Commit Graph

39153 Commits

Author SHA1 Message Date
Kevin Ansfield
709ee163e3 Bumped Portal
ref https://linear.app/tryghost/issue/PLG-152

- updates tips and donations success states
2024-08-27 19:30:27 +01:00
Kevin Ansfield
f613f42bec Updated donation success states
closes https://linear.app/tryghost/issue/PLG-152

- switched member success to a notification
- updated non-member success modal to include signup and signin links
2024-08-27 19:30:27 +01:00
Daniel Lockyer
2757ef70fa Revert "🐛 Fixed frontend routing prioritizing collections over built in routes (#20765)"
refs https://app.incident.io/ghost/incidents/102

- this reverts commit c0471f0c28
2024-08-27 18:04:27 +02:00
Daniel Lockyer
d5bac91feb
Revert "🐛 Fixed frontend routing prioritizing collections over built in routes (#20765)"
This reverts commit c0471f0c28.
2024-08-27 17:31:08 +02:00
Daniël van der Winden
af0338b504
Rewrote the publish modal logic and layout (#20832)
Removed unnecessary code, rewrote it in places where we were repeating
ourselves, and followed the new layout for posts + emails.
2024-08-27 15:22:11 +00:00
Daniël van der Winden
344f440de9
Updated the buttons in the publish flow modals (#20831)
Buttons were previously part of the bookmark card, but that's no longer
the case. This makes it easier to scale between different types of
posts/emails.
2024-08-27 13:06:19 +00:00
Sodbileg Gansukh
528ed010a0
Fixed Radix UI related custom validity error (#20829)
ref DES-755

- a direct child of a form control primitive should be a form element
- for TextField component, a div was the direct child
- this moves the input element to the form control primitive
2024-08-27 12:59:52 +02:00
Sodbileg Gansukh
0cf987ebff
Fixed Radix UI related custom validity error (#20829)
ref DES-755

- a direct child of a form control primitive should be a form element
- for TextField component, a div was the direct child
- this moves the input element to the form control primitive
2024-08-27 18:17:39 +08:00
Ronald Langeveld
9449e0a048
Added donations checkout session unit tests (#20827)
ref PLG-196

- Added comprehensive unit tests to cover various scenarios for the
createDonationCheckoutSession function.
- Verified correct handling of customer object, customerEmail and
metadata.
- Ensured accurate parameter passing to Stripe API, including
success_url and cancel_url.
2024-08-27 12:36:43 +09:00
Ghost CI
8fc8dc72e6 Merged v5.90.1 into main 2024-08-26 23:37:15 +00:00
Ghost CI
46e9b20479 v5.90.1 2024-08-26 23:37:13 +00:00
Steve Larson
2df2c7f120 Bumped Portal (#20826)
ref https://github.com/TryGhost/Ghost/issues/20767
2024-08-26 18:20:43 -05:00
Steve Larson
5622a29fc1 Fixed Portal honeypot field (#20825)
ref INC-97
ref https://github.com/TryGhost/Ghost/issues/20767
- finishes wiring up the honeypot fied
- updates state handing to properly set the value
- maintains honeypot field across page changes within portal

There isn't a single previous commit to point to here since they didn't
get squashed. We added a honeypot field to help mitigate bot signup
activity. It's hidden, and if filled out, we can anticipate it's a bot.
Right now this just logs to Ghost while we collect data.
2024-08-26 18:20:35 -05:00
Steve Larson
d24af3bd50
Bumped Portal (#20826)
ref https://github.com/TryGhost/Ghost/issues/20767
2024-08-26 23:06:27 +00:00
Steve Larson
22fcd21fbb
Fixed Portal honeypot field (#20825)
ref INC-97
ref https://github.com/TryGhost/Ghost/issues/20767
- finishes wiring up the honeypot fied
- updates state handing to properly set the value
- maintains honeypot field across page changes within portal

There isn't a single previous commit to point to here since they didn't
get squashed. We added a honeypot field to help mitigate bot signup
activity. It's hidden, and if filled out, we can anticipate it's a bot.
Right now this just logs to Ghost while we collect data.
2024-08-26 22:51:57 +00:00
renovate[bot]
cfc4c08200 Pin dependency @opentelemetry/instrumentation-runtime-node to 0.6.0 2024-08-26 18:34:34 +02:00
renovate[bot]
400ccfafef Update dependency @sinonjs/fake-timers to v11.3.1 2024-08-26 14:08:32 +02:00
Peter Zimon
65b6978482 Updated layout switch 2024-08-26 14:02:47 +02:00
Peter Zimon
6530cd535e Added basic inbox view 2024-08-26 14:02:47 +02:00
Djordje Vlaisavljevic
8cbdecfc7f Added static design for Search page
ref https://linear.app/tryghost/issue/AP-352/search-for-mastodon-usernames-in-ghost-admin
2024-08-26 14:02:47 +02:00
Djordje Vlaisavljevic
6171a417de Updated design of Notes in the feed and in the drawer
ref https://linear.app/tryghost/issue/AP-282/render-notes-in-the-frontend
2024-08-26 14:02:47 +02:00
Djordje Vlaisavljevic
5b70fc6b1c Added design for Profile component
ref https://linear.app/tryghost/issue/AP-305/profile-viewer-component-that-can-render-activitypub-actor-data
2024-08-26 14:02:47 +02:00
Djordje Vlaisavljevic
366d683d7b Fixed time not being converted properly
ref https://linear.app/tryghost/issue/AP-131/show-nice-relative-timestamps
2024-08-26 14:02:47 +02:00
Sodbileg Gansukh
2a212bfff4
Publish flow improvements and bug fixes (#20824)
ref DES-731

- improved mobile styles for the social buttons in the modal
- fixed the flow for publishing/scheduling pages
- redirect to post list only when a post doesn't involve any email
2024-08-26 17:02:00 +08:00
Amel Sućeska
0673ca9627
Improved Bosnian translations (#20667)
Comprehensive, context aware, Bosnian translations for all available
strings.

Informal addressing of users (as is widely accepted in Bosnia and
Herzegovina).

Minor text fixes.
2024-08-26 14:59:09 +07:00
renovate[bot]
91e8aa1271 Update dependency jsdom to v24.1.3 2024-08-26 09:44:19 +02:00
Ghost CI
ef031728cc v5.90.0 2024-08-23 15:05:10 +00:00
Chris Raible
5f9c0d21c5
Added eventLoopUtilization instrumentation behind config (#20819)
ref
https://linear.app/tryghost/issue/ENG-1505/start-monitoring-event-loop-utilization-in-production-with

- The two main constraints we've observed in Ghost are the database connection pool and the CPU usage. However, there is a third constraint that we may be hitting, but can't currently observe: the event loop.
- This commit re-enabled OpenTelemetry (behind a config flag), removes the problematic tracing instrumentation which was breaking the frontend, and adds a Prometheus endpoint to export the eventLoopUtilization metric.
- This should give us visibility into whether we are hitting constraints in the event loop and address the root cause if we are.
2024-08-22 19:16:53 -07:00
Sam Lord
9ca513bfdd Added logging when honeypot field is hit
ref KTLO-1
2024-08-22 22:32:04 +01:00
Sam Lord
56a9fa34af Fixed names of tests for Portal honeypot field
ref KTLO-1
2024-08-22 22:32:04 +01:00
Sam Lord
0a9d2fadba Added honeypot field to prevent bot signup/signin
ref KTLO-1
Should prevent untargeted attacks using headless browser bots.
2024-08-22 22:32:04 +01:00
Sam Lord
244e612f53 Use config flag to change whether token integrity is checked
ref KTLO-1
Allows us to get this out to self-hosters much faster
2024-08-22 22:23:16 +01:00
Sam Lord
23c0882019 Added tests for request integrity token validation 2024-08-22 22:23:16 +01:00
Sam Lord
ebc87002ce Added integrity token to signup-form package
ref KTLO-1
2024-08-22 22:23:16 +01:00
Sam Lord
ef4f79370f Added support in Portal for integrity tokens on magic link API
ref KTLO-1
These tokens should prevent untargeted attacks, as the magic link
endpoint needs a token that was generated by the server, similar to a
CSRF token, but without needing any server-side state, or a cookie to
be set for unauthenticated users.
2024-08-22 22:23:16 +01:00
Sam Lord
a48b4e5cbf Added integrity token API & middleware for magic link requests
ref KTLO-1
Back-end implementation of request integrity tokens. The purpose here
is to prevent simple web bots from spamming the signup form.
2024-08-22 22:23:16 +01:00
Steve Larson
0053939185
Improved email analytics jobs system (#20809)
ref https://linear.app/tryghost/issue/ENG-952
- added persistence to the job timestamps

This set of changes reduces the potential for gaps in our email event
processing by adding persistence to the job timestamps. This avoids
expensive queries on the `email_recipients` table after every boot, and
reduces reliance on fallbacks in periods of heavy processing or reboot.

This is our first use of the jobs table to create a persistent line,
instead of its initial use case of single-run jobs. We may expand this
capability and move to use of the jobs model over knex.raw in order to
make this a bit friendlier.

Note: this works with sqlite but datetimes are stored as ints. It still
works fine. https://github.com/knex/knex/pull/5272
2024-08-22 15:20:42 -05:00
Steve Larson
827518c98b
🐛 Fixed shift selection in the posts list (#20818)
ref https://linear.app/tryghost/issue/ENG-1489/

The changes to improve posts loading in admin broke the shift selection
functionality. This restores that, as we need to be able to crawl across
the (now) three models when present.
2024-08-22 13:15:06 -05:00
Daniël van der Winden
7c992825ed
Publish modal updates (#20817)
The new modal for the updated publishing flow has an entirely new
layout, based on feedback previously received. In addition, this PR
includes a few tweaks to the underlying logic.
2024-08-22 14:49:29 +00:00
Steve Larson
cd7c27d3ad
🐛 Fixed fetching labels and offers in the editor (#20815)
ref https://linear.app/tryghost/issue/ONC-263/
- labels dropdown in sign up card was not successfully fetching labels
- offers dropdown suffered the same fate

When introducing the second editor instance, it appears we ran into some
race conditions with the Ember tasks used to fetch the resources. The
init instance was beating the other to the punch, and so the state was
never successfully updated, as it is only fetched once on mounting the
card.
2024-08-22 08:55:33 -05:00
Princi Vershwal
f984fbd47e
🎨 Improved the performance of the /members/events/ aggregated_click_event endpoint (#20790)
Ref https://linear.app/tryghost/issue/ONC-216/improve-the-performance-of-the-membersevents-aggregated-click-event
2024-08-22 18:26:10 +05:30
Ronald Langeveld
f2206fb232
Added one-time payments under "payments" for filtering (#20807)
ref PLG-153

- Scoped one-time payments (`donation_event`) under the "payments"
category in the member activity feed filter.
- Updated `toggleEventType` logic to ensure that toggling "payments"
also toggles one-time payments when the `tipsAndDonations` feature is
enabled.
- Refactored event type handling into utility functions for easier
testing.
- Added unit tests for the new utility functions to ensure correct
behaviour.
- Added acceptance testing.
2024-08-22 10:26:46 +00:00
Ronald Langeveld
ad3751bfa6
Added i18n support to tips and donations on portal (#20812)
ref PLG-159

- wrapped strings inside the translate function in Portal
- added new strings to i18n files
2024-08-22 15:28:08 +07:00
Princi Vershwal
309cb37cc6
Updated nql package (#20811)
Ref [ONC-216](https://linear.app/tryghost/issue/ONC-216/improve-the-performance-of-the-membersevents-aggregated-click-event)

Needed changes in nql package for this task.
2024-08-22 07:55:14 +00:00
Chris Raible
6d46dc26c7
🔒 Fixed admin forms defaulting to GET method (#20810)
ref
https://linear.app/tryghost/issue/ENG-1497/admin-signin-signup-and-setup-forms-default-to-get

- If method is not specified, the form will default to GET, which is
incorrect
- This commit sets the method to POST and action to javascript:void(0)
to prevent the form from submitting via GET if JavaScript is disabled or
not fully loaded yet
2024-08-21 15:49:52 -07:00
Chris Raible
c0471f0c28
🐛 Fixed frontend routing prioritizing collections over built in routes (#20765)
ref
https://linear.app/tryghost/issue/ONC-242/frontend-routing-prioritizes-collections-over-taxonomies

- Under a fairly specific edge case with a collection route that conflicts with a default, built-in route ("taxonomy" — like tags, authors, etc), the frontend routing would prioritize the collection over the taxonomy.

- For example, with the following in a custom `routes.yaml`:
```
collections:
  /:
    permalink: /{primary_tag}/{slug}/
    template: index
```

If a post exists with the same slug as its primary tag's slug, the frontend routing would redirect the `/tag/{slug}/` route to the post in the collection, rather than serving the tag itself.

- This commit changes that, so if a collection's route conflicts with e.g. a `/tag/{slug}/` default route, Ghost will still return the built in route, rather than the collection.
2024-08-21 13:45:59 -07:00
Kevin Ansfield
f08e4d4728 Hid tips and donation settings when Stripe is disabled
closes https://linear.app/tryghost/issue/PLG-178

- updated conditional to ensure we're ready for GA by showing when Stripe is enabled rather than only when the feature flag is enabled
2024-08-21 16:12:00 +01:00
Kevin Ansfield
b01d4287ad Fixed Admin test failures when running in Safari
no issue

- Safari's `innerText` sometimes includes a trailing `\n` depending on the markup used so we need to use `.to.have.rendered.trimmed.text()`
- reproducible when running tests via http://localhost:4200/tests (we don't yet run in Safari via our testem config)
2024-08-21 12:58:11 +01:00
Kevin Ansfield
fc501add94 Fixed editor not loading in Admin acceptance tests
closes https://linear.app/tryghost/issue/PLG-176

The editor files were previously stubbed for testing because we didn't have a way to load the externally-hosted files. This made testing slow and difficult because the only way to test the Admin integration was via Ghost's e2e browser tests.

- unstubbed the editor globals so `fetchKoenigLexical()` actually tries to import the external assets
- updated `ember-cli-build` to copy the Koenig UMD file over to the assets directory in development/test builds
- updated `environment.js` to set the required filename for the default asset import to successfully hit the test environment hosted files
- updated lexical editor acceptance tests to demonstrate the editor loads successfully for new and existing posts
2024-08-21 11:49:05 +01:00
Ghost CI
2627dd6aa0 Merged v5.89.6 into main 2024-08-21 09:58:53 +00:00