Commit Graph

5843 Commits

Author SHA1 Message Date
Matt Hanley
7172db74b0
💡 Updated fixtures to make it easier to get started (#14299)
- Our old fixtures were designed as a guide to getting started to Ghost, but they got in the way
- The old fixtures now live as part of ghost.org/resources - a living guide to starting with Ghost
- These new fixtures mean the site is ready to go as soon as it's setup

Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
2022-03-10 17:41:46 +00:00
Daniel Lockyer
f2c074ac59 Fixed error when editing user with empty roles data
- we send the roles data array in when we're changing the role of the
  user
- if we send an empty array, we don't want to edit the user's role
- the code _thought_ that's what it was doing, but we only check the
  falsiness of the array, which is truthy for `[]`
- it also needs to check the length of the array
- this commit includes a test which would fail with a 500 error without
  the fix
2022-03-10 17:29:30 +00:00
Simon Backx
da9de95b74
🐛 Fixed duplicate tags created when slugs contain spaces (#14277)
refs https://github.com/TryGhost/Team/issues/1284

When you create a new post with a tag slug that contains spaces, those spaces will get replaced by dashes. But instead of reusing an existing tag, a new tag is always created.

- New tag slugs are cleaned up before matching with existing tags in the Post model onSaving method
- Cleaned up multiple loops in onSaving of Post model
- Cleaned up syntax when cleaning up tag slug
- Added tests for slugs with spaces
- Added test for too long tag slug causing duplication
2022-03-10 13:07:00 +01:00
Fabien "egg" O'Carroll
8229f8030e Fixed new sites using "Default Product" Tier name
https://github.com/TryGhost/Team/issues/1289

Since we added the free Tier fixture, this was attempting to fix the
free Tier, rather than the default one.
2022-03-10 11:35:03 +00:00
Sanne de Vries
3d136c964d Updated unsubscribe page
No issue
2022-03-10 10:39:20 +00:00
Naz
16e0736379 Removed Roon related importer code
no issue

- The support for the misformated roon imports was temporary anyway, based on the comments in code. It's also unecessary to keep around any code related to Roon as it's been _ages_ since anybody needed this kind of migration
2022-03-10 16:29:54 +08:00
Daniel Lockyer
9231a4c6f6 Updated probe-image-size options to reflect underlying change
refs https://github.com/nodeca/probe-image-size/blob/master/CHANGELOG.md#changed-1

- version 6 of `probe-image-size` switched from using `request` to
  `needle`
- this means we need to update our options to reflect the changes
- we still use request in this file so I've duplicated the options for now
- also adds a few extra error codes to the catches because needle
  reports different codes to request
2022-03-09 20:27:38 +00:00
Daniel Lockyer
8a7c7f08e9 Enabled fetching .ico dimension size via probe-image-size
refs https://github.com/nodeca/probe-image-size/blob/master/CHANGELOG.md#600---2020-11-04

- `probe-image-size` v6 now supports `.ico` files so we can
  allow probing of dimensions via this library rather than falling back
  to downloading the entire image via `image-size`
- also updates a test because .ico files no longer use the internal
  request lib, which simplifies things a little bit
2022-03-09 20:27:38 +00:00
Hannah Wolfe
833035d7be
Improved coverage of api serializer
- Have ensured we have 100% coverage of core/server/api/shared/serializers/handle.js
- This meant I had to swap around two validation clauses as one was unreachable
- I have done this as I want to make some changes in this area of the codebase, and want to ensure we have tests
  and a clear understanding of what this code does before I change it
2022-03-09 20:02:15 +00:00
Kevin Ansfield
51e04c75ad
Added "contains" operator support to ?filter= query params (#14286)
refs https://github.com/TryGhost/Team/issues/1408

- switched from `@nexes/nql` to `@tryghost/nql` and bumped `@tryghost/bookshelf-plugins` to get access to the latest NQL version across the app
- adds "contains" operator support
  - `:~'string'` - contains
  - `:-~'string'` - does not contain
  - `:~^'string'` - starts with
  - `:-~^'string'` - does not start with
  - `:~$'string'` - ends with
  - `:-~$'string'` - does not end with
- enables `'` escaping in strings, eg `'O\'Nolan'`
2022-03-09 13:02:17 +00:00
Naz
9c64d7af81 Centralized base API path value across server codebase
refs https://github.com/TryGhost/Team/issues/1420

- This changeset makes the "/ghost/api" base path for the APIs centralized in one place and reused by dependent modules. There are couple benefits this refactor brings: easy way to spot where the API base path is used (was hard to find it in regexp) and makes it easy to change the hardcoded path to a configurable one in the future (e.g. host all APIs under `domain.tld/custom-path/awesome-apis/posts`)
- I hear that scream from the back of your head: "But hey! This introduced coupling to url-utils!". To that my unswer is: "No. This change only makes the coupling explicit, it's been there already and now can be addressed if we need to!".
- A neat thing about his change, making the API work on a custom path is one line away, by moving the hardcoded `/ghost/api` to a config ;)
2022-03-09 17:15:51 +08:00
Naz
da9f018c70 🐛 Fixed theme activation with capitalized names
closes https://github.com/TryGhost/Team/issues/1420
refs da0dee548c
refs https://github.com/TryGhost/Toolbox/issues/169

- After introducing non-versioned API urls the "isAPI" regex failed to pass the test as it was expecting a `canary/vX` in the API URL. This caused "uncapitalization" to stop working for API requests.
- Regex visualizer for quick reference: https://jex.im/regulex/#!flags=&re=%5E(.*%5C%2Fghost%5C%2Fapi(%5C%2F(v%5B%5Cd.%5D%2B%7Ccanary))%3F%5C%2F.*%3F%5C%2F)
2022-03-09 20:07:04 +13:00
Matt Hanley
2110c65e47 Removed notification on theme install failure during setup step
refs https://github.com/TryGhost/Team/issues/1417

- we no longer want to display a notification if theme install fails
- the notification has been removed so we fail silently, but log the warning
2022-03-08 13:33:48 +00:00
Rishabh
7c43191ca7 Fixed members endpoint not ignoring unknown includes
refs https://github.com/TryGhost/Team/issues/1415

Members browse endpoint was missing allowedIncludes validation, causing unknown includes to throw 500 on API request.
2022-03-08 16:59:51 +05:30
Rishabh
32ff722028 Added tier visibility to portal tier data
refs https://github.com/TryGhost/Team/issues/1387

We are moving away from using portal products/plans settings to visibility property on the tier object.
2022-03-08 11:33:51 +05:30
Peter Zimon
e2438a008e Udpated powered by badge 2022-03-07 17:36:01 +01:00
Fabien 'egg' O'Carroll
fa1165de6a
Support tier visibility editing Allowed Tiers Admin API to set visibility
refs https://github.com/TryGhost/Team/issues/1387

This will allow us to move from the portal_products and portal_plans
settings to using the visibility property on tiers to determine whether
or not a tier should be visible in Portal.

This also fixes a bug with the Tiers Admin API read method permissions.
2022-03-07 14:46:42 +00:00
Daniel Lockyer
1a3aa69c68 Re-throw error when attempting to create webhooks
- we catch error arising from creating webhooks and check for specific codes
- if our error does not match one of those codes, we don't propagate the
  error up
- this becomes a problem if saving a webhook fails for some other reason
  because upstream code assumes we return an error or model
- this commit re-throws the error and adds a test that would have caught
  this
2022-03-07 13:54:00 +00:00
Fabien 'egg' O'Carroll
cff033bb47
Migrated visibility column from portal settings (#14253)
https://github.com/TryGhost/Team/issues/1387

This is split into two migrations, one for the portal_products setting
and one for the portal_plans setting, as dealing with both of them in a
single migration led to too many branches.
2022-03-07 11:38:39 +00:00
Rishabh Garg
3fa836690e
Updated to always invalidate cache on tier edit (#14267)
refs https://github.com/TryGhost/Team/issues/1240

We were selectively invalidating cache on tier/product edit which was consistent with pattern for other APIs, but in case of tier/product, the model changed method always returns false due to how its setup. This change updates the edit to always invalidate cache, similar to tier add, to ensure sites don't see old tier values.
2022-03-04 15:47:30 +00:00
Rishabh
a328e3e88b Fixed include option not working for fetching tiers via #get helper
refs https://github.com/TryGhost/Team/issues/1004

The output serializer for product was not handling `include` option value as comma separated string, which is passed via `#get` helper to fetch related prices for tiers. This change fixes the handling to work with both array as well as comma-separated include values.
2022-03-04 18:22:59 +05:30
Rishabh
eac732f620 Added tiers data for posts with non tiers visibility
refs https://github.com/TryGhost/Team/issues/1004

The `tiers` column for a post/page only contained data if its visibility is set to `tiers`, otherwise its empty. This is because originally the purpose of `tiers` column on `post` was to capture specific tiers with access to post.
The best way to ensure a consistent behavior for `tiers` column data on post is to update it to always contain list of all `tiers` that have access to post, and not just when the visibility is `tiers`. This means the value is set to all tiers when visibility is one of public|members, and only paid tiers when visibility is `paid`.  This change also allows on frontend to get all relevant `tiers` information for a post locally within post context instead of relying on additional information from outside.

This change -

- updates the output serializer for post/page to add all desired tiers manually in case of visibility is not `tiers`
- updates tests
2022-03-04 18:22:59 +05:30
Matt Hanley
c6617459a5
Switched products.visible for products.visibility (#14264)
- We have an existing pattern for using `visibility: public` instead of `visible: true|false`
- We no-op the existing migration and roll forward so that we don't have to manually revert db changes
2022-03-04 11:07:38 +00:00
Rishabh
c9577cec71 Removed archived tiers from portal tiers list
refs https://github.com/TryGhost/Team/issues/1404

The archived tiers are hidden in Portal normally as they are automatically not included in the `portal_products` list. This change also removes the archived tiers from being sent in list of tiers sent as part of site data to Portal. This ensures Portal doesn't use any archived tier.
2022-03-04 15:05:15 +05:30
Matt Hanley
01a6d576b3 Removed public cache-control header for member site endpoint
- Caching is causing issues with Portal preview
- Changes to tiers and Portal settings are taking too long to display on the site, causing confusion for users
- This reverts commit 5d8f491823.
2022-03-03 15:25:49 +00:00
Fabien "egg" O'Carroll
1b96ce2794 Added /tiers endpoint to Content API
refs https://github.com/TryGhost/Team/issues/1313

When adding the tiers endpoint the Content API was missed, this is
needed so that themes can access Tiers via the `{{#get}}` helper.
2022-03-03 15:15:43 +02:00
Fabien "egg" O'Carroll
c00b398abf Added visible property to Tiers API
refs https://github.com/TryGhost/Team/issues/1387

This is also added to the Products API so that the Admin can use it
without having to switch to the new Tiers API.
2022-03-03 15:15:43 +02:00
Daniel Lockyer
bf6f607f42 Switched to mysql2 library
refs https://github.com/TryGhost/Toolbox/issues/174

- this commit switches Ghost from using the `mysql` library to the
  `mysql2` one
- we've done this for several reasons:
  - `mysql2` is more actively maintained
  - `mysql2` natively supports the default auth plugin on MySQL 8
  - `mysql2` is fasterrrr
- there have been various other commits refactoring the groundwork for
  this commit but this commit should be short and sweet:
  - alias `mysql` to `mysql2` client so we maintain backwards
    compatibility with all configs who use `"client": "mysql"`
  - enabled `decimalNumbers` so we maintain the same functionality as
    `mysql`
  - replaced the dependencies and updated `knex-migrator`
  - hardcoded the newer authentication plugin in MySQL 8 CI. Before
    switching to `mysql2`, this would break because it didn't support
    this
2022-03-03 09:59:37 +01:00
Naz
da0dee548c Added alias for non-versioned API endpoints
refs https://github.com/TryGhost/Toolbox/issues/169

- Before next major version release we need to prepare for removal of API versioning.
- This change allows unversioned API requests to work under following endpoints:
- /ghost/api/admin
- /ghost/api/content
- This change should allow further preparation of the API clients (SDKs, Integrations, etc.) to non-versioned APIs in Ghost instances in ^5.0.0
- Changed default e2e test targets to non-versioned API. It's a trial, to have working examples. In the future all tests should switch to use only non-versioned endpoints.
2022-03-03 20:21:22 +13:00
Naz
cd1183c9d8 Added JWT authentication for non-versioned API
refs https://github.com/TryGhost/Toolbox/issues/169

- As Ghost prepares to drop API versioning in future major release it the authentication mechanism should take into account non-versioned token audience support. The audience for non-versioned api requests would be limited to "admin" rather than "canary/admin"
2022-03-03 20:21:22 +13:00
Thibaut Patel
c5f8853ad9
Ignore casper install on setup (#14218)
refs https://github.com/TryGhost/Team/issues/1362

- Casper is already installed, so the installation from github always fail.
- There is no need to display an error message in that case.

Added regression tests for blog setup with the default theme:
- Check whether there are no notifications after completing the setup
- Also test the setup with the default theme
2022-03-02 18:22:20 +01:00
Daniel Lockyer
2a0cc9e8d4 Aliased mysql to mysql2 in schema client
refs https://github.com/TryGhost/Toolbox/issues/174

- this just uses the same SQL queries for certain queries when using the
  `mysql2` library as when using the `mysql` one
- we can remove the `mysql` line when we fully switch to `mysql2`
2022-03-02 16:06:37 +01:00
Daniel Lockyer
47260f405a Updated DB client timezone to Z
- whilst `UTC` was working, it's technically not supported as per the
  docs for `mysql`: https://www.npmjs.com/package/mysql#connection-options
- `mysql2`, however, is a bit more strict and throws a warning for
  unsupported values, so it was flagging up when I was looking at
  switching to that library
- this commit switches over to `Z` AKA Zulu -
  https://en.wikipedia.org/wiki/Coordinated_Universal_Time so both
  libraries are happy
2022-03-02 16:06:37 +01:00
Daniel Lockyer
d0e71524ca Switched to util for retrieving DB info in migrations
refs https://github.com/TryGhost/Toolbox/issues/174

- right now, our migrations manually check the client of the knex
  instance to see whether we're running on MySQL or SQLite
- that's been working fine, but the problem is that we're due to switch
  to the mysql2 driver soon, so all these checks will be faulty
- i've altered the functionality of `@tryghost/database-info` to accept
  a knex instance, and it'll return if the DB is MySQL or SQLite in some
  helper functions
- this commit bumps the package and switches to that format
- originally I used a shared instance of the class within
  `@tryghost/database-info` but there's a chance that the knex instance
  inside migrations actually comes from knex-migrator, and not Ghost, so
  that wouldn't work
2022-03-02 15:05:55 +01:00
Thibaut Patel
91d5fa0fc5 Prevent an event-processing error if there is no timezone setting
refs https://github.com/TryGhost/Ghost/pull/14197

- We default to UTC when there is no setting timezone
2022-03-02 13:58:26 +01:00
Thibaut Patel
527ef79955 Added the last_seen_at update on member page view
refs https://github.com/TryGhost/Team/issues/1306

- This adds a `MemberPageViewEvent` event when a page is viewed by a member (post/page/tag/author/...)
- Integrates the `LastSeenAtUpdater` service that listens to the `MemberPageViewEvent` events to update `member.last_seen_at`
- Follows the latest testing recommendation (end to end test + testing for side-effects)
2022-03-02 13:58:26 +01:00
Thibaut Patel
73a049c942 Added the last_seen_at update on email open
refs https://github.com/TryGhost/Team/issues/1306

- Updates once every day (in the publication timezone)
- Also updates when the value is `NULL`
- This is implemented as a SQL query as the code is on the job and doesn't have visibility to the members code
2022-03-02 13:58:26 +01:00
Daniel Lockyer
bf45ef4a87 Cleaned up DB connection fallback in migrations commands
- throughout the migration utils we use the passed in DB connection or
  fallback to the `db.knex` instance
- this works, but it means we have places we need to make sure to
  implement `(transaction || db.knex)` everywhere
- as I'm working on refactoring the utils, this was also causing
  problems because I'd be checking the `transaction` instance but that may
  be null/undefined
- this commit pulls the fallback into the function parameters where it's
  evaluated at runtime
- this also has the added benefit that we get jsdoc typing now because
  the types are easy to figure out
- note: `transaction` should probably be renamed to `connection` because
  it's not necessary a transaction... but baby steps 🤓
2022-03-02 13:27:21 +01:00
Daniel Lockyer
11f64e91c0
Added extra handling for errors when adding foreign key
- this section of code handles the errors that arise when we add a
  foreign key to a table
- locally, I get different errors than the one listed - `ER_FK_DUP_KEY`
  and `ER_FK_DUP_NAME`
- I've been trying to find a good source for what each code is but it
  looks highly likely to be differences in DB engines
- we should probably handle these errors anyway because we don't want
  migrations to error out
2022-03-02 12:37:39 +01:00
Naz
1cc38733ba Added Media and Files APIs to API key allowlist
refs https://github.com/TryGhost/Toolbox/issues/219

- These two APIs similarly to Images API should be accessible by the Admin-API SDK. Opens up a way to write custom scripts uploading files and media
2022-03-02 16:33:56 +07:00
Fabien 'egg' O'Carroll
db202fb162
Added visible column to products table (#14221)
refs https://github.com/TryGhost/Team/issues/1387

We are moving away from the portal_products setting to instead store
each tiers visiblity on the tier itself. This column will be used for
that data.

Both of the default Tiers should be visible, but newly created tiers
should not be.
2022-03-01 18:11:59 +02:00
Rishabh
3c0306822f Added include as a valid option for members browse api
refs https://github.com/TryGhost/Team/issues/1029

- members browse endpoint didn't have `include` in its option list, so `?include...` was ignored in the api
- endpoint always reverted to using default relations in output, so `product` was never attached even if added in `include`
2022-02-28 15:30:15 +05:30
Aileen Nowak
de2e894c53 Don't require description to setup with title
refs https://github.com/TryGhost/Team/issues/1382

- PR feedback
- Self hosters don't have the option to add a site description when setting up
- Update the logic to continue with the settings setup, even when no description is given
2022-02-24 12:36:57 -04:00
Aileen Nowak
92d9029500 Added accentColor and description parameters to /authentication/setup route
refs https://github.com/TryGhost/Team/issues/1382

- Added two possible new setup values: `accentColor` and `description` to define the brand colour and site description on initial setup
- Updated tests to reflect those changes
- Only the params when passed and fall back to default site description
2022-02-24 12:36:57 -04:00
Thibaut Patel
ebab652919 Moved the last_seen_at api property behind a flag
refs https://github.com/TryGhost/Team/issues/1393

- Prevents any issue from reaching all Ghost users
2022-02-24 17:28:07 +01:00
Fabien 'egg' O'Carroll
694721cbea
Added /tiers API to Admin API (#14200)
refs https://github.com/TryGhost/Team/issues/1313

Rather than removing the /products API we're adding a /tiers API as
a first step towards renaming "products" to "tiers". The initial idea was
to alias the URL's but out API framework doesn't easily allow for this so
we've duplicated it instead.
2022-02-23 17:00:18 +02:00
Thibaut Patel
664dfbeae8 Added the last_seen_at field to the member API answers
refs https://github.com/TryGhost/Team/issues/1389
2022-02-22 19:45:55 +01:00
Thibaut Patel
e7751fa279 Backfilled the members last_seen_at column
refs https://github.com/TryGhost/Team/issues/1305

- Skipped sqlite3 compatibility due to the lack of join support in update
- Uses a raw migration to improve performance
2022-02-22 12:16:36 +01:00
Hannah Wolfe
5bf12939e4
Updated eslint-plugin-ghost & fixed resulting failures
- I recently added a bunch of strict rules to our eslint plugin around returns: ca9af37866
- These mostly are issues that occur whilst writing code, that you spot and fix as you're developing, but they're annoying to notice/find and eslint can be used to flag them quickly
- There are of course, edge cases where you don't need to return from array fns, but this rule also suggests better patterns might be available
- For our excert helper and new assertEvent helper, I've updated the code to use simpler patterns that are easier to read, so as to avoid the warnings
- For our old API I've simply disabled the rule as we're about to delete this code
2022-02-21 12:30:12 +00:00
Daniel Lockyer
ddaa4ee5e1 Removed unnecessary checks during initial DB init
refs https://github.com/TryGhost/Toolbox/issues/202

- during DB init, we have to create all the tables
- right now we loop over all tables and call the `createTable` command
  - this command checks if the table exists and if not, creates the table
  - this works fine but it means we query the database for every table
  - in MySQL, we query the information_schema table, which we've seen
    issues with before because it doesn't have indexes
- the smarter thing to do here is to get all the tables that already exist,
  remove them from the list, and just straight up create them without
  further checks
- this entire thing should be protected by the migration lock so we
  shouldn't encounter issues from multiple processes initializing the DB
  and tables existing after the initial check
- this commit also removes the check from `createTable` because this isn't
  really needed. We should be using the migration utils, which do
  check for existing tables. I've added a note to the function and
  audited anywhere we still call the function
- this commit removes (- 49 tables + 1 initial check) 48 queries from
  the initial DB init
2022-02-21 08:44:40 +01:00