Commit Graph

10203 Commits

Author SHA1 Message Date
Kevin Ansfield
9aca599b60 Updated @tryghost/url-utils
no issue

- fixes errors thrown from `urlUtils` method calls where the `itemPath` parameter is not passed
2019-10-09 22:31:04 +01:00
Kevin Ansfield
c6b9193940 Fixed duplicated host in URLs returned from API when saved as relative
no issue

- Ghost passes full urls through to the `url-utils` methods as the `itemPath` argument when performing relative->absolute transforms
- `url-utils` was not handling this correctly for page-relative urls (no leading slash) where it resulted in duplicate hosts such as http://mysite.com/http://mysite.com/item-path/relative-path
- bumps version of @tryghost/url-utils to a fixed version
2019-10-09 20:49:51 +01:00
Nazar Gargol
4a10ddc8fa Fixed unsafeAttributes fetching in Admin API v2
no issue

- This check was misside and only was implemented for canary.
2019-10-09 21:16:27 +02:00
Kevin Ansfield
27e77dda80 Version bump to 2.34.0 2019-10-09 18:43:04 +01:00
Kevin Ansfield
e37cb1dce8 Updated Ghost-Admin to 2.34.0 2019-10-09 18:43:04 +01:00
Kevin Ansfield
cb89703e2b Fixed regression tests 2019-10-09 18:37:44 +01:00
Kevin Ansfield
b01bae7c3d 🐛 Fixed 500 errors when fetching certain posts via the Admin API
no issue

- it's possible to have `mobiledoc` that has anchor markups with no `href` attribute, in that situation our url-transformation utilities were throwing errors when generating Admin API output
- bumps `@tryghost/url-utils` with fixed utility functions
2019-10-09 17:21:06 +01:00
Kevin Ansfield
57e9bd5aae Updated regression tests for subscribers removal 2019-10-09 16:40:52 +01:00
Kevin Ansfield
3fd328de88 Bumped supported node versions
no issue

- bumps 8.x version to match csv-parser minimum version which was updated for a security fix
- adds 12.x for testing ready for LTS
2019-10-09 15:51:58 +01:00
Kevin Ansfield
587bd8accb Merge branch 'master' into v3 2019-10-09 15:04:09 +01:00
Kevin Ansfield
dc9a22d4de
Updated post model url transforms for posts/posts_meta split (#11223)
no issue

- `og_image` and `twitter_image` fields are now located in a separate model so the transform functionality for those fields needed to move accordingly
2019-10-09 13:38:08 +01:00
Naz Gargol
b4548b0119
Update dependency gscan to v2.10.0 (#11221)
no issue

- This removes unwanted checks for `{{statusCode}}` which are compatible with v3 and were added by mistake in v2
2019-10-09 12:13:12 +02:00
Rish
e7d7d9fdcc Added new fromAddress setting for member subscriptions
no issue

- Adds new `fromAddress` setting for member subscriptions to allow custom from mail address
2019-10-09 15:28:40 +05:30
Naz Gargol
0225936292
Removed subscribers from the codebase (#11153)
refs https://github.com/TryGhost/Ghost/pull/11152

- Added subscribers table drop migration
- Removed subscribers from schema
- Removed subscribers controllers/routes/regression tests
- Removed subscriber related API code
- Removed subscribers from internal apps
- Removed subscriber importer
- Removed subscriber model
- Removed subscriber related permissions
- Removed webhook code related to subscribers
- When upgrading to v3 it is on the site admin to migrate all zapps or any other webhook clients to use members
- Removed subscriber-specific translation
- Removed subscriber lab flag
2019-10-09 11:47:04 +02:00
Fabien O'Carroll
b77026870b Moved migrations from 3.0 to 2.34
no-issue
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
cbb6337ae4 Prefixed stripe_customers_subscriptions with members
no-issue
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
29b3dad302 Updated get/set metadata fn signatures
no-issue

This is to reflect an upstream change in members-api
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
757fe72da1 Installed @tryghost/members-api@0.8.0
no-issue

This adds support for storing and retrieving stripe data from local db
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
4c07d86086 Updated getMemberMetadata to use findAll method
no-issue

This means we go via our version of the bookshelf model
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
ee0449245a Updated setMemberMetadata to use upsert method
no-issue

Much cleaner now :)
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
3366bd1254 Added upsert method to stripe models
no-issue

This is kind of copied from the session model, but simplified
This will allow much easier integration with members-api
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
998642eb24 Allowed filter option for findAll method
no-issue

This will allow us to constrain findAll queries, rather than using knex
`where` & `fetchAll` methods
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
a6354d1acb Updated members api to store/retrieve subscriptions
no-issue
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
37bb12afb3 Added model for stripe_customers_subscriptions
no-issue
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
0c32dfaa30 Added migrations for stripe tables
no-issue
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
a4ff87a774 Added stripe subscriptions & updated customers table
no-issue
2019-10-09 16:24:51 +07:00
Fabien O'Carroll
312e0cc31e Installed @tryghost/members-ssr@0.7.0
no-issue

This removes the cookie caching functionality from members-ssr
2019-10-09 16:24:51 +07:00
Naz Gargol
786eaac57e
Added permission restrictions to editing members flag (#11217)
no issue

- Added test cases to check edit permission on settings endpoints
- Added test to demonstrate owner-only being able to toggle members flag
- Permission check when editing settings `lab.members`
- Passed additional function to permissions to allow custom selection of unsafe attributes due to settings object structure.
- Fully implementing this check on controller level would be wrong architecturally and not that straight forward because we lack role data in "frame"
- Cleaned up test after moving default_content_visibility to it's own property
2019-10-09 10:26:54 +02:00
Fabien O'Carroll
1e731dcdd3 Removed token param on page load for members
no-issue

This adds a bit of protection from accidentally sharing the url, and
also makes the url look cleaner
2019-10-09 13:36:06 +07:00
Fabien O'Carroll
dd419be2fb Added guard for missing stripe tokens
no-issue

This ensures that even if a stripe config object is present, we still
ensure that stripe is configured without keys
2019-10-09 12:00:53 +07:00
Fabien O'Carroll
079a64e46b Exposed @member.firstname in the theme data
no-issue

This is very basic split on whitespace for now
2019-10-09 12:00:53 +07:00
Rishabh Garg
7dc2eb2a1e
Added new requirePaymentForSignup setting for members (#11214)
* Added new `requirePaymentForSignup` setting for members

no issue

- Adds new `requirePaymentForSignup` setting flag for members, `false` by default.

- Wired members API `allowSelfSignup` to `requirePayment` setting
2019-10-08 22:00:46 +05:30
Naz Gargol
daa77c5c00
Permission restrictions for post.visibility modifications (#11213)
no issue

- Limited posts visibility field permissions to Editor-Up + Admin Integrations
- We don't want contributors or other roles lower than Editor to be able to modify content gating attribute
2019-10-08 15:44:27 +02:00
Kevin Ansfield
6028fde666 Merge branch 'master' into v3 2019-10-08 13:58:08 +01:00
Kevin Ansfield
da45881719 Version bump to 2.33.0 2019-10-08 11:25:41 +01:00
Kevin Ansfield
c78496c456 Updated Ghost-Admin to 2.33.0 2019-10-08 11:25:41 +01:00
Rishabh Garg
d9a0c8732c Fixed error when saving unknown url in bookmark card (#11210)
no issue

- `payload.metadata` may not exist in a bookmark card because it's possible to save a mobiledoc document when the card is in it's "unable to parse url" state in the editor
- check for `payload.metadata` object before performing any url transformations to avoid invalid property access
2019-10-08 11:11:32 +01:00
Fabien O'Carroll
f1ef801b78 🐛 Fixed error when during migration to 2.32.0 on mysql (#11208)
closes #11207

MySQL doesn't allow unqiue keys with a length of more than 191 when using InnoDB with utfmb4. These changes will ensure any incorrect tables created are fixed and have the
correct length for customer_id

* Changed `customer_id` to non-unique column
* Nooped the 2.32 `members_stripe_customers` migration
* Added migration to recreate `members_stripe_customers` table
  * sqlite doesn't allow `ALTER TABLE` queries so this is the cleanest solution considering the table is not yet in use
2019-10-08 11:07:29 +01:00
Kevin Ansfield
5789d40951 Version bump to 2.32.0 2019-10-07 23:11:18 +01:00
Kevin Ansfield
d81c3410cb Updated Ghost-Admin to 2.32.0 2019-10-07 23:11:18 +01:00
Kevin Ansfield
fab836a509 Updated Casper to 2.11.2 2019-10-07 23:11:18 +01:00
Kevin Ansfield
32f3f9d2c3 🐛 Fixed "unsaved changes" modal displaying when post has been saved
refs https://github.com/TryGhost/Ghost/issues/10477

The unsaved changes modal is displaying even when the post has been saved if images have been uploaded because the server is transforming absolute image urls to relative during input of the `mobiledoc` field but not transforming them back to absolute during output. The editor then thinks it's out of sync and shows the warning when trying to leave.

- `@tryghost/url-utils` has been updated with new methods for transforming URLs in mobiledoc content
- moves absolute->relative transformation from the API input serializers into the Post model
- transforms URLs in more fields for a more comprehensive transformation and fewer issues when re-configuring a site's domain
  - previously there could be problems with internal links between posts not being transformed so you could change the url config to newdomain.com but links in post content would still be pointing to olddomain.com
- updates the API post output serializers to transform all modified fields
- drops the `?absolute_urls=true` param switch from the `canary` API post output serializer so that all URLs are output as absolute
  - we're transforming more urls to relative when saving so this is necessary to ensure the unsaved changes modal is not triggered
  - the query param isn't documented and will disappear in v3
2019-10-07 22:59:19 +01:00
Kevin Ansfield
fa4e68ba13 Added transformer methods to mobiledoc cards
no issue

- adds abolsute->relative and relative->absolute transformer methods to card definitions
- allows for each card to tailor it's transformation to the specific needs of it's payload so that the `mobiledoc` field can be transformed successfully during API serialization/deserialization
2019-10-07 22:59:19 +01:00
Renovate Bot
0f2afafcbb Update dependency knex to v0.19.5 2019-10-07 09:30:22 +00:00
renovate[bot]
4c81a62a9d Lock file maintenance (#11175) 2019-10-07 12:53:34 +05:30
renovate[bot]
cb9eab0248 Update dependency bluebird to v3.7.0 (#11206) 2019-10-07 12:44:07 +05:30
Renovate Bot
fe4dccfaa3
Update dependency nock to v11.3.6 2019-10-07 01:29:57 +00:00
Renovate Bot
cc70fe983e Update dependency @tryghost/helpers to v1.1.12 2019-10-07 01:29:14 +00:00
Fabien O'Carroll
aaaf473154 Installed @tryghost/members-api@0.7.7
no-issue

This ensures that the correct emails are sent regardless of the form and
allows us to pass a flag to disable sending emails to users that are nor
already members.
2019-10-06 21:22:58 +07:00
Fabien O'Carroll
a12a8bd109 Updated eslint for tests to allow async functions
no-issue
2019-10-06 21:03:56 +07:00