Commit Graph

18081 Commits

Author SHA1 Message Date
renovate[bot]
7b6bf4cf67 Update dependency sqlite3 to v5.0.9 2022-07-15 12:18:48 +01:00
Fabien 'egg' O'Carroll
e60806de45
Redirected Members to previous post/page upon sign-in
refs https://github.com/TryGhost/Team/issues/1174
refs https://github.com/TryGhost/Members/pull/408

When logged out members navigate a site and want to interact with, for example
comments, they are redirected to the homepage after sign-in with the magic link,
this is disorientating, and means they then need to navigate back to the content
they were interacting with.

This change means that sign-in's will be redirected to the page from which they 
were initiated, allowing a more streamlined flow for logged out members wanting
to add comments.

We've restricted the redirect to URI's which are on the same domain as the site,
and we also do a relative redirect, this is to ensure that a malicious actor does not
send magic links which redirect off-site and leak authentication details
2022-07-15 11:55:09 +01:00
naz
6901c3c435
🐛 Fixed 'comped' flag behavior in Member API (#15030)
closes https://github.com/TryGhost/Team/issues/1674

- The comped flag in Members API unintentionally stopped working when v3 API was dropped with the release of Ghost v5. The flag is deprecated but should be back-compatible for now - we don't want to break integratons like Zapier.
- To properly deprecate the flag we need to plan it's removal and start signalling about it through the version headers

Co-authored-by: Simon Backx <simon@ghost.org>
2022-07-15 11:16:06 +01:00
Fabien "egg" O'Carroll
0ff47d4b51 Published new versions
- @tryghost/magic-link@1.1.0
 - @tryghost/members-api@8.3.0
 - @tryghost/members-stripe-service@0.10.6
2022-07-15 11:03:57 +01:00
Fabien 'egg' O'Carroll
f3130d9538 Passed request referrer to magic link service (#408)
refs https://github.com/TryGhost/Team/issues/1174

This paves the way for Ghost to be able to redirect to the referrer
page when dealign with signup magic links. We pass the referrer for
all types of magic links however, to allow extension of this
functionality in the future.

We've also removed the concept of `requestSrc` which has been unused
for a while now.
2022-07-15 11:02:58 +01:00
renovate[bot]
5fc7a90bf9 Lock file maintenance 2022-07-14 20:04:41 +00:00
Rishabh Garg
e91beb72e8
Replaced offer serializer with mapper (#15028)
closes https://github.com/TryGhost/Team/issues/1623

The offers API endpoint had it's own custom serializer pattern, which didn't fit well with how the API is meant to work.

- refactored the offer data format returned by internal api controller to match other controllers
- removed custom serializer for offers, instead adds a mapper to follow consistent pattern for all apis
- adds explicit allowlist for offers content API data
2022-07-14 21:40:33 +05:30
Naz
ef1c4764d3 Published new versions
- @tryghost/members-api@8.2.1
2022-07-14 16:15:02 +01:00
Naz
08b49a3475 Updated method signatures and added JSDocs
refs https://github.com/TryGhost/Team/issues/1674

- While preparing the changes had a look around and made small refactors to understand the codebase a little better. In general it's best to keep the method parameters as small and precise as possible instead of passing around a "bag-of-all-the-things" like "data" around
2022-07-15 03:12:35 +12:00
Naz
05105e1173 Updated method signatures and added JSDocs
refs https://github.com/TryGhost/Team/issues/1674

- While preparing the changes had a look around and made small refactors to understand the codebase a little better. In general it's best to keep the method parameters as small and precise as possible instead of passing around a "bag-of-all-the-things" like "data" around
2022-07-14 12:54:58 +01:00
Naz
2a7166ffc3 Fixed typo 2022-07-14 12:10:18 +01:00
Ronald Langeveld
a0c8db46fb
Member Counter template helpers (#15013)
ref https://github.com/TryGhost/Team/issues/1667

Introducing 2 new helper handlebars tags, `{{total_members}}` and `{{total_paid_members}}` ideal for Member Sites who want to display these metrics to incentivise users to upgrade.
2022-07-14 10:10:02 +02:00
renovate[bot]
b6818b77bd Update dependency @playwright/test to v1.23.3 2022-07-14 08:42:49 +01:00
Simon Backx
d65aa08772
Added access-control-max-age to content API preflight requests (#15026)
refs https://github.com/TryGhost/Team/issues/1676

- Added maxAge option to content API
- Added maxAge to members API
- Added maxAge to frontend site preflights (probably not used, but it was configured, so added to be sure)
- Added config option to change default maxAge of preflight requests
2022-07-14 09:09:53 +02:00
renovate[bot]
000fc98f24
Update dependency analytics-node to v6.1.0 2022-07-13 20:00:15 +00:00
Daniel Lockyer
de23ddb626
Merged v5.3.1 into main
v5.3.1
2022-07-13 12:57:10 +01:00
Daniel Lockyer
efe4bd8a1d v5.3.1 2022-07-13 12:55:34 +01:00
Daniel Lockyer
5efa9c01ac Updated Admin to v5.3.1 2022-07-13 12:55:34 +01:00
Simon Backx
90461c42d2
Added subscriber signup and cancellation deltas to stats API (#15023)
refs https://github.com/TryGhost/Team/issues/1673

When a user switches plan, the paid subscribers delta chart on the dashboard displays the change as a cancellation plus a new subscription. This display is misleading and confusing - instead, plan changes should be excluded from the paid subscribers delta chart.

To accomplish this, we added new properties to the API (signups and cancellations) that can be used to exclude plan changes in the statistics.

Changes in `@tryghost/stats-service`: d0dd218fc7

Related admin changes: https://github.com/TryGhost/Admin/pull/2425
2022-07-13 13:45:24 +02:00
Naz
02541031ec Updated webhook snapshots
refs TryGhost/Toolbox#340
refs TryGhost#13451

- Fixed the snapshot files which had to include new fields like "comment_notifications" as well as other properties that came along with the hacky solution to the webhook's auhor inclusion bug
- Also documented the "roles" being included inconsistently across different events - it's a BUG and should be looked into one day when we care enough.
2022-07-13 23:05:27 +12:00
Naz
ba061d86e8 🐛 Fixed missing authors in webhook payload
closes https://github.com/TryGhost/Toolbox/issues/340
closes https://github.com/TryGhost/Ghost/issues/13451

- Webhook subscribers were receiving post request payloads without `authors` and `primary_author` properties.
- The behavior was due to missing "originalOptions" property that is needed to correctly serialize the model to json on the model layer.
- A more holistic approach would be to pass the options somehow along with the model with the event. This would require a deeper rework though
2022-07-13 23:05:27 +12:00
Fabien 'egg' O'Carroll
86905aaad8
🐛 Fixed cookies when running Ghost without SSL (#15022)
As part of the updates to auth cookies we switched to SameSite=None
which requires an SSL connection. Local development, and some
production sites do not use SSL and so the cookie is invalid and a
session is unable to be created with the browser.
2022-07-13 11:27:28 +01:00
Fabien 'egg' O'Carroll
7d85a434b2
🐛 Fixed cookies when running Ghost without SSL (#15022)
As part of the updates to auth cookies we switched to SameSite=None
which requires an SSL connection. Local development, and some
production sites do not use SSL and so the cookie is invalid and a
session is unable to be created with the browser.
2022-07-13 10:49:06 +01:00
renovate[bot]
a23cf94b60
Update dependency image-size to v1.0.2 2022-07-12 15:25:08 +00:00
Daniel Lockyer
815fdc9235 v5.3.0 2022-07-12 16:24:02 +01:00
Daniel Lockyer
9284469fb5 Updated Admin to v5.3.0 2022-07-12 16:24:01 +01:00
Daniel Lockyer
8d0c88e9ef 🎨 Updated Casper to v5.2.0 2022-07-12 16:24:01 +01:00
Naz
0bc66558c3 Added unit test coverage to the user service
refs https://github.com/TryGhost/Ghost/issues/15008

- Added basic coverage for the reset all passwords frlow to pass the test coverage bar
2022-07-13 03:06:04 +12:00
Naz
db125ec0b9 Added post tag assignment on user deletion
closes https://github.com/TryGhost/Ghost/issues/15008

- To improve searchability of the posts written by a removed user we are adding an internal tag to all the posts the user was an author or a co-author of
- This improvement should make managing and disovering deleted user's post way easier
2022-07-13 03:06:04 +12:00
Naz
2956c1e88a Migrated test to more readable syntax
no issue

- A bit of a cleanup before touching this test suite. The use of `done` in tests is soooo outdated
2022-07-13 03:06:04 +12:00
Simon Backx
63f2cfdd32 Fixed comments fixtures being created in parallel
refs https://ghost.slack.com/archives/C02G9E68C/p1657633760754589?thread_ts=1657624324.578099&cid=C02G9E68C

- The two comment fixtures are created in parallel
- Second one is created while the first one doesn't exist yet, which causes a FK constraint error
2022-07-12 15:59:55 +02:00
Daniel Lockyer
e7ccdedb8d
Updated .npmignore
- added `Gruntfile.js` - this file is only for development
- added `ghost-*.tgz` - this avoid packaging other packaged Ghost
  archives
- added `!core/frontend/src/admin-auth/*.html` - this re-adds the Admin Auth
  HTML file that would otherwise be excluded from the build
2022-07-12 14:09:01 +01:00
Rishabh Garg
b9285b456b
Bumped new built-in search to GA (#15017)
refs https://github.com/TryGhost/Team/issues/1665

- bumps new search feature to GA from alpha
- allows sites to trigger new built-in search feature via `data-ghost-search` attribute or navigation link( `#/search` )
2022-07-12 17:57:11 +05:30
Fabien 'egg' O'Carroll
34ddbcd52e
Fixed admin auth asset loading (#15018)
The copyStatic method relies on the dest directory existing, which is
done created the minify method. We've reordered the calls to fix the
issue, but we're still left with the copyStatic method being dependent
on the minify method. Adding the `@private` jsdoc tag removes these
from the public interface, so that the dependency is encapsulated in
this module via the `load` method.

We've also awaited the result of the copyStatic method to avoid
dangling promises.
2022-07-12 13:25:28 +01:00
Simon Backx
61e1ee07dc Bumped Portal to 2.3.0 to include comment notification settings
refs https://github.com/TryGhost/Team/issues/1664

- This doesn't require a feature flag, as comments are disabled by default + UI is hidden if comments are disabled
2022-07-12 13:58:20 +02:00
Simon Backx
0292b4868b Reduced minimum required test coverage for functions
refs https://ghost.slack.com/archives/C02G9E68C/p1657607789883059?thread_ts=1657522575.865029&cid=C02G9E68C

Tests are failing because of the minimum required test coverage for functions. We'll need to fix it up later.
2022-07-12 10:24:02 +02:00
Fabien "egg" O'Carroll
34047737b8 Updated comments helper to inject comments-ui version
refs https://github.com/TryGhost/Team/issues/1664

This is required so that the comments ui can correctly load assets from unpkg
2022-07-12 10:24:02 +02:00
Kevin Ansfield
d05b94a975 Added build step for admin-auth asset files
refs https://github.com/TryGhost/Team/issues/1664

- ensures source files are copied to the correct place and minified on boot and when frontend src files are changed in development
2022-07-12 10:24:02 +02:00
Kevin Ansfield
6ea545afe1 Added comment-counts script
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Simon Backx
e1a3adea6a Updated message handler for dynamic admin urls
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Simon Backx
a6842e8a20 Added support for blockquote in comments
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Peter Zimon
7a4ae08b44 Added accent color to helper
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Kevin Ansfield
129836f52e Extracted email-related functionality out of base comments service file
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Simon Backx
9893147d58 Added <a> to comment html sanitizer
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Fabien "egg" O'Carroll
903b8a1105 Added initial comment_count helper
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Fabien "egg" O'Carroll
9ee003f8b2 Added initial counts api for comments
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Simon Backx
484e5102e2 Added comment for the add comment endpoint
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00
Simon Backx
96504008c1 Added member API for changing enable_comment_notifications and comments_enabled setting
refs https://github.com/TryGhost/Team/issues/1664

These changes are required for Portal to be able to edit the member notification preferences for comments, and to be able to know whether comments are enabled for the site.
2022-07-12 10:24:02 +02:00
Fabien "egg" O'Carroll
6a8c6e9081 Exposed comments_enabled setting publicly
refs https://github.com/TryGhost/Team/issues/1664
This also means that themes have access to this setting
2022-07-12 10:24:02 +02:00
Peter Zimon
41a8134c40 Added avatar saturation parameter to comments helper
refs https://github.com/TryGhost/Team/issues/1664
2022-07-12 10:24:02 +02:00