npm - ghost - Versions diffs - 4.36.3 → 4.38.1 - Mend

ghost 4.36.3 → 4.38.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (98) hide show

package/core/server/api/canary/tiers-public.js ADDED Viewed

@@ -0,0 +1,34 @@
+// NOTE: We must not cache references to membersService.api
+// as it is a getter and may change during runtime.
+const membersService = require('../../services/members');
+const allowedIncludes = ['monthly_price', 'yearly_price', 'benefits'];
+module.exports = {
+    docName: 'tiers',
+    browse: {
+        options: [
+            'limit',
+            'fields',
+            'include',
+            'filter',
+            'order',
+            'debug',
+            'page'
+        ],
+        permissions: true,
+        validation: {
+            options: {
+                include: {
+                    values: allowedIncludes
+                }
+            }
+        },
+        async query(frame) {
+            const page = await membersService.api.productRepository.list(frame.options);
+            return page;
+        }
+    }
+};

package/core/server/api/canary/tiers.js ADDED Viewed

@@ -0,0 +1,120 @@
+const errors = require('@tryghost/errors');
+const membersService = require('../../services/members');
+const tpl = require('@tryghost/tpl');
+const allowedIncludes = ['monthly_price', 'yearly_price', 'benefits'];
+const messages = {
+    productNotFound: 'Tier not found.'
+};
+module.exports = {
+    docName: 'tiers',
+    browse: {
+        options: [
+            'limit',
+            'fields',
+            'include',
+            'filter',
+            'order',
+            'debug',
+            'page'
+        ],
+        permissions: {
+            docName: 'products'
+        },
+        validation: {
+            options: {
+                include: {
+                    values: allowedIncludes
+                }
+            }
+        },
+        async query(frame) {
+            const page = await membersService.api.productRepository.list(frame.options);
+            return page;
+        }
+    },
+    read: {
+        options: [
+            'include'
+        ],
+        headers: {},
+        data: [
+            'id'
+        ],
+        validation: {
+            options: {
+                include: {
+                    values: allowedIncludes
+                }
+            }
+        },
+        permissions: true,
+        async query(frame) {
+            const model = await membersService.api.productRepository.get(frame.data, frame.options);
+            if (!model) {
+                throw new errors.NotFoundError({
+                    message: tpl(messages.productNotFound)
+                });
+            }
+            return model;
+        }
+    },
+    add: {
+        statusCode: 201,
+        headers: {
+            cacheInvalidate: true
+        },
+        validation: {
+            data: {
+                name: {required: true}
+            }
+        },
+        permissions: {
+            docName: 'products'
+        },
+        async query(frame) {
+            const model = await membersService.api.productRepository.create(
+                frame.data,
+                frame.options
+            );
+            return model;
+        }
+    },
+    edit: {
+        statusCode: 200,
+        options: [
+            'id'
+        ],
+        headers: {
+            cacheInvalidate: true
+        },
+        validation: {
+            options: {
+                id: {
+                    required: true
+                }
+            }
+        },
+        permissions: {
+            docName: 'products'
+        },
+        async query(frame) {
+            const model = await membersService.api.productRepository.update(
+                frame.data,
+                frame.options
+            );
+            return model;
+        }
+    }
+};

package/core/server/api/canary/utils/serializers/input/index.js CHANGED Viewed

@@ -43,6 +43,10 @@ module.exports = {
         return require('./products');
     },
+    get tiers() {
+        return require('./tiers');
+    },
     get webhooks() {
         return require('./webhooks');
     }

package/core/server/api/canary/utils/serializers/input/tiers.js ADDED Viewed

@@ -0,0 +1,36 @@
+module.exports = {
+    all(_apiConfig, frame) {
+        if (!frame.options.withRelated) {
+            return;
+        }
+        frame.options.withRelated = frame.options.withRelated.map((relation) => {
+            if (relation === 'stripe_prices') {
+                return 'stripePrices';
+            }
+            if (relation === 'monthly_price') {
+                return 'monthlyPrice';
+            }
+            if (relation === 'yearly_price') {
+                return 'yearlyPrice';
+            }
+            return relation;
+        });
+    },
+    add(_apiConfig, frame) {
+        if (frame.data.products) {
+            frame.data = frame.data.products[0];
+            return;
+        }
+        frame.data = frame.data.tiers[0];
+    },
+    edit(_apiConfig, frame) {
+        if (frame.data.products) {
+            frame.data = frame.data.products[0];
+            return;
+        }
+        frame.data = frame.data.tiers[0];
+    }
+};

package/core/server/api/canary/utils/serializers/output/email-posts.js CHANGED Viewed

@@ -1,9 +1,15 @@
 const mapper = require('./utils/mapper');
 const gating = require('./utils/post-gating');
+const membersService = require('../../../../../services/members');
 module.exports = {
     async read(model, apiConfig, frame) {
-        const emailPost = await mapper.mapPost(model, frame);
+        const tiersModels = await membersService.api.productRepository.list({
+            withRelated: ['monthlyPrice', 'yearlyPrice']
+        });
+        const tiers = tiersModels.data && tiersModels.data.map(tierModel => tierModel.toJSON());
+        const emailPost = await mapper.mapPost(model, frame, {tiers});
         gating.forPost(emailPost, frame);
         frame.response = {

package/core/server/api/canary/utils/serializers/output/index.js CHANGED Viewed

@@ -73,6 +73,10 @@ module.exports = {
         return require('./products');
     },
+    get tiers() {
+        return require('./tiers');
+    },
     get member_signin_urls() {
         return require('./member-signin_urls');
     },

package/core/server/api/canary/utils/serializers/output/members.js CHANGED Viewed

@@ -1,6 +1,7 @@
 //@ts-check
 const debug = require('@tryghost/debug')('api:canary:utils:serializers:output:members');
 const {unparse} = require('@tryghost/members-csv');
+const labs = require('../../../../../../shared/labs');
 module.exports = {
     hasActiveStripeSubscriptions: createSerializer('hasActiveStripeSubscriptions', passthrough),
@@ -127,6 +128,10 @@ function serializeMember(member, options) {
         status: json.status
     };
+    if (labs.isSet('membersLastSeenFilter')) {
+        serialized.last_seen_at = json.last_seen_at;
+    }
     if (json.products) {
         serialized.products = json.products;
     }

package/core/server/api/canary/utils/serializers/output/pages.js CHANGED Viewed

@@ -1,5 +1,6 @@
 const debug = require('@tryghost/debug')('api:canary:utils:serializers:output:pages');
 const mapper = require('./utils/mapper');
+const membersService = require('../../../../../services/members');
 module.exports = {
     async all(models, apiConfig, frame) {
@@ -10,9 +11,15 @@ module.exports = {
             return;
         }
         let pages = [];
+        const tiersModels = await membersService.api.productRepository.list({
+            withRelated: ['monthlyPrice', 'yearlyPrice']
+        });
+        const tiers = tiersModels.data ? tiersModels.data.map(tierModel => tierModel.toJSON()) : [];
         if (models.meta) {
             for (let model of models.data) {
-                let page = await mapper.mapPage(model, frame);
+                let page = await mapper.mapPage(model, frame, {tiers});
                 pages.push(page);
             }
             frame.response = {
@@ -22,7 +29,7 @@ module.exports = {
             return;
         }
-        let page = await mapper.mapPage(models, frame);
+        let page = await mapper.mapPage(models, frame, {tiers});
         frame.response = {
             pages: [page]
         };

package/core/server/api/canary/utils/serializers/output/posts.js CHANGED Viewed

@@ -1,5 +1,6 @@
 const debug = require('@tryghost/debug')('api:canary:utils:serializers:output:posts');
 const mapper = require('./utils/mapper');
+const membersService = require('../../../../../services/members');
 module.exports = {
     async all(models, apiConfig, frame) {
@@ -10,9 +11,14 @@ module.exports = {
             return;
         }
         let posts = [];
+        const tiersModels = await membersService.api.productRepository.list({
+            withRelated: ['monthlyPrice', 'yearlyPrice']
+        });
+        const tiers = tiersModels.data ? tiersModels.data.map(tierModel => tierModel.toJSON()) : [];
         if (models.meta) {
             for (let model of models.data) {
-                let post = await mapper.mapPost(model, frame);
+                let post = await mapper.mapPost(model, frame, {tiers});
                 posts.push(post);
             }
             frame.response = {
@@ -22,7 +28,7 @@ module.exports = {
             return;
         }
-        let post = await mapper.mapPost(models, frame);
+        let post = await mapper.mapPost(models, frame, {tiers});
         frame.response = {
             posts: [post]
         };

package/core/server/api/canary/utils/serializers/output/preview.js CHANGED Viewed

@@ -1,8 +1,14 @@
 const mapper = require('./utils/mapper');
+const membersService = require('../../../../../services/members');
 module.exports = {
     async all(model, apiConfig, frame) {
-        const data = await mapper.mapPost(model, frame);
+        const tiersModels = await membersService.api.productRepository.list({
+            withRelated: ['monthlyPrice', 'yearlyPrice']
+        });
+        const tiers = tiersModels.data ? tiersModels.data.map(tierModel => tierModel.toJSON()) : [];
+        const data = await mapper.mapPost(model, frame, {tiers});
         frame.response = {
             preview: [data]
         };

package/core/server/api/canary/utils/serializers/output/products.js CHANGED Viewed

@@ -1,6 +1,7 @@
 //@ts-check
 const debug = require('@tryghost/debug')('api:canary:utils:serializers:output:products');
 const _ = require('lodash');
+const utils = require('../../../../shared/utils');
 const allowedIncludes = ['stripe_prices', 'monthly_price', 'yearly_price'];
@@ -22,7 +23,7 @@ module.exports = {
  */
 function paginatedProducts(page, _apiConfig, frame) {
     const requestedQueryIncludes = frame.original && frame.original.query && frame.original.query.include && frame.original.query.include.split(',') || [];
-    const requestedOptionsIncludes = frame.original && frame.original.options && frame.original.options.include || [];
+    const requestedOptionsIncludes = utils.options.trimAndLowerCase(frame.original && frame.original.options && frame.original.options.include || []);
     return {
         products: page.data.map((model) => {
             return cleanIncludes(
@@ -74,6 +75,7 @@ function serializeProduct(product, options, apiType) {
         description: json.description,
         slug: json.slug,
         active: json.active,
+        visibility: json.visibility,
         type: json.type,
         welcome_page_url: json.welcome_page_url,
         created_at: json.created_at,

package/core/server/api/canary/utils/serializers/output/tiers.js ADDED Viewed

@@ -0,0 +1,212 @@
+//@ts-check
+const debug = require('@tryghost/debug')('api:canary:utils:serializers:output:tiers');
+const _ = require('lodash');
+const allowedIncludes = ['monthly_price', 'yearly_price'];
+const utils = require('../../../../shared/utils');
+module.exports = {
+    browse: createSerializer('browse', paginatedTiers),
+    read: createSerializer('read', singleTier),
+    edit: createSerializer('edit', singleTier),
+    add: createSerializer('add', singleTier)
+};
+/**
+ * @template PageMeta
+ *
+ * @param {{data: import('bookshelf').Model[], meta: PageMeta}} page
+ * @param {APIConfig} _apiConfig
+ * @param {Frame} frame
+ *
+ * @returns {{tiers: SerializedTier[], meta: PageMeta}}
+ */
+function paginatedTiers(page, _apiConfig, frame) {
+    const requestedQueryIncludes = frame.original && frame.original.query && frame.original.query.include && frame.original.query.include.split(',') || [];
+    const requestedOptionsIncludes = utils.options.trimAndLowerCase(frame.original && frame.original.options && frame.original.options.include || []);
+    return {
+        tiers: page.data.map((model) => {
+            return cleanIncludes(
+                allowedIncludes,
+                requestedQueryIncludes.concat(requestedOptionsIncludes),
+                serializeTier(model, frame.options, frame.apiType)
+            );
+        }),
+        meta: page.meta
+    };
+}
+/**
+ * @param {import('bookshelf').Model} model
+ * @param {APIConfig} _apiConfig
+ * @param {Frame} frame
+ *
+ * @returns {{tiers: SerializedTier[]}}
+ */
+function singleTier(model, _apiConfig, frame) {
+    const requestedQueryIncludes = frame.original && frame.original.query && frame.original.query.include && frame.original.query.include.split(',') || [];
+    const requestedOptionsIncludes = frame.original && frame.original.options && frame.original.options.include || [];
+    return {
+        tiers: [
+            cleanIncludes(
+                allowedIncludes,
+                requestedQueryIncludes.concat(requestedOptionsIncludes),
+                serializeTier(model, frame.options, frame.apiType)
+            )
+        ]
+    };
+}
+/**
+ * @param {import('bookshelf').Model} tier
+ * @param {object} options
+ * @param {'content'|'admin'} apiType
+ *
+ * @returns {SerializedTier}
+ */
+function serializeTier(tier, options, apiType) {
+    const json = tier.toJSON(options);
+    const hideStripeData = apiType === 'content';
+    const serialized = {
+        id: json.id,
+        name: json.name,
+        description: json.description,
+        slug: json.slug,
+        active: json.active,
+        type: json.type,
+        welcome_page_url: json.welcome_page_url,
+        created_at: json.created_at,
+        updated_at: json.updated_at,
+        stripe_prices: json.stripePrices ? json.stripePrices.map(price => serializeStripePrice(price, hideStripeData)) : null,
+        monthly_price: serializeStripePrice(json.monthlyPrice, hideStripeData),
+        yearly_price: serializeStripePrice(json.yearlyPrice, hideStripeData),
+        benefits: json.benefits || null,
+        visibility: json.visibility
+    };
+    return serialized;
+}
+/**
+ * @param {object} data
+ * @param {boolean} hideStripeData
+ *
+ * @returns {StripePrice}
+ */
+function serializeStripePrice(data, hideStripeData) {
+    if (_.isEmpty(data)) {
+        return null;
+    }
+    const price = {
+        id: data.id,
+        stripe_tier_id: data.stripe_product_id,
+        stripe_price_id: data.stripe_price_id,
+        active: data.active,
+        nickname: data.nickname,
+        description: data.description,
+        currency: data.currency,
+        amount: data.amount,
+        type: data.type,
+        interval: data.interval,
+        created_at: data.created_at,
+        updated_at: data.updated_at
+    };
+    if (hideStripeData) {
+        delete price.stripe_price_id;
+        delete price.stripe_tier_id;
+    }
+    return price;
+}
+/**
+ * @template Data
+ *
+ * @param {string[]} allowed
+ * @param {string[]} requested
+ * @param {Data & Object<string, any>} data
+ *
+ * @returns {Data}
+ */
+function cleanIncludes(allowed, requested, data) {
+    const cleaned = {
+        ...data
+    };
+    for (const include of allowed) {
+        if (!requested.includes(include)) {
+            delete cleaned[include];
+        }
+    }
+    return cleaned;
+}
+/**
+ * @template Data
+ * @template Response
+ * @param {string} debugString
+ * @param {(data: Data, apiConfig: APIConfig, frame: Frame) => Response} serialize - A function to serialize the data into an object suitable for API response
+ *
+ * @returns {(data: Data, apiConfig: APIConfig, frame: Frame) => void}
+ */
+function createSerializer(debugString, serialize) {
+    return function serializer(data, apiConfig, frame) {
+        debug(debugString);
+        const response = serialize(data, apiConfig, frame);
+        frame.response = response;
+    };
+}
+/**
+ * @typedef {Object} SerializedTier
+ * @prop {string} id
+ * @prop {string} name
+ * @prop {string} slug
+ * @prop {string} description
+ * @prop {boolean} active
+ * @prop {string} type
+ * @prop {string} welcome_page_url
+ * @prop {Date} created_at
+ * @prop {Date} updated_at
+ * @prop {StripePrice} [monthly_price]
+ * @prop {StripePrice} [yearly_price]
+ * @prop {Benefit[]} [benefits]
+ */
+/**
+ * @typedef {object} Benefit
+ * @prop {string} id
+ * @prop {string} name
+ * @prop {string} slug
+ * @prop {Date} created_at
+ * @prop {Date} updated_at
+ */
+/**
+ * @typedef {object} StripePrice
+ * @prop {string} id
+ * @prop {string|null} stripe_tier_id
+ * @prop {string|null} stripe_price_id
+ * @prop {boolean} active
+ * @prop {string} nickname
+ * @prop {string} description
+ * @prop {string} currency
+ * @prop {number} amount
+ * @prop {'recurring'|'one-time'} type
+ * @prop {'day'|'week'|'month'|'year'} interval
+ * @prop {Date} created_at
+ * @prop {Date} updated_at
+ */
+/**
+ * @typedef {Object} APIConfig
+ * @prop {string} docName
+ * @prop {string} method
+ */
+/**
+ * @typedef {Object<string, any>} Frame
+ * @prop {Object} options
+ */

package/core/server/api/canary/utils/serializers/output/utils/mapper.js CHANGED Viewed

@@ -31,7 +31,8 @@ const mapTag = (model, frame) => {
     return jsonModel;
 };
-const mapPost = async (model, frame) => {
+const mapPost = async (model, frame, options = {}) => {
+    const {tiers: tiersData} = options || {};
     const extendedOptions = Object.assign(_.cloneDeep(frame.options), {
         extraProperties: ['canonical_url']
     });
@@ -45,12 +46,21 @@ const mapPost = async (model, frame) => {
     // Attach tiers to custom nql visibility filter
     if (labsService.isSet('multipleProducts')
         && jsonModel.visibility
-        && !['members', 'public', 'paid', 'tiers'].includes(jsonModel.visibility)
     ) {
-        const tiers = await postsService.getProductsFromVisibilityFilter(jsonModel.visibility);
+        if (['members', 'public'].includes(jsonModel.visibility) && jsonModel.tiers) {
+            jsonModel.tiers = tiersData || [];
+        }
+        if (jsonModel.visibility === 'paid' && jsonModel.tiers) {
+            jsonModel.tiers = tiersData ? tiersData.filter(t => t.type === 'paid') : [];
+        }
-        jsonModel.visibility = 'tiers';
-        jsonModel.tiers = tiers;
+        if (!['members', 'public', 'paid', 'tiers'].includes(jsonModel.visibility)) {
+            const tiers = await postsService.getProductsFromVisibilityFilter(jsonModel.visibility);
+            jsonModel.visibility = 'tiers';
+            jsonModel.tiers = tiers;
+        }
     }
     if (utils.isContentAPI(frame)) {
@@ -103,8 +113,8 @@ const mapPost = async (model, frame) => {
     return jsonModel;
 };
-const mapPage = async (model, frame) => {
-    const jsonModel = await mapPost(model, frame);
+const mapPage = async (model, frame, options) => {
+    const jsonModel = await mapPost(model, frame, options);
     delete jsonModel.email_subject;
     delete jsonModel.email_recipient_filter;

package/core/server/api/canary/utils/validators/input/index.js CHANGED Viewed

@@ -27,6 +27,10 @@ module.exports = {
         return require('./members');
     },
+    get tiers() {
+        return require('./tiers');
+    },
     get media() {
         return require('./media');
     },

package/core/server/api/canary/utils/validators/input/tiers.js ADDED Viewed

@@ -0,0 +1,6 @@
+const jsonSchema = require('../utils/json-schema');
+module.exports = {
+    add: jsonSchema.validate,
+    edit: jsonSchema.validate
+};

package/core/server/api/v2/settings.js CHANGED Viewed

@@ -106,7 +106,8 @@ module.exports = {
             before(frame) {
                 const errors = [];
-                frame.data.settings.map((setting) => {
+                // Using eslint disable line here as we are about to drop v2 - no point in fixing
+                frame.data.settings.map((setting) => { /* eslint-disable-line array-callback-return */
                     if (setting.group === 'core' && !(frame.options.context && frame.options.context.internal)) {
                         errors.push(new NoPermissionError({
                             message: tpl(messages.accessCoreSettingFromExtReq)

package/core/server/data/db/connection.js CHANGED Viewed

@@ -32,9 +32,10 @@ function configure(dbConfig) {
         process.env.BTHREADS_BACKEND = 'child_process';
     }
-    if (client === 'mysql') {
-        dbConfig.connection.timezone = 'UTC';
+    if (client === 'mysql2') {
+        dbConfig.connection.timezone = 'Z';
         dbConfig.connection.charset = 'utf8mb4';
+        dbConfig.connection.decimalNumbers = true;
         // NOTE: disabled so that worker processes can use the db without
         // requiring logging and causing file desriptor leaks.

package/core/server/data/migrations/init/1-create-tables.js CHANGED Viewed

@@ -7,7 +7,10 @@ const schemaTables = Object.keys(schema);
 module.exports.up = async (options) => {
     const connection = options.connection;
-    await Promise.mapSeries(schemaTables, async (table) => {
+    const existingTables = await commands.getTables(connection);
+    const missingTables = schemaTables.filter(t => !existingTables.includes(t));
+    await Promise.mapSeries(missingTables, async (table) => {
         logging.info('Creating table: ' + table);
         await commands.createTable(table, connection);
     });