Commit Graph

20480 Commits

Author SHA1 Message Date
Kevin Ansfield
c689414497
Added missing translation entries for Portal field placeholders, labels, and errors (#20858)
no issue

- added `t()` around static strings to allow them to be translated
- updated translation files, with context provided in `context.json`
2024-08-28 15:43:03 +00:00
Sanne de Vries
76f9b7982b
Updated donation email CTA's (#20857)
REF PLG-160
- Added link to member profile next to name in donation email
- Added "Say thanks" CTA to donation email without message
2024-08-28 16:37:25 +02:00
Hannah Wolfe
0a7093b7dd
Updated Config API testing to use snapshot + unit tests (#20854)
- Swap the e2e config API test to use our newer framework, and match against a
snapshot for the default case
- Move the individual test cases to unit tests (new file) - there are more to add
here, but this is parity with what we had before
- We use unit tests for checking through various cases for how config
changes modify the output as this is faster and more explicit
2024-08-28 14:29:17 +01:00
Hannah Wolfe
ac345aa84d Removed unused billing url from config API
ref 40cedb84ff (diff-dba52cb217f89ed45931ded5618ce83294fc32cf4a8dec73aa605c65441331b3R43)
ref 639be25f1d/ghost/core/core/server/api/endpoints/utils/serializers/output/config.js

- This was moved under hostSettings very early on in development and should have been cleaned up
- As this property wasn't listed in the output serializer, we know it's not being used anywhere
- We can see from the limit code that it looks for hostSettings.billing.url
2024-08-28 13:49:13 +01:00
Hannah Wolfe
9e45822dbb
Removed unused items from config API (#20851)
ref 
639be25f1d
ref
f705dda314

- These items are never returned from the API as they've been removed
from the serializer
- The tests also check that they are not present
- They were removed by the referenced commits, which changed how these
things were built
2024-08-28 13:25:05 +01:00
Ronald Langeveld
e8e1b8ea2f
Added donation message to Stripe and Email (#20828)
ref PLG-160

- Refactored donation handling logic to be processed within the
`checkout.session.completed` webhook event.
- Added support for capturing and storing donation messages from Stripe
sessions.
- Integrated donation messages into the email notifications sent to
staff.
- Added database integration.
- Removed redundant donation logic from the invoice.payment_succeeded
webhook, since custom fields isn't supported.
- Updated and added new tests

---------

Co-authored-by: Sanne de Vries <sannedv@protonmail.com>
2024-08-28 21:08:42 +09:00
Kevin Ansfield
32edc12cc2 Fixed error closing donation success modal
no issue

- when redirecting from Stripe back to Ghost after making a donation the URL contained a double slash (`//#/portal/...`) which triggered browser security errors when Portal modified the browser history stack when navigating
- the above could prevent the donation success modal from closing
2024-08-28 12:38:14 +01:00
renovate[bot]
1871269e8f
Update Koenig packages (#20849)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-08-28 13:10:57 +02:00
Sodbileg Gansukh
3b38ba3a29
Make split number helper handle empty value (#20848)
no issues
2024-08-28 10:47:03 +00:00
Daniël van der Winden
5cc3d943f2
Made the post preview card a link (#20846)
The modal in the new publish flow has a post preview card, which did not
link to the post itself. It does now (except when it's an email).
2024-08-28 10:08:25 +00:00
Sodbileg Gansukh
1afe96ae34
Added animation to the analytics numbers when refreshed (#20842)
ref DES-709

- when refresh button is clicked, the numbers in the analytics will be animated if changed
- for the animation to be performant, added a new dependency "animejs"
- to minimize the flash and layout shift, the analytics data is kept as it is while loading
- once finished loading, it will be replaced with the new data
2024-08-28 17:25:37 +08:00
Daniël van der Winden
1d17600f5d
Publishing flow: Social buttons update (#20841)
Updated the hover colour of the social buttons in the new publishing
flow's modal.
2024-08-28 08:42:56 +00:00
renovate[bot]
cfda52ead2 Update dependency gscan to v4.43.3 2024-08-28 10:10:54 +02:00
Ronald Langeveld
41e696f00f
Added migration to include donation_message in donation_payment_events (#20839)
ref PLG-197

- DB migration to add `donation_message` to `donation_payment_events`
table
2024-08-28 15:58:11 +09:00
Steve Larson
962194b595
Bumped Portal (#20837)
no ref
2024-08-27 21:29:40 +00:00
Ghost CI
291d48ecb7 Merged v5.90.2 into main 2024-08-27 21:29:17 +00:00
Ghost CI
eaf414a2de v5.90.2 2024-08-27 21:29:15 +00:00
Steve Larson
ae15e12ffc Reverted email analytics jobs commits (#20835)
ref https://linear.app/tryghost/issue/ENG-1518

After releasing the analytics job improvements, it appears for large
sites we're awfully close to missing some Mailgun events because of an
unexpected behavior of the aggregateStats call for just the opened
events job. This is taking 2-5x(+) the amount of time that the aggregate
queries take for the other jobs, despite not being dependent on the
events.

To err on the side of caution, we're going to roll this back and look to
optimize the aggregation queries before re-implementing. And we may be a
bit more cautious in giving _some_ but not _all_ priority to the
`opened` events.
2024-08-27 16:16:07 -05:00
Steve Larson
8f3985bc66
Reverted email analytics jobs commits (#20835)
ref https://linear.app/tryghost/issue/ENG-1518

After releasing the analytics job improvements, it appears for large
sites we're awfully close to missing some Mailgun events because of an
unexpected behavior of the aggregateStats call for just the opened
events job. This is taking 2-5x(+) the amount of time that the aggregate
queries take for the other jobs, despite not being dependent on the
events.

To err on the side of caution, we're going to roll this back and look to
optimize the aggregation queries before re-implementing. And we may be a
bit more cautious in giving _some_ but not _all_ priority to the
`opened` events.
2024-08-27 16:15:34 -05:00
Kevin Ansfield
709ee163e3 Bumped Portal
ref https://linear.app/tryghost/issue/PLG-152

- updates tips and donations success states
2024-08-27 19:30:27 +01:00
Kevin Ansfield
f613f42bec Updated donation success states
closes https://linear.app/tryghost/issue/PLG-152

- switched member success to a notification
- updated non-member success modal to include signup and signin links
2024-08-27 19:30:27 +01:00
Daniel Lockyer
2757ef70fa Revert "🐛 Fixed frontend routing prioritizing collections over built in routes (#20765)"
refs https://app.incident.io/ghost/incidents/102

- this reverts commit c0471f0c28
2024-08-27 18:04:27 +02:00
Daniel Lockyer
d5bac91feb
Revert "🐛 Fixed frontend routing prioritizing collections over built in routes (#20765)"
This reverts commit c0471f0c28.
2024-08-27 17:31:08 +02:00
Daniël van der Winden
af0338b504
Rewrote the publish modal logic and layout (#20832)
Removed unnecessary code, rewrote it in places where we were repeating
ourselves, and followed the new layout for posts + emails.
2024-08-27 15:22:11 +00:00
Daniël van der Winden
344f440de9
Updated the buttons in the publish flow modals (#20831)
Buttons were previously part of the bookmark card, but that's no longer
the case. This makes it easier to scale between different types of
posts/emails.
2024-08-27 13:06:19 +00:00
Ronald Langeveld
9449e0a048
Added donations checkout session unit tests (#20827)
ref PLG-196

- Added comprehensive unit tests to cover various scenarios for the
createDonationCheckoutSession function.
- Verified correct handling of customer object, customerEmail and
metadata.
- Ensured accurate parameter passing to Stripe API, including
success_url and cancel_url.
2024-08-27 12:36:43 +09:00
Ghost CI
8fc8dc72e6 Merged v5.90.1 into main 2024-08-26 23:37:15 +00:00
Ghost CI
46e9b20479 v5.90.1 2024-08-26 23:37:13 +00:00
Steve Larson
2df2c7f120 Bumped Portal (#20826)
ref https://github.com/TryGhost/Ghost/issues/20767
2024-08-26 18:20:43 -05:00
Steve Larson
d24af3bd50
Bumped Portal (#20826)
ref https://github.com/TryGhost/Ghost/issues/20767
2024-08-26 23:06:27 +00:00
renovate[bot]
cfc4c08200 Pin dependency @opentelemetry/instrumentation-runtime-node to 0.6.0 2024-08-26 18:34:34 +02:00
renovate[bot]
400ccfafef Update dependency @sinonjs/fake-timers to v11.3.1 2024-08-26 14:08:32 +02:00
Sodbileg Gansukh
2a212bfff4
Publish flow improvements and bug fixes (#20824)
ref DES-731

- improved mobile styles for the social buttons in the modal
- fixed the flow for publishing/scheduling pages
- redirect to post list only when a post doesn't involve any email
2024-08-26 17:02:00 +08:00
Amel Sućeska
0673ca9627
Improved Bosnian translations (#20667)
Comprehensive, context aware, Bosnian translations for all available
strings.

Informal addressing of users (as is widely accepted in Bosnia and
Herzegovina).

Minor text fixes.
2024-08-26 14:59:09 +07:00
Ghost CI
ef031728cc v5.90.0 2024-08-23 15:05:10 +00:00
Chris Raible
5f9c0d21c5
Added eventLoopUtilization instrumentation behind config (#20819)
ref
https://linear.app/tryghost/issue/ENG-1505/start-monitoring-event-loop-utilization-in-production-with

- The two main constraints we've observed in Ghost are the database connection pool and the CPU usage. However, there is a third constraint that we may be hitting, but can't currently observe: the event loop.
- This commit re-enabled OpenTelemetry (behind a config flag), removes the problematic tracing instrumentation which was breaking the frontend, and adds a Prometheus endpoint to export the eventLoopUtilization metric.
- This should give us visibility into whether we are hitting constraints in the event loop and address the root cause if we are.
2024-08-22 19:16:53 -07:00
Sam Lord
9ca513bfdd Added logging when honeypot field is hit
ref KTLO-1
2024-08-22 22:32:04 +01:00
Sam Lord
56a9fa34af Fixed names of tests for Portal honeypot field
ref KTLO-1
2024-08-22 22:32:04 +01:00
Sam Lord
0a9d2fadba Added honeypot field to prevent bot signup/signin
ref KTLO-1
Should prevent untargeted attacks using headless browser bots.
2024-08-22 22:32:04 +01:00
Sam Lord
244e612f53 Use config flag to change whether token integrity is checked
ref KTLO-1
Allows us to get this out to self-hosters much faster
2024-08-22 22:23:16 +01:00
Sam Lord
23c0882019 Added tests for request integrity token validation 2024-08-22 22:23:16 +01:00
Sam Lord
ef4f79370f Added support in Portal for integrity tokens on magic link API
ref KTLO-1
These tokens should prevent untargeted attacks, as the magic link
endpoint needs a token that was generated by the server, similar to a
CSRF token, but without needing any server-side state, or a cookie to
be set for unauthenticated users.
2024-08-22 22:23:16 +01:00
Sam Lord
a48b4e5cbf Added integrity token API & middleware for magic link requests
ref KTLO-1
Back-end implementation of request integrity tokens. The purpose here
is to prevent simple web bots from spamming the signup form.
2024-08-22 22:23:16 +01:00
Steve Larson
0053939185
Improved email analytics jobs system (#20809)
ref https://linear.app/tryghost/issue/ENG-952
- added persistence to the job timestamps

This set of changes reduces the potential for gaps in our email event
processing by adding persistence to the job timestamps. This avoids
expensive queries on the `email_recipients` table after every boot, and
reduces reliance on fallbacks in periods of heavy processing or reboot.

This is our first use of the jobs table to create a persistent line,
instead of its initial use case of single-run jobs. We may expand this
capability and move to use of the jobs model over knex.raw in order to
make this a bit friendlier.

Note: this works with sqlite but datetimes are stored as ints. It still
works fine. https://github.com/knex/knex/pull/5272
2024-08-22 15:20:42 -05:00
Steve Larson
827518c98b
🐛 Fixed shift selection in the posts list (#20818)
ref https://linear.app/tryghost/issue/ENG-1489/

The changes to improve posts loading in admin broke the shift selection
functionality. This restores that, as we need to be able to crawl across
the (now) three models when present.
2024-08-22 13:15:06 -05:00
Daniël van der Winden
7c992825ed
Publish modal updates (#20817)
The new modal for the updated publishing flow has an entirely new
layout, based on feedback previously received. In addition, this PR
includes a few tweaks to the underlying logic.
2024-08-22 14:49:29 +00:00
Steve Larson
cd7c27d3ad
🐛 Fixed fetching labels and offers in the editor (#20815)
ref https://linear.app/tryghost/issue/ONC-263/
- labels dropdown in sign up card was not successfully fetching labels
- offers dropdown suffered the same fate

When introducing the second editor instance, it appears we ran into some
race conditions with the Ember tasks used to fetch the resources. The
init instance was beating the other to the punch, and so the state was
never successfully updated, as it is only fetched once on mounting the
card.
2024-08-22 08:55:33 -05:00
Princi Vershwal
f984fbd47e
🎨 Improved the performance of the /members/events/ aggregated_click_event endpoint (#20790)
Ref https://linear.app/tryghost/issue/ONC-216/improve-the-performance-of-the-membersevents-aggregated-click-event
2024-08-22 18:26:10 +05:30
Ronald Langeveld
f2206fb232
Added one-time payments under "payments" for filtering (#20807)
ref PLG-153

- Scoped one-time payments (`donation_event`) under the "payments"
category in the member activity feed filter.
- Updated `toggleEventType` logic to ensure that toggling "payments"
also toggles one-time payments when the `tipsAndDonations` feature is
enabled.
- Refactored event type handling into utility functions for easier
testing.
- Added unit tests for the new utility functions to ensure correct
behaviour.
- Added acceptance testing.
2024-08-22 10:26:46 +00:00
Ronald Langeveld
ad3751bfa6
Added i18n support to tips and donations on portal (#20812)
ref PLG-159

- wrapped strings inside the translate function in Portal
- added new strings to i18n files
2024-08-22 15:28:08 +07:00