Merge pull request #1164 from halfdan/1162-unpublished-posts

Unpublished Post should not be accessible
This commit is contained in:
Hannah Wolfe 2013-10-25 13:18:39 -07:00
commit 5c33a707e9
6 changed files with 26 additions and 15 deletions

View File

@ -58,7 +58,7 @@
post.urlRoot = Ghost.settings.apiRoot + '/posts'; post.urlRoot = Ghost.settings.apiRoot + '/posts';
if (id) { if (id) {
post.id = id; post.id = id;
post.fetch().then(function () { post.fetch({ data: {status: 'all'}}).then(function () {
Ghost.currentView = new Ghost.Views.Editor({ el: '#main', model: post }); Ghost.currentView = new Ghost.Views.Editor({ el: '#main', model: post });
}); });
} else { } else {

View File

@ -151,4 +151,4 @@ frontendControllers = {
}; };
module.exports = frontendControllers; module.exports = frontendControllers;

View File

@ -84,12 +84,13 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
// #### generateSlug // #### generateSlug
// Create a string act as the permalink for an object. // Create a string act as the permalink for an object.
generateSlug: function (Model, base) { generateSlug: function (Model, base, readOptions) {
var slug, var slug,
slugTryCount = 1, slugTryCount = 1,
// Look for a post with a matching slug, append an incrementing number if so // Look for a post with a matching slug, append an incrementing number if so
checkIfSlugExists = function (slugToFind) { checkIfSlugExists = function (slugToFind) {
return Model.read({slug: slugToFind}).then(function (found) { readOptions = _.extend(readOptions || {}, { slug: slugToFind });
return Model.read(readOptions).then(function (found) {
var trimSpace; var trimSpace;
if (!found) { if (!found) {

View File

@ -65,7 +65,7 @@ Post = ghostBookshelf.Model.extend({
if (this.hasChanged('slug')) { if (this.hasChanged('slug')) {
// Pass the new slug through the generator to strip illegal characters, detect duplicates // Pass the new slug through the generator to strip illegal characters, detect duplicates
return this.generateSlug(Post, this.get('slug')) return this.generateSlug(Post, this.get('slug'), { status: 'all' })
.then(function (slug) { .then(function (slug) {
self.set({slug: slug}); self.set({slug: slug});
}); });
@ -84,7 +84,7 @@ Post = ghostBookshelf.Model.extend({
if (!this.get('slug')) { if (!this.get('slug')) {
// Generating a slug requires a db call to look for conflicting slugs // Generating a slug requires a db call to look for conflicting slugs
return this.generateSlug(Post, this.get('title')) return this.generateSlug(Post, this.get('title'), { status: 'all' })
.then(function (slug) { .then(function (slug) {
self.set({slug: slug}); self.set({slug: slug});
}); });
@ -181,6 +181,15 @@ Post = ghostBookshelf.Model.extend({
// Extends base model findOne to eager-fetch author and user relationships. // Extends base model findOne to eager-fetch author and user relationships.
findOne: function (args, options) { findOne: function (args, options) {
options = options || {}; options = options || {};
args = _.extend({
status: 'published'
}, args || {});
if (args.status === 'all') {
delete args.status;
}
options.withRelated = [ 'author', 'user', 'tags' ]; options.withRelated = [ 'author', 'user', 'tags' ];
return ghostBookshelf.Model.findOne.call(this, args, options); return ghostBookshelf.Model.findOne.call(this, args, options);
}, },

View File

@ -262,7 +262,8 @@ describe('Post Model', function () {
updatedSecondPost.get('slug').should.not.equal(firstPost.slug); updatedSecondPost.get('slug').should.not.equal(firstPost.slug);
return PostModel.read({ return PostModel.read({
id: updatedSecondPost.id id: updatedSecondPost.id,
status: 'all'
}); });
}).then(function (foundPost) { }).then(function (foundPost) {

View File

@ -49,7 +49,7 @@ describe('Tag Model', function () {
createdPostID = createdPost.id; createdPostID = createdPost.id;
return createdPost.tags().attach(createdTag); return createdPost.tags().attach(createdTag);
}).then(function () { }).then(function () {
return PostModel.read({id: createdPostID}, { withRelated: ['tags']}); return PostModel.read({id: createdPostID, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithTag) { }).then(function (postWithTag) {
postWithTag.related('tags').length.should.equal(1); postWithTag.related('tags').length.should.equal(1);
done(); done();
@ -77,11 +77,11 @@ describe('Tag Model', function () {
createdTagID = createdTag.id; createdTagID = createdTag.id;
return createdPost.tags().attach(createdTag); return createdPost.tags().attach(createdTag);
}).then(function () { }).then(function () {
return PostModel.read({id: createdPostID}, { withRelated: ['tags']}); return PostModel.read({id: createdPostID, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithTag) { }).then(function (postWithTag) {
return postWithTag.tags().detach(createdTagID); return postWithTag.tags().detach(createdTagID);
}).then(function () { }).then(function () {
return PostModel.read({id: createdPostID}, { withRelated: ['tags']}); return PostModel.read({id: createdPostID, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithoutTag) { }).then(function (postWithoutTag) {
postWithoutTag.related('tags').should.be.empty; postWithoutTag.related('tags').should.be.empty;
done(); done();
@ -114,7 +114,7 @@ describe('Tag Model', function () {
return postModel; return postModel;
}); });
}).then(function (postModel) { }).then(function (postModel) {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']}); return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
}); });
} }
@ -150,7 +150,7 @@ describe('Tag Model', function () {
tagData.splice(1, 1); tagData.splice(1, 1);
return postModel.set('tags', tagData).save(); return postModel.set('tags', tagData).save();
}).then(function (postModel) { }).then(function (postModel) {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']}); return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (reloadedPost) { }).then(function (reloadedPost) {
var tagNames = reloadedPost.related('tags').models.map(function (t) { return t.attributes.name; }); var tagNames = reloadedPost.related('tags').models.map(function (t) { return t.attributes.name; });
tagNames.sort().should.eql(['tag1', 'tag3']); tagNames.sort().should.eql(['tag1', 'tag3']);
@ -174,7 +174,7 @@ describe('Tag Model', function () {
tagData.push({id: 3, name: 'tag3'}); tagData.push({id: 3, name: 'tag3'});
return postModel.set('tags', tagData).save(); return postModel.set('tags', tagData).save();
}).then(function () { }).then(function () {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']}); return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (reloadedPost) { }).then(function (reloadedPost) {
var tagModels = reloadedPost.related('tags').models, var tagModels = reloadedPost.related('tags').models,
tagNames = tagModels.map(function (t) { return t.attributes.name; }); tagNames = tagModels.map(function (t) { return t.attributes.name; });
@ -196,7 +196,7 @@ describe('Tag Model', function () {
tagData.push({id: null, name: 'tag3'}); tagData.push({id: null, name: 'tag3'});
return postModel.set('tags', tagData).save(); return postModel.set('tags', tagData).save();
}).then(function (postModel) { }).then(function (postModel) {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']}); return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (reloadedPost) { }).then(function (reloadedPost) {
var tagNames = reloadedPost.related('tags').models.map(function (t) { return t.attributes.name; }); var tagNames = reloadedPost.related('tags').models.map(function (t) { return t.attributes.name; });
tagNames.sort().should.eql(['tag1', 'tag2', 'tag3']); tagNames.sort().should.eql(['tag1', 'tag2', 'tag3']);
@ -210,7 +210,7 @@ describe('Tag Model', function () {
var newPost = _.extend(testUtils.DataGenerator.forModel.posts[0], {tags: [{name: 'test_tag_1'}]}) var newPost = _.extend(testUtils.DataGenerator.forModel.posts[0], {tags: [{name: 'test_tag_1'}]})
PostModel.add(newPost).then(function (createdPost) { PostModel.add(newPost).then(function (createdPost) {
return PostModel.read({id: createdPost.id}, { withRelated: ['tags']}); return PostModel.read({id: createdPost.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithTag) { }).then(function (postWithTag) {
postWithTag.related('tags').length.should.equal(1); postWithTag.related('tags').length.should.equal(1);
done(); done();