Commit Graph

786 Commits

Author SHA1 Message Date
Fabien "egg" O'Carroll
69aa52bd8e 🐛 Handled deleted Stripe objects in the Stripe Checkout flow
closes https://github.com/TryGhost/Team/issues/2222

Whilst we were checking for Stripe objects being active, we were not
checking for them existing in Stripe. This adds handling to all read
request to Stripe in the payment link flow, so that we can gracefully
handle deleted objects.

We've also included an automated test which fails without this fix.

We've also improved the query to find Stripe Prices which will result
in less request to the Stripe API to check if it is valid.
2022-11-08 16:03:07 +07:00
Ghost CI
5f9e354cae v5.22.8 2022-11-07 16:13:40 +00:00
Simon Backx
2a2f5cca50
🐛 Fixed source tracking using cached value (#15778)
refs https://ghost.slack.com/archives/C02G9E68C/p1667834794676479

- When enabling tracking, it could be the case that the server is ignoring the attributions because of the cached setting value.
- When disabling tracking, the frontend should take care of not
collecting new tracking information to the server, but still the backend value should be used as a fail-safe.
2022-11-07 16:55:17 +01:00
Simon Backx
3048c7e790 🐛 Fixed sending feedback on email only posts
fixes https://github.com/TryGhost/Team/issues/2220

`Post.findOne` is filtering by status 'published' by default. 'sent' isn't 'published' so we throw a 404 error when trying to send feedback to a 'sent' post.
2022-11-07 16:27:43 +01:00
Ghost CI
96aa0e6ba6 v5.22.7 2022-11-07 10:45:58 +00:00
Naz
6989d08b19
Fixed validation for Members API newsletters endpoint
refs https://github.com/TryGhost/Toolbox/issues/465
refs 31546a6fd3/packages/admin-api-schema/lib/schemas/members.json (L93-L103)

- Updated Members API newsletter validation to match the subset of Admin API's members validation schema.
2022-11-07 17:18:36 +07:00
Ghost CI
81566aca88 v5.22.6 2022-11-04 15:00:38 +00:00
Kevin Ansfield
6a573d4511
Added lexical post support to email renderer (#15767)
closes https://github.com/TryGhost/Team/issues/2207

- adds conditional to the post email serializer to switch between
`mobiledocLib` and `lexicalLib` depending on which format the post
contains
2022-11-04 11:19:40 +00:00
Daniel Lockyer
c32a013087
Merged v5.22.5 into main
v5.22.5
2022-11-04 13:05:33 +07:00
e.baidakova
207491fe3c 🎨 Add comma separation to all numbers in comments
closes TryGhost/Team#2210
2022-11-04 09:38:21 +04:00
Ghost CI
a06bc369bc v5.22.5 2022-11-04 04:55:45 +00:00
Fabien "egg" O'Carroll
5a1364e46d 🐛 Fixed importer importing invalid Tier pricing data
closes https://github.com/TryGhost/Team/issues/2211

We were allowing paid Tiers to be imported with non-integer prices which was
causing the Admin to be bricked when attempting to load them. This adds some
validation to the price data of Tiers.
2022-11-04 11:27:15 +07:00
Sam Lord
08250d44b4 Added "base pack" support for data generator script
refs: https://github.com/TryGhost/Toolbox/issues/453

This makes it so that a JSON bundle can be imported as well as the data generation script
2022-11-03 14:54:33 +00:00
Naz
aba255d276
Fixed typos 2022-11-03 16:35:20 +08:00
renovate[bot]
6c5553d059 Update dependency html-validate to v7.8.0 2022-11-03 10:46:36 +07:00
Naz
ac46c2f2e9
Fixed CORS vary header modification
refs https://github.com/TryGhost/Toolbox/issues/461

- The 'vary' header with 'Origin' value should only be set when an OPTIONS header is processed. Otherwise we are prone to leaking the vary header modification to further down in the request pipeline
2022-11-03 11:16:13 +08:00
Naz
9b2e36e4fb
Fixed CORS middleware unit test
refs https://github.com/TryGhost/Toolbox/issues/461

- The unit test was never using the "OPTIONS" request method, which did not actually trigger the full logic of the "cors" module used under the hood.
- Using the correct request method triggers all the right pathways and tests the state that's closer to the real world - for example the response does get "ended" instead of calling the "next" middleware.
2022-11-03 11:16:13 +08:00
Robin Cussol
0bccbcb083
Added e2e tests for page.deleted webhook (#15723)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-11-02 17:25:07 +00:00
Naz
a8ba8cc444
Added Vary value for CORS in Frontend
refs https://github.com/TryGhost/Toolbox/issues/461

- Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 17:23:47 +08:00
Naz
f581e33400
Added Vary value for CORS in Admin API
refs https://github.com/TryGhost/Toolbox/issues/461

- Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 17:23:47 +08:00
Naz
2f2aa36c75
Renamed options test suite cases
refs https://github.com/TryGhost/Toolbox/issues/461

- The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 17:23:22 +08:00
e.baidakova
81e6a7c5bd 🐛 Add ability to cache comments count endpoint
closes TryGhost/Team#2094
- Comment counts request was changed from `post` to `get` to enable request caching.
2022-11-02 10:54:12 +04:00
Naz
26b0bbc623 Added a test suite for OPTIONS requests
refs https://github.com/TryGhost/Toolbox/issues/461

- The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests.
- The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes"  (╯°□°)╯︵ ┻━┻
- On a serious note. I've introduced multiple hacks here that should be fixed:
1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite)
2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes.
- To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 13:43:30 +08:00
Naz
5fe80c82c5 Exposed Content API agent in e2e test utils
refs https://github.com/TryGhost/Toolbox/issues/461

- When testing OPTIONS requests there is a need to get all possible agents available in the system. The "getAgentsWithFrontend" serves exactly this purpose - create all possible agents while starting Ghost instance only once
- This is groundwork for OPTIONS request caching tests and improvements
2022-11-02 13:43:30 +08:00
Daniel Lockyer
ab678c3a90
Merged v5.22.4 into main
v5.22.4
2022-11-02 07:09:23 +07:00
Ghost CI
13c6204197 v5.22.4 2022-11-01 19:19:31 +00:00
Fabien 'egg' O'Carroll
1ff1b75a69
🐛 Fixed errors with Stripe Checkout (#15749)
refs https://github.com/TryGhost/Ghost/commit/1f300fb781f0

The full customer object was not being passed to the StripeAPI service
when it already exists, this was resulting in inconsistent behaviour when
sending the customerEmail param to the API, causing `invalid_email`
errors to be thrown from Stripe and breaking the checkout.
2022-11-02 02:18:30 +07:00
Hannah Wolfe
85c5a19f33
Merged v5.22.3 into main
v5.22.3
2022-11-01 17:29:16 +00:00
Ghost CI
7fda360799 v5.22.3 2022-11-01 17:12:38 +00:00
Fabien "egg" O'Carroll
ba41f308c7 🐛 Fixed upgrading to a paid plan
closes https://github.com/TryGhost/Team/issues/2196

We were incorrectly assuming that all requests would have the
`customerEmail` passed in the body. Instead we were incorrectly
passing `undefined` or `''` as the `customerEmail` property to stripe,
which resulted in a validation error.

We've updated the code to pass `null` in the case of a falsy value,
which the Stripe API handles without error.
2022-11-02 00:11:33 +07:00
Fabien "egg" O'Carroll
1f300fb781 🐛 Fixed checkout sessions when using Offers
closes https://github.com/TryGhost/Team/issues/2195

The issue here is two-fold, and specific to using Offers so was not
caught by any automated tests. First, we were incorrectly comparing
the tier.id to the offer.tier.id - this is because the Tier objects id
property is an instance of ObjectID rather than a string.

Secondly we were passing through the cadence parameter from the
request body, but when using Offers this is not including in the
request, so we must pull the data off of the Offer object instead and
pass that to the payments service.
2022-11-02 00:11:33 +07:00
Daniel Lockyer
498bec08cf
Merged v5.22.2 into main
v5.22.2
2022-11-01 18:24:58 +07:00
Ghost CI
3c71d07dfb v5.22.2 2022-11-01 09:28:14 +00:00
Fabien 'egg' O'Carroll
a0ebb9a6f3
🐛 Fixed Tier description not being set (#15741)
closes https://github.com/TryGhost/Ghost/issues/15740

The validation function for a Tier description was not returning the
validated value, which meant we were unable to set the Tier
description.
2022-11-01 16:25:55 +07:00
Daniel Lockyer
68689917e6
Merged v5.22.1 into main
v5.22.1
2022-11-01 06:11:24 +07:00
Robin Cussol
e7e12aba09
Added e2e tests for page.published.edited webhook (#15724)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-10-31 19:51:04 +00:00
Halldor Thorhallsson
79c80f28cc
Removed bluebird from api-framework module (#15685)
refs: https://github.com/TryGhost/Ghost/issues/14882

- Removing bluebird specific methods in favour of the Ghost sequence method so we can remove the bluebird dependency
2022-10-31 19:30:18 +00:00
Ghost CI
b2ad52fbf5 v5.22.1 2022-10-31 17:49:43 +00:00
Daniel Lockyer
92740e8967
Merged v5.22.0 into main
v5.22.0
2022-10-31 17:49:27 +07:00
Ghost CI
44722efe38 v5.22.0 2022-10-31 10:41:31 +00:00
Fabien "egg" O'Carroll
f878e84707 Fixed Tiers importer not correctly mapping price data
refs https://github.com/TryGhost/Toolbox/issues/464

Bceause the import does not use the API, any backwards compat code we put in the
API does not get run for imports, this means we need to update the importer to
map the stripe_prices data onto the products table so that we have valid data in
the database.
2022-10-31 17:30:16 +07:00
Daniel Lockyer
d59909941c Backfilled missing columns in products table
refs https://github.com/TryGhost/Toolbox/issues/464

- due to a bug with the content importer, importing a JSON file where
  the `products` do not contain price info will store null values in the
  table instead of the defaults
- this ends up causing further issues because we're not populating the
  table for paid products
- this commit is a copy of the 5.19 migration
  `2022-09-02-20-52-backfill-new-product-columns.js`, but adds a check
  for a null `t.currency`, which combined with the `t.type === paid`,
  should identify the rows we want to update
2022-10-31 16:36:57 +07:00
renovate[bot]
5d49ce269a Update dependency cssnano to v5.1.14 2022-10-31 09:50:23 +07:00
Hannah Wolfe
25d5839e96
Added shouldCompileToError test util
refs: a8b1676734

- Extended the newly created handlebars test utils with a shouldCompileToError method
- Updated the price helper tests tp use shouldCompileToExpected and shouldCompileToError
- This allows us to test our handlebars helpers in a much more conisstent way
2022-10-30 16:55:53 +00:00
Barno
a24eb06179
Replaced Promise.map() with .all() in importer (#15616)
refs: https://github.com/TryGhost/Ghost/issues/14882

- Removing bluebird specific methods in favour of the Ghost sequence method so we can remove the bluebird dependency

Co-authored-by: Carol-Barno <cbarno@innovexsolutions.co.ke>
2022-10-30 16:51:29 +00:00
leonyangela
7df2b7625f
Added e2e tests for page.tag.attached webhook (#15648)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-10-30 16:45:51 +00:00
Barno
3f0713fbc4
Replaced Promise.each() with .all() in models/relations/author (#15614)
refs: https://github.com/TryGhost/Ghost/issues/14882

- Removing bluebird specific methods in favour of the Ghost sequence method so we can remove the bluebird dependency

Co-authored-by: Carol-Barno <cbarno@innovexsolutions.co.ke>
2022-10-30 16:06:01 +00:00
Hannah Wolfe
a8b1676734
Refactored shouldCompileToExpected into shared util
no issue

- There are currently two patterns in our handlebars helper unit tests:
  1. Treating the helper as a function, and doing a function call
   - This is the original way the tests were done, and they're not great as they're approximating how the helpers are really used
  2. Using a template string, and rendering the string using a method called shouldCompileToExpected
   - These tests are more realistic and powerful and also easier to read

- The new method is only being used in a few places so far, and each place had re-created the `shouldCompileToExpected` method
- Therefore I've moved this method into a util that should make it easier to write unit tests for handlebars helpers
- I also renamed the method in the excerpt tests, because it doesn't do the same thing, it's just a wrapper around a function call rather than compiling a string

The aim is to refactor all of our handlebars helper tests to use `shouldCompileToExpected`
2022-10-30 15:26:29 +00:00
Vedant Bhamare
3f289edc26
Added e2e tests for page.tag.detached webhook (#15651)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-10-30 14:59:12 +00:00
Hannah Wolfe
5fe6687c2a
Skipped slow activity feed tests temporarily
- These tests are very slow, and make the build fail about 2/3 times
- Temporarily skipping until we can fix, as I want to get all our outstanding hacktoberfest PRs merged
2022-10-30 14:52:30 +00:00