzxuvPr2AEAqpU51eOpUPgm
 SY43m3su6G2QUoMMUJEt6HJ0xzH4FQU=
 =Qvoa
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYPmoNQAKCRDSEYbwtHKV
 rY8SAQDDoVnCn5KBFk7F4pMBEsH9CV5olF1URJf5wShFdVZrpwD/bNOf/kN/xn1R
 X2SMUaG4uZav969eRRU36h3Ky64Hdw4=
 =2WgO
 -----END PGP SIGNATURE-----

Merged v4.10.1 into main

v4.10.1
2021-07-22 18:17:34 +01:00
Daniel Lockyer
51ae9f1900
Updated Ghost-Admin to v4.10.1 2021-07-22 18:16:20 +01:00
Rishabh
a110cdd34a Added membersFiltering alpha labs flag
closes https://github.com/TryGhost/Team/issues/925

- used by Admin for working on members filtering features
2021-07-21 21:16:15 +05:30
Naz
57c4afdea2 Integrated @tryghost/members-importer
closes https://github.com/TryGhost/Team/issues/916

- The members importer module was extracted into an ouside module as per project structuring standards
2021-07-21 19:34:30 +04:00
Fabien O'Carroll
49f48c0f09 Made a single request for products in theme middleware
refs https://github.com/TryGhost/Team/issues/907

The logic to populate the `@price` data and the `@products` data both
rely on the same product data, but were each making their own request to
the API. This refactor removes the request from the legacy `@price`
data, which should cut the database queries in half.
2021-07-21 12:50:21 +01:00
Fabien O'Carroll
f900b4ee78 Moved theme middleware after static middleware
refs https://github.com/TryGhost/Team/issues/907

The theme middleware makes several calls to the content api in order to
populate global theme data for use in templates. By adding this
middleware after the static theme files, we remove redundant calls.
2021-07-21 11:25:02 +01:00
Naz
170617feb3 Fixed this context for methods passed into importer
refs https://github.com/TryGhost/Team/issues/916

- Without `.bind`, `this` context was lost when used inside of the CSVImporter calss
2021-07-21 21:00:16 +12:00
Naz
25dcfde368 Refactored ghostMailer parameter
refs https://github.com/TryGhost/Team/issues/916

-  The constructor API should have as small of a surface as possible, there's no need to pass around whole ghostMailer instance
2021-07-21 21:00:16 +12:00
Naz
83c75a3fb4 Refactored settingsCache parameter
refs https://github.com/TryGhost/Team/issues/916

-  The constructor API should have as small of a surface as possible, there's no need to pass around whole settingsCache instance
2021-07-21 21:00:16 +12:00
Naz
19c5c0b05a Refactored storagePath parameter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern with single options Object parameter
- It didn't make sense to have a "config" object inside of options object containing just one property
2021-07-21 21:00:16 +12:00
Naz
2472695535 Refactored constructure signature to be a n object
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern with single options Object parameter
2021-07-21 21:00:16 +12:00
Naz
da3620ca8e Refactored url-uitls out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-21 21:00:16 +12:00
Naz
66a6a522e0 Refactored db dependency out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-21 21:00:16 +12:00
Naz
b96a8f4f6b Refactored jobs service out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-21 21:00:16 +12:00
Thibaut Patel
489e470d7b Added a feature flag to the oauth login feature
issue https://github.com/TryGhost/Team/issues/614

- The feature flag was called `oauthLogin` instead of simply `oauth` to avoid clashes in the frontend `feature` service as it is merging the config and labs properties.
2021-07-20 23:16:49 +02:00
Naz
1eef1e9781 Refactored labs dependency out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-20 18:42:57 +04:00
Naz
c7edf256f6 Refactored Ghost mailer dependency out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-20 18:42:26 +04:00
Naz
a2fc3dde7d Removed dead code - batch-import module
refs https://github.com/TryGhost/Team/issues/916

- While investigating members importer related codebase this legacy module was spotted. It's not used anywhere and doesn't serve any particular purpose.
2021-07-20 17:44:25 +04:00
Naz
ce1711735f Swapped to American English spellings
refs 16728a3ef1

- Same reason as in refed commit, ltdc:
 - Traditionally all of Ghost's public-facing text was written in British English
 - We're changing that to US English because that's more common
 - US English should also be used in code e.g. properties are called color not colour
2021-07-20 17:27:24 +04:00
Fabien 'egg' O'Carroll
fc754c980f
Added missing comment to members .well-known mount
refs https://github.com/TryGhost/Team/issues/664

This was missed as part of PR review, as it is a non-standard mount location a comment
should be included to help our future selves!

PR: https://github.com/TryGhost/Ghost/pull/13163#discussion_r673066080
2021-07-20 13:58:29 +01:00
Daniel Lockyer
3ea9a6dff1
Updated Ghost-Admin to v4.10.0 2021-07-20 13:45:53 +01:00
Fabien O'Carroll
1962591c2e 🔒 Fixed permissible method for Integration Model
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-j5c2-hm46-wp5c

The permissible method of models overrides all permission logic, which
means we must manually check the user & api key permissions before
continuing.
2021-07-20 13:43:29 +01:00
Fabien 'egg' O'Carroll
264fb51a87
Exposed Members pub keys on /members/.well-known/ (#13163)
refs https://github.com/TryGhost/Team/issues/664

The new WellKnownController and middleware handles exposing a JSON Web
Key Set for us.

In order to serve the keys on /members/.well-known/jwks.json without a
trailing slash, we must mount the wellKnown middleware before the
frontend.
2021-07-20 13:19:31 +01:00
Naz
9a26ee9125 Added checkEmailList alpha labs flag
closes https://github.com/TryGhost/Team/issues/911

- See refed issue
2021-07-20 13:59:36 +04:00
Peter Zimon
94234e1505 Updated copy for tiers CTA
- Updated "product" copy to "tier" in the default content CTA  when members need to be on a different plan to have access to a post.
2021-07-19 13:14:37 +02:00
Fabien 'egg' O'Carroll
c0f32b7746
Replaced usage of Error with @tryghost/errors (#13161)
refs 2f1123d6ca

Usage of the raw Error class has been deprecated in favour of our own
errors, which are more descriptive and have built in HTTP status codes.

This also updates the same errors to use @tryghost/tpl for the error
messages, which is the new pattern we are following in order for us to
deprecate the i18n module.
2021-07-19 11:46:38 +01:00
Kevin Ansfield
e5db28db00 Removed use of i18n in snippets controllers
no issue

- i18n is deprecated in favour of `tpl`
- normalized method syntax so `add` matches the rest of the controller's methods (fixed a complexity warning but was not the primary intention)
2021-07-19 11:08:55 +01:00
Naz
810b052e01 Removed use of deprecated new Error() syntax
refs 2f1123d6ca
refs 6f1a3e1774

- As per refed commits, we are removing deprecated use of `new Error()` in the codebase
- Exposed few internal from commands module methods for easier testing, otherwise it was turning into neverending mocking show
2021-07-19 21:31:31 +12:00
Naz
4c4af001e6 Removed use of deprecated new Error() syntax
refs 2f1123d6ca
refs 6f1a3e1774

- As per refed commits, we are removing deprecated use of `new Error()` in the codebase
2021-07-19 21:31:31 +12:00
Naz
a266c64130 Removed use of deprecated new Error() syntax
refs 2f1123d6ca
refs 6f1a3e1774

- As per refed commits, we are removing deprecated use of `new Error()` in the codebase
2021-07-19 21:31:31 +12:00
Fabien 'egg' O'Carroll
1af2b50dcf
Added userAuth brute middleware to members auth endpoint (#13152)
refs https://github.com/TryGhost/Team/issues/696

The userAuth spam prevention logic is reused, but a new piece of
middleware has to be created so that we can use a custom lookup key to
conatin the member email.

We must also add json parsing middleware to the route so that the brute
middleware can read the email.

The express body-parser middleware handles multiple instances on the
same route, so this doesn't cause problems upstream.

https://github.com/expressjs/body-parser/blob/1.19.0/lib/types/json.js#L99-L103
2021-07-19 09:40:38 +01:00
Naz
d1b569075f Decreased coupling of frontend routing to server api
refs https://github.com/TryGhost/Team/issues/527
refs https://github.com/TryGhost/Ghost/issues/10790

- Frontent has to have as few as possible coupling points with the Ghost Server API. By design that point has been a "proxy.api" property that will become more and more constraint in the future based to limit the surface of frontend interaction with servers's API
- Removing `.../server/api` requires in favor of using a proxy decreases direct coupling
2021-07-19 19:45:54 +12:00