Ghost/core/server/controllers/frontend/index.js

/**
 * Main controller for Ghost frontend
 */

/*global require, module */

var api         = require('../../api'),
    config      = require('../../config'),
    filters     = require('../../filters'),
    templates   = require('./templates'),
    handleError = require('./error'),
    formatResponse = require('./format-response'),
    postLookup     = require('./post-lookup'),
    setResponseContext = require('./context'),
    setRequestIsSecure = require('./secure'),

    frontendControllers;

/*
* Sets the response context around a post and renders it
* with the current theme's post view. Used by post preview
* and single post methods.
* Returns a function that takes the post to be rendered.
*/
function renderPost(req, res) {
    return function renderPost(post) {
        var view = templates.single(req.app.get('activeTheme'), post),
            response = formatResponse.single(post);

        setResponseContext(req, res, response);
        res.render(view, response);
    };
}

frontendControllers = {
    preview: function preview(req, res, next) {
        var params = {
                uuid: req.params.uuid,
                status: 'all',
                include: 'author,tags'
            };

        api.posts.read(params).then(function then(result) {
            var post = result.posts[0];

            if (!post) {
                return next();
            }

            if (post.status === 'published') {
                return res.redirect(301, config.urlFor('post', {post: post}));
            }

            setRequestIsSecure(req, post);

            filters.doFilter('prePostsRender', post, res.locals)
                .then(renderPost(req, res));
        }).catch(handleError(next));
    },
    single: function single(req, res, next) {
        // Query database to find post
        return postLookup(req.path).then(function then(lookup) {
            var post = lookup ? lookup.post : false;

            if (!post) {
                return next();
            }

            // CASE: last param is of url is /edit, redirect to admin
            if (lookup.isEditURL) {
                return res.redirect(config.paths.subdir + '/ghost/editor/' + post.id + '/');
            }

            // CASE: permalink is not valid anymore, we redirect him permanently to the correct one
            if (post.url !== req.path) {
                return res.redirect(301, post.url);
            }

            setRequestIsSecure(req, post);

            filters.doFilter('prePostsRender', post, res.locals)
                .then(renderPost(req, res));
        }).catch(handleError(next));
    }
};

module.exports = frontendControllers;
Initial commit to GitHub repo 2013-05-11 20:44:25 +04:00			`/**`
			`* Main controller for Ghost frontend`
			`*/`

			`/global require, module /`

Split post lookup out of frontend controller no issue - move the post lookup functionality into its own file - handle the pre and post lookup checks to verify that we found the correct post - checking that the URL matches handles checking that a post looked up with pagePermalink is a page - all cases where there is no match throws a 404 directly, this could just call next() ? 2016-05-02 13:09:54 +03:00			`var api = require('../../api'),`
Frontend controller refactor & test improvements no issue - Split context out of frontend controller - Add 100% test coverage for context - Add tests for preview & improve other bits of coverage - Further refactors (WIP) will make it easier to reach 100% coverage on the frontend 2015-10-10 20:51:38 +03:00			`config = require('../../config'),`
			`filters = require('../../filters'),`
Make frontend routing dynamic & driven by channels refs #5091 - Move renderChannel to own file - Update channel config to have get/list methods - Move main routes to be generated based on the list of channels - Move RSS routes to be subroutes of channels - Move redirect301 to be a shared util - Add full test coverage - Split frontend route tests into frontend & channels 2016-02-09 17:14:24 +03:00			`templates = require('./templates'),`
Split helper functions from frontend controller no issue - Split out 'getPostPage' & rename to fetchData - Split format response methods into own files - Split out handleError - Split out setReqCtx and rename to setRequestIsSecure - Split out theme paths - Refactor tests in index_spec.js to be more robust - Add tests to bring coverage for split file up to 100% 2015-10-21 14:51:01 +03:00			`handleError = require('./error'),`
			`formatResponse = require('./format-response'),`
Split post lookup out of frontend controller no issue - move the post lookup functionality into its own file - handle the pre and post lookup checks to verify that we found the correct post - checking that the URL matches handles checking that a post looked up with pagePermalink is a page - all cases where there is no match throws a 404 directly, this could just call next() ? 2016-05-02 13:09:54 +03:00			`postLookup = require('./post-lookup'),`
Frontend controller refactor & test improvements no issue - Split context out of frontend controller - Add 100% test coverage for context - Add tests for preview & improve other bits of coverage - Further refactors (WIP) will make it easier to reach 100% coverage on the frontend 2015-10-10 20:51:38 +03:00			`setResponseContext = require('./context'),`
Make frontend routing dynamic & driven by channels refs #5091 - Move renderChannel to own file - Update channel config to have get/list methods - Move main routes to be generated based on the list of channels - Move RSS routes to be subroutes of channels - Move redirect301 to be a shared util - Add full test coverage - Split frontend route tests into frontend & channels 2016-02-09 17:14:24 +03:00			`setRequestIsSecure = require('./secure'),`
Initial commit to GitHub repo 2013-05-11 20:44:25 +04:00
Split post lookup out of frontend controller no issue - move the post lookup functionality into its own file - handle the pre and post lookup checks to verify that we found the correct post - checking that the URL matches handles checking that a post looked up with pagePermalink is a page - all cases where there is no match throws a 404 directly, this could just call next() ? 2016-05-02 13:09:54 +03:00			`frontendControllers;`
Adds support for additional permalink structures fixes #2057 - uses express’ Route object to create RegExp’s that we use to check the incoming path - refactored structure of fronted controller single tests to be easier to read - amend regex to incorporate new allowed permalink structure 2014-02-02 09:29:07 +04:00
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00			`/*`
			`* Sets the response context around a post and renders it`
			`* with the current theme's post view. Used by post preview`
			`* and single post methods.`
			`* Returns a function that takes the post to be rendered.`
			`*/`
			`function renderPost(req, res) {`
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes 2015-05-30 23:18:26 +03:00			`return function renderPost(post) {`
Unify code for picking a template to render with refs #5091 - 100% coverage for new frontend/templates file - new module handles the logic for determining which template to render with 2015-11-24 18:12:50 +03:00			`var view = templates.single(req.app.get('activeTheme'), post),`
Don't use api to lookup theme in frontend controller no issue - small fix, we already have the info, no need to look it up again 2015-10-30 22:02:06 +03:00			`response = formatResponse.single(post);`
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00
Don't use api to lookup theme in frontend controller no issue - small fix, we already have the info, no need to look it up again 2015-10-30 22:02:06 +03:00			`setResponseContext(req, res, response);`
			`res.render(view, response);`
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00			`};`
			`}`

refactors the frontend controller closes #5192 - combines homepage, author, tag routes into one function (with different hash params) - provides some abstraction for channels 2015-05-05 08:21:29 +03:00			`frontendControllers = {`
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes 2015-05-30 23:18:26 +03:00			`preview: function preview(req, res, next) {`
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00			`var params = {`
			`uuid: req.params.uuid,`
			`status: 'all',`
Don't include app fields no issue Including app fields along with tags & authors was a preoptimisation. We don't use them yet, and having them results in database calls that are unnecessary. 2016-02-11 18:03:33 +03:00			`include: 'author,tags'`
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00			`};`

Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes 2015-05-30 23:18:26 +03:00			`api.posts.read(params).then(function then(result) {`
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00			`var post = result.posts[0];`

			`if (!post) {`
			`return next();`
			`}`

			`if (post.status === 'published') {`
			`return res.redirect(301, config.urlFor('post', {post: post}));`
			`}`

Split helper functions from frontend controller no issue - Split out 'getPostPage' & rename to fetchData - Split format response methods into own files - Split out handleError - Split out setReqCtx and rename to setRequestIsSecure - Split out theme paths - Refactor tests in index_spec.js to be more robust - Add tests to bring coverage for split file up to 100% 2015-10-21 14:51:01 +03:00			`setRequestIsSecure(req, post);`
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00
			`filters.doFilter('prePostsRender', post, res.locals)`
			`.then(renderPost(req, res));`
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes 2015-05-30 23:18:26 +03:00			`}).catch(handleError(next));`
Add post preview via uuid (/p/:uuid) Refs #5097 - All drafts will show a preview link (this needs real css) - Published posts will redirect - prev/next post helpers only activate on published posts - Powered by ~10 pints between the two of us (@ErisDS, @novaugust) 2015-04-16 22:40:32 +03:00			`},`
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes 2015-05-30 23:18:26 +03:00			`single: function single(req, res, next) {`
Cache permalinks & postsPerPage on config.theme no issue - Cache the permalinks & postsPerPage settings on the config.theme object - Use the config.theme cache to reference these items throughout the frontend of a blog - Removes the need for workarounds and extra code to handle async fetches - Makes these values accessible to all themes, which is very useful now we have the API stuff 2015-12-02 13:06:44 +03:00			`// Query database to find post`
Split post lookup out of frontend controller no issue - move the post lookup functionality into its own file - handle the pre and post lookup checks to verify that we found the correct post - checking that the URL matches handles checking that a post looked up with pagePermalink is a page - all cases where there is no match throws a 404 directly, this could just call next() ? 2016-05-02 13:09:54 +03:00			`return postLookup(req.path).then(function then(lookup) {`
			`var post = lookup ? lookup.post : false;`
Adds support for additional permalink structures fixes #2057 - uses express’ Route object to create RegExp’s that we use to check the incoming path - refactored structure of fronted controller single tests to be easier to read - amend regex to incorporate new allowed permalink structure 2014-02-02 09:29:07 +04:00
			`if (!post) {`
			`return next();`
			`}`
Fix routing of posts and static pages closes #1757 and #1773 - switches routes.frontend for posts and pages to use a regex with two capturing groups. This removes the need to dynamically remove an express route at a later point, leaving the decision making to frontend controller. - added unit tests for all routing conditions that can arise for posts and pages. - updated functional tests to also test for same thing in unit tests - removes old code from server/api/index that used to fix this issue, but is no longer needed - removed some un-needed require statements in routes/admin 2013-12-30 11:03:29 +04:00
timezones: support permalinks based on current timezone issue #6406 - redirect date permalink if timezone changed - create permalinks based on blog TZ - post-lookup fn is now more generic 2016-05-18 17:27:54 +03:00			`// CASE: last param is of url is /edit, redirect to admin`
Split post lookup out of frontend controller no issue - move the post lookup functionality into its own file - handle the pre and post lookup checks to verify that we found the correct post - checking that the URL matches handles checking that a post looked up with pagePermalink is a page - all cases where there is no match throws a 404 directly, this could just call next() ? 2016-05-02 13:09:54 +03:00			`if (lookup.isEditURL) {`
			`return res.redirect(config.paths.subdir + '/ghost/editor/' + post.id + '/');`
Error handling for the frontend routes 2013-09-17 04:54:36 +04:00			`}`

timezones: support permalinks based on current timezone issue #6406 - redirect date permalink if timezone changed - create permalinks based on blog TZ - post-lookup fn is now more generic 2016-05-18 17:27:54 +03:00			`// CASE: permalink is not valid anymore, we redirect him permanently to the correct one`
			`if (post.url !== req.path) {`
			`return res.redirect(301, post.url);`
			`}`

Split post lookup out of frontend controller no issue - move the post lookup functionality into its own file - handle the pre and post lookup checks to verify that we found the correct post - checking that the URL matches handles checking that a post looked up with pagePermalink is a page - all cases where there is no match throws a 404 directly, this could just call next() ? 2016-05-02 13:09:54 +03:00			`setRequestIsSecure(req, post);`
Date permalinks use published date fixes #1803 - switches date permalinks from created_at to published_at - enforces that the post will ONLY render if the date is valid and correct 2014-01-01 19:27:39 +04:00
Split post lookup out of frontend controller no issue - move the post lookup functionality into its own file - handle the pre and post lookup checks to verify that we found the correct post - checking that the URL matches handles checking that a post looked up with pagePermalink is a page - all cases where there is no match throws a 404 directly, this could just call next() ? 2016-05-02 13:09:54 +03:00			`filters.doFilter('prePostsRender', post, res.locals)`
			`.then(renderPost(req, res));`
Ensure middleware functions are named refs #5091 - adds names to all middleware functions, for debugging purposes 2015-05-30 23:18:26 +03:00			`}).catch(handleError(next));`
added password protection closes #4993 - brings password protection to the frontend of blogs - adds testing for password protection - upgrades bcrypt-js to 2.1.0 2015-03-26 10:01:39 +03:00			`}`
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files 2013-06-25 15:43:15 +04:00			`};`
Initial commit to GitHub repo 2013-05-11 20:44:25 +04:00
Unpublished Post should not be accessible fixes #1162 2013-10-18 21:18:49 +04:00			`module.exports = frontendControllers;`