npm - ghost - Versions diffs - 4.15.0 → 4.17.1 - Mend

ghost 4.15.0 → 4.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

package/core/server/adapters/scheduling/post-scheduling/scheduler-intergation.js CHANGED Viewed

@@ -1,7 +1,11 @@
 const models = require('../../../models');
-const i18n = require('../../../../shared/i18n');
+const tpl = require('@tryghost/tpl');
 const errors = require('@tryghost/errors');
+const messages = {
+    resourceNotFound: '{resource} not found.'
+};
 /**
  * @description Load the internal scheduler integration
  *
@@ -12,9 +16,7 @@ const getSchedulerIntegration = function () {
         .then((integration) => {
             if (!integration) {
                 throw new errors.NotFoundError({
-                    message: i18n.t('errors.api.resource.resourceNotFound', {
-                        resource: 'Integration'
-                    })
+                    message: tpl(messages.resourceNotFound, {resource: 'Integration'})
                 });
             }
             return integration.toJSON();

package/core/server/adapters/storage/LocalFileStorage.js CHANGED Viewed

@@ -7,13 +7,19 @@ const path = require('path');
 const Promise = require('bluebird');
 const moment = require('moment');
 const config = require('../../../shared/config');
-const i18n = require('../../../shared/i18n');
+const tpl = require('@tryghost/tpl');
 const logging = require('@tryghost/logging');
 const errors = require('@tryghost/errors');
 const constants = require('@tryghost/constants');
 const urlUtils = require('../../../shared/url-utils');
 const StorageBase = require('ghost-storage-base');
+const messages = {
+    imageNotFound: 'Image not found',
+    imageNotFoundWithRef: 'Image not found: {img}',
+    cannotReadImage: 'Could not read image: {img}'
+};
 class LocalFileStore extends StorageBase {
     constructor() {
         super();
@@ -119,7 +125,7 @@ class LocalFileStore extends StorageBase {
                 if (err) {
                     if (err.statusCode === 404) {
                         return next(new errors.NotFoundError({
-                            message: i18n.t('errors.errors.imageNotFound'),
+                            message: tpl(messages.imageNotFound),
                             code: 'STATIC_FILE_NOT_FOUND',
                             property: err.path
                         }));
@@ -169,7 +175,7 @@ class LocalFileStore extends StorageBase {
                     if (err.code === 'ENOENT' || err.code === 'ENOTDIR') {
                         return reject(new errors.NotFoundError({
                             err: err,
-                            message: i18n.t('errors.errors.imageNotFoundWithRef', {img: options.path})
+                            message: tpl(messages.imageNotFoundWithRef, {img: options.path})
                         }));
                     }
@@ -183,7 +189,7 @@ class LocalFileStore extends StorageBase {
                     return reject(new errors.GhostError({
                         err: err,
-                        message: i18n.t('errors.errors.cannotReadImage', {img: options.path})
+                        message: tpl(messages.cannotReadImage, {img: options.path})
                     }));
                 }

package/core/server/api/canary/custom-theme-settings.js ADDED Viewed

@@ -0,0 +1,22 @@
+const customThemeSettingsService = require('../../services/custom-theme-settings');
+module.exports = {
+    docName: 'custom_theme_settings',
+    browse: {
+        permissions: true,
+        query() {
+            return customThemeSettingsService.listSettings();
+        }
+    },
+    edit: {
+        headers: {
+            cacheInvalidate: true
+        },
+        permissions: true,
+        query(frame) {
+            return customThemeSettingsService.updateSettings(frame.data.custom_theme_settings);
+        }
+    }
+};

package/core/server/api/canary/index.js CHANGED Viewed

@@ -153,6 +153,10 @@ module.exports = {
         return shared.pipeline(require('./snippets'), localUtils);
     },
+    get customThemeSettings() {
+        return shared.pipeline(require('./custom-theme-settings'), localUtils);
+    },
     get serializers() {
         return require('./utils/serializers');
     },

package/core/server/api/canary/members.js CHANGED Viewed

@@ -411,7 +411,7 @@ module.exports = {
             method: 'edit'
         },
         async query(frame) {
-            return membersService.api.members.bulkEdit(frame.data, frame.options);
+            return membersService.api.members.bulkEdit(frame.data.bulk, frame.options);
         }
     },

package/core/server/api/canary/redirects.js CHANGED Viewed

@@ -1,7 +1,7 @@
 const path = require('path');
 const web = require('../../web');
-const redirects = require('../../../frontend/services/redirects');
+const redirects = require('../../services/redirects');
 module.exports = {
     docName: 'redirects',
@@ -11,7 +11,7 @@ module.exports = {
             disposition: {
                 type: 'file',
                 value() {
-                    return redirects.settings.getRedirectsFilePath()
+                    return redirects.api.getRedirectsFilePath()
                         .then((filePath) => {
                             // TODO: Default file type is .json for backward compatibility.
                             // When .yaml becomes default or .json is removed at v4,
@@ -26,13 +26,13 @@ module.exports = {
         permissions: true,
         response: {
             async format() {
-                const filePath = await redirects.settings.getRedirectsFilePath();
+                const filePath = await redirects.api.getRedirectsFilePath();
                 return filePath === null || path.extname(filePath) === '.json' ? 'json' : 'plain';
             }
         },
         query() {
-            return redirects.settings.get();
+            return redirects.api.get();
         }
     },
@@ -42,7 +42,7 @@ module.exports = {
             cacheInvalidate: true
         },
         query(frame) {
-            return redirects.settings.setFromFilePath(frame.file.path, frame.file.ext)
+            return redirects.api.setFromFilePath(frame.file.path, frame.file.ext)
                 .then(() => {
                     // CASE: trigger that redirects are getting re-registered
                     web.shared.middlewares.customRedirects.reload();

package/core/server/api/canary/settings.js CHANGED Viewed

@@ -1,15 +1,14 @@
 const Promise = require('bluebird');
 const _ = require('lodash');
-const validator = require('@tryghost/validator');
 const models = require('../../models');
 const routeSettings = require('../../services/route-settings');
-const frontendSettings = require('../../../frontend/services/settings');
 const i18n = require('../../../shared/i18n');
-const {BadRequestError, NoPermissionError, NotFoundError} = require('@tryghost/errors');
+const {BadRequestError} = require('@tryghost/errors');
 const settingsService = require('../../services/settings');
-const settingsCache = require('../../../shared/settings-cache');
 const membersService = require('../../services/members');
+const settingsBREADService = settingsService.getSettingsBREADServiceInstance();
 module.exports = {
     docName: 'settings',
@@ -17,26 +16,7 @@ module.exports = {
         options: ['group'],
         permissions: true,
         query(frame) {
-            let settings = settingsCache.getAll();
-            // CASE: no context passed (functional call)
-            if (!frame.options.context) {
-                return Promise.resolve(settings.filter((setting) => {
-                    return setting.group === 'site';
-                }));
-            }
-            if (!frame.options.context.internal) {
-                // CASE: omit core settings unless internal request
-                settings = _.filter(settings, (setting) => {
-                    const isCore = setting.group === 'core';
-                    return !isCore;
-                });
-                // CASE: omit secret settings unless internal request
-                settings = settings.map(settingsService.hideValueIfSecret);
-            }
-            return settings;
+            return settingsBREADService.browse(frame.options.context);
         }
     },
@@ -55,41 +35,7 @@ module.exports = {
             }
         },
         query(frame) {
-            let setting;
-            if (frame.options.key === 'slack') {
-                const slackURL = settingsCache.get('slack_url', {resolve: false});
-                const slackUsername = settingsCache.get('slack_username', {resolve: false});
-                setting = slackURL || slackUsername;
-                setting.key = 'slack';
-                setting.value = [{
-                    url: slackURL && slackURL.value,
-                    username: slackUsername && slackUsername.value
-                }];
-            } else {
-                setting = settingsCache.get(frame.options.key, {resolve: false});
-            }
-            if (!setting) {
-                return Promise.reject(new NotFoundError({
-                    message: i18n.t('errors.api.settings.problemFindingSetting', {
-                        key: frame.options.key
-                    })
-                }));
-            }
-            // @TODO: handle in settings model permissible fn
-            if (setting.group === 'core' && !(frame.options.context && frame.options.context.internal)) {
-                return Promise.reject(new NoPermissionError({
-                    message: i18n.t('errors.api.settings.accessCoreSettingFromExtReq')
-                }));
-            }
-            setting = settingsService.hideValueIfSecret(setting);
-            return {
-                [frame.options.key]: setting
-            };
+            return settingsBREADService.read(frame.options.key, frame.options.context);
         }
     },
@@ -153,17 +99,7 @@ module.exports = {
         ],
         async query(frame) {
             const {email, type} = frame.data;
-            if (typeof email !== 'string' || !validator.isEmail(email)) {
-                throw new BadRequestError({
-                    message: i18n.t('errors.api.settings.invalidEmailReceived')
-                });
-            }
-            if (!type || !['fromAddressUpdate', 'supportAddressUpdate'].includes(type)) {
-                throw new BadRequestError({
-                    message: 'Invalid email type recieved'
-                });
-            }
             try {
                 // Send magic link to update fromAddress
                 await membersService.settings.sendEmailAddressUpdateMagicLink({
@@ -225,91 +161,23 @@ module.exports = {
         permissions: {
             unsafeAttrsObject(frame) {
                 return _.find(frame.data.settings, {key: 'labs'});
-            },
-            async before(frame) {
-                if (frame.options.context && frame.options.context.internal) {
-                    return;
-                }
-                const firstCoreSetting = frame.data.settings.find(setting => setting.group === 'core');
-                if (firstCoreSetting) {
-                    throw new NoPermissionError({
-                        message: i18n.t('errors.api.settings.accessCoreSettingFromExtReq')
-                    });
-                }
             }
         },
         async query(frame) {
+            let stripeConnectData;
             const stripeConnectIntegrationToken = frame.data.settings.find(setting => setting.key === 'stripe_connect_integration_token');
-            const settings = frame.data.settings.filter((setting) => {
-                // The `stripe_connect_integration_token` "setting" is only used to set the `stripe_connect_*` settings.
-                return ![
-                    'stripe_connect_integration_token',
-                    'stripe_connect_publishable_key',
-                    'stripe_connect_secret_key',
-                    'stripe_connect_livemode',
-                    'stripe_connect_account_id',
-                    'stripe_connect_display_name'
-                ].includes(setting.key)
-                    // Remove obfuscated settings
-                    && !(setting.value === settingsService.obfuscatedSetting && settingsService.isSecretSetting(setting));
-            });
-            const getSetting = setting => settingsCache.get(setting.key, {resolve: false});
-            const firstUnknownSetting = settings.find(setting => !getSetting(setting));
-            if (firstUnknownSetting) {
-                throw new NotFoundError({
-                    message: i18n.t('errors.api.settings.problemFindingSetting', {
-                        key: firstUnknownSetting.key
-                    })
-                });
-            }
-            if (!(frame.options.context && frame.options.context.internal)) {
-                const firstCoreSetting = settings.find(setting => getSetting(setting).group === 'core');
-                if (firstCoreSetting) {
-                    throw new NoPermissionError({
-                        message: i18n.t('errors.api.settings.accessCoreSettingFromExtReq')
-                    });
-                }
-            }
             if (stripeConnectIntegrationToken && stripeConnectIntegrationToken.value) {
                 const getSessionProp = prop => frame.original.session[prop];
-                try {
-                    const data = await membersService.stripeConnect.getStripeConnectTokenData(stripeConnectIntegrationToken.value, getSessionProp);
-                    settings.push({
-                        key: 'stripe_connect_publishable_key',
-                        value: data.public_key
-                    });
-                    settings.push({
-                        key: 'stripe_connect_secret_key',
-                        value: data.secret_key
-                    });
-                    settings.push({
-                        key: 'stripe_connect_livemode',
-                        value: data.livemode
-                    });
-                    settings.push({
-                        key: 'stripe_connect_display_name',
-                        value: data.display_name
-                    });
-                    settings.push({
-                        key: 'stripe_connect_account_id',
-                        value: data.account_id
-                    });
-                } catch (err) {
-                    throw new BadRequestError({
-                        err,
-                        message: 'The Stripe Connect token could not be parsed.'
-                    });
-                }
+                stripeConnectData = await settingsBREADService.getStripeConnectData(
+                    stripeConnectIntegrationToken,
+                    getSessionProp,
+                    membersService.stripeConnect.getStripeConnectTokenData
+                );
             }
-            return models.Settings.edit(settings, frame.options);
+            return await settingsBREADService.edit(frame.data.settings, frame.options, stripeConnectData);
         }
     },
@@ -321,8 +189,8 @@ module.exports = {
             method: 'edit'
         },
         async query(frame) {
-            await routeSettings.setFromFilePath(frame.file.path);
-            const getRoutesHash = () => frontendSettings.getCurrentHash('routes');
+            await routeSettings.api.setFromFilePath(frame.file.path);
+            const getRoutesHash = () => routeSettings.api.getCurrentHash();
             await settingsService.syncRoutesHash(getRoutesHash);
         }
     },
@@ -341,7 +209,7 @@ module.exports = {
             method: 'browse'
         },
         query() {
-            return routeSettings.get();
+            return routeSettings.api.get();
         }
     }
 };

package/core/server/api/canary/utils/serializers/output/custom-theme-settings.js ADDED Viewed

@@ -0,0 +1,13 @@
+module.exports = {
+    browse(models, apiConfig, frame) {
+        frame.response = {
+            customThemeSettings: models
+        };
+    },
+    edit(models, apiConfig, frame) {
+        frame.response = {
+            customThemeSettings: models
+        };
+    }
+};

package/core/server/api/canary/utils/serializers/output/index.js CHANGED Viewed

@@ -139,5 +139,9 @@ module.exports = {
     get snippets() {
         return require('./snippets');
+    },
+    get custom_theme_settings() {
+        return require('./custom-theme-settings');
     }
 };

package/core/server/api/canary/utils/validators/input/settings.js CHANGED Viewed

@@ -1,7 +1,13 @@
 const Promise = require('bluebird');
 const _ = require('lodash');
 const i18n = require('../../../../../../shared/i18n');
-const {NotFoundError, ValidationError} = require('@tryghost/errors');
+const {NotFoundError, ValidationError, BadRequestError} = require('@tryghost/errors');
+const validator = require('@tryghost/validator');
+const messages = {
+    invalidEmailReceived: 'Please send a valid email',
+    invalidEmailTypeReceived: 'Invalid email type received'
+};
 module.exports = {
     read(apiConfig, frame) {
@@ -62,5 +68,21 @@ module.exports = {
         if (errors.length) {
             return Promise.reject(errors[0]);
         }
+    },
+    updateMembersEmail(apiConfig, frame) {
+        const {email, type} = frame.data;
+        if (typeof email !== 'string' || !validator.isEmail(email)) {
+            throw new BadRequestError({
+                message: messages.invalidEmailReceived
+            });
+        }
+        if (!type || !['fromAddressUpdate', 'supportAddressUpdate'].includes(type)) {
+            throw new BadRequestError({
+                message: messages.invalidEmailTypeReceived
+            });
+        }
     }
 };

package/core/server/api/v2/redirects.js CHANGED Viewed

@@ -1,5 +1,5 @@
 const web = require('../../web');
-const redirects = require('../../../frontend/services/redirects');
+const redirects = require('../../services/redirects');
 module.exports = {
     docName: 'redirects',
@@ -13,7 +13,7 @@ module.exports = {
         },
         permissions: true,
         query() {
-            return redirects.settings.get();
+            return redirects.api.get();
         }
     },
@@ -23,7 +23,7 @@ module.exports = {
             cacheInvalidate: true
         },
         query(frame) {
-            return redirects.settings.setFromFilePath(frame.file.path)
+            return redirects.api.setFromFilePath(frame.file.path)
                 .then(() => {
                     // CASE: trigger that redirects are getting re-registered
                     web.shared.middlewares.customRedirects.reload();

package/core/server/api/v2/settings.js CHANGED Viewed

@@ -2,7 +2,6 @@ const Promise = require('bluebird');
 const _ = require('lodash');
 const models = require('../../models');
 const routeSettings = require('../../services/route-settings');
-const frontendSettings = require('../../../frontend/services/settings');
 const i18n = require('../../../shared/i18n');
 const {NoPermissionError, NotFoundError} = require('@tryghost/errors');
 const settingsService = require('../../services/settings');
@@ -168,8 +167,8 @@ module.exports = {
             method: 'edit'
         },
         async query(frame) {
-            await routeSettings.setFromFilePath(frame.file.path);
-            const getRoutesHash = () => frontendSettings.getCurrentHash('routes');
+            await routeSettings.api.setFromFilePath(frame.file.path);
+            const getRoutesHash = () => routeSettings.api.getCurrentHash();
             await settingsService.syncRoutesHash(getRoutesHash);
         }
     },
@@ -188,7 +187,7 @@ module.exports = {
             method: 'browse'
         },
         query() {
-            return routeSettings.get();
+            return routeSettings.api.get();
         }
     }
 };

package/core/server/api/v3/redirects.js CHANGED Viewed

@@ -1,7 +1,7 @@
 const path = require('path');
 const web = require('../../web');
-const redirects = require('../../../frontend/services/redirects');
+const redirects = require('../../services/redirects');
 module.exports = {
     docName: 'redirects',
@@ -11,7 +11,7 @@ module.exports = {
             disposition: {
                 type: 'file',
                 value() {
-                    return redirects.settings.getRedirectsFilePath()
+                    return redirects.api.getRedirectsFilePath()
                         .then((filePath) => {
                             // TODO: Default file type is .json for backward compatibility.
                             // When .yaml becomes default or .json is removed at v4,
@@ -26,13 +26,13 @@ module.exports = {
         permissions: true,
         response: {
             async format() {
-                const filePath = await redirects.settings.getRedirectsFilePath();
+                const filePath = await redirects.api.getRedirectsFilePath();
                 return filePath === null || path.extname(filePath) === '.json' ? 'json' : 'plain';
             }
         },
         query() {
-            return redirects.settings.get();
+            return redirects.api.get();
         }
     },
@@ -42,7 +42,7 @@ module.exports = {
             cacheInvalidate: true
         },
         query(frame) {
-            return redirects.settings.setFromFilePath(frame.file.path, frame.file.ext)
+            return redirects.api.setFromFilePath(frame.file.path, frame.file.ext)
                 .then(() => {
                     // CASE: trigger that redirects are getting re-registered
                     web.shared.middlewares.customRedirects.reload();