Commit Graph

68 Commits

Author SHA1 Message Date
Daniel Lockyer
045e1ee33d Disabled got retries in testing environment
- by default, got retries failed requests, which is causing issues in
  tests because we've disabled the network with `nock`
- this is causing huge idle time because got pauses before retrying
- this change disables the retries if we're running tests, so things are
  more stable
2023-03-24 11:55:57 +01:00
Steve Larson
2d84b7d990
Upgraded got package from v9.6.0 to v11.8.6 (#16261)
Refs TryGhost/Team#2459
-upgraded got from v9.6.0 to v11.8.6 to support following redirects (and
other fixes)
-got v12+ requires ESM, so we do not want to upgrade further at this
time
-required changes to a few libraries that use externalRequests
-mention discovery service tests updated to test for follow redirects
2023-02-20 09:33:11 -06:00
Simon Backx
77032262c4
🐛 Fixed subscriptions visible as "Active" within Ghost Admin (#16255)
fixes https://github.com/TryGhost/Team/issues/2542 
fixes https://github.com/TryGhost/Team/issues/2543 
fixes https://github.com/TryGhost/Team/issues/2544

- Hides incomplete subscriptions
- Shows Past Due subscriptions
- Fixed UI issues with 3+ subscriptions
- Fixed missing complimentary subscription when one subscription was
incomplete/inactive
- Fixed sending a paid subscription started email for incomplete
subscriptions. This change also required us to actually send the email
when the incomplete subscription eventually becomes active. So the
introduction of a new `SubscriptionActivatedEvent` made sense/was
required (because sending a SubscriptionCreatedEvent again would cause
other issues).
2023-02-13 13:07:53 +01:00
Fabien 'egg' O'Carroll
8283de99c8
Wired up EmailSuppressionList to Members Admin API (#15848)
refs https://github.com/TryGhost/Team/issues/2268

The approach of using the service to lead email suppression data as
opposed to bookshelf relations allows us to wire things up without
having implemented the database. The getBulkSuppressionData allows us to
do this without much of a DB performance hit.
2022-11-18 16:28:13 +07:00
Rishabh Garg
e3600d70ef
Added referrer attribution from request context (#15499)
closes TryGhost/Team#2007

- uses request context to add referrer source and medium for a new member
- uses integration name as referrer medium if exists
2022-09-29 22:31:48 +05:30
Hakim Razalan
a440076a12
🐛 Fixed validation errors for duplicate members (#15362)
closes: #15292

- Remove banner error and show duplicate member validation error inline
- Add property: 'email' to member API validation error
2022-09-08 17:29:48 +01:00
Simon Backx
0943daad72
Added member attribution to member details page (#15266)
refs https://github.com/TryGhost/Team/issues/1817

Co-authored-by: James Morris <moreofmorris@users.noreply.github.com>
2022-08-19 16:39:18 -04:00
Naz
08b49a3475 Updated method signatures and added JSDocs
refs https://github.com/TryGhost/Team/issues/1674

- While preparing the changes had a look around and made small refactors to understand the codebase a little better. In general it's best to keep the method parameters as small and precise as possible instead of passing around a "bag-of-all-the-things" like "data" around
2022-07-15 03:12:35 +12:00
Simon Backx
14a7d1f00f Cleaned up multipleProducts and multipleNewsletters flags 2022-05-25 10:25:02 +02:00
Naz
9756094ae2 🐛 Fixed signing key mismatching in JWT/JWKS
refs https://github.com/TryGhost/Team/issues/1640
closes https://github.com/TryGhost/Members/pull/401/
refs https://forum.ghost.org/t/ghost-jwt-question-possible-bug/30210

- Without `keyid` parameter some of the clien libraries were not able to match the signin key to verify JWT
- Missing `keyid` parameter allows to indicate the key used to secure JWS (as per https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4) and resolves the automatic matching issue on the client.
- The `kid` parameter was left in claims to avoid accidental breaking changes.
2022-05-23 18:45:08 +08:00
Fabien "egg" O'Carroll
4bda71e464 Ignored last_seen_at in BREAD service
refs https://github.com/TryGhost/Members/commit/8a40d8e76

This is needed so that the API cannot edit this read only field.
2022-05-02 19:09:47 +01:00
Simon Backx
7fa442516c Updated member bread service to return member subscription offers from offer_id column (#392)
refs https://github.com/TryGhost/Team/issues/1520

- Instead of doing the matching of the offers and subscriptions by looking at the offer redemptions, we can now look at the offer_id from subscriptions.
- This also fixes an issue where we don't attach the offer object to subscriptions in the members' browse method
- Updated browse behaviour to match the read behaviour of members (product relation needs to get loaded because it is missing in member.products if the subscription is expired).

Tests in https://github.com/TryGhost/Ghost/pull/14515
2022-04-20 11:10:41 +02:00
Rishabh
ad226f85b3 Added newsletter data to member BREAD service
refs https://github.com/TryGhost/Team/issues/1469

With multiple newsletters, members can now have one or more newsletter subscriptions that is attached to them. This change updates the member BREAD service to handle attaching newsletter data to member, based on the newsletter flag.

- if newsletter flag is disabled, add/edit methods delete any newsletter data attached to member
- sets `newsletters` as a default relation for read/browse methods so a member always has newsletter data attached to them
2022-04-04 20:07:37 +05:30
Simon Backx
aaff165a21 Fixed 'labels is not defined on the model' error (#378)
no issue

- When a new member is added via the API, with a stripe_customer_id, the member bread service is passed also with a default option: `withRelated: ['labels']`.
- This option is passed along to the member repository, and further and is also passed when loading relations that don't have a relationship called 'labels'.
- This results in a `labels is not defined on the model` error when you try to create a new member with a stripe customer id.
- Test that found this issue will be added to the Ghost repo.
2022-03-31 16:15:53 +02:00
Kevin Ansfield
e8b8fef985 🐛 Fixed member responses not including complimentary subs when canceled subs exist
refs https://github.com/TryGhost/Team/issues/1141

- when a member had canceled subscriptions the check we have to match products to subscriptions to determine whether to insert the hardcoded complimentary subscription was incorrectly matching against the canceled subscriptions
- updated to match only active subscriptions
2022-03-18 10:47:24 +00:00
Thibaut Patel
a0001df1ad Added the product name property in member reads
refs https://github.com/TryGhost/Team/issues/1141

- The goal is to retrieve the product name for canceled subscriptions
- The property is located at `member.subscriptions.price.product.name`
- We can't easily get the full product as products are retrieved using a join through `members_products`, and there is only a `members_products` row when the subscription is active
2022-03-10 09:50:10 +01:00
Fabien "egg" O'Carroll
7b5c248541 Added tier property to subscriptions
refs https://github.com/TryGhost/Team/issues/1168

This allows Tiers to be read from subscriptions for the purposes or
redirecting to the welcome_page_url
2022-02-01 11:42:15 +02:00
Fabien "egg" O'Carroll
74225779a2 Moved webhook handling into Stripe service
no-issue

Handling Stripe webhooks is a Stripe concern and so we're moving it into
the Stripe module.
2022-01-18 10:37:47 +02:00
Sam Lord
7f6d3a3178 members-api: Switch from GhostError to ConflictError
no issue
2021-12-06 16:57:19 +00:00
Fabien egg O'Carroll
c99ebe589d Responded with 409 when we have DB conflicts
refs https://github.com/TryGhost/Team/issues/789

We are still having issues with duplicate subscriptions being inserted,
despite running our code in transactions. For now we will catch these
errors and response ot Stripe with a 409 so that it'll retry later - and
it stops us from throwing 500's
2021-12-01 20:44:21 +02:00
Rishabh
43642216c8 Cleaned up fix for 500 errors on invalid Stripe subscription webhooks
no refs

- moves up check for invalid subscription before making any DB requests to fail fast
2021-12-01 20:26:33 +05:30
Rishabh Garg
dec16bd27c 🐛 Fixed 500 webhook errors for subscription with multiple prices (#350)
closes https://github.com/TryGhost/Team/issues/1238

- previously returned 500 errors when a subscription had multiple prices due to external tampering on Stripe directly
- instead now returns 400 Bad Request error when subscriptions don't have right number of prices
2021-12-01 20:09:55 +05:30
Fabien egg O'Carroll
985fd5bb5e Simplified interface for sending paid signup emails
refs https://github.com/TryGhost/Team/issues/1067

This decouples the contents/type of email from the webhooks service,
allowing us to easily make changes to the type of email sent, without
having to make changes to the webhooks service.
2021-12-01 13:17:23 +02:00
Fabien egg O'Carroll
188423b1ed Removed Subscriptions without Prices from BREAD API
refs https://github.com/TryGhost/Team/issues/1243

It's possible to get into strange states where a subscription in Ghost
doesn't have an associated Price. This then has knock on effects because
we're dealing with data in an undefined state. Rather than add guards
against this throughout the entire stack, we stop returning it from the
BREAD API. It might be worth considering removing these subscriptions
from the response of the repository, but for now this is the most
minimal change that fixes the problem.
2021-12-01 10:45:50 +02:00
Fabien O'Carroll
635c2614a3 Fixed errors for non-subscription invoices
refs https://github.com/TryGhost/Team/issues/887

Our invoice webhook handling code assumed that every invoice would be
for a subscription, but that is not the case. There are valid use-cases
of using the same Stripe account in order to sell items with a one-off
purchase. Here we update the handling to ignore all invoices which are
not for subscriptions.
2021-11-02 15:34:02 +02:00
Fabien O'Carroll
68163863c2 Removed invoice.payment_failed webhook handling
refs https://github.com/TryGhost/Team/issues/885

This webhook isn't used and can cause issues when Checkout Sessions are
completed but with a failed payment. Removing it will remove those
errors.
2021-10-25 14:31:44 +02:00
Fabien O'Carroll
ed8a3ca27c Updated browse to not include products by default
no-issue

The Members API does not currently include 'products' by default when
browsing. This ensures the functionality is maintained.
2021-10-25 13:34:20 +02:00
Fabien O'Carroll
c154be4581 Included Offer information for Subscriptions
refs https://github.com/TryGhost/Team/issues/1135

We use the OffersAPI to fetch Offers, so that we can be using the same
format for Offers in all of our APIs.

We will not attach the Offer to the Subscription if either the Tier or
the Cadence do not match. This is because the Offer would no longer
apply to this Subscription.

We do however retain the data, so that a Member can still be filtered on
the Offers which they've redeemed.
2021-10-21 18:10:08 +02:00
Fabien O'Carroll
c58e83c9d7 Wired up OfferRedemption storage
refs https://github.com/TryGhost/Team/issues/1132

We have to include the Offer on the metadata for the Stripe Checkout -
as Offers with a duration of 'once' will not always be present on the
Subscription after fetching it.

Once we receive the Stripe Checkout webhook we emit an event for
subscription created - the reason we use an event is because this logic
should eventually live in a Payments/Stripe module - and we'd want to
decouple it from the Members module.

The Members module is in charge of writing Offer Redemptions - rather
than the Offers module - because Offer Redemptions are "owned" by a
Member - and merely reference and Offer. Eventually Offer Redemptions
could be replaced by Subscriptions.
2021-10-18 17:26:34 +02:00
Fabien 'egg' O'Carroll
528fd23874 Added ability to fetch member by identity token (#329)
refs https://github.com/TryGhost/Team/issues/1057

This method will validate a token, and then return the member associated
with it. Rather than exposing token validation and coupling consumers to
the structure of the token response data.
2021-09-17 11:25:57 +02:00
Fabien 'egg' O'Carroll
1f2750e5c0 Added browse, edit & add methods to MemberBREADService (#326)
refs https://github.com/TryGhost/Team/issues/873

This ensures that all requests to the API will include the mock
subscriptions for comped members. Allowing the Admin to correctly show
the subscription information after adding and editing members. As well
as having the correct information when navigating from the list of
members to an individual member.
2021-09-14 13:18:34 +02:00
Fabien O'Carroll
7a401e5253 Used @tryghost/stripe-service in @tryghost/members-api
no-issue

This finalises the extraction of the StripeAPIService to a separate
package!
2021-09-13 14:38:40 +02:00
Fabien O'Carroll
67d2104190 Deleted webhooks when disconnecting from Stripe
refs https://github.com/TryGhost/Team/issues/1006

When disconnecting from Stripe, we currently do not remove the webhooks,
this will result in the webhooks from Stripe failing, and tending toward
a 100% error rate, which will ultimately result in emails from Stripe
about the failing webhook.

In order to stop all of that from happening, we should make sure that we
actively remove the webhook from Stripe when disconnecting.
2021-09-07 18:02:35 +02:00
Fabien O'Carroll
ec8dbf2890 Added products as default relation when fetching members
no-issue

As subscriptions are a default relation, and we now require products to
populate subscriptions for comped members, we need to include products
by default when reading members.
2021-08-26 16:10:13 +02:00
Fabien O'Carroll
83d4b5f834 Handled missing data in read method bread service
refs https://github.com/TryGhost/Team/issues/873

The `get` method of the member repository will return null when no
member is found - we must ensure that we don't attempt to call toJSON!

It is also possible for a member to not have any products, in which case
we should not attempt to iterate over them, and we can return early.
2021-08-26 12:58:39 +02:00
Fabien O'Carroll
3a91687b08 Used current time for created_at for missing events
refs https://github.com/TryGhost/Team/issues/873

This is an unexpected state, but possible if the alpha version of tier
has been enabled previous to the events being added.
2021-08-26 11:52:53 +02:00
Fabien O'Carroll
86f5879432 Added dummy subscriptions for comped members
refs https://github.com/TryGhost/Team/issues/873

This adds a dummy subscription for each product that a member has
without an associated stripe subscription. It allows clients to deal
with things like a created date for comped members.
2021-08-25 21:26:04 +02:00
Fabien O'Carroll
c17442cf4b Added memberService to members-api
no-issue

The idea of this service is to sit infront of the repository and handle
application logic which does not belong at the data layer. The exact
naming and structure is TBC but this gives us a place to start pulling
logic out of the controllers, without having to mash it all into the
repository.

Also important to note is that is does not return instances of bookshelf
models, but a JSON representation of the model, this allows us to not
leak internal implementation to consumers.
2021-08-25 21:25:19 +02:00
Fabien O'Carroll
3e1084905e Removed usage of raw Error class
refs https://github.com/TryGhost/Team/issues/879
2021-07-14 14:17:38 +01:00
Fabien O'Carroll
d51fdc3f4a Moved code out of index.js in directories
refs https://github.com/TryGhost/Team/issues/879
2021-07-14 14:17:38 +01:00
Daniel Lockyer
21ec26ea08 Removed used of ghost-ignition dependency
no issue

- we're killing off `ghost-ignition` in favor of explicit packages
  containing its individual components
- this commit switches the Members repo to using the
  `@tryghost/ignition-errors` and `@tryghost/debug` dependencies,
  updates the code with relevant changes and removes the `ghost-ignition`
  dependency
2021-06-29 21:43:05 +01:00
Fabien O'Carroll
fd40e04105 Handled monthly and yearly prices in product repo
refs https://github.com/TryGhost/Team/issues/712

This allows prices to be created and assigned to a product as the
default monthly or yearly price.
2021-06-03 14:45:36 +01:00
Fabien O'Carroll
1b628a1637 Refactored Token Service to use async/await
refs https://github.com/TryGhost/Team/issues/657

- Removes the use of "plans" from token service - method wasn't used
- Updates to use async/await so the code is clearer
- Install types for the node-jose module
- Install types for the jsonwebtoken module
2021-05-20 15:18:46 +01:00
Fabien O'Carroll
10b40dfd16 Added comment for deprecation of plan_from_trial
refs https://github.com/TryGhost/Team/issues/657

We must still use the "plan" approach of creating Checkout Sessions so
that we are able to maintain our current functionality of setting the
free trial from the one associated with the Plan/Price used for the
Checkout Session.

In future we would handle free trials internally in Ghost and apply them
on a subscription-by-subscription basis.
2021-05-20 15:15:33 +01:00
Fabien O'Carroll
16b984e2f6 Fixed types for StripeAPIService
no-issue
2021-05-20 15:15:24 +01:00
Fabien O'Carroll
162722b9d3 Removed unused plan related code
refs https://github.com/TryGhost/Team/issues/657

This code is no longer used since we got rid of the StripePlans service
2021-05-20 15:14:24 +01:00
Fabien O'Carroll
26e2cb98e9 Removed environment checks from webhook service
refs https://github.com/TryGhost/Team/issues/598
refs https://github.com/TryGhost/Ghost/commit/5cdf910e

Since we have included these checks in the Ghost codebase we do not need
to run them here.
2021-05-20 12:11:43 +01:00
Fabien O'Carroll
d32e44c73b Mapped Stripe Product name to Product name
closes https://github.com/TryGhost/Team/issues/682

This ensures that the Stripe Product name is updated during the
migrations of an existing site and any future updates to the Product
name.
2021-05-10 19:21:41 +01:00
Fabien O'Carroll
15b535fd45 Removed unused stripe-plans service
no-issue

This module is no longer used!
2021-05-10 19:21:41 +01:00
Fabien O'Carroll
45d338730c Updated webhook service to work with multiple products
no-issue

Since we do not necessarily have a single stripe product anymore, we
should be checking if an invoice webhook is for a stripe product which
we know about. We use the Products repository to search our database for
one.
2021-05-10 19:21:41 +01:00