TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-24 06:35:49 +03:00
Code Issues Projects Releases Wiki Activity
1,521 Commits 227 Branches 1,677 Tags 368 MiB
12c307fa6d
Commit Graph

411 Commits

Author SHA1 Message Date
Sebastian Gierlinger
639c0d0627 Add schema.js 
closes #1398
closes #1399
closes #1400
- added schema.js with database version '000'
- refactored migration to use schema.js
- if new table is added to schema.js and databaseVersion is increased, table will be added
- if new table is deleted to schema.js and databaseVersion is increased, table will be deleted
- alter table from issue #1400 is delayed until knex supports column modification
- changed import pre checks to work again (will be refactored separately)
- added basic PostgreSQL support (Attention: not supported/tested)
- changed error handling in server.js
 2013-11-18 15:21:15 +01:00
Fabian Becker
89201a5c84 Lowercase email address. 
fixes #1498
 2013-11-18 00:34:51 +00:00
Hannah Wolfe
8e9b27f0b5 Remove inline script from default.hbs 
closes #1268
 2013-11-16 18:47:55 +00:00
Sebastian Gierlinger
fd60a12469 Fix wrong error message 
closes #1466
- added status code for error object
- added test for frontend errors
 2013-11-15 15:27:06 +01:00
Jacob Gable
ef9f5dc33f Pass proxy Ghost interface to Apps 
Closes #1478

- Create new proxy.js that exposes createProxy method
- Pass proxy to App activate/install in lieu of Ghost instance
 2013-11-14 20:36:27 -06:00
Hannah Wolfe
9d55e68689 Merge pull request #1458 from mjbshaw/svg 
Add support for SVG images
 2013-11-14 12:53:26 -08:00
Harry Wolff
688dd363cd Move plugin init code into plugin.js and have it called from server.js 2013-11-12 22:52:31 -05:00
Michael Bradshaw
0d4283176e Add support for SVG images 2013-11-12 11:37:54 -07:00
Hannah Wolfe
3235a3a3e2 Merge pull request #1442 from Decad/user-gravatar 
Add users Gravatar on signup
 2013-11-12 03:53:49 -08:00
Hannah Wolfe
b8a98660fb Merge pull request #1440 from JohnONolan/post-settings 
Post settings refactor
 2013-11-12 03:50:56 -08:00
John O'Nolan
4ee1b9849b Complete post-settings menu refactor 2013-11-12 09:19:02 +01:00
Declan cook
cbe8c15dc8 Add users Gravatar on signup 
When a user registers try to find their gravatar.
 2013-11-11 23:45:47 +00:00
Hannah Wolfe
15da975c06 image upload controller refactor 
issue #635

- upload controller shouldn't assume fs
- filesystem module proxies all the fs work
- proxies and exposes middleware for serving images
- creating a date based path and unique filename is a base object util
- unit tests updated
 2013-11-11 16:10:57 +00:00
Harry Wolff
901d189bf0 Move middleware functions into middleware module and create associated tests 
Note: this only moves middleware functions that have associated tests.
 2013-11-07 23:05:51 -05:00
Hannah Wolfe
ae236068dd Merge pull request #1412 from egdelwonk/feature/1329_page_template 
Render a page template if it exists in a theme for a post marked as page
 2013-11-06 12:31:14 -08:00
William Golden
766ce1ac51 Render a page template if it exists in a theme for a post marked as page. 
Closes #1329.
 2013-11-05 21:43:13 -06:00
Fabian Becker
88d7682605 Automatically replace unicode characters with ascii characters for slugs. 
fixes #1285
 2013-11-05 21:00:29 +00:00
Sebastian Gierlinger
8574813660 Bugfixes for tests 2013-11-05 15:02:12 +00:00
Sebastian Gierlinger
bb17e1c0e9 Add API tests 
closes #1189
- added tests
- added request module
- added status codes to API calls
- fixed return values of API calls
- fixed that drafts caused an error when being deleted
- fixed X-Invalidate-Cache headers
- moved testUtils.js to utils/index.js
 2013-11-03 18:13:19 +01:00
Hannah Wolfe
dee054e2c3 Merge pull request #1388 from germanrcuriel/add-canonical-support 
Add rel='canonical' support
 2013-11-03 06:50:35 -08:00
germanrcuriel
97bd8c40ea Add rel='canonical' support 
closes #1341
- Added canonical link to header using ghost_head helper.
 2013-11-03 14:37:33 +01:00
Fabian Becker
48d3b10649 Fix image upload issue. 
fixes #1377
 2013-11-02 11:16:00 +00:00
Hannah Wolfe
6b29d4392a Merge pull request #1375 from jamesbloomer/image-refactor2 
Tidy up the local file storage for images
 2013-11-01 08:48:12 -07:00
jamesbloomer
f42e977fa7 Tidy up the local file storage for images 2013-11-01 13:08:27 +00:00
Hannah Wolfe
0db907ada2 Bump grunt-jslint and fix issues 2013-11-01 12:12:01 +00:00
Ben Gladwell
69d3a1460d Remove unparam:true from jslint config in Gruntfile.js 
issue #1365
- added /*jslint unparam:true*/ to functions where absolutely necessary
- added /*jslint unparam:true*/ to functions in which keeping parameter
  list added clarity to the underlying api, even when those parameters
  are not currently used
- removed unused parameters in a few places
 2013-10-31 14:02:34 -04:00
jamesbloomer
ec79069a1c Convert local file system image storage to use promises 
Part of #635
 2013-10-31 08:25:25 +00:00
jamesbloomer
6e44280b96 Moving file system storage to a module 
issue #635

- refactored file system storage into module
- convert save to return a promise
- convert admin controller to use storage module
 2013-10-31 08:25:24 +00:00
Jacob Gable
507174a00b Plugin API Refactor: Filter and Theme Helpers 
issue #769

- Refactor doFilter to allow returning a promise from a filter handler
  and to also return a promise itself
- Move the logic out of the registerThemeHelper calls and into their own methods so
  we could test them in isolation.
- Assign the server to the ghost instance so the initPlugins method can
  get access to it.
 2013-10-29 11:27:52 +00:00
Hannah Wolfe
ddece0464b Merge pull request #1301 from ErisDS/js-build-warn 
Adding a warning message if js is not built
 2013-10-28 15:24:19 -07:00
Hannah Wolfe
68f78c9cc4 Merge pull request #1315 from cobbspur/suffix 
added suffix to tag helper
 2013-10-28 15:24:11 -07:00
Fabian Becker
798e5b1a4e Allow user to mark a post as static page 
- Increased post-settings width to properly display "Static Page"
- Changed templates to display "Static Page" if set
- Added unit test for body_class helper

fixes #969
 2013-10-28 22:01:03 +00:00
cobbspur
d605100709 added suffix to tag helper 
closes #607

- added suffix as optional parameter to tag helper
 2013-10-28 21:38:36 +00:00
Hannah Wolfe
6869c01a28 Adding a warning message if js is not built 
closes #1205
 2013-10-27 15:16:34 +00:00
Hannah Wolfe
5c33a707e9 Merge pull request #1164 from halfdan/1162-unpublished-posts 
Unpublished Post should not be accessible
 2013-10-25 13:18:39 -07:00
Hannah Wolfe
dfced52abc Merge pull request #1281 from halfdan/regression 
Fixes regression introduced in #1218.
 2013-10-25 13:13:38 -07:00
Fabian Becker
134f9a2b10 Fixes regression introduced in #1218. 2013-10-25 19:31:53 +00:00
Simone D'Amico
c4bf0123c8 Added quotes to changepw admin controller 2013-10-25 20:11:33 +02:00
Fabian Becker
0997eae716 Remove .txt from blacklist. 
fixes #1263
 2013-10-25 00:15:39 +00:00
Fabian Becker
aa5c0cc620 Unpublished Post should not be accessible 
fixes #1162
 2013-10-24 21:29:10 +00:00
Hannah Wolfe
ca6bc7525d Merge pull request #1238 from jgable/exposeKnex 
Store the Bookshelf instance on the Bookshelf module
 2013-10-24 08:18:29 -07:00
Hannah Wolfe
5b8048506e Merge pull request #1251 from sebgie/api-refactor-move 
Move /api to /ghost/api
 2013-10-24 07:52:49 -07:00
Hannah Wolfe
a190a209c0 Merge pull request #1252 from halfdan/531-lines-to-spaces 
Replace new-lines with spaces in excerpt helper.
 2013-10-24 07:30:49 -07:00
Sebastian Gierlinger
6505986f6b Move /api to /ghost/api 
closes #1249
- changed routes
- changed apiRoots
 2013-10-24 14:50:17 +02:00
Fabian Becker
16f72ba865 Replace new-lines with spaces in excerpt helper. 
fixes #531
 2013-10-23 20:28:36 +00:00
Fabian Becker
fc019fe675 Fixed style of modal in preview. 
fixes #1179
 2013-10-23 21:13:29 +01:00
Hannah Wolfe
5ba8959e83 Merge pull request #986 from sebgie/issue#952 2013-10-23 19:43:12 +01:00
Sebastian Gierlinger
c558cb7648 Add validation for importer 
closes #952
- moved api.js to api/index.js
- added api/db.js for import and export functions
- moved /ghost/debug/db/export to GET /api/v0.1/db
- moved /ghost/debug/db/import to POST /api/v0.1/db
- removed /ghost/debug/db/reset
- added validation for import
- added constraints object to migration
 2013-10-23 19:42:55 +01:00
Hannah Wolfe
6356ff9e94 Merge pull request #1248 from halfdan/bcryptjs 
Replace nodejs-bcrypt with bcryptjs
 2013-10-23 11:41:03 -07:00
Fabian Becker
1af17725fc Replace nodejs-bcrypt with bcryptjs 
* https://github.com/shaneGirish/bcrypt-nodejs
* https://github.com/dcodeIO/bcrypt.js
 2013-10-23 15:43:45 +00:00
Hannah Wolfe
80bbcf7205 Merge pull request #1239 from cobbspur/tagsprefix 
adds prefix option to tag helper
 2013-10-23 08:11:22 -07:00
Hannah Wolfe
40ba763f0f Merge pull request #1218 from halfdan/1212-themable-error-pages 
Allow themes to provide custom error template.
 2013-10-23 08:00:56 -07:00
b1nd
8f74eb0b83 Added server validation for location field 2013-10-22 23:00:12 +01:00
cobbspur
b85e5b6196 adds prefix option to tag helper 
closes #607

 - added prefix attributetor tags helper
 - will add prefix only if tags are present
 - adds unit tests for prefix
 2013-10-22 22:57:31 +01:00
Hannah Wolfe
3185078238 Merge pull request #1204 from Gotvitch/error-code 
Keep the status code generate by connect in case of error.
 2013-10-22 14:55:17 -07:00
Hannah Wolfe
2d1e28335c Merge pull request #1197 from halfdan/994-image-uploads 
Show proper error message when image upload fails
 2013-10-22 14:40:47 -07:00
andy matthews
8743766071 Add tooltip text to icons in admin section 
Closes #1178

* Add tooltip text to assorted icons within CMS
* Add tooltip for blog URL to Ghost logo
* Change 'Options' to 'Post Settings'

Change 'Options' to 'Post Settings'
 2013-10-22 22:31:02 +01:00
Fabian Becker
27e66f75f3 Show proper error message when image upload fails 
fixes #994
 2013-10-22 21:08:26 +00:00
Hannah Wolfe
b319e5b800 Merge pull request #1232 from thgaskell/master 
Undefined post data causing server to crash
 2013-10-22 13:35:03 -07:00
Jacob Gable
34343e893d Store the Bookshelf instance on the Bookshelf module 
- Assigns the ghostBookshelf instance to the Bookshelf.ghost property
 2013-10-22 15:32:46 -05:00
Hannah Wolfe
fc53bc8a15 Merge pull request #1152 from jgillich/status-code 
Set correct HTTP status code on error
 2013-10-22 13:05:22 -07:00
Hannah Wolfe
15a2eacaac Merge pull request #1141 from halfdan/246-helper-tests 
Improved test coverage of theme helpers.
 2013-10-22 12:45:07 -07:00
Hannah Wolfe
e2cf362395 Merge pull request #1117 from halfdan/featured-posts 
Add featured class when post is featured
 2013-10-22 12:38:33 -07:00
Hannah Wolfe
4480d3bd02 Merge pull request #1088 from jacobian/postgres-fix 
Fix #896 - work around errors in pagination under Postgresql.
 2013-10-22 07:08:15 -07:00
Tony Gaskell
2809e405d5 fixed bug where an undefined variable could be dereferenced 
which could cause the server to choke.
 2013-10-22 03:20:09 -10:00
Fabian Becker
57bd929d2c Allow themes to provide custom error template. 
fixes #1212, #1213
 2013-10-21 19:12:22 +00:00
Seb Gotvitch
596cd13ca5 Keep the status code generate by connect in case of error. 
The status code generate by connect/express in case of error was always
replace by 500 status.
 2013-10-21 01:53:26 -04:00
Pascal Borreli
14c420c8d1 Fixed typos 2013-10-20 20:33:51 +00:00
Hannah Wolfe
65dcb17117 Merge branch '0.3.3-wip' 
Conflicts:
	core/client/views/blog.js
	core/server/api.js
	core/server/views/default.hbs
	package.json
 2013-10-20 10:09:39 +01:00
Sebastian Gierlinger
2ee8f96829 Revert sessions to cookieSessions 
no issue
- modified sessions to use cookieSession
- set max-age to 12 hrs
- modified logout to delete cookie completely
 2013-10-18 13:24:01 +02:00
Hannah Wolfe
158d237122 Improved error handling 
fixes #845

- only returns an error page for get requests, otherwise returns a response
- no more admin menu when not logged in
- no more error message about theme error template
- logWarn is available
 2013-10-17 22:49:14 +01:00
Jakob Gillich
0f048eeb79 Set correct HTTP status code on error 
closes #1055
 2013-10-17 21:52:40 +02:00
Hannah Wolfe
e29a598fa5 CSRF for debug screen 2013-10-17 20:52:09 +01:00
Hannah Wolfe
2a6e77752f API JSON updates 2013-10-17 20:52:05 +01:00
Hannah Wolfe
d9c9ca0e33 Merge pull request #4 from sebgie/sec/3 
Sec/3
 2013-10-17 10:49:40 -07:00
Hannah Wolfe
491651da59 Merge pull request #2 from ErisDS/bookshelf-knex-update 
Updating to bookshelf 0.5.7 & knex 0.4.11
 2013-10-17 10:49:28 -07:00
Tim Griesser
13639ad8d1 Updating to bookshelf 0.5.7 & knex 0.4.11 2013-10-17 18:23:36 +01:00
Sebastian Gierlinger
374c41e138 Remove private data from API 
no issue
- added removal to user.browse, posts.read, posts.browse
- fixed removal for user.read
 2013-10-17 17:15:25 +02:00
Sebastian Gierlinger
90176e1f40 Security improvements 
no issue
- added CSRF protection
- changed session handling to express.session
- changed session handling to change session id
- added config property useCookieSession
- added file extension check for /ghost/upload
- removed /ghost/debug/db/reset
 2013-10-17 15:28:28 +02:00
Hannah Wolfe
daa87e92c2 Merge pull request #1026 from jenius/master 
Remove unneeded info from /user api response
 2013-10-17 14:12:13 +01:00
Fabian Becker
dfa7793d44 Improved test coverage of theme helpers. 
refs #246
 2013-10-17 07:53:11 +00:00
Fabian Becker
f4ac715f97 Add featured class when post is featured 
fixes #1112
 2013-10-16 11:41:49 +00:00
Hannah Wolfe
3eae0a3939 Merge pull request #1103 from b1nd/merge 
Removed unused variables and updated commenting
 2013-10-16 03:31:57 -07:00
Hannah Wolfe
7419e05b3a Merge pull request #1092 from halfdan/uc-helper 
Added new helper to escape URIs called 'encode'
 2013-10-16 02:23:13 -07:00
Fabian Becker
788987d04a Added new helper to escape URIs called 'encode' 
fixes #1089
 2013-10-16 09:19:26 +00:00
b1nd
c61806c1c8 Removed unused variables and updated commenting 2013-10-16 11:32:44 +11:00
Hannah Wolfe
930309363d Merge pull request #1020 from padhg/omit-uri-scheme 
Allow omission of URI Scheme in config.js url
 2013-10-15 12:26:18 -07:00
Jacob Kaplan-Moss
2acb546028 Fix #896 - work around errors in pagination under Postgresql. 2013-10-15 11:09:08 -05:00
Jeff Escalante
44973ba255 remove unneeded info from user api response 2013-10-14 15:07:52 -04:00
Ryan Powell
dc1cf3b509 changes to support URI's without a scheme in config.js. 
also removed "http:" from google fonts link to prevent a mixed content warning.
 2013-10-14 10:42:08 -04:00
Hannah Wolfe
119b0ea430 Merge branch '0.3.2-wip' 
Conflicts:
	core/client/assets/lib/uploader.js
 2013-10-11 20:56:15 +01:00
Hannah Wolfe
b4e04b3650 Fix for image uploads 
- express 3.4.0 uses connect 2.9.0 which had a sizable change to how multipart woks
- this change resulting in req.files.uploadimage.type going away
 2013-10-11 20:26:09 +01:00
jamesbloomer
9d114c7fa6 Lock down theme static directory to not serve templates, markdown and text files. 
closes #942
- insert custom middleware to check for blacklisted files
- redirect to express.static if file accepted
- if not valid return next() to do nothing
- currently black listing .hbs, .txt, .md and .json
- debatable which is best, black list or white list, either one will probably need tweaks but erred on side of letting
a theme serve unknown types
 2013-10-11 18:05:31 +01:00
Sebastian Gierlinger
b040ea3365 Change from address 
closes #872
- changed from address to use config.mail.fromaddress
- changed from address to default to settings.email
 2013-10-11 12:49:33 +01:00
Hannah Wolfe
9466a9753b Merge branch '0.3.2-wip' 
Conflicts:
	core/test/unit/api_posts_spec.js
 2013-10-10 16:37:35 +01:00
Hannah Wolfe
54f8a04779 Merge pull request #996 from ErisDS/0.3.2-tagfixes 
Improving tag handling in post_class and body_class
 2013-10-10 07:05:15 -07:00
Sebastian Gierlinger
6ff17c78a2 Fix filepaths for config and upload 
no issue
- added appRoot to config-loader.js
- modified uploader to use correct path
- modified tests
 2013-10-10 12:44:31 +02:00
Hannah Wolfe
f1317b84af Improving tag handling in post_class and body_class 
closes #967, closes #987

- use slug instead of name (it's unique)
- get tags even if we aren't inside the post context
- add tag handling to body_class too
 2013-10-09 19:51:55 +01:00
Hannah Wolfe
95f9fce3be Swapping escape to sanitze 
issue #938

- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
 2013-10-09 19:13:16 +01:00
Tim Griesser
c9235ccb0b Escaping several fields to prevent XSS 
issue #938
- escapes post's title field
- escapes settings title, description, email
- escapes user's name field
- includes test for post title
 2013-10-09 19:13:13 +01:00