As multiple tiers is now GA, we want to allow devs to be able to work with Tiers and offers via content/Admin API. This change -
- updates fixtures to add permissions to admin integration role for new sites
- adds migration to update existing sites to have correct permissions for role
- whitelists add/edit/read/browse on tiers and offers API for integrations
refs https://github.com/TryGhost/Toolbox/issues/240
- As gscan's canary is about to be aliased to upcoming v5 version current version of Ghost should be using an explicit v4 checks.
- These will change to v5 once Ghost is doing final preparations for v5 release (on the branch most likely)
- This doesn't affect permissions, only permissions inside an endpoint config block does that
- Rather it creates an extra unused "endpoint" called identities.permissions
refs https://github.com/TryGhost/Toolbox/issues/169
- Before releasing Ghost v5 we would like to move all canary-related URLs to a non-versioned format, which will become a default in v5.
- 'canary' is by definition unstable, so breaking any unprepared client explicitly using the canary is expected
- Removed the aliased /content/ and /admin/ apps from app.js because with updated configuration they become duplicates of 'canary' endpoints
refs https://github.com/TryGhost/Team/issues/1267
Multiple tiers is coming out of beta -
- allows site owners to create multiple tiers
- allows setting individual welcome page for each tier
- allows setting visibility for individual tiers for portal and themes
refs: https://github.com/TryGhost/Team/issues/1369
Change already made for JSON responses in @tryghost/mw-error-handler, but this change also fixes the order of operations for displaying theme errors.
refs https://github.com/TryGhost/Team/issues/1363
- When uploading a zip of images in Settings > Labs > [Import], it will skip images that have an uppercase extension, citing an 'unsupported file type' error.
- Cause: Glob ignored those files when matching extensions in ImportManager
- Fix: Added nocase option where needed
- Extended tests to also test the processZip method of ImportManager with getFilesFromZip
- Added isValidZip for zip with uppercase image
- Cleaned up JSDoc in ImportManager, and replaced some older JS syntax
Fixed zipContainsMultipleDataFormats error never thrown:
When a zip combines two data formats, no error was thrown.
- The promise error was only returned in an _.each loop, but never thrown
- Previously when combining multiple data types in a zip file, no error got thrown
- Added a test for this error
- Also added a test for noContentToImport error
Other errors and fixes:
- Added missing length in getBaseDirectory check
- getContentTypes fixed (returned duplicate values). Type error came up after adding all JSDocs
- updated tests to match real types from JSDoc and pass type validations
- Rewrote some methods in the async await syntax
- Added tests for ImportManager clean up
- Our old fixtures were designed as a guide to getting started to Ghost, but they got in the way
- The old fixtures now live as part of ghost.org/resources - a living guide to starting with Ghost
- These new fixtures mean the site is ready to go as soon as it's setup
Co-authored-by: Hannah Wolfe <github.erisds@gmail.com>
- we send the roles data array in when we're changing the role of the
user
- if we send an empty array, we don't want to edit the user's role
- the code _thought_ that's what it was doing, but we only check the
falsiness of the array, which is truthy for `[]`
- it also needs to check the length of the array
- this commit includes a test which would fail with a 500 error without
the fix
refs https://github.com/TryGhost/Team/issues/1284
When you create a new post with a tag slug that contains spaces, those spaces will get replaced by dashes. But instead of reusing an existing tag, a new tag is always created.
- New tag slugs are cleaned up before matching with existing tags in the Post model onSaving method
- Cleaned up multiple loops in onSaving of Post model
- Cleaned up syntax when cleaning up tag slug
- Added tests for slugs with spaces
- Added test for too long tag slug causing duplication
no issue
- The support for the misformated roon imports was temporary anyway, based on the comments in code. It's also unecessary to keep around any code related to Roon as it's been _ages_ since anybody needed this kind of migration
refs https://github.com/nodeca/probe-image-size/blob/master/CHANGELOG.md#changed-1
- version 6 of `probe-image-size` switched from using `request` to
`needle`
- this means we need to update our options to reflect the changes
- we still use request in this file so I've duplicated the options for now
- also adds a few extra error codes to the catches because needle
reports different codes to request
refs https://github.com/nodeca/probe-image-size/blob/master/CHANGELOG.md#600---2020-11-04
- `probe-image-size` v6 now supports `.ico` files so we can
allow probing of dimensions via this library rather than falling back
to downloading the entire image via `image-size`
- also updates a test because .ico files no longer use the internal
request lib, which simplifies things a little bit
- Have ensured we have 100% coverage of core/server/api/shared/serializers/handle.js
- This meant I had to swap around two validation clauses as one was unreachable
- I have done this as I want to make some changes in this area of the codebase, and want to ensure we have tests
and a clear understanding of what this code does before I change it
refs https://github.com/TryGhost/Team/issues/1408
- switched from `@nexes/nql` to `@tryghost/nql` and bumped `@tryghost/bookshelf-plugins` to get access to the latest NQL version across the app
- adds "contains" operator support
- `:~'string'` - contains
- `:-~'string'` - does not contain
- `:~^'string'` - starts with
- `:-~^'string'` - does not start with
- `:~$'string'` - ends with
- `:-~$'string'` - does not end with
- enables `'` escaping in strings, eg `'O\'Nolan'`
Tiers will soon go to GA, and these small features that were added as part of tiers beta are now ready to go live as well along with tiers GA, so we are removing their flags and bumping them as part of tiers beta.
refs https://github.com/TryGhost/Team/issues/1420
- This changeset makes the "/ghost/api" base path for the APIs centralized in one place and reused by dependent modules. There are couple benefits this refactor brings: easy way to spot where the API base path is used (was hard to find it in regexp) and makes it easy to change the hardcoded path to a configurable one in the future (e.g. host all APIs under `domain.tld/custom-path/awesome-apis/posts`)
- I hear that scream from the back of your head: "But hey! This introduced coupling to url-utils!". To that my unswer is: "No. This change only makes the coupling explicit, it's been there already and now can be addressed if we need to!".
- A neat thing about his change, making the API work on a custom path is one line away, by moving the hardcoded `/ghost/api` to a config ;)
refs https://github.com/TryGhost/Team/issues/1417
- we no longer want to display a notification if theme install fails
- the notification has been removed so we fail silently, but log the warning
refs https://github.com/TryGhost/Team/issues/1387
Bumps portal with changes to handle new tier visibility property instead of portal plans/products setting. Also adds new UI refinements for tiers GA.
refs https://github.com/TryGhost/Team/issues/1387
This will allow us to move from the portal_products and portal_plans
settings to using the visibility property on tiers to determine whether
or not a tier should be visible in Portal.
This also fixes a bug with the Tiers Admin API read method permissions.
- we catch error arising from creating webhooks and check for specific codes
- if our error does not match one of those codes, we don't propagate the
error up
- this becomes a problem if saving a webhook fails for some other reason
because upstream code assumes we return an error or model
- this commit re-throws the error and adds a test that would have caught
this
https://github.com/TryGhost/Team/issues/1387
This is split into two migrations, one for the portal_products setting
and one for the portal_plans setting, as dealing with both of them in a
single migration led to too many branches.
refs https://github.com/TryGhost/Team/issues/1240
We were selectively invalidating cache on tier/product edit which was consistent with pattern for other APIs, but in case of tier/product, the model changed method always returns false due to how its setup. This change updates the edit to always invalidate cache, similar to tier add, to ensure sites don't see old tier values.
refs https://github.com/TryGhost/Team/issues/1004
Replaces {{products}} helper usage with updated {{tiers}} helper. Default output for {{tiers}} helper is the same as {{products}} helper.
refs https://github.com/TryGhost/Team/issues/1004
- adds new `{{tiers}}` helper behind `multipleProducts` flag
- `{{tiers}}` outputs a string with list of tiers that have access to specific post when used in a post context in theme
- outputs empty string when used out of a post context and without access to `visibility` property
- uses tiers attached to post column for data
refs https://github.com/TryGhost/Team/issues/1004
The output serializer for product was not handling `include` option value as comma separated string, which is passed via `#get` helper to fetch related prices for tiers. This change fixes the handling to work with both array as well as comma-separated include values.
refs https://github.com/TryGhost/Team/issues/1004
The `tiers` column for a post/page only contained data if its visibility is set to `tiers`, otherwise its empty. This is because originally the purpose of `tiers` column on `post` was to capture specific tiers with access to post.
The best way to ensure a consistent behavior for `tiers` column data on post is to update it to always contain list of all `tiers` that have access to post, and not just when the visibility is `tiers`. This means the value is set to all tiers when visibility is one of public|members, and only paid tiers when visibility is `paid`. This change also allows on frontend to get all relevant `tiers` information for a post locally within post context instead of relying on additional information from outside.
This change -
- updates the output serializer for post/page to add all desired tiers manually in case of visibility is not `tiers`
- updates tests
- We have an existing pattern for using `visibility: public` instead of `visible: true|false`
- We no-op the existing migration and roll forward so that we don't have to manually revert db changes