Commit Graph

1085 Commits

Author SHA1 Message Date
Simon Backx
913ad18b71
Added DomainEvents.allSettled utility method (#16075)
no issue

With the increased usage of DomainEvents, it gets harder to build
reliable tests without having to resort to timeouts. This utility method
allows us to wait for all events to be processed before continuing with
the test.

This change should speed up tests and make them more reliable.

It only adds extra code when running tests and shouldn't impact
production.
2023-01-04 14:30:35 +01:00
Rishabh
45ab2586b0 Fixed free trial messaging shown for invite-only sites in portal
refs https://github.com/TryGhost/Team/issues/2361

- bumps portal with fix for free trial messaging shown on invite-only sites
2023-01-04 17:15:25 +05:30
Rishabh
f5aa07a095 🐛 Removed free trial message shown on portal for invite only sites
closes https://github.com/TryGhost/Team/issues/2361

If a free trial tier existed on site and its set to 'Invite only' in membership settings, the free trial copy still showed on portal.

- removes free trial copy from portal if site is invite only
- adds playwright test to make sure free trial copy is not shown for invite only sites
2023-01-04 17:11:55 +05:30
Daniel Lockyer
1af31bab1a ℹ️ Added support for Node 18
refs https://github.com/TryGhost/Toolbox/issues/488

- Node 18 is now LTS so we're adding support for it
- this adds Node 18.12.1 (the latest security release) to our supported
  ranges and CI
2023-01-04 11:27:39 +01:00
Daniel Lockyer
aa08fc72e7 Updated Koenig packages
refs https://github.com/TryGhost/Toolbox/issues/488

- these packages add support for Node 18 and drop support for Node 12
2023-01-04 11:27:39 +01:00
Fabien 'egg' O'Carroll
50e99e013c
Added migrations to drop and recreate the suppressions table (#16070)
There are currently two issues with the suppressions table:
  - We have some incorrect rows
  - We have missing UNIQUE constraints

We want to completely wipe the tables and start fresh, as well as make
sure that the UNIQUE constraints are added, so we drop the table
completely, and then re-add it, which should result in an empty
suppressions table with all expected constraints.

We've also renamed the `email_address` column to `email` to match our
`users` & `members` tables
2023-01-04 17:26:57 +07:00
Simon Backx
819d0d884c
Improved email verification required checks (#16060)
fixes https://github.com/TryGhost/Team/issues/2366
refs https://ghost.slack.com/archives/C02G9E68C/p1670232405014209

Probem described in issue.

In the old MEGA flow:
- The `email_verification_required` check is now repeated inside the job

In the new email service flow:
- The `email_verification_required` is now checked (didn't happen
before)
- When generating the email batch recipients, we only include members
that were created before the email was created. That way it is
impossible to avoid limit checks by inserting new members between
creating an email and sending an email.
- We don't need to repeat the check inside the job because of the above
changes

Improved handling of large imports:
- When checking `email_verification_required`, we now also check if the
import threshold is reached (a new method is introduced in
vertificationTrigger specifically for this usage). If it is, we start
the verification progress. This is required for long running imports
that only check the verification threshold at the very end.
- This change increases the concurrency of fastq to 3 (refs
https://ghost.slack.com/archives/C02G9E68C/p1670232405014209). So when
running a long import, it is now possible to send emails without having
to wait for the import. Above change makes sure it is not possible to
get around the verification limits.

Refactoring:
- Removed the need to use `updateVerificationTrigger` by making
thresholds getters instead of fixed variables.
- Improved awaiting of members import job in regression test
2023-01-04 11:22:12 +01:00
renovate[bot]
c9221525bc Update dependency gscan to v4.35.1 2023-01-04 11:13:01 +01:00
Fabien 'egg' O'Carroll
e78612bb66
Fixed MailgunEmailSuppressionList adding non-5xx failures to the list
The MailgunEmailSuppression list was incorrectly adding emails
to the suppression list for permanent failure events which have
an error code outside of the 5xx range.
2023-01-04 17:03:52 +07:00
Simon Backx
789e2c96c0
🐛 Fixed SingleUseTokens being cleared on boot (#15999)
fixes https://github.com/TryGhost/Team/issues/1996

**Issue**
Our Magic links are valid for 24 hours. After first usage, the token
lives for a further 10 minutes, so that in the case of email servers or
clients that "visit" links, the token can still be used.

The implementation of the 10 minute window uses setTimeout, meaning if
the process is interrupted, the 10 minute window is ignored completely,
and the token will continue to live for the remainder of it's 24 hour
validity period. To prevent that, the tokens are cleared on boot at the
moment.

**Solution**

To remove the boot clearing logic, we need to make sure the tokens are
only valid for 10 minutes after first use even during restarts.

This commit adds 3 new fields to the SingleUseToken model:
- updated_at: for storing the last time the token was changed/used). Not
really used atm.
- first_used_at: for storing the first time the token was used
- used_count: for storing the number of times the token has been used

Using these fields:
- A token can only be used 3 times
- A token is only valid for 10 minutes after first use, even if the
server restarts in between
- A token is only valid for 24 hours after creation (not changed)

We now also delete expired tokens in a separate job instead of on boot /
in a timeout.
2023-01-04 09:49:39 +01:00
renovate[bot]
640b4accd6
Update dependency knex-migrator to v5.1.0 2023-01-03 22:35:38 +00:00
renovate[bot]
1c9ad00d6d
Update dependency bookshelf-relations to v2.5.1 2023-01-03 19:09:30 +00:00
Kevin Ansfield
0b80a7f9eb
Fixed new tier creation browser tests (#16066)
refs https://github.com/TryGhost/Ghost/pull/16013

- ordering of tiers changed so newly added tiers are no longer always at the end of the list in Admin
2023-01-03 17:59:33 +00:00
Daniel Lockyer
99c775be23
ℹ️ Bumped minimum Node version to 14.18.0
refs https://github.com/TryGhost/Toolbox/issues/488

- this is needed so we can bump some dependencies
- given how old these versions are, users should probably update past
  this anyway
2023-01-03 18:54:39 +01:00
renovate[bot]
470cdbb681 Update dependency html-validate to v7.12.0 2023-01-03 18:46:27 +01:00
renovate[bot]
55b73b9049 Update dependency @playwright/test to v1.29.1 2023-01-03 18:46:13 +01:00
Simon Backx
803bb18b8d Improved unit test coverage for the output mappers
no issue

Increases the unit test coverage to a bit above 60% to increase margin
2023-01-03 15:58:31 +01:00
Elena Baidakova
235446b034
🐛 Fixed tiers order by monthly_price (#16013)
refs TryGhost/Team#2273
- According to documentation (https://ghost.org/docs/content-api/#order)
tiers should be ordered from lowest to highest monthly price.
2023-01-03 12:59:18 +04:00
Simon Backx
211de82a8d
Fixed random test failure due to member newsletter ordering (#16024)
fixes https://github.com/TryGhost/Team/issues/2365

The newsletters relation of a member was not sorted. This is fixed now,
so we have consistent results in the test snapshots.
2023-01-03 09:43:41 +01:00
renovate[bot]
c0b700147e Update dependency eslint to v8.31.0 2023-01-03 07:22:01 +00:00
renovate[bot]
694e02d7ba Update dependency sanitize-html to v2.8.1 2023-01-03 00:17:13 +00:00
Daniel Lockyer
4867b7fb3d
Updated @tryghost/logging resolutions
refs 08b786af3b

- we recently bumped the packages but I forgot to update the resolutions
  to pin Ghost to a specific version of the package
2023-01-02 21:01:45 +01:00
Daniel Lockyer
08b786af3b Bumped TryGhost-owned dependencies and lockfile
- this was all getting terribly behind so I've done several things:
  - majority of `@tryghost/*` except Lexical packages
  - gscan + knex-migrator to remove old `@tryghost/errors` usage
  - bumped lockfile
2023-01-02 20:55:22 +01:00
Simon Backx
f568b35f26 Fixed 2023 snapshot tests
no issue

Updated the snapshot files for the email preview test snapshots that contain 2023 in the email footer.
2023-01-02 11:18:07 +01:00
Ghost CI
65252c361a v5.26.4 2022-12-30 16:00:45 +00:00
Ghost CI
85db1838d9 v5.26.3 2022-12-23 16:01:11 +00:00
Ghost CI
42f5743e86 v5.26.2 2022-12-20 12:15:51 +00:00
Hannah Wolfe
1b5aa390f1
🐛 Fixed meta is missing error with revue imports (#16033)
refs:
5f90baf6fe

- The check for hasIssuesCSV didn't normalize the filename first,
meaning the importer is super sensitive to zip structure
- This allows for zips that contain a directory, so that it will still
be processed as a revue import, not a Ghost import
2022-12-20 11:56:07 +00:00
Ghost CI
1f5a752b71 v5.26.1 2022-12-16 16:01:00 +00:00
Ghost CI
26be3b9ccd v5.26.0 2022-12-16 12:49:22 +00:00
Ghost CI
571874d2cc 🎨 Updated Casper to v5.4.4 2022-12-16 12:49:21 +00:00
Rishabh Garg
2eac41b1f4
🐛 Fixed invalid email getting saved for members (#16021)
refs https://github.com/TryGhost/Team/issues/2235

We found some cases which can cause a site to have member emails that have invalid characters like `member@example.com�`. This happened due to the `validator` version used by Ghost not able to catch some specific cases as invalid email, allowing members to be created with them either via Admin or Importer or direct signup. Portal UI already blocked these email as invalid. This change:

- updates `@tryghost/validator` to include a latest version of email validator that catches these invalid cases
- doesn't allow member creation with invalid email like above
- doesn't allow existing member emails to be edited to invalid
2022-12-16 16:47:52 +05:30
Kevin Ansfield
4a6a2f8ded Added missing @tryghost/importer-revue
no issue

- publishing Ghost wasn't correctly bundling the required package due to a missing dependency in package.json
2022-12-15 21:00:43 +00:00
Hannah Wolfe
3ee0b813b6
Updated to use proper members importer for Revue (#16018)
refs:
5f90baf6fe

- The OG implementation of importing revue subscribers was very naive
- This sures it up to use our proper member importer, which makes sure
everything works perfectly:
  - adds an import label
  - ensures members are subscribed to newsletters

Co-authored-by: Kevin Ansfield <kevin@lookingsideways.co.uk>
2022-12-15 20:29:08 +00:00
Hannah Wolfe
5f90baf6fe
Added Revue Importer (#16012)
refs: https://www.getrevue.co/app/offboard

- Revue is stopping all paid subscriptions on 20th Dec, and shutting down on Jan 18th.
- This update allows Ghost to accept and handle the zip file Revue are providing as an export in Labs > Importer
- It will import posts (as best as we can with the data provided) and subscribers as free members
- At present it doesn't import paid subscribers, as we don't have that info, but you can disconnect Revue from your Stripe account to prevent all your subscriptions being cancelled & there's the option this can be fixed later
- There will be further updates to polish up this tooling - this is just a first pass to try to get something in people's hands

Co-authored-by: Paul Davis <PaulAdamDavis@users.noreply.github.com>
2022-12-15 17:22:54 +00:00
Simon Backx
0825a2d7f4
🐛 Fixed importing existing member resetting newsletters (#16017)
fixes https://github.com/TryGhost/Team/issues/2386

**Issue:**
- When trying to import a member that already exists, and has
'subscribed' set to 'true' in the CSV, the newsletters the member is
subscribed to are reset to the default newsletters.
- When ediging a member with the API and setting `subscribed` to true,
the same happens.

**Cause:**
A faulty check for the `status` property of a newsletter.

Fixed and added a new E2E test.
2022-12-15 17:45:11 +01:00
Hannah Wolfe
5fad27a3c0
Added html -> mobiledoc conversion to the importer (#16016)
- Now that the importer runs in a job, it seems sensble that we should
do this
- If posts are imported with HTML set, but not mobiledoc, we now convert html -> mobiledoc
- Note: This also converts the mobiledoc -> html so _may_ be lossy
- Without this, imports that only have HTML, not mobiledoc, would have
resulted in empty posts, so lossy > empty
2022-12-15 16:10:36 +00:00
Ghost CI
64e44444c1 v5.25.5 2022-12-14 17:21:38 +00:00
Ghost CI
5bafe3df3f 🎨 Updated Casper to v5.4.2 2022-12-14 17:21:38 +00:00
Paul Davis
0a40f1742d
Changed tag for imported content to be internal (#15934)
refs: 8ed5f9784d

- When importing content from a JSON file in Settings > Labs, a public tag
like `Import 2022-12-03 19:57` gets added to each newly imported post.
- This tag should not be public. It definitely serves a useful
purpose but has no useful function for readers of the site and should
not be shown to readers.
2022-12-14 16:51:51 +00:00
Simon Backx
94e85dc09e
Reduced webhook calls when updating last_seen_at for email opens (#16008)
refs https://ghost.slack.com/archives/C02G9E68C/p1670960248186789

This reverts a change that was made here:

f4fdb4fa6c (r93071549),
but it still moved the original code to a new location in the
LastSeenAtUpdater

It includes a new E2E test to make sure timezones are supported
correctly.

- By not using Bookshelf, we no longer fire webhook calls
- By not using the member repository, we don't fetch and update the
member model and the labels relation in a forUpdate transaction, which
caused deadlock issues on the labels/members_labels tables which were
hard to resolve. Until now I was unable to find the other conflicting
transaction that caused this deadlock. Moving to raw knex (instead of
Bookshelf) and only updating the last_updated_at column should remove
the deadlock issue.

This removed the test for the email service wrapper, since it started
failing for an unknown reason and the test didn't make much sense (was
added earlier only to bump test threshold).
2022-12-14 17:50:42 +01:00
Hannah Wolfe
270f288c48 Added a timeout to the get helper
- The get helper can sometimes take a long time, and in themes that have many get helpers, the request can take far too long to respond
- This adds a timeout to the get helper, so that the page render doesn't block forever
- This won't abort the request to the DB, but instead just means the page will render sooner, and without the get block
2022-12-14 15:35:07 +00:00
Kevin Ansfield
a69ffb94c1 Added playwright test for publishing posts for specific tiers
refs https://github.com/TryGhost/Team/issues/2371

- test publishes a post with access for a single tier then checks the front-end with no member, member on wrong tier, and member on right tier
2022-12-14 12:20:55 +00:00
Rishabh
25c530293f Added playwright tests for forever and multiple month offers
- adds test that cover creating and signing up to multiple-month/forever offers
- checks that the offer information is shown to members during signup and in account detail
2022-12-14 17:13:20 +05:30
Rishabh
199d8644a5 Fixed offers playwright test for one-time discount
refs aa693039a3

- one-time offer discounts are no longer shown to member in Portal settings, as portal shows only the next payment info.
2022-12-14 16:27:01 +05:30
Rishabh
521b25fa84 Added suppression and offer UI changes to Portal
- bumps portal to latest to include changes for suppression and offer UI
2022-12-14 16:14:39 +05:30
Simon Backx
47cd7a7095
🐛 Handled unknown Mailgun events (#15995)
refs https://ghost.slack.com/archives/C02G9E68C/p1670916538764019

- We receive events that don't have an emailId or providerId.
- We filter those events now and log them as an error
2022-12-14 11:17:45 +01:00
Rishabh
aa693039a3 🐛 Removed expired offers shown in portal account detail
closes https://github.com/TryGhost/Team/issues/2376#event-8026429598

- if an offer is expired/in past, we no longer show it in member account info against the price
- one-time offers are never showed in portal in member account detail, as the payment information shown to member in Portal points to charge at next payment
- if trial days are over for a subscription, portal doesn't show any offer data on member account detail
2022-12-14 15:27:49 +05:30
Simon Backx
237d4d53d4
Added catch to unhandled promises rejections (#15994)
refs https://github.com/TryGhost/Team/issues/2370

Reduces amount of unhandled promise rejections
2022-12-14 10:48:46 +01:00
Daniel Lockyer
919a8345a1
Added missing dev dependency
- this should be explicitly added to the package.json as we use it in
  the core package
2022-12-14 11:42:46 +07:00