Commit Graph

1021 Commits

Author SHA1 Message Date
Hannah Wolfe
9b7be32c0c Merge pull request #3775 from felixrieseberg/iss3765
Ensure Owner's role isn't downgraded
2014-08-16 17:07:41 +01:00
Felix Rieseberg
47ba9a7385 Ensure Owner's role isn't downgraded
closes #3765
- Simple API check to ensure that the owner isn’t downgraded to a
different role (analog to the ’can’t change your own role’ check)
- Test added to ensure Owner can't be downgraded to a lower role
2014-08-15 17:44:30 -04:00
Hannah Wolfe
7f4231c83d Merge pull request #3791 from ErisDS/issue-3790
Display correct new Ghost version
2014-08-15 18:34:03 +01:00
Hannah Wolfe
260d9562e4 Merge pull request #3670 from felixrieseberg/iss3641
Validation fix for number of posts/page
2014-08-15 18:27:14 +01:00
Hannah Wolfe
52d0a83dc2 Display correct new Ghost version
closes #3790
2014-08-15 18:23:55 +01:00
Jilles Soeters
6249d28a92 Added target="_blank" to all links that go to the support page. 2014-08-15 16:46:24 +02:00
Jilles Soeters
ecdf5cec21 Open the e-mail sending support page in a new window. 2014-08-15 16:20:52 +02:00
Felix Rieseberg
f19c2be6fe Validation fix for number of posts/page
closes #3641
- Reworded error messages, remove “please” (credits go to @YouriAckx)
2014-08-13 12:08:09 -07:00
Hannah Wolfe
2aed220e9e Merge pull request #3647 from felixrieseberg/iss3644
Accept all versions of 'edit' as URL parameter
2014-08-13 18:22:18 +01:00
Hannah Wolfe
c500b41536 Filestorage helper returns string true if config is object
no issue

- else admin client gets [object Object] which is weird Please enter the commit message for your changes. Lines starting
2014-08-11 11:50:44 +01:00
Hannah Wolfe
5381db37cd Fix for bug where owner user has name owner
no issue

- in the case that the role is not being assigned, the code assumes it doesn't get a role..
2014-08-11 10:51:14 +01:00
Jason Williams
8fb3cddcf6 Update express and body-parser dependencies.
No Issue
- Upgrade to versions of these packages that use qs >= 1.0.0.
2014-08-11 05:20:31 +00:00
Hannah Wolfe
988ca127b6 Updating docs links to point to support.ghost.org 2014-08-10 23:17:40 +01:00
Sebastian Gierlinger
85a1902294 Merge pull request #3735 from ErisDS/cache-invalidation
Adding author pages to cache invalidation
2014-08-10 22:01:19 +02:00
Sebastian Gierlinger
d167bb4ff4 Merge pull request #3731 from ErisDS/issue-3724
Expose blog URL to client app
2014-08-10 20:51:45 +02:00
Hannah Wolfe
d556f4723e Adding author pages to cache invalidation 2014-08-10 19:32:46 +01:00
Hannah Wolfe
32d72d5daa Expose blog URL to client app
fixes #3724

 - provide config.url to the ember client app via a data attribute
 - create server and client side helpers to output the URL
 - wire up the client side helper
 - add a class for testing, and add tests for both the server and client side
2014-08-10 18:49:37 +01:00
Hannah Wolfe
c12b92582c Merge pull request #3722 from hswolff/rss-atom-url
Fix rss content's url to the RSS feed
2014-08-10 16:01:54 +01:00
Hannah Wolfe
2d2e61676d MU Importer - Assign objects correctly
fixes #3716

- change the importer to not override any user details
- only set published_by if it is not already set
- import users before anything else
- process the import and map user ids to existing users
- test fix - owner should have owner role
- test fix - catch invalid success in importer
2014-08-10 14:49:23 +01:00
Harry Wolff
5d70604f9b Fix rss content's url to the RSS feed
fixes #3719

- correctly sets the path to the RSS feed for tags and authors
2014-08-09 23:16:27 -04:00
Hannah Wolfe
2472637321 Merge pull request #3704 from javorszky/iss3649
Sends test email to the person who clicked on the button
2014-08-08 22:54:21 +01:00
Hannah Wolfe
4d4efe26ae Merge pull request #3702 from ErisDS/issue-3694
Switch middleware order to result in proper error
2014-08-08 22:44:30 +01:00
Gabor Javorszky
508f669a49 Sends test email to the person who clicked on the button
Closes #3649

* Small refactor of the api route for email test. We no longer need to look up the email in the settings
* Added a user model lookup based on context to the test email method.
2014-08-08 18:41:14 +01:00
Hannah Wolfe
7d37a829c3 Switch middleware order to result in proper error
fixes #3694

- Split the res.isAdmin check out into it's own thing because we need to detect whether we are in the admin, before everything else
2014-08-08 17:17:07 +01:00
David Balderston
99e77cab3c Removed Username From Initial Blog Description
closes #3631
- Removed the 'by + setupUser.name' from authentication.js
- Removed the 'by Test User' from feed_test.js
- Added a '.' to the end of each per issue comment example
2014-08-08 08:04:46 -07:00
Hannah Wolfe
918a911d3f Merge pull request #3686 from sebgie/issue#3660
Improve error handling for authentication
2014-08-08 14:25:40 +01:00
Sebastian Gierlinger
9e65b47007 Merge pull request #3695 from ErisDS/issue-3657
Don't require protocol for website
2014-08-08 15:24:25 +02:00
Hannah Wolfe
648b503cff Merge pull request #3690 from sebgie/issue#3659
Improve handling of SQLITE_READONLY
2014-08-08 14:18:29 +01:00
Hannah Wolfe
e01046df11 Don't require protocol for website
fixes #3657

- we didn't require this previously, and adding it causes issues
2014-08-08 14:15:49 +01:00
Hannah Wolfe
8d46705dbb Disable user validation and errors on login
fixes #3658

- Catch any errors from user.save() events during login
- Prevent validation from happening at all when only updating status/last_login
- Fixes a problem I introduced with errors which are arrays in logError
2014-08-08 13:12:17 +01:00
Sebastian Gierlinger
9cedd1a2b9 Imporve handling of SQLITE_READONLY
closes #3659
- added alternate context/help for SQLITE_READONY error to
errors.logError()
2014-08-08 11:16:51 +02:00
Sebastian Gierlinger
649a0872ec Improve error handling for authentication
closes #3660
- added wrapping in JSON API format to error500()
- added client side handling
2014-08-08 09:44:24 +02:00
Felix Rieseberg
8453067d70 Accept all versions of 'edit' as URL parameter
closes #3644
2014-08-06 20:07:41 -07:00
Fabian Becker
9915fb1268 Fix revoke user invite and user.destroy
fixes #3630
- Extend user adapter in ember to load users with status: all
- Fix user.destroy by loading all users with status: all
2014-08-06 16:48:18 +00:00
Hannah Wolfe
c95c9b45cb Merge pull request #3621 from sebgie/fix-refresh-token
Fix token refresh
2014-08-06 10:34:20 +01:00
Sebastian Gierlinger
3908dbdf8f Merge pull request #3620 from ErisDS/issue-3589
Cleaner spam prevention error messages
2014-08-06 11:17:29 +02:00
Sebastian Gierlinger
b2e9d21018 Fix token refresh
no issue
- spam prevention causes token refresh to return an error
2014-08-06 11:11:44 +02:00
Hannah Wolfe
e315148cc5 Cleaner spam prevention error messages
closes #3589

- Full error messages appear in stderr
- Clean error messages for user
2014-08-06 10:00:21 +01:00
Sebastian Gierlinger
1219817628 Merge pull request #3613 from ErisDS/update-notification
Improved Update Notification
2014-08-06 10:55:47 +02:00
Waleed Ali
7009d416cb Improve settings error handling
closes #3450
- Added no-permission error handling for settings edit API.
- In Authentication API integration test, updated the initOwnerUser
  function to insert the roles and user_roles for the owner user so the
  owner can edit settings after adding the no-permission error handling. I
  also added the mail send permission to the test since it's used after
  the user edits the settings.
2014-08-06 09:11:50 +01:00
Sebastian Gierlinger
22171fd058 Merge pull request #3611 from ErisDS/author-classes
Adding missing body class for author pages
2014-08-06 09:37:06 +02:00
Hannah Wolfe
03a46a0b24 Improved Update Notification
- adding a version number to the notification
- adding a link to the upgrade docs, to make this process easier.
2014-08-06 08:33:00 +01:00
Hannah Wolfe
9fb34d6b27 Merge pull request #3550 from halfdan/3542-forgotten-user
Properly show message when resetting password.
2014-08-06 02:18:30 +01:00
Hannah Wolfe
9419f9bbe4 Adding missing body class for author pages
closes #3606
2014-08-05 23:38:57 +01:00
Fabian Becker
a2d5105bcc Changing User.read API to default to active users.
refs #3542
- Properly handle forgotten screen (ember)
- Change Users API to only return active users on read
- Adjust tests
2014-08-06 00:30:48 +02:00
Hannah Wolfe
28c20cba5d Merge pull request #3596 from sebgie/issue#3518
Add owner role to setup user
2014-08-05 19:01:06 +01:00
Sebastian Gierlinger
5590628d54 Merge pull request #3600 from ErisDS/author-helper
Fix the author context block
2014-08-05 19:59:53 +02:00
Hannah Wolfe
157cf5c3b9 Fix the author context block
fixes #3599

- If the author helper is called as a block (i.e. fn is present) then
  treat it as a with call
2014-08-05 17:03:13 +01:00
Sebastian Gierlinger
766e6ff944 Add owner role to setup user
closes #3518
- added owner role to user that is added if no user is available
2014-08-05 13:48:10 +02:00
Sebastian Gierlinger
c62d7ba43e Improve spam prevention
closes #3544
- limit forgotten password requests to five requests per IP per hour
for different email addresses
- limit forgotten password requests to five requests per email address
- limit signin requests to ten failed requests per IP per hour
- removed special treatment for tests
2014-08-05 12:58:58 +02:00