Skip to content

Commit

Permalink
Update Notification improvements (TryGhost#9123)
Browse files Browse the repository at this point in the history 
closes TryGhost#5071

- Remove hardcoded notification in admin controller
  - NOTE: update check notifications are no longer blocking the admin rendering
  - this is one of the most import changes
  - we remove the hardcoded release message
  - we also remove adding a notification manually in here, because this will work differently from now on
    -> you receive a notification (release or custom) in the update check module and this module adds the notification as is to our database

- Change default core settings keys
  - remove displayUpdateNotification
    -> this was used to store the release version number send from the UCS
    -> based on this value, Ghost creates a notification container with self defined values
    -> not needed anymore

- rename seenNotifications to notifications
  -> the new notifications key will hold both
     1. the notification from the USC
     2. the information about if a notification was seen or not
  - this key hold only one release notification
  - and n custom notifications

- Update Check Module: Request to the USC depends on the privacy configuration
  - useUpdateCheck: true -> does a checkin in the USC (exposes data)
  - useUpdateCheck: false -> does only a GET query to the USC (does not expose any data)
  - make the request handling dynamic, so it depends on the flag
  - add an extra logic to be able to define a custom USC endpoint (helpful for testing)
  - add an extra logic to be able to force the request to the service (helpful for testing)

- Update check module: re-work condition when a check should happen
  - only if the env is not correct
  - remove deprecated config.updateCheck
  - remove isPrivacyDisabled check (handled differently now, explained in last commit)

- Update check module: remove `showUpdateNotification` and readability
  - showUpdateNotification was used in the admin controller to fetch the latest release version number from the db
  - no need to check against semver in general, the USC takes care of that (no need to double check)
  - improve readability of `nextUpdateCheck` condition

- Update check module: refactor `updateCheckResponse`
  - remove db call to displayUpdateNotification, not used anymore
  - support receiving multiple custom notifications
  - support custom notification groups
  - the default group is `all` - this will always be consumed
  - groups can be extended via config e.g. `notificationGroups: ['migration']`

- Update check module: refactor createCustomNotification helper
  - get rid of taking over notification duplication handling (this is not the task of the update check module)
  - ensure we have good fallback values for non present attributes in a notification
  - get rid of semver check (happens in the USC) - could be reconsidered later if LTS is gone

- Refactor notification API
  - reason: get rid of in process notification store
    -> this was an object hold in process
    -> everything get's lost after restart
    -> not helpful anymore, because imagine the following case
      -> you get a notification
      -> you store it in process
      -> you mark this notification as seen
      -> you restart Ghost, you will receive the same notification on the next check again
      -> because we are no longer have a separate seen notifications object
  - use database settings key `notification` instead
  - refactor all api endpoints to support reading and storing into the `notifications` object
  - most important: notification deletion happens via a `seen` property (the notification get's physically deleted 3 month automatically)
    -> we have to remember a seen property, because otherwise you don't know which notification was already received/seen

- Add listener to remove seen notifications automatically after 3 month
  - i just decided for 3 month (we can decrease?)
  - at the end it doesn't really matter, as long as the windows is not tooooo short
  - listen on updates for the notifications settings
  - check if notification was seen and is older than 3 month
  - ignore release notification

- Updated our privacy document
- Updated docs.ghost.org for privacy config behaviour
- contains a migration script to remove old settings keys
  • Loading branch information
@kirrg001
kirrg001 authored Jan 9, 2018
1 parent f671f9d commit 5b77f05
Show file tree
Hide file tree
Showing 14 changed files with 1,165 additions and 370 deletions.
6 changes: 4 additions & 2 deletions PRIVACY.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,11 @@ Some official services for Ghost are enabled by default. These services connect

### Automatic Update Checks

When a new session is started, Ghost pings a Ghost.org endpoint to check if the current version of Ghost is the latest version of Ghost. If an update is available, a notification appears inside Ghost to let you know. Ghost.org collects basic anonymised usage statistics from update check requests.
When a new session is started, Ghost pings a Ghost.org service to check if the current version of Ghost is the latest version of Ghost. If an update is available, a notification on the About Page appears to let you know.

This service can be disabled at any time. All of the information and code related to this service is available in the [update-check.js](https://github.com/TryGhost/Ghost/blob/master/core/server/update-check.js) file.
Ghost will collect basic anonymised usage statistics from your blog before sending the request to the service. You can disable collecting statistics using the [privacy configuration](https://docs.ghost.org/v1/docs/config#section-update-check). You will still receive notifications from the service.

All of the information and code related to this service is available in the [update-check.js](https://github.com/TryGhost/Ghost/blob/master/core/server/update-check.js) file.


## Third Party Services
Expand Down
229 changes: 154 additions & 75 deletions core/server/api/notifications.js
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,48 @@
'use strict';

// # Notifications API
// RESTful API for creating notifications
var Promise = require('bluebird'),

const Promise = require('bluebird'),
_ = require('lodash'),
moment = require('moment'),
ObjectId = require('bson-objectid'),
pipeline = require('../lib/promise/pipeline'),
permissions = require('../services/permissions'),
canThis = permissions.canThis,
localUtils = require('./utils'),
common = require('../lib/common'),
settingsAPI = require('./settings'),
// Holds the persistent notifications
notificationsStore = [],
notifications;
SettingsAPI = require('./settings'),
internalContext = {context: {internal: true}},
canThis = permissions.canThis;

let notifications,
_private = {};

_private.fetchAllNotifications = function fetchAllNotifications() {
let allNotifications;

return SettingsAPI.read(_.merge({key: 'notifications'}, internalContext))
.then(function (response) {
allNotifications = JSON.parse(response.settings[0].value || []);

_.each(allNotifications, function (notification) {
notification.addedAt = moment(notification.addedAt).toDate();
});

return allNotifications;
});
};

_private.publicResponse = function publicResponse(notificationsToReturn) {
_.each(notificationsToReturn, function (notification) {
delete notification.seen;
delete notification.addedAt;
});

return {
notifications: notificationsToReturn
};
};

/**
* ## Notification API Methods
Expand All @@ -27,9 +58,20 @@ notifications = {
*/
browse: function browse(options) {
return canThis(options.context).browse.notification().then(function () {
return {notifications: notificationsStore};
return _private.fetchAllNotifications()
.then(function (allNotifications) {
allNotifications = _.orderBy(allNotifications, 'addedAt', 'desc');

allNotifications = allNotifications.filter(function (notification) {
return notification.seen !== true;
});

return _private.publicResponse(allNotifications);
});
}, function () {
return Promise.reject(new common.errors.NoPermissionError({message: common.i18n.t('errors.api.notifications.noPermissionToBrowseNotif')}));
return Promise.reject(new common.errors.NoPermissionError({
message: common.i18n.t('errors.api.notifications.noPermissionToBrowseNotif')
}));
});
},

Expand Down Expand Up @@ -69,7 +111,9 @@ notifications = {
return canThis(options.context).add.notification().then(function () {
return options;
}, function () {
return Promise.reject(new common.errors.NoPermissionError({message: common.i18n.t('errors.api.notifications.noPermissionToAddNotif')}));
return Promise.reject(new common.errors.NoPermissionError({
message: common.i18n.t('errors.api.notifications.noPermissionToAddNotif')
}));
});
}

Expand All @@ -80,31 +124,61 @@ notifications = {
* @returns {Object} options
*/
function saveNotifications(options) {
var defaults = {
let defaults = {
dismissible: true,
location: 'bottom',
status: 'alert'
status: 'alert',
id: ObjectId.generate()
},
overrides = {
seen: false,
addedAt: moment().toDate()
},
addedNotifications = [], existingNotification;
notificationsToCheck = options.data.notifications,
addedNotifications = [];

_.each(options.data.notifications, function (notification) {
notification = _.assign(defaults, notification, {
id: ObjectId.generate()
});
return _private.fetchAllNotifications()
.then(function (allNotifications) {
_.each(notificationsToCheck, function (notification) {
let isDuplicate = _.find(allNotifications, {id: notification.id});

existingNotification = _.find(notificationsStore, {message: notification.message});
if (!isDuplicate) {
addedNotifications.push(_.merge({}, defaults, notification, overrides));
}
});

if (!existingNotification) {
notificationsStore.push(notification);
addedNotifications.push(notification);
} else {
addedNotifications.push(existingNotification);
}
});
let hasReleaseNotification = _.find(notificationsToCheck, {custom: false});

return {
notifications: addedNotifications
};
// CASE: remove any existing release notifications if a new release notification comes in
if (hasReleaseNotification) {
_.remove(allNotifications, function (el) {
return !el.custom;
});
}

// CASE: nothing to add, skip
if (!addedNotifications.length) {
return Promise.resolve();
}

let addedReleaseNotifications = _.filter(addedNotifications, {custom: false});

// CASE: only latest release notification
if (addedReleaseNotifications.length > 1) {
addedNotifications = _.filter(addedNotifications, {custom: true});
addedNotifications.push(_.orderBy(addedReleaseNotifications, 'created_at', 'desc')[0]);
}

return SettingsAPI.edit({
settings: [{
key: 'notifications',
value: allNotifications.concat(addedNotifications)
}]
}, internalContext);
})
.then(function () {
return _private.publicResponse(addedNotifications);
});
}

tasks = [
Expand All @@ -124,26 +198,7 @@ notifications = {
* @returns {Promise}
*/
destroy: function destroy(options) {
var tasks;

/**
* Adds the id of notification to "seen_notifications" array.
* @param {Object} notification
* @return {*|Promise}
*/
function markAsSeen(notification) {
var context = {internal: true};
return settingsAPI.read({key: 'seen_notifications', context: context}).then(function then(response) {
var seenNotifications = JSON.parse(response.settings[0].value);
seenNotifications = _.uniqBy(seenNotifications.concat([notification.id]));
return settingsAPI.edit({
settings: [{
key: 'seen_notifications',
value: seenNotifications
}]
}, {context: context});
});
}
let tasks;

/**
* ### Handle Permissions
Expand All @@ -155,36 +210,47 @@ notifications = {
return canThis(options.context).destroy.notification().then(function () {
return options;
}, function () {
return Promise.reject(new common.errors.NoPermissionError({message: common.i18n.t('errors.api.notifications.noPermissionToDestroyNotif')}));
return Promise.reject(new common.errors.NoPermissionError({
message: common.i18n.t('errors.api.notifications.noPermissionToDestroyNotif')
}));
});
}

function destroyNotification(options) {
var notification = _.find(notificationsStore, function (element) {
return element.id === options.id;
});
return _private.fetchAllNotifications()
.then(function (allNotifications) {
let notificationToMarkAsSeen = _.find(allNotifications, {id: options.id}),
notificationToMarkAsSeenIndex = _.findIndex(allNotifications, {id: options.id});

if (notification && !notification.dismissible) {
return Promise.reject(
new common.errors.NoPermissionError({message: common.i18n.t('errors.api.notifications.noPermissionToDismissNotif')})
);
}
if (notificationToMarkAsSeenIndex > -1 && !notificationToMarkAsSeen.dismissible) {
return Promise.reject(new common.errors.NoPermissionError({
message: common.i18n.t('errors.api.notifications.noPermissionToDismissNotif')
}));
}

if (!notification) {
return Promise.reject(new common.errors.NotFoundError({message: common.i18n.t('errors.api.notifications.notificationDoesNotExist')}));
}
if (notificationToMarkAsSeenIndex < 0) {
return Promise.reject(new common.errors.NotFoundError({
message: common.i18n.t('errors.api.notifications.notificationDoesNotExist')
}));
}

notificationsStore = _.reject(notificationsStore, function (element) {
return element.id === options.id;
});
if (notificationToMarkAsSeen.seen) {
return Promise.resolve();
}

if (notification.custom) {
return markAsSeen(notification);
}
allNotifications[notificationToMarkAsSeenIndex].seen = true;

return SettingsAPI.edit({
settings: [{
key: 'notifications',
value: allNotifications
}]
}, internalContext);
})
.return();
}

tasks = [
localUtils.validate('notifications', {opts: localUtils.idDefaultOptions}),
handlePermissions,
destroyNotification
];
Expand All @@ -200,15 +266,28 @@ notifications = {
* @returns {Promise}
*/
destroyAll: function destroyAll(options) {
return canThis(options.context).destroy.notification().then(function () {
notificationsStore = [];
return notificationsStore;
}, function (err) {
return Promise.reject(new common.errors.NoPermissionError({
err: err,
context: common.i18n.t('errors.api.notifications.noPermissionToDestroyNotif')
}));
});
return canThis(options.context).destroy.notification()
.then(function () {
return _private.fetchAllNotifications()
.then(function (allNotifications) {
_.each(allNotifications, function (notification) {
notification.seen = true;
});

return SettingsAPI.edit({
settings: [{
key: 'notifications',
value: allNotifications
}]
}, internalContext);
})
.return();
}, function (err) {
return Promise.reject(new common.errors.NoPermissionError({
err: err,
context: common.i18n.t('errors.api.notifications.noPermissionToDestroyNotif')
}));
});
}
};

Expand Down
4 changes: 4 additions & 0 deletions core/server/config/defaults.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
"host": "127.0.0.1",
"port": 2368
},
"updateCheck": {
"url": "https://updates.ghost.org",
"forceUpdate": false
},
"privacy": false,
"useMinFiles": true,
"paths": {
Expand Down
67 changes: 67 additions & 0 deletions core/server/data/migrations/versions/1.20/1-remove-settings-keys.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
'use strict';

const _ = require('lodash'),
models = require('../../../../models'),
common = require('../../../../lib/common');

module.exports.config = {
transaction: true
};

module.exports.up = function removeSettingKeys(options) {
let localOptions = _.merge({
context: {internal: true}
}, options);

return models.Settings.findOne({key: 'display_update_notification'}, localOptions)
.then(function (settingsModel) {
if (!settingsModel) {
common.logging.warn('Deleted Settings Key `display_update_notification`.');
return;
}

common.logging.info('Deleted Settings Key `display_update_notification`.');
return models.Settings.destroy({id: settingsModel.id}, localOptions);
})
.then(function () {
return models.Settings.findOne({key: 'seen_notifications'}, localOptions);
})
.then(function (settingsModel) {
if (!settingsModel) {
common.logging.warn('Deleted Settings Key `seen_notifications`.');
return;
}

common.logging.info('Deleted Settings Key `seen_notifications`.');
return models.Settings.destroy({id: settingsModel.id}, localOptions);
});
};

module.exports.down = function addSettingsKeys(options) {
let localOptions = _.merge({
context: {internal: true}
}, options);

return models.Settings.findOne({key: 'display_update_notification'}, localOptions)
.then(function (settingsModel) {
if (settingsModel) {
common.logging.warn('Added Settings Key `display_update_notification`.');
return;
}

common.logging.info('Added Settings Key `display_update_notification`.');
return models.Settings.forge({key: 'display_update_notification'}).save(null, localOptions);
})
.then(function () {
return models.Settings.findOne({key: 'seen_notifications'}, localOptions);
})
.then(function (settingsModel) {
if (settingsModel) {
common.logging.warn('Added Settings Key `seen_notifications`.');
return;
}

common.logging.info('Added Settings Key `seen_notifications`.');
return models.Settings.forge({key: 'seen_notifications', value: '[]'}).save([], localOptions);
});
};
Loading

0 comments on commit 5b77f05

Please sign in to comment.