Commit Graph

31260 Commits

Author SHA1 Message Date
Simon Backx
a499f866f3 Prevented posts webhook tests from breaking on every release 2022-10-05 14:25:00 +02:00
Simon Backx
f17934a5d2 Updated snapshots for latest release 2022-10-05 14:18:29 +02:00
Daniel Lockyer
f0a0ff66de
Deleted extraneous file
- this snook in at some point
2022-10-05 18:33:32 +07:00
Daniel Lockyer
c4981a71a2
Merged v5.17.2 into main
v5.17.2
2022-10-05 18:33:12 +07:00
Ghost CI
267f1530f0 v5.17.2 2022-10-05 12:32:04 +01:00
Simon Backx
8900db8614
Fixed snapshots for Portal update
refs e86e78fb6b
2022-10-05 18:11:06 +07:00
Simon Backx
811f37e18a
Bumped used Portal version to v2.14.x
refs eac8fbfdfd
refs e7378520a0
refs https://github.com/TryGhost/Ghost/issues/14508
2022-10-05 18:11:06 +07:00
Simon Backx
41a0945592
🐛 Prevented member creation when logging in (#15526)
fixes https://github.com/TryGhost/Ghost/issues/14508

This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour.

**Problem:**
When a member tries to login and that member doesn't exist, we created a new member in the past.

- This caused the creation of duplicate accounts when members were guessing the email address they used.
- This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion.

**Fixed:**
- Trying to login with an email address that doesn't exist will throw an error now.
- Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset.
- Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware.
- The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token.

**Notes:**
- Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 18:11:06 +07:00
Kevin Ansfield
524b23c182
Migrated staff user screen to Ember Octane patterns (#15532)
refs https://github.com/TryGhost/Ghost/issues/14101

- migrated staff user controller to native class syntax
- removed use of `{{action}}` helper
- moved from custom components to native `<input>` and `<textarea>` for form fields
  - added `{{select-on-click}}` modifier to cover the `<GhTextingInput @selectOnClick>` option behaviour for any input element
- added `submitForm()` test helper that finds closest `form` element and trigger's a `submit` event on it simulating <kbd>Enter</kbd> being pressed whilst a field has focus
2022-10-05 12:05:31 +01:00
Simon Backx
b96ff6ae4a Fixed snapshots for Portal update
refs e86e78fb6b
2022-10-05 12:52:50 +02:00
Simon Backx
e86e78fb6b Bumped used Portal version to v2.14.x
refs eac8fbfdfd
refs e7378520a0
refs https://github.com/TryGhost/Ghost/issues/14508
2022-10-05 12:47:03 +02:00
Simon Backx
eac8fbfdfd Released Portal v2.14.0 2022-10-05 12:44:18 +02:00
Simon Backx
e7378520a0
🔒 Prevented member creation when logging in (#15526)
fixes https://github.com/TryGhost/Ghost/issues/14508

This change requires the frontend to send an explicit `emailType` when sending a magic link. We default to `subscribe` (`signin` for invite only sites) for now to remain compatible with the existing behaviour.

**Problem:**
When a member tries to login and that member doesn't exist, we created a new member in the past.

- This caused the creation of duplicate accounts when members were guessing the email address they used.
- This caused the creation of new accounts when using an old impersonation token, login link or email change link that was sent before member deletion.

**Fixed:**
- Trying to login with an email address that doesn't exist will throw an error now.
- Added new and separate rate limiting to login (to prevent user enumeration). This rate limiting has a higher default limit of 8. I think it needs a higher default limit (because it is rate limited on every call instead of per email address. And it should be configurable independent from administrator rate limiting. It also needs a lower lifetime value because it is never reset.
- Updated error responses in the `sendMagicLink` endpoint to use the default error encoding middleware.
- The type (`signin`, `signup`, `updateEmail` or `subscribe`) is now stored in the magic link. This is used to prevent signups with a sign in token.

**Notes:**
- Between tests, we truncate the database, but this is not enough for the rate limits to be truly reset. I had to add a method to the spam prevention service to reset all the instances between tests. Not resetting them caused random failures because every login in every test was hitting those spam prevention middlewares and somehow left a trace of that in those instances (even when the brute table is reset). Maybe those instances were doing some in memory caching.
2022-10-05 12:42:42 +02:00
Daniel Lockyer
609fcb17c0
Removed main from yarn ship
- we might not necessarily be pushing to `main`, for example, if we're
  doing a patch release
2022-10-05 16:47:39 +07:00
Naz
0bf6268091
Updated content-length header matchers
no issue

- All content-length snapshots should be using the same matcher for consistency - anyContentLength. It's more explicit about what the matcher is all about and might be useful to have content-length matchers in one place if it ever changes (the header value should be a damn digit after all, not a string!) (ref. https://www.rfc-editor.org/rfc/rfc7230#section-3.3.2)
2022-10-05 17:34:17 +08:00
Fabien "egg" O'Carroll
28de1720c1 🔒 Fixed magic link endpoint sending multiple emails
refs https://github.com/TryGhost/Team/issues/2024

Without validation it was possible to send a string of comma separated
email addresses to the endpoint, and an email would be sent to each
address, bypassing any rate limiting.

This bug does not allow for an authentication bypass exploit. It is purely a
spam email concern.

Credit: Sandip Maity <maitysandip925@gmail.com>
2022-10-05 10:28:13 +01:00
Naz
2288289ae9
Added notes for maxAge config using express.static
no issue

- The milliseconds configuration here is different to "seconds" used in the max-age header value itself and other middlewares (like CORS). It's not going to be fixed upstream, so whenever this piece of code is touched again would be smart to get our own converter from seconds to milliseconds going, or some other mechanism making max-age configuration uniform across codebase
2022-10-05 17:26:21 +08:00
Naz
320c6e0dd3
Abstracted a hacky local URL matcher
refs https://github.com/TryGhost/Toolbox/issues/320

- The URL matcher is very likely to be reused in the future, so having it abstracted away gives two benefits:
1. Central place to document hacky behavior and easier future cleanup
2. The implementer of the e2e test does not have to see the "hacky note" and just concentrate on the implementation of the test
2022-10-05 17:23:02 +08:00
Naz
d817e5830d
Added header snapshots to webhook e2e tests
refs https://github.com/TryGhost/Toolbox/issues/320

- Header snapshot matching was missing from webhook e2e tests. With a bumped version of webhook-mock-receiver it's now possible to record and match webhook request headers.
2022-10-05 17:23:02 +08:00
Daniel Lockyer
8b7a573a1d
Released Portal v2.13.2 2022-10-05 16:03:46 +07:00
Daniel Lockyer
e60fc167e4
Improved yarn ship for Portal
refs https://github.com/TryGhost/Toolbox/issues/426

- with the existing `ship` command, it publishes to npm before pushing
  to GitHub
- I fear we're likely to run into a scenario where the HEAD of `main` is
  behind, so the git push fails, and then rebasing the HEAD will break
  the tags that we created
- in this scenario, I think it's better to hard reset back, git pull and
  then try again
- in that case, we need to publish to npm after GitHub
- this commit should implement that
2022-10-05 15:48:10 +07:00
Daniel Lockyer
700a62e048
Added quotes to version-tag-prefix
- without this, the following line does not apply for some reason
2022-10-05 15:27:20 +07:00
Daniel Lockyer
a26886ed65
Updated Portal README and repository link
refs https://github.com/TryGhost/Toolbox/issues/426

- these needed updating now Portal is in the monorepo
2022-10-05 15:22:17 +07:00
Daniel Lockyer
2a40f72f36
Added yarn test:unit to Portal
refs https://github.com/TryGhost/Toolbox/issues/426

- this ensures we provide a `test:unit` command for CI
- this probably needs changing in the future - not sure yet
2022-10-05 15:17:01 +07:00
Daniel Lockyer
22c85df66f
Added .yarnrc config for Portal
refs https://github.com/TryGhost/Toolbox/issues/426

- this ensures the git tag and commit message are in the expected format
2022-10-05 15:15:14 +07:00
Daniel Lockyer
314281cf08
Removed extraneous logging from Portal dev script
refs https://github.com/TryGhost/Toolbox/issues/426

- now Portal is in the monorepo, the dev script doesn't need to wipe the
  console output nor print instructions as that should be handled with
  setting environment variables
2022-10-05 15:13:34 +07:00
Daniel Lockyer
08cef79674
Updated lockfile 2022-10-05 15:07:12 +07:00
Daniel Lockyer
181f12d2de
Cleaned up extra files in Portal package
refs https://github.com/TryGhost/Toolbox/issues/426

- these files are no longer needed now the code is in the Ghost monorepo
2022-10-05 15:06:36 +07:00
Daniel Lockyer
2f36651e3c
Migrated code and history from Portal repo
refs https://github.com/TryGhost/Toolbox/issues/426

- this migrates all code and history over from the Portal repo so we can
  provide a better development experience
2022-10-05 15:02:24 +07:00
Sanne de Vries
b7fd0c04b6 Updated tag and history breadcrumbs
Refs https://www.notion.so/ghost/Switch-breadcrumb-style-513a624c0e0d490ca39a2fdb97a6971a

- Updated the copy to follow the common breadcrumb pattern
2022-10-05 12:40:51 +07:00
Daniel Lockyer
ab99109bbf
Added support for running Portal from the monorepo
refs https://github.com/TryGhost/Toolbox/issues/426

- this adds support for `--portal` in `yarn dev` to support the upcoming
  migration of Portal into the monorepo
- also adds the Portal folder to the ignorelist for nodemon so Ghost
  doesn't bootloop
2022-10-05 11:51:06 +07:00
renovate[bot]
a5adffbcb5 Update Test & linting packages 2022-10-05 11:23:47 +07:00
Daniel Lockyer
b73a657435 Updated react-scripts and eslint-plugin-ghost dependencies
refs https://github.com/TryGhost/Toolbox/issues/426

- this commit bumps both dependencies because it resolves various issues
  I've encountered when moving Portal to the Ghost monorepo
2022-10-05 11:20:29 +07:00
Daniel Lockyer
8daa06a3b8 Fixed various linting issues
- these changes were needed ahead of the upcoming bump to react-scripts,
  which bumps eslint to v8, and therefore we can update
  eslint-plugin-ghost, which introduces some new linting rules
2022-10-05 11:11:03 +07:00
Daniel Lockyer
264e6d41a7 Updated CI Ubuntu version to latest
- 18.04 is deprecated and getting phased out so we should switch to the latest version
2022-10-05 10:58:24 +07:00
Daniel Lockyer
20d9256105 Updated CI Node version to 16
refs https://github.com/TryGhost/Toolbox/issues/163

- Node 16 is our recommended version so we should test using that
2022-10-05 10:56:39 +07:00
renovate[bot]
2c2ee81adb
Update Test & linting packages 2022-10-05 00:36:08 +00:00
Kevin Ansfield
289e8a8da6 Fixed staff acceptance test
refs e0430b4efc

- acceptance test had mixed up name/slug fields so was testing for incorrect values now that cmd+s inside the slug field is working as really expected
2022-10-04 18:55:25 +01:00
Kevin Ansfield
e0430b4efc 🐛 Fixed ctrl/cmd+s not saving focused fields on general/staff settings screens
no issue

- swapped from route actions triggered by shortcuts mixin to explicit `{{on-key}}` actions
- when saved via keyboard, blur any focused element to trigger it's on-blur action and schedule the save to run after those actions
2022-10-04 17:55:24 +01:00
Kevin Ansfield
c77c150745 Refactored facebook/twitter URL inputs
refs https://github.com/TryGhost/Ghost/issues/14101

Twitter/facebook URL validation doesn't follow our typical validation and was duplicated across multiple screens making the controllers unnecessarily complex.

- extracted url input fields and their validation into separate components
- uses tracked scratch values so that the input field values can reset to the saved value on save
  - twitter/facebook URL inputs are different to our other inputs because invalid values won't prevent saving, instead they are reset to their previous value on save
- added `this.validate()` call after a successful save in `settings` service so the service and underlying model validations are both in sync (fixes validation error sticking around after saving with invalid twitter/facebook values that have been reset)
2022-10-04 17:55:24 +01:00
renovate[bot]
9608f834c3 Update sentry-javascript monorepo to v7.14.1 2022-10-04 15:59:31 +00:00
John O'Nolan
5106643871
Updated readme download count 2022-10-04 10:26:33 -05:00
Djordje Vlaisavljevic
b15451dfa6 Deemphasized unavailable sources and added an explainer
refs https://github.com/TryGhost/Team/issues/1986
2022-10-04 13:29:25 +02:00
Kevin Ansfield
d8193da005 Revert "Fixed errors thrown from blank twitter/facebook URL fields"
This reverts commit a523fedccb.

- caused input value to be cleared on focus+blur with no changes
- reverting in favor of an incoming refactor
2022-10-04 10:30:13 +01:00
Kevin Ansfield
a523fedccb Fixed errors thrown from blank twitter/facebook URL fields
no issue

- reset logic was incorrect meaning that if you focused a twitter/facebook URL field then moved to a different field without inputting anything an error would be thrown from trying to use `.match()` on `null`
2022-10-04 10:09:36 +01:00
Sanne de Vries
0124c2f28a Updated member activity page with new breadcrumb styles
Refs https://www.notion.so/ghost/Switch-breadcrumb-style-513a624c0e0d490ca39a2fdb97a6971a

- Filtering on specific member activity now uses new breadcrumb pattern
- Fixed double scrollbar issue on member activity and history page
2022-10-04 13:51:01 +07:00
Sanne de Vries
2c498ab193 Updated breadcrumb and title style across admin
Refs https://www.notion.so/ghost/Switch-breadcrumb-style-513a624c0e0d490ca39a2fdb97a6971a

- Separating out the breadcrumbs and the title makes it easier to navigate back on multiple levels for nested pages.
- Avoids very long titles, as it doesn't include breadcrumbs anymore
2022-10-04 12:35:29 +07:00
Rishabh
a631392a4f
Fixed anchor chart load for site without paid tiers
refs https://github.com/TryGhost/Team/issues/2019

- the anchor chart keeps showing the loading spinner for a site that has no paid tiers and the source attribution flag switched on.
- this was because it tries to load the the MRR chart by default, which doesn't has any data when paid tiers are disabled.
- updated the chart to use `total members` data when paid tiers is disabled
2022-10-04 12:07:38 +07:00
Rishabh
09fbe19a31 Fixed anchor chart load for site without paid tiers
refs https://github.com/TryGhost/Team/issues/2019

- the anchor chart keeps showing the loading spinner for a site that has no paid tiers and the source attribution flag switched on.
- this was because it tries to load the the MRR chart by default, which doesn't has any data when paid tiers are disabled.
- updated the chart to use `total members` data when paid tiers is disabled
2022-10-04 10:34:44 +05:30
Ronald Langeveld
226794e201
🐛 Fixed broken close buttons on modals (#15514)
* 🐛 Fixed broken `close` button on modals
no issue

Some modals' close elements containing `{{on "click" @close}}` and `href=""` would not take the 'on cl
ick' function into account, meaning the whole page would get redirected to "/" (back to the root of the dashboard) instead of just closing the modal.
2022-10-04 06:33:49 +04:00