Commit Graph

14979 Commits

Author SHA1 Message Date
Naz
9b2e36e4fb
Fixed CORS middleware unit test
refs https://github.com/TryGhost/Toolbox/issues/461

- The unit test was never using the "OPTIONS" request method, which did not actually trigger the full logic of the "cors" module used under the hood.
- Using the correct request method triggers all the right pathways and tests the state that's closer to the real world - for example the response does get "ended" instead of calling the "next" middleware.
2022-11-03 11:16:13 +08:00
Fabien "egg" O'Carroll
c5ad1b0531 Released Portal v2.19.8 2022-11-03 09:46:43 +07:00
Fabien 'egg' O'Carroll
f9c31dd902
Fixed upgrades for paid members (#15760)
closes https://github.com/TryGhost/Team/issues/2202

Some parts of the codebase were not using the isSameCurrency helper
which meant that we were incorrectly filtering out tiers from the
upgrade screen. Tiers used to *usually* have a lowercased currency
property, but they now _always_ have an uppercased.
2022-11-03 09:45:34 +07:00
Robin Cussol
0bccbcb083
Added e2e tests for page.deleted webhook (#15723)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-11-02 17:25:07 +00:00
Naz
a8ba8cc444
Added Vary value for CORS in Frontend
refs https://github.com/TryGhost/Toolbox/issues/461

- Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 17:23:47 +08:00
Naz
f581e33400
Added Vary value for CORS in Admin API
refs https://github.com/TryGhost/Toolbox/issues/461

- Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 17:23:47 +08:00
Naz
2f2aa36c75
Renamed options test suite cases
refs https://github.com/TryGhost/Toolbox/issues/461

- The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 17:23:22 +08:00
renovate[bot]
6afd6b6c75 Update dependency serve-handler to v6.1.5 2022-11-02 16:22:44 +07:00
Fabien "egg" O'Carroll
fb5e8fb2f3 Released Portal v2.19.7 2022-11-02 16:01:54 +07:00
Fabien "egg" O'Carroll
66b317ef78 Ensured plan is lowercased before being passed
This makes sure that we can correctly match the plan against either
"monthly" or "yearly"
2022-11-02 16:00:41 +07:00
Fabien "egg" O'Carroll
4785e25fe4 Released Portal v2.19.6 2022-11-02 15:58:36 +07:00
Fabien "egg" O'Carroll
bd5243b3bd Fixed creating checkout sessions with data-attribute-plan
refs https://github.com/TryGhost/Team/issues/2199

The data-attribute handler was not using the utils/api package but
instead reimplemnted the logic to create checkout sessions, this was
missed when moving to a redirect for checkout and so wasn't working
correctly.
2022-11-02 15:57:52 +07:00
Fabien "egg" O'Carroll
592e282f5b Updated data-members-plan handling to send Tier & Cadence
refs https://github.com/TryGhost/Team/issues/2199

Sending a price id was supposed to have been cleaned up but the
data-attributes file was missed.
2022-11-02 15:57:52 +07:00
Daniel Lockyer
876100e80b
Disabled code coverage check on @tryghost/data-generator
- this package is not used as part of Ghost's code and we shouldn't be
  enforcing a minimum coverage on it whilst it's in development
2022-11-02 15:45:12 +07:00
e.baidakova
93c6abcad5 Add ability to pass stale-while-revalidate option to cache control
closes TryGhost/Team#2094
This value can be used for non-crucial data with a `public` option. For example: `public, max-age=1, stale-while-revalidate=9`.
The idea behind this option is that the browser would cache the value for the number of seconds in `max-age` and would use it for the number of seconds in `stale-while-revalidate` until it gets a "validated response" from the server. The behaviour should be almost unnoticeable for the end user but would make a big difference in the amount of requests to server.
2022-11-02 10:54:12 +04:00
e.baidakova
81e6a7c5bd 🐛 Add ability to cache comments count endpoint
closes TryGhost/Team#2094
- Comment counts request was changed from `post` to `get` to enable request caching.
2022-11-02 10:54:12 +04:00
Naz
26b0bbc623 Added a test suite for OPTIONS requests
refs https://github.com/TryGhost/Toolbox/issues/461

- The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests.
- The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes"  (╯°□°)╯︵ ┻━┻
- On a serious note. I've introduced multiple hacks here that should be fixed:
1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite)
2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes.
- To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 13:43:30 +08:00
Naz
5fe80c82c5 Exposed Content API agent in e2e test utils
refs https://github.com/TryGhost/Toolbox/issues/461

- When testing OPTIONS requests there is a need to get all possible agents available in the system. The "getAgentsWithFrontend" serves exactly this purpose - create all possible agents while starting Ghost instance only once
- This is groundwork for OPTIONS request caching tests and improvements
2022-11-02 13:43:30 +08:00
Daniel Lockyer
ab678c3a90
Merged v5.22.4 into main
v5.22.4
2022-11-02 07:09:23 +07:00
Djordje Vlaisavljevic
2cd106ba02 Fixed scrollable table data showing outside of table
no ref
2022-11-01 22:45:30 +01:00
Ghost CI
13c6204197 v5.22.4 2022-11-01 19:19:31 +00:00
Fabien 'egg' O'Carroll
1ff1b75a69
🐛 Fixed errors with Stripe Checkout (#15749)
refs https://github.com/TryGhost/Ghost/commit/1f300fb781f0

The full customer object was not being passed to the StripeAPI service
when it already exists, this was resulting in inconsistent behaviour when
sending the customerEmail param to the API, causing `invalid_email`
errors to be thrown from Stripe and breaking the checkout.
2022-11-02 02:18:30 +07:00
Fabien "egg" O'Carroll
be66078a31 Released Portal v2.19.5 2022-11-02 00:32:35 +07:00
Hannah Wolfe
85c5a19f33
Merged v5.22.3 into main
v5.22.3
2022-11-01 17:29:16 +00:00
Ghost CI
7fda360799 v5.22.3 2022-11-01 17:12:38 +00:00
Fabien "egg" O'Carroll
743228ff1c 🐛 Fixed Portal showing paid Tiers when Stripe not connected
closes https://github.com/TryGhost/Team/issues/2197

Portal was relying on monthlyPrice or yearlyPrice being undefined as a
proxy to determine whether or not to show paid plans, this fixes it to
check for whether or not stripe is enabled.

I did consider using the portal_plans array to filter out unselected
Tiers, but wasn't sure of the repercussions, though it does seem like
the correct fix long term.
2022-11-02 00:11:33 +07:00
Fabien "egg" O'Carroll
ba41f308c7 🐛 Fixed upgrading to a paid plan
closes https://github.com/TryGhost/Team/issues/2196

We were incorrectly assuming that all requests would have the
`customerEmail` passed in the body. Instead we were incorrectly
passing `undefined` or `''` as the `customerEmail` property to stripe,
which resulted in a validation error.

We've updated the code to pass `null` in the case of a falsy value,
which the Stripe API handles without error.
2022-11-02 00:11:33 +07:00
Fabien "egg" O'Carroll
1f300fb781 🐛 Fixed checkout sessions when using Offers
closes https://github.com/TryGhost/Team/issues/2195

The issue here is two-fold, and specific to using Offers so was not
caught by any automated tests. First, we were incorrectly comparing
the tier.id to the offer.tier.id - this is because the Tier objects id
property is an instance of ObjectID rather than a string.

Secondly we were passing through the cadence parameter from the
request body, but when using Offers this is not including in the
request, so we must pull the data off of the Offer object instead and
pass that to the payments service.
2022-11-02 00:11:33 +07:00
Kevin Ansfield
2d2ac0102a Refactored signin controller to Octane patterns
refs https://github.com/TryGhost/Ghost/issues/14101

- migrated to native class syntax and glimmer component patterns
- removed use of jQuery, the workaround to trigger change events no longer appears necessary
2022-11-01 14:12:23 +00:00
Daniel Lockyer
498bec08cf
Merged v5.22.2 into main
v5.22.2
2022-11-01 18:24:58 +07:00
Ghost CI
3c71d07dfb v5.22.2 2022-11-01 09:28:14 +00:00
Fabien 'egg' O'Carroll
a0ebb9a6f3
🐛 Fixed Tier description not being set (#15741)
closes https://github.com/TryGhost/Ghost/issues/15740

The validation function for a Tier description was not returning the
validated value, which meant we were unable to set the Tier
description.
2022-11-01 16:25:55 +07:00
Fabien "egg" O'Carroll
f761bd36b4
Fixed verification trigger usage of Event Repository
refs https://github.com/TryGhost/Team/issues/2192

The method signatures of the Event Repository have been updated to
take mongo filter objects, but this call-site was not updated.

Long term we should really be using NQL filter strings for our
filtering API and the mongo filter objects should be an implementation
detail, however we don't have time right now to rectify this.
2022-11-01 13:00:42 +07:00
Fabien "egg" O'Carroll
63fe013606 Fixed verification trigger usage of Event Repository
refs https://github.com/TryGhost/Team/issues/2192

The method signatures of the Event Repository have been updated to
take mongo filter objects, but this call-site was not updated.

Long term we should really be using NQL filter strings for our
filtering API and the mongo filter objects should be an implementation
detail, however we don't have time right now to rectify this.
2022-11-01 12:06:11 +07:00
Daniel Lockyer
68689917e6
Merged v5.22.1 into main
v5.22.1
2022-11-01 06:11:24 +07:00
Robin Cussol
e7e12aba09
Added e2e tests for page.published.edited webhook (#15724)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-10-31 19:51:04 +00:00
Halldor Thorhallsson
79c80f28cc
Removed bluebird from api-framework module (#15685)
refs: https://github.com/TryGhost/Ghost/issues/14882

- Removing bluebird specific methods in favour of the Ghost sequence method so we can remove the bluebird dependency
2022-10-31 19:30:18 +00:00
Ghost CI
b2ad52fbf5 v5.22.1 2022-10-31 17:49:43 +00:00
renovate[bot]
8cde26f986 Update dependency ember-template-lint to v4.17.0 2022-10-31 17:37:40 +00:00
James Morris
8537239548 Moved the audience feedback setting into the footer
refs https://github.com/TryGhost/Team/issues/2191
2022-10-31 17:17:52 +00:00
Kevin Ansfield
b272b34a44 Fixed linter error 2022-10-31 12:12:58 +00:00
James Morris
21bf020e4e Moved the audience feedback setting into the footer
refs https://github.com/TryGhost/Team/issues/2191
2022-10-31 12:10:36 +00:00
Kevin Ansfield
5bf3fe9cb8 🐛 Fixed error preventing admin area being usable by staff users with Contributor role
closes https://github.com/TryGhost/Team/issues/2190

- added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor
- extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints
- added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions
2022-10-31 12:01:39 +00:00
Daniel Lockyer
92740e8967
Merged v5.22.0 into main
v5.22.0
2022-10-31 17:49:27 +07:00
Ghost CI
44722efe38 v5.22.0 2022-10-31 10:41:31 +00:00
Fabien "egg" O'Carroll
f878e84707 Fixed Tiers importer not correctly mapping price data
refs https://github.com/TryGhost/Toolbox/issues/464

Bceause the import does not use the API, any backwards compat code we put in the
API does not get run for imports, this means we need to update the importer to
map the stripe_prices data onto the products table so that we have valid data in
the database.
2022-10-31 17:30:16 +07:00
Daniel Lockyer
d59909941c Backfilled missing columns in products table
refs https://github.com/TryGhost/Toolbox/issues/464

- due to a bug with the content importer, importing a JSON file where
  the `products` do not contain price info will store null values in the
  table instead of the defaults
- this ends up causing further issues because we're not populating the
  table for paid products
- this commit is a copy of the 5.19 migration
  `2022-09-02-20-52-backfill-new-product-columns.js`, but adds a check
  for a null `t.currency`, which combined with the `t.type === paid`,
  should identify the rows we want to update
2022-10-31 16:36:57 +07:00
Naz
49e97829d0
Added auto-mapping for complimentary_plan column
closes https://github.com/TryGhost/Team/issues/1076
refs f068e40723
refs 7fe9e06c4d

- The Members CSV importer was not auto-detecting and mapping the `complimentary_plan` column when it was present in CSV. This was to improve user-experience and NOT start the import as a "background job" by default.
- With resent (see refs) changes having "complimentary_plan" column in the imported file does not send the import into the background. We can now safely include it as auto-detected field, without compromising user experience.
2022-10-31 16:47:14 +08:00
Naz
7fe9e06c4d
Fixed rule for import background job detection
refs https://github.com/TryGhost/Team/issues/1076

- The members CSV import would go into background job (longer running and resulting with an email) when it contained a complimentary_plan column.
- With recent members codebase decoupling Ghost does not make any connection to Stripe as "complimentary plan" data is saved purely in native data structures. Making no need for a background job for complimentary plans
2022-10-31 16:31:55 +08:00
Naz
4d26c50e0b
Fixed data type of hasStripeData in member importer
refs https://github.com/TryGhost/Team/issues/1076

- What appeared to be a "boolean" by nature and name, the hasStripeData was holding a result of "find" method - and object or an undefined value
- Fixed the typing, to avoid ambiguity in the future
2022-10-31 16:31:35 +08:00