Commit Graph

310 Commits

Author SHA1 Message Date
Simon Backx
78405a9cb8
Corrected image CORS (#17119)
refs
018f97e679
2023-06-23 14:33:00 +02:00
Michael Barrett
6f5baca849
Add endpoint to record mail events (#16990)
refs https://github.com/TryGhost/Team/issues/3319
2023-06-23 12:22:01 +01:00
Daniel Lockyer
08e2fbeacb Removed Bluebird from tests
refs https://github.com/TryGhost/Ghost/issues/14882

- we're moving away from using Bluebird in favor of native Promises, so
  this commit removes nearly all instances from tests
2023-06-23 10:03:03 +02:00
Simon Backx
8d6fb51908 Added Playwright tests to comments-ui
refs https://github.com/TryGhost/Team/issues/3504

Not complete yet, but contains the basic structure and a few tests that work and should run in CI.
2023-06-22 15:06:13 +02:00
Hannah Wolfe
6161f94910
Updated to use assert/strict everywhere (#17047)
refs: https://github.com/TryGhost/Toolbox/issues/595

We're rolling out new rules around the node assert library, the first of which is enforcing the use of assert/strict. This means we don't need to use the strict version of methods, as the standard version will work that way by default.

This caught some gotchas in our existing usage of assert where the lack of strict mode had unexpected results:
- Url matching needs to be done on `url.href` see aa58b354a4
- Null and undefined are not the same thing,  there were a few cases of this being confused
- Particularly questionable changes in [PostExporter tests](c1a468744b) tracked [here](https://github.com/TryGhost/Team/issues/3505).
- A typo see eaac9c293a

Moving forward, using assert strict should help us to catch unexpected behaviour, particularly around nulls and undefineds during implementation.
2023-06-21 09:56:59 +01:00
Ronald Langeveld
cfbc97b033
🐛 Fixed revisions relation not linked to Posts api (#17037)
no issue

This was a bit of an oversight from our feature built at the retreat. We
didn't take revisions into account for pages at all, but luckily it made
revisions without issues regardless.
It just wasn't accessible and users weren't able to restore via ADMIN
because the API didn't serve them at all.

This wires up the revisions relation to be served by the API so we can
retrieve it in Admin.
2023-06-16 09:49:12 +02:00
Aileen Booker
d27bb8f075 Added new Stripe events to DomainEventsAnalytics
no issue

- We need to send information about Stripe being enabled or disabled in live mode to analytics
- This hooks up the Domain events listeners in the analytics service and processes this information accordingly
2023-06-14 08:18:19 -04:00
Daniel Lockyer
af8c0dc7a5 Prevented registering multiple Slack event listeners
refs https://github.com/TryGhost/Toolbox/issues/592

- in tests, we boot Ghost over and over
- this inits all the services each time
- it turns out that the Slack event listener is registered 80+ times
- to prevent this, we can check if it has already been registered, like
  we do with webhooks: 4639396c3a/ghost/core/core/server/services/webhooks/listen.js (L67-L69)
- not sure about this pattern in general, but it's something we can
  review in coming weeks
2023-06-12 15:04:11 +02:00
Naz
05bb82cf1a Added collections CRUD permissions
refs https://github.com/TryGhost/Team/issues/3220

- Added permissions for collection resources
2023-06-09 21:13:06 +07:00
Michael Barrett
9da246ac84
Enforce explicit cacheInvalidate header (#16826)
refs https://github.com/TryGhost/Team/issues/3005
2023-06-07 15:13:45 +01:00
Fabien 'egg' O'Carroll
92172aca8e
Wired up collections to posts endpoint (#16945)
- Added support for `include=collections` to the Posts Admin API behind a flag
- Refactored some of the collections work to support it
2023-06-07 15:06:15 +02:00
Aileen Booker
9372124d61 Decouple sentry from analytics events handlers by expecting general exception handler
no issue

- The class should not rely on being passed a specific dependency, but rather needs to communicate with types what structure and method it needs to function correctly.
- Replaced the specific dependency to `sentry` with a generic definition of what is expected.
2023-06-07 09:00:49 -04:00
Aileen Booker
5db1950090 Added tests ModelEventsAnalytics
no issue

- Added full unit tests for `ModelEventsAnalytics` class
2023-06-07 09:00:49 -04:00
Aileen Booker
6efc1cce82 Added JSDoc types and inject more deps for DomainEventsAnalytics
no issue
2023-06-07 09:00:49 -04:00
Aileen Booker
591ca2c9bf Added first test structure for ModelEventsAnalytics
no issue

- The added `ModelEventsAnalytics` class didn't have tests before the refactor. Added unit tests to verify functionality.
2023-06-07 09:00:49 -04:00
Aileen Booker
9b27804276 Added tests for DomainEventsAnalytics
no issue

- Added unit tests for newly added `DomainEventsAnalytics` class to verify intended functionality
2023-06-07 09:00:49 -04:00
Aileen Booker
2c4d9e2776 First pass on adding domainevents to segment service
no issue

- In order to listen to `DomainEvents` for `MilestoneCreatedEvents` we need to add a `DomainEvents` listener and handler to the Segment analytics service.
- For better readability and to be more consistent with how code is currently written in Ghost, I refactored the service index file and split the two types of event listener into separate classes which is much cleaner and easier to test.
2023-06-07 09:00:49 -04:00
Rishabh Garg
5c209abdc0
Updated default value for image editor integration setting (#16897)
refs https://github.com/TryGhost/Team/issues/3145

Updates pintura integration to be switched on by default for all sites by adding a migration to update the default value for the setting.
2023-06-06 18:15:01 +05:30
Naz
bdbd9327d9
Added built-in automatic featured collection
refs https://github.com/TryGhost/Team/issues/3376

- When the Ghost instance is initialized it has to have a set of built-in collections. With these changes Ghost starts with a "featured posts" collection - available to be used right away.
2023-06-06 12:41:37 +07:00
Naz
87df8754ee Moved bookshelf posts repository to core
refs https://github.com/TryGhost/Team/issues/3260

- Moved the posts bookshelf repository into core codebase where it should belong.
2023-05-31 22:55:35 +07:00
Michael Barrett
cde30eb469
🐛 Fixed issue where single letter product slugs cause 500 error (#16821)
refs https://github.com/TryGhost/Team/issues/3224

When a product has a slug that is a single letter, checking if a user
had access to view a post associated with that product would cause a 500
error. The underlying cause of this issue is
https://github.com/TryGhost/NQL/issues/20 This fix circumvents this
issue by providing a value that the nql lexer will not error out on
2023-05-18 09:38:30 +01:00
Benjamin Rancourt
5841f30d30
🐛 Fixed trailing slash and space in HTML metadata elements (#16778) 2023-05-17 08:51:32 +02:00
Michael Barrett
59fe794b0c
Implemented duplicate post functionality (#16767)
refs: https://github.com/TryGhost/Team/issues/3139 https://github.com/TryGhost/Team/issues/3140

- Added duplicate post functionality to post list context menu
  - Currently only a single post can be duplicated at a time
  - Currently only enabled via the `Making it rain` flag
- Added admin API endpoint to copy a post - `POST ghost/api/admin/posts/<post_id>/copy/`
- Added admin API endpoint to copy a page - `POST ghost/api/admin/pages/<page_id>/copy/`
2023-05-15 09:30:32 +01:00
Fabien "egg" O'Carroll
08597b47ba Added unit test for TiersRepository
We were completely missing tests for this, and the new logic pushed us under
the coverage threshold.
2023-05-12 16:38:32 -04:00
Fabien "egg" O'Carroll
6ab862568c Used TierRepository in serializers
We want to cache access to Tiers, and it's easier to do that in the
TierRepository. So we update a heavy user of Tiers to use the Tier
service so it can take adv of caching. The serializers are a big
offender for making calls to fetch Tiers.
2023-05-12 16:38:32 -04:00
Deepam Kapur
3a39aa361b
🐛 Fixed generating card assets with include allowlist (#16766)
fixes https://github.com/TryGhost/Ghost/issues/16652

- we need `@` keyword before '(' according to the globrex package used in tiny-glob
2023-05-11 14:20:35 +02:00
Fabien "egg" O'Carroll
104f84f252 Added eslint rule for file naming convention
As discussed with the product team we want to enforce kebab-case file names for
all files, with the exception of files which export a single class, in which
case they should be PascalCase and reflect the class which they export.

This will help find classes faster, and should push better naming for them too.

Some files and packages have been excluded from this linting, specifically when
a library or framework depends on the naming of a file for the functionality
e.g. Ember, knex-migrator, adapter-manager
2023-05-09 12:34:34 -04:00
Fabien "egg" O'Carroll
bbdbcd02ef Added columns to store feature image metadata for revision
We need this to correctly display the difference with feature images and to
restore them.
2023-04-21 15:25:11 +01:00
Ronald Langeveld
3cf6800e3e
Added post-status and reason col to post_revisions (#16693)
refs https://github.com/TryGhost/Team/issues/3099

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 83140b5</samp>

This pull request adds a new column `post_status` to the
`post_revisions` table to store the status of the post revision. It also
updates the schema definition, the migration file, and the integrity
test to reflect the new column.
2023-04-21 12:32:35 +01:00
Fabien 'egg' O'Carroll
169a56d1bb
Added feature_image to post_revisions (#16695)
This will allow us to store historical data for feature images so we can
diff and restore them
2023-04-21 12:02:04 +01:00
Naz
c21f136834 Corrected announcement_visibility setting type
refs https://github.com/TryGhost/Ghost/pull/14264

- With a requirement change we need to transform `announcement_visibility` setting to be an "array" instead of a "string". Array structure will allow us to hold multiple filters at once giving more coverage to the audience targetting usecases.
- Example filter variations we'll support are:
[ ] Logged out visitors
[ ] Members
[ ] Free members
[ ] Paid members
2023-04-21 10:18:50 +02:00
Rishabh Garg
bd127eae6d
Added new settings for pintura editor integration (#16682)
refs https://github.com/TryGhost/Team/issues/3034

- adds 3 new settings for managing pintura image editor integration in
admin
- `pintura` setting controls the enabling of the feature
- `pintura_css_url` is used to store path to pintura css file uploaded
on integration page
- `pintura_js_url` is used to store path to pintura js file uploaded on
integration page
2023-04-20 19:19:56 +05:30
Elena Baidakova
4c4e5a9c95 Hide announcement bar script if announcement_content is empty
refs TryGhost/Team#3009
2023-04-20 14:05:37 +04:00
naz
865df1e143
Added announcement fields to settings table (#16654)
refs https://github.com/TryGhost/Team/issues/3011

- This is a data structure needed to support Announcement Bar feature -
allows to create custom site-wide announcements tailored to the
audience.
- The `announcement_content` is meant to hold displayed HTML content of
the announcement and will be exposed through unauthenticated Content
Site API

- The `announcement_visibility` sets the target audience to display the
Announcement Bart to:
  - `public` - Everyone
  - `visitors` - Logged out visitors only
  - `members` - Members only
  - `paid` - Paid members only

- The `announcement_background` sets the CSS class that should be
applied to the Announcement Bar. and will be exposed through
unauthenticated Content Site API. Three styles are available:
  - `accent` - matches the color of the site accent
  - `dark` - dark style
  - `light` - light style
2023-04-19 14:25:25 +02:00
Chris Raible
0130c9f553
Renamed foreign key constraint in migration v5.45 (#16664)
- the autogenerated constraint name was too long for MySQL, yielding the
error below (although it seems to be fine for sqlite)
- this change adds an explicit, shorthand name for the constraint to
stay under the limit on MySQL8

Error: alter table `post_revisions` add constraint
`post_revisions_author_id_foreign` foreign key (`author_id`) references
`users` (`id`), algorithm=copy - Specified key was too long; max key
length is 3072 bytes
2023-04-18 15:02:13 +01:00
Michael Barrett
75e6ce261c
Added author & title to post revisions (#16649)
no issue

Added `created_by` and `title` columns to `post_revisions` table
2023-04-18 11:47:57 +01:00
Chris Raible
4c893e5a63
Added post_revisions to posts endpoint as an include option (#16648)
no issue

- with this change, you can access a post's lexical revisions via the
api (e.g. `/posts/:id/?include=post_revisions`)

> _We are the post revisions, we won't be erased_
> _We rise from the ashes of the mobiledoc waste_
> _We join the API response, we claim our rightful place_
> _We are the post revisions, we show the truth of your face_
2023-04-17 13:46:27 +01:00
Elena Baidakova
7f184d2451
Added support for filtering snippets to mobiledoc/lexical (#16636)
refs TryGhost/Team#2904


<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at b3f5423</samp>

This pull request adds support for multiple formats of snippet content,
especially the `lexical` format, to the Ghost CMS. It modifies the
snippets API, model, and test files to handle the format conversion,
filtering, and serialization of snippets.
2023-04-17 10:54:08 +04:00
Elena Baidakova
eaf6e3c7e5
Added lexical column to snippets table (#16632)
refs TryGhost/Team#2904

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 04a6b06</samp>

This pull request adds a new `lexical` column to the `snippets` table to
store lexical information for snippets. It includes a migration script,
a schema update, and a schema hash update.
2023-04-14 13:18:41 +04:00
Ghost CI
7b6805580c Merged v5.42.1 into main 2023-04-07 08:51:06 +01:00
Daniel Lockyer
378dd913aa
🔒 Fixed path traversal issue in theme files
refs https://github.com/TryGhost/Team/issues/2843

- Using encoded path traversal characters in URL's path allowed to fetch
  any file within active theme's folder, which is disallowed
- credits to: fuomag9 https://kiwi.fuo.fi/@fuomag9
2023-04-07 09:45:59 +02:00
naz
70ae3efd5c
Update email mock receive (#16578)
refs TryGhost/Team#2691

- The bump adds possibility to make email's html/text snapshots with dynamic content. The breaking change here is with separate "matchPlaintextSnapshot" method extracted out of "matchMetadataSnapshot" to handle dynamic content in "text" part of the sent email.
2023-04-06 17:24:23 +02:00
Rishabh
ace4d17b3e Updated unit tests for frontend member data 2023-04-04 23:51:45 +05:30
Simon Backx
d0042b550a
Fixed redirecting back to account home after sign in in Portal (#16487)
refs https://github.com/TryGhost/Team/issues/2674

When going to /#/portal/account when not signed in, you are redirected
to the login page. But once signed in, you aren't redirected back to the
account page. This fixes this issue by adding an extra and optional
redirect parameter when requesting a magic token via email.

This new parameter allows to override the default behaviour of using the
Referer HTTP header, which doesn't include the hash/fragment part of the
URL.

The referrer is already restricted to only allow redirects to the site,
not external URLs.
2023-04-04 18:07:37 +02:00
Simon Backx
e13f052af8
Added Portal signup terms settings and migration (#16545)
fixes https://github.com/TryGhost/Team/issues/2885 
fixes https://github.com/TryGhost/Team/issues/2896 
fixes https://github.com/TryGhost/Team/issues/2877

This change adds the new portal_signup_terms_html setting and
portal_signup_checkbox_required setting and the corresponding migration.
2023-04-04 10:04:12 +02:00
Simon Backx
bef310cb2a Readded failing test
no issue

Test was failing and removed temporarily.
2023-04-03 11:35:40 +02:00
Simon Backx
33237c4df7 Added newsletter auto border color and dynamic color picker
fixes https://github.com/TryGhost/Team/issues/2879
fixes https://github.com/TryGhost/Team/issues/2880

- Replaced black border color with 'auto' based on background color.
- When a color is 'auto', the color that are visible in the UI (color pciker) will be dynamic based on the background color.
2023-04-03 11:27:57 +02:00
Daniel Lockyer
5cd67f83ea Added i18n labs flag
- this adds the labs flag and scaffolding to wire it into Ghost + Portal
2023-03-30 18:15:57 +02:00
Simon Backx
59f94e552a
Added newsletter color columns (#16506)
fixes https://github.com/TryGhost/Team/issues/2825

Adds 3 new columns to the newsletters table to allow more customisation:
- background_color, default to 'light'
- border_color, nullable, null = no border
- title_color, nullable, null = auto
2023-03-28 11:38:43 +02:00
Naz
fe4e9897fc
Added migration for Self-Serve Integration permissions
refs https://github.com/TryGhost/Team/issues/2790

- This migration adds permissions for Self-Serve Migration Integration to have access to Admin APIs:

POST /ghost/api/admin/db
POST /ghost/api/admin/db/media/inline
POST /ghost/api/admin/members/upload
GET  /ghost/api/admin/tags/:id
GET  /ghost/api/admin/tags/slug/:slug
2023-03-24 11:31:25 +01:00