From daeb06e835730306171a1c1882e5054542b57a4c Mon Sep 17 00:00:00 2001
From: Thibaut Patel <thibaut@ghost.org>
Date: Thu, 3 Feb 2022 09:03:59 +0100
Subject: [PATCH] Added a `theme` parameter to the `/authentication/setup`
 route

refs https://github.com/TryGhost/Team/issues/1296

- The `theme` must be a github `org/repo` string
- This uses the internal API instead of the services because the API has extra implementation details not present in the services.
---
 core/server/api/canary/authentication.js      |  8 ++++
 core/server/services/auth/setup.js            | 38 ++++++++++++++++++-
 .../api/admin/authentication.test.js          | 17 ++++++++-
 3 files changed, 61 insertions(+), 2 deletions(-)

diff --git a/core/server/api/canary/authentication.js b/core/server/api/canary/authentication.js
index eea36a1d10..5898a5f754 100644
--- a/core/server/api/canary/authentication.js
+++ b/core/server/api/canary/authentication.js
@@ -13,6 +13,7 @@ const apiSettings = require('./index').settings;
 const UsersService = require('../../services/users');
 const userService = new UsersService({dbBackup, models, auth, apiMail, apiSettings});
 const {deleteAllSessions} = require('../../services/auth/session');
+const labs = require('../../../shared/labs');
 
 const messages = {
     notTheBlogOwner: 'You are not the site owner.'
@@ -41,6 +42,7 @@ module.exports = {
                         email: frame.data.setup[0].email,
                         password: frame.data.setup[0].password,
                         blogTitle: frame.data.setup[0].blogTitle,
+                        theme: frame.data.setup[0].theme,
                         status: 'active'
                     };
 
@@ -53,6 +55,12 @@ module.exports = {
                         return data;
                     }
                 })
+                .then((data) => {
+                    if (labs.isSet('improvedOnboarding')) {
+                        return auth.setup.installTheme(data, api);
+                    }
+                    return data;
+                })
                 .then((data) => {
                     return auth.setup.doSettings(data, api.settings);
                 })
diff --git a/core/server/services/auth/setup.js b/core/server/services/auth/setup.js
index 07943f6075..8d37f0a9d2 100644
--- a/core/server/services/auth/setup.js
+++ b/core/server/services/auth/setup.js
@@ -149,11 +149,47 @@ function sendWelcomeEmail(email, mailAPI) {
     return Promise.resolve();
 }
 
+async function installTheme(data, api) {
+    const {theme: themeName} = data.userData;
+
+    if (!themeName) {
+        return data;
+    }
+
+    // Use the api instead of the services as the api performs extra logic
+    try {
+        const installResults = await api.themes.install({
+            source: 'github',
+            ref: themeName,
+            context: {internal: true}
+        });
+        const theme = installResults.themes[0];
+
+        await api.themes.activate({
+            name: theme.name,
+            context: {internal: true}
+        });
+    } catch (e) {
+        //Fallback to Casper by doing nothing as the theme setting update is the last step
+
+        await api.notifications.add({
+            notifications: [{
+                custom: true, //avoids update-check from deleting the notification
+                type: 'warn',
+                message: 'The installation of the theme you have selected wasn\'t successful.'
+            }]
+        }, {context: {internal: true}});
+    }
+
+    return data;
+}
+
 module.exports = {
     checkIsSetup: checkIsSetup,
     assertSetupCompleted: assertSetupCompleted,
     setupUser: setupUser,
     doSettings: doSettings,
     doProduct: doProduct,
-    sendWelcomeEmail: sendWelcomeEmail
+    sendWelcomeEmail: sendWelcomeEmail,
+    installTheme: installTheme
 };
diff --git a/test/regression/api/admin/authentication.test.js b/test/regression/api/admin/authentication.test.js
index 6fa1a0e07e..2f337828df 100644
--- a/test/regression/api/admin/authentication.test.js
+++ b/test/regression/api/admin/authentication.test.js
@@ -7,6 +7,10 @@ const framework = require('../../../utils/e2e-framework');
 const models = require('../../../../core/server/models');
 const settingsCache = require('../../../../core/shared/settings-cache');
 
+// Requires needed to enable a labs flag
+const sinon = require('sinon');
+const configUtils = require('../../../utils/configUtils');
+
 describe('Authentication API canary', function () {
     let agent;
     let emailStub;
@@ -41,6 +45,14 @@ describe('Authentication API canary', function () {
         });
 
         it('complete setup', async function () {
+            // Enable the improvedOnboarding flag
+            configUtils.set('enableDeveloperExperiments', true);
+            sinon.stub(settingsCache, 'get');
+            settingsCache.get.withArgs('labs').returns({
+                improvedOnboarding: true
+            });
+            settingsCache.get.callThrough();
+
             const res = await agent
                 .post('authentication/setup')
                 .body({
@@ -48,7 +60,8 @@ describe('Authentication API canary', function () {
                         name: 'test user',
                         email: 'test@example.com',
                         password: 'thisissupersafe',
-                        blogTitle: 'a test blog'
+                        blogTitle: 'a test blog',
+                        theme: 'TryGhost/Dawn'
                     }]
                 })
                 .expectHeader('Content-Type', 'application/json; charset=utf-8')
@@ -66,6 +79,8 @@ describe('Authentication API canary', function () {
             });
 
             expect(emailStub.called).to.be.true;
+
+            expect(await settingsCache.get('active_theme')).to.eq('dawn');
         });
 
         it('is setup? yes', async function () {