no issue
- part of ember upgrades
- removed all unnecessary usage of `.get`
- cleaned up imports where we had imports from the same module across multiple lines
- standardized on importing specific computed helpers rather than using `computed.foo`
- switched tests from using `wait()` to `settled()`
no issue
Having `session.user` return a promise made dealing with it in components difficult because you always had to remember it returned a promise rather than a model and had to handle the async behaviour. It also meant that you couldn't use any current user properties directly inside getters which made refactors to Glimmer/Octane idioms harder to reason about.
`session.user` was a cached computed property so it really made no sense for it to be a promise - it was loaded on first access and then always returned instantly but with a fulfilled promise rather than the underlying model.
Refactoring to a synchronous property that is loaded as part of the authentication flows (we load the current user to check that we're logged in - we may as well make use of that!) means one less thing to be aware of/remember and provides a nicer migration process to Glimmer components. As part of the refactor, the auth flows and pre-load of required data across other services was also simplified to make it easier to find and follow.
- refactored app setup and `session.user`
- added `session.populateUser()` that fetches a user model from the current user endpoint and sets it on `session.user`
- removed knowledge of app setup from the `cookie` authenticator and moved it into = `session.postAuthPreparation()`, this means we have the same post-authentication setup no matter which authenticator is used so we have more consistent behaviour in tests which don't use the `cookie` authenticator
- switched `session` service to native class syntax to get the expected `super()` behaviour
- updated `handleAuthentication()` so it populate's `session.user` and performs post-auth setup before transitioning (handles sign-in after app load)
- updated `application` route to remove duplicated knowledge of app preload behaviour that now lives in `session.postAuthPreparation()` (handles already-authed app load)
- removed out-of-date attempt at pre-loading data from setup controller as that's now handled automatically via `session.handleAuthentication`
- updated app code to not treat `session.user` as a promise
- predominant usage was router `beforeModel` hooks that transitioned users without valid permissions, this sets us up for an easier removal of the `current-user-settings` mixin in the future
refs https://github.com/TryGhost/Team/issues/221
- we're getting ready for the 4.0 API version so we should be using canary to fully test the changes
- changed from `v3` to `canary` in `utils/ghost-paths.js`
- updated mirage and tests to use `ghostPaths` util so we only need to change the version in one place in the future
no refs
depends on https://github.com/TryGhost/Ghost/pull/12472
The members CSV importer gets an overhaul and works with new importer module in members service, performing the import in a background job when the import will take too long to complete in a reasonable time and send an email with data on completion. Also includes updated CSV mapping UI and error handling to allow easier import from different type of exports.
Co-authored-by: Fabien O'Carroll <fabien@allou.is>
Co-authored-by: Peter Zimon <zimo@ghost.org>
no issue
- A new validation stage has been introduced as a second step after CSV file has been dropped. It is meant to catch any obvious validation errors and output detailed statistics about
- These improvements also improve sampling logic which increases sample size to 30 non-empty cells which are used to validate stripe_customer_ids when there's such need.
- New sampling logic also introduces improved automatic field type detection which allows to better map email and stripe_customer_id fields to CSV columns
refs 2dfff367b9
- The test was removed because feature is no longer needed.
- Qoute from Zimo: " reason: it’s based on a sample so we don’t know for sure how much of the data is actually affected. we might bring it back in the future though"
no issue
- Adds validations for imported CSV data
- These checks include obvious validation checks for data - like if email addresses are valid, checking if Stripe configured when entries with stripe_customer_id are present and additional server-side validation for entries with stripe_customer_id to check if they appear in connected Stripe account
- The validation set is calculated by naive choosing of first 5, middle 5 and 5 tail records from imported set. This logic comes from observations that errors usually apear withing "test" records in the beggining or the end of the file. These selection rules might change in the future if we find a need for it.
- Adds papaparse CSV parser, which was chosen for it's maturity and relatively small minified size. In the future this library should be lazy-loaded to make the first page load UX nicer
no issue
- lazy loaded scripts such as the CodeMirror asset used on the Code Injection screen could throw errors such as `TypeError: Cannot set property 'modeOption' of undefined`
- this was caused by "loading" promise returned from the `lazyLoader` service returning as soon as the network request finished which can be before the loaded script has been parsed and run meaning any processing occurring after the promise returns could be depending on unloaded code
- switched the lazyLoader service's loading mechanism from an ajax fetch to insertion of a `<script>` tag which can have `load` event attached which _will_ return after parsing/loading has completed
no issue
- upgrade to latest `ember-source` and related dependencies including `ember-cli`
- upgrade to latest `ember-mocha` and modern ember testing setup
- https://github.com/emberjs/rfcs/blob/master/text/0268-acceptance-testing-refactor.md
- switch from using global acceptance test helpers and `native-dom-helpers` to using the new `ember-test-helpers` methods
- use [`chai-dom`](https://github.com/nathanboktae/chai-dom) assertions where in some places (still a lot of places in the tests that could use these)
- pin `ember-in-viewport` to 3.0.x to work around incompatibilities between different versions used in `ember-light-table`, `ember-infinity`, and `ember-sticky-element`
- incompatibilities manifested as "Invalid value used as weak map key" errors thrown when using `ember-light-table` (subscribers screen)
- pin `ember-power-datepicker` to unreleased version that contains a move from global acceptance test helpers to modern test helpers
refs #9865
- removed all `oauth2` and token-based ESA auth
- added new `cookie` authenticator which handles session creation
- updated the session store to extend from the `ephemeral` in-memory store and to restore by fetching the currently logged in user and using the success/failure state to indicate authentication state
- ESA automatically calls this `.restore()` method on app boot
- the `session` service caches the current-user query so there's no unnecessary requests being made for the "logged in" state
- removed the now-unnecessary token refresh and logout routines from the `application` route
- removed the now-unnecessary token refresh routines from the `ajax` service
- removed `access_token` query param from iframe file downloaders
- changed Ember Data adapters and `ghost-paths` to use the `/ghost/api/v2/admin/` namespace
no issue
- bump deps with no major breaking changes
- bump yarn.lock sub-dependencies
- resolve deprecation warnings for removal of Authorizers in ember-simple-auth
no issue
- disabled Ember Simple Auth's default token revocation
- we trigger session invalidation on a 401 which means our token isn't valid so the revoke requests will also fail
- renamed application route's `invalidateSession` to `logout` in order to distinguish it from any ESA methods
- added the token revocation requests to this action, we can be fairly sure at this point that the current tokens will be valid so the requests will succeed
- added check to `ajax.handleResponse` so that we don't invalidate the session for requests to external services
- removed pointless assertion from the ajax integration test
no issue
- upgrade `ember-ajax` to 3.0.0
- `ember-ajax` [now passes the payload through directly](https://github.com/ember-cli/ember-ajax/releases/tag/v3.0.0) rather than trying to normalize it so all our error handling needed to be updated
no issue
- add eslint-plugin-ember, configure no-old-shims rule
- run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports
- further cleanup of Ember globals usage
- remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
no issue
- adds `eslint-plugin-sort-imports-es6-autofix` dependency
- implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single`
- fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order
- updates all unordered import rules by using `eslint --fix`
With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it.
no issue
- adds `settings` service that acts as a proxy to the singular settings model with methods to fetch and reload, also prevents accidentally loading only some settings types which has caused problems in the past
- updates app boot, signin, and signup processes to fetch settings ensuring that any part of the app can grab settings synchronously if needed
- removes `timeZone` service, it's no longer needed as we can grab `settings.activeTimezone` directly
- replaces all store queries for the settings model with appropriate `settings` methods
- refactors `apps/*` routes/controllers, they had become a little convoluted with the way they were dealing with settings and the new service helped to clean that up
refs ##8131
- "posts per page" is now a theme-level concern
- UI has already been removed, this finishes the cleanup by removing `settings.postsPerPage` and related validation/test support
no issue
- add functionality for night mode feature flag using alternate
stylesheets
- modify lazy loader service to work with alternate stylesheets
- update feature service to use user accessibility property & add tests
no issue
- cleans up the interface to maintain consistency between loadScript and
loadStyle
- update gh-cm-editor component to await result of loadStyle
no issue
- update `config` service normalise blogUrl to non-trailing slash to match previous API behaviour
- fixes double slashes appearing in places around the app
- fixes "Redirect URI Mismatch" errors when using Ghost OAuth due to the double slashes
no issue
- switch `jscs` and `jshint` inline config to `eslint` config
- fix eslint errors, predominantly in tests where the config now the main app config more closely
refs TryGhost/Ghost#7628 (issue), refs TryGhost/Ghost#7631 (required)
- update `config` service to fetch from public configuration endpoint
- add `beforeModel` to `application` route to fetch config and pause further processing until the request is complete
- remove `<meta name="env-*">` tags from generated `default.hbs` and internal testing `index.html`
- add mirage config to simulate configuration endpoint and helper to simulate enabled oauth config
- update `ghost-oauth2` torii provider to use auth server URL from server-provided config
refs TryGhost/Ghost#5202
We can get into a situation where the app is left open without a
network connection and the token subsequently expires, this will
result in the next network request returning a 401 and killing the
session. This is an attempt to detect that and restore the session
using the stored refresh token before continuing with the request
- wrap ajax requests in a session restore request if we detect an expired `access_token`
no issue
- update ember-ajax to 2.5.1
- replace custom error checking in setup/two with ember-ajax's `isInvalidError`
- update error normalisation and associated parsing tests to ensure all error types result in the same object structure
refs https://github.com/TryGhost/Ghost/issues/6949
Handle version mismatch errors by:
- displaying an alert asking the user to copy any data and refresh
- disabling navigation so that unsaved data is not accidentally lost
Detailed changes:
- add `error` action to application route for global route-based error handling
- remove 404-handler mixin, move logic into app route error handler
- update `.catch` in validation-engine so that promises are rejected with the
original error objects
- add `VersionMismatchError` and `isVersionMismatchError` to ajax service
- add `upgrade-status` service
- has a method to trigger the alert and toggle the "upgrade required" mode
- is injected into all routes by default so that it can be checked before
transitioning
- add `Route` override
- updates the `willTransition` hook to check the `upgrade-status` service
and abort the transition if we're in "upgrade required" mode
- update notifications `showAPIError` method to handle version mismatch errors
- update any areas where we were catching ajax errors manually so that the
version mismatch error handling is obeyed
- fix redirect tests in editor acceptance test
- fix mirage's handling of 404s for unknown posts in get post requests
- adjust alert z-index to to appear above modal backgrounds
refs TryGhost/Ghost#6149
- concats codemirror.js and css on build, keeping them out of vendor.js
- add lazy-loader service to enable loading of external scripts