Commit Graph

851 Commits

Author SHA1 Message Date
Hannah Wolfe
9f96d256bc Published new versions
- @tryghost/config-url-helpers@1.0.0
2022-05-11 10:38:59 +01:00
Hannah Wolfe
2a9fca6427 Removed support for mixed http/https mode
refs: https://github.com/TryGhost/Ghost/issues/14446

- currently ghost will upgrade configured urls to https if a secure request comes into a http configured site
- we no longer want to support this feature
- instead, ghost will strictly honour the configured URL
2022-05-11 10:38:26 +01:00
Naz
4627a77a99 Published new versions
- @tryghost/api-version-compatibility-service@0.4.1
 - @tryghost/mw-api-version-mismatch@0.2.1
2022-05-11 10:49:43 +08:00
Naz
d9d84c25ec Changes email notification template copy
refs https://github.com/TryGhost/Toolbox/issues/292

- Copy change was based on feedback pointed out by Peter.
2022-05-11 10:48:32 +08:00
Naz
3010d498ca Added query string trimming from the original URL
refs https://github.com/TryGhost/Toolbox/issues/292

- There are couple of reasons why we don't want to include the query string information in the outgoing notification emails:
- 1. Security - we can expose the Content API key to an unauthorized person. The emails go out to administrators, so they have access to this data anyway. But for example they might forward full email content to someone from “tech team” or whoever is not really authorized to see it.
2. It looks a bit ugly and could be waaay to long breaking the email layou
2022-05-11 10:40:09 +08:00
Naz
32d888d3cc Fixed email copy based on feedback
refs https://github.com/TryGhost/Toolbox/issues/292

- The email copy had a few bits that were off after the review. This fixes them.
2022-05-11 10:37:18 +08:00
Naz
9d875e7d45 Fixed use of integration name in the email subject
refs https://github.com/TryGhost/Toolbox/issues/292

- The integraton name should be used instead of the user agent!
2022-05-11 10:08:32 +08:00
Naz
e0e1ca0c78 Published new versions
- @tryghost/api-version-compatibility-service@0.4.0
 - @tryghost/mw-api-version-mismatch@0.2.0
2022-05-10 17:35:08 +08:00
Naz
8cc9fc4353 Substituted UserAgent with Integration Name in emails
refs https://github.com/TryGhost/Toolbox/issues/292

- Providing user-defined Integration name instead of API client's UserAgent gives a lot more control to instance administrators identifying which integration is being used incorrectly.
- It's best practice to create an Integration with a set of API keys per API client - which should be enough to identify an outdated one.
2022-05-10 17:33:15 +08:00
Naz
09594cb5e1 Updated version mismatch middleware to handle API keys
refs https://github.com/TryGhost/Toolbox/issues/292

- The version mismatch middleware middleware is the best place where the information can be assembled for the  APIVersionCompatibilityService to handle. We need API key identification information to be able to pick up the integration name when sending a notification email to the administrators
2022-05-10 16:44:18 +08:00
Naz
c317069c75 Published new versions
- @tryghost/api-version-compatibility-service@0.3.2
 - @tryghost/version-notifications-data-service@0.2.0
2022-05-10 16:28:10 +08:00
Naz
baef69f968 Added Integration name extraction based on API Key data
refs https://github.com/TryGhost/Toolbox/issues/292

- This information is needed for the emails used to notify the instance admins about version mismatch.
- The identification information is different for Content and Admin keys because of their nature. Content API keys send the unique "secret" value in plaintext, Admin API keys send key id (kid) as a part of token payload and that's the easiest accessible information available without a need to query the db in another parts of the system.
2022-05-10 16:26:52 +08:00
Naz
fbd7e206dc Published new versions
- @tryghost/extract-api-key@0.1.0
2022-05-10 16:11:42 +08:00
Naz
41103000d2 Added support for Admin API key extraction
refs https://github.com/TryGhost/Toolbox/issues/292

- Allows to detect and extract admin api key ID value. The reason why we are not dealing withe the "secret" value here in a similar way as Content API key is to keep the package independent from the model layer. It only provides "identification" information along with the key type so that the version mismatch data service can deal with this information in an optimal way (just one db query).
2022-05-10 16:08:54 +08:00
Naz
988acff403 Simplified returned data from api key extraction
refs https://github.com/TryGhost/Toolbox/issues/292

- We can query the data base by the API key itself, there's no need for type of the API  at any point yet
2022-05-10 14:44:55 +08:00
Naz
ef0de40228 Added extra test for output when request has no keys
refs https://github.com/TryGhost/Toolbox/issues/292

- Providing extra coverage so the outputs are clear
2022-05-10 14:18:38 +08:00
Naz
b4445cf6e0 Bootstrapped api key extractor package
refs https://github.com/TryGhost/Toolbox/issues/292

- The package is meant to be one stop shop for extraction of any API keys from requests known to Ghost
- To start with it should detect and return keys for Content and Admin APIs for the purposes of api version mismatch handling
2022-05-10 12:37:05 +08:00
Naz
8e0f9f0be4 Published new versions
- @tryghost/api-version-compatibility-service@0.3.1
2022-05-09 20:01:58 +08:00
Naz
6bcc0fcc86 Fixed dependency for @tryghost/version-notifications-data-service
refs https://github.com/TryGhost/Toolbox/issues/292

- The version-notifications-data-service did not resolve correctly after it was removed from it's package.json. It should have been declared here from the get go!
2022-05-09 20:00:57 +08:00
Naz
c5b8d073d7 Published new versions
- @tryghost/adapter-manager@0.2.31
 - @tryghost/api-version-compatibility-service@0.3.0
 - @tryghost/bootstrap-socket@0.2.20
 - @tryghost/config-url-helpers@0.1.8
 - @tryghost/constants@1.0.5
 - @tryghost/database-info@0.3.5
 - @tryghost/email-content-generator@0.1.2
 - @tryghost/image-transform@1.0.32
 - @tryghost/job-manager@0.8.24
 - @tryghost/limit-service@1.1.3
 - @tryghost/minifier@0.1.15
 - @tryghost/moleculer-service-from-class@0.2.26
 - @tryghost/mw-api-version-mismatch@0.1.4
 - @tryghost/mw-error-handler@1.0.1
 - @tryghost/mw-session-from-token@0.1.32
 - @tryghost/mw-update-user-last-seen@0.1.6
 - @tryghost/package-json@1.0.21
 - @tryghost/pretty-cli@1.2.27
 - @tryghost/promise@0.1.18
 - @tryghost/release-utils@0.7.15
 - @tryghost/security@0.3.1
 - @tryghost/session-service@0.1.42
 - @tryghost/settings-path-manager@0.1.7
 - @tryghost/update-check-service@0.3.4
 - @tryghost/version-notifications-data-service@0.1.2
 - @tryghost/zip@1.1.25
2022-05-09 18:25:48 +08:00
Naz
a730b63ee0 Added JSDocs to the version notification service
refs https://github.com/TryGhost/Toolbox/issues/292
2022-05-09 18:15:46 +08:00
Naz
35031b8f2e Refactored api version compatibility service API
refs https://github.com/TryGhost/Toolbox/issues/292

- The service used to take in a whole bunch of functions as parameters and did expect the client to know about the "version-notifications-data-service" which is not necessary and make the constructor API a notch complicated
- Putting in the data service initialization internally allows for the client to pass in less parameters and know less abou the internal working of the service - way easier to use!
2022-05-09 18:14:41 +08:00
Naz
e2c7c21e86 Added typings to the middleware to imporve checks
refs https://github.com/TryGhost/Toolbox/issues/292

- Having types would potentially have prevented a bug from a parent commit with mistyped property name
2022-05-09 15:35:09 +08:00
Naz
7419ff2c4f Fixed requestURL value passed to the APIVersionCompatibilityService
refs https://github.com/TryGhost/Toolbox/issues/292

- There was a typo in the variable name - req.originalURL is NOT does not exist on express' reqest object
- Added tests to avoid similar mistake again
2022-05-09 15:35:09 +08:00
Renovate Bot
82b83743a7 Update dependency sinon to v14 2022-05-09 00:14:50 +00:00
Hannah Wolfe
7b6b8192e3 Published new versions
- @tryghost/mw-error-handler@1.0.0
 - @tryghost/security@0.3.0
2022-05-06 15:46:34 +01:00
Hannah Wolfe
0ad0cee19b Removed unused jsonErrorRenderer + renamed V2
- As of Ghost 5.0 we only use the V2 version of jsonErrorRenderer
- Removed the old one, and renamed the V2 to not have a suffix any more
- Added 100% coverage to tests whilst here
2022-05-06 15:45:41 +01:00
Hannah Wolfe
3a7613a46e Added secret.create util to security package
- this utility existed twice in the ghost codebase:
   - f6fb823ce9/core/server/models/api-key.js (L24)
   - f6fb823ce9/core/server/data/migrations/versions/4.0/22-solve-orphaned-webhooks.js (L7)
- We also potentially need it for a second migration use case
- so moved it here, made it slightly more generic and also deprecated identifier.uid in favour of using this method as they do the same thing, but secret.create uses crypto properly
2022-05-06 15:15:40 +01:00
Naz
877fdc7bfe Published new versions
- @tryghost/api-version-compatibility-service@0.2.0
 - @tryghost/email-content-generator@0.1.1
 - @tryghost/limit-service@1.1.2
 - @tryghost/mw-api-version-mismatch@0.1.3
2022-05-05 17:57:44 +08:00
Naz
fc7e1c383e Added requestURL handling in version mismatch middleware
refs https://github.com/TryGhost/Toolbox/issues/292

- We need to pass this data so that emails include this bit of information
2022-05-05 17:56:18 +08:00
Naz
521ddc001c Added request url parameter to notification emails
refs https://github.com/TryGhost/Toolbox/issues/292

- Generic version mismatch notification emails contain request url which had to be parameterized to function properly.
2022-05-05 14:51:47 +08:00
Naz
b2f585e0d0 Added Zapier-specific email templates
refs https://github.com/TryGhost/Toolbox/issues/292

- When the handler recognizes a Zapier client it should send an email using Zapier-specific template with instructions more suitable for Zap failure
2022-05-05 12:43:55 +08:00
Naz
1a0a4272f3 Extracted template to be a separate variable
refs https://github.com/TryGhost/Toolbox/issues/292

- Nice to track the change history
2022-05-05 12:32:52 +08:00
Naz
6aeb27ce62 Renamed zapier test variables
refs https://github.com/TryGhost/Toolbox/issues/292

- Before adding Zapier specific feature cleaning up here for cleaner history
2022-05-05 12:24:32 +08:00
Naz
32e42ae276 Added more precise JSDoc to email content generator
refs https://github.com/TryGhost/Toolbox/issues/292

- Provided better type checking/suggestions
2022-05-05 12:17:30 +08:00
Naz
30f8b0a446 Added support for html templates in version emails
refs https://github.com/TryGhost/Toolbox/issues/292

- The html/text emails is a desired system that's used in Ghost core and should be reused with version mismatch notification emails too.
- Currently there's only one template defined "generic-mismatch" and the original file for it can be found under /templates/generic-mismatch.html
- If we need to distinguish user agents we can addd more templates to the `/templates/` folder
2022-05-05 12:17:30 +08:00
Naz
06c733bb0b Added explicit "text" parameter in sendEmail call
refs https://github.com/TryGhost/Toolbox/issues/292

- This is groundwork before adding separate html/text generation. Should make future additions more readable
2022-05-05 12:17:30 +08:00
Aileen Nowak
7f32fde707 Added currentCountQuery for newsletters
refs https://github.com/TryGhost/Team/issues/1583
2022-05-04 11:52:57 -04:00
Hannah Wolfe
cfb3df1807 Published new versions
- @tryghost/mw-error-handler@0.2.4
2022-05-04 13:05:29 +01:00
Hannah Wolfe
9e6f5c5194 Updated copy for accept-version errors
- Copy has been updated and approved now :)
2022-05-04 13:04:40 +01:00
Naz
e5d097fbae Published new versions
- @tryghost/adapter-manager@0.2.30
 - @tryghost/api-version-compatibility-service@0.1.2
 - @tryghost/bootstrap-socket@0.2.19
 - @tryghost/config-url-helpers@0.1.7
 - @tryghost/constants@1.0.4
 - @tryghost/database-info@0.3.4
 - @tryghost/email-content-generator@0.1.0
 - @tryghost/image-transform@1.0.31
 - @tryghost/job-manager@0.8.23
 - @tryghost/limit-service@1.1.1
 - @tryghost/minifier@0.1.14
 - @tryghost/moleculer-service-from-class@0.2.25
 - @tryghost/mw-api-version-mismatch@0.1.2
 - @tryghost/mw-error-handler@0.2.3
 - @tryghost/mw-session-from-token@0.1.31
 - @tryghost/mw-update-user-last-seen@0.1.5
 - @tryghost/package-json@1.0.20
 - @tryghost/pretty-cli@1.2.26
 - @tryghost/promise@0.1.17
 - @tryghost/release-utils@0.7.14
 - @tryghost/security@0.2.17
 - @tryghost/session-service@0.1.41
 - @tryghost/settings-path-manager@0.1.6
 - @tryghost/update-check-service@0.3.3
 - @tryghost/version-notifications-data-service@0.1.1
 - @tryghost/vhost-middleware@1.0.25
 - @tryghost/zip@1.1.24
2022-05-04 17:21:51 +08:00
Naz
81c6af77b5 Fixed unit test coverage
refs https://github.com/TryGhost/Toolbox/issues/292

- With the package being out of TryGhost/Ghost codebase the paths have changed and needed to introdude a concept of "fixtures" for the package to be able to funciton independently
2022-05-04 17:16:43 +08:00
Naz
393834ae4a Added html-to-text dependency
refs https://github.com/TryGhost/Toolbox/issues/292

- This dependency is needed for the package to function properly. Have pinned it to a lower major than is currently available to avoid a unnecessary rabbithole of dealing with breaking changes
2022-05-04 17:16:43 +08:00
Naz
b4682bf643 Bootstrapped email-content-generator package
refs https://github.com/TryGhost/Toolbox/issues/292
2022-05-04 17:16:43 +08:00
Naz
ca693f79f8 Reworked EmailContentGenerator to async/await
refs https://github.com/TryGhost/Toolbox/issues/292

- Makes the code more readable
2022-05-04 17:16:43 +08:00
Naz
0c2cc2af8a Refactored email utils to a class with DI params
refs https://github.com/TryGhost/Toolbox/issues/292

- There's a need to reuse these utils in the version mismatch notification service. Having loads of tightly coupled dependencies makes it super hard to rip out this module for reuse
- It's a groundwork for extraction of the email-utils package
- Rewrote the unit tests that were written for these utils previously - they weren't testing anything useful. The goal of this util is to generate specific content based on provided data and available templates - now the tests do test those specific things, not the mailer itself!
2022-05-04 17:16:43 +08:00
Hannah Wolfe
6119ccbe90 Moved server unit tests into the server folder
- this is a small part of a bit of cleanup of our test files
- the goal is to make the existing tests clearer with a view to making it easier to write more tests
- this makes the test structure follow the codebase structure more closely
- eventually we will colocate the tests as we break the codebase down further
2022-05-04 17:16:43 +08:00
Naz
ff4bdb5ff8 Made integration naming less technical
refs https://github.com/TryGhost/Toolbox/issues/292

- The audience of the notification emails for version missmatch could be less technical - site owneres are usually creators not programmers. Not using complex technical details in the email subject/body should make the incompatibility more approachable to deal with.
2022-05-04 11:05:48 +08:00
Renovate Bot
d7768efb40 Update dependency archiver to v5 2022-05-02 15:03:40 +01:00
Renovate Bot
6f93c82c5a Update Test & linting packages 2022-05-02 14:01:35 +00:00