TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-29 22:01:49 +03:00
Code Issues Projects Releases Wiki Activity
58b9aea00d
Ghost/core/server/api/v0.1/posts.js

271 lines
9.1 KiB
JavaScript
Raw Normal View History

Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
// # Posts API
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
// RESTful API for the Post resource
Simplify destroy post API endpoint implementation no issue - no need to fetch the post before - the model implementation does that already
2018-04-06 15:58:08 +03:00
const Promise = require('bluebird'),
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
{omit, defaults} = require('lodash'),
Moved api controllers into api/v0.1 (#9918) refs #9866 - preparation for v2 - moved api/ to api/v0.1 - do export v0.1 straight from the api folder, we don't want to touch this right now - that means currently if you require the api folder, we return v0.1 by default - there were some direct requires of api files in the test env - some of them use rewire - for now, we just correct the require path to require api/v0.1/ - we touch the test env next week **Docs about V2 design are coming soon!**
2018-09-27 17:06:57 +03:00
pipeline = require('../../lib/promise/pipeline'),
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils = require('./utils'),
Moved api controllers into api/v0.1 (#9918) refs #9866 - preparation for v2 - moved api/ to api/v0.1 - do export v0.1 straight from the api folder, we don't want to touch this right now - that means currently if you require the api folder, we return v0.1 by default - there were some direct requires of api files in the test env - some of them use rewire - for now, we just correct the require path to require api/v0.1/ - we touch the test env next week **Docs about V2 design are coming soon!**
2018-09-27 17:06:57 +03:00
models = require('../../models'),
common = require('../../lib/common'),
Refactor URL generation from models (#9917) Moved URL attributes logic from the model into API layer refs #9866 - Moved URL related attribute calculation for posts, users, and tags into API layer - Added test coverage for url attributes in tags/authors/primary_tags/primary_authors
2018-10-03 16:44:30 +03:00
{urlsForPost} = require('./decorators/urls'),
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
docName = 'posts',
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 17:16:15 +03:00
/**
Changed comments and deprecation notes refs #9742
2018-08-03 16:14:38 +03:00
* @deprecated: `author`, will be removed in Ghost 3.0
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 17:16:15 +03:00
*/
Next/Prev Post helpers include author & tags closes #5150 - Post API understands next.author, next.tags, previous.author and previous.tags - Post Read request filters out those properties and does the right thing with them - Prev/Next post helpers send extra include properties - Tests updated
2015-08-09 22:30:04 +03:00
allowedIncludes = [
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 17:16:15 +03:00
'created_by', 'updated_by', 'published_by', 'author', 'tags', 'fields', 'authors', 'authors.roles'
Next/Prev Post helpers include author & tags closes #5150 - Post API understands next.author, next.tags, previous.author and previous.tags - Post Read request filters out those properties and does the right thing with them - Prev/Next post helpers send extra include properties - Tests updated
2015-08-09 22:30:04 +03:00
],
Simplify destroy post API endpoint implementation no issue - no need to fetch the post before - the model implementation does that already
2018-04-06 15:58:08 +03:00
unsafeAttrs = ['author_id', 'status', 'authors'];
let posts;
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ### Posts API Methods
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*
Moved utils constants to lib/constants refs #9178
2017-12-14 16:13:40 +03:00
* **See:** [API Methods](constants.js.html#api%20methods)
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*/
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
posts = {
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Browse
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
* Find a paginated set of posts
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*
* Will only return published posts unless we have an authenticated user and an alternative status
* parameter.
*
* Will return without static pages unless told otherwise
*
*
* @public
API: Adding `featured` filter option to posts.browse Closes #5152 - Adds `featured` filter option to posts.browse method modifying the model to take it too
2015-05-06 02:06:43 +03:00
* @param {{context, page, limit, status, staticPages, tag, featured}} options (optional)
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* @returns {Promise<Posts>} Posts Collection with Meta
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
*/
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
browse(options) {
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
const extraOptions = ['status', 'formats', 'absolute_urls'];
let permittedOptions,
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks;
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
Disallow staticPages from public API refs #5151 - disable staticPages parameter for calls without authentication
2015-11-04 12:03:03 +03:00
// Workaround to remove static pages from results
// TODO: rework after https://github.com/TryGhost/Ghost/issues/5151
if (options && options.context && (options.context.user || options.context.internal)) {
extraOptions.push('staticPages');
}
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
permittedOptions = localUtils.browseDefaultOptions.concat(extraOptions);
Disallow staticPages from public API refs #5151 - disable staticPages parameter for calls without authentication
2015-11-04 12:03:03 +03:00
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function modelQuery(options) {
Removed `toJSON` serialization in `findPage` method (#9899) refs #9866 - Removed `toJSON` call in `findPage` - Added JSON serialization on API layer - Reason: model and api layer were coupled - all other model actions just returned the raw data and no specific format - Corrected test suites to serialize fetched models to JSON - Removed `absolute_urls` attribute from validOptions findPage methods as it's no longer needed in the data layer - Changed 'include' test as this option is now tolerated and returns data
2018-09-26 15:11:22 +03:00
return models.Post.findPage(options)
.then(({data, meta}) => {
return {
Revert post.page->post.type handling no issue - the column addition/removal can be too slow for large sites - will be added back in 3.0 --- Revert "Fixed canary api for page/type column" This reverts commit a5a7e7e919d83af3ea9cd7402a75dff60f2d7e9c. Revert "Updated frontend canary url config for page/type" This reverts commit 19100ec5e6edbe67464c4938521fe25d7ec15041. Revert "Updated canary api to handle type column correctly (#11006)" This reverts commit c3e8ba0523f5460662dcd3cddf0affd337b26eba. Revert "Ensured `page` filter works in routes.yaml" This reverts commit 9037c19e50c4da026f4b797413a682e1411b032f. Revert "Replaced usage of mongo util with nql-map-key-values" This reverts commit 8c5f1d0ef0ad9a03fb3e362c31063e47a0173411. Revert "Added shared nql-map-key-values module" This reverts commit ef4fd4b8ef3824290a00a371dad5a505431ab689. Revert "Ensured page prop is present on content api response" This reverts commit cfa0a0862bf7b247cfeb9b689cfdf6b8e3fb0c10. Revert "Fixed failing regression tests" This reverts commit 9c2bb3811fba8ea127b22f13d21112dcf1f5a46d. Revert "Updated xmlrpc and slack service to use type column" This reverts commit 44a02c7d3635967dd3fe8f96b793b50fd398bd40. Revert "Updated v0.1 posts api to work with type column" This reverts commit 2c81d7c914ac0a2c3b7f1d6d0385479e61d15f18. Revert "Removed updates to v0.1 specific code" This reverts commit 08d83c1f5332b7db6b96814651b496e707c2e124. Revert "Added missing context from ValidationError" This reverts commit cd45ab4f54abefeee8605df84cfc864fff1ad385. Revert "Renamed page->type in the page&posts serializers" This reverts commit df99e724e3d7dc1665916844983849494deea80d. Revert "Added mongo helper to input serializers" This reverts commit fb8eadb4a8109ba987d79decfe331c669a446609. Revert "Passed mongoTransformer through to NQL" This reverts commit 0ae3f0fdfc864dcf5c90c6b56cf975997974742c. Revert "Permitted mongoTransformer option for read methods" This reverts commit a89376bf2618520626d2cf1b8d86f3c8c453db23. Revert "Updated the count plugin to reference the type column" This reverts commit a52f15d3d3503bc9ce4e20961c1f4a0fd49316c7. Revert "Updated hashes for db integrity check" This reverts commit bb6b337be3d30e919e4edfdc2e59182cb81e9e5d. Revert "Remove page column and remaining references" This reverts commit 9d7190d69255ac011848c6bf654886be81abeedc. Revert "Added type column to data generator" This reverts commit e59806cb45c47e0bd547801de54ac5332913fbf5. Revert "Removed references to page column in rss tests" This reverts commit 04d0f855dede1a1bd910c1bc7ca4913ae27472ae. Revert "Removed page column references in validation tests" This reverts commit f0afbc5cc06449ccae034b930709e29133ca8374. Revert "Updated the post model to use the `type` column" This reverts commit 1189bc823ac6adde4f25d63d9fc83ca94e38d672. Revert "Updated url service to use type column" This reverts commit 61612ba8fd38a72d8ef6af5b2c199a9dcd80b80b. Revert "Updated the v2 api to deal with type column" This reverts commit 57afb2de2baf702575a2ea3e4d8e1b914f769e00. Revert "Added type property to post model defaults" This reverts commit dc3345b1c59d03261ecd678a9cbad0ec91ef5a38. Revert "Added type property to the default post fixtures" This reverts commit 82d8c380336b6455ad09622edf7ecd803d0cbe23. Revert "Added type column to posts table" This reverts commit 9b85fc6a69363c27d11963a5078136cedc696156.
2019-08-16 19:46:00 +03:00
posts: data.map(model => urlsForPost(model.id, model.toJSON(options), options)),
Removed `toJSON` serialization in `findPage` method (#9899) refs #9866 - Removed `toJSON` call in `findPage` - Added JSON serialization on API layer - Reason: model and api layer were coupled - all other model actions just returned the raw data and no specific format - Corrected test suites to serialize fetched models to JSON - Removed `absolute_urls` attribute from validOptions findPage methods as it's no longer needed in the data layer - Changed 'include' test as this option is now tolerated and returns data
2018-09-26 15:11:22 +03:00
meta: meta
};
});
Add include parameter for posts API closes #2609 - added include parameter to api.posts.* - changed toJSON to omit objects that are not included - added include parameter to admin - added include parameter to frontend.js - updated tests - removed duplicate code from posts model **Known Issue:** It is not possible to attach a tag using an ID.
2014-04-27 20:58:34 +04:00
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {opts: permittedOptions}),
localUtils.convertOptions(allowedIncludes, models.Post.allowedFormats),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
localUtils.handlePublicPermissions(docName, 'browse', unsafeAttrs),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
modelQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
return pipeline(tasks, options);
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
},
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Read
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust)
2015-04-16 22:40:32 +03:00
* Find a post, by ID, UUID, or Slug
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*
* @public
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* @param {Object} options
* @return {Promise<Post>} Post
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
*/
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
read(options) {
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
const attrs = ['id', 'slug', 'status', 'uuid'],
Fixed wrong handling of formats param (#9078) closes #9077 - because of our API layer refactoring, see https://github.com/TryGhost/Ghost/pull/9068 - we can now see that code was written wrong because of this horrible API bug - this fixes the formats parameter for querying a single post
2017-09-28 15:38:32 +03:00
// NOTE: the scheduler API uses the post API and forwards custom options
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
extraAllowedOptions = options.opts || ['formats', 'absolute_urls'];
let tasks;
Post response move pagination -> meta closes #2604 - moved ‚pagination‘ to ‚meta‘ property - added response test for pagination property - changed ‚next‘ and ‚prev‘ to be set to null and exist on every response - removed unnecessary call to API for RSS author
2014-04-19 19:03:20 +04:00
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function modelQuery(options) {
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
return models.Post.findOne(options.data, omit(options, ['data']))
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
.then((model) => {
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
if (!model) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NotFoundError({
message: common.i18n.t('errors.api.posts.postNotFound')
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
}));
}
return {
Revert post.page->post.type handling no issue - the column addition/removal can be too slow for large sites - will be added back in 3.0 --- Revert "Fixed canary api for page/type column" This reverts commit a5a7e7e919d83af3ea9cd7402a75dff60f2d7e9c. Revert "Updated frontend canary url config for page/type" This reverts commit 19100ec5e6edbe67464c4938521fe25d7ec15041. Revert "Updated canary api to handle type column correctly (#11006)" This reverts commit c3e8ba0523f5460662dcd3cddf0affd337b26eba. Revert "Ensured `page` filter works in routes.yaml" This reverts commit 9037c19e50c4da026f4b797413a682e1411b032f. Revert "Replaced usage of mongo util with nql-map-key-values" This reverts commit 8c5f1d0ef0ad9a03fb3e362c31063e47a0173411. Revert "Added shared nql-map-key-values module" This reverts commit ef4fd4b8ef3824290a00a371dad5a505431ab689. Revert "Ensured page prop is present on content api response" This reverts commit cfa0a0862bf7b247cfeb9b689cfdf6b8e3fb0c10. Revert "Fixed failing regression tests" This reverts commit 9c2bb3811fba8ea127b22f13d21112dcf1f5a46d. Revert "Updated xmlrpc and slack service to use type column" This reverts commit 44a02c7d3635967dd3fe8f96b793b50fd398bd40. Revert "Updated v0.1 posts api to work with type column" This reverts commit 2c81d7c914ac0a2c3b7f1d6d0385479e61d15f18. Revert "Removed updates to v0.1 specific code" This reverts commit 08d83c1f5332b7db6b96814651b496e707c2e124. Revert "Added missing context from ValidationError" This reverts commit cd45ab4f54abefeee8605df84cfc864fff1ad385. Revert "Renamed page->type in the page&posts serializers" This reverts commit df99e724e3d7dc1665916844983849494deea80d. Revert "Added mongo helper to input serializers" This reverts commit fb8eadb4a8109ba987d79decfe331c669a446609. Revert "Passed mongoTransformer through to NQL" This reverts commit 0ae3f0fdfc864dcf5c90c6b56cf975997974742c. Revert "Permitted mongoTransformer option for read methods" This reverts commit a89376bf2618520626d2cf1b8d86f3c8c453db23. Revert "Updated the count plugin to reference the type column" This reverts commit a52f15d3d3503bc9ce4e20961c1f4a0fd49316c7. Revert "Updated hashes for db integrity check" This reverts commit bb6b337be3d30e919e4edfdc2e59182cb81e9e5d. Revert "Remove page column and remaining references" This reverts commit 9d7190d69255ac011848c6bf654886be81abeedc. Revert "Added type column to data generator" This reverts commit e59806cb45c47e0bd547801de54ac5332913fbf5. Revert "Removed references to page column in rss tests" This reverts commit 04d0f855dede1a1bd910c1bc7ca4913ae27472ae. Revert "Removed page column references in validation tests" This reverts commit f0afbc5cc06449ccae034b930709e29133ca8374. Revert "Updated the post model to use the `type` column" This reverts commit 1189bc823ac6adde4f25d63d9fc83ca94e38d672. Revert "Updated url service to use type column" This reverts commit 61612ba8fd38a72d8ef6af5b2c199a9dcd80b80b. Revert "Updated the v2 api to deal with type column" This reverts commit 57afb2de2baf702575a2ea3e4d8e1b914f769e00. Revert "Added type property to post model defaults" This reverts commit dc3345b1c59d03261ecd678a9cbad0ec91ef5a38. Revert "Added type property to the default post fixtures" This reverts commit 82d8c380336b6455ad09622edf7ecd803d0cbe23. Revert "Added type column to posts table" This reverts commit 9b85fc6a69363c27d11963a5078136cedc696156.
2019-08-16 19:46:00 +03:00
posts: [urlsForPost(model.id, model.toJSON(options), options)]
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
};
});
Add include parameter for posts API closes #2609 - added include parameter to api.posts.* - changed toJSON to omit objects that are not included - added include parameter to admin - added include parameter to frontend.js - updated tests - removed duplicate code from posts model **Known Issue:** It is not possible to attach a tag using an ID.
2014-04-27 20:58:34 +04:00
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {attrs: attrs, opts: extraAllowedOptions}),
localUtils.convertOptions(allowedIncludes, models.Post.allowedFormats),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
localUtils.handlePublicPermissions(docName, 'read', unsafeAttrs),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
modelQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return pipeline(tasks, options);
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
},
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Edit
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
* Update properties of a post
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*
* @public
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
* @param {Post} object Post or specific properties to update
* @param {{id (required), context, include,...}} options
* @return {Promise(Post)} Edited Post
*/
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
edit(object, options) {
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
let tasks;
// NOTE: the scheduler API uses the post API and forwards custom options
const extraAllowedOptions = options.opts || [];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function modelQuery(options) {
Revert post.page->post.type handling no issue - the column addition/removal can be too slow for large sites - will be added back in 3.0 --- Revert "Fixed canary api for page/type column" This reverts commit a5a7e7e919d83af3ea9cd7402a75dff60f2d7e9c. Revert "Updated frontend canary url config for page/type" This reverts commit 19100ec5e6edbe67464c4938521fe25d7ec15041. Revert "Updated canary api to handle type column correctly (#11006)" This reverts commit c3e8ba0523f5460662dcd3cddf0affd337b26eba. Revert "Ensured `page` filter works in routes.yaml" This reverts commit 9037c19e50c4da026f4b797413a682e1411b032f. Revert "Replaced usage of mongo util with nql-map-key-values" This reverts commit 8c5f1d0ef0ad9a03fb3e362c31063e47a0173411. Revert "Added shared nql-map-key-values module" This reverts commit ef4fd4b8ef3824290a00a371dad5a505431ab689. Revert "Ensured page prop is present on content api response" This reverts commit cfa0a0862bf7b247cfeb9b689cfdf6b8e3fb0c10. Revert "Fixed failing regression tests" This reverts commit 9c2bb3811fba8ea127b22f13d21112dcf1f5a46d. Revert "Updated xmlrpc and slack service to use type column" This reverts commit 44a02c7d3635967dd3fe8f96b793b50fd398bd40. Revert "Updated v0.1 posts api to work with type column" This reverts commit 2c81d7c914ac0a2c3b7f1d6d0385479e61d15f18. Revert "Removed updates to v0.1 specific code" This reverts commit 08d83c1f5332b7db6b96814651b496e707c2e124. Revert "Added missing context from ValidationError" This reverts commit cd45ab4f54abefeee8605df84cfc864fff1ad385. Revert "Renamed page->type in the page&posts serializers" This reverts commit df99e724e3d7dc1665916844983849494deea80d. Revert "Added mongo helper to input serializers" This reverts commit fb8eadb4a8109ba987d79decfe331c669a446609. Revert "Passed mongoTransformer through to NQL" This reverts commit 0ae3f0fdfc864dcf5c90c6b56cf975997974742c. Revert "Permitted mongoTransformer option for read methods" This reverts commit a89376bf2618520626d2cf1b8d86f3c8c453db23. Revert "Updated the count plugin to reference the type column" This reverts commit a52f15d3d3503bc9ce4e20961c1f4a0fd49316c7. Revert "Updated hashes for db integrity check" This reverts commit bb6b337be3d30e919e4edfdc2e59182cb81e9e5d. Revert "Remove page column and remaining references" This reverts commit 9d7190d69255ac011848c6bf654886be81abeedc. Revert "Added type column to data generator" This reverts commit e59806cb45c47e0bd547801de54ac5332913fbf5. Revert "Removed references to page column in rss tests" This reverts commit 04d0f855dede1a1bd910c1bc7ca4913ae27472ae. Revert "Removed page column references in validation tests" This reverts commit f0afbc5cc06449ccae034b930709e29133ca8374. Revert "Updated the post model to use the `type` column" This reverts commit 1189bc823ac6adde4f25d63d9fc83ca94e38d672. Revert "Updated url service to use type column" This reverts commit 61612ba8fd38a72d8ef6af5b2c199a9dcd80b80b. Revert "Updated the v2 api to deal with type column" This reverts commit 57afb2de2baf702575a2ea3e4d8e1b914f769e00. Revert "Added type property to post model defaults" This reverts commit dc3345b1c59d03261ecd678a9cbad0ec91ef5a38. Revert "Added type property to the default post fixtures" This reverts commit 82d8c380336b6455ad09622edf7ecd803d0cbe23. Revert "Added type column to posts table" This reverts commit 9b85fc6a69363c27d11963a5078136cedc696156.
2019-08-16 19:46:00 +03:00
return models.Post.edit(options.data.posts[0], omit(options, ['data']))
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
.then((model) => {
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
if (!model) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NotFoundError({
message: common.i18n.t('errors.api.posts.postNotFound')
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
}));
}
🐛 Fixed 'url' attribute miscalculation when when requested as the only part of fields filter (#9969) closes #9962 - Fixed the bug with url being set to /404 when id was not present on the model - Added a functional test to cover this bug - Refactored url decorating methods to be more clear about the nature of passed parameters
2018-10-15 15:47:56 +03:00
const post = urlsForPost(model.id, model.toJSON(options), options);
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
// If previously was not published and now is (or vice versa), signal the change
// @TODO: `statusChanged` get's added for the API headers only. Reconsider this.
post.statusChanged = false;
Bumped knex & bookshelf dependencies (#10404) refs #9389, refs #9248 - https://github.com/bookshelf/bookshelf/releases/tag/0.14.0 - Bookshelf has fixed it's previous attr handling, see https://github.com/bookshelf/bookshelf/pull/1848 - SQlite3 double slashes was merged into knex and released 👻tgriesser/knex@c746dea
2019-01-21 23:53:11 +03:00
if (model.previous('status') !== model.get('status')) {
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
post.statusChanged = true;
}
return {
Revert post.page->post.type handling no issue - the column addition/removal can be too slow for large sites - will be added back in 3.0 --- Revert "Fixed canary api for page/type column" This reverts commit a5a7e7e919d83af3ea9cd7402a75dff60f2d7e9c. Revert "Updated frontend canary url config for page/type" This reverts commit 19100ec5e6edbe67464c4938521fe25d7ec15041. Revert "Updated canary api to handle type column correctly (#11006)" This reverts commit c3e8ba0523f5460662dcd3cddf0affd337b26eba. Revert "Ensured `page` filter works in routes.yaml" This reverts commit 9037c19e50c4da026f4b797413a682e1411b032f. Revert "Replaced usage of mongo util with nql-map-key-values" This reverts commit 8c5f1d0ef0ad9a03fb3e362c31063e47a0173411. Revert "Added shared nql-map-key-values module" This reverts commit ef4fd4b8ef3824290a00a371dad5a505431ab689. Revert "Ensured page prop is present on content api response" This reverts commit cfa0a0862bf7b247cfeb9b689cfdf6b8e3fb0c10. Revert "Fixed failing regression tests" This reverts commit 9c2bb3811fba8ea127b22f13d21112dcf1f5a46d. Revert "Updated xmlrpc and slack service to use type column" This reverts commit 44a02c7d3635967dd3fe8f96b793b50fd398bd40. Revert "Updated v0.1 posts api to work with type column" This reverts commit 2c81d7c914ac0a2c3b7f1d6d0385479e61d15f18. Revert "Removed updates to v0.1 specific code" This reverts commit 08d83c1f5332b7db6b96814651b496e707c2e124. Revert "Added missing context from ValidationError" This reverts commit cd45ab4f54abefeee8605df84cfc864fff1ad385. Revert "Renamed page->type in the page&posts serializers" This reverts commit df99e724e3d7dc1665916844983849494deea80d. Revert "Added mongo helper to input serializers" This reverts commit fb8eadb4a8109ba987d79decfe331c669a446609. Revert "Passed mongoTransformer through to NQL" This reverts commit 0ae3f0fdfc864dcf5c90c6b56cf975997974742c. Revert "Permitted mongoTransformer option for read methods" This reverts commit a89376bf2618520626d2cf1b8d86f3c8c453db23. Revert "Updated the count plugin to reference the type column" This reverts commit a52f15d3d3503bc9ce4e20961c1f4a0fd49316c7. Revert "Updated hashes for db integrity check" This reverts commit bb6b337be3d30e919e4edfdc2e59182cb81e9e5d. Revert "Remove page column and remaining references" This reverts commit 9d7190d69255ac011848c6bf654886be81abeedc. Revert "Added type column to data generator" This reverts commit e59806cb45c47e0bd547801de54ac5332913fbf5. Revert "Removed references to page column in rss tests" This reverts commit 04d0f855dede1a1bd910c1bc7ca4913ae27472ae. Revert "Removed page column references in validation tests" This reverts commit f0afbc5cc06449ccae034b930709e29133ca8374. Revert "Updated the post model to use the `type` column" This reverts commit 1189bc823ac6adde4f25d63d9fc83ca94e38d672. Revert "Updated url service to use type column" This reverts commit 61612ba8fd38a72d8ef6af5b2c199a9dcd80b80b. Revert "Updated the v2 api to deal with type column" This reverts commit 57afb2de2baf702575a2ea3e4d8e1b914f769e00. Revert "Added type property to post model defaults" This reverts commit dc3345b1c59d03261ecd678a9cbad0ec91ef5a38. Revert "Added type property to the default post fixtures" This reverts commit 82d8c380336b6455ad09622edf7ecd803d0cbe23. Revert "Added type column to posts table" This reverts commit 9b85fc6a69363c27d11963a5078136cedc696156.
2019-08-16 19:46:00 +03:00
posts: [post]
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
};
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {opts: localUtils.idDefaultOptions.concat(extraAllowedOptions)}),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
localUtils.handlePermissions(docName, 'edit', unsafeAttrs),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
modelQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return pipeline(tasks, object, options);
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
},
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Add
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
* Create a new post along with any tags
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*
* @public
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
* @param {Post} object
* @param {{context, include,...}} options
* @return {Promise(Post)} Created Post
*/
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
add(object, options) {
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
let tasks;
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function modelQuery(options) {
Revert post.page->post.type handling no issue - the column addition/removal can be too slow for large sites - will be added back in 3.0 --- Revert "Fixed canary api for page/type column" This reverts commit a5a7e7e919d83af3ea9cd7402a75dff60f2d7e9c. Revert "Updated frontend canary url config for page/type" This reverts commit 19100ec5e6edbe67464c4938521fe25d7ec15041. Revert "Updated canary api to handle type column correctly (#11006)" This reverts commit c3e8ba0523f5460662dcd3cddf0affd337b26eba. Revert "Ensured `page` filter works in routes.yaml" This reverts commit 9037c19e50c4da026f4b797413a682e1411b032f. Revert "Replaced usage of mongo util with nql-map-key-values" This reverts commit 8c5f1d0ef0ad9a03fb3e362c31063e47a0173411. Revert "Added shared nql-map-key-values module" This reverts commit ef4fd4b8ef3824290a00a371dad5a505431ab689. Revert "Ensured page prop is present on content api response" This reverts commit cfa0a0862bf7b247cfeb9b689cfdf6b8e3fb0c10. Revert "Fixed failing regression tests" This reverts commit 9c2bb3811fba8ea127b22f13d21112dcf1f5a46d. Revert "Updated xmlrpc and slack service to use type column" This reverts commit 44a02c7d3635967dd3fe8f96b793b50fd398bd40. Revert "Updated v0.1 posts api to work with type column" This reverts commit 2c81d7c914ac0a2c3b7f1d6d0385479e61d15f18. Revert "Removed updates to v0.1 specific code" This reverts commit 08d83c1f5332b7db6b96814651b496e707c2e124. Revert "Added missing context from ValidationError" This reverts commit cd45ab4f54abefeee8605df84cfc864fff1ad385. Revert "Renamed page->type in the page&posts serializers" This reverts commit df99e724e3d7dc1665916844983849494deea80d. Revert "Added mongo helper to input serializers" This reverts commit fb8eadb4a8109ba987d79decfe331c669a446609. Revert "Passed mongoTransformer through to NQL" This reverts commit 0ae3f0fdfc864dcf5c90c6b56cf975997974742c. Revert "Permitted mongoTransformer option for read methods" This reverts commit a89376bf2618520626d2cf1b8d86f3c8c453db23. Revert "Updated the count plugin to reference the type column" This reverts commit a52f15d3d3503bc9ce4e20961c1f4a0fd49316c7. Revert "Updated hashes for db integrity check" This reverts commit bb6b337be3d30e919e4edfdc2e59182cb81e9e5d. Revert "Remove page column and remaining references" This reverts commit 9d7190d69255ac011848c6bf654886be81abeedc. Revert "Added type column to data generator" This reverts commit e59806cb45c47e0bd547801de54ac5332913fbf5. Revert "Removed references to page column in rss tests" This reverts commit 04d0f855dede1a1bd910c1bc7ca4913ae27472ae. Revert "Removed page column references in validation tests" This reverts commit f0afbc5cc06449ccae034b930709e29133ca8374. Revert "Updated the post model to use the `type` column" This reverts commit 1189bc823ac6adde4f25d63d9fc83ca94e38d672. Revert "Updated url service to use type column" This reverts commit 61612ba8fd38a72d8ef6af5b2c199a9dcd80b80b. Revert "Updated the v2 api to deal with type column" This reverts commit 57afb2de2baf702575a2ea3e4d8e1b914f769e00. Revert "Added type property to post model defaults" This reverts commit dc3345b1c59d03261ecd678a9cbad0ec91ef5a38. Revert "Added type property to the default post fixtures" This reverts commit 82d8c380336b6455ad09622edf7ecd803d0cbe23. Revert "Added type column to posts table" This reverts commit 9b85fc6a69363c27d11963a5078136cedc696156.
2019-08-16 19:46:00 +03:00
return models.Post.add(options.data.posts[0], omit(options, ['data']))
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
.then((model) => {
🐛 Fixed 'url' attribute miscalculation when when requested as the only part of fields filter (#9969) closes #9962 - Fixed the bug with url being set to /404 when id was not present on the model - Added a functional test to cover this bug - Refactored url decorating methods to be more clear about the nature of passed parameters
2018-10-15 15:47:56 +03:00
const post = urlsForPost(model.id, model.toJSON(options), options);
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
if (post.status === 'published') {
// When creating a new post that is published right now, signal the change
post.statusChanged = true;
}
Revert post.page->post.type handling no issue - the column addition/removal can be too slow for large sites - will be added back in 3.0 --- Revert "Fixed canary api for page/type column" This reverts commit a5a7e7e919d83af3ea9cd7402a75dff60f2d7e9c. Revert "Updated frontend canary url config for page/type" This reverts commit 19100ec5e6edbe67464c4938521fe25d7ec15041. Revert "Updated canary api to handle type column correctly (#11006)" This reverts commit c3e8ba0523f5460662dcd3cddf0affd337b26eba. Revert "Ensured `page` filter works in routes.yaml" This reverts commit 9037c19e50c4da026f4b797413a682e1411b032f. Revert "Replaced usage of mongo util with nql-map-key-values" This reverts commit 8c5f1d0ef0ad9a03fb3e362c31063e47a0173411. Revert "Added shared nql-map-key-values module" This reverts commit ef4fd4b8ef3824290a00a371dad5a505431ab689. Revert "Ensured page prop is present on content api response" This reverts commit cfa0a0862bf7b247cfeb9b689cfdf6b8e3fb0c10. Revert "Fixed failing regression tests" This reverts commit 9c2bb3811fba8ea127b22f13d21112dcf1f5a46d. Revert "Updated xmlrpc and slack service to use type column" This reverts commit 44a02c7d3635967dd3fe8f96b793b50fd398bd40. Revert "Updated v0.1 posts api to work with type column" This reverts commit 2c81d7c914ac0a2c3b7f1d6d0385479e61d15f18. Revert "Removed updates to v0.1 specific code" This reverts commit 08d83c1f5332b7db6b96814651b496e707c2e124. Revert "Added missing context from ValidationError" This reverts commit cd45ab4f54abefeee8605df84cfc864fff1ad385. Revert "Renamed page->type in the page&posts serializers" This reverts commit df99e724e3d7dc1665916844983849494deea80d. Revert "Added mongo helper to input serializers" This reverts commit fb8eadb4a8109ba987d79decfe331c669a446609. Revert "Passed mongoTransformer through to NQL" This reverts commit 0ae3f0fdfc864dcf5c90c6b56cf975997974742c. Revert "Permitted mongoTransformer option for read methods" This reverts commit a89376bf2618520626d2cf1b8d86f3c8c453db23. Revert "Updated the count plugin to reference the type column" This reverts commit a52f15d3d3503bc9ce4e20961c1f4a0fd49316c7. Revert "Updated hashes for db integrity check" This reverts commit bb6b337be3d30e919e4edfdc2e59182cb81e9e5d. Revert "Remove page column and remaining references" This reverts commit 9d7190d69255ac011848c6bf654886be81abeedc. Revert "Added type column to data generator" This reverts commit e59806cb45c47e0bd547801de54ac5332913fbf5. Revert "Removed references to page column in rss tests" This reverts commit 04d0f855dede1a1bd910c1bc7ca4913ae27472ae. Revert "Removed page column references in validation tests" This reverts commit f0afbc5cc06449ccae034b930709e29133ca8374. Revert "Updated the post model to use the `type` column" This reverts commit 1189bc823ac6adde4f25d63d9fc83ca94e38d672. Revert "Updated url service to use type column" This reverts commit 61612ba8fd38a72d8ef6af5b2c199a9dcd80b80b. Revert "Updated the v2 api to deal with type column" This reverts commit 57afb2de2baf702575a2ea3e4d8e1b914f769e00. Revert "Added type property to post model defaults" This reverts commit dc3345b1c59d03261ecd678a9cbad0ec91ef5a38. Revert "Added type property to the default post fixtures" This reverts commit 82d8c380336b6455ad09622edf7ecd803d0cbe23. Revert "Added type column to posts table" This reverts commit 9b85fc6a69363c27d11963a5078136cedc696156.
2019-08-16 19:46:00 +03:00
return {posts: [post]};
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
Refactor omit of password - remove password in toJSON() instead of filtering every occurrence of user - changed faulty error type ‚NotFound‘ to ‚NoPermission‘
2014-05-06 14:14:58 +04:00
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
localUtils.handlePermissions(docName, 'add', unsafeAttrs),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
modelQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return pipeline(tasks, object, options);
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
},
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Destroy
Simplify destroy post API endpoint implementation no issue - no need to fetch the post before - the model implementation does that already
2018-04-06 15:58:08 +03:00
* Delete a post, cleans up tag relations, but not unused tags.
* You can only delete a post by `id`.
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*
* @public
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
* @param {{id (required), context,...}} options
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
* @return {Promise}
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
*/
ES6 migration: server/api/ (#9876) refs #9589
2018-09-18 16:59:56 +03:00
destroy(options) {
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
let tasks;
Invalidate cache header only for published posts Closes #1563 - Add new updatedAttributes() functionality to base models - Update Post.edit(...) to pass along _updatedAttributes values - Update Post.delete to set statusChanged to true - Add checking for statusChanged to cacheInvalidationHeader() - Update route tests that check for cache invalidation header
2014-04-22 05:04:30 +04:00
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
Refactor content deletion - Simplify the `init` method in `models/index.js` so that it no longer returns a promise. Easier to use. - Eliminates the `deleteAllContent` method from `models/index.js` as it can all be handled at the API layer in a single spot. - Optimize `destroyAllContent` in `api/db.js`. Eliminates double-fetching every post from the database and converting it to JSON. Also only fetches ids from the database instead of the entire model. - Eliminates the custom static method `destroy` in the Post model in favor of handling detaching tag relations in a single place (the `destroying` event). This also eliminates a big source of unneeded database round trips--needing to get post ids to feed into `Post.destroy()` which then re-fetches the post again.
2016-03-02 07:42:01 +03:00
* @function deletePost
* @param {Object} options
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
*/
Refactor content deletion - Simplify the `init` method in `models/index.js` so that it no longer returns a promise. Easier to use. - Eliminates the `deleteAllContent` method from `models/index.js` as it can all be handled at the API layer in a single spot. - Optimize `destroyAllContent` in `api/db.js`. Eliminates double-fetching every post from the database and converting it to JSON. Also only fetches ids from the database instead of the entire model. - Eliminates the custom static method `destroy` in the Post model in favor of handling detaching tag relations in a single place (the `destroying` event). This also eliminates a big source of unneeded database round trips--needing to get post ids to feed into `Post.destroy()` which then re-fetches the post again.
2016-03-02 07:42:01 +03:00
function deletePost(options) {
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
const opts = defaults({require: true}, options);
Simplify destroy post API endpoint implementation no issue - no need to fetch the post before - the model implementation does that already
2018-04-06 15:58:08 +03:00
return models.Post.destroy(opts).return(null)
ES6 migration: server/api (#9761) refs #9589 - not all of the api files were updated
2018-09-10 15:30:48 +03:00
.catch(models.Post.NotFoundError, () => {
Simplify destroy post API endpoint implementation no issue - no need to fetch the post before - the model implementation does that already
2018-04-06 15:58:08 +03:00
throw new common.errors.NotFoundError({
message: common.i18n.t('errors.api.posts.postNotFound')
});
Proper error handling for permissible implementations no issue - currently if you would like to edit a resource (e.g. post) and you pass an invalid model id, the following happens - permission check calls `Post.permissible` - the Post could not find the post, but ignored it and returned `userPermissions:true` - then the model layer is queried again and figured out that the post does not exist - A: there is no need to query the model twice - B: we needed proper error handling for post and role model
2018-02-21 18:59:48 +03:00
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {opts: localUtils.idDefaultOptions}),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
localUtils.handlePermissions(docName, 'destroy', unsafeAttrs),
Refactor content deletion - Simplify the `init` method in `models/index.js` so that it no longer returns a promise. Easier to use. - Eliminates the `deleteAllContent` method from `models/index.js` as it can all be handled at the API layer in a single spot. - Optimize `destroyAllContent` in `api/db.js`. Eliminates double-fetching every post from the database and converting it to JSON. Also only fetches ids from the database instead of the entire model. - Eliminates the custom static method `destroy` in the Post model in favor of handling detaching tag relations in a single place (the `destroying` event). This also eliminates a big source of unneeded database round trips--needing to get post ids to feed into `Post.destroy()` which then re-fetches the post again.
2016-03-02 07:42:01 +03:00
deletePost
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
return pipeline(tasks, options);
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
}
};
Add jscs task to grunt file and clean up files to adhere to jscs rules. resolves #1920 - updates all files to conform to style settings.
2014-09-10 08:06:24 +04:00
module.exports = posts;
Reference in New Issue Copy Permalink