no ref
- Portal was not set up in a way to allow for easy use of the i18n
module for errors, as they weren't a React component
- moved away from the class model to a functional component that could
utilize React state (AppContext)
I'm working on a different refactor that would convert more of Portal to
hooks & functional components so that the codebase is more consistent
and easier to read. This will have to work for the moment while that is
being done, as that's no small task.
closes https://linear.app/tryghost/issue/PLG-190
- often when adding portal links to your own site pages the URLs are added as absolute on the site's homepage due to copy+paste from displayed URLs in Admin
- when clicking absolute portal URLs the homepage is first loaded before the Portal popup is shown resulting in a slower and flashier experience
- added a transform for all local portal URLs on the page when Portal is initialized so links open the Portal popup immediately on the current page
no issue
- when redirecting from Stripe back to Ghost after making a donation the URL contained a double slash (`//#/portal/...`) which triggered browser security errors when Portal modified the browser history stack when navigating
- the above could prevent the donation success modal from closing
ref INC-97
ref https://github.com/TryGhost/Ghost/issues/20767
- finishes wiring up the honeypot fied
- updates state handing to properly set the value
- maintains honeypot field across page changes within portal
There isn't a single previous commit to point to here since they didn't
get squashed. We added a honeypot field to help mitigate bot signup
activity. It's hidden, and if filled out, we can anticipate it's a bot.
Right now this just logs to Ghost while we collect data.
ref KTLO-1
These tokens should prevent untargeted attacks, as the magic link
endpoint needs a token that was generated by the server, similar to a
CSRF token, but without needing any server-side state, or a cookie to
be set for unauthenticated users.
ref ONC-225
- Wires up the `editor_default_email_recipients` key to the settings
public / content api endpoint.
- This key is then wired up to Portal to determine whether it's hiding or
showing the Member subscribe toggle
ref https://linear.app/tryghost/issue/ENG-1464
- added redirect to sign in page when trying to access newsletter
management
If a user tries to access newsletter management when not logged in,
Portal requires sign in via magic link. This magic link didn't previous
redirect the user back to newsletter management, requiring some extra
clicks.
no ref
- while reviewing the newsletter flows, it was apparent that we were
missing test coverage
Some of the tests in Portal are a bit redundant with tests added for
child components, but it didn't seem worth removing them after getting
them to work. There was a bug in our Portal fixture data that requires a
few changes, as well as some small adjustments for making tests easier
(testing-lib-react has `getByTestId` and simply a `querySelector` to use
alternate test attributes).
Fixes
https://linear.app/tryghost/issue/DES-324/complimentary-plan-issues
We were showing renewal copy for subscriptions that are forever
complimentary. We also had a trailing en-dash in the Member detail
screen when their subscription was complimentary and had no end date.
Those things are solved now. We don't show dates or renewal copy when we
don't need to.
no issue
- the signup flow tests check whether the benefits of the available
tiers are rendering correctly. The test is based on a text match, which
sometimes fails because of duplicate benefit descriptions
- this fix makes the benefit descriptions less likely to be the same, by
using a timestamp in the randomisation function