TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-24 06:35:49 +03:00
Code Issues Projects Releases Wiki Activity
f022e8486d
Ghost/core/server/controllers/admin.js

248 lines
7.8 KiB
JavaScript
Raw Normal View History

Cleanup indentation and quotes Aligns all requirements vertically for easier reading + adds single quote standard consistently throughout Ghost, except in long strings.
2013-09-24 14:46:30 +04:00
var Ghost = require('../../ghost'),
_ = require('underscore'),
path = require('path'),
api = require('../api'),
errors = require('../errorHandling'),
image upload controller refactor issue #635 - upload controller shouldn't assume fs - filesystem module proxies all the fs work - proxies and exposes middleware for serving images - creating a date based path and unique filename is a base object util - unit tests updated
2013-11-07 20:00:39 +04:00
storage = require('../storage'),
Cleanup indentation and quotes Aligns all requirements vertically for easier reading + adds single quote standard consistently throughout Ghost, except in long strings.
2013-09-24 14:46:30 +04:00
ghost = new Ghost(),
dataProvider = ghost.dataProvider,
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
adminNavbar,
Added brute force protection to login Closes half of #468 * adds a 2 second limit until you can retry logging in, otherwise sends you a 401. * bounce: 2ms, checks the pw: 254ms on my machine * added a test to the casper suite
2013-08-22 23:48:36 +04:00
adminControllers,
loginSecurity = [];
Initial commit to GitHub repo
2013-05-11 20:44:25 +04:00
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
// TODO: combine path/navClass to single "slug(?)" variable with no prefix
adminNavbar = {
content: {
name: 'Content',
navClass: 'content',
key: 'admin.navbar.content',
Temporarily removed the Dashboard and all references This also updates the CasperJS to match the new changes.
2013-09-11 18:38:09 +04:00
path: '/'
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
add: {
name: 'New Post',
navClass: 'editor',
key: 'admin.navbar.editor',
path: '/editor/'
},
settings: {
name: 'Settings',
navClass: 'settings',
key: 'admin.navbar.settings',
path: '/settings/'
}
};
Initial commit to GitHub repo
2013-05-11 20:44:25 +04:00
Added brute force protection to login Closes half of #468 * adds a 2 second limit until you can retry logging in, otherwise sends you a 401. * bounce: 2ms, checks the pw: 254ms on my machine * added a test to the casper suite
2013-08-22 23:48:36 +04:00
Fixing up some inconsistent TODO: items.
2013-06-25 20:58:26 +04:00
// TODO: make this a util or helper
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
function setSelected(list, name) {
_.each(list, function (item, key) {
item.selected = key === name;
#25: admin navbar and filter
2013-05-29 04:10:39 +04:00
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
return list;
}
#25: admin navbar and filter
2013-05-29 04:10:39 +04:00
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
adminControllers = {
Added image upload reusable plugin issue #40 and issue #280 - Adds uploader jquery plugin - includes settings for enabling/disabling upload progress bar - adds routing for image uploads - adds directories by year and month based on upload date - Implements plugin on settings - general pane - Implements plugin on editor - adjusted general tab to save uploaded image src TODO: - Add error handling - Storing information on editor - Add events
2013-08-05 21:31:29 +04:00
'uploader': function (req, res) {
Moving file system storage to a module issue #635 - refactored file system storage into module - convert save to return a promise - convert admin controller to use storage module
2013-09-28 17:54:26 +04:00
var type = req.files.uploadimage.type,
fixes extensions bug for image uploader - extensions set to lowercase - changed navigation images to hyphenated names and corrected references
2013-08-14 00:04:07 +04:00
ext = path.extname(req.files.uploadimage.name).toLowerCase(),
image upload controller refactor issue #635 - upload controller shouldn't assume fs - filesystem module proxies all the fs work - proxies and exposes middleware for serving images - creating a date based path and unique filename is a base object util - unit tests updated
2013-11-07 20:00:39 +04:00
store = storage.get_storage();
Moving file system storage to a module issue #635 - refactored file system storage into module - convert save to return a promise - convert admin controller to use storage module
2013-09-28 17:54:26 +04:00
if ((type !== 'image/jpeg' && type !== 'image/png' && type !== 'image/gif')
|| (ext !== '.jpg' && ext !== '.jpeg' && ext !== '.png' && ext !== '.gif')) {
return res.send(415, 'Unsupported Media Type');
}
Added image upload reusable plugin issue #40 and issue #280 - Adds uploader jquery plugin - includes settings for enabling/disabling upload progress bar - adds routing for image uploads - adds directories by year and month based on upload date - Implements plugin on settings - general pane - Implements plugin on editor - adjusted general tab to save uploaded image src TODO: - Add error handling - Storing information on editor - Add events
2013-08-05 21:31:29 +04:00
image upload controller refactor issue #635 - upload controller shouldn't assume fs - filesystem module proxies all the fs work - proxies and exposes middleware for serving images - creating a date based path and unique filename is a base object util - unit tests updated
2013-11-07 20:00:39 +04:00
store
.save(req.files.uploadimage)
Moving file system storage to a module issue #635 - refactored file system storage into module - convert save to return a promise - convert admin controller to use storage module
2013-09-28 17:54:26 +04:00
.then(function (url) {
image upload controller refactor issue #635 - upload controller shouldn't assume fs - filesystem module proxies all the fs work - proxies and exposes middleware for serving images - creating a date based path and unique filename is a base object util - unit tests updated
2013-11-07 20:00:39 +04:00
return res.send(url);
Moving file system storage to a module issue #635 - refactored file system storage into module - convert save to return a promise - convert admin controller to use storage module
2013-09-28 17:54:26 +04:00
})
.otherwise(function (e) {
return errors.logError(e);
Added image upload reusable plugin issue #40 and issue #280 - Adds uploader jquery plugin - includes settings for enabling/disabling upload progress bar - adds routing for image uploads - adds directories by year and month based on upload date - Implements plugin on settings - general pane - Implements plugin on editor - adjusted general tab to save uploaded image src TODO: - Add error handling - Storing information on editor - Add events
2013-08-05 21:31:29 +04:00
});
},
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
'login': function (req, res) {
Remove unparam:true from jslint config in Gruntfile.js issue #1365 - added /*jslint unparam:true*/ to functions where absolutely necessary - added /*jslint unparam:true*/ to functions in which keeping parameter list added clarity to the underlying api, even when those parameters are not currently used - removed unused parameters in a few places
2013-10-31 22:02:34 +04:00
/*jslint unparam:true*/
Improved Auth screen markup and validation checks * Signup now focuses on 'name' on load * Fixed fade in on auth forms to work with `display: table` * The 'name' field is required on Sign up forms * The length check on the Signup form is in order of inputs * Added check for password length * Changed the auth form class names to better represent individual pages * Updated CasperJS tests
2013-09-12 12:59:58 +04:00
res.render('login', {
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
bodyClass: 'ghost-login',
hideNavbar: true,
adminNav: setSelected(adminNavbar, 'login')
Initial commit to GitHub repo
2013-05-11 20:44:25 +04:00
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
'auth': function (req, res) {
Added brute force protection to login Closes half of #468 * adds a 2 second limit until you can retry logging in, otherwise sends you a 401. * bounce: 2ms, checks the pw: 254ms on my machine * added a test to the casper suite
2013-08-22 23:48:36 +04:00
var currentTime = process.hrtime()[0],
denied = '';
loginSecurity = _.filter(loginSecurity, function (ipTime) {
return (ipTime.time + 2 > currentTime);
});
denied = _.find(loginSecurity, function (ipTime) {
return (ipTime.ip === req.connection.remoteAddress);
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
});
Added brute force protection to login Closes half of #468 * adds a 2 second limit until you can retry logging in, otherwise sends you a 401. * bounce: 2ms, checks the pw: 254ms on my machine * added a test to the casper suite
2013-08-22 23:48:36 +04:00
if (!denied) {
loginSecurity.push({ip: req.connection.remoteAddress, time: process.hrtime()[0]});
api.users.check({email: req.body.email, pw: req.body.password}).then(function (user) {
req.session.user = user.id;
res.json(200, {redirect: req.body.redirect ? '/ghost/'
+ decodeURIComponent(req.body.redirect) : '/ghost/'});
}, function (error) {
res.json(401, {error: error.message});
});
} else {
res.json(401, {error: 'Slow down, there are way too many login attempts!'});
}
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
Added quotes to changepw admin controller
2013-10-25 22:11:33 +04:00
'changepw': function (req, res) {
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
api.users.changePassword({
Current user added Closes #340. Closes #375 * Replaced session with id of current user * Added method to ghostlocals to always send profile picture and full name to templates (template checks if falsy) * Modified user saving (`forge().set(new).save()` died on me, `forge().save(new)` didn't) * If user has profile picture, that will be used * If user has name, that will be used * Password changing doesn't care about your email. Uses cookies. Tasty! * User pane uses current user id. Had to set path to me, otherwise goes to `browse` instead of `read`. * Added logic to user api to check for `id === 'me'`, and then use the cookie value * User data saves are now correct * There is no logout error
2013-08-09 05:22:49 +04:00
currentUser: req.session.user,
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
oldpw: req.body.password,
newpw: req.body.newpassword,
ne2pw: req.body.ne2password
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
}).then(function () {
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
res.json(200, {msg: 'Password changed successfully'});
}, function (error) {
Validation consistency - introduced validation method in the post and user model - moved signup validation onto model - consistent use of validation & error messaging in the admin UI - helper methods in base view moved to a utils object
2013-08-20 22:52:44 +04:00
res.send(401, {error: error.message});
Users can change password Closes #282 * Added a new route * Added new methods * Triple security! * Passwords are actually changed * Also added a change password button, because 'save' has too much baggage. On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords. Caveats: * didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh? * Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 03:49:06 +04:00
});
},
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
'signup': function (req, res) {
Remove unparam:true from jslint config in Gruntfile.js issue #1365 - added /*jslint unparam:true*/ to functions where absolutely necessary - added /*jslint unparam:true*/ to functions in which keeping parameter list added clarity to the underlying api, even when those parameters are not currently used - removed unused parameters in a few places
2013-10-31 22:02:34 +04:00
/*jslint unparam:true*/
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
res.render('signup', {
Improved Auth screen markup and validation checks * Signup now focuses on 'name' on load * Fixed fade in on auth forms to work with `display: table` * The 'name' field is required on Sign up forms * The length check on the Signup form is in order of inputs * Added check for password length * Changed the auth form class names to better represent individual pages * Updated CasperJS tests
2013-09-12 12:59:58 +04:00
bodyClass: 'ghost-signup',
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
hideNavbar: true,
adminNav: setSelected(adminNavbar, 'login')
});
},
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
'doRegister': function (req, res) {
Input signup name into user profile
2013-09-08 23:16:40 +04:00
var name = req.body.name,
email = req.body.email,
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
password = req.body.password;
Initial commit to GitHub repo
2013-05-11 20:44:25 +04:00
Added validation for signup and login screens Closes #374 * Included node-validator as a package * Implemented server side validation (the client side js is a mess, need a LOT of work) * Validates email address both on signup and login screens, gives error message on malformed email addresses * Requires at least 8 chars of password * Tells user if password is too short * Tells user if no such user on login * Tells user if wrong password on login * Tells user if server responds with a 404 (goes away, dies, etc) * Added middleware between req and login / signup for validation
2013-08-19 01:50:42 +04:00
api.users.add({
Mass renaming of things Conflicts: core/client/views/settings.js core/server/models/user.js
2013-09-12 02:04:49 +04:00
name: name,
email: email,
Added validation for signup and login screens Closes #374 * Included node-validator as a package * Implemented server side validation (the client side js is a mess, need a LOT of work) * Validates email address both on signup and login screens, gives error message on malformed email addresses * Requires at least 8 chars of password * Tells user if password is too short * Tells user if no such user on login * Tells user if wrong password on login * Tells user if server responds with a 404 (goes away, dies, etc) * Added middleware between req and login / signup for validation
2013-08-19 01:50:42 +04:00
password: password
}).then(function (user) {
Populating admin email with user signup email closes #775
2013-09-17 06:08:36 +04:00
api.settings.edit('email', email).then(function () {
if (req.session.user === undefined) {
req.session.user = user.id;
}
res.json(200, {redirect: '/ghost/'});
});
}).otherwise(function (error) {
Added validation for signup and login screens Closes #374 * Included node-validator as a package * Implemented server side validation (the client side js is a mess, need a LOT of work) * Validates email address both on signup and login screens, gives error message on malformed email addresses * Requires at least 8 chars of password * Tells user if password is too short * Tells user if no such user on login * Tells user if wrong password on login * Tells user if server responds with a 404 (goes away, dies, etc) * Added middleware between req and login / signup for validation
2013-08-19 01:50:42 +04:00
res.json(401, {error: error.message});
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
'forgotten': function (req, res) {
Remove unparam:true from jslint config in Gruntfile.js issue #1365 - added /*jslint unparam:true*/ to functions where absolutely necessary - added /*jslint unparam:true*/ to functions in which keeping parameter list added clarity to the underlying api, even when those parameters are not currently used - removed unused parameters in a few places
2013-10-31 22:02:34 +04:00
/*jslint unparam:true*/
Improved Auth screen markup and validation checks * Signup now focuses on 'name' on load * Fixed fade in on auth forms to work with `display: table` * The 'name' field is required on Sign up forms * The length check on the Signup form is in order of inputs * Added check for password length * Changed the auth form class names to better represent individual pages * Updated CasperJS tests
2013-09-12 12:59:58 +04:00
res.render('forgotten', {
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
bodyClass: 'ghost-forgotten',
hideNavbar: true,
adminNav: setSelected(adminNavbar, 'login')
});
},
'resetPassword': function (req, res) {
var email = req.body.email;
api.users.forgottenPassword(email).then(function (user) {
var message = {
to: email,
subject: 'Your new password',
html: "<p><strong>Hello!</strong></p>" +
Updating forgotten password email template closes #288 - added sign off using url from config
2013-09-09 14:51:12 +04:00
"<p>You've reset your password. Here's the new one: " + user.newPassword + "</p>" +
"<p>Ghost <br/>" +
Clean up config (drop 'env') closes #628 - removed .env from config.js - ghost.config() returns correct config for NODE_ENV - removed .env[process.env.NODE_ENV] - updated tests - deleted users.hbs, plugins.hbs, appearance.hbs (forgot to delete in PR #649)
2013-09-11 19:23:07 +04:00
'<a href="' + ghost.config().url + '">' +
ghost.config().url + '</a></p>'
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
};
Email errors & cleanup closes #618 - don't send a welcome email. This appeared to be breaking tests. - make sure we handle errors from sending emails properly - use promises when adding notifications
2013-09-04 17:57:41 +04:00
return ghost.mail.send(message);
}).then(function success() {
var notification = {
type: 'success',
message: 'Your password was changed successfully. Check your email for details.',
status: 'passive',
id: 'successresetpw'
};
return api.notifications.add(notification).then(function () {
res.json(200, {redirect: '/ghost/signin/'});
});
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
Email errors & cleanup closes #618 - don't send a welcome email. This appeared to be breaking tests. - make sure we handle errors from sending emails properly - use promises when adding notifications
2013-09-04 17:57:41 +04:00
}, function failure(error) {
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
res.json(401, {error: error.message});
Email errors & cleanup closes #618 - don't send a welcome email. This appeared to be breaking tests. - make sure we handle errors from sending emails properly - use promises when adding notifications
2013-09-04 17:57:41 +04:00
}).otherwise(errors.logAndThrowError);
Repaired email sending, implement password reset Closes #288 * I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`) * Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 02:20:12 +04:00
},
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
'logout': function (req, res) {
Revert sessions to cookieSessions no issue - modified sessions to use cookieSession - set max-age to 12 hrs - modified logout to delete cookie completely
2013-10-18 15:24:01 +04:00
req.session = null;
Email errors & cleanup closes #618 - don't send a welcome email. This appeared to be breaking tests. - make sure we handle errors from sending emails properly - use promises when adding notifications
2013-09-04 17:57:41 +04:00
var notification = {
Removed flash, renamed file, unbroken logout / login request notifications Closes #354 * Reintroduced the redirect functionality (not logged in, tries to go to `/settings/user/`, is sent to `/login/` with info notification, after login user is taken to `/settings/user/) * Reintroduced the "Successfully logged out" message * Added middleware to scrub passive notifications from `ghost.notifications` after one use basically mimicing client side passive notifications * Removed flash from everywhere. Even from package.json. * Renamed flashed.hbs to notifications.hbs, modified default.hbs accordingly * Added function to parse GET variables on client side
2013-08-20 03:40:09 +04:00
type: 'success',
Rename /logout/ to /signout/ and /login/ to /signin/ Closes #443 - Renamed routes - Added redirects for old routes - Added unit test for redirect - Updated references to old routes in templates, html
2013-08-24 21:35:31 +04:00
message: 'You were successfully signed out',
Removed flash, renamed file, unbroken logout / login request notifications Closes #354 * Reintroduced the redirect functionality (not logged in, tries to go to `/settings/user/`, is sent to `/login/` with info notification, after login user is taken to `/settings/user/) * Reintroduced the "Successfully logged out" message * Added middleware to scrub passive notifications from `ghost.notifications` after one use basically mimicing client side passive notifications * Removed flash from everywhere. Even from package.json. * Renamed flashed.hbs to notifications.hbs, modified default.hbs accordingly * Added function to parse GET variables on client side
2013-08-20 03:40:09 +04:00
status: 'passive',
id: 'successlogout'
};
Email errors & cleanup closes #618 - don't send a welcome email. This appeared to be breaking tests. - make sure we handle errors from sending emails properly - use promises when adding notifications
2013-09-04 17:57:41 +04:00
return api.notifications.add(notification).then(function () {
res.redirect('/ghost/signin/');
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
'index': function (req, res) {
Remove unparam:true from jslint config in Gruntfile.js issue #1365 - added /*jslint unparam:true*/ to functions where absolutely necessary - added /*jslint unparam:true*/ to functions in which keeping parameter list added clarity to the underlying api, even when those parameters are not currently used - removed unused parameters in a few places
2013-10-31 22:02:34 +04:00
/*jslint unparam:true*/
Temporarily removed the Dashboard and all references This also updates the CasperJS to match the new changes.
2013-09-11 18:38:09 +04:00
res.render('content', {
bodyClass: 'manage',
adminNav: setSelected(adminNavbar, 'content')
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
});
},
'editor': function (req, res) {
if (req.params.id !== undefined) {
Removing api calls from server side closes #603, issue #395 - Changed hard-coded 'JOE BLOGGS' to use author data - We still had api calls loading data server side before rendering pages.. which is unnecessary. - Only thing using this was editor title, which is now populated client side - May improve content screen load time.
2013-09-05 00:05:36 +04:00
res.render('editor', {
bodyClass: 'editor',
adminNav: setSelected(adminNavbar, 'content')
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
} else {
res.render('editor', {
bodyClass: 'editor',
adminNav: setSelected(adminNavbar, 'add')
});
}
},
'content': function (req, res) {
Remove unparam:true from jslint config in Gruntfile.js issue #1365 - added /*jslint unparam:true*/ to functions where absolutely necessary - added /*jslint unparam:true*/ to functions in which keeping parameter list added clarity to the underlying api, even when those parameters are not currently used - removed unused parameters in a few places
2013-10-31 22:02:34 +04:00
/*jslint unparam:true*/
Removing api calls from server side closes #603, issue #395 - Changed hard-coded 'JOE BLOGGS' to use author data - We still had api calls loading data server side before rendering pages.. which is unnecessary. - Only thing using this was editor title, which is now populated client side - May improve content screen load time.
2013-09-05 00:05:36 +04:00
res.render('content', {
bodyClass: 'manage',
adminNav: setSelected(adminNavbar, 'content')
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
Settings: Return 404 for unrecognised pages Fixes #798 - Now checks the request URL against a whitelist to determine whether the settings page exists. **Notes** - This works in the short term, but a better solution for enumerating the available settings views or centralising a list of recognised views that are available to client side code, (the router and sidebar, among others) as well as the backend controller will be required.
2013-09-18 06:31:43 +04:00
'settings': function (req, res, next) {
// TODO: Centralise list/enumeration of settings panes, so we don't
// run into trouble in future.
Cleanup indentation and quotes Aligns all requirements vertically for easier reading + adds single quote standard consistently throughout Ghost, except in long strings.
2013-09-24 14:46:30 +04:00
var allowedSections = ['', 'general', 'user'],
section = req.url.replace(/(^\/ghost\/settings[\/]*|\/$)/ig, '');
Settings: Return 404 for unrecognised pages Fixes #798 - Now checks the request URL against a whitelist to determine whether the settings page exists. **Notes** - This works in the short term, but a better solution for enumerating the available settings views or centralising a list of recognised views that are available to client side code, (the router and sidebar, among others) as well as the backend controller will be required.
2013-09-18 06:31:43 +04:00
if (allowedSections.indexOf(section) < 0) {
return next();
}
Removing api calls from server side closes #603, issue #395 - Changed hard-coded 'JOE BLOGGS' to use author data - We still had api calls loading data server side before rendering pages.. which is unnecessary. - Only thing using this was editor title, which is now populated client side - May improve content screen load time.
2013-09-05 00:05:36 +04:00
res.render('settings', {
bodyClass: 'settings',
adminNav: setSelected(adminNavbar, 'settings')
});
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
},
'debug': { /* ugly temporary stuff for managing the app before it's properly finished */
index: function (req, res) {
Remove unparam:true from jslint config in Gruntfile.js issue #1365 - added /*jslint unparam:true*/ to functions where absolutely necessary - added /*jslint unparam:true*/ to functions in which keeping parameter list added clarity to the underlying api, even when those parameters are not currently used - removed unused parameters in a few places
2013-10-31 22:02:34 +04:00
/*jslint unparam:true*/
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
res.render('debug', {
bodyClass: 'settings',
adminNav: setSelected(adminNavbar, 'settings')
});
Initial commit to GitHub repo
2013-05-11 20:44:25 +04:00
}
issue #58 - removing the iiwf Function wrapper and use strict pragma removed from all node files
2013-06-25 15:43:15 +04:00
}
};
Initial commit to GitHub repo
2013-05-11 20:44:25 +04:00
Current user added Closes #340. Closes #375 * Replaced session with id of current user * Added method to ghostlocals to always send profile picture and full name to templates (template checks if falsy) * Modified user saving (`forge().set(new).save()` died on me, `forge().save(new)` didn't) * If user has profile picture, that will be used * If user has name, that will be used * Password changing doesn't care about your email. Uses cookies. Tasty! * User pane uses current user id. Had to set path to me, otherwise goes to `browse` instead of `read`. * Added logic to user api to check for `id === 'me'`, and then use the cookie value * User data saves are now correct * There is no logout error
2013-08-09 05:22:49 +04:00
module.exports = adminControllers;
Reference in New Issue Copy Permalink