TryGhost · sagzy · Mar 3, 2025 · Mar 3, 2025 · Mar 3, 2025 · Mar 3, 2025
diff --git a/apps/portal/src/actions.js b/apps/portal/src/actions.js
@@ -458,8 +458,8 @@ async function updateProfile({data, state, api}) {
                 })
             };
         }
-        const message = !dataUpdate.success ? t('Failed to update account data') : t('Failed to send verification email');
 
+        const message = !dataUpdate.success ? t('Failed to update account data') : t('Failed to send verification email');
         return {
             action: 'updateProfile:failed',
             ...(dataUpdate.success ? {member: dataUpdate.member} : {}),
@@ -482,7 +482,14 @@ async function updateProfile({data, state, api}) {
     } else if (emailUpdate) {
         const action = emailUpdate.success ? 'updateProfile:success' : 'updateProfile:failed';
         const status = emailUpdate.success ? 'success' : 'error';
-        const message = !emailUpdate.success ? t('Failed to send verification email') : t('Check your inbox to verify email update');
+        let message = '';
+
+        if (emailUpdate.error) {
+            message = chooseBestErrorMessage(emailUpdate.error, t('Failed to send verification email'), t);
+        } else {
+            message = t('Check your inbox to verify email update');
+        }
+
         return {
             action,
             ...(emailUpdate.success ? {page: 'accountHome'} : {}),

diff --git a/apps/portal/src/utils/api.js b/apps/portal/src/utils/api.js
@@ -381,11 +381,13 @@ function setupGhostApi({siteUrl = window.location.origin, apiUrl, apiKey}) {
                     'Content-Type': 'application/json'
                 },
                 body: JSON.stringify(body)
-            }).then(function (res) {
+            }).then(async function (res) {
                 if (res.ok) {
                     return 'Success';
                 } else {
-                    throw new Error('Failed to send email address verification email');
+                    const errData = await res.json();
+                    const errMssg = errData?.errors?.[0]?.message || 'Failed to send email address verification email';
+                    throw new Error(errMssg);
                 }
             });
         },

diff --git a/apps/portal/src/utils/errors.js b/apps/portal/src/utils/errors.js
@@ -61,6 +61,7 @@ export function chooseBestErrorMessage(error, alreadyTranslatedDefaultMessage, t
             t('This site only accepts paid members.');
             t('Signups from this email domain are currently restricted.');
             t('Too many sign-up attempts, try again later');
+            t('Memberships from this email domain are currently restricted.');
         }
     };
 

diff --git a/ghost/core/core/server/web/members/app.js b/ghost/core/core/server/web/members/app.js
@@ -61,7 +61,7 @@ module.exports = function setupMembersApp() {
     }
 
     membersApp.put('/api/member', bodyParser.json({limit: '50mb'}), middleware.updateMemberData);
-    membersApp.post('/api/member/email', bodyParser.json({limit: '50mb'}), (req, res) => membersService.api.middleware.updateEmailAddress(req, res));
+    membersApp.post('/api/member/email', bodyParser.json({limit: '50mb'}), (req, res, next) => membersService.api.middleware.updateEmailAddress(req, res, next));
 
     // Remove email from suppression list
     membersApp.delete('/api/member/suppression', middleware.deleteSuppression);

diff --git a/ghost/core/test/e2e-api/members/__snapshots__/send-magic-link.test.js.snap b/ghost/core/test/e2e-api/members/__snapshots__/send-magic-link.test.js.snap
@@ -108,6 +108,24 @@ Object {
 }
 `;
 
+exports[`sendMagicLink blocked email domains blocks changing email to a blocked domain 1: [body] 1`] = `
+Object {
+  "errors": Array [
+    Object {
+      "code": null,
+      "context": null,
+      "details": null,
+      "ghostErrorCode": null,
+      "help": null,
+      "id": StringMatching /\\[a-f0-9\\]\\{8\\}-\\[a-f0-9\\]\\{4\\}-\\[a-f0-9\\]\\{4\\}-\\[a-f0-9\\]\\{4\\}-\\[a-f0-9\\]\\{12\\}/,
+      "message": "Memberships from this email domain are currently restricted.",
+      "property": null,
+      "type": "BadRequestError",
+    },
+  ],
+}
+`;
+
 exports[`sendMagicLink blocked email domains blocks signups from blocked email domains in config 1: [body] 1`] = `
 Object {
   "errors": Array [

diff --git a/ghost/core/test/e2e-api/members/send-magic-link.test.js b/ghost/core/test/e2e-api/members/send-magic-link.test.js
@@ -376,6 +376,42 @@ describe('sendMagicLink', function () {
                 .expectEmptyBody()
                 .expectStatus(201);
         });
+
+        it('blocks changing email to a blocked domain', async function () {
+            settingsCache.set('all_blocked_email_domains', {value: ['blocked-domain-setting.com']});
+            const email = '[email protected]';
+            await membersService.api.members.create({email, name: 'Member Test'});
+
+            await membersAgent.post('/api/member/email/')
+                .body({
+                    email: '[email protected]',
+                    identity: '12345678'
+                })
+                .expectStatus(400)
+                .matchBodySnapshot({
+                    errors: [{
+                        id: anyErrorId,
+                        // Add this here because it is easy to be overlooked (we need a human readable error!)
+                        // 'Please sign up first' should be included only when invite only is disabled.
+                        message: 'Memberships from this email domain are currently restricted.'
+                    }]
+                });
+        });
+
+        it('allows changing email to a non-blocked domain', async function () {
+            settingsCache.set('all_blocked_email_domains', {value: ['blocked-domain-setting.com']});
+
+            const email = '[email protected]';
+            const member = await membersService.api.members.create({email, name: 'Member Test'});
+            const token = await membersService.api.getMemberIdentityToken(member.get('transient_id'));
+
+            await membersAgent.post('/api/member/email/')
+                .body({
+                    email: '[email protected]',
+                    identity: token
+                })
+                .expectStatus(201);
+        });
     });
 });
 
diff --git a/ghost/i18n/locales/af/portal.json b/ghost/i18n/locales/af/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Maak seker dat e-posse nie per ongeluk in die Spam of Promosies vouers van u posbus beland nie. As dit wel is, kliek op \"Mark as not spam\" en/of \"Move to inbox\".",
     "Manage": "Bestuur",
     "Maybe later": "Dalk later",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Lidmaatskap nie beskikbaar nie, kontak die eienaar vir toegang.",
     "month": "",
     "Monthly": "Maandeliks",

diff --git a/ghost/i18n/locales/ar/portal.json b/ghost/i18n/locales/ar/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": ".(تأكد من أن الرسائل الإلكترونية لا تنتهي في مجلدات البريد المزعج أو العروض في صندوق الوارد الخاص بك عن طريق الخطأ. إذا كانت كذلك (انقر على علامة كغير مزعج) و/أو (نقل إلى صندوق الوارد",
     "Manage": "إدارة",
     "Maybe later": "ربما لاحقًا",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": ".العضويات غير متاحة، يرجى الاتصال بالمالك للحصول على الوصول",
     "month": "شهر",
     "Monthly": "شهري",

diff --git a/ghost/i18n/locales/bg/portal.json b/ghost/i18n/locales/bg/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Уверете се, че имейлите не попадат случайно в папките за спам и промоции на входящата ви поща. Ако това е така, щракнете върху \"Не е спам\" и/или \"Премести във входяща поща\".",
     "Manage": "Управление",
     "Maybe later": "Може би по-късно",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Няма възможност за абонамент, свържете се със собственика на сайта за достъп.",
     "month": "месец",
     "Monthly": "Месечно",

diff --git a/ghost/i18n/locales/bn/portal.json b/ghost/i18n/locales/bn/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "নিশ্চিত করুন যে ইমেলগুলি দুর্ঘটনাক্রমে আপনার ইনবক্সের স্প্যাম বা প্রমোশন ফোল্ডারে শেষ হচ্ছে না। যদি তারা হয়, তাহলে \"স্প্যাম নয়\" চিহ্নিত করুন এবং/অথবা \"ইনবক্সে সরান\" ক্লিক করুন।",
     "Manage": "পরিচালনা করুন",
     "Maybe later": "সম্ভবত পরে",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "সদস্যতা অপ্রাপ্য, প্রবেশাধিকার পেতে মালিকের সাথে যোগাযোগ করুন।",
     "month": "",
     "Monthly": "মাসিক",

diff --git a/ghost/i18n/locales/bs/portal.json b/ghost/i18n/locales/bs/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Provjeri jesu li se Email poruke slučajno završile u spam folderu ili promocijama vašeg poštanskog sandučića. Ako jesu, označite ih kao sigurne i/ili ih premjestite u glavni sandučić.",
     "Manage": "Upravljaj",
     "Maybe later": "Možda kasnije",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Članstvo nije dostupno, kontaktiraj vlasnika za pristup.",
     "month": "",
     "Monthly": "Mjesečno",

diff --git a/ghost/i18n/locales/ca/portal.json b/ghost/i18n/locales/ca/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Assegura't que els correus electrònics no acabin accidentalment a les carpetes Correu brossa o Promocions de la teva safata d'entrada. Si això passa, fes clic a \"Marca com a NO correu brossa\" i/o a \"Mou a la safata d'entrada\".",
     "Manage": "Gestiona",
     "Maybe later": "Potser més tard",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Membresies no disponibles. Posa't en contacte amb el propietari per accedir-hi.",
     "month": "mes",
     "Monthly": "Mensual",

diff --git a/ghost/i18n/locales/cs/portal.json b/ghost/i18n/locales/cs/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Ujistěte se, že e-maily nekončí omylem ve složkách Spam nebo Propagace ve vaší schránce. Pokud ano, klikněte na \"Označit jako ne spam\" a/nebo \"Přesunout do doručené pošty\".",
     "Manage": "Spravovat",
     "Maybe later": "Možná později",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Členství není k dispozici, kontaktujte vlastníka pro přístup.",
     "month": "",
     "Monthly": "Měsíčně",

diff --git a/ghost/i18n/locales/da/portal.json b/ghost/i18n/locales/da/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Sørg for, at e-mails ikke ender i Spam eller Kampagner mapper i din indbakke. Hvis de gør, skal du klikke på \"Markér som ikke spam\" og/eller \"Flyt til indbakke\".",
     "Manage": "Administrer",
     "Maybe later": "Måske senere",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Medlemskaber er ikke tilgængelige. Kontakt ejeren for at få adgang.",
     "month": "måned",
     "Monthly": "Månedlig",

diff --git a/ghost/i18n/locales/de-CH/portal.json b/ghost/i18n/locales/de-CH/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Stellen Sie sicher, dass E-Mails nicht unbeabsichtigt im Spam-Ordner. Wenn das der Fall sein sollte, klicken Sie auf  \"Kein Spam\" und/oder \"In den Posteingang bewegen\".",
     "Manage": "Verwalten",
     "Maybe later": "",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Keine Abonnements verfügbar, bitte wenden Sie sich an {{supportAddress}}, um für einen Zugang anzufragen.",
     "month": "",
     "Monthly": "Monatlich",

diff --git a/ghost/i18n/locales/de/portal.json b/ghost/i18n/locales/de/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Stelle sicher, dass E-Mails nicht unbeabsichtigt im Spam-Ordner deines Posteingangs landen. Wenn das der Fall sein sollte, klicke auf \"Kein Spam\" und/oder \"In den Posteingang bewegen\".",
     "Manage": "Verwalten",
     "Maybe later": "Vielleicht später",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Mitgliedschaft nicht verfügbar. Kontaktiere den/die Besitzer*in für Zugang.",
     "month": "Monat",
     "Monthly": "Monatlich",

diff --git a/ghost/i18n/locales/el/portal.json b/ghost/i18n/locales/el/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Βεβαιωθείτε ότι τα emails δεν καταλήγουν κατά λάθος στους φακέλους Ανεπιθύμητη αλληλογραφία ή Προσφορές των εισερχομένων σας. Αν είναι εκεί, κάντε κλικ στο \"Σήμανση ως μη ανεπιθύμητη αλληλογραφία\" και/ή \"Μεταφορά στα εισερχόμενα\".",
     "Manage": "Διαχείριση",
     "Maybe later": "Ίσως αργότερα",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Τα μέλη δεν είναι διαθέσιμα, επικοινωνήστε με τον ιδιοκτήτη για πρόσβαση.",
     "month": "",
     "Monthly": "Μηνιαία",

diff --git a/ghost/i18n/locales/en/portal.json b/ghost/i18n/locales/en/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "",
     "Manage": "",
     "Maybe later": "",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "",
     "month": "",
     "Monthly": "",

diff --git a/ghost/i18n/locales/eo/portal.json b/ghost/i18n/locales/eo/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "",
     "Manage": "Administru",
     "Maybe later": "",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "",
     "month": "",
     "Monthly": "Monate",

diff --git a/ghost/i18n/locales/es/portal.json b/ghost/i18n/locales/es/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Asegúrate de que los correos electrónicos no terminen accidentalmente en las carpetas de correo no deseado o promociones de su bandeja de entrada. Si lo son, haz clic en \"Marcar como no spam\" y/o \"Mover a la bandeja de entrada\".",
     "Manage": "Administrar",
     "Maybe later": "Tal vez más tarde",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Membresía no disponible, contacta al propietario para obtener acceso.",
     "month": "mes",
     "Monthly": "Mensual",

diff --git a/ghost/i18n/locales/et/portal.json b/ghost/i18n/locales/et/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Veenduge, et e-kirjad ei satuks kogemata teie postkasti rämpsposti või reklaamide kausta. Kui need on seal, klõpsake \"Märgi mitte-rämpspostiks\" ja/või \"Liiguta postkasti\".",
     "Manage": "Halda",
     "Maybe later": "Võib-olla hiljem",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Liikmestaatus pole saadaval, võtke juurdepääsu saamiseks ühendust omanikuga.",
     "month": "kuu",
     "Monthly": "Igakuine",

diff --git a/ghost/i18n/locales/fa/portal.json b/ghost/i18n/locales/fa/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "اطمینان حاصل کنید که ایمیل\u200cها به صورت اتفاقی در پوشه اسپم یا تبلیغاتی شما قرار نگرفته\u200cاند. در صورتی که آنجا باشند، برروی «اسپم نیست» و/یا «انتقال به صندوق ورودی» کلیک کنید.",
     "Manage": "مدیریت",
     "Maybe later": "شاید بعداً",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "عضویت غیرقابل دسترس است، با مالک برای دسترسی تماس بگیرید.",
     "month": "",
     "Monthly": "ماهانه",

diff --git a/ghost/i18n/locales/fi/portal.json b/ghost/i18n/locales/fi/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Varmista, että sähköpostit eivät mene Spam- tai roskapostikansioihin, Jos näin käy, klikkaa \"Mark as not spam\" ja/tai \"Move to inbox\".",
     "Manage": "Hallitse",
     "Maybe later": "",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "",
     "month": "",
     "Monthly": "Kuukausittainen",

diff --git a/ghost/i18n/locales/fr/portal.json b/ghost/i18n/locales/fr/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Assurez-vous que les e-mails ne finissent pas accidentellement dans le dossier Indésirables ou Publicité de votre boîte de réception. Si c'était le cas, cliquez sur \"Marquer en tant que désirable\" et/ou \"Déplacer vers la boîte de réception\".",
     "Manage": "Gérer",
     "Maybe later": "Peut-être plus tard",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Abonnements non disponibles. Veuillez prendre contact avec le propriétaire pour y accéder.",
     "month": "mois",
     "Monthly": "Mensuel",

diff --git a/ghost/i18n/locales/gd/portal.json b/ghost/i18n/locales/gd/portal.json
@@ -104,6 +104,7 @@
     "Make sure emails aren't accidentally ending up in the Spam or Promotions folders of your inbox. If they are, click on \"Mark as not spam\" and/or \"Move to inbox\".": "Dh’fhaodadh gu bheil puist-d a’ dol dhan phasgan spama / margaidheachd agad. Ma tha, Comharraich \"nach e spama\" a th’ annta no briog air \"gluais dhan bhogsa a-steach\".",
     "Manage": "Rianaich",
     "Maybe later": "’S mathaid an ceann greis",
+    "Memberships from this email domain are currently restricted.": "",
     "Memberships unavailable, contact the owner for access.": "Leig fios dhan rianaire airson cothrom fhaighinn air na ballrachdan.",
     "month": "mìos",
     "Monthly": "Gach mìos",