Commit Graph

9265 Commits

Author SHA1 Message Date
Naz
076ad99593 Removed 500 error during production boot \w a theme error
refs https://github.com/TryGhost/Team/issues/781
refs 813d288eb2#

- The 500 error was introduced through a refed commit long time ago when (probably?) there were no other safeguards preventing from serving content through a theme with errors. Since than we have multiple safeguards when aploading/activating the theme with errors and the default handling when such error occurs is more graceful - a 400 with specific error details is shown
- We need this change to land before bumping gscan that introduces more suphisticated error detaction in theme templates. Otherwise, people upgrading to new version and having an error on an unused template or somewhere undetected previously woul end up with a bricked site showing a generic 500 - not a great experience!
2021-07-02 14:31:45 +04:00
Thibaut Patel
3ca4cd99f1 Moved the gated email card feature behing an alpha flag
issue https://github.com/TryGhost/Team/issues/842
2021-07-02 12:15:03 +02:00
Naz
607623211a Corrected deprecation comment
no issue

- Ghost 4.0 didn't contain any breaking changes. Breaks like this one will be introduced in 5.0
2021-07-02 13:50:11 +04:00
Hannah Wolfe
84c2154cbe
Fixed missing renames getExcerpt -> generateExcerpt
refs: fbf0636936

- I renamed this pattern in a bunch of places, but missed a few, leaving the code messy and confusing
- This makes the naming consistent
2021-07-02 09:44:18 +01:00
Matt Hanley
4ac89c0176
Added webp image support (#13105)
refs https://github.com/TryGhost/Ghost/issues/9448
refs https://github.com/TryGhost/Ghost/issues/2591

Added API support for webp image files.
2021-07-02 09:37:54 +01:00
Rishabh
86fbb14033 Added subscription price data for logged-in member
no refs

- adds `price` data on subscription from related `stripe_price` on updating a member via frontend
- removes inconsistency between `GET` and `PUT` data for logged in member on a site
2021-07-01 23:30:14 +05:30
Naz
380c0dad2c Fixed email batch partitioning when only one card used
refs https://github.com/TryGhost/Team/issues/828

- Previous method had a bug where it didn't take into account cases when onlya single card with a segment filter has been used leaving the members not covered by that filter without an email
2021-07-01 20:58:24 +04:00
Naz
986a7526f5 Added member partitioner based on segment
refs https://github.com/TryGhost/Team/issues/828

- Before sending out batches with members we need to partition all members based on the segment they belong to. Special segment "unsegmented" is used in case none of the segments used in the emal cards cover part of the members set (for example only free members card used when emailing all members)
2021-07-01 20:58:24 +04:00
Kevin Ansfield
1b0aa0abd8
Fixed feature_image_caption needing triple-curlies in themes (#13107)
refs https://github.com/TryGhost/Team/issues/845
refs 517d2abc5c

- updated router response formatting functions and `{{#get}}` helper response handling to make any `feature_image_caption` properties in the response a `SafeString` instance so triple-curlies are not needed when using the property in themes
2021-07-01 17:55:44 +01:00
Thibaut Patel
2d95c1b8d7 Reverted a bad change from a previous commit
commit b94c8bcfd4
2021-07-01 16:39:36 +02:00
Hannah Wolfe
6f1a3e1774
Removed usages of new Error & i18n in legacy code
- cleaning up a handful of usages of i18n and new Error in some really old codepaths
- pushing our new patterns forward wherever we can
2021-07-01 12:53:06 +01:00
Thibaut Patel
b94c8bcfd4 Render an email correctly according to the associated member segment
issue https://github.com/TryGhost/Team/issues/829
2021-07-01 13:36:42 +02:00
Hannah Wolfe
af4bfb8862
Changed meta filenames to correct casing
- purely for cleanliness!
- we use kebabcase by default
- tests should be kebab-case-file_spec.js (one day we want this to be .test.js)
2021-07-01 12:30:25 +01:00
Hannah Wolfe
1785611db9
Refactored meta index
- The main aim here is to end up with a simple and clear public API for the meta module
- Secondarily, we want to make it a bit clearer which bits don't really belong here so we can see what to do with them
- To achieve this, the main logic has been moved into get-meta (although there's still some logic here which needs moving further)
- The index.js now has a small clear public API, and the proxy, which is the only way this is consumed, is able to use the public API directly
2021-07-01 11:58:40 +01:00
Hannah Wolfe
9fbc0b7f2b
Moved post excerpt logic to an excerpt file
- This is content negotiation logic and shouldn't be inline
- TODO: this needs tests
2021-07-01 11:47:30 +01:00
Hannah Wolfe
fbf0636936
Renamed meta/excerpt meta/generate-excerpt
- This function is quite different to the others, as it generates an excerpt from HTML (truncating)
- Most functions in the meta data folder just contain content negotiation logic, like if post then feature_image else cover_image type things
- This function is more like a library and shouldn't live in Ghost, it should probably be in @tryghost/helpers
- It's definitely something we'd love to rewrite to work better tooooo
2021-07-01 11:47:29 +01:00
Kevin Ansfield
29af4b93a0 Fixed linter errors
refs 517d2abc5c

- forgot to remove now-unused labs requires
2021-07-01 10:59:40 +01:00
Kevin Ansfield
517d2abc5c Added feature_image_{alt/caption} to the v4 posts API
refs https://github.com/TryGhost/Team/issues/839

It's now possible to set alt and caption for post feature images using `feature_image_alt` and `feature_image_caption` fields on a post resource.

- `feature_image_alt` - plain text, limited to 191 chars (alt text is not recommended to be longer than 125 chars, screen readers may cut the description off at that point)
- `feature_image_caption` - basic HTML, limited to 65535 chars

Alt and caption will be automatically used inside of newsletter content, for your website content make sure your theme is updated to use the v4 API and make use of the new properties.

---

- removed `featureImageMeta` labs flag
2021-07-01 10:53:55 +01:00
Hannah Wolfe
ac07703f17
Changed app/loader to use @tryghost/errors
- getting rid of instances of new Error as we should always use @tryghost/errors
- Whilst here, got rid of i18n but discovered the messages were missing!
- This is my fault, they disappeared when I removed external apps and clearly removed too much: 8c1a0b8d0c (diff-0f5cc40aa8906a1be1bad2002a35361bbf9e766e46b3b29be10f4f479265426a)
- Therefore, I have restored these messages in the places where they were used, except amp_content, where I have written a new message, as the message that was there was not relevant
2021-06-30 16:05:54 +01:00
Hannah Wolfe
bd597db829
Moved settings/cache to shared/settings-cache
- This is part of the quest to separate the frontend and server & get rid of all the places where there are cross-requires
- At the moment the settings cache is one big shared cache used by the frontend and server liberally
- This change doesn't really solve the fundamental problems, as we still depend on events, and requires from inside frontend
- However it allows us to control the misuse slightly better by getting rid of restricted requires and turning on that eslint ruleset
2021-06-30 15:49:10 +01:00
Hannah Wolfe
3ea6df819c
Refactored SettingsCache to get events through DI
- requiring lib/common/events makes the settings cache tightly coupled to the server
- moving this up to settings index means the cache itself can be moved to a shared component/moved out of Ghost
- the index then becomes the settings manager
- questionable whether the event listeners & updater part of this shouldn't be part of a manager, independent of the actual cache 🤔
2021-06-30 15:40:41 +01:00
Naz
d33baf9ba4 Added member_segment persistance to email_batches
refs https://github.com/TryGhost/Team/issues/828

- We need a way to recreate a filter that was used to create an email content for specific email_recipient. By saving member_segment value for each email_batch we can traverse back to the filter that was applied during email creation.
2021-06-30 18:32:31 +04:00
Hannah Wolfe
0b333765d4
Refactored shutdown and reset for settings
- shutdown removed listeners, which should really be done before adding them anyway!
- reset sets the cache back to an empty object, which was already done by init
- merge these into one reset function that fully resets the cache
- all instances of shutdown were called before an init call, and now called during init, therefore these can be removed
- acceptance utils had an instance of calling shutdown and reset together as part of stopping Ghost, reworked that to be clearer
2021-06-30 15:18:15 +01:00
Naz
a62ab18b9f Added segmeted email batch creation
refs https://github.com/TryGhost/Team/issues/828

- When sending email batches out they need to be created without mixing different member segments. This allows for easier reasoning about what data has been sent out to each specific email recipient
- Modified email batches to chunk based on segments defined in the HTML content of the post
2021-06-30 17:43:28 +04:00
Naz
bb8cf6001e Added unique filtering for segment parser
refs https://github.com/TryGhost/Team/issues/828

- When detecting email segments and later creating a member filter out of this data we only care about unique segments otherwise we'd be creating multiple batches with the same segment filter
2021-06-30 17:43:28 +04:00
Naz
e04af28efe Added segment parser logic
refs https://github.com/TryGhost/Team/issues/828

- This is experimental segment extraction logic, more to follow. Alllows to extract arrays of email segments used in the email's HTML content
2021-06-30 17:43:28 +04:00
Thibaut Patel
a792b92e94 Added member segment to email batches
issue https://github.com/TryGhost/Team/issues/826
2021-06-30 14:56:20 +02:00
Hannah Wolfe
b33b837c39
Removed unused reinit function
refs: https://github.com/TryGhost/Ghost/pull/11987
refs: 7e28802b1c
refs: 0b79abf5b2
refs: https://github.com/TryGhost/Ghost/issues/12003

- renit was added in https://github.com/TryGhost/Ghost/pull/11987
- it was then refactored out in 7e28802b1c (I think inadvertently)
- but we no longer call settings.init() before the DB is ready with the new boot proces 0b79abf5b2s
- original bugs, such as https://github.com/TryGhost/Ghost/issues/12003 could have regressed as a result of this being removed, but it is hard to reproduce
- by not initising settings before migrations, we reduce the complexity of needing to reinit them
- this commit actually just removes dead code, but I've left all the context I've found today here in this message so that it can be easily reconstructed if needed
2021-06-30 12:44:32 +01:00
Hannah Wolfe
e410e16a5b
Refactored routing to be passed routes config
- At the moment the bootstrap.start method asks the settings service for its settings
- This couples the routing and settings services together - when maybe we want to use a different method to generate settings
- By passing the settings to the routing service at the right time, we open up possibilities for refactoring
2021-06-30 12:28:33 +01:00
Hannah Wolfe
441b12d62c
Fixed route settings ref in api v3
refs: 8612f3aaeb

- this change was missing a git commit --amend 🙈
- note to self: our acceptance tests all use the v3 API...
2021-06-30 11:49:32 +01:00
Hannah Wolfe
8612f3aaeb
Moved route settings to new server service
- The main goal here is getting this settings related code out of the routing service as it really doesn't belong there
- This settings file is used purely by the API to get and set files - its not really anything to do with actual routing
- This file calls out to the bridge to do a reload, which helps decouple slightly
- More refactoring is needed to get rid of the urlService dependency
- Note this file is really similar to the redirects one, it would be good to merge them
2021-06-30 10:58:33 +01:00
Naz
32a09dc9c6 Updated createEmailBatches JSDoc
refs https://github.com/TryGhost/Team/issues/828

- Updated to follow latest code standards
2021-06-30 13:56:35 +04:00
Hannah Wolfe
ed46f31c71
Revert "Moved route settings to server"
This reverts commit 3c36af63cf.
2021-06-30 10:52:19 +01:00
Hannah Wolfe
4ef2ae4436
Revert "Refactored routing to be passed routes config"
This reverts commit 8d754a592e.
2021-06-30 10:52:11 +01:00
Rishabh
d196d9b525 Added benefits to product data in portal settings
refs https://github.com/TryGhost/Team/issues/838

- adds benefits data to product for portal UI
2021-06-30 14:51:42 +05:30
Hannah Wolfe
8d754a592e
Refactored routing to be passed routes config
- At the moment the bootstrap.start method asks the settings service for its settings
- This couples the routing and settings services together - when maybe we want to use a different method to generate settings
- By passing the settings to the routing service at the right time, we open up possibilities for refactoring
2021-06-30 09:43:54 +01:00
Hannah Wolfe
3c36af63cf
Moved route settings to server 2021-06-30 09:31:15 +01:00
Hannah Wolfe
c909a6caa1
Refactored route settings file
- broken down large function into smaller functions to reduce repeated code
- try to make this and the redirects equivalent look similar
- this code is the getter and setter for the API
- TODO: I think this can be further refactored into a settings file class
2021-06-30 09:18:00 +01:00
Hannah Wolfe
2c729e99f9
Added reload frontend wrapper to bridge
- Allows for slight decoupling of API and frontend with route settings being updated
- Activate theme now calls the same codepath to reload the frontend
- Yet another step on the path to make it possible to init/reload/run the frontend independently from the server
2021-06-29 18:45:03 +01:00
Daniel Lockyer
81cde2bbf9 v4.8.4
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNtS/AAKCRDSEYbwtHKV
 rWB9AP4oax10sV0tyQ5tUEHjKjEFme09Fnen0+YqBDipNE4gIgEAjNeuw+kggf/B
 cu5TdAiP3nHOyzaEIt0S28M6m9nnaAI=
 =Q+xD
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNtTfwAKCRDSEYbwtHKV
 rbn0AQDMtjID6NQk0zjQkjpNbOBf/BGbZWy4kC0+DAdo8AoAEwEAiZmbKAeRT3gv
 fxpSUKTVQHwdXTiJlvcHue0p9xyLKQ8=
 =VSw3
 -----END PGP SIGNATURE-----

Merged v4.8.4 into main

v4.8.4
2021-06-29 18:08:08 +01:00
Daniel Lockyer
6116036d46
Updated Ghost-Admin to v4.8.4 2021-06-29 18:06:03 +01:00
Rishabh
ae70b2b5ce Refined multiple product flows in Portal
no refs

- updates UI flows for signup/upgrade/change plan in Portal to be more consistent
- adds specific flag handling for multiple products feature
2021-06-29 21:50:08 +05:30
Fabien O'Carroll
a6592566bb Added support for benefits to Admin Products API
refs https://github.com/TryGhost/Team/issues/806
2021-06-29 16:53:15 +01:00
Fabien O'Carroll
c57e612286 Added benefits relation to Product model
refs https://github.com/TryGhost/Team/issues/806

This relation sets up the ability to both read and write relations via
the Product model, allowing us to expose benefits via the Admin Product
API.
2021-06-29 16:53:15 +01:00
Fabien O'Carroll
cbac3d1eb0 Added Benefit model
refs https://github.com/TryGhost/Team/issues/806

This is the model to represent the Benefit resource stored in the
`benefits` table. The `onSaving` method has been copied from the Tag
model and ensures that we have a unique slug.
2021-06-29 16:53:15 +01:00
Daniel Lockyer
1ff4f6ce7d
Added guards against parentPort being null
fixes https://github.com/TryGhost/Team/issues/834

- see referenced issue for context
- there are times when `parentPort` can be null and the job crashes
  because `parentPort.postMessage` won't work
- this commit adds guards around `parentPort`, or moves code inside
  existing guards, to protect against this
2021-06-29 12:14:48 +01:00
Naz
7e9c182dc5 Added protective code to update-check job
refs https://github.com/TryGhost/Ghost/pull/13091

- When the job is run under Node v14 with SQLite DB the parentPort is `null` in some of the environments. The guarding code protects from the job crashing in such situation.
- The most probable cause is running btrheds with `BTHREADS_BACKEND = 'child_process';` configuration for SQLite. Should be fixed once https://github.com/mapbox/node-sqlite3/issues/1386 is properly resolved
2021-06-29 14:02:16 +04:00
Naz
c6c720634c Removed unused email analytics job
no issue

- The 'fetch-all' job was only used during development and has never been useful since. It's a dead code x_x
2021-06-29 13:47:55 +04:00
Hannah Wolfe
77996d1ee4
Moved vhost arg logic out of the parent app
- Makes the logic for determining the admin and frontend vhost args independent and easier to test
- Moved the tests to specifically test the vhost utils & removed proxyquire as a dependency
- We want to breakdown the current parent app into the existing core/app.js and boot code, allowing us to decouple the backend and frontend further
- This is all part of the refactoring to separate server and frontend completely
2021-06-28 19:38:42 +01:00
Hannah Wolfe
fcce649600
🔥 Removed netjet support
refs: https://github.com/cloudflare/netjet/issues/46

- HTTP2/Push never made it, this module is therefore defunct
2021-06-28 16:13:46 +01:00
Daniel Lockyer
1fc56ff1e8
🐛 Fixed validation on theme install API parameters
fixes https://github.com/TryGhost/Team/issues/818

- validation on query parameters should be wrapped in `options` within
  `validation`
- this is missing from the theme install API endpoint so we don't force
  the parameters to be passed in
- Ghost throws a 500 if `ref` is not supplied because following code
  assumes we've checked the existence
- this commit wraps the two query parameter validation statements in
  an `options` object to ensure they exist - Ghost returns a 422 if
  missing
2021-06-28 14:03:28 +01:00
Naz
58b3c47781 Fixed broken notifications/setting acceptance tests
refs d9ddc2db6a
refs https://github.com/TryGhost/Team/issues/754

- The tests were written with falsy assumptions and validation added in refed commit have uncovered it!
-  A secondary issue touched here is additional JSON object serialization that is used in the  "input serializer" -d9ddc2db6a/core/server/api/v2/utils/serializers/input/settings.js (L107-L110)
- The additional stringification should not be there at all. It covers for a mistaken internal use of Settings API where raw objects are passed around instead of serialized JSON Objects (see commets left with this changeset for details)
2021-06-28 16:48:00 +04:00
Naz
d9ddc2db6a Added extra validation for some settings of array type
refs https://github.com/TryGhost/Team/issues/754
refs a7dec233ba

- Additional validation protects from problems like the ones in refed commit from even getting through to the database.
- At the moment only used notificatons and couple more settings to ensure they are arrays when passed into the API. This is to avoid making big change in settings straight away - this is a problematic area which needs cautious approach.
- Ideally in the future the list of settings to check the "array" type (and other types) should be automatically generated based on the default-settings.json (or whatever way we define settings in the db a that moment)
- There's an ugly code-tripplication going on in this change. This is a separate topic that will be addressed once we work on API cleanup.
2021-06-28 14:26:18 +04:00
Hannah Wolfe
d9e8d9c148
Switched to using config-url-utils in boot.js
- config now exposes a few helpful methods: getSubdir, getSiteUrl, and getAdminUrl
- we can use these directly, instead of needing url-utils
- switching this inside of the boot process allows us to move the loading of url-utils into `initCore` which happens after the server has started and the database is ready
- this moves 100ms of loading time to later in the process
- also simplifies the initial loading
2021-06-28 10:50:41 +01:00
Hannah Wolfe
081d3b3a38
Cleaned comments in boot.js
- Cleaned up some of the comments
- Added proper method signatures where appropriate
- Split initDynamicRouting out from initServices, to make that clearer to read
2021-06-28 10:43:56 +01:00
Hannah Wolfe
218df4b5a4
Removed i18n.js from the bridge
- part of our work to deprecate our broken i18n implementation
2021-06-28 09:51:39 +01:00
Naz
3f2327c4d1 🐛 Fixed update notification showing after upgrade
refs https://github.com/TryGhost/Team/issues/754
refs https://github.com/TryGhost/Team/issues/204
refs https://forum.ghost.org/t/critical-security-notification-keeps-displaying-even-after-updating-to-the-latest-version/23673

- After Ghost instance upgrade higher than v4.3.3 the security notification should not be shown any more, as the instance is now patched and fixes the issue.
- There was no way to derive the targetted Ghost version of the notification message so had to include matching based on other unique id of the message.
- Future improvements to update check/notifications should take this inconvenience into account (e.g. introduce a special field in notifications that tracks targetted Ghost instance version)
2021-06-28 11:25:04 +04:00
Naz
c328ab781b Fixed broken boot sequence
refs 0d0e09f173
refs https://github.com/TryGhost/Team/issues/754

- As per comment on the top of boot.js:

// IMPORTANT: The only global requires here should be overrides + debug so we can monitor timings with DEBUG=ghost:boot* node ghost

- Referenced change broke the rule above and would have caused all sorts of boot problems.
2021-06-28 10:02:51 +04:00
Fabien O'Carroll
b894b2a913 Added products_benefits table
refs https://github.com/TryGhost/Team/issues/804

The associative table is used to implement the many-to-many relationship
between Products and Benefits. The `sort_order` column is needed because
a product's benefits should be orderable by an admin.
2021-06-24 17:21:01 +01:00
Fabien O'Carroll
65b2e8a0a5 Added benefits table
refs https://github.com/TryGhost/Team/issues/804

Benefits are tag-like resources which will be associated with Products.
The first iteration just requires a name for the benefit, which will be
stored as plaintext.
2021-06-24 17:21:01 +01:00
Daniel Lockyer
53b7eb227b v4.8.3
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNSBfAAKCRDSEYbwtHKV
 rdNyAP9sT2e/01PE1p8l0PoTbq6nOL08BIA8ZKDiX/tFDeJ7owD9EikupgI6snND
 VrvRyA3AIZf3+hooAfjxIogX7NhUrQU=
 =Aqm+
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNSCAwAKCRDSEYbwtHKV
 rWOLAQDCheD486UqjssUUaEAjNxjoSzwvqnHSpnfRJB809eOmAEAv0UzVYM+vcJ6
 7vJdRXK2ke/dIc50n0mgRR8ktue6XAs=
 =TQTw
 -----END PGP SIGNATURE-----

Merged v4.8.3 into main

v4.8.3
2021-06-24 14:00:41 +01:00
Daniel Lockyer
3729dbf17c
Updated Ghost-Admin to v4.8.3 2021-06-24 13:58:36 +01:00
Daniel Lockyer
f2ab12bb91
🐛 Fixed incorrect data returned when using API fields
refs 188de00489

- this fix was incorrect - the function should have been on the
  prototype but I'd moved it over incorrectly into the static class functions
- this commit moves `defaultColumnsToFetch` to the prototype functions
  and reverts the referenced commit back to `this.prototype` as expected
- this wasn't including the custom columns from the `post` model, which
  was causing tests to fail
- pro tip: run tests!
2021-06-24 13:47:15 +01:00
Naz
07f7a7a158 Added JSDoc to notifications service's destroy
refs https://github.com/TryGhost/Team/issues/754

- Extra type intellisense is good!
2021-06-24 16:34:29 +04:00
Naz
b5fb439ae7 🐛 Fixed version update indicator on about page
refs https://github.com/TryGhost/Team/issues/754
closes https://github.com/TryGhost/Ghost/issues/13088
refs a7dec233ba

- The corrupted data recovery mechanism for notifications is needed to be able to fix the data stored in `settings` table under `notifications` key. There was no validation in place, which has caused some instances to store data in unreadable/writable state
- The recovery mechanism is in place to avoid adding migrations every time we spot a broken notifications data (will be fixed by validation soon).
- The notification data is also NOT critical but valuable for system functioning properly, that's the reason why the data "healing" happens in less secure  "fire-and-forget" way
- The referenced commit is where the "bigger" problem that was causing the data corruption was at. This change is a "cleanup" after what has happened there - storing Ghost error object in `value` for `notifications` key
2021-06-24 16:33:01 +04:00
Daniel Lockyer
e389a6d991 v4.8.2
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNR3tAAKCRDSEYbwtHKV
 rXcMAQDQd7EcEmIx3sHlA5wjMz9SMZaybaOqLMzgCdUft2KOagD/dFtZBYpK4DLB
 Kr42XrNMVvORHNPso5lL35s9KNbTlwM=
 =OqBv
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNR4ygAKCRDSEYbwtHKV
 rXtsAQDNUqm3qK0b8/hET9h7cIG5J5RpAo0WYJWxv01DwcTscAEAjlfK3vgUo3wD
 uHeeXH+DXOIhAqSxsXoJr7X+N/s+WQw=
 =BJTH
 -----END PGP SIGNATURE-----

Merged v4.8.2 into main

v4.8.2
2021-06-24 13:21:23 +01:00
Daniel Lockyer
1c1f41d0e2
Updated Ghost-Admin to v4.8.2 2021-06-24 13:16:52 +01:00
Daniel Lockyer
188de00489
🐛 Fixed error when using API to search for tags
refs a457631a20

- `defaultColumnsToFetch` was moved to the CRUD plugin in the referenced
  commit, which makes it a function on `this` instead of `this.prototype`
- this means the function doesn't exist and Admin throws an error when
  you start typing in the search bar because the API 500s
- this commit switches it to `this.defaultColumnsToFetch()`
2021-06-24 13:08:05 +01:00
Daniel Lockyer
ac8029680c v4.8.1
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNRcHQAKCRDSEYbwtHKV
 rQJeAP9ufmgIztn1oj8kF7tZMZk4xaVCakqIgyQBlPvFKc+aawD8Dv44mmZ4Ntar
 7FQ52i07TCwk/b8lCUwxD4maYBuZNAE=
 =fgVN
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYNRciwAKCRDSEYbwtHKV
 rRatAQCJ27vyVeGYlnXVWF0XSgj3+QEwl2eEgh4GoVp4BPzHAwD/WrGvKRvddDtA
 kiqv93vRTda3GV1R4FGYVl34MwbGFAA=
 =+Yci
 -----END PGP SIGNATURE-----

Merged v4.8.1 into main

v4.8.1
2021-06-24 11:20:53 +01:00
Daniel Lockyer
a91a790d0d
Updated Ghost-Admin to v4.8.1 2021-06-24 11:19:09 +01:00
Daniel Lockyer
ce68b2e4a9
Reverted destroy function of CRUD plugin to chained promises
refs https://github.com/TryGhost/Team/issues/808

- see referenced issue for context, but turning this function into
  async-await seems to have broken error handling when deleting things
  that don't exist
- i'm really not sure why - but my running theory is that it's something
  to do with Bluebird Promises vs native Promises
- this should keep the same functionality until I can investigate what
  is going on
2021-06-24 10:17:40 +01:00
Daniel Lockyer
323074f106
🐛 Fixed error when deleting non-existent snippet
fixes https://github.com/TryGhost/Team/issues/809

- Bookshelf won't throw a `NotFoundError` unless `require=true` in the
  options
- this is present in most other API endpoints, so it's just simply
  missing from the snippet one
- without this, Ghost will crash with a 500 saying `Cannot read property
  'destroy' of null`
- this commit adds `require=true` to the destroy options for both the canary +
  v3 endpoints
2021-06-24 09:58:35 +01:00
Matthew Schmoyer
7bac21d591
🐛 Fix test email member uuid (#12809)
refs: #12808

- we need to use the uuid, not the id, so that e.g. unsubscribe urls are set correctly
- this is only for test emails, but it's still important to be able to test things fully!
2021-06-24 09:42:15 +01:00
Thibaut Patel
dc91eabe3c Moved the "Reset all passwords" permission migration to Ghost 4.9
commit f12f64e87b
2021-06-23 17:08:44 +02:00
Naz
42e11ca859 Fixed update check logging when run within a job
refs https://github.com/TryGhost/Team/issues/754

- The logging wasn't working for the update check when run from the scheduled job. Fixed package method signature to allow for "logging" parameter. The sideeffect of this change was such that we need to instantiate a new instance of the UpdateCheckService on every method call to differentiate the call from within the code (controller) or from the job level
- Also added an await before returning the check method call as it didn't execute properly on the job level - the `await` wasn't waiting for the update check to actually do it's job!
2021-06-23 18:38:05 +04:00
Hannah Wolfe
c12edf4bbd
Removed unnecessary return with typo
refs: https://github.com/TryGhost/Ghost/pull/12735

- this property doesn't exist - it should be this.resourcesConfig
- but we don't use the return value, so simply removed it
2021-06-23 14:20:00 +01:00
Thibaut Patel
f12f64e87b
🔒 Added a "reset all passwords" feature (#13005)
issue https://github.com/TryGhost/Team/issues/750

- Only accessible by admins
- Resets all staff users' passwords and prevents them to log-in
- Sends them a reset email password to give them back access to their account
- Closes all existing staff user sessions
2021-06-23 14:54:28 +02:00
Fabien O'Carroll
c46542532d Added support for importing products column
refs https://github.com/TryGhost/Team/issues/765

This supercedes the `complimentary_plan` flag, as it is more precise
because it determines _which_ product(s) a member has access to. Because
of this, if the `products` column is present the `complimentary_plan`
column is not used.
2021-06-23 13:53:34 +01:00
Fabien O'Carroll
1de88f7397 Included products when exporting member csv
refs https://github.com/TryGhost/Team/issues/765

Since Members can be given complimentary access to one of many products,
we must include which products a member has access to when exporting
from Ghost. This will allow us to reimport without losing information.
2021-06-23 13:53:34 +01:00
Fabien O'Carroll
b197d71c4e Linked comped members to default product for imports
refs https://github.com/TryGhost/Team/issues/765

As part of the multiple products feature, we're not longer using Stripe
subscriptions to denote Complimentary access, instead we're linking
members directly to products. Here we update the importer to follow
suit, so long as the flag is enabled.
2021-06-23 13:53:34 +01:00
Fabien O'Carroll
9fc69d8f07 Moved MembersCSVImporter out of index.js file
no-issue

This cleans up the importer to match the standards of the rest of our
codebase.
2021-06-23 13:53:34 +01:00
Naz
0d0e09f173 Moved update check scheduling logic out of boot.js
refs https://github.com/TryGhost/Team/issues/754

- This is a minor cleanup. There should be no logic in the boot.js file other than calling services to "initialize themselves"
2021-06-23 15:01:43 +04:00
Naz
90cc801394 Added JSDoc and unit tests for email replacement parser
refs 474e6c4c45

- The method was not easy to understand after skimming through it.
- As we are working on developing a similar pattern for upcoming similar featured created a basic test suited to see input/output relation clearly
2021-06-23 12:00:03 +04:00
Naz
5edd056a61 Renamed bulk-email index to bulk email processor
no issue

- idex.js files are meant to expose the API of the module and not contain code
- Next step would be reworking the code to use class/injection pattern
2021-06-22 20:19:57 +04:00
Ikko Ashimine
cb9ca30f72 Fix typo in image-size.js
withing -> within
2021-06-22 15:47:41 +01:00
Daniel Lockyer
d1eeee114e
Updated Ghost-Admin to v4.8.0 2021-06-22 15:25:52 +01:00
Rishabh
d9c1713dae Updated sentry config for members site endpoint
no refs

- updates portal sentry config's dsn and env naming
2021-06-22 12:31:30 +05:30
Rishabh
484c9a67c2 Added crossorigin attribute to Portal script
no refs

- without crossorigin=anonymous attribute, browsers obfuscate error messages from external scripts, which makes error tracking with sentry impossible
- with crossorigin attribute, portal script needs to be served with cors header or browsers will block it
- unpkg already serves the script with `access-control-allow-origin: *`
2021-06-22 12:31:30 +05:30
Kevin Ansfield
446993a905
Added additional newsletter customisation settings (#13074)
refs https://github.com/TryGhost/Team/issues/793

New settings added for newsletter customisation options:

- `newsletter_header_image` - `null/"$url"`
- `newsletter_show_header_icon` - `"true/false"`
- `newsletter_show_header_title` - `"true/false"`
- `newsletter_title_alignment` - `"center/left"`
- `newsletter_title_font_category` - `"serif/sans_serif"`
- `newsletter_show_feature_image` - `"true/false"`

`newsletter_show_header` has been dropped because the same functionality can be achieved by setting both `newsletter_show_header_icon` and `newsletter_show_header_title` to `false`

---

- migration to convert and delete `newsletter_show_header` setting
- removed `newsletter_show_header` from default settings to ensure it doesn't get re-created
- replaced main labs template and template settings generation with the labs template
- deleted labs template
2021-06-21 13:40:40 +01:00
Rishabh Garg
acb0bd47af
Added sentry config to frontend site settings for Portal (#13086)
no refs

- adds sentry config for portal when available to integrate error handling
2021-06-21 17:59:20 +05:30
Rishabh Garg
d8c2428094
Added portal products data to member site endpoint (#13053)
refs https://github.com/TryGhost/Team/issues/768

- adds `portal_product` settings data to the member site endpoint for Portal behind the `multipleProducts` flag
2021-06-21 14:41:15 +05:30
Rishabh Garg
8f104f67b1
Added new portal_products setting (#13055)
refs https://github.com/TryGhost/Team/issues/768

- `portal_products` stores list of products available in Portal
- adds new `portal_products` setting to default settings
- adds migration to populate `portal_products` with current product so its available by default
- update tests
2021-06-21 14:01:50 +05:30
Hannah Wolfe
2f3d60c87e
Updated to use config-url-helpers in urlUtils 2021-06-18 21:49:28 +01:00
Hannah Wolfe
16b5d14c9c
Removed bind from internal-only config helpers
- We were using the same bind pattern for both internal-only and public helpers
- Binding helpers to config makes them available throughout the codebase
- Removing the binding doesn't make the code much more complicated, but it does make the Public API of the config module a lot clearer
2021-06-18 21:19:16 +01:00
Hannah Wolfe
8cf411e524
Updated local config helpers bind pattern
- The new @tryghost/config-url-helpers has a pattern of exposing bindAll()
- Changed the local (non url) helpers to have the same pattern for consistency
- Also fixed types as best I can
2021-06-18 21:18:43 +01:00
Hannah Wolfe
6aafb735b1
Added config-url-helpers to config
- getSubdir, getSiteUrl & getAdminUrl were currently part of @tryghost/url-utils
- They have been split out into their own library, and refactored so that they expect to be bound to nconf
- With this commit we can do e.g. config.getSubdir() rather than needing @tryghost/url-utils
- These functions will be passed to url-utils via DI
- This is the first step in breaking down url-utils into smaller pieces
- This commit only does a single change in Gruntfile.js to use the new funtions - this will be rolled out slowly
2021-06-18 20:05:00 +01:00
Kevin Ansfield
ca5c58030b Added feature image caption and alt to labs email template
no issue

- when feature image redesign flag is enabled add the caption under the feature image when available
- adds extra class for feature image so spacing can be adjusted when the caption is present
2021-06-18 16:03:58 +01:00
Kevin Ansfield
22306c4b19 Fixed type errors in post-email-serializer
no issue

- fixed errors showing in editor, no bugs just minor expected type differences
2021-06-18 15:37:42 +01:00
Daniel Lockyer
a457631a20
Moved defaultColumnsToFetch to Bookshelf CRUD plugin
no issue

- the CRUD plugin uses this function so we want to keep similar things
  together to make it easier to test in the future
2021-06-17 17:07:10 +01:00
Daniel Lockyer
0830bcb74e
Moved setId function to Bookshelf events plugin
no issue

- `setId` is only used within the `events` plugin and it makes sense to
  keep code together
- we don't lose anything by putting it here, but it should make it
  easier to test in the future
2021-06-17 17:07:10 +01:00
Fabien O'Carroll
5b66933981 Supported directly assigning products to members
refs https://github.com/TryGhost/Team/issues/748

This updates the @tryghost/members-api MemberRepository to stop ignoring
the `products` data passed to write operations, and to attach products
directly to members. As this logic is part of a new feature, we are
maintaining existing functionality by deleting the products data when
the feature flag is not enabled.

This functionality allows us to give members complimentary access to a
product without needing to use a Stripe Subscription internally.
2021-06-17 16:57:53 +01:00
Daniel Lockyer
c0baf5fdee
Moved formatOnWrite function to Bookshelf override plugin
no issue

- `formatOnWrite` doesn't override anything in Bookshelf but we use it
  within the `override` plugin and sub-models may override it, so it's
  easier to keep these things together
2021-06-17 16:47:47 +01:00
Daniel Lockyer
a635f3b68d
Updated JSDoc optional syntax in CRUD plugin
no issue

- optional parameters can be given in square brackets which makes
  editors understand it easier
2021-06-17 15:04:52 +01:00
Daniel Lockyer
a622f44564 Extracted Bookshelf method overrides to plugin
no issue

- all these functions override those within Bookshelf so this commit
  extracts them into a separate plugin from the Base model
2021-06-17 15:02:34 +01:00
Daniel Lockyer
5e9ab27a21
Refactored out local DB require in bulk-operations plugin
no issue

- we were only importing the `db` to access the `knex` instance, but
  we can get this through the Bookshelf instance
- switches to pulling out `knex` from Bookshelf so we can remove the
  remaining local require
2021-06-17 13:16:11 +01:00
Daniel Lockyer
a2b3568956
Fixed indenting for Bookshelf sanitize plugin JSDoc
no issue

- the indentation copied over incorrectly when I moved the code between
  files
2021-06-17 13:01:15 +01:00
Daniel Lockyer
76397f5aed Moved Bookshelf plugins to folder
no issue

- this moves all the plugins into a folder which but allows us to
  see which are still hanging around to be extracted out
2021-06-17 12:04:38 +01:00
Daniel Lockyer
67539a143b Extracted Bookshelf data manipulation code into plugins
no issue

- this commit extracts all code relating to manipulating/fixing data
  from the Base model into its own plugin
2021-06-17 12:04:38 +01:00
Daniel Lockyer
33d0f686be Extracted Bookshelf user type code into plugin
no issue

- this commit extracts the code relating to detecting if a user ID is
  internal/external from the Base model into a separate plugin
2021-06-17 12:04:38 +01:00
Daniel Lockyer
89ba4081b4 Extracted Bookshelf filtered collection code into plugin
no issue

- this commit extracts all code relating to filtering collections to a
  separate plugin to break down the Base model
2021-06-17 12:04:38 +01:00
Daniel Lockyer
930df4b7fb Extracted Bookshelf bulk operations to plugin
no issue

- this commit extracts code relating to bulk DB operations into a
  separate plugin
- it __could__ go into the CRUD one but these operations are a little
  more involved
2021-06-17 12:04:38 +01:00
Daniel Lockyer
e2b2a51d9b Extracted Bookshelf generateSlug function to plugin
no issue

- this commit extracts the niche `generateSlug` function into
  its own plugin so it can be extracted in the future
2021-06-17 12:04:38 +01:00
Daniel Lockyer
553e0932b2 Added missing Bookshelf JSDoc import
no issue

- this helps us with types across the model code
2021-06-17 12:04:38 +01:00
Daniel Lockyer
763d368c6e Extracted Bookshelf sanitization code to plugins
no issue

- this commit extracts all options + data sanitization code from the Base
  model into a plugin
2021-06-17 12:04:38 +01:00
Daniel Lockyer
f4f31027b7 Extracted Bookshelf raw_knex function to plugin
no issue

- this commit extracts the niche `raw_knex` function from the Base model
  into its own plugin
2021-06-17 12:04:38 +01:00
Daniel Lockyer
6ce1b11a15 Extracted Bookshelf events code to plugin
no issue

- this commit extracts event related code from the Base model into a plugin
- in particular:
    - events initialization
    - the `on*` events
    - `emitChange` - I'm not sure about this one but it __is__ event
      related
2021-06-17 12:04:38 +01:00
Daniel Lockyer
93c00b1ab7 Extracted Bookshelf actions code to plugin
no issue

- this commit extracts code related to Actions from the Base model into
  a separate plugin
- `api-key.js` contained the exact same helper function as the Base
  model so that has been de-duplicated
2021-06-17 12:04:38 +01:00
Daniel Lockyer
14ffd0b9d9 Extracted Bookshelf setup code into separate file
no issue

- I'm working on pulling apart the base index.js and this code is
  specific to setting up Bookshelf + the plugins, which is pretty
  contained and can stay in one file
- it only has one local require so it might be a good candidate for
  extracting out of Ghost in the future
2021-06-17 12:04:38 +01:00
Sam Lord
bdfac2524e Revert "Re-export logging in ./core/shared/logging"
This reverts commit 588bbcab84.
2021-06-17 11:11:03 +01:00
Kevin Ansfield
557ef28ae5 Added psmRedesign as an allowed labs flag
refs https://github.com/TryGhost/Team/issues/786

- flag will be used by Admin to toggle between old (popover) and new (sidebar) post settings menu behaviour
2021-06-17 10:49:20 +01:00
Sam Lord
588bbcab84 Re-export logging in ./core/shared/logging
no issue
Fixes commit caea330647 when running on Ghost (Pro), this is a temporary patch that will be removed when there are no references to the logging module.
2021-06-17 09:10:24 +01:00
Hannah Wolfe
ba8cdc8d2d
Split config utils into utils and helpers
- There are two different types of function here
   1. "helpers" are public API - config.something() that provide dynamic helpers on top of config
   2. "utils" are internal methods used only by config itself
- This commit makes this distinction clearer, although we should also change the code to enforce that utils are not exposed
2021-06-16 15:05:51 +01:00
Hannah Wolfe
93f9bc0105
Renamed config index to loader
- Renamed the file in line with our rules around index.js files
- Cleaned up some outdated code patterns
- Want to make the config module a little clearer in what it does
2021-06-16 14:42:06 +01:00
Hannah Wolfe
2adc7545c1
Cleaned code comments in config
- just one of those things you do to help make sense of code :D
- improves readability
2021-06-16 14:26:59 +01:00
Sam Lord
3f0bab4389 Replaced request module with @tryghost/request
no issue
Part of the effort to break up Ghost into smaller, decoupled modules.
2021-06-16 13:16:15 +01:00
Sam Lord
24332c3d24 Replaced ghost-version.js with @tryghost/version
no issue
Part of the effort to break up the Ghost codebase into smaller, decoupled modules.
2021-06-16 13:16:15 +01:00
Fabien 'egg' O'Carroll
8ea577b58b
Added support for canceling subscriptions (#13039)
refs https://github.com/TryGhost/Team/issues/775

As we currently do not delete canceled subscriptions and they are
exposed via the API, this functionality has been added to the
editSubscription controller method under the PUT HTTP method.

The cancelSubscription method in @tryghost/members-api was updated to
handle deleting by member id
2021-06-16 11:25:19 +01:00
Hannah Wolfe
526993965a
Switch to @trghost/validator, remove validator
- Part of the effort to split Ghost down into smaller, decoupled pieces
- Moved out our internal validator tooling to a separate library
- Replaced all usage of our own tooling and validatorjs directly with @tryghost/validator
- Removed the validatorjs dependency and removed the renovate pin
- This gives us a consistant, smaller, clearer public API for validations
- It will eventually be used on Ghost Admin too
- This way we can start getting up to date with validator whilst not increasing build size
2021-06-16 08:11:22 +01:00
Daniel Lockyer
97c0c93959 Refactored Bookshelf CRUD functions into plugin
no issue

- we're going to pull this out into the framework monorepo but
  refactoring it here first makes it a lot easier to extract without
  losing the history
2021-06-15 18:27:43 +01:00
Sam Lord
35e51e364b Switch to @tryghost/debug, remove ghost-ignition
no issue
The only pieces of Ghost-Ignition used in Ghost were debug and
logging. Both of these modules have been superceded by the Framework
monorepo, and all usages of Ignition have now been removed, replaced
with @tryghost/debug and @tryghost/logging.
2021-06-15 17:24:22 +01:00
Daniel Lockyer
f91daffdad
Revert "Refactored Bookshelf CRUD functions into plugin"
this reverts the following until tests have been fixed:
 - e51d505abb
 - c86ac27dcf
 - 3ffba967f2
2021-06-15 16:41:14 +01:00
Sam Lord
caea330647 Change to use @tryghost/logging
no issue

Logging is now controlled by a logginrc.js file in the root of the project - and now we can just import @tryghost/logging everywhere
2021-06-15 15:59:11 +01:00
Daniel Lockyer
3ffba967f2
Fixed path to CRUD plugin
no issue

- I renamed this just before pushing the previous commits but forgot to
  update it here
2021-06-15 15:50:22 +01:00
Daniel Lockyer
c86ac27dcf
Removed unused require
no issue

- we no longer need this as the code was extracted into a plugin
2021-06-15 15:49:21 +01:00
Daniel Lockyer
e51d505abb
Refactored Bookshelf CRUD functions into plugin
no issue

- we're going to pull this out into the `framework` monorepo but
  refactoring it here first makes it a lot easier to extract without
  losing the history
- note: this is very temporary and will be extracted soon
2021-06-15 15:46:33 +01:00
Hannah Wolfe
0fe8426f97
Renamed validation to validator + better public API
- renamed our internal validation library to "validator" - which is the same as the tool it wraps
- updated the public api so that validator methods are directly exposed
- this will make it a drop-in replacement for validator-js
- in turn, this allows us to pull this out into @tryghost/validator, and use our own wrapper instead of the 3rd party library
2021-06-15 15:32:36 +01:00
Hannah Wolfe
1688b17c49
Refactored + cleaned up validation tools
- General code cleanup
- Removed unused notContains rule
- Swapped custom empty rule for builtin isEmpty rule
- Dropped usage of .extend on validator, as this was removed 2 years ago!
   - This will allow us to upgrade the validator dependency to a much newer version
- Changed our internal validator module to only expose the functions we use.
   - This gives us a clearer Public API
   - It makes it easier to see if we are affected by changes in validator
   - It's still easy to add another validator, we just have to update what we require
   - We can potentially use this to make smaller builds esp for client-side usage
   - Once ripped out into a module we can use ES imports :D
- Rejigged and _slightly_ improved the tests
2021-06-15 15:17:20 +01:00
Sam Lord
160cb07e02 Added @tryghost/root-utils to the ghost-version module
no issue
Part of the effort to split ghost into smaller, decoupled parts. The
@root-utils package lets us avoid hard-coding a path to package.json,
and means that the ghost-version.js file could eventually be moved
into a separate module.

This commit uses a patched version of @tryghost/root-utils which
checks for the existence of a `current` directory, as used in
Ghost-CLI. Since this is very specific to Ghost and Ghost CLI, there's
a new method called "getGhostRoot" for this purpose.
2021-06-15 15:06:31 +01:00
Daniel Lockyer
7cbe565f4f
Fixed JSDocs in base model
no issue

- Promise parameter types are given in diamond branches instead of
  parentheses, so switching to this makes editors happy
2021-06-15 13:28:59 +01:00
Daniel Lockyer
495ef867c2 Extracted Bookshelf plugins from Ghost to Framework repo
refs:
  - cf15f60085
  - dd20cc649b
  - ccf27f7009
  - abf146d61f
  - 2b54c92a14
  - bb029a53f6
  - 95bd7ee675
  - 9018b4df22
  - df01a6e5f4
  - d313726b34

- these plugins were in a state where they were independent enough to be
  pulled out into their own packages, which is what we did in the
  referenced commits above
- each package is named like `@tryghost/bookshelf-<plugin>`
- to avoid requiring multiple packages into Ghost, we've also created a
  wrapper package called `@tryghost/bookshelf-plugins` which re-exports
  all these plugins, so the changes in Ghost are very simple - dbebdd43b5
- this commit deletes the plugins + tests, and replaces with our new
  package with some minor code changes
2021-06-15 12:49:38 +01:00
Hannah Wolfe
4e49aeb9a0
Moved password validation into a library
- This is super specific code relating only to validating passwords.
- It's needed as a shared validator as we use other funnels to help people setup Ghost on Pro, but currently it's hard-baked into Ghost
- It's also not the greatest code. It'd be nice to be able to rework it and know that would automatically update everywhere passwords are set
2021-06-15 12:33:14 +01:00
Hannah Wolfe
d3cc85c920
Moved schema validator into the schema module
- This is a really specific piece of code related to validating models against our internal schema.js format
- This doesn't make sense without a schema.js file
- It does depend on the internal validator and validate tools - but those are used elsewhere too, and can reasonably be moved out of the codebase
- I don't see schema.js moving out of the codebase any time soon. We can move the validator but it would be a class that requires schema via DI
- For now my focus is on getting the data/validation tooling separated and making clear sense
- Improving data/schema can come later :)
2021-06-15 11:54:34 +01:00
Hannah Wolfe
68d60a1834
Removed i18n from validation modules 2021-06-15 11:30:37 +01:00
Daniel Lockyer
8e46288f37
Fixed JSDocs within pagination Bookshelf plugin
no issue

- `options` is not a correct type, so changed it to `Object` - maybe we
  could introduce an `options` type at some point
- also fixed another case of incorrect subtype extraction from
  `bookshelf`
2021-06-15 09:09:48 +01:00
Rishabh
db50aa64d8 Added cache invalidation for products api
no refs

- adding/changing products needs cache invalidation header otherwise frontend endpoints like `/members/api/site` use cached product data
- adds cache invalidation for both add and edit endpoints for products
2021-06-15 12:40:55 +05:30
Daniel Lockyer
5c866fadde
Removed i18n from base model
refs d783a8d2d4

- we're removing i18n from Ghost core because it no longer meets our
  needs
- this switches out i18n in the base Bookshelf model for our
  `tryghost/tpl` package with a `messages` object of strings sprinkled
  through the code
2021-06-14 20:53:13 +01:00
Daniel Lockyer
b7d96149e2
Improved JSDoc typing for Bookshelf plugins
no issue

- eager-load: turned param import into typedef for reusability and fixed
  attribute typing
- pagination:
    - removed typing on helper function object - this was incorrect and
      tsserver can pick up the real types a lot better, so removing it
      reduces maintenance overhead
    - `fetchPage` actually returns a Promise, so this fixes the typing
      on the docs
2021-06-14 20:52:18 +01:00
Daniel Lockyer
becf4c04e5
Converted Bookshelf collision plugin into async-await
no issue

- this helps avoid promise chaining and keeps the code neater
- also removes unneeded `bluebird` import after this change
2021-06-14 20:52:18 +01:00
Sam Lord
1ec79bfaea Revert "Added @root-utils to the ghost-version module"
This reverts commit 846e9f1bbc.
2021-06-14 18:42:40 +01:00
Hannah Wolfe
c37de311ea
Split validation index into separate files
- The data/validation module is made up of several loosely related things with lots of dependencies
- Separating out the various components makes it possible to see what's what, and importantly what has complex dependencies
- validator + validate probably go togetheri in an external module, the other two files should probably have their own homes in related areas of ghost e.g. schema -> data/schema/validate.js
2021-06-14 18:18:28 +01:00
Sam Lord
846e9f1bbc Added @root-utils to the ghost-version module
no issue
Part of the effort to split ghost into smaller, decoupled parts. The
@root-utils package lets us avoid hard-coding a path to package.json,
and means that the ghost-version.js file could eventually be moved
into a separate module.
2021-06-14 16:33:53 +01:00
Daniel Lockyer
0cd9acabec
Imported Bookshelf type into plugin JSDocs
no issue

- the `Bookshelf` type wasn't being imported anywhere and editors were
  showing warnings for the missing type
- also fixes use of `Bookshelf.Model` - this doesn't work if we declare
  `Bookshelf` using a `@typedef` and the preferred syntax is using an
  array index
- note: it still complains because we're calling functions that are only
  declared in our custom Bookshelf Model but this is a step in the right
  direction
2021-06-14 16:30:58 +01:00
Daniel Lockyer
de9960fc45
Fixed broken syntax in pagination plugin
refs d783a8d2d4

- missed a comma in the `messages` object 🤦
2021-06-14 15:21:57 +01:00
Daniel Lockyer
d783a8d2d4
Removed use of i18n in Bookshelf plugins
no issue

- i18n is eventually going away in Ghost so we want to remove uses of it
- Bookshelf plugins are also getting extraced out of Ghost so we need to
  remove all local requires
- i18n is being replaced by inline templating with strings stored in the
  `messages` object
- this commit switches out the use of i18n in the Bookshelf plugins and
  replaces the templating function with our `@tryghost/tpl` package
2021-06-14 15:13:41 +01:00
Daniel Lockyer
e3ea40e268
Fixed JSDoc for DB helper functions
no issue

- the docs were referring to different parameter names so this commit
  bring them in line to make the warnings go away
2021-06-11 16:03:42 +01:00
Rishabh
8605597eea Updated multiple products UI handling on Portal
refs 4c1c607b83

- last commit missed updating portal version in the url, updated.
2021-06-11 15:10:23 +05:30
Rishabh
4c1c607b83 Added multiple products UI in Portal behind feature flag
refs https://github.com/TryGhost/Team/issues/767

- adds new multiple products UI in Portal (works behind the `multipleProducts` feature flag)
- Portal's current single product UI behaves the same when flag is switched off
2021-06-11 14:14:11 +05:30
Rishabh
0766a19afd Updated products data in portal site endpoint
refs https://github.com/TryGhost/Team/issues/763
refs https://github.com/TryGhost/Team/issues/718

- Removes redundant `plans` data from site data
- Updates products data to include monthly/yearly price
- Filters multiple products on site data based on labs flag
2021-06-11 12:41:46 +05:30
Kevin Ansfield
1bc57b584a
Added posts_meta.feature_image_{alt,caption} columns (#13030)
refs https://github.com/TryGhost/Team/issues/770

We want post feature image functionality to better match what's available inside the editor, to do that we'll need somewhere to store alt and caption meta data. `posts_meta` chosen because even though we want to make this generic for other tables in the future those tables also have a `feature_image` (or closely related) field.

- updated schema with new columns
- added migration to create columns
- cleaned new columns from API output
  - not output on v2/v3
  - conditionally output on v4/canary output based on labs flag
- bumped `@tryghost/admin-api-schema` to allow new columns through in canary API requests
  - silently clean properties from input when labs flag is disabled
  - updated acceptance tests so they fail if `admin-api-schema` is not letting the new fields through
2021-06-10 20:35:56 +01:00
Kevin Ansfield
4e724b6451
Fixed order of flatten/clean operations in posts output serializers (#13038)
no issue

`post.clean()` implementation was expecting a flat structure representing final API output but was being called before the flatten operation for `posts_meta` meaning the structure looked like `attrs.posts_meta.property` instead

- adjusted order in output serializers to call `clean()` after flattening the `posts_meta` object
- in `v2` output serializer, moved removal of properties from the serializer into `clean()` for consistency
2021-06-10 15:14:02 +01:00
Kevin Ansfield
f49f7699aa
Enabled all labs flags when testing (#13036)
no issue

Shows impact of new code behind labs flags through the existing acceptance/regression tests. Allows for existing tests to be updated to match new behaviour rather than requiring separate tests where individual flags are enabled. Should result in minimal test updating once code reaches GA.

- adds a forced `'labs:enabled'` fixture op that edits the `labs` setting to enable all flags then restarts the settings service to pick up the new setting
- modifies labs service to not remove ALPHA_FEATURE labs settings when running in a testing environment
2021-06-10 12:54:34 +01:00
Hannah Wolfe
1f11bd9012
Updated package-json lib to not need DI
- The underlying package-json package has had i18n ripped out using the new tpl utility instead
- It's also then been refactored to not be a class that needs instantiating
- This means it can be required directly and its public interface methods used where needed
- This is a much nicer, neater pattern for what is a mature utility library :)
2021-06-09 16:48:19 +01:00
Hannah Wolfe
16728a3ef1
Swapped to American English spellings
- Traditionally all of Ghost's public-facing text was written in British English
 - We're changing that to US English because that's more common
 - US English should also be used in code e.g. properties are called color not colour
 - most of these changes are in comments, but I've changed them so that we have US English in front of us always
 - fixed a few other typos I noticed whilst there
2021-06-09 16:39:06 +01:00
Naz
0f6ea35d7e Added 'alpha' feature support to labs
refs https://github.com/TryGhost/Team/issues/772

- When the feature is introduced into Ghost at it's first lifecycle stage - "alpha" the rule is to have a "enableDeveloperExperiments" flag along with labs toggle turned on before it's usagble in the codebase
- The changeset introduced a "ALPHA_KEYS" concept which should allow distinguishing alpha flags from beta flags.
2021-06-09 19:30:34 +04:00
Hannah Wolfe
971ac479dc
Updated ghost-server to use new minimal tpl helper
- We are going to get rid of the internal i18n tool because it doesn't solve a real use case
- Instead, we have a new tpl utility that does basic string interpolation
- This pattern will make it easier for us to decouple the codebase, and the new tool helps to keep the refactor surface area really small
- This is the first example of using the new tpl helper, so it also adds @tryghost/tpl
2021-06-09 12:20:59 +01:00
Rishabh
136fb093a3 Added labs flag for multiple products
refs https://github.com/TryGhost/Team/issues/763

- Adds new labs feature flag in the allow list to enable multiple products
2021-06-09 15:39:05 +05:30
Rishabh
b4f53a0b75 Reset active price ids for product on Stripe disconnect
refs e17f5004cc

In case of Stripe disconnect, it was possible that the product table still contained reference to monthly/yearly price id while the price itself isn't present in the DB. As part of Stripe disconnect reset, this also resets monthly/yearly price id for product.
2021-06-08 22:16:42 +05:30
Daniel Lockyer
3ef2e684f2
Updated Ghost-Admin to v4.7.0 2021-06-08 17:06:37 +01:00
Rishabh Garg
e17f5004cc
🐛 Fixed unable to create new prices on switching Stripe account (#13013)
closes https://github.com/TryGhost/Team/issues/724
closes https://github.com/TryGhost/Team/issues/739

Currently, site owners are allowed to disconnect Stripe if they don't have any active subscriptions for a member. On disconnect, all stripe related data for the old account in DB should be cleared as using Stripe id for old account can cause weird failures due to incorrect Stripe key being used. This was also causing site owners to not be able to create new prices after connecting to new account as it ended up using old stripe product id which failed on Stripe request.
2021-06-08 21:28:16 +05:30
Rishabh
413c1cc4ce Handled empty stripe price object in API
no refs

In case of Stripe disconnect, its possible that the product table still contains reference to monthly/price id while the object itself isn't present in the DB. In this scenario the stripe price returned is empty object instead of `null` , which then passes down empty object in the API that causes clients to fail if they just check existence of stripe price. The fix returns `null` value for monthly/yearly price in case it has no reference and is empty object.
2021-06-08 20:59:39 +05:30
Rishabh
d2e4f30b5b Handled empty prices for product in Portal settings
no refs

Monthly/yearly price values on a product can be `null` when stripe is not connected, this change handles the prices passed to Portal settings to ignore null prices in the array.
2021-06-08 19:41:55 +05:30
Rishabh Garg
ba9b2ee68f
Updated monthly/yearly data in price helper (#13012)
closes https://github.com/TryGhost/Team/issues/761

With multiple products, each product can have an active monthly/yearly price, so we no longer store the monthly/yearly price ids in global settings but instead store them in product table directly. This means we need to update our global `@price` helper to also use the updated schema and use the monthly/yearly prices from product table instead of settings data.
2021-06-08 16:32:39 +05:30
Fabien O'Carroll
76a54059b0 Fixed Product API handling of original options
no-issue

The default include values are empty arrays which are not falsy, so the
boolean OR operator would never use the second operand. Instead we
concatenate the options together so that the API can use all of them.
2021-06-08 11:41:00 +01:00
Fabien O'Carroll
09a817da16 Fixed Product serializer lookup of original include
no-issue

The Frame object colocates the query, params & options data under a
single options property, this is not the case for the "original" data
however, which means that we need to explicitly check individual
"original" properties. We do not expect the `include` option to be used
as a param so that has been left out for now.

This reverts commit ea9a83d444.
2021-06-08 11:27:16 +01:00
Sanne de Vries
a028f7e706 Added padding to newsletter header image 2021-06-08 11:33:07 +02:00
Kevin Ansfield
97fec8443b Fixed email header divider showing when title+icon are disabled but no publication icon is set
refs https://github.com/TryGhost/Team/issues/755

- the default value for `show_header_icon` is `true` but if there's no publication icon set then it should be read as `false` when rendering the email
2021-06-08 10:18:18 +01:00
Hannah Wolfe
7069cc1221 Added initial match helper
refs: https://github.com/TryGhost/Team/issues/759

- wired up a matchHelper feature flag & used the labsEnabledHelper tool to gate the helper
- added a first version of the match helper, which is intended to replace the has helper
- this is an experimental helper and may or may not make it to GA
- match is a simple comparison helper, right now it does a very basic equals or not equals comparison
- much more functionality is needed to reach parity with has
2021-06-07 21:15:05 +01:00
Sam Lord
905a228cb7 Merged 4.6.6 into main 2021-06-07 18:03:33 +01:00
Sam Lord
433dd35839 Updated Ghost-Admin to v4.6.6 2021-06-07 17:59:45 +01:00
Naz
7a21522804 Restored labs' getAll function
refs https://github.com/TryGhost/Team/issues/757
refs 37ef40b46e/core/server/services/labs.js

- As more labs flags have been added to allowlist the `getAll` method should be returning members+all allowlisted flags
- The changeset restored the state of the method to the one reffed in the commit
2021-06-07 20:51:37 +04:00
Naz
3f286e8eb4 Removed group/type mapping in v4/canary Settings API
refs https://github.com/TryGhost/Team/issues/757

- The "type" value in settings is meant to be representing the data type stored in the "value" field. It was an overlooked bug in v4 API adding a mapper to  group->type
2021-06-07 19:47:02 +04:00
Kevin Ansfield
8dc4f183e2 Updated newsletter email template for new settings
refs https://github.com/TryGhost/Team/issues/755

Make use of the new settings in the email template when `enableDeveloperExperiments` flag is enabled.

- added header image output if set
- hide all header output if both show publication title+icon are disabled
- hide individual header output for title and logo based on individual settings
- add left-align and serif classes to title based on individual settings
- hide feature image when disabled
2021-06-07 16:31:50 +01:00
Kevin Ansfield
485a50794e Added extra newsletter settings
refs https://github.com/TryGhost/Team/issues/755

Additional customisation settings for newsletter emails are being introduced. Defaults match the existing email design.

- adds new settings
  - `newsletter_header_image` - stores URL from image upload
  - `newsletter_show_header_icon` - boolean toggle, default `true`
  - `newsletter_show_header_title` - boolean toggle, default `true`
  - `newsletter_show_feature_image` - boolean toggle, default `true`
  - `newsletter_title_alignment` - "left" or "center" selection, default "center"
  - `newsletter_title_font_category` - "serif" or "sans_serif" selection, default "sans_serif" (matches body font category selection)
2021-06-07 16:31:50 +01:00
Naz
48d36b6a48 Disallowed aditing "labs" settings in v2/v3 APIs
refs https://github.com/TryGhost/Team/issues/757

- There is no usecase for editing "labs" settings outside of canary/v4 API versions. Removing support for older versions makes the supported API surface smaller (easy maintenance).
2021-06-08 02:18:17 +12:00
Naz
d8230f3343 Added labs setting import validation
refs https://github.com/TryGhost/Team/issues/757

- Similarly to the API input serrialization importer should not pass through unknown labs keys to avoid soiling data
2021-06-08 02:18:17 +12:00
Naz
cd35358fdb Added labs setting input validation
refs https://github.com/TryGhost/Team/issues/757

- To safeguard from mise of a very permissing "object" value of the "labs" setting this change introduces an "allowlist" approach to filtering unrecognized labs flags
- Should allow maintainers to have a clear view of which labs flags are currently in use and manage them accordingly
2021-06-08 02:18:17 +12:00
Naz
8ab43b84d5 Enabled 'labs' to be accepted as a value in Settings API
refs https://github.com/TryGhost/Team/issues/757

- As labs has been added back to the settings table the APIs are reverting back to accepting it as a value
2021-06-08 02:18:17 +12:00
Naz
49ba26373d 🏗 Added "labs" setting enabling feature flags
refs https://github.com/TryGhost/Team/issues/757
refs https://github.com/TryGhost/Team/issues/332
refs ea6d656457

- We have a need a quick way to add features behind flags. The old way of "labs" is the quickest way to achieve this. It has ready tooling around it and well understood pitfalls. This change reintroduces "labs" group & key in settings table in the same shape it used to be (see reffed commit)
- Next step will be introducing very basic guard rails to protect from pitfalls previous implementation of "labs" had. This will include an allowlist based input validation for lab's object's data
-  The labs being an "object" type is an EXCEPTION. Even though it's an antipattern we aim to move away from, for now it's the lowest impact solution that will unblock the use of flags in the system. A proper solution will come at some point.
2021-06-08 02:18:17 +12:00
Sam Lord
573b0db76a Merged 4.6.5 into main 2021-06-07 11:31:01 +01:00
Sam Lord
625406ede5 Updated Ghost-Admin to v4.6.5 2021-06-07 11:25:17 +01:00
Fabien 'egg' O'Carroll
81de2fe223 🐛 Fixed saving Members with Complimentary plans (#13008)
* 🐛 Fixed saving Members with Complimentary plans

refs https://github.com/TryGhost/Team/issues/758

Since 4.6 The Admin is using the comped flag again, rather than creating
subscriptions for zero-amount prices directly. With the `comped` flag
removed, the default state was for it to be falsy in the Admin, and when
saved would trigger the legacy comped flow, cancelling the subscription.

This reverts commit 57a176ff3d.
2021-06-07 11:16:32 +01:00
Hannah Wolfe
724db487a0
Swapped _.escape for proxy.escapeExpression
- we don't need to use _.escape from lodash as we already have escapeExpression from handlebars
- it's more correct to use the escape utility from our theme engine when escaping strings _for_ our theme engine!
- Note there is a minor difference between the two:
  - Lodash: &, <, >, " and '
    - refs: https://lodash.com/docs/4.17.15#escape
  - Handlebars: &, <, >, ", ', ` and =
    - refs: https://handlebarsjs.com/api-reference/utilities.html#helper-utilities

- This could cause slightly weird behaviour in themes around ` and = characters, but as it's just convering to html entities it should be fine
2021-06-04 20:07:44 +01:00
Rishabh
c7cf9855fe Updated Portal to handle multiple products
refs https://github.com/TryGhost/Team/issues/718

This bumps Portal to `~1.5.1` which handles changes for multiple tiers/products -

- Handles updated `portal_plans` setting to use monthly/yearly again
- Handles list of available prices to use prices across multiple products
2021-06-04 19:25:39 +05:30
Rishabh
4e01fe9d09 Updated price/products data for portal settings
refs https://github.com/TryGhost/Team/issues/718

The ids for default prices for a product is now stored directly on product model instead of on global settings. This change updates
- the products data sent to Portal to use list of products with their active monthly/yearly prices, as well as
- the prices data sent to Portal to use the prices of default(first) product
2021-06-04 13:03:33 +05:30
Rishabh
ea9a83d444 Fixed product API removing included data
no refs

The product output serializer is removing the include data due to the includes being missing in frame options for some reason. This is a temporary fix that always allows the default includes as `monthly/yearly_price` to unblock the API, and we can revert it back to explicit request once fixed.
2021-06-04 12:28:56 +05:30
Fabien O'Carroll
3adeab142d Added Product data to theme middleware
refs https://github.com/TryGhost/Team/issues/708

- Defaults to an empty array on `@products` so we have valid data
   (product should be null if products isn't)
- This is the first step toward supporting multiple products at the
  theme level
2021-06-03 18:40:18 +01:00
Fabien 'egg' O'Carroll
2a81d0a986
🐛 Fixed saving Members with Complimentary plans (#13008)
* 🐛 Fixed saving Members with Complimentary plans

refs https://github.com/TryGhost/Team/issues/758

Since 4.6 The Admin is using the comped flag again, rather than creating
subscriptions for zero-amount prices directly. With the `comped` flag
removed, the default state was for it to be falsy in the Admin, and when
saved would trigger the legacy comped flow, cancelling the subscription.

This reverts commit 57a176ff3d.
2021-06-03 18:28:14 +01:00
Fabien O'Carroll
a0df10f1b8 Fixed Products API removing included data
no-issue

The include data is stored under original.options rather than original.
2021-06-03 18:04:57 +01:00
Fabien O'Carroll
83a9a1d0a5 Supported monthly & yearly price in Products API
refs https://github.com/TryGhost/Team/issues/712

- Adds a Content API for products, which can be used by the theme-engine
  middleware to populate the products data.
- Removes Stripe ids from Content API so they cannot be used to
  initiate checkout sessions directly
- The monthly_price and yearly_price are used to create new prices, and
  to set them to the default monthly & yearly price for the product.
2021-06-03 17:08:02 +01:00
Naz
7d05da6185 Removed update check service in favor of external package
refs https://github.com/TryGhost/Team/issues/728

- The code of update check has been extracted into it's own package as a part of TryGhost/Core monorepo. This commit is a cleanup of the leftover files
2021-06-03 13:24:19 +04:00
Naz
a7dec233ba Fixed error being saved in notification settings
refs https://github.com/TryGhost/Team/issues/754

- This is fixing the root cause of an error being saved in `settings` table under `notifications` key. There needs to be a follow up to this fixing any possible instances that might have been affected byt the bug
2021-06-03 12:54:09 +04:00
Daniel Lockyer
4edb8f40d6
Fixed config variable in UpdateCheck
refs 2e7d0a4e26

- the referenced commit pushed some refactors to the service but
  `this.config` should have just been `config`
- Ghost was 500ing so this commit fixes the incorrect variable
2021-06-02 14:29:11 +01:00
Naz
666baf8d50 Removed GhostMailer parameter from UpdateCheckService
refs https://github.com/TryGhost/Team/issues/728

- This is continuation of the previous commit. TLDR: Passing only the necessary parameter data makes it easier to reason about what dependencies the UpdateCheckService has to deal with
- Instead of passing in a whole GhostMailer instance passing only an email sending function, which again - makes things way more manageable to reason about
- The end of refactor, next will be a move of the UpdateCheckService into a separate module in tryghost/core
2021-06-02 15:18:32 +04:00
Naz
42efa043d8 Removed ghostVersion parameter from UpdateCheckService
refs https://github.com/TryGhost/Team/issues/728

- This is continuation of the previous commit. TLDR: Passing only the necessary parameter data makes it easier to reason about what dependencies the UpdateCheckService has to deal with
- Burned ghostVersion module passing in vafor of just one additional config parameter. Now the module along with unit tests can be easily extracted out of the codebase!
2021-06-02 15:08:26 +04:00
Naz
759f6ed3ba Removed urlFor parameter from UpdateCheckService
refs https://github.com/TryGhost/Team/issues/728

- This is continuation of the previous commit. TLDR: Passing only the necessary API endpoint function makes it easier to reason about what dependencies the UpdateCheckService has to deal with
- Substituted a parameter with already existing 'siteUrl' config value. No need to duplicate work!
2021-06-02 14:37:29 +04:00
Naz
bd51dd09db Limited the API surface of the UpdateCheckService
refs https://github.com/TryGhost/Team/issues/728

- This is continuation of the previous commit. TLDR: Passing only the necessary API endpoint function makes it easier to reason about what dependencies the UpdateCheckService has to deal with
- Limited urlUtils to only one function as that's all the UpdateCheck uses. Next step will be removing the function completely as and passing a 'blogURL' as a config value (way better readability this way)
2021-06-02 14:31:07 +04:00
Naz
2e7d0a4e26 Limited the API surface of the UpdateCheckService
refs https://github.com/TryGhost/Team/issues/728

- This is continuation of the previous commit. TLDR: Passing only the necessary API endpoint function makes it easier to reason about what dependencies the UpdateCheckService has to deal with
- There are 8 different configs that NotificationService depends upon it will need some further investigation around which ones are even needed anymore and the naming is not the best. To keep the time cap at bay leaving it at what it is.
2021-06-02 14:08:29 +04:00
Naz
bdab32d30a Limited the API surface of the UpdateCheckService
refs https://github.com/TryGhost/Team/issues/728

- Passing only the necessary API endpoint function makes it easier to reason about what dependencies the UpdateCheckService has to deal with
- The instance initialization had to be moved insided the module's exports to resolve "models" module initialization failure
2021-06-02 14:08:29 +04:00
Kevin Ansfield
0fdfcd5002 Removed unused fields relationship function on Post model
refs https://github.com/TryGhost/Ghost/issues/12565

- missed when cleaning up unused app related database fields
2021-06-02 10:09:30 +01:00
Kevin Ansfield
a87410ef28 🐛 Fixed logs showing an error when sending an email with no feature image
no issue

- we were attempting to read an image file to determine it's dimensions when no feature image was set. This wasn't a fatal error as it was handled gracefully and had no ill consequences but it was adding confusing errors to the logs
2021-06-01 17:07:33 +01:00
Naz
a78e034643 Added update check notificaitons test coverage
refs https://github.com/TryGhost/Team/issues/728

- This is a continuation of the test coverage for the UpdateCheckService.
- Covers scpecial cases of notification processing within Update Check
- The refactor inside the update check service was a convenience to get rid or the Bluebird dependency completely. Also, some minor preventative code added to avoid errors from referencing undefined objects
2021-06-01 17:35:10 +04:00
Naz
3173603d96 Updated UpdateCheckService methods to async/await
refs https://github.com/TryGhost/Team/issues/728

- In additions to easier tracking of "this" context in the unit tests it gets rid of unnecessary Bluebird's "reflect" method which was making unit test dependent on Bluebird's specific Promise implementation
2021-06-01 17:35:10 +04:00
Naz
d5e6dbb0fb Extraced update check code into a separate service
refs https://github.com/TryGhost/Team/issues/728

- This is a first step before moving update check code into an outside codebase.
- The aim is to have a self-contained module which could be unit tested and have a very clear API
2021-06-01 17:35:10 +04:00
Fabien 'egg' O'Carroll
52a97957e1
Added monthly & yearly price relation to Product
refs https://github.com/TryGhost/Team/issues/710

This allows us to fetch the default monthly and yearly price models for
a product model, which is important since we no longer want to expose
the entire list of prices, but just the designated monthly & yearly prices.
2021-06-01 11:00:28 +01:00
Fabien 'egg' O'Carroll
bdd7c0f821
Added {monthly,yearly}_price columns to products
refs https://github.com/TryGhost/Team/issues/710
refs https://github.com/TryGhost/Team/issues/725

Products will now have a single monthly and yearly price which will be
used throughout Themes, Portal & Admin. These columns will be used to
track the current prices for each of them, and will update anytime we
change the pricing of a product.

Due to a circular table dependency we have not added a foreign key
constraint to the new columns, this will be handled at a later date. It
is tracked in issue 725 references above
2021-06-01 09:38:15 +01:00
Thibaut Patel
0f2c586659 Revert "Upgraded the update-check api to v4"
commit 414938cfc7

- This reverts commit 414938cfc7.
- The tests fails so I'll wait for Naz to finish the ongoing update-check tests refactoring before upgrading the api version again
2021-05-31 21:50:17 +02:00
Thibaut Patel
414938cfc7 Upgraded the update-check api to v3
issue https://github.com/TryGhost/Team/issues/727
2021-05-31 19:44:15 +02:00
Daniel Lockyer
b98e0b0bbb v4.6.4
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYK/iogAKCRDSEYbwtHKV
 rcgCAP9qagl5CtrgE1mLx7fs+W+yy+UOslBqhR/o49aOQMTEbAD/ajcR5w2qv/mW
 GRK0qr9boWPcQm6YpiuEQ9j4SYMoCQU=
 =p+5B
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYK/jPgAKCRDSEYbwtHKV
 rcEgAQDh43UkCDj/rg3jxMeItspMXwnwrg+ZpscgoeCdm4nFKAD/UtsJCrma4+j8
 if2jOddYUy4xAAPUMwhpwsRJVMkWbgY=
 =gtbT
 -----END PGP SIGNATURE-----

Merged v4.6.4 into main

v4.6.4
2021-05-27 19:21:44 +01:00
Daniel Lockyer
c317d39e33
Updated Ghost-Admin to v4.6.4 2021-05-27 19:19:14 +01:00
Rishabh Garg
83c0cbb516
🐛 Fixed missing stripe connected check on boot (#12992)
refs https://github.com/TryGhost/Team/issues/598
refs https://github.com/TryGhost/Ghost/commit/5cdf910e

As part of the changes to disallow sites with starting up without https when they are connected to stripe, the conditional missed the check for stripe connection. As a result we were erroring in boot sequence for all sites starting without https irrespective if they are connected to Stripe or not which is incorrect. This fixes the `init` check for members service to only error for non-https sites if they are connected to Stripe.
2021-05-27 23:03:03 +05:30
Daniel Lockyer
46eba3c53b v4.6.3
-----BEGIN PGP SIGNATURE-----
 
 iHQEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYK/IAAAKCRDSEYbwtHKV
 rcOAAPYkPbDj5/tsTY5CLyrG0q0LkfFrVQgxVAkbWvIH/XXhAP4teJ+SP82LjTB9
 CWHwJW/eNqHrdaEJ6rs0kKTVnHPIDA==
 =hVsO
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYK/IjgAKCRDSEYbwtHKV
 rflnAQDsNIDOoTk6BZbUQg6lMwy26gmfBpgSq6G9iW0LRk+wTgEAon7vRajj6M+d
 FAEebE2qLPw8TtKxWculo+RKip3+nwk=
 =iiXt
 -----END PGP SIGNATURE-----

Merged v4.6.3 into main

v4.6.3
2021-05-27 17:27:50 +01:00
Daniel Lockyer
f4d8e818e3
Updated Ghost-Admin to v4.6.3 2021-05-27 17:25:35 +01:00
Thibaut Patel
a17403ab6a Move the update-check service to a scheduled job
issue https://github.com/TryGhost/Team/issues/729
2021-05-27 17:17:26 +02:00
Rishabh
3cf0ad41bf Updated preview post message handling in Portal
no refs

As part of new membership settings in Admin, we need to resize the Portal preview container to dynamically adjust to selected preview options. Portal is updated to handle and fire resize events for Admin on popup container changes so the preview can be adjusted correctly.

- Bumps minimal Portal version to ~1.4.6
2021-05-27 17:56:26 +05:30
Naz
df4df2a4aa Added admin email for UpdateChecker's alerts
refs https://github.com/TryGhost/Team/issues/726

- When UpdateCheck service sends a notification with "type: 'alert'" an email goes out to admin users with the "message" content of the notification.
- This functionality is aimed to handling critical messages like urgent instance updates
- Next step will be getting as much of the update check code extracted into a "service" and then moved out of Ghost's codebase
2021-05-27 13:12:28 +04:00
Naz
a1556797b6 Refactored GhostMailer's send to current code standards
no issue

- While working on https://github.com/TryGhost/Team/issues/726 have questioned some of the options that were passed along to the `send` method. Documented findings and refactored the code slightly while touching it
2021-05-27 12:37:03 +04:00
Naz
3ca7b74987 Refactored update check to use async/await syntax
refs https://github.com/TryGhost/Team/issues/726

- These are minimal changes that I've done while reviewing the code inside the update-check module. There's more to come, only picked up the low-hanging fruit!
2021-05-27 12:37:03 +04:00
Daniel Lockyer
0bb3922eef
Updated Ghost-Admin to v4.6.2 2021-05-27 08:17:23 +01:00
Rishabh Garg
36803a4290
🐛 Fixed incorrect @price.currency value in themes (#12987)
closes https://github.com/TryGhost/Ghost/issues/12986
refs 1345268089

As part of changes in 4.6, the default price ids for monthly/yearly prices are stored in new settings - `members_monthly_price_id`, `members_yearly_price_id` - which are used to determine current active prices for the site from list of all existing prices. While the last commit updated the prices to use the settings, the data for currency was still used from non-zero prices instead of the new settings value.

- Updated tests to check price currency
2021-05-27 10:49:35 +05:30
Daniel Lockyer
7a20758ef6
Updated Ghost-Admin to v4.6.1 2021-05-26 18:46:08 +01:00
Rishabh Garg
1345268089
🐛 Fixed incorrect price data in themes (#12985)
closes https://github.com/TryGhost/Ghost/issues/12980
closes https://github.com/TryGhost/Team/issues/730

As part of changes in 4.6, the default price ids for monthly/yearly prices are stored in new settings - `members_monthly_price_id`, `members_yearly_price_id` - which are used to determine current active prices for the site from list of all existing prices. The `@price` helper was incorrectly still relying on the old logic for active monthly/yearly price using the first active price with matching nickname, and resulted in showing incorrect price data on the theme.

- Updated tests to check price data using settings value
2021-05-26 22:58:26 +05:30
Kevin Ansfield
5fe9036ecf Added sentry_dsn and sentry_env properties to /canary/site/
refs https://github.com/TryGhost/Team/issues/723

- enables Admin to report unhandled exceptions and API errors when configured
2021-05-26 16:54:04 +01:00
Rishabh Garg
367b1a509f 🐛 Fixed members list not loading (#12930)
refs https://github.com/TryGhost/Team/issues/660

In case stripe price for a subscription is missing in `stripe_prices` table, it will cause the API to load members list to fail with 500 as we try to serialize the stripe price on member subscription using empty object. This fixes the guard against populating price object for missing data in DB.

Note: This is only a short-term fix till we add a proper fix to cleanup the DB in the subsequent release.
2021-05-26 19:52:42 +05:30
Naz
1b26692430 Refactored update check to use async/await syntax
refs https://github.com/TryGhost/Team/issues/726

- These are minimal changes that I've done while reviewing the code inside the update-check module. There's more to come, only picked up the low-hanging fruit!
2021-05-26 16:06:06 +04:00
Naz
88564751f9 Removed duplicate update check error hanlindg
refs https://github.com/TryGhost/Team/issues/726

- Update check service is self contained and handles errors through logging internally. There is no visible upside to do the same logging in multiple places
2021-05-26 15:52:24 +04:00
Kevin Ansfield
3b366dc55d
Fixed max-api-complexity linting warnings for site and config APIs (#12982)
no issue

- moved `config` and `site` API output generation to a `public-config` service allowing all API versions to use `publicConfig.config` or `publicConfig.site` in their query methods
- updated `config` and `site` API output serializers to use an allow-list that limits the data returned for each API version
2021-05-26 12:10:19 +01:00
Naz
d67ee68b0d Fixed initialization logic in post scheduler
refs e370d33378

- The initialization logic was simplified and not refactored in all placed during the refed change
2021-05-26 10:44:11 +04:00
Kevin Ansfield
c2793eedd3 Fixed no-restricted-require warning for core/shared/url-utils.js
no issue

Our server-defined `mobiledoc` object was required by `UrlUtils.cardTransformers` property to help set up a shortcut for url transform functions but that was breaking the independence of `UrlUtils` by crossing the shared/server boundary.

- `cardTransformers` is only needed for the `mobiledocToTransformReady` utility function that will only be used by the server
- removed `UrlUtils.cardTransformers` (and associated require) from our `UrlUtils` instance and updated the few areas the server uses `mobiledocToTransformReady()` to pass in the mobiledoc card objects directly as an option
2021-05-25 21:13:57 +01:00
Naz
e370d33378 Refactored scheduling index files into class/initializer pattern
refs https://github.com/TryGhost/Team/issues/694

- This refactor is not ideal but moves us closer to the desired form of class with injectable (and testable) parameters. Allowed to refactor the test slightly so at least we can check if schedulerd  subscribed events work and if they trigger the adapter with correct data
- Ideally the api/model calls shoudl be abstracted away as well, but that's for another time
- Also got rid of completely pointless "adapters/scheduling" unit test. All it was checking was if the "init" method was called int the passe in object
2021-05-25 22:32:41 +04:00
Daniel Lockyer
c38c0d1a93
Updated Ghost-Admin to v4.6.0 2021-05-25 15:11:56 +01:00
Naz
1ec44431b1 Simplified scheduling-auth-token module's interface
refs https://github.com/TryGhost/Team/issues/694

- Only passing necessary data into the module simplifies it's interface and allows to decouple it further from model layer dependencies
- Note, also verified and corrected the return type of the auth token creating method
2021-05-24 17:34:36 +04:00
Naz
90e5af12ae Refactored post scheduler to use async/await syntax
refs https://github.com/TryGhost/Team/issues/694

- This should allow to reason about what's happening inside the module a little easier
2021-05-24 17:34:36 +04:00
Naz
00f6c76d1f Extracted scheduling integration fetching into separate module
refs https://github.com/TryGhost/Team/issues/694

- This is a tiny step towards more decoupled scheduler's code organization
- Similar to previous commit, it's just code extraction
- Next steps will be injecting these modules as "init"  function depencency" so we can test scheduling behavior in isolation
2021-05-24 17:34:36 +04:00
Naz
33696b8244 Extracted scheduling token generation into separate module
refs https://github.com/TryGhost/Team/issues/694

- This is a tiny step towards more decoupled scheduler's code organization
2021-05-24 17:34:36 +04:00
Fabien O'Carroll
f4c40249ce Fixed members auth middleware
no-issue

The JWT library we used does not throw an error which can be used by
Ghost. So we need to catch and wrap it in our own errors from
@tryghost/errors.
2021-05-24 11:28:15 +01:00
Fabien O'Carroll
730811fb6e Handled week & day interval in population of mrr events
refs https://github.com/TryGhost/Team/issues/635

This is to ensure we don't break migrations for any sites which have
imported external subscriptions which have an interval of 'week' or
'day'

The bump to members-api includes the handling of these intervals for
ongoing population of mrr events
2021-05-21 17:57:17 +01:00
Naz
459e8215b9 Split data exporter's index file into separate module
refs https://github.com/TryGhost/Team/issues/610

- This is a next step removing bloat from export module's index.js file, which get's rid of eslisn error completely
2021-05-21 19:13:55 +04:00
Naz
79439bdac5 Extracted table allowlists into a separate module
refs https://github.com/TryGhost/Team/issues/610

- Before introducing a new test for the refed issue doing a linting cleanup. The result will be removing one of `File has too many lines ` lint warnings
2021-05-21 19:13:55 +04:00
Thibaut Patel
1d5c8ccf2b Fix the OAuth callback
https://github.com/TryGhost/Team/issues/614

By binding the user session to the Ghost instance domain
2021-05-21 10:50:03 +02:00
Thibaut Patel
55a0c69451 Added the customThemes limits to all api versions
https://github.com/TryGhost/Team/issues/663
2021-05-21 09:56:22 +02:00