Merge pull request #1164 from halfdan/1162-unpublished-posts

Unpublished Post should not be accessible
This commit is contained in:
Hannah Wolfe 2013-10-25 13:18:39 -07:00
commit 5c33a707e9
6 changed files with 26 additions and 15 deletions

View File

@ -58,7 +58,7 @@
post.urlRoot = Ghost.settings.apiRoot + '/posts';
if (id) {
post.id = id;
post.fetch().then(function () {
post.fetch({ data: {status: 'all'}}).then(function () {
Ghost.currentView = new Ghost.Views.Editor({ el: '#main', model: post });
});
} else {

View File

@ -84,12 +84,13 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
// #### generateSlug
// Create a string act as the permalink for an object.
generateSlug: function (Model, base) {
generateSlug: function (Model, base, readOptions) {
var slug,
slugTryCount = 1,
// Look for a post with a matching slug, append an incrementing number if so
checkIfSlugExists = function (slugToFind) {
return Model.read({slug: slugToFind}).then(function (found) {
readOptions = _.extend(readOptions || {}, { slug: slugToFind });
return Model.read(readOptions).then(function (found) {
var trimSpace;
if (!found) {

View File

@ -65,7 +65,7 @@ Post = ghostBookshelf.Model.extend({
if (this.hasChanged('slug')) {
// Pass the new slug through the generator to strip illegal characters, detect duplicates
return this.generateSlug(Post, this.get('slug'))
return this.generateSlug(Post, this.get('slug'), { status: 'all' })
.then(function (slug) {
self.set({slug: slug});
});
@ -84,7 +84,7 @@ Post = ghostBookshelf.Model.extend({
if (!this.get('slug')) {
// Generating a slug requires a db call to look for conflicting slugs
return this.generateSlug(Post, this.get('title'))
return this.generateSlug(Post, this.get('title'), { status: 'all' })
.then(function (slug) {
self.set({slug: slug});
});
@ -181,6 +181,15 @@ Post = ghostBookshelf.Model.extend({
// Extends base model findOne to eager-fetch author and user relationships.
findOne: function (args, options) {
options = options || {};
args = _.extend({
status: 'published'
}, args || {});
if (args.status === 'all') {
delete args.status;
}
options.withRelated = [ 'author', 'user', 'tags' ];
return ghostBookshelf.Model.findOne.call(this, args, options);
},

View File

@ -262,7 +262,8 @@ describe('Post Model', function () {
updatedSecondPost.get('slug').should.not.equal(firstPost.slug);
return PostModel.read({
id: updatedSecondPost.id
id: updatedSecondPost.id,
status: 'all'
});
}).then(function (foundPost) {

View File

@ -49,7 +49,7 @@ describe('Tag Model', function () {
createdPostID = createdPost.id;
return createdPost.tags().attach(createdTag);
}).then(function () {
return PostModel.read({id: createdPostID}, { withRelated: ['tags']});
return PostModel.read({id: createdPostID, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithTag) {
postWithTag.related('tags').length.should.equal(1);
done();
@ -77,11 +77,11 @@ describe('Tag Model', function () {
createdTagID = createdTag.id;
return createdPost.tags().attach(createdTag);
}).then(function () {
return PostModel.read({id: createdPostID}, { withRelated: ['tags']});
return PostModel.read({id: createdPostID, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithTag) {
return postWithTag.tags().detach(createdTagID);
}).then(function () {
return PostModel.read({id: createdPostID}, { withRelated: ['tags']});
return PostModel.read({id: createdPostID, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithoutTag) {
postWithoutTag.related('tags').should.be.empty;
done();
@ -114,7 +114,7 @@ describe('Tag Model', function () {
return postModel;
});
}).then(function (postModel) {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']});
return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
});
}
@ -150,7 +150,7 @@ describe('Tag Model', function () {
tagData.splice(1, 1);
return postModel.set('tags', tagData).save();
}).then(function (postModel) {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']});
return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (reloadedPost) {
var tagNames = reloadedPost.related('tags').models.map(function (t) { return t.attributes.name; });
tagNames.sort().should.eql(['tag1', 'tag3']);
@ -174,7 +174,7 @@ describe('Tag Model', function () {
tagData.push({id: 3, name: 'tag3'});
return postModel.set('tags', tagData).save();
}).then(function () {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']});
return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (reloadedPost) {
var tagModels = reloadedPost.related('tags').models,
tagNames = tagModels.map(function (t) { return t.attributes.name; });
@ -196,7 +196,7 @@ describe('Tag Model', function () {
tagData.push({id: null, name: 'tag3'});
return postModel.set('tags', tagData).save();
}).then(function (postModel) {
return PostModel.read({id: postModel.id}, { withRelated: ['tags']});
return PostModel.read({id: postModel.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (reloadedPost) {
var tagNames = reloadedPost.related('tags').models.map(function (t) { return t.attributes.name; });
tagNames.sort().should.eql(['tag1', 'tag2', 'tag3']);
@ -210,7 +210,7 @@ describe('Tag Model', function () {
var newPost = _.extend(testUtils.DataGenerator.forModel.posts[0], {tags: [{name: 'test_tag_1'}]})
PostModel.add(newPost).then(function (createdPost) {
return PostModel.read({id: createdPost.id}, { withRelated: ['tags']});
return PostModel.read({id: createdPost.id, status: 'all'}, { withRelated: ['tags']});
}).then(function (postWithTag) {
postWithTag.related('tags').length.should.equal(1);
done();