Commit Graph

224 Commits

Author SHA1 Message Date
Felix Rieseberg
c7ad09aace Enable :author as permalink option
Closes #3858
- urlPathForPost is now aware of the author’s slug, allowing for the
permalink setting to use :author
- Frontend controller only renders posts that have the specified
author, if one is given
- Extensive tests included
2014-10-25 18:15:24 -07:00
Fabian Becker
aa5cf6ed3b Implements is-helper
closes #2249
- Added context to res.locals
- Added context aware is helper
- Added unit tests
2014-09-23 11:31:16 +02:00
Fabian Becker
c9b0df752f Cleanup reserved words in generateSlug
closes #1889
- Adds a new filter for slugs
- Move slugs to config.slugs
2014-09-18 13:56:51 +02:00
Harry Wolff
469aaa398c Add jscs task to grunt file and clean up files to adhere to jscs rules.
resolves #1920

- updates all files to conform to style settings.
2014-09-17 21:44:29 -04:00
Hannah Wolfe
aa0d9fda46 Merge pull request #4025 from mvalipour/master
URL replacement in RSS feed mucks with content
2014-09-15 20:35:18 +01:00
Mo Valipour
98d0954e32 Fix URL replacement in RSS feed mucking with content
closes #3983
- removed naive regex implementation
- added cheerio to project dependencies
- used cheerio to parse RSS content
- use attribute getter/setter to replace href/src attribute urls with the resolved version
2014-09-13 18:11:07 +01:00
Hannah Wolfe
5faeb2996b Merge pull request #3874 from morficus/issue-3241
adding config flags to control all items mentioned in PRIVACY.md
2014-09-13 17:23:56 +01:00
Maurice Williams
3583515e44 adding config flags to control all items mentioned in PRIVACY.md
closes #3241
- in config.js, the `privacy` attribute holds all privacy-related flags
- `privacy.userTinfoil: true` disables everything (equivalent to setting all flags to false)
- added helper function to core/server/config/index.js to checking privacy flags
- added helper function to core/server/config/index.js to show warning about deprecated items
2014-09-13 12:04:01 -04:00
Chris Pearce
97946cbc14 Ability to create custom template files for custom tags. Eg. tag-design.hbs 2014-09-05 17:35:30 +01:00
Jason Williams
07ad400ee0 Replace the when promise library with bluebird.
Closes #968
2014-08-23 17:15:40 +00:00
Jilles Soeters
6249d28a92 Added target="_blank" to all links that go to the support page. 2014-08-15 16:46:24 +02:00
Hannah Wolfe
2aed220e9e Merge pull request #3647 from felixrieseberg/iss3644
Accept all versions of 'edit' as URL parameter
2014-08-13 18:22:18 +01:00
Harry Wolff
5d70604f9b Fix rss content's url to the RSS feed
fixes #3719

- correctly sets the path to the RSS feed for tags and authors
2014-08-09 23:16:27 -04:00
Felix Rieseberg
8453067d70 Accept all versions of 'edit' as URL parameter
closes #3644
2014-08-06 20:07:41 -07:00
Hannah Wolfe
03a46a0b24 Improved Update Notification
- adding a version number to the notification
- adding a link to the upgrade docs, to make this process easier.
2014-08-06 08:33:00 +01:00
Hannah Wolfe
f9ff78475b Complete frontend multi-user features
closes #3076

- author RSS pages
- fixes page_url / pagination helper
- add 'author' option to has helper
- tests for author pages, author rss pages and helpers
2014-07-31 15:33:52 +01:00
Hannah Wolfe
e4134ccad7 Merge pull request #3438 from hswolff/home-template
Add ability to create a 'home.hbs' template file for templates
2014-07-29 17:10:47 +01:00
Harry Wolff
fd61b9ff2a Add ability to create a 'home.hbs' template file for templates
issue #3409

- DRYs out the controllers/frontend a little by moving common functinoality
 into its own function
- adds ability to use home.hbs template file if it exists
- adds unit tests for this functionality
2014-07-29 08:14:20 -04:00
Sebastian Gierlinger
d5747430e9 Remove email address from frontend
closes #2330
- added deletion email address from post.author in front end
- updated tests
- with some refactoring this could be done on API level
2014-07-29 11:23:02 +02:00
Sebastian Gierlinger
ed39e375a2 Fix author page
no issue
- fixed: author page used config object as function
2014-07-23 09:39:51 +02:00
Harry Wolff
be37070fb6 This aims to speed up both the ghost application and tests by
migration from usage of config() to just an object of config.

no relevant issue

- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing.  Its sole purpose is to make sure a `config.js`
 file exists, and as such the name now reflects that purpose.

- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules

- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.

- Fixes to tests to support new config access method

- Allow each test to still work when invoked invidually
2014-07-22 22:37:44 -04:00
John O'Nolan
d60382f0f0 Trim version number in RSS feeds 2014-07-21 23:07:21 +02:00
Hannah Wolfe
c0732292ac Merge pull request #3331 from ErisDS/issue-3076
Author pages
2014-07-21 20:57:06 +01:00
Sebastian Gierlinger
05b3606fd3 Remove inline script from default.hbs
no issue
- added config values as data attributes
- removed inline script
- removed current-user.js
2014-07-21 20:00:54 +02:00
Hannah Wolfe
2d01e15a18 Author pages
refs #3076

- This is a first draft implementation, just to make it work so that we can get casper working
2014-07-20 17:49:19 +01:00
Hannah Wolfe
cfaa6f058a Wire permmissions for notifications, mail and tags
closes #2739

- wraps the api endpoints for mail, notifications, and tags in a canThis
  check
- add internal context to internal calls
- updates tests
2014-07-17 16:44:09 +01:00
Sebastian Gierlinger
2957b0175e Move image upload to API
closes #3252
- added `/ghost/api/v0.1/uploads/` endpoint
- removed upload method from `controller/admin.js`
- moved removal of temporary files from storage to endpoint (needed to
account for failed uploads)
- changed and moved tests
- Oversight: I think that we use `.otherwise()` and `.catch()` a bit
too extensive and mask the real error objects. We probably need an
error handling strategy at some point in the future.
2014-07-15 12:40:14 +02:00
Jason Williams
1bf975af90 Turn on update notifications for Ember admin
Issue #3160
- Use notifications API to display available update notification.
- Remove update_notification handlebars helper as now both the
  check for an available update and the notification handling
  is run from the server's admin controller index method.
- Bind the notification's location property to a css class
  for styling.
- Refactor Ember notifications to better handle notification
  objects.  Move responsibility for css class generation onto
  the notification component.
- Refactor gh-notifications component to take a location argument
  that's used to assign a css class and filter notifications.
2014-07-11 15:02:26 +00:00
Sebastian Gierlinger
8c2258dc4c Move setup to API
closes #3136
- moved setup to authentication API
- added `POST /ghost/api/v0.1/authentication/setup` to execute the
setup process
- added `GET /ghost/api/v0.1/authentication/setup` to check if blog is
already set up (needed for #3145)
- removed unused methods from api/users.js
2014-07-11 14:17:09 +02:00
Sebastian Gierlinger
215badc663 Setup hijacks owner user
closes #3074
- user generated by fixture is hijacked
- user is updated with name, email, password, slug and status
- creates new user if db is migrated but no user exists
- previously removed tests are back
2014-07-10 19:29:51 +02:00
Hannah Wolfe
f70f99b5cf Replace the old admin with the ember admin
closes #3056

- Remove clientold
- Remove clientold tests
- Cleanup old admin helpers
- Remove old routes from admin and controllers from admin controller
- Comment out / remove old and broken tests
- Cleanup Gruntfile.js, bower.js, package.json etc

Still TODO:

- cleanup / add removed tests
- do we still need countable?
2014-07-01 08:33:17 +01:00
Sebastian Gierlinger
c8e8da4780 oAuth
closes #2759
closes #3027

- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based

Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125

**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
2014-06-30 14:58:10 +02:00
Fabian Becker
72156c7f89 New setup screen for blog installation.
fixes #3072
- Change router to handle /ember/setup/
- Adjust doSignup to also handle setup
- Adjust tests and add new where necessary
- Add setup controller, setup validation, setup route
- Adjust casper emberSetup to handle new setup
2014-06-26 15:31:44 +02:00
Hannah Wolfe
72b3b3ceb1 Setting Ghost logo to correct URL 2014-06-24 00:24:13 +01:00
Hannah Wolfe
a11fd67ec9 Add fileStorage config to frontend
closes #2956

- adds fileStorage to config passed to ember, and then grabs it in the relevant places.
2014-06-23 23:33:14 +01:00
Hannah Wolfe
bb490e4bbd Hide settings/apps unless apps:true is in config.js
fixes #3031

- Adds an initializer for passing config to the frontend, it's not pretty but it works
- Forwards the apps route and hides the apps menu item if apps:true is not present in config.js
2014-06-23 20:27:51 +01:00
Sebastian Gierlinger
1db0431e4d User API changes
closes #2822
- added destroy user method
- added remove user permission
- added API end point for get reset token
- added API end point for reset password
- added API end point for change password
2014-06-20 11:15:01 +02:00
Jason Williams
a595817b8c Fix csrfSecret handling
Closes #2974
-use req.session.csrfSecret instead of _csrfSecret.
-clear username and password properties from the signin controller.
2014-06-16 20:32:51 +00:00
Fabian Becker
2bff35bcc2 Complete moveover to new Notification API format
fixes #2775
- Fix all occurences of notifications.add to use proper API format
2014-06-16 08:07:29 +00:00
Fabian Becker
21a7e3ebb2 Fixes static pages when permalinks are active.
fixes #2938
- Fix `page === 1` occurences
- Fix ember logic
2014-06-13 01:00:18 +02:00
Harry Wolff
5d028b72fb Upgrade to Express 4.0
no related issue

- Updates package.json packages, adding express middleware packages
 that have been broken into their own modules

- Updates controllers/frontend.js to use the new Layer object that Express 4.0
 has.  Requires some monkey-patching as the Layer object isn't explicitly
 surfaced, however it should be safe to do.

- Moved the setup of routes into middleware/index.js because they need to
 be added as a middleware function before the 404 and 500 handlers. This is
 no longer possible with the old app.use(app.router) as that has been removed.

- Cleaned up middleware/index.js to make it compatible with Express 4.0.

- Simplified the way themes are activated and enabled when they are activated.
 The new handling is simpler, yet should still cover all the use cases that
 previously existed.

- The entire flow of activating a theme through middleware should be a little
 more centralized, letting it be easier to read and maintain.

- Moved every routes/*.js file to use an individual express.Router() instance.
2014-06-08 17:41:25 -04:00
Maurice Williams
6fda048827 refreshless user logout
fixes #2842
- new Ember route for signout
- new API route to allow async signout
2014-06-02 17:12:02 -04:00
Hannah Wolfe
d3c1bdb758 Merge pull request #2820 from jgable/fix403
Fix 403 errors after signup
2014-05-29 15:39:00 +01:00
Jacob Gable
5abeadf80d Ember Data with Posts
Ref #2699

- Introduce ember data dependency
- Add loadInitializers and refactor most initializers into one combined
- Add Post ember data model
- Refactor generateSlug to use title of post and ghostPaths
- Refactor post controller to not reference model.property everywhere
- Use RESTAdapter for posts, users and tags
- Setup author and tag relations in Post model
- Fix broken API calls by adding CSRF header
- Add initiaizer for csrf value
- Use actual User model for current user initializer
- Add action for setting featured post, test with actual api call
- Fix the sending of UUID's up to the server
- Refactor current-user to use ember-data store
- If a user is preloaded in the application, use pushPayload to put it
in the store
- Do a lookup on the store to get an actual User model for injection
- Fix posts/post controllerName in route/new.js
- Alter signup process to push user into ember data store
2014-05-29 07:42:51 -05:00
Jacob Gable
dc58d6936a Fix 403 errors after signup
Closes #2819

- Keep around the _csrfSecret on the session after regenerating
2014-05-26 20:01:45 -05:00
Jacob Gable
42a1d55858 Improve signin
Ref #2413

- Remove fixture and use actual API
- Store and send down actual logged in user data
- Refactor isLoggedIn to use computed property on application
- After signin, update user data in dependency container
- Add CSRF to all routes and controllers via initializer
- Update authenticated route to check for user.isLoggedIn
- Add notifications for signin error
- Add notifications.showAPIError helper
- Add plumbing for refreshless signup to doSignUp in admin controller
2014-05-15 09:18:43 -05:00
Hannah Wolfe
c02ebb0dcf Refactor API arguments
closes #2610, refs #2697

- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
  everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
  to perform reads, updates and deletes where possible - settings / themes
  may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-15 10:41:05 +01:00
Jacob Gable
f565dd505a Fix sign up not setting user on session
No issue found

- Grab user out of api response from users[0]
2014-05-14 20:38:58 -05:00
Hannah Wolfe
692573a241 Merge pull request #2735 from shindakun/tag404
Display 404 page if tag does not exist.
2014-05-14 16:32:18 +01:00
Gabor Javorszky
24190a186e Move mail api to json/api format
Fixes #2650
* rerouted all mail sending to api/mail
* changed request and response formats to json/api-like structure
* tested with forgotten password and new blog email
2014-05-13 17:34:37 +01:00