Commit Graph

8703 Commits

Author SHA1 Message Date
Kevin Ansfield
26d567b948 Fixed high CPU usage of grunt dev
no issue
- exclude the `core/server/lib/members/static/auth` from the express reload watch task as it contains a large `node_modules` directory which caused `grunt-contrib-watch` to peg the CPU
- the directory only relates to static client-side files which do not require a server restart on change and ivereload is handled via the separate `preact watch` shell task
2019-01-02 13:30:37 +00:00
Nazar Gargol
6797da599b Added functional test for import endpoint in API v2
no issue

- This change is a follow up to this bugfix https://github.com/TryGhost/Ghost/pull/10299
- Added default export JSON to keep the state of db test suite intact
- Small typo fixe that noticed while debugging
2019-01-02 14:10:25 +01:00
Hannah Wolfe
8d6def159a Reworked ghost_head tests as unit tests
- Removed dependency on the database
- We should not have integration tests for this kind of code

- Note: had to fix rss url tests as sandbox wasn't restored afterwards
2019-01-02 09:51:38 +00:00
John O'Nolan
679fc7e1c5 2019 2019-01-01 14:07:15 +00:00
Nazar Gargol
af7daa08f9 Version bump to 2.9.1 2018-12-20 11:28:23 +01:00
Nazar Gargol
aca3987ffd Updated Ghost-Admin to 2.9.1 2018-12-20 11:28:23 +01:00
Kevin Kuang
4a5a5acba7 🐛 Fixed broken content import in Admin API v2 (#10299)
no issue
2018-12-20 11:01:48 +01:00
Kevin Ansfield
4c9d4ed664 Version bump to 2.9.0 2018-12-17 14:25:24 +00:00
Kevin Ansfield
3d7cb90e52 Updated Ghost-Admin to 2.9.0 2018-12-17 14:25:24 +00:00
Kevin Ansfield
42ad412339 Upgrading Casper to 2.8.0 2018-12-17 14:18:49 +00:00
Aileen Nowak
506d013f25
Ability to not send welcome email (#10293)
no issue

- We need to be able to not send the welcome email if needed
- Intruduces a new possible config setting `sendWelcomeEmail` which is set to `true` by default
2018-12-17 15:02:47 +01:00
Naz Gargol
aa8e75914d
Migrated db controller to API v2 (#10051)
refs #9866

- Migrated db import/export routes to use new db controller
2018-12-17 14:45:09 +01:00
Katharina Irrgang
5d2ab19881
Removed invitedBy from admin API: invitation endpoint (#10291)
refs #10286

- we want to deprecate all `x_by` fields
- we would like to get rid of all usages to be able to easily remove the fields in the future
- `invitedBy` is not used in the admin client
2018-12-17 14:16:39 +01:00
Katharina Irrgang
799857b77a 🐛 Fixed URL is not a constructor for Node v6 (#10289)
closes #10287
2018-12-17 17:23:45 +05:30
Naz Gargol
aca887a35d
Added async file header handling for API v2 (#10292)
refs #9866
2018-12-17 12:47:19 +01:00
Greg Hart
261a8234e9 Added Slack username option. (#10285)
refs #9735.
2018-12-14 18:57:32 +07:00
汪磊
2645ff05a0 🐛 Removed duplicate shortcut icon link (#10254)
no issue

{{amp_ghost_head}} already provides this
2018-12-14 16:59:06 +07:00
汪磊
7419566756 🐛Fixed multiple authors for amp (#10253)
no issue

- refs: gscan `GS001-DEPR-AUTHBL`
- the amp page always printed a single author only
2018-12-14 10:19:51 +01:00
Peter Zimon
42e013cfae
Members auth ui refinements (#10279)
* Update mobile modal animations
* Member popup input error and placeholder refinements
* Adding close animation to members auth popups
* Improve members auth dialog
* Refine members reset password design
2018-12-14 09:57:08 +01:00
Fabien O'Carroll
7dd2b04343 Removed ssoOriginCheck from signout endpoint (#10277)
no-issue

the ssoOriginCheck exists to ensure that we only allow signin/signup to
be called from the specified auth page, this is a very minor security
feature in that it forces signins to go via the page you've designated.
signout however does not need this protection as the call to signout
completely bypasses any UI (this is the same for the call to /token)
2018-12-14 12:26:31 +05:30
Fabien O'Carroll
2d92793b3f
Cleaned up image manipulator (#10282)
no-issue

* Added InternalServerError to resizeImage

* Added a redirect to original image if sharp is missing

* Improved naming - safeMethod -> method

* Updated process method to follow same sharp check pattern

* Refactor safety wrapper into makeSafe function

* Moved generic manipulation error to makeSafe function

* Refactored unsafeProcess to use unsafeResizeImage

* Removed CRAZY catch
2018-12-14 11:54:52 +07:00
Fabien O'Carroll
7099dd45a5
Supported dynamic image resizing for LocalFileStorage(#10184)
refs #10181 

* Added initial handleImageSizes middleware

* Implemented saveRaw method on local file storage

* Wired up handleImageSizes middleware

* Implemented delete for LocalFileStorage

* Removed delete method from theme Storage class

* Deleted sizes directory when theme is activated

* Ensured that smaller images are not enlarged

* Renamed sizes -> size

* Exited middleware as early as possible

* Called getStorage as late as possible

* Updated image sizes middleware to handle dimension paths

* Revert "Deleted sizes directory when theme is activated"

This reverts commit 9204dfcc73a6a79d597dbf23651817bcbfc59991.

* Revert "Removed delete method from theme Storage class"

This reverts commit b45fdb405a05faeaf4bd87e977c4ac64ff96b057.

* Revert "Implemented delete for LocalFileStorage"

This reverts commit a587cd6bae45b68a293b2d5cfd9b7705a29e7bfa.

* Fixed typo

Co-Authored-By: allouis <fabien@allou.is>

* Redirected to original image if no image_sizes config

* Refactored redirection because rule of three

* Updated comments

* Added rubbish tests

* Added @TODO comment for handleImageSizes tests

* Added safeResizeImage method to image manipulator

* Used image manipulator lib in image_size middleware
2018-12-13 20:25:24 +07:00
Todd Justin York
2860ddeb3b Switched to using safe string for navigation slug (#10267)
closes 10258

- we should use consistent tooling for generating slugs across the whole of Ghost
2018-12-13 12:30:56 +00:00
Fabien O'Carroll
c2275ed131
Added size attribute support to img_url helper (#10182)
refs #10181 

Adds support to request a size in the img_url helper using syntax like:
    <img src="{{img_url profile_image size="small"}}"/>

Requires the image_sizes config to be defined in the themes package.json
2018-12-13 19:14:08 +07:00
Dexter Leng
8c3d29edb2 🐛 Striped invisible unicode characters from slugs (#10252)
refs #9826

- Striped invisible characters from slug based on regexp pulled directly from XRegExp library, similarly to the approach taken in 9eef2616e4 (diff-50bf43eef863952813617ae9997538d0R4)
2018-12-13 13:06:59 +01:00
Fabien O'Carroll
43ce1f02c1
Fixed broken spam prevention test (#10281)
* Fixed broken spam prevention test

closes #10280

* Improved spam prevention test
2018-12-13 18:44:32 +07:00
Hannah Wolfe
7cce71d997
🐛 Fixed get helper when API v0.1 is disabled (#10270)
closes #10266

- the Public API labs flag refers to the v0.1 API only
- if it is disabled, the v0.1 API should be disabled
- if the theme is using v2 API, then the get helper should be available regardless
2018-12-12 15:38:35 +00:00
kirrg001
a357df1eb9 Version bump to 2.8.0 2018-12-11 14:25:52 +01:00
kirrg001
bb9e901457 Updated Ghost-Admin to 2.8.0 2018-12-11 14:25:52 +01:00
Fabien O'Carroll
5cb053412f
Updated member lib/auth service to use origin of site url (#10271)
no-issue
2018-12-11 19:45:03 +07:00
Fabien O'Carroll
ba087a1b51 Added member auth node_modules to .npmignore (#10269)
no issue
2018-12-11 12:33:46 +01:00
kirrg001
0f2f75cc16 Upgrading Casper to 2.7.1
no issue
2018-12-11 12:06:04 +01:00
Katharina Irrgang
9d7c3bd726
🐛 Fixed all known filter limitations (#10159)
refs #10105, closes #10108, closes https://github.com/TryGhost/Ghost/issues/9950, refs https://github.com/TryGhost/Ghost/issues/9923, refs https://github.com/TryGhost/Ghost/issues/9916, refs https://github.com/TryGhost/Ghost/issues/9574, refs https://github.com/TryGhost/Ghost/issues/6345, refs https://github.com/TryGhost/Ghost/issues/6309, refs https://github.com/TryGhost/Ghost/issues/6158, refs https://github.com/TryGhost/GQL/issues/16

- removed GQL dependency
- replaced GQL with our brand new NQL implementation
- fixed all known filter limitations
- GQL suffered from some underlying filter bugs, which NQL tried to fix
- the bugs were mostly in how we query the database for relation filtering
- the underlying problem was caused by a too simple implementation of querying the relations
- mongo-knex has implemented a more robust and complex filtering mechanism for relations
- replaced logic in our bookshelf filter plugin
- we pass the custom, default and override filters from Ghost to NQL, which then are getting parsed and merged into a mongo JSON object. The mongo JSON is getting attached by mongo-knex.

NQL: https://github.com/NexesJS/NQL
mongo-knex: https://github.com/NexesJS/mongo-knex
2018-12-11 11:53:40 +01:00
Fabien O'Carroll
48923ac327
Wired members service up to api and app (#10262)
* Updated auth service members middleware

refs #10213

* Wired up members api router to the ghost api endpoints

refs #10213

* Created members app for the static pages

refs #10213

* Wired up the members app

refs #10213
2018-12-11 15:18:07 +07:00
Fabien O'Carroll
0b58f4cf62
Added members service to create instance of members lib (#10261)
refs #10213 

* Added members service to create instance of members lib
2018-12-11 14:57:01 +07:00
Fabien O'Carroll
a5ea34900b
Added members lib module (#10260)
* Added members library inc. gateway

refs #10213

* Added the auth pages and build steps for them

refs #10213

* Cleaned up logs

* Updated gruntfile to run yarn for member auth

* Design refinements on members popups

* UI refinements

* Updated backend call to trigger only if frontend validation passes

* Design refinements for error messages

* Added error message for email failure

* Updated request-password-reset to not attempt to send headers twice

* Updated preact publicPath to relative path

* Build auth pages on init
2018-12-11 13:47:44 +07:00
Fabien O'Carroll
0bf5dd212a Added members related db changes and models
refs #10213
2018-12-11 11:53:55 +07:00
Fabien O'Carroll
38c631eaf7 Installed deps required for members
refs #10213
2018-12-11 11:53:55 +07:00
Fabien O'Carroll
dcfaecfe92
🐛 Added CORS support to the v2 Content API (#10257)
no-issue

When trying to use /api/v2/content from a different domain, the requests
were failing with CORS errors. This doesn't use the shared cors middleware,
because it should be open to all hosts, and not locked down via our
whitelist or trusted domains.
2018-12-11 11:44:12 +07:00
Hannah Wolfe
31269de7c3 Switched to using relative urls for submodules
closes #10265 (again)

- Absolute git urls break travis
- Try relative urls as a simpler solution than managing keys
2018-12-10 16:56:35 +00:00
Hannah Wolfe
6499e114ec Switched to using git URLs for submodules
closes #10265

- trying to balance ease of contributing with git urls not always working
- optimising for ease of contributing for now, but #10265 has other options just in case
2018-12-10 16:23:11 +00:00
kirrg001
7af2802e14 Added validation for null|undefined values for required keys
closes #10071
2018-12-10 16:33:39 +01:00
kirrg001
ccd9541f75 Replaced hardcoded translation in shared input validator
no issue

- re-use existing keys
2018-12-10 16:33:39 +01:00
kirrg001
812e533554 Corrected incorrect syntax for required propierties
no issue
2018-12-10 16:33:39 +01:00
kirrg001
11f0f1c314 Fixed incorrect validation message for required values
no issue

- the message always showed: `Validation (FieldIsRequired) failed for key`
2018-12-10 16:33:39 +01:00
Nazar Gargol
da7fdfeae6 Extracted trimAndLowerCase utility to shared utility module
refs #9866
2018-12-10 13:56:42 +01:00
Fabien O'Carroll
3d7b4dc0f5 Version bump to 2.7.1 2018-12-05 14:28:11 +07:00
Fabien O'Carroll
b0f9218026 Updated Ghost-Admin to 2.7.1 2018-12-05 14:28:11 +07:00
Fabien O'Carroll
3618db6d40 Version bump to 2.7.0 2018-12-04 21:10:16 +07:00
Fabien O'Carroll
06c976cde0 Updated Ghost-Admin to 2.7.0 2018-12-04 21:10:16 +07:00