Ghost/core/frontend/apps/private-blogging/index.js

const path = require('path');
const tpl = require('@tryghost/tpl');
const logging = require('@tryghost/logging');
const errors = require('@tryghost/errors');
const urlUtils = require('../../../shared/url-utils');
const middleware = require('./lib/middleware');
const router = require('./lib/router');

const messages = {
    urlCannotContainPrivateSubdir: {
        error: 'private subdirectory not allowed',
        description: 'Your site url in config.js cannot contain a subdirectory called private.',
        help: 'Please rename the subdirectory before restarting'
    }
};

// routeKeywords.private: 'private'
const PRIVATE_KEYWORD = 'private';

let checkSubdir = function checkSubdir() {
    let paths = '';

    if (urlUtils.getSubdir()) {
        paths = urlUtils.getSubdir().split('/');

        if (paths.pop() === PRIVATE_KEYWORD) {
            logging.error(new errors.InternalServerError({
                message: tpl(messages.urlCannotContainPrivateSubdir.error),
                context: tpl(messages.urlCannotContainPrivateSubdir.description),
                help: tpl(messages.urlCannotContainPrivateSubdir.help)
            }));

            // @TODO: why
            process.exit(0);
        }
    }
};

module.exports = {
    activate: function activate(ghost) {
        let privateRoute = `/${PRIVATE_KEYWORD}/`;

        checkSubdir();

        ghost.routeService.registerRouter(privateRoute, router);
        ghost.helperService.registerDir(path.resolve(__dirname, './lib/helpers'));
    },

    setupMiddleware: function setupMiddleware(siteApp) {
        siteApp.use(middleware.checkIsPrivate);
        siteApp.use(middleware.filterPrivateRoutes);
    },

    setupErrorHandling: function setupErrorHandling(siteApp) {
        siteApp.use(middleware.handle404);
    }
};
Refactored helper registration code into a service - The helper registration code is "framework" code and very specific - At the moment the "theme engine" is full of lots of disparate theme related stuff - I'm trying to make the frontend framework code clearer and also expand it to make it more useful - The helper system now also exposes 3 methods allowing you to register a directory, a helper or an alias - I've updated the codebase to use these both for our core helpers and for "apps" 2021-10-04 18:50:07 +03:00			`const path = require('path');`
Removed remaining use of i18n from core/frontend - i18n is an old pattern we are getting rid of in favour of tpl - after removing i18n from helpers, there wasn't many usages of i18n left in the frontend, this removes whats left! - this was done on a branch at the same time as Naz's commits removing i18n from the settings-related files - hence some of these changes are minor amends to add additional messages/change names, rather than just straightup i18n->tpl - it's a merge of both our refactors :) 2021-09-26 22:21:49 +03:00			`const tpl = require('@tryghost/tpl');`
Change to use @tryghost/logging no issue Logging is now controlled by a logginrc.js file in the root of the project - and now we can just import @tryghost/logging everywhere 2021-06-15 17:36:27 +03:00			`const logging = require('@tryghost/logging');`
Refactored `common` lib import to use destructuring (#11835) * refactored `core/frontend/apps` to destructure common imports * refactored `core/frontend/services/{apps, redirects, routing}` to destructure common imports * refactored `core/frontend/services/settings` to destructure common imports * refactored remaining `core/frontend/services` to destructure common imports * refactored `core/server/adapters` to destructure common imports * refactored `core/server/data/{db, exporter, schema, validation}` to destructure common imports * refactored `core/server/data/importer` to destructure common imports * refactored `core/server/models/{base, plugins, relations}` to destructure common imports * refactored remaining `core/server/models` to destructure common imports * refactored `core/server/api/canary/utils/serializers/output` to destructure common imports * refactored remaining `core/server/api/canary/utils` to destructure common imports * refactored remaining `core/server/api/canary` to destructure common imports * refactored `core/server/api/shared` to destructure common imports * refactored `core/server/api/v2/utils` to destructure common imports * refactored remaining `core/server/api/v2` to destructure common imports * refactored `core/frontend/meta` to destructure common imports * fixed some tests referencing `common.errors` instead of `@tryghost/errors` - Not all of them need to be updated; only updating the ones that are causing failures * fixed errors import being shadowed by local scope 2020-05-22 21:22:20 +03:00			`const errors = require('@tryghost/errors');`
Removed remaining use of i18n from core/frontend - i18n is an old pattern we are getting rid of in favour of tpl - after removing i18n from helpers, there wasn't many usages of i18n left in the frontend, this removes whats left! - this was done on a branch at the same time as Naz's commits removing i18n from the settings-related files - hence some of these changes are minor amends to add additional messages/change names, rather than just straightup i18n->tpl - it's a merge of both our refactors :) 2021-09-26 22:21:49 +03:00			`const urlUtils = require('../../../shared/url-utils');`
Updated var declarations to const/let and no lists - All var declarations are now const or let as per ES6 - All comma-separated lists / chained declarations are now one declaration per line - This is for clarity/readability but also made running the var-to-const/let switch smoother - ESLint rules updated to match How this was done: - npm install -g jscodeshift - git clone https://github.com/cpojer/js-codemod.git - git clone git@github.com:TryGhost/Ghost.git shallow-ghost - cd shallow-ghost - jscodeshift -t ../js-codemod/transforms/unchain-variables.js . -v=2 - jscodeshift -t ../js-codemod/transforms/no-vars.js . -v=2 - yarn - yarn test - yarn lint / fix various lint errors (almost all indent) by opening files and saving in vscode - grunt test-regression - sorted! 2020-04-29 18:44:27 +03:00			`const middleware = require('./lib/middleware');`
			`const router = require('./lib/router');`

Removed remaining use of i18n from core/frontend - i18n is an old pattern we are getting rid of in favour of tpl - after removing i18n from helpers, there wasn't many usages of i18n left in the frontend, this removes whats left! - this was done on a branch at the same time as Naz's commits removing i18n from the settings-related files - hence some of these changes are minor amends to add additional messages/change names, rather than just straightup i18n->tpl - it's a merge of both our refactors :) 2021-09-26 22:21:49 +03:00			`const messages = {`
			`urlCannotContainPrivateSubdir: {`
			`error: 'private subdirectory not allowed',`
			`description: 'Your site url in config.js cannot contain a subdirectory called private.',`
			`help: 'Please rename the subdirectory before restarting'`
			`}`
			`};`

Updated var declarations to const/let and no lists - All var declarations are now const or let as per ES6 - All comma-separated lists / chained declarations are now one declaration per line - This is for clarity/readability but also made running the var-to-const/let switch smoother - ESLint rules updated to match How this was done: - npm install -g jscodeshift - git clone https://github.com/cpojer/js-codemod.git - git clone git@github.com:TryGhost/Ghost.git shallow-ghost - cd shallow-ghost - jscodeshift -t ../js-codemod/transforms/unchain-variables.js . -v=2 - jscodeshift -t ../js-codemod/transforms/no-vars.js . -v=2 - yarn - yarn test - yarn lint / fix various lint errors (almost all indent) by opening files and saving in vscode - grunt test-regression - sorted! 2020-04-29 18:44:27 +03:00			`// routeKeywords.private: 'private'`
			`const PRIVATE_KEYWORD = 'private';`
move private-blogging functionality into an internal app closes #5914, #6589 - moves all private-blogging related code & tests into /server/apps/private-blogging/ - rework Grunt to run private-blogging tests - modify server apps code to have a place for internal apps 2016-04-11 16:58:41 +03:00
ES6 migration: server/apps/private-blogging (#9707) refs #9589 2018-06-28 11:50:03 +03:00			`let checkSubdir = function checkSubdir() {`
			`let paths = '';`
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w 2016-10-04 18:33:43 +03:00
Migrated to use url-utils from Ghost-SDK (#10787) closes #10773 - The refactoring is a substitute for `urlService.utils` used previously throughout the codebase and now extracted into the separate module in Ghost-SDK - Added url-utils stubbing utility for test suites - Some tests had to be refactored to avoid double mocks (when url's are being reset inside of rested 'describe' groups) 2019-06-18 16:13:55 +03:00			`if (urlUtils.getSubdir()) {`
			`paths = urlUtils.getSubdir().split('/');`
move private-blogging functionality into an internal app closes #5914, #6589 - moves all private-blogging related code & tests into /server/apps/private-blogging/ - rework Grunt to run private-blogging tests - modify server apps code to have a place for internal apps 2016-04-11 16:58:41 +03:00
Replaced routeKeywords in config with hard coded keywords (#9561) no issue - removed the `routeKeywords` property from the config and used hard coded keywords. - removed `routeKeywords` from public configuration API endpoint, as it's no longer used in the Admin. 2018-04-17 12:36:05 +03:00			`if (paths.pop() === PRIVATE_KEYWORD) {`
Switch to @tryghost/errors from ignition errors package (#13807) refs: TryGhost/Toolbox#147 * Replaces all references to isIgnitionError with isGhostError * Switches use of GhostError to InternalServerError - as GhostError is no longer public There are places where InternalServerError is not the valid error, and new errors should be added to the @tryghost/errors package to ensure that we can use semantically correct errors in those cases. 2021-12-01 13:22:01 +03:00			`logging.error(new errors.InternalServerError({`
Removed remaining use of i18n from core/frontend - i18n is an old pattern we are getting rid of in favour of tpl - after removing i18n from helpers, there wasn't many usages of i18n left in the frontend, this removes whats left! - this was done on a branch at the same time as Naz's commits removing i18n from the settings-related files - hence some of these changes are minor amends to add additional messages/change names, rather than just straightup i18n->tpl - it's a merge of both our refactors :) 2021-09-26 22:21:49 +03:00			`message: tpl(messages.urlCannotContainPrivateSubdir.error),`
			`context: tpl(messages.urlCannotContainPrivateSubdir.description),`
			`help: tpl(messages.urlCannotContainPrivateSubdir.help)`
Highlighted routes, controllers & renderers refs #5091, refs #9192 - There are several theme template "renderers" all over the codebase - Some are in apps, and were called "controllers" - One is in error handling - All of them now have comments marking out how they share logic/steps - Other comments describe routes & controllers where they live 2017-11-05 15:45:43 +03:00			`}));`
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w 2016-10-04 18:33:43 +03:00
Highlighted routes, controllers & renderers refs #5091, refs #9192 - There are several theme template "renderers" all over the codebase - Some are in apps, and were called "controllers" - One is in error handling - All of them now have comments marking out how they share logic/steps - Other comments describe routes & controllers where they live 2017-11-05 15:45:43 +03:00			`// @TODO: why`
			`process.exit(0);`
move private-blogging functionality into an internal app closes #5914, #6589 - moves all private-blogging related code & tests into /server/apps/private-blogging/ - rework Grunt to run private-blogging tests - modify server apps code to have a place for internal apps 2016-04-11 16:58:41 +03:00			`}`
Highlighted routes, controllers & renderers refs #5091, refs #9192 - There are several theme template "renderers" all over the codebase - Some are in apps, and were called "controllers" - One is in error handling - All of them now have comments marking out how they share logic/steps - Other comments describe routes & controllers where they live 2017-11-05 15:45:43 +03:00			`}`
			`};`

			`module.exports = {`
			`activate: function activate(ghost) {`
ES6 migration: server/apps/private-blogging (#9707) refs #9589 2018-06-28 11:50:03 +03:00			let privateRoute = `/${PRIVATE_KEYWORD}/`;
Highlighted routes, controllers & renderers refs #5091, refs #9192 - There are several theme template "renderers" all over the codebase - Some are in apps, and were called "controllers" - One is in error handling - All of them now have comments marking out how they share logic/steps - Other comments describe routes & controllers where they live 2017-11-05 15:45:43 +03:00
			`checkSubdir();`
💄 Misc cleanup in middleware, helpers & apps (#7479) no issue - unsued code: - there are no public assets anymore, might need to use this instead of shared in future, but for now lets remove it to reduce confusion - the `input password` box was incorrectly registered as an admin helper, thinking that was needed in order to render the default template. This isn't needed. - apps: - small structure & comment update to amp app - moving input_password helper into private blogging app - refactor helpers in subscribers app 2016-10-04 20:09:18 +03:00
Highlighted routes, controllers & renderers refs #5091, refs #9192 - There are several theme template "renderers" all over the codebase - Some are in apps, and were called "controllers" - One is in error handling - All of them now have comments marking out how they share logic/steps - Other comments describe routes & controllers where they live 2017-11-05 15:45:43 +03:00			`ghost.routeService.registerRouter(privateRoute, router);`
Refactored helper registration code into a service - The helper registration code is "framework" code and very specific - At the moment the "theme engine" is full of lots of disparate theme related stuff - I'm trying to make the frontend framework code clearer and also expand it to make it more useful - The helper system now also exposes 3 methods allowing you to register a directory, a helper or an alias - I've updated the codebase to use these both for our core helpers and for "apps" 2021-10-04 18:50:07 +03:00			`ghost.helperService.registerDir(path.resolve(__dirname, './lib/helpers'));`
move private-blogging functionality into an internal app closes #5914, #6589 - moves all private-blogging related code & tests into /server/apps/private-blogging/ - rework Grunt to run private-blogging tests - modify server apps code to have a place for internal apps 2016-04-11 16:58:41 +03:00			`},`

Rename blog -> site - We're going to be moving towards this naming convention more - Doing this now makes it easier to name other things 2017-10-26 19:24:08 +03:00			`setupMiddleware: function setupMiddleware(siteApp) {`
			`siteApp.use(middleware.checkIsPrivate);`
			`siteApp.use(middleware.filterPrivateRoutes);`
🐛 Fixed private blogging exposing 404 and robots (#11922) - There were various cases where it was possible to trigger a private site to display a 404 instead of redirecting to /private/ - Private mode was also not always displaying the correct robots.txt - This PR includes tests for all cases in test/frontend-acceptance/default_routes_spec.js & where possible the unit tests have also been updated for completeness - Fixing the 404 issues required - Better handling of paths using req.path instead of req.url in filterPrivateRoutes - Additional error handling, to cover the case that a tag/author RSS feed does not exist - Fixing the robots.txt required the order of middleware to be changed, so that private blogging gets a chance to render first - NOTE private blogging is the only app with a setupMiddleware function so nothing else is affected 2020-06-16 13:42:32 +03:00			`},`

			`setupErrorHandling: function setupErrorHandling(siteApp) {`
			`siteApp.use(middleware.handle404);`
move private-blogging functionality into an internal app closes #5914, #6589 - moves all private-blogging related code & tests into /server/apps/private-blogging/ - rework Grunt to run private-blogging tests - modify server apps code to have a place for internal apps 2016-04-11 16:58:41 +03:00			`}`
			`};`