Commit Graph

29151 Commits

Author SHA1 Message Date
Fabien "egg" O'Carroll
83f2bf4757 Added ability to filter members on signup attribution
refs https://github.com/TryGhost/Team/issues/1831
2022-08-23 11:36:56 -04:00
Georg Grauberger
36d9ae36ae
Added secret handling for webhooks (#13980)
closes: https://github.com/TryGhost/Team/issues/1203
refs: https://github.com/TryGhost/Ghost/issues/9942

- Ensures that the webhook secret is validated and saved in Ghost admin
- Then makes use of this value by optionally adding an X-Ghost-Signature header that effectively signs the webhooks
- This allows for verifying the source of a webhook coming from Ghost is truly Ghost.
- Uses the same pattern as GitHub uses: https://docs.github.com/en/developers/webhooks-and-events/webhooks/securing-your-webhooks

Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-08-23 16:34:32 +01:00
James Morris
c3fb0ef578 More work on the posts table for attribution
- Added in the open rate progress bar
- Columns in place with feature flag
- Moved open rate to tooltip for exact data

refs https://github.com/TryGhost/Team/issues/1818
2022-08-23 15:54:28 +01:00
Daniel Lockyer
f4f757c314
Fixed missing resource type definition
refs 3a9016639c

- this was accidentally missed from the referenced commit
2022-08-23 16:49:11 +02:00
Daniel Lockyer
3a9016639c
Fixed page actions stored under page resource type
refs bde9b84221

- the commit above claimed to fix an issue where actions taken on pages
  were stored using the `post` resource type
- whilst it does that, this actually breaks part of the API because we
  use the `resource_type` to join on tables when doing an
  `include=resource`
- this commit reverts that functionality and instead stores the type in
  the `context` field so we can still differentiate between pages and
  posts
2022-08-23 16:39:47 +02:00
Simon Backx
d91d6c1311
Added attribution counts to Pages API (#15289)
fixes https://github.com/TryGhost/Team/issues/1835

This was missed in the initial pass when adding to the Posts API
2022-08-23 10:26:34 -04:00
Hannah Wolfe
0695f74a65 Fixed some type issues with the api framework
- fixes a bunch of red squiggly lines due to type issues
- this in turn makes it slightly easier to read the API pipeline code
2022-08-23 14:49:29 +01:00
Hannah Wolfe
4cd210c29c Added post deletion tests using new e2e framework
- copied over and rewrote the deletion test from the legacy file
- added a new test that checks that we get a 404 when attempting to delete an unknown post
- this is a guard to protect and futureproof the API whilst we do refactoring to improve 404 handling from bookshelf
- in turn this is aimed at helping to get rid of a bunch of catch predicates from the API
2022-08-23 14:49:29 +01:00
Hannah Wolfe
a2a71c8e67 Renamed e2e admin post tests to legacy
- I want to start rewriting the post tests using the new e2e framework, but it's quite a big task
- For now I have renamed the existing file, and will use the correct file name for writing modern versions of tests
- Note: I have a specific test that I'd like to add which is far easier to write in the new framework
- This change should facilitate moving forward more with the new framework
2022-08-23 14:49:29 +01:00
Daniel Lockyer
9effa119c6 Implemented context on Actions events
refs https://github.com/TryGhost/Toolbox/issues/356

- in order to show data that we might not necessarily still have around
  (ie. when you delete a post, you might want the title), we're going to
  start utilizing the `context` column
- right now, we store the `primary_name` for deleted events, and we also
  store the `setting` `key` and `group` so we can reference it in the
  audit log
2022-08-23 14:58:41 +02:00
James Morris
7f6aa78c01 Tweaking styles for post and pages to work better with more data
refs https://github.com/TryGhost/Team/issues/1818
2022-08-23 13:39:22 +01:00
Simon Backx
934e61aa4c Updated activity feed to use full width
no issue

- Activity feed page now has `gh-main-fullwidth` class
- Page `<title>` is now 'Activity - Ghost' instead of just 'Ghost'
2022-08-23 14:36:48 +02:00
Peter Zimon
d5197fe196 Updated mobile styles for Audit log
refs. https://github.com/TryGhost/Toolbox/issues/356
2022-08-23 13:22:31 +02:00
Aileen Nowak
e5b604cca0 Updated camelCase properties in Explore endpoint to be snake_case 2022-08-23 12:04:07 +01:00
Aileen Nowak
4892f1d0d5 Added publication language to admin site endpoint
no issue

- The site locale should be exposed within the public site config in order to handle i18n in third party apps
- Added the locale to Explore service to simplify fetching it when submitting a new site
2022-08-23 12:04:07 +01:00
Kevin Ansfield
3fd32ce3cf
Lexical-powered editor experiment (#15278)
no issue

We're spending a bit of time playing with an alternative to mobiledoc-kit to test it's feasibility as a base for future editor improvements.

- add `editor.lexicalUrl` config that points at the unpkg release by default
- set up a route on `/ghost/#/lexical-editor/post/` for the test playground which renders `<KoenigLexicialEditor>` as the editor
- adds `<KoenigLexicalEditor>` component that lazy loads the external react component
2022-08-23 11:45:50 +01:00
Djordje Vlaisavljevic
df4c838443 Fixed bug with free membership price card
refs https://github.com/TryGhost/Team/issues/1806
2022-08-23 12:37:30 +02:00
Peter Zimon
8a2bb1f24e Fixed linting error in Admin 2022-08-23 12:26:51 +02:00
Peter Zimon
2d8b907449 Added feature flag condition to view user log
refs. https://github.com/TryGhost/Toolbox/issues/356
2022-08-23 12:22:58 +02:00
Peter Zimon
e06c4c3e0b Added access to user activity from staff profile
refs. https://github.com/TryGhost/Toolbox/issues/356

- administrators needed a quick way to access the Audit log prefiltered for a given user from the user's staff profile page
2022-08-23 12:17:06 +02:00
Djordje Vlaisavljevic
4e4d1015cd Fixed dark mode bugs
refs https://github.com/TryGhost/Team/issues/1724
2022-08-23 11:50:47 +02:00
Djordje Vlaisavljevic
d0e9b4b359 Fixed border radius when only child
refs https://github.com/TryGhost/Team/issues/1727
2022-08-23 11:50:47 +02:00
Peter Zimon
8fe8874393 Fixed name and email spacing in account menu 2022-08-23 11:50:29 +02:00
Peter Zimon
c82627be60 Added reset functions to Audit log
refs. https://github.com/TryGhost/Toolbox/issues/356

- The page title in Audit log didn't reset the filters and the search value
- Also, the button on the empty list screen didn't work
2022-08-23 11:37:45 +02:00
Peter Zimon
4aecc21a45 Updated Audit log filter dropdown
refs. https://github.com/TryGhost/Toolbox/issues/356

- The order of the items in the dropdown wasn't representing importance, also it took up a bit too much vertical space
2022-08-23 09:45:06 +02:00
Naz
02a0fd5a32 Fixed source attribution for staff token API requests
closes https://github.com/TryGhost/Toolbox/issues/386

- When the API request was made using staff token the source attribution was "user" instead of "api". Misattribution caused ripple effects in  limit service.
- The fix also adds a new combination of data available on the  `req` object - both `user` and `api_key` can be present when the request is done using a staff (user) token. Having both pieces of data on the request object gives more context for business logic, did not find a good reason to keep it "pure" with either `api_key` or `user` property.
2022-08-23 14:38:46 +08:00
Naz
6121451b5d Reused _resolveContextSource method in member update
refs https://github.com/TryGhost/Toolbox/issues/386

- Reusing tontext mapping logic to improve maintainability. It seems like the `update` method was not updated properly or intentionally was left out from  'import' source as that should not ever happen theoretically. Probably the latter is most likely.
- My reasoning on reusing same context to source mapping is: it is better to attribute an appropriate "import" source here. Who knows, maybe we'll have logic in the future where the importer updates instead of skipping existing members. It would not make sense to attribute the source to 'member' in that case, amirite?
- This refactor also makes maintainability of this code way easier
2022-08-23 14:38:46 +08:00
Naz
32343a7adb Extracted context to source mapping logic
refs https://github.com/TryGhost/Toolbox/issues/386

- Before changing the mapping logic it needs to become testable!
2022-08-23 14:38:46 +08:00
renovate[bot]
56da2a2be0
Update dependency tough-cookie to v4.1.0 2022-08-23 02:06:33 +00:00
renovate[bot]
7d5f282e14
Update metascraper to v5.30.3 2022-08-22 22:36:29 +00:00
Daniel Lockyer
43ad4ff814
Removed unused services
- these are not needed
2022-08-22 21:15:21 +02:00
Daniel Lockyer
c459807f9a
Stored action events for settings
refs https://github.com/TryGhost/Toolbox/issues/356

- this enables us to store and filter on actions affecting Settings,
  which will usually be `edited`
2022-08-22 21:12:32 +02:00
James Morris
e56fbdbb57 Better handling of event objects and links with and without feature flag
refs https://github.com/TryGhost/Team/issues/1816
2022-08-22 18:37:49 +01:00
Daniel Lockyer
fa8484ad62
Added webhook as a supported filtering resource
refs https://github.com/TryGhost/Toolbox/issues/356
2022-08-22 19:34:19 +02:00
Daniel Lockyer
c4df99f8a6
Fixed pages unable to be filtered
- this was due to a typo - it should be singular
2022-08-22 19:33:54 +02:00
Daniel Lockyer
6697dcb39a
Allowed Users to be filtered in Audit Log
refs https://github.com/TryGhost/Toolbox/issues/356

- this was missed from the first implementation
2022-08-22 19:31:55 +02:00
Peter Zimon
ef1d7593f5 Updated copy for Audit log table header
refs. https://github.com/TryGhost/Toolbox/issues/356

- there was an inconsistency between the table header and the rest of the UI
2022-08-22 19:18:55 +02:00
Peter Zimon
122ba10114 Updated Activity log list design
refs. https://github.com/TryGhost/Toolbox/issues/356

- The Audit log list had a temporary (POC) design, it needed refinements
2022-08-22 19:15:37 +02:00
James Morris
18186f9ba6 Added in the attribution column for activity page
refs https://github.com/TryGhost/Team/issues/1816
2022-08-22 17:51:01 +01:00
Peter Zimon
3b13c03af2 Fixed Admin lint error 2022-08-22 18:40:49 +02:00
Peter Zimon
b3d2f2ef1f Updated UX for accessing Audit log
refs. https://github.com/TryGhost/Toolbox/issues/356

- The entry for Audit log had been temporarily put on the top level Settings screen. Instead it's now accessible from Settings / General from a generic About box which had been moved from the What's new page. This also required to update the layout of the What's new page a little bit.
2022-08-22 17:56:40 +02:00
Daniel Lockyer
3831d8d479
Fixed pagination in audit log table
- the `created_at` key is stored directly under the object we fetch as
  the last event, rather than a subkey
- this meant we weren't checking the date of the last event correctly,
  which broke pagination
2022-08-22 17:51:34 +02:00
James Morris
e3e613de1c Fixed a linting problem
refs https://github.com/TryGhost/Team/issues/1816
2022-08-22 16:51:03 +01:00
James Morris
3e57f88d12 Added in the attribution column to the dashboard activity under feature flag
- This has the attribution column back into the dashboard activity
- This works only under the member attribution flag
- There are still some issues with event copy

refs https://github.com/TryGhost/Team/issues/1816
2022-08-22 16:28:18 +01:00
Simon Backx
fe3430202a
Fixed member attribution for subdirectories (#15277)
fixes https://github.com/TryGhost/Team/issues/1829

- Remove the subdirectories when creating the Attribution instances
- URLs are now always stored relative to the subdirectory instead of the root directory (makes changing the subdirectory easier)
- Fixed returning absolute urls
- Added tests
2022-08-22 17:16:18 +02:00
Daniel Lockyer
adaecde430
Split event and resource filtering apart
refs https://github.com/TryGhost/Toolbox/issues/356

- events and resources needed to be filtered and sent to the API
  differently
- this commit splits them apart and wires up the toggles to query params
  and therefore API requests
2022-08-22 17:14:34 +02:00
Daniel Lockyer
71e541f2c4
Cleaned up code duplication in Audit Log table
refs b9a42bcb1c (r81841869)

- this makes it clearer to read and cleans up my messy hacks
2022-08-22 16:12:46 +02:00
Daniel Lockyer
30d211fcab
Restricted linking to posts and pages
refs https://github.com/TryGhost/Toolbox/issues/356

- linking is a bit hit-or-miss right now so it's best to only link to
  the resources we can
- this implements a `linkable` attribute on an event to indicate if we
  can link to its page or not
2022-08-22 16:09:56 +02:00
Daniel Lockyer
b9a42bcb1c
Added note when an object is unknown
refs https://github.com/TryGhost/Toolbox/issues/356

- this can occur when the ID in the action event is unknown in the DB,
  and we don't have any other context for it
2022-08-22 15:49:20 +02:00
Daniel Lockyer
68030d4d52
Added basic filtering and searching to audit log
refs https://github.com/TryGhost/Toolbox/issues/356

- this adds some basic filtering and search across the audit log events
- not all of it works, but filtering by objects and searching for users
  should work
2022-08-22 15:41:04 +02:00