ghost/core/server/services/members/content-gating.js

const nql = require('@tryghost/nql');

// @ts-check
/** @typedef { boolean } AccessFlag */

const PERMIT_ACCESS = true;
const BLOCK_ACCESS = false;

// TODO: better place to store this?
const MEMBER_NQL_EXPANSIONS = [{
    key: 'labels',
    replacement: 'labels.slug'
}, {
    key: 'label',
    replacement: 'labels.slug'
}, {
    key: 'products',
    replacement: 'products.slug'
}, {
    key: 'product',
    replacement: 'products.slug'
}];

/**
 * @param {object} post - A post object to check access to
 * @param {object} member - The member whos access should be checked
 *
 * @returns {AccessFlag}
 */
function checkPostAccess(post, member) {
    if (post.visibility === 'public') {
        return PERMIT_ACCESS;
    }

    if (!member) {
        return BLOCK_ACCESS;
    }

    if (post.visibility === 'members') {
        return PERMIT_ACCESS;
    }

    let visibility = post.visibility === 'paid' ? 'status:-free' : post.visibility;
    if (visibility === 'tiers') {
        if (!post.tiers) {
            return BLOCK_ACCESS;
        }
        visibility = post.tiers.map((product) => {
            return `product:${product.slug}`;
        }).join(',');
    }

    if (visibility && member.status && nql(visibility, {expansions: MEMBER_NQL_EXPANSIONS}).queryJSON(member)) {
        return PERMIT_ACCESS;
    }

    return BLOCK_ACCESS;
}

module.exports = {
    checkPostAccess,
    PERMIT_ACCESS,
    BLOCK_ACCESS
};
✨ Added "contains" operator support to ?filter= query params (#14286) refs https://github.com/TryGhost/Team/issues/1408 - switched from `@nexes/nql` to `@tryghost/nql` and bumped `@tryghost/bookshelf-plugins` to get access to the latest NQL version across the app - adds "contains" operator support - `:~'string'` - contains - `:-~'string'` - does not contain - `:~^'string'` - starts with - `:-~^'string'` - does not start with - `:~$'string'` - ends with - `:-~$'string'` - does not end with - enables `'` escaping in strings, eg `'O\'Nolan'` 2022-03-09 13:02:17 +00:00			`const nql = require('@tryghost/nql');`
✨ Added support for gating content by member labels and products (#12946) refs https://github.com/TryGhost/Team/issues/581 closes https://github.com/TryGhost/Team/issues/582 Emails can now be sent to members with specific associated labels or products by specifying an NQL string. We want to bring the same members segment feature to content by allowing `visibility` to be an NQL filter string on top of the `public/members/paid` special-case strings. As an example it's possible to set `posts.visibility` to `label:vip` to make a post available only to those members with the `vip` label. - removed enum validations for `visibility` so it now accepts any string or `null` - bumped `@tryghost/admin-api-schema` for API-level validation changes - added nql validation to API input validators by running the visibility query against the members model - added transform of NQL to special-case visibility values when saving post model - ensures there's a single way of representing "members" and "paid" where NQL gives multiple ways of representing the same segment - useful for keeping theme-level checks such as `{{#has visibility="paid"}}` working as expected - updated content-gating to parse nql from post's visibility and use it to query the currently logged in member to see if there's a match - bumped @tryghost/members-api to include label and product data when loading member 2021-05-10 19:32:11 +01:00
Added content-gating module to members service no-issue This should be used as the central place to manage permissions to members content 2019-11-05 09:47:12 +07:00			`// @ts-check`
			`/** @typedef { boolean } AccessFlag */`

			`const PERMIT_ACCESS = true;`
			`const BLOCK_ACCESS = false;`

✨ Added support for gating content by member labels and products (#12946) refs https://github.com/TryGhost/Team/issues/581 closes https://github.com/TryGhost/Team/issues/582 Emails can now be sent to members with specific associated labels or products by specifying an NQL string. We want to bring the same members segment feature to content by allowing `visibility` to be an NQL filter string on top of the `public/members/paid` special-case strings. As an example it's possible to set `posts.visibility` to `label:vip` to make a post available only to those members with the `vip` label. - removed enum validations for `visibility` so it now accepts any string or `null` - bumped `@tryghost/admin-api-schema` for API-level validation changes - added nql validation to API input validators by running the visibility query against the members model - added transform of NQL to special-case visibility values when saving post model - ensures there's a single way of representing "members" and "paid" where NQL gives multiple ways of representing the same segment - useful for keeping theme-level checks such as `{{#has visibility="paid"}}` working as expected - updated content-gating to parse nql from post's visibility and use it to query the currently logged in member to see if there's a match - bumped @tryghost/members-api to include label and product data when loading member 2021-05-10 19:32:11 +01:00			`// TODO: better place to store this?`
			`const MEMBER_NQL_EXPANSIONS = [{`
			`key: 'labels',`
			`replacement: 'labels.slug'`
			`}, {`
			`key: 'label',`
			`replacement: 'labels.slug'`
			`}, {`
			`key: 'products',`
			`replacement: 'products.slug'`
			`}, {`
			`key: 'product',`
			`replacement: 'products.slug'`
			`}];`

Added content-gating module to members service no-issue This should be used as the central place to manage permissions to members content 2019-11-05 09:47:12 +07:00			`/**`
			`* @param {object} post - A post object to check access to`
			`* @param {object} member - The member whos access should be checked`
			`*`
			`* @returns {AccessFlag}`
			`*/`
			`function checkPostAccess(post, member) {`
			`if (post.visibility === 'public') {`
			`return PERMIT_ACCESS;`
			`}`

			`if (!member) {`
			`return BLOCK_ACCESS;`
			`}`

			`if (post.visibility === 'members') {`
			`return PERMIT_ACCESS;`
			`}`

Updated content gating to use new tiers visibility refs https://github.com/TryGhost/Team/issues/1071 - `tiers` are now attached as a list on post with restricted tiers access 2022-01-26 16:53:56 +05:30			`let visibility = post.visibility === 'paid' ? 'status:-free' : post.visibility;`
			`if (visibility === 'tiers') {`
🐛 Fixed post content gating error for themes using old api refs https://github.com/TryGhost/Team/issues/1071 We switched to using tiers pivot table that stores list of tiers with access to post when visibility is set to `tiers`. For themes using v3 API while having posts restricted to specific tiers visibility, the post data will not include the list of tiers, which caused an unexpected error while trying to determine post access from tiers list. This change blocks access to post if specific tiers visibility is enabled without data available for list of tiers on post. 2022-02-11 12:26:19 +05:30			`if (!post.tiers) {`
			`return BLOCK_ACCESS;`
			`}`
Updated content gating to use new tiers visibility refs https://github.com/TryGhost/Team/issues/1071 - `tiers` are now attached as a list on post with restricted tiers access 2022-01-26 16:53:56 +05:30			`visibility = post.tiers.map((product) => {`
			return `product:${product.slug}`;
			`}).join(',');`
			`}`
✨ Added support for gating content by member labels and products (#12946) refs https://github.com/TryGhost/Team/issues/581 closes https://github.com/TryGhost/Team/issues/582 Emails can now be sent to members with specific associated labels or products by specifying an NQL string. We want to bring the same members segment feature to content by allowing `visibility` to be an NQL filter string on top of the `public/members/paid` special-case strings. As an example it's possible to set `posts.visibility` to `label:vip` to make a post available only to those members with the `vip` label. - removed enum validations for `visibility` so it now accepts any string or `null` - bumped `@tryghost/admin-api-schema` for API-level validation changes - added nql validation to API input validators by running the visibility query against the members model - added transform of NQL to special-case visibility values when saving post model - ensures there's a single way of representing "members" and "paid" where NQL gives multiple ways of representing the same segment - useful for keeping theme-level checks such as `{{#has visibility="paid"}}` working as expected - updated content-gating to parse nql from post's visibility and use it to query the currently logged in member to see if there's a match - bumped @tryghost/members-api to include label and product data when loading member 2021-05-10 19:32:11 +01:00
			`if (visibility && member.status && nql(visibility, {expansions: MEMBER_NQL_EXPANSIONS}).queryJSON(member)) {`
Added content-gating module to members service no-issue This should be used as the central place to manage permissions to members content 2019-11-05 09:47:12 +07:00			`return PERMIT_ACCESS;`
			`}`

			`return BLOCK_ACCESS;`
			`}`

			`module.exports = {`
			`checkPostAccess,`
			`PERMIT_ACCESS,`
			`BLOCK_ACCESS`
			`};`