Ghost/core/server/middleware/theme-handler.js

var _      = require('lodash'),
    fs     = require('fs'),
    path   = require('path'),
    hbs    = require('express-hbs'),
    api    = require('../api'),
    config = require('../config'),
    logging = require('../logging'),
    errors = require('../errors'),
    i18n = require('../i18n'),
    themeHandler;

themeHandler = {
    // ### configHbsForContext Middleware
    // Setup handlebars for the current context (admin or theme)
    configHbsForContext: function configHbsForContext(req, res, next) {
        var themeData = _.cloneDeep(config.get('theme')),
            labsData = _.cloneDeep(config.get('labs')),
            blogApp = req.app;

        if (req.secure && config.get('urlSSL')) {
            // For secure requests override .url property with the SSL version
            themeData.url = config.get('urlSSL').replace(/\/$/, '');
        }

        // Change camelCase to snake_case
        themeData.posts_per_page = themeData.postsPerPage;
        delete themeData.postsPerPage;

        hbs.updateTemplateOptions({data: {blog: themeData, labs: labsData}});

        if (config.getContentPath('themes') && blogApp.get('activeTheme')) {
            blogApp.set('views', path.join(config.getContentPath('themes'), blogApp.get('activeTheme')));
        }

        // Pass 'secure' flag to the view engine
        // so that templates can choose 'url' vs 'urlSSL'
        res.locals.secure = req.secure;

        next();
    },

    // ### Activate Theme
    // Helper for updateActiveTheme
    activateTheme: function activateTheme(blogApp, activeTheme) {
        var hbsOptions,
            themePartials = path.join(config.getContentPath('themes'), activeTheme, 'partials');

        // clear the view cache
        blogApp.cache = {};
        // reset the asset hash
        config.assetHash = null;

        // set view engine
        hbsOptions = {
            partialsDir: [config.get('paths').helperTemplates],
            onCompile: function onCompile(exhbs, source) {
                return exhbs.handlebars.compile(source, {preventIndent: true});
            }
        };

        fs.stat(themePartials, function stat(err, stats) {
            // Check that the theme has a partials directory before trying to use it
            if (!err && stats && stats.isDirectory()) {
                hbsOptions.partialsDir.push(themePartials);
            }
        });

        blogApp.engine('hbs', hbs.express3(hbsOptions));

        // Set active theme variable on the express server
        blogApp.set('activeTheme', activeTheme);
    },

    // ### updateActiveTheme
    // Updates the blogApp's activeTheme variable and subsequently
    // activates that theme's views with the hbs templating engine if it
    // is not yet activated.
    updateActiveTheme: function updateActiveTheme(req, res, next) {
        var blogApp = req.app;

        api.settings.read({context: {internal: true}, key: 'activeTheme'}).then(function then(response) {
            var activeTheme = response.settings[0];

            // Check if the theme changed
            if (activeTheme.value !== blogApp.get('activeTheme')) {
                // Change theme
                if (!config.get('paths').availableThemes.hasOwnProperty(activeTheme.value)) {
                    if (!res.isAdmin) {
                        return next(new errors.NotFoundError({
                            message: i18n.t('errors.middleware.themehandler.missingTheme', {theme: activeTheme.value})
                        }));
                    } else {
                        // At this point the activated theme is not present and the current
                        // request is for the admin client.  In order to allow the user access
                        // to the admin client we set an hbs instance on the app so that middleware
                        // processing can continue.
                        blogApp.engine('hbs', hbs.express3());
                        logging.warn(i18n.t('errors.middleware.themehandler.missingTheme', {theme: activeTheme.value}));
                        return next();
                    }
                } else {
                    themeHandler.activateTheme(blogApp, activeTheme.value);
                }
            }
            next();
        }).catch(function handleError(err) {
            // Trying to start up without the active theme present, setup a simple hbs instance
            // and render an error page straight away.
            blogApp.engine('hbs', hbs.express3());
            next(err);
        });
    }
};

module.exports = themeHandler;
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00			`var _ = require('lodash'),`
			`fs = require('fs'),`
			`path = require('path'),`
			`hbs = require('express-hbs'),`
			`api = require('../api'),`
			`config = require('../config'),`
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w 2016-10-04 18:33:43 +03:00			`logging = require('../logging'),`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00			`errors = require('../errors'),`
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's 2016-10-06 15:27:35 +03:00			`i18n = require('../i18n'),`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00			`themeHandler;`

Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`themeHandler = {`
			`// ### configHbsForContext Middleware`
			`// Setup handlebars for the current context (admin or theme)`
			`configHbsForContext: function configHbsForContext(req, res, next) {`
🎨 change how we get and set config refs #6982 - a replace for all config usages - always use config.get or config.set - this a pure replacement, no logic has changed [ci skip] 2016-09-13 18:41:14 +03:00			`var themeData = _.cloneDeep(config.get('theme')),`
			`labsData = _.cloneDeep(config.get('labs')),`
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`blogApp = req.app;`

🎨 change how we get and set config refs #6982 - a replace for all config usages - always use config.get or config.set - this a pure replacement, no logic has changed [ci skip] 2016-09-13 18:41:14 +03:00			`if (req.secure && config.get('urlSSL')) {`
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`// For secure requests override .url property with the SSL version`
🎨 change how we get and set config refs #6982 - a replace for all config usages - always use config.get or config.set - this a pure replacement, no logic has changed [ci skip] 2016-09-13 18:41:14 +03:00			`themeData.url = config.get('urlSSL').replace(/\/$/, '');`
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`}`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00
Cache permalinks & postsPerPage on config.theme no issue - Cache the permalinks & postsPerPage settings on the config.theme object - Use the config.theme cache to reference these items throughout the frontend of a blog - Removes the need for workarounds and extra code to handle async fetches - Makes these values accessible to all themes, which is very useful now we have the API stuff 2015-12-02 13:06:44 +03:00			`// Change camelCase to snake_case`
			`themeData.posts_per_page = themeData.postsPerPage;`
			`delete themeData.postsPerPage;`

Subscribers: router & form helpers Form: - add confirm, location & referrer hidden fields - add script to populate location & referrer - add helper for creating the email field - pass through input class and placeholder for email from top level form helper - rename subscribe_form template & helper as it sounds more natural - handle success and error cases differently - improve error message display - ensure useful data is passed back so that we can show nice messages - check for honeypot value being filled out - refactor error handler to set an error and always still render 2016-04-21 18:37:52 +03:00			`hbs.updateTemplateOptions({data: {blog: themeData, labs: labsData}});`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00
🎨 🔦 refactor content paths (images, apps, themes, storage, scheduling) refs #6982 - create config util fn: getContentPath - we can later let the user change the folder names in contentPath - get rid of custom/default storage paths [ci skip] 2016-09-13 23:24:57 +03:00			`if (config.getContentPath('themes') && blogApp.get('activeTheme')) {`
			`blogApp.set('views', path.join(config.getContentPath('themes'), blogApp.get('activeTheme')));`
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`}`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`// Pass 'secure' flag to the view engine`
			`// so that templates can choose 'url' vs 'urlSSL'`
			`res.locals.secure = req.secure;`
Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)" This reverts commit 8f2afeed039ff71d602a7a78be64d1d5a2a9644a. 2016-07-21 14:26:16 +03:00
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`next();`
			`},`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`// ### Activate Theme`
			`// Helper for updateActiveTheme`
			`activateTheme: function activateTheme(blogApp, activeTheme) {`
			`var hbsOptions,`
🎨 🔦 refactor content paths (images, apps, themes, storage, scheduling) refs #6982 - create config util fn: getContentPath - we can later let the user change the folder names in contentPath - get rid of custom/default storage paths [ci skip] 2016-09-13 23:24:57 +03:00			`themePartials = path.join(config.getContentPath('themes'), activeTheme, 'partials');`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`// clear the view cache`
			`blogApp.cache = {};`
Refresh assetHash on theme activation (#7464) closes #7423 - asset hashes have never been refreshed properly! - Ghost(Pro)'s 1-theme-only limitation has been hiding this bug for 3 years 🙄 2016-09-30 14:13:16 +03:00			`// reset the asset hash`
			`config.assetHash = null;`
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00
			`// set view engine`
			`hbsOptions = {`
🎨 change how we get and set config refs #6982 - a replace for all config usages - always use config.get or config.set - this a pure replacement, no logic has changed [ci skip] 2016-09-13 18:41:14 +03:00			`partialsDir: [config.get('paths').helperTemplates],`
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`onCompile: function onCompile(exhbs, source) {`
			`return exhbs.handlebars.compile(source, {preventIndent: true});`
			`}`
			`};`

			`fs.stat(themePartials, function stat(err, stats) {`
			`// Check that the theme has a partials directory before trying to use it`
			`if (!err && stats && stats.isDirectory()) {`
			`hbsOptions.partialsDir.push(themePartials);`
			`}`
			`});`

			`blogApp.engine('hbs', hbs.express3(hbsOptions));`

			`// Set active theme variable on the express server`
			`blogApp.set('activeTheme', activeTheme);`
			`},`

			`// ### updateActiveTheme`
			`// Updates the blogApp's activeTheme variable and subsequently`
			`// activates that theme's views with the hbs templating engine if it`
			`// is not yet activated.`
Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)" This reverts commit 8f2afeed039ff71d602a7a78be64d1d5a2a9644a. 2016-07-21 14:26:16 +03:00			`updateActiveTheme: function updateActiveTheme(req, res, next) {`
			`var blogApp = req.app;`

			`api.settings.read({context: {internal: true}, key: 'activeTheme'}).then(function then(response) {`
			`var activeTheme = response.settings[0];`

			`// Check if the theme changed`
			`if (activeTheme.value !== blogApp.get('activeTheme')) {`
			`// Change theme`
🎨 change how we get and set config refs #6982 - a replace for all config usages - always use config.get or config.set - this a pure replacement, no logic has changed [ci skip] 2016-09-13 18:41:14 +03:00			`if (!config.get('paths').availableThemes.hasOwnProperty(activeTheme.value)) {`
Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)" This reverts commit 8f2afeed039ff71d602a7a78be64d1d5a2a9644a. 2016-07-21 14:26:16 +03:00			`if (!res.isAdmin) {`
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's 2016-10-06 15:27:35 +03:00			`return next(new errors.NotFoundError({`
			`message: i18n.t('errors.middleware.themehandler.missingTheme', {theme: activeTheme.value})`
			`}));`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00			`} else {`
Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)" This reverts commit 8f2afeed039ff71d602a7a78be64d1d5a2a9644a. 2016-07-21 14:26:16 +03:00			`// At this point the activated theme is not present and the current`
			`// request is for the admin client. In order to allow the user access`
			`// to the admin client we set an hbs instance on the app so that middleware`
			`// processing can continue.`
			`blogApp.engine('hbs', hbs.express3());`
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w 2016-10-04 18:33:43 +03:00			`logging.warn(i18n.t('errors.middleware.themehandler.missingTheme', {theme: activeTheme.value}));`
Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)" This reverts commit 8f2afeed039ff71d602a7a78be64d1d5a2a9644a. 2016-07-21 14:26:16 +03:00			`return next();`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00			`}`
Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)" This reverts commit 8f2afeed039ff71d602a7a78be64d1d5a2a9644a. 2016-07-21 14:26:16 +03:00			`} else {`
			`themeHandler.activateTheme(blogApp, activeTheme.value);`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00			`}`
Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)" This reverts commit 8f2afeed039ff71d602a7a78be64d1d5a2a9644a. 2016-07-21 14:26:16 +03:00			`}`
			`next();`
			`}).catch(function handleError(err) {`
			`// Trying to start up without the active theme present, setup a simple hbs instance`
			`// and render an error page straight away.`
			`blogApp.engine('hbs', hbs.express3());`
			`next(err);`
			`});`
Simplify theme middleware + improve tests refs #5286, #4172, #5888 - no need to pass blogApp around in middleware - improve test coverage to 100% 2015-10-11 23:21:54 +03:00			`}`
Middleware Refactor - Refactor SSL middleware into separate module. - Refactor redirectToSetup to separate module + tests - Refactor serveStaticFile + tests - Refactor authentication middleware + tests - Refactor private blogging middleware refs #5286 2015-07-15 19:01:23 +03:00			`};`

			`module.exports = themeHandler;`