Commit Graph

9183 Commits

Author SHA1 Message Date
Kevin Ansfield
dfca0abc93 Added support for segmented email content in previews and test emails
refs https://github.com/TryGhost/Team/issues/927

- the `email-cta` card can be segmented so only free or paid members can see the content, it should be possible for authors to preview what that will look like in either case
2021-07-27 16:31:41 +01:00
Naz
633d4f4771 Fixed typo 2021-07-27 14:07:57 +04:00
Naz
1a64af103a Fixed MemberCSVImporter initialization
refs https://github.com/TryGhost/Team/issues/912

- The membersApi variable can be in uninitialized state. It should be accessed through membersService getter to make sure it's always correctly referenced
2021-07-27 13:09:04 +04:00
Naz
8fbbd524df Swapped to American English spellings
refs 16728a3ef1
2021-07-27 12:15:19 +04:00
Daniel Lockyer
04b5a1c6c5 v4.10.2
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYP6iagAKCRDSEYbwtHKV
 rR/dAPsGjY89fheicUdZfWbVUGunIQAKCYWj4sNMR5ZJbFQ8IAD8Dbx5XLR1IYmX
 7uzjx7ayuHt+o9jJkaRFGpETIRln4w0=
 =JY+u
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYP6kDQAKCRDSEYbwtHKV
 rVJ1AQCDiGWEJNVItQbPoAURACUtQPtg8GH1O62We+LUNdKQ5gEA2+snzZAi9fag
 60k5eyYxcB4JOwSVLIS19FcybgnhuAg=
 =1a74
 -----END PGP SIGNATURE-----

Merged v4.10.2 into main

v4.10.2
2021-07-26 13:01:12 +01:00
Daniel Lockyer
469a2f32ad
Updated Admin to v4.10.2 2021-07-26 12:54:17 +01:00
Kevin Ansfield
8d5e7ed695
🐛 Fixed unsubscribed members receiving email when a post is sent to all members (#13181)
refs https://github.com/TryGhost/Team/issues/935

The problem was incorrect operator precedence when multiple statements existed in the filter original filter when we transform it to enforce `subscribed:true` before sending.

- free only - subscribed:true+status:free - no issue
- paid only - subscribed:true+status:-free - no issue
- all - subscribed:true+status:-free,status:free - the ,status:free part is treated as a separate OR statement meaning the subscribed:true is not applied to it and free members that are unsubscribed will receive the email

- extracted the filter transform into a separate function so it can be unit tested
- updated the transform to use `()` for operator precedence, eg: `subscribed:true+(status:-free,status:free)`
- used transform function in `addEmail()` and `getEmailMemberRows()`
- fixed `sent/send` typo in error message
2021-07-26 12:47:03 +01:00
Naz
ac3602cced Fixed empty response when import triggers a job
refs d60d348c88

- When the import triggers a background job the meta response should contain no data otherwise the client can mistake it for completed import
2021-07-23 21:14:06 +04:00
Naz
d60d348c88 Fixed error when hostLimits are undefined
refs a7dd7bb64b

- The error was introduced in the refed commit. Object.assign method only works when the first parameter is an object otherwise it fails.
2021-07-23 20:46:52 +04:00
Naz
a7dd7bb64b Added email verification limit check
refs https://github.com/TryGhost/Team/issues/912

- When the import threshold is reached we want to trigger an "email" limit. See details in the refed issue
2021-07-23 20:37:29 +04:00
Naz
ec8b49ea42 Moved member importer declaration for readability
refs https://github.com/TryGhost/Team/issues/912

- Exposing a single method out of the service makes the API surface smaller - more readable.
- Additionlally having a wrapping method in service will be helpful for other triggers that are going to be executed in later iterations
2021-07-23 16:58:46 +04:00
Daniel Lockyer
dcca28a45b v4.10.1
-----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYPmn5QAKCRDSEYbwtHKV
 rZ7GAP44uQbWr4HFW7cAdEBG3YRDA5EC7S0uy2fdizzxuvPr2AEAqpU51eOpUPgm
 SY43m3su6G2QUoMMUJEt6HJ0xzH4FQU=
 =Qvoa
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYIAB0WIQTqYa7kNs8D7Oo9dgLSEYbwtHKVrQUCYPmoNQAKCRDSEYbwtHKV
 rY8SAQDDoVnCn5KBFk7F4pMBEsH9CV5olF1URJf5wShFdVZrpwD/bNOf/kN/xn1R
 X2SMUaG4uZav969eRRU36h3Ky64Hdw4=
 =2WgO
 -----END PGP SIGNATURE-----

Merged v4.10.1 into main

v4.10.1
2021-07-22 18:17:34 +01:00
Daniel Lockyer
51ae9f1900
Updated Ghost-Admin to v4.10.1 2021-07-22 18:16:20 +01:00
Rishabh
a110cdd34a Added membersFiltering alpha labs flag
closes https://github.com/TryGhost/Team/issues/925

- used by Admin for working on members filtering features
2021-07-21 21:16:15 +05:30
Naz
57c4afdea2 Integrated @tryghost/members-importer
closes https://github.com/TryGhost/Team/issues/916

- The members importer module was extracted into an ouside module as per project structuring standards
2021-07-21 19:34:30 +04:00
Fabien O'Carroll
49f48c0f09 Made a single request for products in theme middleware
refs https://github.com/TryGhost/Team/issues/907

The logic to populate the `@price` data and the `@products` data both
rely on the same product data, but were each making their own request to
the API. This refactor removes the request from the legacy `@price`
data, which should cut the database queries in half.
2021-07-21 12:50:21 +01:00
Fabien O'Carroll
f900b4ee78 Moved theme middleware after static middleware
refs https://github.com/TryGhost/Team/issues/907

The theme middleware makes several calls to the content api in order to
populate global theme data for use in templates. By adding this
middleware after the static theme files, we remove redundant calls.
2021-07-21 11:25:02 +01:00
Naz
170617feb3 Fixed this context for methods passed into importer
refs https://github.com/TryGhost/Team/issues/916

- Without `.bind`, `this` context was lost when used inside of the CSVImporter calss
2021-07-21 21:00:16 +12:00
Naz
25dcfde368 Refactored ghostMailer parameter
refs https://github.com/TryGhost/Team/issues/916

-  The constructor API should have as small of a surface as possible, there's no need to pass around whole ghostMailer instance
2021-07-21 21:00:16 +12:00
Naz
83c75a3fb4 Refactored settingsCache parameter
refs https://github.com/TryGhost/Team/issues/916

-  The constructor API should have as small of a surface as possible, there's no need to pass around whole settingsCache instance
2021-07-21 21:00:16 +12:00
Naz
19c5c0b05a Refactored storagePath parameter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern with single options Object parameter
- It didn't make sense to have a "config" object inside of options object containing just one property
2021-07-21 21:00:16 +12:00
Naz
2472695535 Refactored constructure signature to be a n object
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern with single options Object parameter
2021-07-21 21:00:16 +12:00
Naz
da3620ca8e Refactored url-uitls out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-21 21:00:16 +12:00
Naz
66a6a522e0 Refactored db dependency out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-21 21:00:16 +12:00
Naz
b96a8f4f6b Refactored jobs service out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-21 21:00:16 +12:00
Thibaut Patel
489e470d7b Added a feature flag to the oauth login feature
issue https://github.com/TryGhost/Team/issues/614

- The feature flag was called `oauthLogin` instead of simply `oauth` to avoid clashes in the frontend `feature` service as it is merging the config and labs properties.
2021-07-20 23:16:49 +02:00
Naz
1eef1e9781 Refactored labs dependency out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-20 18:42:57 +04:00
Naz
c7edf256f6 Refactored Ghost mailer dependency out of MembersCSVImporter
refs https://github.com/TryGhost/Team/issues/916

-  The refactor was done follow the DI Constructor pattern and prepare module for extraction
2021-07-20 18:42:26 +04:00
Naz
a2fc3dde7d Removed dead code - batch-import module
refs https://github.com/TryGhost/Team/issues/916

- While investigating members importer related codebase this legacy module was spotted. It's not used anywhere and doesn't serve any particular purpose.
2021-07-20 17:44:25 +04:00
Naz
ce1711735f Swapped to American English spellings
refs 16728a3ef1

- Same reason as in refed commit, ltdc:
 - Traditionally all of Ghost's public-facing text was written in British English
 - We're changing that to US English because that's more common
 - US English should also be used in code e.g. properties are called color not colour
2021-07-20 17:27:24 +04:00
Fabien 'egg' O'Carroll
fc754c980f
Added missing comment to members .well-known mount
refs https://github.com/TryGhost/Team/issues/664

This was missed as part of PR review, as it is a non-standard mount location a comment
should be included to help our future selves!

PR: https://github.com/TryGhost/Ghost/pull/13163#discussion_r673066080
2021-07-20 13:58:29 +01:00
Daniel Lockyer
3ea9a6dff1
Updated Ghost-Admin to v4.10.0 2021-07-20 13:45:53 +01:00
Fabien O'Carroll
1962591c2e 🔒 Fixed permissible method for Integration Model
refs https://github.com/TryGhost/Ghost/security/advisories/GHSA-j5c2-hm46-wp5c

The permissible method of models overrides all permission logic, which
means we must manually check the user & api key permissions before
continuing.
2021-07-20 13:43:29 +01:00
Fabien 'egg' O'Carroll
264fb51a87
Exposed Members pub keys on /members/.well-known/ (#13163)
refs https://github.com/TryGhost/Team/issues/664

The new WellKnownController and middleware handles exposing a JSON Web
Key Set for us.

In order to serve the keys on /members/.well-known/jwks.json without a
trailing slash, we must mount the wellKnown middleware before the
frontend.
2021-07-20 13:19:31 +01:00
Naz
9a26ee9125 Added checkEmailList alpha labs flag
closes https://github.com/TryGhost/Team/issues/911

- See refed issue
2021-07-20 13:59:36 +04:00
Peter Zimon
94234e1505 Updated copy for tiers CTA
- Updated "product" copy to "tier" in the default content CTA  when members need to be on a different plan to have access to a post.
2021-07-19 13:14:37 +02:00
Fabien 'egg' O'Carroll
c0f32b7746
Replaced usage of Error with @tryghost/errors (#13161)
refs 2f1123d6ca

Usage of the raw Error class has been deprecated in favour of our own
errors, which are more descriptive and have built in HTTP status codes.

This also updates the same errors to use @tryghost/tpl for the error
messages, which is the new pattern we are following in order for us to
deprecate the i18n module.
2021-07-19 11:46:38 +01:00
Kevin Ansfield
e5db28db00 Removed use of i18n in snippets controllers
no issue

- i18n is deprecated in favour of `tpl`
- normalized method syntax so `add` matches the rest of the controller's methods (fixed a complexity warning but was not the primary intention)
2021-07-19 11:08:55 +01:00
Naz
810b052e01 Removed use of deprecated new Error() syntax
refs 2f1123d6ca
refs 6f1a3e1774

- As per refed commits, we are removing deprecated use of `new Error()` in the codebase
- Exposed few internal from commands module methods for easier testing, otherwise it was turning into neverending mocking show
2021-07-19 21:31:31 +12:00
Naz
4c4af001e6 Removed use of deprecated new Error() syntax
refs 2f1123d6ca
refs 6f1a3e1774

- As per refed commits, we are removing deprecated use of `new Error()` in the codebase
2021-07-19 21:31:31 +12:00
Naz
a266c64130 Removed use of deprecated new Error() syntax
refs 2f1123d6ca
refs 6f1a3e1774

- As per refed commits, we are removing deprecated use of `new Error()` in the codebase
2021-07-19 21:31:31 +12:00
Fabien 'egg' O'Carroll
1af2b50dcf
Added userAuth brute middleware to members auth endpoint (#13152)
refs https://github.com/TryGhost/Team/issues/696

The userAuth spam prevention logic is reused, but a new piece of
middleware has to be created so that we can use a custom lookup key to
conatin the member email.

We must also add json parsing middleware to the route so that the brute
middleware can read the email.

The express body-parser middleware handles multiple instances on the
same route, so this doesn't cause problems upstream.

https://github.com/expressjs/body-parser/blob/1.19.0/lib/types/json.js#L99-L103
2021-07-19 09:40:38 +01:00
Naz
d1b569075f Decreased coupling of frontend routing to server api
refs https://github.com/TryGhost/Team/issues/527
refs https://github.com/TryGhost/Ghost/issues/10790

- Frontent has to have as few as possible coupling points with the Ghost Server API. By design that point has been a "proxy.api" property that will become more and more constraint in the future based to limit the surface of frontend interaction with servers's API
- Removing `.../server/api` requires in favor of using a proxy decreases direct coupling
2021-07-19 19:45:54 +12:00
Rishabh
07dd783a40 🐛 Fixed error on saving member with existing label
closes https://github.com/TryGhost/Team/issues/743

Unlike tags, a label has a unique constraint on its `name`. So saving a new label on member with the same name as existing label fails with error due to unique constraint error.

- adds id for new label to match existing label if they are the same name, which avoids creating a new label
2021-07-16 14:01:47 +05:30
Kevin Ansfield
9b963cef63 Added featureImgDragDrop alpha labs flag
refs https://github.com/TryGhost/Team/issues/884

- used by Admin whilst working on drag/drop support and design
2021-07-15 16:01:34 +01:00
Fabien 'egg' O'Carroll
71ba9f3d17
Readded support for comped status in event aggregate (#13142)
refs https://github.com/TryGhost/Team/issues/880

The aggregate for `paid_delta` was incorrect as it did not handle the
case where an event went from paid->comped or from comped->paid. This
resulted in an overcount for paid members.
2021-07-15 15:17:51 +01:00
Naz
9870aff8f0 Fixed slow-running scheduling default test
refs https://github.com/TryGhost/Team/issues/860

- Slow unit tests cause longer waiting time to deliver code to main. Before this fix the test was taking a whooping 6s on average
- The main cause of the delay was a downstream's package (got) default retry logic that was taking up a lot of time bypassing the retry logic present in the default scheduler itself
2021-07-15 13:50:59 +04:00
Kevin Ansfield
9c5a25b060 🐛 Fixed alt="null" for feature image in emails
no issue

- when no alt text was set for feature images we were incorrectly rendering `alt="null"` in emails
2021-07-15 09:44:34 +01:00
Fabien O'Carroll
62ee693310 Lazily instantiated express-session middleware
refs https://github.com/TryGhost/Team/issues/756

When running the tests it was possible for this middleware to be
instantiated before the settings cache, resulting in an undefined
'session_secret' setting being passed. This would cause tests to fail.

Tracking this down proved difficult, so the fix was made here, by
instantiating the express-session middleware only once a request needs
to use it, we can be confident that Ghost has completely started.
2021-07-14 17:19:53 +01:00
Naz
5ea8e9b926 Removed use of deprecated new Error() syntax
refs 2f1123d6ca
refs 6f1a3e1774

- As per refed commits, we are removing deprecated use of `new Error()` in the codebase
- This bit cleans up the rest of `new Error()` usage in MEGA service
2021-07-14 19:17:35 +04:00