Commit Graph

31764 Commits

Author SHA1 Message Date
Kevin Ansfield
dac5cca899 Fixed <GhExploreIframe> leaking event listeners and throwing errors in tests
no issue

- added cleanup of the `message` event handler added to `window` when the component is destroyed
- added a guard to the event handler method to abort early if a message is received whilst the component is being destroyed
2022-11-03 10:25:43 +00:00
Kevin Ansfield
86751f902c Fixed "invoking component by passing its name" deprecations for newsletter modals
no issue

- in future Ember build tooling components must be imported directly rather than passing a name at runtime
2022-11-03 10:14:37 +00:00
Kevin Ansfield
d1a061e5a7
🐛 Fixed comped subscription duration drop-down sometimes not being visible (#15764)
closes https://github.com/TryGhost/Team/issues/2110

- added failing test showing feature service `@feature` properties
weren't autotracking correctly if accessed before
authentication+settings fetch occurs
- shows labs and feature properties on the feature service are not
reacting to changes in the settings service
- removing the `@computed` on the `feature.labs` getter stops it being
cached but it then fails on the `feature.testFlag` computed property
- updated `settings` service to behave as expected with our current
version of Ember
- inspected the store schema for `Setting` to define the "proxied"
properties up-front rather than only after fetching
- updated the property definition to use `computed` so we're opting in
to the old style reactivity (required adding the `@classic` decorator to
pass linting)
2022-11-03 10:08:48 +00:00
Fabien 'egg' O'Carroll
68c7a3c7e7
🐛 Fixed archiving Tiers (#15761)
refs https://github.com/TryGhost/Team/issues/2204

The TiersAPI was incorrectly using the `active` property rather than
`status` property when editing Tiers.
2022-11-03 16:51:19 +07:00
Naz
aba255d276
Fixed typos 2022-11-03 16:35:20 +08:00
renovate[bot]
6c5553d059 Update dependency html-validate to v7.8.0 2022-11-03 10:46:36 +07:00
Naz
ac46c2f2e9
Fixed CORS vary header modification
refs https://github.com/TryGhost/Toolbox/issues/461

- The 'vary' header with 'Origin' value should only be set when an OPTIONS header is processed. Otherwise we are prone to leaking the vary header modification to further down in the request pipeline
2022-11-03 11:16:13 +08:00
Naz
9b2e36e4fb
Fixed CORS middleware unit test
refs https://github.com/TryGhost/Toolbox/issues/461

- The unit test was never using the "OPTIONS" request method, which did not actually trigger the full logic of the "cors" module used under the hood.
- Using the correct request method triggers all the right pathways and tests the state that's closer to the real world - for example the response does get "ended" instead of calling the "next" middleware.
2022-11-03 11:16:13 +08:00
Fabien "egg" O'Carroll
c5ad1b0531 Released Portal v2.19.8 2022-11-03 09:46:43 +07:00
Fabien 'egg' O'Carroll
f9c31dd902
Fixed upgrades for paid members (#15760)
closes https://github.com/TryGhost/Team/issues/2202

Some parts of the codebase were not using the isSameCurrency helper
which meant that we were incorrectly filtering out tiers from the
upgrade screen. Tiers used to *usually* have a lowercased currency
property, but they now _always_ have an uppercased.
2022-11-03 09:45:34 +07:00
Robin Cussol
0bccbcb083
Added e2e tests for page.deleted webhook (#15723)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-11-02 17:25:07 +00:00
Naz
a8ba8cc444
Added Vary value for CORS in Frontend
refs https://github.com/TryGhost/Toolbox/issues/461

- Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 17:23:47 +08:00
Naz
f581e33400
Added Vary value for CORS in Admin API
refs https://github.com/TryGhost/Toolbox/issues/461

- Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 17:23:47 +08:00
Naz
2f2aa36c75
Renamed options test suite cases
refs https://github.com/TryGhost/Toolbox/issues/461

- The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 17:23:22 +08:00
renovate[bot]
6afd6b6c75 Update dependency serve-handler to v6.1.5 2022-11-02 16:22:44 +07:00
Fabien "egg" O'Carroll
fb5e8fb2f3 Released Portal v2.19.7 2022-11-02 16:01:54 +07:00
Fabien "egg" O'Carroll
66b317ef78 Ensured plan is lowercased before being passed
This makes sure that we can correctly match the plan against either
"monthly" or "yearly"
2022-11-02 16:00:41 +07:00
Fabien "egg" O'Carroll
4785e25fe4 Released Portal v2.19.6 2022-11-02 15:58:36 +07:00
Fabien "egg" O'Carroll
bd5243b3bd Fixed creating checkout sessions with data-attribute-plan
refs https://github.com/TryGhost/Team/issues/2199

The data-attribute handler was not using the utils/api package but
instead reimplemnted the logic to create checkout sessions, this was
missed when moving to a redirect for checkout and so wasn't working
correctly.
2022-11-02 15:57:52 +07:00
Fabien "egg" O'Carroll
592e282f5b Updated data-members-plan handling to send Tier & Cadence
refs https://github.com/TryGhost/Team/issues/2199

Sending a price id was supposed to have been cleaned up but the
data-attributes file was missed.
2022-11-02 15:57:52 +07:00
Daniel Lockyer
876100e80b
Disabled code coverage check on @tryghost/data-generator
- this package is not used as part of Ghost's code and we shouldn't be
  enforcing a minimum coverage on it whilst it's in development
2022-11-02 15:45:12 +07:00
e.baidakova
93c6abcad5 Add ability to pass stale-while-revalidate option to cache control
closes TryGhost/Team#2094
This value can be used for non-crucial data with a `public` option. For example: `public, max-age=1, stale-while-revalidate=9`.
The idea behind this option is that the browser would cache the value for the number of seconds in `max-age` and would use it for the number of seconds in `stale-while-revalidate` until it gets a "validated response" from the server. The behaviour should be almost unnoticeable for the end user but would make a big difference in the amount of requests to server.
2022-11-02 10:54:12 +04:00
e.baidakova
81e6a7c5bd 🐛 Add ability to cache comments count endpoint
closes TryGhost/Team#2094
- Comment counts request was changed from `post` to `get` to enable request caching.
2022-11-02 10:54:12 +04:00
Naz
26b0bbc623 Added a test suite for OPTIONS requests
refs https://github.com/TryGhost/Toolbox/issues/461

- The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests.
- The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes"  (╯°□°)╯︵ ┻━┻
- On a serious note. I've introduced multiple hacks here that should be fixed:
1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite)
2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes.
- To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 13:43:30 +08:00
Naz
5fe80c82c5 Exposed Content API agent in e2e test utils
refs https://github.com/TryGhost/Toolbox/issues/461

- When testing OPTIONS requests there is a need to get all possible agents available in the system. The "getAgentsWithFrontend" serves exactly this purpose - create all possible agents while starting Ghost instance only once
- This is groundwork for OPTIONS request caching tests and improvements
2022-11-02 13:43:30 +08:00
Daniel Lockyer
ab678c3a90
Merged v5.22.4 into main
v5.22.4
2022-11-02 07:09:23 +07:00
Djordje Vlaisavljevic
2cd106ba02 Fixed scrollable table data showing outside of table
no ref
2022-11-01 22:45:30 +01:00
Ghost CI
13c6204197 v5.22.4 2022-11-01 19:19:31 +00:00
Fabien 'egg' O'Carroll
1ff1b75a69
🐛 Fixed errors with Stripe Checkout (#15749)
refs https://github.com/TryGhost/Ghost/commit/1f300fb781f0

The full customer object was not being passed to the StripeAPI service
when it already exists, this was resulting in inconsistent behaviour when
sending the customerEmail param to the API, causing `invalid_email`
errors to be thrown from Stripe and breaking the checkout.
2022-11-02 02:18:30 +07:00
Fabien "egg" O'Carroll
be66078a31 Released Portal v2.19.5 2022-11-02 00:32:35 +07:00
Hannah Wolfe
85c5a19f33
Merged v5.22.3 into main
v5.22.3
2022-11-01 17:29:16 +00:00
Ghost CI
7fda360799 v5.22.3 2022-11-01 17:12:38 +00:00
Fabien "egg" O'Carroll
743228ff1c 🐛 Fixed Portal showing paid Tiers when Stripe not connected
closes https://github.com/TryGhost/Team/issues/2197

Portal was relying on monthlyPrice or yearlyPrice being undefined as a
proxy to determine whether or not to show paid plans, this fixes it to
check for whether or not stripe is enabled.

I did consider using the portal_plans array to filter out unselected
Tiers, but wasn't sure of the repercussions, though it does seem like
the correct fix long term.
2022-11-02 00:11:33 +07:00
Fabien "egg" O'Carroll
ba41f308c7 🐛 Fixed upgrading to a paid plan
closes https://github.com/TryGhost/Team/issues/2196

We were incorrectly assuming that all requests would have the
`customerEmail` passed in the body. Instead we were incorrectly
passing `undefined` or `''` as the `customerEmail` property to stripe,
which resulted in a validation error.

We've updated the code to pass `null` in the case of a falsy value,
which the Stripe API handles without error.
2022-11-02 00:11:33 +07:00
Fabien "egg" O'Carroll
1f300fb781 🐛 Fixed checkout sessions when using Offers
closes https://github.com/TryGhost/Team/issues/2195

The issue here is two-fold, and specific to using Offers so was not
caught by any automated tests. First, we were incorrectly comparing
the tier.id to the offer.tier.id - this is because the Tier objects id
property is an instance of ObjectID rather than a string.

Secondly we were passing through the cadence parameter from the
request body, but when using Offers this is not including in the
request, so we must pull the data off of the Offer object instead and
pass that to the payments service.
2022-11-02 00:11:33 +07:00
Kevin Ansfield
2d2ac0102a Refactored signin controller to Octane patterns
refs https://github.com/TryGhost/Ghost/issues/14101

- migrated to native class syntax and glimmer component patterns
- removed use of jQuery, the workaround to trigger change events no longer appears necessary
2022-11-01 14:12:23 +00:00
Daniel Lockyer
498bec08cf
Merged v5.22.2 into main
v5.22.2
2022-11-01 18:24:58 +07:00
Ghost CI
3c71d07dfb v5.22.2 2022-11-01 09:28:14 +00:00
Fabien 'egg' O'Carroll
a0ebb9a6f3
🐛 Fixed Tier description not being set (#15741)
closes https://github.com/TryGhost/Ghost/issues/15740

The validation function for a Tier description was not returning the
validated value, which meant we were unable to set the Tier
description.
2022-11-01 16:25:55 +07:00
Fabien "egg" O'Carroll
f761bd36b4
Fixed verification trigger usage of Event Repository
refs https://github.com/TryGhost/Team/issues/2192

The method signatures of the Event Repository have been updated to
take mongo filter objects, but this call-site was not updated.

Long term we should really be using NQL filter strings for our
filtering API and the mongo filter objects should be an implementation
detail, however we don't have time right now to rectify this.
2022-11-01 13:00:42 +07:00
Fabien "egg" O'Carroll
63fe013606 Fixed verification trigger usage of Event Repository
refs https://github.com/TryGhost/Team/issues/2192

The method signatures of the Event Repository have been updated to
take mongo filter objects, but this call-site was not updated.

Long term we should really be using NQL filter strings for our
filtering API and the mongo filter objects should be an implementation
detail, however we don't have time right now to rectify this.
2022-11-01 12:06:11 +07:00
Daniel Lockyer
68689917e6
Merged v5.22.1 into main
v5.22.1
2022-11-01 06:11:24 +07:00
Robin Cussol
e7e12aba09
Added e2e tests for page.published.edited webhook (#15724)
refs: https://github.com/TryGhost/Ghost/issues/15537

- snapshot test created to add confidence to webhook stability and increase overall test coverage.
2022-10-31 19:51:04 +00:00
Halldor Thorhallsson
79c80f28cc
Removed bluebird from api-framework module (#15685)
refs: https://github.com/TryGhost/Ghost/issues/14882

- Removing bluebird specific methods in favour of the Ghost sequence method so we can remove the bluebird dependency
2022-10-31 19:30:18 +00:00
Ghost CI
b2ad52fbf5 v5.22.1 2022-10-31 17:49:43 +00:00
renovate[bot]
8cde26f986 Update dependency ember-template-lint to v4.17.0 2022-10-31 17:37:40 +00:00
James Morris
8537239548 Moved the audience feedback setting into the footer
refs https://github.com/TryGhost/Team/issues/2191
2022-10-31 17:17:52 +00:00
Kevin Ansfield
b272b34a44 Fixed linter error 2022-10-31 12:12:58 +00:00
James Morris
21bf020e4e Moved the audience feedback setting into the footer
refs https://github.com/TryGhost/Team/issues/2191
2022-10-31 12:10:36 +00:00
Kevin Ansfield
5bf3fe9cb8 🐛 Fixed error preventing admin area being usable by staff users with Contributor role
closes https://github.com/TryGhost/Team/issues/2190

- added a guard around the tier fetches in `membersUtils` service so the fetch doesn't occur unless we have a logged in user and they aren't a contributor
- extracted the `withPermissionsCheck` mirage util function and added role checks around the mocked tiers endpoints
- added an acceptance test that loads the content screen and creates a draft post as a contributor to help catch regressions
2022-10-31 12:01:39 +00:00