TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-18 16:01:40 +03:00
Code Issues Projects Releases Wiki Activity
71ba76b99b
Ghost/core/server/api/users.js

409 lines
14 KiB
JavaScript
Raw Normal View History

Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
// # Users API
// RESTful API for the User resource
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
var Promise = require('bluebird'),
_ = require('lodash'),
Moved pipeline/sequence to lib/promise refs #9178 - continue with killing our global utils folder - i haven't found any better naming for lib/promise - so, require single files for now - instead of doing `promiseLib = require('../lib/promise')` - we can optimise the requires later
2017-12-14 00:20:02 +03:00
pipeline = require('../lib/promise/pipeline'),
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils = require('./utils'),
Moved labs, auth, permissions, settings, mail, themes to services (#9339) refs #9178 - move tests as well
2017-12-14 05:01:23 +03:00
canThis = require('../services/permissions').canThis,
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
models = require('../models'),
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
common = require('../lib/common'),
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
docName = 'users',
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
// TODO: implement created_by, updated_by
Rename post_count to count.posts refs #6009 - This is a straight rename, no functionality is added - The dot syntax requires pre/post processing to convert the name - This PR also includes several updates to the tests, as they weren't being run as part of Travis!
2015-11-20 15:04:49 +03:00
allowedIncludes = ['count.posts', 'permissions', 'roles', 'roles.permissions'],
🎨 Separate invites from user refs #7420 - remove invite logic from user - add invite model and adapt affected logic for inviting team members
2016-09-21 17:48:14 +03:00
users;
User edit & add endpoints cleanup - edit and add endpoints don't assume role - edit and add endpoints cope with no role, role objects, and strings - resend user invite was failing at one point due to no role being sent, but this shouldn't be required - other random api cleanup
2014-07-31 04:15:34 +04:00
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ### Users API Methods
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*
Moved utils constants to lib/constants refs #9178
2017-12-14 16:13:40 +03:00
* **See:** [API Methods](constants.js.html#api%20methods)
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*/
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
users = {
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
* ## Browse
* Fetch all users
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
* @param {{context}} options (optional)
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* @returns {Promise<Users>} Users Collection
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
*/
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
browse: function browse(options) {
Remove featured, tag, author & role API params refs #5943 - removed featured, tag and author parameters from posts API - featured was only used in tests - removed role filter from users API - role was only used in tests - fixed up the tests, skipping those that don't quite work yet
2015-10-24 23:39:47 +03:00
var extraOptions = ['status'],
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
permittedOptions = localUtils.browseDefaultOptions.concat(extraOptions),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks;
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function doQuery(options) {
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
return models.User.findPage(options);
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {opts: permittedOptions}),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
localUtils.handlePublicPermissions(docName, 'browse'),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
doQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
return pipeline(tasks, options);
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
},
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Read
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
* @param {{id, context}} options
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* @returns {Promise<Users>} User
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*/
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
read: function read(options) {
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
var attrs = ['id', 'slug', 'status', 'email', 'role'],
Removed OAuth leftover: emit event when calling /users/me (#9061) refs #8342 - was added in this commit https://github.com/TryGhost/Ghost/commit/319a38827726e6c0d1cb5d9a21dffc5ed701b620 - we can remove this event
2017-09-27 06:07:39 +03:00
tasks;
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
✨ ghost auth: sync email (#8027) * ✨ ghost auth: sync email refs #7452 - sync email changes in background (every hour right now) - sync logged in user only! - no sync if auth strategy password is used - GET /users/me is triggered on every page refresh - added TODO to support or add long polling for syncing data later - no tests yet on purpose, as i would like to get a basic review first * 🐩 use events - remember sync per user
2017-02-23 21:04:24 +03:00
// Special handling for /users/me request
Removed OAuth leftover: emit event when calling /users/me (#9061) refs #8342 - was added in this commit https://github.com/TryGhost/Ghost/commit/319a38827726e6c0d1cb5d9a21dffc5ed701b620 - we can remove this event
2017-09-27 06:07:39 +03:00
if (options.id === 'me' && options.context && options.context.user) {
Add public API permission handling refs #4004, #5614 - added new public permission handling functions to permissions - added a new util to handle either public permissions or normal permissions - updated posts, tags and users endpoints to use the new util - added test coverage for the new code
2015-06-27 21:09:25 +03:00
options.id = options.context.user;
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function doQuery(options) {
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return models.User.findOne(options.data, _.omit(options, ['data']))
.then(function onModelResponse(model) {
if (!model) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NotFoundError({
message: common.i18n.t('errors.api.users.userNotFound')
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
}));
}
return {
users: [model.toJSON(options)]
};
});
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {attrs: attrs}),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
localUtils.handlePublicPermissions(docName, 'read'),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
doQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return pipeline(tasks, options);
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
},
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Edit
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
* @param {User} object the user details to edit
* @param {{id, context}} options
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* @returns {Promise<User>}
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
*/
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
edit: function edit(object, options) {
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
var extraOptions = ['editRoles'],
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
permittedOptions = extraOptions.concat(localUtils.idDefaultOptions),
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks;
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
if (object.users && object.users[0] && object.users[0].roles && object.users[0].roles[0]) {
options.editRoles = true;
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
}
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
Don't alter password from User.edit endpoint - password changes should only be possible from the password change endpoint Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
2015-09-23 21:44:38 +03:00
// The password should never be set via this endpoint, if it is passed, ignore it
if (object.users && object.users[0] && object.users[0].password) {
delete object.users[0].password;
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Handle Permissions
* We need to be an authorised user to perform this action
* Edit user allows the related role object to be updated as well, with some rules:
* - No change permitted to the role of the owner
* - no change permitted to the role of the context user (user making the request)
* @param {Object} options
* @returns {Object} options
*/
function handlePermissions(options) {
if (options.id === 'me' && options.context && options.context.user) {
options.id = options.context.user;
}
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
return canThis(options.context).edit.user(options.id).then(function () {
✨ suspend user feature (#8114) refs #8111 - Ghost returns now all (active+none active) users by default - protect login with suspended status - test permissions and add extra protection for suspending myself - if a user is suspended and tries to activate himself, he won't be able to proceed the login to get a new token
2017-03-13 15:03:26 +03:00
// CASE: can't edit my own status to inactive or locked
if (options.id === options.context.user) {
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
if (models.User.inactiveStates.indexOf(options.data.users[0].status) !== -1) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NoPermissionError({
message: common.i18n.t('errors.api.users.cannotChangeStatus')
✨ suspend user feature (#8114) refs #8111 - Ghost returns now all (active+none active) users by default - protect login with suspended status - test permissions and add extra protection for suspending myself - if a user is suspended and tries to activate himself, he won't be able to proceed the login to get a new token
2017-03-13 15:03:26 +03:00
}));
}
}
// CASE: if roles aren't in the payload, proceed with the edit
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
if (!(options.data.users[0].roles && options.data.users[0].roles[0])) {
return options;
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// @TODO move role permissions out of here
var role = options.data.users[0].roles[0],
✨ replace auto increment id's by object id (#7495) * 🛠 bookshelf tarball, bson-objectid * 🎨 schema changes - change increment type to string - add a default fallback for string length 191 (to avoid adding this logic to every single column which uses an ID) - remove uuid, because ID now represents a global resource identifier - keep uuid for post, because we are using this as preview id - keep uuid for clients for now - we are using this param for Ghost-Auth * ✨ base model: generate ObjectId on creating event - each new resource get's a auto generate ObjectId - this logic won't work for attached models, this commit comes later * 🎨 centralised attach method When attaching models there are two things important two know 1. To be able to attach an ObjectId, we need to register the `onCreating` event the fetched model!This is caused by the Bookshelf design in general. On this target model we are attaching the new model. 2. We need to manually fetch the target model, because Bookshelf has a weird behaviour (which is known as a bug, see see https://github.com/tgriesser/bookshelf/issues/629). The most important property when attaching a model is `parentFk`, which is the foreign key. This can be null when fetching the model with the option `withRelated`. To ensure quality and consistency, the custom attach wrapper always fetches the target model manual. By fetching the target model (again) is a little performance decrease, but it also has advantages: we can register the event, and directly unregister the event again. So very clean code. Important: please only use the custom attach wrapper in the future. * 🎨 token model had overriden the onCreating function because of the created_at field - we need to ensure that the base onCreating hook get's triggered for ALL models - if not, they don't get an ObjectId assigned - in this case: be smart and check if the target model has a created_at field * 🎨 we don't have a uuid field anymore, remove the usages - no default uuid creation in models - i am pretty sure we have some more definitions in our tests (for example in the export json files), but that is too much work to delete them all * 🎨 do not parse ID to Number - we had various occurances of parsing all ID's to numbers - we don't need this behaviour anymore - ID is string - i will adapt the ID validation in the next commit * 🎨 change ID regex for validation - we only allow: ID as ObjectId, ID as 1 and ID as me - we need to keep ID 1, because our whole software relies on ID 1 (permissions etc) * 🎨 owner fixture - roles: [4] does not work anymore - 4 means -> static id 4 - this worked in an auto increment system (not even in a system with distributed writes) - with ObjectId we generate each ID automatically (for static and dynamic resources) - it is possible to define all id's for static resources still, but that means we need to know which ID is already used and for consistency we have to define ObjectId's for these static resources - so no static id's anymore, except of: id 1 for owner and id 0 for external usage (because this is required from our permission system) - NOTE: please read through the comment in the user model * 🎨 tests: DataGenerator and test utils First of all: we need to ensure using ObjectId's in the tests. When don't, we can't ensure that ObjectId's work properly. This commit brings lot's of dynamic into all the static defined id's. In one of the next commits, i will adapt all the tests. * 🚨 remove counter in Notification API - no need to add a counter - we simply generate ObjectId's (they are auto incremental as well) - our id validator does only allow ObjectId as id,1 and me * 🎨 extend contextUser in Base Model - remove isNumber check, because id's are no longer numbers, except of id 0/1 - use existing isExternalUser - support id 0/1 as string or number * ✨ Ghost Owner has id 1 - ensure we define this id in the fixtures.json - doesn't matter if number or string * 🎨 functional tests adaptions - use dynamic id's * 🎨 fix unit tests * 🎨 integration tests adaptions * 🎨 change importer utils - all our export examples (test/fixtures/exports) contain id's as numbers - fact: but we ignore them anyway when inserting into the database, see https://github.com/TryGhost/Ghost/blob/master/core/server/data/import/utils.js#L249 - in https://github.com/TryGhost/Ghost/pull/7495/commits/0e6ed957cd54dc02a25cf6fb1ab7d7e723295e2c#diff-70f514a06347c048648be464819503c4L67 i removed parsing id's to integers - i realised that this ^ check just existed, because the userIdToMap was an object key and object keys are always strings! - i think this logic is a little bit complicated, but i don't want to refactor this now - this commit ensures when trying to find the user, the id comparison works again - i've added more documentation to understand this logic ;) - plus i renamed an attribute to improve readability * 🎨 Data-Generator: add more defaults to createUser - if i use the function DataGenerator.forKnex.createUser i would like to get a full set of defaults * 🎨 test utils: change/extend function set for functional tests - functional tests work a bit different - they boot Ghost and seed the database - some functional tests have mis-used the test setup - the test setup needs two sections: integration/unit and functional tests - any functional test is allowed to either add more data or change data in the existing Ghost db - but what it should not do is: add test fixtures like roles or users from our DataGenerator and cross fingers it will work - this commit adds a clean method for functional tests to add extra users * 🎨 functional tests adaptions - use last commit to insert users for functional tests clean - tidy up usage of testUtils.setup or testUtils.doAuth * 🐛 test utils: reset database before init - ensure we don't have any left data from other tests in the database when starting ghost * 🐛 fix test (unrelated to this PR) - fixes a random failure - return statement was missing * 🎨 make changes for invites
2016-11-17 12:09:11 +03:00
roleId = role.id || role,
editedUserId = options.id;
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
return models.User.findOne(
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
{id: options.context.user, status: 'all'}, {withRelated: ['roles']}
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
).then(function (contextUser) {
Refactor to remove author.email from API refs #2330 - Pass through `options` to all toJSON calls on posts, tags, and users - Use options.context.user to determine whether it's OK to return user.email - Remove author.email handling code from frontend.js
2015-04-18 00:27:04 +03:00
var contextRoleId = contextUser.related('roles').toJSON(options)[0].id;
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
if (roleId !== contextRoleId && editedUserId === contextUser.id) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NoPermissionError({
message: common.i18n.t('errors.api.users.cannotChangeOwnRole')
✨ suspend user feature (#8114) refs #8111 - Ghost returns now all (active+none active) users by default - protect login with suspended status - test permissions and add extra protection for suspending myself - if a user is suspended and tries to activate himself, he won't be able to proceed the login to get a new token
2017-03-13 15:03:26 +03:00
}));
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
}
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
return models.User.findOne({role: 'Owner'}).then(function (owner) {
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
if (contextUser.id !== owner.id) {
if (editedUserId === owner.id) {
if (owner.related('roles').at(0).id !== roleId) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NoPermissionError({
message: common.i18n.t('errors.api.users.cannotChangeOwnersRole')
✨ suspend user feature (#8114) refs #8111 - Ghost returns now all (active+none active) users by default - protect login with suspended status - test permissions and add extra protection for suspending myself - if a user is suspended and tries to activate himself, he won't be able to proceed the login to get a new token
2017-03-13 15:03:26 +03:00
}));
Ensure Owner's role isn't downgraded closes #3765 - Simple API check to ensure that the owner isn’t downgraded to a different role (analog to the ’can’t change your own role’ check) - Test added to ensure Owner can't be downgraded to a lower role
2014-08-13 23:12:50 +04:00
}
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
} else if (roleId !== contextRoleId) {
return canThis(options.context).assign.role(role).then(function () {
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
return options;
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
});
}
User edit & add endpoints cleanup - edit and add endpoints don't assume role - edit and add endpoints cope with no role, role objects, and strings - resend user invite was failing at one point due to no role being sent, but this shouldn't be required - other random api cleanup
2014-07-31 04:15:34 +04:00
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
return options;
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
});
Fix up users API so admin role can edit owner No Issue. - Make sure that a user with the Admin role can edit the Owner. - Add test for behavior.
2015-01-20 22:21:50 +03:00
});
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w
2016-10-04 18:33:43 +03:00
}).catch(function handleError(err) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NoPermissionError({
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
2016-10-06 15:27:35 +03:00
err: err,
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
context: common.i18n.t('errors.api.users.noPermissionToEditUser')
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
2016-10-06 15:27:35 +03:00
}));
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function doQuery(options) {
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return models.User.edit(options.data.users[0], _.omit(options, ['data']))
.then(function onModelResponse(model) {
if (!model) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NotFoundError({
message: common.i18n.t('errors.api.users.userNotFound')
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
}));
}
return {
users: [model.toJSON(options)]
};
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {opts: permittedOptions}),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
handlePermissions,
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
doQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return pipeline(tasks, object, options);
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
},
Use current user in models closes #2058 - fixed apiContext as suggested in the issue - added user to options object for models - added api.users.register() for public registration - changed models to use options.user for created_by, updated_by, author_id and published_by - added override to session model to avoid created_by and updated_by values - added user (id: 1) to tests - added user (id: 1) for registration - added user (id: 1) for import, fixtures and default settings - added user (id: 1) for user update - added user (id: 1) for settings update (dbHash, installedApps, update check) - updated bookshelf to version 0.6.8
2014-04-03 17:03:09 +04:00
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Destroy
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
* @param {{id, context}} options
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
* @returns {Promise}
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
*/
destroy: function destroy(options) {
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
var tasks;
/**
* ### Handle Permissions
* We need to be an authorised user to perform this action
* @param {Object} options
* @returns {Object} options
*/
function handlePermissions(options) {
return canThis(options.context).destroy.user(options.id).then(function permissionGranted() {
options.status = 'all';
return options;
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w
2016-10-04 18:33:43 +03:00
}).catch(function handleError(err) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NoPermissionError({
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
2016-10-06 15:27:35 +03:00
err: err,
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
context: common.i18n.t('errors.api.users.noPermissionToDestroyUser')
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
2016-10-06 15:27:35 +03:00
}));
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
});
}
/**
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
* ### Delete User
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* Make the call to the Model layer
* @param {Object} options
*/
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
function deleteUser(options) {
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
return models.Base.transaction(function (t) {
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
options.transacting = t;
return Promise.all([
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
models.Accesstoken.destroyByUser(options),
models.Refreshtoken.destroyByUser(options),
models.Post.destroyByAuthor(options)
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
]).then(function () {
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
return models.User.destroy(options);
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
}).return(null);
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w
2016-10-04 18:33:43 +03:00
}).catch(function (err) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NoPermissionError({
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
2016-10-06 15:27:35 +03:00
err: err
}));
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate(docName, {opts: localUtils.idDefaultOptions}),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
handlePermissions,
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
deleteUser
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
return pipeline(tasks, options);
User edit, add & destroy perms restricted by role closes #3096, closes #3378, refs #3100 - user.permissible updated to reflect proper permissions - small amount of API refactoring to handle extra cases - extensive integration testing
2014-07-24 13:46:05 +04:00
},
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Change Password
Move post slug endpoint & add endpoints for users closes #3187 - move slug endpoint to post/slug/:slug - create similar slug and email endpoint for users - add/update tests
2014-07-09 02:28:31 +04:00
* @param {password} object
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
* @param {{context}} options
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* @returns {Promise<password>} success message
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
*/
changePassword: function changePassword(object, options) {
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
var tasks;
🎨 remove token logic from user model (#7622) * 🔥 remove User model functions - validateToken - generateToken - resetPassword - all this logic will re-appear in a different way Token logic: - was already extracted as separate PR, see https://github.com/TryGhost/Ghost/pull/7554 - we will use this logic in the controller, you will see in the next commits Reset Password: Was just a wrapper for calling the token logic and change the password. We can reconsider keeping the function to call: changePassword and activate the status of the user - but i think it's fine to trigger these two actions from the controlling unit. * 🔥 remove password reset tests from User model - we already have unit tests for change password and the token logic - i will re-check at the end if any test case is missing - but for now i will just burn the tests * ✨ add token logic to controlling unit generateResetToken endpoint - the only change here is instead of calling the User model to generate a token, we generate the token via utils - we fetch the user by email, and generate a hash and return resetPassword endpoint - here we have changed a little bit more - first of all: we have added the validation check if the new passwords match - a new helper method to extract the token informations - the brute force security check, which can be handled later from the new bruteforce middleware (see TODO) - the actual reset function is doing the steps: load me the user, compare the token, change the password and activate the user - we can think of wrapping these steps into a User model function - i was not sure about it, because it is actually part of the controlling unit [ci skip] * 🎨 tidy up - jscs - jshint - naming functions - fixes * ✨ add a test for resetting the password - there was none - added a test to reset the password * 🎨 add more token tests - ensure quality - ensure logic we had * 🔥 remove compare new password check from User Model - this part of controlling unit * ✨ compare new passwords for user endpoint - we deleted the logic in User Model - we are adding the logic to controlling unit * 🐛 spam prevention forgotten can crash - no validation happend before this middleware - it just assumes that the root key is present - when we work on our API, we need to ensure that 1. pre validation happens 2. we call middlewares 3. ... * 🎨 token translation key
2016-11-07 14:18:50 +03:00
function validateRequest() {
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
return localUtils.validate('password')(object, options)
🎨 remove token logic from user model (#7622) * 🔥 remove User model functions - validateToken - generateToken - resetPassword - all this logic will re-appear in a different way Token logic: - was already extracted as separate PR, see https://github.com/TryGhost/Ghost/pull/7554 - we will use this logic in the controller, you will see in the next commits Reset Password: Was just a wrapper for calling the token logic and change the password. We can reconsider keeping the function to call: changePassword and activate the status of the user - but i think it's fine to trigger these two actions from the controlling unit. * 🔥 remove password reset tests from User model - we already have unit tests for change password and the token logic - i will re-check at the end if any test case is missing - but for now i will just burn the tests * ✨ add token logic to controlling unit generateResetToken endpoint - the only change here is instead of calling the User model to generate a token, we generate the token via utils - we fetch the user by email, and generate a hash and return resetPassword endpoint - here we have changed a little bit more - first of all: we have added the validation check if the new passwords match - a new helper method to extract the token informations - the brute force security check, which can be handled later from the new bruteforce middleware (see TODO) - the actual reset function is doing the steps: load me the user, compare the token, change the password and activate the user - we can think of wrapping these steps into a User model function - i was not sure about it, because it is actually part of the controlling unit [ci skip] * 🎨 tidy up - jscs - jshint - naming functions - fixes * ✨ add a test for resetting the password - there was none - added a test to reset the password * 🎨 add more token tests - ensure quality - ensure logic we had * 🔥 remove compare new password check from User Model - this part of controlling unit * ✨ compare new passwords for user endpoint - we deleted the logic in User Model - we are adding the logic to controlling unit * 🐛 spam prevention forgotten can crash - no validation happend before this middleware - it just assumes that the root key is present - when we work on our API, we need to ensure that 1. pre validation happens 2. we call middlewares 3. ... * 🎨 token translation key
2016-11-07 14:18:50 +03:00
.then(function (options) {
var data = options.data.password[0];
if (data.newPassword !== data.ne2Password) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.ValidationError({
message: common.i18n.t('errors.models.user.newPasswordsDoNotMatch')
🎨 remove token logic from user model (#7622) * 🔥 remove User model functions - validateToken - generateToken - resetPassword - all this logic will re-appear in a different way Token logic: - was already extracted as separate PR, see https://github.com/TryGhost/Ghost/pull/7554 - we will use this logic in the controller, you will see in the next commits Reset Password: Was just a wrapper for calling the token logic and change the password. We can reconsider keeping the function to call: changePassword and activate the status of the user - but i think it's fine to trigger these two actions from the controlling unit. * 🔥 remove password reset tests from User model - we already have unit tests for change password and the token logic - i will re-check at the end if any test case is missing - but for now i will just burn the tests * ✨ add token logic to controlling unit generateResetToken endpoint - the only change here is instead of calling the User model to generate a token, we generate the token via utils - we fetch the user by email, and generate a hash and return resetPassword endpoint - here we have changed a little bit more - first of all: we have added the validation check if the new passwords match - a new helper method to extract the token informations - the brute force security check, which can be handled later from the new bruteforce middleware (see TODO) - the actual reset function is doing the steps: load me the user, compare the token, change the password and activate the user - we can think of wrapping these steps into a User model function - i was not sure about it, because it is actually part of the controlling unit [ci skip] * 🎨 tidy up - jscs - jshint - naming functions - fixes * ✨ add a test for resetting the password - there was none - added a test to reset the password * 🎨 add more token tests - ensure quality - ensure logic we had * 🔥 remove compare new password check from User Model - this part of controlling unit * ✨ compare new passwords for user endpoint - we deleted the logic in User Model - we are adding the logic to controlling unit * 🐛 spam prevention forgotten can crash - no validation happend before this middleware - it just assumes that the root key is present - when we work on our API, we need to ensure that 1. pre validation happens 2. we call middlewares 3. ... * 🎨 token translation key
2016-11-07 14:18:50 +03:00
}));
}
return Promise.resolve(options);
});
}
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
/**
* ### Handle Permissions
* We need to be an authorised user to perform this action
* @param {Object} options
* @returns {Object} options
*/
function handlePermissions(options) {
Refactor changePassword and resetPassword issue #5500 - make `changePassword` and `resetPassword` methods on `user` model consistent: use `object` and `options` arguments instead of multiple different arguments - change User API `changePassword` method to use these new arguments
2015-07-07 16:32:50 +03:00
return canThis(options.context).edit.user(options.data.password[0].user_id).then(function permissionGranted() {
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
return options;
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w
2016-10-04 18:33:43 +03:00
}).catch(function (err) {
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
return Promise.reject(new common.errors.NoPermissionError({
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
2016-10-06 15:27:35 +03:00
err: err,
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
context: common.i18n.t('errors.api.users.noPermissionToChangeUsersPwd')
✨ Error creation (#7477) refs #7116, refs #2001 - Changes the way Ghost errors are implemented to benefit from proper inheritance - Moves all error definitions into a single file - Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order. - Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed. Summary of changes: * 🐛 set NODE_ENV in config handler * ✨ add GhostError implementation (core/server/errors.js) - register all errors in one file - inheritance from GhostError - option pattern * 🔥 remove all error files * ✨ wrap all errors into GhostError in case of HTTP * 🎨 adaptions - option pattern for errors - use GhostError when needed * 🎨 revert debug deletion and add TODO for error id's
2016-10-06 15:27:35 +03:00
}));
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
});
}
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function doQuery(options) {
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
return models.User.changePassword(
Refactor changePassword and resetPassword issue #5500 - make `changePassword` and `resetPassword` methods on `user` model consistent: use `object` and `options` arguments instead of multiple different arguments - change User API `changePassword` method to use these new arguments
2015-07-07 16:32:50 +03:00
options.data.password[0],
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
_.omit(options, ['data'])
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
).then(function onModelResponse() {
return Promise.resolve({
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file
2017-12-12 00:47:46 +03:00
password: [{message: common.i18n.t('notices.api.users.pwdChangedSuccessfully')}]
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
});
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
🎨 remove token logic from user model (#7622) * 🔥 remove User model functions - validateToken - generateToken - resetPassword - all this logic will re-appear in a different way Token logic: - was already extracted as separate PR, see https://github.com/TryGhost/Ghost/pull/7554 - we will use this logic in the controller, you will see in the next commits Reset Password: Was just a wrapper for calling the token logic and change the password. We can reconsider keeping the function to call: changePassword and activate the status of the user - but i think it's fine to trigger these two actions from the controlling unit. * 🔥 remove password reset tests from User model - we already have unit tests for change password and the token logic - i will re-check at the end if any test case is missing - but for now i will just burn the tests * ✨ add token logic to controlling unit generateResetToken endpoint - the only change here is instead of calling the User model to generate a token, we generate the token via utils - we fetch the user by email, and generate a hash and return resetPassword endpoint - here we have changed a little bit more - first of all: we have added the validation check if the new passwords match - a new helper method to extract the token informations - the brute force security check, which can be handled later from the new bruteforce middleware (see TODO) - the actual reset function is doing the steps: load me the user, compare the token, change the password and activate the user - we can think of wrapping these steps into a User model function - i was not sure about it, because it is actually part of the controlling unit [ci skip] * 🎨 tidy up - jscs - jshint - naming functions - fixes * ✨ add a test for resetting the password - there was none - added a test to reset the password * 🎨 add more token tests - ensure quality - ensure logic we had * 🔥 remove compare new password check from User Model - this part of controlling unit * ✨ compare new passwords for user endpoint - we deleted the logic in User Model - we are adding the logic to controlling unit * 🐛 spam prevention forgotten can crash - no validation happend before this middleware - it just assumes that the root key is present - when we work on our API, we need to ensure that 1. pre validation happens 2. we call middlewares 3. ... * 🎨 token translation key
2016-11-07 14:18:50 +03:00
validateRequest,
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
handlePermissions,
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
doQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return pipeline(tasks, object, options);
Transfer ownership end point closes #3426 - added transfer ownership endpoint - added owner to roles.permissible - manually removed owner from roles.browse - removed hard coded author role - fixed tests that were passing due to hard coded author role - added testUtils.setup(‚roles‘)
2014-07-30 19:40:30 +04:00
},
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
Transfer ownership end point closes #3426 - added transfer ownership endpoint - added owner to roles.permissible - manually removed owner from roles.browse - removed hard coded author role - fixed tests that were passing due to hard coded author role - added testUtils.setup(‚roles‘)
2014-07-30 19:40:30 +04:00
/**
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
* ## Transfer Ownership
* @param {owner} object
* @param {Object} options
* @returns {Promise<User>}
Transfer ownership end point closes #3426 - added transfer ownership endpoint - added owner to roles.permissible - manually removed owner from roles.browse - removed hard coded author role - fixed tests that were passing due to hard coded author role - added testUtils.setup(‚roles‘)
2014-07-30 19:40:30 +04:00
*/
transferOwnership: function transferOwnership(object, options) {
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
var tasks;
/**
* ### Handle Permissions
* We need to be an authorised user to perform this action
* @param {Object} options
* @returns {Object} options
*/
function handlePermissions(options) {
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
return models.Role.findOne({name: 'Owner'}).then(function (ownerRole) {
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
return canThis(options.context).assign.role(ownerRole);
}).then(function () {
return options;
Transfer ownership end point closes #3426 - added transfer ownership endpoint - added owner to roles.permissible - manually removed owner from roles.browse - removed hard coded author role - fixed tests that were passing due to hard coded author role - added testUtils.setup(‚roles‘)
2014-07-30 19:40:30 +04:00
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
/**
* ### Model Query
* Make the call to the Model layer
* @param {Object} options
* @returns {Object} options
*/
function doQuery(options) {
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return models.User.transferOwnership(options.data.owner[0], _.omit(options, ['data']))
.then(function onModelResponse(model) {
// NOTE: model returns json object already
// @TODO: why?
return {
users: model
};
});
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
}
// Push all of our tasks into a `tasks` array in the correct order
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
tasks = [
Renamed apiUtils to localUtils - consistency change refs #9178 - we should always use the same naming patterns
2017-12-14 00:14:19 +03:00
localUtils.validate('owner'),
localUtils.convertOptions(allowedIncludes),
Sorted out the mixed usages of `include` and `withRelated` (#9425) no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
2018-02-15 12:53:53 +03:00
handlePermissions,
API Option Handling refs #2758 - add a set of default options to utils - update validation function to only pass through permitted options - pass permitted options into validate where necessary - setup basic validation for each known option, and generic validation for the remainder - change slug to treat 'name' as data, rather than an option
2015-07-01 21:17:56 +03:00
doQuery
];
Refactor to using pipeline for the API refs #2758 - Post, Tag & User API methods are refactored to use pipeline - Each functional code block is a named task function - Each function takes options, manipulates it, and returns options back - Tasks like permissions can reject if they don't pass, causing the pipeline to fail - Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint - Tasks like the data call can be extremely complex if needs be (like for some user endpoints) - Option validation is mostly factored out to utils - Option conversion is factored out to utils - API utils have 100% test coverage - Minor updates to inline docs, more to do here
2015-06-22 23:11:35 +03:00
// Pipeline calls each task passing the result of one to be the arguments for the next
Refactored the API layer: do not handle API response after pipelining no issue - this has a big underlying problem - each task in the pipeline can modify the options - e.g. add a proper permission context - if we chain after the pipeline, we don't have access to the modified options object - and then we pass the wrong options into the `toJSON` function of a model - the toJSON function decides what to return based on options - this is the easiest solution for now, but i am going to write a spec if we can solve this problem differently
2017-09-27 11:31:41 +03:00
return pipeline(tasks, object, options);
Transfer ownership end point closes #3426 - added transfer ownership endpoint - added owner to roles.permissible - manually removed owner from roles.browse - removed hard coded author role - fixed tests that were passing due to hard coded author role - added testUtils.setup(‚roles‘)
2014-07-30 19:40:30 +04:00
}
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
};
module.exports = users;
Reference in New Issue Copy Permalink