ghost 5.14.1 → 5.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/components/{tryghost-adapter-manager-5.14.1.tgz → tryghost-adapter-manager-5.15.0.tgz} +0 -0
  2. package/components/{tryghost-api-framework-5.14.1.tgz → tryghost-api-framework-5.15.0.tgz} +0 -0
  3. package/components/{tryghost-api-version-compatibility-service-5.14.1.tgz → tryghost-api-version-compatibility-service-5.15.0.tgz} +0 -0
  4. package/components/tryghost-bootstrap-socket-5.15.0.tgz +0 -0
  5. package/components/tryghost-constants-5.15.0.tgz +0 -0
  6. package/components/{tryghost-custom-theme-settings-service-5.14.1.tgz → tryghost-custom-theme-settings-service-5.15.0.tgz} +0 -0
  7. package/components/tryghost-domain-events-5.15.0.tgz +0 -0
  8. package/components/tryghost-email-analytics-provider-mailgun-5.15.0.tgz +0 -0
  9. package/components/tryghost-email-analytics-service-5.15.0.tgz +0 -0
  10. package/components/tryghost-email-content-generator-5.15.0.tgz +0 -0
  11. package/components/tryghost-express-dynamic-redirects-5.15.0.tgz +0 -0
  12. package/components/tryghost-extract-api-key-5.15.0.tgz +0 -0
  13. package/components/tryghost-html-to-plaintext-5.15.0.tgz +0 -0
  14. package/components/{tryghost-job-manager-5.14.1.tgz → tryghost-job-manager-5.15.0.tgz} +0 -0
  15. package/components/tryghost-link-redirects-5.15.0.tgz +0 -0
  16. package/components/tryghost-link-replacement-5.15.0.tgz +0 -0
  17. package/components/tryghost-link-tracking-5.15.0.tgz +0 -0
  18. package/components/{tryghost-magic-link-5.14.1.tgz → tryghost-magic-link-5.15.0.tgz} +0 -0
  19. package/components/tryghost-mailgun-client-5.15.0.tgz +0 -0
  20. package/components/{tryghost-member-analytics-service-5.14.1.tgz → tryghost-member-analytics-service-5.15.0.tgz} +0 -0
  21. package/components/tryghost-member-attribution-5.15.0.tgz +0 -0
  22. package/components/tryghost-member-events-5.15.0.tgz +0 -0
  23. package/components/tryghost-members-analytics-ingress-5.15.0.tgz +0 -0
  24. package/components/tryghost-members-api-5.15.0.tgz +0 -0
  25. package/components/tryghost-members-csv-5.15.0.tgz +0 -0
  26. package/components/tryghost-members-events-service-5.15.0.tgz +0 -0
  27. package/components/tryghost-members-importer-5.15.0.tgz +0 -0
  28. package/components/tryghost-members-offers-5.15.0.tgz +0 -0
  29. package/components/{tryghost-members-payments-5.14.1.tgz → tryghost-members-payments-5.15.0.tgz} +0 -0
  30. package/components/{tryghost-members-ssr-5.14.1.tgz → tryghost-members-ssr-5.15.0.tgz} +0 -0
  31. package/components/tryghost-members-stripe-service-5.15.0.tgz +0 -0
  32. package/components/tryghost-minifier-5.15.0.tgz +0 -0
  33. package/components/tryghost-mw-api-version-mismatch-5.15.0.tgz +0 -0
  34. package/components/tryghost-mw-cache-control-5.15.0.tgz +0 -0
  35. package/components/{tryghost-mw-error-handler-5.14.1.tgz → tryghost-mw-error-handler-5.15.0.tgz} +0 -0
  36. package/components/tryghost-mw-session-from-token-5.15.0.tgz +0 -0
  37. package/components/tryghost-mw-update-user-last-seen-5.15.0.tgz +0 -0
  38. package/components/tryghost-mw-vhost-5.15.0.tgz +0 -0
  39. package/components/{tryghost-oembed-service-5.14.1.tgz → tryghost-oembed-service-5.15.0.tgz} +0 -0
  40. package/components/{tryghost-package-json-5.14.1.tgz → tryghost-package-json-5.15.0.tgz} +0 -0
  41. package/components/tryghost-security-5.15.0.tgz +0 -0
  42. package/components/{tryghost-session-service-5.14.1.tgz → tryghost-session-service-5.15.0.tgz} +0 -0
  43. package/components/{tryghost-settings-path-manager-5.14.1.tgz → tryghost-settings-path-manager-5.15.0.tgz} +0 -0
  44. package/components/tryghost-staff-service-5.15.0.tgz +0 -0
  45. package/components/{tryghost-update-check-service-5.14.1.tgz → tryghost-update-check-service-5.15.0.tgz} +0 -0
  46. package/components/{tryghost-verification-trigger-5.14.1.tgz → tryghost-verification-trigger-5.15.0.tgz} +0 -0
  47. package/components/tryghost-version-notifications-data-service-5.15.0.tgz +0 -0
  48. package/content/themes/casper/default.hbs +2 -2
  49. package/core/boot.js +12 -3
  50. package/core/built/admin/assets/{chunk.143.fa1d2a279fd46b1f8e63.js → chunk.143.558b9943af7b15f189ae.js} +20 -20
  51. package/core/built/admin/assets/{chunk.174.2edaa0869bfc2d88cf90.js → chunk.174.e1e89637eab79fdd5c5d.js} +68 -68
  52. package/core/built/admin/assets/{chunk.178.2292bd0899558aebead6.js → chunk.178.a9f6ddaea01e2bc76235.js} +4 -4
  53. package/core/built/admin/assets/{chunk.579.2de3f4300baf25f9a0db.js → chunk.579.dc11bf8dda5cf4406708.js} +5464 -4961
  54. package/core/built/admin/assets/{chunk.579.2de3f4300baf25f9a0db.js.LICENSE.txt → chunk.579.dc11bf8dda5cf4406708.js.LICENSE.txt} +0 -0
  55. package/core/built/admin/assets/fonts/{Inter.ttf → Inter-e19174fb2c0e19b1fa67492a07886c75.ttf} +0 -0
  56. package/core/built/admin/assets/{ghost-8919656440ad4617a07bb31069b1f71b.js → ghost-4b1b550e34300f5f4774a261aac29557.js} +487 -470
  57. package/core/built/admin/assets/ghost-c933adafb359b75ea1577365ce252e76.css +1 -0
  58. package/core/built/admin/assets/ghost-dark-04981c84bf590e0fae0a8e83e018190f.css +1 -0
  59. package/core/built/admin/assets/img/{amp.svg → amp-d7b72aae3315fda95921fb575dfca100.svg} +0 -0
  60. package/core/built/admin/assets/img/{disqus.svg → disqus-43503a3fa4f38dc8c61c7358b811f343.svg} +0 -0
  61. package/core/built/admin/assets/img/{favicon.ico → favicon-a9c6dbdcdc3ae568f4e0dad92149a0e3.ico} +0 -0
  62. package/core/built/admin/assets/img/{github.svg → github-c3a739c59df26fed12c10ffb00b33bd4.svg} +0 -0
  63. package/core/built/admin/assets/img/{google-docs.svg → google-docs-1e42cc272fc088da49e4b0ddfb01b006.svg} +0 -0
  64. package/core/built/admin/assets/img/{mailchimp.svg → mailchimp-f22b1e130aac764965b9306d7265a6b2.svg} +0 -0
  65. package/core/built/admin/assets/img/{patreon.svg → patreon-b19a5e6418a72977a16b30039d374d04.svg} +0 -0
  66. package/core/built/admin/assets/img/{paypal.svg → paypal-38e9448ce7549ea4caf8e7753ae661d6.svg} +0 -0
  67. package/core/built/admin/assets/img/{twitter.svg → twitter-7a7a0ba12d9b5bfb8a2058764a827c31.svg} +0 -0
  68. package/core/built/admin/assets/img/{typeform.svg → typeform-9f23f8712d776a7515594676285266f5.svg} +0 -0
  69. package/core/built/admin/assets/img/{unsplash.svg → unsplash-5b329eef0b11447b4117eaf817ebad6f.svg} +0 -0
  70. package/core/built/admin/assets/img/{zapier.svg → zapier-bf93bc440a3fd43b73489a63c215cdc7.svg} +0 -0
  71. package/core/built/admin/assets/img/{zapier-logo.svg → zapier-logo-a125f24313dfe01ef49af01fc90061fb.svg} +0 -0
  72. package/core/built/admin/assets/{vendor-eb76d0236a09b8b6f44675dba45b1fc6.js → vendor-271c32988ab16ba175a9bfa2acb2887a.js} +45 -39
  73. package/core/built/admin/assets/videos/logo-loader.mp4 +0 -0
  74. package/core/built/admin/index.html +11 -8
  75. package/core/frontend/src/member-attribution/member-attribution.js +27 -0
  76. package/core/frontend/web/site.js +10 -7
  77. package/core/server/api/endpoints/redirects.js +6 -8
  78. package/core/server/api/endpoints/utils/permissions.js +2 -16
  79. package/core/server/api/endpoints/utils/serializers/input/pages.js +5 -5
  80. package/core/server/api/endpoints/utils/serializers/input/posts.js +7 -7
  81. package/core/server/api/endpoints/utils/serializers/input/settings.js +1 -0
  82. package/core/server/api/endpoints/utils/validators/input/pages.js +24 -9
  83. package/core/server/api/endpoints/utils/validators/input/posts.js +24 -9
  84. package/core/server/data/exporter/table-lists.js +1 -0
  85. package/core/server/data/migrations/utils/settings.js +1 -3
  86. package/core/server/data/migrations/versions/5.15/2022-09-12-16-10-add-posts-lexical-column.js +8 -0
  87. package/core/server/data/migrations/versions/5.15/2022-09-14-12-46-add-email-track-clicks-setting.js +8 -0
  88. package/core/server/data/migrations/versions/5.15/2022-09-16-08-22-add-post-revisions-table.js +9 -0
  89. package/core/server/data/schema/default-settings/default-settings.json +8 -0
  90. package/core/server/data/schema/schema.js +8 -0
  91. package/core/server/lib/lexical.js +12 -0
  92. package/core/server/models/base/plugins/user-type.js +4 -6
  93. package/core/server/models/post-revision.js +35 -0
  94. package/core/server/models/post.js +72 -7
  95. package/core/server/services/bulk-email/bulk-email-processor.js +2 -5
  96. package/core/server/services/{redirects → custom-redirects}/api.js +0 -0
  97. package/core/server/services/{redirects → custom-redirects}/index.js +0 -0
  98. package/core/server/services/{redirects → custom-redirects}/utils.js +0 -0
  99. package/core/server/services/{redirects → custom-redirects}/validation.js +0 -0
  100. package/core/server/services/explore/service.js +5 -3
  101. package/core/server/services/link-click-tracking/index.js +25 -0
  102. package/core/server/services/link-redirection/index.js +33 -0
  103. package/core/server/services/link-replacement/index.js +24 -0
  104. package/core/server/services/mega/email-preview.js +7 -0
  105. package/core/server/services/mega/mega.js +1 -1
  106. package/core/server/services/mega/post-email-serializer.js +75 -27
  107. package/core/server/services/mega/template.js +1 -1
  108. package/core/server/services/members/api.js +0 -2
  109. package/core/server/services/permissions/index.js +1 -2
  110. package/core/server/services/posts/posts-service.js +7 -16
  111. package/core/server/services/posts/stats/post-stats.js +35 -0
  112. package/core/server/services/staff/index.js +10 -1
  113. package/core/server/services/url/config.js +2 -0
  114. package/core/shared/config/defaults.json +2 -2
  115. package/core/shared/config/overrides.json +3 -2
  116. package/core/shared/labs.js +4 -2
  117. package/package.json +97 -90
  118. package/yarn.lock +395 -198
  119. package/components/tryghost-bootstrap-socket-5.14.1.tgz +0 -0
  120. package/components/tryghost-constants-5.14.1.tgz +0 -0
  121. package/components/tryghost-domain-events-5.14.1.tgz +0 -0
  122. package/components/tryghost-email-analytics-provider-mailgun-5.14.1.tgz +0 -0
  123. package/components/tryghost-email-analytics-service-5.14.1.tgz +0 -0
  124. package/components/tryghost-email-content-generator-5.14.1.tgz +0 -0
  125. package/components/tryghost-express-dynamic-redirects-5.14.1.tgz +0 -0
  126. package/components/tryghost-extract-api-key-5.14.1.tgz +0 -0
  127. package/components/tryghost-html-to-plaintext-5.14.1.tgz +0 -0
  128. package/components/tryghost-mailgun-client-5.14.1.tgz +0 -0
  129. package/components/tryghost-member-attribution-5.14.1.tgz +0 -0
  130. package/components/tryghost-member-events-5.14.1.tgz +0 -0
  131. package/components/tryghost-members-analytics-ingress-5.14.1.tgz +0 -0
  132. package/components/tryghost-members-api-5.14.1.tgz +0 -0
  133. package/components/tryghost-members-csv-5.14.1.tgz +0 -0
  134. package/components/tryghost-members-events-service-5.14.1.tgz +0 -0
  135. package/components/tryghost-members-importer-5.14.1.tgz +0 -0
  136. package/components/tryghost-members-offers-5.14.1.tgz +0 -0
  137. package/components/tryghost-members-stripe-service-5.14.1.tgz +0 -0
  138. package/components/tryghost-minifier-5.14.1.tgz +0 -0
  139. package/components/tryghost-mw-api-version-mismatch-5.14.1.tgz +0 -0
  140. package/components/tryghost-mw-cache-control-5.14.1.tgz +0 -0
  141. package/components/tryghost-mw-session-from-token-5.14.1.tgz +0 -0
  142. package/components/tryghost-mw-update-user-last-seen-5.14.1.tgz +0 -0
  143. package/components/tryghost-mw-vhost-5.14.1.tgz +0 -0
  144. package/components/tryghost-security-5.14.1.tgz +0 -0
  145. package/components/tryghost-staff-service-5.14.1.tgz +0 -0
  146. package/components/tryghost-version-notifications-data-service-5.14.1.tgz +0 -0
  147. package/core/built/admin/assets/ghost-40adc8310dcdd0be163cbf7b9d89c59a.css +0 -1
  148. package/core/built/admin/assets/ghost-dark-13b669d50f494edf24d832b32ece2177.css +0 -1
  149. package/core/server/services/permissions/public.js +0 -76
package/core/server/services/permissions/public.js DELETED
@@ -1,76 +0,0 @@
1
- const _ = require('lodash');
2
- const Promise = require('bluebird');
3
- const errors = require('@tryghost/errors');
4
- const tpl = require('@tryghost/tpl');
5
- const parseContext = require('./parse-context');
6
- const _private = {};
7
-
8
- const messages = {
9
- error: 'You do not have permission to retrieve {docName} with that status'
10
- };
11
-
12
- /**
13
- * @TODO:
14
- *
15
- * - remove if we drop `extraFilters` (see e.g. post model)
16
- * - we currently accept `?status={value}` in the API
17
- * - but instead people should use the `?filter=status:{value}`
18
- *
19
- * This function protects against:
20
- *
21
- * - public context cannot fetch draft/scheduled posts
22
- */
23
- _private.applyStatusRules = function applyStatusRules(docName, method, opts) {
24
- const err = new errors.NoPermissionError({message: tpl(messages.error, {docName: docName})});
25
-
26
- // Enforce status 'active' for users
27
- if (docName === 'users') {
28
- if (!opts.status) {
29
- return 'all';
30
- }
31
- }
32
-
33
- // Enforce status 'published' for posts
34
- if (docName === 'posts') {
35
- if (!opts.status) {
36
- return 'published';
37
- } else if (
38
- method === 'read'
39
- && (opts.status === 'draft' || opts.status === 'all')
40
- && _.isString(opts.uuid) && _.isUndefined(opts.id) && _.isUndefined(opts.slug)
41
- ) {
42
- // public read requests can retrieve a draft, but only by UUID
43
- return opts.status;
44
- } else if (opts.status !== 'published') {
45
- // any other parameter would make this a permissions error
46
- throw err;
47
- }
48
- }
49
-
50
- return opts.status;
51
- };
52
-
53
- /**
54
- * API Public Permission Rules
55
- * This method enforces the rules for public requests
56
- * @param {String} docName
57
- * @param {String} method (read || browse)
58
- * @param {Object} options
59
- * @returns {Object} options
60
- */
61
- module.exports = function applyPublicRules(docName, method, options) {
62
- try {
63
- // If this is a public context
64
- if (parseContext(options.context).public === true) {
65
- if (method === 'browse') {
66
- options.status = _private.applyStatusRules(docName, method, options);
67
- } else if (method === 'read') {
68
- options.data.status = _private.applyStatusRules(docName, method, options.data);
69
- }
70
- }
71
-
72
- return Promise.resolve(options);
73
- } catch (err) {
74
- return Promise.reject(err);
75
- }
76
- };