Commit Graph

1496 Commits

Author SHA1 Message Date
Simon Backx
ad349bb3a5
Removed GA feature flags (#14915)
refs https://github.com/TryGhost/Team/issues/1616

- Removed all GA feature flags
- Removed `tweetGridCard` alpha flag
- Changes to `members-api` and `members-importer` packages: https://github.com/TryGhost/Members/compare/%40tryghost/members-api%408.1.1...%40tryghost/members-api%408.1.2
2022-05-26 09:54:30 +02:00
Naz
939496487d Removed subscriber-related webhook fixtures
refs https://github.com/TryGhost/Toolbox/issues/308
refs 0f5c22a38d

- There is no concept of "subscriber" in the codebase any longer. Keeping removed webhooks around does not make sense
2022-05-26 14:45:36 +08:00
Fabien 'egg' O'Carroll
4217e2571f
Included monthly_price,yearly_price&benefits defaults for Content API (#14912)
We have to update the output serializer to only clean includes for the
Admin API, so that these includes aren't stripped for not being in the
original include query param.

This also rejigs the other Content API only logic to sit together in
the input serializer.
2022-05-24 16:38:25 +01:00
Simon Backx
c052652559
Updated settings API to return all settings in edit endpoint (#14889)
refs https://github.com/TryGhost/Team/issues/1650

Since we introduced calculated settings, we need to return all settings when editing a setting, because those calculated settings can change.

- When editing settings, return all the settings. Previously we didn't include the calculated settings (which caused issues with admin not having up to date values for those)
- Updated Stripe <head> script to be injected based on the calculated settings

Required for https://github.com/TryGhost/Admin/pull/2405
2022-05-24 16:42:15 +02:00
Hannah Wolfe
cdb365c29d Fixed minor weirdnesses with excerpts
- remove HRs ---- and blockquote > symbols from excerpts
- we want the excerpt to not contain "markdown-like" symbols, but just be plaintext
2022-05-24 12:35:59 +01:00
naz
6cc0c2b76b
🐛 Fixed signing key identificaiton in JWKs
refs https://github.com/TryGhost/Team/issues/1640

- The signing key returned by `GET /ghost/.well-known/jwks.json` was missing an OPTIONAL `use: "sig"` attribute needed to identify it as a signing key in client libraries. E.g. pyton lib: "pyjwt" or node lib: "jwks-client"
- More about the "use" attribute at RFC7515 - https://www.rfc-editor.org/rfc/rfc7515#section-4.1.4
2022-05-24 12:20:30 +01:00
Naz
72479a152f Added basic e2e test for Members API .well-known endpoint
refs https://github.com/TryGhost/Team/issues/1640
refs https://github.com/TryGhost/Members/pull/401

- Adds basic test coverage for the `GET /members/.well-known/jwks.json` endpoint
- Next the test should be expanded with the JWT verification to check if the returned format is usable by mainstream client libraries
2022-05-24 10:27:46 +08:00
Hannah Wolfe
8dd009ffa0
🐛 Fixed member exports timing out for large sites (#14876) (#14878)
refs TryGhost/Team#1641

This commit adds a custom query for the members export, to improve the performance and to prevent any timeouts from happening when exporting large amounts of members.

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Matt Hanley <git@matthanley.co.uk>
2022-05-20 21:25:23 +01:00
Matt Hanley
eae0a6a3b9
Added products and Stripe data to exports and imports (#14873)
- The migration path from 4.x on SQLite to 5.0 on MySQL requires an export/import
- Exports don't include the Stripe info required to map members to tiers correctly on import. This change fixes that.

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-20 21:13:58 +01:00
Hannah Wolfe
d6d6841186
Added benefits, offers and snippets to exporter
- These are more things that we should write an importer for
2022-05-20 20:30:55 +01:00
Matt Hanley
3471f6cca0
Updated tests 2022-05-20 20:30:55 +01:00
Simon Backx
419fa24f27
Fixed bulk unsubscribe counts (#14871)
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029

- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- Updates members-api to 8.1.0, which uses this new option to delete newsletter relations by member_id instead of the id of the relation (which allows us to fetch the number of successfully/failed member deletes) Changes: https://github.com/TryGhost/Members/pull/400
- Added tests for bulk unsubscribe and bulk delete labels (because they both use the updated bulkDestroy method)
2022-05-20 13:40:55 +02:00
Naz
fd8ce6a5bf Covered well-known endpoint with e2e test
refs https://github.com/TryGhost/Team/issues/1640

- There was no coverage. Now there is :)
2022-05-20 13:18:26 +08:00
Naz
a18469a3be Added root Ghost server/API test agent
refs https://github.com/TryGhost/Team/issues/1640

- Some tests require making request to the root of the mounted server path like `GET /ghost/.well-known/jwks.json`. These are not stricly APIs like Admin, Content, and Members. They do need a separate agent to distinguish the configuration - for this agetn we can stop loading some parts like "server" in the future to speed things up (didn't work straight out of the box)
2022-05-20 13:17:00 +08:00
Simon Backx
def8f83894
Fixed missing products in members export (#14867)
refs https://github.com/TryGhost/Team/issues/1642

- Updated `members-csv` (dependency via `members-importer`, shouldn't this be a separate dependency too?)  package to use the `tiers` field instead of the (removed) products field.
- Added basic test to see if products and labels are returned in the csv.
2022-05-19 18:26:29 +02:00
Naz
c3d38a9144 Updated test suites to play nicely with 5.0
refs https://github.com/TryGhost/Toolbox/issues/335

- When eventually the major will be bumped next week the returned version will become `5.0.0` which changes the `content-length` header in all of the responses using the version from package.json
- The version number is dynamic, so it's expected the content-length to float as minor and patch versions fluctuate in 1-2 digit numbers. For lon-term easy maintenance it's best to set the content-length to any number (or maybe some sort of floating range in the future?)
2022-05-19 14:19:48 +08:00
Naz
d2e9a98846 Updated version test suite to play nicely with 5.0
refs https://github.com/TryGhost/Toolbox/issues/335

- When eventually the major will be bumped next week the returned version will become `5.0.0` which changes the `content-length` header in all of the responses using the version from package.json
- The version number is dynamic, so it's expected the content-length to float as minor and patch versions fluctuate in 1-2 digit numbers. For lon-term easy maintenance it's best to set the content-length to any number (or maybe some sort of floating range in the future?)
2022-05-19 13:27:40 +08:00
Naz
f97b141a3a Added "anyContentVersion" and anyContentVersion matchers to e2e framework
refs https://github.com/TryGhost/Toolbox/issues/335

- Similarly to `anyEtag` pattern for `etag` headers there's a need to match dynamic content-length and content-version headers.
- The `anyContentLength` is the same as `anyStringNumber` matcher, created a separate one to show the intention over a function when reading the code (maybe we could introduce something like floating number range matcher in the future to be more precise in situations where we expect the content-length to float in +-2 length range)
2022-05-19 13:19:05 +08:00
Naz
9e7bea5bb3 Added "anyStringNumber" matcher to e2e framework
refs https://github.com/TryGhost/Toolbox/issues/335

- Existing `anyNumber` matcher does not do a job when the number is stringified, so introduced a new string matcher to match stringified numbers
2022-05-19 13:06:50 +08:00
Rishabh Garg
998584f6e1
Fixed members list filtering on tiers (#14859)
- filtering member list on `tier:tier-slug` was failing as it only accepted member.product column
- member table needed to expand the tier filter to use product naming for filtering to work
2022-05-18 20:58:00 +05:30
Fabien 'egg' O'Carroll
09a516a179
Fixed Stripe Connect (#14857)
refs https://github.com/TryGhost/Team/issues/1637

The `stripe_connect_integration_token` setting is required for the Stripe
Connect flow to work. The existing `stripe_connect_*` settings are also not able
to be edited. So we've updated the allow list to remove those, and add the one
required for the Stripe Connect flow.
2022-05-18 13:27:50 +01:00
Rishabh Garg
d90add9cd5
Fixed failing checkout session creation for offers (#14855)
- checkout session creation was failing when setup with `offerId` instead of `tierId` and `cadence`
- updates `members-api` to ignore cadence check to allow creation using `offerId` present in request
2022-05-18 15:10:07 +05:30
Kevin Ansfield
71aa1c58e6 Revert "Cleaned up membersActivityFeed labs flag"
This reverts commit ae3a0e93fc.

- flag is still used in the `@tryghost/members-api` package
- reverting for now pending a more complete commit with a bumped members-api package
2022-05-18 10:31:51 +01:00
Kevin Ansfield
ae3a0e93fc Cleaned up membersActivityFeed labs flag
refs https://github.com/TryGhost/Admin/pull/2309

- the flag was only used in Admin and was cleaned up there a while ago
2022-05-18 10:23:53 +01:00
Kevin Ansfield
227548f004 Cleaned up improvedOnboarding labs flag
closes https://github.com/TryGhost/Team/issues/1421
refs 28ead208b8

- all conditionals in Admin have been removed so the forced-GA flag is no longer required
2022-05-18 10:15:31 +01:00
Simon Backx
8b973dcfaa
Added subscription.price.tier mapping (#14849)
refs https://ghost.slack.com/archives/C02G9E68C/p1652781104970769
refs https://github.com/TryGhost/Team/issues/1145

- subscription.price.product was not mapped yet, but already used in the admin app.
- removes products property from members
2022-05-17 16:38:25 +02:00
Naz
0260ec5a64 Removed useless comment
no issue

- Engines in theme's package json have no effect whatsoever on how Ghost instance runs.
2022-05-17 17:21:38 +08:00
Naz
5c2ece9668 Improved assertions in frontend test suite
no issue

- When the tests were rewritten to async/await they didn't get the same header checks as the old style suite.
2022-05-17 17:21:38 +08:00
Naz
1cc3f66d5f Reworked preview controller output
refs https://github.com/TryGhost/Toolbox/issues/332

- With 'page' property being gone from page/post resources we need consistency across internal "preview API" too
- the handling is still hacky as we are exposing the "type" property to the preview pages, which is not exposed through Content API. this a long outstanding issue will have to be handled separately
2022-05-17 17:21:38 +08:00
Hannah Wolfe
8ec8a21b71
Renamed "client" references to "admin"
refs: https://github.com/TryGhost/Toolbox/issues/299

- renamed lots of things that reference Ghost admin as "client"
- these things make even less sense in a post core/client world
2022-05-17 09:05:44 +01:00
Naz
3ff757fbad Fixed /edit shortcut route for pages
refs https://github.com/TryGhost/Toolbox/issues/332
refs f5f1221e14

- Adding an `/edit/` post-fix to a static page URL broke when the `page: true` property support was dropped in the Content API
- The changeset adds tests covering the scenario for both page and post resources
2022-05-17 14:31:31 +08:00
Naz
5abd67809d Cleaned up AMP rendering of "page" resources
refs https://github.com/TryGhost/Toolbox/issues/332

- After dropping support for `page: (true|false)` for post resources in Content API there is no need to check for `body.post.page` in the AMP renderer. Furthermore, the AMP router uses `public-post` controller that **only** returns "post" resources. This check was a redundant, unnecessary piece of logic
2022-05-17 11:39:52 +08:00
Hannah Wolfe
5090d75d96
Improved theme asset handling - permissible assets
refs: https://github.com/TryGhost/Team/issues/1633

- this makes /assets/ a more permissible folder - it can serve anything _except_ hbs files
- meanwhile the root folder becomes less permissible, and won't serve theme dev files commonly found in the root
2022-05-16 19:54:33 +01:00
Fabien 'egg' O'Carroll
d9e6dfe97e
Updated Tiers API data structure (#14795)
refs https://github.com/TryGhost/Team/issues/1575

- Updates the admin-api-schema to reflect new data structure
- Updates members-api to allow Portal to use new data structure
- Data is only mapped at the serialised level to avoid changing the underlying implementation
- Ensure only one version of domain-events present in yarn.lock
2022-05-16 19:47:18 +01:00
Kevin Ansfield
c14f82fec0 Fixed settings test snapshots
refs 340e30f62d
2022-05-16 18:20:44 +01:00
Kevin Ansfield
340e30f62d Removed "publishingFlow" labs flag
no issue

- all uses of the flag have been removed from Admin so it's no longer needed
2022-05-16 18:12:11 +01:00
Matt Hanley
09804244f5 Added newsletters table to default export
refs https://github.com/TryGhost/Team/issues/1629

- We want to export the default newsletter so that we don't lose the post<>newsletter relationship when exporting
- The newsletter_id is currently ignored in the post importer (https://github.com/TryGhost/Ghost/pull/14720) so imports won't work right now
- This change means that exports created in 5.0+ will work later on with no data loss once the importer supports it
- The counts displayed for the newsletters are a count of email records, not post records - and we don't export/import emails so the count will always be 0 after importing a newsletter
2022-05-16 17:49:25 +01:00
Hannah Wolfe
12aff14dff Removed oauth experiment
refs: https://github.com/TryGhost/Team/issues/1625

- this didn't work the way we wanted to
- removing this will free up the namespaces to start over
2022-05-16 17:37:13 +01:00
Hannah Wolfe
18cf73c3b3
Updated output logic to correctly use excerpt 2022-05-16 15:51:14 +01:00
Hannah Wolfe
6d66fe9e22 Switch settings.edit to use an allow list
refs: https://github.com/TryGhost/Team/issues/1625

- Ensure that we maintain a list of exactly which settings can be edited
- Bypass this for internal settings changes for now
- TODO: use the settingsBreadService internally instead of the api directly
2022-05-16 15:07:31 +01:00
Hannah Wolfe
349cbdfc07 Cleaned settings API to only return key & value
refs: https://github.com/TryGhost/Team/issues/1625

- none of the other fields are useful externally, so don't expose them
- "liberal in what we accept, conservative in what we send"
2022-05-16 15:07:31 +01:00
Hannah Wolfe
51a016ac7f Removed code + test for old type param
refs: https://github.com/TryGhost/Team/issues/1625

- type was renamed to group, and type is used to store the actual value type
- we no longer need any backwards compatibility for the old concept of type
2022-05-16 15:07:31 +01:00
Naz
0c097f6532 Fixed frontend rendering of page resource
refs https://github.com/TryGhost/Toolbox/issues/332

- After removing the concept of a boolean "page: true" from the page/post resources frontend resource rendering didn't have enough information to pick the correct template
- Resolved this issue through passing of additional "context" to the template picker. Something nicer should be worked on in the future, as context pattern feels dirty here.
2022-05-16 22:06:55 +08:00
Naz
44c72ddd81 Removed output of "page" filter in Admin/Content APIs
closes https://github.com/TryGhost/Toolbox/issues/332
refs https://github.com/TryGhost/Ghost/issues/10922

- The "page" attirbute has been deprecated long time ago and was kept around in the output for back compatibility reasons. With Ghost 5.0 there's no longer need to return this field or keep around any of the code supporting "page" attribute processing
2022-05-16 22:06:55 +08:00
Naz
f5f1221e14 Removed output of "page" attributes from APIs
refs https://github.com/TryGhost/Toolbox/issues/332
refs https://github.com/TryGhost/Ghost/issues/10922

- The "page" attirbute has been deprecated long time ago and was kept around in the output for back compatibility reasons. With Ghost 5.0 there's no longer need to return this field or keep around any of the code supporting "page" attribute processing
2022-05-16 22:06:55 +08:00
Kevin Ansfield
27337e5f00
Added newsletter param to email preview endpoint (#14820)
refs https://github.com/TryGhost/Team/issues/1621

We want to allow previewing emails based on the selected newsletter. The post model doesn't get a newsletter attached until a publish occurs so we can't use `post.newsletter` and need to give the option of specifying which newsletter to preview via query params.

- added support for `newsletter` query param on the `GET /email_previews/posts/:id/` endpoint where the value is a newsletter slug
- updated `generateEmailContent()` signature to use an options object because the order of memberSegment/newsletter arguments doesn't matter and is difficult to reason about if not named
- adjusted `generateEmailContent()` to fetch the newsletter matching the provided slug, falling back to the default newsletter if no slug is provided
2022-05-16 12:15:54 +01:00
Hannah Wolfe
3f0172e755 Removed backwards compatibility for slack setting
refs: https://github.com/TryGhost/Team/issues/1625

- we changed slack to be two separate settings some time ago
- this cleans up the compatibility code
2022-05-16 11:38:59 +01:00
Hannah Wolfe
9957c2a77c
Revert "Updated plaintext to be a partial doc"
This reverts commit 8f90ca949d.

- plaintext is used in search features so this is probably a bad idea
2022-05-16 10:20:26 +01:00
Hannah Wolfe
8f90ca949d Updated plaintext to be a partial doc
refs: https://github.com/TryGhost/Ghost/issues/11407

- there's no need for us to process the whole document as it's only used for excerpts
- emails need the whole document, but they're managed seprately now
- this is more efficient and means we could potentially do it on the fly 🤔
2022-05-16 09:38:16 +01:00
Hannah Wolfe
9d4d6688d8 Removed links and figcaptions from excerpts
refs: https://github.com/TryGhost/Team/issues/1609
refs: https://github.com/TryGhost/Ghost/issues/11532
refs: https://github.com/TryGhost/Ghost/issues/11407

- these don't read correctly in an excert context
2022-05-16 09:38:16 +01:00
Hannah Wolfe
338dc3ae6c Refactored html-to-plaintext to have two functions
refs: https://github.com/TryGhost/Team/issues/1609

- Split html-to-plaintext into a function for excerpts and emails
- Updated all usages so they use the correct function
- There's currently no difference between the two
2022-05-16 09:38:16 +01:00
Hannah Wolfe
f73a84abac Update dependency html-to-text to v8
refs: https://github.com/TryGhost/Ghost/pull/13035
refs: https://github.com/TryGhost/Team/issues/1609

- Upgraded to the latest html-to-text
- Matched the options to what we had as close as we can
- The output changes slightly, but in most cases those are bugfixes
- We are going to tune this output more soon, so accept the changes for now
2022-05-16 09:38:16 +01:00
Hannah Wolfe
f436d23f87 Removed 80 char wordwrap in excerpts
refs: https://github.com/TryGhost/Team/issues/1609

- remove the 80 char wordwrap
- this makes the function the same as used in the post serializer
- updated references everywhere to use the same function
2022-05-16 09:38:16 +01:00
Simon Backx
6b3a657f88
Renamed newsletter_id and email_recipient_filter options (#14798)
refs https://github.com/TryGhost/Team/issues/1596

- Renamed `newsletter_id` to `newsletter` option, the `newsletter` option expects a slug instead of an id
- Renamed `email_recipient_filter` to `email_segment` option
- Default `email_segment` to `all`. Ignored if no newsletter is set
- `email_segment` is ignored if no newsletter is set
- When reverting a post to a draft, both `newsletter` and `email_segment` are reset to their default values (null, all)
- Removed legacy mapping from old email_recipient_filter values 'paid' and 'free' (already a migration in place)
- Dropped legacy throwing errors when email_recipient_filter is paid or free in transformEmailRecipientFilter
- Reorganized transformEmailRecipientFilter parameters for the now required newsletter parameter
- Fixed an issue where the newsletter filter wasn't working because it wasn't in permittedoptions
- Fixed an issue where you could send to an archived newsletter
- Added an extra protection when scheduling to an active, and later archiving the newsletter
- Dropped support for `send_email_when_published` in API
- When importing posts we currently don't have a system in place to set the newsletter_id to map the `send_email_when_published` behaviour. Since this was already the case, I won't include a fix in this PR.
- Stripped `email_recipient_filter`/`email_segment` from Content API (https://ghost.slack.com/archives/C02G9E68C/p1652363211841359?thread_ts=1650623650.233229&cid=C02G9E68C)
- Updated `admin-api-schema` to 3.2.0, which includes the new email_segment property
- Contains a temporary fix for https://github.com/TryGhost/Team/issues/1626, where the `.related('newsletter').fetch` call fails when the newsletter relation is already loaded, because of the overridden `formatOnWrite` method.

Since the `email_recipient_filter` is no longer used without a newsletter, the `none` value is no longer used. A migration transforms all those values to `all`. This should be safe, because we only send an email now when newsletter_id is not null (scheduled posts should already have a newsletter_id, even if at the time of scheduling they didn't add the newsletter_id option, because at that time, we defaulted to the default newsletter).

Admin changes to make this work: https://github.com/TryGhost/Admin/pull/2380
2022-05-16 10:18:04 +02:00
Hannah Wolfe
705a72431d
Removed GET settings/:key route
refs: https://github.com/TryGhost/Team/issues/1625

- there's not really a usecase for this route, so removing so we don't have to maintain it
2022-05-13 23:18:53 +01:00
Hannah Wolfe
37818a1b71
Removed settings that are no longer in use (#14802)
refs: TryGhost/Team#1625
refs: TryGhost/Team#1558

- none of these settings are actively used anymore

Co-authored-by: Daniel Lockyer <hi@daniellockyer.com>
2022-05-13 21:19:21 +01:00
Simon Backx
a95e9d0b7b
Fixed error in newsletter editing limit checks (#14817)
refs https://github.com/TryGhost/Team/issues/1583
refs https://ghost.slack.com/archives/C02G9E68C/p1652397268702749?thread_ts=1652397192.822389&cid=C02G9E68C

Used `model.status` instead of `model.get('status')`, resulting in undefined, resulting in `!== 'active'` to return true. Also added a test case for editing active newsletters.
2022-05-13 10:15:35 +02:00
Hannah Wolfe
dec6a4d72a Removed unused getPaymentConfig method
refs: https://github.com/TryGhost/Team/issues/1625

- this references unused stripe_product_name setting and defunct stripe_plans setting, but is not used anywhere
2022-05-12 20:05:10 +01:00
Hannah Wolfe
cd20738d65 Removed support for editing members_from_address
refs: https://github.com/TryGhost/Team/issues/1625
refs: https://github.com/TryGhost/Team/issues/1558

- the members_from_address setting is no longer used, instead we use newsletters from address
2022-05-12 20:05:10 +01:00
Hannah Wolfe
5cc7a54edc
Replaced Products with Tiers API endpoints
ref: https://github.com/TryGhost/Team/issues/1145
ref: 8f8b7e7364

- The /products/ endpoint was replaced with /tiers/ some time ago but we didn't finish the switch
- The work is complete now, so can remove the endpoint entirely and cleanup remaining usages
2022-05-12 19:59:57 +01:00
Hannah Wolfe
a58ac016be
Swapped setup to use tiers API endpoint
refs: https://github.com/TryGhost/Team/issues/1145

- the products endpoint is going away in favour of tiers
2022-05-12 19:48:27 +01:00
Hannah Wolfe
b6d9389124
🔥 Removed legacy product + price helpers from themes
refs: https://github.com/TryGhost/Team/issues/1145
refs: https://github.com/TryGhost/Ghost/issues/14446

- remove legacy members theme helpers @products @product @price and @members.products
- all of these have been replaced with new concepts with the introduction of tiers
2022-05-12 18:58:01 +01:00
Rishabh Garg
afd92813c8
Added subscribe_on_signup to newsletter content API data (#14808)
- portal needs this to show default newsletter subscription during signup
2022-05-12 21:31:50 +05:30
Hannah Wolfe
962971c436
🔥 Removed members/api/site
closes: https://github.com/TryGhost/Team/issues/1599

- remove the now unused members/api/site endpoint
- portal now talks to the content API instead
2022-05-12 16:21:47 +01:00
Matt Hanley
0d379a9264 Added permissions for Authors to read labels
refs https://github.com/TryGhost/Team/issues/1618

- Authors require access to labels as part of the publish + send workflow
2022-05-12 16:07:05 +01:00
Rishabh Garg
f4066067e4
Extended public settings to include portal settings (#14801)
refs https://github.com/TryGhost/Team/issues/1599

- adds `portal_*` settings to public settings endpoint
- adds calculated `firstpromoter_account` setting for public settings endpoint
- also adds Ghost `version` information
2022-05-12 19:54:45 +05:30
Hannah Wolfe
de118b0b04
Renamed lang and session_secret default settings (#14791)
refs: https://github.com/TryGhost/Toolbox/issues/327

- lang / locale has had a lot of churn, but we decided this setting should always be locale
- session_secret is too generic as we have multiples of these
2022-05-12 15:07:05 +01:00
Matt Hanley
1fabd76391 Added newsletter permissions for Editors and Authors
refs https://github.com/TryGhost/Team/issues/1618

- Editors and Authors require read access to newsletters as part of the publish + send workflow
2022-05-12 14:46:55 +01:00
Matt Hanley
78d1132b13
Updated theme card asset default setting (#14789)
refs https://github.com/TryGhost/Team/issues/1611

- For Ghost 5.0 card assets will be included by default, including bookmark and gallery cards
2022-05-12 14:44:31 +01:00
Rishabh Garg
725c2673ea
Added offer read endpoint to content API (#14794)
refs TryGhost/Team#1599

- allows offer details to be fetched via content API directly
2022-05-12 18:16:10 +05:30
Simon Backx
3214186f98
Improved newsletter limit checking (#14780)
refs https://github.com/TryGhost/Team/issues/1583

- Check limits when unarchiving newsletters
- Added tests for more scenarios
- When editing/adding newsletters, the limit check happens in the same transaction.
- `limit-service` was bumped to add transactions support
- Added transaction support for edit in newsletter service
2022-05-12 14:28:45 +02:00
Matt Hanley
3398e0d07d Added test for Author user publishing a post and sending a newsletter 2022-05-12 12:45:42 +01:00
Naz
9236b8a397 Relaxed validation rules + removed unknown properties
refs https://github.com/TryGhost/Toolbox/issues/314

- The API principle guiding this change is the Robustness Principle: "be conservative in what you send, be liberal in what you accept". The API will start accepting any additional properties that are not explicitly defined in the schema for the resource and will be trimming any rogue properties that are sent in the payload
2022-05-12 18:06:38 +08:00
Naz
7252f03824 Improved assertions
refs https://github.com/TryGhost/Toolbox/issues/283
2022-05-12 13:54:21 +08:00
Naz
a1e1feb125 Added 'Content-Version' header to outgoing webhook requests
refs https://github.com/TryGhost/Toolbox/issues/283

- The header is needed to signal to the webhook subscribers the content version they are being served. This should imrove API version compatibility and allow for the client to handle incoming data better
2022-05-12 13:54:21 +08:00
Naz
2a3be178ab Refactored trigger test to us assert instead of should
refs https://github.com/TryGhost/Toolbox/issues/283

- Should assertion library is outdated and it's preferred to use native assert to make assertions
2022-05-12 13:54:21 +08:00
Naz
21c2c5579b Refactored webhook triggering to be asyc
refs https://github.com/TryGhost/Toolbox/issues/283

- In tests we need assurance that the triggering of webhooks has been finished before making assertions. Doing this was impossible with a previous fire-and-forget style of the request call.
- The change also adds an optional "request" parameter to be able to override the request library used internally - this is purely for testing purposes.
2022-05-12 13:54:21 +08:00
Naz
67dca08df8 Refactored trigger module to be testable
refs https://github.com/TryGhost/Toolbox/issues/283

- Current trigger module handling webhook paypload delivery isn't testable! It sucks to add features to it without assurance things still work
- Apart from expanding the test suite this changeset also needs live testing - setting up webhooks etc.
2022-05-12 13:54:21 +08:00
Naz
586af2500c Fixed tests
refs f10f224668
2022-05-12 13:54:21 +08:00
Rishabh Garg
3836030950
Allowed tiers include and data for member endpoints (#14790)
refs https://github.com/TryGhost/Team/issues/1145

- allows members endpoint to accept `?include=tiers`
- allows members endpoint to return `tiers` data
2022-05-11 22:26:03 +05:30
Hannah Wolfe
409dc3b534
Added frontend key to ghost_head for portal (#14782)
refs: https://github.com/TryGhost/Team/issues/1599
refs: f3d5d9cf6b

- this commit adds the concept of a frontend data service, intended for passing data to the frontend from the server in a clean way. This is the start of a new & improved pattern, to hopefully reduce coupling
- the newly added internal frontend key is then exposed through this pattern so that the frontend can make use of it
- the first use case is so that portal can use it to talk to the content API instead of having weird endpoints for portal
- this key will also be used by other internal scripts in future, it's public and therefore safe to expose, but it's meant for internal use only and therefore is not exposed in a generic way e.g. as a helper
2022-05-11 17:34:31 +01:00
Rishabh Garg
9f85f7a4fe
Added newsletters endpoint to Content API (#14778)
refs https://github.com/TryGhost/Team/issues/1599

- allows active newsletters data to be fetched via content API
2022-05-11 21:36:43 +05:30
Simon Backx
837e11b4d8
Fixed email preview using wrong newsletter (#14756)
refs https://github.com/TryGhost/Team/issues/1603

When previewing a scheduled/published post via Post editor menu > E-mail newsletter > Preview in browser. The e-mail template from the default newsletter was used instead of the newsletter that was selected when scheduling the post.
2022-05-11 17:52:24 +02:00
Hannah Wolfe
196b8ad0da
Removed active_timezone, default_locale & locale compat (#14788)
- These settings no longer exist, having been renamed to timezone and lang
- As of 5.0 we no longer need any kind of backwards compatibility outside of the importer
- We making breaking changes and cleaning up as many old code paths as possible 
- We have not really exposed the admin Settings API, meaning backwards compatibility was more for internal use
- We will be changing lang back to locale, but that's a separate issue and won't need backwards compatibility
2022-05-11 16:22:25 +01:00
Matt Hanley
ae45579903 Promoted feature flags for v5 features to GA 2022-05-11 15:55:15 +01:00
Hannah Wolfe
b29852b012
🔥 Removed support for http/https mixed mode (#14783)
closes: https://github.com/TryGhost/Toolbox/issues/324
refs: https://github.com/TryGhost/Ghost/issues/14446

- Currently, if url is configured to http but a request is marked secure, Ghost will handle upgrading all internal URLs to https so that there are no mixed content warnings
- From 5.0 that feature is going away, in favour of strictly honouring the configured URL
- Ghost will serve URLs exactly as configured and won't upgrade http to https anymore
- This use case was common when Ghost was first built, but in 2022 the web is mostly https.
- The code needed to support the feature creates a lot of additional complexity & maintenance overhead, so removing this gives us space to do more cool and useful stuff in 2022
2022-05-11 14:53:23 +01:00
Daniel Lockyer
84a10daebf
🏗 Dropped webhooks.status column (#14713)
refs https://github.com/TryGhost/Toolbox/issues/309

- this column is not used and I was going to add `validation` to it but
  it's better to clean it up and re-add the column if we need it again
2022-05-11 14:11:47 +01:00
Naz
961e300e77 Fixed tests
refs f10f224668
2022-05-11 16:18:12 +08:00
Hannah Wolfe
c5ba27e2b5
Added initial concept of calculated settings (#14766)
refs: https://github.com/TryGhost/Team/issues/626

- calculated settings are simplified settings (booleans) that are based on other settings or data
- they make it easier for us to determine what state features are in elsewhere in ghost e.g. admin and themes
- this duplicates some of the members config concepts in the settings service
2022-05-10 21:49:38 +01:00
Hannah Wolfe
54b4a3c351
Renamed settings index.js to settings-service.js
- in line with our policy of not keeping logic in index.js files
- Note: callign all services service.js is no more helpful :D
2022-05-10 20:55:31 +01:00
Aileen Nowak
56a1143e53 Fixed incorrect usage of limit config causing Ghost not to boot
no issue

- When applying an incorrect limits config, or missing expected values, Ghost would not boot as the errors would interrupt this process, which should not happen
- This commit catches the error thrown by the limit-service on boot sequence and transforms it into a warning if it's an `IncorectUsageError`. Other errors are handled as before
- Added a test for the limit-service service
2022-05-10 15:47:45 -04:00
Hannah Wolfe
ddb718f0bb
Fixed settingsCache returning falsy as null
refs: e68cb8b314

- a couple of months ago when improving the test coverage here I found some weird behaviour with falsey values
- turned out it didn't matter at the time because we didn't have any settings that are false
- with the introduction of calculated settings we will have: https://github.com/TryGhost/Ghost/pull/14766
- whilst building that, I found settings that should be returned as false were being returned as null
- fixing it in a separate commit to keep the work clean
2022-05-10 20:37:03 +01:00
Hannah Wolfe
b911c66bb6
Fixed legacyApiPathMatch not working with subdirs
- The recently refactored path matching code forgot to take into account that originalUrl can include the subdir
- Added more permutations to tests and ensured that all tests pass
- This means we don't have to worry about what sort of path we pass to the function, it'll figure out the version and api info
2022-05-10 13:57:06 +01:00
Simon Backx
f732b0181d
Fixed last_seen updated for suspended users (#14715)
refs https://github.com/TryGhost/Team/issues/1461

- A suspended user was able to make it through the Express middlewares to the `updateUserLastSeen` middleware, until it was halted when checking the user permissions in the API pipeline. This was only the case for session logins, not for API keys.
- For API keys, the user status is checked:
6dc3f1bf56/core/server/services/auth/api-key/admin.js (L178-L181)
- In the session middleware, the `findUserById` in `getUserForSession` didn't filter on the active status of users:
be4146e324/core/server/services/auth/session/middleware.js (L22-L27)
- This has been fixed now by updating the sessionService's `findUserById` method.
2022-05-10 13:34:12 +02:00
Hannah Wolfe
f3d5d9cf6b Added internal frontend integration
refs: https://github.com/TryGhost/Team/issues/1599

- add an internal integration for Ghost's frontend to talk to the content API
- this is so that portal and future features can access our APIs through the correct mechanism of an API key
2022-05-10 11:43:07 +01:00
Daniel Lockyer
b794c6885e Deleted membersActivity flag
refs https://github.com/TryGhost/Toolbox/issues/325

- this was used for an alpha proof-of-concept for member activity data
  collection but we're rethinking the strategy so this is the easiest
  way to ensure it can't be enabled when the database table has been deleted
2022-05-10 11:19:58 +01:00
Daniel Lockyer
98a8fa8b0d Dropped temp_member_analytic_events table
refs https://github.com/TryGhost/Toolbox/issues/309

- this table was used an an experiment for member analytics
- as we rethink the strategy, we can take the opportunity to clean the table up
2022-05-10 10:00:19 +01:00
Daniel Lockyer
c8d6024a0c Dropped subscribed column in members table
refs https://github.com/TryGhost/Toolbox/issues/309

- this column is now a calculated value based upon the relation of a
  member to a newsletter
- we should no longer need `subscribed`, so this migrations cleans up
  the column in the DB
2022-05-09 16:47:43 +01:00
Simon Backx
5657019e47
Fixed wrong newsletter used when sending scheduled post (#14734)
refs https://ghost.slack.com/archives/C02G9E68C/p1651939076681719

Cause:
- When a scheduled post was published via the post scheduler, no `newsletter_id` option is passed when editing the post.
- When editing a post via the posts service, without the `newsletter_id` option, the `newsletter_id` option is automatically set to the default newsletter's id.
- Inside the post model, this new `newsletter_id` was not saved, because it was already set, and changing it is prevented.
- The `mega` service wasn't using the (unchanged) post's newsletter_id, but used the option instead, which contained the default newsletter's id.

Fix:
- Always using the newsletter_id from the post and requiring the newsletter associated with a post to exist.
- This behaviour can be/is tested by publishing a scheduled post without any option.

Also cleaned up some `Object.assign` usages.
2022-05-09 17:30:50 +02:00
Rishabh Garg
4d6b3568c5
Enabled Admin integration for newsletters API (#14714)
refs https://github.com/TryGhost/Team/issues/1546

- allows newsletters API to work with Admin API keys
- updates fixtures to add permissions to admin integration role for new sites
- adds migration to update existing sites to have correct permissions for role
- whitelists add/edit/read/browse on newsletters API for integrations
2022-05-09 20:46:34 +05:30