diff --git a/core/client/models/post.js b/core/client/models/post.js index ea367b7ee8..b4318ebd95 100644 --- a/core/client/models/post.js +++ b/core/client/models/post.js @@ -16,7 +16,6 @@ resp.draft = resp.status === 'draft'; } if (resp.tags) { - // TODO: parse tags into it's own collection on the model (this.tags) return resp; } return resp; diff --git a/core/client/views/editor.js b/core/client/views/editor.js index d6ce674ff6..ecc802ff11 100644 --- a/core/client/views/editor.js +++ b/core/client/views/editor.js @@ -226,7 +226,6 @@ var saved = this.model.save(_.extend({ title: $('#entry-title').val(), - // TODO: The content_raw getter here isn't great, shouldn't rely on currentView. markdown: Ghost.currentView.getEditorValue() }, data)); diff --git a/core/client/views/settings.js b/core/client/views/settings.js index 7872b21e4a..90bf65bd52 100644 --- a/core/client/views/settings.js +++ b/core/client/views/settings.js @@ -114,7 +114,6 @@ saveSuccess: function (model, response, options) { /*jslint unparam:true*/ Ghost.notifications.clearEverything(); - // TODO: better messaging here? Ghost.notifications.addItem({ type: 'success', message: 'Saved', @@ -140,8 +139,6 @@ } }); - // TODO: use some kind of data-binding for forms - // ### General settings Settings.general = Settings.Pane.extend({ id: "general", diff --git a/core/server/api/index.js b/core/server/api/index.js index e82e3ff46e..f80f6b1bd1 100644 --- a/core/server/api/index.js +++ b/core/server/api/index.js @@ -17,6 +17,7 @@ var _ = require('underscore'), // ## Request Handlers function cacheInvalidationHeader(req, result) { + //TODO: don't set x-cache-invalidate header for drafts var parsedUrl = req._parsedUrl.pathname.replace(/\/$/, '').split('/'), method = req.method, endpoint = parsedUrl[4], diff --git a/core/server/api/users.js b/core/server/api/users.js index 8201c6f22e..e150aafc57 100644 --- a/core/server/api/users.js +++ b/core/server/api/users.js @@ -91,7 +91,6 @@ users = { }, generateResetToken: function generateResetToken(email) { - // TODO: Do we want to be able to pass this in? var expires = Date.now() + ONE_DAY; return settings.read('dbHash').then(function (dbHash) { return dataProvider.User.generateResetToken(email, expires, dbHash); diff --git a/core/server/bookshelf-session.js b/core/server/bookshelf-session.js index 9708fb3a4e..cc6b865f84 100644 --- a/core/server/bookshelf-session.js +++ b/core/server/bookshelf-session.js @@ -1,7 +1,6 @@ var Store = require('express').session.Store, time12h = 12 * 60 * 60 * 1000, BSStore, - dataProvider, db, client; diff --git a/core/server/controllers/admin.js b/core/server/controllers/admin.js index 7e788680eb..c06a7d6efc 100644 --- a/core/server/controllers/admin.js +++ b/core/server/controllers/admin.js @@ -12,7 +12,6 @@ var config = require('../config'), adminControllers, loginSecurity = []; - // TODO: combine path/navClass to single "slug(?)" variable with no prefix adminNavbar = { content: { name: 'Content', @@ -93,7 +92,7 @@ adminControllers = { if (req.body.redirect) { redirect += decodeURIComponent(req.body.redirect); } - // If this IP address successfully logins we + // If this IP address successfully logs in we // can remove it from the array of failed login attempts. loginSecurity = _.reject(loginSecurity, function (ipTime) { return ipTime.ip === remoteAddress; @@ -212,7 +211,6 @@ adminControllers = { }, function failure(error) { // TODO: This is kind of sketchy, depends on magic string error.message from Bookshelf. - // TODO: It's debatable whether we want to just tell the user we sent the email in this case or not, we are giving away sensitive info here. if (error && error.message === 'EmptyResponse') { error.message = "Invalid email address"; } @@ -264,7 +262,6 @@ adminControllers = { res.json(200, {redirect: config.paths().subdir + '/ghost/signin/'}); }); }).otherwise(function (err) { - // TODO: Better error message if we can tell whether the passwords didn't match or something res.json(401, {error: err.message}); }); }, @@ -318,9 +315,7 @@ adminControllers = { }); }, 'settings': function (req, res, next) { - - // TODO: Centralise list/enumeration of settings panes, so we don't - // run into trouble in future. + // TODO: Centralise list/enumeration of settings panes, so we don't run into trouble in future. var allowedSections = ['', 'general', 'user'], section = req.url.replace(/(^\/ghost\/settings[\/]*|\/$)/ig, ''); @@ -333,7 +328,7 @@ adminControllers = { adminNav: setSelected(adminNavbar, 'settings') }); }, - 'debug': { /* ugly temporary stuff for managing the app before it's properly finished */ + 'debug': { index: function (req, res) { /*jslint unparam:true*/ res.render('debug', { diff --git a/core/server/controllers/frontend.js b/core/server/controllers/frontend.js index 921fbfbfa1..ee288337a0 100644 --- a/core/server/controllers/frontend.js +++ b/core/server/controllers/frontend.js @@ -14,7 +14,6 @@ var moment = require('moment'), config = require('../config'), errors = require('../errorHandling'), filters = require('../../server/filters'), - coreHelpers = require('../helpers'), frontendControllers; @@ -77,9 +76,7 @@ frontendControllers = { post = promises[1]; function render() { - // If we're ready to render the page - // but the last param is 'edit' then we'll - // actually kick you to the edit page. + // If we're ready to render the page but the last param is 'edit' then we'll send you to the edit page. if (req.params[2] && req.params[2] === 'edit') { return res.redirect(config.paths().subdir + '/ghost/editor/' + post.id + '/'); } @@ -103,8 +100,7 @@ frontendControllers = { } // A page can only be rendered when there is no date in the url. - // A post can either be rendered with a date in the url - // depending on the permalink setting. + // A post can either be rendered with a date in the url depending on the permalink setting. // For all other conditions return 404. if (post.page === 1 && dateInSlug === false) { return render(); @@ -141,7 +137,7 @@ frontendControllers = { return res.redirect(config.paths().subdir + '/rss/'); } - //needs refact for multi user to not use first user as default + // TODO: needs refactor for multi user to not use first user as default return when.settle([ api.users.read({id : 1}), api.settings.read('title'), diff --git a/core/server/index.js b/core/server/index.js index 70dd803198..0fad4702fa 100644 --- a/core/server/index.js +++ b/core/server/index.js @@ -1,7 +1,3 @@ -// If no env is set, default to development -// This needs to be above all other require() -// modules to ensure config gets right setting. - // Module dependencies var crypto = require('crypto'), express = require('express'), @@ -75,8 +71,7 @@ function initDbHashAndFirstRun() { } // Sets up the express server instance. -// Instantiates the ghost singleton, -// helpers, routes, middleware, and plugins. +// Instantiates the ghost singleton, helpers, routes, middleware, and plugins. // Finally it starts the http server. function setup(server) { diff --git a/core/server/middleware/index.js b/core/server/middleware/index.js index 889f3248b8..7d71dcc80f 100644 --- a/core/server/middleware/index.js +++ b/core/server/middleware/index.js @@ -208,7 +208,6 @@ module.exports = function (server, dbHash) { expressServer.use(subdir, express.favicon(corePath + '/shared/favicon.ico')); // Static assets - // For some reason send divides the max age number by 1000 expressServer.use(subdir + '/shared', express['static'](path.join(corePath, '/shared'), {maxAge: ONE_HOUR_MS})); expressServer.use(subdir + '/content/images', storage.get_storage().serve()); expressServer.use(subdir + '/ghost/scripts', express['static'](path.join(corePath, '/built/scripts'), {maxAge: ONE_YEAR_MS})); @@ -254,11 +253,9 @@ module.exports = function (server, dbHash) { cookie: cookie })); - - //enable express csrf protection + // enable express csrf protection expressServer.use(middleware.conditionalCSRF); - // local data expressServer.use(ghostLocals); // So on every request we actually clean out redundant passive notifications from the server side diff --git a/core/server/middleware/middleware.js b/core/server/middleware/middleware.js index aad635102b..ca05bfbe7a 100644 --- a/core/server/middleware/middleware.js +++ b/core/server/middleware/middleware.js @@ -57,7 +57,6 @@ var middleware = { // Authenticate a request to the API by responding with a 401 and json error details authAPI: function (req, res, next) { if (!req.session.user) { - // TODO: standardize error format/codes/messages res.json(401, { error: 'Please sign in' }); return; } diff --git a/core/server/routes/admin.js b/core/server/routes/admin.js index 02f5413c07..2948f2d7c9 100644 --- a/core/server/routes/admin.js +++ b/core/server/routes/admin.js @@ -5,7 +5,6 @@ var admin = require('../controllers/admin'), module.exports = function (server) { var subdir = config.paths().subdir; // ### Admin routes - /* TODO: put these somewhere in admin */ server.get('/logout/', function redirect(req, res) { /*jslint unparam:true*/ res.redirect(301, subdir + '/ghost/signout/'); diff --git a/core/server/routes/api.js b/core/server/routes/api.js index c642d959bb..9d1bfb54b1 100644 --- a/core/server/routes/api.js +++ b/core/server/routes/api.js @@ -3,7 +3,6 @@ var middleware = require('../middleware').middleware, module.exports = function (server) { // ### API routes - /* TODO: auth should be public auth not user auth */ // #### Posts server.get('/ghost/api/v0.1/posts', middleware.authAPI, api.requestHandler(api.posts.browse)); server.post('/ghost/api/v0.1/posts', middleware.authAPI, api.requestHandler(api.posts.add)); diff --git a/core/test/functional/api/posts_test.js b/core/test/functional/api/posts_test.js index e42fbebe05..66406b1284 100644 --- a/core/test/functional/api/posts_test.js +++ b/core/test/functional/api/posts_test.js @@ -193,7 +193,6 @@ describe('Post API', function () { headers: {'X-CSRF-Token': csrfToken}, json: newPost}, function (error, response, draftPost) { response.should.have.status(200); - //TODO: do drafts really need a x-cache-invalidate header response.should.be.json; draftPost.should.exist; draftPost.title.should.eql(newTitle); @@ -308,7 +307,7 @@ describe('Post API', function () { headers: {'X-CSRF-Token': csrfToken}, json: newPost}, function (error, response, draftPost) { response.should.have.status(200); - //TODO: do drafts really need a x-cache-invalidate header + response.should.be.json; draftPost.should.exist; draftPost.title.should.eql(newTitle); @@ -317,7 +316,6 @@ describe('Post API', function () { request.del({uri: testUtils.API.getApiURL('posts/' + draftPost.id + '/'), headers: {'X-CSRF-Token': csrfToken}}, function (error, response, body) { response.should.have.status(200); - //TODO: do drafts really need a x-cache-invalidate header response.should.be.json; var jsonResponse = JSON.parse(body); jsonResponse.should.exist; diff --git a/core/test/unit/storage_localfilesystem_spec.js b/core/test/unit/storage_localfilesystem_spec.js index c1a4601561..54bea0e30e 100644 --- a/core/test/unit/storage_localfilesystem_spec.js +++ b/core/test/unit/storage_localfilesystem_spec.js @@ -124,8 +124,6 @@ describe('Local File System Storage', function () { describe('on Windows', function () { - // TODO tests to check for working on windows - var truePathSep = path.sep; beforeEach(function () {