ghost 5.80.2 → 5.80.3

package/core/built/admin/index.html

@@ -8,7 +8,7 @@
     <title>Ghost Admin</title>
 
     
-<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22cdnUrl%22%3A%22%22%2C%22editorUrl%22%3A%22%22%2C%22rootURL%22%3A%22%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%225.80%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22ember-websockets%22%3A%7B%22socketIO%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%2C%22editorFilename%22%3A%22koenig-lexical.umd.js%22%2C%22editorHash%22%3A%22c1a8c8a94f%22%2C%22adminXDemoFilename%22%3A%22admin-x-demo.js%22%2C%22adminXDemoHash%22%3A%22d3a1c163cf%22%2C%22adminXSettingsFilename%22%3A%22admin-x-settings.js%22%2C%22adminXSettingsHash%22%3A%2245e586d0c0%22%7D" />
+<meta name="ghost-admin/config/environment" content="%7B%22modulePrefix%22%3A%22ghost-admin%22%2C%22environment%22%3A%22production%22%2C%22cdnUrl%22%3A%22%22%2C%22editorUrl%22%3A%22%22%2C%22rootURL%22%3A%22%22%2C%22locationType%22%3A%22trailing-hash%22%2C%22EmberENV%22%3A%7B%22FEATURES%22%3A%7B%7D%2C%22EXTEND_PROTOTYPES%22%3A%7B%22Date%22%3Afalse%2C%22Array%22%3Atrue%2C%22String%22%3Atrue%2C%22Function%22%3Afalse%7D%2C%22_APPLICATION_TEMPLATE_WRAPPER%22%3Afalse%2C%22_JQUERY_INTEGRATION%22%3Atrue%2C%22_TEMPLATE_ONLY_GLIMMER_COMPONENTS%22%3Atrue%7D%2C%22APP%22%3A%7B%22version%22%3A%225.80%22%2C%22name%22%3A%22ghost-admin%22%7D%2C%22ember-simple-auth%22%3A%7B%7D%2C%22ember-websockets%22%3A%7B%22socketIO%22%3Atrue%7D%2C%22%40sentry%2Fember%22%3A%7B%22disablePerformance%22%3Atrue%2C%22sentry%22%3A%7B%7D%7D%2C%22ember-cli-mirage%22%3A%7B%22usingProxy%22%3Afalse%2C%22useDefaultPassthroughs%22%3Atrue%7D%2C%22exportApplicationGlobal%22%3Afalse%2C%22ember-load%22%3A%7B%22loadingIndicatorClass%22%3A%22ember-load-indicator%22%7D%2C%22editorFilename%22%3A%22koenig-lexical.umd.js%22%2C%22editorHash%22%3A%22c1a8c8a94f%22%2C%22adminXDemoFilename%22%3A%22admin-x-demo.js%22%2C%22adminXDemoHash%22%3A%2224dcc6aee2%22%2C%22adminXSettingsFilename%22%3A%22admin-x-settings.js%22%2C%22adminXSettingsHash%22%3A%2233f4aa4a54%22%7D" />
 
     <meta name="HandheldFriendly" content="True" />
     <meta name="MobileOptimized" content="320" />
@@ -37,7 +37,7 @@
     </style>
 
     <link integrity="" rel="stylesheet" href="assets/vendor-0ede59da8efb5e28fa929557f7ff7154.css">
-    <link integrity="" rel="stylesheet" href="assets/ghost-ab71ce6991cc9bdcd6b915a9c984fa27.css" title="light">
+    <link integrity="" rel="stylesheet" href="assets/ghost-71cfcdf9410af9b3aec11a28f9a4130f.css" title="light">
 
     
 </head>
@@ -57,8 +57,8 @@
     <div id="ember-basic-dropdown-wormhole"></div>
 
     <script src="assets/vendor-43a631b7c834235c4ff0b2186b5ca27d.js"></script>
-<script src="assets/chunk.763.bd01d249eecdcce3856c.js"></script>
-<script src="assets/chunk.524.c3472d95b4bd1a45a18d.js"></script>
-    <script src="assets/ghost-ea7a51891dfca9b7a04aacfffe7dea4e.js"></script>
+<script src="assets/chunk.763.7849440ec6494d2449e9.js"></script>
+<script src="assets/chunk.524.c6ed93ff44a9cb49235c.js"></script>
+    <script src="assets/ghost-594a7dd26bdb4fec210b285cab5555cb.js"></script>
 </body>
 </html>

package/core/frontend/helpers/get.js

@@ -11,6 +11,7 @@ const Sentry = require('@sentry/node');
 
 const _ = require('lodash');
 const jsonpath = require('jsonpath');
+const nqlLang = require('@tryghost/nql-lang');
 
 const messages = {
     mustBeCalledAsBlock: 'The {\\{{helperName}}} helper must be called as a block. E.g. {{#{helperName}}}...{{/{helperName}}}',
@@ -121,6 +122,84 @@ function parseOptions(globals, data, options) {
     return options;
 }
 
+function optimiseFilterCacheability(resource, options) {
+    const noOptimisation = {
+        options,
+        parseResult(result) {
+            return result;
+        }
+    };
+    if (resource !== 'posts') {
+        return noOptimisation;
+    }
+
+    if (!options.filter) {
+        return noOptimisation;
+    }
+
+    try {
+        if (options.filter.split('id:-').length !== 2) {
+            return noOptimisation;
+        }
+
+        const parsedFilter = nqlLang.parse(options.filter);
+        // Support either `id:blah` or `id:blah+other:stuff`
+        if (!parsedFilter.$and && !parsedFilter.id) {
+            return noOptimisation;
+        }
+        const queries = parsedFilter.$and || [parsedFilter];
+        const query = queries.find((q) => {
+            return q?.id?.$ne;
+        });
+
+        if (!query) {
+            return noOptimisation;
+        }
+
+        const idToFilter = query.id.$ne;
+
+        let limit = options.limit;
+        if (options.limit !== 'all') {
+            limit = options.limit ? 1 + parseInt(options.limit, 10) : 16;
+        }
+
+        // We replace with id:-null so we don't have to deal with leading/trailing AND operators
+        const filter = options.filter.replace(/id:-[a-f0-9A-F]{24}/, 'id:-null');
+
+        const parseResult = function parseResult(result) {
+            const filteredPosts = result?.posts?.filter((post) => {
+                return post.id !== idToFilter;
+            }) || [];
+
+            const modifiedResult = {
+                ...result,
+                posts: limit === 'all' ? filteredPosts : filteredPosts.slice(0, limit - 1)
+            };
+
+            modifiedResult.meta = modifiedResult.meta || {};
+            modifiedResult.meta.cacheabilityOptimisation = true;
+
+            if (typeof modifiedResult?.meta?.pagination?.limit === 'number') {
+                modifiedResult.meta.pagination.limit = modifiedResult.meta.pagination.limit - 1;
+            }
+
+            return modifiedResult;
+        };
+
+        return {
+            options: {
+                ...options,
+                limit,
+                filter
+            },
+            parseResult
+        };
+    } catch (err) {
+        logging.warn(err);
+        return noOptimisation;
+    }
+}
+
 /**
  *
  * @param {String} resource
@@ -131,6 +210,12 @@ function parseOptions(globals, data, options) {
  */
 async function makeAPICall(resource, controllerName, action, apiOptions) {
     const controller = api[controllerName];
+    let makeRequest = options => controller[action](options);
+
+    const {
+        options,
+        parseResult
+    } = optimiseFilterCacheability(resource, apiOptions);
 
     let timer;
 
@@ -141,7 +226,7 @@ async function makeAPICall(resource, controllerName, action, apiOptions) {
             const logLevel = config.get('optimization:getHelper:timeout:level') || 'error';
             const threshold = config.get('optimization:getHelper:timeout:threshold');
 
-            const apiResponse = controller[action](apiOptions);
+            const apiResponse = makeRequest(options).then(parseResult);
 
             const timeout = new Promise((resolve) => {
                 timer = setTimeout(() => {
@@ -161,7 +246,7 @@ async function makeAPICall(resource, controllerName, action, apiOptions) {
             response = await Promise.race([apiResponse, timeout]);
             clearTimeout(timer);
         } else {
-            response = await controller[action](apiOptions);
+            response = await makeRequest(options).then(parseResult);
         }
 
         return response;
@@ -279,3 +364,5 @@ module.exports = async function get(resource, options) {
 };
 
 module.exports.async = true;
+
+module.exports.optimiseFilterCacheability = optimiseFilterCacheability;

package/core/frontend/public/robots.txt

@@ -1,7 +1,6 @@
 User-agent: *
 Sitemap: {{blog-url}}/sitemap.xml
 Disallow: /ghost/
-Disallow: /p/
 Disallow: /email/
 Disallow: /r/
 Disallow: /webmentions/receive/

package/core/frontend/services/rendering/renderer.js

@@ -1,6 +1,12 @@
+const path = require('path');
 const debug = require('@tryghost/debug')('services:routing:renderer:renderer');
+const {IncorrectUsageError} = require('@tryghost/errors');
 const setContext = require('./context');
 const templates = require('./templates');
+const tpl = require('@tryghost/tpl');
+const messages = {
+    couldNotReadFile: 'Could not read file {file}'
+};
 
 /**
  * @description Helper function to finally render the data.
@@ -26,5 +32,17 @@ module.exports = function renderer(req, res, data) {
     }
 
     // Render Call
-    res.render(res._template, data);
+    res.render(res._template, data, function (err, html) {
+        if (err) {
+            if (err.code === 'ENOENT') {
+                return req.next(
+                    new IncorrectUsageError({
+                        message: tpl(messages.couldNotReadFile, {file: path.basename(err.path)})
+                    })
+                );
+            }
+            return req.next(err);
+        }
+        res.send(html);
+    });
 };

package/core/frontend/services/theme-engine/i18n/I18n.js

@@ -14,9 +14,9 @@ const get = require('lodash/get');
 class I18n {
     /**
      * @param {object} [options]
-     * @param {string} basePath - the base path to the translations directory
-     * @param {string} [locale] - a locale string
-     * @param {{dot|fulltext}} [stringMode] - which mode our translation keys use
+     * @param {string} options.basePath - the base path to the translations directory
+     * @param {string} [options.locale] - a locale string
+     * @param {string} [options.stringMode] - which mode our translation keys use
      */
     constructor(options = {}) {
         this._basePath = options.basePath || __dirname;
@@ -100,7 +100,7 @@ class I18n {
     /**
      * Attempt to load strings from a file
      *
-     * @param {sting} [locale]
+     * @param {string} [locale]
      * @returns {object} strings
      */
     _loadStrings(locale) {
@@ -110,7 +110,7 @@ class I18n {
             return this._readTranslationsFile(locale);
         } catch (err) {
             if (err.code === 'ENOENT') {
-                this._handleMissingFileError(locale, err);
+                this._handleMissingFileError(locale);
 
                 if (locale !== this.defaultLocale()) {
                     this._handleFallbackToDefault();
@@ -207,7 +207,7 @@ class I18n {
      */
     _readTranslationsFile(locale) {
         const filePath = path.join(...this._translationFileDirs(), this._translationFileName(locale));
-        const content = fs.readFileSync(filePath);
+        const content = fs.readFileSync(filePath, 'utf8');
         return JSON.parse(content);
     }
 
@@ -276,6 +276,7 @@ class I18n {
     _handleMissingFileError(locale) {
         logging.warn(`i18n was unable to find ${locale}.json.`);
     }
+
     _handleInvalidFileError(locale, err) {
         logging.error(new errors.IncorrectUsageError({
             err,

package/core/frontend/services/theme-engine/i18n/ThemeI18n.js

@@ -4,9 +4,9 @@ const I18n = require('./I18n');
 
 class ThemeI18n extends I18n {
     /**
-     * @param {objec} [options]
-     * @param {string} basePath - the base path for the translation directory (e.g. where themes live)
-     * @param {string} [locale] - a locale string
+     * @param {object} [options]
+     * @param {string} options.basePath - the base path for the translation directory (e.g. where themes live)
+     * @param {string} [options.locale] - a locale string
      */
     constructor(options = {}) {
         super(options);
@@ -48,6 +48,7 @@ class ThemeI18n extends I18n {
             logging.warn(`Theme translations file locales/${locale}.json not found.`);
         }
     }
+
     _handleInvalidFileError(locale, err) {
         logging.error(new errors.IncorrectUsageError({
             err,

package/core/server/adapters/storage/LocalStorageBase.js

@@ -58,7 +58,15 @@ class LocalStorageBase extends StorageBase {
         targetFilename = filename;
         await fs.mkdirs(targetDir);
 
-        await fs.copy(file.path, targetFilename);
+        try {
+            await fs.copy(file.path, targetFilename);
+        } catch (err) {
+            if (err.code === 'ENAMETOOLONG') {
+                throw new errors.BadRequestError({err});
+            }
+
+            throw err;
+        }
 
         // The src for the image must be in URI format, not a file system path, which in Windows uses \
         // For local file system storage can use relative path so add a slash
@@ -149,6 +157,10 @@ class LocalStorageBase extends StorageBase {
                         return next(new errors.NoPermissionError({err: err}));
                     }
 
+                    if (err.name === 'RangeNotSatisfiableError') {
+                        return next(new errors.RangeNotSatisfiableError({err}));
+                    }
+
                     return next(new errors.InternalServerError({err: err}));
                 }
 

package/core/server/api/endpoints/images.js

@@ -1,8 +1,10 @@
 /* eslint-disable ghost/ghost-custom/max-api-complexity */
-const storage = require('../../adapters/storage');
+const path = require('path');
+const errors = require('@tryghost/errors');
 const imageTransform = require('@tryghost/image-transform');
+
+const storage = require('../../adapters/storage');
 const config = require('../../../shared/config');
-const path = require('path');
 
 module.exports = {
     docName: 'images',
@@ -33,7 +35,16 @@ module.exports = {
                     width: config.get('imageOptimization:defaultMaxWidth')
                 }, imageOptimizationOptions);
 
-                await imageTransform.resizeFromPath(options);
+                try {
+                    await imageTransform.resizeFromPath(options);
+                } catch (err) {
+                    // If the image processing fails, we don't want to store the image because it's corrupted/invalid
+                    throw new errors.BadRequestError({
+                        message: 'Image processing failed',
+                        context: err.message,
+                        help: 'Please verify that the image is valid'
+                    });
+                }
 
                 // Store the processed/optimized image
                 const processedImageUrl = await store.save({

package/core/server/api/endpoints/utils/serializers/input/tiers.js

@@ -1,10 +1,26 @@
+const {BadRequestError} = require('@tryghost/errors');
 const localUtils = require('../../index');
+const nql = require('@tryghost/nql-lang');
+const tpl = require('@tryghost/tpl');
+
+const messages = {
+    invalidNQLFilter: 'The NQL filter you passed was invalid.'
+};
 
 const forceActiveFilter = (frame) => {
     if (frame.options.filter) {
-        frame.options.filter = `(${frame.options.filter})+active:true`;
+        frame.options.filter = {
+            $and: [
+                {
+                    active: true
+                },
+                frame.options.filter
+            ]
+        };
     } else {
-        frame.options.filter = 'active:true';
+        frame.options.filter = {
+            active: true
+        };
     }
 };
 
@@ -41,6 +57,18 @@ function convertTierInput(input) {
 
 module.exports = {
     all(_apiConfig, frame) {
+        if (frame.options.filter) {
+            try {
+                frame.options.filter = nql.parse(frame.options.filter);
+            } catch (err) {
+                throw new BadRequestError({
+                    message: tpl(messages.invalidNQLFilter)
+                });
+            }
+        } else {
+            frame.options.filter = null;
+        }
+
         if (localUtils.isContentAPI(frame)) {
             // CASE: content api can only have active tiers
             forceActiveFilter(frame);

package/core/server/services/auth/api-key/admin.js

@@ -17,6 +17,7 @@ const messages = {
 };
 
 let JWT_OPTIONS_DEFAULTS = {
+    /** @type import('jsonwebtoken').Algorithm[] */
     algorithms: ['HS256'],
     maxAge: '5m'
 };
@@ -60,7 +61,7 @@ const authenticate = function apiKeyAdminAuth(req, res, next) {
         }));
     }
 
-    return authenticateWithToken(req, res, next, {token, JWT_OPTIONS: JWT_OPTIONS_DEFAULTS});
+    return wrappedAuthenticateWithToken(req, res, next, {token});
 };
 
 const authenticateWithUrl = function apiKeyAuthenticateWithUrl(req, res, next) {
@@ -72,9 +73,20 @@ const authenticateWithUrl = function apiKeyAuthenticateWithUrl(req, res, next) {
         }));
     }
     // CASE: Scheduler publish URLs can have long maxAge but controllerd by expiry and neverBefore
-    return authenticateWithToken(req, res, next, {token, JWT_OPTIONS: _.omit(JWT_OPTIONS_DEFAULTS, 'maxAge')});
+    return wrappedAuthenticateWithToken(req, res, next, {token, ignoreMaxAge: true});
 };
 
+async function wrappedAuthenticateWithToken(req, res, next, options) {
+    try {
+        const {apiKey, user} = await authenticateWithToken(req.originalUrl, options.token, options.ignoreMaxAge);
+        req.api_key = apiKey;
+        req.user = user;
+        next();
+    } catch (err) {
+        next(err);
+    }
+}
+
 /**
  * Admin API key authentication flow:
  * 1. extract the JWT token from the `Authorization: Ghost xxxx` header or from URL(for schedules)
@@ -89,109 +101,104 @@ const authenticateWithUrl = function apiKeyAuthenticateWithUrl(req, res, next) {
  * - the "Audience" claim should match the requested API path
  *   https://tools.ietf.org/html/rfc7519#section-4.1.3
  */
-const authenticateWithToken = async function apiKeyAuthenticateWithToken(req, res, next, {token, JWT_OPTIONS}) {
+const authenticateWithToken = async function apiKeyAuthenticateWithToken(originalUrl, token, ignoreMaxAge) {
     const decoded = jwt.decode(token, {complete: true});
+    const jwtValidationOptions = ignoreMaxAge ? _.omit(JWT_OPTIONS_DEFAULTS, 'maxAge') : JWT_OPTIONS_DEFAULTS;
 
     if (!decoded || !decoded.header) {
-        return next(new errors.BadRequestError({
+        throw new errors.BadRequestError({
             message: tpl(messages.invalidToken),
             code: 'INVALID_JWT'
-        }));
+        });
     }
 
     const apiKeyId = decoded.header.kid;
 
     if (!apiKeyId) {
-        return next(new errors.BadRequestError({
+        throw new errors.BadRequestError({
             message: tpl(messages.adminApiKidMissing),
             code: 'MISSING_ADMIN_API_KID'
-        }));
+        });
     }
 
-    try {
-        const apiKey = await models.ApiKey.findOne({id: apiKeyId}, {withRelated: ['integration']});
-
-        if (!apiKey) {
-            return next(new errors.UnauthorizedError({
-                message: tpl(messages.unknownAdminApiKey),
-                code: 'UNKNOWN_ADMIN_API_KEY'
-            }));
-        }
-
-        if (apiKey.get('type') !== 'admin') {
-            return next(new errors.UnauthorizedError({
-                message: tpl(messages.invalidApiKeyType),
-                code: 'INVALID_API_KEY_TYPE'
-            }));
-        }
-
-        // CASE: blocking all non-internal: "custom" and "builtin" integration requests when the limit is reached
-        if (limitService.isLimited('customIntegrations')
+    const apiKey = await models.ApiKey.findOne({id: apiKeyId}, {withRelated: ['integration']});
+
+    if (!apiKey) {
+        throw new errors.UnauthorizedError({
+            message: tpl(messages.unknownAdminApiKey),
+            code: 'UNKNOWN_ADMIN_API_KEY'
+        });
+    }
+
+    if (apiKey.get('type') !== 'admin') {
+        throw new errors.UnauthorizedError({
+            message: tpl(messages.invalidApiKeyType),
+            code: 'INVALID_API_KEY_TYPE'
+        });
+    }
+
+    // CASE: blocking all non-internal: "custom" and "builtin" integration requests when the limit is reached
+    if (limitService.isLimited('customIntegrations')
             && (apiKey.relations.integration && !['internal', 'core'].includes(apiKey.relations.integration.get('type')))) {
-            // NOTE: using "checkWouldGoOverLimit" instead of "checkIsOverLimit" here because flag limits don't have
-            //       a concept of measuring if the limit has been surpassed
-            await limitService.errorIfWouldGoOverLimit('customIntegrations');
-        }
-
-        // Decoding from hex and transforming into bytes is here to
-        // keep comparison of the bytes that are stored in the secret.
-        // Useful context:
-        // https://github.com/auth0/node-jsonwebtoken/issues/208#issuecomment-231861138
-        const secret = Buffer.from(apiKey.get('secret'), 'hex');
-
-        // Using req.originalUrl means we get the right url even if version-rewrites have happened
-        const {version, api} = legacyApiPathMatch(req.originalUrl);
-
-        // ensure the token was meant for this api
-        let options;
-
-        if (version) {
-            // CASE: legacy versioned api request
-            options = Object.assign({
-                audience: new RegExp(`/?${version}/${api}/?$`)
-            }, JWT_OPTIONS);
-        } else {
-            options = Object.assign({
-                audience: new RegExp(`/?${api}/?$`)
-            }, JWT_OPTIONS);
-        }
-
-        try {
-            jwt.verify(token, secret, options);
-        } catch (err) {
-            return next(new errors.UnauthorizedError({
-                message: tpl(messages.invalidTokenWithMessage, {message: err.message}),
-                code: 'INVALID_JWT',
-                err
-            }));
-        }
-
-        // authenticated OK
-
-        if (apiKey.get('user_id')) {
-            // fetch the user and store it on the request for later checks and logging
-            const user = await models.User.findOne(
-                {id: apiKey.get('user_id'), status: 'active'},
-                {require: true}
-            );
-
-            req.user = user;
-        }
-
-        // store the api key on the request for later checks and logging
-        req.api_key = apiKey;
+        // NOTE: using "checkWouldGoOverLimit" instead of "checkIsOverLimit" here because flag limits don't have
+        //       a concept of measuring if the limit has been surpassed
+        await limitService.errorIfWouldGoOverLimit('customIntegrations');
+    }
 
-        next();
+    // Decoding from hex and transforming into bytes is here to
+    // keep comparison of the bytes that are stored in the secret.
+    // Useful context:
+    // https://github.com/auth0/node-jsonwebtoken/issues/208#issuecomment-231861138
+    const secret = Buffer.from(apiKey.get('secret'), 'hex');
+
+    // Using req.originalUrl means we get the right url even if version-rewrites have happened
+    const {version, api} = legacyApiPathMatch(originalUrl);
+
+    // ensure the token was meant for this api
+    let options;
+
+    if (version) {
+        // CASE: legacy versioned api request
+        options = Object.assign({
+            audience: new RegExp(`/?${version}/${api}/?$`)
+        }, jwtValidationOptions);
+    } else {
+        options = Object.assign({
+            audience: new RegExp(`/?${api}/?$`)
+        }, jwtValidationOptions);
+    }
+
+    try {
+        jwt.verify(token, secret, options);
     } catch (err) {
-        if (err instanceof errors.HostLimitError) {
-            next(err);
-        } else {
-            next(new errors.InternalServerError({err}));
-        }
+        throw new errors.UnauthorizedError({
+            message: tpl(messages.invalidTokenWithMessage, {message: err.message}),
+            code: 'INVALID_JWT',
+            err
+        });
+    }
+
+    // authenticated OK
+    let result = {
+        user: null,
+        apiKey: apiKey
+    };
+
+    if (apiKey.get('user_id')) {
+        // fetch the user and store it on the request for later checks and logging
+        const user = await models.User.findOne(
+            {id: apiKey.get('user_id'), status: 'active'},
+            {require: true}
+        );
+
+        result.user = user;
     }
+
+    return result;
 };
 
 module.exports = {
     authenticate,
-    authenticateWithUrl
+    authenticateWithUrl,
+    authenticateWithToken
 };

package/core/server/services/members/service.js

@@ -55,7 +55,9 @@ const initMembersCSVImporter = ({stripeAPIService}) => {
         },
         getTierByName: async (name) => {
             const tiers = await tiersService.api.browse({
-                filter: `name:'${name}'`
+                filter: {
+                    name
+                }
             });
 
             if (tiers.data.length > 0) {

package/core/server/services/slack-notifications/service.js

@@ -12,10 +12,11 @@ class SlackNotificationsServiceWrapper {
      * @param {string} deps.siteUrl
      * @param {boolean} deps.isEnabled
      * @param {URL} deps.webhookUrl
+     * @param {number} deps.minThreshold
      *
      * @returns {import('@tryghost/slack-notifications/lib/SlackNotificationsService')}
      */
-    static create({siteUrl, isEnabled, webhookUrl}) {
+    static create({siteUrl, isEnabled, webhookUrl, minThreshold}) {
         const {
             SlackNotificationsService,
             SlackNotifications
@@ -32,7 +33,8 @@ class SlackNotificationsServiceWrapper {
             logging,
             config: {
                 isEnabled,
-                webhookUrl
+                webhookUrl,
+                minThreshold
             },
             slackNotifications
         });
@@ -49,8 +51,9 @@ class SlackNotificationsServiceWrapper {
         const siteUrl = urlUtils.getSiteUrl();
         const isEnabled = !!(hostSettings?.milestones?.enabled && hostSettings?.milestones?.url);
         const webhookUrl = hostSettings?.milestones?.url;
+        const minThreshold = hostSettings?.milestones?.minThreshold ? parseInt(hostSettings.milestones.minThreshold) : 0;
 
-        this.#api = SlackNotificationsServiceWrapper.create({siteUrl, isEnabled, webhookUrl});
+        this.#api = SlackNotificationsServiceWrapper.create({siteUrl, isEnabled, webhookUrl, minThreshold});
 
         this.#api.subscribeEvents();
     }

package/core/server/services/themes/installer.js

@@ -3,7 +3,7 @@ const os = require('os');
 const path = require('path');
 const security = require('@tryghost/security');
 const request = require('@tryghost/request');
-const errors = require('@tryghost/errors/lib/errors');
+const errors = require('@tryghost/errors');
 const limitService = require('../../services/limits');
 const {setFromZip} = require('./storage');
 

package/core/server/services/tiers/TierRepository.js

@@ -86,7 +86,8 @@ module.exports = class TierRepository {
      * @returns {Promise<import('@tryghost/tiers/lib/Tier')[]>}
      */
     async getAll(options = {}) {
-        const filter = nql(options.filter, {});
+        const filter = nql();
+        filter.filter = options.filter || {};
         return Promise.all(this.#store.slice().filter((item) => {
             return filter.queryJSON(this.toPrimitive(item));
         }).map((tier) => {