0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Commit graph

12875 commits

Author SHA1 Message Date
Renovate Bot
8f60bc0a57 Update dependency sqlite3 to v5 2021-04-15 16:03:39 +01:00
Renovate Bot
741fceeef4 Update dependency cssnano to v5 2021-04-15 14:41:55 +01:00
renovate[bot]
006a8a4a7c
Update dependency @tryghost/kg-card-factory to v2.2.2 (#12874)
Co-authored-by: Renovate Bot <bot@renovateapp.com>
2021-04-15 14:35:16 +01:00
Fabien 'egg' O'Carroll
22924c62d4
Added permissions for the Products resource (#12875)
refs https://github.com/TryGhost/Team/issues/616

All roles which can publish posts should be able to read/browse products, as content gating
will be based on products going forward.

Creating, updating & destroying products will often make modifications to Stripe which requires
Administrator or Owner roles.

We also improve the permissions tests so that we no longer rely on things being in a particular
order.
2021-04-15 14:34:45 +01:00
Renovate Bot
cc9dd4e414 Update dependency @tryghost/html-to-mobiledoc to v0.7.13 2021-04-15 14:12:27 +01:00
Renovate Bot
95f5a51cef
Update dependency js-yaml to v4.1.0 2021-04-14 21:51:55 +00:00
Fabien 'egg' O'Carroll
4fe417bcab
Added Product, StripeProduct & StripePrice relations (#12877)
refs https://github.com/TryGhost/Team/issues/586

We have to use `belongsToMany` because of the way bookshelf relations
work. In reality the relationship is 'hasMany', e.g. a Product has many
Stripe Prices.

These relations are the minimal needed to satisfy the following
relationships without transforming the results. (e.g. flattening the
StripePrices from a list of StripeProducts for a Product)

Product -> StripeProduct:       product.related('stripeProducts')
StripeProduct -> StripePrice:   stripeProduct.related('stripePrices');
Product -> StripePrice:         product.related('stripePrices');
StripePrice -> Product:         stripePrice.related('stripeProduct.product');
2021-04-14 19:20:39 +01:00
Daniel Lockyer
4be4af9c18
Reverted "Update dependency grunt-contrib-compress to v2"
- this reverts commit 1962fb6140
- I accidentally merged this thinking we were all good, but it turns out
  it needs Node >= 10.16, which we can't do until we drop Node 10 on
  April 20th 2021
- this is soon, but for now we need to revert
2021-04-14 15:13:05 +01:00
Renovate Bot
1962fb6140 Update dependency grunt-contrib-compress to v2 2021-04-14 14:50:17 +01:00
Renovate Bot
22ec756759 Update dependency @tryghost/mw-session-from-token to v0.1.18 2021-04-14 14:34:56 +01:00
Renovate Bot
25a1022292 Update dependency @tryghost/adapter-manager to v0.2.11 2021-04-14 14:32:20 +01:00
Renovate Bot
5cdbf046a5 Update dependency @tryghost/security to v0.2.7 2021-04-14 14:32:11 +01:00
Renovate Bot
519fbfcb2d Update dependency @tryghost/bootstrap-socket to v0.2.8 2021-04-14 14:32:00 +01:00
Renovate Bot
61ab968eb9 Update dependency @tryghost/zip to v1.1.11 2021-04-14 14:31:34 +01:00
Renovate Bot
d42af36234 Update dependency @tryghost/job-manager to v0.8.3 2021-04-14 12:07:49 +01:00
Renovate Bot
bd4a4f7b11 Update dependency @lodder/grunt-postcss to v3.0.1 2021-04-14 12:06:34 +01:00
Renovate Bot
17e3f833a8 Update dependency @tryghost/constants to v0.1.7 2021-04-14 11:03:42 +01:00
Renovate Bot
cf14d86e95 Update dependency @tryghost/errors to v0.2.10 2021-04-14 11:03:35 +01:00
Renovate Bot
33c44edb59 Update dependency @tryghost/vhost-middleware to v1.0.14 2021-04-14 11:03:12 +01:00
Renovate Bot
7b46d08291 Update dependency @tryghost/social-urls to v0.1.22 2021-04-14 11:03:04 +01:00
Renovate Bot
305ccdb2bd Update dependency @tryghost/promise to v0.1.7 2021-04-14 11:02:44 +01:00
Daniel Lockyer
7abf7f6068
Merged v4.2.1 into main
v4.2.1
2021-04-13 16:26:03 +01:00
Daniel Lockyer
7969859bc7
v4.2.1 2021-04-13 16:23:48 +01:00
Daniel Lockyer
ae94f82dc3
Updated Ghost-Admin to v4.2.1 2021-04-13 16:23:48 +01:00
Kevin Ansfield
ae1349c12d
🐛 Fixed markdown for linked images still being mangled in some cases
refs https://github.com/TryGhost/Team/issues/596
refs 95751a0e5f

- previous dependency bump of `@tryghost/url-utils` resulted in two versions being referenced in `yarn.lock` with the old buggy version still being used when performing URL transforms
- bumped `@tryghost/kg-default-cards` to up it's minimum allowed version of `@tryghost/url-utils` to force a `yarn.lock` update
- bumped `@tryghost/kg-markdown-html-renderer` to avoid two versions of that library being specified in `yarn.lock`
2021-04-13 16:18:47 +01:00
Kevin Ansfield
5a4ec50fea 🐛 Fixed markdown for linked images still being mangled in some cases
refs https://github.com/TryGhost/Team/issues/596
refs 95751a0e5f

- previous dependency bump of `@tryghost/url-utils` resulted in two versions being referenced in `yarn.lock` with the old buggy version still being used when performing URL transforms
- bumped `@tryghost/kg-default-cards` to up it's minimum allowed version of `@tryghost/url-utils` to force a `yarn.lock` update
- bumped `@tryghost/kg-markdown-html-renderer` to avoid two versions of that library being specified in `yarn.lock`
2021-04-13 15:58:46 +01:00
Hannah Wolfe
f247f6b3ef
Update ---bug-report.md 2021-04-13 10:53:36 +01:00
Rish
2c0d3b9b37 Added price and product models to members service
refs https://github.com/TryGhost/Team/issues/586

- Passes new Product, Stripe Price and Stripe Product models to members API service
- Allows members service to populate the tables for existing plans and products
2021-04-12 21:53:59 +05:30
Rish
5a659c9ebe Added models for stripe prices and products
refs https://github.com/TryGhost/Team/issues/586

Adds new models for stripe price and product tables
2021-04-12 21:53:59 +05:30
Rishabh Garg
eb66c715fd
Updated stripe prices table schema (#12863)
refs https://github.com/TryGhost/Team/issues/586

- Change the interval column to be `nullable` as one time payments won't have any interval
- Remove the `livemode` column as we store the connected account's livemode status at top level
2021-04-12 19:18:19 +05:30
Renovate Bot
fad527f7ba
Update dependency keypair to v1.0.3 2021-04-12 08:50:08 +00:00
Renovate Bot
e24b8ecb21
Update dependency eslint to v7.24.0 2021-04-09 23:29:58 +00:00
Thibaut Patel
44244871fe Added configurable limits to the theme management
issue https://github.com/TryGhost/Team/issues/590
2021-04-09 18:30:17 +02:00
Naz
b10cc5f62d Blocked webhooks when integration limit is in place
https://github.com/TryGhost/Team/issues/599

- When custom integration limit is enabled all webhooks belonging to integrations have to be disabled as well. The result is the webhook would stop working and to discover that a user would need to navigate to Admin UI (this changes is yet to come, see refed issue)
2021-04-10 00:48:46 +12:00
Naz
cb0807d07a Blocked requests from integrations when integration limit is in place
https://github.com/TryGhost/Team/issues/599

- When custom integration limit is enabled all requests from existing integrations should not be accepted. With the exception of internal integrations like backup and scheduler
2021-04-10 00:45:26 +12:00
Naz
edd0e26a78 Fixed limits realoding during soft Ghost restart
refs https://github.com/TryGhost/Team/issues/599

- This is a precursor change to tests which verify the hostSettings limits are working correctly
- Bumped limits-service version which allows for multiple calls of loadLimits on the same service instance
2021-04-10 00:08:17 +12:00
Naz
e5b13ee5d2 Added todo to users' schema to audit status field
no issue

- There is a valid subset of statuses that can be set for the users but there's no "isIn" validation for possible values
- Additionally some of the statuses like warn-1, warn-2, etc. don't have a clear usecase (or at least nothing was found in the codebase for them to be used). They might be up for removal if this assumption is correct
2021-04-09 18:59:38 +12:00
Fabien 'egg' O'Carroll
15b7485a94
Added Product model and Member model relation (#12859)
refs https://github.com/TryGhost/Team/issues/586

- Member model now has `products` relation, sorted using `sort_order`, following convention from `labels`
- Product model has handling to set `slug` from name, following convention of Label model
- Updated filter plugin to handle filtering Member models by their `product` relations e.g. `product:[slug, slug]`
2021-04-08 18:01:49 +01:00
Rishabh Garg
94766c05bf
Added stripe_products and stripe_prices tables (#12858)
refs https://github.com/TryGhost/Team/issues/586

- Add the `stripe_products` table, so that we can map Stripe Products to Products in Ghost
- Add the `stripe_prices` table, so that we can associate Stripe Prices to Products table
2021-04-08 20:41:00 +05:30
Fabien 'egg' O'Carroll
25182b7b82
Added products and members_products tables (#12844)
refs https://github.com/TryGhost/Team/issues/586

- Add the products table, so that we can store Products in Ghost 
- Add the members_products table, so that we can associate Members w/ Products
- Use sort_order on the members_products table to follow the same convention in members_labels
- Populate the products table with a single product, using the name from the stripe_product_name setting
- Populate the members_products table with relations based on the status column of the members table

Populating the tables allows us to transition from the current system, which does not care about products, into the
new system, where Products are used to group members. The intention is that all existing paid members have the
same product
2021-04-08 14:15:30 +01:00
Kevin Ansfield
bb19eddeae
Added DELETE /members/ to the Admin API for bulk member deletion (#12082)
refs https://github.com/TryGhost/Team/issues/585

- adds `DELETE /members/` route to the Admin API
- supports `?filter`, and `?search` query params to limit the members that are deleted
- `?all=true` is required if no other filter or query is provided
- uses `models.Member.bulkDestroy` which _will not_ cancel any Stripe subscriptions if members have them but _will_ clean up the Stripe relationship data in Ghost's database
2021-04-08 12:03:45 +01:00
Hannah Wolfe
c99dc2f0bc
Update ---bug-report.md 2021-04-07 08:57:20 +01:00
Naz
b677927322 Refactored api key auth to use async/await syntax
https://github.com/TryGhost/Team/issues/599

- Before introducing limit checks into this codebase rewrote the code to use async/await for more clarity and less nesting
2021-04-07 16:52:26 +12:00
Naz
42a3197f6d Updated dependency @tryghost/limit-service to v0.4.0
refs https://github.com/TryGhost/Team/issues/510

- This version bump includes follwing interface improvements of the limit-service package: passing in errors as a parameter to "loadLimits" and allowing for custom "currentCountQuery" method implementations per limit
2021-04-07 15:31:52 +12:00
Daniel Lockyer
efc674fda2
v4.2.0 2021-04-06 16:57:54 +01:00
Daniel Lockyer
ed6bb776ec
Updated Ghost-Admin to v4.2.0 2021-04-06 16:57:54 +01:00
Daniel Lockyer
ec26a35105
Updated Casper to v4.0.4 2021-04-06 16:57:51 +01:00
Rishabh Garg
dba2a2970b
Added migration to fix incorrect mrr events (#12837)
closes https://github.com/TryGhost/Team/issues/595

Due to a bug in `mrr_delta` calculation, we ended up reducing the MRR delta by twice the original amount when a subscription goes from active to canceled and storing it in `members_paid_subscription_events` table, which is used to show the MRR chart on Dashboard. The way we identify the incorrect events in the table which got the double negative value is by checking if they match certain criteria - Both `from_plan` and `to_plan` have same value as a subscription changes status while being on same plan.

This migration halves the `mrr_delta` for incorrect events to restore the correct MRR change for the site.
2021-04-06 21:14:54 +05:30
renovate[bot]
a6b3d5463d
🐛 Fixed incorrect MRR delta calculation (#12823)
refs https://github.com/TryGhost/Team/issues/595

The MRR delta calculation for subscription cancelation was incorrectly setting double negative of the original amount.

- Bumped to @tryghost/members-api@1.1.1 that includes the calculation fix
2021-04-06 19:54:28 +05:30
Renovate Bot
3861446c3d Update dependency cssnano to v4.1.11 2021-04-06 14:08:41 +01:00