🐛 Fixed field filtering for /authors/:id endpoints

closes #10512

- Removed field filtering in blog owner fetching because it didn't work before (fields weren't reduced) and now broke generated sql queries (ambiguous id field)
This commit is contained in:
Nazar Gargol 2019-03-05 15:18:32 +08:00
parent 62c4ae119d
commit 30c005f848
6 changed files with 50 additions and 7 deletions

View File

@ -8,7 +8,7 @@ const extraAttrs = require('./extra-attrs');
const mapUser = (model, frame) => {
const jsonModel = model.toJSON ? model.toJSON(frame.options) : model;
url.forUser(model.id, jsonModel);
url.forUser(model.id, jsonModel, frame.options);
clean.author(jsonModel, frame);

View File

@ -40,8 +40,10 @@ const forPost = (id, attrs, options) => {
return attrs;
};
const forUser = (id, attrs) => {
attrs.url = urlService.getUrlByResourceId(id, {absolute: true});
const forUser = (id, attrs, options) => {
if (!options.columns || (options.columns && options.columns.includes('url'))) {
attrs.url = urlService.getUrlByResourceId(id, {absolute: true});
}
if (attrs.profile_image) {
attrs.profile_image = urlService.utils.urlFor('image', {image: attrs.profile_image}, true);

View File

@ -687,7 +687,7 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
case 'edit':
return baseOptions.concat(extraOptions, ['id', 'require']);
case 'findOne':
return baseOptions.concat(extraOptions, ['require']);
return baseOptions.concat(extraOptions, ['columns', 'require']);
case 'findAll':
return baseOptions.concat(extraOptions, ['columns']);
case 'findPage':

View File

@ -242,7 +242,7 @@ module.exports.extendModel = function extendModel(Post, Posts, ghostBookshelf) {
ops.push(() => {
return ghostBookshelf
.model('User')
.getOwnerUser(Object.assign({columns: ['id']}, _.pick(options, 'transacting')))
.getOwnerUser(Object.assign({}, _.pick(options, 'transacting')))
.then((_ownerUser) => {
ownerUser = _ownerUser;
});

View File

@ -0,0 +1,41 @@
const should = require('should');
const supertest = require('supertest');
const localUtils = require('./utils');
const testUtils = require('../../../../utils');
const configUtils = require('../../../../utils/configUtils');
const config = require('../../../../../server/config');
const ghost = testUtils.startGhost;
describe('Authors Content API', function () {
const validKey = localUtils.getValidKey();
let request;
before(function () {
return ghost()
.then(function (_ghostServer) {
request = supertest.agent(config.get('url'));
})
.then(function () {
return testUtils.initFixtures('owner:post', 'users:no-owner', 'user:inactive', 'posts', 'api_keys');
});
});
afterEach(function () {
configUtils.restore();
});
it('can read authors with fields', function () {
return request.get(localUtils.API.getApiQuery(`authors/1/?key=${validKey}&fields=name`))
.set('Origin', testUtils.API.getURL())
.expect('Content-Type', /json/)
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(200)
.then((res) => {
should.not.exist(res.headers['x-cache-invalidate']);
// We don't expose any other attrs.
localUtils.API.checkResponse(res.body.authors[0], 'author', null, null, ['id', 'name']);
});
});
});

View File

@ -75,7 +75,7 @@ describe('Unit: v2/utils/serializers/output/utils/mapper', () => {
urlUtil.forUser.callCount.should.equal(1);
urlUtil.forTag.getCall(0).args.should.eql(['id3', {id: 'id3', feature_image: 'value'}, frame.options]);
urlUtil.forUser.getCall(0).args.should.eql(['id4', {name: 'Ghosty', id: 'id4'}]);
urlUtil.forUser.getCall(0).args.should.eql(['id4', {name: 'Ghosty', id: 'id4'}, frame.options]);
});
});
@ -103,7 +103,7 @@ describe('Unit: v2/utils/serializers/output/utils/mapper', () => {
mapper.mapUser(user, frame);
urlUtil.forUser.callCount.should.equal(1);
urlUtil.forUser.getCall(0).args.should.eql(['id1', user]);
urlUtil.forUser.getCall(0).args.should.eql(['id1', user, frame.options]);
});
});