mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-25 11:55:03 +03:00
🐛 Fixed field filtering for /authors/:id endpoints
closes #10512 - Removed field filtering in blog owner fetching because it didn't work before (fields weren't reduced) and now broke generated sql queries (ambiguous id field)
This commit is contained in:
parent
62c4ae119d
commit
30c005f848
@ -8,7 +8,7 @@ const extraAttrs = require('./extra-attrs');
|
||||
const mapUser = (model, frame) => {
|
||||
const jsonModel = model.toJSON ? model.toJSON(frame.options) : model;
|
||||
|
||||
url.forUser(model.id, jsonModel);
|
||||
url.forUser(model.id, jsonModel, frame.options);
|
||||
|
||||
clean.author(jsonModel, frame);
|
||||
|
||||
|
@ -40,8 +40,10 @@ const forPost = (id, attrs, options) => {
|
||||
return attrs;
|
||||
};
|
||||
|
||||
const forUser = (id, attrs) => {
|
||||
attrs.url = urlService.getUrlByResourceId(id, {absolute: true});
|
||||
const forUser = (id, attrs, options) => {
|
||||
if (!options.columns || (options.columns && options.columns.includes('url'))) {
|
||||
attrs.url = urlService.getUrlByResourceId(id, {absolute: true});
|
||||
}
|
||||
|
||||
if (attrs.profile_image) {
|
||||
attrs.profile_image = urlService.utils.urlFor('image', {image: attrs.profile_image}, true);
|
||||
|
@ -687,7 +687,7 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
|
||||
case 'edit':
|
||||
return baseOptions.concat(extraOptions, ['id', 'require']);
|
||||
case 'findOne':
|
||||
return baseOptions.concat(extraOptions, ['require']);
|
||||
return baseOptions.concat(extraOptions, ['columns', 'require']);
|
||||
case 'findAll':
|
||||
return baseOptions.concat(extraOptions, ['columns']);
|
||||
case 'findPage':
|
||||
|
@ -242,7 +242,7 @@ module.exports.extendModel = function extendModel(Post, Posts, ghostBookshelf) {
|
||||
ops.push(() => {
|
||||
return ghostBookshelf
|
||||
.model('User')
|
||||
.getOwnerUser(Object.assign({columns: ['id']}, _.pick(options, 'transacting')))
|
||||
.getOwnerUser(Object.assign({}, _.pick(options, 'transacting')))
|
||||
.then((_ownerUser) => {
|
||||
ownerUser = _ownerUser;
|
||||
});
|
||||
|
41
core/test/regression/api/v2/content/authors_spec.js
Normal file
41
core/test/regression/api/v2/content/authors_spec.js
Normal file
@ -0,0 +1,41 @@
|
||||
const should = require('should');
|
||||
const supertest = require('supertest');
|
||||
const localUtils = require('./utils');
|
||||
const testUtils = require('../../../../utils');
|
||||
const configUtils = require('../../../../utils/configUtils');
|
||||
const config = require('../../../../../server/config');
|
||||
|
||||
const ghost = testUtils.startGhost;
|
||||
|
||||
describe('Authors Content API', function () {
|
||||
const validKey = localUtils.getValidKey();
|
||||
let request;
|
||||
|
||||
before(function () {
|
||||
return ghost()
|
||||
.then(function (_ghostServer) {
|
||||
request = supertest.agent(config.get('url'));
|
||||
})
|
||||
.then(function () {
|
||||
return testUtils.initFixtures('owner:post', 'users:no-owner', 'user:inactive', 'posts', 'api_keys');
|
||||
});
|
||||
});
|
||||
|
||||
afterEach(function () {
|
||||
configUtils.restore();
|
||||
});
|
||||
|
||||
it('can read authors with fields', function () {
|
||||
return request.get(localUtils.API.getApiQuery(`authors/1/?key=${validKey}&fields=name`))
|
||||
.set('Origin', testUtils.API.getURL())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect('Cache-Control', testUtils.cacheRules.private)
|
||||
.expect(200)
|
||||
.then((res) => {
|
||||
should.not.exist(res.headers['x-cache-invalidate']);
|
||||
|
||||
// We don't expose any other attrs.
|
||||
localUtils.API.checkResponse(res.body.authors[0], 'author', null, null, ['id', 'name']);
|
||||
});
|
||||
});
|
||||
});
|
@ -75,7 +75,7 @@ describe('Unit: v2/utils/serializers/output/utils/mapper', () => {
|
||||
urlUtil.forUser.callCount.should.equal(1);
|
||||
|
||||
urlUtil.forTag.getCall(0).args.should.eql(['id3', {id: 'id3', feature_image: 'value'}, frame.options]);
|
||||
urlUtil.forUser.getCall(0).args.should.eql(['id4', {name: 'Ghosty', id: 'id4'}]);
|
||||
urlUtil.forUser.getCall(0).args.should.eql(['id4', {name: 'Ghosty', id: 'id4'}, frame.options]);
|
||||
});
|
||||
});
|
||||
|
||||
@ -103,7 +103,7 @@ describe('Unit: v2/utils/serializers/output/utils/mapper', () => {
|
||||
mapper.mapUser(user, frame);
|
||||
|
||||
urlUtil.forUser.callCount.should.equal(1);
|
||||
urlUtil.forUser.getCall(0).args.should.eql(['id1', user]);
|
||||
urlUtil.forUser.getCall(0).args.should.eql(['id1', user, frame.options]);
|
||||
});
|
||||
});
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user