Commit Graph

53 Commits

Author SHA1 Message Date
Kevin Ansfield
f25624234f Avoid leaking state in Ember objects
no issue
- https://github.com/ember-cli/eslint-plugin-ember/blob/master/docs/rules/avoid-leaking-state-in-ember-objects.md
2017-11-25 09:49:49 +00:00
Aileen Nowak
18614c39f6 Added missing client validations for blog title and user/subscriber email fields (#909)
refs TryGhost/Ghost#8143

Added more client side validations for input fields:

- Blog title in setup flow (150 chars)
- User email (191 chars)
- Subscribers email (191 chars)
2017-11-16 12:47:56 +00:00
Kevin Ansfield
d028b5a5b9 🎨 Allow any Slack-compatible webhook URLs in Slack app
closes https://github.com/TryGhost/Ghost/issues/9246, closes https://github.com/TryGhost/Ghost/issues/7856
- allow any valid URL in the slack webhook input
- update slack app description to mention Slack-compatible services including Discord and Mattermost
2017-11-16 12:36:17 +00:00
Aileen Nowak
61cb95f867 🎨 Increased allowed lengths of tag names/slugs and user names (#905)
refs TryGhost/Ghost#8143

Increases existing input validation length (soft limits) of the following fields:
   - `tags.name`: 191 chars
   - `tags.slug`: 191 chars
   - `users.name`: 191 chars
2017-11-09 14:31:25 +00:00
Aileen Nowak
6080f03198 🎨 Increased maximum tag description length to 500 (#904)
no issue

- Increased the possible length of the tag description field from 200 to 500
2017-11-07 12:54:44 +00:00
Aileen Nowak
8f2dc2ff02 Match client-side password validation to new server-side rules (#899)
refs TryGhost/Ghost#9150

- added a new validator for password validations that will take care of the rules client side
- Passwort rules added:
   - Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm
   - Disallow passwords that contain the words "password" or "ghost"
   - Disallow passwords that match the user's email address
   - Disallow passwords that match the blog domain or blog title
   - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example.
- When changing the own password, the old password is not affected by the new validations
- Validation are running on
   - setup
   - signup
   - password change in Team - User (only new passwords are validated)
   - passwort reset
2017-10-26 11:02:17 +01:00
Aileen Nowak
c993ae75b9 Increase password length validations for changes and signups (#897)
refs TryGhost/Ghost#9150

- Increase the password length in validators for signups, pw resets, and password changes for users to 10 instead of 8
- Update tests
2017-10-18 17:46:25 +01:00
Kevin Ansfield
1cade0bc08 🎨 Enabled Unsplash integration by default (#862)
no issue

- Unsplash integration is enabled by default for all users
- it's no longer necessary to create your own Unsplash application and configure your application ID
2017-09-20 12:19:48 +02:00
Kevin Ansfield
b68f52fe0c Upgrade eslint dependencies (#855)
no issue

- bump ember-cli-eslint and eslint-plugin-ember
- fix indentation & "unnecessary escape chars" lint errors
2017-09-11 14:56:11 +07:00
Kevin Ansfield
03c45a445e Removed defunct Ghost OAuth code (#848)
refs https://github.com/TryGhost/Ghost/issues/8958

- Ghost OAuth isn't coming back, time for the code to disappear and simply all the things
- fixes the `Usage of router is deprecated` notices that flood the console/test logs when testing
2017-09-04 21:17:04 +02:00
Kevin Ansfield
983110d931 Switched from ember-cli-shims to new module imports (#779)
no issue

- add eslint-plugin-ember, configure no-old-shims rule
- run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports
- further cleanup of Ember globals usage
- remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
2017-08-22 14:53:26 +07:00
Kevin Ansfield
350e3d1481 Unsplash integration
closes https://github.com/TryGhost/Ghost/issues/8859, requires https://github.com/TryGhost/Ghost/pull/8895
- adds Unsplash app to app settings
  - enable/disable toggle
  - validation and testing of Unsplash App ID
  - Unsplash App ID field hidden if provided via Ghost config
  - adds `fetchPrivate` method to `config` service to pull config that requires authentication and updates authentication routines to fetch private config
- adds Unsplash buttons to editor toolbar and `{{gh-image-uploader}}`
  - only present when Unsplash app is enabled
  - opens Unsplash image selector when clicked
  - `{{gh-image-uploader}}` has a new `allowUnsplash` attribute to control display of the unsplash button on a per-uploader basis
- adds Unsplash image selector (`{{gh-unsplash}}`)
  - uses new `unsplash` service to handle API requests and maintain state
  - search
  - infinite scroll
  - zoom image
  - insert image
  - download image
- adds `{{gh-scroll-trigger}}` that will fire an event when the component is rendered into or enters the visible screen area via scrolling
- updates `ui` service
  - adds `isFullscreen` property and updates `gh-editor` so that it gets set/unset when toggling editor fullscreen mode
  - adds `hasSideNav` and `isSideNavHidden` properties
- updates `media-queries` service so that it fires an event each time a breakpoint is entered/exited
  - removes the need for observers in certain circumstances
2017-08-15 16:01:12 +01:00
Aileen Nowak
dd4fe3a68f Added Twitter & Facebook data override fields to PSM (#814)
refs https://github.com/TryGhost/Ghost/issues/8334, requires https://github.com/TryGhost/Ghost/pull/8827
- added open graph and twitter fields to `Post` model
- added facebook and twitter card pane to PSM
- 💅🏼 Added preview styles for custom FB/Twitter cards
2017-08-03 15:45:14 +04:00
Kevin Ansfield
b89a0d0a5e ️ Added per-post code injection fields to PSM (#811)
- Remove gh-tab* components
    - The PSM was the only place where the `gh-tabs-manager`, `gh-tab`, and `gh-tab-pane` components were being used. These were very old components and did not work well with newer Ember versions and best practices.
    - 🔥 remove `gh-tab*` components
    - 💄 fix indents in `gh-post-settings-menu` template
    - 🎨 add support for named subviews ready for additional PSM panes

- Added per-post code injection fields to PSM
    - add "Code Injection" pane to the PSM
    - implement `codeinjectionHead` and `codeinjectionFoot`  attributes on `Post` model and save values from PSM
    - use CodeMirror for the PSM code injection fields
2017-08-02 13:32:51 +04:00
Kevin Ansfield
fb930b0698 ️ Add "Excerpt" field to post settings menu (#810)
refs TryGhost/Ghost#8793

- add `customExcerpt` attr to Post model + reorder attrs to be alphabetical
- add "Excerpt" field to PSM
- add validation for `customExcerpt` length (max 300 chars)
- add style adjustments for custom excerpt UI
2017-08-01 12:24:46 +04:00
Aileen Nowak
bbf5164b79 🗜 Database soft limits (#683)
closes TryGhost/Ghost#8143

- uses new soft limits in validation:
	- post title to 255
	- meta title (post and tag) to 300
	- meta description (post and tag) to 500
2017-05-15 13:58:32 +02:00
Kevin Ansfield
35cf6c9829 new publish menu and date/time picker (#588)
closes https://github.com/TryGhost/Ghost/issues/8249

- replaces the old split-button publish/schedule/update button with a less confusing menu system
- adds a `{{gh-date-time-picker}}` component that contains a datepicker with separate time input
- replaces the date text input in the post settings menu with `{{gh-date-time-picker}}`
  - disabled when post is scheduled, only way to update a scheduled time is via the publish menu
  - validates date is in the past when draft/published so there's no confusion with scheduling
- displays saving status in top-left of editor screen
- refactor editor (auto)saving processes to use ember-concurrency

Other minor changes:
- adds `post.publishedAtBlog{TZ,Date,Time}` properties to Post model to allow working with `publishedAt` datetime in the selected blog timezone rather than UTC
- adds a `beforeSave` hook to `validation-engine` that is called after successful validation and before the Ember Data save call is made
- adds validation of `publishedAtBlog{Date,Time}` to post validator
- prevent gh-task-button showing last task state on first render
- fixes bug where clicking into and out of the published date input in the PSM without making any changes saves a published date for draft posts
2017-04-11 14:39:45 +01:00
Kevin Ansfield
4637c92797 🔥 remove Posts per Page setting (#583)
refs ##8131

- "posts per page" is now a theme-level concern
- UI has already been removed, this finishes the cleanup by removing `settings.postsPerPage` and related validation/test support
2017-03-14 18:09:06 +01:00
Kevin Ansfield
e74e2e039e Update code to match eslint rules
no issue
- switch `jscs` and `jshint` inline config to `eslint` config
- fix eslint errors, predominantly in tests where the config now the main app config more closely
2016-11-14 13:26:00 +00:00
Kevin Ansfield
a258e3d881 Ghost.org OAuth support (#278)
issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451
- use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server
- add OAuth flows for:
  - setup
  - sign-in
  - sign-up
  - re-authenticate
- add custom `oauth-ghost` authenticator to support our custom data structure
- add test helpers to stub successful/failed oauth authentication
- hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later)
2016-09-30 13:43:40 +02:00
Kevin Ansfield
eb2a0359cf Refactor error handling
closes https://github.com/TryGhost/Ghost/issues/6974
- update "change password" fields/process to use inline validations
- remove `notifications.showErrors` and update all uses of it to `showAPIError`
- display multiple API errors as alerts rather than toaster notifications
- refactor `notifications.showAPIError`
  - remove `notifications.showErrors`, use a loop in `showAPIError` instead
  - properly determine the message from `AjaxError` or `AdapterError` objects
  - determine a unique key if possible so that we don't lose multiple different alerts
- add `ServerUnreachable` error for when we get a status code of 0 (eg, when the ghost service has been shut down)
- simplify error messages for our custom ajax errors
2016-07-08 15:16:54 +01:00
Austin Burdine
f53c7dfc88 convert ember imports to ember-cli-shim imports where possible (#95) 2016-06-30 11:21:47 +01:00
Austin Burdine
cf36851265 deps: grunt-jscs,ember-suave@3.0.0
replaces #41, #60
- update ember-suave and grunt-jscs to 3.0
- standardize Ember global de-structuring rules across app & tests
2016-06-11 13:39:31 -06:00
Kevin Ansfield
d53ef125e0 Update package.json details, rename module to ghost-admin
no issue
- updates `package.json` details to better reflect the separation from the `Ghost` package
- update ember config and all import statements to reflect the new `ghost-admin` module name in `package.json`
2016-06-03 16:12:54 +01:00
Kevin Ansfield
83c9270682 Subscribers: Admin User Interface v1
Initial Subscribers screen
- set up mocked api endpoints
- basic subscribers screen with data loading, infinite scroll

"Add Subscriber" screen
- uses modal to display a new subscriber form
- validates subscriber e-mail address
- moves pagination from route into controller to use filtered/sorted CPs on top of a live-query so that new subscribers are added to the list and the total can be properly managed

TODO:
- there is currently a pretty serious performance issue where the whole table is re-rendered when the live-query is updated. `ember-light-table` doesn't allow for live-binding and has no options to easily manipulate it's rows using an external interface - it's possible to move the page loading into the component so we only render new rows but that leaves it difficult to react to new subscribers being added through the UI. I believe the number of components used within the table is also adding to the performance problems.
  - most likely solution is to drop `ember-light-table` in favour of rendering the table directly - glimmer should do a good job of fast updates even though the underlying array will be completely swapped out

"Import subscribers" screen
- uses modal to display an import subscribers CSV file upload form
- displays upload progress
- displays import stats and reloads subscribers table once import has completed
- adds `gh-file-uploader` component (NB. pared down copy of `gh-image-uploader`, ripe for some refactoring)
- fixes subscribers acceptance test failing because fixtures did not have the labs flag enabled

Unfortunately this doesn't have 100% test coverage as we're limited in how we can simulate file uploads 😞

Fix performance issues with subscribers table
- moves the table definition from the component up to the controller
- switches back to manually manipulating table rows instead of using a live-query

This is a quick-fix in that it allows us to continue using the `ember-light-table` component but it does mean that we lose some flexibility that the live-query gave us. For now it's not much of an issue and it allows us to defer deeper performance/flexibility work until we have a concrete need and requirements.

Hook up Export CSV button
- use a hidden iFrame to trigger the browser to hit the CSV export endpoint and download the file

Re-order subscribers table by clicking column headers
- displays currently sorted column and sort direction
- clicking a column header re-fetches the data from the server with the appropriate query params

Fix scroll triggers for infinite pagination + icon change
- adds a debounce as well as the throttle so that we always get a final scroll trigger once scrolling has stopped
- changes the subscribers icon from the temporary team icon to the mail icon
2016-05-11 10:28:11 +02:00
Aileen Nowak
753f307382 Slack integration
closes #6584
- Frontend Changes:
	- adds 'Apps' to Navigation Menu
	- adds 'Slack' as nested page to Apps
	- adds `apps.css`
	- adds `slack-integration` model and uses `slack-settings` custom transform to parse JSON file
	- adds validation for `slack` model
	- adds fixtures and `slack/test` API endpoint to Mirage
	- adds acceptance tests for `apps-test` and `slack-test`
	- adds unit tests for `slack-settings` and `slack-integration`
- Backend Changes:
	- adds API endpoint `slack/test` to send Test Notification
	- adds default-values for slack model
	- sends payload to slack:
		- text: the url of the blogpost / test message
		- icon_url: url to ghost logo
		- username: Ghost
	- adds `slack/index.js` to send webhook to slack if
		- a new post is published (if slack webhook url is saved in settings)
		- user clicks on 'Send Test Notification' in UI
	- adds `slack.init()` to `server.index.js` to add event listener
	- adds unit test for `slack/index`
2016-05-08 12:49:15 +02:00
Kevin Ansfield
385036dc48 validate nav items when clicking the + button, ignoring last item if blank 2016-02-08 14:20:57 +00:00
Kevin P. Kucharczyk
c4371a36f2 Standardise client property names to camelCase
closes #6018
- added keyForAttribute method in application serializer
- override keyForAttribute in settings serializer to not apply camelCase/underscore conversion
- rename under_scored properties to camelCased
2016-01-23 19:12:22 +01:00
Kevin Ansfield
9d67980a7e Refactor modals
refs #5798, closes #5018
- adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place
- adds spin-buttons to all modals with async behaviour
- adds/improves behaviour of inline-validation in modals
- improves re-authenticate modal to properly handle validation and authentication errors
2016-01-12 20:53:08 +00:00
Kevin Ansfield
2f4f6db133 Use es6 across client and add ember-suave to enforce rules
no issue
- add ember-suave dependency
- upgrade grunt-jscs dependency
- add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc
- separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc
- standardize es6 usage across client
2015-11-30 10:41:01 +00:00
Kevin Ansfield
510bcd8826 Minor tag settings validation updates & fixes
refs #5845
- add tests for `tag-settings` validator
- add validation for tag slug length
- fix display of error message when saving tag fails on the server
- add max chars text to description char count, remove error message as the count/input colour already indicates an error
2015-10-19 10:45:41 +01:00
Austin Burdine
7f4f5dc71d add tag description validation to tag settings menu
refs #5845

- adds validation to description field
- fixes css to word-wrap on words that are too long
2015-10-08 23:01:59 -05:00
Kevin Ansfield
5c9a824d53 Standardize on var-less export default across ember app
no issue
- drops the `var Foo = Ember.Thing.extend({}); export default Foo;` syntax in favour of exporting directly, eg: `export default Ember.Thing.extend({})`
- discussion on this change [here](https://github.com/TryGhost/Ghost/pull/5340#issuecomment-105828423) and [here](https://github.com/TryGhost/Ghost/pull/5694#discussion-diff-37511606)
2015-10-06 10:59:50 +01:00
Kevin Ansfield
d8728aad57 Fix nav regressions in admin client
issue #5841

- fix relative link checks in navlink url input component
- fix navlink url input component sending absolute URLs instead of relative URLs to action handler
- remove URL manipulation in navigation settings controller (url input handles URL manipulation, validator flags anything that's still incorrect)
- capture cmd-s in url input to ensure changes are actioned before save
- automatically add mailto: to e-mail addresses
- add gh-validation-state-container component so .error/.success validation classes can be applied to any container element
- add validation-state mixin that can be mixed in to any other component to give it access to validation status (used in gh-navitem component to keep alignment when inline error message elements are added)
- validate and display inline errors on save
- improve ember test coverage for navigation settings related controller and components
2015-09-23 17:05:41 +01:00
Hannah Wolfe
3e088cf2f5 Merge pull request #5783 from kevinansfield/validation-fixes
Minor validations fixes
2015-09-02 11:53:13 +01:00
Kevin Ansfield
a9a34e1fd6 Merge pull request #5775 from ErisDS/signin-validation
Add email validation back to signin
2015-09-02 11:05:38 +01:00
Kevin Ansfield
9e5e062ed8 Minor validations fixes
no issue
- clear private blog password validation errors on enable/disable
- validate maximum tag name length
- fix sticky validations when moving between tags or navigating to/from tags manager
2015-09-02 10:34:22 +01:00
Hannah Wolfe
fc4ef38db8 Add email validation back to signin
refs #5745

- signin form was not checking email address was valid
2015-09-01 11:31:57 +01:00
Hannah Wolfe
7dd0c0cf85 Improve error handling for the PSM
closes #5762

- changes date to use proper inline validation
- changes meta_title & desc to also use inline validation
- meta_title & desc also give proper errors on save
- title too long causes proper error on save
2015-08-30 17:26:52 +01:00
Hannah Wolfe
fad986673a Merge pull request #5709 from kevinansfield/tag-name-comma-validation
Validate leading commas in tag names
2015-08-28 19:03:31 +01:00
cobbspur
0987518859 Change reset page errors to match sign-in page
No Issue

- Takes the inline validation messages and displays below form
- Removes unnecessary gh-error-message components from signin and reset pages
 - Returns error messages to sign-in validations
2015-08-26 12:00:37 +01:00
Kevin Ansfield
643f712624 Validate tag names don't start with commas
closes #5685
- Adds client and server-side validation for tag names starting with commas
- Trim tag names before adding in PSM (tag attributes are already trimmed before saving in TSM)
2015-08-24 16:55:30 +01:00
Kevin Ansfield
045e5054a0 Fixes for sign-in error handling
issue #5652, closes #5641
- removes inline errors for empty fields
- separate validation routines for sign-in and forgot password
- highlight fields with errors when trying to submit
2015-08-21 19:38:44 +01:00
Kevin Ansfield
7ab232e770 Replace validation notifications with inline validations
issue #5409 & #5336

- update settings/general
- update signin
- update signup
- update edit user
- update reset password
- update setup/three
- remove `formatErrors` function from validationEngine mixin (it's no longer needed as inline validations should handle this instead)
2015-07-28 12:26:34 +01:00
Austin Burdine
97118e61bd fixed some validation bugs
refs #5520
- all errors (or just one if property is specified) are cleared before running the checks to make sure that old errors get cleared
- fixed up validators to be slightly more sane as mutually exclusive tests aren't all being checked if one fails
2015-07-11 13:04:19 -04:00
Austin Burdine
1b2e6ef78f profile image component fixes
closes #5528
- adds empty email message to setup validation
- fixes uploads so they actually work
- fixes gravatar to not disappear when an invalid file is selected
2015-07-07 17:13:45 -04:00
Austin Burdine
b1ecc53cfc adds inline errors to validation
closes #5336
- creates gh-form-group component to handle form group status
- refactors current validation methods to work on a per-property basis
- adds gh-error-message component to render error message
- removes (comments out) tests that pertain to the old notifications until the new inline validation is added
2015-07-05 14:02:06 -04:00
Kevin Ansfield
d9cd5df643 Provide a more intuitive error message on sign-in for missing email
issue 4651#issuecomment-112141801
- display "Please enter an email" validation message rather than "Invalid Email" when no email is entered
2015-06-17 22:56:38 +01:00
Austin Burdine
b826a31799 remove settings email
closes #5299
- removes settings/general email field from both client and server side
- fixes tests to reflect removal of email
2015-05-22 15:23:31 -06:00
Jason Williams
4369727cd6 Handle password reset from signin page 2015-05-22 19:05:18 +01:00