ghost 4.37.0 → 4.38.0

package/core/server/data/schema/commands.js

@@ -4,6 +4,7 @@ const logging = require('@tryghost/logging');
 const errors = require('@tryghost/errors');
 const tpl = require('@tryghost/tpl');
 const db = require('../db');
+const DatabaseInfo = require('@tryghost/database-info');
 const schema = require('./schema');
 const clients = require('./clients');
 
@@ -58,14 +59,14 @@ function addTableColumn(tableName, table, columnName, columnSpec = schema[tableN
     }
 }
 
-function addColumn(tableName, column, transaction, columnSpec) {
-    return (transaction || db.knex).schema.table(tableName, function (table) {
+function addColumn(tableName, column, transaction = db.knex, columnSpec) {
+    return transaction.schema.table(tableName, function (table) {
         addTableColumn(tableName, table, column, columnSpec);
     });
 }
 
-function dropColumn(tableName, column, transaction) {
-    return (transaction || db.knex).schema.table(tableName, function (table) {
+function dropColumn(tableName, column, transaction = db.knex) {
+    return transaction.schema.table(tableName, function (table) {
         table.dropColumn(column);
     });
 }
@@ -77,11 +78,11 @@ function dropColumn(tableName, column, transaction) {
  * @param {string|[string]} columns - column(s) to form unique constraint with
  * @param {import('knex')} transaction - connection object containing knex reference
  */
-async function addUnique(tableName, columns, transaction) {
+async function addUnique(tableName, columns, transaction = db.knex) {
     try {
         logging.info(`Adding unique constraint for: ${columns} in table ${tableName}`);
 
-        return await (transaction || db.knex).schema.table(tableName, function (table) {
+        return await transaction.schema.table(tableName, function (table) {
             table.unique(columns);
         });
     } catch (err) {
@@ -104,11 +105,11 @@ async function addUnique(tableName, columns, transaction) {
  * @param {string|[string]} columns - column(s) unique constraint was formed
  * @param {import('knex')} transaction - connection object containing knex reference
  */
-async function dropUnique(tableName, columns, transaction) {
+async function dropUnique(tableName, columns, transaction = db.knex) {
     try {
         logging.info(`Dropping unique constraint for: ${columns} in table: ${tableName}`);
 
-        return await (transaction || db.knex).schema.table(tableName, function (table) {
+        return await transaction.schema.table(tableName, function (table) {
             table.dropUnique(columns);
         });
     } catch (err) {
@@ -134,17 +135,14 @@ async function dropUnique(tableName, columns, transaction) {
  * @param {string} configuration.toColumn - column of the table to point the foreign key to
  * @param {import('knex')} configuration.transaction - connection object containing knex reference
  */
-async function hasForeignSQLite({fromTable, fromColumn, toTable, toColumn, transaction}) {
-    const knex = (transaction || db.knex);
-    const client = knex.client.config.client;
-
-    if (client !== 'sqlite3') {
+async function hasForeignSQLite({fromTable, fromColumn, toTable, toColumn, transaction = db.knex}) {
+    if (!DatabaseInfo.isSQLite(transaction)) {
         throw new errors.InternalServerError({
             message: tpl(messages.hasForeignSQLite3)
         });
     }
 
-    const foreignKeys = await knex.raw(`PRAGMA foreign_key_list('${fromTable}');`);
+    const foreignKeys = await transaction.raw(`PRAGMA foreign_key_list('${fromTable}');`);
 
     const hasForeignKey = foreignKeys.some(foreignKey => foreignKey.table === toTable && foreignKey.from === fromColumn && foreignKey.to === toColumn);
 
@@ -162,9 +160,8 @@ async function hasForeignSQLite({fromTable, fromColumn, toTable, toColumn, trans
  * @param {Boolean} configuration.cascadeDelete - adds the "on delete cascade" option if true
  * @param {import('knex')} configuration.transaction - connection object containing knex reference
  */
-async function addForeign({fromTable, fromColumn, toTable, toColumn, cascadeDelete = false, transaction}) {
-    const isSQLite = db.knex.client.config.client === 'sqlite3';
-    if (isSQLite) {
+async function addForeign({fromTable, fromColumn, toTable, toColumn, cascadeDelete = false, transaction = db.knex}) {
+    if (DatabaseInfo.isSQLite(transaction)) {
         const foreignKeyExists = await hasForeignSQLite({fromTable, fromColumn, toTable, toColumn, transaction});
         if (foreignKeyExists) {
             logging.warn(`Skipped adding foreign key from ${fromTable}.${fromColumn} to ${toTable}.${toColumn} - foreign key already exists`);
@@ -176,14 +173,14 @@ async function addForeign({fromTable, fromColumn, toTable, toColumn, cascadeDele
 
         //disable and re-enable foreign key checks on sqlite because of https://github.com/knex/knex/issues/4155
         let foreignKeysEnabled;
-        if (isSQLite) {
+        if (DatabaseInfo.isSQLite(transaction)) {
             foreignKeysEnabled = await db.knex.raw('PRAGMA foreign_keys;');
             if (foreignKeysEnabled[0].foreign_keys) {
                 await db.knex.raw('PRAGMA foreign_keys = OFF;');
             }
         }
 
-        await (transaction || db.knex).schema.table(fromTable, function (table) {
+        await transaction.schema.table(fromTable, function (table) {
             if (cascadeDelete) {
                 table.foreign(fromColumn).references(`${toTable}.${toColumn}`).onDelete('CASCADE');
             } else {
@@ -191,13 +188,13 @@ async function addForeign({fromTable, fromColumn, toTable, toColumn, cascadeDele
             }
         });
 
-        if (isSQLite) {
+        if (DatabaseInfo.isSQLite(transaction)) {
             if (foreignKeysEnabled[0].foreign_keys) {
                 await db.knex.raw('PRAGMA foreign_keys = ON;');
             }
         }
     } catch (err) {
-        if (err.code === 'ER_DUP_KEY') {
+        if (err.code === 'ER_DUP_KEY' || err.code === 'ER_FK_DUP_KEY' || err.code === 'ER_FK_DUP_NAME') {
             logging.warn(`Skipped adding foreign key from ${fromTable}.${fromColumn} to ${toTable}.${toColumn} - foreign key already exists`);
             return;
         }
@@ -215,9 +212,8 @@ async function addForeign({fromTable, fromColumn, toTable, toColumn, cascadeDele
  * @param {string} configuration.toColumn - column of the table to point the foreign key to
  * @param {import('knex')} configuration.transaction - connection object containing knex reference
  */
-async function dropForeign({fromTable, fromColumn, toTable, toColumn, transaction}) {
-    const isSQLite = db.knex.client.config.client === 'sqlite3';
-    if (isSQLite) {
+async function dropForeign({fromTable, fromColumn, toTable, toColumn, transaction = db.knex}) {
+    if (DatabaseInfo.isSQLite(transaction)) {
         const foreignKeyExists = await hasForeignSQLite({fromTable, fromColumn, toTable, toColumn, transaction});
         if (!foreignKeyExists) {
             logging.warn(`Skipped dropping foreign key from ${fromTable}.${fromColumn} to ${toTable}.${toColumn} - foreign key does not exist`);
@@ -229,18 +225,18 @@ async function dropForeign({fromTable, fromColumn, toTable, toColumn, transactio
 
         //disable and re-enable foreign key checks on sqlite because of https://github.com/knex/knex/issues/4155
         let foreignKeysEnabled;
-        if (isSQLite) {
+        if (DatabaseInfo.isSQLite(transaction)) {
             foreignKeysEnabled = await db.knex.raw('PRAGMA foreign_keys;');
             if (foreignKeysEnabled[0].foreign_keys) {
                 await db.knex.raw('PRAGMA foreign_keys = OFF;');
             }
         }
 
-        await (transaction || db.knex).schema.table(fromTable, function (table) {
+        await transaction.schema.table(fromTable, function (table) {
             table.dropForeign(fromColumn);
         });
 
-        if (isSQLite) {
+        if (DatabaseInfo.isSQLite(transaction)) {
             if (foreignKeysEnabled[0].foreign_keys) {
                 await db.knex.raw('PRAGMA foreign_keys = ON;');
             }
@@ -260,17 +256,14 @@ async function dropForeign({fromTable, fromColumn, toTable, toColumn, transactio
  * @param {string} tableName - name of the table to check primary key constraint on
  * @param {import('knex')} transaction - connection object containing knex reference
  */
-async function hasPrimaryKeySQLite(tableName, transaction) {
-    const knex = (transaction || db.knex);
-    const client = knex.client.config.client;
-
-    if (client !== 'sqlite3') {
+async function hasPrimaryKeySQLite(tableName, transaction = db.knex) {
+    if (!DatabaseInfo.isSQLite(transaction)){
         throw new errors.InternalServerError({
             message: tpl(messages.hasPrimaryKeySQLiteError)
         });
     }
 
-    const rawConstraints = await knex.raw(`PRAGMA index_list('${tableName}');`);
+    const rawConstraints = await transaction.raw(`PRAGMA index_list('${tableName}');`);
     const tablePrimaryKey = rawConstraints.find(c => c.origin === 'pk');
 
     return tablePrimaryKey;
@@ -283,9 +276,8 @@ async function hasPrimaryKeySQLite(tableName, transaction) {
  * @param {string|[string]} columns - column(s) to form primary key constraint with
  * @param {import('knex')} transaction - connection object containing knex reference
  */
-async function addPrimaryKey(tableName, columns, transaction) {
-    const isSQLite = db.knex.client.config.client === 'sqlite3';
-    if (isSQLite) {
+async function addPrimaryKey(tableName, columns, transaction = db.knex) {
+    if (DatabaseInfo.isSQLite(transaction)) {
         const primaryKeyExists = await hasPrimaryKeySQLite(tableName, transaction);
         if (primaryKeyExists) {
             logging.warn(`Primary key constraint for: ${columns} already exists for table: ${tableName}`);
@@ -294,7 +286,7 @@ async function addPrimaryKey(tableName, columns, transaction) {
     }
     try {
         logging.info(`Adding primary key constraint for: ${columns} in table ${tableName}`);
-        return await (transaction || db.knex).schema.table(tableName, function (table) {
+        return await transaction.schema.table(tableName, function (table) {
             table.primary(columns);
         });
     } catch (err) {
@@ -316,8 +308,8 @@ async function addPrimaryKey(tableName, columns, transaction) {
  * @param {import('knex').Transaction} transaction - connection to the DB
  * @param {Object} [tableSpec] - table schema to generate table with
  */
-function createTable(table, transaction, tableSpec = schema[table]) {
-    return (transaction || db.knex).schema.createTable(table, function (t) {
+function createTable(table, transaction = db.knex, tableSpec = schema[table]) {
+    return transaction.schema.createTable(table, function (t) {
         Object.keys(tableSpec)
             .filter(column => !(column.startsWith('@@')))
             .forEach(column => addTableColumn(table, t, column, tableSpec[column]));
@@ -331,12 +323,12 @@ function createTable(table, transaction, tableSpec = schema[table]) {
     });
 }
 
-function deleteTable(table, transaction) {
-    return (transaction || db.knex).schema.dropTableIfExists(table);
+function deleteTable(table, transaction = db.knex) {
+    return transaction.schema.dropTableIfExists(table);
 }
 
-function getTables(transaction) {
-    const client = (transaction || db.knex).client.config.client;
+function getTables(transaction = db.knex) {
+    const client = transaction.client.config.client;
 
     if (_.includes(_.keys(clients), client)) {
         return clients[client].getTables(transaction);
@@ -345,8 +337,8 @@ function getTables(transaction) {
     return Promise.reject(tpl(messages.noSupportForDatabase, {client: client}));
 }
 
-function getIndexes(table, transaction) {
-    const client = (transaction || db.knex).client.config.client;
+function getIndexes(table, transaction = db.knex) {
+    const client = transaction.client.config.client;
 
     if (_.includes(_.keys(clients), client)) {
         return clients[client].getIndexes(table, transaction);
@@ -355,8 +347,8 @@ function getIndexes(table, transaction) {
     return Promise.reject(tpl(messages.noSupportForDatabase, {client: client}));
 }
 
-function getColumns(table, transaction) {
-    const client = (transaction || db.knex).client.config.client;
+function getColumns(table, transaction = db.knex) {
+    const client = transaction.client.config.client;
 
     if (_.includes(_.keys(clients), client)) {
         return clients[client].getColumns(table);
@@ -365,10 +357,10 @@ function getColumns(table, transaction) {
     return Promise.reject(tpl(messages.noSupportForDatabase, {client: client}));
 }
 
-function checkTables(transaction) {
-    const client = (transaction || db.knex).client.config.client;
+function checkTables(transaction = db.knex) {
+    const client = transaction.client.config.client;
 
-    if (client === 'mysql') {
+    if (DatabaseInfo.isMySQL(transaction)) {
         return clients[client].checkPostTable();
     }
 }

package/core/server/data/schema/fixtures/fixtures.json

@@ -7,13 +7,15 @@
                     "name":             "Free",
                     "slug":             "free",
                     "type":             "free",
-                    "active":           true
+                    "active":           true,
+                    "visibility":       "public"
                 },
                 {
                     "name":             "Default Product",
                     "slug":             "default-product",
                     "type":             "paid",
-                    "active":           true
+                    "active":           true,
+                    "visibility":       "public"
                 }
             ]
         },

package/core/server/data/schema/schema.js

@@ -381,6 +381,13 @@ module.exports = {
         slug: {type: 'string', maxlength: 191, nullable: false, unique: true},
         active: {type: 'boolean', nullable: false, defaultTo: true},
         welcome_page_url: {type: 'string', maxlength: 2000, nullable: true},
+        visibility: {
+            type: 'string',
+            maxlength: 50,
+            nullable: false,
+            defaultTo: 'none',
+            validations: {isIn: [['public', 'none']]}
+        },
         monthly_price_id: {type: 'string', maxlength: 24, nullable: true},
         yearly_price_id: {type: 'string', maxlength: 24, nullable: true},
         description: {type: 'string', maxlength: 191, nullable: true},

package/core/server/models/product.js

@@ -5,7 +5,8 @@ const Product = ghostBookshelf.Model.extend({
     tableName: 'products',
 
     defaults: {
-        active: true
+        active: true,
+        visibility: 'none'
     },
 
     relationships: ['benefits'],

package/core/server/services/auth/api-key/admin.js

@@ -3,6 +3,7 @@ const url = require('url');
 const models = require('../../../models');
 const errors = require('@tryghost/errors');
 const limitService = require('../../../services/limits');
+const config = require('../../../../shared/config');
 const tpl = require('@tryghost/tpl');
 const _ = require('lodash');
 
@@ -139,12 +140,20 @@ const authenticateWithToken = async (req, res, next, {token, JWT_OPTIONS}) => {
         const secret = Buffer.from(apiKey.get('secret'), 'hex');
 
         const {pathname} = url.parse(req.originalUrl);
-        const [hasMatch, version = 'v4', api = 'admin'] = pathname.match(/ghost\/api\/([^/]+)\/([^/]+)\/(.+)*/); // eslint-disable-line no-unused-vars
-
-        // ensure the token was meant for this api version
-        const options = Object.assign({
-            audience: new RegExp(`\/?${version}\/${api}\/?$`) // eslint-disable-line no-useless-escape
-        }, JWT_OPTIONS);
+        const [hasMatch, version, api] = pathname.match(/ghost\/api\/([^/]+)\/([^/]+)\/(.+)*/); // eslint-disable-line no-unused-vars
+
+        // ensure the token was meant for this api
+        let options;
+        if (!config.get('api:versions:all').includes(version)) {
+            // CASE: non-versioned api request
+            options = Object.assign({
+                audience: new RegExp(`\/?${version}\/?$`) // eslint-disable-line no-useless-escape
+            }, JWT_OPTIONS);
+        } else {
+            options = Object.assign({
+                audience: new RegExp(`\/?${version}\/${api}\/?$`) // eslint-disable-line no-useless-escape
+            }, JWT_OPTIONS);
+        }
 
         try {
             jwt.verify(token, secret, options);

package/core/server/services/auth/setup.js

@@ -164,6 +164,11 @@ async function installTheme(data, api) {
         return data;
     }
 
+    if (themeName.toLowerCase() === 'tryghost/casper') {
+        logging.warn('Skipping theme install as Casper is the default theme.');
+        return data;
+    }
+
     // Use the api instead of the services as the api performs extra logic
     try {
         const installResults = await api.themes.install({

package/core/server/services/email-analytics/lib/event-processor.js

@@ -1,5 +1,5 @@
 const {EventProcessor} = require('@tryghost/email-analytics-service');
-const moment = require('moment');
+const moment = require('moment-timezone');
 
 class GhostEventProcessor extends EventProcessor {
     constructor({db}) {
@@ -88,6 +88,23 @@ class GhostEventProcessor extends EventProcessor {
                 opened_at: this.db.knex.raw('COALESCE(opened_at, ?)', [moment.utc(event.timestamp).format('YYYY-MM-DD HH:mm:ss')])
             });
 
+        // Using the default timezone set in https://github.com/TryGhost/Ghost/blob/2c5643623db0fc4db390f6997c81a73dca7ccacd/core/server/data/schema/default-settings/default-settings.json#L105
+        let timezone = 'Etc/UTC';
+        const timezoneData = await this.db.knex('settings').first('value').where('key', 'timezone');
+        if (timezoneData && timezoneData.value) {
+            timezone = timezoneData.value;
+        }
+
+        await this.db.knex('members')
+            .where('email', '=', event.recipientEmail)
+            .andWhere(builder => builder
+                .where('last_seen_at', '<', moment.utc(event.timestamp).tz(timezone).startOf('day').utc().format('YYYY-MM-DD HH:mm:ss'))
+                .orWhereNull('last_seen_at')
+            )
+            .update({
+                last_seen_at: moment.utc(event.timestamp).format('YYYY-MM-DD HH:mm:ss')
+            });
+
         return updateResult > 0;
     }
 

package/core/server/services/members/middleware.js

@@ -110,9 +110,12 @@ const getPortalProductPrices = async function () {
             monthlyPrice: product.monthlyPrice,
             yearlyPrice: product.yearlyPrice,
             benefits: product.benefits,
+            active: product.active,
             type: product.type,
             prices: productPrices
         };
+    }).filter((product) => {
+        return !!product.active;
     });
     const defaultProduct = products.find((product) => {
         return product.type === 'paid';

package/core/server/services/members/service.js

@@ -16,6 +16,8 @@ const models = require('../../models');
 const {GhostMailer} = require('../mail');
 const jobsService = require('../jobs');
 const VerificationTrigger = require('@tryghost/verification-trigger');
+const DomainEvents = require('@tryghost/domain-events');
+const {LastSeenAtUpdater} = require('@tryghost/members-events-service');
 const events = require('../../lib/common/events');
 
 const messages = {
@@ -139,7 +141,7 @@ module.exports = {
             sendVerificationEmail: ({subject, message, amountImported}) => {
                 const escalationAddress = config.get('hostSettings:emailVerification:escalationAddress');
                 const fromAddress = config.get('user_email');
-    
+
                 if (escalationAddress) {
                     ghostMailer.send({
                         subject,
@@ -158,6 +160,16 @@ module.exports = {
             eventRepository: membersApi.events
         });
 
+        new LastSeenAtUpdater({
+            models: {
+                Member: models.Member
+            },
+            services: {
+                domainEvents: DomainEvents,
+                settingsCache
+            }
+        });
+
         (async () => {
             try {
                 const collection = await models.SingleUseToken.fetchAll();

package/core/server/web/admin/views/default-prod.html

@@ -8,7 +8,7 @@
     <title>Ghost Admin</title>
 
     
-<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.37%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
+<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.38%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
 
     <meta name="HandheldFriendly" content="True" />
     <meta name="MobileOptimized" content="320" />
@@ -38,7 +38,7 @@
 
     
                 <link rel="stylesheet" href="assets/vendor.min-2c8ad32b7960bb605ebc20097fee5ebd.css">
-                <link rel="stylesheet" href="assets/ghost.min-02a5f8954bd85fe28817b8c8b111b8aa.css" title="light">
+                <link rel="stylesheet" href="assets/ghost.min-f4c59dd57a2136df8b0a34f87c099034.css" title="light">
             
 
     
@@ -56,8 +56,8 @@
 <div id="ember-basic-dropdown-wormhole"></div>
 
 
-                <script src="assets/vendor.min-6dc30be68238b5c55df0cdc1f2dc8b8d.js"></script>
-                <script src="assets/ghost.min-c1938f6ee696bf08bd6bf93cac341ea2.js"></script>
+                <script src="assets/vendor.min-c814d3c4b3f543c4cd5ef3aacd0fc645.js"></script>
+                <script src="assets/ghost.min-6386b02480494a69c3bfe66206754836.js"></script>
             
 </body>
 </html>

package/core/server/web/admin/views/default.html

@@ -8,7 +8,7 @@
     <title>Ghost Admin</title>
 
     
-<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.37%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
+<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22rootURL%22%3A%22%2F%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%224.38%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22moment%22%3A%7B%22includeTimezone%22%3A%22all%22%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%7D" />
 
     <meta name="HandheldFriendly" content="True" />
     <meta name="MobileOptimized" content="320" />
@@ -38,7 +38,7 @@
 
     
                 <link rel="stylesheet" href="assets/vendor.min-2c8ad32b7960bb605ebc20097fee5ebd.css">
-                <link rel="stylesheet" href="assets/ghost.min-02a5f8954bd85fe28817b8c8b111b8aa.css" title="light">
+                <link rel="stylesheet" href="assets/ghost.min-f4c59dd57a2136df8b0a34f87c099034.css" title="light">
             
 
     
@@ -56,8 +56,8 @@
 <div id="ember-basic-dropdown-wormhole"></div>
 
 
-                <script src="assets/vendor.min-6dc30be68238b5c55df0cdc1f2dc8b8d.js"></script>
-                <script src="assets/ghost.min-c1938f6ee696bf08bd6bf93cac341ea2.js"></script>
+                <script src="assets/vendor.min-c814d3c4b3f543c4cd5ef3aacd0fc645.js"></script>
+                <script src="assets/ghost.min-6386b02480494a69c3bfe66206754836.js"></script>
             
 </body>
 </html>

package/core/server/web/api/app.js

@@ -25,6 +25,9 @@ module.exports = function setupApiApp() {
     apiApp.lazyUse(urlUtils.getVersionPath({version: 'canary', type: 'content'}), require('./canary/content/app'));
     apiApp.lazyUse(urlUtils.getVersionPath({version: 'canary', type: 'admin'}), require('./canary/admin/app'));
 
+    apiApp.lazyUse('/content/', require('./canary/content/app'));
+    apiApp.lazyUse('/admin/', require('./canary/admin/app'));
+
     // Error handling for requests to non-existent API versions
     apiApp.use(errorHandler.resourceNotFound);
     apiApp.use(errorHandler.handleJSONResponse(sentry));

package/core/server/web/api/canary/admin/middleware.js

@@ -31,6 +31,8 @@ const notImplemented = function (req, res, next) {
         members: ['GET', 'PUT', 'DELETE', 'POST'],
         config: ['GET'],
         schedules: ['PUT'],
+        files: ['POST'],
+        media: ['POST'],
         db: ['POST']
     };
 

package/core/server/web/api/canary/content/routes.js

@@ -34,6 +34,7 @@ module.exports = function apiRoutes() {
     router.get('/settings', mw.authenticatePublic, http(api.publicSettings.browse));
 
     router.get('/products', mw.authenticatePublic, http(api.productsPublic.browse));
+    router.get('/tiers', mw.authenticatePublic, http(api.tiersPublic.browse));
 
     return router;
 };

package/core/server/web/members/app.js

@@ -39,7 +39,7 @@ module.exports = function setupMembersApp() {
     membersApp.get('/api/session', middleware.getIdentityToken);
     membersApp.get('/api/offers/:id', middleware.getOfferData);
     membersApp.delete('/api/session', middleware.deleteSession);
-    membersApp.get('/api/site', shared.middleware.cacheControl('public', {maxAge: 30}), middleware.getMemberSiteData);
+    membersApp.get('/api/site', middleware.getMemberSiteData);
 
     // NOTE: this is wrapped in a function to ensure we always go via the getter
     membersApp.post('/api/send-magic-link', bodyParser.json(), shared.middleware.brute.membersAuth, (req, res, next) => membersService.api.middleware.sendMagicLink(req, res, next));

package/core/shared/config/defaults.json

@@ -128,8 +128,8 @@
         "emailAnalytics": true
     },
     "portal": {
-        "url": "https://unpkg.com/@tryghost/portal@~1.14.0/umd/portal.min.js",
-        "version": "1.14"
+        "url": "https://unpkg.com/@tryghost/portal@~1.15.0/umd/portal.min.js",
+        "version": "1.15"
     },
     "tenor": {
         "publicReadOnlyApiKey": null,

package/core/shared/config/utils.js

@@ -54,9 +54,13 @@ const checkUrlProtocol = function checkUrlProtocol(url) {
  * https://github.com/indexzero/nconf/issues/235#issuecomment-257606507
  */
 const sanitizeDatabaseProperties = function sanitizeDatabaseProperties(nconf) {
+    if (nconf.get('database:client') === 'mysql') {
+        nconf.set('database:client', 'mysql2');
+    }
+
     const database = nconf.get('database');
 
-    if (nconf.get('database:client') === 'mysql') {
+    if (nconf.get('database:client') === 'mysql2') {
         delete database.connection.filename;
     } else {
         delete database.connection.host;

package/core/shared/labs.js

@@ -36,6 +36,7 @@ const ALPHA_FEATURES = [
     'tierName',
     'membersTableStatus',
     'membersLastSeenFilter',
+    'membersContainsFilters',
     'selectablePortalLinks'
 ];