TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-28 22:43:30 +03:00
Code Issues Projects Releases Wiki Activity
bffb3dbd90
Ghost/core/server/api/index.js

341 lines
12 KiB
JavaScript
Raw Normal View History

closes #33 - api example Moving towards using an API which we can both expose publicly, and use internally. Due to issues with JugglingDB, this breaks updating contentHTML on edit Also, language, status, featured etc are all no long set / updated.
2013-05-16 15:21:13 +04:00
// # Ghost Data API
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
// Provides access from anywhere to the Ghost data layer.
//
// Ghost's JSON API is integral to the workings of Ghost, regardless of whether you want to access data internally,
// from a theme, an app, or from an external app, you'll use the Ghost JSON API to do so.
closes #33 - api example Moving towards using an API which we can both expose publicly, and use internally. Due to issues with JugglingDB, this breaks updating contentHTML on edit Also, language, status, featured etc are all no long set / updated.
2013-05-16 15:21:13 +04:00
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
var _ = require('lodash'),
Promise = require('bluebird'),
config = require('../config'),
models = require('../models'),
utils = require('../utils'),
configuration = require('./configuration'),
db = require('./db'),
mail = require('./mail'),
notifications = require('./notifications'),
posts = require('./posts'),
schedules = require('./schedules'),
roles = require('./roles'),
settings = require('./settings'),
tags = require('./tags'),
invites = require('./invites'),
✨ Allow Upload/Download of redirects.json (#9029) refs #9028 - add two new endpoints for uploading/downloading the redirects (file based) - reload/re-register redirects on runtime - migration for 1.9 to add permissions for redirects download/upload
2017-09-21 18:01:03 +03:00
redirects = require('./redirects'),
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
clients = require('./clients'),
users = require('./users'),
slugs = require('./slugs'),
themes = require('./themes'),
subscribers = require('./subscribers'),
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
authentication = require('./authentication'),
Misc cleanup & consistency amends (#9002) no issue - Consistent naming for postLookup - makes it easier to search and inspect the various usages - Cleanup unneeded code - Make res.render calls more consistent - add some consistency to the calls to res.render - Remove ancient reference to dataProvider - Let's call it models everywhere now... - Use consistent formatting across the API - we're no longer using alignment in vars - Misc other consistency changes in API - always refer to local utils as apiUtils - logical grouping of requires - dependencies, utils, "lib common" etc - use xAPI to refer to API endpoints, e.g. mailAPI, settingsAPI for clarity
2017-09-12 18:31:14 +03:00
uploads = require('./upload'),
exporter = require('../data/export'),
slack = require('./slack'),
Webhooks support for subscriber events (#9230) no issue Support for http://resthooks.org style webhooks that can be used with Zapier triggers. This can currently be used in two ways: a) adding a webhook record to the DB manually b) using the API with password auth and POSTing to /webhooks/ (this is private API so not documented) ⚠️ only _https_ URLs are supported in the webhook `target_url` field 🚨 - add `webhooks` table to store event names and target urls - add `POST` and `DELETE` endpoints for `/webhooks/` - configure `subscribers.added` and `subscribers.deleted` events to trigger registered webhooks
2017-11-21 18:43:14 +03:00
webhooks = require('./webhooks'),
Adding theme switcher to settings/general closes #488 and #107 - added dropdown for theme selection on general page - added GET /api/v0.1/themes to retrieve available themes - modified settings model to get available themes - modified updateSettignsCache to remove path from settings.activeTheme
2013-08-30 15:20:30 +04:00
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
http,
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
addHeaders,
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
cacheInvalidationHeader,
locationHeader,
Subscribers: Model, API & CSV import/export - subscriber model - subscriber app updates - subscriber end points - import/export CSV - added headers to export file - added dynamic email field detection for import - returns stats object after CSV import - mask error message from DB
2016-04-14 23:44:05 +03:00
contentDispositionHeaderExport,
✨ Allow Upload/Download of redirects.json (#9029) refs #9028 - add two new endpoints for uploading/downloading the redirects (file based) - reload/re-register redirects on runtime - migration for 1.9 to add permissions for redirects download/upload
2017-09-21 18:01:03 +03:00
contentDispositionHeaderSubscribers,
contentDispositionHeaderRedirects;
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
🐛🎨 Theme API minor improvements (#8197) no issue 🎨 🐛 Ensure cache is updated correctly for themes - Insure the cache invalidation headers are always set correctly for the themes API 📖 Theme API comments / function naming - this is an update for clarity, so we can see what further improvements can be made 🐛 🎨 Add permissions to themes.browse
2017-03-20 21:02:44 +03:00
function isActiveThemeUpdate(method, endpoint, result) {
if (endpoint === 'themes') {
if (method === 'PUT') {
return true;
}
if (method === 'POST' && result.themes && result.themes[0] && result.themes[0].active === true) {
return true;
}
}
return false;
🐛 Reactivate theme on override + cache clear (#7368) closes #7350 - When the active theme is overridden, ensure that the activateTheme middleware gets called by removing the `req.app.activeTheme` value. - Additionally, ensure that the full cache is invalidated
2016-09-14 13:18:52 +03:00
}
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
* ### Cache Invalidation Header
* Calculate the header string for the X-Cache-Invalidate: header.
* The resulting string instructs any cache in front of the blog that request has occurred which invalidates any cached
* versions of the listed URIs.
*
* `/*` is used to mean the entire cache is invalid
*
* @private
* @param {Express.request} req Original HTTP Request
* @param {Object} result API method result
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
* @return {String} Resolves to header string
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
*/
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes
2015-05-30 23:18:26 +03:00
cacheInvalidationHeader = function cacheInvalidationHeader(req, result) {
Move post slug endpoint & add endpoints for users closes #3187 - move slug endpoint to post/slug/:slug - create similar slug and email endpoint for users - add/update tests
2014-07-09 02:28:31 +04:00
var parsedUrl = req._parsedUrl.pathname.replace(/^\/|\/$/g, '').split('/'),
Add invalidate cache headers closes #570 - added X-Cach-Invalidate headers for PUT, POST, DELETE requests
2013-09-24 19:21:43 +04:00
method = req.method,
Move post slug endpoint & add endpoints for users closes #3187 - move slug endpoint to post/slug/:slug - create similar slug and email endpoint for users - add/update tests
2014-07-09 02:28:31 +04:00
endpoint = parsedUrl[0],
post-scheduling refs #6413 - PUT endpoint to publish a post/page for the scheduler - fn endpoint to get all scheduled posts (with from/to query params) for the scheduler - hardcoded permission handling for scheduler client - fix event bug: unscheduled - basic structure for scheduling - post scheduling basics - offer easy option to change adapter - integrate the default scheduler adapter - update scheduled posts when blog TZ changes - safety check before scheduler can publish a post (not allowed to publish in the future or past) - add force flag to allow publishing in the past - invalidate cache header for /schedules/posts/:id
2016-05-19 14:49:22 +03:00
subdir = parsedUrl[1],
Invalidate cache header only for published posts Closes #1563 - Add new updatedAttributes() functionality to base models - Update Post.edit(...) to pass along _updatedAttributes values - Update Post.delete to set statusChanged to true - Add checking for statusChanged to cacheInvalidationHeader() - Update route tests that check for cache invalidation header
2014-04-22 05:04:30 +04:00
jsonResult = result.toJSON ? result.toJSON() : result,
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
INVALIDATE_ALL = '/*',
Invalidate cache header only for published posts Closes #1563 - Add new updatedAttributes() functionality to base models - Update Post.edit(...) to pass along _updatedAttributes values - Update Post.delete to set statusChanged to true - Add checking for statusChanged to cacheInvalidationHeader() - Update route tests that check for cache invalidation header
2014-04-22 05:04:30 +04:00
post,
Cache invalidation for post update closes #2833 - Handle status change of post
2014-06-04 02:38:15 +04:00
hasStatusChanged,
wasPublishedUpdated;
Add API tests closes #1189 - added tests - added request module - added status codes to API calls - fixed return values of API calls - fixed that drafts caused an error when being deleted - fixed X-Invalidate-Cache headers - moved testUtils.js to utils/index.js
2013-11-03 21:13:19 +04:00
🐛🎨 Theme API minor improvements (#8197) no issue 🎨 🐛 Ensure cache is updated correctly for themes - Insure the cache invalidation headers are always set correctly for the themes API 📖 Theme API comments / function naming - this is an update for clarity, so we can see what further improvements can be made 🐛 🎨 Add permissions to themes.browse
2017-03-20 21:02:44 +03:00
if (isActiveThemeUpdate(method, endpoint, result)) {
🐛 Reactivate theme on override + cache clear (#7368) closes #7350 - When the active theme is overridden, ensure that the activateTheme middleware gets called by removing the `req.app.activeTheme` value. - Additionally, ensure that the full cache is invalidated
2016-09-14 13:18:52 +03:00
// Special case for if we're overwriting an active theme
return INVALIDATE_ALL;
} else if (['POST', 'PUT', 'DELETE'].indexOf(method) > -1) {
post-scheduling refs #6413 - PUT endpoint to publish a post/page for the scheduler - fn endpoint to get all scheduled posts (with from/to query params) for the scheduler - hardcoded permission handling for scheduler client - fix event bug: unscheduled - basic structure for scheduling - post scheduling basics - offer easy option to change adapter - integrate the default scheduler adapter - update scheduled posts when blog TZ changes - safety check before scheduler can publish a post (not allowed to publish in the future or past) - add force flag to allow publishing in the past - invalidate cache header for /schedules/posts/:id
2016-05-19 14:49:22 +03:00
if (endpoint === 'schedules' && subdir === 'posts') {
return INVALIDATE_ALL;
}
🐛 Fixed missing cache invalidation header when uploading redirects (#9071) closes #9065
2017-09-27 20:58:33 +03:00
if (['settings', 'users', 'db', 'tags', 'redirects'].indexOf(endpoint) > -1) {
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
return INVALIDATE_ALL;
Add invalidate cache headers closes #570 - added X-Cach-Invalidate headers for PUT, POST, DELETE requests
2013-09-24 19:21:43 +04:00
} else if (endpoint === 'posts') {
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
if (method === 'DELETE') {
return INVALIDATE_ALL;
}
Invalidate cache header only for published posts Closes #1563 - Add new updatedAttributes() functionality to base models - Update Post.edit(...) to pass along _updatedAttributes values - Update Post.delete to set statusChanged to true - Add checking for statusChanged to cacheInvalidationHeader() - Update route tests that check for cache invalidation header
2014-04-22 05:04:30 +04:00
post = jsonResult.posts[0];
Cache invalidation for post update closes #2833 - Handle status change of post
2014-06-04 02:38:15 +04:00
hasStatusChanged = post.statusChanged;
// Invalidate cache when post was updated but not when post is draft
wasPublishedUpdated = method === 'PUT' && post.status === 'published';
Invalidate cache header only for published posts Closes #1563 - Add new updatedAttributes() functionality to base models - Update Post.edit(...) to pass along _updatedAttributes values - Update Post.delete to set statusChanged to true - Add checking for statusChanged to cacheInvalidationHeader() - Update route tests that check for cache invalidation header
2014-04-22 05:04:30 +04:00
// Remove the statusChanged value from the response
Cache invalidation for post update closes #2833 - Handle status change of post
2014-06-04 02:38:15 +04:00
delete post.statusChanged;
Invalidate cache header only for published posts Closes #1563 - Add new updatedAttributes() functionality to base models - Update Post.edit(...) to pass along _updatedAttributes values - Update Post.delete to set statusChanged to true - Add checking for statusChanged to cacheInvalidationHeader() - Update route tests that check for cache invalidation header
2014-04-22 05:04:30 +04:00
// Don't set x-cache-invalidate header for drafts
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
if (hasStatusChanged || wasPublishedUpdated) {
return INVALIDATE_ALL;
Cache invalidate for previews no issue - draft updates now need to affect the preview route
2015-05-18 22:56:41 +03:00
} else {
💄 Improve URL consistency, Part 1: urlJoin (#7668) refs #7666 Use urlJoin for more consistency instead of concatenating url strings.
2016-11-14 17:38:55 +03:00
return utils.url.urlFor({relativeUrl: utils.url.urlJoin('/', config.get('routeKeywords').preview, post.uuid, '/')});
Add invalidate cache headers closes #570 - added X-Cach-Invalidate headers for PUT, POST, DELETE requests
2013-09-24 19:21:43 +04:00
}
}
}
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
};
/**
* ### Location Header
*
* If the API request results in the creation of a new object, construct a Location: header which points to the new
* resource.
*
* @private
* @param {Express.request} req Original HTTP Request
* @param {Object} result API method result
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
* @return {String} Resolves to header string
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
*/
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes
2015-05-30 23:18:26 +03:00
locationHeader = function locationHeader(req, result) {
:art: source out url utils from ConfigManager (#7347) refs #6982
2016-09-09 13:23:47 +03:00
var apiRoot = utils.url.urlFor('api'),
Add location header to response when new object is created closes #2635 - add new logic to the api request handler to set a location header when new objects are created - added an api context to config.urlFor() to return the root url - added functional tests for the affected routes
2014-05-02 03:42:23 +04:00
location,
💄 Improve URL consistency, Part 1: urlJoin (#7668) refs #7666 Use urlJoin for more consistency instead of concatenating url strings.
2016-11-14 17:38:55 +03:00
newObject,
statusQuery;
Add location header to response when new object is created closes #2635 - add new logic to the api request handler to set a location header when new objects are created - added an api context to config.urlFor() to return the root url - added functional tests for the affected routes
2014-05-02 03:42:23 +04:00
if (req.method === 'POST') {
if (result.hasOwnProperty('posts')) {
Improve handling of users and roles in admin Closes #3083 Refs #3229 - Populates the dropdown list in the invite user menu with the list of roles a user is permitted to create. - Users API now checks the invite user request for allowed roles. - Change API response from 200 to 201 on successful invitation. - Change API response from 500 to 201 when the user was created but the email was not sent. The client will show a warning notification when it sees 'invite-pending' as the new user's status. - Add support for "?status=all" to the /users endpoint. - Refactor the route and controller for the /settings/users page so that there's only one network API call to load users instead of two.
2014-07-23 10:13:20 +04:00
newObject = result.posts[0];
💄 Improve URL consistency, Part 1: urlJoin (#7668) refs #7666 Use urlJoin for more consistency instead of concatenating url strings.
2016-11-14 17:38:55 +03:00
statusQuery = '/?status=' + newObject.status;
location = utils.url.urlJoin(apiRoot, 'posts', newObject.id, statusQuery);
Improve handling of users and roles in admin Closes #3083 Refs #3229 - Populates the dropdown list in the invite user menu with the list of roles a user is permitted to create. - Users API now checks the invite user request for allowed roles. - Change API response from 200 to 201 on successful invitation. - Change API response from 500 to 201 when the user was created but the email was not sent. The client will show a warning notification when it sees 'invite-pending' as the new user's status. - Add support for "?status=all" to the /users endpoint. - Refactor the route and controller for the /settings/users page so that there's only one network API call to load users instead of two.
2014-07-23 10:13:20 +04:00
} else if (result.hasOwnProperty('notifications')) {
newObject = result.notifications[0];
💄 Improve URL consistency, Part 1: urlJoin (#7668) refs #7666 Use urlJoin for more consistency instead of concatenating url strings.
2016-11-14 17:38:55 +03:00
location = utils.url.urlJoin(apiRoot, 'notifications', newObject.id, '/');
Improve handling of users and roles in admin Closes #3083 Refs #3229 - Populates the dropdown list in the invite user menu with the list of roles a user is permitted to create. - Users API now checks the invite user request for allowed roles. - Change API response from 200 to 201 on successful invitation. - Change API response from 500 to 201 when the user was created but the email was not sent. The client will show a warning notification when it sees 'invite-pending' as the new user's status. - Add support for "?status=all" to the /users endpoint. - Refactor the route and controller for the /settings/users page so that there's only one network API call to load users instead of two.
2014-07-23 10:13:20 +04:00
} else if (result.hasOwnProperty('users')) {
newObject = result.users[0];
💄 Improve URL consistency, Part 1: urlJoin (#7668) refs #7666 Use urlJoin for more consistency instead of concatenating url strings.
2016-11-14 17:38:55 +03:00
location = utils.url.urlJoin(apiRoot, 'users', newObject.id, '/');
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
} else if (result.hasOwnProperty('tags')) {
newObject = result.tags[0];
💄 Improve URL consistency, Part 1: urlJoin (#7668) refs #7666 Use urlJoin for more consistency instead of concatenating url strings.
2016-11-14 17:38:55 +03:00
location = utils.url.urlJoin(apiRoot, 'tags', newObject.id, '/');
Webhooks support for subscriber events (#9230) no issue Support for http://resthooks.org style webhooks that can be used with Zapier triggers. This can currently be used in two ways: a) adding a webhook record to the DB manually b) using the API with password auth and POSTing to /webhooks/ (this is private API so not documented) ⚠️ only _https_ URLs are supported in the webhook `target_url` field 🚨 - add `webhooks` table to store event names and target urls - add `POST` and `DELETE` endpoints for `/webhooks/` - configure `subscribers.added` and `subscribers.deleted` events to trigger registered webhooks
2017-11-21 18:43:14 +03:00
} else if (result.hasOwnProperty('webhooks')) {
newObject = result.webhooks[0];
location = utils.url.urlJoin(apiRoot, 'webhooks', newObject.id, '/');
Add location header to response when new object is created closes #2635 - add new logic to the api request handler to set a location header when new objects are created - added an api context to config.urlFor() to return the root url - added functional tests for the affected routes
2014-05-02 03:42:23 +04:00
}
}
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
return location;
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
};
/**
* ### Content Disposition Header
* create a header that invokes the 'Save As' dialog in the browser when exporting the database to file. The 'filename'
* parameter is governed by [RFC6266](http://tools.ietf.org/html/rfc6266#section-4.3).
*
* For encoding whitespace and non-ISO-8859-1 characters, you MUST use the "filename*=" attribute, NOT "filename=".
* Ideally, both. Examples: http://tools.ietf.org/html/rfc6266#section-5
*
* We'll use ISO-8859-1 characters here to keep it simple.
*
* @private
* @see http://tools.ietf.org/html/rfc598
* @return {string}
*/
Subscribers: Model, API & CSV import/export - subscriber model - subscriber app updates - subscriber end points - import/export CSV - added headers to export file - added dynamic email field detection for import - returns stats object after CSV import - mask error message from DB
2016-04-14 23:44:05 +03:00
contentDispositionHeaderExport = function contentDispositionHeaderExport() {
Exporter cleanup & tests refs #6301 - change knex getter def to be configurable, else it is not testable - remove exportPath and lang from config - neither are used - add client_trusted_domains to tables which shouldn't be exported as there are no clients in the export - change export signature to be an object with `doExport` function consistent with import & easier to test - cleanup export code so it is clearer, easier to read & to test: - use mapSeries instead of sequence - use Promise.props instead of Promise.join - split functionality into smaller functions - add test coverage
2016-03-12 21:54:06 +03:00
return exporter.fileName().then(function then(filename) {
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
return 'Attachment; filename="' + filename + '"';
});
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
};
Subscribers: Model, API & CSV import/export - subscriber model - subscriber app updates - subscriber end points - import/export CSV - added headers to export file - added dynamic email field detection for import - returns stats object after CSV import - mask error message from DB
2016-04-14 23:44:05 +03:00
contentDispositionHeaderSubscribers = function contentDispositionHeaderSubscribers() {
var datetime = (new Date()).toJSON().substring(0, 10);
return Promise.resolve('Attachment; filename="subscribers.' + datetime + '.csv"');
};
✨ Allow Upload/Download of redirects.json (#9029) refs #9028 - add two new endpoints for uploading/downloading the redirects (file based) - reload/re-register redirects on runtime - migration for 1.9 to add permissions for redirects download/upload
2017-09-21 18:01:03 +03:00
contentDispositionHeaderRedirects = function contentDispositionHeaderRedirects() {
return Promise.resolve('Attachment; filename="redirects.json"');
};
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes
2015-05-30 23:18:26 +03:00
addHeaders = function addHeaders(apiMethod, req, res, result) {
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
var cacheInvalidation,
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
location,
contentDisposition;
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
cacheInvalidation = cacheInvalidationHeader(req, result);
if (cacheInvalidation) {
res.set({'X-Cache-Invalidate': cacheInvalidation});
}
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
if (req.method === 'POST') {
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
location = locationHeader(req, result);
if (location) {
res.set({Location: location});
// The location header indicates that a new object was created.
// In this case the status code should be 201 Created
res.status(201);
}
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
}
Subscribers: Model, API & CSV import/export - subscriber model - subscriber app updates - subscriber end points - import/export CSV - added headers to export file - added dynamic email field detection for import - returns stats object after CSV import - mask error message from DB
2016-04-14 23:44:05 +03:00
// Add Export Content-Disposition Header
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
if (apiMethod === db.exportContent) {
Subscribers: Model, API & CSV import/export - subscriber model - subscriber app updates - subscriber end points - import/export CSV - added headers to export file - added dynamic email field detection for import - returns stats object after CSV import - mask error message from DB
2016-04-14 23:44:05 +03:00
contentDisposition = contentDispositionHeaderExport()
.then(function addContentDispositionHeaderExport(header) {
res.set({
'Content-Disposition': header
});
});
}
// Add Subscribers Content-Disposition Header
if (apiMethod === subscribers.exportCSV) {
contentDisposition = contentDispositionHeaderSubscribers()
.then(function addContentDispositionHeaderSubscribers(header) {
res.set({
'Content-Disposition': header,
'Content-Type': 'text/csv'
});
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
});
}
✨ Allow Upload/Download of redirects.json (#9029) refs #9028 - add two new endpoints for uploading/downloading the redirects (file based) - reload/re-register redirects on runtime - migration for 1.9 to add permissions for redirects download/upload
2017-09-21 18:01:03 +03:00
// Add Redirects Content-Disposition Header
if (apiMethod === redirects.download) {
contentDisposition = contentDispositionHeaderRedirects()
.then(function contentDispositionHeaderRedirects(header) {
res.set({
'Content-Disposition': header,
'Content-Type': 'application/json',
'Content-Length': JSON.stringify(result).length
});
});
}
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
return contentDisposition;
Export 003 closes #3284 - ensure token tables aren't exported - cleanup filename - failed export throws internal server error
2014-07-19 16:20:16 +04:00
};
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
* ### HTTP
*
* Decorator for API functions which are called via an HTTP request. Takes the API method and wraps it so that it gets
* data from the request and returns a sensible JSON response.
*
* @public
* @param {Function} apiMethod API method to call
* @return {Function} middleware format function to be called by the route when a matching request is made
*/
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes
2015-05-30 23:18:26 +03:00
http = function http(apiMethod) {
Improve API error handling close #2757, refs #5286 - moves error formatting from api/index into errors lib - moves error handling from api/index into its own middleware - adds extra middleware for method not allowed which captures all unsupported routes
2015-06-14 22:07:52 +03:00
return function apiHandler(req, res, next) {
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
// We define 2 properties for using as arguments in API calls:
var object = req.body,
🎨 optimisations for brute (#7867) closes #7766, refs #7579 - ensure we are using the correct brute keys - ensure we are using req.ip as Ghost is configured with trust proxy option - tidy up a little
2017-01-24 00:44:39 +03:00
options = _.extend({}, req.file, {ip: req.ip}, req.query, req.params, {
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
context: {
✨ Ghost OAuth (#7451) issue #7452 Remote oauth2 authentication with Ghost.org. This PR supports: - oauth2 login or local login - authentication on blog setup - authentication on invite - normal authentication - does not contain many, many tests, but we'll improve in the next alpha weeks
2016-09-30 14:45:59 +03:00
// @TODO: forward the client and user obj in 1.0 (options.context.user.id)
🎨 tidy up static id (owner, internal, external) usages (#7675) refs #7494, refs #7495 This PR is an extracted clean up feature of #7495. We are using everywhere static id checks (userId === 0 or userId === 1). This PR moves the static values into the Base model. This makes it 1. way more readable and 2. we can change the id's in a central place. I changed the most important occurrences - no tests are touched (yet!). The background is: when changing from auto increment id (number) to ObjectId's (string) we still need to support id 1 and 0, because Ghost relies on these two static id's. I would like to support using both: 0/1 as string and 0/1 as number. 1 === owner/internal 0 === external Another important change: User Model does not longer define the contextUser method, because i couldn't find a reason? I looked in Git history, see https://github.com/TryGhost/Ghost/commit/6e482751601b8d23b3a06aec890b79c92eaf4af2
2016-11-09 18:01:07 +03:00
user: ((req.user && req.user.id) || (req.user && models.User.isExternalUser(req.user.id))) ? req.user.id : null,
✨ Ghost OAuth (#7451) issue #7452 Remote oauth2 authentication with Ghost.org. This PR supports: - oauth2 login or local login - authentication on blog setup - authentication on invite - normal authentication - does not contain many, many tests, but we'll improve in the next alpha weeks
2016-09-30 14:45:59 +03:00
client: (req.client && req.client.slug) ? req.client.slug : null,
client_id: (req.client && req.client.id) ? req.client.id : null
DB API returns JSON-API compatible objects. Export triggers 'Save As' dialog. closes #2647 - GET method returns { db: [exportedData] } - POST, DELETE methods return { db: [] } - 'delete all content' test updated - Attach 'Content-Disposition' header on DB export for 'Save As' browser dialog - Add DB API functional test for Export
2014-05-07 09:28:51 +04:00
}
New URL helper - URL consistency fixes fixes #1765 fixes #1811 issue #1833 New UrlFor functions - moved body of url helper to config.path.urlFor, which can generate a URL for various scenarios - urlFor can take a string (name) or object (relativeUrl: '/') as the first argument - this is the first step towards issue #1833 - also added config.path.urlForPost which is async and handles getting permalink setting - frontend controller, ghost_head helper, cache invalidation all now use urlFor or urlForPost all urls should be correct and consistent URL Consistency Improvements - refactored invalidateCache into cacheInvalidationHeader which returns a promise so that url can be generated properly by urlForPost - moved isPost from models to schema, and refactored schema to have a tables object - deleted posts now return the whole object, not just id and slug, ensuring cache invalidation header can be set on delete - frontend controller rss and archive page redirects work properly with subdirectory - removes {{url}} helper from admin and client, and replaced with adminUrl helper which also uses urlFor - in res.locals ghostRoot becomes relativeUrl, and path is removed
2014-01-03 04:37:21 +04:00
});
Change error message response closes #2643 - added error type - added error property for validations - wrapped errors in an array - returns multiple errors for validation - updated tests and admin
2014-05-05 17:51:21 +04:00
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
// If this is a GET, or a DELETE, req.body should be null, so we only have options (route and query params)
// If this is a PUT, POST, or PATCH, req.body is an object
if (_.isEmpty(object)) {
object = options;
options = {};
}
DB API returns JSON-API compatible objects. Export triggers 'Save As' dialog. closes #2647 - GET method returns { db: [exportedData] } - POST, DELETE methods return { db: [] } - 'delete all content' test updated - Attach 'Content-Disposition' header on DB export for 'Save As' browser dialog - Add DB API functional test for Export
2014-05-07 09:28:51 +04:00
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
return apiMethod(object, options).tap(function onSuccess(response) {
// Add X-Cache-Invalidate, Location, and Content-Disposition headers
invite users after signing up during setup closes #5338 - moves skip link to below the submit button - makes the submit button better represent form status - posts notifications based on success/failure of notifications - goes to the invite page after user creation - actually sends invites! functional tests passing for onboarding invitations cleanup for linitng remove unreachable return access the notifications service better use link-to instead of an anchor with an action failed user creations get caught, and bubble as errors a slew of other cleanup stuff via jason
2015-05-28 16:58:52 +03:00
return addHeaders(apiMethod, req, res, (response || {}));
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes
2015-05-30 23:18:26 +03:00
}).then(function then(response) {
Return http status 204 on deletes Closes #2871 - Refactor api http handlers. - Update tests. - Remove special handling of responses in ember adapter.
2016-03-20 20:26:42 +03:00
if (req.method === 'DELETE') {
return res.status(204).end();
}
Subscribers: Model, API & CSV import/export - subscriber model - subscriber app updates - subscriber end points - import/export CSV - added headers to export file - added dynamic email field detection for import - returns stats object after CSV import - mask error message from DB
2016-04-14 23:44:05 +03:00
// Keep CSV header and formatting
if (res.get('Content-Type') && res.get('Content-Type').indexOf('text/csv') === 0) {
return res.status(200).send(response);
}
feature: theme upload/download/delete (#7209) refs #7204 - added 3 new themes permissions - change core/client - add theme upload/download logic - extended local file storage to serve zips - added gscan dependency - add ability to handle the express response within the api layer - restrict theme upload to local file storage - added 007 migration
2016-08-23 15:07:25 +03:00
// CASE: api method response wants to handle the express response
// example: serve files (stream)
if (_.isFunction(response)) {
return response(req, res, next);
}
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
// Send a properly formatting HTTP response containing the data with correct headers
res.json(response || {});
Improve API error handling close #2757, refs #5286 - moves error formatting from api/index into errors lib - moves error handling from api/index into its own middleware - adds extra middleware for method not allowed which captures all unsupported routes
2015-06-14 22:07:52 +03:00
}).catch(function onAPIError(error) {
// To be handled by the API middleware
next(error);
Fix up HTTP API handler No Issue - Add Location header for tags. - Ensure Location header has trailing slash. - Remove unnecessary promises/async.
2014-12-28 08:27:29 +03:00
});
Migrate settings page to Backbone
2013-06-08 09:05:40 +04:00
};
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
};
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
/**
* ## Public API
*/
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
module.exports = {
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
http: http,
// API Endpoints
Implements new Configuration API closes #3619 - adds new permissions for configuration API - adds integration tests - adds configuration API for reading allowed values
2014-08-21 01:42:34 +04:00
configuration: configuration,
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
db: db,
mail: mail,
notifications: notifications,
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
posts: posts,
post-scheduling refs #6413 - PUT endpoint to publish a post/page for the scheduler - fn endpoint to get all scheduled posts (with from/to query params) for the scheduler - hardcoded permission handling for scheduler client - fix event bug: unscheduled - basic structure for scheduling - post scheduling basics - offer easy option to change adapter - integrate the default scheduler adapter - update scheduled posts when blog TZ changes - safety check before scheduler can publish a post (not allowed to publish in the future or past) - add force flag to allow publishing in the past - invalidate cache header for /schedules/posts/:id
2016-05-19 14:49:22 +03:00
schedules: schedules,
Added /roles/ API endpoint Closes #3196 * adds `/roles/` endpoint * is given the current user as context * wraps everything in a canthis.browse.role * gets all the available roles (should "Owner" be filtered out?) * optional parameter: `permission=assign`. Gets all roles authenticated user could assign * if we're not signed in, gives a "please sign in" (standard) error * if we're signed in, but user is not in the context, gives a "there was no user in the context" error * if the user is an "Author", gives a "there are no available roles to assign" error * implemented hacky filter because when.js produces heisenbugs past 3.2.3 (when.filter not available) * added extra fixtures to `permissions.json`. Might need a migration. Caveats: * there are no tests * for some reason the setup functional test was failing for me locally
2014-07-15 19:22:06 +04:00
roles: roles,
Refactor API arguments closes #2610, refs #2697 - cleanup API index.js, and add docs - all API methods take consistent arguments: object & options - browse, read, destroy take options, edit and add take object and options - the context is passed as part of options, meaning no more .call everywhere - destroy expects an object, rather than an id all the way down to the model layer - route params such as :id, :slug, and :key are passed as an option & used to perform reads, updates and deletes where possible - settings / themes may need work here still - HTTP posts api can find a post by slug - Add API utils for checkData
2014-05-08 16:41:19 +04:00
settings: settings,
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
tags: tags,
Add dynamic client_id/client_secret no issue - added ghost-admin client_id to admin - added ghost-admin client_secret to admin - added client.read() api endpoint - added random generation of client_secret to migration - removed addClientSecret method - updated tests
2015-08-31 16:59:56 +03:00
clients: clients,
Refactore slug API for generating tag and post slugs. Closes #2601 - Removed slug generation from the post API - Added new, self-contained slug API - Fixed slug permissions in the fixtures files - Added a HTTP route for the new API method - Added integrational tests
2014-05-06 02:38:05 +04:00
users: users,
User API changes closes #2822 - added destroy user method - added remove user permission - added API end point for get reset token - added API end point for reset password - added API end point for change password
2014-06-20 13:15:01 +04:00
slugs: slugs,
Subscribers: Model, API & CSV import/export - subscriber model - subscriber app updates - subscriber end points - import/export CSV - added headers to export file - added dynamic email field detection for import - returns stats object after CSV import - mask error message from DB
2016-04-14 23:44:05 +03:00
subscribers: subscribers,
Move image upload to API closes #3252 - added `/ghost/api/v0.1/uploads/` endpoint - removed upload method from `controller/admin.js` - moved removal of temporary files from storage to endpoint (needed to account for failed uploads) - changed and moved tests - Oversight: I think that we use `.otherwise()` and `.catch()` a bit too extensive and mask the real error objects. We probably need an error handling strategy at some point in the future.
2014-07-15 14:40:14 +04:00
authentication: authentication,
Slack integration closes #6584 - Frontend Changes: - adds 'Apps' to Navigation Menu - adds 'Slack' as nested page to Apps - adds `apps.css` - adds `slack-integration` model and uses `slack-settings` custom transform to parse JSON file - adds validation for `slack` model - adds fixtures and `slack/test` API endpoint to Mirage - adds acceptance tests for `apps-test` and `slack-test` - adds unit tests for `slack-settings` and `slack-integration` - Backend Changes: - adds API endpoint `slack/test` to send Test Notification - adds default-values for slack model - sends payload to slack: - text: the url of the blogpost / test message - icon_url: url to ghost logo - username: Ghost - adds `slack/index.js` to send webhook to slack if - a new post is published (if slack webhook url is saved in settings) - user clicks on 'Send Test Notification' in UI - adds `slack.init()` to `server.index.js` to add event listener - adds unit test for `slack/index`
2016-03-29 11:40:44 +03:00
uploads: uploads,
feature: theme upload/download/delete (#7209) refs #7204 - added 3 new themes permissions - change core/client - add theme upload/download logic - extended local file storage to serve zips - added gscan dependency - add ability to handle the express response within the api layer - restrict theme upload to local file storage - added 007 migration
2016-08-23 15:07:25 +03:00
slack: slack,
🎨 Separate invites from user refs #7420 - remove invite logic from user - add invite model and adapt affected logic for inviting team members
2016-09-21 17:48:14 +03:00
themes: themes,
✨ Allow Upload/Download of redirects.json (#9029) refs #9028 - add two new endpoints for uploading/downloading the redirects (file based) - reload/re-register redirects on runtime - migration for 1.9 to add permissions for redirects download/upload
2017-09-21 18:01:03 +03:00
invites: invites,
Webhooks support for subscriber events (#9230) no issue Support for http://resthooks.org style webhooks that can be used with Zapier triggers. This can currently be used in two ways: a) adding a webhook record to the DB manually b) using the API with password auth and POSTing to /webhooks/ (this is private API so not documented) ⚠️ only _https_ URLs are supported in the webhook `target_url` field 🚨 - add `webhooks` table to store event names and target urls - add `POST` and `DELETE` endpoints for `/webhooks/` - configure `subscribers.added` and `subscribers.deleted` events to trigger registered webhooks
2017-11-21 18:43:14 +03:00
redirects: redirects,
webhooks: webhooks
remove ghost.settings and ghost.notifications covers 90% of #755 - moved ghost.settings to api.settings - moved ghost.notifications to api.notifications - split up api/index.js to notifications.js, posts.js, settings.js, tags.js and users.js - added instance.globals as temp workaround for blogglobals (Known issue: blog title and blog description are updated after restart only) - added webroot to config() to remove `var root = ...` - changed `e` and `url` helper to async - updated tests
2013-12-06 12:51:35 +04:00
};
Full pass at inline API Docs closes #2622, ref #2125
2014-06-03 17:05:25 +04:00
/**
* ## API Methods
*
* Most API methods follow the BREAD pattern, although not all BREAD methods are available for all resources.
* Most API methods have a similar signature, they either take just `options`, or both `object` and `options`.
* For RESTful resources `object` is always a model object of the correct type in the form `name: [{object}]`
* `options` is an object with several named properties, the possibilities are listed for each method.
*
* Read / Edit / Destroy routes expect some sort of identifier (id / slug / key) for which object they are handling
*
* All API methods take a context object as one of the options:
*
* @typedef context
* Context provides information for determining permissions. Usually a user, but sometimes an app, or the internal flag
* @param {Number} user (optional)
* @param {String} app (optional)
* @param {Boolean} internal (optional)
*/
Reference in New Issue Copy Permalink