Commit Graph

1049 Commits

Author SHA1 Message Date
Naz
fc5984b486 Slimmed down redirects test suites
refs https://github.com/TryGhost/Toolbox/issues/139

- The regression test suite for redirects functionality for way too big. And each restart was causing massive overhead. It's enough to have a single exhaustive test using multiple input files
- The tests testing API endpoints should've been e2e tests to start with
- The rest is covered in the unit tests for redirects api service
2021-11-26 06:18:36 +13:00
Naz
125901b466 Added a test covering backup redirects functionality
refs https://github.com/TryGhost/Toolbox/issues/139

- This test is meant to partially substitute existing regression test suite for redirects
2021-11-26 06:18:36 +13:00
Naz
6ed5f64f4b Moved backup path calculation outside redirects module
refs https://github.com/TryGhost/Toolbox/issues/139

- Having tight coupling with backup file path calculation for redirects makes it extremely hard to test. In addition, having it injected will make it easier to swap this dependency to the mechanism similar to one used for routes files
2021-11-26 06:18:36 +13:00
Naz
3315ed34ae 🐛 Fixed redirects.json file corruption on upload
refs 91efa4605c

- Referenced commit introduced a double json-stringification to uploaded redirects.json files.
- The endpoint has no stability index of any sort and is meant to be dropped in Ghost v5. It's best to rework the redirects to the yaml format as descirbe here - https://ghost.org/docs/tutorials/implementing-redirects/#file-structure
2021-11-25 18:43:45 +04:00
Hannah Wolfe
621cfd9866
Moved admin redirect middleware to named file
- moving this middleware because we're about to add a second piece of middleware
- it's easier to see what we have when each middleware is in its own file rather than in one big middleware.js file
2021-11-25 14:29:17 +00:00
Daniel Lockyer
617fec71cb
Added number of server boots to test reporting
no issue

- this commit adds a counter for the number of boots we do in tests
- which therefore allows us to calculate the average boot time we
  experience
- only useful for debugging test performance
2021-11-25 09:52:30 +01:00
Naz
b3884a9c6f Removed v2/v3 redirects tests
refs https://github.com/TryGhost/Toolbox/issues/139

- The v2 and v3 redirects APIs are unofficial and should not be used by anyone in production. There's no good reason to maintain expensive to run test suites for old unofficial APIs.
- The test cases in canary suite covers the functionality of redirects enough to be sure they work as expeted
2021-11-25 11:59:31 +04:00
Thibaut Patel
a583f7236e Updated valid.zip to the latest casper version
refs c1006ec649

- This unblocks upgrading gscan. Some tests were failing due to the old fixture.
2021-11-24 20:22:20 +01:00
Naz
4811da45f2 Fixed redirects test suites
refs https://github.com/TryGhost/Toolbox/issues/138

- These tests still rely on the frontend to be present. Needs further investigation to remove "frontend: true" flag - it slows down test runs!
2021-11-25 03:20:47 +13:00
Naz
ac3b2e5aee Switched API regression tests to use frontendless boot
refs https://github.com/TryGhost/Toolbox/issues/138

- The boot oprimization gives a boost in the boot time, which should save time running regression tests
2021-11-25 03:20:47 +13:00
Naz
222273b66b Refactored regression tests to use async/await
refs https://github.com/TryGhost/Toolbox/issues/138

- Final batch of the refactor to async/await syntax.  Doing these refactors before modifying "testUtils.startGhost" everywhere to boot only with the backend
2021-11-25 03:20:47 +13:00
Naz
4cdcb16e49 Refactored regression users tests to use async/await
refs https://github.com/TryGhost/Toolbox/issues/138

- This is a continuation of a bigger refactor to use async/await syntax before migrating "startGhost" methods to only use backend boot
- Removed a little bit of dead code (like admin user creation) which should speed up test execution too!
- Refactored user variables to be declared closer to their usecases instead of being high up in a global scope - variables shoul not live that far apart from the code that uses them
2021-11-25 03:20:47 +13:00
Naz
b19a2ed2d7 Refactored regression tests to use async/await
refs https://github.com/TryGhost/Toolbox/issues/138

- First batch of the refactor to async/await syntax. Next one will cover the rest. Doing these refactors before modifying "testUtils.startGhost" everywhere to boot only with the backend
2021-11-25 03:20:47 +13:00
Naz
231cfef086 Removed use of ghostServer variable pattern
refs https://github.com/TryGhost/Toolbox/issues/138

- There is no good reason to keep this extra variable around just call "stop" in couple very specific cases. Even for those cases, there's `testUtils.stopGhost` method which achieves the same without additional variable to track.
2021-11-25 03:20:47 +13:00
Naz
8dd33c5034 Removed "ghost = testUtils.startGhost" pattern
refs https://github.com/TryGhost/Toolbox/issues/138

- Having the "ghost" alias only added cognitive load when reading through the test code and didn't provide any additional value. Removed the pattern to keep things simpler and more explicit
2021-11-25 03:20:47 +13:00
Naz
e715c5b82d Refactored posts regressions suites to use common initialization syntax
refs https://github.com/TryGhost/Toolbox/issues/138

- Using asycn/await syntax is way more readable and allows to identify further reusable patterns in test initialization. This refactor also served as an exploreation around how the code looks like at this point
2021-11-25 03:20:47 +13:00
Hannah Wolfe
0799f02e80
Rewritten HTMLErrorRenderer w/o asset helper & template
refs: 2af9e2e12

- This new HTMLErrorRenderer is borrowed heavily from finalHandler
   - This is the module that express uses to render errors if there is no custom errorhandler
- It just renders a really simple html page wrapping err.stack in a <pre>
   - This results in a nicely formatted, but unstyled error page
- I also updated BasicErrorRenderer to use the same res.statusCode + err.stack pattern rather than err.message

Note: This error renderer is _only_ used for renderering errors on the `/ghost/` route
 - In almost all cases, errors here are rendered by Ember
 - The only error that can be rendered here is a missing template error see: 2af9e2e12
2021-11-24 13:01:06 +00:00
Naz
aee949bbf4 Removed unused parameter from isFinished method
no issue

- The disableDbReadyEvent variable does nothing here, no need to keep junk around :)
2021-11-24 05:32:20 +13:00
Naz
6ee94f66b4 Fixed invalid settings file path configuration
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings
refs e457fd5fe0 (diff-b292e8480eee007786cc602f55ed05006a06b8da9fe6934d51fbef8328013278R36)

- There were two separate instances of the SettingsPathManager in route-settings and settings-loader causing the configured paths missmatching on test environment. Because of this missmatch, uploading and resetting the routes.yaml file didn't work!
2021-11-24 05:32:20 +13:00
Naz
04ab59c859 Rewrote reload routes.yaml test to use async/await
no issue
2021-11-24 05:32:20 +13:00
Naz
f0b8e9693f Fixed loadRouteSettingsSync stubs
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings
refs e457fd5fe0 (diff-b292e8480eee007786cc602f55ed05006a06b8da9fe6934d51fbef8328013278R36)

- Because "loadRouteSettingsSync" method is now a getter function these stubs had to be changed to use a different syntax
- It's a lot of maintenance to do such renames, so if someone has to touch this exact place again it might be worth abstracting this mocking into a separate utility of some sort.
2021-11-24 05:32:20 +13:00
Naz
2fed8dbbd5 Moved all settings module bootstrap logic into init method
refs refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- The initialization outside the init method is causing problems when the configs are mocked during the test setup
2021-11-24 05:32:20 +13:00
Naz
6d6aa12afe Extracted routes.yaml path calculation into external package
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings
refs e457fd5fe0 (diff-b292e8480eee007786cc602f55ed05006a06b8da9fe6934d51fbef8328013278R36)

- The full logic for  file path calculation for routes.yaml has been duplicated in couple modules. It is aslo following similar pattern used in redirects services and should be reused there once those modules are touched
2021-11-24 05:32:20 +13:00
Hannah Wolfe
0ede559d5b
🐛 Fixed card asset init/reload behaviour
- Card asset reloading was incorrectly only happening if the API version changed 🙈
- In addition, having an init function was redundant, as theme activation happens on boot
- This meant that the card assets were being generated twice on boot
- Instead, we now only generate them on theme activation, which covers the boot case and simplifies all the logic
2021-11-23 12:53:58 +00:00
Hannah Wolfe
6e6a4822f2
Updated servePublicFile to honor v= cache keys
- Currently it's assumed that public files are 100% static
- With card assets, we're using it for files that are partially static, but can change between reboots and theme changes
- We already have a system for managing cache busting across theme changes and restarts - the ?v= key that is added via the asset helper
- This was already in place and used, but servePublicFile's internal cache didn't honor this key, and cached for the lifetime of boot
- This small change means that if a ?v= query param is present on a request for a public file, that we pay attention to it. Else we cache as before
2021-11-23 12:49:53 +00:00
Naz
9c77abebb5 Removed force start from themes test
refs https://github.com/TryGhost/Toolbox/issues/135

- Looking closer into the reason why the test was failing without "forceStart" revealed that the server only start  was overoptimized - "initServicesForFrontend" should be a part of a backend as those are generic theme services.
2021-11-22 17:47:44 +04:00
Naz
d3f899689a Removed unnecessary rewire call
no issue

- Having rewire here doens't do any difference and should not be used if absolutely needed. Usually using rewire gives a code "smell" so there's some sort of coupling that's going on and probably has to be addressed first
2021-11-22 14:53:16 +04:00
Naz
23ba543abd Removed forceStart in theme e2e tests
refs https://github.com/TryGhost/Toolbox/issues/135

- The reason the test **settings** test was failing when the force start flag was removed in the **custom themes** was the bridge! The bridge was trying to execute function on the frontend when the boot was done without initializing the frontend. The setting test was changing locale and the timezone which triggered events calling up on frontend components - we clearly don't want to do this when the instance is booted without the frontend
- To make event initialization conditional moved it to the "init". This way the event listeners are only set up when we boot with the "frontend" flag set to true
2021-11-22 14:51:23 +04:00
Naz
f0ae7592cf Removed unneeded mocks
refs https://github.com/TryGhost/Toolbox/issues/135

- These mocks were failing to execute but didn't make any difference in the test outcome
2021-11-22 21:56:32 +13:00
Naz
bbc93ff996 Renamed withBackend/withFrotned to backend/frontend
refs https://github.com/TryGhost/Toolbox/issues/135

- Shorter name still makes sense and the "with" might be causing confusion understanding what's gonig on during the boot time
2021-11-22 21:56:32 +13:00
Naz
149c100b4c Fixed frontend initialization in "mock-express" tests
refs https://github.com/TryGhost/Toolbox/issues/135

- Without sensible defaults the web app was not initializing either the backend nor the frontned parts of the application. Fixed the defaults so the problem doesn't happen again and optimized mock-express-style initialization to only initialize the frontend routing
2021-11-22 21:56:32 +13:00
Naz
9057ca0ee2 Skipped unnecessary frontend initialization
refs https://github.com/TryGhost/Toolbox/issues/135

- This optimization is expected to play a role in more consistent "backend-only" boot where the previous test state might have left over a different theme version which might cause in unwanted URL Services reainitializations.
- What has been happening here is the themes.test.js suite was uploading a theme with a v4 api and when the users api test suite loaded up it switched back to a default v2 theme, which caused routing reinitialization
- The root problem here  is the themese suite is leaving a mess behind so a "restartModeGhostStart" is not really possible anymore - this should be cleaned up separately
2021-11-22 21:56:32 +13:00
Naz
34b0196c0f Added writeDisabled flag to URL file cache
refs https://github.com/TryGhost/Toolbox/issues/135

- Allows to turn off overwriting urls/resources JSON file caches on testing environment. This is needed to have predictable state when running multiple test suites that stop the Ghost process and try to persiste URL cache.
2021-11-22 21:56:32 +13:00
Naz
ee4d2dd1a8 Extracted a local file cache class for URLs
refs https://github.com/TryGhost/Toolbox/issues/135

- This extracts the file storage knowledge out of the URL Service an allows to have optional features based on the environment - for example turning off writing cache for when running tests
2021-11-22 21:56:32 +13:00
Naz
155e96b044 Fixed undefined error
refs https://github.com/TryGhost/Toolbox/issues/135

- Not all callers provide the parameter, so an empty object default saves from unecessary "undefined" errors
2021-11-22 21:56:32 +13:00
Naz
640296f74b Changed the test environment to load withFrontend
refs https://github.com/TryGhost/Toolbox/issues/135

- The global default should stay the same as it used to be and we can introduce an override for "withFrontend:false" on casa-by-case or area-by-area bases
2021-11-22 21:56:32 +13:00
Naz
03be383d8b Renamed testUtils.startGhost to localUtils.startGhost
refs https://github.com/TryGhost/Toolbox/issues/135

- Going though local utils allows to have the "withFrontend: false" flag applied only to the e2e-api test suites. This way we can gradually introduce the no-frontend change across all test suites
2021-11-22 21:56:32 +13:00
Naz
9359ae923d Moved startGhost function to local utils
refs https://github.com/TryGhost/Toolbox/issues/135

- Having the proxy in local utils allows to disable frontend gradually in test suites instead of all at once (the latter approach didn't work out as too many other suites still depend on full frontend initialization)
2021-11-22 21:56:32 +13:00
Naz
008b6e0fae Optimized e2e-api tests using boot with no frontend
refs https://github.com/TryGhost/Toolbox/issues/135

- When running e2e-API test in most cases there's no need to boot Ghost instance with full frontend. This should improve the boot time which should reflect on the speed of running test suites
- The tests where the "forceStart" and "withFrontend" are used together indicate that there's still some work to do to fully separate frontend/backend boot line. The force start is also unnecessary, but was needed to reinitialize all services properly - should be investigated!
2021-11-22 21:56:32 +13:00
Naz
3b390639c4 Introduced booting from fixture url cache in test environment
refs https://github.com/TryGhost/Toolbox/issues/135

- To be able to reliably start ghost instance without a frontend the process needs access to urls/resources caches
- Storing the configuration in "paths" for now as there's no better place for it untill we are able to mock the content folder in pre-boot
2021-11-22 21:56:32 +13:00
Naz
5168d6a822 Updated urls/resources cache fixtures
refs https://github.com/TryGhost/Toolbox/issues/135

- These fixture had to be updated due to hardcoded ids introduced in the fixtures.json for test
- This allows to boot up a Ghost instance without recalculating urls for most common database states
2021-11-22 21:56:32 +13:00
Naz
8fd7733fdf Hardcoded id's in test fixtures
refs https://github.com/TryGhost/Toolbox/issues/135

- These fixtures needs id's to be able to form a stable urls and resources cache that would be used across all e2e tests when booting without a frontend
2021-11-22 21:56:32 +13:00
Naz
d7b7bd1b28 Updated Users API e2e tests to use 'posts' fixture
refs https://github.com/TryGhost/Toolbox/issues/135

- This way the test is performed on a "full" set of posts that will become unified within all e2e tests for performance optimization
2021-11-22 21:56:32 +13:00
Hannah Wolfe
592d02fd23 🐛 Fixed perms error when building public assets
closes: https://github.com/TryGhost/Ghost/issues/13739

- Ghost cannot write to the core folder in correctly configured production installations
- Built assets therefore need to be written to the content directory
- Ghost does not overwrite anything in the content folder as part of an upgrade, therefore static files that are provided by Ghost
  must still live inside /core
- So as a result, we now have core/frontend/public and content/public
2021-11-19 11:36:45 +00:00
Hannah Wolfe
79233b1181 Removed unnecessary load of settings
- seems to save about a second locally for me - I'll take it!
2021-11-19 10:47:21 +00:00
Hannah Wolfe
cc9e256b36 Added extra debug to test utilities
- Looking for places we can SAVE TIME running tests
2021-11-19 10:47:21 +00:00
Hannah Wolfe
80358266b2 Added perf-improving PRAGMAs in testing mode
- These two things are meant to improve performance at the cost of reliability.
- Perfect for testing, however I think they make a minimal impact on modern SSDs :(
- Still worth a shot to see if it helps with CI
2021-11-19 10:47:21 +00:00
Sam Lord
0692ddf57d Revert "Replace update user last seen middleware with package version"
This reverts commit 07f8c6efbb.

Revert "Remove unused unit test file"

This reverts commit f1798119d3.
2021-11-17 11:00:55 +00:00
Sam Lord
d4e0ae14f1 Force start in email route tests to pick up stubbed API
refs: https://github.com/TryGhost/Toolbox/issues/130

The API version stays at v2 unless we stub the getFrontendApiVersion method. But stubbing the method doesn't get picked up unless we actually restart Ghost.

TODO: Maybe change the default here so we don't need to restart Ghost just to test the current version's API
2021-11-17 10:51:46 +00:00
Hannah Wolfe
332beaaf90
Moved "vhost-utils" to config helpers
- These are simple functions that get data from config in a specific format
- They are also used by the topmost part of the application
- Config helpers seems like a reasonable fit to get them out of the web folder
- Functions have also been renamed to try to get them to make more sense
2021-11-17 08:37:08 +00:00
Kevin Ansfield
63b7ef7dc6 Added Tenor contentFilter setting to config
refs https://github.com/TryGhost/Team/issues/1217

- moved top-level `tenorApiKey` to `tenor:apiKey` and added `tenor:contentFilter`
- added base config to `defaults.json`
- updated `public-config.js` and API output serializer to use the new top-level `tenor` key
2021-11-16 17:42:26 +00:00
Sam Lord
620c12b05f Amend previous commit to prevent console.log
no issue

Large amount of unstaged changes prevented me from catching this
2021-11-16 17:12:39 +00:00
Sam Lord
a5484a0fe1 Fixed transaction logic in data importer
https://github.com/TryGhost/Toolbox/issues/130

The transaction no longer commits in the promise chain, which wasn't
valid logic for a transaction, since it is commited automatically when
the promise chain resolves, and rollsback automatically when the
promise chain rejects.

This makes code which fails during the transaction error in the right
place, instead of getting stuck here. (Especially good for writing
tests).

The tests for this code can now live in the integration folder.
2021-11-16 17:09:55 +00:00
Sam Lord
f1798119d3 Remove unused unit test file
no issue

Relates to previous commit
2021-11-16 16:05:50 +00:00
Hannah Wolfe
4f9b72ff43
Renamed middlewares to middleware consistently
- This is a minor bugbare, but it will affect some configuration I'm about to do for c8
- I've been wanting to do it for ages, middleware is plural all on it's own so it's an odd affectation in our codebase
- This also only exists in 2 places, everywhere else we use "middleware"
- Sadly it did result in a lot of churn as I did a full find and replace, but consistency is king!
2021-11-16 15:51:47 +00:00
Naz
8281388290 Hardcoded ids in the data generator
refs https://github.com/TryGhost/Toolbox/issues/116

- Allows to have deterministic routing on each start of the instance - can use cache when starting tests
- To make use of the new fixtures need to place them in the content/data
folder when the test suite is initialized, then the cache detection will
kick in and boot up the UrlService in a constant time intead of having
to check "urlServiceUtils.isFinished"
2021-11-17 04:29:55 +13:00
Hannah Wolfe
b781e47cb9
Changed to use different fixtures during testing
- this keeps production and test fixtures separate, so that changing the prod fixtures doesn't change the shape of our tests.
- we may still want to test that the production fixtures do what we expect, but that can be handled in a separate integration test, by specifically setting the fixture path
2021-11-16 14:03:42 +00:00
Hannah Wolfe
426c8bf918
Refactored fixtures to be loaded by fixture manager
refs: https://github.com/TryGhost/Toolbox/issues/133

- instead of just a collection of utils, we now have a class that manages fixtures
- this should allow us to change the path to fixtures, e.g. between prod/dev and test, so that different fixtures can be loaded by default
- also makes it easier to test the fixture manager code itself
2021-11-16 11:17:03 +00:00
Naz
0681953e1f Fixed test mocks for Url Service test suite
refs 042618fe93

- There's no longer "getValue" method passed around in UrlService, so the were unnecessary and did a wrong thing here :) Yey, less code!
2021-11-15 20:11:05 +04:00
Naz
382d2dbe94 Added missing router identified parameter in tests
refs 042618fe93

- The newly introduced identified were expected in the UrlService's intergration tests to fit new method signature
2021-11-15 19:56:28 +04:00
Naz
5a62253466 Removed "router" dependency from UrlGenerator
refs https://github.com/TryGhost/Toolbox/issues/127

- Passing around whole instance of a frontend router was an overkill when there are only 3 static pieces of information that needed to be loaded. Extracting the router out makes the UrlGenerator way more readable, tests slimer, and the memory footpring of the process should be slightly lighter
- The toString overloading didn't make sense at the time of this refactor, maybe if there's a concrete usecase we could resurect it in a form of passing in a router's name or something.
2021-11-15 18:32:34 +04:00
Naz
6e205a3f05 Extracted an explicit "permalink" parameter in UrlGenerator constructor
refs https://github.com/TryGhost/Toolbox/issues/127

- This is an effor t to define a precise set of data needed for the UrlGenerator to function, which should help with decoupling it from the frontend routes
- This is almost the last piece to free us up from the massive "router" object that has been passed around
2021-11-15 18:32:34 +04:00
Naz
677ea1073d Extracted an explicit "resourceType" parameter in UrlGenerator constructor
refs https://github.com/TryGhost/Toolbox/issues/127

- This is an effor t to define a precise set of data needed for the UrlGenerator to function, which should help with decoupling it from the frontend routes
2021-11-15 18:32:34 +04:00
Naz
ca2809d432 Extracted an explicit "filter" parameter in UrlGenerator constructor
refs https://github.com/TryGhost/Toolbox/issues/127

- This is an effor t to define a precise set of data needed for the UrlGenerator to function, which should help with decoupling it from the frontend routes
2021-11-15 18:32:34 +04:00
Naz
176c369620 Refactored UrlGenerator to use DI constructor pattern
refs https://github.com/TryGhost/Toolbox/issues/127

- This is a standard across the codebase which is good to follow for better testability
2021-11-15 18:32:34 +04:00
Kevin Ansfield
6431e1a01c
Exposed tenorApiKey via config endpoint if set (#13734)
refs https://github.com/TryGhost/Team/issues/1217

- add `tenorApiKey` to `publicConfig.config()
- update canary config endpoint output serializer to include `tenorApiKey` when the `gifsCard` labs flag is enabled
2021-11-11 18:07:19 +00:00
Fabien O'Carroll
e69d112c77 Added support for custom OEmbed providers
refs https://github.com/TryGhost/Team/issues/1211

In order to override the default OEmbeds for OpenSea NFT's we need a way
to provide out own OEmbed data. We will want this in future too for
custom Twitter embeds, so this has been built in a way which allows
extension.
2021-11-11 17:16:03 +02:00
Fabien 'egg' O'Carroll
7fae5b8341
🐛 Fixed setting Tier prices after changing Stripe accounts
refs https://github.com/TryGhost/Team/issues/1212

This now emits the event when the service is reconfigured, rather than
when we issue the reconfigure command, which causes the event and the
action to be run in the wrong order. This would then cause knock on effects
of having the database in an undefined state - with stripe data in not linked
to the current Stripe account.
2021-11-10 14:03:03 +02:00
Naz
98de2d4274 Cleaned up uncecessary "purpose" fields from tests
refs https://github.com/TryGhost/Toolbox/issues/95

- The purpose field is not used in any way on the backend, so there's no need to have it in tests for Media API either
2021-11-09 16:41:38 +04:00
Naz
9edd299905 Added audio upload support to Media API
refs https://github.com/TryGhost/Toolbox/issues/95
refs 4907b7bf1e

- We need support for audio media uploads to be able to used them in cards. The new supported formats are .mp4 and .wav
- Example source files downloaded from https://filesamples.com/
2021-11-09 16:39:33 +04:00
Naz
4721b75463 Moved `/media/thumbnail/ Admin API endpoint to /media/thumbnail/upload
refs  https://github.com/TryGhost/Toolbox/issues/120

- Changed endpoint name as it suits way better to the `/upload` postfix convention we use along with all other endpoints that support file uploads
2021-11-09 16:39:33 +04:00
Naz
61b82e3ae2 Added thumbnail upload endpoint to Media API
closes https://github.com/TryGhost/Toolbox/issues/120

- Allows to update and upload brand new thumbnail images for previusly uploaded media resources
- The endpoint is available udner alpa flag as part of Admin API at `PUT /media/thumbnail/`
- As an input accepts following parameters:
- *required* `file` field containing an image file
- *required* `url` field containing parent media file URL
- *optional* `ref` as a field to put in an ID to reference the resource on the client side

- The response has following format:
```
{
  media: [{
    url: 'http://127.0.0.1:2369/content/images/1991/11/nicevideo_thumb.png'
    ref: 'unique-id-420'
  }]
}
```
2021-11-09 16:07:23 +04:00
Naz
2a7ef77a7b Added ability to delete existing files through storage adapters
refs https://github.com/TryGhost/Toolbox/issues/120

- When editing an uploaded media thumbnail  file there'a need to remove existing thumbnail to keep media files:thumbnails 1:1. - Because the API client only has a public URL under which the resource is served it can only provide that as an API input, the `urlToPath` was also added to the base class of LocalStorageAdapter (it might be moved up to the BaseAdapter in the future if we see a need)
2021-11-09 16:07:23 +04:00
Naz
fb8005f6e2 Refactored media tests
refs https://github.com/TryGhost/Toolbox/issues/120

- Introduced a new describe block before adding tests for a new endpoint
2021-11-09 16:07:23 +04:00
Naz
a099073fde Added Files API behind an alpha flag
refs https://github.com/TryGhost/Toolbox/issues/114

- Files API is meant to be used for non-executable file uploads of all sorts
- The files are stored and retrieved for download as-is
2021-11-08 11:40:17 +04:00
Naz
f43eeacfd0 Changed thumbnail to be an optional parameter
refs https://github.com/TryGhost/Toolbox/issues/95

- With incoming support of audio media files thumbnail would not be a required parameter
2021-11-05 17:17:18 +04:00
Naz
65d79f4a74 Fixed failing test
no issue

- Not sure what the purpose of this test is. Seems like it's kind of like an db integrity check where it makes sure the change is double checked before commiting
2021-11-05 17:17:18 +04:00
Naz
ad2583530a Renamed getLocalFileStoragePath
refs https://github.com/TryGhost/Toolbox/issues/95

- getLocalImagesStoragePath makes a lot more sense in context of what the method really does
2021-11-05 17:17:18 +04:00
Naz
c802097b72 Renamed LocalFileStorage to LocalImages store
refs https://github.com/TryGhost/Toolbox/issues/95

- This naming corresponds way better to what the actual adapter does
2021-11-05 17:17:18 +04:00
Hannah Wolfe
e25f1df0ae
Added card-asset config with sensible default
- This comment removes the block on themes controlling card assets via config
- It also changes the default behaviour from "false" config (doing nothing) to excluding bookmark and gallery card assets
- This is essentially the same thing, as only bookmark and gallery card assets exist at the moment, but it's being done because it makes this feature future-proof for all theme developers.
- As we add new cards, all themes will automatically get the assets to make them work
- As theme developers want to, they can create their own custom assets and disble assets for any cards they support by adding them to the exclude list
- They can also remove any custom code they currently have to support bookmark and gallery cards, and set card_assets: true in package.json to use the defaults instead
2021-11-05 12:20:02 +00:00
Hannah Wolfe
d9bdc444a3
Ensured nonexistant public files fallback to 404
- If we register the serve public file middleware for a file that doesn't exist, this will currently throw an ENOENT error
- Instead, we want to fall back to a standard 404 so that this behaves normally
- This will be useful for the card asset service, where the cards.min.css and cards.min.js files may or may not exist
2021-11-05 09:13:23 +00:00
Naz
142eff22ee Fixed thumbnail file name
refs https://github.com/TryGhost/Toolbox/issues/95

- The uploaded media thumbnail name should have a "_thumb" postfix to be able to distinguish thumbnails from other files. This can be handy if we decide to store them in a different location in the future.
2021-11-04 19:03:45 +04:00
Rishabh Garg
3b90b1f335
Moved launchComplete user setting as global editor setting (#13703)
refs https://github.com/TryGhost/Team/issues/807

The launch wizard completed flag was previously stored at per user level in accessibility column of user table, so an administrator still got the option to complete the launch wizard even if the owner had completed it previously, which is not expected pattern. This change moves the launch complete flag for Admin to common settings from per user level so a site only needs to complete the launch wizard once irrespective of which user completes it

- adds new `editor_is_launch_complete` setting to track if a site launch steps are completed in Admin
- adds new migration util to easily allow adding new setting 
- adds migration to introduce new `editor_is_launch_complete` setting
- adds migration to update launch complete flag for a site if any of the users have already completed the launch steps
2021-11-04 18:03:51 +05:30
Hannah Wolfe
fdf38ba8c6
Initial card asset service implementation
- Requires the new @tryghost/minifier package
- Adds a new service that will handle taking config from the theme and optionally including assets for Koenig editor cards
- It supports both css and js as cards may need one or both
- For any given config, the tool can find the matching files to include and concat and minify them into one file per type
- Currently has an override in place so that this is not yet customisable in the theme - will remove this override when we're ready for the feature
2021-11-04 11:34:40 +00:00
Naz
df5c87fae3 🐛 Fixed a 500 error when uploading invalid routes.yaml
closes https://github.com/TryGhost/Toolbox/issues/111

- Just like with invalid JSON redirects files we should return a BadRequestError instead of throwing a generic 500 when the redirects.yaml file fails parsing
2021-11-04 11:52:52 +04:00
Naz
091240db48 Added thumbnail upload support to Media API
refs https://github.com/TryGhost/Toolbox/issues/95

- Each media file quires a thumbnail and these changes provide a capability to upload them along with media files.
- The thumbnail file is always required and has to be the format of already supported image formats
- The thumbnail should be uploaded as a part of "thumbnail" attachment in the request
- The regression tests added with this changeset will be claened up and moved to unit-tests (this is a dirty-but-working version!)
- The thumbnail always gets a name of the uploaded media file and keeps it's own extension.
- The thumbnails is accessible under the url present in the "thumbnail_url" reponse field
2021-11-04 10:23:29 +04:00
Thibaut Patel
c32cc3e48b 🐛 Fixed broken assets for theme/design preview
refs https://github.com/TryGhost/Team/issues/1190

- The assets were broken in Admin when the frontend and admin urls were different
- Fixed the issue by changing the `asset` helper to output absolute URLs when the frontend/admin urls are differents
2021-11-03 11:20:04 +01:00
Naz
0ccf31cdb5 Fixed error message when booting with no redirects
refs 91efa4605c

- When the instance is booted without any redirects files configured it's not supposed to error but rather default to an "empty" [] redirects configuration.
- Ideally the logic shoudl not contain try/catch block at all and fail as soon as there's any error during the initialization. This wasn't changed at this time due to possible break of existing Ghost instances
2021-11-03 13:50:24 +04:00
Naz
c080f4b77d Fixed redirects integration tests
refs refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- The tests needed to have a clean state with empty redirects file, which was previously ensured through "configUtils". Because configUtils don't play ball with the class initialization pattern this approach was chosen
- It's an end-to-end test with lots of logic and pobably would be enough to run against single API endpoint. Leaving it as is and to be improved in the future
2021-11-03 07:41:55 +13:00
Naz
a9952b2437 Rewrote validation regression tests to be unit tests
refs refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- These regression tests are slow and should have been unit tests to start with
2021-11-03 07:41:55 +13:00
Naz
d101ef5293 Rewrote validation regression tests to be unit tests
refs refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- These regression tests are slow and should have been unit tests to start with
2021-11-03 07:41:55 +13:00
Naz
f4e725a7ef Removed redirects regression tests in favor of unit test
refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- Removed "download" regression tests as those cases were ported over to much faster unit tests
2021-11-03 07:41:55 +13:00
Naz
1c4dea00b9 Removed redirects regression tests in favor of unit test
refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- The regression test should not be testing edge cases like this and it's far more flexible and performant to test the service on the unit test level
2021-11-03 07:41:55 +13:00
Naz
c3edd4b3d4 Fixed redirects regression tests
refs https://linear.app/tryghost/issue/CORE-84/have-a-look-at-the-eggs-redirects-refactor-branch

- The problem this change is addressing is inability to override config values once the code is extracted into a class+DI pattern
- The work around is restarting the instance with the configuration testing expected behavior - in this case missing or existing types of redirects files
2021-11-03 07:41:55 +13:00
Fabien O'Carroll
91efa4605c Used DynamicRedirectManager for Custom Redirects
refs https://github.com/TryGhost/Members/commit/9e59f5a9

Since we have a DynamicRedirectManager for handling adding/removing
redirects at runtime, we no longer need the custom-redirects middleware.
The redirects service does however need an init method now to add the
custom redirects at Ghost boot, so it's been refactored into our Class &
DI pattern.
2021-11-03 07:41:55 +13:00
Naz
7eb7e00634 Added test coverage for not supported media type
refs https://github.com/TryGhost/Toolbox/issues/95

- Only supported media types should be accepted by `/media/` enpoint
2021-11-03 00:33:28 +13:00
Naz
4a551661d9 Implemented '/media/upload' API endpoint
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- This is an experimental implementation of video file upload support
- Also the output serializer skipped use of url utils in favor of inline implementatoin - this should almost certainly be it's own package
2021-11-03 00:33:28 +13:00
Naz
4907b7bf1e Added media fixtures for video files
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- Example source files downloaded from https://filesamples.com/
- These fixtures will be used in media endpoint tests
- They had to go in a separate commit as git doesn't like to batch up big files
2021-11-03 00:33:28 +13:00
Naz
5242566252 Added local media storage adapter
refs https://linear.app/tryghost/issue/CORE-121/create-a-video-storage-adapter

- This is an experimental implementation of video file upload support (audio is yet to follow)
- The storage adapter still needs more thinking as it's almost the same as the "LocalStorgeAdapter" that stores images.
- Also the output serializer skipped use of url utils in favor of inline implementatoin - this should almost certainly be it's own package
2021-11-03 00:33:28 +13:00
Rishabh
1a9705b824 🐛 Fixed error in setting page access to tiers
closes https://github.com/TryGhost/Ghost/issues/13704
closes https://github.com/TryGhost/Team/issues/1186

- updates page serializer to handle new `visibility_filter` property for filtering access on specific tier
- this change was already added for `posts` but was missed on `pages`, so parsing filter on `visibility` filter was failing
2021-11-02 13:36:32 +05:30
Fabien 'egg' O'Carroll
b36d0cc1c4
🐛 Fixed idempotentcy of addPermissionToRole util (#13685)
refs https://github.com/TryGhost/Team/issues/1178

The "up" migration that this util generates correctly throws if the
pre-requisite data cannot be found in the database. The "down" migration
however was incorrectly mirroring this behaviour of throwing - which
meant that it wasn't idempotent, as it does not require a permission or
role to existing if it wants to move relations between them.
2021-11-01 09:27:50 +00:00
Thibaut Patel
6e0bd7e7b5 Added fallbacks when the site title is undefined
refs https://github.com/TryGhost/Team/issues/1180

- An undefined site title was causing the `null` string to show in the html title tag on tag and author pages
2021-10-27 12:18:57 +02:00
Hannah Wolfe
b736a32eb9
Fixed mock-express style tests
- custom theme settings have to be initialised before the theme service
2021-10-25 09:56:54 +01:00
Kevin Ansfield
a485509a2f
🐛 Fixed GA labs flags not appearing enabled in settings API (#13681)
no issue

The way GA flags were introduced means that they stop existing in the `'labs'` setting in the db and are instead forced to always return `true` when checking the flag in the labs service. However, Admin which uses the flags fetches them via the `/settings/` API endpoint which was only returning the raw labs setting db value meaning GA flags appeared to be disabled unless the flag had previously been enabled and no settings save had occured.

- updated the settings bread service to replace the labs setting value with the JSON stringified output of `labs.getAll()` which is the ultimate source-of-truth for a feature being enabled/disabled
  - extracted `browse()` behaviour to an internal `_formatBrowse()` method so we can apply the same filtering/modification for output of `browse()` and `edit()`

Co-authored-by: Fabien O'Carroll <fabien@allou.is>
2021-10-22 19:59:13 +01:00
Fabien O'Carroll
f3bb6b43a5 Added Offers feature to Ghost
refs https://github.com/TryGhost/Team/issues/1115

This allows users to create Offers for Tier/Cadence pairs in order to
provide discounted subscriptions to Members! We have support for
percentage based discounts & fixed price discounts, either for the first
payment, all payments, or a number of monthly payments.

Offers also have a code, which can be used as an easy way to share them,
as visiting https://site.com/offer-code will automatically open Portal
with the Offer prepopulated.
2021-10-22 17:55:34 +02:00
Kevin Ansfield
a6982d5606
Added ability for themes to define custom settings (#13661)
closes https://github.com/TryGhost/Team/issues/1164

Themes can now define custom settings via their `package.json` file, and use them in templates via `@custom.{setting}`. Values for custom settings can be changed by site owners through a redesigned "Design settings" area in the admin interface.

Full announcement, documentation, and examples will be made available soon.

Co-authored-by:
- Sanne de Vries (@sanne-san)
- Thibaut Patel (@tpatel)
2021-10-22 15:02:16 +01:00
Kevin Ansfield
d7fbf94d91
Fixed ETag header for admin templates not changing between versions (#13680)
refs https://github.com/TryGhost/Team/issues/1175

We found the ETag header sent when serving the Admin template for /ghost/ was not changing between versions which after an upgrade could result in out of date cached content being served containing links to JS/CSS files that no longer existed.

The culprit is weak etags served by Node's `send` package, coupled with Admin template filesize not changing between versions and `npm pack` setting a fixed modification date for every file. See https://github.com/pillarjs/send/issues/176 for more details.

- updated the Admin app's controller to read the template and generate an md5 hash of the contents so we can serve a strong ETag header value when serving the `/ghost/` html
2021-10-22 14:25:58 +01:00
Fabien 'egg' O'Carroll
d962f0e18e
Removed NOT NULL constraint from portal_title (#13659)
refs https://github.com/TryGhost/Team/issues/1163

We want to make the title for Offers optional, our nullable validation
means that we cannot store an empty string, so we must remove the NOT
NULL constraint from the column if we want to store either an empty
value or null.

There is a bug with editing columns in SQLite with `knex` which strips all
the indexes, so we have to manually add them afterwards.
2021-10-22 14:14:49 +02:00
Hannah Wolfe
faea2da596
Moved server/web/site to frontend/web
- we're slowly trying to draw the lines between the backend and the frontend correctly
- these files deal only with serving the frontend so they should live there
- there are lots of mixed requires in these files, so having them in the right place makes that clear
2021-10-21 19:28:18 +01:00
Naz
98c27b5555 Added multiple adapters capability to adapter manager
refs https://linear.app/tryghost/issue/CORE-1/multiple-adapters-per-type

- There's a need to support multiple adapter variations per given adapter type (storage, sso, etc.)
- With the introduced changes we can specify a version of an adapter that should be fetched based on `:feature` postfix. For example:

`adapterManager.getAdapter('storage')` -  would return the default adapter listed under "active" configuration
`adapterManager.getAdapter('storage:videos') - would return an adapter configured for videos *feature*

- Here's an example configuration for a custom video storage:
```
"storage": {
    "active": "LocalFileStorage",
    "videos": "ghost-storage-custom-video",
    "ghost-storage-custom-video": {
        "custom": "configHere"
    }
}
```
2021-10-21 20:22:45 +13:00
Hannah Wolfe
48e66d2dd6
Fixed DB version integrity test
- We were not requiring the full path to our fixture file, and therefore we were testing the fixtures + utility functions
- This updates the test to clearly require the exact files we are checking, except the routes.yaml where we can't
- Also updates the hash to be the correct hash for just the fixture content
2021-10-20 19:39:06 +01:00
Kevin Ansfield
256f16a01f
🐛 Fixed URLs not being correctly transformed during insert operations (#13618)
closes https://github.com/TryGhost/Team/issues/1150

Our override of the base Bookshelf `insert` operation so that our own `formatOnWrite()` method is called on attributes was working on a false assumption that an `attrs` attribute is passed in as it is for the `update` operation. Instead Bookshelf's base update uses the `model.attributes` values to create an `attrs` object that is then passed through the usual `.format()` method meaning that our `insert` override was not actually doing anything.

- added a failing regression test for the `formatOnWrite()` override behaviour
- adjusted our insert/update overrides to set an internal `_isWriting` property on the model, then if that property is true our `.format()` override (which is called by Bookshelf on a generated `attrs` object during inserts) we manually call our `.formatOnWrite()` method
  - updated both overrides even though `update` was working for consistency and less cognitive overhead for reasoning between two different approaches
2021-10-20 15:22:46 +01:00
Kevin Ansfield
4ee6d13d41 Fixed failing custom theme settings API tests
refs 59a6f040d2

- the code was updated for the new method signature but the tests were missed
2021-10-20 13:31:41 +01:00
Fabien 'egg' O'Carroll
4e326123d3
Updated Offers related tables (#13609)
no-issue

* Removed NOT_NULL constraint from stripe_coupon_id

When handling disconnecting from Stripe - we remove all Stripe data from
our database to ensure we do not have bad/invalid data stored. Removing
this constraint will allow us to set the value to NULL.

* Added created_at column to offer_redemptions

Offer Redemptions are not just a joining table, but an event. A created_at
date allows them to be ordered

Because this is in alpha it is simpler to just drop the tables and
re-add them, due to offer_redemptions depending on offers, we also drop
this table and re-add it.
2021-10-20 14:22:37 +02:00
Hannah Wolfe
2756af83bb
Colocated mock-express style utilities 2021-10-20 13:18:35 +01:00
Hannah Wolfe
1146a42db3
Removed test READMEs
- These don't make sense and we're working on improving testing across the board
- We'll make sure our testing best practices are documented when they've settled
2021-10-20 13:18:35 +01:00
Hannah Wolfe
f652b3f164
Updated test to use the correct url service utils
- the integrationTesting utils are specific to the express mock style of testing
- all other tests can use the url-service-utils to check the url service is finished
2021-10-20 13:18:35 +01:00
Hannah Wolfe
b804dcec30
Renamed and moved "express mock" style tests
- Clarifying that these tests use a different pattern and we're not sure if it's staying or going
2021-10-20 13:18:34 +01:00
Hannah Wolfe
2ff6fdfab8
Fixed broken "mock express" style e2e tests
- done a fastest-possible overhaul on this style of tests to try to get them to work independently again

This is a pattern that was introduced a while ago to try to speed up our e2e tests and I'm not sure if it's staying or going
It uses a minimal frontend-only version of the boot process and a custom-built express testing tool
However it's really old and out of date because of the boot refactor and several changes since
This highlights the key problem with it - it doesn't rely on any of our "core" boot process, it makes it up, and therefore how reliable are these tests?
Ideally we need to get these tests working with the real boot process in some capacity
We would then need to make sure we have all the tests in e2e-frontend written in this style
2021-10-20 13:18:33 +01:00
Daniel Lockyer
1fd980ee9b Set global Luxon timezone override to UTC
refs https://linear.app/tryghost/issue/CORE-113/start-off-luxon-refactor

- we're planning on switching to Luxon for our date/timezone library,
  eventually replacing `moment` and `moment-timezone`
- the first step is to set the global timezone override to UTC, which is
  done in `core/server/overrides.js`
- also adds a test to ensure we're setting the timezone correctly
- this was mostly pulled from https://moment.github.io/luxon/#/zones?id=changing-the-default-zone
2021-10-20 09:19:29 +02:00
Naz
393280b6ae Reworked LocalFileStore methods to use async syntax
refs https://linear.app/tryghost/issue/CORE-1/multiple-adapters-per-type

- While digging around this area refactored the code to use more readable async/await syntax instead of chaining then's
- Dropped unneeded "catch" block in save method as all it was doing was rethrowing an error with out additional handling
2021-10-20 10:29:46 +04:00
Naz
51b78211c5 Renamed bootstrap to routerManager
refs https://linear.app/tryghost/issue/CORE-104/decouple-frontend-routing-events-from-urlserver-events

- A follow up rename after bootstrap module was transformed into class
2021-10-19 07:29:09 +13:00
Naz
979474a8cc Refactored bootstrap module into RouterManager class
refs https://linear.app/tryghost/issue/CORE-104/decouple-frontend-routing-events-from-urlserver-events

- The "bootstrap" didn't give enough credit to everything this module was doing - it's responsible for managing correct initialization and reinitialization of the frontend Routes as well as passing router creation information back to the frontend's URL service
- The refactor is done in two steps - the "bootstrap.js" will be renamed in the follow-up commit to have a clean history of how the file evolved
2021-10-19 07:29:09 +13:00
Naz
098891ee9a Removed bootstrap module dependency from frontend routers
refs https://linear.app/tryghost/issue/CORE-104/decouple-frontend-routing-events-from-urlserver-events

- "routerCreated" call was causing a need to create a dependency on the frontend Router level which didn't fit nicely with the refactor of the bootstrap into a class, it's also makes way more sense having it as an independent parameter instead of a call on a module (makes testing way more readable too!)
2021-10-19 07:29:09 +13:00
Naz
6e075c78bf Moved URL service to backend
refs https://linear.app/tryghost/issue/CORE-104/decouple-frontend-routing-events-from-urlserver-events

- URL module is part of the backend heavily dependent on the model and fits perfectly here. Frontend should get the data it needs by passing a URL manager instance to it
2021-10-19 07:29:09 +13:00
Naz
18344a16e2 Removed event chain caused by settings date update
refs https://linear.app/tryghost/issue/CORE-104/decouple-frontend-routing-events-from-urlserver-events

- The 'settings.timezone.edited' event triggers a roundtrip chain of calls in the frontend routing to the url services. It was all handled by event listeners and handler that clearly don't belong there.
- Extracted event realted listeners/handlers into methods and moved most of the logic to the "bootstrap" module, which soon is going to become a "RoutesManger"
- The result of this refactor - no more events going back and forth between frontend routing and the backend!
2021-10-19 07:29:09 +13:00
Naz
3bca65d868 Removed unnecessary checks in unit test suites
refs https://linear.app/tryghost/issue/CORE-104/decouple-frontend-routing-events-from-urlserver-events

- These modules have nothing to do with "events"! There's no reason to test for something that would not ever happen
2021-10-19 07:29:09 +13:00
Naz
597ec51afb Removed 'router.created' event emmision from forntend routers
refs https://linear.app/tryghost/issue/CORE-104/decouple-frontend-routing-events-from-urlserver-events

- The 'router.created' event should eventually be killed. For now the aim is to create a clear communication pathway between frontend's routing module and the URL service (similar to the frontend bridge concept on the "server" side)
2021-10-19 07:29:09 +13:00
Hannah Wolfe
7280f82722
Moved core/shared/i18n to theme-engine/i18n
- core/shared/i18n is no longer used. Remove it to prevent temptation!
- this class needs merging with the one in themes, but for now just co-locate them as that's quicker and easier
2021-10-15 20:25:56 +01:00
Hannah Wolfe
67821a7bc7
Removed remaining usage of i18n & translation file
refs https://github.com/TryGhost/Ghost/issues/13380

- Now that i18n.t has been removed everywhere, we can cleanup the final usages
- Still TODO: merge the i18n logic into themeI18n, and get rid of shared/i18n entirely
2021-10-15 11:39:07 +01:00
Hannah Wolfe
48057ce7a8
Improved match helper tests
- Some of the implicit equals tests were wrong.
- Added some object and array tests whilst here.
2021-10-15 09:51:00 +01:00
Hannah Wolfe
981f11da95
Added basic {{match}} helper
refs: https://github.com/TryGhost/Team/issues/759

- The match helper allows for basic equals and not equals comparisons,
Example:
  {{match title "=" "Getting Started"}}
  {{match slug "!=" "welcome"}}
- There's a lot more functionality we want to add here, so that it ends up being a replacement for {{#has}}
- However, this first iteration is already useful, especially in the context of custom theme settings
- Therefore we are adding it early, and will document it along with custom theme settings when that goes GA very soon
2021-10-14 19:36:56 +01:00
Kevin Ansfield
d7ae6e0138 Added image as an allowed custom theme setting type
refs https://github.com/TryGhost/Team/issues/1107

- updated schema validation to allow `'image'` through as a known setting type now that Admin has support
- added transformation of setting values for `'image'` types because they will be URLs and should be stored with `__GHOST_URL__`
2021-10-14 18:41:54 +01:00
Hannah Wolfe
cd765e2393
Added implicit equals support to match helper
refs: https://github.com/TryGhost/Team/issues/759

- This allows for {{match x y}} to work without having to supply an "=" sign explicitly
2021-10-14 16:29:42 +01:00
Hannah Wolfe
fbc23459fc
Added full SafeString handling to match helper
refs: https://github.com/TryGhost/Team/issues/759

- No matter what, a handlebars helper outputs a string. So if you return true, you'll always get 'true'.
- SafeStrings are handlebars's way of passing around a string whilst also maintaining a record of the original value e.g. new SafeString(true) results in {string: true}
- We need this for the match helper, so that we know when doing a comparison that we're meant to be comparing against a boolean true, not a string true
- Therefore, we need to putput SafeStrings, but also process them when passed in

The logic
- Figuring out the correct logic here has been a little tricky but essentially:
  - {{match safestring}} with a single arg, will return true for any truthy value
  - {{match safestring "=" true}} does a direct comparison with the original value of the safe string, so if it was a boolean true, the match will be true else false
  - {{match (match something) "=" true}} will therefore work for any level of nesting
  - this can result in slightly inconsistent results, but feels correct and documentable

This is documented extensively through the test cases
2021-10-14 16:29:41 +01:00
Fabien O'Carroll
cb75c0f427 Fixed integration tests
refs https://github.com/TryGhost/Ghost/commit/b93e7d7f7c

Our CI wasn't running integration tests so this slipped through. When
adding a new table we must update the exporter to ensure it's exported,
and that means the tests need to be updated to check for it!
2021-10-14 13:22:45 +02:00
Naz
fead0e3dcf Decoupled frontend rss service from the url service
refs https://linear.app/tryghost/issue/CORE-103/decouple-internal-frontend-code-from-url-module

- We need to decouple all frontend services from URL service as much as possible. "bootstrap" module is now a central point to substitute (proxy really) function previously done by the URL service and this move changes direct usage of URL service to "bootstraps" internal proxy function
2021-10-14 05:55:49 +13:00
Naz
add30f3d5b Decoupled frontend routing from url service
refs https://linear.app/tryghost/issue/CORE-103/decouple-internal-frontend-code-from-url-module

- By becoming a parameter in the routing bootstrap process URL is Service no longer a "require" inside the frontend controllers but rather becomes a part of the "internal API" of the bootstrapper. This is not the end form of it, rather a step closer to decouplint routing from the URL serivce.
- The bootstrap module needs a facelift to have cleaner distinction between init/start methods. This is left for another time
2021-10-14 05:55:49 +13:00
Kevin Ansfield
7cb93be60b Added boolean as allowed custom theme setting type
refs https://github.com/TryGhost/Team/issues/1106

- updated schema validation to add `'boolean'` as an allowed `type` value
- added `format()` and `parse()` methods to `CustomThemeSetting` model to match `Settings` model behaviour for boolean-type settings
2021-10-13 17:25:32 +01:00
Fabien O'Carroll
b93e7d7f7c Added offer_redemptions table to database
refs https://github.com/TryGhost/Team/issues/1132

This will be used to store Offer Redemptions, which will be used to list
the Offers which a Member has redeemed, as well as the number of times
an Offer has been redeemed.
2021-10-13 17:37:39 +02:00
Fabien 'egg' O'Carroll
b48c16c118
Added active column to offers table (#13592)
refs https://github.com/TryGhost/Team/issues/1131

This will be used as a flag to determine whether or not an Offer is
archived or active.
2021-10-12 15:20:45 +02:00
Hannah Wolfe
4ba372d813
Removed accidentally duplicated tests
- this was a result of a bad rebase, these tests should only exist once in their new form
2021-10-11 15:19:55 +01:00
Naz
1530cb28a5 Simplified Notification's service constructor
refs https://linear.app/tryghost/issue/CORE-64/resolve-undissmissable-update-notification-banners

- There's no need to pass a whole "version object" when all we need it a string in a full version format inside the module
2021-10-11 16:04:48 +02:00
Naz
c0d59db5be Added filtering of outdated custom notifications
refs https://linear.app/tryghost/issue/CORE-64/resolve-undissmissable-update-notification-banners
refs https://github.com/TryGhost/Team/issues/754
refs https://github.com/TryGhost/Team/issues/204
refs https://github.com/TryGhost/Ghost/issues/10236

- Custom notifications coming form the update check service should not be shown beyond instance's update. Once the notification is received it's marked with the current version number. With an instance upgrade all notification with older version should be hidden.
- This improvement should also resolve the problem of major version notifications with next major update (the code associated with https://github.com/TryGhost/Ghost/issues/10236 can then be removed after 5.0.1)
2021-10-11 16:04:48 +02:00
Naz
d948be5bcb Grouped "browse" unit tests together
refs https://linear.app/tryghost/issue/CORE-64/resolve-undissmissable-update-notification-banners

- Before making changes + adding more tests to the notifications test suite grouped related "browse" tests into a describe block. Housekeeping :)
2021-10-11 16:04:48 +02:00
Naz
8737ec8888 Added createdAtVersion property to newly created notifications
refs https://linear.app/tryghost/issue/CORE-64/resolve-undissmissable-update-notification-banners

- The property is meant to track Ghost instance version the notification was received and processed at.
- This information should be useful in the future to dismiss outdated notifications
2021-10-11 23:38:40 +13:00
Naz
53ae852a0e Added checks for notification properties
refs https://linear.app/tryghost/issue/CORE-64/resolve-undissmissable-update-notification-banners

- Before introducing new properties made sure existing ones were well understood and tested in a basic way
2021-10-11 23:38:40 +13:00
Kevin Ansfield
c33b596e9c
Added API tests for custom theme settings (#13519)
refs https://github.com/TryGhost/Team/issues/1104

- bumped `@tryghost/custom-theme-settings-service` so it throws a more appropriate `ValidationError` when setting keys don't exist or a select value is not known
- changed the custom theme settings service to have a `.init()` method which creates an instance of the service under `.api` so that we're able to create the instance at a particular point in the boot process when we know the models have been initialised
  - there were problems in tests because the service was being initialised through the require chain before models were initialised through the boot process
- fixed incorrect `camelCase` of resource name in API responses
2021-10-08 16:18:49 +01:00
Aleksander Chromik
48ac52800b
Replaced i18n.t w/ tpl in core/server/lib/image (#13507)
refs: #13380

- The i18n package is deprecated. It is being replaced with the tpl package.

Co-authored-by: Aleksander Chromik <aleksander.chromik@footballco.com>
2021-10-08 15:44:13 +01:00
Hannah Wolfe
61bb4ae770
Moved parent vhost test back to regression temporarily
- this test file uses a different pattern to the other test files
- not yet sure if the pattern is terrible or genius, need to assess before moving it into a folder full of what are meant to be exemplary tests
2021-10-08 13:50:37 +01:00
Naz
e69fa71584 Added basic unit test to cover notifications' service add method
refs https://linear.app/tryghost/issue/CORE-64/resolve-undissmissable-update-notification-banners

- We aim for full unit test coverage in our libraries and services. The very basic method coverage was missing so adding it!
2021-10-07 18:18:28 +02:00
Naz
c65e62b7df Promoted email-only feature to general availability
closes https://github.com/TryGhost/Team/issues/1125
refs 3c822e0457

- Email-only is not considered a general availability feature and can be used without special flags.
- It allows to publish a new post type "email only" that only goes out as an email newletter and is available through an undescoverable URL (does not appear anywhere publicly similarly to preview posts) on the site.
2021-10-07 12:08:56 +02:00
Hannah Wolfe
8902cc85d6
Updated e2e tests to be async/await
- These test files were moved from regression, and were not up to date
- Ensured they follow the right patterns
2021-10-06 15:51:05 +01:00
Hannah Wolfe
e4074286df
Cleaned up some e2e/integration tests
- e2e tests are tests that cover critical functionality by booting ghost
- integration tests are more like unit tests, but need to initialise and use a db
- so settings shouldn't start Ghost, url service is critical and should be in integration, and preview is critical and should be in e2e
2021-10-06 14:40:39 +01:00
Hannah Wolfe
726db1c0ec
Added integration test config & moved db-driven tests
- some tests are necessarily driven from the db
- these are like unit tests, except they only make sense if using the db - else you have to stub too much to make them worthwhile
- for these rare but important cases, we have the clear concept of integration tests
2021-10-06 13:51:24 +01:00
Hannah Wolfe
624414e0c1
Moved server e2e tests to own folder
- We have a bunch of important server-related e2e tests
- Make these clear in their own folder
- "server" is everything that isn't the api or the frontend - kind of a catch-all concept
2021-10-06 12:55:37 +01:00
Hannah Wolfe
1dec3d56b1
Renamed our acceptance tests to "e2e"
- These are end-to-end tests, make it clearer what they are and what they are supposed to do
2021-10-06 12:40:52 +01:00
Hannah Wolfe
f5f24d9cbc
Removed 2 test files that weren't deleted when moved
refs: 95d27e7f5

- My IDE is messing me about today, I moved these two files into test/unit/frontend/services in 95d27e7f5
2021-10-06 12:17:26 +01:00
Hannah Wolfe
9e96b04542
Moved server unit tests into the server folder
- this is a small part of a bit of cleanup of our test files
- the goal is to make the existing tests clearer with a view to making it easier to write more tests
- this makes the test structure follow the codebase structure more closely
- eventually we will colocate the tests as we break the codebase down further
2021-10-06 12:01:09 +01:00
Hannah Wolfe
95d27e7f58
Moved frontend unit tests into their own folder
- this is a small part of a bit of cleanup of our test files
- the goal is to make the existing tests clearer with a view to making it easier to write more tests
- this makes the test structure follow the codebase structure more closely
- eventually we will colocate the frontend tests with the frontend code
2021-10-06 11:58:29 +01:00
Naz
e3b56dd99f 🐛 Fixed immediately sent email when scheduling email-only post
closes https://linear.app/tryghost/issue/CORE-78/email-only-scheduling-should-work-the-same-way-as-regular-posts

- The email was going out at the moment of scheduling an email-only post instead of respecting the scheduled time.
2021-10-05 16:42:29 +02:00
Hannah Wolfe
d724c8f95d
Fixed amp not rendering content
refs: 9d7049cd3

- I missed that the amp_content helper was meant to be async when refactoring
- I have updated our proper amp acceptance tests to catch the content not rendering as this is a regression, this should definitely have been caught
- Added missing async property to amp_content helper to fix the issue
2021-10-05 12:27:31 +01:00
Hannah Wolfe
9d7049cd3f
Refactored helper registration code into a service
- The helper registration code is "framework" code and very specific
- At the moment the "theme engine" is full of lots of disparate theme related stuff
- I'm trying to make the frontend framework code clearer and also expand it to  make it more useful
- The helper system now also exposes 3 methods allowing you to register a directory, a helper or an alias
- I've updated the codebase to use these both for our core helpers and for "apps"
2021-10-05 10:04:02 +01:00
Daniel Lockyer
0ec6b425ee
Merged v4.17.1 into main
v4.17.1
2021-10-05 08:33:42 +01:00
Fabien O'Carroll
cda041d424 Moved StripeAPIService to its own service
refs https://github.com/TryGhost/Team/issues/1083

The Offers service is going to need access to the StripeAPIService too,
so we need to move it out of the @tryghost/members-api module and make
it accessible to both.
2021-10-04 19:28:19 +02:00
Naz
5066e65e03 Added validation to redirects config
refs https://linear.app/tryghost/issue/CORE-86/fix-failing-site-instance-when-redirects-file-is-invalid
refs 260a47da83

- Added validation logic to catch redirects files having invalid RegEx expressions when they are introduced into the system (on upload)
- This way the error happening in the refed commit would have not happened as the validator would not have passed it through
- Moved up the "Router" declaration in custom-redirects as it needs to happen before any other bit of logic has a chance to throw
2021-10-04 18:32:40 +02:00
Hannah Wolfe
1bbaf65a22
Removed need for index.js in frontend/helpers
- The index.js file was actually loader code
- It was mainly used by the unit tests, which needed to be rewritten to get each helper individually
2021-10-04 16:46:01 +01:00
Naz
8f5186995d Added unit test coverage for invalid redirects config
refs https://linear.app/tryghost/issue/CORE-86/fix-failing-site-instance-when-redirects-file-is-invalid
refs 260a47da83

- Refed commit was missing a unit test coverage.
- The approach here introduces a new pattern - using `supertest` in unit tests. I've found this to be the most expressive way to test an express app which receives certain middleware dynamically. Because there are very few moving parts the test is still extremely quick to run
2021-10-04 16:44:23 +02:00
Naz
260a47da83 🐛 Fixed 500 when instance has an invalid redirects config
refs https://linear.app/tryghost/issue/CORE-86/fix-failing-site-instance-when-redirects-file-is-invalid

- The site was returning a 500 for all routes whenever an invalid redirects file was uploaded.
- The cause of this issue surfacing was this change - 0962b3ed45 (diff-10784969d51d9abb9d620625a14b31661ff3f98dbfb0ea17186186a8151bacfaL35) . Previously an instance always had some sort of a working router and when the configuration failed it still functioned as an empty redirects router. After the change no router was mounted resulting in a 500
- Test cases fixing the problem will folllow
2021-10-04 15:25:37 +02:00
Hannah Wolfe
b10802f4c6
Updated fixture hash for integrity check
refs: fe2958eb73

Commit fe2958eb73 updated fixtures without updating the integrity hash - not sure how I missed this!
2021-10-04 13:47:12 +01:00
Paul Cushing
fe2958eb73
Fixed typo "in" default About page. (#13271)
- added a missing word
2021-10-04 12:18:15 +01:00
Fabien O'Carroll
58653690bd Fixed member bulk actions acceptance tests
refs https://github.com/TryGhost/Team/issues/1077
refs https://github.com/allouis/Ghost/commit/cdbccdeba

These tests were forgotten in the update to the API.
2021-10-01 14:21:14 +02:00
Rishabh Garg
c4cfd1839a
Added offers table (#13381)
refs https://github.com/TryGhost/Team/issues/1088

- adds schema for new offers table
- adds permission fixtures for new offers table
- adds migrations for new table and permissions

Co-authored-by: Fabien O'Carroll <fabien@allou.is>
2021-10-01 12:18:33 +02:00
Naz
99a2f12cb7 Simplified yaml parser to have fewer dependencies
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings
refs 5715aa2155 (diff-48644be82a9b957e5e627bf7b0f2f73cdb1d63851ffad68c7c178c5886495bb8R52-R57)

- Simplified the yaml parser implementation to take in a single parameter, this move will allove to simplify the logic in the route settings + opens a door to unify handling with redirects yaml parsing!
- We loose the "filename" from the error information but that was a generic "routes.yaml" anyway and would be thrown only when somebody uploaded a routes.yaml file (no real added value).
- The debug statement should be moved to contain related filepath+other info to the calling module instead
- An additional error handler was borrowed from the redirects yaml parsing logic that was introduced in a referenced commit - it still makes sense to keep it for routes.yaml configuration
2021-09-30 17:29:43 +02:00
Naz
1ac0ba07de Extracted yarml persed dep out of settings loader
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- Moving internal dependencies to be injected through constructor DI for better testability. This is first step of few more to follow. Not doing it all at once as there's too many thing failing when doing a bulk refactor
2021-09-30 17:29:42 +02:00
Naz
96d075c47d Refactored settings loader to class
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- It's a step to making the module follow class+DI pattern before fully extracting it into an external libarary
- Reminder, doing in Ghost repo instead of substituting big chunks all at once to have clear history of how the service evolved prior to the extraction into external lib!
2021-09-30 17:29:42 +02:00
Naz
a00b994e9e Renamed route loader module to settings-loader
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- The rename was needed to make it something more generic to later fit both routes and redirects setting purposes
2021-09-30 17:29:42 +02:00
Kevin Ansfield
b8e2bb7b6d Allowed custom theme settings to be passed through preview data
refs https://github.com/TryGhost/Team/issues/1097

- added `customThemeSettingKeys` as an argument to `preview.handle()` because we can't know which keys should be allowed through up-front
- added `custom` as a supported setting in the preview header data
  - `custom` should be a JSON object containing any custom theme settings
  - we parse the object but only set properties on `@custom` that are known custom theme setting keys
  - if parsing fails or it's not an object then no custom data is set
- updated `updateLocalTemplateOptions()` to pull `.custom` off of the preview data and pass it through so it's accessible on `@custom` as an override to the saved custom data
2021-09-30 13:23:39 +01:00
Kevin Ansfield
8a17e723a1 Moved usage of preview options from globalTemplateOptions to localTemplateOptions
refs https://github.com/TryGhost/Team/issues/1097

globalTemplateOptions are supposed to be static with localTemplateOptions being merged in per-request, however the per-request preview data was being extracted and set in the global options. Comments suggest that the global data should be static and eventually updated via other means, the usage of the request object to get per-request preview data is working against that.

- adjusted the preview handler to return an object rather than changing properties by reference on a passed in object
- moved preview data fetching out of `getSiteData()` used in `updateGlobalTemplateOptions()` and into `updateLocalTemplateOptions()` so that we're not relying on the request object in `updateGlobalTemplateOptions()`
2021-09-30 12:12:55 +01:00
Kevin Ansfield
4a6bedce7b Fixed theme-engine middleware tests timing out rather than showing failed assertions
no issue

- if any of the assertions in a test failed there was no handling, instead the test just timed out with a timeout error
- wrapping the assertions in a try/catch and calling `done()` with the error object aborts the test immediately and shows a useful assertion failure message
2021-09-30 12:12:55 +01:00
Naz
d4cd1bb865 Refactored ensure settings module into a class with DI
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- Ensure settings had only one method but would benefit from class+DI pattern before extracting it into an outside module.
- The logic is now also less coupled with "routes" and single source/destination paths. It's all configureable instead and might be reused if similar pattern is needed for example with redirect settings defaults.
2021-09-29 20:56:55 +02:00
Hannah Wolfe
fd20f90cca
Divided f/e proxy into true proxy + rendering service
- The original intention of the proxy was to collect up all the requires in our helpers into one place
- This has since been expanded and used in more places, in more ways
- In hindsight there are now multiple different types of requires in the proxy:
   - One: true frontend rendering framework requires (stuff from deep inside theme-engine)
   - Two: data manipulation/sdk stuff, belongs to the frontend, ways to process API data
   - Three: actual core stuff from Ghost, that we wish wasn't here / needs to be passed in a controlled way
- This commit pulls out One into a new rendering service, so at least that stuff is managed independently
- This draws the lines clearly between what's internal to the frontend and what isn't
- It also highlights that the theme-engine needs to be divided up / refactored so that we don't have these deep requires
2021-09-29 13:10:14 +01:00
Naz
0962b3ed45 Made custom-redirects middleware testable
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings
refs 7528ec8c3b

- The way the custom redirects middleware was organized made it extremely hard to unit test it (had to stub the redirects service methods etc). With a new organization it's possible to provide needed redirects configs to the method which makes the actual redirects Router logic testable and the code less coupled with redirects services
- This was meant to be an attempt to extract more of the slow redirects regression tests, which failed. Instead found this weak spot that could be improved and gained:
- shaved 4s of time as two slow regression test cases are now gone
- there's now a base to build upon when getting more coverage for the custom redirects middleware
2021-09-28 22:00:32 +02:00
Naz
dd042d69c9 Moved routing setting hash calculation to backend
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- These were the last bits that had to be moved out of the frontend doing route.yaml related operations
- Next steps will be refactoring a "bag of everything" into smaller modules and reducing dependencies where possible
2021-09-28 04:59:41 +13:00
Naz
95706aa37e Moved validate&yaml-parser modules to backend
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- These modules should be colocated along with the rest of routes.yaml related modules
- They will later be extracted into external modules
2021-09-28 04:59:41 +13:00
Naz
7a91917424 Removed use of 'routes' parameter in route settings loader
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- The only allowed route settings name is 'routes.yaml', which removes a need to parameterize the function as the location is permanent anyway
- Simplifying the function in any possible way before extracting the common bits into an external lib
2021-09-28 04:59:41 +13:00
Naz
ba964c549f Moved route settings "getter" to the backend
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- Frontend is not meant to know about the underlying source of the "routes" configuration, so any reads/edits/validations are being moved into a backend service. This should also simplify the coupling of the backend with the frontend where the latter will get a JSON blob with all needed configuration during the boot
- Nother problem the "get" method had was hiding an underlying function it was doing - reading the file from the filesystem SYNCRONOUSLY. It might be a thing we need to do during the "web" app initialization, but there's no clear need to do this in a sync fassion during the bootup for example. Also having a more explicit name should help :)
2021-09-28 04:59:41 +13:00
Naz
484bb2eea2 Moved default-routes.yaml file to backend
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings
refs c1c9bf0866

- Actions logic related to file system operations (like ensuring files exist) should be done on the backend. Now the route settings initialization logic lives on the backend it makes sense to keep the file closer to the source.
- The move is the opposite to the one refed in the commit with a
difference that the file now lives in "route-settings"
2021-09-28 04:59:41 +13:00
Naz
31e9434466 Moved route settings initialization to backend
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- Actions logic related to file system operations (like ensuring files exist) should be done on the backend. The frontend will be receiving a unified JSON blob config without needing to know about filesystem
2021-09-28 04:59:41 +13:00
Naz
4a47e8d0a8 Changed settings loader module API signature
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- It was not clear from the module signature/usages that the default method is executing synchronously. The change makes it explicit. Knowing if the method is synchronous is helpful to stop possible pefr bottlenecks!
2021-09-28 04:59:41 +13:00
Naz
748ea9540c Refactored routes hash to be a "single" value
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- It's a continuation of simplifying the concept of multiple frontend settings. If there's just one file we support there should be just one hash
2021-09-28 04:59:41 +13:00
Naz
93af11bdec Simplified knowSettings usage
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- 'knowSettings' was based on a "configurable" array of settings that might be configured in Ghost. The multitude never happened! The only setting the frontend takes care of is routes.yaml file (redirects is also kind of a setting but is a separate concept for now).
- Having just one type of file to deal with allows to simplify implementation significantly, which helps before a big refactor
2021-09-28 04:59:41 +13:00
Naz
010db90a51 Removed unused getAll settings method
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- The getAll function was never used. No need to keep it around!
2021-09-28 04:59:41 +13:00
Naz
71e2a06b25 Reworked ensure-settings module to take in singular file path
refs https://linear.app/tryghost/issue/CORE-35/refactor-route-and-redirect-settings

- This is a micro-step towards getting rid of multiple "knownSettings" concept. Since the introduction of an array of knowSettings there was never-ever a need to handle anything but a single `routes.yaml` file. Getting rid of this concept first to have a simpler module. Next step would be getting rid of filesystem reads/writes in the "frontend"
2021-09-28 04:59:41 +13:00
Kevin Ansfield
b6d9bad6dc
Added custom theme settings browse/edit permissions for Administrators (#13361)
refs https://github.com/TryGhost/Team/issues/1070TryGhost/Team#1070

- initial implementation will only allow browse+edit via the API
2021-09-27 09:59:09 +01:00
Kevin Ansfield
57effd9585
Added custom_theme_settings table/model (#13327)
refs https://github.com/TryGhost/Team/issues/1070

- stores values of custom theme settings
  - will be merged with full settings data parsed from themes for API output
  - will be cached and made available for lookup in themes to avoid db roundtrips
- stores type of custom theme settings so we can coerce values and know if the type has changed when syncing
- records will be synced with themes upon activation
2021-09-23 11:51:18 +01:00
Daniel Lockyer
93e4b2eafd 🔒 Fixed remote command injection when using sendmail email transport
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-wfrj-qqc2-83cm
refs https://github.com/advisories/GHSA-48ww-j4fc-435p

- a vulnerability in `nodemailer` means that the `sendmail` transport is
  vulnerable to command injection for flags passed to the `sendmail`
  binary
- updating to the latest version of Nodemailer required creating
  `@tryghost/nodemailer`, which is a wrapper around Nodemailer and
  several plugins that used to be in the core
- this commit switches to using that package, and fixes up some small
  code + test changes
2021-09-17 16:46:51 +01:00
Hannah Wolfe
7d1d6ec6eb
🐛 Fixed error in sitemap with >50k posts (#13317)
closes: CORE-34
refs: https://github.com/TryGhost/Team/issues/1044

- this is a super basic fix, it adds a max nodes concept and limits the node in each sub-sitemap to 50k by default
- this will prevent the error in google console
- a better fix is in progress, but we want to at least solve the errors ASAP
2021-09-17 11:13:42 +01:00
Fabien 'egg' O'Carroll
2dca63eae2
Added temporary database table for analytic events (#13312)
refs https://github.com/TryGhost/Team/issues/1053

This table is going to be completely deleted at some point in the
future. It serves as a persistent datastore for a spike into collection
analytic events for members. We've opted for a generic table, rather
than a table for each event, so that we can push the DB to the limit in
terms of the length of the table, and find out performance issues A$AP
2021-09-17 11:15:21 +02:00
Hannah Wolfe
ba587ba882
Fixed logic bugs in match helper (#13315)
closes: CORE-33

Two bugs:
- lodash isEmpty and handlebars util isEmpty are not the same
- I literally had the truthy and falsy cases the wrong way around 🙈

Notes:
- I have, for now, copied the isEmpty util from handlebars. It's so small it doesn't seem worth trying to require the util right now, although in future it'd be nice if that was easier to do
- Adding the management for the conditional being a SafeString allows the match helper to be a subexpression of itself, I can see this pattern being useful later in combo with the any and all helpers
2021-09-17 09:47:10 +01:00