Removed requirement to provide authors for admin api keys

no issue

- we just fallback to owner user
- reason: consistent with how the importer works, easier to work with the API

core/server/api/v2/utils/validators/input/pages.js

@@ -1,29 +1,7 @@
-const Promise = require('bluebird');
-const common = require('../../../../../lib/common');
-const utils = require('../../index');
 const jsonSchema = require('../utils/json-schema');
 
 module.exports = {
     add(apiConfig, frame) {
-        /**
-         * @NOTE:
-         *
-         * Session authentication does not require authors, because the logged in user
-         * becomes the primary author.
-         *
-         * Admin API key requires sending authors, because there is no user id.
-         */
-        if (utils.isAdminAPIKey(frame)) {
-            if (!frame.data.pages[0].hasOwnProperty('authors')) {
-                return Promise.reject(new common.errors.ValidationError({
-                    message: common.i18n.t('notices.data.validation.index.validationFailed', {
-                        validationName: 'FieldIsRequired',
-                        key: '"authors"'
-                    })
-                }));
-            }
-        }
-
         const schema = require(`./schemas/pages-add`);
         const definitions = require('./schemas/pages');
         return jsonSchema.validate(schema, definitions, frame.data);

core/server/api/v2/utils/validators/input/posts.js

@@ -1,29 +1,7 @@
-const Promise = require('bluebird');
-const common = require('../../../../../lib/common');
-const utils = require('../../index');
 const jsonSchema = require('../utils/json-schema');
 
 module.exports = {
     add(apiConfig, frame) {
-        /**
-         * @NOTE:
-         *
-         * Session authentication does not require authors, because the logged in user
-         * becomes the primary author.
-         *
-         * Admin API key requires sending authors, because there is no user id.
-         */
-        if (utils.isAdminAPIKey(frame)) {
-            if (!frame.data.posts[0].hasOwnProperty('authors')) {
-                return Promise.reject(new common.errors.ValidationError({
-                    message: common.i18n.t('notices.data.validation.index.validationFailed', {
-                        validationName: 'FieldIsRequired',
-                        key: '"authors"'
-                    })
-                }));
-            }
-        }
-
         const schema = require(`./schemas/posts-add`);
         const definitions = require('./schemas/posts');
         return jsonSchema.validate(schema, definitions, frame.data);

core/test/acceptance/old/admin/key_authentication_spec.js

@@ -44,16 +44,13 @@ describe('Admin API key authentication', function () {
             .expect(200);
     });
 
-    it('Can access add endpoint with correct token', function () {
+    it('Can create post', function () {
         const post = {
-            authors: [{
-                id: testUtils.DataGenerator.Content.users[0].id
-            }],
             title: 'Post created with api_key'
         };
 
         return request
-            .post(localUtils.API.getApiQuery('posts/'))
+            .post(localUtils.API.getApiQuery('posts/?include=authors'))
             .set('Origin', config.get('url'))
             .set('Authorization', `Ghost ${localUtils.getValidAdminToken('/v2/admin/')}`)
             .send({
@@ -61,6 +58,10 @@ describe('Admin API key authentication', function () {
             })
             .expect('Content-Type', /json/)
             .expect('Cache-Control', testUtils.cacheRules.private)
-            .expect(201);
+            .expect(201)
+            .then((res) => {
+                // falls back to owner user
+                res.body.posts[0].authors.length.should.eql(1);
+            });
     });
 });