Commit Graph

461 Commits

Author SHA1 Message Date
Michael Barrett
72cc285184
Refactor validating specified newsletters in custom sign-up form (#18032)
refs https://github.com/TryGhost/Product/issues/3837

Moved the logic for validating specified newsletters to controller so
that the request can be failed
2023-09-08 13:55:02 +01:00
Princi Vershwal
f663774cf9
Added support for multiple newsletters in custom signup form (#18023)
refs https://github.com/TryGhost/Product/issues/3514

---------

Co-authored-by: Michael Barrett <mike182uk@gmail.com>
2023-09-08 11:09:44 +01:00
Princi Vershwal
83282ca4cd
Added checks for subscription to multiple newsletter through custom sign up form (#17994)
refs https://github.com/TryGhost/Product/issues/3810

---------

Co-authored-by: Michael Barrett <mike@ghost.org>
2023-09-07 18:27:32 +01:00
Sag
96d9099195
Revert "Added support for importing Stripe Coupons as Offers (#17415)" (#17915)
refs https://github.com/TryGhost/Product/issues/3674
refs https://github.com/TryGhost/Product/issues/3675

- this reverts commits 8a32941ae8 and
b587429008
- the reverted commits added some logic to create offers based on a
Stripe coupon. However, the logic bypassed the Offer entity, and
therefore skipped any validations/constraints — causing invalid data in
the database and some sites to crash.
2023-09-01 09:49:29 +02:00
Simon Backx
a011151e24
🐛 Fixed handling multiple Stripe subscriptions for same member (#17773)
fixes https://github.com/TryGhost/Product/issues/3752

- Added some extra tests for edge cases
- Updated handling of multiple subscriptions so they are handled better
- Canceling a subscription when the member still has other subscriptions will now get handled correctly where the status and products of the member stay intact
2023-08-22 13:27:21 +02:00
Michael Barrett
3a95caf48f
Implement member import with tier (#17506)
refs https://github.com/TryGhost/Product/issues/3629
2023-08-18 15:24:31 +01:00
Sag
67426d5c35
Added a separate error flow for when Tips & Donations are disabled (#17625)
refs https://github.com/TryGhost/Product/issues/3686
2023-08-10 17:32:44 +02:00
Simon Backx
874552bdbe
Added donation events to activity feeds (#17632)
fixes TryGhost/Product#3698
fixes TryGhost/Product#3699
2023-08-10 09:16:47 +02:00
Simon Backx
841e52ccfe
Added donations API (#17495)
refs https://github.com/TryGhost/Product/issues/3648

- Refactored Members API RouterController.createCheckoutSession: Split the method into smaller parts so we can reuse individual parts for the upcoming donation checkout session.
- Wired up donation checkout creation
- Added donation events
2023-07-31 16:00:52 +00:00
Michael Barrett
184c6ae951
Retain newsletter subscriptions on suppression (#17373)
refs https://github.com/TryGhost/Product/issues/2610
2023-07-24 10:47:57 +01:00
Sag
8a32941ae8
Added support for importing Stripe Coupons as Offers (#17415)
closes https://github.com/TryGhost/Product/issues/3595

- when importing paid members with a coupon in Stripe, we currently
search for the corresponding offer in our database and attach it to the
subscription if found. However, if an offer doesn't exist in the
database, we do not create one and don't attach any offer to the
subscription
- with this change, we now support the creation of a new offer, based on
a Stripe coupon, if it didn't exist already
2023-07-19 14:26:42 +02:00
Sag
9f438972f1
Added search by email for Stripe Customer ID during member import (#17326)
closes https://github.com/TryGhost/Product/issues/3593

- when importing members via CSV, it's now possible to add the value "auto" for the "stripe_customer_id" field. When this option is passed, the importer will search for a Stripe customer based on the email address provided
- if there are multiple Stripe customers with the same email address, the customer with the most recent subscription is returned
2023-07-13 13:20:54 +02:00
Fabien "egg" O'Carroll
f3f9e5a2f3 Moved serialisation of formats into the serialiser-layer
This prepares us to return a DTO rather than BookshelfModel to the serialiser
layer. When passing a BookshelfModel, the serialisation layer uses the model to
read from when building computed properties. By stripping values out in the
toJSON method it means that the DTO will be missing them and the computed
properties won't be able to be calculated. Instead we return ALL values to the
serialisation layer, and then strip out the ones that weren't requested in the
"clean" step.

This also inadvertently fixes the issue with `reading_time` requiring the
`html` field to be requested, we can now request just `reading_time`, as well
as have it included by default.
2023-06-16 09:17:47 +02:00
Fabien "egg" O'Carroll
104f84f252 Added eslint rule for file naming convention
As discussed with the product team we want to enforce kebab-case file names for
all files, with the exception of files which export a single class, in which
case they should be PascalCase and reflect the class which they export.

This will help find classes faster, and should push better naming for them too.

Some files and packages have been excluded from this linting, specifically when
a library or framework depends on the naming of a file for the functionality
e.g. Ember, knex-migrator, adapter-manager
2023-05-09 12:34:34 -04:00
Simon Backx
6566903df5
Cleaned up member attribution flag (#16745)
no issue

This commit removes the `memberAttribution` feature flag from the
codebase. Some CSS classes are not removed as removing them and updating
the associated CSS files have side effects sadly.
2023-05-05 15:04:14 +02:00
Simon Backx
848b2d82a1
Cleaned up suppressionList feature flag (#16736)
no issue

This pull request removes the `suppressionList` feature flag and all its
dependencies from the codebase. It makes the suppression list feature
the default and consistent behavior for all email events and
newsletters. It simplifies the UI, logic, and data related to email
events and newsletters. It affects several files in the
`ghost/admin/app`, `ghost/core/core`, and `ghost/members-api`
directories.
2023-05-04 14:47:04 +02:00
Adam Hunter
ef264e2263
Fixed typo in variable name for GeolocationService (#16574) 2023-04-07 13:23:15 +02:00
Simon Backx
d0042b550a
Fixed redirecting back to account home after sign in in Portal (#16487)
refs https://github.com/TryGhost/Team/issues/2674

When going to /#/portal/account when not signed in, you are redirected
to the login page. But once signed in, you aren't redirected back to the
account page. This fixes this issue by adding an extra and optional
redirect parameter when requesting a magic token via email.

This new parameter allows to override the default behaviour of using the
Referer HTTP header, which doesn't include the hash/fragment part of the
URL.

The referrer is already restricted to only allow redirects to the site,
not external URLs.
2023-04-04 18:07:37 +02:00
Rishabh Garg
0c743d67af
🐛 Fixed member newsletter subscription not saving in Admin (#16490)
fixes https://github.com/TryGhost/Team/issues/2783 
refs cb05fae5a3

The root cause of the issue was the fact we no longer checked for lack of `newsletters` property on member data before checking its `subscribed` property which is now deprecated. This caused a cascading effect where `subscribed:false` property on a member overrides the value for `newsletters` data. The check was accidentally removed in a previous bug fix.

So for members that were not subscribed to any newsletters, saving a newsletter subscription failed as they had their `subscribed` set to `false`, and it was resetting the newsletter subscription to empty always.
2023-03-24 23:29:49 +05:30
Daniel Lockyer
045e1ee33d Disabled got retries in testing environment
- by default, got retries failed requests, which is causing issues in
  tests because we've disabled the network with `nock`
- this is causing huge idle time because got pauses before retrying
- this change disables the retries if we're running tests, so things are
  more stable
2023-03-24 11:55:57 +01:00
Simon Backx
80cec29144
Added Stripe Mocker to make testing easier (#16396)
no issue

The Stripe Mocker mocks the Stripe API in memory, to make it much easier
to test subscription flows. Currently it is more a POC to see if it
works well. It probably needs a bit more work to support more scenarios.
- Added new tests for the subscription stats endpoint for 3D secure +
free trial flows using the new Stripe Mocker
- Updated members admin api tests to use Stripe Mocker (+ added new test
for deleting members with Stripe cancellation)
- Some tests called mockStripe at the beginning, but that method did
nothing apart from disabling network (which is the default now), then
they mocked Stripe inside the tests file... so I've removed those
because those conflict with the new mocker that is enabled when calling
mockStripe. We'll need to port those over later.
2023-03-10 18:43:35 +01:00
Steve Larson
cb05fae5a3
🐛 Fixed maintaining archived newsletter subscriptions for members (#16375)
refs #16355
-archived newsletters will no longer be unsubscribed when saving member
-fixed bug with initialMember load
-fixed errors in unit tests
2023-03-08 16:39:28 -06:00
Rishabh Garg
d6a1d98aca
🎨 Added source attribution info to email alerts (#16360)
refs https://github.com/TryGhost/Team/issues/2489

- adds attribution info for new free and paid members in email alerts
2023-03-06 15:06:47 +05:30
Steve Larson
2d84b7d990
Upgraded got package from v9.6.0 to v11.8.6 (#16261)
Refs TryGhost/Team#2459
-upgraded got from v9.6.0 to v11.8.6 to support following redirects (and
other fixes)
-got v12+ requires ESM, so we do not want to upgrade further at this
time
-required changes to a few libraries that use externalRequests
-mention discovery service tests updated to test for follow redirects
2023-02-20 09:33:11 -06:00
Simon Backx
77032262c4
🐛 Fixed subscriptions visible as "Active" within Ghost Admin (#16255)
fixes https://github.com/TryGhost/Team/issues/2542 
fixes https://github.com/TryGhost/Team/issues/2543 
fixes https://github.com/TryGhost/Team/issues/2544

- Hides incomplete subscriptions
- Shows Past Due subscriptions
- Fixed UI issues with 3+ subscriptions
- Fixed missing complimentary subscription when one subscription was
incomplete/inactive
- Fixed sending a paid subscription started email for incomplete
subscriptions. This change also required us to actually send the email
when the incomplete subscription eventually becomes active. So the
introduction of a new `SubscriptionActivatedEvent` made sense/was
required (because sending a SubscriptionCreatedEvent again would cause
other issues).
2023-02-13 13:07:53 +01:00
Naz
93a10d8f4f Optimized queries for tiers (aka products)
refs https://github.com/TryGhost/Toolbox/issues/515
refs dd4d6aeae5

- The `productRepository.list` call produced 5 db queries and a transaction wrapping this call.
- Transaction is not needed in this situation as there are no possible writes in the meantime (transaction wrapping code was put in there through refed commit to guard against failing Stripe API calls, which are no longer involved when calling the list method)
-  The `limit: 'all'` makes sure all product entries are fetched AND removes an extra aggregation query called over stripe_prices join
- The 'monthlyPrice' and 'yearlyPrice' relations are not needed because this data is not used in downstream code - only slug and type are used for visiblity/content gating  (ref. 1 3b6759ca6d/ghost/core/core/server/services/members/content-gating.js (L44-L55), ref. 2 3b6759ca6d/ghost/core/core/server/api/endpoints/utils/serializers/output/mappers/posts.js (L39-L54))
2023-02-09 13:07:57 +08:00
Rishabh Garg
2eac41b1f4
🐛 Fixed invalid email getting saved for members (#16021)
refs https://github.com/TryGhost/Team/issues/2235

We found some cases which can cause a site to have member emails that have invalid characters like `member@example.com�`. This happened due to the `validator` version used by Ghost not able to catch some specific cases as invalid email, allowing members to be created with them either via Admin or Importer or direct signup. Portal UI already blocked these email as invalid. This change:

- updates `@tryghost/validator` to include a latest version of email validator that catches these invalid cases
- doesn't allow member creation with invalid email like above
- doesn't allow existing member emails to be edited to invalid
2022-12-16 16:47:52 +05:30
Simon Backx
0825a2d7f4
🐛 Fixed importing existing member resetting newsletters (#16017)
fixes https://github.com/TryGhost/Team/issues/2386

**Issue:**
- When trying to import a member that already exists, and has
'subscribed' set to 'true' in the CSV, the newsletters the member is
subscribed to are reset to the default newsletters.
- When ediging a member with the API and setting `subscribed` to true,
the same happens.

**Cause:**
A faulty check for the `status` property of a newsletter.

Fixed and added a new E2E test.
2022-12-15 17:45:11 +01:00
Fabien "egg" O'Carroll
adae605555 Moved unsubscribing members behind feature flag
refs https://github.com/TryGhost/Team/issues/2367

We're not releasing this immediately so need to put it behind the flag
so that we continue to send emails to the correct members.
2022-12-09 13:24:25 +07:00
Fabien "egg" O'Carroll
9736d942e1 Unsubscribed Members from newsletters when their email is suppressed
refs https://github.com/TryGhost/Team/issues/2367

This ensures that a Member is not considered subscribed to any emails, so that
counts for newsletter recipients are correct. Eventually we will filter members
on their email suppression status but this is not implemented yet.
2022-12-08 13:02:36 +07:00
Rishabh Garg
8bdad78377
🐛 Fixed broken redemption count for offers (#15954)
refs https://github.com/TryGhost/Team/issues/2369

- offer id was not getting attached to stripe checkout metadata, causing the checkout event to not store any offer information for a subscription. This got changed in a prev refactor [here](25d8d694a0 (diff-b7dfcd660902a2a20dff7da5e886d8e10234bda4ba78228255afc8d4a8e78cf6L206))
- cleans up offer id handling for checkout session event
2022-12-07 14:30:11 +05:30
Simon Backx
bededf4520
🐛 Fixed errors of old events from deleted members (#15944)
refs https://ghost.slack.com/archives/C02G9E68C/p1670215917451249

When a member is deleted, and we receive an opened event for an email to
that member. We threw an uncaught Bookshelf EmptyResponse error.

- This change makes fetching the member not a requirement when handling
that event in the last seen at updater.
- It also adds try catches for all event listeners in the last seen at
updater
2022-12-05 14:36:23 +01:00
Fabien "egg" O'Carroll
9c691f3ea9 Added support for EmailSpamComplaintEvent to activity feed
We need to add relations and filterRelations to the model so that we can
correctly filter events by post_id and member_id
2022-12-01 17:26:24 +07:00
Elena Baidakova
1b784b5ec5
Added events to Post Analytics page (#15886)
closes TryGhost/Team#2313
- Added Sent event to Post analytics and Members feed. Now post can be
Sent or Received or Bounced.
- Excluded Delivered event from Sent filter on backend.
2022-11-28 17:43:35 +04:00
Naz
22738b1b50 🔒 Disabled editable relations by default
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-9gh8-wp53-ccc6
refs https://github.com/TryGhost/Toolbox/issues/465

- Bookshelf relations allows us to edit relational records by default, which was used liberally in the codebase.
- Not having a clear track record of editable relations left the model layer prone to triggering unwanted nested saves and created a vulnerability where members were able to edit newsletter settings.
- With explicit editable relations it's easier to keep track of relations having editable access to related records. Makes the relational data modification pattern safer to use too.
- Anyone running 5.x should update to 5.24.1

Credits: Dave McDaniel and other members of [Cisco Talos](https://talosintelligence.com/vulnerability_reports)
2022-11-28 18:39:39 +07:00
Simon Backx
5c2f0b9a4b
Removed getCreatedEvents and added verification trigger test (#15832)
refs https://github.com/TryGhost/Team/issues/2266

This removes the deprecated `getCreatedEvents` method in the event
repository and adds tests to the verification trigger to see if we don't
break anything.

Changes extracted from https://github.com/TryGhost/Ghost/pull/15831
2022-11-18 15:05:15 +01:00
Fabien 'egg' O'Carroll
8283de99c8
Wired up EmailSuppressionList to Members Admin API (#15848)
refs https://github.com/TryGhost/Team/issues/2268

The approach of using the service to lead email suppression data as
opposed to bookshelf relations allows us to wire things up without
having implemented the database. The getBulkSuppressionData allows us to
do this without much of a DB performance hit.
2022-11-18 16:28:13 +07:00
Ronald Langeveld
08232bd538
Cleaned up GA Flags (#15762)
closes https://github.com/TryGhost/Team/issues/2126

- Cleaned up the following GA flags: `newsletterPaywall`, `freeTrial`, `compExpiring`, `searchHelper`, `emailAlerts`, `fixNewsletterLinks`.
2022-11-18 16:09:25 +07:00
Ronald Langeveld
e0787b4e83
Added specific newsletter support for bulk unsubscribes (#15742)
closes https://github.com/TryGhost/Team/issues/2013

Added support to bulk unsubscribe a selected (filtered) list on members from specific, selected newsletters.
2022-11-16 14:29:00 +07:00
Ghost CI
b2bcfb24e3 Merged v5.22.11 into main 2022-11-15 14:08:47 +00:00
Simon Backx
5ea06e5a0c 🐛 Fixed error when importing members
fixes TryGhost/Team#2266

The getCreatedEvents method was removed but was still used in the verification trigger. This commit adds the method again as a quick fix. A better fix will be commited later: https://github.com/TryGhost/Ghost/pull/15831, which includes tests that also have been ran on this change (but keeping it out of this commit to keep changes minimal).
2022-11-15 14:44:22 +01:00
Rishabh
d6af8fbb8f Cleaned up old member analytics services
refs https://github.com/TryGhost/Team/issues/2216

This change removes old analytics code which was added under `membersActivity` flag as an experimental alpha feature to test the first versions of member analytics, and is no longer active or in use.

This change removes the remaining services and its usage that were created to manage this version of analytics but is no longer active or maintained.

- removes `members-analytics-ingress` service that was used to ingest events from Portal in this experimental feature
- removes `member-analytics-service` service that managed the events from this experimental feature
- removes usages of the 2 services and their dependency in `members-api`
- removes `member-analytic-event` model as the corresponding table for it does not exist anymore and was dropped in 5.0
2022-11-14 10:44:10 +05:30
Simon Backx
f0b87216f7
🐛 Fixed visible canceled events in conversions tab on analytics page (#15796)
fixes https://github.com/TryGhost/Team/issues/2238

**Issue**
When viewing the 'conversions' tab on the analytics page, you could
sometimes see more listed events than the total number of conversions.
This is because other subscription events are also shown in the list.
E.g., if a new member became a paid subscriber that is attributed to a
given post, and later that subscrption has been canceled, that canceled
event would also be shown on the analytics page. This isn't really
desirable.

**Fix**
Now only 'created' subscription events are shown when the activity feed
is filtered by post_id. The other subtypes aren't related to that given
post and should be excluded.
2022-11-11 09:56:03 +01:00
Fabien "egg" O'Carroll
65a4eb5eb6 🐛 Fixed upgrading Subscriptions to new Tiers
refs https://github.com/TryGhost/Team/issues/2204

This was found during Tiers flows testing, the logic for fetching
price information from Tiers had not been updated to use the new Tiers
package and Payments service. This only affects Tiers created since 5.22.x
2022-11-07 17:42:32 +07:00
Naz
6989d08b19
Fixed validation for Members API newsletters endpoint
refs https://github.com/TryGhost/Toolbox/issues/465
refs 31546a6fd3/packages/admin-api-schema/lib/schemas/members.json (L93-L103)

- Updated Members API newsletter validation to match the subset of Admin API's members validation schema.
2022-11-07 17:18:36 +07:00
Fabien "egg" O'Carroll
1f300fb781 🐛 Fixed checkout sessions when using Offers
closes https://github.com/TryGhost/Team/issues/2195

The issue here is two-fold, and specific to using Offers so was not
caught by any automated tests. First, we were incorrectly comparing
the tier.id to the offer.tier.id - this is because the Tier objects id
property is an instance of ObjectID rather than a string.

Secondly we were passing through the cadence parameter from the
request body, but when using Offers this is not including in the
request, so we must pull the data off of the Offer object instead and
pass that to the payments service.
2022-11-02 00:11:33 +07:00
Rishabh Garg
007637973e
🐛 Fixed comped member creation via Admin API (#15714)
closes https://github.com/TryGhost/Team/issues/2184

- when using the old legacy method of `comped:true` to add complimentary subs to a member along with a label, the API call failed with `Internal Server error` and the member was added as free on the site.
- patches the options sent for fetching default product to only pick the relevant keys, as it was picking up the `withRelated` for `labels` that caused the API failure
2022-10-28 01:59:05 +05:30
Simon Backx
b916300ceb
Added aggregated click events (#15713)
fixes https://github.com/TryGhost/Team/issues/2175

- New event type `aggregated_click_event` that is disabled by default in all the existing activity feeds
- This returns click events, but only the first click events for each member/post combination.
- It includes the total count of unique link clicks for that member on that post combination
- Had to resort to some custom knex queries to make this work easily
- Requires `@tryghost/bookshelf-pagination@0.1.31`, included in `@tryghost/bookshelf-plugins@0.6.1` (this fixes an issue with custom selects breaking the total count query of pages)
- Went a bit overboard with the pagination tests to cover as much unknown edge cases as possible
2022-10-27 17:23:45 +02:00
Simon Backx
b911208b41
Improved filter support in activity API to allow pagination (#15684)
fixes https://github.com/TryGhost/Team/issues/2129

- This changes how the activity feed API parses the filter.
- We now parse the filter early to a MongoDB filter, and split it in two. One of the filters is applied to the pageActions, and the other one is used individually for every event type. We now allow to use grouping and OR's inside the filters because of this change. As long as we don't combine filters on 'type' with other filters inside grouped filters or OR, then it is allowed.
- We make use of mongoTransformer to manually inject a mongo filter without needing to parse it from a string value again (that would make it a lot harder because we would have to convert the splitted filter back to a string and we currently don't have methods for that).
- Added sorting by id for events with the same timestamp (required for reliable pagination)
- Added id to each event (required for pagination)
- Added more tests for filters
- Added test for pagination
- Removed unsued getSubscriptions and getVolume methods

Used new mongo utility methods introduced here: https://github.com/TryGhost/NQL/pull/49
2022-10-27 12:13:24 +02:00
Simon Backx
076e3c02b2
Added linking between member and subscription created events (#15693)
fixes https://github.com/TryGhost/Team/issues/2160

- Adds a `batch_id` to both events that contain the same ID if they were created at the same time.
- Removes duplicate signup/conversion events using the batch_id
- Requires an update in mongo-knex to work (refs https://ghost.slack.com/archives/C02G9E68C/p1666773313272409?thread_ts=1666767872.375009&cid=C02G9E68C)
- Some dependencies needed an update to load the latest mongo-knex
- Added tiers to membersUtils, loaded on startup (we can start to use this instead of fetching it every time)
2022-10-27 11:44:19 +02:00