Commit Graph

12802 Commits

Author SHA1 Message Date
Rishabh Garg
5da4ae90b2
Added cascade delete for stripe products and prices (#12891)
refs https://github.com/TryGhost/Team/issues/586

If a product inside Ghost is deleted, we want to cascade delete all associated Stripe products and prices as they always need to refer back to a ghost product and will hang without any reason otherwise. This change adds cascade delete for products -> stripe_products -> stripe_prices to avoid broken states
2021-04-20 15:24:52 +05:30
Hannah Wolfe
bf0823c9a2 Moved hbs engine into new theme engine service
- This is the beginning of splitting up the theme service into:
   - Storage components used by the API (should be a server service)
   - Theme engine & rendering components used by the frontend (this new engine service)
   - The code to activate a theme which is shared code where the API & frontend need to communicate
- This is needed because currently the frontend theme service is required and used by the API, creating tight coupling.
- In my quest to truly separate the API and frontend, this is one of many battles that needs winning
2021-04-19 20:03:30 +01:00
Hannah Wolfe
08fbcf1d90 Used themeService as var name everywhere 2021-04-19 19:41:13 +01:00
Kevin Ansfield
5c41c67ffc Set @labs.members to false when members_signup_acess == 'none'
refs https://github.com/TryGhost/Team/issues/579

- setting `members_signup_access` to `'none'` effectively disables all built-in members functions on the front-end so setting `@labs.members` to `false` allows themes to react accordingly
- `@labs.members` keeps backwards compatibility with pre-4.0 versions where themes were using it to toggle member-related functionality
2021-04-19 18:28:51 +01:00
Kevin Ansfield
4a8352c418 Disabled portal and stripe in {{ghost_head}} when signup access is none
refs https://github.com/TryGhost/Team/issues/579

- skips insertion of members-related scripts and styles when `members_signup_access` setting is set to `'none'`
- adds `id="gh-members-styles"` to the inserted style script tag for reference in tests and JS
2021-04-19 17:27:37 +01:00
Kevin Ansfield
fff6a04c54
Migrated members_allow_free_signup setting to members_signup_access (#12886)
refs https://github.com/TryGhost/Team/issues/579

Currently the members signup setting is explicitly yes/no to allowing free members signup, with the implication that when set to "no" members is still active but members have to be created via Stripe or the admin API.

This change renames the setting and changes its type to allow more than a binary option.

- migration to create/update the new setting based on the old value
  - free signup = "all", no free signup = "invite"; matches the current UI for this setting
- rename setting everywhere it's used/tested against
- modify `getAllowSelfSignup()` used to configure members packages to only return `true` when the new setting is set to `'all'` to match behaviour to the older setting
- update importer to rename the setting when importing from an older Ghost version
2021-04-19 16:36:30 +01:00
Renovate Bot
5fedb44e0b Update dependency @nexes/nql to v0.5.2 2021-04-19 15:32:22 +01:00
Daniel Lockyer
3421269ee7 Updated tmp dependency to v0.2.1
no issue

- `tmp` 0.1.0 was broken and I added `tmp` to the Renovate ignore list
  to stop it creating PRs - 082160106a
- 0.2.1 is fixed again so we can merge the update and remove it from the
  list
2021-04-19 15:13:55 +01:00
Daniel Lockyer
2fbbf9999d Bumped selected dependencies to unpin sub-dependencies
no issue

- we've been unpinning dependencies in our libraries to remove
  duplicates
- this commit bumps packages from the Utils repo and NQL, all of which
  contain changes to unpin their own dependencies
2021-04-19 11:07:11 +01:00
Renovate Bot
a789e05af4
Update dependency gscan to v4.0.2 2021-04-16 16:49:09 +00:00
Daniel Lockyer
ea4b1a6ebf
Merged v4.2.2 into main
v4.2.2
2021-04-16 17:46:14 +01:00
Daniel Lockyer
452ab7ebe6
v4.2.2 2021-04-16 17:44:15 +01:00
Daniel Lockyer
d57b9552bb
Updated Ghost-Admin to v4.2.2 2021-04-16 17:44:15 +01:00
Thibaut Patel
714bbceed9
🔒 Added a way to hide the secret settings once they are set
issue https://github.com/TryGhost/Team/issues/621
2021-04-16 17:20:33 +01:00
Thibaut Patel
92b96a152c Fixed the previous commit
commit 375c71fc6a
2021-04-16 18:05:13 +02:00
Thibaut Patel
375c71fc6a 🔒 Added a way to hide the secret settings once they are set
issue https://github.com/TryGhost/Team/issues/621
2021-04-16 17:05:16 +02:00
Renovate Bot
a7db331f57
Update dependency ghost-ignition to v4.6.2 2021-04-16 13:05:00 +00:00
Daniel Lockyer
41000f4653
Updated selected Utils packages to unpin dependencies
no issue

- I recently unpinned dependencies in the Utils monorepo so we can avoid
  multiple versions of the same package
- this commit bumps all the packages that I published, that do not have
  other changes. Other team members should merge these
2021-04-16 13:59:15 +01:00
Hannah Wolfe
fafbc8ef0a Added Caddyfile to .gitignore
- Allows for using caddy locally for development and testing with ssl
2021-04-16 12:32:37 +01:00
Renovate Bot
54644e2840 Update dependency @tryghost/html-to-mobiledoc to v0.7.14 2021-04-16 10:49:57 +01:00
Renovate Bot
f4a129b7a9
Update dependency express-hbs to v2.3.5 2021-04-16 09:01:28 +00:00
Daniel Lockyer
d01d8988e2 Updated tests to reflect jwks-rsa v2 changes
refs https://github.com/auth0/node-jwks-rsa/blob/master/CHANGELOG.md#200---2021-03-01

- `jwks-rsa` switches from callbacks to async-await and so we need to
  change the tests to reflect this
- this commit moves from `getSigningKey` containing a callback to it
  being part of the async-await flow
2021-04-16 09:58:47 +01:00
Renovate Bot
7c7f46cbf1 Update dependency jwks-rsa to v2 2021-04-16 09:58:47 +01:00
naz
d964224312
Added settings keys to store OAuth related data (#12879)
refs https://github.com/TryGhost/Team/issues/618

- The `oauth_client_id` and `oauth_client_secret` are placeholders to store OAuths related data.
- The flag for `oauth_enabled` or anything along those lines was not added intentionally in favour of checking if the `oauth_client_id` & `oauth_client_secret` are null.
2021-04-16 10:02:21 +02:00
Renovate Bot
8fbcf26d08 Update dependency @tryghost/helpers to v1.1.42 2021-04-15 16:59:26 +01:00
Renovate Bot
43afc8020d Update dependency @tryghost/session-service to v0.1.19 2021-04-15 16:39:44 +01:00
Renovate Bot
44e7df59f3
Update dependency knex-migrator to v4.0.3 2021-04-15 15:06:28 +00:00
Renovate Bot
8f60bc0a57 Update dependency sqlite3 to v5 2021-04-15 16:03:39 +01:00
Renovate Bot
741fceeef4 Update dependency cssnano to v5 2021-04-15 14:41:55 +01:00
renovate[bot]
006a8a4a7c
Update dependency @tryghost/kg-card-factory to v2.2.2 (#12874)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 14:35:16 +01:00
Fabien 'egg' O'Carroll
22924c62d4
Added permissions for the Products resource (#12875)
refs https://github.com/TryGhost/Team/issues/616

All roles which can publish posts should be able to read/browse products, as content gating
will be based on products going forward.

Creating, updating & destroying products will often make modifications to Stripe which requires
Administrator or Owner roles.

We also improve the permissions tests so that we no longer rely on things being in a particular
order.
2021-04-15 14:34:45 +01:00
Renovate Bot
cc9dd4e414 Update dependency @tryghost/html-to-mobiledoc to v0.7.13 2021-04-15 14:12:27 +01:00
Renovate Bot
95f5a51cef
Update dependency js-yaml to v4.1.0 2021-04-14 21:51:55 +00:00
Fabien 'egg' O'Carroll
4fe417bcab
Added Product, StripeProduct & StripePrice relations (#12877)
refs https://github.com/TryGhost/Team/issues/586

We have to use `belongsToMany` because of the way bookshelf relations
work. In reality the relationship is 'hasMany', e.g. a Product has many
Stripe Prices.

These relations are the minimal needed to satisfy the following
relationships without transforming the results. (e.g. flattening the
StripePrices from a list of StripeProducts for a Product)

Product -> StripeProduct:       product.related('stripeProducts')
StripeProduct -> StripePrice:   stripeProduct.related('stripePrices');
Product -> StripePrice:         product.related('stripePrices');
StripePrice -> Product:         stripePrice.related('stripeProduct.product');
2021-04-14 19:20:39 +01:00
Daniel Lockyer
4be4af9c18
Reverted "Update dependency grunt-contrib-compress to v2"
- this reverts commit 1962fb6140
- I accidentally merged this thinking we were all good, but it turns out
  it needs Node >= 10.16, which we can't do until we drop Node 10 on
  April 20th 2021
- this is soon, but for now we need to revert
2021-04-14 15:13:05 +01:00
Renovate Bot
1962fb6140 Update dependency grunt-contrib-compress to v2 2021-04-14 14:50:17 +01:00
Renovate Bot
22ec756759 Update dependency @tryghost/mw-session-from-token to v0.1.18 2021-04-14 14:34:56 +01:00
Renovate Bot
25a1022292 Update dependency @tryghost/adapter-manager to v0.2.11 2021-04-14 14:32:20 +01:00
Renovate Bot
5cdbf046a5 Update dependency @tryghost/security to v0.2.7 2021-04-14 14:32:11 +01:00
Renovate Bot
519fbfcb2d Update dependency @tryghost/bootstrap-socket to v0.2.8 2021-04-14 14:32:00 +01:00
Renovate Bot
61ab968eb9 Update dependency @tryghost/zip to v1.1.11 2021-04-14 14:31:34 +01:00
Renovate Bot
d42af36234 Update dependency @tryghost/job-manager to v0.8.3 2021-04-14 12:07:49 +01:00
Renovate Bot
bd4a4f7b11 Update dependency @lodder/grunt-postcss to v3.0.1 2021-04-14 12:06:34 +01:00
Renovate Bot
17e3f833a8 Update dependency @tryghost/constants to v0.1.7 2021-04-14 11:03:42 +01:00
Renovate Bot
cf14d86e95 Update dependency @tryghost/errors to v0.2.10 2021-04-14 11:03:35 +01:00
Renovate Bot
33c44edb59 Update dependency @tryghost/vhost-middleware to v1.0.14 2021-04-14 11:03:12 +01:00
Renovate Bot
7b46d08291 Update dependency @tryghost/social-urls to v0.1.22 2021-04-14 11:03:04 +01:00
Renovate Bot
305ccdb2bd Update dependency @tryghost/promise to v0.1.7 2021-04-14 11:02:44 +01:00
Daniel Lockyer
7abf7f6068
Merged v4.2.1 into main
v4.2.1
2021-04-13 16:26:03 +01:00
Daniel Lockyer
7969859bc7
v4.2.1 2021-04-13 16:23:48 +01:00