From 23fed961e57a331471f6afb93cb172d6d8a75554 Mon Sep 17 00:00:00 2001 From: kirrg001 Date: Mon, 25 Feb 2019 09:16:32 +0100 Subject: [PATCH] Removed requirement to provide authors for admin api keys no issue - we just fallback to owner user - reason: consistent with how the importer works, easier to work with the API --- .../api/v2/utils/validators/input/pages.js | 22 ------------------- .../api/v2/utils/validators/input/posts.js | 22 ------------------- .../old/admin/key_authentication_spec.js | 13 ++++++----- 3 files changed, 7 insertions(+), 50 deletions(-) diff --git a/core/server/api/v2/utils/validators/input/pages.js b/core/server/api/v2/utils/validators/input/pages.js index 32278db571..91eed3b0c6 100644 --- a/core/server/api/v2/utils/validators/input/pages.js +++ b/core/server/api/v2/utils/validators/input/pages.js @@ -1,29 +1,7 @@ -const Promise = require('bluebird'); -const common = require('../../../../../lib/common'); -const utils = require('../../index'); const jsonSchema = require('../utils/json-schema'); module.exports = { add(apiConfig, frame) { - /** - * @NOTE: - * - * Session authentication does not require authors, because the logged in user - * becomes the primary author. - * - * Admin API key requires sending authors, because there is no user id. - */ - if (utils.isAdminAPIKey(frame)) { - if (!frame.data.pages[0].hasOwnProperty('authors')) { - return Promise.reject(new common.errors.ValidationError({ - message: common.i18n.t('notices.data.validation.index.validationFailed', { - validationName: 'FieldIsRequired', - key: '"authors"' - }) - })); - } - } - const schema = require(`./schemas/pages-add`); const definitions = require('./schemas/pages'); return jsonSchema.validate(schema, definitions, frame.data); diff --git a/core/server/api/v2/utils/validators/input/posts.js b/core/server/api/v2/utils/validators/input/posts.js index 91ece687e8..a29df595ae 100644 --- a/core/server/api/v2/utils/validators/input/posts.js +++ b/core/server/api/v2/utils/validators/input/posts.js @@ -1,29 +1,7 @@ -const Promise = require('bluebird'); -const common = require('../../../../../lib/common'); -const utils = require('../../index'); const jsonSchema = require('../utils/json-schema'); module.exports = { add(apiConfig, frame) { - /** - * @NOTE: - * - * Session authentication does not require authors, because the logged in user - * becomes the primary author. - * - * Admin API key requires sending authors, because there is no user id. - */ - if (utils.isAdminAPIKey(frame)) { - if (!frame.data.posts[0].hasOwnProperty('authors')) { - return Promise.reject(new common.errors.ValidationError({ - message: common.i18n.t('notices.data.validation.index.validationFailed', { - validationName: 'FieldIsRequired', - key: '"authors"' - }) - })); - } - } - const schema = require(`./schemas/posts-add`); const definitions = require('./schemas/posts'); return jsonSchema.validate(schema, definitions, frame.data); diff --git a/core/test/acceptance/old/admin/key_authentication_spec.js b/core/test/acceptance/old/admin/key_authentication_spec.js index da0696ba72..c9aaf05d8a 100644 --- a/core/test/acceptance/old/admin/key_authentication_spec.js +++ b/core/test/acceptance/old/admin/key_authentication_spec.js @@ -44,16 +44,13 @@ describe('Admin API key authentication', function () { .expect(200); }); - it('Can access add endpoint with correct token', function () { + it('Can create post', function () { const post = { - authors: [{ - id: testUtils.DataGenerator.Content.users[0].id - }], title: 'Post created with api_key' }; return request - .post(localUtils.API.getApiQuery('posts/')) + .post(localUtils.API.getApiQuery('posts/?include=authors')) .set('Origin', config.get('url')) .set('Authorization', `Ghost ${localUtils.getValidAdminToken('/v2/admin/')}`) .send({ @@ -61,6 +58,10 @@ describe('Admin API key authentication', function () { }) .expect('Content-Type', /json/) .expect('Cache-Control', testUtils.cacheRules.private) - .expect(201); + .expect(201) + .then((res) => { + // falls back to owner user + res.body.posts[0].authors.length.should.eql(1); + }); }); });