Commit Graph

10493 Commits

Author SHA1 Message Date
Hannah Wolfe
401fe46380
Changed webhooks to store safe version
refs: https://github.com/TryGhost/Toolbox/issues/229

- We're getting rid of the concept of api versions inside of Ghost
- Instead of storing the supposed api version a webhook was created with, store the current ghost version
- This way we can determine if anything signicant changes in future and we need to update webhooks or something
2022-05-06 12:43:14 +01:00
Hannah Wolfe
865d57c4be
Removed api:versions from config
refs: https://github.com/TryGhost/Toolbox/issues/229

- Removed the final usage (logging only) of config.get('api:versions') and removed the config
- This is one of the last references to API versioning in the codebase & we don't need it anymore
- Cleaned up a random comment whilst searching for refs
2022-05-06 08:22:05 +01:00
Rishabh Garg
0694e016e0
Excluded newsletter's sender email value when importing (#14706)
refs https://github.com/TryGhost/Team/issues/1529

- the sender email addresses for newsletters require verification to set.
- this ensures there isn't a way around that by modifying an export file then importing it by setting it to null on import.

This pattern is similar to the current `members_from_address` setting which is excluded when importing.
2022-05-06 12:45:10 +05:30
Hannah Wolfe
6dc3f1bf56
Removed versioning from api-key/admin auth
refs: https://github.com/TryGhost/Toolbox/issues/229

- our api-key audience handling code is still relying on internal api version config
- the regex used is also buggy (it expects 3 parts, which isn't true without versions) and doesn't always match, in which case it can cause the tests to hang
- we already had some very similar code in the version-rewrite middleware which is also validates exact values for version and api type
- moved this code into a util inside api-version-compatibility-service
- using this code, all the tests still pass as is, but when I start to adjust them to cover more cases, none hang (test changes coming in a separate commit)
2022-05-06 08:09:54 +01:00
renovate[bot]
9aa8e3e7ff
Update dependency @tryghost/url-utils to v3 (#14705)
- updated usage of url-utils.urlFor to work with v3

Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-05-05 16:10:18 +01:00
Naz
dde9a5462a Moved the version rewrite middleware to a module
refs https://github.com/TryGhost/Toolbox/issues/315

- There's enough logic in the middleware to become it's own module and maybe even get extracted to an external module
2022-05-05 22:18:40 +08:00
Matt Hanley
8e1c10d146
Updated migration to always set a value
- When both parameters passed to `update` resolve to `undefined` we throw an `Empty .update() call detected` error
- This change always updates the `sender_email` to null rather than skipping the field
- `sender_reply_to` should still be `undefined` so we don't override an existing non-null value
2022-05-05 15:11:44 +01:00
Fabien 'egg' O'Carroll
e65d335c76
Fixed types for migration utils (#14709)
`import('knex')` does not refer to the type of an instantiated Knex instance.
2022-05-05 15:01:22 +01:00
Daniel Lockyer
51498abb5c
Fixed model validation erroneously triggering on non-nullable text fields
refs https://github.com/TryGhost/Toolbox/issues/309

- I've just ran into a problem when deleting the `defaultTo` field on a
  non-nullable `text` column in our schema because this validation
  thinks there should be a value set
- `text` fields cannot have defaults so the schema is incorrect, and the
  validation triggering is a bug that's preventing it from being
  cleaned up
- the default is defined on the model so I don't think we're losing
  anything here
2022-05-05 14:56:59 +01:00
Hannah Wolfe
a22879824b
Disabled lint on api-version-compat service temporarily
- We're in the process of bringing this service together
- It needs refactoring, and that will move most of the code back to utils
2022-05-05 12:46:19 +01:00
Naz
648530009d Added use of email templates for version mismatch notifications
refs https://github.com/TryGhost/Toolbox/issues/292

- This change allows to reuse existing pattern present in Ghost on the version mismatch service layer, where we define the contents of the sent email through email templates instead of plain text.
- Apart form templates, there's now failed request URL present in the data passed to the email template along with site title and site url
2022-05-05 18:26:08 +08:00
Simon Backx
38b9cf2472
Fixed newsletter includes when adding or editing (#14696)
refs https://github.com/TryGhost/Team/issues/1571
refs https://ghost.slack.com/archives/C02G9E68C/p1650986988322609

- Makes sure the includes are always included
- Moved read to the newsletter service
- Added tests
- Updated unit tests to work with multiple findOne calls
- Fixed reject assertions not correctly awaiting in unit tests
2022-05-05 11:20:15 +02:00
Simon Backx
366a7be36d 🐛 Fixed newsletters' header_image saved as absolute url (#14690)
refs https://github.com/TryGhost/Team/issues/1579

- When writing to the database, the header_image is tranformed to the transformReady path
- When reading from the database, the transformReady path is transformed to an absolute path
- Includes a test when adding a newsletter

Migration:
- Updates all newsletter who have a header_image to make sure it is saved in transform ready format
- Down operation is required to work with the old model logic and transforms it back to an absolute format
2022-05-05 09:44:03 +01:00
Matt Hanley
9371f6fd24 Migrated previous email sending settings to newsletters
refs https://github.com/TryGhost/Team/issues/1581

- The original migration to create the default newsletter omitted the from address and reply-to settings
- `sender_reply_to` and `members_reply_address` are both enums with the same values and copy straight across
- `members_from_address` had a default value of 'noreply' as the fallback, which is remapped to NULL in the newsletters table
- We apply the change to all newsletters (there should only be one outside of alpha) which haven't already been reconfigured
2022-05-05 09:44:03 +01:00
Matt Hanley
00e6f4bb34 Removed from-address fallback to members_from_address setting
refs https://github.com/TryGhost/Team/issues/1558

- `members_from_address` is no longer configurable in Admin but was still used as a fallback
- This change removes the fallback so we default straight to noreply@<domain> when a from-address isn't set for a newsletter
2022-05-05 09:44:03 +01:00
Hannah Wolfe
7c795b4e26
Rewrite old version URLs to unversioned URLs with headers (#14646)
closes: https://github.com/TryGhost/Toolbox/issues/315

- For all the current versioned URLs, rewrite the URL as unversioned
  - Add the accept-version header
  - Add the deprecation header
  - Add the link header

- This then does the content-version middleware afterwards, ensuring that rewritten requests get this in the response
2022-05-05 08:45:24 +01:00
Rishabh Garg
420697291b
Added newsletter info to email unsubscribe url (#14693)
refs https://github.com/TryGhost/Team/issues/1495

For single newsletters, the unsubscribe link on emails auto unsubscribed member from the newsletter. In case of multiple newsletters, we were missing the newsletter information on unsubscribe URL that will allow us to auto unsubscribe member from that specific newsletter as they intended, while allowing them option to manage other newsletter preferences via Portal UI. This change -

- adds relevant newsletter UUID on the unsubscribe url in emails
- allows portal to auto unsubscribe members from desired newsletter
2022-05-05 11:00:24 +05:30
Fabien 'egg' O'Carroll
2da52130a6
Removed hasActiveStripeSubscriptions endpoint (#14689)
refs https://github.com/TryGhost/Team/issues/1147

This endpoint is no longer used in 5.0
2022-05-04 17:25:21 +01:00
Simon Backx
cf9231e77a
Added name property to duplicate newsletter ValidationError (#14694)
refs https://github.com/TryGhost/Team/issues/1564

We need this property in the frontend to correctly handle the error
2022-05-04 16:45:55 +02:00
Simon Backx
ad1ebe6a47
Fixed error when firing Members webhooks (#14645)
refs https://github.com/TryGhost/Team/issues/1577

The last seen at was being updated via the model rather than the
respository, which mean that the default relations were not being
loaded.

This fix updates the repository to load the newseletters relation,
updates the last seen at updated to use the repository and updates the
output serializer to handle missing newsletter relation.

We also update all packages relying on the domain-events package to
ensure that they're all using the same version.

Co-authored-by: Fabien 'egg' O'Carroll <fabien@allou.is>
2022-05-04 12:42:27 +02:00
Naz
c627779948 Extracted email-content-generator into a package
refs https://github.com/TryGhost/Toolbox/issues/292

- Following the concept of having as little code in Ghost core as possible :) The email content generation is also needed to be reused in the version mismatch handling package.
2022-05-04 17:28:09 +08:00
Naz
2d7bcdf80a Reworked EmailContentGenerator to async/await
refs https://github.com/TryGhost/Toolbox/issues/292

- Makes the code more readable
2022-05-04 15:36:50 +08:00
Naz
551bd5e511 Refactored email utils to a class with DI params
refs https://github.com/TryGhost/Toolbox/issues/292

- There's a need to reuse these utils in the version mismatch notification service. Having loads of tightly coupled dependencies makes it super hard to rip out this module for reuse
- It's a groundwork for extraction of the email-utils package
- Rewrote the unit tests that were written for these utils previously - they weren't testing anything useful. The goal of this util is to generate specific content based on provided data and available templates - now the tests do test those specific things, not the mailer itself!
2022-05-04 15:36:50 +08:00
Hannah Wolfe
499bb293c9
Fixed urlUtils usage in member config provider
- This is preparation work for getting rid of API versions
- The existing code used api versions for members, but the members API is not versioned
- This caused a bug as issuer was begin set to {{admin_url}}/ghost/api/undefined
- The updated code returns the correct value and is unit tested
- Whilst cleaning up I also swapped the usage of urlUtils to consistently use urlFor, as that is our main helper
2022-05-03 21:07:04 +01:00
Simon Backx
12f569ebf9
Dropped nullable from members_subscribe_events.newsletter_id (#14656)
closes https://github.com/TryGhost/Team/issues/1570

- Includes utils to disable foreign key checks when dropping nullable from columns
- Migration to drop nullable from members_subscribe_events.newsletter_id
2022-05-03 16:30:07 +02:00
Simon Backx
18ad847211
Added ValidationError for duplicate newsletter names (#14631)
refs https://github.com/TryGhost/Team/issues/1564

- While creating a newsletter
- While editing a newsletter
- Includes tests and updated snapshots
- Igored sort_order to snapshot test because sort_order is different in CI than locally so had to ignore it in the snapshot.
2022-05-03 15:33:56 +02:00
Hannah Wolfe
d01c1cba64
Fixed undefined error when serializing webhooks
closes: https://github.com/TryGhost/Toolbox/issues/318
refs: https://github.com/TryGhost/Toolbox/issues/320
refs: 2a11d5100e

- The underlying problem was caused by the removal of API versions
  - commit 2a11d5100e
  - I missed doing the same refactor as was done for the post-emailserializer here: 2a11d5100e (diff-0f7477bb5e5a9fdcb4c909a9e9e61ab5bb76b640b2d63a5791a9d6c8904f2758R7)
  - The removal of api versions included a change to remove circular references in the api module
- Written some basic unit tests to prove that webhook serialization works
  - I'm not 100% happy with the output, and not sure if it's the tests or reality, needs further work
  - Future work tracked in https://github.com/TryGhost/Toolbox/issues/320
2022-05-03 11:40:59 +01:00
Naz
3d397bb5f1 Revert "Disabled version compatibility emails temporarily"
This reverts commit 9a0d143fb1

- main is now a precursor of 5.0 which should have email notification turned on
- had to add missing `err` in the errorHandler middleware as it was not triggering the versionMissmatchHandler otherwise
2022-05-03 17:18:44 +08:00
Hannah Wolfe
c6ae3c30d8 Moved content-version middleware onto api app
closes: https://github.com/TryGhost/Toolbox/issues/319

- at the moment, content-version is only set if one of our endpoints touches the request
  - this was demonstrated in the e2e tests, where many of the tests that set accept-version did not receive accept-version
- by moving the middleware out of the http module and onto the api app we ensure it's always done
- I put the code in the api-version-compatibility service to keep it all co-located
- ideally we will refactor that service slightly so it only exposes middleware
2022-05-02 19:05:14 +01:00
Hannah Wolfe
55ce208ebb Fixed api-version-compatibility-service init error
closes: https://github.com/TryGhost/Toolbox/issues/317

- Added two tests for unknown versions with accept-versions set ahead and behind
   - Ahead passes, but we get an error for behind
- Refactored the api-version-compatibility-service to expose its own middleware so the init sequence is correct
2022-05-02 19:05:14 +01:00
Naz
03c8e7f010 Switched gscan to validate against v5 set of rules
refs https://github.com/TryGhost/Toolbox/issues/226

- We are on the finish line to release 5.0 - the instance should be validating it's themes agains v5 set of rules.
- The prominent deprecations are `{{author}}` and `@blog` helpers removals - will throw 'fatal' errors when encountered.
2022-05-02 20:56:25 +08:00
Hannah Wolfe
c9ab21f821
Fixed inconsistent error response from the API
- we have two JSON error response formats one old, one new (v2)
- we couldn't use the new one everywhere before without changing the response from older versions
- that is totally irrelevant in Ghost 5.0 as there is only one API version
- therefore we can and should use the new response format everywhere
- eventually we should rename it so it doesn't have v2 in it
2022-05-02 13:31:25 +01:00
Simon Backx
ab4ea4850d
Fixed null values in settings default newsletter migration (#14638)
refs https://ghost.slack.com/archives/C02G9E68C/p1651484563907609

- When the site has an empty name, it is set to `NULL` in settings.
- The name column is not nullable in newsletters, breaking the migration in that case.
- Fixed by excluding all non-nullable columns
- Replaced JS Date object with raw SQL `CURRENT_TIMESTAMP`
2022-05-02 12:16:58 +02:00
Hannah Wolfe
438a368a01
Added deprecation comments and notes to schema.js
- Adding some missing context for some parts of the schema that aren't how we would have them in an ideal world
2022-05-02 11:05:13 +01:00
Naz
5e441d0942 🔥 Removed {{author}} helper support
refs https://github.com/TryGhost/Toolbox/issues/230

 - Single {{author}} helper has been deprecated since multiple major releases. It has also been throwing fatal errors in gscan v5 since some time. It will finally be gone!
 - The plural {{authors}} helper should be used instead, read here for more information: https://ghost.org/docs/themes/helpers/authors/
2022-05-02 17:59:48 +08:00
Daniel Lockyer
ae13b61cb0
Removed backwards compatibility for ghost_head and ghost_foot settings
refs https://github.com/TryGhost/Toolbox/issues/308

- these two settings are deprecated and we're removing all the code in
  v5 that kept supporting them
2022-04-28 15:37:14 +01:00
Daniel Lockyer
3b6cdc2bc5
Renamed preview files to previews
refs https://github.com/TryGhost/Toolbox/issues/308

- we have a pattern of using plurals around Ghost but this was singular
- this shouldn't change any API functionality, it's just code
  refactoring
2022-04-28 15:37:14 +01:00
Hannah Wolfe
0eedb1c556
Added 307 redirects for old API endpoints
closes: https://github.com/TryGhost/Toolbox/issues/296

- This is a small change to permit any known API version to redirect to an unversioned URL
- We include v2 because although it should have been deleted in 5.0 anyway, in the spirit of the change away from versioned URLs there's
  absolutely no sense in forcing people to update clients that still work for no reason.
- We use a 307, because this preserves the original HTTP method, allowing POSTS, PUTs and DELETEs through as well as GETs
- We set the accept-version header on the redirect, meaning that for example with a request to the old /v4/ api, Ghost will respond as though
  the client sent `accept-version: v4.0` and if there are known breaking changes, it may choose to inform the admin and owner users of these
2022-04-28 15:37:14 +01:00
Daniel Lockyer
5e020f1a8f
Fixed Email Router naming in docs and debug call
- this was likely copied and pasted from the preview router but we
  forgot to change the name
2022-04-28 15:37:14 +01:00
Daniel Lockyer
f82ff87177
Changed /email_previews/posts/<post id> endpoint to return 204 upon success
refs https://github.com/TryGhost/Toolbox/issues/308

- this endpoint is currently used to send a test email with the post
- it currently returns a 200 with whatever the response of the mail
  service is
- this body isn't used in Admin nor is useful generally because it just
  contains the ID of the mailgun response
- it's better than we change it to 204 and no response
- this commit does that and updates the tests
2022-04-28 15:37:13 +01:00
Naz
75170535a4
Renamed destroyByAuthor to reassignByAuthor
refs https://github.com/TryGhost/Toolbox/issues/268

 - The previous naming didn't make much sense in the context of what the method what doing
2022-04-28 15:37:13 +01:00
Naz
5ba3f5efcf
Reassigned posts when deleting a user
refs https://github.com/TryGhost/Toolbox/issues/268

 - When the user is removed our current pattern was deleting their posts. This didn't work well and created all sorts of problems
 - As a solution we now reassign any posts that are only authored by the deleted user to the owner user
 - This change also reduced the dependency on "author" field
2022-04-28 15:37:13 +01:00
Daniel Lockyer
68cffa62ae
Renamed email-preview file to email-previews
refs https://github.com/TryGhost/Toolbox/issues/308

- I recently pluralised the API endpoint but never made the changes to
  the controller file and everywhere else it's needed
- this commit cleans up that inconsistency so it should be clearer
2022-04-28 15:37:12 +01:00
Daniel Lockyer
1b108d2cdb
Removed completed TODO
refs https://github.com/TryGhost/Toolbox/issues/308

- I've already done this but didn't delete the TODO
2022-04-28 15:37:12 +01:00
Daniel Lockyer
dcaeb67740
Fixed trailing comma 2022-04-28 15:37:11 +01:00
Daniel Lockyer
a48d8427f4
Change response code of special settings API endpoints to 204
refs https://github.com/TryGhost/Toolbox/issues/308

- these endpoints return no body but they were implemented to return a
  200 error code
- 204 would be more suitable so this commit changes that for v5
- also removes the passthrough serializer and updates the snapshots to
  reflect the changes
2022-04-28 15:37:11 +01:00
Daniel Lockyer
ea3c927d94
Renamed reset_all_passwords Authentication API endpoint to /global_password_reset
refs https://github.com/TryGhost/Toolbox/issues/308

- our API has a pattern of using nouns and not verbs for the endpoint
  names, so this changes the endpoint for v5
2022-04-28 15:37:11 +01:00
Daniel Lockyer
cfa2f0e102
Changed /authentication/reset_all_passwords to return 204 response code
refs https://github.com/TryGhost/Toolbox/issues/308

- this endpoint has no body to return but it was initially implemented
  as returning a 200 which we couldn't change until 5.0
- this changes it to a 204, removes the serializer and updates tests to
  take this into account
2022-04-28 15:37:11 +01:00
Daniel Lockyer
379f64428e
Renamed passwordreset body object to password_reset
refs https://github.com/TryGhost/Toolbox/issues/308

- I've just renamed the `/authentication/passwordreset` API endpoint to
  `/authentication/password_reset` and noticed the body object is also
  badly named
- this clears that up in code and tests
2022-04-28 15:37:11 +01:00
Daniel Lockyer
c4f3d44baa
Renamed /passwordreset Authentication API endpoint to /password_reset
refs https://github.com/TryGhost/Toolbox/issues/308

- we have the pattern of splitting words in API endpoints with an
  underscore but this was an exception we want to clean up in v5
2022-04-28 15:37:11 +01:00