no issue
- the schedules controller wraps the post creation in a transaction
- we need to pass that transaction through to all other queries, especially on sqlite where a non-transaction query inside a transaction will lock up because there's only 1 connection available
- updates our model method calls to pass through the transaction options
- switches the members service `list()` call to a direct model `findAll()` call to avoid going through our pagination plugin because the raw knex query does not respect the transacting option
no issue
- In order to keep site/app.js module tidy and less coupled with members module we need to extract some of the functionality where it belongs conceptually
- Added "members enabled check" middleware to stripe webhook endpoint
- Reshuffled members middleware so that siteApp is in control of mounting points. This is meant to be a more explicit way to see which endpoints are being handled by members middleware
- Extracted member-specific public file middleware
- Unified use of `labs.member` alias method. Done for code style consistency
- Added basic members' test suite. This is a base we could work from when more modifications are needed
- Removed route handler for unexisting members file "members-theme-bindings.js". Calling this route otherwise causes a 500. Looks like a leftover from 49672a1e4d
no issue
- a 401 is received from Mailgun when invalid credentials are used but the default error message of "Forbidden" is not particularly useful
- intercepts "Forbidden" and swaps it for "Invalid Mailgun credentials" to be more user-friendly
no issue
- When whole email batch fails we want to allow retrying sending a batch when post is republished
- Refactored naming for email event handling in mega
no issue
- Increased default mailgun retry limit to 5
- Handling retry logic closer to SDK layer gives less future manual handling
- Allowed failing request to be passed through to the caller
- To be able to handle failed requests more gracefully in the future we need all available error information to be given to the caller
- The previous method with `Promise.all` would have rejected a whole batch without providing details on each specific batch.
- Limited data returned with a failed message to batch values
- Added better error handling on mega layer
- Added new column to store failed batch info
- Added reference to mailgan error docs
- Refactored batch emailer to respond with instances of an object
- It's hard to reason about the response type of bulk mailer when multiple object types can be returned
- This gives more clarity and ability to check with `instanceof` check
no issue
- adds new router to the frontend for handling unsubscribe
- default template lives in `core/server/frontend/views/unsubscribe.hbs`
- `{{error}}` is present and contains the error message when unsubscribe fails
- `{{member}}` is present and contains the member email
- updated unsubscribe url to match the new format
no issue
Mailgun expects `recipient-variables` to be a json object and fails to attempt sending the message in case its undefined, which is the case for test emails as they don't have member `uuid` or `unsubscribe` url. This sets a default empty object for `recipent-variables` in case of no data.
no issue
- The limitation on Mailgun side of API seems to be 1000 emails per message.
- The only place where I could find a hard limit of 1000 emails per
batch was this PHP SDK issue: https://github.com/mailgun/mailgun-php/issues/469
- To store ids of sent messages introduce a mega column on the emails table. They can be synced with stats or other metrics during even pooling in the future
- Removed redundant `join(',')` statement.The SDK accepts an array of emails as well. Less code - better code :)
no issue
- Tagging needs to be added to be able to group/filter sent messages for various reasons. An example use case is when multiple Ghost instances use the same mailgun account
- Tag value can be provided as a part of config.json file under
`bulkEmail.mailgun.tag` key
fixes#11343
- solves the case where themes depends on old labs flags that are now always false, but the DB still has the feature set to true
- add concept of deprecated labs flags to the labs service
- make sure that the labs service gets used in our theme middleware
- added tests and other small fixes
no issue
- Sends formatted email to members
- Added css inlining support for MEGA template
- Migrated MEGA service to use API serializers
- Service needs to be compliant with the API to be able to serve absolute URLs for resources like images
- Fixed send email check for previously sent mails
no issue
- member model emits a `member.edited` event on update
- webhooks service listens for `member.edited` event and will trigger any registered hooks
* Added from parameter for member emails
no issue
- Passed in the `from` parameter when initializing members mailer to be able to customize outgoing address
- Extends GhsotMailer to accept a from parameter from the outside
refs https://github.com/TryGhost/Ghost/pull/11152
- Added subscribers table drop migration
- Removed subscribers from schema
- Removed subscribers controllers/routes/regression tests
- Removed subscriber related API code
- Removed subscribers from internal apps
- Removed subscriber importer
- Removed subscriber model
- Removed subscriber related permissions
- Removed webhook code related to subscribers
- When upgrading to v3 it is on the site admin to migrate all zapps or any other webhook clients to use members
- Removed subscriber-specific translation
- Removed subscriber lab flag
* Added new `requirePaymentForSignup` setting for members
no issue
- Adds new `requirePaymentForSignup` setting flag for members, `false` by default.
- Wired members API `allowSelfSignup` to `requirePayment` setting
no-issue
Until now, we've used ghost@siteurl.com as the default from address for system emails, like user invitations and password resets. This was fine, because all system emails were going to people who would interact with "ghost" the app in some way, so the naming made sense.
Now we're introducing members, which will send emails on behalf of of the site owner, to their readers. If all goes to plan, they should be able to set a custom from address, however our default mail config will still be the fallback if no other value is available.
If you run "magazine.com" and you send someone a link to "login to magazine.com" then it's pretty weird for that email to come from "ghost@magazine.com" - so this PR changes the default value from ghost to noreply for an equally generic, but less opinionated default.
ref 6bbe7bb3d4
- This value is no longer being set on the client side and doesn't serve any purpose. The logic should rely on payment processors being configured instead
no-issue
This adds basic templates for "signup"/"signin"/"subscribe" types for
the magic-link email template. It also adds the action query parameter
to the link so that clientside js can handle the different states.
* Updated scheduler to use v2 API by default
* Updated scheduling for post/page resource types
* Extended base method to take options param with token and jwt options
* Updated token expiration to 6 hours after publish/blog start time to allow retries
no issue
- Removed ghost_head/ghost_foot propeties from Content API `GET /setting` response
- Removed ghost_head/ghost_foot from the output in Admin API
- Added validation when requesting ghost_head/ghost_food fields
- Updated deprecation comments
refs #5151
refs #10737
- Removed all uses/references to post's "staticPages" filter
- It was only a feature specific to API v0.1 which doesn't have to take space in the codebase anymore
refs https://github.com/TryGhost/Ghost/issues/10922
- adds migrations to...
1. add `post.type` column
2. populate `post.type` column based on `post.page` value
3. drop `post.page` column
- updates all code paths to work with `post.type` in place of `post.page`
- adds `nql-map-key-values` transformer for mapping `page`->`type` in `filter` params when using the v2 API
- modifies importer to handle `post.page`->`post.type` transformation when importing older export files
no-issue
* Installed @tryghost/members-ssr@0.4.0
This now supports caching of the data returned by the members-api
* Renamed cookies set by members-ssr
As discussed with @ErisDS I have prefixed these cookies with `ghost`
no-issue
* Installed members-api@0.5.0 members-ssr@0.3.1
* Supported multiple members-forms
* Used members canary api
* Added GET handler to /members/ssr for id token
The identity token will be used to ensure that a payment is linked to the correct member
* Added stripe.js to ghost_head when members enabled
* Added basic support for linking to stripe checkout
* Removed listener to title and icon settings changes
* Added stripe subscription config
no issue
- Drops `ghost_auth_access_token` and `ghost_auth_id` fields since not used anymore
- Adds migration for dropping these columns from users table
- Drops Auth strategy - `ghostStrategy` - since its not used anymore
refs #11040
In case of falsy `sendWelcomeEmail` config, the blog setup crashed as the setup method implicitly returned undefined instead of promise. This handles the fasly config correctly.
- Adds regression test for pro config blog setup
no issue
- the column addition/removal can be too slow for large sites
- will be added back in 3.0
---
Revert "Fixed canary api for page/type column"
This reverts commit a5a7e7e919.
Revert "Updated frontend canary url config for page/type"
This reverts commit 19100ec5e6.
Revert "Updated canary api to handle type column correctly (#11006)"
This reverts commit c3e8ba0523.
Revert "Ensured `page` filter works in routes.yaml"
This reverts commit 9037c19e50.
Revert "Replaced usage of mongo util with nql-map-key-values"
This reverts commit 8c5f1d0ef0.
Revert "Added shared nql-map-key-values module"
This reverts commit ef4fd4b8ef.
Revert "Ensured page prop is present on content api response"
This reverts commit cfa0a0862b.
Revert "Fixed failing regression tests"
This reverts commit 9c2bb3811f.
Revert "Updated xmlrpc and slack service to use type column"
This reverts commit 44a02c7d36.
Revert "Updated v0.1 posts api to work with type column"
This reverts commit 2c81d7c914.
Revert "Removed updates to v0.1 specific code"
This reverts commit 08d83c1f53.
Revert "Added missing context from ValidationError"
This reverts commit cd45ab4f54.
Revert "Renamed page->type in the page&posts serializers"
This reverts commit df99e724e3.
Revert "Added mongo helper to input serializers"
This reverts commit fb8eadb4a8.
Revert "Passed mongoTransformer through to NQL"
This reverts commit 0ae3f0fdfc.
Revert "Permitted mongoTransformer option for read methods"
This reverts commit a89376bf26.
Revert "Updated the count plugin to reference the type column"
This reverts commit a52f15d3d3.
Revert "Updated hashes for db integrity check"
This reverts commit bb6b337be3.
Revert "Remove page column and remaining references"
This reverts commit 9d7190d692.
Revert "Added type column to data generator"
This reverts commit e59806cb45.
Revert "Removed references to page column in rss tests"
This reverts commit 04d0f855de.
Revert "Removed page column references in validation tests"
This reverts commit f0afbc5cc0.
Revert "Updated the post model to use the `type` column"
This reverts commit 1189bc823a.
Revert "Updated url service to use type column"
This reverts commit 61612ba8fd.
Revert "Updated the v2 api to deal with type column"
This reverts commit 57afb2de2b.
Revert "Added type property to post model defaults"
This reverts commit dc3345b1c5.
Revert "Added type property to the default post fixtures"
This reverts commit 82d8c38033.
Revert "Added type column to posts table"
This reverts commit 9b85fc6a69.
no issue
Admin key token verification was using hardcoded audience check with v2 admin endpoint, this updates it to check against api version and api type of the request url
* Installed @tryghost/members-ssr@0.2.1
refs https://github.com/TryGhost/Members/issues/38
This updates allows for dynamic access of the membersApi, which will be
used in future when replacing the membersApi instance with a newly
configured one.
* Set the membersApiInstance logger to use common.logging
refs https://github.com/TryGhost/Members/issues/38
Passes the Ghost logger to the members api, so that we can keep an eye
on errors produced by the api.
* Refactored memberService use to always use getter
refs https://github.com/TryGhost/Members/issues/38
This will allow us to switch out the membersApi and the consumers of it
to have the updated reference by going through a getter.
* Installed @tryghost/members-api@0.3.0
refs https://github.com/TryGhost/Members/issues/38
Adds support for setting the logger
* Uninstalled stripe@7.0.0
refs https://github.com/TryGhost/Members/issues/38
The stripe module is now a dep of members-api, as it should be
* Updated members service to reconfigure settings
refs https://github.com/TryGhost/Members/issues/38
Previously we were unable to stop an invalidly configured members api
instance, now that we create a new instance, we can wait for the ready
or error event and only switch it out then.
refs #10060
- Modules extractions done here are meant to make upcoming migration of authentication controller to v2 more manageable and reduce code repetition
- There were couple modules extracted for different areas that controller touches: passwordrest, accept (for invitation), setup
- The aim was to keep changes to the minimum while making small readability improvements to new functions through async/await syntax
- The biggest barrier to make more encapsulated functions was the fact that we mutate options parameter on multiple levels in the controller. e.g mutations of options.data during validation on the password reset ties it up to the implementation of doReset function
* Installed @tryghost/members-api@0.2.0
refs #10886
This will allow us to mount one router rather than having a static and
api router.
* Added members v2 api directory
refs #10886
This brings the members api more inline with how the rest of the apis
work within Ghost.
* Mounted the members api app to the api route
closes#10886
This successfully mounts the api and the static pages to the
/api/v2/members/ URL.
* Installed @tryghost/members-auth-pages@1.0.0
refs #10886
This updates the auth pages to work correctly with the new mount point.
* Changed membersUrl in members.js to use members api
refs #10886
This keeps the membersUrl lined up with the path for the static
members pages.
* Removed old members static mount point
refs #10886
These are no longer used, nor desired.
* Remove superfluous code from members service
refs #10886
This remove the gateway getter which is no longer used, and the fallback
for members not enabled - which is handled within the members app.
* Updated ssoOrigin to use admin url
refs #10886
This ensures that sites running on a separate admin domain have the
correct ssoOrigin, which is used to ensure only the designated auth
pages are used to hit the authentication endpoints.
Since the auth pages are now hosted under the `/ghost` url, they will be
on the admin origin and not the site origin
no issue
- Updated Test & linting packages
- Updated use of hasOwnProperty
- Using Object.prototype.hasOwnProperty instead (ref. eslint.org/docs/rules/no-prototype-builtins)
- Removed already defined built-in global variable Intl
- Applied `--fix` with lint command on `core/test` folder
- The rules were broken because some of them were made stricter for `eslint: recommended` ruleset (ref. https://eslint.org/docs/user-guide/migrating-to-6.0.0#eslint-recommended-changes)
- Removed redundant global variable declarations to pass linting
no issue
- The underlying issue is the change in retry behavior in 'got' (a3e77de287)
- Now 500 responses trigger 2 default retries
- Renamed retries -> retry. As mentioned in https://github.com/sindresorhus/got/releases/v9.0.0
- Added response body error check
no-issue
The issuer value is used through the members code base as the identifier
for the members api. The existing code did not take into account that
the domain/url for the site could be different than for the admin (and
the apis).
refs #10790
refs #9528
- The settings service was designed to handle more settings then just routing, but till this day there wasn't anything else added. As routes.yaml is only being used by frontend router so conceptually it fits better to have this code in frontend, so that it doesn't have to reach out to server
- The code left in server settings is the one that interacts with the database `settings` table and only partially provides information to frontend. That part is known as 'settings cache' and will be accessed through API controllers.
refs #10790
- Moved /core/apps into core/frontend
- Moved /core/server/helpers to /core/frontend/helpers along with /core/server/services/themes
- Changed helper location in overrides
- Moved /core/server/services/routing to /core/frontend/services
- Moved /core/server/services/url to /core/frontend/services
- Moved /core/server/data/meta to /core/frontend/meta
- Moved /core/server/services/rss to /core/frontend/services
- Moved /core/server/data/xml to /core/frontend/services
closes#10773
- The refactoring is a substitute for `urlService.utils` used previously throughout the codebase and now extracted into the separate module in Ghost-SDK
- Added url-utils stubbing utility for test suites
- Some tests had to be refactored to avoid double mocks (when url's are being reset inside of rested 'describe' groups)
* Installed `@tryghost/members-{api,auth-pages}`
no-issue
* Used @tryghost/members-auth-pages in member service
no-issue
* Used @tryghost/members-api in members service
no-issue
* Deleted core/server/lib/members
no-issue
* Fixed parent app tests
no-issue
Requiring the members api (via the `gateway` getter) was throwing an
error, so we stub out the members service getters
refs #10571
- Removes dependency on 'context' property being set in error when
checking a theme
- Refactoring was needed to be able to avoid passing checked theme as a
part of thrown error (logic was relying on error having this specific
data in context property). This created a problem where we controlled
the logic flow with data in error object.
- Introduced 2 different types of theme check handling, one behaves the
same way as before, the other gives more granulac control to the caller
to decide what to do with returned errors.
closes#10649
- `resourceType` in API v0.1 is only of 'post' type. Because in admin we now distinguish between 2 types of editable resources: 'posts' and 'page' the redirect has to be based on 'entry.page' flag
no issue
### Context
As part of updating the theme layer to use members-ssr [here](f9899cb8c4), we introduced a case where if `enableDeveloperExperiments` is not switched on, the whole theme loading will crash due to unavailability of `ssr` property on members service [here](https://github.com/TryGhost/Ghost/blob/master/core/server/services/members/index.js#L12). Since we switch on `enableDeveloperExperiments` by default on master now, the issue won't be reproducible locally until explicitly switched off.
This PR includes a patch fix which adds dummy `ssr` object to members service `api` object and members middleware check on APIs to ensure no crash in case developer flags is not switched on.
Longer term it will be definitely useful to upgrade the dummy `api` object to trigger on member labs than the developer flag.
* Removed support for cookies in members auth middleware
no-issue
The members middleware will no longer be supporting cookies, the cookie
will be handled by a new middleware specific for serverside rendering,
more informations can be found here:
https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5
* Removed members auth middleware from site app
no-issue
The site app no longer needs the members auth middleware as it doesn't
support cookies, and will be replaced by ssr specific middleware.
https://paper.dropbox.com/doc/Members-Auth-II-4WP4vF6coMqDYbSMIajo5
* Added comment for session_secret setting
no-issue
We are going to have multiple concepts of sessions, so adding a comment
here to be specific that this is for the Ghost Admin client
* Added theme_session_secret setting dynamic default
no-issue
Sessions for the theme layer will be signed, so we generate a random hex
string to use as a signing key
* Added getPublicConfig method
* Replaced export of httpHandler with POJO apiInstance
no-issue
This is mainly to reduce the public api, so it's easier to document.
* Renamed memberUserObject -> members
no-issue
Simplifies the interface, and is more inline with what we would want to export as an api library.
* Removed use of require options inside members
no-issue
This was too tight of a coupling between Ghost and Members
* Simplified apiInstance definition
no-issue
* Added getMember method to members api
* Added MembersSSR instance to members service
* Wired up routes for members ssr
* Updated members auth middleware to use getPublicConfig
* Removed publicKey static export from members service
* Used real session secret
no-issue
* Added DELETE /members/ssr handler
no-issue
This allows users to log out of the theme layer
* Fixed missing code property
no-issue
Ignition uses the statusCode property to forward status codes to call sites
* Removed superfluous error middleware
no-issue
Before we used generic JWT middleware which would reject, now the
middleware catches it's own error and doesn't error, thus this
middleware is unecessary.
* Removed console.logs
no-issue
* Updated token expirty to hardcoded 20 minutes
no-issue
This returns to our previous state of using short lived tokens, both for
security and simplicity.
* Removed hardcoded default member settings
no-issue
This is no longer needed, as defaults are in default-settings.json
* Removed stripe from default payment processor
no-issue
* Exported `getSiteUrl` method from url utils
no-issue
This keeps inline with newer naming conventions
* Updated how audience access control works
no-issue
Rather than being passed a function, members api now receives an object
which describes which origins have access to which audiences, and how
long those tokens should be allowed to work for. It also allows syntax
for default tokens where audience === origin requesting it. This can be
set to undefined or null to disable this functionality.
{
"http://site.com": {
"http://site.com": {
tokenLength: '5m'
},
"http://othersite.com": {
tokenLength: '1h'
}
},
"*": {
tokenLength: '30m'
}
}
* Updated members service to use access control feature
no-issue
This also cleans up a lot of unecessary variable definitions, and some
other minor cleanups.
* Added status code to auth pages html response
no-issue
This was missing, probably default but better to be explicit
* Updated gateway to have membersApiUrl from config
no-issue
Previously we were parsing the url, this was not very safe as we can
have Ghost hosted on a subdomain, and this would have failed.
* Added issuer to public config for members
no-issue
This can be used to request SSR tokens in the client
* Fixed path for gateway bundle
no-issue
* Updated settings model tests
no-issue
* Revert "Removed stripe from default payment processor"
This reverts commit 1d88d9b6d73a10091070bcc1b7f5779d071c7845.
* Revert "Removed hardcoded default member settings"
This reverts commit 9d899048ba7d4b272b9ac65a95a52af66b30914a.
* Installed @tryghost/members-ssr
* Fixed tests for settings model
no-issue
As we're deprecating apps, filters are no longer used.
- Removed use of filters in helpers
- Removed use of filters from routing service
- Removed use of filters from rss service
- Removed use of filters in base model
no-issue
The instansiation of a Module object was only used so that we could
override the require method inside external apps, now we have no support
for them, we are free to require the internal apps directly. This has no
functionality change.
no-issue
Rather than creating a whole instance, we can replace it with a helper
method - his is less memory intensive and a little easier to parse for
something this small.
no-issue
The permissions module is no longer necessary as we only suppot internal
apps, which have all permissions. This allowed us to delete the module,
but required that we update the loader to remove references to it.
no issue
- Added new API to delete members
- Added methods to handle e2e member deletion
- Deleting member via Admin leads to
- Removal of member from payment processor and cancelling all active subscriptions immediately
- Removal of member information from DB
closes#10640
- Updated sitemap resources data to include certain fields
- Fixes sitemap date and images value
- Updated date handling for sitemap nodes
refs #10599
- meta_description output wrong meta description
Only solves meta_description for this use case:
```
routes:
/:
data: page.{slug}
template: t
```
refs #10593
- Added `canonical_url` field to post&pages resources in Admin & Content APIs
- Support for canonical URL on metadata layer (used in {{ghost_head}} helper)
- Made sure the new field is not accessible from API v0.1
- Added handling same domain relative and absolute URLs
no issue
- e.g. /feed.xml/ was showing a 422
- any other none slug site requests showed a 422
- should be a 404
- context: site is talking to Content API
- it can happen that the API returns a 422
- the routing layer needs to handle this and always show a 404
- catched error in routing error handling
- need to see if there are more cases
no issue
- Additional JSON.stringify call is redundant because it is already happening internally in Ignition (https://github.com/TryGhost/Ignition/blob/master/lib/logging/GhostLogger.js#L241)
- Left stringification in importer as is, because the use case there is also
putting errors into 'problems' array and seems like those values have to
be stringified
no issue
- trying to use the v0.1 Public API when it was disabled led to a confusing error message, see https://forum.ghost.org/t/403-forbidden-error-on-postman-api-call/6017
- adds an explicit check for the Public API being enabled in the client authentication step and throws a useful error message if client auth is attempted when it's disabled
* Required kid be a header claim as according to spec
https://tools.ietf.org/html/rfc7515#section-4.1.4 (JWT is an extension of JWS)
* Updated error message for missing kid
* Fixed admin-api key unit tests
* Fixed regression and acceptance tests
no-issue
- Added member auth middleware to siteApp
- Passed member as context in routing service
- set Cache-Control: private for member requests
- fucked up some tests
- Added member as global template variable
- Updated tokens to have expiry of subscription_period_end
no-issue
* Corrected function names for rpc methods
* Updated gateway to store tokens locally
* Fixed lint
* Added hardcoded 30 minute expiry for member tokens
* Added default contentApiAccess config;
* Updated validateAudience method
This is required for security, we need to restrict which domains can access
tokens meant for the content api
refs #10438, refs #10106
* Renamed existing pages ctrl
* Splitted posts & pages for Admin API v2
* Added pages JSON input schema for Admin API v2
* Removed single author for Content & Admin API v2
- single author is not documented
- single author usage is deprecated in v0.1
- single author usage is removed in API v2
* Splitted posts & postsPublic controller for v2
* Removed requirement to send `status=all` from Admin API v2
* Removed `status` option from pages Content API v2
* Removed `status` options from Users Admin API v2
no-issue
* Refactored hideMembersOnlyContent to 3 "stages"
* Exported paymentConfigured flag from members service
* Updated Content-API to check members service for paymentConfigured
* Updated members content output serializer to remove content if plan required and no plan
* Updated isContentAPI method
* Moved api util test
refs #10461
- do not break the existing webhooks by keeping both payload formats for subscribers events
- refactored webhooks service to run models through target API version
- added new events described in the target issue reference
- this refactoring & enhancement is undocumented, further breaking changes will happen because we are actively working on: https://github.com/TryGhost/Ghost/issues/10438
These changes introduce a new "service" to the members api, which handles getting and creating subscriptions.
This is wired up to get subscription information when creating tokens, and attaching information to the token, so that the Content API can allow/deny access.
Behind the subscription service we have a Stripe "payment processor", this holds the logic for creating subscriptions etc... in Stripe.
The logic for getting items out of stripe uses a hash of the relevant data as the id to search for, this allows us to forgo keeping stripe data in a db, so that this feature can get out quicker.
closes#10447
- Get helper message talks about the old API, but upgrading is the best way to solve the problem
- Had to create a way to add a custom message to a labs enabled helper to achieve this
refs #9865
- Changed id passed for api_key to an object to be able to differenciate between admin and content api requests
- Added integration id to frame context
- Small refactoring of frame context initialization