npm - ghost - Versions diffs - 5.114.1 → 5.115.1 - Mend

ghost 5.114.1 → 5.115.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (201) hide show

package/core/server/services/email-analytics/EventProcessingResult.js ADDED Viewed

@@ -0,0 +1,66 @@
+class EventProcessingResult {
+    /**
+     * @param {object} result
+     * @param {number} [result.delivered]
+     * @param {number} [result.opened]
+     * @param {number} [result.temporaryFailed]
+     * @param {number} [result.permanentFailed]
+     * @param {number} [result.unsubscribed]
+     * @param {number} [result.complained]
+     * @param {number} [result.unhandled]
+     * @param {number} [result.unprocessable]
+     * @param {number} [result.processingFailures]
+     * @param {string[]} [result.emailIds]
+     * @param {string[]} [result.memberIds]
+     */
+    constructor(result = {}) {
+        // counts
+        this.delivered = 0;
+        this.opened = 0;
+        this.temporaryFailed = 0;
+        this.permanentFailed = 0;
+        this.unsubscribed = 0;
+        this.complained = 0;
+        this.unhandled = 0;
+        this.unprocessable = 0;
+        // processing failures are counted separately in addition to event type counts
+        this.processingFailures = 0;
+        // ids seen whilst processing ready for passing to the stats aggregator
+        this.emailIds = [];
+        this.memberIds = [];
+        this.merge(result);
+    }
+    get totalEvents() {
+        return this.delivered
+            + this.opened
+            + this.temporaryFailed
+            + this.permanentFailed
+            + this.unsubscribed
+            + this.complained
+            + this.unhandled
+            + this.unprocessable;
+    }
+    merge(other = {}) {
+        this.delivered += other.delivered || 0;
+        this.opened += other.opened || 0;
+        this.temporaryFailed += other.temporaryFailed || 0;
+        this.permanentFailed += other.permanentFailed || 0;
+        this.unsubscribed += other.unsubscribed || 0;
+        this.complained += other.complained || 0;
+        this.unhandled += other.unhandled || 0;
+        this.unprocessable += other.unprocessable || 0;
+        this.processingFailures += other.processingFailures || 0;
+        // TODO: come up with a cleaner way to merge these without churning through Array and Set
+        this.emailIds = Array.from(new Set([...this.emailIds, ...(other.emailIds || [])])).filter(Boolean);
+        this.memberIds = Array.from(new Set([...this.memberIds, ...(other.memberIds || [])])).filter(Boolean);
+    }
+}
+module.exports = EventProcessingResult;

package/core/server/services/explore-ping/ExplorePingService.js ADDED Viewed

@@ -0,0 +1,106 @@
+module.exports = class ExplorePingService {
+    /**
+     * @param {object} deps
+     * @param {{getPublic: () => import('../../../shared/settings-cache/CacheManager').PublicSettingsCache}} deps.settingsCache
+     * @param {object} deps.config
+     * @param {object} deps.labs
+     * @param {object} deps.logging
+     * @param {object} deps.ghostVersion
+     * @param {object} deps.request
+     * @param {{stats: {
+     *   getMostRecentlyPublishedPostDate: () => Promise<Date>,
+     *   getFirstPublishedPostDate: () => Promise<Date>,
+     *   getTotalPostsPublished: () => Promise<number>
+     * }}} deps.posts
+     * @param {{stats: {
+     *   getTotalMembers: () => Promise<number>
+     * }}} deps.members
+     */
+    constructor({settingsCache, config, labs, logging, ghostVersion, request, posts, members}) {
+        this.settingsCache = settingsCache;
+        this.config = config;
+        this.labs = labs;
+        this.logging = logging;
+        this.ghostVersion = ghostVersion;
+        this.request = request;
+        this.posts = posts;
+        this.members = members;
+    }
+    async constructPayload() {
+        /* eslint-disable camelcase */
+        const {title, description, icon, locale, accent_color, twitter, facebook} = this.settingsCache.getPublic();
+        // Get post statistics
+        const [totalPosts, lastPublishedAt, firstPublishedAt] = await Promise.all([
+            this.posts.stats.getTotalPostsPublished(),
+            this.posts.stats.getMostRecentlyPublishedPostDate(),
+            this.posts.stats.getFirstPublishedPostDate()
+        ]);
+        // Get member statistics with error handling
+        let totalMembers = null;
+        try {
+            totalMembers = await this.members.stats.getTotalMembers();
+        } catch (err) {
+            this.logging.warn('Failed to fetch member statistics', {
+                error: err.message,
+                context: 'explore-ping-service'
+            });
+            // Continue without member statistics
+        }
+        return {
+            ghost: this.ghostVersion.full,
+            url: this.config.get('url'),
+            title,
+            description,
+            icon,
+            locale,
+            accent_color,
+            twitter,
+            facebook,
+            posts_first: firstPublishedAt ? firstPublishedAt.toISOString() : null,
+            posts_last: lastPublishedAt ? lastPublishedAt.toISOString() : null,
+            posts_total: totalPosts,
+            members_total: totalMembers
+        };
+        /* eslint-enable camelcase */
+    }
+    async makeRequest(exploreUrl, payload) {
+        const json = JSON.stringify(payload);
+        this.logging.info('Pinging Explore with Payload', exploreUrl, json);
+        try {
+            const response = await this.request(exploreUrl, {
+                method: 'POST',
+                body: json,
+                headers: {
+                    'Content-Type': 'application/json'
+                }
+            });
+            this.logging.info('Explore Response', response.statusCode, response.statusMessage);
+            return response;
+        } catch (err) {
+            this.logging.warn('Explore Error', err.message);
+        }
+    }
+    async ping() {
+        if (!this.labs.isSet('explore')) {
+            return;
+        }
+        const exploreUrl = this.config.get('explore:url');
+        if (!exploreUrl) {
+            this.logging.warn('Explore URL not set');
+            return;
+        }
+        const payload = await this.constructPayload();
+        await this.makeRequest(exploreUrl, payload);
+    }
+};

package/core/server/services/explore-ping/index.js ADDED Viewed

@@ -0,0 +1,31 @@
+const ExplorePingService = require('./ExplorePingService');
+const config = require('../../../shared/config');
+const labs = require('../../../shared/labs');
+const logging = require('@tryghost/logging');
+const ghostVersion = require('@tryghost/version');
+const request = require('@tryghost/request');
+const settingsCache = require('../../../shared/settings-cache');
+const posts = require('../posts/posts-service');
+const members = require('../members');
+// Export the creation function for testing
+module.exports.createService = function createService() {
+    return new ExplorePingService({
+        settingsCache,
+        config,
+        labs,
+        logging,
+        ghostVersion,
+        request,
+        posts: posts(),
+        members
+    });
+};
+module.exports.init = async function init() {
+    const explorePingService = module.exports.createService();
+    // The final intention is to have this run on a schedule
+    // For the initial version, we'll just ping when the server starts
+    await explorePingService.ping();
+};

package/core/server/services/identity-tokens/IdentityTokenService.js ADDED Viewed

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.IdentityTokenService = void 0;
+const jsonwebtoken_1 = require("jsonwebtoken");
+class IdentityTokenService {
+    privateKey;
+    issuer;
+    keyId;
+    constructor(privateKey, issuer, keyId) {
+        this.privateKey = privateKey;
+        this.issuer = issuer;
+        this.keyId = keyId;
+    }
+    async getTokenForUser(email, role) {
+        const claims = {
+            sub: email
+        };
+        if (typeof role === 'string') {
+            claims.role = role;
+        }
+        const token = (0, jsonwebtoken_1.sign)(claims, this.privateKey, {
+            issuer: this.issuer,
+            expiresIn: '5m',
+            algorithm: 'RS256',
+            keyid: this.keyId
+        });
+        return token;
+    }
+}
+exports.IdentityTokenService = IdentityTokenService;

package/core/server/services/identity-tokens/IdentityTokenService.ts ADDED Viewed

@@ -0,0 +1,28 @@
+import {sign} from 'jsonwebtoken';
+export class IdentityTokenService {
+    constructor(
+        private privateKey: string,
+        private issuer: string,
+        private keyId: string
+    ) {}
+    async getTokenForUser(email: string, role?: string) {
+        const claims: Record<string, string> = {
+            sub: email
+        };
+        if (typeof role === 'string') {
+            claims.role = role;
+        }
+        const token = sign(claims, this.privateKey, {
+            issuer: this.issuer,
+            expiresIn: '5m',
+            algorithm: 'RS256',
+            keyid: this.keyId
+        });
+        return token;
+    }
+}

package/core/server/services/identity-tokens/IdentityTokenServiceWrapper.js CHANGED Viewed

@@ -1,4 +1,4 @@
-const {IdentityTokenService} = require('@tryghost/identity-token-service');
+const {IdentityTokenService} = require('./IdentityTokenService');
 module.exports = class IdentityTokenServiceWrapper {
     /** @type IdentityTokenService */

package/core/server/services/invitations/accept.js CHANGED Viewed

@@ -2,13 +2,16 @@ const errors = require('@tryghost/errors');
 const tpl = require('@tryghost/tpl');
 const models = require('../../models');
 const security = require('@tryghost/security');
-const messages = {inviteNotFound: 'Invite not found.',
+const messages = {
+    inviteNotFound: 'Invite not found.',
     inviteExpired: 'Invite is expired.',
     inviteEmailAlreadyExist: {
         message: 'Could not create an account, email is already in use.',
         context: 'Attempting to create an account with existing email address.',
         help: 'Use different email address to register your account.'
-    }};
+    }
+};
 async function accept(invitation) {
     const data = invitation.invitation[0];

package/core/server/services/mail-events/BookshelfMailEventRepository.js CHANGED Viewed

@@ -1,6 +1,6 @@
 /**
- * @typedef {import('@tryghost/mail-events').MailEventRepository} MailEventRepository
- * @typedef {import('@tryghost/mail-events').MailEvent} MailEvent
+ * @typedef {import('./MailEventRepository')} MailEventRepository
+ * @typedef {import('./MailEvent').MailEvent} MailEvent
  */
 /**

package/core/server/services/mail-events/InMemoryMailEventRepository.js ADDED Viewed

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.InMemoryMailEventRepository = void 0;
+const in_memory_repository_1 = require("@tryghost/in-memory-repository");
+class InMemoryMailEventRepository extends in_memory_repository_1.InMemoryRepository {
+    toPrimitive() {
+        return {};
+    }
+}
+exports.InMemoryMailEventRepository = InMemoryMailEventRepository;

package/core/server/services/mail-events/InMemoryMailEventRepository.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import {InMemoryRepository} from '@tryghost/in-memory-repository';
+import {MailEvent} from './MailEvent';
+export class InMemoryMailEventRepository extends InMemoryRepository<string, MailEvent> {
+    protected toPrimitive(): object {
+        return {};
+    }
+}

package/core/server/services/mail-events/MailEvent.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MailEvent = void 0;
+class MailEvent {
+    id;
+    type;
+    messageId;
+    recipient;
+    timestampMs;
+    deleted;
+    constructor(id, type, messageId, recipient, timestampMs, deleted = false) {
+        this.id = id;
+        this.type = type;
+        this.messageId = messageId;
+        this.recipient = recipient;
+        this.timestampMs = timestampMs;
+        this.deleted = deleted;
+    }
+}
+exports.MailEvent = MailEvent;

package/core/server/services/mail-events/MailEvent.ts ADDED Viewed

@@ -0,0 +1,10 @@
+export class MailEvent {
+    constructor(
+        readonly id: string,
+        readonly type: string,
+        readonly messageId: string,
+        readonly recipient: string,
+        readonly timestampMs: number,
+        readonly deleted: boolean = false
+    ) {}
+}

package/core/server/services/mail-events/MailEventRepository.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/core/server/services/mail-events/MailEventRepository.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import {MailEvent} from './MailEvent';
+export interface MailEventRepository {
+    save(event: MailEvent): Promise<void>;
+}

package/core/server/services/mail-events/MailEventService.js ADDED Viewed

@@ -0,0 +1,124 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MailEventService = void 0;
+const crypto_1 = __importDefault(require("crypto"));
+const errors_1 = __importDefault(require("@tryghost/errors"));
+const tpl_1 = __importDefault(require("@tryghost/tpl"));
+const MailEvent_1 = require("./MailEvent");
+/**
+ * @see https://documentation.mailgun.com/en/latest/user_manual.html#events-1
+ */
+var EventType;
+(function (EventType) {
+    EventType["CLICKED"] = "clicked";
+    EventType["COMPLAINED"] = "complained";
+    EventType["DELIVERED"] = "delivered";
+    EventType["FAILED"] = "failed";
+    EventType["OPENED"] = "opened";
+    EventType["UNSUBSCRIBED"] = "unsubscribed";
+})(EventType || (EventType = {}));
+const VALIDATION_MESSAGES = {
+    signingKeyNotConfigured: 'payload signing key is not configured',
+    payloadSignatureMissing: 'Payload is missing "signature"',
+    payloadSignatureInvalid: '"signature" is invalid',
+    payloadEventsMissing: 'Payload is missing "mail_events"',
+    payloadEventsInvalid: '"mail_events" is not an array',
+    payloadEventKeyMissing: 'Event [{idx}] is missing "{key}"'
+};
+class MailEventService {
+    mailEventRepository;
+    config;
+    labs;
+    static LABS_KEY = 'mailEvents';
+    static CONFIG_KEY_PAYLOAD_SIGNING_KEY = 'hostSettings:mailEventsPayloadSigningKey';
+    constructor(mailEventRepository, config, labs) {
+        this.mailEventRepository = mailEventRepository;
+        this.config = config;
+        this.labs = labs;
+    }
+    async processPayload(payload) {
+        if (this.labs.isSet(MailEventService.LABS_KEY) === false) {
+            throw new errors_1.default.NotFoundError();
+        }
+        const payloadSigningKey = this.config.get(MailEventService.CONFIG_KEY_PAYLOAD_SIGNING_KEY);
+        // Verify that the service is configured correctly - We expect a string
+        // for the payload signing key but as a safeguard we check the type here
+        // to prevent any unexpected behaviour
+        if (typeof payloadSigningKey !== 'string') {
+            throw new errors_1.default.InternalServerError({
+                message: (0, tpl_1.default)(VALIDATION_MESSAGES.signingKeyNotConfigured)
+            });
+        }
+        // Verify the payload
+        this.verifyPayload(payload, payloadSigningKey);
+        // Store known events
+        const eventTypes = new Set(Object.values(EventType));
+        for (const payloadEvent of payload.mail_events) {
+            if (eventTypes.has(payloadEvent.event) === false) {
+                continue;
+            }
+            try {
+                await this.mailEventRepository.save(new MailEvent_1.MailEvent(payloadEvent.id, payloadEvent.event, payloadEvent.message.headers['message-id'], payloadEvent.recipient, payloadEvent.timestamp * 1000));
+            }
+            catch (err) {
+                throw new errors_1.default.InternalServerError({
+                    message: 'Event could not be stored',
+                    err: err
+                });
+            }
+        }
+    }
+    validatePayload(payload) {
+        if (payload.signature === undefined) {
+            throw new errors_1.default.ValidationError({
+                message: (0, tpl_1.default)(VALIDATION_MESSAGES.payloadSignatureMissing)
+            });
+        }
+        if (typeof payload.signature !== 'string') {
+            throw new errors_1.default.ValidationError({
+                message: (0, tpl_1.default)(VALIDATION_MESSAGES.payloadSignatureInvalid)
+            });
+        }
+        if (payload.mail_events === undefined) {
+            throw new errors_1.default.ValidationError({
+                message: (0, tpl_1.default)(VALIDATION_MESSAGES.payloadEventsMissing)
+            });
+        }
+        if (Array.isArray(payload.mail_events) === false) {
+            throw new errors_1.default.ValidationError({
+                message: (0, tpl_1.default)(VALIDATION_MESSAGES.payloadEventsInvalid)
+            });
+        }
+        const expectedKeys = ['id', 'timestamp', 'event', 'message', 'recipient'];
+        payload.mail_events.forEach((payloadEvent, idx) => {
+            expectedKeys.forEach((key) => {
+                if (payloadEvent[key] === undefined) {
+                    throw new errors_1.default.ValidationError({
+                        message: (0, tpl_1.default)(VALIDATION_MESSAGES.payloadEventKeyMissing, { idx, key })
+                    });
+                }
+                if (key === 'message' && payloadEvent.message.headers?.['message-id'] === undefined) {
+                    throw new errors_1.default.ValidationError({
+                        message: (0, tpl_1.default)(VALIDATION_MESSAGES.payloadEventKeyMissing, { idx, key: 'message.headers.message-id' })
+                    });
+                }
+            });
+        });
+    }
+    verifyPayload(payload, payloadSigningKey) {
+        const data = JSON.stringify(payload.mail_events);
+        const signature = crypto_1.default
+            .createHmac('sha256', payloadSigningKey)
+            .update(data)
+            .digest('hex');
+        if (signature !== payload.signature) {
+            throw new errors_1.default.UnauthorizedError({
+                message: (0, tpl_1.default)(VALIDATION_MESSAGES.payloadSignatureInvalid)
+            });
+        }
+    }
+}
+exports.MailEventService = MailEventService;

package/core/server/services/mail-events/MailEventService.ts ADDED Viewed

@@ -0,0 +1,169 @@
+import crypto from 'crypto';
+import errors from '@tryghost/errors';
+import tpl from '@tryghost/tpl';
+import {MailEvent} from './MailEvent';
+import {MailEventRepository} from './MailEventRepository';
+/**
+ * @see https://documentation.mailgun.com/en/latest/user_manual.html#events-1
+ */
+enum EventType { // eslint-disable-line no-shadow
+    CLICKED = 'clicked',
+    COMPLAINED = 'complained',
+    DELIVERED = 'delivered',
+    FAILED = 'failed',
+    OPENED = 'opened',
+    UNSUBSCRIBED = 'unsubscribed'
+}
+interface PayloadEvent {
+    id: string;
+    timestamp: number; // Unix timestamp in seconds
+    event: string;
+    message: {
+        headers: {
+            'message-id': string;
+        }
+    },
+    recipient: string;
+}
+interface Payload {
+    signature: string;
+    mail_events: PayloadEvent[];
+}
+interface Labs {
+    isSet(key: string): boolean;
+}
+interface Config {
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    get(key: string): any;
+}
+const VALIDATION_MESSAGES = {
+    signingKeyNotConfigured: 'payload signing key is not configured',
+    payloadSignatureMissing: 'Payload is missing "signature"',
+    payloadSignatureInvalid: '"signature" is invalid',
+    payloadEventsMissing: 'Payload is missing "mail_events"',
+    payloadEventsInvalid: '"mail_events" is not an array',
+    payloadEventKeyMissing: 'Event [{idx}] is missing "{key}"'
+};
+export class MailEventService {
+    static readonly LABS_KEY = 'mailEvents';
+    static readonly CONFIG_KEY_PAYLOAD_SIGNING_KEY = 'hostSettings:mailEventsPayloadSigningKey';
+    constructor(
+        private mailEventRepository: MailEventRepository,
+        private config: Config,
+        private labs: Labs
+    ) {}
+    async processPayload(payload: Payload) {
+        if (this.labs.isSet(MailEventService.LABS_KEY) === false) {
+            throw new errors.NotFoundError();
+        }
+        const payloadSigningKey = this.config.get(MailEventService.CONFIG_KEY_PAYLOAD_SIGNING_KEY);
+        // Verify that the service is configured correctly - We expect a string
+        // for the payload signing key but as a safeguard we check the type here
+        // to prevent any unexpected behaviour
+        if (typeof payloadSigningKey !== 'string') {
+            throw new errors.InternalServerError({
+                message: tpl(VALIDATION_MESSAGES.signingKeyNotConfigured)
+            });
+        }
+        // Verify the payload
+        this.verifyPayload(payload, payloadSigningKey);
+        // Store known events
+        const eventTypes = new Set<string>(Object.values(EventType) as string[]);
+        for (const payloadEvent of payload.mail_events) {
+            if (eventTypes.has(payloadEvent.event) === false) {
+                continue;
+            }
+            try {
+                await this.mailEventRepository.save(
+                    new MailEvent(
+                        payloadEvent.id,
+                        payloadEvent.event,
+                        payloadEvent.message.headers['message-id'],
+                        payloadEvent.recipient,
+                        payloadEvent.timestamp * 1000
+                    )
+                );
+            } catch (err) {
+                throw new errors.InternalServerError({
+                    message: 'Event could not be stored',
+                    err: err
+                });
+            }
+        }
+    }
+    validatePayload(payload: Payload) {
+        if (payload.signature === undefined) {
+            throw new errors.ValidationError({
+                message: tpl(VALIDATION_MESSAGES.payloadSignatureMissing)
+            });
+        }
+        if (typeof payload.signature !== 'string') {
+            throw new errors.ValidationError({
+                message: tpl(VALIDATION_MESSAGES.payloadSignatureInvalid)
+            });
+        }
+        if (payload.mail_events === undefined) {
+            throw new errors.ValidationError({
+                message: tpl(VALIDATION_MESSAGES.payloadEventsMissing)
+            });
+        }
+        if (Array.isArray(payload.mail_events) === false) {
+            throw new errors.ValidationError({
+                message: tpl(VALIDATION_MESSAGES.payloadEventsInvalid)
+            });
+        }
+        const expectedKeys: (keyof PayloadEvent)[] = ['id', 'timestamp', 'event', 'message', 'recipient'];
+        payload.mail_events.forEach((payloadEvent, idx) => {
+            expectedKeys.forEach((key) => {
+                if (payloadEvent[key] === undefined) {
+                    throw new errors.ValidationError({
+                        message: tpl(VALIDATION_MESSAGES.payloadEventKeyMissing, {idx, key})
+                    });
+                }
+                if (key === 'message' && payloadEvent.message.headers?.['message-id'] === undefined) {
+                    throw new errors.ValidationError({
+                        message: tpl(VALIDATION_MESSAGES.payloadEventKeyMissing, {idx, key: 'message.headers.message-id'})
+                    });
+                }
+            });
+        });
+    }
+    private verifyPayload(payload: Payload, payloadSigningKey: string) {
+        const data = JSON.stringify(payload.mail_events);
+        const signature = crypto
+            .createHmac('sha256', payloadSigningKey)
+            .update(data)
+            .digest('hex');
+        if (signature !== payload.signature) {
+            throw new errors.UnauthorizedError({
+                message: tpl(VALIDATION_MESSAGES.payloadSignatureInvalid)
+            });
+        }
+    }
+}

package/core/server/services/mail-events/index.js CHANGED Viewed

@@ -1,4 +1,4 @@
-const {MailEventService} = require('@tryghost/mail-events');
+const {MailEventService} = require('./MailEventService');
 const MailEventRepository = require('./BookshelfMailEventRepository.js');
 class MailEventsServiceWrapper {

package/core/server/services/mail-events/libraries.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ declare module '@tryghost/errors';
2	+ declare module '@tryghost/tpl';