TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-23 22:11:09 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2169 from sebgie/issue#1655

Browse Source 
Improvements for models
This commit is contained in:
Hannah Wolfe 2014-02-19 15:48:15 +00:00
commit f273e17e08
12 changed files with 135 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/client/tpl/settings/general.hbs
View File

@ -70,7 +70,7 @@
<select id="activeTheme" name="general[activeTheme]">
{{#each availableThemes}}
<option value="{{name}}" {{#if active}}selected{{/if}}>{{#if package}}{{package.name}} - {{package.version}}{{else}}{{name}}{{/if}}</option>
{{#unless package}}<script>console.log('Hi! The theme named "{{name}}" does not have a package.json file or it\' malformed. This will be required in the future. For more info, see http://docs.ghost.org/themes/.');</script>{{/unless}}
{{#unless package}}<script>console.log('Hi! The theme named "{{name}}" does not have a package.json file or it\'s malformed. This will be required in the future. For more info, see http://docs.ghost.org/themes/.');</script>{{/unless}}
{{/each}}
</select>
<p>Select a theme for your blog</p>

23
core/server/bookshelf-session.js
View File

@ -1,17 +1,16 @@
var Store = require('express').session.Store,
var Store = require('express').session.Store,
models = require('./models'),
time12h = 12 * 60 * 60 * 1000,
BSStore,
db,
client;
BSStore;
// Initialize store and clean old sessions
BSStore = function BSStore(dataProvider, options) {
BSStore = function BSStore(options) {
var self = this;
this.dataProvider = dataProvider;
options = options || {};
Store.call(this, options);
this.dataProvider.Session.findAll()
models.Session.findAll()
.then(function (model) {
var i,
now = new Date().getTime();
@ -30,7 +29,7 @@ BSStore.prototype.set = function (sid, sessData, callback) {
var maxAge = sessData.cookie.maxAge,
now = new Date().getTime(),
expires = maxAge ? now + maxAge : now + time12h,
sessionModel = this.dataProvider.Session;
sessionModel = models.Session;
sessData = JSON.stringify(sessData);
@ -54,7 +53,7 @@ BSStore.prototype.get = function (sid, callback) {
sess,
expires;
this.dataProvider.Session.forge({id: sid})
models.Session.forge({id: sid})
.fetch()
.then(function (model) {
if (model) {
@ -73,7 +72,7 @@ BSStore.prototype.get = function (sid, callback) {
// delete a given sessions
BSStore.prototype.destroy = function (sid, callback) {
this.dataProvider.Session.forge({id: sid})
models.Session.forge({id: sid})
.destroy()
.then(function () {
// check if callback is null
@ -87,7 +86,7 @@ BSStore.prototype.destroy = function (sid, callback) {
// get the count of all stored sessions
BSStore.prototype.length = function (callback) {
this.dataProvider.Session.findAll()
models.Session.findAll()
.then(function (model) {
callback(null, model.length);
});
@ -95,7 +94,7 @@ BSStore.prototype.length = function (callback) {
// delete all sessions
BSStore.prototype.clear = function (callback) {
this.dataProvider.Session.destroyAll()
models.Session.destroyAll()
.then(function () {
callback();
});

2
core/server/middleware/index.js
View File

@ -264,7 +264,7 @@ module.exports = function (server, dbHash) {
expressServer.use(express.cookieParser());
expressServer.use(express.session({
store: new BSStore(models),
store: new BSStore(),
proxy: true,
secret: dbHash,
cookie: cookie

34
core/server/models/base.js
View File

@ -1,5 +1,4 @@
var ghostBookshelf,
Bookshelf = require('bookshelf'),
var Bookshelf = require('bookshelf'),
when = require('when'),
moment = require('moment'),
_ = require('lodash'),
@ -7,7 +6,10 @@ var ghostBookshelf,
config = require('../config'),
Validator = require('validator').Validator,
unidecode = require('unidecode'),
sanitize = require('validator').sanitize;
sanitize = require('validator').sanitize,
schema = require('../data/schema'),
ghostBookshelf;
// Initializes a new Bookshelf instance, for reference elsewhere in Ghost.
ghostBookshelf = Bookshelf.ghost = Bookshelf.initialize(config().database);
@ -21,6 +23,11 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
hasTimestamps: true,
// get permitted attributs from schema.js
permittedAttributes: function () {
return _.keys(schema.tables[this.tableName]);
},
defaults: function () {
return {
uuid: uuid.v4()
@ -28,9 +35,17 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
},
initialize: function () {
var self = this;
this.on('creating', this.creating, this);
this.on('saving', this.saving, this);
this.on('saving', this.validate, this);
this.on('saving', function (model, attributes, options) {
return when(self.saving(model, attributes, options)).then(function () {
return self.validate(model, attributes, options);
});
});
},
validate: function () {
return true;
},
creating: function () {
@ -40,10 +55,13 @@ ghostBookshelf.Model = ghostBookshelf.Model.extend({
},
saving: function () {
// Remove any properties which don't belong on the post model
this.attributes = this.pick(this.permittedAttributes);
// Remove any properties which don't belong on the model
this.attributes = this.pick(this.permittedAttributes());
this.set('updated_by', 1);
// sessions do not have 'updated_by' column
if (this.tableName !== 'sessions') {
this.set('updated_by', 1);
}
},
// Base prototype properties will go here

5
core/server/models/permission.js
View File

@ -1,6 +1,7 @@
var ghostBookshelf = require('./base'),
User = require('./user').User,
Role = require('./role').Role,
Permission,
Permissions;
@ -8,10 +9,6 @@ Permission = ghostBookshelf.Model.extend({
tableName: 'permissions',
permittedAttributes: ['id', 'uuid', 'name', 'object_type', 'action_type', 'object_id', 'created_at', 'created_by',
'updated_at', 'updated_by'],
validate: function () {
// TODO: validate object_type, action_type and object_id
ghostBookshelf.validator.check(this.get('name'), "Permission name cannot be blank").notEmpty();

109
core/server/models/post.js
View File

@ -1,27 +1,23 @@
var Post,
var _ = require('lodash'),
uuid = require('node-uuid'),
when = require('when'),
errors = require('../errorHandling'),
Showdown = require('showdown'),
github = require('../../shared/vendor/showdown/extensions/github'),
converter = new Showdown.converter({extensions: [github]}),
User = require('./user').User,
Tag = require('./tag').Tag,
Tags = require('./tag').Tags,
ghostBookshelf = require('./base'),
Post,
Posts,
_ = require('lodash'),
uuid = require('node-uuid'),
when = require('when'),
errors = require('../errorHandling'),
Showdown = require('showdown'),
github = require('../../shared/vendor/showdown/extensions/github'),
converter = new Showdown.converter({extensions: [github]}),
User = require('./user').User,
Tag = require('./tag').Tag,
Tags = require('./tag').Tags,
ghostBookshelf = require('./base');
myTags;
Post = ghostBookshelf.Model.extend({
tableName: 'posts',
permittedAttributes: [
'id', 'uuid', 'title', 'slug', 'markdown', 'html', 'meta_title', 'meta_description',
'featured', 'image', 'status', 'language', 'author_id', 'created_at', 'created_by', 'updated_at', 'updated_by',
'page', 'published_at', 'published_by'
],
defaults: function () {
return {
uuid: uuid.v4(),
@ -30,15 +26,22 @@ Post = ghostBookshelf.Model.extend({
},
initialize: function () {
var self = this;
this.on('creating', this.creating, this);
this.on('saving', this.updateTags, this);
this.on('saving', this.saving, this);
this.on('saving', this.validate, this);
this.on('saved', this.updateTags, this);
this.on('saving', function (model, attributes, options) {
return when(self.saving(model, attributes, options)).then(function () {
return self.validate(model, attributes, options);
});
});
},
validate: function () {
ghostBookshelf.validator.check(this.get('title'), "Post title cannot be blank").notEmpty();
ghostBookshelf.validator.check(this.get('title'), 'Post title maximum length is 150 characters.').len(0, 150);
ghostBookshelf.validator.check(this.get('slug'), "Post title cannot be blank").notEmpty();
ghostBookshelf.validator.check(this.get('slug'), 'Post title maximum length is 150 characters.').len(0, 150);
return true;
},
@ -46,8 +49,10 @@ Post = ghostBookshelf.Model.extend({
/*jslint unparam:true*/
var self = this;
// Remove any properties which don't belong on the post model
this.attributes = this.pick(this.permittedAttributes);
// keep tags for 'saved' event
myTags = this.get('tags');
ghostBookshelf.Model.prototype.saving.call(this);
this.set('html', converter.makeHtml(this.get('markdown')));
@ -55,65 +60,45 @@ Post = ghostBookshelf.Model.extend({
//this.set('title', this.sanitize('title').trim());
this.set('title', this.get('title').trim());
if (this.hasChanged('status') && this.get('status') === 'published') {
if ((this.hasChanged('status') || !this.get('published_at')) && this.get('status') === 'published') {
if (!this.get('published_at')) {
this.set('published_at', new Date());
}
// This will need to go elsewhere in the API layer.
this.set('published_by', 1);
} else if (this.get('status') === 'published' && !this.get('published_at')) {
// If somehow this is a published post with no date, fix it... see #2015
this.set('published_at', new Date());
}
ghostBookshelf.Model.prototype.saving.call(this);
if (this.hasChanged('slug')) {
if (this.hasChanged('slug') || !this.get('slug')) {
// Pass the new slug through the generator to strip illegal characters, detect duplicates
return ghostBookshelf.Model.generateSlug(Post, this.get('slug'), {status: 'all', transacting: options.transacting})
return ghostBookshelf.Model.generateSlug(Post, this.get('slug') || this.get('title'),
{status: 'all', transacting: options.transacting})
.then(function (slug) {
self.set({slug: slug});
});
}
},
creating: function (newPage, attr, options) {
/*jslint unparam:true*/
// set any dynamic default properties
var self = this;
// set any dynamic default properties
if (!this.get('author_id')) {
this.set('author_id', 1);
}
ghostBookshelf.Model.prototype.creating.call(this);
// We require a slug be set when creating a new post
// as the database doesn't allow null slug values.
if (!this.get('slug')) {
// Generating a slug requires a db call to look for conflicting slugs
return ghostBookshelf.Model.generateSlug(Post, this.get('title'), {status: 'all', transacting: options.transacting})
.then(function (slug) {
self.set({slug: slug});
});
}
},
updateTags: function (newTags, attr, options) {
updateTags: function (newPost, attr, options) {
/*jslint unparam:true*/
var self = this;
options = options || {};
if (newTags === this) {
newTags = this.get('tags');
}
if (!newTags || !this.id) {
if (!myTags) {
return;
}
return Post.forge({id: this.id}).fetch({withRelated: ['tags'], transacting: options.transacting}).then(function (thisPostWithTags) {
return Post.forge({id: newPost.id}).fetch({withRelated: ['tags'], transacting: options.transacting}).then(function (thisPostWithTags) {
var existingTags = thisPostWithTags.related('tags').toJSON(),
tagOperations = [],
@ -123,17 +108,17 @@ Post = ghostBookshelf.Model.extend({
// First find any tags which have been removed
_.each(existingTags, function (existingTag) {
if (!_.some(newTags, function (newTag) { return newTag.name === existingTag.name; })) {
if (!_.some(myTags, function (newTag) { return newTag.name === existingTag.name; })) {
tagsToDetach.push(existingTag.id);
}
});
if (tagsToDetach.length > 0) {
tagOperations.push(self.tags().detach(tagsToDetach, options));
tagOperations.push(newPost.tags().detach(tagsToDetach, options));
}
// Next check if new tags are all exactly the same as what is set on the model
_.each(newTags, function (newTag) {
_.each(myTags, function (newTag) {
if (!_.some(existingTags, function (existingTag) { return newTag.name === existingTag.name; })) {
// newTag isn't on this post yet
tagsToAttach.push(newTag);
@ -143,7 +128,7 @@ Post = ghostBookshelf.Model.extend({
if (!_.isEmpty(tagsToAttach)) {
return Tags.forge().query('whereIn', 'name', _.pluck(tagsToAttach, 'name')).fetch(options).then(function (matchingTags) {
_.each(matchingTags.toJSON(), function (matchingTag) {
tagOperations.push(self.tags().attach(matchingTag.id, options));
tagOperations.push(newPost.tags().attach(matchingTag.id, options));
tagsToAttach = _.reject(tagsToAttach, function (tagToAttach) {
return tagToAttach.name === matchingTag.name;
});
@ -172,7 +157,7 @@ Post = ghostBookshelf.Model.extend({
// Attach each newly created tag
_.each(createdTagsToAttach, function (tagToAttach) {
self.tags().attach(tagToAttach.id, tagToAttach.name, options);
newPost.tags().attach(tagToAttach.id, tagToAttach.name, options);
});
}
@ -432,18 +417,16 @@ Post = ghostBookshelf.Model.extend({
},
add: function (newPostData, options) {
var self = this;
return ghostBookshelf.Model.add.call(this, newPostData, options).then(function (post) {
// associated models can't be created until the post has an ID, so run this after
return when(post.updateTags(newPostData.tags, null, options)).then(function () {
return self.findOne({status: 'all', id: post.id}, options);
});
return self.findOne({status: 'all', id: post.id}, options);
});
},
edit: function (editedPost, options) {
var self = this;
return ghostBookshelf.Model.edit.call(this, editedPost, options).then(function (editedObj) {
return self.findOne({status: 'all', id: editedObj.id}, options);
return ghostBookshelf.Model.edit.call(this, editedPost, options).then(function (post) {
return self.findOne({status: 'all', id: post.id}, options);
});
},
destroy: function (_identifier, options) {

3
core/server/models/role.js
View File

@ -1,6 +1,7 @@
var User = require('./user').User,
Permission = require('./permission').Permission,
ghostBookshelf = require('./base'),
Role,
Roles;
@ -8,8 +9,6 @@ Role = ghostBookshelf.Model.extend({
tableName: 'roles',
permittedAttributes: ['id', 'uuid', 'name', 'description', 'created_at', 'created_by', 'updated_at', 'updated_by'],
validate: function () {
ghostBookshelf.validator.check(this.get('name'), "Role name cannot be blank").notEmpty();
ghostBookshelf.validator.check(this.get('description'), "Role description cannot be blank").notEmpty();

9
core/server/models/session.js
View File

@ -1,17 +1,12 @@
var ghostBookshelf = require('./base'),
Session,
Sessions;
Session = ghostBookshelf.Model.extend({
tableName: 'sessions',
tableName: 'sessions'
permittedAttributes: ['id', 'expires', 'sess'],
saving: function () {
// Remove any properties which don't belong on the session model
this.attributes = this.pick(this.permittedAttributes);
}
}, {
destroyAll: function (options) {
options = options || {};

3
core/server/models/settings.js
View File

@ -5,6 +5,7 @@ var Settings,
_ = require('lodash'),
errors = require('../errorHandling'),
when = require('when'),
defaultSettings;
// For neatness, the defaults file is split into categories.
@ -33,8 +34,6 @@ Settings = ghostBookshelf.Model.extend({
tableName: 'settings',
permittedAttributes: ['id', 'uuid', 'key', 'value', 'type', 'created_at', 'created_by', 'updated_at', 'update_by'],
defaults: function () {
return {
uuid: uuid.v4(),

19
core/server/models/tag.js
View File

@ -1,26 +1,21 @@
var Tag,
Tags,
Posts = require('./post').Posts,
ghostBookshelf = require('./base');
var Posts = require('./post').Posts,
ghostBookshelf = require('./base'),
Tag,
Tags;
Tag = ghostBookshelf.Model.extend({
tableName: 'tags',
permittedAttributes: [
'id', 'uuid', 'name', 'slug', 'description', 'parent_id', 'meta_title', 'meta_description', 'created_at',
'created_by', 'updated_at', 'updated_by'
],
validate: function () {
return true;
},
creating: function () {
saving: function () {
var self = this;
ghostBookshelf.Model.prototype.creating.call(this);
ghostBookshelf.Model.prototype.saving.apply(this, arguments);
if (!this.get('slug')) {
// Generating a slug requires a db call to look for conflicting slugs

35
core/server/models/user.js
View File

@ -1,6 +1,4 @@
var User,
Users,
_ = require('lodash'),
var _ = require('lodash'),
uuid = require('node-uuid'),
when = require('when'),
errors = require('../errorHandling'),
@ -13,7 +11,9 @@ var User,
http = require('http'),
crypto = require('crypto'),
tokenSecurity = {};
tokenSecurity = {},
User,
Users;
function validatePasswordLength(password) {
try {
@ -37,12 +37,6 @@ User = ghostBookshelf.Model.extend({
tableName: 'users',
permittedAttributes: [
'id', 'uuid', 'name', 'slug', 'password', 'email', 'image', 'cover', 'bio', 'website', 'location',
'accessibility', 'status', 'language', 'meta_title', 'meta_description', 'last_login', 'created_at',
'created_by', 'updated_at', 'updated_by'
],
validate: function () {
ghostBookshelf.validator.check(this.get('email'), "Please enter a valid email address. That one looks a bit dodgy.").isEmail();
ghostBookshelf.validator.check(this.get('bio'), "We're not writing a novel here! I'm afraid your bio has to stay under 200 characters.").len(0, 200);
@ -53,10 +47,16 @@ User = ghostBookshelf.Model.extend({
return true;
},
creating: function () {
saving: function () {
var self = this;
// disabling sanitization until we can implement a better version
// this.set('name', this.sanitize('name'));
// this.set('email', this.sanitize('email'));
// this.set('location', this.sanitize('location'));
// this.set('website', this.sanitize('website'));
// this.set('bio', this.sanitize('bio'));
ghostBookshelf.Model.prototype.creating.call(this);
ghostBookshelf.Model.prototype.saving.apply(this, arguments);
if (!this.get('slug')) {
// Generating a slug requires a db call to look for conflicting slugs
@ -65,18 +65,7 @@ User = ghostBookshelf.Model.extend({
self.set({slug: slug});
});
}
},
saving: function () {
// disabling sanitization until we can implement a better version
// this.set('name', this.sanitize('name'));
// this.set('email', this.sanitize('email'));
// this.set('location', this.sanitize('location'));
// this.set('website', this.sanitize('website'));
// this.set('bio', this.sanitize('bio'));
return ghostBookshelf.Model.prototype.saving.apply(this, arguments);
},
posts: function () {

31
core/test/functional/api/posts_test.js
View File

@ -250,11 +250,7 @@ describe('Post API', function () {
it('can\'t edit a post with invalid CSRF token', function (done) {
request.get(testUtils.API.getApiURL('posts/1/'), function (error, response, body) {
var jsonResponse = JSON.parse(body),
changedValue = 'My new Title';
jsonResponse.should.exist;
jsonResponse.title = changedValue;
var jsonResponse = JSON.parse(body);
request.put({uri: testUtils.API.getApiURL('posts/1/'),
headers: {'X-CSRF-Token': 'invalid-token'},
json: jsonResponse}, function (error, response, putBody) {
@ -263,6 +259,31 @@ describe('Post API', function () {
});
});
});
it('published_at = null', function (done) {
request.get(testUtils.API.getApiURL('posts/1/'), function (error, response, body) {
var jsonResponse = JSON.parse(body),
changedValue = 'My new Title';
jsonResponse.should.exist;
jsonResponse.title = changedValue;
jsonResponse.published_at = null;
request.put({uri: testUtils.API.getApiURL('posts/1/'),
headers: {'X-CSRF-Token': csrfToken},
json: jsonResponse}, function (error, response, putBody) {
response.should.have.status(200);
response.headers['x-cache-invalidate'].should.eql('/, /page/*, /rss/, /rss/*, /' + putBody.slug + '/');
response.should.be.json;
putBody.should.exist;
putBody.title.should.eql(changedValue);
if (_.isEmpty(putBody.published_at)) {
should.fail('null', 'valid date', 'publish_at should not be empty');
done();
}
testUtils.API.checkResponse(putBody, 'post');
done();
});
});
});
});
// ## delete