TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-13 22:53:32 +03:00
Code Issues Projects Releases Wiki Activity
7714dc6ab1
Ghost/core/server/models/user.js

706 lines
26 KiB
JavaScript
Raw Normal View History

Improvements for models #closes #1655 - removed models as parameter for bookshelf-session - changed to read permittedAttributes from schema.js - changed updateTags to be executed at saved event - added validate to execute after saving event - added test for published_at = null (see #2015) - fixed typo in general.hbs
2014-02-19 17:57:26 +04:00
var _ = require('lodash'),
Cleanup indentation and quotes Aligns all requirements vertically for easier reading + adds single quote standard consistently throughout Ghost, except in long strings.
2013-09-24 14:46:30 +04:00
when = require('when'),
Add distinct error classes closes #2690 - added new error classes - moved errorhandling.js to /errors/index.js - changed API errors to use new classes - updated tests
2014-05-09 14:11:29 +04:00
errors = require('../errors'),
Update when.js dependency to version 3.2.3
2014-06-16 07:33:25 +04:00
nodefn = require('when/node'),
Replace nodejs-bcrypt with bcryptjs * https://github.com/shaneGirish/bcrypt-nodejs * https://github.com/dcodeIO/bcrypt.js
2013-10-23 17:00:28 +04:00
bcrypt = require('bcryptjs'),
Updating to bookshelf 0.5.7 & knex 0.4.11
2013-09-23 02:20:08 +04:00
ghostBookshelf = require('./base'),
Add users Gravatar on signup When a user registers try to find their gravatar.
2013-11-11 23:55:22 +04:00
http = require('http'),
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
crypto = require('crypto'),
Add validation from schema.js closes #1401 - added data/validation/index.js - added generic validation for length - added generic validation for nullable - added validations object to schema.js for custom validation - removed pyramid of doom from api/db.js
2014-02-19 21:32:23 +04:00
validator = require('validator'),
Add edit roles refs #3087 - added ability to edit user/roles relation - user is not allowed assign roles to himself - only one role per user is supported atm - added tests
2014-07-22 00:50:43 +04:00
Role = require('./role').Role,
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
Improvements for models #closes #1655 - removed models as parameter for bookshelf-session - changed to read permittedAttributes from schema.js - changed updateTags to be executed at saved event - added validate to execute after saving event - added test for published_at = null (see #2015) - fixed typo in general.hbs
2014-02-19 17:57:26 +04:00
tokenSecurity = {},
User,
Users;
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
function validatePasswordLength(password) {
try {
Update validator to 3.4.0 Closes #1379 - Convert to new api usage for both server-side and client-side - Provide way require a negative response for boolean methods in default-settings.json - Add field validation functional tests - Settings (General) - Title length validation - Description length validation - postsPerPage, numeric, min, max - Settings (User) - Bio Length validation - Location length validation - Url validation - Login - Email validation - Editor - Title required validation
2014-02-28 10:51:52 +04:00
if (!validator.isLength(password, 8)) {
throw new Error('Your password must be at least 8 characters long.');
}
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
} catch (error) {
return when.reject(error);
}
return when.resolve();
}
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
function generatePasswordHash(password) {
// Generate a new salt
return nodefn.call(bcrypt.genSalt).then(function (salt) {
// Hash the provided password with bcrypt
return nodefn.call(bcrypt.hash, password, salt);
});
}
Updating to bookshelf 0.5.7 & knex 0.4.11
2013-09-23 02:20:08 +04:00
User = ghostBookshelf.Model.extend({
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
tableName: 'users',
Ensure generateSlug gets transaction for tags fixes #2460 - add transacting to tag saving - add same to users while we're here
2014-03-25 14:59:15 +04:00
saving: function (newPage, attr, options) {
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
/*jshint unused:false*/
Ensure generateSlug gets transaction for tags fixes #2460 - add transacting to tag saving - add same to users while we're here
2014-03-25 14:59:15 +04:00
Set migrations to use new 000 schema issue #632 - removed old schemas - updated base model to reflect all of the consistent behaviours and properties across the models - updated all models to match the new schema TODO - no fixtures are currently loaded except settings - need to rename properties across the codebase
2013-09-14 23:01:46 +04:00
var self = this;
Improvements for models #closes #1655 - removed models as parameter for bookshelf-session - changed to read permittedAttributes from schema.js - changed updateTags to be executed at saved event - added validate to execute after saving event - added test for published_at = null (see #2015) - fixed typo in general.hbs
2014-02-19 17:57:26 +04:00
// disabling sanitization until we can implement a better version
// this.set('name', this.sanitize('name'));
// this.set('email', this.sanitize('email'));
// this.set('location', this.sanitize('location'));
// this.set('website', this.sanitize('website'));
// this.set('bio', this.sanitize('bio'));
Agressive stripping of the model attributes - fixes #517 - prevents this from occuring again in future with other relations - validation function & stripping done for all models - casper test for flow, plus validation & logged out tests
2013-08-25 14:49:31 +04:00
Improvements for models #closes #1655 - removed models as parameter for bookshelf-session - changed to read permittedAttributes from schema.js - changed updateTags to be executed at saved event - added validate to execute after saving event - added test for published_at = null (see #2015) - fixed typo in general.hbs
2014-02-19 17:57:26 +04:00
ghostBookshelf.Model.prototype.saving.apply(this, arguments);
Set migrations to use new 000 schema issue #632 - removed old schemas - updated base model to reflect all of the consistent behaviours and properties across the models - updated all models to match the new schema TODO - no fixtures are currently loaded except settings - need to rename properties across the codebase
2013-09-14 23:01:46 +04:00
Ensure generateSlug gets transaction for tags fixes #2460 - add transacting to tag saving - add same to users while we're here
2014-03-25 14:59:15 +04:00
if (this.hasChanged('slug') || !this.get('slug')) {
Set migrations to use new 000 schema issue #632 - removed old schemas - updated base model to reflect all of the consistent behaviours and properties across the models - updated all models to match the new schema TODO - no fixtures are currently loaded except settings - need to rename properties across the codebase
2013-09-14 23:01:46 +04:00
// Generating a slug requires a db call to look for conflicting slugs
Ensure generateSlug gets transaction for tags fixes #2460 - add transacting to tag saving - add same to users while we're here
2014-03-25 14:59:15 +04:00
return ghostBookshelf.Model.generateSlug(User, this.get('slug') || this.get('name'),
{transacting: options.transacting})
Set migrations to use new 000 schema issue #632 - removed old schemas - updated base model to reflect all of the consistent behaviours and properties across the models - updated all models to match the new schema TODO - no fixtures are currently loaded except settings - need to rename properties across the codebase
2013-09-14 23:01:46 +04:00
.then(function (slug) {
self.set({slug: slug});
});
}
Escaping several fields to prevent XSS issue #938 - escapes post's title field - escapes settings title, description, email - escapes user's name field - includes test for post title
2013-10-07 21:02:57 +04:00
},
Extending context concept to models fixes #3275, fixes #3290, ref #3086, ref #3084 - Ensure that we use the current logged in user and not just user 1 when - removing hard coded user: 1 except where absolutely necessary - passing context, rather than user to models - base model has a new function to determine what id to use for created_by etc
2014-07-15 15:03:12 +04:00
// Get the user from the options object
contextUser: function (options) {
// Default to context user
if (options.context && options.context.user) {
return options.context.user;
// Other wise use the internal override
} else if (options.context && options.context.internal) {
return 1;
// This is the user object, so try using this user's id
} else if (this.get('id')) {
return this.get('id');
} else {
errors.logAndThrowError(new Error('missing context'));
}
},
Refactor omit of password - remove password in toJSON() instead of filtering every occurrence of user - changed faulty error type ‚NotFound‘ to ‚NoPermission‘
2014-05-06 14:14:58 +04:00
toJSON: function (options) {
var attrs = ghostBookshelf.Model.prototype.toJSON.call(this, options);
// remove password hash for security reasons
delete attrs.password;
Sanitize models' attributes/options before passing to bookshelf/knex closes #2653 - enforce strict whitelists for model methods - create a class method that reports a model method's valid options - create a class method that filters a model's valid attributes from data - create a class method that filters valid options from a model method's options hash
2014-05-06 05:45:08 +04:00
Refactor omit of password - remove password in toJSON() instead of filtering every occurrence of user - changed faulty error type ‚NotFound‘ to ‚NoPermission‘
2014-05-06 14:14:58 +04:00
return attrs;
},
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
posts: function () {
Use bookshelf's model registry plugin Refs #2170 This removes the circular dependency problem from our models thanks to https://github.com/tgriesser/bookshelf/issues/181 - add the registry plugin - switch all models and collections to be registered - switch relationships to be defined using a string, which calls from the registry
2014-07-13 15:17:18 +04:00
return this.hasMany('Posts', 'created_by');
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
roles: function () {
Use bookshelf's model registry plugin Refs #2170 This removes the circular dependency problem from our models thanks to https://github.com/tgriesser/bookshelf/issues/181 - add the registry plugin - switch all models and collections to be registered - switch relationships to be defined using a string, which calls from the registry
2014-07-13 15:17:18 +04:00
return this.belongsToMany('Role');
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
permissions: function () {
Use bookshelf's model registry plugin Refs #2170 This removes the circular dependency problem from our models thanks to https://github.com/tgriesser/bookshelf/issues/181 - add the registry plugin - switch all models and collections to be registered - switch relationships to be defined using a string, which calls from the registry
2014-07-13 15:17:18 +04:00
return this.belongsToMany('Permission');
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
}
}, {
Sanitize models' attributes/options before passing to bookshelf/knex closes #2653 - enforce strict whitelists for model methods - create a class method that reports a model method's valid options - create a class method that filters a model's valid attributes from data - create a class method that filters valid options from a model method's options hash
2014-05-06 05:45:08 +04:00
/**
* Returns an array of keys permitted in a method's `options` hash, depending on the current method.
* @param {String} methodName The name of the method to check valid options for.
* @return {Array} Keys allowed in the `options` hash of the model's method.
*/
permittedOptions: function (methodName) {
var options = ghostBookshelf.Model.permittedOptions(),
// whitelists for the `options` hash argument on methods, by method name.
// these are the only options that can be passed to Bookshelf / Knex.
validOptions = {
findOne: ['withRelated'],
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
findAll: ['withRelated'],
Extending context concept to models fixes #3275, fixes #3290, ref #3086, ref #3084 - Ensure that we use the current logged in user and not just user 1 when - removing hard coded user: 1 except where absolutely necessary - passing context, rather than user to models - base model has a new function to determine what id to use for created_by etc
2014-07-15 15:03:12 +04:00
setup: ['id'],
Pagination for Users Management screen closes #3222 - implementing server-side pagination for /users API - passing /users?limit=none will return all users - passing /users?status=invited will filter base on user status - creating 3 mixins (route, controller and view) to keep pagination logic DRY - updating route, controller and view for Posts to use new mixing - implementing infinite scrolling for Users Management screen (using new mixins) - Users Management screen displays all invited users, but paginates active users
2014-07-20 20:42:03 +04:00
edit: ['withRelated', 'id'],
findPage: ['page', 'limit', 'status']
Sanitize models' attributes/options before passing to bookshelf/knex closes #2653 - enforce strict whitelists for model methods - create a class method that reports a model method's valid options - create a class method that filters a model's valid attributes from data - create a class method that filters valid options from a model method's options hash
2014-05-06 05:45:08 +04:00
};
if (validOptions[methodName]) {
options = options.concat(validOptions[methodName]);
}
return options;
},
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
/**
* ### Find All
*
* @param options
* @returns {*}
*/
findAll: function (options) {
options = options || {};
options.withRelated = _.union([ 'roles' ], options.include);
return ghostBookshelf.Model.findAll.call(this, options);
},
Pagination for Users Management screen closes #3222 - implementing server-side pagination for /users API - passing /users?limit=none will return all users - passing /users?status=invited will filter base on user status - creating 3 mixins (route, controller and view) to keep pagination logic DRY - updating route, controller and view for Posts to use new mixing - implementing infinite scrolling for Users Management screen (using new mixins) - Users Management screen displays all invited users, but paginates active users
2014-07-20 20:42:03 +04:00
/**
* #### findPage
* Find results by page - returns an object containing the
* information about the request (page, limit), along with the
* info needed for pagination (pages, total).
*
* **response:**
*
* {
* users: [
* {...}, {...}, {...}
* ],
* meta: {
* page: __,
* limit: __,
* pages: __,
* total: __
* }
* }
*
* @params {Object} options
*/
findPage: function (options) {
options = options || {};
var userCollection = Users.forge(),
userQuery;
if (options.limit && options.limit !== 'all') {
options.limit = parseInt(options.limit) || 15;
}
options = this.filterOptions(options, 'findPage');
// Set default settings for options
options = _.extend({
page: 1, // pagination page
limit: 15,
status: 'active',
where: {}
}, options);
//TODO: there are multiple statuses that make a user "active" or "invited" - we a way to translate/map them:
//TODO (cont'd from above): * valid "active" statuses: active, warn-1, warn-2, warn-3, warn-4, locked
//TODO (cont'd from above): * valid "invited" statuses" invited, invited-pending
Improve handling of users and roles in admin Closes #3083 Refs #3229 - Populates the dropdown list in the invite user menu with the list of roles a user is permitted to create. - Users API now checks the invite user request for allowed roles. - Change API response from 200 to 201 on successful invitation. - Change API response from 500 to 201 when the user was created but the email was not sent. The client will show a warning notification when it sees 'invite-pending' as the new user's status. - Add support for "?status=all" to the /users endpoint. - Refactor the route and controller for the /settings/users page so that there's only one network API call to load users instead of two.
2014-07-23 10:13:20 +04:00
// Filter on the status. A status of 'all' translates to no filter since we want all statuses
if (options.status && options.status !== 'all') {
Pagination for Users Management screen closes #3222 - implementing server-side pagination for /users API - passing /users?limit=none will return all users - passing /users?status=invited will filter base on user status - creating 3 mixins (route, controller and view) to keep pagination logic DRY - updating route, controller and view for Posts to use new mixing - implementing infinite scrolling for Users Management screen (using new mixins) - Users Management screen displays all invited users, but paginates active users
2014-07-20 20:42:03 +04:00
// make sure that status is valid
//TODO: need a better way of getting a list of statuses other than hard-coding them...
options.status = _.indexOf(['active', 'warn-1', 'warn-2', 'warn-3', 'locked', 'invited'], options.status) !== -1 ? options.status : 'active';
options.where.status = options.status;
}
// If there are where conditionals specified, add those
// to the query.
if (options.where) {
userCollection.query('where', options.where);
}
// Add related objects
options.withRelated = _.union([ 'roles' ], options.include);
//only include a limit-query if a numeric limit is provided
if (_.isNumber(options.limit)) {
userCollection
.query('limit', options.limit)
.query('offset', options.limit * (options.page - 1));
}
userQuery = userCollection
.query('orderBy', 'last_login', 'DESC')
.query('orderBy', 'name', 'ASC')
.query('orderBy', 'created_at', 'DESC')
.fetch(_.omit(options, 'page', 'limit'));
return when(userQuery)
// Fetch pagination information
.then(function () {
var qb,
tableName = _.result(userCollection, 'tableName'),
idAttribute = _.result(userCollection, 'idAttribute');
// After we're done, we need to figure out what
// the limits are for the pagination values.
qb = ghostBookshelf.knex(tableName);
if (options.where) {
qb.where(options.where);
}
return qb.count(tableName + '.' + idAttribute + ' as aggregate');
})
// Format response of data
.then(function (resp) {
var totalUsers = parseInt(resp[0].aggregate, 10),
calcPages = Math.ceil(totalUsers / options.limit),
pagination = {},
meta = {},
data = {};
pagination.page = parseInt(options.page, 10);
pagination.limit = options.limit;
pagination.pages = calcPages === 0 ? 1 : calcPages;
pagination.total = totalUsers;
pagination.next = null;
pagination.prev = null;
// Pass include to each model so that toJSON works correctly
if (options.include) {
_.each(userCollection.models, function (item) {
item.include = options.include;
});
}
data.users = userCollection.toJSON();
data.meta = meta;
meta.pagination = pagination;
if (pagination.pages > 1) {
if (pagination.page === 1) {
pagination.next = pagination.page + 1;
} else if (pagination.page === pagination.pages) {
pagination.prev = pagination.page - 1;
} else {
pagination.next = pagination.page + 1;
pagination.prev = pagination.page - 1;
}
}
return data;
})
.catch(errors.logAndThrowError);
},
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
/**
* ### Find One
* @extends ghostBookshelf.Model.findOne to include roles
* **See:** [ghostBookshelf.Model.findOne](base.js.html#Find%20One)
*/
findOne: function (data, options) {
options = options || {};
options.withRelated = _.union([ 'roles' ], options.include);
Extending context concept to models fixes #3275, fixes #3290, ref #3086, ref #3084 - Ensure that we use the current logged in user and not just user 1 when - removing hard coded user: 1 except where absolutely necessary - passing context, rather than user to models - base model has a new function to determine what id to use for created_by etc
2014-07-15 15:03:12 +04:00
// Support finding by role
if (data.role) {
options.withRelated = [{
'roles': function (qb) {
qb.where('name', data.role);
}
}];
delete data.role;
}
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
return ghostBookshelf.Model.findOne.call(this, data, options);
},
/**
* ### Edit
* @extends ghostBookshelf.Model.edit to handle returning the full object
* **See:** [ghostBookshelf.Model.edit](base.js.html#edit)
*/
edit: function (data, options) {
Add edit roles refs #3087 - added ability to edit user/roles relation - user is not allowed assign roles to himself - only one role per user is supported atm - added tests
2014-07-22 00:50:43 +04:00
var self = this,
adminRole,
Fix incorrect error closes #3373 - added check if role is already assigned - added check for unknown fields to fixDates/fixBools - permissions are not implemented yet, so everyone is able to edit owner ;-)
2014-07-24 12:17:10 +04:00
ownerRole,
roleId;
Add edit roles refs #3087 - added ability to edit user/roles relation - user is not allowed assign roles to himself - only one role per user is supported atm - added tests
2014-07-22 00:50:43 +04:00
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
options = options || {};
options.withRelated = _.union([ 'roles' ], options.include);
Add edit roles refs #3087 - added ability to edit user/roles relation - user is not allowed assign roles to himself - only one role per user is supported atm - added tests
2014-07-22 00:50:43 +04:00
return ghostBookshelf.Model.edit.call(this, data, options).then(function (user) {
if (data.roles) {
Fix incorrect error closes #3373 - added check if role is already assigned - added check for unknown fields to fixDates/fixBools - permissions are not implemented yet, so everyone is able to edit owner ;-)
2014-07-24 12:17:10 +04:00
roleId = parseInt(data.roles[0].id || data.roles[0], 10);
Add edit roles refs #3087 - added ability to edit user/roles relation - user is not allowed assign roles to himself - only one role per user is supported atm - added tests
2014-07-22 00:50:43 +04:00
if (user.id === options.context.user) {
return when.reject(new errors.ValidationError('You are not allowed to assign a new role to yourself'));
}
if (data.roles.length > 1) {
return when.reject(new errors.ValidationError('Only one role per user is supported at the moment.'));
}
Fix incorrect error closes #3373 - added check if role is already assigned - added check for unknown fields to fixDates/fixBools - permissions are not implemented yet, so everyone is able to edit owner ;-)
2014-07-24 12:17:10 +04:00
return user.roles().fetch().then(function (roles) {
// return if the role is already assigned
if (roles.models[0].id === roleId) {
return user;
}
return Role.findOne({id: roleId});
}).then(function (role) {
Update Users API to handle role objects or ids Closes #3357 - API method User#edit now handles User objects that have either an array of Role ids or objects. - Fixed error handler notification on upload modal controller.
2014-07-22 09:27:50 +04:00
if (role && role.get('name') === 'Owner') {
Add edit roles refs #3087 - added ability to edit user/roles relation - user is not allowed assign roles to himself - only one role per user is supported atm - added tests
2014-07-22 00:50:43 +04:00
// Get admin and owner role
return Role.findOne({name: 'Administrator'}).then(function (result) {
adminRole = result;
return Role.findOne({name: 'Owner'});
}).then(function (result) {
ownerRole = result;
return User.findOne({id: options.context.user});
}).then(function (contextUser) {
// check if user has the owner role
var currentRoles = contextUser.toJSON().roles;
if (!_.contains(currentRoles, ownerRole.id)) {
return when.reject(new errors.ValidationError('Only owners are able to transfer the owner role.'));
}
// convert owner to admin
return contextUser.roles().updatePivot({role_id: adminRole.id});
}).then(function () {
// assign owner role to a new user
return user.roles().updatePivot({role_id: ownerRole.id});
});
} else {
// assign all other roles
Fix incorrect error closes #3373 - added check if role is already assigned - added check for unknown fields to fixDates/fixBools - permissions are not implemented yet, so everyone is able to edit owner ;-)
2014-07-24 12:17:10 +04:00
return user.roles().updatePivot({role_id: roleId});
Add edit roles refs #3087 - added ability to edit user/roles relation - user is not allowed assign roles to himself - only one role per user is supported atm - added tests
2014-07-22 00:50:43 +04:00
}
}).then(function () {
return self.findOne(user, options);
});
}
return user;
});
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
},
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
/**
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
* ## Add
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
* Naive user add
* Hashes the password provided before saving to the database.
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
*
* @param {object} data
* @param {object} options
* @extends ghostBookshelf.Model.add to manage all aspects of user signup
* **See:** [ghostBookshelf.Model.add](base.js.html#Add)
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
*/
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
add: function (data, options) {
Edit Post Permissions
2013-08-16 03:22:08 +04:00
var self = this,
// Clone the _user so we don't expose the hashed password unnecessarily
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
userData = this.filterData(data);
Sanitize models' attributes/options before passing to bookshelf/knex closes #2653 - enforce strict whitelists for model methods - create a class method that reports a model method's valid options - create a class method that filters a model's valid attributes from data - create a class method that filters valid options from a model method's options hash
2014-05-06 05:45:08 +04:00
options = this.filterOptions(options, 'add');
closes #3197 - added role to user obj (only returned from the user endpoint) - added `/users/?include=roles` and `/users/?include=roles,roles.permissions` query parameters - added and updated tests
2014-07-08 20:00:59 +04:00
options.withRelated = _.union([ 'roles' ], options.include);
Sanitize models' attributes/options before passing to bookshelf/knex closes #2653 - enforce strict whitelists for model methods - create a class method that reports a model method's valid options - create a class method that filters a model's valid attributes from data - create a class method that filters valid options from a model method's options hash
2014-05-06 05:45:08 +04:00
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
return validatePasswordLength(userData.password).then(function () {
return self.forge().fetch();
}).then(function () {
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
// Generate a new password hash
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
return generatePasswordHash(data.password);
Edit Post Permissions
2013-08-16 03:22:08 +04:00
}).then(function (hash) {
// Assign the hashed password
userData.password = hash;
Add users Gravatar on signup When a user registers try to find their gravatar.
2013-11-11 23:55:22 +04:00
// LookupGravatar
return self.gravatarLookup(userData);
}).then(function (userData) {
Edit Post Permissions
2013-08-16 03:22:08 +04:00
// Save the user with the hashed password
Use current user in models closes #2058 - fixed apiContext as suggested in the issue - added user to options object for models - added api.users.register() for public registration - changed models to use options.user for created_by, updated_by, author_id and published_by - added override to session model to avoid created_by and updated_by values - added user (id: 1) to tests - added user (id: 1) for registration - added user (id: 1) for import, fixtures and default settings - added user (id: 1) for user update - added user (id: 1) for settings update (dbHash, installedApps, update check) - updated bookshelf to version 0.6.8
2014-04-03 17:03:09 +04:00
return ghostBookshelf.Model.add.call(self, userData, options);
Edit Post Permissions
2013-08-16 03:22:08 +04:00
}).then(function (addedUser) {
// Assign the userData to our created user so we can pass it back
userData = addedUser;
Invite user API closes #3080 - added users.invite() to add user from email with random password - added `GET /ghost/api/v0.1/users/` to invite users and resend invitations - removed one user limit - added global utils for uid generation - changed some „“ to ‚‘
2014-07-02 18:22:18 +04:00
if (!data.role) {
// TODO: needs change when owner role is introduced and setup is changed
data.role = 1;
}
return userData.roles().attach(data.role);
Edit Post Permissions
2013-08-16 03:22:08 +04:00
}).then(function (addedUserRole) {
Replace JSLint with JSHint. closes #2277 - Added ES6 linting to core/client/ - Fix typeof array comparison
2014-02-27 06:44:09 +04:00
/*jshint unused:false*/
Move user API to primary document format closes #2593 - added new format to user API methods - changed all places where the user api was used - updated tests and added more coverage - little bit of cleanup in utils/api
2014-04-29 00:42:38 +04:00
// find and return the added user
return self.findOne({id: userData.id}, options);
Added validation for signup and login screens Closes #374 * Included node-validator as a package * Implemented server side validation (the client side js is a mess, need a LOT of work) * Validates email address both on signup and login screens, gives error message on malformed email addresses * Requires at least 8 chars of password * Tells user if password is too short * Tells user if no such user on login * Tells user if wrong password on login * Tells user if server responds with a 404 (goes away, dies, etc) * Added middleware between req and login / signup for validation
2013-08-19 01:50:42 +04:00
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
Setup hijacks owner user closes #3074 - user generated by fixture is hijacked - user is updated with name, email, password, slug and status - creates new user if db is migrated but no user exists - previously removed tests are back
2014-07-10 21:29:51 +04:00
setup: function (data, options) {
var self = this,
userData = this.filterData(data);
Move setup to API closes #3136 - moved setup to authentication API - added `POST /ghost/api/v0.1/authentication/setup` to execute the setup process - added `GET /ghost/api/v0.1/authentication/setup` to check if blog is already set up (needed for #3145) - removed unused methods from api/users.js
2014-07-11 16:17:09 +04:00
Setup hijacks owner user closes #3074 - user generated by fixture is hijacked - user is updated with name, email, password, slug and status - creates new user if db is migrated but no user exists - previously removed tests are back
2014-07-10 21:29:51 +04:00
options = this.filterOptions(options, 'setup');
options.withRelated = _.union([ 'roles' ], options.include);
Move setup to API closes #3136 - moved setup to authentication API - added `POST /ghost/api/v0.1/authentication/setup` to execute the setup process - added `GET /ghost/api/v0.1/authentication/setup` to check if blog is already set up (needed for #3145) - removed unused methods from api/users.js
2014-07-11 16:17:09 +04:00
Setup hijacks owner user closes #3074 - user generated by fixture is hijacked - user is updated with name, email, password, slug and status - creates new user if db is migrated but no user exists - previously removed tests are back
2014-07-10 21:29:51 +04:00
return validatePasswordLength(userData.password).then(function () {
// Generate a new password hash
return generatePasswordHash(data.password);
}).then(function (hash) {
// Assign the hashed password
userData.password = hash;
// LookupGravatar
return self.gravatarLookup(userData);
}).then(function (userWithGravatar) {
userData = userWithGravatar;
// Generate a new slug
return ghostBookshelf.Model.generateSlug.call(this, User, userData.name, options);
}).then(function (slug) {
// Assign slug and save the updated user
userData.slug = slug;
return self.edit.call(self, userData, options);
});
},
Permissions Improvements refs #3083, #3096 In order to implement advanced permissions based on roles for specific actions, we need to know what role the current context user has and also what action we are granting permissions for: - Permissible gets passed the action type - Effective permissions keeps the user role and eventually passes it to permissible - Fixed spelling - Still needs tests
2014-07-23 22:17:29 +04:00
permissible: function (userModelOrId, action, context, loadedPermissions, hasUserPermission, hasAppPermission) {
Add permissions to API closes #2264 - added permissions check to db, users and posts - added register method to users - added doesUserExist method to users - added user from session to internal calls - changed permissible to overwrite canThis - removed action map and action type from permissable method
2014-04-08 17:40:33 +04:00
var self = this,
Add apps permissable checks in posts and users Closes #2738 - Re-introduce the TargetModel.permissable interface check in the regular permission flow path - Pass loadedPermissions, hasUserPermission and hasAppPermission to permissable interface to reduce logic necessary - Refactor recursive call to pass original arguments but with actual model - Refactor canThis(this.user) use in api/posts.js to just canThis(this)
2014-05-14 05:49:07 +04:00
userModel = userModelOrId,
origArgs;
Add permissions to API closes #2264 - added permissions check to db, users and posts - added register method to users - added doesUserExist method to users - added user from session to internal calls - changed permissible to overwrite canThis - removed action map and action type from permissable method
2014-04-08 17:40:33 +04:00
// If we passed in an id instead of a model, get the model
// then check the permissions
if (_.isNumber(userModelOrId) || _.isString(userModelOrId)) {
Add apps permissable checks in posts and users Closes #2738 - Re-introduce the TargetModel.permissable interface check in the regular permission flow path - Pass loadedPermissions, hasUserPermission and hasAppPermission to permissable interface to reduce logic necessary - Refactor recursive call to pass original arguments but with actual model - Refactor canThis(this.user) use in api/posts.js to just canThis(this)
2014-05-14 05:49:07 +04:00
// Grab the original args without the first one
origArgs = _.toArray(arguments).slice(1);
// Get the actual post model
Consistency in model method naming - The API has the BREAD naming for methods - The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility - browse, read, update, create, and delete, which were effectively just aliases, have all been removed. - added jsDoc for the model methods
2014-05-05 19:18:38 +04:00
return this.findOne({id: userModelOrId}).then(function (foundUserModel) {
Add apps permissable checks in posts and users Closes #2738 - Re-introduce the TargetModel.permissable interface check in the regular permission flow path - Pass loadedPermissions, hasUserPermission and hasAppPermission to permissable interface to reduce logic necessary - Refactor recursive call to pass original arguments but with actual model - Refactor canThis(this.user) use in api/posts.js to just canThis(this)
2014-05-14 05:49:07 +04:00
// Build up the original args but substitute with actual model
var newArgs = [foundUserModel].concat(origArgs);
Permissions Improvements refs #3083, #3096 In order to implement advanced permissions based on roles for specific actions, we need to know what role the current context user has and also what action we are granting permissions for: - Permissible gets passed the action type - Effective permissions keeps the user role and eventually passes it to permissible - Fixed spelling - Still needs tests
2014-07-23 22:17:29 +04:00
return self.permissible.apply(self, newArgs);
Add permissions to API closes #2264 - added permissions check to db, users and posts - added register method to users - added doesUserExist method to users - added user from session to internal calls - changed permissible to overwrite canThis - removed action map and action type from permissable method
2014-04-08 17:40:33 +04:00
}, errors.logAndThrowError);
}
Add apps permissable checks in posts and users Closes #2738 - Re-introduce the TargetModel.permissable interface check in the regular permission flow path - Pass loadedPermissions, hasUserPermission and hasAppPermission to permissable interface to reduce logic necessary - Refactor recursive call to pass original arguments but with actual model - Refactor canThis(this.user) use in api/posts.js to just canThis(this)
2014-05-14 05:49:07 +04:00
if (userModel) {
// If this is the same user that requests the operation allow it.
hasUserPermission = hasUserPermission || context.user === userModel.get('id');
}
if (hasUserPermission && hasAppPermission) {
Add permissions to API closes #2264 - added permissions check to db, users and posts - added register method to users - added doesUserExist method to users - added user from session to internal calls - changed permissible to overwrite canThis - removed action map and action type from permissable method
2014-04-08 17:40:33 +04:00
return when.resolve();
}
Add apps permissable checks in posts and users Closes #2738 - Re-introduce the TargetModel.permissable interface check in the regular permission flow path - Pass loadedPermissions, hasUserPermission and hasAppPermission to permissable interface to reduce logic necessary - Refactor recursive call to pass original arguments but with actual model - Refactor canThis(this.user) use in api/posts.js to just canThis(this)
2014-05-14 05:49:07 +04:00
Add permissions to API closes #2264 - added permissions check to db, users and posts - added register method to users - added doesUserExist method to users - added user from session to internal calls - changed permissible to overwrite canThis - removed action map and action type from permissable method
2014-04-08 17:40:33 +04:00
return when.reject();
},
Adds login limiter Closes #499 * On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked` * On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords. * login attempts tell user how many attempts she has remaining in notification box * successful login will reset status to `active` * resetting password with forgotten password emailed token resets status to `active` * complete with a test suite
2013-11-29 04:28:01 +04:00
setWarning: function (user) {
var status = user.get('status'),
regexp = /warn-(\d+)/i,
level;
if (status === 'active') {
user.set('status', 'warn-1');
level = 1;
} else {
level = parseInt(status.match(regexp)[1], 10) + 1;
if (level > 3) {
user.set('status', 'locked');
} else {
user.set('status', 'warn-' + level);
}
}
return when(user.save()).then(function () {
return 5 - level;
});
},
Minor code cleanup, docs and other bits & pieces
2013-08-06 23:27:56 +04:00
// Finds the user by email, and checks the password
oAuth closes #2759 closes #3027 - added oauth2orize library for server side oAuth handling - added ember-simple-auth library for admin oAuth handling - added tables for client, accesstoken and refreshtoken - implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant - updated api tests with oAuth - removed session, authentication is now token based Known issues: - Restore spam prevention #3128 - Signin after Signup #3125 - Signin validation #3125 **Attention** - oldClient doesn't work with this PR anymore, session authentication was removed
2014-06-30 16:58:10 +04:00
check: function (object) {
Adds login limiter Closes #499 * On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked` * On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords. * login attempts tell user how many attempts she has remaining in notification box * successful login will reset status to `active` * resetting password with forgotten password emailed token resets status to `active` * complete with a test suite
2013-11-29 04:28:01 +04:00
var self = this,
s;
oAuth closes #2759 closes #3027 - added oauth2orize library for server side oAuth handling - added ember-simple-auth library for admin oAuth handling - added tables for client, accesstoken and refreshtoken - implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant - updated api tests with oAuth - removed session, authentication is now token based Known issues: - Restore spam prevention #3128 - Signin after Signup #3125 - Signin validation #3125 **Attention** - oldClient doesn't work with this PR anymore, session authentication was removed
2014-06-30 16:58:10 +04:00
return this.getByEmail(object.email).then(function (user) {
Signin: Proper notification if user not found closes #3374 - If user object is returned but undefined, we'll display a human-readable error notification (user model) - If user object is returned, but the user is inactive or invited (but not activated), we'll display a human-readable error notification
2014-07-24 19:34:52 +04:00
if (!user) {
return when.reject(new errors.NotFoundError('There is no user with that email address.'));
}
if (user.get('status') === 'invited' || user.get('status') === 'invited-pending'
Restored spam prevention closes #3128 - added spam prevention middleware - restored tests
2014-07-17 16:22:07 +04:00
|| user.get('status') === 'inactive') {
Signin: Proper notification if user not found closes #3374 - If user object is returned but undefined, we'll display a human-readable error notification (user model) - If user object is returned, but the user is inactive or invited (but not activated), we'll display a human-readable error notification
2014-07-24 19:34:52 +04:00
return when.reject(new Error('The user with that email address is inactive.'));
Invite user API closes #3080 - added users.invite() to add user from email with random password - added `GET /ghost/api/v0.1/users/` to invite users and resend invitations - removed one user limit - added global utils for uid generation - changed some „“ to ‚‘
2014-07-02 18:22:18 +04:00
}
Adds login limiter Closes #499 * On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked` * On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords. * login attempts tell user how many attempts she has remaining in notification box * successful login will reset status to `active` * resetting password with forgotten password emailed token resets status to `active` * complete with a test suite
2013-11-29 04:28:01 +04:00
if (user.get('status') !== 'locked') {
oAuth closes #2759 closes #3027 - added oauth2orize library for server side oAuth handling - added ember-simple-auth library for admin oAuth handling - added tables for client, accesstoken and refreshtoken - implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant - updated api tests with oAuth - removed session, authentication is now token based Known issues: - Restore spam prevention #3128 - Signin after Signup #3125 - Signin validation #3125 **Attention** - oldClient doesn't work with this PR anymore, session authentication was removed
2014-06-30 16:58:10 +04:00
return nodefn.call(bcrypt.compare, object.password, user.get('password')).then(function (matched) {
Adds login limiter Closes #499 * On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked` * On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords. * login attempts tell user how many attempts she has remaining in notification box * successful login will reset status to `active` * resetting password with forgotten password emailed token resets status to `active` * complete with a test suite
2013-11-29 04:28:01 +04:00
if (!matched) {
return when(self.setWarning(user)).then(function (remaining) {
s = (remaining > 1) ? 's' : '';
Restored spam prevention closes #3128 - added spam prevention middleware - restored tests
2014-07-17 16:22:07 +04:00
return when.reject(new errors.UnauthorizedError('Your password is incorrect.<br>' +
Adds login limiter Closes #499 * On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked` * On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords. * login attempts tell user how many attempts she has remaining in notification box * successful login will reset status to `active` * resetting password with forgotten password emailed token resets status to `active` * complete with a test suite
2013-11-29 04:28:01 +04:00
remaining + ' attempt' + s + ' remaining!'));
});
}
Added populate last login time closes #2515 - sets last_login when user is saved if user status changed to active - added integration test in user Basic Operations
2014-03-27 19:28:34 +04:00
return when(user.set({status : 'active', last_login : new Date()}).save()).then(function (user) {
Adds login limiter Closes #499 * On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked` * On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords. * login attempts tell user how many attempts she has remaining in notification box * successful login will reset status to `active` * resetting password with forgotten password emailed token resets status to `active` * complete with a test suite
2013-11-29 04:28:01 +04:00
return user;
});
}, errors.logAndThrowError);
}
Restored spam prevention closes #3128 - added spam prevention middleware - restored tests
2014-07-17 16:22:07 +04:00
return when.reject(new errors.NoPermissionError('Your account is locked due to too many ' +
Adds login limiter Closes #499 * On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked` * On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords. * login attempts tell user how many attempts she has remaining in notification box * successful login will reset status to `active` * resetting password with forgotten password emailed token resets status to `active` * complete with a test suite
2013-11-29 04:28:01 +04:00
'login attempts. Please reset your password to log in again by clicking ' +
'the "Forgotten password?" link!'));
Current user added Closes #340. Closes #375 * Replaced session with id of current user * Added method to ghostlocals to always send profile picture and full name to templates (template checks if falsy) * Modified user saving (`forge().set(new).save()` died on me, `forge().save(new)` didn't) * If user has profile picture, that will be used * If user has name, that will be used * Password changing doesn't care about your email. Uses cookies. Tasty! * User pane uses current user id. Had to set path to me, otherwise goes to `browse` instead of `read`. * Added logic to user api to check for `id === 'me'`, and then use the cookie value * User data saves are now correct * There is no logout error
2013-08-09 05:22:49 +04:00
}, function (error) {
Adding case-insensitive User.getByEmail method fixes #1498 - emails are no longer converted to lowercase, local mailbox can validly be mixed case - getByEmail uses JS to compare emails to ensure we can support unicode - tests that users can be retrieved by their email address with case insensitivity
2014-01-15 02:47:17 +04:00
if (error.message === 'NotFound' || error.message === 'EmptyResponse') {
Signin: Proper notification if user not found closes #3374 - If user object is returned but undefined, we'll display a human-readable error notification (user model) - If user object is returned, but the user is inactive or invited (but not activated), we'll display a human-readable error notification
2014-07-24 19:34:52 +04:00
return when.reject(new errors.NotFoundError('There is no user with that email address.'));
Adding case-insensitive User.getByEmail method fixes #1498 - emails are no longer converted to lowercase, local mailbox can validly be mixed case - getByEmail uses JS to compare emails to ensure we can support unicode - tests that users can be retrieved by their email address with case insensitivity
2014-01-15 02:47:17 +04:00
}
return when.reject(error);
Current user added Closes #340. Closes #375 * Replaced session with id of current user * Added method to ghostlocals to always send profile picture and full name to templates (template checks if falsy) * Modified user saving (`forge().set(new).save()` died on me, `forge().save(new)` didn't) * If user has profile picture, that will be used * If user has name, that will be used * Password changing doesn't care about your email. Uses cookies. Tasty! * User pane uses current user id. Had to set path to me, otherwise goes to `browse` instead of `read`. * Added logic to user api to check for `id === 'me'`, and then use the cookie value * User data saves are now correct * There is no logout error
2013-08-09 05:22:49 +04:00
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
/**
* Naive change password method
Update & grunt-groc and fix docs errors issue #2622 - Updated grunt-groc to 0.4.5 - Fixed the few places which made the docs fail to generate - There is still a mix of styles
2014-04-21 22:04:20 +04:00
* @param {object} _userdata email, old pw, new pw, new pw2
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
*/
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
changePassword: function (oldPassword, newPassword, ne2Password, options) {
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
var self = this,
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
userid = options.context.user,
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
user = null;
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
if (newPassword !== ne2Password) {
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
return when.reject(new Error('Your new passwords do not match'));
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
}
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
return validatePasswordLength(newPassword).then(function () {
return self.forge({id: userid}).fetch({require: true});
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
}).then(function (_user) {
user = _user;
return nodefn.call(bcrypt.compare, oldPassword, user.get('password'));
}).then(function (matched) {
if (!matched) {
return when.reject(new Error('Your password is incorrect'));
}
Replace nodejs-bcrypt with bcryptjs * https://github.com/shaneGirish/bcrypt-nodejs * https://github.com/dcodeIO/bcrypt.js
2013-10-23 17:00:28 +04:00
return nodefn.call(bcrypt.genSalt);
}).then(function (salt) {
return nodefn.call(bcrypt.hash, newPassword, salt);
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
}).then(function (hash) {
user.save({password: hash});
return user;
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
});
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
},
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
generateResetToken: function (email, expires, dbHash) {
Adding case-insensitive User.getByEmail method fixes #1498 - emails are no longer converted to lowercase, local mailbox can validly be mixed case - getByEmail uses JS to compare emails to ensure we can support unicode - tests that users can be retrieved by their email address with case insensitivity
2014-01-15 02:47:17 +04:00
return this.getByEmail(email).then(function (foundUser) {
Invite user API closes #3080 - added users.invite() to add user from email with random password - added `GET /ghost/api/v0.1/users/` to invite users and resend invitations - removed one user limit - added global utils for uid generation - changed some „“ to ‚‘
2014-07-02 18:22:18 +04:00
if (!foundUser) {
return when.reject(new Error('NotFound'));
}
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
var hash = crypto.createHash('sha256'),
Extending context concept to models fixes #3275, fixes #3290, ref #3086, ref #3084 - Ensure that we use the current logged in user and not just user 1 when - removing hard coded user: 1 except where absolutely necessary - passing context, rather than user to models - base model has a new function to determine what id to use for created_by etc
2014-07-15 15:03:12 +04:00
text = '';
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
// Token:
// BASE64(TIMESTAMP + email + HASH(TIMESTAMP + email + oldPasswordHash + dbHash ))
hash.update(String(expires));
hash.update(email.toLocaleLowerCase());
hash.update(foundUser.get('password'));
hash.update(String(dbHash));
text += [expires, email, hash.digest('base64')].join('|');
return new Buffer(text).toString('base64');
});
},
validateToken: function (token, dbHash) {
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
/*jslint bitwise:true*/
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
// TODO: Is there a chance the use of ascii here will cause problems if oldPassword has weird characters?
var tokenText = new Buffer(token, 'base64').toString('ascii'),
parts,
expires,
email;
parts = tokenText.split('|');
// Check if invalid structure
if (!parts || parts.length !== 3) {
return when.reject(new Error("Invalid token structure"));
}
expires = parseInt(parts[0], 10);
email = parts[1];
if (isNaN(expires)) {
return when.reject(new Error("Invalid token expiration"));
}
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
// Check if token is expired to prevent replay attacks
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
if (expires < Date.now()) {
return when.reject(new Error("Expired token"));
}
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
// to prevent brute force attempts to reset the password the combination of email+expires is only allowed for 10 attempts
if (tokenSecurity[email + '+' + expires] && tokenSecurity[email + '+' + expires].count >= 10) {
return when.reject(new Error("Token locked"));
}
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
return this.generateResetToken(email, expires, dbHash).then(function (generatedToken) {
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
// Check for matching tokens with timing independent comparison
var diff = 0,
i;
Sanitize models' attributes/options before passing to bookshelf/knex closes #2653 - enforce strict whitelists for model methods - create a class method that reports a model method's valid options - create a class method that filters a model's valid attributes from data - create a class method that filters valid options from a model method's options hash
2014-05-06 05:45:08 +04:00
// check if the token length is correct
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
if (token.length !== generatedToken.length) {
diff = 1;
}
for (i = token.length - 1; i >= 0; i = i - 1) {
diff |= token.charCodeAt(i) ^ generatedToken.charCodeAt(i);
}
if (diff === 0) {
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
return when.resolve(email);
}
Improve password reset token no issue - added check that a combination of email + expires is rejected after 10 attempts - changed comparison to time independent method Thanks to @chiiph for reporting this issue!
2014-01-30 16:27:29 +04:00
// increase the count for email+expires for each failed attempt
tokenSecurity[email + '+' + expires] = {count: tokenSecurity[email + '+' + expires] ? tokenSecurity[email + '+' + expires].count + 1 : 1};
Improved Password Reset Tool Closes #1471 - add api and User model methods for generating and validating tokens - add routes and handlers for reset password pages - add client styles and views for reset password form - some basic integration tests for User model methods
2013-11-22 07:17:38 +04:00
return when.reject(new Error("Invalid token"));
});
},
resetPassword: function (token, newPassword, ne2Password, dbHash) {
var self = this;
if (newPassword !== ne2Password) {
return when.reject(new Error("Your new passwords do not match"));
}
return validatePasswordLength(newPassword).then(function () {
// Validate the token; returns the email address from token
return self.validateToken(token, dbHash);
}).then(function (email) {
// Fetch the user by email, and hash the password at the same time.
return when.join(
self.forge({email: email.toLocaleLowerCase()}).fetch({require: true}),
generatePasswordHash(newPassword)
);
}).then(function (results) {
// Update the user with the new password hash
var foundUser = results[0],
passwordHash = results[1];
Allow user to accept invitation closes #3081 - added route `/ghost/api/v0.1/authentication/invitation` - added accept invitation - added signup with token - removed check() from users api - fixed promise in resetPassword()
2014-07-03 19:06:07 +04:00
return foundUser.save({password: passwordHash, status: 'active'});
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
});
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
},
Add users Gravatar on signup When a user registers try to find their gravatar.
2013-11-11 23:55:22 +04:00
gravatarLookup: function (userData) {
Remove fixed scheme from gravatar url no issue - removed scheme from gravatar url Reason: Gravatar supports ssl and the fixed scheme will cause ‚insecure content‘ warnings.
2013-12-17 20:21:00 +04:00
var gravatarUrl = '//www.gravatar.com/avatar/' +
Invite user API closes #3080 - added users.invite() to add user from email with random password - added `GET /ghost/api/v0.1/users/` to invite users and resend invitations - removed one user limit - added global utils for uid generation - changed some „“ to ‚‘
2014-07-02 18:22:18 +04:00
crypto.createHash('md5').update(userData.email.toLowerCase().trim()).digest('hex') +
Larger default gravatar images
2014-07-20 19:57:54 +04:00
"?d=404&s=250",
Add users Gravatar on signup When a user registers try to find their gravatar.
2013-11-11 23:55:22 +04:00
checkPromise = when.defer();
Fix gravatar retrieval fixes #1778 - use http for initial request, store url with no schema
2014-01-01 21:47:12 +04:00
http.get('http:' + gravatarUrl, function (res) {
Add users Gravatar on signup When a user registers try to find their gravatar.
2013-11-11 23:55:22 +04:00
if (res.statusCode !== 404) {
userData.image = gravatarUrl;
}
checkPromise.resolve(userData);
}).on('error', function () {
//Error making request just continue.
checkPromise.resolve(userData);
});
return checkPromise.promise;
Adding case-insensitive User.getByEmail method fixes #1498 - emails are no longer converted to lowercase, local mailbox can validly be mixed case - getByEmail uses JS to compare emails to ensure we can support unicode - tests that users can be retrieved by their email address with case insensitivity
2014-01-15 02:47:17 +04:00
},
// Get the user by email address, enforces case insensitivity rejects if the user is not found
// When multi-user support is added, email addresses must be deduplicated with case insensitivity, so that
// joe@bloggs.com and JOE@BLOGGS.COM cannot be created as two separate users.
getByEmail: function (email) {
// We fetch all users and process them in JS as there is no easy way to make this query across all DBs
// Although they all support `lower()`, sqlite can't case transform unicode characters
// This is somewhat mute, as validator.isEmail() also doesn't support unicode, but this is much easier / more
// likely to be fixed in the near future.
return Users.forge().fetch({require: true}).then(function (users) {
var userWithEmail = users.find(function (user) {
return user.get('email').toLowerCase() === email.toLowerCase();
});
if (userWithEmail) {
return when.resolve(userWithEmail);
}
});
}
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
});
simplifying the model structure, again
2013-06-01 18:47:41 +04:00
Updating to bookshelf 0.5.7 & knex 0.4.11
2013-09-23 02:20:08 +04:00
Users = ghostBookshelf.Collection.extend({
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
model: User
});
simplifying the model structure, again
2013-06-01 18:47:41 +04:00
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
module.exports = {
Use bookshelf's model registry plugin Refs #2170 This removes the circular dependency problem from our models thanks to https://github.com/tgriesser/bookshelf/issues/181 - add the registry plugin - switch all models and collections to be registered - switch relationships to be defined using a string, which calls from the registry
2014-07-13 15:17:18 +04:00
User: ghostBookshelf.model('User', User),
Users: ghostBookshelf.collection('Users', Users)
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
};
Reference in New Issue Copy Permalink