Commit Graph

18117 Commits

Author SHA1 Message Date
Simon Backx
b8e43ba675 Removed usage of membersActivityFeed flag
refs https://github.com/TryGhost/Team/issues/1616
2022-05-25 10:37:49 +02:00
Simon Backx
9b0259dc6f Removed usage of dashboardV5 feature flag
refs https://github.com/TryGhost/Team/issues/1616
2022-05-25 10:29:55 +02:00
Simon Backx
14a7d1f00f Cleaned up multipleProducts and multipleNewsletters flags 2022-05-25 10:25:02 +02:00
Daniel Lockyer
f7496880f0 v5.0.1 2022-05-24 18:21:41 +01:00
Daniel Lockyer
eddd3c36e2 Updated Admin to v5.0.1 2022-05-24 18:21:40 +01:00
Hannah Wolfe
a2cab6bdde
Update dependency gscan to v4.39.0 2022-05-24 17:39:47 +01:00
Matt Hanley
46307f8a03 Fixed typo in API version email notifications 2022-05-24 17:05:11 +01:00
Fabien 'egg' O'Carroll
4217e2571f
Included monthly_price,yearly_price&benefits defaults for Content API (#14912)
We have to update the output serializer to only clean includes for the
Admin API, so that these includes aren't stripped for not being in the
original include query param.

This also rejigs the other Content API only logic to sit together in
the input serializer.
2022-05-24 16:38:25 +01:00
Simon Backx
c052652559
Updated settings API to return all settings in edit endpoint (#14889)
refs https://github.com/TryGhost/Team/issues/1650

Since we introduced calculated settings, we need to return all settings when editing a setting, because those calculated settings can change.

- When editing settings, return all the settings. Previously we didn't include the calculated settings (which caused issues with admin not having up to date values for those)
- Updated Stripe <head> script to be injected based on the calculated settings

Required for https://github.com/TryGhost/Admin/pull/2405
2022-05-24 16:42:15 +02:00
Kevin Ansfield
c46303cb2b
🐛 Fixed email analytics crashing when processing unsubscribe/complaint events (#14883)
refs https://github.com/TryGhost/Team/issues/1649

The event handlers for `unsubscribed`/`complained` events originating from Mailgun were still using the now-deleted `member.subscribed` field resulting in errors and aborted attempts at processing the Mailgun event log.

- `member.subscribed` no longer exists, replaced that part of the query with a delete of member<->newsletter association rows from the `members_newsletters` pivot table
- kept the member `updated_at` bump so we have some timestamp record of an update
- added creation of `member_subscribe_event` records for the newsletter unsubscribes to keep stats and history in check
  - the unsubscribed/complained events do or at least should originate from a member action so "member" is more appropriate than "system" even though the event is being handled by an internal system
2022-05-24 12:38:42 +01:00
Hannah Wolfe
cdb365c29d Fixed minor weirdnesses with excerpts
- remove HRs ---- and blockquote > symbols from excerpts
- we want the excerpt to not contain "markdown-like" symbols, but just be plaintext
2022-05-24 12:35:59 +01:00
naz
6cc0c2b76b
🐛 Fixed signing key identificaiton in JWKs
refs https://github.com/TryGhost/Team/issues/1640

- The signing key returned by `GET /ghost/.well-known/jwks.json` was missing an OPTIONAL `use: "sig"` attribute needed to identify it as a signing key in client libraries. E.g. pyton lib: "pyjwt" or node lib: "jwks-client"
- More about the "use" attribute at RFC7515 - https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4
2022-05-24 12:20:30 +01:00
Renovate Bot
ffb8b36fc8 Update dependency @playwright/test to v1.22.2 2022-05-24 08:37:44 +01:00
Renovate Bot
c590a9c29c Update dependency cssnano to v5.1.9 2022-05-24 08:37:35 +01:00
Naz
5569844019 🐛 Fixed page vs post preview template picking
refs 0c097f6532

- When viewed in "preview" context pages resolved to a "post" template instead. The bug was introduced with the referenced commit during post resource's `page` property migration
2022-05-24 15:33:47 +08:00
Naz
4fa412c880 🐛 Fixed page vs post context calculation
closes https://github.com/TryGhost/Ghost/issues/14886
refs 0c097f6532

- The context calculation after referenced change was adding a stray "post" entry into the context, causing the `{{#is "post"}}` helper to fail.
2022-05-24 15:33:47 +08:00
Daniel Lockyer
14828399e0
Reverted Ghost-CLI CI test to bumping minor version
- now we've released 5.0, we don't need to bump to the next major so we
  can just bump to the next minor
2022-05-24 09:20:57 +02:00
Naz
fcc9daf549 🐛 Fixed signing key mismatching in members JWT/JWKS
refs https://github.com/TryGhost/Team/issues/1640

- Some the clien libraries were not able to match the signin key to verify JWT when using `GET /members/.well-knonw/jwks.json` endpoint for member token verification. This issue was due to missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
2022-05-24 11:45:20 +08:00
Naz
72479a152f Added basic e2e test for Members API .well-known endpoint
refs https://github.com/TryGhost/Team/issues/1640
refs https://github.com/TryGhost/Members/pull/401

- Adds basic test coverage for the `GET /members/.well-known/jwks.json` endpoint
- Next the test should be expanded with the JWT verification to check if the returned format is usable by mainstream client libraries
2022-05-24 10:27:46 +08:00
Daniel Lockyer
c001865e7c v5.0.0 2022-05-23 13:20:53 +01:00
Daniel Lockyer
3e140eb21b Updated Admin to v5.0.0 2022-05-23 13:20:52 +01:00
Daniel Lockyer
b4447adbf2 🎨 Updated Casper to v5.0.0 2022-05-23 13:20:51 +01:00
Peter Zimon
211239f645
Updated README
Updated Ghost screenshot
2022-05-23 13:06:35 +02:00
Naz
0c83a60578 Published new versions
- @tryghost/members-api@8.1.1
2022-05-23 18:59:02 +08:00
Naz
9756094ae2 🐛 Fixed signing key mismatching in JWT/JWKS
refs https://github.com/TryGhost/Team/issues/1640
closes https://github.com/TryGhost/Members/pull/401/
refs https://forum.ghost.org/t/ghost-jwt-question-possible-bug/30210

- Without `keyid` parameter some of the clien libraries were not able to match the signin key to verify JWT
- Missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
2022-05-23 18:45:08 +08:00
Naz
900f7951b7 Added test coverage for JWKS token verification
refs https://github.com/TryGhost/Team/issues/1640

- Adds coverage for token verification based on public key exposed through the `/.well-known/jwks.json` endpoint
2022-05-23 17:59:33 +08:00
Naz
9e96916a6d Added basic test coverage for the token service
refs https://github.com/TryGhost/Team/issues/1640

- This is groundwork before fixing the referenced bug
2022-05-23 15:59:18 +08:00
Renovate Bot
96956c5931
Update dependency eslint to v8.16.0 2022-05-20 23:47:22 +00:00
Hannah Wolfe
8dd009ffa0
🐛 Fixed member exports timing out for large sites (#14876) (#14878)
refs TryGhost/Team#1641

This commit adds a custom query for the members export, to improve the performance and to prevent any timeouts from happening when exporting large amounts of members.

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Matt Hanley <git@matthanley.co.uk>
2022-05-20 21:25:23 +01:00
Matt Hanley
eae0a6a3b9
Added products and Stripe data to exports and imports (#14873)
- The migration path from 4.x on SQLite to 5.0 on MySQL requires an export/import
- Exports don't include the Stripe info required to map members to tiers correctly on import. This change fixes that.

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-20 21:13:58 +01:00
Hannah Wolfe
d6d6841186
Added benefits, offers and snippets to exporter
- These are more things that we should write an importer for
2022-05-20 20:30:55 +01:00
Matt Hanley
3471f6cca0
Updated tests 2022-05-20 20:30:55 +01:00
Matt Hanley
f64577b4ce
Added products and Stripe data to exports
- we need to ensure we have this data when exporting so that we can import it later
2022-05-20 20:30:55 +01:00
Renovate Bot
e8a986c61b Update dependency gscan to v4.29.2 2022-05-20 13:16:47 +01:00
Renovate Bot
180be2c0ee Update dependency postcss to v8.4.14 2022-05-20 13:07:20 +01:00
Renovate Bot
70a1b7462c Update dependency jwks-rsa to v2.1.3 2022-05-20 13:07:08 +01:00
Simon Backx
419fa24f27
Fixed bulk unsubscribe counts (#14871)
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029

- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- Updates members-api to 8.1.0, which uses this new option to delete newsletter relations by member_id instead of the id of the relation (which allows us to fetch the number of successfully/failed member deletes) Changes: https://github.com/TryGhost/Members/pull/400
- Added tests for bulk unsubscribe and bulk delete labels (because they both use the updated bulkDestroy method)
2022-05-20 13:40:55 +02:00
Simon Backx
6243b99181 Published new versions
- @tryghost/members-api@8.1.0
2022-05-20 12:26:44 +02:00
Simon Backx
62c992c8e3 Improved bulk unsubscribe operation to use member_id column (#400)
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029

When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared. This update deletes newsletter relations on member_id, so we can return the count of members instead of newsletter relations that were deleted.

Tests in https://github.com/TryGhost/Ghost/pull/14871
2022-05-20 12:25:58 +02:00
Simon Backx
b9e520c657
Added bulk destroy options (#14870)
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029

- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- This commit adds options to the bulk destroy methods.
- You can pass the column on which you want to delete rows in a bulk destroy operation via the `column` option.

Required for https://github.com/TryGhost/Members/pull/400
2022-05-20 12:24:36 +02:00
Naz
fd8ce6a5bf Covered well-known endpoint with e2e test
refs https://github.com/TryGhost/Team/issues/1640

- There was no coverage. Now there is :)
2022-05-20 13:18:26 +08:00
Naz
a18469a3be Added root Ghost server/API test agent
refs https://github.com/TryGhost/Team/issues/1640

- Some tests require making request to the root of the mounted server path like `GET /ghost/.well-known/jwks.json`. These are not stricly APIs like Admin, Content, and Members. They do need a separate agent to distinguish the configuration - for this agetn we can stop loading some parts like "server" in the future to speed things up (didn't work straight out of the box)
2022-05-20 13:17:00 +08:00
Renovate Bot
5975740d69
Update dependency express-jwt to v7.7.2 2022-05-19 16:27:29 +00:00
Simon Backx
def8f83894
Fixed missing products in members export (#14867)
refs https://github.com/TryGhost/Team/issues/1642

- Updated `members-csv` (dependency via `members-importer`, shouldn't this be a separate dependency too?)  package to use the `tiers` field instead of the (removed) products field.
- Added basic test to see if products and labels are returned in the csv.
2022-05-19 18:26:29 +02:00
Matt Hanley
309f17fd69 Fixed missing subscription deltas for reactivated subscriptions 2022-05-19 17:21:24 +01:00
Simon Backx
90fc7f5064 Published new versions
- @tryghost/members-csv@1.2.16
 - @tryghost/members-importer@0.5.15
2022-05-19 18:11:03 +02:00
Simon Backx
70229e4fd3 Fixed members-csv not using renamed tiers field 2022-05-19 18:09:50 +02:00
Renovate Bot
7501407c4c Update dependency gscan to v4.29.1 2022-05-19 16:56:43 +01:00
Naz
c3d38a9144 Updated test suites to play nicely with 5.0
refs https://github.com/TryGhost/Toolbox/issues/335

- When eventually the major will be bumped next week the returned version will become `5.0.0` which changes the `content-length` header in all of the responses using the version from package.json
- The version number is dynamic, so it's expected the content-length to float as minor and patch versions fluctuate in 1-2 digit numbers. For lon-term easy maintenance it's best to set the content-length to any number (or maybe some sort of floating range in the future?)
2022-05-19 14:19:48 +08:00
Naz
d2e9a98846 Updated version test suite to play nicely with 5.0
refs https://github.com/TryGhost/Toolbox/issues/335

- When eventually the major will be bumped next week the returned version will become `5.0.0` which changes the `content-length` header in all of the responses using the version from package.json
- The version number is dynamic, so it's expected the content-length to float as minor and patch versions fluctuate in 1-2 digit numbers. For lon-term easy maintenance it's best to set the content-length to any number (or maybe some sort of floating range in the future?)
2022-05-19 13:27:40 +08:00