Commit Graph

184 Commits

Author SHA1 Message Date
Naz
35e23636ae Fixed 'sent' status setting when publishing a post
refs https://github.com/TryGhost/Team/issues/947

- During the work of the UI and moving `email_only` flag to publish menu it created the situation where the publishing of the post was at the same time as adding `email_only` flag, resulted in not picking up teh `sent` status as the `posts_meta` model and record were's available during save.
- Adding the incoming attribute check for email_only flag covers this situation
2021-08-26 22:25:45 +04:00
Naz
9bc5a279ca Added a 'sent' status to post model
refs https://github.com/TryGhost/Team/issues/953

- We need to track email-only posts that have been sent out. New status was chosen as a way to differenciate such posts.
- Introducing a new "email post" type, conceptually like "page", was considered. Because there is no clear roadmap for "email post" becoming a bigger part of the product yet and a lot of uncertainty around this concept, overhead needed to introduce a new type was just too much to do at this moment. It's still a possibility in the future
2021-08-13 10:06:15 +04:00
Naz
af74e0c89d Removed stray .only statement in tests
refs 06a6dcb2d1
2021-08-06 18:15:32 +04:00
Naz
06a6dcb2d1 Added an /email/ root route for email-only posts
refs https://github.com/TryGhost/Team/issues/948

- The  frontend route `/email/:uuid` is aliased to the preview as a temporary solution. It fulfills the premise of the email-only post anyway - not being accessible publicly and only shared through email.
- The tests for the new route are missing as adding them was way more problematic than I envisoned. They are in the works and will be added as a follow up commit next.
2021-08-06 18:10:19 +04:00
Naz
3c822e0457 Added ability to send newsletter and not publish the post
refs https://github.com/TryGhost/Team/issues/949

- When post is marked as "email-only" we can send it out to the selected audience when publishing without making the post publicly available
- The feature is available for experimentation behind "email only" alpha flag available in labs
2021-08-06 11:57:54 +04:00
Naz
838e94e535 Added email_only property in Posts Admin API v4
https://github.com/TryGhost/Team/issues/893

- The property is only added to Admin API v4 and is invisible in all Content APIs as well as v2/v3 Posts APIs
2021-08-05 19:44:35 +12:00
Naz
2fbc1af165 Added email disabling flag to settings records
refs https://github.com/TryGhost/Team/issues/912

- We need a place to persist the email freeze state between instance restarts - settings table record is the best place for it
2021-07-29 20:30:30 +12:00
Naz
ac3602cced Fixed empty response when import triggers a job
refs d60d348c88

- When the import triggers a background job the meta response should contain no data otherwise the client can mistake it for completed import
2021-07-23 21:14:06 +04:00
Hannah Wolfe
c29c118fcf
Moved labs utlity to shared
- This isn't really a "service" - it's a set of utilities for working with labs flags
- It's also required all over the place, and doesn't require anything that isn't shared
- Therefore, it should live in shared
2021-07-08 09:05:41 +01:00
Hannah Wolfe
8d38957bd7
Revert "Moved labs utlity to shared"
This reverts commit 782de52678.
2021-07-08 07:09:13 +01:00
Hannah Wolfe
782de52678
Moved labs utlity to shared
- This isn't really a "service" - it's a set of utilities for working with labs flags
- It's also required all over the place, and doesn't require anything that isn't shared
- Therefore, it should live in shared
2021-07-07 21:41:34 +01:00
Thibaut Patel
605b042a33 Update cache invalidation on several routes
issue https://github.com/TryGhost/Team/issues/859

- Added invalidation to PUT /authentication/setup
- Added invalidation to POST /db
- Added invalidation to DELETE /db
- Added invalidation to GET /slugs/:type/:name
- Removed invalidation from PUT /users/:id/token
2021-07-07 18:12:51 +02:00
Hannah Wolfe
f08a55c21f
Renamed tests to .test.js & updated commands
refs: https://github.com/TryGhost/Team/issues/856
refs: https://github.com/TryGhost/Team/issues/756

- The .test.js extension is better than _spec.js as it's more obvious that it's an extension
- It also meaans we can use the --extension parameter in mocha, which should result in a better default behaviour for `yarn test`
- It also highlights that some of our tests were named incorrectly and were not (and still will not be) run (see https://github.com/TryGhost/Team/issues/856)
- Note: even with this change, `yarn test` is throwing errors, I believe because of this issue https://github.com/TryGhost/Team/issues/756
2021-07-06 20:45:01 +01:00
Naz
2c1ae2e9af 🐛 Fixed a 500 error for incorrect fields parameter in API
refs 8a1fd1f57f
refs 5584430ddc

- The change to async/await in the original commit 558443 was causing problems in downstream dependencies (create-error package) where it was loosing a context of "this". It's not a direct dependency so I didn't go yak shaving into where exacly the context is lost.
- The fix to keep a correct context of "this" was sticking to an existing pattern using regular function returning promises. Once we need to redo them into async/await we can investigate if there's a way around create-error's context prolbem
2021-07-06 11:58:37 +04:00
Hannah Wolfe
7e6800b2b8
Improved dev tooling (#13118)
This commit achieves a few things:

- ☑️  No longer having to remember whether a command is yarn something or grunt something
- ☑️  Simplification of tools hopefully making them easier to remember and use 
- ☑️  Complete removal of the need for grunt from our test tooling

Several of the tools still use grunt under the hood, but the **entrypoint** should aways be `yarn xxx`.

- `grunt main` -> `yarn main`
- `grunt dev` -> `yarn dev`
- `grunt build` -> `yarn build`
- `grunt test:file-or-folder` -> `yarn test file-or-folder`
- `grunt test-unit` -> `yarn test:unit`
- `grunt test-acceptance` -> `yarn test:acceptance`
- `grunt test-regression` -> `yarn test:regression`
- `grunt validate` -> removed due to lack of use

There is now also `yarn test:all` to run all 3 classes of tests

This PR also reorders & restructures the Gruntfile extensively so that:

- The remaining useful commands are all at the top of the file
- Config and other blah happens after all the useful commands
- All release-only config happens in the release task at the very end of the file

---

DONE:

* Removed all references to npm/bower
* Removed all references to lint / deprecated command
* Moved debug to yarn dev:debug
* Removed all references to travis
* Removed broken help task + useless comment
* Removed unused knex-migrator and clean:test setup tasks
* Added new test commands, removed grunt validate
* Moved stubClientFiles to test utility and use in the few tests that need it
* Used mocha in yarn directly except grunt test:x
* Swapped grunt test for yarn test
* extensive cleanup and reshuffling
2021-07-05 20:02:22 +01:00
Daniel Lockyer
8a1fd1f57f
Revert "🐛 Fixed a 500 error for incorrect fields parameter in API"
- this reverts commit 5584430ddc until we
  can investigate why tests are failing
2021-07-05 17:36:44 +01:00
Naz
5584430ddc 🐛 Fixed a 500 error for incorrect fields parameter in API
closes https://github.com/TryGhost/Team/issues/817
refs 6d083ee00e/packages/bookshelf-pagination/lib/bookshelf-pagination.js (L256)

- The 500 error is not the best we can do in this situation and throwing a 400 just like we doo in a referenced commit would keep the convention
- The underlying problem of the bug is bigger - we allow the fields named the same way as relations to leak into the db query and that causes an incorrect SQL syntax. It's a bigger problem which would need a separate, holistic approach
2021-07-05 18:46:02 +04:00
Thibaut Patel
9c2cfb5d00 Added cache invalidation to the POST authentication/setup route
issue https://github.com/TryGhost/Team/issues/859
2021-07-05 16:01:25 +02:00
Hannah Wolfe
bd597db829
Moved settings/cache to shared/settings-cache
- This is part of the quest to separate the frontend and server & get rid of all the places where there are cross-requires
- At the moment the settings cache is one big shared cache used by the frontend and server liberally
- This change doesn't really solve the fundamental problems, as we still depend on events, and requires from inside frontend
- However it allows us to control the misuse slightly better by getting rid of restricted requires and turning on that eslint ruleset
2021-06-30 15:49:10 +01:00
Naz
d9ddc2db6a Added extra validation for some settings of array type
refs https://github.com/TryGhost/Team/issues/754
refs a7dec233ba

- Additional validation protects from problems like the ones in refed commit from even getting through to the database.
- At the moment only used notificatons and couple more settings to ensure they are arrays when passed into the API. This is to avoid making big change in settings straight away - this is a problematic area which needs cautious approach.
- Ideally in the future the list of settings to check the "array" type (and other types) should be automatically generated based on the default-settings.json (or whatever way we define settings in the db a that moment)
- There's an ugly code-tripplication going on in this change. This is a separate topic that will be addressed once we work on API cleanup.
2021-06-28 14:26:18 +04:00
Naz
23367ee0bb Added test checking notifications are not editable through API
refs https://github.com/TryGhost/Team/issues/754

- `notifications` settings are part of a "core" group and should not be editable through non-internal API calls
2021-06-28 11:59:38 +04:00
Thibaut Patel
f12f64e87b
🔒 Added a "reset all passwords" feature (#13005)
issue https://github.com/TryGhost/Team/issues/750

- Only accessible by admins
- Resets all staff users' passwords and prevents them to log-in
- Sends them a reset email password to give them back access to their account
- Closes all existing staff user sessions
2021-06-23 14:54:28 +02:00
Kevin Ansfield
446993a905
Added additional newsletter customisation settings (#13074)
refs https://github.com/TryGhost/Team/issues/793

New settings added for newsletter customisation options:

- `newsletter_header_image` - `null/"$url"`
- `newsletter_show_header_icon` - `"true/false"`
- `newsletter_show_header_title` - `"true/false"`
- `newsletter_title_alignment` - `"center/left"`
- `newsletter_title_font_category` - `"serif/sans_serif"`
- `newsletter_show_feature_image` - `"true/false"`

`newsletter_show_header` has been dropped because the same functionality can be achieved by setting both `newsletter_show_header_icon` and `newsletter_show_header_title` to `false`

---

- migration to convert and delete `newsletter_show_header` setting
- removed `newsletter_show_header` from default settings to ensure it doesn't get re-created
- replaced main labs template and template settings generation with the labs template
- deleted labs template
2021-06-21 13:40:40 +01:00
Rishabh Garg
8f104f67b1
Added new portal_products setting (#13055)
refs https://github.com/TryGhost/Team/issues/768

- `portal_products` stores list of products available in Portal
- adds new `portal_products` setting to default settings
- adds migration to populate `portal_products` with current product so its available by default
- update tests
2021-06-21 14:01:50 +05:30
Kevin Ansfield
1bc57b584a
Added posts_meta.feature_image_{alt,caption} columns (#13030)
refs https://github.com/TryGhost/Team/issues/770

We want post feature image functionality to better match what's available inside the editor, to do that we'll need somewhere to store alt and caption meta data. `posts_meta` chosen because even though we want to make this generic for other tables in the future those tables also have a `feature_image` (or closely related) field.

- updated schema with new columns
- added migration to create columns
- cleaned new columns from API output
  - not output on v2/v3
  - conditionally output on v4/canary output based on labs flag
- bumped `@tryghost/admin-api-schema` to allow new columns through in canary API requests
  - silently clean properties from input when labs flag is disabled
  - updated acceptance tests so they fail if `admin-api-schema` is not letting the new fields through
2021-06-10 20:35:56 +01:00
Kevin Ansfield
f49f7699aa
Enabled all labs flags when testing (#13036)
no issue

Shows impact of new code behind labs flags through the existing acceptance/regression tests. Allows for existing tests to be updated to match new behaviour rather than requiring separate tests where individual flags are enabled. Should result in minimal test updating once code reaches GA.

- adds a forced `'labs:enabled'` fixture op that edits the `labs` setting to enable all flags then restarts the settings service to pick up the new setting
- modifies labs service to not remove ALPHA_FEATURE labs settings when running in a testing environment
2021-06-10 12:54:34 +01:00
Naz
5f45f870a0 Fixed test for settings type
refs 485a50794e
refs 3f286e8eb4

- The changes to the test were pushed at the same time as there were new ones added (see reffed commits)
2021-06-07 20:36:29 +04:00
Naz
3f286e8eb4 Removed group/type mapping in v4/canary Settings API
refs https://github.com/TryGhost/Team/issues/757

- The "type" value in settings is meant to be representing the data type stored in the "value" field. It was an overlooked bug in v4 API adding a mapper to  group->type
2021-06-07 19:47:02 +04:00
Kevin Ansfield
485a50794e Added extra newsletter settings
refs https://github.com/TryGhost/Team/issues/755

Additional customisation settings for newsletter emails are being introduced. Defaults match the existing email design.

- adds new settings
  - `newsletter_header_image` - stores URL from image upload
  - `newsletter_show_header_icon` - boolean toggle, default `true`
  - `newsletter_show_header_title` - boolean toggle, default `true`
  - `newsletter_show_feature_image` - boolean toggle, default `true`
  - `newsletter_title_alignment` - "left" or "center" selection, default "center"
  - `newsletter_title_font_category` - "serif" or "sans_serif" selection, default "sans_serif" (matches body font category selection)
2021-06-07 16:31:50 +01:00
Naz
024fd27221 Added group values to settings test
refs https://github.com/TryGhost/Team/issues/757

- Groups are meant to represent the group to which the settings key belongs and have the same value as stored in the DB. This was an evolution of v2/v3 API's "type"
- Having a fixed value for groups in a test will make it easier to track the "type" change that is about to land
2021-06-07 18:32:42 +04:00
Naz
48d36b6a48 Disallowed aditing "labs" settings in v2/v3 APIs
refs https://github.com/TryGhost/Team/issues/757

- There is no usecase for editing "labs" settings outside of canary/v4 API versions. Removing support for older versions makes the supported API surface smaller (easy maintenance).
2021-06-08 02:18:17 +12:00
Naz
cd35358fdb Added labs setting input validation
refs https://github.com/TryGhost/Team/issues/757

- To safeguard from mise of a very permissing "object" value of the "labs" setting this change introduces an "allowlist" approach to filtering unrecognized labs flags
- Should allow maintainers to have a clear view of which labs flags are currently in use and manage them accordingly
2021-06-08 02:18:17 +12:00
Naz
8ab43b84d5 Enabled 'labs' to be accepted as a value in Settings API
refs https://github.com/TryGhost/Team/issues/757

- As labs has been added back to the settings table the APIs are reverting back to accepting it as a value
2021-06-08 02:18:17 +12:00
Fabien 'egg' O'Carroll
2a81d0a986
🐛 Fixed saving Members with Complimentary plans (#13008)
* 🐛 Fixed saving Members with Complimentary plans

refs https://github.com/TryGhost/Team/issues/758

Since 4.6 The Admin is using the comped flag again, rather than creating
subscriptions for zero-amount prices directly. With the `comped` flag
removed, the default state was for it to be falsy in the Admin, and when
saved would trigger the legacy comped flow, cancelling the subscription.

This reverts commit 57a176ff3d.
2021-06-03 18:28:14 +01:00
Hannah Wolfe
0f42bbeac3
Moved acceptance test utils into own file
- starting and stopping Ghost is part of our rather unloved acceptance test framework
- moving them into their own file to make the different pieces clearer and also to start to make improvements
- first improvement had to happen as an aside - exposing the existingData property via a function and making the API clearer
- this was a weird thing set on module.exports, very hidden and hard to follow
- Note: stopGhost is only used once in the regression/modles/model_posts_spec.js file to make the test run fast enough...
- These tests are effectively "DB integration" tests e.g. non-unit tests because they do use the DB, they need their own framework
2021-06-01 13:17:45 +01:00
Fabien O'Carroll
e106a1b137 Removed tests dependent on stripe mocking
no-issue

We no longer want to include skipped tests in the codebase. These tests
were added as placeholders until a point at which we were able to mock
Stripe.

We haven't got time during cleanup to mock Stripe so removing these
tests for now.
2021-05-24 11:26:45 +01:00
Naz
48d5d4c93d Refactored scheduling tests logic using async/await
refs https://github.com/TryGhost/Team/issues/694

- The previous `.then` chaining was outdated, while in this part of code did a tiny cleanup which should improve future maintenance slightly
2021-05-24 13:20:11 +04:00
Naz
ba50241fde Refactored scheduling tests setup using async/await
refs https://github.com/TryGhost/Team/issues/694

- The previous `.then` chaining was outdated and was causing 2x ghost instance initialization per test suite
- With a refactor there's only one intance initialization per suite (saves running time!) and we use more readable async/await syntax, which should make things more maintainable
2021-05-24 13:11:33 +04:00
Naz
46ef52cc7d Unskipped Schedules API tests
refs https://github.com/TryGhost/Team/issues/694

- The tests were skipped and were throwing an eslint warning, which soon will become an error.
- They were skipped initially as they used an outdated authorization mechanism. With migration to token based auth the tests are green again
2021-05-24 12:59:52 +04:00
Naz
7ea91df628 Fixed skipped test for fetching setting by group
no issue

- The test was skipped, which should not have been commited into the trunk in the first place. The checks were reworked to reflect the reality - the endpoint ignores the "group" qurey parameter
2021-05-24 11:39:14 +04:00
Fabien O'Carroll
1d36afbc41 Updated dynamic whitelist from schema to static array
no-issue

This protects our tests against changes to the database schema, which
helps us decouple the API from the database, and make tests less
brittle. It also forces us to manually update the tests if we do make a
change to the API!
2021-05-19 18:49:18 +01:00
Fabien O'Carroll
57a176ff3d Removed comped flag from canary Members Admin API
refs https://github.com/TryGhost/Team/issues/693

Since we no longer have a concept of "comped" we're removing the flag
from the unstable canary api.
2021-05-19 18:49:18 +01:00
Rishabh
a4c78dbf19 🐛 Fixed error on saving member with susbcriptions
closes https://github.com/TryGhost/Team/issues/699

With custom products, saving a member with subscriptions on member detail page in Admin throws errors on console, though the save is successful. This breaks the Admin as user needs to refresh the screen again to get rid of error. This change -

- updates the response on member save to return `price` object in subscription
- updates tests
2021-05-19 22:32:15 +05:30
Rishabh
4627d1c26a Added settings for monthly/yearly price ids
no refs

Since backend now allows multiple prices but we want the prices to be currently limited to monthly/yearly on UI, we need new settings to store the current monthly/yearly price by the site owner. These settings determine the active prices shown in Admin / Portal for the site till we allow all custom products/prices again.
2021-05-18 13:34:31 +05:30
Naz
d98f76b18c Refactored test utils "post" properties
refs 06dd9bac59
refs https://github.com/TryGhost/Team/issues/687

- This is a continuation of the work started in the refed commit. In short: allowlisting response checks wherever possible
2021-05-13 15:41:27 +04:00
Naz
eb7e4bb815 🐛 Fixed frontmatter-related validation error
refs https://github.com/TryGhost/Team/issues/687

- The frontmatter field has leaked into the API layer unintentionally when it was introduced into the DB schema during 4.0 release.
- The fix add the field to "trim" list in all API. A proper validation and handling will be add per API as usecase for the field becomes clear
2021-05-13 12:14:05 +04:00
Naz
06dd9bac59 Refactored post resource Admin API test utils
refs https://github.com/TryGhost/Team/issues/687

- The approach of generating validation properties using `/server/data/schema` package's tables object is prone to leaking unwanted database fields into API responses
- This refactor takes a tiny step into direction of relying on "allowlist" approach for properties in the API response resources.
- Apart from solving the described property leak problem it also moves toward decoupling tests from `/core/server` dependencies!
2021-05-12 18:15:54 +04:00
Kevin Ansfield
c36e749820
Added support for gating content by member labels and products (#12946)
refs https://github.com/TryGhost/Team/issues/581
closes https://github.com/TryGhost/Team/issues/582

Emails can now be sent to members with specific associated labels or products by specifying an NQL string. We want to bring the same members segment feature to content by allowing `visibility` to be an NQL filter string on top of the `public/members/paid` special-case strings.

As an example it's possible to set `posts.visibility` to `label:vip` to make a post available only to those members with the `vip` label.

- removed enum validations for `visibility` so it now accepts any string or `null`
    - bumped `@tryghost/admin-api-schema` for API-level validation changes
- added nql validation to API input validators by running the visibility query against the members model
- added transform of NQL to special-case visibility values when saving post model
    - ensures there's a single way of representing "members" and "paid" where NQL gives multiple ways of representing the same segment
    - useful for keeping theme-level checks such as `{{#has visibility="paid"}}` working as expected
- updated content-gating to parse nql from post's visibility and use it to query the currently logged in member to see if there's a match
    - bumped @tryghost/members-api to include label and product data when loading member
2021-05-10 19:32:11 +01:00
Fabien O'Carroll
b35f060bef Added settings for members 'free' price
refs https://github.com/TryGhost/Team/issues/637

The "free" price - when Members signup without using Stripe, should have
a name and description, so that it can be displayed in Portal in a
similar way to paid price's. As there is only ever one, and it is not a
fully fledged price, a setting makes more sense than a dedicated db
table.
2021-05-07 16:32:12 +01:00
Kevin Ansfield
322664a145
Added ability to send a newsletter to members with a certain label or product (#12932)
refs https://github.com/TryGhost/Team/issues/581
refs https://github.com/TryGhost/Team/issues/582

When publishing a post via the API it was possible to send it using `?email_recipient_filter=all/free/paid` which allowed you to send to members only based on their payment status which is quite limiting for some sites.

This PR updates the `?email_recipient_filter` query param to support Ghost's `?filter` param syntax which enables more specific recipient lists, eg:

`?email_recipient_filter=status:free` = free members only
`?email_recipient_filter=status:paid` = paid members only
`?email_recipient_filter=label:vip` = members that have the `vip` label attached
`?email_recipient_filter=status:paid,label:vip` = paid members and members that have the `vip` label attached

The older `free/paid` values are still supported by the API for backwards compatibility.

- updates `Post` and `Email` models to transform legacy `free` and `paid` values to their NQL equivalents on read/write
  - lets us not worry about supporting legacy values elsewhere in the code
  - cleanup migration to transform all rows slated for 5.0
- removes schema and API `isIn` validations for recipient filters so allow free-form filters
- updates posts API input serializers to transform `free` and `paid` values in the `?email_recipient_filter` param to their NQL equivalents for backwards compatibility
- updates Post API controllers `edit` methods to run a query using the supplied filter to verify that it's valid
- updates `mega` service to use the filter directly when selecting recipients
2021-05-07 11:56:41 +01:00