Commit Graph

12938 Commits

Author SHA1 Message Date
Renovate Bot
ae98bf5a6d Update dependency mock-knex to v0.4.10 2021-05-18 11:05:31 +01:00
Rishabh
76adf920da Updated Portal to handle logged out API response
refs https://github.com/TryGhost/Team/issues/560
refs 196cdafe6b

The endpoint `/members/api/member/` used by Portal for fetching member details was updated to return 204 No Content instead of 401. This change updates Portal to handle updated API response for logged out member, along with couple of bug patches -

- 🐛 Fixed extra email sent for logged in members on upgrade
- 🐛 Fixed falsy value not used in preview
2021-05-18 15:01:33 +05:30
Rishabh
4627d1c26a Added settings for monthly/yearly price ids
no refs

Since backend now allows multiple prices but we want the prices to be currently limited to monthly/yearly on UI, we need new settings to store the current monthly/yearly price by the site owner. These settings determine the active prices shown in Admin / Portal for the site till we allow all custom products/prices again.
2021-05-18 13:34:31 +05:30
Thibaut Patel
e0db9a16f9 Fixed the version sent to Sentry
commit 9c498697c9
issue https://github.com/TryGhost/Team/issues/694

`process.env.npm_package_version` is only filled when Ghost is started via npm scripts, so it would have been empty when starting Ghost using `node index.js`
2021-05-17 13:32:56 +02:00
Fabien O'Carroll
3483bfa747 Updated @price data to not use archived prices
no-issue

Since we now allow archiving prices, we should filter them out from
being considered the monthly or yearly plan, as they are unable to be
subscribed to.
2021-05-17 11:02:27 +01:00
Fabien O'Carroll
22a211f1de Fixed @price data when Stripe is not configured
no-issue

Themes which use the `@price` data will have a 400 error if they are not
setup prices. This adds default price data so that the theme will not
error.
2021-05-17 11:02:27 +01:00
Thibaut Patel
9c498697c9 Removed a require of core/server from core/shared
issue https://github.com/TryGhost/Team/issues/694

Solves an eslint warning
2021-05-17 11:42:19 +02:00
Renovate Bot
2af3d760a2
Update dependency @sentry/node to v6.4.0 2021-05-17 08:09:59 +00:00
renovate[bot]
3b5ce73026
Update dependency @tryghost/session-service to v0.1.22 (#12965)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-05-14 18:35:36 +02:00
Kevin Ansfield
84724537be 🐛 Fixed feature images in emails appearing very wide in Outlook
closes https://github.com/TryGhost/Team/issues/675

Outlook will display images at their native resolution if no `width` attribute is supplied. Content images were fixed a while ago but feature images would still render very wide and cause horizontal scroll and text size/alignment issues.

- modify `post.feature_image` and add a `post.feature_image_width` property before passing it through to the email template
  - for Unsplash images we assume all images are larger than 600px so we change the URL to reference a 1200px image and set the image width to 600 (to keep images on retina displays crisp)
  - for other images we probe the image to fetch the original dimensions and give set an image width of 600 if needed, if it's a locally-hosted image we update the URL to point at a max 1200px version
- updated email template to output a `width` attribute on the feature image `<img>` tag if it's set
2021-05-14 11:57:37 +01:00
Kevin Ansfield
7070572e4f Moved getLocalSize() from mobiledoc to image-size lib
no issue

- `getLocalSize()` is useful outside of the mobiledoc populate-image-sizes function
- expanded `ImageSize` class with new methods
  - `getOriginalImageSizeFromStoragePath()` - takes the "original" image extraction and test from `getLocalSize()` and makes it more generally available
  - `getImageSizeFromStorageUrl()` - takes the path extraction from `getLocalSize()` to make image sizes from local urls more generally available
  - `getOriginalImageSizeFromStorageUrl()` - URL version of the new `getOriginalImageSizeFromStoragePath()` method
2021-05-14 11:57:37 +01:00
Thibaut Patel
14cae4b154 Added notes to oauth code for future improvements
no issue
2021-05-14 12:10:27 +02:00
Naz
02ea81fdda Removed dead code
refs d698a2b431

- This code is not needed since the switch to "allowlist" approach
2021-05-13 16:20:28 +04:00
Naz
d698a2b431 Finished refactor of content utils in acceptance suite
refs 06dd9bac59

- This is a continuation of the work started in the refed commit. In short: allowlisting response checks wherever possible
- The file is now "schema" depencency free. Should serve as an example for other test "utils" modules.
2021-05-13 16:19:33 +04:00
Naz
255b4da7a2 Removed unused test utils modules
no issue

- This is dead code!
2021-05-13 15:41:27 +04:00
Naz
d98f76b18c Refactored test utils "post" properties
refs 06dd9bac59
refs https://github.com/TryGhost/Team/issues/687

- This is a continuation of the work started in the refed commit. In short: allowlisting response checks wherever possible
2021-05-13 15:41:27 +04:00
Rishabh
c6eafeb89b Updated tests for member endpoint
refs https://github.com/TryGhost/Team/issues/560
refs 196cdafe6b

Last commit updated the response status for member endpoint  - `/members/api/member` - from 401 to 204. This change updates the test to handle new response code.
2021-05-13 15:35:14 +05:30
Rishabh
196cdafe6b 💡 Removed 401 error for logged-out member on Portal
closes https://github.com/TryGhost/Team/issues/560
closes https://github.com/TryGhost/Ghost/issues/12870

The endpoint `/members/api/member/` is used by Portal for fetching member details on site load to setup different flows. The response from this endpoint for logged out member has now changed from 401 Unauthorized to 204 No Content.

Ghost API was previously returning 401 Unauthorized error for logged-out member as this seemed to be technically correct response for unauthorized access to membership features. This resulted in a lot of confusion for end users where visible 401 errors on console were perceived as errors in the script as well as caught by loggers as erroneous traffic. Also for an end user, in the context of visiting a website - the user themselves is not trying to gain access to anything so this becomes cause for more confusion.

After internal discussion, the endpoint - [SITE_URL]/members/api/member- now returns 204 No Content instead of 401 for logged out member, denoting server was able to process the request but did not find any associated member. This should avoid any unwanted error logging on Portal load on a site, as well as make Portal functioning more transparent for a site.
2021-05-13 15:26:07 +05:30
Renovate Bot
421d457430 Update dependency @tryghost/helpers to v1.1.45 2021-05-13 10:07:59 +01:00
Naz
eb7e4bb815 🐛 Fixed frontmatter-related validation error
refs https://github.com/TryGhost/Team/issues/687

- The frontmatter field has leaked into the API layer unintentionally when it was introduced into the DB schema during 4.0 release.
- The fix add the field to "trim" list in all API. A proper validation and handling will be add per API as usecase for the field becomes clear
2021-05-13 12:14:05 +04:00
Naz
06dd9bac59 Refactored post resource Admin API test utils
refs https://github.com/TryGhost/Team/issues/687

- The approach of generating validation properties using `/server/data/schema` package's tables object is prone to leaking unwanted database fields into API responses
- This refactor takes a tiny step into direction of relying on "allowlist" approach for properties in the API response resources.
- Apart from solving the described property leak problem it also moves toward decoupling tests from `/core/server` dependencies!
2021-05-12 18:15:54 +04:00
Naz
ec01c4f004 Fixed typos 2021-05-12 17:06:10 +04:00
Naz
1e20f2cb76 🐛 Fixed webhook initialization when over limit
refs https://github.com/TryGhost/Team/issues/599

- Webhook listener was still kicking in when the limit for  "customIntegrations" was in place. This is due to parallel initialization that was done previously and sometimes limit service initialized before webhooks but sometimes it didn't!
- Moving it to be initialized before any othe service ensures the race conditon doesnt happen anymore
2021-05-11 18:11:51 +04:00
Daniel Lockyer
9c2388e8aa
v4.5.0 2021-05-11 13:34:32 +01:00
Daniel Lockyer
a528769f57
Updated Ghost-Admin to v4.5.0 2021-05-11 13:34:32 +01:00
Daniel Lockyer
78600636b2
Updated Casper to v4.0.5 2021-05-11 13:34:28 +01:00
Fabien O'Carroll
41acc37865 Made complimentary_plan & stripe_customer_id exclusive
no-issue

When importing Members it is possible to have both the
complimentary_plan and the stripe_customer_id columns set, this can
result in unusual outcomes, for example when importing a customer with a
zero-amount subscription, they would end up with two "comped"
subscriptions, and there would be two "comped" prices in the database.

As we are deprecating the use of "comped" in favour of creating a
subscription with a specific price, we're updating the import to prefer
`stripe_customer_id` column, only using the `complimentary_plan` column
when it is the only of the two columns passed.
2021-05-11 12:33:28 +01:00
Fabien O'Carroll
ed0f90a82d Fixed errors when importing comped Members
no-issue

The logic for finding the zero-value price to be used was broken, and
this patch to members-api fixes it
2021-05-11 12:13:48 +01:00
Renovate Bot
83d4a19757 Update dependency @tryghost/url-utils to v1.1.4 2021-05-11 12:09:16 +01:00
Renovate Bot
0b94b930b7 Update dependency @tryghost/html-to-mobiledoc to v0.7.16 2021-05-11 12:09:04 +01:00
Daniel Lockyer
28f125926c
Updated release workflow to use Node 14
no issue

- Node 14 is now our recommended version and it's easier if we build
  Ghost with this version
- this also works around the fact that 12.18.0 would no longer build
  Ghost because we have bumped our minimum 12 version
2021-05-10 20:41:38 +01:00
Renovate Bot
a316ddd528 Update dependency @tryghost/helpers to v1.1.44 2021-05-10 20:37:26 +01:00
Fabien O'Carroll
8add0e04f5 Updated members-api to work with multiple products
refs https://github.com/TryGhost/Team/issues/682
refs https://github.com/TryGhost/Team/issues/650

- Provide backwards compatibility for the `comped` flag in the API and
  the importer.
- Ensures the default stripe product name is kept in sync with the name
  of the Ghost Product
- Updates the webhook handling to work with multiple products
2021-05-10 20:23:35 +01:00
Kevin Ansfield
c36e749820
Added support for gating content by member labels and products (#12946)
refs https://github.com/TryGhost/Team/issues/581
closes https://github.com/TryGhost/Team/issues/582

Emails can now be sent to members with specific associated labels or products by specifying an NQL string. We want to bring the same members segment feature to content by allowing `visibility` to be an NQL filter string on top of the `public/members/paid` special-case strings.

As an example it's possible to set `posts.visibility` to `label:vip` to make a post available only to those members with the `vip` label.

- removed enum validations for `visibility` so it now accepts any string or `null`
    - bumped `@tryghost/admin-api-schema` for API-level validation changes
- added nql validation to API input validators by running the visibility query against the members model
- added transform of NQL to special-case visibility values when saving post model
    - ensures there's a single way of representing "members" and "paid" where NQL gives multiple ways of representing the same segment
    - useful for keeping theme-level checks such as `{{#has visibility="paid"}}` working as expected
- updated content-gating to parse nql from post's visibility and use it to query the currently logged in member to see if there's a match
    - bumped @tryghost/members-api to include label and product data when loading member
2021-05-10 19:32:11 +01:00
Rishabh
cfaddf82e8 Added migration to rename product as site title
refs https://github.com/TryGhost/Team/issues/667

On clean and existing installs, the default product created should be named the same as the site title in the first setup so the UX on Portal and everywhere is consistent. This change adds a migration to update existing sites which already have a default product created via fixture, and rename them to their current site title. The rename is only done if the Product name is still the same as in fixture - `Default Product`.
2021-05-11 00:00:12 +05:30
Rishabh
bf64ca697c Updated Portal to handle custom products/prices
refs https://github.com/TryGhost/Team/issues/637

Bumped Portal to 1.3.0, which introduces handling for custom products and prices.
2021-05-10 23:15:49 +05:30
Renovate Bot
e73d26d9da Update dependency @tryghost/string to v0.1.19 2021-05-10 17:33:38 +01:00
Renovate Bot
285a722444 Update dependency @tryghost/social-urls to v0.1.24 2021-05-10 17:28:25 +01:00
Rishabh
3d9d2b7974 Fixed settings integrity spec
refs c199918465

Fixes integrity spec with last commit's change
2021-05-10 18:54:47 +05:30
Rishabh
c199918465 Updated free price default description
refs https://github.com/TryGhost/Team/issues/648

We use sentence case everywhere for labels, the default description for free price should be the same
2021-05-10 18:24:36 +05:30
Renovate Bot
e7f300d4d2
Update dependency @sentry/node to v6.3.6 2021-05-10 09:23:15 +00:00
Rishabh
2497af0072 Updated default description for free price
refs https://github.com/TryGhost/Team/issues/671

When turning on custom products, existing sites should have default price descriptions that match existing values for prices. This change sets the default description for Free price to match existing hardcoded value.
2021-05-10 14:19:02 +05:30
Rishabh
4d4286d255 Updated setup flow to rename default product
refs https://github.com/TryGhost/Team/issues/667

On clean and existing installs, the default product created should be named the same as the site title instead of the name in fixture. This change updates the default product's name to site title during the site setup. We use the Product name in Portal.
2021-05-10 13:59:00 +05:30
Renovate Bot
ec0a8c1d2f
Update dependency eslint to v7.26.0 2021-05-10 01:42:57 +00:00
Renovate Bot
8308db8eac
Update dependency mocha to v8.4.0 2021-05-07 20:26:12 +00:00
Hannah Wolfe
8cff7b9cd6
Added length rule for index files [warn]
- index.js files are meant to be an index, not contain behaviour or logic
- files longer than 50 lines are indicative of code in the wrong place, all though not definitive
- enabling this as a hint to get us to move code to better locations
2021-05-07 21:00:39 +01:00
Hannah Wolfe
ba6f51850e
Added complexity rule for api query methods [warn]
- We want to keep behaviour in services and libraries, not in API endpoints
- This rule runs complexity _only_ on the query methods, and has it set super low - just 3
- Methods that have higher complexity are a great indicator of places where we've left behaviour in the API, however!
- It's indicative, not definitive. At least with an eslint rule we can if needs be disable it where we decide the code is OK
2021-05-07 20:41:14 +01:00
Hannah Wolfe
2e5977a137
Added require rules for server<>frontend [off]
- These rules will help us to enforce that server code should not be required from the frontend, and vice versa
- They are disabled/off for now because they are too noisy and not quick to fix
- Having them in place makes it easy to set them to warn to preview how we're getting on with fixing them ahead of enabling them
2021-05-07 20:25:50 +01:00
Hannah Wolfe
895bffec1f
Enabled no-skipped-tests eslint rule [warn]
- Not sure why, but this is set to off in our base plugin
- It masks issues where people have temporarily skipped tests to fix later and then forgot
- Enabling this to allow us to review all those places, but we should also try to leave it on and set to error
2021-05-07 19:24:23 +01:00
Rishabh
67ea6c44ef Added free price values to Portal site settings
refs https://github.com/TryGhost/Team/issues/637

With custom products it's possible to change the name and description of any price. This assumes that people would want to change the same properties of a Free membership, and wires up the values for free membership price settings to Portal site settings API for Portal UI
2021-05-07 22:56:16 +05:30