Commit Graph

8057 Commits

Author SHA1 Message Date
kirrg001
e3178fc158 Version bump to 1.22.1 2018-04-02 12:31:28 +02:00
kirrg001
9a43f36d44 Updated Ghost-Admin to 1.22.1 2018-04-02 12:31:28 +02:00
kirrg001
5dc2dddfc2 Fixed migration script 1.22 for invalid authors
no issue

- the previous commit will insert two post author relations if the author id of a post is invalid
- if a blog has an invalid author_id (which should be an edge case), we update the author id to the owner id
  - `posts_authors` are auto inserted in this case
2018-04-02 12:27:06 +02:00
Katharina Irrgang
7bbde460af
Speed up 1.22 migration script (#9541)
no issue

- insert `posts_authors` relation via knex
- massive speed improvement

e.g. 1500 posts

- before: ~1min
- after: ~10sec
2018-04-02 12:00:00 +02:00
Kevin Ansfield
3e33849e47 Version bump to 1.22.0 2018-03-27 21:08:21 +01:00
Kevin Ansfield
e1ce8eff31 Updated Ghost-Admin to 1.22.0 2018-03-27 21:08:21 +01:00
Katharina Irrgang
40d0a745df Multiple authors (#9426)
no issue

This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion)

### key notes

- `authors` are not fetched by default, only if we need them
- the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid)
- ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release
- the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation)
- if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author)
- we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors
- `authors` helper available (same as `tags` helper)
- `primary_author` computed field available
- `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 15:16:15 +01:00
Kevin Ansfield
3e295bee7e Version bump to 1.21.7 2018-03-26 15:32:47 +01:00
Kevin Ansfield
3a48ab3330 Updated Ghost-Admin to 1.21.7 2018-03-26 15:32:46 +01:00
Katharina Irrgang
7c6f690eb5 🐛 Fixed updated_at not being updated (#9532)
closes #9520

- it contains a dependency bump of the latest Bookshelf release
- Bookshelf introduced a bug in the last release
  - see https://github.com/bookshelf/bookshelf/pull/1583
  - see https://github.com/bookshelf/bookshelf/pull/1798
- this has caused trouble in Ghost
  - the `updated_at` attribute was not automatically set anymore

---

The bookshelf added one breaking change: it's allow to pass custom `updated_at` and `created_at`.
We already have a protection for not being able to override the `created_at` date on update.
We had to add another protection to now allow to only change the `updated_at` property.
You can only change `updated_at` if you actually change something else e.g. the title of a post.

To be able to implement this check i discovered that Bookshelfs `model.changed` object has a tricky behaviour.
It remembers **all** attributes, which where changed, doesn't matter if they are valid or invalid model properties.
We had to add a line of code to avoid remembering none valid model attributes in this object.

e.g. you change `tag.parent` (no valid model attribute). The valid property is `tag.parent_id`.
     If you pass `tag.parent` but the value has **not** changed (`tag.parent` === `tag.parent_id`), it will output you `tag.changed.parent`. But this is wrong.
     Bookshelf detects `changed` attributes too early. Or if you think the other way around, Ghost detects valid attributes too late.
     But the current earliest possible stage is the `onSaving` event, there is no earlier way to pick valid attributes (except of `.forge`, but we don't use this fn ATM).
     Later: the API should transform `tag.parent` into `tag.parent_id`, but we are not using it ATM, so no need to pre-optimise.
     The API already transforms `post.author` into `post.author_id`.
2018-03-26 14:12:02 +01:00
CriticalRespawn
60386dbba5 🐛Fixed misspelled schema.org type for WebSite (#9526)
closes #9525

- updated the schema type to 'WebSite' as it is the correct spelling according to schema.org. See [here](http://schema.org/WebSite)
2018-03-23 10:50:28 +07:00
Rosco Kalis
4013023d60 🐛Added more language support to {{reading_time}} helper (#9509)
closes #9507

- Changed the utils.wordCount implementation to the one used by simpleMDE
- Added extra À-ÿ to the regex to support diacritics characters
- Added corresponding text with Chinese text mentioned in the issue
2018-03-22 10:27:02 +07:00
Katharina Irrgang
fa1cc76e15
Bump dependencies (#9516)
no issue

- compression@1.7.2
- express@4.16.3
- ghost-ignition@2.9.0
- gscan@1.3.4
- knex-migrator@3.1.5
- lodash@4.17.5
- moment@2.21.0
- netjet@1.3.0
- sanitize-html@1.18.2
- sqlite@4.0.0
- eslint@4.19.0
- grunt@1.0.2
- sinon@4.4.6
- nock@9.2.3
- grunt-express-server@0.5.4

This commit resolves https://hackerone.com/reports/310439.
2018-03-21 18:49:42 +01:00
kirrg001
f0c8e3c95a Fixed wrong i18n key
refs #9519

- `errors.models.posts.postNotFound` -> wrong
- `errors.models.post.postNotFound`  -> correct
- the i18n lib just logs the error and falls back to a valid error key
- wrong i18n keys will never break Ghost
2018-03-21 08:41:05 +01:00
kirrg001
1d65581f93 Version bump to 1.21.6 2018-03-19 16:39:05 +01:00
kirrg001
ce8838ae9f Updated Ghost-Admin to 1.21.6 2018-03-19 16:39:05 +01:00
Katharina Irrgang
95423ea8fa
Bump dependencies (#9513)
no issue

- knex@0.14.4
- bookshelf@0.13.0
- knex-migrator@3.1.4
- brute-knex@4feff38ad2
- bookshelf-relations@0.2.0

### Fixes for Bookshelf 0.13

- they introduced some breaking changes
- https://github.com/bookshelf/bookshelf/blob/master/CHANGELOG.md#breaking-changes
- adapt event handling in Ghost and in bookshelf-relations
2018-03-19 16:27:06 +01:00
Rosco Kalis
3d8bf02a8d Redirected /amp links to original post when AMP is disabled (#9496)
closes #9495

- Added a clause for amp being disabled
- In this clause, we strip the final 'amp/' part of the url, and redirect
- Changed corresponding test in frontend_spec.js
- Used `urlService.utils.redirect301()` instead of `res.redirect()`
2018-03-19 16:11:48 +07:00
Mante Bridts
7ed822cc0c 🐛Fixed i18n for the {{meta_title}} helper (#9468)
closes #9466

- make 'page' in the meta title translatable through subexpression in the meta title helper
- e.g. `{{meta_title page=(t....)}}`
2018-03-19 09:48:07 +01:00
Vikas Potluri
63aeebb144 🐛 Fixed escaping < in reading time helper (#9508)
no issue

Using the < character raw isn't w3 complaint
2018-03-19 09:47:58 +07:00
Aileen Nowak
9030161db9 Upgrading Casper to 2.1.10 2018-03-16 16:00:33 +07:00
Aileen Nowak
25b4769662 Revert "Upgrading Casper to 2.2.0"
This reverts commit 61a0343be0.
2018-03-16 15:47:58 +07:00
Aileen Nowak
61a0343be0 Upgrading Casper to 2.2.0 2018-03-16 09:54:41 +07:00
CriticalRespawn
735d9775ee 🐛Fixed data-* attributes from being stripped in AMP HTML (#9501)
closes #9500

- Added `data-*` to `allowedAMPAttributes`, so it will not get stripped out.
2018-03-16 09:45:07 +07:00
CriticalRespawn
25b94bba75 🐛Fixed <br> tag from duplicating in AMP transform (#9502)
closes #9499 

- added `br` to self closing tags option for `sanitize-html` when cleaning the ampified HTML
2018-03-16 09:39:29 +07:00
kirrg001
27f12e3d51 Removed feature roadmap link from our CONTRIBUTING.md
no issue

- the roadmap is no longer used
2018-03-15 10:53:10 +01:00
Kevin Ansfield
df1188d25a
Fix Node.js 4.x compatibility (#9503)
no issue
- fixes compatibility issue introduced in 7548ace32d
2018-03-15 09:50:25 +00:00
Kevin Ansfield
7548ace32d Koenig - Output captions for image and embed cards
refs https://github.com/TryGhost/Ghost/issues/9311
- very basic implementation, still needs proper classes and default stylesheet implementation
- change image card output to a `<figure>` with optional `<figcaption>`
- add optional `<p>` caption output to the html card
2018-03-14 18:21:30 +00:00
Kevin Ansfield
fcc09a0ae4 Version bump to 1.21.5 2018-03-13 13:55:26 +00:00
Kevin Ansfield
c98327a9a5 Updated Ghost-Admin to 1.21.5 2018-03-13 13:55:26 +00:00
Kevin Ansfield
0c72fc98bd Version bump to 1.21.4 2018-03-06 16:13:43 +00:00
Kevin Ansfield
7146805320 Updated Ghost-Admin to 1.21.4 2018-03-06 16:13:43 +00:00
Katharina Irrgang
b23ec1c587 Switch Travis to Node v8 for linting and coverage (#9487)
no issue
- we're switching our development environments and internal hosting to version 8 in preparation to switch our recommended Node.js version to 8
- node v8 is much faster than node v6
2018-03-06 16:04:02 +00:00
Silvio Fernández
043370d84e Bump markdown-it to version 8.4.1 (#9484)
no issue

- which bumps the sub-dependency "uc.micro" to 1.0.5 
- this version is now MIT licensed
2018-03-05 10:03:24 +01:00
Rosco Kalis
301e1b2419 🎨Improved image counting for the {{reading_time}} helper (#9366)
refs #9200

- We have not yet counted the images within your html, this commit counts images based on the this algorithm: https://blog.medium.com/read-time-and-you-bc2048ab620c
- Added imageCount utility, which counts images using an img-tag regex, amended from the general tag-regex found in wordCount
- Added this imageCount to the {{reading_time}} helper, adding 12 seconds to the reading time for every image
- The feature image is still counted as before
- The first image adds 12 seconds, the second 11, the third 10, and so on
- Images from the tenth onwards add 3 seconds to the reading time
2018-03-05 09:30:15 +01:00
Aileen Nowak
1da2eec915 🐛Fixed image properties to be reset to null after removal (#9432)
closes #9085

Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`.

Added a check in the model layer saving method to set value  to `null`, when the property is empty.

Affected models and properties:
- `posts`:
	- `feature_image`
	- `og_image`
	- `twitter_image`
- `users`:
	- `profile_image`
	- `cover_image`
- `tags`:
	- `feature_image`
2018-03-05 09:10:27 +01:00
kirrg001
f692e27a59 Fixed wrong authentication test
no issue

- the tests were failing since beginning of March
- this was caused by a wrong assertion in one of our authentication tests
- we work with a static 6 month ms number for token expiry
- this static ms number is based on 30 days per month
2018-03-04 10:42:49 +01:00
kirrg001
415ff2cf20 Extended test mocks: express & knex
no issue

- extended functionality
- the knex mock simply parses the sql statements and serves data from memory
- i've tested the memory mode of sqlite, but could not get it working
  - but maybe for the future to test again
2018-02-22 00:37:40 +01:00
kirrg001
3dedfc7d61 Fixed default mobiledoc handling in our data generator
no issue

- the handling here was not correct
- if you've passed no mobiledoc, it wasn't adding mobiledoc and an undefined html value
- we need a default mobiledoc+html value in case you don't pass the values within the test cases
2018-02-21 23:53:37 +01:00
kirrg001
d32cea479e Fixed incorrect test in functional/routes/api/posts_spec.js
no issue

- `post.author_id` has no reference to any table currently, see https://github.com/TryGhost/Ghost/blob/1.21.3/core/server/data/schema/schema.js#L19
- that's why it is right now possible to insert none existent author id's
- with multiple authors, this get's protected (see https://github.com/TryGhost/Ghost/pull/9426)
  - you would get a proper error message
  - it is not allowed to insert invalid author id's
  - as soon as you do `include=author` you would receive an error
- fixed one test case where we inserted an invalid author id via the API
2018-02-21 18:39:56 +01:00
kirrg001
789895b3de Consistent function names in test utility
no issue

- just discovered that we had confusing function names in our test utility
  - e.g. `posts` -> default posts from the data generator
  - e.g. `users` -> extra users not from our data generator
- now:
  - e.g. `posts` -> default posts from the data generator
  - e.g. `users` -> default users from the data generator
  - e.g. `users:extra` -> extra users not from our data generator
2018-02-21 17:48:46 +01:00
kirrg001
e01b61dcf4 Proper error handling for permissible implementations
no issue

- currently if you would like to edit a resource (e.g. post) and you pass an invalid model id, the following happens
  - permission check calls `Post.permissible`
  - the Post could not find the post, but ignored it and returned `userPermissions:true`
  - then the model layer is queried again and figured out that the post does not exist
- A: there is no need to query the model twice
- B: we needed proper error handling for post and role model
2018-02-21 16:59:48 +01:00
Aileen Nowak
49c815b2f1 Version bump to 1.21.3 2018-02-21 08:19:52 +07:00
Aileen Nowak
a587a5a772 Updated Ghost-Admin to 1.21.3 2018-02-21 08:19:52 +07:00
kirrg001
45176534a3 Renamed comments in importer test
no issue

- just making it clear, that we are talking about the `author_id` (single author)
- no JS change, only comments
2018-02-20 17:45:56 +01:00
kirrg001
68d8154d4f Imported nested tags by foreign key
no issue

- replace logic for preparing nested tags
- if you have nested tags in your file, we won't update or update the target tag
- we simply would like to add the relationship to the database
- use same approach as base class
  - add `posts_tags` to target post model
  - update identifiers
  - insert relation by foreign key `tag_id`
- bump bookshelf-relations to 0.1.10
2018-02-20 09:56:45 +01:00
kirrg001
5a4dd6b792 Increased speed of importer
no issue

- change behaviour from updating user references after the actual import to update the user reference before the actual import
  - updating user references after the import is way less case intense
  - that was the initial decision for updating the references afterwards
  - but that does not play well with adding nested relations by identifier
- the refactoring is required for multiple authors
  - if we e.g. store invalid author id's, we won't be able to add a belongs-to-many relation for multiple authors
  - bookshelf-relations is generic and always tries to find a matching target before attching a model
  - invalid user references won't work anymore
- this change has a very good side affect
  - 17mb takes on master ~1,5seconds
    - on this branch it takes ~45seconds
  - also the memory usage is way lower and stabler
  - 40mb takes 1,6s (times out on master)
2018-02-20 09:56:45 +01:00
kirrg001
12724df8e4 Define belongsToMany foreign keys for tags in the model layer
no issue

- otherwise we will have trouble in the future fetching relations by foreign key
  - e.g. `tag_id: {id}`
  - this won't work if we don't explicitly define the name of the keys
  - bookshelf can't fulfil the request
- this does not change any behaviour, it just makes use of the ability to define the names of your foreign keys
2018-02-20 08:49:00 +01:00
kirrg001
b204d5874e Added missing test cases for post.author
no issue

- Ghost does not support adding an author by relation (`post.author = {id: '..'}`)
- Ghost does not support editing an author by relation (`post.author = {id: '..'}`)
- only `author_id` is allowed
2018-02-17 15:57:24 +01:00
Katharina Irrgang
0aff9f33d9
Improved validation layer (#9427)
refs https://github.com/TryGhost/Ghost/issues/3658

- the `validateSchema` helper was a bit broken
  - if you add a user without email, you will receive a database error
  - but the validation error should catch that email is passed with null
- it was broken, because:
  - A: it called `toJSON` -> this can remove properties from the output (e.g. password)
  - B: we only validated fields, which were part of the JSON data (model.hasOwnProperty)
- we now differentiate between schema validation for update and insert
- fixed one broken import test
  - if you import a post without a status, it should not error
  - it falls back to the default value
- removed user model `onValidate`
  - the user model added a custom implementation of `onValidate`, because of a bug which we experienced (see https://github.com/TryGhost/Ghost/issues/3638)
  - with the refactoring this is no longer required - we only validate fields which have changed when updating resources
  - also, removed extra safe catch when logging in (no longer needed - unit tested)
- add lot's of unit tests to proof the code change
- always call the base class, except you have a good reason
2018-02-16 00:49:15 +01:00