Commit Graph

29414 Commits

Author SHA1 Message Date
renovate[bot]
d0103a6b31 Update sentry-javascript monorepo to v7.12.0 2022-09-01 08:48:54 +01:00
Daniel Lockyer
4505b2f3f5
Cleaned up npmignore entries for Casper
- we ignore some files within Casper via the Core .npmignore, but this
  was outdated
- `.csscomb.json` and `.yarnrc` do not exist in the repo anymore
- `yarn.lock` should be added because this is the bundled theme files
  and we don't expect to be editing them again
2022-09-01 08:22:01 +01:00
Naz
945ebd4806
Fixed ERR_NOCK_NO_MATCH warning during test runs
refs https://github.com/TryGhost/Toolbox/issues/389

- The e2e test suite log was full of ERR_NOCK_NO_MATCH warnings when the logging level was set to "warn". The cause of this warning was legit duplicated webhook trigger processing on test environment. Gah!
- The source of duplicate webhook processing was duplication of event handlers. Event handlers were registered multiple times for same event because of the singleton nature of the "common/events" module - it remains the same instance and is not cleaned up between reboots. The deeper issue of events module initialization should be solved separately, this slightly hacky approach fixes the problem now and highlights it to be tackled in the future.
2022-09-01 12:25:47 +08:00
Naz
88e0ae892c
Fixed typo 2022-09-01 11:01:15 +08:00
Kevin Ansfield
41313f6993 Replaced emberx-file-input addon with in-app implementation
refs https://github.com/TryGhost/Team/issues/1734

- resolves some deprecations raised by the addon which has fallen out of regular maintenance
- we were largely overriding much of the addon so the additional code was minimal, most of the changes were from updating to modern patterns
2022-08-31 22:21:31 +01:00
renovate[bot]
36ac8ccb41
Update dependency knex to v2.3.0 2022-08-31 20:32:37 +00:00
renovate[bot]
87a97726c6
Update dependency human-number to v2.0.1 2022-08-31 19:21:36 +00:00
Daniel Lockyer
b376b0c4c9 Removed icon files from packaged tarball
refs 6290fd6deb

- following the referenced commit, all SVG icons should only be used
  with svg-jar and not externally loaded
- this means we are now shipping all the icon files in the packaged tarball, but
  they're unused once Admin is built
- this commit prevents the icons from being copied and bundled
2022-08-31 18:06:42 +01:00
Sanne de Vries
989c3ddd77 Fixed linting error 2022-08-31 16:57:13 +01:00
Sanne de Vries
6290fd6deb Cleaned up non-inlined usage of svg icons
No issue
2022-08-31 16:49:11 +01:00
renovate[bot]
405d1acec5 Update dependency @tryghost/express-test to v0.11.3 2022-08-31 16:42:28 +01:00
Sanne de Vries
bef49576ba Fixed svg titles appearing in tests
Refs 038600c350

- In the reference commit I update config so that svg titles are only removed in production. This causes them to show in tests which causes tests to fail. Config has now been updated to only include svg titles in development.
2022-08-31 16:10:23 +01:00
James Morris
2a198c367e Reverting back some changes to try and fix failed tests
no issue
2022-08-31 16:07:12 +01:00
Kevin Ansfield
5985316b01 Only show failed tests in Admin CI output 2022-08-31 15:53:27 +01:00
Sanne de Vries
e7c25f84df Deleted unused image files
No issue
2022-08-31 15:48:17 +01:00
Fabien 'egg' O'Carroll
2ff81cc5d3
🔒 Fixed rate limiting for user login (#15336)
refs https://github.com/TryGhost/Team/issues/1074

Rather than relying on the global block to stop malicious actors from
enumerating email addresses to determine who is and isn't a user, we
want our user login brute force protection to be on an IP basis,
rather than tied to the username.
2022-08-31 10:33:42 -04:00
James Morris
ae28cdffbb Fixed the test for new member page based on changes
no issue
2022-08-31 15:16:32 +01:00
Sanne de Vries
038600c350 Prettified markup and added titles to all SVGs 2022-08-31 15:02:12 +01:00
Daniel Lockyer
874c696893
Fixed showing actor icons for deleted actors
refs https://github.com/TryGhost/Toolbox/issues/356

- if an actor has been deleted, their icon would just be blank
- we want to show the default user icon
- to accommodate this, and to improve some code along the way, I've also
  added `include=actor` to the API request so we get the actor inline in
  the response instead of sending off another request
- I should really switch to using models + the store at some point to
  cleanup parsing all the API responses manually
2022-08-31 14:57:41 +01:00
James Morris
d5bf2027dc Improved the members table on mobile
no issue
2022-08-31 14:48:06 +01:00
Daniel Lockyer
c2b399fc2c Fixed warning about aborted connection in tests
refs https://github.com/TryGhost/Toolbox/issues/389

- if we enable warning logs in E2E tests, we get a bunch of error
  messages saying `ERROR Unhandled rejection: aborted` coming from the
  SQLite DB reset code
- specifically, it's coming from the line that resets the DB by copying
  the file
- this line was initially added because we would see random SQLite
  "malformed database" errors
- I have a feeling that was due to something else, but I can't be sure
- I'm also not sure how else we should shut the DB connection, as this
  is the recommended way but it throws an unhandled rejection
- this commit is a bit of a gamble because I'm not actually sure what
  was causing the problem, but it gets rid of the errors locally and
  doesn't regress on the random failures
2022-08-31 12:15:30 +01:00
Daniel Lockyer
f04666ef52
Removed Admin production build test
- this was originally added because we had an issue with a production
  build of Admin during a release
- since then, we've got a canary build that runs for every commit on
  `main`
- I think this test is superfluous now, so this commit removes it and
  saves ~6 mins of CI time per commit
2022-08-31 11:21:22 +01:00
Peter Zimon
6483a068d4 Fixed responsive bug for What's new page
refs. https://github.com/TryGhost/Toolbox/issues/356

- The updated What's new page contained unnecessary buttons with external links on smaller size screens
2022-08-31 11:58:29 +02:00
Daniel Lockyer
7a2f766668
Added logging configuration option for timestamps to use the local timezone
fixes https://github.com/TryGhost/Ghost/issues/15190
refs https://github.com/TryGhost/framework/pull/76

- log output always uses UTC timestamps, but it may be desirable to
  configure logs to use the local machine timezone
- a new config option has been added to `@tryghost/logging` so you can
  switch the logs to the local timezone
- this commit bumps the package and sets the default config option to
  `false`, so it doesn't suddenly change the timezone of the logs
- docs will be updated soon but if you'd like to use the
  timezone-altered timestamps, you can set `logging.useLocalTime` to
  `true`
- credits to https://github.com/levee223 for the implementation and PR
2022-08-31 10:29:55 +01:00
Daniel Lockyer
e897efe842
Moved bundling to the end of prepack steps
- in its current form, bundling will happen before we build Admin
- Admin complains because the version in its package.json for
  `@tryghost/members-csv` is different to the one linked in the monorepo
- by putting bundling at the end, we write the new package versions
  after we've already built Admin, so this issue should go away
2022-08-31 08:48:47 +01:00
renovate[bot]
5a359be582 Update dependency knex-migrator to v5.0.4 2022-08-31 07:36:17 +00:00
David Kolosowski
0c28fc2286
Removed BB dep from url service (#14939)
refs: #14882

- Usage of bluebird is deprecated in favour of using native promises
2022-08-30 17:23:47 +01:00
Daniel Lockyer
d7500e0ad1
Merged v5.12.2 into main
v5.12.2
2022-08-30 16:58:46 +01:00
Ghost CI
a2edc7ea1b v5.12.2 2022-08-30 16:58:26 +01:00
Simon Backx
8cd2b3182a
🐛 Fixed commenting on tier-only posts (#15333)
fixes https://github.com/TryGhost/Team/issues/1860

**Problem:**
Members were not able to comment on a post that was only visible for members with a specific tier.

**Causes:**
Content gating was done on models with missing relations.
- The products relation was not loaded on the member when doing content gating
- The tiers relation was not loaded on the post when doing content gating

**Tests:**
- Added for tier-only posts
- Added for paid-only commenting
2022-08-30 16:48:47 +01:00
Simon Backx
aec2badc6c
🐛 Fixed removing comped subscriptions for members with active subs (#15332)
fixes https://github.com/TryGhost/Team/issues/1859

**Problem:**
When for some reason a member has an active subscription (or legacy comped subscription) for product A, and a comped subscription for product B. You cannot remove comped subscription B.

**Fixed by:**
Updating the API to allow more flexible product changes on members.
- Allow the removal of (comped) products on a member, as long as that product doesn't have a related subscription
- (still) allow the addition of comped products to a member, as long as that member doesn't have other active subscriptions. This matches the existing behaviour, but now this is only checked for added products.
- Includes tests for these edge cases
2022-08-30 16:48:44 +01:00
Kevin Ansfield
80400fd303 Fixed linter error
no issue

- removal of unused import was missed after removing it's usage
2022-08-30 16:48:37 +01:00
Kevin Ansfield
bc185665a4 Removed use of ember-route-action-helper
refs https://github.com/TryGhost/Ghost/issues/14101
refs https://github.com/TryGhost/Team/issues/1734

- use of the helper was generating deprecation warnings when building Admin
- removed the single usage in favor of using `{{perform}}` directly on a controller task property as there was no need to go via the route
- changed naming of task properties to include a `...Task` suffix so it's clear when dealing with a task object
2022-08-30 16:44:50 +01:00
Kevin Ansfield
5bd66fd8b7 Migrated users.index controller to Octane patterns
refs https://github.com/TryGhost/Ghost/issues/14101

- dropped use of `{{action}}`
- dropped use of computed properties in favor of getters
2022-08-30 16:44:50 +01:00
Kevin Ansfield
5eec9c8ce2 Migrated <GhUserInvited> to Glimmer component
refs https://github.com/TryGhost/Ghost/issues/14101
2022-08-30 16:44:50 +01:00
Simon Backx
4282ead3a7
🐛 Fixed commenting on tier-only posts (#15333)
fixes https://github.com/TryGhost/Team/issues/1860

**Problem:**
Members were not able to comment on a post that was only visible for members with a specific tier.

**Causes:**
Content gating was done on models with missing relations.
- The products relation was not loaded on the member when doing content gating
- The tiers relation was not loaded on the post when doing content gating

**Tests:**
- Added for tier-only posts
- Added for paid-only commenting
2022-08-30 17:38:58 +02:00
Simon Backx
e7786ca482
🐛 Fixed removing comped subscriptions for members with active subs (#15332)
fixes https://github.com/TryGhost/Team/issues/1859

**Problem:**
When for some reason a member has an active subscription (or legacy comped subscription) for product A, and a comped subscription for product B. You cannot remove comped subscription B.

**Fixed by:**
Updating the API to allow more flexible product changes on members.
- Allow the removal of (comped) products on a member, as long as that product doesn't have a related subscription
- (still) allow the addition of comped products to a member, as long as that member doesn't have other active subscriptions. This matches the existing behaviour, but now this is only checked for added products.
- Includes tests for these edge cases
2022-08-30 17:36:52 +02:00
Sanne de Vries
dbfcc5a733 Deleted all unused svg icons 2022-08-30 15:36:46 +01:00
Daniel Lockyer
0b0401d593 v5.12.1 2022-08-30 11:56:45 +01:00
Fabien 'egg' O'Carroll
21e473ff78
🐛 Fixed newsletters not rendering with non-HTML safe chars (#15331)
Co-authored-by: Kevin Ansfield <kevin@lookingsideways.co.uk>
2022-08-30 11:26:01 +01:00
renovate[bot]
9355c6d8fa
Update dependency mailgun.js to v8.0.1 2022-08-30 08:10:52 +00:00
Daniel Lockyer
8e3b611606
Fixed early return when there are no new email batches
- the code in question had the intention of returning early if no new
  email batches had been created for an Email
- there were 2 minor bugs here:
  - `batchIds` would end up being an array of an array of strings
    because we just push an array in without the spread operator
  - we would compare that the returned array equaled zero, which was
    never the case
- this commit fixes these minor issues and adds JSDoc to document the
  function's return type
2022-08-30 08:55:38 +01:00
Daniel Lockyer
fcd6360869
Cleaned up asset-delivery env config
- this is no longer needed because we don't do env-specific builds
2022-08-30 08:24:48 +01:00
Naz
8af8905fa9
Updated comments around API access
no issue

- While auditing the access rights to endpoints have come across the "stable" / "experimental" notes that do not make any sense in the current approach towards the API. Every endpoint that's documented and exposed just "is" there no stable/unstable/canary/whatever distinction in the Admin API since Ghost v5
- Staff tokens were also acked as a separate way to access the API, so we have them in mind when modifying the access-list
2022-08-30 11:41:18 +08:00
renovate[bot]
619af026d6
Update dependency luxon to v3.0.3 2022-08-29 18:37:24 +00:00
renovate[bot]
ced7f41112
Update Test & linting packages 2022-08-29 15:21:11 +00:00
renovate[bot]
df2a97032d Update dependency testem to v3.9.0 2022-08-29 16:19:01 +01:00
Simon Backx
f2da1229d8
Removed unused support email verificaton endpoints (#15328)
fixes https://github.com/TryGhost/Team/issues/1679

These endpoints are safe to be removed, as they are only used by the admin app and usage has been removed over there. It is very unlikely that this endpoint has been used in a third party integration (in which case they will get a notification email).
2022-08-29 15:16:13 +02:00
Elijah
3c94812ee5
Added missing return in create-stripe-update-session
no issue

- Return was missing for `res.end` if an invalid subscription_id was passed
- Added explicit `text/plain` `Content-Type` headers to error messages to avoid MIME sniffing

Signed-off-by: Elijah Conners <business@elijahpepe.com>
Co-authored-by: Simon Backx <simon@ghost.org>
2022-08-29 14:02:58 +02:00
Peter Zimon
16dc2be3cf Fixed post status UI bug
no refs.

- due to a regression the padding on the left of the post status indicator was set to zero
2022-08-29 10:59:56 +02:00