Commit Graph

45 Commits

Author SHA1 Message Date
Sebastian Gierlinger
3792598a31 Update spam prevention
closes #3468
- added rate limit to deny more than 5 attempt every hour
- updated spam prevention to be configurable
- added config values spamTimeout, ratePeriod, rateAttempts
- added ratePeriod:1 to config.example.js to prevent functional tests
from hitting the rate limit
- commented spam test, I’ll fix it tomorrow
2014-08-01 00:58:32 +02:00
Robert Jackson
3cf9034c90 Cleanup CodeMirror shortcuts.
* Add titleize utility function.
  * Capitalizes first word.
  * Capitalizes all words not contained in simple article/conjunction
    list.
* Enable shortcuts for `uppercase`, `lowercase`, and `titlecase`.
* Fix header shortcuts
  * Ensure that header shortcuts do not duplicate text.
  * Make headers idempotent (pressing `ctrl+alt+1` then
    `ctrl+alt+2` does not make `# # # blah`.
2014-07-31 10:53:13 -04:00
Matt Enlow
a7444bf338 Keyboard shortcuts for Mac vs All
Closes #3029, Ref #3469
- Editor shortcuts are now built in a separate file, which uses `ctrlOrCmd` to correctly set OS specific shortcuts.
- Removed `newLine` and `selectWord` shortcuts
2014-07-31 08:00:52 -06:00
Hannah Wolfe
0ffc5e6d47 Improve importer error messaging
closes #3274

- Ensure that validation errors are always handled by moving them into the
  importer
- Ensure that db errors are handled consistently across sqlite and mysql
- Change the errors to be output in a table, with a short failure notification
- Add tests for 003 importing bad files
2014-07-29 12:02:18 +01:00
Sebastian Gierlinger
d895238571 Add XSS prevention
closes #3387
- added placeholder for <script> and <iframe>
- added google-caja sanitizer
- changed title in posts overview to ‚double-stash‘
2014-07-27 23:03:01 +02:00
Hannah Wolfe
4d610268c6 Merge pull request #3259 from novaugust/settings-mobile-routing
Refactor Settings routing and mobile interactions
2014-07-15 16:55:02 +01:00
Matt Enlow
58b635203c Remove minor notifications; Close persistent notifications even on error
Closes #3105, Closes #3175

- Removed notification on successful post's `page` status change
- Removed notification on successful post `featured` status change
- Added `closePassive()` notifications on error in the post-settings-menu
- Persistent notifications will close whether their `DELETE` request was
  successful or not.

 #### Misc
- Added `name` attribute to `post-setting-menu.hbs` inputs to facilitate testing
- Removed `return <Promise>` from action in `PostSettingsMenuController`. Actions should only return `true`
- Toggling `post.featured` won't fire NProgress.
2014-07-15 09:03:18 -06:00
Matt Enlow
153f76aa7c Refactor settings routing and mobile interactions
Closes #3254, closes #3138, closes #3245
 ### Settings Routing and View refactoring
- Refactored `SettingsView` to handle transitions between mobile and desktop layouts
- `SettingsRoute` will only transition to `settings.general` if the screen is large enough to show both the menu and the content
- Added `SettingsIndexView` to handle showing the settings menu on mobile screens
- Added `SettingsContentBaseView` to be inherited by any settings view that is not index.
- Updated Settings templates appropriately to work with new views
- Removed extraneous `active` class from `settings-content`
- Changed settings menu to use `gh-activating-list-item`
- Retooled settings tests

 ### Mobile Utils
- Renamed file to `mobile.js`, since it's inside of `utils/`
- Added `mobileQuery` MediaQueryList to help detect layout changes
- Removed unused `hasTouchScreen`, `device.js` should be used instead.
- Removed unused `smallScreen` function
- Moved FastClickInit to codemirror-mobile
2014-07-14 17:36:48 -06:00
Harry Wolff
4f727ed068 Settings: Admin User Tab
closes #2422

- updated to use new change password method
- have all save settings use notifications
- create assetUrl helper for creating asset paths with subdir's properly
 prefixed
- move all url based helpers onto a url object in ghost-paths
2014-07-14 08:52:06 -04:00
Jason Williams
1bf975af90 Turn on update notifications for Ember admin
Issue #3160
- Use notifications API to display available update notification.
- Remove update_notification handlebars helper as now both the
  check for an available update and the notification handling
  is run from the server's admin controller index method.
- Bind the notification's location property to a css class
  for styling.
- Refactor Ember notifications to better handle notification
  objects.  Move responsibility for css class generation onto
  the notification component.
- Refactor gh-notifications component to take a location argument
  that's used to assign a css class and filter notifications.
2014-07-11 15:02:26 +00:00
Hannah Wolfe
0febf71c97 Merge pull request #3216 from novaugust/mobile-menu
Fix mobile sidebar menu
2014-07-07 20:38:04 +01:00
Matt Enlow
77941275ed Fix mobile sidebar menu
Closes #3110
- Created `ApplicationView`
- Added `js-close-sidebar` classes to navbar navigation links
- Clicking on a navigation link in the sidebar will close it
2014-07-07 08:55:22 -06:00
Matt Enlow
c1dc9841c7 Add yearless date as an acceptable format for moment parsing
Closes #2331
2014-07-06 20:49:15 -06:00
Kevin Ansfield
7e2e8b3376 Persistent notifications
closes #3057
- add Notification model
- update injected Notifications object to handle persistent notifications
- load server notifications on setup if logged in otherwise on successful sign-in
- changed all existing notifications.closeAll calls to closePassive
- fixed dismissable/dismissible spelling in server API & tests
- add notifications.closeNotification method so DELETE calls can be made for server-originating notifications
2014-07-01 11:36:21 +02:00
Hannah Wolfe
14779ffe83 Merge pull request #3157 from novaugust/device
Use Device.js to determine mobile editor use
2014-07-01 09:04:03 +01:00
David Arvelo
78affdedb1 Better handling of validation errors + more documentation
closes #3153
- this is all about the validation engine
- add a option, `opts.model`, to use a passed-in model directly if needed
- handle validators that return an array of strings, array of objects, or both
- ajax util returns either an array of errors or a single concat'd string
- remove formatErrors function from the mixin and make it private
- allow validation options to be passed into `.save()` since ember-data doesn't take params on `.save()` anyway
- streamline control flow
2014-06-30 22:35:03 -04:00
Matt Enlow
a82e6e8040 Use Device.js to determine mobile editor use
Ref #2570
- Adds new library, device.js to determine if the user is on an ios mobile
  or tablet.
2014-06-30 18:27:43 -06:00
David Arvelo
a958a66c4c New posts pass PostsController sorting function at the top
- PostsController orderBy function sorts posts with isNew to the top, otherwise their undefined dates fail to compare
- also catch when `updated_at` is undefined, happens when model is being written with results from the server
- catch objects of type Error in validation engine, helps catching client errors
- join server errors with BR tag in ajax util
- add `emberBuild` task to `grunt test-functional`
- add a test helper, `thenTransitionAndWaitForScreenLoad`, to test transitioning to major parts of the app
- add a test that transitions from Content to the Editor, and back to Content
2014-06-29 21:49:32 -04:00
Hannah Wolfe
0c102f3e85 Merge pull request #3052 from ErisDS/issue-2851
Add error template, routes and controller
2014-06-24 23:52:29 +01:00
David Arvelo
6658675646 Implement Mobile Editor
closes #2957
- add FastClick library to Gruntfile.js
- add touch-editor to client/assets/lib/
- add mobile-specific utils to util/mobile-utils.js
- add codemirror util to set up TouchEditor only if we're really on mobile
- change gh-codemirror from having a default action to a named action. prevents Ember.TextArea firing action on change
- change gh-codemirror `cm.getDoc().getValue()` to `cm.getValue()` for portability
- change codemirror-shortcuts ES6 export/import style
- changed ghostimagepreview.js to check for Ember.touchEditor in addition to Ghost.touchEditor
2014-06-24 18:33:43 -04:00
Hannah Wolfe
299b59385b Add error template, route and controller
closes #2851

- adds asset paths to ghostPaths as we don't have an asset helper
- sends any invalid routes to 404
2014-06-24 23:33:02 +01:00
Fabian Becker
6aabb08660 Close notifications on transition or user action.
closes #3012
- Inject notification object into router
- Listen to didTransition / observe currentPath to close notifications
- Close notifications on successful save actions
2014-06-24 13:51:47 +02:00
Jacob Gable
b6a429ec35 Add validation for signin/signup
Closes #2976, Closes #3017

- Move logic to signup controller
  - Add ValidationEngine mixin to signup controller
  - Add signup validator with code from clientold login view
- Add signin validator and integrate into signin controller
- Add validation to forgotten controller
  - Switch to button action to support hitting enter in text field to submit
- Clear all notifications in notifications.closeAll
- Modify ValidationEngine.validate to not format errors based on option
- Update casper test for signin to wait for notification before trying
to do another signin
2014-06-23 21:17:57 -05:00
Hannah Wolfe
72b3b3ceb1 Setting Ghost logo to correct URL 2014-06-24 00:24:13 +01:00
Fabian Becker
8b3e2c636f Fix word count in ember. 2014-06-22 19:33:44 +00:00
Matt Enlow
8393c01be9 Implement Markdown Shortcuts
Closes #2984, #3020
Ref #1463, #3019

 #### Shortcut Values
Shortcut values can now be either strings (as before) or objects like
{action:string, options:hash}.
 #### Markdown shortcuts added
- 'ctrl+alt+u' strkethrough
- 'ctrl+alt+1' h1
- 'ctrl+alt+2' h2
- 'ctrl+alt+3' h3
- 'ctrl+alt+4' h4
- 'ctrl+alt+5' h5
- 'ctrl+alt+6' h6
- 'ctrl+shift+i' image
- 'ctrl/command+k' link
- 'ctrl+l' list

Left behind commented out stubs for additional markdown shortcuts.

 #### Editor Controllers (New and Edit)
- Moved shared init function into editor-base-controller.
- Removed MarkerManager mixin from editor controllers as it's included in
  the base.
2014-06-21 15:10:46 -06:00
Hannah Wolfe
bb88b3664f Merge pull request #3011 from darvelo/validations
Add Validations Layer and Post Validations
2014-06-21 17:41:28 +01:00
David Arvelo
6020702462 Add Validations Layer and Post Validations
closes #2893, issue #2850, issue #2856
- this is a stable, but quick and dirty validations layer for the time constraints
- this could be replaced with a unified server/client layer later. the infrastructure is there.
- create a validation engine mixin to match validators with models
- override the save method in the mixin to perform validations first
- create a post validator
- fixup calls to .save() to make sure they catch errors properly
2014-06-21 00:12:55 -04:00
Matt Enlow
e10c0f20cf Implement Shortcuts in Ember
Closes #2988, #2752
Ref #1463, #2984,
 # Shortcuts via Keymaster
- Added KeyMaster to bower dependencies. KeyMaster is a minimal keyboard
  shortcuts library.
- Added `ShortcutsRouteMixin` for routes that will use shortcuts.
  Currently, only routes can have shortcuts. See the extensive comment
  at the top of `core/client/mixins/shortcuts-route.js` for a
  description of how to implement shortcuts.

 ## Other Changes
- Injected popover service into ApplicationRoute
- Created `EditorRouteBase` mixin for the `editor.new` and
  `editor.edit` routes to mixin.
- `StyleBodyMixin` now calls `this._super()` on `activate` and
  `deactivate` to play nicely with other mixins.

 ## Shortcuts and Stubs implemented
 #### Application-Wide
- `'esc':'closePopups'` shortcut **stub** to close popovers,
 modals, and notifcations

 #### Editor Shortcuts
- `'ctrl+s, command+s': 'save'` note that `command` is the
  `meta` key.
- `'ctrl+alt+p': 'publish'`
- `'ctrl+alt+z': 'toggleZenMode'`
2014-06-19 15:07:42 -06:00
Matt Enlow
e3b302676b Create boundOneWay util function
Closes #2958
- Created `boundOneWay` util to extract common pattern of having a oneWay property that doesn't break its binding after being set
- Changed `EditorControllerMixin.willPublish`,  `PostSettingsMenuController.publishedAtValue` and `.slugValue` to use the new `boundOneWay` util
2014-06-14 15:27:52 -06:00
Matt Enlow
b1176a8a67 Refactored PostSettingsMenuController
Closes #2845.
Ref #1351.
- Refactored `PostSettingsMenuController` to appropriately set and display
  slug and publish date and their placeholders.
- Removed api spam on title change by putting `slugPlaceholder` generation
  inside of an `Ember.run.debounce` call.
- Renamed `gh-blur-text-field` to `gh-blur-input`
- Created `SlugGenerator` class to abstract slug generation.
- Added `timestampVerification` function to `utils/date-formatting`
- `utils/date-formatting` now uses `strict` parsing of dates
- Added more acceptable date formats to accommodate strict parsing
- Moved `isDraft` and `isPublished` computed properties from
  `EditorController` to `PostModel`
2014-06-13 12:14:58 -06:00
Robert Jackson
333beb2198 Make exports consitent.
Previously, the exports were somewhat random with some files declaring
local variables then immediately exporting them, and others simply
doing the work needed in the export itself.
2014-06-09 13:58:35 -04:00
David Arvelo
8c3970c9ba Add shadows to PostsListView and the adjacent HTML Preview; Fix preview render
closes #2906
- add a utility function to add classnames to targets, retrofitted from clientold to accommodate `Ember.run.bind`
- create a content-preview view that tracks its scrolling
- add a scroll handler to the existing PostsListView
- The `posts/post` template now takes its HTML from the post model instead of using the editor's markdown component
2014-06-08 12:53:54 -04:00
Hannah Wolfe
8836375ca6 Ember cleanup: single quotes for JS
- All JS should use single quotes
2014-06-01 21:53:16 +01:00
David Arvelo
12e6b09943 Infinite Scroll on Posts List
closes #2414
- Add PostsController with loadNextPage action
- Collect and store pagination info from PostsRoute into PostsController
- Use `store.filter` on PostsRoute model hook to auto-update posts list template as post models are added to the store
- Add content list view and use it to check for scroll event
- Make PostRoute only load a post that's already in the store, until we figure how to load multiple pages on refresh
- Add util function from clientold that concats error messages from server response
2014-05-30 22:14:45 -04:00
Jacob Gable
f795a907f0 Add ghostPaths util and initializer
No Issue

- Move the ghostPaths from base model to utils
- Add initializer that injects it into every route, model and controller
- Add a adminUrl and apiUrl helper method
2014-05-24 08:52:47 +02:00
Jacob Gable
42a1d55858 Improve signin
Ref #2413

- Remove fixture and use actual API
- Store and send down actual logged in user data
- Refactor isLoggedIn to use computed property on application
- After signin, update user data in dependency container
- Add CSRF to all routes and controllers via initializer
- Update authenticated route to check for user.isLoggedIn
- Add notifications for signin error
- Add notifications.showAPIError helper
- Add plumbing for refreshless signup to doSignUp in admin controller
2014-05-15 09:18:43 -05:00
Matt Enlow
ff5af6c29b Create Post Settings Menu and its functionality on the Post controller.
closes #2419
- Added blur-text-field component, which fires actions on focusOut
- Added utils/date-formatting for moment & date functionality  consolidation
- Added functionality to PostsPostController
- Added fixtures: posts/3 & posts/4, posts/slug/test%20title/
- Added Post model saving
- Set posts.post as controller for EditorRoute
- Added PostSettingsMenuView and template
- Added "showErrors" convenience method to notifications
2014-04-20 13:28:43 -06:00
Hannah Wolfe
fd8837511f Merge pull request #2472 from halfdan/ember-notifications-2417
[Ember.js] Implement Notifications for Ember
2014-04-16 20:03:00 +01:00
Fabian Becker
a4f8088697 Implement Notifications for Ember
closes #2417
- Adds Notification(s)Component
- Render notifications in application.hbs
- Adds handleError in application route
2014-04-09 00:36:15 +00:00
Peter Szel
39ae3869a1 Added fancy fade-in effect and autofocus to the login pages (signin, signup, forgotten, reset).
- Added CSS to implement the fade in effect.
- Added 'autofocus' to the attribute bindings of the TextField so they accept it.
2014-04-08 00:02:54 +02:00
Robert Jackson
3a912bd89e Refactor navbar to eliminate nested {{link-to}}.
no related issue

This is essentially setting up a binding from the `LinkView`'s `active`
status and whatever is set as `alternativeActive` in the `{{link-to}}`
(in our case the `activating-list-item` component.

Screenshots showing that the proper CSS classes are given:

![screenshot](http://monosnap.com/image/tzOH6n82rIVGNEFAUWVOLN52QuASQ4.png)

![screenshot](http://monosnap.com/image/5gmcwJcj0kgEXt8lnET4OKgIZ8KRpH.png)

![screenshot](http://monosnap.com/image/UCVNukTXLMNfVneLhzwVyhkrVlGSBt.png)
2014-04-01 22:36:16 -04:00
Manuel Mitasch
49ea71ed4f Amend fixtures & put body classes in styleBody mixin
- Change fixture response of posts route to actual format.
- Extracted classNames logic of routes into style-body mixin.
- Additionally replaced all double-quotes with single-quotes for style conformance.
2014-03-09 15:30:54 +00:00
Taras Mankovski
a89f38c165 Minor refactoring of the routers:
- Moved post route under posts resource
- Changed ajax to use ic.ajax.request instead of ic.ajax.raw
2014-03-07 14:01:27 +00:00
Manuel Mitasch
47bfd046bb Add admin prototype
issue #2270

- from https://github.com/manuelmitasch/ghost-admin-ember-demo
- Not working properly: added ic-ajax mock in app.js but promise not resolving => loading route always active
2014-03-07 14:01:26 +00:00