Commit Graph

536 Commits

Author SHA1 Message Date
Daniel Lockyer
a86bf46347 Updated snapshots for the new year
- these shouldn't be hardcoded but it changes so infrequently that we
  can just update the snapshots for now and then fix it at a later point
2024-01-02 09:07:55 +01:00
Sanne de Vries
255d1b1740
Added site url link to newsletter header image (#19380)
No ref
2023-12-14 12:08:10 +00:00
Daniel Lockyer
20b0890a02 Cleaned up duplicate await
- noticed whilst bouncing around the codebase
- shouldn't change anything but it gets rid of some tsserver warnings
2023-12-13 11:54:31 +01:00
Steve Larson
ccc9c9bdd8
Removed emoji picker feature flag (#19314)
closes TryGhost/Product#4109
- requires new editor packages which are bumped in this commit
2023-12-11 09:51:37 -06:00
Simon Backx
3f6ea04c43
Added portal default plan setting (#19238)
fixes PROD-61

This adds a new default plan setting. It defaults to yearly, which is
the current default selected interval in Portal.

Behind the new portal improvements feature flag, the default plan can be
changed. It will also change automatically if the available intervals
are changed.

This PR also wires up passing the new setting to the Portal preview.
2023-12-06 11:39:58 +01:00
Sag
f8ad5fb2ea
Updated Portal to use calculated support and default email addresses (#19163)
fixes GRO-72

- added "default_email_address" and "support_email_address" to the
public settings
- when available, use these addresses in Portal. Otherwise, fallback to
current logic
2023-11-29 09:48:05 -03:00
Jono M
3f70cc08b7
Fixed create offer API not returning created_at (#19143)
refs https://github.com/TryGhost/Product/issues/4196

The offers API basically returns the data you pass to it, rather than
the created database record. It looks like this is how it was intended
to work in the first place; the `setMilliseconds` is because the test
helper expects `.000Z`, which I assume is because MySQL will strip off
the milliseconds when it's saved.
2023-11-28 15:11:35 +00:00
Simon Backx
3687feca07
Updated support email address verification for DMARC changes (#19147)
fixes GRO-71

- Current flow: unchanged
- New managed flow: verification required
- New managed flow with custom sending domain: only verification
required for different domains
- Self hosters (feature flag): no verification required
2023-11-28 15:06:58 +01:00
Sag
54ee8d3389
Updated newsletter email verification to render the verified address (#19148)
refs GRO-80
- added a new meta field "email_verified" to the /verification endpoint
for newsletters. This meta field contains which email has been verified,
"sender_email" or "sender_reply_to"
- updated copy in newsletter settings, based on which email has been
verified
2023-11-27 18:28:57 +00:00
Simon Backx
6c37382bc3
Fixed requiring verification email for default address (#19140)
fixes GRO-79

When changing the Reply-To to the default address, the verification
email is now skipped.
2023-11-27 10:45:34 +00:00
Simon Backx
a037ce3dde
Added calculated email address settings (#19115)
fixes GRO-73

We need to avoid duplicating the complex logic for determining the
default email address and the support email address. So these are now
exposed as calculated settings.
2023-11-23 13:07:15 +00:00
Simon Backx
17ec1e8937
Added email address alignment protections (#19094)
ref GRO-54
fixes GRO-63
fixes GRO-62
fixes GRO-69

When the config `hostSettings:managedEmail:enabled` is enabled, or the
new flag (`newEmailAddresses`) is enabled for self-hosters, we'll start
to check the from addresses of all outgoing emails more strictly.

- Current flow: nothing changes if the managedEmail config is not set or
the `newEmailAddresses` feature flag is not set
- When managedEmail is enabled: never allow to send an email from any
chosen email. We always use `mail.from` for all outgoing emails. Custom
addresses should be set as replyTo instead. Changing the newsletter
sender_email is not allowed anymore (and ignored if it is set).
- When managedEmail is enabled with a custom sending domain: if a from
address doesn't match the sending domain, we'll default to mail.from and
use the original as a replyTo if appropriate and only when no other
replyTo was set. A newsletter sender email addresss can only be set to
an email address on this domain.
- When `newEmailAddresses` is enabled: self hosters are free to set all
email addresses to whatever they want, without verification. In addition
to that, we stop making up our own email addresses and send from
`mail.from` by default instead of generating a `noreply`+ `@` +
`sitedomain.com` address

A more in depth example of all cases can be seen in
`ghost/core/test/integration/services/email-addresses.test.js`

Includes lots of new E2E tests for most new situations. Apart from that,
all email snapshots are changed because the from and replyTo addresses
are now included in snapshots (so we can see unexpected changes in the
future).

Dropped test coverage requirement, because tests were failing coverage
locally, but not in CI

Fixed settings test that set the site title to an array - bug tracked in
GRO-68
2023-11-23 10:25:30 +01:00
Simon Backx
b6519e0f1f
Removed usage of unquoted ids in filter strings (#19070)
fixes GRO-34
fixes GRO-33

This is a revision of a previous commit, that broke the browser tests
because changes in the data generator (requiring bookshelf had side
effects).

This adds a new way to run all tests with enforced numeric ObjectIDs.
These numeric ids cause issues if they are used withing NQL filters. So
they surface tiny bugs in our codebase.

You can run tests using this option via:
NUMERIC_IDS=1 yarn test:e2e

Removed some defensive logic that could be explained by this discovered
issue.
2023-11-21 09:45:36 +01:00
Ronald Langeveld
83a1060983
Added last redeemed property to Offers (#19066)
refs https://github.com/TryGhost/Product/issues/4153

- wired up a new last_redeemed prop to the Offers API endpoint.
2023-11-21 08:02:15 +00:00
Michael Barrett
55392646e1
Refined cache invalidation when updating a user (#19028)
refs https://github.com/TryGhost/Arch/issues/101

Refined the cache invalidation logic so that when updating a user, we
only invalidate the cache when an attribute of the user that is used on
the frontend changes.
2023-11-20 14:14:30 +00:00
Simon Backx
d5492bd63c
Revert "Removed usage of unquoted ids in filter strings" (#19052)
Reverts TryGhost/Ghost#19031

Browser tests are failing with an unknown cause
2023-11-20 13:50:07 +00:00
Simon Backx
320eaac4c4
Removed usage of unquoted ids in filter strings (#19031)
fixes GRO-34
fixes GRO-33

This also adds a new way to run all tests with enforced numeric ObjectIDs.
These numeric ids cause issues if they are used withing NQL filters. So they
surface tiny bugs in our codebase.

You can run tests using this option via:
NUMERIC_IDS=1 yarn test:e2e

Also removed some defensive logic that could be explained by unquoted ids.
2023-11-20 14:00:31 +01:00
Simon Backx
32d0d2b293 Added filter to filter members by email disabled
fixes GRO-23

Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
Co-authored-by: Sag <guptazy@gmail.com>
2023-11-16 19:16:20 +01:00
Sag
69ee4a5ff5
Added option to unsubscribe in one-click from emails (#19032)
refs https://github.com/TryGhost/Product/issues/4051
- added a "List-Unsubscribe" header to emails, in compliance with the
RFC 8058 requirements
- Gmail, Apple Mail, Yahoo Mail, and other popular email clients offer
an option to unsubscribe in one-click, based on the "List-Unsubscribe"
header. Some require an HTTPS endpoint, some a mailto address; both
options are provided in the "List-Unsubscribe" header

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
2023-11-16 14:50:24 -03:00
Ronald Langeveld
2bd597fe0d
Added createdAt prop to Offers API request. (#19012)
refs https://github.com/TryGhost/Product/issues/4153

- We need use the `created_at` timestamp in the new AdminX offers. The
API doesn't return that value.
- With this change the API returns the created_at property so that we
can consume it.
---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖[[deprecated]](https://githubnext.com/copilot-for-prs-sunset)
Generated by Copilot at dc282af</samp>

This pull request adds a `createdAt` property to the offer domain model,
data transfer object, and repository. This allows tracking and auditing
the creation and modification of offers and offer codes in
`ghost/offers`.
2023-11-16 17:33:01 +07:00
Simon Backx
75bb53f065
🔒 Added support for logging out members on all devices (#18935)
fixes https://github.com/TryGhost/Product/issues/3738
https://www.notion.so/ghost/Member-Session-Invalidation-13254316f2244c34bcbc65c101eb5cc4

- Adds the transient_id column to the members table. This defaults to
email, to keep it backwards compatible (not logging out all existing
sessions)
- Instead of using the email in the cookies, we now use the transient_id
- Updating the transient_id means invalidating all sessions of a member
- Adds an endpoint to the admin api to log out a member from all devices
- Added the `all` body property to the DELETE session endpoint in the
members API. Setting it to true will sign a member out from all devices.
- Adds a UI button in Admin to sign a member out from all devices
- Portal 'sign out of all devices' will not be added for now

Related changes (added because these areas were affected by the code
changes):
- Adds a serializer to member events / activity feed endpoints - all
member fields were returned here, so the transient_id would also be
returned - which is not needed and bloats the API response size
(`transient_id` is not a secret because the cookies are signed)
- Removed `loadMemberSession` from public settings browse (not used
anymore + bad pattern)

Performance tests on site with 50.000 members (on Macbook M1 Pro):
- Migrate: 6s (adding column 4s, setting to email is 1s, dropping
nullable: 1s)
- Rollback: 2s
2023-11-15 17:10:28 +01:00
Simon Backx
14927ee24b
Added quotes to NQL filters with ids (#18958)
refs https://github.com/TryGhost/Product/issues/4120

Updated some places where we don't add quotes around ids in NQL filters,
which can be an issue when the id is a number
2023-11-13 12:00:20 +01:00
Simon Backx
986296cac9 🐛 Fixed unsubscribe button requiring manual action + wrong confirmation
fixes https://github.com/TryGhost/Product/issues/4118

The newsletter uuids were not passed when fetching all the members current newsletters. Therefore, Portals logic broke to remove all newsletters that matched the uuid that was passed to the unsubscribe link. No newsletters were removed, still the notification toast said that the member was unsubscribed from the newsletter.
2023-11-08 15:05:47 +01:00
Sanne de Vries
dbe00929d3
Changed "latest posts" layout in email template on mobile (#18894)
Refs https://ghost.slack.com/archives/C019B1K4FAM/p1699127038805739

- Removed mobile styles so that latest posts are always in the same
layout, instead of in a single column on mobile
- Fixed img caption font size rendering too large on mobile
2023-11-07 11:23:03 +01:00
Nick Moreton
b9b1502772
🐛Changed "free_signups" to "signups" in Post Exporter (#18883)
ref https://github.com/TryGhost/Product/issues/4110

Made this change to increase clarity in data export

---

<!-- Leave the line below if you'd like GitHub Copilot to generate a
summary from your commit -->
<!--
copilot:summary
-->
### <samp>🤖 Generated by Copilot at 6c0508d</samp>

Renamed a column in posts export data and updated the corresponding test
case. This change makes the export data more consistent and clear for
users who have different member features enabled.
2023-11-07 09:52:28 +00:00
Steve Larson
ae53464cac
Enabled emoji picker in editor (#18880)
closes TryGhost/Product#4107
- emoji picker is now available for inline emoji insertion
- open the menu with typing a : (colon), e.g. 
2023-11-06 16:07:55 +00:00
Simon Backx
bf859c38ee
🐛 Fixed showing recommendations on custom welcome pages (#18864)
no issue

When a custom welcome page is set for a tier, the recommendations modal
didn't show. If recommendations were disabled, there was also no toast
to confirm the sign up.

To fix this, we'll need to set the success and action query parameters
on the welcome page, but only if it is not an external site.
2023-11-03 15:02:46 +00:00
Simon Backx
fee402a340
🐛 Fixed adding recommendation with URL redirect breaking one-click-subscribe (#18863)
fixes https://github.com/TryGhost/Product/issues/4102

E.g. you recommend myghostsite.com, while that site redirects all
traffic to [www.myghostsite.com](#):

The redirect causes CORS issues, which means we cannot detect
one-click-subscribe support.
- This is fixed by moving the whole detection to the backend, which has
the additional benefit that we can update it in the background without
the frontend, and update it on every recommendation change.
- This change also fixes existing recommendations by doing a check on
boot (we can move this to a background job in the future).
2023-11-03 15:02:45 +01:00
Sag
b3c8055efe
Fixed email_disabled field after member update in Admin (#18827)
closes https://github.com/TryGhost/Product/issues/4046
- when editing the member's email in Admin, the email_disabled field was
not recalculated, making it inconsistent with the suppression list
- now, if the new email is part of the suppression list, we set
email_disabled to true. Otherwise set it to false
2023-11-02 17:15:03 +00:00
Ghost CI
2c9d42f599 Merged v5.71.1 into main 2023-11-01 16:53:42 +00:00
Kevin Ansfield
281fbc973e
🐛 Fixed mobiledoc and lexical content being available via Content API
refs https://github.com/TryGhost/Product/issues/4088

The Content API should not expose the lexical/mobiledoc source content because it's not membership-gated and although not used at the present time may in future contain additional internal metadata. We were handling this for the more-typical `?formats` param but it was still possible to access this data using the `?fields` param.

- updated post mapper used in our API output serializers to strip the `mobiledoc` and `lexical` fields ready for API output
- credits to Prathap Puthran for reporting
2023-11-01 16:10:41 +01:00
Sanne de Vries
a38461a00d
Fixed email paywall styling bug on mobile (#18818)
Closes https://github.com/TryGhost/Product/issues/4089
2023-11-01 14:13:51 +00:00
Sag
1b82efe5d2
Added Recommendations feature (#18743)
refs https://github.com/TryGhost/Product/issues/3744


Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
2023-10-24 11:00:11 -03:00
Kevin Ansfield
9b1f79f601
Cleaned up lexicalEditor labs flag, switched Post model to lexical-by-default (#18607)
no issue

- flag is no longer used in Admin so we can clean it up in Core too
- updated Post model to set blank document to `lexical` field rather than `mobiledoc` as a default value
- switched over to returning `mobiledoc,lexical` as default formats in Admin API
2023-10-23 17:51:34 +01:00
Chris Raible
5a5a756415
Updated theme fixtures for casper and source (#18677)
no issue

- Casper and Source theme files were out of date — this commit updates the theme fixtures, and fixes up a few tests to pass with the updated themes
2023-10-18 14:51:35 -07:00
Sag
5c43945b94
Revert "Added Recommendations feature (#18664)" (#18694)
refs https://github.com/TryGhost/Product/issues/3744

- this reverts GA commit 4e338114de, as
launch has been postponed by a week
2023-10-18 17:03:35 +00:00
Steve Larson
a521c23cd3
🐛 Prevented subsequent lexical conversion wiping out content (#18672)
closes TryGhost/Product#4032
- the api flag ?convert_to_lexical converts a mobiledoc string to
lexical
- if run on a post/page with lexical content, would null it out
2023-10-17 20:38:51 +00:00
Sag
4e338114de
Added Recommendations feature (#18664)
refs https://github.com/TryGhost/Product/issues/3744

Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Djordje Vlaisavljevic <dzvlais@gmail.com>
2023-10-17 13:04:35 +00:00
Fabien "egg" O'Carroll
edcd6caf2b Removed post_revisions default include
Having this as a default means that API responses are HUGE!

Co-authored-by: Daniel Lockyer <hi@daniellockyer.com>
2023-10-12 13:10:05 +02:00
Kevin Ansfield
f4acbb581b 🐛 Fixed copy/paste from Word missing headings and text formats
closes https://github.com/TryGhost/Product/issues/4007

- bumps Koenig packages containing extended TextNode and HeadingNode with extra DOM parsing support for the non-semantic HTML generated by Word when copy/pasting
2023-10-09 20:21:41 +01:00
Simon Backx
9abd466397
Renamed reason to description in recommendations table (#18527)
fixes https://github.com/TryGhost/Product/issues/4005

We no longer use the 'reason' of a recommendation, but allow a flexible
description instead. Because this is a breaking change in the API, we do
this before making this feature GA.
- Added new database utils for renaming a column
- Added new migration to rename the column
- Updated all references in code
2023-10-09 11:19:44 -03:00
Chris Raible
70304d92d4
🐛 Fixed bug preventing changes to tier benefit capitalization (#18406)
fixes TryGhost/Product#3970

- When saving a tier, it is impossible to change the capitalization of a
benefit
- The logic when saving a tier matches benefits by `name.toLowercase()`
and then overwrites the incoming change with the name from the previous
version of the benefit
- This changes the logic to match benefits the same way using
`name.toLowercase()`, but use the _incoming_ benefit's capitalization
rather than the old benefit's, to allow users to e.g. change 'TEst
benefit' to 'Test benefit'
2023-10-05 19:04:11 -07:00
Steve Larson
8bc653802d
Released new editor (#18422)
Promoted our beta editor to the default editor. Keep an eye on (or subscribe to) https://ghost.org/changelog/ for release announcements with full details.

- moved the beta editor (Lexical-based editor) to the default editor; all pages and posts will now use it
- all mobiledoc (previous editor) posts will remain mobiledoc until opened in the editor at which point will be converted to Lexical on the fly and open in the new editor
2023-10-04 12:22:54 +01:00
Daniel Lockyer
639be25f1d Updated Koenig-Lexical bundling
refs https://github.com/TryGhost/DevOps/issues/83

- this will now continue use the dev server assets if we tell it to,
  or copy the dependency package files to the built folder otherwise
- removes `editor` from config API because it's no longer needed
- removes dependency on `editor.url` in tests, as this no longer exists
- edits dev script to pass dev server URL as env var
- adds `@tryghost/koenig-lexical` dependency to Admin
2023-10-04 12:50:21 +02:00
Chris Raible
80a6fe17d0 Added Source as the new default theme
refs TryGhost/Product#3510

- Added `TryGhost/Source` as a submodule in `ghost/core/content/themes` so `Source` will ship with Ghost (along with Casper)
- With this change, new installs will use `Source` as the default theme. Existing sites will have `Source` installed, but not activated, as this is a large change and we don't want to drastically change existing sites without warning. Users can upgrade to use `Source` simply by clicking 'Activate' in design settings.
- Updated protections to prevent users from uploading their own conflicting version of `Source`
2023-10-03 14:02:08 +02:00
Simon Backx
b5fc527f8d
Added order option to recommendations API with sorting on counts (#18417)
refs https://github.com/TryGhost/Product/issues/3957

This changes how we fetch recommendations:
- Relations can be included in one query instead of extra queries
- Sorting is now possible by click or subscriber counts
2023-10-02 14:51:03 +00:00
Kevin Ansfield
d541991046 Fixed collection cards not re-rendering when posts were bulk-edited
no issue

- bulk edit actions bypass the Bookshelf model hooks which meant our page reset behaviour in `onSaving` and `onDestroyed` was not being hit
- added overrides to `bulkEdit` and `bulkDestroy` to add the same page-reset behaviour any time we have a bulk edit or destroy
2023-09-28 18:05:01 +01:00
Kevin Ansfield
f296761577 Fixed snapshot errors for changing dates in collection card tests
no issue

- including a body snapshot for the pages API collection card tests causes issues because the generated HTML is dynamic and contains post creation times meaning the snapshot was unstable
- removed the body snapshot for the tests concerned for now as they are mostly there to catch saving issues rather than rendering issues
2023-09-26 12:23:33 +01:00
Kevin Ansfield
6480cfb161 Added e2e tests for creating+saving pages containing collection cards
no issue

- act as regression tests for internal collection code changes
- useful to test as we've hit missing transaction passthrough for sqlite a couple of times that wasn't caught
2023-09-25 15:11:05 +01:00
Simon Backx
b82a93beac
Added recommendation_notifications column to users table (#18304)
fixes https://github.com/TryGhost/Product/issues/3939
2023-09-22 15:35:55 +00:00