Commit Graph

2065 Commits

Author SHA1 Message Date
Sanne de Vries
e55bb20140 Refined frontend styles for signup card
Refs https://github.com/TryGhost/Team/issues/3246
2023-05-29 20:21:51 +02:00
Ronald Langeveld
5445e1d1b4 Bumped Koenig packages
no issue
2023-05-29 18:27:26 +02:00
Sanne de Vries
7f3f86a987 Updated signup card frontend styles
Refs https://github.com/TryGhost/Team/issues/3256
2023-05-29 16:44:29 +02:00
Sanne de Vries
08fc96a077 Refined signup card frontend styles
Refs https://github.com/TryGhost/Team/issues/3246
2023-05-29 12:28:27 +02:00
renovate[bot]
1ee9c5f805 Update dependency jsdom to v22.1.0 2023-05-29 11:18:45 +02:00
renovate[bot]
610ba33513 Update dependency postcss to v8.4.24 2023-05-29 07:52:39 +02:00
Jono Mingard
1ed556f4ab Fixed both text and loading indicator showing on the subscribe button 2023-05-29 16:56:57 +12:00
Ghost CI
a589fcd9e4 v5.49.1 2023-05-26 15:02:32 +00:00
Michael Barrett
88f3161903
Fixed flaky legacy posts api test (#16871)
refs https://github.com/TryGhost/Team/issues/2808

Updated the test to ensure that the date assertions do not unexpectedly
fail if the dates used are computed precisely at the start of a second
(no milliseconds `.000Z`)
2023-05-25 15:40:17 +01:00
Michael Barrett
8fc4e0fdcc
Add e2e test for update check script (#16840)
refs https://github.com/TryGhost/Team/issues/3234

Added an e2e for the update check script to detect potential breakages
in the script due to uninitialised dependencies in the isolated
execution environment
2023-05-25 14:36:36 +01:00
Simon Backx
488aa983d0 Added signup form code generation to admin
fixes https://github.com/TryGhost/Team/issues/3296

Adds a new `signupForm` feature flag, that will enable/disable the new embeddable signup form code generation.

Since the new flag shares its name with a new config value (that contains the script location), this also fixes the feature helper to only use a config with the same name if it is a boolean.
2023-05-25 15:18:40 +02:00
Daniel Lockyer
f2277ded40
Updated member email strings to use i18n function
refs https://github.com/TryGhost/Ghost/issues/16628

- this wraps nearly all of the public strings in member signup/signin
  emails, so they are ready for translating
2023-05-25 12:25:01 +02:00
Sanne de Vries
fca78b2bae Updated frontend styles for signup card
Refs https://github.com/TryGhost/Team/issues/3246
2023-05-25 12:21:41 +02:00
renovate[bot]
d71eb04bbc Update dependency @playwright/test to v1.34.3 2023-05-25 09:12:55 +02:00
Sag
7000b8214b Bumped Lexical dependencies
no issue
2023-05-24 17:36:27 +02:00
Simon Backx
3504cc167b Updated signup-form to use latest major version
no issue
2023-05-24 17:25:34 +02:00
Naz
4cb5cc9087
Added default collection values
refs https://github.com/TryGhost/Team/issues/3259

- For collection entity creation consistency have set defaults
2023-05-24 17:01:28 +07:00
Naz
b52ec948b0
Added property mapper to collections responses
closes https://github.com/TryGhost/Team/issues/3259

- API output mappers (soon to be serializers) are meant to work based on allowlist set of output properties. Having the allowlist early on will allow to track the API evolution consistently.
2023-05-24 17:01:28 +07:00
renovate[bot]
59a07e79ea Update dependency @playwright/test to v1.34.2 2023-05-24 09:34:52 +02:00
Steve Larson
284a7c2e77 Updated koenig package versions 2023-05-23 14:16:18 -05:00
Simon Backx
4c2635670b
Added signup-form package (#16846)
fixes https://github.com/TryGhost/Team/issues/3275
fixes https://github.com/TryGhost/Team/issues/3279
fixes https://github.com/TryGhost/Team/issues/3278

This pull request adds a new signup form package to the Ghost core
repository. The signup form package is a React component, embeddable on
any site, that renders a form for users to subscribe to a Ghost site.
2023-05-23 14:58:33 +02:00
Sanne de Vries
0e6d5f367d Fixed the signup card image background color on the frontend
Refs https://github.com/TryGhost/Team/issues/3246
2023-05-23 12:46:02 +02:00
Sanne de Vries
533681373f Added swapped layout to signup card frontend
Refs https://github.com/TryGhost/Team/issues/3270
2023-05-23 12:15:13 +02:00
renovate[bot]
5f1e232a20 Update dependency @playwright/test to v1.34.1 2023-05-23 09:54:33 +02:00
Jono Mingard
c892f3a5e1 Added animated icon for signup form loading state
refs https://github.com/TryGhost/Team/issues/3256
2023-05-23 10:20:07 +12:00
Daniel Lockyer
3e12c0ea54
Split CI database tests into separate types
- this will allow us to see which set of tests are consuming the most
  amount of time in CI
- in order to split apart the commands, I've had to override the
  coverage thresholds for integration+regression tests in order to keep
  c8 happy
- also sprinkled some more labels into the workflows to make things
  clearer to read
2023-05-22 19:34:17 +02:00
Steve Larson
2e0073f9ec Updated lexical editor dependencies
no refs
2023-05-22 09:07:29 -05:00
renovate[bot]
193c89ae66 Update sentry-javascript monorepo to v7.52.1 2023-05-22 13:51:09 +02:00
Sanne de Vries
a6e534bba8 Updated split layout and subscribe form states for signup card frontend
Refs https://github.com/TryGhost/Team/issues/3246
2023-05-22 12:10:37 +02:00
renovate[bot]
46c8863b7c Update dependency @playwright/test to v1.34.0 2023-05-22 08:53:05 +02:00
Jono Mingard
b74ee95240 Added basic styles for signup form states
refs: https://github.com/TryGhost/Team/issues/3256
2023-05-22 12:02:31 +12:00
Fabien "egg" O'Carroll
82acf85b29 Tested filtering visibility in Tiers Content API
refs https://github.com/TryGhost/Team/issues/3248

The current test fixtures didn't include any hidden Tiers, so I've added
a new fixture to test the filtering of hidden Tiers. It's not enabled by
default to avoid breaking the existing tests.
2023-05-19 13:12:33 -04:00
Ghost CI
bba46cdb19 v5.49.0 2023-05-19 15:09:58 +00:00
Aileen Nowak
462073b452 🎉 Moved Substack migrator app to GA under beta features 2023-05-19 09:58:41 -04:00
Naz
e302f8cc1d Added DELETE /collections/id to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to delete collection resource
2023-05-19 20:42:46 +07:00
Naz
e82fcbfc5e Added GET /collections/:id to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to read a collection resource by id
2023-05-19 20:42:46 +07:00
Naz
735edf5f87 Fixed editing unexistent collection behavior
refs https://github.com/TryGhost/Team/issues/3167

- When editing collection that does not exist the API should be returning a 404 instead of creating a new collection
2023-05-19 20:42:46 +07:00
Naz
f3f3d58acf Added PUT /collections/id to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to edit collection resource
2023-05-19 20:42:46 +07:00
Naz
d3a8aad319 Added POST /collections to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is part of scaffolding for collections API. Allows to add new collection records
2023-05-19 20:42:46 +07:00
Naz
36eff3a481 Added GET /collections to Admin API
refs https://github.com/TryGhost/Team/issues/3167

- This is scaffolding for collections API. Contains wiring for service wrapper, e2e test, and a browse endpoint
- Adds basic implementation of the GET /collections endpoint to build up upon
- Note, there are no permissions in this version as they will be added in later stages of development with migrations etc
2023-05-19 20:42:46 +07:00
Sanne de Vries
6a9bd0478e Updated signup card frontent html
Refs https://github.com/TryGhost/Team/issues/3246
2023-05-19 15:19:14 +02:00
Sanne de Vries
50f5aef902 Added styles for signup card frontend html
Refs https://github.com/TryGhost/Team/issues/3246
2023-05-19 14:18:02 +02:00
Michael Barrett
19f3700ae8
Fixed update check due to tiers service changes (#16832)
refs https://github.com/TryGhost/Team/issues/3234

The update check was failing to run due to recent changes in the tiers
service. This service now needs initialising before the update check can
be run.
2023-05-19 10:27:33 +01:00
Ghost CI
1914605705 Merged v5.48.1 into main 2023-05-18 17:31:39 +00:00
Ghost CI
4511fa3996 v5.48.1 2023-05-18 17:31:38 +00:00
Kevin Ansfield
e80fb5e20f
🐛 Fixed tiers not appearing on custom signup pages (#16828)
refs https://github.com/TryGhost/Team/issues/3248

- API queries for tiers are now using the TiersRepository with internal caching
- the repository had a bug with it's `toPrimitive()` method which meant the cached tier objects had very few properties
  - the Tier object has all properties as private getters except for standard `events` property which meant the spread operator didn't have anything to spread into the object resulting in all tiers having a shape like `{events: [], active: true, type: 'paid', id: 'abcd'}`
- the `getAll()` method uses nql to match against the cached tier objects but with them not being fully populated it wasn't able to match and so returned an empty array

---

- changing the spread to use `tier.toJSON()` means we're populating all of the tier data properly allowing filter matches to work
2023-05-18 18:13:20 +01:00
Michael Barrett
cde30eb469
🐛 Fixed issue where single letter product slugs cause 500 error (#16821)
refs https://github.com/TryGhost/Team/issues/3224

When a product has a slug that is a single letter, checking if a user
had access to view a post associated with that product would cause a 500
error. The underlying cause of this issue is
https://github.com/TryGhost/NQL/issues/20 This fix circumvents this
issue by providing a value that the nql lexer will not error out on
2023-05-18 09:38:30 +01:00
Ronald
3c7dd63ec4 Bumped portal version in config
ref https://ghost.slack.com/archives/C02G9E68C/p1684339356308719
2023-05-17 18:04:36 +02:00
Ronald
d7cf8f0a65 Updated kg dependencies
no issue
2023-05-17 15:58:51 +02:00
Ronald
72ba157987 Revert "Bumped kg-default-nodes"
This reverts commit ab5b6c7b84661f6ce5387ae4ec9b4962790b3f43.
2023-05-17 15:58:51 +02:00
Ronald
6bf6fde7e2 Bumped kg-default-nodes
no issue
2023-05-17 15:58:51 +02:00
Ghost CI
945628c830 v5.48.0 2023-05-17 11:01:09 +00:00
Benjamin Rancourt
5841f30d30
🐛 Fixed trailing slash and space in HTML metadata elements (#16778) 2023-05-17 08:51:32 +02:00
Rishabh
f9866f97ae Updated config test to include adminX property
refs https://github.com/TryGhost/Team/issues/3151
2023-05-16 13:10:00 +05:30
Rishabh
067766e555 Updated publish config for admin-x settings package
refs https://github.com/TryGhost/Team/issues/3151
2023-05-16 12:49:59 +05:30
Rishabh
31779c95b5 Added feature flag for new admin-x settings
refs https://github.com/TryGhost/Team/issues/3151

- allows toggling route to new settings screen in react

Co-authored-by: Peter Zimon <zimo@ghost.org>
2023-05-16 12:23:24 +05:30
Rishabh
bf2a2eeb63 Added route for new admin-x settings
refs https://github.com/TryGhost/Team/issues/3151

- adds route in Admin for opening new settings screen in react
- adds new config for passing `adminX` to Admin
- loads adminX settings from package in Admin UI when new route is opened

Co-authored-by: Peter Zimon <zimo@ghost.org>
2023-05-16 12:23:24 +05:30
renovate[bot]
e66d335aef Update dependency semver to v7.5.1 2023-05-15 15:13:17 +02:00
Michael Barrett
59fe794b0c
Implemented duplicate post functionality (#16767)
refs: https://github.com/TryGhost/Team/issues/3139 https://github.com/TryGhost/Team/issues/3140

- Added duplicate post functionality to post list context menu
  - Currently only a single post can be duplicated at a time
  - Currently only enabled via the `Making it rain` flag
- Added admin API endpoint to copy a post - `POST ghost/api/admin/posts/<post_id>/copy/`
- Added admin API endpoint to copy a page - `POST ghost/api/admin/pages/<page_id>/copy/`
2023-05-15 09:30:32 +01:00
Ghost CI
8a5b1dd5d9 Merged v5.47.2 into main 2023-05-15 07:56:45 +00:00
Ghost CI
80d4072fdd v5.47.2 2023-05-15 07:56:43 +00:00
Chris Raible
58ffd1cfeb
Bumped kg-default-nodes and kg-lexical-html-renderer (#16785)
no issue

- bumped kg-default-nodes to 0.0.41
- bumped kg-lexical-html-renderer to 0.1.37
2023-05-12 18:20:54 -07:00
Fabien "egg" O'Carroll
08597b47ba Added unit test for TiersRepository
We were completely missing tests for this, and the new logic pushed us under
the coverage threshold.
2023-05-12 16:38:32 -04:00
Fabien "egg" O'Carroll
c0ca7b16f6 Added caching to TierRepository
refs https://github.com/TryGhost/Toolbox/issues/515

Tiers are very frequently queried and we want to reduce the number of DB calls
we're making. We can store the Tiers in-memory, using the existing in-memory
repository patterns, but still persisting writes the the database.

We also have to update our test helpers, because they were bypassing the
repository for writes, but using it for reads resulting in an invalid cache
2023-05-12 16:38:32 -04:00
Fabien "egg" O'Carroll
6ab862568c Used TierRepository in serializers
We want to cache access to Tiers, and it's easier to do that in the
TierRepository. So we update a heavy user of Tiers to use the Tier
service so it can take adv of caching. The serializers are a big
offender for making calls to fetch Tiers.
2023-05-12 16:38:32 -04:00
Ghost CI
e41d9fedd8 v5.47.1 2023-05-12 15:02:19 +00:00
Ghost CI
8ce8cc81a5 🎨 Updated Casper to v5.4.11 2023-05-12 15:02:19 +00:00
Daniel Lockyer
53d30199b3
Updated Portal to v2.31
- contains support for several new languages
2023-05-12 15:37:23 +02:00
renovate[bot]
aa85263cb2 Update dependency express-lazy-router to v1.0.5 2023-05-12 13:55:57 +02:00
Daniel Lockyer
898b55265c Lazyloaded @extractus/oembed-extractor dependency
- this dependency seems a pretty heavy one to require upon boot and
  given most sites don't need it to function as normal, this saves
  several MB of RAM per instance
2023-05-12 12:18:40 +02:00
renovate[bot]
1fbf28618c Update dependency lib0 to v0.2.74 2023-05-12 11:47:38 +02:00
renovate[bot]
4ca5817286 Update dependency express-jwt to v8 2023-05-12 11:14:05 +02:00
Fabien 'egg' O'Carroll
13a18711d0
🐛 Fixed site setup hanging when mail isn't configured
closes https://github.com/TryGhost/Team/issues/3176

We were waiting for the welcome email to send before responding to the
client that setup is complete, this was causing the client to hang when
running `ghost install local` as mail isn't configured by default.
2023-05-11 11:58:27 -04:00
Kevin Ansfield
9ae3a535ac
Added missing explicit jsdom dependency in core
no issue

- the lexical lib file makes use of `jsdom` but there was no explicit dependency for it in `package.json` meaning we were relying on it being incidentally depended on through another package which is brittle
2023-05-11 14:05:11 +01:00
Deepam Kapur
3a39aa361b
🐛 Fixed generating card assets with include allowlist (#16766)
fixes https://github.com/TryGhost/Ghost/issues/16652

- we need `@` keyword before '(' according to the globrex package used in tiny-glob
2023-05-11 14:20:35 +02:00
Naz
3eebeb608c
Added collections feature flag
closes https://github.com/TryGhost/Team/issues/3165

- This feature flag is here to gate the development of Collections 2.0 feature
2023-05-11 16:31:45 +07:00
Fabien 'egg' O'Carroll
d3432399c7
Bumped knex-migrator & gscan to latest versions (#16770)
These versions use the latest version of @tryghost/errors, which uses
the correct import for @stdlib/utils-copy. This should hopefully stop
missing module errors when running locally.
2023-05-10 10:13:02 -04:00
Sodbileg Gansukh
4898fd401b Updated signup confiramtion email snapshot
no issues

- updated the snapshot based on the changes added to the email template
2023-05-10 18:18:10 +08:00
Sodbileg Gansukh
1520ba3c10 Improved spacing of the transactional emails
refs https://github.com/TryGhost/Team/issues/3159
2023-05-10 18:01:46 +08:00
Fabien "egg" O'Carroll
c5dc5a2675 Fixed @tryghost/mailgun-client import
We were incorrectly specifying the path of the file rather than relying on the
package exports, and this broke in the previous commit to a file rename. It
wasn't caught by CI because the browser tests are not run on pull requests
2023-05-09 13:00:18 -04:00
Fabien "egg" O'Carroll
104f84f252 Added eslint rule for file naming convention
As discussed with the product team we want to enforce kebab-case file names for
all files, with the exception of files which export a single class, in which
case they should be PascalCase and reflect the class which they export.

This will help find classes faster, and should push better naming for them too.

Some files and packages have been excluded from this linting, specifically when
a library or framework depends on the naming of a file for the functionality
e.g. Ember, knex-migrator, adapter-manager
2023-05-09 12:34:34 -04:00
Ronald Langeveld
8a08cf3628
Added signupCard feature flags (#16763)
no issue

This pull request adds a new experimental feature flag `signupCard` to
the Ghost admin app, which enables a signup card component in the
lexical editor that's currently being worked on. 
The feature flag can be toggled from the settings/labs
UI and is read from the server-side configuration.
2023-05-09 16:27:36 +02:00
Fabien 'egg' O'Carroll
0b8c3747c5
Supported inviting users using an Admin API Integration
Whilst Admin API Integrations had the permissions to create invites they were
blocked from doing so at the HTTP level. We've removed this restriction for
creating Invites as well as browsing Roles, because a Role ID is necessary to
create an invite. The code was also not setup to support Admin API Integrations
as it made assumptions about the existence of a User. That has been updated in
the permissions layer - so that the Invites are limited to Contributors,
Authors and Editors as well as at the email layer, which has has the copy and
from address updated to reflect the lack of a User creating the Invite.
2023-05-08 15:27:15 -04:00
Sag
f560a334cc
Bumped Lexical packages (#16756)
no issue

- Bumped default config for koenig-lexical to ~0.2
2023-05-08 18:39:14 +02:00
Daniel Lockyer
799561aaec
Reduced Sharp concurrency to test alleviating memory fragmentation
refs 9d104c8511

- we've seen recurring instances where Ghost will hog memory after image
  uploads
- we use `jemalloc` to try and help this, but it still seems to happen
- according to the sharp thread referenced in my commit above, memory
  fragmentation can also be helped by reducing the concurrency within
  sharp
- this is a bit of an experiment and we can revert if it causes issues
2023-05-08 10:51:56 +02:00
Chris Raible
810b789419 Increased Post Revisions limit to 25
no issue
2023-05-05 21:46:50 +00:00
Ghost CI
832cee3005 v5.47.0 2023-05-05 16:00:42 +01:00
Simon Backx
6566903df5
Cleaned up member attribution flag (#16745)
no issue

This commit removes the `memberAttribution` feature flag from the
codebase. Some CSS classes are not removed as removing them and updating
the associated CSS files have side effects sadly.
2023-05-05 15:04:14 +02:00
Daniel Lockyer
310ec7d58b
Bumped Portal to v2.30
fixes https://github.com/TryGhost/Ghost/issues/16641

- this updates Ghost to use the latest Portal, which contains updated
  translations and new locales since the last publish
2023-05-05 13:29:16 +02:00
Elena Baidakova
4207c9d0d1
Added browser tests for announcement bar (#16742)
refs TryGhost/Team#3122

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 87727d9</samp>

Added `data-testid` attributes to various elements in the announcement
bar settings feature to enable Playwright testing. Fixed a potential bug
with the `visibilitySettings` getter in the `visibility.js` component.
Added Playwright tests for the announcement bar settings feature in
`announcement-bar-settings.spec.js`.
2023-05-05 14:11:26 +04:00
Simon Backx
05bba5135d
Cleaned up sourceAttribution flag (#16740)
no issue

This commit removes the `sourceAttribution` feature flag from the
codebase.
2023-05-05 10:57:26 +02:00
Daniel Lockyer
cf41c3ad54
Removed final declaration of oembed-parser
refs 27e4523aec

- we no longer use `oembed-parser`, so we can remove it from
  package.json
- also pins the `@extractus/oembed-extractor` package and adds it into
  `@tryghost/oembed-service` where it was missing
2023-05-05 10:48:16 +02:00
Simon Backx
fbed93b866
🐛 Added missing history logs for post/page bulk actions (#16734)
no issue

The post/page bulk actions weren't logged in the history log / actions
table.

This change adds support for logging bulk actions.
- New `addActions` static method on models. It creates an action log in
the database for multiple models at once. If only one model was edited,
deleted or added, it will fallback to `addAction`
- `addAction` can also be called statically now
- `actionName` option is now supported when using `addActions`,
`addAction`, and as a result also in all bulk manipulation methods, and
CRUD methods. This allows you to replace the default '5 posts edited'
into something more specific like '5 posts featured'
- Fixed support for null resource_id in the parse-history-event helper
- Removed the default 'published' status requirement when using
Post.findOne for internal queries.
2023-05-05 09:45:36 +02:00
Chris Raible
27e4523aec
🐛 Improved error message for unauthorized YouTube embeds (#16374)
refs TryGhost/Ghost#16048

- When attempting to embed a Youtube video that has had embedding
disabled by its owner/author, Ghost displayed a generic error message
that didn't indicate the reason for the failed emebed.
- This change updated the error message when Youtube (or any provider)
returns 401: Unauthorized to indicate that the owner of the resource has
explicitly disabled embedding.
2023-05-04 16:04:58 -07:00
Simon Backx
848b2d82a1
Cleaned up suppressionList feature flag (#16736)
no issue

This pull request removes the `suppressionList` feature flag and all its
dependencies from the codebase. It makes the suppression list feature
the default and consistent behavior for all email events and
newsletters. It simplifies the UI, logic, and data related to email
events and newsletters. It affects several files in the
`ghost/admin/app`, `ghost/core/core`, and `ghost/members-api`
directories.
2023-05-04 14:47:04 +02:00
Chris Raible
b62a642084
Added background save every 10 minutes to the lexical editor (#16732)
refs TryGhost/Team#3133

- the backend previously had logic to save a revision if more than 10
mins had elapsed since the last revision
- however, the frontend would autosave after 3 seconds of inactivity
(which doesn't trigger a revision), and never send another save request
at 10 minutes, so the backend logic to save a revision was never
triggered
- this change will save the current contents of the editor every 10
minutes, even if nothing has changed since the last save
2023-05-03 14:46:32 -07:00
Fabien "egg" O'Carroll
b9565bc290 Migrated @tryghost/post-revisions to TypeScript!
This is an initial start to using TypeScript in our non-core Ghost packages.

- Adds a prepare script to build the project after installing deps
- Adds an initial tsconfig.json which is compatible with our node env
- Migrates all of the code to TypeScript, including tests
- Updates tests to use ts-node so that we don't need to compile the tests
- ts-node is installed at the top level because the env is weird with lerna and
  doesn't work otherwise
- Updates the yarn dev script to build the project with the --all and --revisions flag
2023-05-03 14:32:31 -04:00
Fabien "egg" O'Carroll
ed674981e6 Updated npm scripts to support packages with a build step
- Updates the prepare script in the top level to run prepare on packages, so
  that packages can be built when running `yarn`

- Updates the build script in ghost/core to run build on packages, so that
  packages are built before being monobundled

- Updates monobundle to be a dependency and use the new TryGhost repo, which
  includes some minor fixes and improvements, such as supporting devDeps

- Updates the GitHub workflows to run the build command in the top level
  directory rather than ghost/core so that other packages are built, too.
2023-05-03 14:32:31 -04:00
Ghost CI
81c93c16f0 Merged v5.46.1 into main 2023-05-03 13:47:34 +01:00
Ghost CI
17025cd344 v5.46.1 2023-05-03 13:47:31 +01:00
Fabien "egg" O'Carroll
b3caf16005 🔒 Fixed filtering on private Author fields in Content API
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9

Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
2023-05-03 08:43:20 -04:00
Fabien "egg" O'Carroll
a22717a8e7 🔒 Fixed filtering on private Author fields in Content API
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9

Because our filtering layer is so coupled to the DB and we don't generally
apply restrictions, it was possible to fetch authors and filter by their
password or email field. Coupled with the "starts with" operator this can be
used to brute force the first character of these fields by trying random
combinations until an author is included in the filter. After which the next
character can be brute forced, and so on until the data has been leaked
completely.
2023-05-03 08:25:27 -04:00
Simon Backx
514c8917c0 Readded matchMetadataSnapshot
refs bac2f4d4d4 (diff-473dc0c49e80df6c07569ed5730445ebdaaa8138fc819182548727db50eb55aa)
2023-05-03 14:14:10 +02:00
Simon Backx
fd69ab181d Removed duplicate matchHTMLSnapshot 2023-05-03 14:13:04 +02:00
Simon Backx
bac2f4d4d4 Fixed snapshot tests for MySQL only newsletter test
no issue

There was an error when generating the snapshot for this test. It never ran, so the snapshot was never committed. On top of that, the generated snapshot would change every time because the email verification token was not replaced with a static value.
2023-05-03 14:05:53 +02:00
Ronald Langeveld
6189040fc4
Added unpublished reason to post revisions (#16726)
closes https://github.com/TryGhost/Team/issues/3137

We have now included the ability to display an "Unpublished" tag for revisions that have been unpublished. The tag is only displayed when the revision's reason property is set to "unpublished". A new revision is triggered when a post is unpublished, regardless whether there's a change in the content.
2023-05-03 09:20:34 +02:00
Simon Backx
1b38361211 Updated @sentry/node to v7.50.0 and reenabled renovate again
fixes https://github.com/TryGhost/Team/issues/2385

The Sentry version has been locked to v7.11.1 for some time because Sentry still used a legacy Node feature, called domains. Due to a bug or change in in Noide 16+, those domains broke handling uncaught promise execptions. So Ghost crashed when a promise exception wasn't caught. But that shouldn't be the case because we have a global uncaught exception handler.

Luckily Sentry switched to AsyncLocalStorage in v7.48.0. This fixes the issue as demonstrated in c0cd62184c
2023-05-02 10:23:45 +02:00
Daniel Lockyer
83ee1f8860
🔥 Dropped support for Node 14
refs https://github.com/TryGhost/Toolbox/issues/570

- Node 14 is now EOL so we don't support it any further
2023-05-01 17:51:10 +02:00
renovate[bot]
67abd6555b Update CSS preprocessors 2023-05-01 16:43:16 +02:00
renovate[bot]
f4cc04d235 Update dependency @playwright/test to v1.33.0 2023-05-01 08:57:43 +02:00
Ghost CI
45e84a60fe v5.46.0 2023-04-28 16:00:41 +01:00
Elena Baidakova
ef25e8dda7
Fixed tests (#16718)
no issue
2023-04-27 21:05:01 +04:00
Elena Baidakova
f9f5f72752 Added announcement bar setting
no issue

Allows publishers to set a banner at the top of their site
2023-04-27 17:51:24 +04:00
Elena Baidakova
62adec50f0 Bumped lexical package
no issue
2023-04-27 17:38:16 +04:00
Simon Backx
51473b3f7d Added tests for pages bulk API
fixes https://github.com/TryGhost/Team/issues/2925
2023-04-27 15:06:19 +02:00
Simon Backx
9fc98417b5 Added bulk post unpublishing test
refs https://github.com/TryGhost/Team/issues/2925
2023-04-27 14:58:27 +02:00
Elena Baidakova
0e9b8cc4ce Moved koenig-lexical from unpkg to jsdelivr cdn
no issue
2023-04-27 16:43:54 +04:00
Elena Baidakova
f69674ff9a
Fixed announcement bar preview (#16715)
refs TryGhost/Team#3122
- Fixed that preview takes data from user input before saving on
backend.

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 54d5b2d</samp>

This pull request adds the ability to preview the announcement bar in
the Ghost admin panel and the theme settings. It also adds a
confirmation dialog to discard or save unsaved changes before leaving
the announcement bar settings. It refactors some components and methods
to remove unnecessary or redundant calls to save the settings. It
modifies the `ghost_head` helper, the `theme-management` service, and
the `announcement-bar/src` files to support the preview feature.
2023-04-27 16:40:11 +04:00
Naz
15eca6020d Migrated announcement bar script to use Members API
https://github.com/TryGhost/Team/issues/3121

- The announcement bar data is now exposed through Members API `/members/api/announcement` instead of Content API.
2023-04-27 14:01:36 +02:00
Naz
06c0a19718 Moved announcement bar settings to Frontend Members API
https://github.com/TryGhost/Team/issues/3121

- Because the announcement data has to be available with member's context, it's only possible to have it in cross-origin requests in the Members API.
- Exposed the announcement bar data through `GET /members/api/announcement` endpoint
2023-04-27 14:01:36 +02:00
Simon Backx
57557cb2f7 Added E2E tests for bulk post API
refs https://github.com/TryGhost/Team/issues/2925
2023-04-27 12:45:24 +02:00
Naz
e541ea8746
Extracted announcement visibility values to single place
refs https://github.com/TryGhost/Team/issues/3010

- Having all possible values in within single packages will make it easier to look for "source of truth" and is more maintainable rather than having values scattered all over the codebase
2023-04-26 14:42:33 +02:00
renovate[bot]
52b7086d1d Update dependency semver to v7.5.0 2023-04-26 10:14:22 +02:00
Ghost CI
cf0fdc3d86 v5.45.1 2023-04-25 16:32:08 +01:00
Fabien "egg" O'Carroll
960faf7d93 Fixed column type for feature_image_caption on post revisions
MySQL needs to use the TEXT type for large columns like this.
2023-04-21 16:21:16 +01:00
Chris Raible
58efca6c04
Added background saves every 10 mins for post-revisions (#16703)
no issue
2023-04-21 16:04:54 +01:00
Ghost CI
050ff1b28a v5.45.0 2023-04-21 16:00:48 +01:00
Ghost CI
74e44aeaca 🎨 Updated Casper to v5.4.10 2023-04-21 16:00:48 +01:00
Naz
f9fbac8fa5
Added labs safeguard for announcementBar settings
refs https://github.com/TryGhost/Team/issues/3051

- An extra safeguard to prevent announcementBar feature variables from accidentally leaking through the Content API.
2023-04-21 16:40:49 +02:00
Fabien "egg" O'Carroll
5feedadc80 Wired up feature image alt and caption to DB and Admin
We no longer need a reference to the previous version, instead we can use the
latest revision, this makes it easier to compare "off table" data such as the
feature image caption stored in posts_meta.
2023-04-21 15:26:43 +01:00
Fabien "egg" O'Carroll
bbdbcd02ef Added columns to store feature image metadata for revision
We need this to correctly display the difference with feature images and to
restore them.
2023-04-21 15:25:11 +01:00
Ronald Langeveld
f68936900c
Added post status saving (#16702)
no issue 

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at ebd1973</samp>

This pull request adds support for storing and tracking the status of
posts in revisions. It introduces a new `post_status` column and
property in the `post` and `PostRevision` models, and updates the
`PostRevisions.formatInput` method to handle it.
2023-04-21 15:17:25 +01:00
Chris Raible
3aec11328f
Populated reason field in post-revisions when revision is created (#16700)
no issue
2023-04-21 14:36:35 +01:00
Naz
cddf786424
Added filtering of announcement bar content
refs https://github.com/TryGhost/Team/issues/3051

-  We need to show the announcement_content to specific audiences based on the announcement_visibility filter
2023-04-21 13:46:37 +02:00
Ronald Langeveld
3cf6800e3e
Added post-status and reason col to post_revisions (#16693)
refs https://github.com/TryGhost/Team/issues/3099

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 83140b5</samp>

This pull request adds a new column `post_status` to the
`post_revisions` table to store the status of the post revision. It also
updates the schema definition, the migration file, and the integrity
test to reflect the new column.
2023-04-21 12:32:35 +01:00
Fabien "egg" O'Carroll
bf37e6273a Fixed post_revisions title migration
This was incorrectly using the lenght of 24 rather than 2000
2023-04-21 12:03:11 +01:00
Fabien 'egg' O'Carroll
169a56d1bb
Added feature_image to post_revisions (#16695)
This will allow us to store historical data for feature images so we can
diff and restore them
2023-04-21 12:02:04 +01:00
Chris Raible
06262ecf33
Added logic for saving revisions on explicit saves (#16688)
refs @TryGhost/Team#3076

- added `save_revision` option to edit post endpoint
- this change covers the following cases:
1. we will not save a `post_revision` on every background autosave that
occurs after 3 seconds of inactivity in the editor
2. we will save a `post_revision` when the user hits `cmd+s` in the
editor to explicitly save
3. we will save a `post_revision` when the user navigates away from the
editor (e.g. by clicking the 'Posts' breadcrumb in the editor)
4. we will save a `post_revision` when the user publishes a post
5. we will save a `post_revision` when a user updates an already
published post
2023-04-21 10:04:05 +01:00
Naz
c21f136834 Corrected announcement_visibility setting type
refs https://github.com/TryGhost/Ghost/pull/14264

- With a requirement change we need to transform `announcement_visibility` setting to be an "array" instead of a "string". Array structure will allow us to hold multiple filters at once giving more coverage to the audience targetting usecases.
- Example filter variations we'll support are:
[ ] Logged out visitors
[ ] Members
[ ] Free members
[ ] Paid members
2023-04-21 10:18:50 +02:00
Rishabh Garg
d3c6d8ad13
Added Pintura integration page in Admin (#16686)
refs https://github.com/TryGhost/Team/issues/3034

- adds new integration page for Pintura in Admin
- allows site owners to enable/disable the image editor integration
- allows self-hosters to upload the files for enabling Pintura image
editor

---------

Co-authored-by: Sodbileg Gansukh <sodbileg.gansukh@gmail.com>
2023-04-20 21:20:07 +05:30
Rishabh Garg
bd127eae6d
Added new settings for pintura editor integration (#16682)
refs https://github.com/TryGhost/Team/issues/3034

- adds 3 new settings for managing pintura image editor integration in
admin
- `pintura` setting controls the enabling of the feature
- `pintura_css_url` is used to store path to pintura css file uploaded
on integration page
- `pintura_js_url` is used to store path to pintura js file uploaded on
integration page
2023-04-20 19:19:56 +05:30
Ronald
71052cb33e Added postdiffing feature flag
closes https://github.com/TryGhost/Team/issues/3078

- added post diffing feature flag to isolate it from post history.
2023-04-20 14:15:59 +01:00
Elena Baidakova
09ead74f21 Bumped announcement-bar package
no issue
2023-04-20 16:44:35 +04:00
Elena Baidakova
bf6f697be4 Fixed announcement-bar package version
no issue
2023-04-20 14:32:20 +04:00
Elena Baidakova
4c4e5a9c95 Hide announcement bar script if announcement_content is empty
refs TryGhost/Team#3009
2023-04-20 14:05:37 +04:00
Elena Baidakova
725956bc8b Added script for announcement bar insertion
refs TryGhost/Team#3009
2023-04-20 14:05:37 +04:00
Sag
06610e150a Bumped lexical packages
no issue
2023-04-20 10:54:16 +01:00
Elena Baidakova
9c59fbfb52 Bumped Lexical packages
no issue
2023-04-20 10:58:09 +04:00
Fabien "egg" O'Carroll
ce3f2221a0 Removed bookshelf-relations config from PostRevision model
This was causing issues with saving posts when revisions did not have authors
and is not necessary for the functionality we desire.
2023-04-19 17:49:23 +01:00
Naz
de41b07228
Exposed announcement settings in Content API
refs https://github.com/TryGhost/Team/issues/3011

- Allows to read following settings fields:
  - announcement - alias to announcement_content
  - announcement_background
2023-04-19 16:01:50 +02:00
Naz
388a625f37
Added announcement_* fields to Settings Admin API
refs https://github.com/TryGhost/Team/issues/3011

- Allows to edit and read following settings fields:
  - announcement_content
  - announcement_background
  - announcement_visibility
2023-04-19 16:01:50 +02:00
Michael Barrett
78da6cf77d
Removed post revision author id on user deletion (#16670)
no issue

When a user is deleted any post revisions created by the user are set to
be owned by nobody (null) rather than deleting the post revisions
associated with the user
2023-04-19 14:00:45 +01:00
naz
865df1e143
Added announcement fields to settings table (#16654)
refs https://github.com/TryGhost/Team/issues/3011

- This is a data structure needed to support Announcement Bar feature -
allows to create custom site-wide announcements tailored to the
audience.
- The `announcement_content` is meant to hold displayed HTML content of
the announcement and will be exposed through unauthenticated Content
Site API

- The `announcement_visibility` sets the target audience to display the
Announcement Bart to:
  - `public` - Everyone
  - `visitors` - Logged out visitors only
  - `members` - Members only
  - `paid` - Paid members only

- The `announcement_background` sets the CSS class that should be
applied to the Announcement Bar. and will be exposed through
unauthenticated Content Site API. Three styles are available:
  - `accent` - matches the color of the site accent
  - `dark` - dark style
  - `light` - light style
2023-04-19 14:25:25 +02:00
Naz
7969399cdf
Added ability to pass 'flags' field into new settings
refs 3b90b1f335
refs https://github.com/TryGhost/Team/issues/3011

- The "flags" property was missing from the allowed parameters in addSettings migrations utility method. Passing in "flags" is needed to complete a refed issue where we add a new "announcement" group of settings and two of these settings have a "PUBLIC" flag
2023-04-19 14:02:03 +02:00
Chris Raible
f95012066a
Added author details to post_revisions in posts endpoint (#16674)
no issue

- added full author object to the post_revisions array on the /posts endpoint
- to be used in the post history modal to display who authored each revision
2023-04-19 12:05:55 +01:00
Rishabh Garg
48030c3050
Added basic image editing alpha feature (#16669)
refs https://github.com/TryGhost/Team/issues/3034

- adds new alpha feature flag for image editing in Admin
- allows new config for Pintura files that enable the image editing in
Admin
- adds new ember component for triggering image editing for post feature
images

---------

Co-authored-by: Sodbileg Gansukh <sodbileg.gansukh@gmail.com>
2023-04-19 16:27:26 +05:30
Chris Raible
65cf3afe5b
Fixed maxlength for author_id in migration v5.45 (#16668)
no issue

- maxlength for author_id was errantly set to 2000 instead of 24
- migration was failing with:

ERROR Field length of `author_id` in `post_revisions` is too long!

Field length of `author_id` in `post_revisions` is too long!

"This usually happens if your database encoding is utf8mb4.\nAll unique
fields and indexes must be lower than 191 characters.\nPlease correct
your field length and reset your database with `yarn knex-migrator
reset`.\n" "Read more here:
https://github.com/TryGhost/knex-migrator/issues/51\n"
2023-04-18 16:46:46 +01:00
Aileen Nowak
540de8eafd Added oembed Admin API endpoint to allow list
no issue

- Some services require the `oembed` API endpoint to be reachable via Admin API
- Adding the endpoint to the allowed list resolves this
2023-04-18 15:38:36 +01:00
Chris Raible
0130c9f553
Renamed foreign key constraint in migration v5.45 (#16664)
- the autogenerated constraint name was too long for MySQL, yielding the
error below (although it seems to be fine for sqlite)
- this change adds an explicit, shorthand name for the constraint to
stay under the limit on MySQL8

Error: alter table `post_revisions` add constraint
`post_revisions_author_id_foreign` foreign key (`author_id`) references
`users` (`id`), algorithm=copy - Specified key was too long; max key
length is 3072 bytes
2023-04-18 15:02:13 +01:00
Michael Barrett
9911e6be78
Persisted post revision author and title (#16653)
no issue

Persisted post revision author and title
2023-04-18 14:15:26 +01:00
Sag
932bfef27a
Bumped Lexical packages (#16661)
no issue
2023-04-18 13:42:05 +01:00
Chris Raible
e7f9f7c101 Fixed post revisions not loading in modal-post-history 2023-04-18 12:19:31 +01:00
Chris Raible
37e13b9c90 Removed post_revisions from posts-public.js 2023-04-18 12:03:30 +01:00
Michael Barrett
75e6ce261c
Added author & title to post revisions (#16649)
no issue

Added `created_by` and `title` columns to `post_revisions` table
2023-04-18 11:47:57 +01:00
Chris Raible
af367a2a18
Added post_revisions as a default include for posts (#16660)
no issue

- post_revisions will now be included in any request to the /posts
endpoint
- updated admin models to include post_revisions
- post revisions can now be accessed in the modal-portal-history via
this.post.post_revisions
2023-04-18 11:12:35 +01:00
Elena Baidakova
b7f091f732 Updated lexical packages
no issue
2023-04-18 13:23:02 +04:00
Elena Baidakova
9380209670
Added announcementBar feature flag and announcement input demo (#16659)
refs TryGhost/Team#3008

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 2a60623</samp>

This pull request adds a new experimental feature for displaying an
announcement bar at the top of the site. It introduces a new component
template and class for the announcement bar, a new feature flag and its
UI controls, and some CSS adjustments for the editor input and the
announcement bar.
2023-04-18 13:12:37 +04:00
Steve Larson
8a563910d3 updated lexical packages
no refs
2023-04-17 16:24:36 +01:00
Fabien "egg" O'Carroll
a507072eb8 Updated PostRevisions to accept html string
- We also fix the name of the feature flag
- We also correctly await the result of revision generation
- We pass the HTML string so we can potentially do an easier word count diff
2023-04-17 16:16:08 +01:00
Fabien "egg" O'Carroll
e151b55461 Fixed name of @tryghost/post-revisions 2023-04-17 14:59:13 +01:00
Fabien "egg" O'Carroll
454dc7a876 Added @tryghost/post-revisions to package.json
This is necessary for our build tool to pick up and bundle the package.
2023-04-17 14:56:12 +01:00
Fabien "egg" O'Carroll
7d7e19449a Used new PostRevisions service for revision generation
This is behind the postHistory flag so that we leave alone the very import
revision generation code. The new package attempts to replicate the existing
strategy but gives us room to easily change it in future
2023-04-17 14:47:27 +01:00
Chris Raible
4c893e5a63
Added post_revisions to posts endpoint as an include option (#16648)
no issue

- with this change, you can access a post's lexical revisions via the
api (e.g. `/posts/:id/?include=post_revisions`)

> _We are the post revisions, we won't be erased_
> _We rise from the ashes of the mobiledoc waste_
> _We join the API response, we claim our rightful place_
> _We are the post revisions, we show the truth of your face_
2023-04-17 13:46:27 +01:00
Michael Barrett
8dff121f73
Added postHistory feature flag (#16645)
no issue

Added flag to enable / disable post history from within the editor
2023-04-17 11:08:47 +01:00
Elena Baidakova
7f184d2451
Added support for filtering snippets to mobiledoc/lexical (#16636)
refs TryGhost/Team#2904


<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at b3f5423</samp>

This pull request adds support for multiple formats of snippet content,
especially the `lexical` format, to the Ghost CMS. It modifies the
snippets API, model, and test files to handle the format conversion,
filtering, and serialization of snippets.
2023-04-17 10:54:08 +04:00
Ghost CI
5d43101f40 v5.44.0 2023-04-14 16:00:41 +01:00
Simon Backx
d98f29c6aa Added cache invalidation to posts and pages bulk apis
refs https://github.com/TryGhost/Team/issues/2677
2023-04-14 12:25:24 +02:00
Simon Backx
854f616f70
Added bulk edit pages API and admin UI (#16633)
refs https://github.com/TryGhost/Team/issues/2677

- This extends the bulk editing UI to pages.
- New endpoints for editing pages in bulk
- Support for type in bulk edit UI
- Fixed empty messages for lists
- Minor bugfixes (e.g. save button when adding tags became red because
task didn't return true)

---

This pull request adds support for bulk editing and deleting of pages in
the admin UI and the API. It refactors the context menu component and
the list templates to handle different types of content (posts or pages)
dynamically. It also updates the selection list utility and the no posts
box component to work with the new feature. It modifies the `posts.js`
and `pages.js` API files and the corresponding input and output
serializers and routes.
2023-04-14 12:16:15 +02:00
Elena Baidakova
eaf6e3c7e5
Added lexical column to snippets table (#16632)
refs TryGhost/Team#2904

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 04a6b06</samp>

This pull request adds a new `lexical` column to the `snippets` table to
store lexical information for snippets. It includes a migration script,
a schema update, and a schema hash update.
2023-04-14 13:18:41 +04:00
Fabien 'egg' O'Carroll
82393fa99d
Added bulk tag addition to post context menu
refs https://github.com/TryGhost/Team/issues/2922

Add multiple tags to multiple posts at once.

---------

Co-authored-by: Simon Backx <simon@ghost.org>
2023-04-13 16:17:36 +02:00
Sag
1d19021606
Bumped Lexical packages (#16626)
no issue
2023-04-13 10:47:22 +02:00
Kevin Ansfield
b286faf011
Initial setup for Lexical multiplayer websockets service (#16611)
no issue

Rough prototype only, current limitations:
- **No persistence**. Docs are in-memory only, YJS state will be lost on server restart although it could be re-populated by clients if they reconnect without closing their local doc (needs testing/investigation)
- **No tie-in with saved lexical state**. Lexical state is updated in the post model via normal API requests from Admin which can mean the multiplayer doc and the saved lexical state become out of sync but there's no detection/indication of that state at present. Will also trigger the "someone else is editing" errors because multiplayer doesn't yet override the default post update collision detection
- **New posts don't start in multiplayer**. New posts don't have an ID and so can't have a respective YJS doc, after initial save we don't transition to multiplayer because the React component in Ember doesn't re-render on prop changes yet
- **No tests**. Experimental code just to get something working and help answer questions for what's next

Changes:
- added `lexicalMultiplayer` labs flag
- updated `<KoenigLexicalEditor>` to pass through the required `<KoenigComposer>` props for multiplayer when enabled
- added `lexical-multiplayer` service
  - `init()` called during boot, used to set up the `enable()` and `disable()` methods so the flag can be toggled without restarts
  - when enabled it adds `upgrade` request handling to the base Ghost server
    - returns 404 if the URL doesn't match `/ghost/api/admin/posts/multiplayer/*`
    - returns 401 if a valid session cookie is not present
    - if everything is good, hands off to code in `y-websocket.js` that handles YJS doc creation, awareness, keepalive, etc
    - uses doc names in the format `${post.id}/${docId}` where `docId` is `main` for the primary document and a GUID for any sub-documents like captions and nested editors in cards
- updated `SettingsBREADService` to check if the `labs` setting is changed, and enables/disables the `lexical-multiplayer` service as needed so the websockets server can be started and shutdown when toggling without requiring a restart
2023-04-12 20:24:02 +01:00
Ghost CI
eafbb2856c v5.43.0 2023-04-12 11:38:08 +01:00
Ghost CI
63c5a47c02 🎨 Updated Casper to v5.4.9 2023-04-12 11:38:08 +01:00
Simon Backx
ab1ca90779
Implemented bulk editing post access (#16617)
fixes https://github.com/TryGhost/Team/issues/2924

This change adds a new bulk edit action for posts to update their
visibility. It also implements a modal to change the post access level
for multiple posts at once using this new API.

It also fixes a pattern that was used when modifying the Ember models in
memory. They previously were marked as dirty, this is fixed now. So when
going to the editor after modifying posts, you won't get a confirmation
dialog any longer.
2023-04-12 11:58:46 +02:00
Ghost CI
8571011e7d Merged v5.42.3 into main 2023-04-12 04:38:27 +01:00
Ghost CI
e185ed8b68 v5.42.3 2023-04-12 04:38:23 +01:00
Simon Backx
24b4a50b24 Bumped Portal to v2.29
no issue

Start using the latest released version.
2023-04-11 17:54:09 +02:00
Simon Backx
66b353ed97
Added bulk destroy posts api (#16587)
fixes https://github.com/TryGhost/Team/issues/2921

Adds the bulk destroy API for posts, and implemented it in the admin UI.
2023-04-11 16:37:42 +02:00
Elena Baidakova
100b4880ee Bump Koenig packages
no issue
2023-04-11 18:08:30 +04:00
renovate[bot]
ee216038e9 Update dependency @tryghost/email-mock-receiver to v0.3.1 2023-04-11 11:47:08 +02:00
renovate[bot]
4b8f631563 Update dependency @playwright/test to v1.32.3 2023-04-11 11:14:38 +02:00
renovate[bot]
88e1f2c50f Update dependency semver to v7.4.0 2023-04-11 11:01:01 +02:00
Chris Raible
7a800ec06e
Fixed flaky test: posts API export can export with order (#16605)
closes Tryghost/Team#2975

- The test was failing because the order of the posts was not guaranteed
- The posts receive a published_at timestamp = new Date() when they are
created, unless a published_at date is passed in
- ~1/3 times the tests would run, the ordering would change and this
test would fail
- This commit fixes the test by passing in a published_at date to ensure
the order is always the same
2023-04-10 18:40:03 -07:00
Sag
ed28bba94d
Upgraded Lexical packages (#16600)
no issue
2023-04-10 10:39:15 +02:00
Chris Raible
04e6b9763c
Added retries to a flaky batch sending test (#16591)
refs TryGhost/Team#2949
2023-04-07 17:44:11 -07:00
Ghost CI
1c46e3d456 v5.42.2 2023-04-07 16:00:37 +01:00
Naz
cdc8cb2d16 Added email snapshot test to member suite
refs https://github.com/TryGhost/Team/issues/2691
refs 53fd78cc86

- One more example using emailMockReceiver instead of outdated mockManager's assertions.
2023-04-07 16:12:51 +02:00
Naz
f77aa03e91
Added missing snapshots for version tests
refs 7552873072

- These snapshot were missing with original refed commit.
2023-04-07 15:31:18 +02:00
Naz
53fd78cc86
Added email snapshot tests to newsletter suites
https://github.com/TryGhost/Team/issues/2691

- This change is meant to serve as an example for testing outbound emails. It uses emailMockReceiver and it's html/test/metadata snapshotting features.
- The wider goal is to move away from using "mockManager.assert.sentEmail" that only tested some of the outgoing email contents to more wide range testing through "emailMockReceiver"
- For more on best practices using emailMockReceiver check out codex section on "email testing" - https://ghost.notion.site/End-to-end-Testing-6a2ef073b1754b18aff42e24a632a007#cf33c7f0-fba6-4951-bf50-09080374719c
2023-04-07 14:34:57 +02:00
Naz
f264c1d1f8
Removed unnecessary mockMail call
no issue

- This test has nothing to do with outgoing emails, so no need to mock mail
2023-04-07 14:34:57 +02:00
renovate[bot]
07545541a8 Update @tryghost 2023-04-07 13:47:12 +02:00
Simon Backx
f4d75388fd
Added post bulk edit api (#16576)
fixes https://github.com/TryGhost/Team/issues/2919

This pull request implements a new feature that allows bulk editing of
posts by a filter. It adds a new `bulkEdit` endpoint to the posts API
and new `PostsService` methods to handle the bulk actions.

The posts list component is duplicated, so we can keep working in a
copied version without affecting the old version without a flag. It
temporarily adds a star icon to indicate featured posts in the posts
list.
2023-04-07 11:48:14 +02:00
Chris Raible
d49241dd29
Fixing error in browser test (#16583) 2023-04-07 01:11:37 -07:00
Ghost CI
7b6805580c Merged v5.42.1 into main 2023-04-07 08:51:06 +01:00
Ghost CI
89cf224a2a v5.42.1 2023-04-07 08:51:02 +01:00
Daniel Lockyer
378dd913aa
🔒 Fixed path traversal issue in theme files
refs https://github.com/TryGhost/Team/issues/2843

- Using encoded path traversal characters in URL's path allowed to fetch
  any file within active theme's folder, which is disallowed
- credits to: fuomag9 https://kiwi.fuo.fi/@fuomag9
2023-04-07 09:45:59 +02:00
Chris Raible
563793c7ed
Added retries for all known flaky tests (#16582)
refs TryGhost/Team#2833

- for mocha tests, we can add `this.retries(1)` to any flaky tests
- for playwright tests, we can add `test.describe.configure({ retries:
1})` to any `describe` block
- not a long-term solution, but it should help mitigate issues with flaky
tests in short term
2023-04-07 00:37:01 -07:00
naz
7552873072
Added email content snapshots to API versioning tests (#16577)
refs https://github.com/TryGhost/Team/issues/2691
refs
939f25a987

- Resurrected refed commit that was adding tests for versioning API,
this time it's using dynamic replacements to match dynamic content of
the email using matchHTMLSnapshot / matchPlaintextSnapshot with dynamic
content replacements.
2023-04-06 22:42:11 +02:00
Naz
3f78e959b3
Bumped email-mock-receiver
refs https://github.com/TryGhost/Team/issues/2691

- This bump changes the "sentEmailCount" method to a more descriptive "assertSentEmailCount" and adds chaining to this method.
2023-04-06 22:13:17 +02:00
Daniel Lockyer
f61ea1f1a2
Bumped Portal to 2.28
- this bumps the version to 2.28 in Ghost so we can use the latest and
  greatest
2023-04-06 20:20:27 +02:00
naz
70ae3efd5c
Update email mock receive (#16578)
refs TryGhost/Team#2691

- The bump adds possibility to make email's html/text snapshots with dynamic content. The breaking change here is with separate "matchPlaintextSnapshot" method extracted out of "matchMetadataSnapshot" to handle dynamic content in "text" part of the sent email.
2023-04-06 17:24:23 +02:00
Simon Backx
ba8f082d41
Added awaiting jobs and events by default to all tests (#16505)
no issue

This change waits for domain events and jobs before continuing with the
next test. This prevents issues where background tasks in tests are
executed when the next test is running and the configurations have
changed, causing random error logs and test failures.

It also includes a change in Stripe mocking in one E2E test to make use
of the new StripeMocker instead of custom mocking in each test (also to
reduce error logs).
2023-04-06 09:05:16 +02:00
Chris Raible
16c625a630
Added retries to flaky email test (#16556)
refs TryGhost/Team#2891

- test was flaking frequently enough that we had to remove it — not a perfect fix but figure it's better to enable retries than to completely remove the test
- ran CI 5 times (x 4 environments) and it passed 5 times in a row
2023-04-05 22:01:59 -07:00
renovate[bot]
95308573fd Update dependency cssnano to v6 2023-04-05 18:24:03 +02:00
Ghost CI
aa5272ffb9 v5.42.0 2023-04-05 16:49:46 +01:00
Sanne de Vries
92663ea731
Fixed email width and dark mode images in email template (#16566)
Refs https://github.com/TryGhost/Team/issues/2845

---------

Co-authored-by: Fabien "egg" O'Carroll <fabien@allou.is>
Co-authored-by: Simon Backx <simon@ghost.org>
2023-04-05 15:53:51 +02:00
renovate[bot]
83373e1751 Update Test & linting packages 2023-04-05 15:16:08 +02:00
Sag
8f6c3c12e2
Upgraded Lexical packages (#16564)
no issue
2023-04-05 15:00:26 +02:00
renovate[bot]
254533ad92 Update dependency @playwright/test to v1.32.2 2023-04-05 14:49:19 +02:00
Daniel Lockyer
b64d32cc26 Removed heavy dependency within @tryghost/errors
- we previously used `@stdlib/utils` instead of the child package
  `@stdlib/copy`, which is a lot smaller and contains our only use of
  the parent
- this saves 140+MB of dependencies
2023-04-05 13:46:15 +02:00
Daniel Lockyer
7ec2656495 Added yarn resolution for @tryghost/errors
- we keep ending up with multiple versions of the depedency in our tree,
  and it's causing problems when comparing instances
- the workaround I'm implementing for now is to bump the package
  everywhere and set a resolution so we only have 1 shared instance
- hopefully we can come up with a better method down the line
2023-04-05 09:34:50 +02:00
Rishabh Garg
bb21dc47f0
Updated member snapshot for comments tests
refs TryGhost/Team#2888
2023-04-05 00:25:31 +05:30
Rishabh
76ed31464b Fixed snapshots for frontend frontend member data APIs
refs https://github.com/TryGhost/Team/issues/2888
2023-04-05 00:01:55 +05:30
Rishabh
d29d541326 Updated firstpromoter integration in portal
refs https://github.com/TryGhost/Team/issues/2888

Bumps portal to include changes for referral tracking in FirstPromoter integration for old members.
2023-04-04 23:58:29 +05:30
Rishabh
ace4d17b3e Updated unit tests for frontend member data 2023-04-04 23:51:45 +05:30
Rishabh
56eb7a822f Fixed FirstPromoter integration to ignore old referrals
closes https://github.com/TryGhost/Team/issues/2888

Due to lack of member's created at date, we previously called the FirstPromoter tracking function for all logged-in members irrespective of when they signed up. This caused issues in few cases where members who were already signed up were getting falsely attributed as referrals if they had clicked on a referral link previously.

This change uses the member's created at date which is now available on frontend for logged-in members, and ignored the FirstPromoter tracking script if member had signed up more than 24 hours ago.
2023-04-04 23:46:12 +05:30
Chris Raible
e95c531e8b
🐛 Fixed member signup emails being sent with escaped subject line (#16544)
closes TryGhost/Team#2895

- this was caused by the subject line being passed through the i18n
translator, which was escaping the content
- passing in `interpolation: {escapeValue: false}` when retrieving the
value prevents the content from being escaped
- modified a test to ensure the subject line is not escaped
2023-04-04 10:12:28 -07:00
Simon Backx
d0042b550a
Fixed redirecting back to account home after sign in in Portal (#16487)
refs https://github.com/TryGhost/Team/issues/2674

When going to /#/portal/account when not signed in, you are redirected
to the login page. But once signed in, you aren't redirected back to the
account page. This fixes this issue by adding an extra and optional
redirect parameter when requesting a magic token via email.

This new parameter allows to override the default behaviour of using the
Referer HTTP header, which doesn't include the hash/fragment part of the
URL.

The referrer is already restricted to only allow redirects to the site,
not external URLs.
2023-04-04 18:07:37 +02:00
Fabien "egg" O'Carroll
41e8c20d88 Deleted flakey test
refs https://github.com/TryGhost/Team/issues/2891

This test is failing more and more frequently and is being removed with the
intention of reinstating it once it has been fixed
2023-04-04 20:16:44 +07:00
Simon Backx
e13f052af8
Added Portal signup terms settings and migration (#16545)
fixes https://github.com/TryGhost/Team/issues/2885 
fixes https://github.com/TryGhost/Team/issues/2896 
fixes https://github.com/TryGhost/Team/issues/2877

This change adds the new portal_signup_terms_html setting and
portal_signup_checkbox_required setting and the corresponding migration.
2023-04-04 10:04:12 +02:00
Sanne de Vries
57fcfe76d8
Updated images in email template to be work with light/dark mode
refs https://github.com/TryGhost/Team/issues/2845

We needed to update the html out of the cards to include images for light
and dark mode, and then we've used CSS to show/hide them 

Co-authored-by: Fabien "egg" O'Carroll <fabien@allou.is>
2023-04-04 00:32:08 +07:00
Simon Backx
d06e3dca60 Added id column to post analytics export
refs https://github.com/TryGhost/Team/issues/2678

Also fixes snapshots
2023-04-03 14:50:43 +02:00
Simon Backx
136bf80168 Added post analytics export
fixes https://github.com/TryGhost/Team/issues/2678

- Includes a new filename for the export (post-analytics instead of posts)

Co-authored-by: Fabien 'egg' O'Carroll <fabien@allou.is>
Co-authored-by: Sanne de Vries <sannedv@protonmail.com>
2023-04-03 14:39:11 +02:00
Simon Backx
bef310cb2a Readded failing test
no issue

Test was failing and removed temporarily.
2023-04-03 11:35:40 +02:00
Sag
3393d3910c
Upgraded Koenig packages
no issue
2023-04-03 11:33:43 +02:00
Simon Backx
33237c4df7 Added newsletter auto border color and dynamic color picker
fixes https://github.com/TryGhost/Team/issues/2879
fixes https://github.com/TryGhost/Team/issues/2880

- Replaced black border color with 'auto' based on background color.
- When a color is 'auto', the color that are visible in the UI (color pciker) will be dynamic based on the background color.
2023-04-03 11:27:57 +02:00
Sagar Gupta
0c8f75686b Fixed Public Preview Card in Lexical 2023-04-03 10:04:37 +02:00
Ghost CI
8140a7b227 v5.41.0 2023-03-31 17:00:56 +01:00
Ghost CI
77347a0adc 🎨 Updated Casper to v5.4.8 2023-03-31 17:00:56 +01:00
Daniel Lockyer
040c015796
Bumped Portal to v2.26.0
- contains i18n translations
2023-03-30 18:34:16 +02:00
Daniel Lockyer
5cd67f83ea Added i18n labs flag
- this adds the labs flag and scaffolding to wire it into Ghost + Portal
2023-03-30 18:15:57 +02:00
Paul Davis
86027fdb6f
Add Migrate app (#16458)
Adds the UI for self-serve migrations
2023-03-30 15:40:06 +01:00
Peter Zimon
79bb55a737
Added Hungarian locale for Portal (#16488)
Hungarian translation for email contents and Portal.
2023-03-30 09:57:09 -04:00
Fabien 'egg' O'Carroll
0f72816951
Newsletter email template customisation (#16523)
Refs https://github.com/TryGhost/Team/issues/2845

Co-authored-by: Sanne de Vries <sannedv@protonmail.com>
2023-03-30 15:33:46 +02:00
Rishabh Garg
dc811af070
Merged mentions UI and email lab flags (#16518)
closes https://github.com/TryGhost/Team/issues/2851

We had two separate flags to manage the Mentions beta, one for showing
UI and other for sending emails. This change combines them both under
the single `webmentions` flag that was previously only used to show the
UI.
2023-03-29 01:12:56 +05:30
Rishabh Garg
61afa94a4e
Fixed plaintext for mentions email report (#16517)
closes https://github.com/TryGhost/Team/issues/2754

Updates plaintext version for mentions email report to include all unique mentions in a nice list format.
2023-03-29 00:36:05 +05:30
Ghost CI
4ca61837f4 Merged v5.40.2 into main 2023-03-28 13:20:27 +01:00
Ghost CI
370ec93736 v5.40.2 2023-03-28 13:20:23 +01:00
Simon Backx
d811440b54 Fixed batch sending snapshot date matching
no issue

The replacement didn't match dates with only one number.
2023-03-28 17:16:39 +05:30