closes#1464
- adds opt-out via updateCheck:false in config.js
- update check is done on admin index, but doesn't interfere with rendering
- adds update check module, which gets the usage data, makes the request and handles the response
- adds two new settings to default-settings, one for next check time, and one for whether to show the notification
- adds a new rejectError method to errorHandling
- adds a new helper for displaying the notification
Conflicts:
core/server/helpers/index.js
core/test/unit/server_helpers_index_spec.js
#1351
- prevent a new post (not saved on server) from
updating its slug/date to the server
- fix jshint
- add back creation of a posts slug upon a post creation
- update for rebasing
- hide ability to ‘delete this post’ from post settings
menu when a post hasn’t yet been saved to the server
closes#1854
- added blueimp file upload to debug.js
- changed POST /ghost/api/v0.1/db to be used with AJAX
- cache invalidation header should now work for import
- moved busboy middleware invocation to routes/api and routes/admin
- moved api.db.import to api.db.importContent (I hated the [] notation)
- moved api.db.export to api.db.exportContent (see above)
- use hex instead of base64 as this can cause errors when trying to reopen the file due to characters like '/' appearing
- added basic console log to errors.
issue #1378fixes#1328
- xss santization does some odd things. This isn't needed until we have multi-user support, and we are investigating better solutions.
fixes#1765fixes#1811
issue #1833
New UrlFor functions
- moved body of url helper to config.path.urlFor, which can generate a URL for various scenarios
- urlFor can take a string (name) or object (relativeUrl: '/') as the first
argument - this is the first step towards issue #1833
- also added config.path.urlForPost which is async and handles getting
permalink setting
- frontend controller, ghost_head helper, cache invalidation all now use
urlFor or urlForPost all urls should be correct and consistent
URL Consistency Improvements
- refactored invalidateCache into cacheInvalidationHeader which returns a
promise so that url can be generated properly by urlForPost
- moved isPost from models to schema, and refactored schema to have a tables object
- deleted posts now return the whole object, not just id and slug,
ensuring cache invalidation header can be set on delete
- frontend controller rss and archive page redirects work properly with subdirectory
- removes {{url}} helper from admin and client, and replaced with adminUrl
helper which also uses urlFor
- in res.locals ghostRoot becomes relativeUrl, and path is removed
closes#1801
- adding fixBools method to `server/models/base.js` to convert bools to 1/0 to be consistent with MySQL & sqlite3 data providers (based on @ErisDS recommendation)
- this in turn fixes the check in `server/controllers/frontend.js`, which does an explicit `post.page === 0` comparison (in pgsql this is a `boolean`, since the schema declares it as "bool" in `server/data/schema.js`, but MySQL/sqlite3 don't have concept of Boolean, only an integer or bit)
- any model retrieved from persistence will pass through this (possible future refactoring is to combine fixBools & fixDates into one "canonicalize()" to have a single loop pass)
throttle list
- once a user has successfully logged into ghost
they no longer are a malicious user and as such
their IP address should be removed from the
array of login attempts
- should also reduce the memory usage of Ghost
as the loginSecurity array gets pruned upon
every successful login
- this also fixes a race condition i was experiencing
during functional tests wherein i would receive
the login throttle message during regular testing.
Seems my machine is able to run casper fast enough
that it could complete each test under an amount
of time that tripped the login throttle message.
fixes#1810
- updates frontend.single route to accept ‘edit’
as the last param
- updates controller.frontend to handle redirection
only when we would otherwise have rendered the page
- added unit tests for this behavior
fixes#1774
- Delayed showing the tag suggestions popup unless matching tags were found
- Changed the padding-left on the added tag container to 8px from 20px to fall in line with the left shadow overlay
- Currently the test is taking the response date
which is in UTC and passes it through moment()
which by default parses input as local time. We
then add 12 hours to this now local time
and when compared against the response set-cookie
header the time spread is wrong.
- To fix we’re parsing the response date with
moment.utc which parses the date in UTC.
closes#1661
- disables save button at beginning of image upload
- enable save button at image upload fail, at image upload and download success and also at dropzone init
issue #1789
- we can do this step a bit earlier and it aids with neatness
- also means for tests that config.load() is enough to get config & paths initialised
closes#1470
issue #1405
- added cache control middleware
- added defaults for all routes, assets, etc
- updated asset helper to add a query string with a timestamp hash to all assets
- added unit tests for asset and ghostScriptTags helpers
- added cache-control checks to route tests
fixes#1800
- changed permalink regex to require 4/2/2/slug
- changed url helper to enforce the same
- changed permalink toggle to set a specific state, this means the
functional tests are independent again
- chnaged permalink toggle to wait for the settings page to load
- change as many frontend tests to not login as possible
closes#1757 and #1773
- switches routes.frontend for posts and pages
to use a regex with two capturing groups. This removes
the need to dynamically remove an express route at a
later point, leaving the decision making to frontend
controller.
- added unit tests for all routing conditions that
can arise for posts and pages.
- updated functional tests to also test for same thing
in unit tests
- removes old code from server/api/index that used
to fix this issue, but is no longer needed
- removed some un-needed require statements in routes/admin
closes#1777
- Uses coreHelpers.url to resolve post url instead of assuming it is siteUrl + post.slug
- Functional feed tests now check for content instead of just rss tags
closes#1681
- import doesn't override user credentials
- import doesn't override theme
- import doesn't kill session
- import does refresh the settings cache
- updated tests, they now use a fixture instead of a generated export
- tests check to ensure import is safe
Closes#1770
- Previously, the middleware would check that the route on the stack was an empty string, which worked when there was no subdirectories
- When subdirectories were added, the proper route was only set when
updating the theme
- Because it was only set when updating, this explains themes working on
initial load, since the stack location was looking for an empty
string, which is what the middleware was initialized with
- However, once a new theme was set, it was still look for an empty
string, which would never exist, which caused the issue
- Now, the route is properly set on initialization of the middleware,
and then the `config.paths().subdir` property is used for the check
issue #1754
- remove path (it was only used once, and not needed)
- change webroot to subdir
- add unit tests for config.paths
- various other cleanup
- renamed client-side ghostRoot to subdir
- added url helper for client
fixes#1696
- this is a temp workaround until full fledged support
is added directly to bookshelfjs
- when importing we use the import json blob’s timestamps
as the value that’s set in the DB
- added tests for this change
fixes#1749
- pass config().url into theme.update
- rename paths functions to match theme function
- adds tests for theme config
- We should probably try to eliminate passing config.url around
Reported in issue #1475
- `String.localeCompare` can be more reliable for keys that do not relate to cursor movement
- Adds a third key handler (`keypress`) that contains the character code rather than physical key
- `COMMA` key constant no longer required (unless `,` char should be a constant?)
closes#1303
- removed where and orderBy from being passed from the API through to bookshelf, and ultimately knex
- ordering is now consistent across both front and backend, which fixes#1303
- validated / cleaned up all the API parameters
- added API tests for the status and staticPages parameters
fixes#1703, fixes#1712
- featured star appears immediately for both draft and published items
- featured star is never red & alignment /style is updated
- improved markup and styling of statuses in general
- added to feature tests
Fixes#1227
- Removed deprecated `multipart` references.
- Setup `busboy` to pass along file streams and do a naive parse of form
values.
- Updated logic in file storage and db import to handle file streams
instead of the temporary files created by `multipart`.
closes#1561
- altered perspective of intro paragraph to reading from the blog
instead of from the content page
- added copy directing users to sign in to the admin area at /ghost/ and
edit the post before reading the 'Getting Started' section
- this should give the Markdown lessons better context and avoid users
getting confused as to what 'the left hand panel of Ghost' is
closes#1640closes#1672
- changed to include config using require
- deleted has_tag helper
- deleted json helper
- removed fileStorage and ghostScriptTags helpers from frontend
- added fileStorage and url helper to admin
closes#1203
- Update express-hbs module to the new version (0.5.2)
- Use two instance of hbs one for the theme and an other for the admin
- Template helpers are register as partial view
- Partial views of the theme are reload when the theme changed
Remove clear partial cache in handlebars
This code will be move in `express-hbs`.
This doesn't cause a problem to remove this line but it is not clean.
Remove unused hbs instance
Resolve conflict
no issue
- changed ‚the latest‘ to ‚a supported‘
Reason: the user is asked to update to the **latest** version of
node.js when v0.11.* is installed but v0.10.* is required
fixes#1645
- removes server.get('ghost root') as it is only an alias
to config.paths().path, and adds unnecessary indirection
- removes config.theme().path as its just an alias to
config.paths().path, updated all relevant references
- update config.theme.update to only require the api/settings object,
and no longer need the config object
- modify api/settings.edit to call config.theme.update so that
the themeObject is ready for next rendering of template
close#1648
- backbonejs model doesn't include tailing slash by default
- connect-slashes returns 301 for GET without tailing slash
- overwrote backbone model url method to include tailing slash
fixes#1644
- Fixes bug in controller/frontend
- Created functional test for posts API to test for this bug
- Created unit tests for frontend controller
- Fixed a global variable leak in core/test/utils/fixtures/data-generator
that was leaking the DataGenerator globally
- Resolved issue that arose from fixing above bug
fixes#1575
- Moves most code that was in ghost.js into ./core/server/index.js
- Creates ./core/server/config/theme.js to hold all theme configurations
(which previously lived on ghost.blogGlobals())
- Removed ghost.server, passing it in as an argument where needed
and allowing middleware to hold onto a reference for lazy use.
covers 90% of #755
- moved ghost.settings to api.settings
- moved ghost.notifications to api.notifications
- split up api/index.js to notifications.js, posts.js, settings.js,
tags.js and users.js
- added instance.globals as temp workaround for blogglobals (Known
issue: blog title and blog description are updated after restart only)
- added webroot to config() to remove `var root = ...`
- changed `e` and `url` helper to async
- updated tests
Closes#499
* On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked`
* On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords.
* login attempts tell user how many attempts she has remaining in notification box
* successful login will reset status to `active`
* resetting password with forgotten password emailed token resets status to `active`
* complete with a test suite
Move helper functions registerThemeHelper and registerAsyncThemeHelper
to the helpers module.
Also update the app proxy object to reflect this new code location,
and the tests to reflect that as well
Create ./sore/server/filters which houses all filter related behavior.
Was previously on the ghost singleton.
Also create the filters_spec file for testing
and update all code and tests to use new code location.
Create ./sore/server/helpers/template which houses all template related behavior.
Was previously on the ghost singleton.
Also create the helpers_template_spec file for testing
and update all code and tests to use new code location.
Move ghost.mail instance onto the mail module directly
and update related code and tests to use new location
Move Polyglot instance onto require module directly
Move ghost.availablePlugins to plugins module directly
if you enter an invalid json object such as:
```
{
server: "http://foo.com"
host: "0.0.0.0"
}
```
while configuring, you get errors but are still able to run forever and the message previously was not as indicative of other potential configuration problems.
Closes#1110.
- Promotes config-loader from a validator, to the central place where configuration state is held
- Allow config-loader two means to be told of config file to be used:
- A preferred first argument passed into Ghost
- A secondary GHOST_CONFIG environmental variable
- Failing to see either of the above passed in, config-loader will continue to use "config.js"
- Config-loader validates the target configuration (unchanged) & then copies that object into it's own exports
- Components needing to read configuration now require config-loader to retrieve the configuration state
- Config file continues to be loaded via require(): this is assumed to be a static json file