closes https://github.com/TryGhost/Toolbox/issues/351
- When an invalid value was passed in `roles` parameter when editing a user it resulted in incorrect database state (all roles appeared to be unassigned from the user).
- The fix includes ability to set user role by an allowed name, one of: 'Administrator', 'Editor', 'Author', 'Contributor'.
- Also added a validation in case a non-ObjectID value is passed in roles to the users edit method.
fixes https://github.com/TryGhost/Team/issues/1652
fixes https://github.com/TryGhost/Ghost/issues/13319
**Image formatting**
Added support for changing the format of images via the `handle-image-sizes` middleware (e.g. format SVG to png, jpeg, webp)
This change was required:
- Not all browsers support SVG favicons, so we need to convert them to PNGs
- We can't fit image resizing and formatting in the `serve-favicon` middleware: we need to store the resized image to avoid resizing on every request. This system was already present in the `handle-image-sizes` middleware.
To format an uploaded image:
- Original URL: https://localhost/blog/content/images/2022/05/giphy.gif
- To resize: https://localhost/blog/content/images/size/w256h256/2022/05/giphy.gif (already supported)
- To resize and format to webp: https://localhost/blog/content/images/size/w256h256/format/webp/2022/05/giphy.gif
- Animations are preserved when converting Gifs to Webp and in reverse, and also when only resizing (https://github.com/TryGhost/Ghost/issues/13319)
**Favicons**
- Custom favicons are no longer served via `/favicon.png` or `/favicon.ico` (only for default favicon), but use their full path
- Added support for uploading more image extensions in Ghost as a favicon: .jpg, .jpeg, .gif, .webp and .svg are now supported (already supported .png and .ico).
- File extensions other than jpg/jpeg, png, or ico will always get transformed to the image/png format to guarantee browser support (webp and svg images are not yet supported as favicons by all browsers).
For all image formats, other than .ico files:
- Allowed to upload images larger than 1000px in width and height, they will get cropped to 256x256px.
- Allowed uploading favicons that are not square. They will get cropped automatically.
- Allowed to upload larger files, up to 20MB (will get served at a lower file size after being resized)
For .svg files:
- The minimum size of 60x60px is no longer required.
For .ico files:
- The file size limit is increased to 200kb (coming from 100kb)
- This PR was created by deleting all .snap files & running the tests
- The result is that all tests that have been removed or renamed have had their now-unused snaps deleted
refs https://github.com/TryGhost/Team/issues/1650
Since we introduced calculated settings, we need to return all settings when editing a setting, because those calculated settings can change.
- When editing settings, return all the settings. Previously we didn't include the calculated settings (which caused issues with admin not having up to date values for those)
- Updated Stripe <head> script to be injected based on the calculated settings
Required for https://github.com/TryGhost/Admin/pull/2405
refs TryGhost/Team#1641
This commit adds a custom query for the members export, to improve the performance and to prevent any timeouts from happening when exporting large amounts of members.
Co-authored-by: Simon Backx <simon@ghost.org>
Co-authored-by: Matt Hanley <git@matthanley.co.uk>
refs https://ghost.slack.com/archives/C02G9E68C/p1652980792270029
- When bulk unsubscribing members, the number of deleted newsletter relations are returned instead of the number of members with newsletters that were cleared
- Updates members-api to 8.1.0, which uses this new option to delete newsletter relations by member_id instead of the id of the relation (which allows us to fetch the number of successfully/failed member deletes) Changes: https://github.com/TryGhost/Members/pull/400
- Added tests for bulk unsubscribe and bulk delete labels (because they both use the updated bulkDestroy method)
refs https://github.com/TryGhost/Team/issues/1642
- Updated `members-csv` (dependency via `members-importer`, shouldn't this be a separate dependency too?) package to use the `tiers` field instead of the (removed) products field.
- Added basic test to see if products and labels are returned in the csv.
refs https://github.com/TryGhost/Toolbox/issues/335
- When eventually the major will be bumped next week the returned version will become `5.0.0` which changes the `content-length` header in all of the responses using the version from package.json
- The version number is dynamic, so it's expected the content-length to float as minor and patch versions fluctuate in 1-2 digit numbers. For lon-term easy maintenance it's best to set the content-length to any number (or maybe some sort of floating range in the future?)
- filtering member list on `tier:tier-slug` was failing as it only accepted member.product column
- member table needed to expand the tier filter to use product naming for filtering to work
refs https://github.com/TryGhost/Team/issues/1637
The `stripe_connect_integration_token` setting is required for the Stripe
Connect flow to work. The existing `stripe_connect_*` settings are also not able
to be edited. So we've updated the allow list to remove those, and add the one
required for the Stripe Connect flow.
This reverts commit ae3a0e93fc.
- flag is still used in the `@tryghost/members-api` package
- reverting for now pending a more complete commit with a bumped members-api package
refs https://github.com/TryGhost/Team/issues/1575
- Updates the admin-api-schema to reflect new data structure
- Updates members-api to allow Portal to use new data structure
- Data is only mapped at the serialised level to avoid changing the underlying implementation
- Ensure only one version of domain-events present in yarn.lock
refs: https://github.com/TryGhost/Team/issues/1625
- Ensure that we maintain a list of exactly which settings can be edited
- Bypass this for internal settings changes for now
- TODO: use the settingsBreadService internally instead of the api directly
refs: https://github.com/TryGhost/Team/issues/1625
- none of the other fields are useful externally, so don't expose them
- "liberal in what we accept, conservative in what we send"
refs: https://github.com/TryGhost/Team/issues/1625
- type was renamed to group, and type is used to store the actual value type
- we no longer need any backwards compatibility for the old concept of type
refs https://github.com/TryGhost/Team/issues/1621
We want to allow previewing emails based on the selected newsletter. The post model doesn't get a newsletter attached until a publish occurs so we can't use `post.newsletter` and need to give the option of specifying which newsletter to preview via query params.
- added support for `newsletter` query param on the `GET /email_previews/posts/:id/` endpoint where the value is a newsletter slug
- updated `generateEmailContent()` signature to use an options object because the order of memberSegment/newsletter arguments doesn't matter and is difficult to reason about if not named
- adjusted `generateEmailContent()` to fetch the newsletter matching the provided slug, falling back to the default newsletter if no slug is provided
refs https://github.com/TryGhost/Team/issues/1596
- Renamed `newsletter_id` to `newsletter` option, the `newsletter` option expects a slug instead of an id
- Renamed `email_recipient_filter` to `email_segment` option
- Default `email_segment` to `all`. Ignored if no newsletter is set
- `email_segment` is ignored if no newsletter is set
- When reverting a post to a draft, both `newsletter` and `email_segment` are reset to their default values (null, all)
- Removed legacy mapping from old email_recipient_filter values 'paid' and 'free' (already a migration in place)
- Dropped legacy throwing errors when email_recipient_filter is paid or free in transformEmailRecipientFilter
- Reorganized transformEmailRecipientFilter parameters for the now required newsletter parameter
- Fixed an issue where the newsletter filter wasn't working because it wasn't in permittedoptions
- Fixed an issue where you could send to an archived newsletter
- Added an extra protection when scheduling to an active, and later archiving the newsletter
- Dropped support for `send_email_when_published` in API
- When importing posts we currently don't have a system in place to set the newsletter_id to map the `send_email_when_published` behaviour. Since this was already the case, I won't include a fix in this PR.
- Stripped `email_recipient_filter`/`email_segment` from Content API (https://ghost.slack.com/archives/C02G9E68C/p1652363211841359?thread_ts=1650623650.233229&cid=C02G9E68C)
- Updated `admin-api-schema` to 3.2.0, which includes the new email_segment property
- Contains a temporary fix for https://github.com/TryGhost/Team/issues/1626, where the `.related('newsletter').fetch` call fails when the newsletter relation is already loaded, because of the overridden `formatOnWrite` method.
Since the `email_recipient_filter` is no longer used without a newsletter, the `none` value is no longer used. A migration transforms all those values to `all`. This should be safe, because we only send an email now when newsletter_id is not null (scheduled posts should already have a newsletter_id, even if at the time of scheduling they didn't add the newsletter_id option, because at that time, we defaulted to the default newsletter).
Admin changes to make this work: https://github.com/TryGhost/Admin/pull/2380
refs: TryGhost/Team#1625
refs: TryGhost/Team#1558
- none of these settings are actively used anymore
Co-authored-by: Daniel Lockyer <hi@daniellockyer.com>
ref: https://github.com/TryGhost/Team/issues/1145
ref: 8f8b7e7364
- The /products/ endpoint was replaced with /tiers/ some time ago but we didn't finish the switch
- The work is complete now, so can remove the endpoint entirely and cleanup remaining usages
refs https://github.com/TryGhost/Team/issues/1599
- adds `portal_*` settings to public settings endpoint
- adds calculated `firstpromoter_account` setting for public settings endpoint
- also adds Ghost `version` information
refs: https://github.com/TryGhost/Toolbox/issues/327
- lang / locale has had a lot of churn, but we decided this setting should always be locale
- session_secret is too generic as we have multiples of these
refs https://github.com/TryGhost/Team/issues/1583
- Check limits when unarchiving newsletters
- Added tests for more scenarios
- When editing/adding newsletters, the limit check happens in the same transaction.
- `limit-service` was bumped to add transactions support
- Added transaction support for edit in newsletter service
refs https://github.com/TryGhost/Toolbox/issues/314
- The API principle guiding this change is the Robustness Principle: "be conservative in what you send, be liberal in what you accept". The API will start accepting any additional properties that are not explicitly defined in the schema for the resource and will be trimming any rogue properties that are sent in the payload
refs https://github.com/TryGhost/Team/issues/1603
When previewing a scheduled/published post via Post editor menu > E-mail newsletter > Preview in browser. The e-mail template from the default newsletter was used instead of the newsletter that was selected when scheduling the post.
- These settings no longer exist, having been renamed to timezone and lang
- As of 5.0 we no longer need any kind of backwards compatibility outside of the importer
- We making breaking changes and cleaning up as many old code paths as possible
- We have not really exposed the admin Settings API, meaning backwards compatibility was more for internal use
- We will be changing lang back to locale, but that's a separate issue and won't need backwards compatibility
refs https://github.com/TryGhost/Toolbox/issues/309
- this column is not used and I was going to add `validation` to it but
it's better to clean it up and re-add the column if we need it again
refs: https://github.com/TryGhost/Team/issues/626
- calculated settings are simplified settings (booleans) that are based on other settings or data
- they make it easier for us to determine what state features are in elsewhere in ghost e.g. admin and themes
- this duplicates some of the members config concepts in the settings service
refs https://github.com/TryGhost/Toolbox/issues/325
- this was used for an alpha proof-of-concept for member activity data
collection but we're rethinking the strategy so this is the easiest
way to ensure it can't be enabled when the database table has been deleted
refs https://github.com/TryGhost/Toolbox/issues/309
- this column is now a calculated value based upon the relation of a
member to a newsletter
- we should no longer need `subscribed`, so this migrations cleans up
the column in the DB
refs https://ghost.slack.com/archives/C02G9E68C/p1651939076681719
Cause:
- When a scheduled post was published via the post scheduler, no `newsletter_id` option is passed when editing the post.
- When editing a post via the posts service, without the `newsletter_id` option, the `newsletter_id` option is automatically set to the default newsletter's id.
- Inside the post model, this new `newsletter_id` was not saved, because it was already set, and changing it is prevented.
- The `mega` service wasn't using the (unchanged) post's newsletter_id, but used the option instead, which contained the default newsletter's id.
Fix:
- Always using the newsletter_id from the post and requiring the newsletter associated with a post to exist.
- This behaviour can be/is tested by publishing a scheduled post without any option.
Also cleaned up some `Object.assign` usages.
refs https://github.com/TryGhost/Toolbox/issues/230
- The `author_id` column is gone, so is the support for filtering posts by single author's id. Using author's slug(s) is the closest alternative to achieve the same result
