Commit Graph

1727 Commits

Author SHA1 Message Date
Hannah Wolfe
77447fc42d Merge pull request #5876 from sebgie/issue#5872
Fix client.secret for new installs
2015-09-27 13:50:36 +01:00
Hannah Wolfe
20c192557d Test support for various URL schemes
refs #5801
2015-09-27 10:31:49 +01:00
Sebastian Gierlinger
dbc53dc853 Merge pull request #5858 from ErisDS/issue-5808
Show a single 422 error for invalid values
2015-09-26 12:14:12 +02:00
Sebastian Gierlinger
67f759df33 Merge pull request #5875 from ErisDS/no-published-by-override
Don't allow published_by override
2015-09-26 12:08:53 +02:00
Kevin Ansfield
621b633079 Fix front-end URL output for more URL schemes
- allows direct pass-through of protocol-relative (`//host`), alternate-scheme (`tel:`), and anchor-only urls (`#contact`)
2015-09-25 22:58:37 +01:00
Sebastian Gierlinger
a87715f688 Fix client.secret for new installs
closes #5872
- added random secret for new databases
- added temporary fix for existing databases
- secret is still static (`not_available`) during tests
- fixed fork mechanism to keep active environment (never change
NODE_ENV!!!)
2015-09-25 21:03:33 +02:00
Hannah Wolfe
0462607296 Don't allow published_by override
- published_by should be set by business logic, rather than by users

Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
2015-09-25 17:44:49 +01:00
Sebastian Gierlinger
bc25348fcc SSL redirects
closes #5873
- replaced redirectPathname with url method
- added tests
2015-09-25 12:02:14 +02:00
Hannah Wolfe
545bea0eaf Return a single 422 error for invalid values
refs #5808

- Fix the API to return a single 422 error when an invalid value is passed
- Only affects Browse, and not Read at present due to differences in how they are handled
- Frontend was changed to always 404 in #5851
- Adds tests to ensure all cases are covered
2015-09-25 10:30:49 +01:00
Sebastian Gierlinger
63f09687bb Merge pull request #5870 from ErisDS/uncapitalise-subdir
Uncapitalise respects subdirectories & no encoding
2015-09-25 10:29:36 +02:00
Hannah Wolfe
8895f41ee2 Uncapitalise respects subdirectories & no encoding
no issue

- Uncapitalise was dropping the subdirectory when redirecting - so the base url has been added where present
- Uncapitalise was also working differently in node 0.10 and 0.12 - so the path is decoded before testing for uppercase
- Adds some test coverage
2015-09-24 18:52:30 +01:00
Sebastian Gierlinger
cce1cc55ca Merge pull request #5867 from ErisDS/api-password
Don't alter password from User.edit endpoint
2015-09-24 13:37:24 +02:00
Sebastian Gierlinger
4351dfd179 Merge pull request #5866 from cobbspur/import
Fix handling of slugs on import
2015-09-24 12:46:16 +02:00
Hannah Wolfe
07e18cbdff Merge pull request #5863 from acburdine/author-edit
Add `/author/:slug/edit/` route to frontend
2015-09-24 08:42:55 +01:00
Hannah Wolfe
00656a729b Don't alter password from User.edit endpoint
- password changes should only be possible from the password change endpoint

Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
2015-09-23 23:07:49 +01:00
Sebastian Gierlinger
48919a96c0 Merge pull request #5859 from ErisDS/plural
Add replacement for zero in plural helper
2015-09-23 18:42:01 +02:00
cobbspur
c0b5de6e81 Fix handling of slugs on import
closes Issue #5812

- pass importing property through to utils
- fix safeString method for imports
2015-09-23 17:41:44 +01:00
Austin Burdine
61705cf5f4 add author edit route
no issue
- adds front-end author edit route that redirects to the edit author page
- adds tests for edit route
2015-09-23 08:33:09 -05:00
Hannah Wolfe
d1c7ec0799 Add replacement for zero in plural helper
- currently, the plural helper doesn't replace % with the number when the number is zero, which is inconsistent
- this change ensures that theme developers can choose to show the number or a plain string
2015-09-22 16:00:20 +01:00
Nazar Gargol
fd7e118ed5 Returns 404 page instead of crashing a server whenever special characters are used for tag filtering
closes #5808
refs #5816
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
2015-09-20 22:47:34 +02:00
Sebastian Gierlinger
c57edd67a7 Merge pull request #5817 from ErisDS/issue-5810-sqlite
Don't eager load relations on tag update
2015-09-18 14:23:36 +02:00
Sebastian Gierlinger
ef6a99fb34 Merge pull request #5844 from ErisDS/validation-fix
Add underscores to general validation
2015-09-18 11:24:04 +02:00
Hannah Wolfe
95623e60ae Add underscores to general validation
fixes #5816

- general slugs and other fields should permit underscores as well as dashes
2015-09-17 12:24:11 +01:00
Hannah Wolfe
0aea83f7d9 Don't eager load relations on tag update
closes #5810

- switch from using bookshelf's eager loading, to loading separately
- should resolve the TOO MANY SQL VARIABLES error
2015-09-17 09:59:46 +01:00
Sebastian Gierlinger
762824690a Improve Middleware Code Coverage
refs #5286
- finished tests for check-ssl.js
2015-09-08 18:05:22 +02:00
Hannah Wolfe
449def7234 Switch to using sequence for updating tags
no issue

- makes upgrading very large numbers of posts & tags more reliable
2015-09-04 09:22:16 +01:00
Hannah Wolfe
b422d9d32c Use sequence for migrations instead of Promise.all
no issue

- ensures that all migrations complete before the next one begins
2015-09-03 12:09:58 +01:00
Hannah Wolfe
b2204f404d Insert new info post fixture for upgrades
no issue

- Inserts an extra post fixture into the DB only when upgrading
- Post fixture is a draft and will appear at the top of the list
2015-09-02 16:59:37 +01:00
Hannah Wolfe
a3f107da8e Maintain tag order for posts
refs #5727, #5602

- Add new 'order' column to posts_tags table
- Migrate all existing posts_tags to have a correct value for 'order'
- Rewrite updateTags to not remove all tags, and to correctly maintain order
- Add transaction support for tag operations
- Many tests
2015-09-02 16:39:34 +01:00
Sebastian Gierlinger
f22796ff7d Add dynamic client_id/client_secret
no issue
- added ghost-admin client_id to admin
- added ghost-admin client_secret to admin
- added client.read() api endpoint
- added random generation of client_secret to migration
- removed addClientSecret method
- updated tests
2015-09-02 16:39:34 +01:00
Hannah Wolfe
6926e20478 Fix upgrade path from really old versions
closes #5692, refs felixrieseberg/Ghost-Azure#1

- fix broken promise code
- fix incorrect handling of hash in user.add which causes 'Error: Invalid salt version 2' if owner user fixture is not present
2015-09-02 16:39:13 +01:00
Hannah Wolfe
95e6b0a59d Add migration to modify badly formatted tags
refs #5685, #5709

- cycle through all tags, removing leading commas and trim spaces
- if the string is empty, change to 'tag' - the slug base for this model
- if there is a change, save it
2015-09-02 13:39:23 +01:00
Hannah Wolfe
114696f7e2 Change type for private blog settings
refs #5614 and #5503

- update private blog type, including update to settings.edit
- switch order of populate settings & update fixtures + populate all settings

Private blog settings should not be returned by public endpoints
therefore they need a type which is not `blog` or `theme`.
`core` doesn't suit either, as those settings don't usually have UI
To resolve this, I created a new type `private` which can be used
for any setting which has a UI but should not be public data
2015-09-02 13:39:23 +01:00
Sebastian Gierlinger
d215983d53 Update client fixtures
closes 4184
- update ghost-admin client
- add ghost-frontend client
2015-09-02 13:39:23 +01:00
Joe Cannatti
6938216984 Add tour field to User
closes #5171

- adds tour field to user model
- Bump Schema version
- Update tests
2015-09-02 13:39:22 +01:00
Austin Burdine
6c5fea40ca Remove auto-inclusion of jQuery via ghost_foot
closes #5298
- remove all harcoded instances of jQuery throughout the front-end of the blog
- add migration function to add cdn link to ghost_foot code injection when migrating up from version 003
- migration version bump
2015-09-02 13:39:22 +01:00
Sebastian Gierlinger
52e35a282b Add table columns for OAuth
closes #4174
- added trusted domains
- removed unique constraint from secret
2015-09-02 13:39:22 +01:00
Samuel Goodwin
48601e6f49 Add the needed table columns for client Oauth.
closes #4174
- Added columns to client table in schema.js
- Bumped database version in default-settings.json
- Updated tests to support new schema version
2015-09-02 13:39:21 +01:00
Sebastian Gierlinger
5ce8ca5d6e Merge pull request #5518 from ErisDS/fetch-options
Field options
2015-08-29 19:49:38 +02:00
Hannah Wolfe
e9a96816ac Adding 'fields' param for browse requests
refs #5601, #5463, #5343

- adds rudimentary support for a 'fields' parameter on browse requests
2015-08-28 19:08:22 +01:00
Hannah Wolfe
0e7968c573 Merge pull request #5709 from kevinansfield/tag-name-comma-validation
Validate leading commas in tag names
2015-08-28 19:03:31 +01:00
Hannah Wolfe
5be781a0dc Remove first run alert
refs #5652
2015-08-26 15:29:26 +01:00
Hannah Wolfe
2c29ae1ad2 Don't return from sending welcome mail
closes #5675

- welcome mail is non-critical, invalid mail setups shouldn't interfere with setting up a blog
2015-08-25 09:08:11 +01:00
Kevin Ansfield
32ff18ccb0 Validate tag names don't start with commas
closes #5685
- Adds client and server-side validation for tag names starting with commas
- Trim tag names before adding in PSM (tag attributes are already trimmed before saving in TSM)
2015-08-24 16:55:30 +01:00
Hannah Wolfe
fc39bd1ed4 Merge pull request #5705 from sebgie/auth-strategies-coverage
Improve middleware coverage
2015-08-23 19:05:39 +01:00
Sebastian Gierlinger
6120d0a80f Improve middleware coverage
refs #5286
- changed auth-strategies to be testable
- added tests
2015-08-21 23:46:42 +02:00
Sebastian Gierlinger
a82e9aa3c5 Mail consolidation
refs #5489
- move mail.js -> mail/index.js
- move email-templates -> mail/templates
2015-08-20 11:36:14 +02:00
John O'Nolan
454f456adf Merge pull request #5651 from ErisDS/msg-change
Small messaging improvements
2015-08-12 06:10:43 +02:00
Hannah Wolfe
16407b41ee Merge pull request #5655 from sebgie/extract-permissions
Refactor handlePermissions
2015-08-11 19:32:20 +01:00
Hannah Wolfe
f40bff0cbb Startup message explicitly mentions production
no issue
2015-08-11 18:01:36 +01:00
Sebastian Gierlinger
44622d943d Refactor handlePermissions
no issue
- extract handlePermissions to utils
- added NoPermissionError when canThis() rejects
- omitted users.js because it uses special permission handling
2015-08-11 16:03:57 +02:00
Sebastian Gierlinger
9376bdf699 Merge pull request #5646 from ErisDS/issue-5150-nextprev
Next/Prev Post helpers include author & tags
2015-08-11 15:46:23 +02:00
Hannah Wolfe
7d8bd3d8d4 Merge pull request #5639 from acburdine/notifications-pipeline
Apply pipeline to notifications API endpoints
2015-08-10 17:41:28 +01:00
Hannah Wolfe
026e3de597 Merge pull request #5640 from cobbspur/errors
Fix server errors for signin
2015-08-10 13:20:53 +01:00
cobbspur
69d020ce44 Fix signin errors
refs #5635

- fixes format for server errors
- changes signin-api validation errors to be text rather than alerts
2015-08-10 12:26:45 +01:00
Hannah Wolfe
a00eace849 Next/Prev Post helpers include author & tags
closes #5150

- Post API understands next.author, next.tags, previous.author and previous.tags
- Post Read request filters out those properties and does the right thing with them
- Prev/Next post helpers send extra include properties
- Tests updated
2015-08-10 08:58:25 +01:00
Austin Burdine
392cb0038c apply pipeline to notifications endpoint
refs #5508
- adds pipeline to the add and destroy methods of the notifications api
2015-08-09 22:42:10 -06:00
Hannah Wolfe
8d89c3e5ab Fix pagination for tags with post_count
closes #5551

- adds new test fixture generator and tests for tag pagination
- changes how post_count is added to use a select subquery rather than a join
2015-08-09 18:59:58 +01:00
Sebastian Gierlinger
a993f80a51 Auth tests
- added tests for authentication middleware
- changed use of auth strategies
2015-08-09 12:50:05 +02:00
Fabian Becker
c1a2601514 Middleware Refactor
- Refactor SSL middleware into separate module.
- Refactor redirectToSetup to separate module + tests
- Refactor serveStaticFile + tests
- Refactor authentication middleware + tests
- Refactor private blogging middleware

refs #5286
2015-08-04 14:53:58 +02:00
Hannah Wolfe
524b247c58 Add public API permission handling
refs #4004, #5614

- added new public permission handling functions to permissions
- added a new util to handle either public permissions or normal permissions
- updated posts, tags and users endpoints to use the new util
- added test coverage for the new code
2015-08-03 19:30:17 +01:00
Hannah Wolfe
d045cad0e5 Merge pull request #5612 from cobbspur/fixFeaturedPost
Fix API query for featured posts
2015-07-29 12:22:29 +01:00
cobbspur
870d6af066 Fix API query for featured posts
No Issue

- fixes bug where featured: false was not being built into query
- adds tests
2015-07-29 02:42:08 +01:00
Kevin Ansfield
7ac6ebb920 Refactor notifications service & components
issue #5409

- change persistent/passive notification status to alert/notification
- replace showSuccess/Info/Warn/Error with showNotification/showAlert
- fix and clean up notification/alert components
2015-07-28 12:26:11 +01:00
Maurice Williams
d89abaa15e foundation work for server-side i18n support:
* ref #5345 and #3801
* creating helper methods for dealing with i18n initialization, polyfill and string+compilation
* initial structure for server-side JSON language file
2015-07-27 18:47:10 -04:00
Hannah Wolfe
1e630e6c90 Merge pull request #5578 from hwdsl2/fix-rss-protocol-relative-urls
RSS Fix: Do not convert protocol relative URLs
2015-07-22 22:28:13 +01:00
Hannah Wolfe
ab2049e35c Merge pull request #5580 from halfdan/update-deps
Update lodash and cheerio
2015-07-22 21:35:02 +01:00
hwdsl2
14dd95faf2 RSS Fix: Do not convert protocol relative URLs
closes #5567
- Fixed an issue with protocol relative URLs in the RSS feed
- Such URLs should be kept as-is and not prefixed with baseUrl
- Added corresponding test to cover this case
2015-07-21 23:16:04 -05:00
Fabian Becker
2878b5ae00 Update lodash and cheerio
- update lodash to 3.1.0
- cheerio update uses new css-select, css-what packages (others were deprecated)

refs #5578
2015-07-21 19:59:49 +02:00
Hannah Wolfe
a0ee69d365 Merge pull request #5591 from halfdan/fix/5573
Do not serialize toJSON to get published_at
2015-07-21 16:54:24 +01:00
Jason Williams
c3951c4fd7 Merge pull request #5570 from ErisDS/issue-5564
Fix regressions with password reset
2015-07-21 10:14:56 -05:00
Hannah Wolfe
4ba77e0da4 Fix regressions with password reset
fixes #5564

- adds missing part of `/setup/` url in authentication middleware
- ensures data is passed through from API to model in correct (new) format for password reset
- re-adds missing/incorrectly commented out auth tests, and verifies that reset as far as token validation
2015-07-21 08:47:26 +01:00
Fabian Becker
ed0854d770 Do not serialize toJSON to get published_at 2015-07-21 00:38:55 +02:00
Sebastian Gierlinger
52f576e185 Merge pull request #5497 from ErisDS/foreach
Improvements to the {{foreach}} helper
2015-07-20 21:36:28 +02:00
Sebastian Gierlinger
4a89c6ac3e Merge pull request #5516 from ErisDS/issue-2758-api-opts
API Option Handling
2015-07-20 21:19:13 +02:00
Fabian Becker
4500b14989 Use previousAttributes when model is destroyed
fixes #5589
2015-07-20 14:41:40 +02:00
Fabian Becker
0309b5aa46 Fix urlFor to preserve mailto:
fixes #5561
2015-07-18 03:45:06 +02:00
Hannah Wolfe
b1dd96ecc2 Removing incorrect 405 handling
refs #2757

- As per this convo: https://ghost.slack.com/archives/ghost/p1436895553007431 the 405 handling in Ghost is acting
as a catch all, rather than only returning when the wrong HTTP method is used for a valid resource.
- Implementing proper 405 with express is a challenge, and therefore we defer doing this work until it is needed
2015-07-14 20:49:19 +01:00
Hannah Wolfe
e044136503 API Option Handling
refs #2758

- add a set of default options to utils
- update validation function to only pass through permitted options
- pass permitted options into validate where necessary
- setup basic validation for each known option, and generic validation for the remainder
- change slug to treat 'name' as data, rather than an option
2015-07-14 18:20:27 +01:00
Hannah Wolfe
2bdaf773e2 Merge pull request #5538 from halfdan/feature/app-watch
Change Grunt watch, new rss.item filter
2015-07-14 09:20:47 +01:00
Fabian Becker
88a7cdbc3d Add rss.item filter 2015-07-14 09:40:31 +02:00
Hannah Wolfe
76ebdfd4f9 Merge pull request #5539 from jomahoney/owner-perm
Changed admin permissions so Owner role only editable by itself
2015-07-11 11:33:17 +01:00
Hannah Wolfe
843dd31b74 Merge pull request #5523 from Remchi/change-reset-password-refactor
Refactor changePassword and resetPassword
2015-07-11 11:31:50 +01:00
John O'Mahoney
bce5483ef3 Changed admin permissions so Owner role only editable by itself
closes #5521
- Added test for admin rejection of owner edit
- Added specific permissions so admins can edit Admin, Editor and Author
  roles
2015-07-10 20:46:00 +01:00
Hannah Wolfe
3c5011cd56 Merge pull request #5529 from jomahoney/referrer
Adds referrer meta tag to the head of ghost pages
2015-07-08 22:18:47 +01:00
John O'Mahoney
ac80569c31 Adds meta referrer tag to the head of ghost pages
closes #5522
- Added meta tag
- Added meta tag to tests
2015-07-08 14:59:39 +01:00
Austin Burdine
a16be11038 re-added revoke method to authentication api
closes #5530
- adds revoke api method back into code base
2015-07-07 17:39:43 -04:00
Rem Zolotykh
9323abbb44 Refactor changePassword and resetPassword
issue #5500
- make `changePassword` and `resetPassword` methods on `user` model
  consistent: use `object` and `options` arguments instead of multiple
  different arguments
- change User API `changePassword` method to use these new arguments
2015-07-07 22:03:17 +02:00
Hannah Wolfe
e693d5ed2d Merge pull request #5510 from halfdan/pipline/5508
Pipeline roles and slugs API
2015-07-02 19:39:37 +01:00
Fabian Becker
7f5250af0e Pipeline roles and slugs API
refs #5508
2015-07-02 16:38:31 +02:00
Kowsheek Mahmood
6559f25ebe Make the 401 error format consistent
issue #5499

- Update error object being sent from authenticate method
2015-06-30 12:38:47 -04:00
Hannah Wolfe
b8415e8b90 Merge pull request #5349 from acburdine/onboarding-api
Add PUT route to authentication setup
2015-06-30 12:03:21 +01:00
Sebastian Gierlinger
a0d0045edb Merge pull request #5467 from ErisDS/api-pipeline
Refactor to using pipeline for the API
2015-06-30 10:28:44 +02:00
Austin Burdine
a2a0ba9023 adds put route to authentication setup
closes #5342
- adds put version of authentication/setup that allows for updating of owner/settings values
- doesn't send welcome email
- adds tests for new put route
2015-06-29 13:16:10 -04:00
Hannah Wolfe
8aaac1edd5 Improvements to the {{foreach}} helper
refs #4439

- Brings our custom foreach helper (which has extra features) back into line with Handlebar's own each helper
- Adds a new @number variable to foreach, so that building numbered lists is PEASY
- Improved the existing tests, and added a few more
2015-06-29 17:27:57 +01:00
Sebastian Gierlinger
64e20735a3 Merge pull request #5491 from ErisDS/issue-5490-no-post-url
Add event handling to pagination plugin
2015-06-29 11:44:22 +02:00
Hannah Wolfe
51ac3f6532 Refactor to using pipeline for the API
refs #2758

- Post, Tag & User API methods are refactored to use pipeline
- Each functional code block is a named task function
- Each function takes options, manipulates it, and returns options back
- Tasks like permissions can reject if they don't pass, causing the pipeline to fail
- Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint
- Tasks like the data call can be extremely complex if needs be (like for some user endpoints)
- Option validation is mostly factored out to utils
- Option conversion is factored out to utils
- API utils have 100% test coverage
- Minor updates to inline docs, more to do here
2015-06-28 22:52:31 +01:00
Jason Williams
09402d22f5 Merge pull request #5488 from ErisDS/extends
Use extends correctly & consistently
2015-06-27 22:49:55 -05:00
Hannah Wolfe
4772e38521 Add event handling to pagination plugin
closes #5490

- use same event handling pattern as fetchAll
- add support for `fetching:collection` to post model
- add tests to check that url is fetched via findAll and findPage
2015-06-26 22:56:03 +01:00
Jason Williams
3e6074ecec Merge pull request #5473 from jomahoney/startup-clean
Improve Ghost startup checks and errors
2015-06-26 14:52:25 -05:00
Hannah Wolfe
f6322da4c9 Use extends correctly & consistently
- extends clobbers the first argument you pass to it, so that should not be a variable that is used elsewhere, if you're also assigning the value, as it will have unintended side effects.
2015-06-25 19:56:27 +01:00
Hannah Wolfe
b3f4beade8 Merge pull request #5471 from kowsheek/5370-settings-model-events
Add events to settings model
2015-06-25 11:08:51 +01:00
Hannah Wolfe
308a5a4fce Merge pull request #5481 from JohnONolan/c
Main colour audit
2015-06-24 16:11:27 +01:00
John O'Nolan
c33c3012d1 Main colour audit
Clean up grey colours by mixing in slightly more blue, standardise appearance across different parts of the app and move closer to brand  colours.
2015-06-24 13:37:37 +01:00
Hannah Wolfe
7705e30995 Use 'author' for relation instead of 'author_id'
- this clears a todo in the codebase & gets rid of a few lines of unnecessary code
2015-06-24 10:00:24 +01:00
John O'Mahoney
5fd9d3567f Improve Ghost starup checks and errors
closes #5358
- Moved node version check and exits if not supported
- Removed upgrade warning from `ghost-server.js`
- Perform a check for NODE_ENV, uses `config.example.js` if none apparent
2015-06-23 18:04:37 +01:00
Kowsheek Mahmood
68d1feb8c5 Add events to settings model
closes #5370
- Add settings key in the event emission
- Update settings spec to test for events emitted with settings key
2015-06-23 14:33:08 +06:00
Hannah Wolfe
7761873db7 Abstract findPage & add pagination Bookshelf plugin
closes #2896

- move default options / custom code into model functions
- move most of the filtering logic into base/utils.filtering (to be relocated)
- move the remainder of findPage back into base/index.js and remove from posts/users&tags
- move pagination-specific logic to a separate 'plugin' file
- pagination provides new fetchPage function, similar to fetchAll but handling pagination
- findPage model method uses fetchPage
- plugin is fully unit-tested and documented
2015-06-22 10:20:47 +01:00
Sebastian Gierlinger
f79a4f336b Merge pull request #5432 from ErisDS/api-pagination2
Refactor pagination count query
2015-06-17 15:35:18 +02:00
Hannah Wolfe
3061247a7e Merge pull request #5431 from kowsheek/5370-settings-model-events
Add events to settings model
2015-06-16 20:46:15 +01:00
Kowsheek Mahmood
33e241ab4e Add events to settings model
issue #5370
- Add emit method to settings model
- Update settings spec to test for events emitted
- Fix formatting on tags spec
2015-06-16 23:57:52 +06:00
Augustus Yuan
05fe09293f Add support for GET /tags/slug/:slug with unit tests
closes #5371
- added new endpoint to the api routes
- created unit tests based on PostModel and PostAPI for testing slug links
2015-06-16 09:22:12 -07:00
Hannah Wolfe
4cd2865021 Refactor pagination count query
refs #2896

- remove duplicate query-building code
- use the same approach for creating the count query from the main query
- restructure the code to match more closely across the 3 findPage functions (prep for further refactoring)
2015-06-15 19:24:47 +01:00
Hannah Wolfe
16f98ee80b Move pagination formatting into a util
refs #2896

- moves repeated code out of models
- creates a new file for unit-testable code (this should be moved in future)
- adds a default for `page` as that seems sensible
- adds 100% test coverage for the new file
2015-06-15 16:46:42 +01:00
Jason Williams
b6cbd2d4bd Merge pull request #5427 from ErisDS/api-reshuffle
API mini-cleanup + 405 errors
2015-06-15 10:26:11 -05:00
Jason Williams
225dc84367 Merge pull request #5417 from ErisDS/rss-url
Use urlJoin in RSS + test coverage
2015-06-15 10:23:41 -05:00
Hannah Wolfe
254e0f0597 Improve API error handling
close #2757, refs #5286

- moves error formatting from api/index into errors lib
- moves error handling from api/index into its own middleware
- adds extra middleware for method not allowed which captures all unsupported routes
2015-06-15 10:08:30 +01:00
Fabian Becker
b15f1daf5a Throw 405 - Method not allowed for api routes
closes #2757
- New error MethodNotAllowed
- Throw 405 if valid path but invalid method is used is apiRouter
- Adds api base tests
2015-06-15 09:43:39 +01:00
Hannah Wolfe
177cdf1eb1 Misc cleanup: moving files & naming functions 2015-06-15 09:43:19 +01:00
Alex Kleissner
05e49d9a96 Move uncapitalize into its own file.
refs #5286
- Moved the logic into its own file
- Added unit tests
2015-06-10 12:21:15 -07:00
Hannah Wolfe
c1e3bd0786 Merge pull request #5415 from hex337/move-decide-is-admin
Moves the decideIsAdmin into its own file.
2015-06-10 09:51:48 +01:00
Hannah Wolfe
34b22eefa2 Use urlJoin in RSS + test coverage
refs #1833

- move RSS tests to be in rss_spec.js
- improve RSS test coverage
- fix a bug with RSS title generation for tag RSS feeds
- replace custom code in processUrls with urlJoin
2015-06-10 09:18:52 +01:00
Alex Kleissner
511684c436 Moves the decideIsAdmin into its own file.
refs #5286
- Moved the function into its own file
- Added unit tests for the function
2015-06-09 14:02:22 -07:00
Joe Wegner
75faf0109d invite users after signing up during setup
closes #5338
- moves skip link to below the submit button
- makes the submit button better represent form status
- posts notifications based on success/failure of notifications
- goes to the invite page after user creation
- actually sends invites!

functional tests passing for onboarding invitations

cleanup for linitng

remove unreachable return

access the notifications service better

use link-to instead of an anchor with an action

failed user creations get caught, and bubble as errors

a slew of other cleanup stuff via jason
2015-06-09 11:50:24 -07:00
Hannah Wolfe
d023333d31 Merge pull request #5404 from JohnONolan/zerrors
Fixup broken error page styles
2015-06-08 14:57:56 +01:00
John O'Nolan
93b0505d68 Fixup broken error page styles 2015-06-08 12:14:58 +01:00
Jason Williams
8196133bc7 Merge pull request #5377 from ErisDS/url-refactor
Refactor URL usage
2015-06-06 09:50:20 -05:00
Hannah Wolfe
5e0cc1ae10 Merge pull request #4783 from claydiffrient/master
Makes most special characters be replaced with a dash
2015-06-04 11:54:23 +01:00
Jason Williams
60e160d169 Merge pull request #5361 from ErisDS/fix-contexts
Fix context setup (remove dep on req.route.path)
2015-06-03 16:28:16 -05:00
Jason Williams
8c0bc6cea5 Merge pull request #5366 from ErisDS/anon-middleware
Ensure middleware functions are named
2015-06-03 16:26:56 -05:00
Hannah Wolfe
2700bfa4cc Refactor URL builder
refs #1833

- Refactor url generation to use a base urlJoin method
- urlJoin handles slash de-duping and subdir de-duping
- fixes sitemap xml option
2015-06-02 21:50:17 +01:00
Jason Williams
f233d97ce3 Merge pull request #5372 from ErisDS/char-fix
Removing non utf-8 char
2015-06-02 10:45:53 -05:00
Hannah Wolfe
7eacd2876d Ensure middleware functions are named
refs #5091

- adds names to all middleware functions, for debugging purposes
2015-06-02 14:49:18 +01:00
Hannah Wolfe
9d01016025 Merge pull request #5353 from morficus/issue-5286
splitting client authentication-related middleware in to its own file
2015-06-02 11:10:43 +01:00
John O'Nolan
9c7a1e2e50 Merge pull request #5318 from acburdine/private-form
Rewrite default private.hbs for new zelda styles
2015-06-02 10:54:59 +01:00
Hannah Wolfe
f5d4d4d378 Removing non utf-8 char
no issue

- I noticed this in CodeClimate, it was reporting errors for this file because of a dodgy char.
- Removed it and named the functions whilst I was in there :)
2015-06-02 09:56:02 +01:00
Hannah Wolfe
eb9d924e1b Merge pull request #5306 from acburdine/remove-email
Removes "email" from settings
2015-06-02 09:44:21 +01:00
Maurice Williams
b3cbb20be1 splitting client authentication-related middleware in to its own file
* refs #5286
* includes test cases for `addClientSecret`
* no tests first `generateAccessToken` and `authenticateClient` because there isn't anything to test in them
2015-05-31 12:35:03 -04:00
Hannah Wolfe
6ab5e70d5f Merge pull request #5360 from hex337/move-spam-middleware
Move the spam prevention into its own file.
2015-05-30 19:28:06 +01:00
Sem
72569de3c3 Fixed fixture. Code wasn't formatted. 2015-05-30 05:25:51 +02:00
Alex Kleissner
766bf99de9 Move the spam prevention into its own file.
issue #5286
- Moved the spam prevention functions into their own file
- Added unit tests for the functions
2015-05-29 08:59:29 -07:00
Austin Burdine
bf0e40eda1 rewrites default private.hbs for new zelda styles
closes #5073
- changes format to match new zelda layout
- modifies the input_password helper to allow customization of class & placeholder
2015-05-29 06:25:32 -06:00
Hannah Wolfe
cc00c6c64a Fix context setup (remove dep on req.route.path)
refs #5344

- As a result of #5344, context are pretty broken.
- This PR removes all dependence on req.route.path, and uses res.locals.relativeUrl
- res.locals.relativeUrl is used for many things and is dependable
2015-05-29 09:16:04 +01:00
Hannah Wolfe
06959661c0 Misc grunt /dev updates
- Updated all dev dependencies in the root package.json
- Added `--colors` to mocha when called from grunt test:... so that works better
- Removed non-unit tests from coverage, because they're just not useful
- Updated docker config to generate useful docs again - as a statement of intent, I also updated docs in key files
- Setup grunt watch-docs task for documentation writing easyness
2015-05-28 20:25:14 +01:00
Hannah Wolfe
f6aa46e446 Frontend route refactor / cleanup
refs #5091

- This is step one of several steps towards ending up with dynamic routes for channels
- Refactoring this way makes the similarities between all the routes clearer to see
2015-05-27 11:17:15 +01:00
Hannah Wolfe
1883bdb496 Merge pull request #5297 from acburdine/frontend-single
Refactor permalink verification in single post controller
2015-05-25 17:56:02 +01:00
Hannah Wolfe
097642865d Adding author as a permalink option
closes #3858

- ensures that permalinks can be validated if author is set
2015-05-24 20:33:32 +01:00
Austin Burdine
e69c8c89ac remove settings email
closes #5299
- removes settings/general email field from both client and server side
- fixes tests to reflect removal of email
2015-05-22 15:23:31 -06:00
Hannah Wolfe
da8752cc88 Merge pull request #5290 from josephwegner/chalk-colors-swap
replace colors with chalk everywhere
2015-05-21 16:28:41 +01:00
Hannah Wolfe
3ccf549ea7 Merge pull request #5260 from cobbspur/owner
Prevent multiple owner creation via importer
2015-05-21 16:03:31 +01:00
Tushar Bhushan
3fca65a3c5 Fixed the invite user email to include the email address of the user who invited you
closes #5283
- due to the changes with the api call in pr #5159 the email address wasn't showing up
- modified the api call to fetch user data to pass the context object to the toJSON object
2015-05-20 15:49:35 -07:00
Hannah Wolfe
f3174de9e2 Cache control for private blogs
no issue

- private blogs need to not be cached, so that the cookie is always checked
2015-05-20 21:44:42 +01:00
Austin Burdine
75745c2b3b refactor permalink verification in single post controller
closes #4322
- removes verifying "sections" of permalinks in favor of checking the url returned with the post
- fixes unit tests to define post.url in mock post requests
2015-05-20 07:00:13 -06:00
Hannah Wolfe
8adc8cb4d8 Merge pull request #5296 from emersonkeenan/master
Fix meta description for static pages
2015-05-20 09:16:37 +01:00
Emerson Keenan
46ebbd8de2 Fix meta description for static pages
closes #5295
- modified meta_description helper to match meta_title helper for ‘page’
context
2015-05-20 13:05:33 +10:00
Hannah Wolfe
023755c566 Cache invalidate for previews
no issue

- draft updates now need to affect the preview route
2015-05-19 18:32:00 +01:00
Joe Wegner
f26179ae6a replace colors with chalk everywhere
issue #5259
- removes the colors dependency
- adds in chalk dependency, and migrates everything to use that
- reduces some specs now that the log calls are cleaner
2015-05-19 11:07:40 -05:00
Hannah Wolfe
050b03d2bd Cache control middleware refactor
refs #5286

- split cache control middleware into its own file
- split out cache control tests
- add new mochacli command for running just middleware tests
2015-05-18 22:20:26 +01:00
Hannah Wolfe
4de1c29538 Password protect redirect optimisation
no issue

- Don't include r=%2F in the URL - we'll assume this is the default
- This is just a bit prettier
2015-05-16 20:48:54 +01:00
cobbspur
261a862da1 Prevent multiple owner creation via importer
closes #4778

 - If import contains an owner that does not match original owner they are downgraded to admin
 - Change error message for locked users to more generic message to account for imported users
 - Adds duplicated user test
 - Process Roles and maps import roles to db roles
 - reduces export files in test fixtures

temp commit
2015-05-15 10:12:30 +01:00
Clay Diffrient
673293575a Makes most special characters be replaced with a dash
closes #4782
- Still achieves the same goal of stripping out reserved characters
- Changes from removal to replacement
- This helps word separators from being removed
- Apostrophes (') are unaffected
2015-05-14 13:00:43 -06:00
Matt Enlow
b0b56e7a8e Merge pull request #5270 from ErisDS/helper-updates
Misc helper updates & fixes
2015-05-14 16:00:22 +02:00
Hannah Wolfe
03e5fcac66 Merge pull request #5223 from edsadr/api-featured-posts
API: Adding `featured` filter option to posts.browse
2015-05-14 11:57:44 +01:00
Hannah Wolfe
d11a91e75c Misc helper updates & fixes
refs #5205

- Ensure that pages are treated the same as posts in meta_title, add test
- Added a private-template body class for the private context, add test
- Added a missing test to is_spec.js
2015-05-14 11:42:29 +01:00
Adrian Estrada
107c9602c1 API: Adding featured filter option to posts.browse
Closes #5152
- Adds `featured` filter option to posts.browse method modifying the model to take it too
2015-05-13 16:18:50 -05:00
Hannah Wolfe
c3dda5e5c4 Theming updates for password protection
refs #4993, #5073

- Removed nonexistent helpers siteDescription and bodyClass from admin templates
- Changed password.hbs to private.hbs to match the route name
- added a new input_password helper for rendering the password input with the correct properties
- removed the forward input as this can be handled via urls only
- moved 'private' to routeKeywords
- added 'private' context
- minor update to text next to the password in settings
2015-05-13 19:48:24 +01:00
Hannah Wolfe
3801b7a8ca Merge pull request #5256 from acburdine/passprotect2
Take password protection out of labs
2015-05-13 17:52:50 +01:00
Hannah Wolfe
96a3568c3d Merge pull request #5197 from PaulAdamDavis/new-upgrade-notifications
Move upgrade notification to /settings/about/
2015-05-13 16:47:46 +01:00
John O'Nolan
d7a9e09049 Merge pull request #5230 from iloabn/master
Update text showing the "Quote" feature in the tutorial post
2015-05-12 19:04:28 +01:00
Austin Burdine
bd2b206e4b finish up password protection
closes #5073
- takes password protection out of labs and moves it to general settings
- adds random-words generator to randomly generate passwords
2015-05-12 12:02:18 -06:00
John O'Nolan
443eafeeca First styles for private blog login 2015-05-11 13:11:59 +01:00
Hannah Wolfe
37f92674b8 Merge pull request #5253 from jaswilli/roles-browse-filter
Fix up filtering implementation
2015-05-11 09:55:33 +01:00
Jason Williams
263bbd5092 Fix up filtering implementation 2015-05-10 20:48:32 -05:00
Jason Williams
251218de1d Check error object before dereference
Refs #5095
2015-05-10 15:02:09 +00:00
Hannah Wolfe
bdf5c9275f Change session length to 7 days
refs #5202

- this is just a stopgap to deliver minor improvement short term,
- longer term we will do the work to refresh refresh tokens & switch this to a month
2015-05-08 15:54:12 +01:00
Jason Williams
1e5440664e Change payload storage in session cookie 2015-05-07 13:58:09 +00:00
Fabian Miiro
575d2489a6 Changed the text showing the "Quote" feature to not feature spellcheck errors. closes #5194 2015-05-06 22:20:48 +01:00
Jason Williams
cc7c5be75b Merge pull request #5220 from ErisDS/api-route-tweak
Remove unneeded code from API route
2015-05-05 15:07:21 -05:00
Austin Burdine
8ac168794e refactors the frontend controller
closes #5192
- combines homepage, author, tag routes into one function (with different hash params)
- provides some abstraction for channels
2015-05-05 07:35:08 -05:00
Hannah Wolfe
95a546171a Remove unneeded code from API route 2015-05-05 12:50:23 +01:00
Austin Burdine
2865662ee5 added password protection
closes #4993
- brings password protection to the frontend of blogs
- adds testing for password protection
- upgrades bcrypt-js to 2.1.0
2015-04-30 23:44:43 -05:00
Jason Williams
dae66d00be Upgrade grunt-jscs to fix whitespace linting.
No issue.
- grunt-jscs@1.8.0
- Fix formatting
2015-04-30 16:14:19 -05:00
Matt Enlow
433956c102 Add post preview via uuid (/p/:uuid)
Refs #5097

- All drafts will show a preview link (this needs real css)
- Published posts will redirect
- prev/next post helpers only activate on published posts
- Powered by ~10 pints between the two of us (@ErisDS, @novaugust)
2015-04-30 11:57:37 +01:00
Paul Adam Davis
272f1eddaf Move upgrade notification to /settings/about/
Refs #5071

- Move the Upgrade notification from the top of the screen to the About page
2015-04-29 22:34:04 +01:00
Jason Williams
5cfb2e701e Allow admin app to run when active theme missing
Closes #5155
- If the theme that has been set to active is missing, set
  a default express-hbs instance on the express app and allow
  middleware processing to continue so that the admin client can
  be accessed.
- Log a warning when this happens.
- Fix issue where frontend error page was not being rendered
  correctly.
2015-04-25 20:00:04 +00:00
Hannah Wolfe
1e6f6237e1 Merge pull request #5184 from lmoe/master
Added res.locals into the prePostsRender filter call
2015-04-24 17:05:40 +01:00
Wilhansen Li
d02bcbacc2 Provide secure post links if RSS accessed over SSL 2015-04-24 18:20:38 +08:00
lmoe
03dcb71b08 Added res.locals into the prePostsRender filter call
closes #2559

 - Added res.locals as a second parameter to the prePostsRender filter
call.
 - This allows accessing the relative url and makes it possible to
react to certain urls.
2015-04-22 23:22:31 +02:00
Hannah Wolfe
3d5fe130c2 Merge pull request #5181 from sebgie/issue#5178
Rename error.type to error.errorType
2015-04-22 22:00:08 +01:00
Sebastian Gierlinger
fdcb67d3cc Rename error.type to error.errorType
closes #5178
- renamed error.type to error.errorType
2015-04-22 22:29:45 +02:00
Hannah Wolfe
eb5eca6eda Don't pass helper options to API for next/prev
fixes #5177

- this combined with a change passing options through to toJSON results in a really flukey bug with next/prev
  where the name option from the helper clashes with a name option inside of toJSON
2015-04-22 20:24:22 +01:00
Hannah Wolfe
32125c2f46 Filter options passed to toJSON
fixes #5177

- we now pass API/model options directly to toJSON, which is unsafe as these options haven't always been filtered before they are passed.
- this fix adds a filter so that toJSON only uses the options it needs
- additionally, rename the 'name' option to something more specific to prevent clashes
2015-04-22 20:20:27 +01:00
Hannah Wolfe
e26e83d40a Refactor to remove author.email from API
refs #2330

- Pass through `options` to all toJSON calls on posts, tags, and users
- Use options.context.user to determine whether it's OK to return user.email
- Remove author.email handling code from frontend.js
2015-04-17 22:27:04 +01:00
Hannah Wolfe
ede50f38a3 Merge pull request #5149 from cobbspur/headfix
Fix ghost_head helper on error pages
2015-04-16 20:22:50 +01:00
cobbspur
a48458b73d Fix ghost_head helper on error pages
closes #5146

 - Checks for context key before assigning it to variable
2015-04-16 18:40:17 +01:00
Hannah Wolfe
1b585f213c Cache invalidation can no longer be so clever
no issue

With the introduction of the prev/next helpers (and soon, get helper) we can no longer make any assumptions
about exactly which pages need to be cleared from the cache when a post is published/unpublished.
2015-04-14 16:34:34 +01:00
Hannah Wolfe
8d1e729f30 RSS Refactor with cache
refs #5091, refs #2263

- Move rss handling out of the frontend controller and into its own module
- Separate the code into logical blocks
- Wrap the generation code in a in-memory cache to prevent it being regenerated on every request
2015-04-10 21:32:14 +01:00
Sebastian Gierlinger
8f5960e1c5 Merge pull request #5108 from ErisDS/rss-2
Add media:content support to RSS
2015-04-10 12:49:51 -05:00
Hannah Wolfe
0b1497a75b No more feature flag for Code Injection
closes #1993

- remove the feature/config flag that means code injection has to be enabled
2015-04-09 17:52:41 +01:00
Matt Enlow
920856c479 Merge pull request #5109 from ErisDS/issue-5064
Remove duplicate subdirectory in RSS urls
2015-04-09 08:35:25 -06:00
Hannah Wolfe
4839b58ff0 Merge pull request #4891 from cobbspur/structured2
Adds structured data to first index/tag/author page
2015-04-07 21:24:19 +01:00
cobbspur
3229508c54 Adds structured data to first index/tag/author page
Closes #4677

- Tests if page is first page or paginated
- Adds relevant structured data to index/tag/author page
- Does not add structured data on paginated pages
- For author structured data, cover image overrides image
- blog cover image is made absolute by image helper
- Tests updated to use regular expressions and new tests
2015-04-07 20:36:53 +01:00
Hannah Wolfe
14134fb4b0 Add media:content support to RSS
refs #2263, #4888

- Adds media:content element to Ghost Rt pSS feeds containing the post cover image if one is available
- Removes the prepending of the image to the `<description>` field
- Keeps the prepending of the image in `<content:encoded>`
2015-04-06 18:47:10 +01:00
Hannah Wolfe
527e4eed06 Remove duplicate subdirectory in RSS urls
fixes #5064

- this is a quick and dirty fix for now
2015-04-05 23:30:22 +01:00
Hannah Wolfe
196bbfce18 Refactor sitemaps to use centralised events
fixes #5104, refs #4348, #2263

- Create a centralised event module
- Hook it up for posts, pages, tags and users
- Use it in sitemaps instead of direct method calls
- Use it for xmlrpc calls
- Check events are fired in model tests
- Update sitemap tests to work with new code
- Fix a bug where invited users were appearing in sitemaps
- Move sitemaps and xmlrpc into a directory together
2015-04-05 19:32:18 +01:00
Matt Enlow
242388f743 Merge pull request #5065 from ErisDS/rss-2263
Improve RSS feed
2015-04-04 07:55:33 -06:00
Hannah Wolfe
0a780de2bb Merge pull request #5070 from baogechen/master 2015-04-03 20:25:45 +01:00
baogechen
351298b83b Add parent call in user.format to fix dateTime
closes #5066

- fix a problem that user model will fail to save if mysql has option of
STRICT_TRANS_TABLES
- add a parent call in user.format override function, which should fix
dateTime format before user saved.
2015-04-03 20:04:19 +01:00
Hannah Wolfe
79d213436e Improve RSS feed
refs #2263

- Switch content type back to text/xml
- Use content:encode for full content
- Use meta description or first 50 words of content for description
2015-04-03 19:00:00 +01:00
Hannah Wolfe
cb2f0c5dee Merge pull request #5056 from ianlopshire/master
url helper breaks subdomains
2015-04-02 22:08:23 +01:00
Hannah Wolfe
6163862b18 Merge pull request #5068 from msiemens/meta_description_v2
Rewrite meta_description and meta_title to depend upon the current context
2015-03-29 20:28:13 +03:00
Hannah Wolfe
501595127f Fix @blog globals in special templates
fixes #5024

- pass options through to the template for both navigation and pagination
- add a test for each
2015-03-28 23:21:10 +02:00
cobbspur
4044dedeb2 Adds {{prev_post}} and {{next_post}} block helpers
closes #4799

- Adds a prev_next helper method called by {{prev_post}} and {{next_post}}
- Shows correct template for if and else blocks
- Adds unit tests
2015-03-25 17:21:27 +00:00
Markus Siemens
c5fe9aa99f Rewrite meta_description and meta_title to depend upon the current context
closes #4850

- fixed `meta_description` and `meta_title` when used within a `{{#foreach}}`
- `meta_description` and `meta_title` now depend upon the current context
  to get the right string (author bio, tag description, ...).
  Note: `ghost_head.js` and `ghost_head_spec.js` have been touched to add
  the required context information when calling the helpers.
2015-03-24 22:42:45 +01:00
Matt Enlow
5015180474 Merge pull request #5054 from ErisDS/express-hbs-update
Update express-hbs & registerAsyncHelper function
2015-03-24 11:33:46 -06:00
Katie Fenn
980b0a8610 Refactoring hard-coded frontend route keywords
closes #4519

- Added configurable route keywords
- Replaced instances of hard-coded keywords with config
- Added keywords to frontend tests stub config
2015-03-23 15:00:02 +00:00
Ian Lopshire
e74a329b8a Navigation menu support for subdomains of blog url
Closes #5033
- Added unit tests for the nav context of urlFor
- Fixed issue in the nav context of urlFor where subdomains of blog url were truncated
- Fixed issue in the nav context of urlFor where there was sometimes an extra preceding /
2015-03-22 00:40:55 -05:00
Hannah Wolfe
6cd696b332 Merge pull request #4820 from phated/file-storage
File storage
2015-03-20 08:55:19 +00:00
Blaine Bublitz
5c640e95f5 Initial implementation for custom storage engines
closes #4600
- implemented as suggested in #4600
- loads a custom storage defined in config from the /content/storage directory
2015-03-19 22:34:01 -07:00
Matt Enlow
61b86bf821 Merge pull request #5027 from felixrieseberg/iss4847
Replace fs.exists (deprecated) with fs.stat
2015-03-19 10:47:01 -06:00
Hannah Wolfe
1db59e12ee Move showdown extensions to ghost-showdown
no issue

- We already maintain our own fork of showdown, this moves our custom extensions to our fork
- Code duplication is removed
- Tests are also moved to the other repo
2015-03-17 20:18:08 +00:00
Felix Rieseberg
0484eee6a5 Replace fs.exists (deprecated) with fs.stat
Closes #4847

- Replaces the deprecated fs.exists() with fs.stat(), in accordance with iojs & node.
2015-03-17 11:49:43 -07:00
Pascal Borreli
13838fff9d Fixed typos 2015-03-17 17:43:53 +00:00
Matt Enlow
58635b3e0a Serve files to core/built/assets/
- see core/client/lib/assets-delivery/index.js for how this is done
- Turn off ember-cli fingerprinting
- ember-cli 0.2.0; Update .npmignore
- Fallback to old version of ember-cli-sass due to lib-sass errors
- Keep ember-data at beta-14.1 until we find the dep that's breaking on snapshot.attr
- Fix release task to ignore blank lines in .npmignore
2015-03-12 15:59:02 -06:00
Matt Enlow
388a8dd3f0 Build assets with ember, and serve with ghost 2015-03-11 12:37:41 -06:00
Matt Enlow
6e4bdbaefb The great migration (EAK -> ember-cli) 2015-03-11 12:37:41 -06:00
Hannah Wolfe
4b05585631 Update express-hbs to 0.8.4
fixes #4364, refs #4439, refs #4799

- Update express-hbs to 0.8.5
- Use preventIndent option onCompile
- Update registerAsyncHelper to support passing through options when needed
2015-03-10 15:52:00 +00:00
Fabian Becker
47e16df196 Node v0.12 & io.js support.
fixes #4811, refs #4240
- Add v0.12 to the build
- Fix express tests to work with iojs/0.12
- Add iojs-v1.2.0 to the build matrix
2015-03-09 20:27:14 +01:00
Matt Enlow
1ca96a8508 Merge pull request #5015 from felixrieseberg/iss4967
Ensure correct url for prev/next links
2015-03-09 13:25:58 -06:00
Felix Rieseberg
4b1ece9f01 Ensure correct url in ghost_head
Closes #4967

- Previously, an additional `/` was added to the prev/next links. This
removes the additional slash.
2015-03-09 18:24:01 +01:00
Hannah Wolfe
b216677161 Accept mailto: links
refs #4989

- this allows users to enter mailto and output links via the navigation UI
- the navigation validation/cleanup needs a bit of a refactor to handle other kinds or URI, so leaving #4989 open for now
2015-03-09 13:06:26 +00:00
Matt Enlow
e3fc748e92 Merge pull request #4986 from ErisDS/notification-fix
More serverside notificaiton HTML fixes
2015-03-03 14:13:04 -07:00
Hannah Wolfe
b7a80eb5fd Users should get 5 password attempts
closes #4987
2015-03-03 20:23:04 +00:00
Hannah Wolfe
884d766afe More serverside notificaiton HTML fixes
refs #4964, #4969
2015-03-03 19:57:27 +00:00
Felix Rieseberg
436d2a8e42 RSS: Don't add trailing '/' to post image
Closes #4888

We automatically added a trailing slash to all non-absolute paths in
RSS, including post images. This fix ensures that trailing slashes
aren’t added to absolute paths including ‘content/images/‘.
2015-03-02 20:51:32 +01:00
Matt Enlow
7377b44afa Merge pull request #4968 from ErisDS/published-by-fix
Only import can override published_by
2015-02-28 09:59:57 -07:00
Hannah Wolfe
0e80d77100 Only import can override published_by
no issue

- published_by should be set to the current user, unless we are in import mode

Credits: Matteo Beccaro
2015-02-28 16:27:30 +00:00
Hannah Wolfe
cde1842750 Check ids match on edit
no issue

- It should not be possible to provide a different ID in the object being edited to that provided in the URL
- We now send the id to check object to ensure there is a match

Credits: Matteo Beccaro
2015-02-28 16:25:37 +00:00
Hannah Wolfe
2450f18170 Make the {{navigation}} helper global
refs #4535

- Rather than storing navigation data as a top level key, store it as @blog.navigation
- Reference the global data from the helper
2015-02-28 12:53:00 +00:00
Sebastian Gierlinger
ab2c57efe9 Merge pull request #4821 from markstos/https-subdirectory
Fixes #4435, also refactors checkSSL to be unit-tested.
2015-02-27 15:24:31 +01:00
Matt Enlow
2f04e85130 Merge pull request #4954 from halfdan/express
Upgrade express.js to 4.12
2015-02-26 07:50:37 -07:00
Matt Enlow
ca4c4c17de Merge pull request #4950 from ErisDS/nav-flag-remove
Remove navigation config flag
2015-02-26 07:50:23 -07:00
Fabian Becker
e7246a4ef3 Upgrade express.js to 4.12
no ref
- Fix deprecation warnings
2015-02-26 08:28:37 +01:00
Jason Williams
515abc3080 Simplify navigation item reordering 2015-02-25 17:26:25 +00:00
Hannah Wolfe
70a200d53f Remove navigation config flag
ref #4535

- don't need this any more :)
2015-02-25 15:15:55 +00:00
Hannah Wolfe
10d68386b1 Remove odd duplication from permissions.json 2015-02-22 18:26:32 +00:00
Sebastian Gierlinger
8b4979c7d1 Merge pull request #4919 from ErisDS/pr/4852
Update to PR 4852 ({{navigation}} helper)
2015-02-18 20:00:34 +01:00
Hannah Wolfe
9668ed71ca Merge pull request #4848 from chilts/i4792-assign-higher-priority-in-sitemaps-to-featured-posts
Assign a higher priority to featured posts in the sitemap
2015-02-17 21:05:51 +00:00
Sebastian Gierlinger
c944644e0d Merge pull request #4909 from ErisDS/urlfor-external-subdir-fix
Don't pass external urls through createUrl
2015-02-16 18:52:38 +01:00
Hannah Wolfe
6d42df029a Navigation helper amends
closes #4541

- Add role="presentation" to <li>
- Clean up space if nav-current isn't present
- Changed all internal references from nav to navigation for consistency
- Deleted old nav.hbs
- Updated tests
2015-02-15 21:44:10 +00:00