Commit Graph

957 Commits

Author SHA1 Message Date
Robert Jackson
3cf9034c90 Cleanup CodeMirror shortcuts.
* Add titleize utility function.
  * Capitalizes first word.
  * Capitalizes all words not contained in simple article/conjunction
    list.
* Enable shortcuts for `uppercase`, `lowercase`, and `titlecase`.
* Fix header shortcuts
  * Ensure that header shortcuts do not duplicate text.
  * Make headers idempotent (pressing `ctrl+alt+1` then
    `ctrl+alt+2` does not make `# # # blah`.
2014-07-31 10:53:13 -04:00
Hannah Wolfe
1c3cb1bb6a Merge pull request #3472 from morficus/issue-3401
custom slugging capabilities for individual user pages
2014-07-31 15:36:11 +01:00
Hannah Wolfe
26af1e4843 Merge pull request #3471 from novaugust/editor-shortcuts
Keyboard shortcuts for Mac vs All
2014-07-31 15:34:14 +01:00
Matt Enlow
a7444bf338 Keyboard shortcuts for Mac vs All
Closes #3029, Ref #3469
- Editor shortcuts are now built in a separate file, which uses `ctrlOrCmd` to correctly set OS specific shortcuts.
- Removed `newLine` and `selectWord` shortcuts
2014-07-31 08:00:52 -06:00
Sebastian Gierlinger
6ca9e6c657 Merge pull request #3462 from ErisDS/issue-3446
Post list: authors only see their own posts
2014-07-31 15:03:15 +02:00
Maurice Williams
489cd08d97 custom slugging capabilities for individual user pages
closes #3401
- modifying slug-generator to be more generic
- adding slugging capabilities for /settings/users/:slug
- modified posts to use the updated slug-generator
2014-07-31 08:14:22 -04:00
Robert Jackson
93e728bba2 Redirect to the first available post for current user. 2014-07-31 12:44:22 +01:00
Hannah Wolfe
23b2ac07d8 Completed post & user list filer by role
closes #3446, closes #3086

- Authors can only ever get to their own posts
- Editors only ever see authors in the user list
2014-07-31 11:23:37 +01:00
Hannah Wolfe
a6c205ac53 Merge pull request #3474 from felixrieseberg/iss3400
User Settings: Display cog based on rights
2014-07-31 09:30:13 +01:00
Felix Rieseberg
e84b6198c4 User Settings: Display cog based on rights
closes #3400
- The user view has been extended to have properties indicating whether
the user has rights to make the displayed user an owner or delete
him/her
- Handlebar conditionals decide whether or not to display the cog
2014-07-31 01:03:03 -07:00
Robert Jackson
f02c2acd71 Limit Posts for Authors.
* Ensures that posts listing only shows posts that the current user
  authored, if they only have the Author role.
* Do not transition into the posts.post route if the current user is
  not the author (but has the Author role). This is needed because
  the API server will always return the post (regardless of the current
  user).
2014-07-31 09:02:49 +01:00
Hannah Wolfe
7919c15e56 Post list: authors see their own posts
issue #3446
2014-07-31 09:02:48 +01:00
Hannah Wolfe
7bf9d021de Merge pull request #3467 from rwjblue/update-validation-to-match-server-error
Update validation to match server error.
2014-07-31 07:46:57 +01:00
Matt Enlow
420500ffab Add keyboard navigation of posts
Closes #3015
- Added stepThroughPosts method to PostsRouter, takes a integer, goes that far, wraps around the array.
- PostsPostRoute notifies the PostsController of which model it currently has, to help stepThroughPosts know who's selected
2014-07-30 22:23:02 -06:00
Hannah Wolfe
3de308dc20 Merge pull request #3436 from novaugust/user-role-dropdown
User role dropdown
2014-07-31 02:06:34 +01:00
Matt Enlow
21abed7f9a Add User Role Dropdown
Closes #3402, Closes #3428

-------------------

 ### Components
- Added GhostSelectComponent to handle async select creation (h/t @rwjblue)
- Added GhostRolesSelector (extends GhostSelect) for displaying user role options
- Created StoreInjector for surgically inserting the store into things that normally wouldn't have them.

 ### Users Settings
- InviteNewUserModal now uses GhostRolesSelector & defaults to Author
- The role dropdown for user settings has permissions set per 3402

 ### User Model
- Added `role` property as an interface to getting and setting `roles`
- Refactored anything that set `roles` to set `role`
- isAdmin, isAuthor, isOwner and isEditor are all keyed off of `role` now

 ### Tests
- Added functional tests for Settings.Users
- updated settings.users and settings.users.user screens
- fix spacing on screens

 ### Server Fixtures
- Fixed owner fixture's roles
2014-07-30 17:59:14 -06:00
Robert Jackson
bdbc689232
Update validation to match server error.
When a using the forgottenRoute if you enter an incorrectly formatted
email address you would see the error message 'Invalid Email', however
if you entered an email address that was correctly formatted but missing
the error message would be 'Invalid email address'.

This fixes the discrepancy.
2014-07-30 19:07:42 -04:00
Robert Jackson
3bddb548a5
Redirect to error404 when user not found.
Closes #3459.
2014-07-30 17:43:45 -04:00
Hannah Wolfe
c3308fbe2d Merge pull request #3463 from rwjblue/hard-refresh
Perform a hard refresh upon signout.
2014-07-30 22:28:27 +01:00
Hannah Wolfe
5d3788ffe6 Merge pull request #3457 from sebgie/issue#3426
Transfer ownership end point
2014-07-30 22:26:42 +01:00
Hannah Wolfe
8416839bde Merge pull request #3456 from PaulAdamDavis/prevent-auth-autocomplete
Disable autocomplete for setup & signup screens
2014-07-30 22:22:40 +01:00
Hannah Wolfe
06fb658829 Merge pull request #3454 from halfdan/signout-email
Properly remove email notification on signout.
2014-07-30 22:21:41 +01:00
Hannah Wolfe
3c47e630e8 Merge pull request #3453 from PaulAdamDavis/3271-prevent-website-autofill
Disable user settings autocomplete in Chrome
2014-07-30 22:14:32 +01:00
Hannah Wolfe
2251b58571 Merge pull request #3449 from felixrieseberg/iss3383
Stop validation error notification stack
2014-07-30 22:04:31 +01:00
Robert Jackson
7357ece639
Perform a hard refresh upon signout.
Closes #3458.
2014-07-30 14:22:28 -04:00
Sebastian Gierlinger
ded6aa6ac0 Transfer ownership end point
closes #3426
- added transfer ownership endpoint
- added owner to roles.permissible
- manually removed owner from roles.browse
- removed hard coded author role
- fixed tests that were passing due to hard coded author role
- added testUtils.setup(‚roles‘)
2014-07-30 17:40:30 +02:00
Felix Rieseberg
01ee33643c Stop validation error notification stack
closes #3383
- Calls closePassive() if a new validation error is thrown to display
only the latest validation error
2014-07-30 08:07:34 -07:00
Paul Adam Davis
a75d255fda Disable autocomplete for setup & signup screens
No issue

- Adds 2 hidden inputs at the top start of the form that trick chrome into filling those, leaving out the rest.
2014-07-30 16:04:03 +01:00
Paul Adam Davis
21668cc65d Disable user settings autocomplete in Chrome
Closes #3271

- Adds 2 hidden inputs at the top start of the form that trick chrome into filling those, leaving out the rest.
2014-07-30 14:34:02 +01:00
Fabian Becker
5bc1bf8380 Properly remove email notification on signout.
no ref
- Calls notifications.clear() on signout
2014-07-30 13:32:19 +00:00
Hannah Wolfe
fe2e3f45c7 Merge pull request #3416 from alarobric/case_3291
Settings screens redirect for certain roles
2014-07-30 14:17:19 +01:00
Hannah Wolfe
6a687723c5 Merge pull request #3447 from jaswilli/auth
Fixup signin and signout
2014-07-30 14:13:02 +01:00
Alan Richards
dacd1060ee Settings screens redirect for certain roles
Closes #3291
- Adds redirects based on roles as defined in the case
- Adds new mixin `CurrentUserSettings`
- For authors, all settings pages redirect to `users/self`
- For editors, all settings pages other than specific users redirect to `users`. Any user that is not self or an author redirects to `users`
2014-07-30 00:57:16 -07:00
Jason Williams
725d4aac7d Fixup signin and signout
No Issue
- Move authentication related handlers to the Application route.
- Switch Sign Out from a button to a link.  Use the signout route
  to handle invalidating the session and redirecting instead of
  an action from a button.
- Clear error messages on signin page when pressing log in button.
- Errors are now always shown on sign in screen and a success
  notification is shown after sign out.
- Update functional tests.
2014-07-29 20:58:43 +00:00
Sebastian Gierlinger
83e1ffca1d Fix Invitations
no issue
- added `invited-pending` when resending invitation
- promise chain was missing a return statement
- email error was masked and front end showed success notification
2014-07-29 15:35:48 +02:00
Hannah Wolfe
0ffc5e6d47 Improve importer error messaging
closes #3274

- Ensure that validation errors are always handled by moving them into the
  importer
- Ensure that db errors are handled consistently across sqlite and mysql
- Change the errors to be output in a table, with a short failure notification
- Add tests for 003 importing bad files
2014-07-29 12:02:18 +01:00
Hannah Wolfe
9f2ddf7937 Merge pull request #3440 from sebgie/notification-reset-invite
Reset/Signin while signed in
2014-07-29 11:52:40 +01:00
Maurice Williams
de1dc4d0d0 Removing "author" role-label
closes #3427
- adding conditional statement to now display users with role "author"
2014-07-29 01:50:34 -04:00
Jason Williams
7a7138e534 Preserve order of tags as entered by the user.
Closes #3133
- Implement an ordered set for the tags property of the tag
  input controller.  Set order is by order added to the post.
2014-07-29 02:16:21 +00:00
Sebastian Gierlinger
b3112a4349 Reset/Signin while signed in
no issue
- added redirect and notification to reset route
- added notification to signup route
2014-07-28 18:00:08 +02:00
Hannah Wolfe
6adc6efb3b Merge pull request #3423 from jaswilli/issue-3403
Add a mixin for saving a subset of a model.
2014-07-28 09:49:19 +01:00
Hannah Wolfe
64766de8d6 Merge pull request #3422 from sebgie/issue#3177
Hide Access Token
2014-07-28 09:18:42 +01:00
Jason Williams
d59edf1806 Add a mixin for saving a subset of a model.
Closes #3403
- Add SelectiveSaveMixin so that a DS.Model can save one or more
  properties at a time while preserving other outstanding changes.
2014-07-27 21:04:35 +00:00
Sebastian Gierlinger
d895238571 Add XSS prevention
closes #3387
- added placeholder for <script> and <iframe>
- added google-caja sanitizer
- changed title in posts overview to ‚double-stash‘
2014-07-27 23:03:01 +02:00
Sebastian Gierlinger
f0d38aa66d Hide Access Token
closes #3177
- uses an iFrame to initiate the download to hide the access token

The access token is now hidden in the admin logic. If we would like to
completely hide the token it is possible to remove the access token and
use signed requests instead, but I think the effort isn’t worth the
benefit in this case.
2014-07-27 22:57:57 +02:00
Hannah Wolfe
77ae8394e0 Merge pull request #3393 from joeldrapper/sort-roles-dropdown
Fixed role sort order in the invite a new user drop down list
2014-07-27 19:39:06 +01:00
Hannah Wolfe
8c017de4d3 Merge pull request #3412 from novaugust/credentials-validation-convergance
Create new user validator to DRY up validators
2014-07-27 19:38:24 +01:00
Hannah Wolfe
f372ecddf0 Merge pull request #3411 from novaugust/signup-password
Rebind password to password input on signup page
2014-07-27 19:36:54 +01:00
Jason Williams
9dfef70d25 Do not clear password until after leaving signin
Closes #3399
- Provide our own authenticate action handler which does not
  clear the password input.
- Use the Signin route's deactivate hook to clear the password
  property on the controller after the user has transitioned
  away from the signin page.
2014-07-26 19:06:58 +00:00
Hannah Wolfe
1cff73f36c Merge pull request #3406 from simplabs/update-ember-simple-auth
Updated Ember Simple Auth to latest version
2014-07-26 17:24:18 +01:00