Commit Graph

726 Commits

Author SHA1 Message Date
Hannah Wolfe
cc995e8ef6 Merge pull request #3371 from javorszky/iss3100
Implement user and related content deletion
2014-07-31 07:51:15 +01:00
Jacob Gable
69b871a754 Make importer more robust for tags
Closes #3242

- Add checks for valid fields in tags and posts
- Add unit test with empty tag export data file
- Add unit test with empty post export data file
2014-07-30 22:33:45 -05:00
Gabor Javorszky
8487dada0b Implement user and related content deletion
Closes #3100

* Introduces `destroyByAuhor`, given a context and an id, it will check if context has permission to delete the user by the id, and then deletes all the content where `author_id` is id, and then deletes the user
* Does multiple checks to make sure user exists
* Added a fixture `posts:mu` that creates 4 users belonging to 4 roles, 50 posts that have authors evenly distributed, 5 tags and all 50 have one tag attached to it, evenly distributed.

Caveats / questions

* Started testing
2014-07-31 03:48:59 +01:00
Hannah Wolfe
3de308dc20 Merge pull request #3436 from novaugust/user-role-dropdown
User role dropdown
2014-07-31 02:06:34 +01:00
Matt Enlow
21abed7f9a Add User Role Dropdown
Closes #3402, Closes #3428

-------------------

 ### Components
- Added GhostSelectComponent to handle async select creation (h/t @rwjblue)
- Added GhostRolesSelector (extends GhostSelect) for displaying user role options
- Created StoreInjector for surgically inserting the store into things that normally wouldn't have them.

 ### Users Settings
- InviteNewUserModal now uses GhostRolesSelector & defaults to Author
- The role dropdown for user settings has permissions set per 3402

 ### User Model
- Added `role` property as an interface to getting and setting `roles`
- Refactored anything that set `roles` to set `role`
- isAdmin, isAuthor, isOwner and isEditor are all keyed off of `role` now

 ### Tests
- Added functional tests for Settings.Users
- updated settings.users and settings.users.user screens
- fix spacing on screens

 ### Server Fixtures
- Fixed owner fixture's roles
2014-07-30 17:59:14 -06:00
Hannah Wolfe
5dc457b417 Merge pull request #3443 from halfdan/30850-users-api
Users API advanced browsing
2014-07-30 22:47:55 +01:00
Hannah Wolfe
5d3788ffe6 Merge pull request #3457 from sebgie/issue#3426
Transfer ownership end point
2014-07-30 22:26:42 +01:00
Fabian Becker
d4fdb07d9c Users API advanced browsing
closes #3085
- active and invited include multiple statuses when fetching
- adjusted data generator
2014-07-30 16:59:27 +00:00
Sebastian Gierlinger
ded6aa6ac0 Transfer ownership end point
closes #3426
- added transfer ownership endpoint
- added owner to roles.permissible
- manually removed owner from roles.browse
- removed hard coded author role
- fixed tests that were passing due to hard coded author role
- added testUtils.setup(‚roles‘)
2014-07-30 17:40:30 +02:00
Hannah Wolfe
57a5444335 User API ability to filter users by role
refs #3446

- This only covers the API changes needed for #3446
2014-07-30 15:02:25 +01:00
Hannah Wolfe
6a687723c5 Merge pull request #3447 from jaswilli/auth
Fixup signin and signout
2014-07-30 14:13:02 +01:00
Hannah Wolfe
de3d836116 Uncommenting fixed tests 2014-07-30 13:51:32 +01:00
Hannah Wolfe
3e194097a5 Merge pull request #3448 from jaswilli/update-check-test
Ghost instance not needed in update check test
2014-07-30 13:50:02 +01:00
Hannah Wolfe
92805d70e1 Merge pull request #3424 from jgable/fixSettings
Fix lazy loading of settings
2014-07-30 13:39:46 +01:00
Jason Williams
a4fe341c2f Ghost instance not needed in update check test
Refs #3424, Refs #3444
- API and test suite refactoring triggered a conflict with
  the way update_check_spec.js was written.  Using a running
  copy of Ghost is no longer needed in those tests so it
  was removed.
2014-07-29 22:29:13 +00:00
Jason Williams
725d4aac7d Fixup signin and signout
No Issue
- Move authentication related handlers to the Application route.
- Switch Sign Out from a button to a link.  Use the signout route
  to handle invalidating the session and redirecting instead of
  an action from a button.
- Clear error messages on signin page when pressing log in button.
- Errors are now always shown on sign in screen and a success
  notification is shown after sign out.
- Update functional tests.
2014-07-29 20:58:43 +00:00
Hannah Wolfe
4e85ac1c94 Adding new {{title}} helper
closes #3389
2014-07-29 21:45:56 +01:00
Hannah Wolfe
e4134ccad7 Merge pull request #3438 from hswolff/home-template
Add ability to create a 'home.hbs' template file for templates
2014-07-29 17:10:47 +01:00
Hannah Wolfe
68895c70eb Merge pull request #3442 from sebgie/issue#2330
Remove email address from frontend
2014-07-29 17:10:35 +01:00
Jacob Gable
0b34ad84cb Fix lazy loading of settings
Closes #3281

- Add the missing return to populateDefault
- Wrap defaultSetting in [] when passing to readSettingsResult
- Populate default value of dbHash in parseDefaultSettings
- Modify migrations.init to only load databaseVersion for export_spec test
- Fix spacing in test util file and null reference error in test
- Uncomment user tests (but add .skip) and remove settings from testUtils.setup()
2014-07-29 10:43:38 -05:00
Harry Wolff
fd61b9ff2a Add ability to create a 'home.hbs' template file for templates
issue #3409

- DRYs out the controllers/frontend a little by moving common functinoality
 into its own function
- adds ability to use home.hbs template file if it exists
- adds unit tests for this functionality
2014-07-29 08:14:20 -04:00
Hannah Wolfe
0ffc5e6d47 Improve importer error messaging
closes #3274

- Ensure that validation errors are always handled by moving them into the
  importer
- Ensure that db errors are handled consistently across sqlite and mysql
- Change the errors to be output in a table, with a short failure notification
- Add tests for 003 importing bad files
2014-07-29 12:02:18 +01:00
Paul Adam Davis
503f359aab Add plural handlebars helper
Closes #3414

- Adds a helper which shows a select string deopending on the number of items provided

```
{{plural pagination.total empty='No posts' singular='% post' plural='% posts'}}
```
If `pagination.total` == 0, output 'No Posts'
If `pagination.total` == 1, outputs `1 Post`
If `pagination.total` ==  2 or more, outputs `2 Posts`

Credit to @sebgie for making this work.
2014-07-29 11:40:31 +01:00
Sebastian Gierlinger
d5747430e9 Remove email address from frontend
closes #2330
- added deletion email address from post.author in front end
- updated tests
- with some refactoring this could be done on API level
2014-07-29 11:23:02 +02:00
Hannah Wolfe
49660ff703 Test for invite users error
refs #3433
2014-07-29 10:19:02 +01:00
Hannah Wolfe
9343bccb1f Merge pull request #3437 from morficus/issue-3433
Error when inviting users
2014-07-29 05:36:28 +01:00
Maurice Williams
e15fb9ed57 Error when inviting users
fixes #3433
- passing only the role ID when creating a user
- uncommenting test cases
2014-07-29 00:06:40 -04:00
Hannah Wolfe
37399b30db Merge pull request #3430 from sebgie/refresh-token-expiry
Change refresh token expiry
2014-07-29 04:19:46 +01:00
Hannah Wolfe
407133df27 Merge pull request #3434 from gleneivey/3431-run-with-latest-casperjs
Change casperjs helper used to get RSS page content.
2014-07-29 04:18:51 +01:00
Glen E. Ivey
8826d4e663 Change casperjs helper used to get RSS page content.
closes #3431
- change feed_test.js to call casperjs getHTML() instead of
  getPageContent(), because the latter now strips markup

Alternative fix would be to use .page.frameContent directly
instead of using a casperjs wrapper.

Change runs cleanly on Travis (old casperjs tag) and locally
in the Ghost-Vagrant setup with both the old casperjs tag
and the current HEAD SHA (29bbd03f7cdc9fc1e70f0fe1400635dd7d3537ad)
2014-07-28 07:58:24 -07:00
Sebastian Gierlinger
e1c0c5ce98 Change refresh token expiry
no issue
- acquiring a new access token using a refresh token sets the
expiration time of the refresh token to now + 24 hrs.
- moved all occurrences of ONE_HOUR, ONE_DAY and ONE_YEAR to
`core/server/utils`
2014-07-28 15:19:49 +02:00
Sebastian Gierlinger
cc471aedcb Merge pull request #3395 from ErisDS/issue-3096
User Permissions: Edit, Add, Destroy & Role management
2014-07-28 12:04:07 +02:00
Hannah Wolfe
987e9277dc User edit, add & destroy perms restricted by role
closes #3096, closes #3378, refs #3100

- user.permissible updated to reflect proper permissions
- small amount of API refactoring to handle extra cases
- extensive integration testing
2014-07-28 08:32:04 +01:00
Hannah Wolfe
7714dc6ab1 Adding role API tests & fixing browse
refs #3083, refs #3196
2014-07-28 07:22:06 +01:00
Hannah Wolfe
e7dc51dc66 Improving error handling 2014-07-28 06:30:01 +01:00
Hannah Wolfe
4e3b21b7da Permissions Improvements
refs #3083, #3096

In order to implement advanced permissions based on roles for specific
actions, we need to know
what role the current context user has and also what action we are
granting permissions for:
- Permissible gets passed the action type
- Effective permissions keeps the user role and eventually passes it to
  permissible
- Fixed spelling
- Still needs tests
2014-07-28 06:29:59 +01:00
Sebastian Gierlinger
d895238571 Add XSS prevention
closes #3387
- added placeholder for <script> and <iframe>
- added google-caja sanitizer
- changed title in posts overview to ‚double-stash‘
2014-07-27 23:03:01 +02:00
Fabian Becker
1cd2fa59bd Correct meta_title for author pages.
closes #3407
- Output correct meta_title for author pages
- Add test for meta_title for tag and author pages
2014-07-25 19:48:49 +00:00
Hannah Wolfe
a9a5acf2f2 Merge pull request #3377 from PaulAdamDavis/signout-button
Change signout link to button
2014-07-24 17:52:09 +01:00
John O'Nolan
b6b32ab570 Five posts per page 2014-07-24 17:43:48 +01:00
Paul Adam Davis
93051fcbdb Change signout link to button
References https://github.com/TryGhost/Ghost-UI/issues/65

- Swap signout link from an `<a>` tag to `<button>`
- Changed tests to match new element
2014-07-23 22:12:45 +01:00
Hannah Wolfe
337713ce63 Refactor fixture use in tests
no issue

- Refactor all integration tests to specify and load ONLY the fixtures
  they require to run, rather than initialising the whole kit-and-kaboodle
  for every single test which takes FOREVER.
- Refactor the route tests to share a doAuth function, and also specify
  additional fixtures required
- Move import and export unit tests, which are actually integration tests
  (they touch the DB)
- Comment out most of the permissions unit tests for now as they need more
  stubs/mocks so as to not touch the DB

Still todo:

- prevent default DB initialisation in route tests, and specify all
  fixtures requires as per the integration tests
- fix up the unit/permissions_spec
2014-07-23 05:04:50 +01:00
Hannah Wolfe
63efa541bd Merge pull request #3367 from jaswilli/issue-3161
Get Ember Admin ready for production
2014-07-23 04:47:19 +01:00
Harry Wolff
be37070fb6 This aims to speed up both the ghost application and tests by
migration from usage of config() to just an object of config.

no relevant issue

- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing.  Its sole purpose is to make sure a `config.js`
 file exists, and as such the name now reflects that purpose.

- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules

- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.

- Fixes to tests to support new config access method

- Allow each test to still work when invoked invidually
2014-07-22 22:37:44 -04:00
Jason Williams
7ae48f1dd3 Get Ember Admin ready for production
Closes #3161
- Add a config.js file for the client which is used to configure
  Ember.Application during runtime. The correct version of config.js
  is copied into place by grunt via the copy:(dev|prod) task from
  either config-dev.js or config-prod.js.
- Serve minified and production versions of libraries where applicable
  including handlebars-runtime and ember-prod.
- Bundle third party libraries into vendor.min.js.
- Bundle Ghost's Ember app and templates into ghost.min.js
- Remove all fixture data and code from the client.
2014-07-22 22:33:49 +00:00
Hannah Wolfe
a620e9017e updating tests to match casper 2014-07-22 23:26:13 +01:00
Hannah Wolfe
dabc780110 Merge pull request #3343 from sebgie/issue#3087
Add edit roles
2014-07-22 01:12:26 +01:00
Sebastian Gierlinger
28b03ec87e Add edit roles
refs #3087
- added ability to edit user/roles relation
- user is not allowed assign roles to himself
- only one role per user is supported atm
- added tests
2014-07-21 22:50:43 +02:00
Hannah Wolfe
c0732292ac Merge pull request #3331 from ErisDS/issue-3076
Author pages
2014-07-21 20:57:06 +01:00
Maurice Williams
a8ca517c54 Pagination for Users Management screen
closes #3222
- implementing server-side pagination for /users API
- passing /users?limit=none will return all users
- passing /users?status=invited will filter base on user status
- creating 3 mixins (route, controller and view) to keep pagination logic DRY
- updating route, controller and view for Posts to use new mixing
- implementing infinite scrolling for Users Management screen (using new mixins)
- Users Management screen displays all invited users, but paginates active users
2014-07-21 14:03:26 -04:00
Hannah Wolfe
4c276603ec Fix tests tripping spam protection 2014-07-21 14:33:42 +01:00
Hannah Wolfe
cf9839c71d Integration tests use consistent teardown methods 2014-07-21 13:25:51 +01:00
Hannah Wolfe
2b28e252d7 Merge pull request #3336 from javorszky/fix-catches-in-tests
Replaces then(null, done) with .catch(done), OCD on blank lines
2014-07-20 18:03:28 +01:00
Hannah Wolfe
b7aa09f439 Author helpers
closes #3077

- expend urlFor to handle /author/ urls
- update author helper to output a link
2014-07-20 17:57:59 +01:00
Gabor Javorszky
36ba3549e7 Replaces then(null, done) with .catch(done), OCD on blank lines
No issue
2014-07-20 17:32:29 +01:00
Hannah Wolfe
9575b25711 switched parent_id for parent
fixes #3333
2014-07-20 16:39:56 +01:00
Hannah Wolfe
5a6af020c5 Model & test cleanup 2014-07-20 09:34:30 +01:00
Hannah Wolfe
43b91f281d Merge pull request #3322 from jaswilli/check-setup
Check setup status when making API responses
2014-07-19 00:36:12 +01:00
Hannah Wolfe
c9b24b0a9b Merge pull request #3321 from ErisDS/issue-2600-fin
Wrap up schema amends for 003
2014-07-19 00:19:14 +01:00
Hannah Wolfe
67de186893 Merge pull request #3319 from ErisDS/issue-3275
Extending context concept to models
2014-07-19 00:13:19 +01:00
Jason Williams
7d3139d093 Check setup status when making API responses
Closes #3303, Closes #3299
- Check whether or not setup has been completed when deciding
  how to respond to certain API requests.
- Add tests.
2014-07-18 22:28:28 +00:00
Hannah Wolfe
8fc1b03ea7 Wrap up schema amends for 003
closes #2600

- adds 2 new columns to tags, for the soon-to-land tag management UI
- fixes validation for the active bool in app_fields
- adds missing return to addColumn command
- cleanup in addTableColumn util
2014-07-18 19:33:36 +01:00
Hannah Wolfe
6e48275160 Extending context concept to models
fixes #3275, fixes #3290, ref #3086, ref #3084

- Ensure that we use the current logged in user and not just user 1 when
- removing hard coded user: 1 except where absolutely necessary
- passing context, rather than user to models
- base model has a new function to determine what id to use for created_by etc
2014-07-18 15:32:56 +01:00
Fabian Becker
5cd5f8cca9 Schema changes for Apps
refs #2465
- Add active field to app_fields
- Adjust data generator for app fields
2014-07-18 12:39:14 +00:00
Sebastian Gierlinger
62c1ce128e Fix editing author
no issue
- author_id is converted to author for API responses but was never
converted back for requests
2014-07-18 10:48:48 +02:00
Hannah Wolfe
487844122d Merge pull request #3312 from ErisDS/issue-2739-2
Wire permmissions for notifications, mail and tags
2014-07-17 18:04:38 +01:00
Hannah Wolfe
cfaa6f058a Wire permmissions for notifications, mail and tags
closes #2739

- wraps the api endpoints for mail, notifications, and tags in a canThis
  check
- add internal context to internal calls
- updates tests
2014-07-17 16:44:09 +01:00
Hannah Wolfe
efa7665124 Merge pull request #3310 from sebgie/issue#3128-2
Fix tests failing because of spam protection
2014-07-17 16:41:31 +01:00
Sebastian Gierlinger
ab456638c1 Fix tests failing because of spam protection
closes #3128 (now really)
- added express variable disableLoginLimiter
- added disableLoginLimiter to all tests that use Ghost as module and
do authentication
- fixed isSetup not working for status other than active
- removed ‚Ensure a User is Registered‘ test as this is covered by the
new setup test
2014-07-17 14:22:32 +02:00
Sebastian Gierlinger
42f461cb6d Restored spam prevention
closes #3128
- added spam prevention middleware
- restored tests
2014-07-17 14:22:07 +02:00
Hannah Wolfe
ce06ad412a Adding and renaming permissions
refs #3283, refs #2739, refs #3096

- Renames permissions which didn't follow bread
- Adds permissions for notifications, mail and tags

Still todo:

- wire up the new permissions where they are needed
- add permissions for roles
2014-07-17 12:32:25 +01:00
Hannah Wolfe
5c1a7a7349 Revert "Restore spam prevention" 2014-07-17 12:11:23 +01:00
Hannah Wolfe
ef8c280635 Merge pull request #3282 from sebgie/issue#3128
Restore spam prevention
2014-07-16 19:39:32 +01:00
Jason Williams
979c3f237c Prevent loading setup screen if already setup
Closes #3145
- Prevent navigation to the setup screen if Ghost setup
  has previously been completed.
- Fix templates that were incorrectly using foreach instead of each.
- Add validation for minimum password length.
- Fix up functional tests and split out tests for setup to a separate
  instance of casper because setup requires a new database.
- Add a cleanDatabase task to grunt which resets the database to
  new.
2014-07-16 15:54:42 +00:00
Sebastian Gierlinger
e4e027d17b Restored spam prevention
closes #3128
- added spam prevention middleware
- restored tests
2014-07-16 10:00:49 +02:00
Hannah Wolfe
5095c6f0dd Merge pull request #3277 from PaulAdamDavis/link-href-fixes
Replace anchors with no real href with buttons
2014-07-15 18:34:50 +01:00
Hannah Wolfe
34a0c42834 Merge pull request #3276 from sebgie/issue#3252
Move image upload to API
2014-07-15 18:09:32 +01:00
Paul Adam Davis
6451be695b Replace anchors with no real href with buttons
Closes #3101 & #916
2014-07-15 17:43:21 +01:00
Hannah Wolfe
4d610268c6 Merge pull request #3259 from novaugust/settings-mobile-routing
Refactor Settings routing and mobile interactions
2014-07-15 16:55:02 +01:00
Matt Enlow
58b635203c Remove minor notifications; Close persistent notifications even on error
Closes #3105, Closes #3175

- Removed notification on successful post's `page` status change
- Removed notification on successful post `featured` status change
- Added `closePassive()` notifications on error in the post-settings-menu
- Persistent notifications will close whether their `DELETE` request was
  successful or not.

 #### Misc
- Added `name` attribute to `post-setting-menu.hbs` inputs to facilitate testing
- Removed `return <Promise>` from action in `PostSettingsMenuController`. Actions should only return `true`
- Toggling `post.featured` won't fire NProgress.
2014-07-15 09:03:18 -06:00
Sebastian Gierlinger
2957b0175e Move image upload to API
closes #3252
- added `/ghost/api/v0.1/uploads/` endpoint
- removed upload method from `controller/admin.js`
- moved removal of temporary files from storage to endpoint (needed to
account for failed uploads)
- changed and moved tests
- Oversight: I think that we use `.otherwise()` and `.catch()` a bit
too extensive and mask the real error objects. We probably need an
error handling strategy at some point in the future.
2014-07-15 12:40:14 +02:00
Matt Enlow
153f76aa7c Refactor settings routing and mobile interactions
Closes #3254, closes #3138, closes #3245
 ### Settings Routing and View refactoring
- Refactored `SettingsView` to handle transitions between mobile and desktop layouts
- `SettingsRoute` will only transition to `settings.general` if the screen is large enough to show both the menu and the content
- Added `SettingsIndexView` to handle showing the settings menu on mobile screens
- Added `SettingsContentBaseView` to be inherited by any settings view that is not index.
- Updated Settings templates appropriately to work with new views
- Removed extraneous `active` class from `settings-content`
- Changed settings menu to use `gh-activating-list-item`
- Retooled settings tests

 ### Mobile Utils
- Renamed file to `mobile.js`, since it's inside of `utils/`
- Added `mobileQuery` MediaQueryList to help detect layout changes
- Removed unused `hasTouchScreen`, `device.js` should be used instead.
- Removed unused `smallScreen` function
- Moved FastClickInit to codemirror-mobile
2014-07-14 17:36:48 -06:00
Hannah Wolfe
3ff9146d9e Server side cleanup
- remove sessions
- remove all references to csrf
- create a shared base model for the 2 types of token
2014-07-14 21:50:12 +01:00
Jason Williams
ef1858b6c7 Fix validations on user settings page
Closes #3271
- Change validations on both server and client to allow the
  Website field to be empty or a valid URL.
- Add new schema validation helper isEmptyOrURL.
- Remove duplicate call to UserValidator in the save action
  of the SettingsUser controller.
- User.last_login and User.created_at are already Moment objects
  so Moment#fromNow can be called on them directly.
2014-07-14 18:12:57 +00:00
Jason Williams
1bf975af90 Turn on update notifications for Ember admin
Issue #3160
- Use notifications API to display available update notification.
- Remove update_notification handlebars helper as now both the
  check for an available update and the notification handling
  is run from the server's admin controller index method.
- Bind the notification's location property to a css class
  for styling.
- Refactor Ember notifications to better handle notification
  objects.  Move responsibility for css class generation onto
  the notification component.
- Refactor gh-notifications component to take a location argument
  that's used to assign a css class and filter notifications.
2014-07-11 15:02:26 +00:00
Hannah Wolfe
ef1207cc0d Merge pull request #3213 from hswolff/lazy-load-models
Preparation for lazy loading of models
2014-07-11 15:29:46 +01:00
Sebastian Gierlinger
8c2258dc4c Move setup to API
closes #3136
- moved setup to authentication API
- added `POST /ghost/api/v0.1/authentication/setup` to execute the
setup process
- added `GET /ghost/api/v0.1/authentication/setup` to check if blog is
already set up (needed for #3145)
- removed unused methods from api/users.js
2014-07-11 14:17:09 +02:00
Jason Williams
4ef4d0f97a Fix handling of async db calls in fixtures
Closes #3167
- Change fixture loading methods to keep track of promises
  returned from async database calls so that aggregators function
  correctly.
2014-07-11 02:39:06 +00:00
Hannah Wolfe
49b08c3bdc Merge pull request #3236 from sebgie/issue#3074
Setup hijacks owner user
2014-07-10 21:52:41 +01:00
Sebastian Gierlinger
215badc663 Setup hijacks owner user
closes #3074
- user generated by fixture is hijacked
- user is updated with name, email, password, slug and status
- creates new user if db is migrated but no user exists
- previously removed tests are back
2014-07-10 19:29:51 +02:00
Harry Wolff
25076ab087 Fix slowdown of tests by reverting back to using knex in test/utils 2014-07-10 08:05:03 -04:00
Harry Wolff
cddd23f926 Only reference model properties through the models module.
This frees us up to enforce one single point of access, thus paving
the way towards allowing us to initialize the models at are request,
and not when it's require().

addresses #2170
2014-07-10 08:04:32 -04:00
Hannah Wolfe
b69b5e7638 Merge pull request #3230 from jaswilli/issue-3226
Fix active theme selector.  Add validation to API.
2014-07-10 12:52:01 +01:00
Sebastian Gierlinger
5e4fae6f11 Add owner fixture
closes #3073
- added fixture for owner role
- added fixture for initial user (new db)
- added conversion administrator -> owner (existing db)
- changed tests to take over owner user
- removed some functional tests until /setup works with owner user
2014-07-10 12:00:51 +02:00
Jason Williams
fddf2ee42f Fix active theme selector. Add validation to API.
Closes #3226
- Remove dependent property from the computed content property
  that is used to build the active theme selector.
- Add validation to the Settings model so that it rejects
  attempts to set an activeTheme that is not installed.
2014-07-09 22:14:33 +00:00
Hannah Wolfe
a593cbfb53 Move post slug endpoint & add endpoints for users
closes #3187

- move slug endpoint to post/slug/:slug
- create similar  slug and email endpoint for users
- add/update tests
2014-07-09 16:55:34 +01:00
Sebastian Gierlinger
035fb04d34 closes #3197
- added role to user obj (only returned from the user endpoint)
- added `/users/?include=roles` and
`/users/?include=roles,roles.permissions` query parameters
- added and updated tests
2014-07-08 18:00:59 +02:00
Hannah Wolfe
40b7cfbabf Merge pull request #3201 from jaswilli/issue-3199
Check datatype for date format conversion
2014-07-06 20:28:29 +01:00
Jason Williams
05d199f9b4 Check datatype for date format conversion
Closes #3199
-If datatype is dateTime convert to javascript Date object when
 retrieved from the database.
-Add tests to make sure models and internal API are using Date
 objects for dateTime fields.
-Add tests to make sure the HTTP API is returning ISO 8601
 date strings for dateTime fields.
2014-07-05 19:15:32 +00:00
Maurice Williams
ad9997e995 Removing old "user settings" screen and putting in new MU "users settings" screen and updating functional test cases.
Fixes #3078
- new "users" resource, with matching controller and template
- fetching real data from /ghost/api/v0.1/users/
- updated "user" route to accept a :slug as a URL parameter
- updated labels everywhere (from "user" to "users")
- updated "profile" link to header to point to proper "users/:slug" route
- updated core/client/.jshintrc to recognize moment as a valid global function
- adjusted DOM selector used in Casper to properly identify the new screen
- adding "slug" as a new property of the user data used during the Casper functional tests
2014-07-05 11:33:03 -04:00