related issue #5412
- code-injection route was overriding `beforeModel` without calling `super` which meant the redirect handling added in `AuthenticatedRoute` was being skipped
closes#5567
- Fixed an issue with protocol relative URLs in the RSS feed
- Such URLs should be kept as-is and not prefixed with baseUrl
- Added corresponding test to cover this case
closes#5317
- Adds back button to steps 2 and 3
- Prevents user navigating from step 1 to step 3 unless blog has been created
- Prevents user navigating from step 2 to step 3 unless blog has been created
fixes#5564
- adds missing part of `/setup/` url in authentication middleware
- ensures data is passed through from API to model in correct (new) format for password reset
- re-adds missing/incorrectly commented out auth tests, and verifies that reset as far as token validation
refs #2757
- As per this convo: https://ghost.slack.com/archives/ghost/p1436895553007431 the 405 handling in Ghost is acting
as a catch all, rather than only returning when the wrong HTTP method is used for a valid resource.
- Implementing proper 405 with express is a challenge, and therefore we defer doing this work until it is needed
refs #2758
- add a set of default options to utils
- update validation function to only pass through permitted options
- pass permitted options into validate where necessary
- setup basic validation for each known option, and generic validation for the remainder
- change slug to treat 'name' as data, rather than an option
- Incorrect message was shown (Invitation sent instead of Invitation not sent)
- Correct colouring of message (new .description-error class)
- Correctly display lastLogin time
- Add colour classes
refs #5520
- all errors (or just one if property is specified) are cleared before running the checks to make sure that old errors get cleared
- fixed up validators to be slightly more sane as mutually exclusive tests aren't all being checked if one fails
issue #5525
- add `DS.Errors` to `signup` model
- add check for errors: run `showErrors` method only if errors are defined, like in `signin` controller
Refs #5501
- Switch role select dropdowns from gh-select based components to
gh-select-native.
- Prevent transition out of editor while there is an in-flight save.
closes#5528
- adds empty email message to setup validation
- fixes uploads so they actually work
- fixes gravatar to not disappear when an invalid file is selected
issue #5500
- make `changePassword` and `resetPassword` methods on `user` model
consistent: use `object` and `options` arguments instead of multiple
different arguments
- change User API `changePassword` method to use these new arguments
closes#5336
- creates gh-form-group component to handle form group status
- refactors current validation methods to work on a per-property basis
- adds gh-error-message component to render error message
- removes (comments out) tests that pertain to the old notifications until the new inline validation is added
closes#5434
- remove transition away from team page to user page of authors
- hide invite button from authors
- hide invited users from authors
- adjusted gh-user-can and renamed to gh-user-can-admin
- hide password reset on owners profile from administrators
- hide input field for owner email from administrators pending api fix
- fix up tests
Closes#5459
- added a PNG background with 2 emails addresses as a "placeholder"
- added a `required` attribute for textarea in 3rd step of the setup
- taking an advantage of `:valid` pseudo-class to hide the background
picture with email addresses
closes#5342
- adds put version of authentication/setup that allows for updating of owner/settings values
- doesn't send welcome email
- adds tests for new put route
refs #4439
- Brings our custom foreach helper (which has extra features) back into line with Handlebar's own each helper
- Adds a new @number variable to foreach, so that building numbered lists is PEASY
- Improved the existing tests, and added a few more
refs #2758
- Post, Tag & User API methods are refactored to use pipeline
- Each functional code block is a named task function
- Each function takes options, manipulates it, and returns options back
- Tasks like permissions can reject if they don't pass, causing the pipeline to fail
- Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint
- Tasks like the data call can be extremely complex if needs be (like for some user endpoints)
- Option validation is mostly factored out to utils
- Option conversion is factored out to utils
- API utils have 100% test coverage
- Minor updates to inline docs, more to do here
closes#5490
- use same event handling pattern as fetchAll
- add support for `fetching:collection` to post model
- add tests to check that url is fetched via findAll and findPage
- extends clobbers the first argument you pass to it, so that should not be a variable that is used elsewhere, if you're also assigning the value, as it will have unintended side effects.
Firefox can't do flexbox, because why would a modern browser be able to do flexbox? Cray.
Closes#5438, Closes#5401 - same fix but vh unit because % unit is hella unreliable.
Prevents firefox from allowing blog title to overflow. This is an incredibly stupid fix for an incredibly stupid browser bug. Firefox is the worst modern browser in the world at basic layout rendering. Could someone let them know please? Closes#5430 as replacement.
closes#5358
- Moved node version check and exits if not supported
- Removed upgrade warning from `ghost-server.js`
- Perform a check for NODE_ENV, uses `config.example.js` if none apparent
closes#5433
- add gh-input class to inputs
- stop the incorrect addition of trash can on url page
- fix trigger of upload success to show loading in editor
- fix duplicate url field for images outside of editor when there is no file storage
closes#2896
- move default options / custom code into model functions
- move most of the filtering logic into base/utils.filtering (to be relocated)
- move the remainder of findPage back into base/index.js and remove from posts/users&tags
- move pagination-specific logic to a separate 'plugin' file
- pagination provides new fetchPage function, similar to fetchAll but handling pagination
- findPage model method uses fetchPage
- plugin is fully unit-tested and documented
Closes#5450
- No longer provide the edit route a model when transitioning from the
posts list/content screen and no longer check to see if a copy of the
post already exists in the store from the model hook.
Closes#5411
- Using rewire on the config package circumvents the
singleton nature of required packages, resulting in a
second instance of knex and a second connection to the
sqlite3 database.
When buttons changed to flexbox they lost some alignment properties. This change makes the container for the empty content state use a flexbox container and align its containing items correctly. Also removes some old media queries which are no longer needed.
No issue. Fixes bug where signin form was not expanding to its full width as a result of some earlier global changes. This sets an explicit fluid width with a max-width fallback so that it's always the correct size.
refs #2896
- remove duplicate query-building code
- use the same approach for creating the count query from the main query
- restructure the code to match more closely across the 3 findPage functions (prep for further refactoring)
No issue
- removes more usage of function prototype extensions in favor of Ember functions
- replaces some event calls with the direct function name
- adds comments to functions replaced with the event name
refs #2896
- moves repeated code out of models
- creates a new file for unit-testable code (this should be moved in future)
- adds a default for `page` as that seems sensible
- adds 100% test coverage for the new file
close#2757, refs #5286
- moves error formatting from api/index into errors lib
- moves error handling from api/index into its own middleware
- adds extra middleware for method not allowed which captures all unsupported routes
No issue
- Move editor-base-view mixin into editor/edit view
- Also deletes mobile views and modifies files that were using it
- Helps pave the way for Ember 2.0, where views do not exist
- [x] Mobilemenu button is missing from `content` and `editor` views
- [x] Mobilemenu pane slides entire content over, should expand over-top-of-content
- [x] Mobilemenu can't be closed
- [x] gh-view-title no longer generates an extra div; it is the h2.
- [x] gh-autonav-toggle closes the mobile menu on mobile. renamed `gh-menu-toggle`
- [ ] There is weird behaviour with mobile menu when changing from big=>small=>big viewport sizes
- ~~[ ] (Future issue) Ghost should remember (localstorage?) whether desktop menu is expanded or collapsed~~
Merging setup screen into the new app wrapper had some knock-on effects due to new flexbox parent elements. As a result things were vertically collapsing in unexpected ways on narrow viewports. This is cleaned up here, with some other minor visual bugfixes.
refs #1833
- move RSS tests to be in rss_spec.js
- improve RSS test coverage
- fix a bug with RSS title generation for tag RSS feeds
- replace custom code in processUrls with urlJoin
closes#5338
- moves skip link to below the submit button
- makes the submit button better represent form status
- posts notifications based on success/failure of notifications
- goes to the invite page after user creation
- actually sends invites!
functional tests passing for onboarding invitations
cleanup for linitng
remove unreachable return
access the notifications service better
use link-to instead of an anchor with an action
failed user creations get caught, and bubble as errors
a slew of other cleanup stuff via jason
- Adds gh-view-title component to implement mobile menu button for titles on any page
- Refactors the `content-cover` out into the application template
- Fix various z-index issues with content-cover and gh-alert
- Move `.settings-menu-expanded` application view state from body to `.gh-viewport`
- Unify nav menu / mobile menu actions and code
No issue
- moves the authentication initializer to be an instance initializer
- updates dependencies
- fixes error with asset-delivery not copying
- fixes problem with testing by re-building ember before casper tests
No Issue
- Remove unneeded imports from Brocfile.js.
- Move devDependencies up to dependencies.
- Update ember-mocha dependencies.
- moment@2.10.3 to match version used on backend.
no issue
- I've noticed the importer tests going wrong on SQLite a couple of times recently.
- I think it's because the teardowns were clashing, hopefully this will help
No issue
- fixed "{{#each}}" helper in templates to use block syntax
- fixed deprecated ember.controller getter/setter function to use new syntax
- removed unnecessary pass-protect route view
no issue
- I noticed this in CodeClimate, it was reporting errors for this file because of a dodgy char.
- Removed it and named the functions whilst I was in there :)
* refs #5286
* includes test cases for `addClientSecret`
* no tests first `generateAccessToken` and `authenticateClient` because there isn't anything to test in them
refs #5344
- As a result of #5344, context are pretty broken.
- This PR removes all dependence on req.route.path, and uses res.locals.relativeUrl
- res.locals.relativeUrl is used for many things and is dependable
- Updated all dev dependencies in the root package.json
- Added `--colors` to mocha when called from grunt test:... so that works better
- Removed non-unit tests from coverage, because they're just not useful
- Updated docker config to generate useful docs again - as a statement of intent, I also updated docs in key files
- Setup grunt watch-docs task for documentation writing easyness
No issue
- Prevent download count ajax request from running forever, even after setup is complete.
- Remove unneeded setup routes and controllers.
- Refactor to use ES6-imported ajax.
- Refactor to use injected services.
No Issue
- Switches to the newer style of dependency injection.
- Instead of injection Controllers via "needs," use
Ember.inject.controller().
- Get rid of initializers that were only injecting objects
into various factories. Converts these objects into Ember.Service
objects and declaratively inject them where needed via
Ember.inject.service(). The added benefit to this is that it's no
longer a mystery where these properties/methods come from and it's
straightforward to inject them where needed.
refs #5091
- This is step one of several steps towards ending up with dynamic routes for channels
- Refactoring this way makes the similarities between all the routes clearer to see
No Issue
- Switch resources to routes.
- No longer nest "settings" routes so the router reflects
the way the templates are rendered.
- Remove renderTemplate override from settings routes.
- Remove unneeded routes, controllers, and views.
- Adjust users page so that infinite scroll loading of users works
and markup remains the same for Zelda styling.
No issue
- ember-simple-auth@0.8.0-beta.2.
- Switch from SimpleAuth global to ember-cli-simple-auth and
ES6 imports.
- Refactor controllers to handle changes in 0.8.
- Introduces a new initializer to override some configuration
items that are set in environment.js but need to be set with
information that's only (easily) available at runtime.
No Issue
- Adds contextual classnames to Nav Bar links
- Various test updates
TODO
- Increase test coverage for new admin UI
- Fix up Caspertests for new Admin UI
closes#5294
This improves a hack for parsing JSON to be more robust.
Now attempt to parse JSON, and if it's not possible it will fallback to treating the value is a string,
reverting the behaviour to what it would have been if we didn't have JSON parsing here.
closes#5283
- due to the changes with the api call in pr #5159 the email address wasn't showing up
- modified the api call to fetch user data to pass the context object to the toJSON object
closes#5288
- use the config.blogURL as the frontend URL from the admin
- we know this is given to us without a trailing slash, so it's 100% safe to hard code this
- TODO: make all of the url generation a lot nicer i.e. #1833
closes#4322
- removes verifying "sections" of permalinks in favor of checking the url returned with the post
- fixes unit tests to define post.url in mock post requests
issue #5259
- removes the colors dependency
- adds in chalk dependency, and migrates everything to use that
- reduces some specs now that the log calls are cleaner
refs #5286
- split cache control middleware into its own file
- split out cache control tests
- add new mochacli command for running just middleware tests
closes#4778
- If import contains an owner that does not match original owner they are downgraded to admin
- Change error message for locked users to more generic message to account for imported users
- Adds duplicated user test
- Process Roles and maps import roles to db roles
- reduces export files in test fixtures
temp commit
closes#4782
- Still achieves the same goal of stripping out reserved characters
- Changes from removal to replacement
- This helps word separators from being removed
- Apostrophes (') are unaffected
refs #5205
- Ensure that pages are treated the same as posts in meta_title, add test
- Added a private-template body class for the private context, add test
- Added a missing test to is_spec.js
refs #4993, #5073
- Removed nonexistent helpers siteDescription and bodyClass from admin templates
- Changed password.hbs to private.hbs to match the route name
- added a new input_password helper for rendering the password input with the correct properties
- removed the forward input as this can be handled via urls only
- moved 'private' to routeKeywords
- added 'private' context
- minor update to text next to the password in settings
refs #5202
- this is just a stopgap to deliver minor improvement short term,
- longer term we will do the work to refresh refresh tokens & switch this to a month
In later versions of Ember, the views and components can be stable
and are not guaranteed to be torn down before a new controller is
set on them.
In this case, the controller is initially set before the element has been
rendered to the DOM causing errors when invoking `closest` on undefined.
- tying as many things to proper versions rather than repos as possible
- upgrading various packages, with the exception of anything to do with jQuery
- leaving normalize as-is due to previous issues
Refs #5097
- All drafts will show a preview link (this needs real css)
- Published posts will redirect
- prev/next post helpers only activate on published posts
- Powered by ~10 pints between the two of us (@ErisDS, @novaugust)
Closes#5179
- Overwrites the yellow code injection syntax highlighting (such as vendor prefixes in CSS) to be black, to match the rest of the property
- Adds rounded corners to the code injection CodeMorror wrapper to match its parents rounded corners (inherits the same value)
Closes#5155
- If the theme that has been set to active is missing, set
a default express-hbs instance on the express app and allow
middleware processing to continue so that the admin client can
be accessed.
- Log a warning when this happens.
- Fix issue where frontend error page was not being rendered
correctly.
closes#2559
- Added res.locals as a second parameter to the prePostsRender filter
call.
- This allows accessing the relative url and makes it possible to
react to certain urls.
fixes#5177
- this combined with a change passing options through to toJSON results in a really flukey bug with next/prev
where the name option from the helper clashes with a name option inside of toJSON
fixes#5177
- we now pass API/model options directly to toJSON, which is unsafe as these options haven't always been filtered before they are passed.
- this fix adds a filter so that toJSON only uses the options it needs
- additionally, rename the 'name' option to something more specific to prevent clashes
refs #2330
- Pass through `options` to all toJSON calls on posts, tags, and users
- Use options.context.user to determine whether it's OK to return user.email
- Remove author.email handling code from frontend.js
fixes#5136
- wrap notification fetch with a user role check to remove console error
- move author transition down to local route for users/user so that there's no infinite loop
- replace all store calls to fetch the current user with the session user instead
no issue
With the introduction of the prev/next helpers (and soon, get helper) we can no longer make any assumptions
about exactly which pages need to be cleared from the cache when a post is published/unpublished.