Commit Graph

29650 Commits

Author SHA1 Message Date
Naz
235d716048
Refactored notifications e2e tests to use test framework
no issue

- Bumped into these tests when doing cleanup in the notifications service. Having full snapshot of requests is useful to have as a sanity check, so migrated this test suite quickly.
2022-09-09 19:51:50 +08:00
Ronald Langeveld
a001c63dbd Revert "Bumped to Portal to 2.11.2"
This reverts commit 8276cad6f1.
2022-09-09 13:33:29 +02:00
Ronald Langeveld
8276cad6f1
Bumped to Portal to 2.11.2
ref https://github.com/TryGhost/Ghost/pull/15335
2022-09-09 13:12:11 +02:00
Simon Backx
145a111e4c Updated admin auth frame to use versionless API
refs https://ghost.slack.com/archives/C02G9E68C/p1662717296469599

The API no longer has versions, so this required a redirect every time.
2022-09-09 12:01:23 +02:00
Ronald Langeveld
eb6534bd7f
Replaced all 'bio' references with 'expertise' for member comments. (#15359)
closes https://github.com/TryGhost/Team/issues/1772

- The user facing side of comments recently replaced `bio` with `expertise`.
- To remain consistent we replaced all the references of `bio` with `expertise` throughout the codebase.
- This includes a database column name changing migration, within the `members` table.
- Bumped up the comments-ui version to a new minor (0.10.x) as its a breaking change.
2022-09-09 10:14:49 +02:00
renovate[bot]
621956a1f3
Update dependency @html-next/vertical-collection to v3.1.0 (#15385)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-09 09:11:59 +01:00
Hakim Razalan
f133c85258
🐛 Fix sidebar members number not updated after member create & delete (#15378)
no issue

Dynamically updates member count on the sidebar when creating, deleting and uploading members.
2022-09-09 08:36:14 +02:00
Naz
8935f53d63
Fixed yarn command failure
refs ab0661c746

- The command was failing on non-org machines because the @tryghost/adapter-base-cache was published as private by accident.
2022-09-09 13:39:57 +08:00
Naz
ab0661c746
Fixing yarn command failure
no issue

- By bumping the version of adapter-base-cache I'm expecting `yarn` command to pick up this package. I suspect the failures on CI are due to some caching issue.
2022-09-09 13:26:51 +08:00
Naz
ff5919e86c
Extracted cache adapter base class to external package
https://github.com/TryGhost/Toolbox/issues/364

- When the adapter base class lives deep inside Ghost's codebase it is pretty hard for other developers to extend it. With the goal of making Ghost easier to use and deploy by others, this kind of functionality should be as easy to extend as possible.
- The base adapters should live in the TryGhost/SDK repository. Next ones to move are Scheduling, SSO, and Storage base adapters.
2022-09-09 12:36:49 +08:00
Hannah Wolfe
2cc5c15ca4 Improved capture of messages to sentry
refs: https://github.com/TryGhost/Team/issues/1121

- use captureMessage instead of captureException in showAlert as showAlert should always have a String not an Error
   - this should hopefully improve how these things appear in Sentry
- moved source to a tag, not context, so we can filter on the source in sentry UI
2022-09-08 19:56:54 +01:00
Hannah Wolfe
0ad501ec4b Updated showAlert to send only errors to sentry
refs: https://github.com/TryGhost/Team/issues/1121

- Reviewing the list of errors in sentry, some of the most common ones are:
   - success messages like "Password changed"
   - info messages like "Please check your email for instructions."
   - warnings like "You need to sign out to register as a new user."
- None of these are errors, so they shouldn't appear in sentry
2022-09-08 19:56:54 +01:00
renovate[bot]
b377390855 Update dependency ember-concurrency to v2.3.7 2022-09-08 18:32:42 +01:00
renovate[bot]
3d4c97f8c7
Updated @tryghost dependencies (#15349)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-08 18:32:13 +01:00
Daniel Lockyer
790e4c5598
Added history log for staff actions
fixes https://github.com/TryGhost/Toolbox/issues/356

- this feature allows site Administrators to view a history log of staff
  actions on their site so they can audit when and by whom that something happened
- this commit promotes the History log to GA
2022-09-08 18:23:39 +01:00
Kevin Ansfield
3ec8b4e9b3 Deleted react-editor experiment
no issue

- cleanup now that the experiments have finished
2022-09-08 17:35:59 +01:00
Hakim Razalan
a440076a12
🐛 Fixed validation errors for duplicate members (#15362)
closes: #15292

- Remove banner error and show duplicate member validation error inline
- Add property: 'email' to member API validation error
2022-09-08 17:29:48 +01:00
Hannah Wolfe
7084217d3d
Added same-origin referrer rule to post previews
- this prevents the referrer/referer header being sent for requests that go to external domains
- this in turn prevents preview URLs from appearing in the analytics of sites that are linked to and clicked on from previews
- otherwise, preview URLs can be leaked to the owners of the linked and clicked sites
2022-09-08 12:39:13 +01:00
rw4nn
dc84983550
🐛 Fixed square brackets being % encoded in URLs (#14977)
fixes: #14863
refs: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURI#encoding_for_ipv6

- added a simple Regex replace for the percent-encoded square brackets to get them back to non-encoded
- a preferred solution might be using new URL(), but that causes other issues. The regex solves the immediate need.
2022-09-08 12:09:40 +01:00
Simon Backx
6bffa893b1
Added snapshot tests to ghost_head helper (#15327)
refs https://github.com/TryGhost/Team/issues/1795

- Snapshots help us detect unexpected changes in the `<head>` of all sites (e.g., newly introduced script tags)
- Added ghost_head tests for comment count helper
2022-09-08 13:04:34 +02:00
Kevin Ansfield
4ad040b4aa Improved display of recipient filter posts list sends column tooltip
refs https://github.com/TryGhost/Team/issues/1025

- added `{{humanize-recipient-filter}}` helper that converts an NQL recipient filter into a more readable format
- updated posts list to use the new helper in the sends column tooltip shown when hovering with the mouse
2022-09-08 11:03:20 +01:00
renovate[bot]
be70064716
Pinned dependency html-validate to 7.3.3 (#15384)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2022-09-08 10:30:07 +01:00
Kevin Ansfield
ea93ff2a48 Moved posts list components
no issue

- relocated screen-specific components into a separate `posts-list/` directory as part of the move to keep the top-level `components/` directory for re-usable components
2022-09-08 09:42:07 +01:00
Kevin Ansfield
f654b24486 Refactored integration webhook modals
refs https://github.com/TryGhost/Team/issues/1734
refs https://github.com/TryGhost/Team/issues/559
refs https://github.com/TryGhost/Ghost/issues/14101

- switches to newer modal patterns ready for later Ember upgrades
2022-09-08 09:18:56 +01:00
Kevin Ansfield
6fd1b08a3d Removed @classic decorator from integrations controller
refs https://github.com/TryGhost/Ghost/issues/14101

- controller was already mostly up-to-date with Octane patterns
- removed unnecessary use of `@computed` and removed `@classic` decorator
2022-09-08 09:18:51 +01:00
Kevin Ansfield
bd87ee3e2a Refactored delete custom integration modal
refs https://github.com/TryGhost/Team/issues/1734
refs https://github.com/TryGhost/Team/issues/559
refs https://github.com/TryGhost/Ghost/issues/14101

- switches to newer modal patterns ready for later Ember upgrades
2022-09-08 09:18:48 +01:00
Kevin Ansfield
5bbdad38a5 Refactored delete all content modal
refs https://github.com/TryGhost/Team/issues/1734
refs https://github.com/TryGhost/Team/issues/559
refs https://github.com/TryGhost/Ghost/issues/14101

- switches to newer modal patterns ready for later Ember upgrades
2022-09-08 09:18:46 +01:00
Kevin Ansfield
556a2a8ee9 Refactored tag delete modal
refs https://github.com/TryGhost/Team/issues/1734
refs https://github.com/TryGhost/Team/issues/559
refs https://github.com/TryGhost/Ghost/issues/14101

- switches to newer modal patterns ready for later Ember upgrades
2022-09-08 09:18:43 +01:00
Kevin Ansfield
eca3cd7110 Moved tag screen components
no issue

- relocated screen-specific components into a separate `tags/` directory as part of the move to keep the top-level `components/` directory for re-usable components
2022-09-08 09:18:36 +01:00
Simon Backx
4534b693e4
Added test that validates output HTML of email template (#15365)
refs https://github.com/TryGhost/Team/issues/1871

This commit adds a test to the serialize method of `post-emaiserializer`. It checks whether the generated email HTML is valid and standard HTML5 and that all properties are escaped.

To do this validation, I depend on the new `html-validate` dev dependency. Just parsing the HTML with a HTML parser is not enough to guarantee that the HTML is okay.

Apart from that this fixes:
- Removed the sanitizeHTML method and replaced it with normal HTML escaping. We don't want to allow any HTML in the escaped fields. Whereas `sanitizeHTML` still allows valid HTML, but we don't want that and want the same behaviour as on the site. E.g., a post with a title `All your need to know about the <br /> tag` should actually render the same title and non-html content, being `All your need to know about the &lt;br /&gt; tag`
- The file, nft and audio card didn't (always) escape the injected HTML fields (new version @tryghost/kg-default-cards) 
- `@tryghost/string` is bumped because it contains the new escapeHtml method
2022-09-08 10:11:01 +02:00
Fabien "egg" O'Carroll
11cbfcb0b6 Removed unused parent property from tag model
The Posts API does not strip unknown properties when dealing with relations,
which meant that tags were being sent up with a `parent` property which would
always cause the model to be considered "changed". This resulted in the update
methods being called, and leading to unexpected behaviour.

Whilst this change does fix things for the History feature, the correct fix is
to update the admin-api-schema, or the input serializers such that they only
allow through known and allowed properties.
2022-09-07 22:33:17 +01:00
Daniel Lockyer
04e3ee9f10 Added property cleaning to tag relations on pages + posts
refs https://github.com/TryGhost/Ghost/pull/15375

- we currently pass all properties for the `tags` property of a
  `page`/`post` body down further into Ghost, which is causing issues
  because it's handling properties it doesn't expect
- this is showing up because it's triggering save history events for
  tags when a post is edited
- this commit introduces a clean util which has an allowlist of
  properties allows on tag relations
- this list was taken from the schema: 128f8fb006/packages/admin-api-schema/lib/schemas/posts.json (L214-L227)
2022-09-07 22:28:56 +01:00
renovate[bot]
290a5f2ceb Update dependency ember-concurrency to v2.3.6 2022-09-07 20:28:46 +01:00
Kevin Ansfield
4ce3d58e34 Fixed linting
refs aa53a1c71f

- missed some cleanup when replacing tests
2022-09-07 17:57:15 +01:00
Kevin Ansfield
aa53a1c71f 🐛 Fixed error when deleting tag and missing slugs on tags list
no issue

- fixes error that left the confirmation modal in place when deleting a tag by ensuring we return `true` in the task used by the confirm button, if we return the transition object it trips the "failed" state because the `/tags` route aborts and refreshes when transitioning to it
- fixes missing attached posts count in the tag delete confirmation modal by using the correct `tag.count.posts` attribute in the conditional
- fixes missing slugs in the tags list by using the properties on `@tag` rather than expecting a separate `@slug` argument
- replaced the skipped tags acceptance tests with an updated tests that match the recent redesign
2022-09-07 17:51:56 +01:00
Simon Backx
74ecde73db
Moved attribution event handler to events service (#15379)
fixes https://github.com/TryGhost/Team/issues/1821

This change moves all the event storage logic to one new place: the event storage class in the MembersEventsService, which is initialised in a new members events service wrapper.

Apart from this, this includes some improvements:
- Removed DomainEvents from the constructor arguments to the subscribe method (to make it more clear where to subscribe to and decrease dependencies)
- LastSeenAtUpdater doesn't subscribe in the constructor any longer (removes unclear side effect)
- Moved LastSeenAtUpdater initialisation to new members events service wrapper
- Added missing tests to LastSeenAtUpdater to assure that the MembersEventsService package has 100% coverage.
2022-09-07 16:41:59 +02:00
renovate[bot]
4438a72095 Update dependency concurrently to v7.4.0 2022-09-07 13:44:35 +01:00
renovate[bot]
3d76c89660 Update dependency @playwright/test to v1.25.2 2022-09-07 13:10:11 +01:00
Sanne de Vries
224cee8fa6 Updated Explore feed on dashboard
No issue
2022-09-07 13:07:14 +01:00
renovate[bot]
5812e491d2 Update dependency uuid to v9 2022-09-07 13:06:48 +01:00
Djordje Vlaisavljevic
88c0cca873 Fixed code highlighting in code injection in dark mode
no issue
2022-09-07 12:18:26 +02:00
renovate[bot]
fa1861aad3 Update dependency ember-concurrency to v2.3.5 2022-09-07 07:39:10 +01:00
Kevin Ansfield
10946a56b2
🐛 Fixed product card images causing very wide emails in Outlook (#15374)
closes https://github.com/TryGhost/Team/issues/1873

- bumps `@tryghost/kg-default-cards` which amends the product card rendering to output adjusted `width` and `height` attributes and a resized `src` attribute on the `<img>` element
2022-09-06 19:36:19 +01:00
Daniel Lockyer
4a6f57b105
Merged v5.13.2 into main
v5.13.2
2022-09-06 16:45:52 +01:00
Ghost CI
d71efb128f v5.13.2 2022-09-06 16:32:05 +01:00
Fabien 'egg' O'Carroll
f7a58ecafc
🐛 Fixed OpenSea NFT OEmbeds (#15372)
refs https://github.com/TryGhost/Team/issues/1879

OpenSea updated their URL format for NFTs after adding support for Solana
which broke our regex, this updates to support the new format.
2022-09-06 11:29:35 -04:00
Simon Backx
8b4d5504e8
Moved (un)like endpoint code to comments service (#15371)
fixes https://github.com/TryGhost/Team/issues/1861

- Moved like and unlike endpoint handling to comments service and controller
- Moved small part of report logic to comments controller
- Added proper 401 authentication error when not authenticated as member
2022-09-06 17:20:55 +02:00
Daniel Lockyer
914775d55f
Fixed creating release branches
- we didn't clone the repo at the point when we were running a git
  command, so that failed
- switched to a different method of checking out `main` and then
  checking out the most recent tag
2022-09-06 15:46:49 +01:00
Daniel Lockyer
e80ab4fc46
Added support for latest when creating release branches
- this should allow us to run the job without any manual effort, because
  it'll choose the latest tag for the patch release
2022-09-06 15:39:10 +01:00
Sanne de Vries
cbccd400c6 Updated Explore section on dashboard
No issue
2022-09-06 14:59:33 +01:00