Commit Graph

11368 Commits

Author SHA1 Message Date
Nazar Gargol
60ae9e82f9 Fixed integration_id assignment for webhook when creating through API key auth
refs 173e3292fa

- The bug was initially introduced in referenced commit. When request is done with `api_key` context, there should always be an `integration` object associated with it - 71c17539d8/core/server/services/permissions/parse-context.js (L36) . An `id` from `context.integration` not `context.api_key` has to be assigned to newly created webhook!
- The webhooks API is about to be declared stable in upcoming release, so no migration will be done
2020-08-04 16:43:24 +12:00
CY Lim
71c17539d8
🐛 Fixed installation on windows #10890 (#12096)
closes #10890

- use platform agnostic `exit 0` to allow `yarn setup` to work on windows
- requires powershell to be run as admin
2020-08-03 20:15:58 +01:00
Gerardo Lopez Dueñas
275bf41ba3
Fixed bookmark card image size in fastmail (#11970)
closes #11907

The image in the bookmark card was being shown out of the bounds of
the card because of a general style `height: auto !important`.

I added a new `max-height` property to the image to avoid exceeding
parent height.
2020-08-03 18:38:45 +01:00
Hannah Wolfe
221f8c4a86
Update CONTRIBUTING.md
- commit messages = why
2020-08-03 16:10:22 +01:00
Rish
f770e9f2ad 🐛 Fixed incorrect member gating on custom static page routes
no issue

- Member gating on post/page content is done using member context on request's frame
- Custom static page route was incorrectly setting the member context as `members` instead of `member`, which caused logged-in members to still not able to see content while logged in as a member
- Fix corrects the member context for these routes to use `member` as expected
2020-08-03 17:28:55 +05:30
Nazar Gargol
2a4ad0e10f Updated stability index comments around Admin API v2 endpoints
refs 067d2eb614

- v2 API has been in maintenance mode since v3 has been released, updated comments accordingly
2020-08-03 23:46:23 +12:00
Nazar Gargol
067d2eb614 Moved canary/v3 webhooks API to "stable" group
no issue

- Webhooks API has been stabilized with latest changes and there are no breaking changes planned for v3. The change has strictly "informative" purpose
- Changed variable naming from "whitelisted" to "allowlisted" to follow updated naming convention (refs. https://mysqlhighavailability.com/mysql-terminology-updates/)
2020-08-03 23:40:15 +12:00
Nazar Gargol
b76a6a1eee Reduced error level to default for not found post error
refs #12064

- `critical` is meant to be something unpredictable like internal error, something worthy attention, as described in Ignition -3439456d94/README.md (list-of-errors)
- This error level was introduced with - this PR https://github.com/TryGhost/Ghost/pull/9426, but there is no context provided why this specific value was used. Assuming it's an outdated value as 'not found' is nowhere to be treated in any special way
2020-08-03 23:16:53 +12:00
Nazar Gargol
1b449f4f53 🐛 Fixed 500 error in webhooks API when modifying non-existing webhooks
closes #12064

- Handled permission check bug by returning 404, same way it is returned in other permissions related places when handling non-existing resource. Example - 60907a7ae4/core/server/models/relations/authors.js (L355-L358)
2020-08-03 23:08:47 +12:00
Renovate Bot
60907a7ae4
Update dependency eslint to v7.6.0 2020-08-03 00:06:23 +00:00
Renovate Bot
59f9b4345f
Update dependency mocha to v8.1.0 2020-07-30 20:37:56 +00:00
Kevin Ansfield
29d94e7814 Fixed mailgun config not allowing custom hosts with ports
no issue

- `mailgun()` expects the `host` option not to include a port but `url.host` will include the port, we instead want to use `url.hostname` which skips the port
2020-07-30 17:28:51 +01:00
Renovate Bot
56ceb1e312
Update dependency sanitize-html to v1.27.2 2020-07-29 15:18:07 +00:00
Kevin Ansfield
577a934f53
Removed DISTINCT from member labels association query (#12088)
no issue

- bookshelf adds `DISTINCT` to any relation query that does not have an explicit `columns` statement
- when measuring the impact of `DISTINCT` on the eager-loading association query when listing members using `{withRelated: 'labels'}`, it can be 2x slower with no index on the sort_order column or 4x slower with an index on sort_order
2020-07-29 12:50:22 +01:00
John O'Nolan
d9da01ea85
Added hiring link to readme 2020-07-29 15:24:59 +07:00
Kevin Ansfield
9f642c8107 Added moment package resolution to pin 2.24.0
refs 1a17f8069b

- sub-dependency update bumped moment versions to 2.27.0 which caused timezone problems again with dates not being written to the database in UTC
- added a resolution in package.json to pin all moment sub-dependencies to the same version we specify in our top-level dependencies
2020-07-28 17:55:23 +01:00
Nazar Gargol
ef6586bfdc Fixed failing members import with label associations
no issue

- When processing entries with new labels in parallel Bookshelf relations is trying to create them which caused unique key constraints to fail. To avoid the failure, all labels should be pre-created before proceeding with creating members
2020-07-28 22:37:48 +12:00
John O'Nolan
71e16bc6d2
Made readme install commands easier to copy/paste 2020-07-28 13:23:31 +07:00
John O'Nolan
cd2c710c9f
Updated GitHub sponsors credits 2020-07-28 13:21:55 +07:00
John O'Nolan
5ce1ea58a9
Update FUNDING.yml 2020-07-28 13:19:20 +07:00
Renovate Bot
fd64af5b78
Update dependency uuid to v8.3.0 2020-07-27 19:05:33 +00:00
Renovate Bot
f89e0d6e4b Update dependency nock to v13.0.3 2020-07-27 19:04:24 +00:00
renovate[bot]
1a17f8069b
Lock file maintenance (#11979)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2020-07-27 19:02:53 +01:00
Fabien O'Carroll
cd2e72542d v3.27.0 2020-07-27 18:38:26 +02:00
Fabien O'Carroll
5c9188b1e5 Updated Ghost-Admin to v3.27.0 2020-07-27 18:38:26 +02:00
Hannah Wolfe
436db4ec3b Updated host limit message to be clearer
- limits are based on total members not number of members that will be emailed
2020-07-26 20:49:30 +01:00
Hannah Wolfe
92446d85ea Changed member limit to be DRY & use raw query
- Member limit code was duplicated in 2 places unnecessarily
- Also used member api code that fetched members and subscriptions fully hyrated when we only need a count
- Using a raw query significantly improves performance here
2020-07-26 20:49:30 +01:00
Kevin Ansfield
0c5c7b32b8 Fixed members import regression tests
refs 14c6968388

- updates expected member labels length asserts to account for auto-generated import label being attached
2020-07-26 18:57:11 +01:00
Kevin Ansfield
14c6968388 Fixed auto-generated label not being attached to members during import
no issue

- label was being created and returned in the response OK but it was missing from the set of labels that get added to members during import
2020-07-26 18:30:58 +01:00
Renovate Bot
1f776e138f
Update dependency @sentry/node to v5.20.1 2020-07-24 17:47:22 +00:00
Renovate Bot
fdb04b086e
Update dependency @tryghost/members-ssr to v0.8.4 2020-07-24 14:02:00 +00:00
Fabien O'Carroll
8ac1e91d8b Bumbed @tryghost/members-api to 0.25.1
no-issue

This contains an update which ensures that we do not insert orphaned
rows into the database

Includes code from: https://github.com/TryGhost/Members/pull/190
2020-07-24 16:01:06 +02:00
Fabien O'Carroll
c46475f5be Supported optionally cancelling subscriptions on delete
no-issue

This updates the Admin API Member resource to *not* cancel subscriptions
by default, and adds a `cancel` option. This can be used over HTTP by
including a `cancel=true` query parameter.
2020-07-24 16:01:06 +02:00
Fabien O'Carroll
0ec28219f9 🐛 Fixed deleting members with deleted Stripe data
closes #11557

- Bumped @tryghost/members-api to 0.25.0
  - Fixed cancelling subscriptions which were already cancelled
  - Renamed exported subscriptions cancel fn from "destroy" -> "cancel"
2020-07-24 16:01:06 +02:00
Fabien O'Carroll
92151a7b5d Added default options to transactional model methods
no-issue

This protects against calling model methods without passing an options
object
2020-07-24 15:31:48 +02:00
Renovate Bot
97d797f97a
Update dependency @tryghost/magic-link to v0.4.12 2020-07-24 12:05:59 +00:00
Renovate Bot
1be849e835
Update dependency gscan to v3.5.5 2020-07-24 11:05:09 +00:00
Hannah Wolfe
3491e60c9d Added config to send bulk email in testmode
- mailgun has a testmode flag we can use to get email to be accepted but not delivered
- this is useful for developers testing general bulk email code - not for users - so it is only available via config
2020-07-24 11:55:34 +01:00
Fabien 'egg' O'Carroll
5144a0e09c
Updated Member model to cascade on destroy (#12077)
no-issue

Up until now we have left orphaned rows in members_stripe_* tables when
a member is deleted, this updates the destroy method so that we cascade
and remove any MemberStripeCustomer and StripeCustomerSubscription
models related to the Member.

This also adds regression tests for the new functionality as well as to
confirm the existing functionality of cascading to the members_labels
join table

This adds the relations of Subscription->Customer & Customer->Member
2020-07-23 18:21:10 +02:00
Rish
2ac69e637e Added publication icon to members site data
refs https://github.com/TryGhost/members.js/issues/72

- Portal is using using publication logo from settings for signup/signin pages
- Instead, we are switching to using publication icon from settings, which also needs to be passed in site data API
2020-07-23 17:04:44 +05:30
Kevin Ansfield
6504b0f6c3 Fixed settings unit tests
refs e04f55cce3

- added `tracker.uninstall()` so that previously set up `tracker.on()` listeners are not called by later tests
- fixed `emits edit events` test which was not correctly mocking the select and update queries
2020-07-22 22:12:00 +01:00
Kevin Ansfield
62c72cb58b Fixed oembed test
refs e04f55cce3

- added `nock.cleanAll()` so that there is no inter-test dependencies
- the failing test was successfully passing previously due to mocha's retry behaviour eventually exhausting nock request handlers that were set up in other tests and intended not to be called
2020-07-22 19:49:30 +01:00
Kevin Ansfield
b2798fef96 Removed mocha retries config
no issue

Retries can result in bogus error messages for any non-idempotent tests with multiple assertions, causing frustrating test debug experiences.

An example:

1. Members import test runs
2. Import succeeds, count assertions pass, assertion for "import label" presence fails
3. Mocha re-runs the test
4. "Imported member" count assertions now fail because the importer won't import duplicates and the db is not cleared for each individual test for performance
5. Mocha reports a test failure as the imported count being incorrect rather than the missing label
2020-07-22 18:16:36 +01:00
Kevin Ansfield
8ceabbcfba Added automatic labelling of all members added during an import
no issue

Having all members created during an import labelled with a specific "import label" is useful for later operations such as bulk delete/edit or simply recording how and when a member was created.

- automatically create a label with the date/time the members CSV import occurred and assign it to all imported members
- return the import label data in the API response so that clients can react accordingly such as automatically filtering the members list by the label once an import finishes
2020-07-22 17:52:43 +01:00
Daniel Lockyer
0fd6684d02 v3.26.1 2020-07-22 11:56:55 +01:00
Daniel Lockyer
5e45cd9155 Updated Ghost-Admin to v3.26.1 2020-07-22 11:56:55 +01:00
Rish
c6cbf9312c Bumped @tryghost/members-api to 0.24.5
refs https://github.com/TryGhost/Team/issues/342

This includes change for updating status code for `sendMagicLink` middleware failure from the actual error object
2020-07-22 16:20:24 +05:30
Fabien O'Carroll
daf38fa24f Bumped @tryghost/members-api to 0.24.4
refs #12074

This includes code to cleanup of any previous webhooks, to ensure that
we have no duplicates.
2020-07-22 12:31:09 +02:00
Fabien 'egg' O'Carroll
69080824de
🐛 Ensured webhooks are created once (#12075)
refs #12074

Since we've split members settings into multiple keys the
reconfiguration of the members-api has been happening in quick
succession as the stripe_connect_* settings are all set at once.

This debounces the call to reconfigure the members-api so that we only
need to instantiate it once.
2020-07-22 12:27:05 +02:00
Daniel Lockyer
415696a3f9 Replaced removed nock method
no issue
2020-07-21 20:25:06 +01:00