Commit Graph

21 Commits

Author SHA1 Message Date
Kevin Ansfield
7bfe6e9db7 Fix direct access to settings/user
closes #3162
- removes injection of user object in application route's beforeModel
- removes injection/cleanup of user object in signedIn/signedOut actions
- removes loading of user and passing to signedIn action in signup/setup controllers
- adds 'user' property to session object
- updates header nav to reference session.user
- sets model of settings/user route to session.user and forces reload
- on leaving settings/user, rollback any unsaved changes
2014-07-02 17:45:21 +02:00
Sebastian Gierlinger
be45e6fcd0 Remove CSRF from client
no issue
- removed occurrences of csrf from client
2014-07-01 11:39:01 +02:00
Sebastian Gierlinger
c8e8da4780 oAuth
closes #2759
closes #3027

- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based

Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125

**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
2014-06-30 14:58:10 +02:00
Fabian Becker
6aabb08660 Close notifications on transition or user action.
closes #3012
- Inject notification object into router
- Listen to didTransition / observe currentPath to close notifications
- Close notifications on successful save actions
2014-06-24 13:51:47 +02:00
Hannah Wolfe
a11fd67ec9 Add fileStorage config to frontend
closes #2956

- adds fileStorage to config passed to ember, and then grabs it in the relevant places.
2014-06-23 23:33:14 +01:00
Hannah Wolfe
9d4b40fd81 Merge pull request #3043 from jaswilli/initializers
Switch Ember initializers to public API methods
2014-06-23 21:43:04 +01:00
Hannah Wolfe
bb490e4bbd Hide settings/apps unless apps:true is in config.js
fixes #3031

- Adds an initializer for passing config to the frontend, it's not pretty but it works
- Forwards the apps route and hides the apps menu item if apps:true is not present in config.js
2014-06-23 20:27:51 +01:00
Jason Williams
ee7c274ba7 Switch Ember initializers to public API methods 2014-06-23 18:35:39 +00:00
Matt Enlow
e10c0f20cf Implement Shortcuts in Ember
Closes #2988, #2752
Ref #1463, #2984,
 # Shortcuts via Keymaster
- Added KeyMaster to bower dependencies. KeyMaster is a minimal keyboard
  shortcuts library.
- Added `ShortcutsRouteMixin` for routes that will use shortcuts.
  Currently, only routes can have shortcuts. See the extensive comment
  at the top of `core/client/mixins/shortcuts-route.js` for a
  description of how to implement shortcuts.

 ## Other Changes
- Injected popover service into ApplicationRoute
- Created `EditorRouteBase` mixin for the `editor.new` and
  `editor.edit` routes to mixin.
- `StyleBodyMixin` now calls `this._super()` on `activate` and
  `deactivate` to play nicely with other mixins.

 ## Shortcuts and Stubs implemented
 #### Application-Wide
- `'esc':'closePopups'` shortcut **stub** to close popovers,
 modals, and notifcations

 #### Editor Shortcuts
- `'ctrl+s, command+s': 'save'` note that `command` is the
  `meta` key.
- `'ctrl+alt+p': 'publish'`
- `'ctrl+alt+z': 'toggleZenMode'`
2014-06-19 15:07:42 -06:00
David Arvelo
6aab6c5904 Fix trailing slashes output app-wide
closes #2963, closes #2964
- override Ember's `HistoryLocation.formatURL`
- remove overridden `HistoryLocation.setURL`
2014-06-15 16:55:12 -04:00
Robert Jackson
333beb2198 Make exports consitent.
Previously, the exports were somewhat random with some files declaring
local variables then immediately exporting them, and others simply
doing the work needed in the export itself.
2014-06-09 13:58:35 -04:00
Jason Williams
4898f721ee Close post settings popover menu after delete post
No issue
-inject popover:service into modal component delete post
 controller so popover close can be triggered as part of
 the delete action
-remove unnecessary 'needs' from the delete post controller
2014-06-06 04:04:49 +00:00
Matt Enlow
37fd17c084 Added popover component
Closes #2418, #2714
Ref #2446, #2565

- Added and injected `popover` service to globally control popovers
- Added `gh-popover-button` component
- Added `popover-mixin` for popover and popover-buttons to mixin
- Added body-event-listener mixin for popover service to watch for body
  clicks with
- Post settings and post save button both now use `gh-popover`
- Added hacks to `ember-hacks.css` to make popovers work until ghost-ui
  consolidates functionality
2014-05-31 17:23:41 -06:00
Jacob Gable
5abeadf80d Ember Data with Posts
Ref #2699

- Introduce ember data dependency
- Add loadInitializers and refactor most initializers into one combined
- Add Post ember data model
- Refactor generateSlug to use title of post and ghostPaths
- Refactor post controller to not reference model.property everywhere
- Use RESTAdapter for posts, users and tags
- Setup author and tag relations in Post model
- Fix broken API calls by adding CSRF header
- Add initiaizer for csrf value
- Use actual User model for current user initializer
- Add action for setting featured post, test with actual api call
- Fix the sending of UUID's up to the server
- Refactor current-user to use ember-data store
- If a user is preloaded in the application, use pushPayload to put it
in the store
- Do a lookup on the store to get an actual User model for injection
- Fix posts/post controllerName in route/new.js
- Alter signup process to push user into ember data store
2014-05-29 07:42:51 -05:00
Jacob Gable
f795a907f0 Add ghostPaths util and initializer
No Issue

- Move the ghostPaths from base model to utils
- Add initializer that injects it into every route, model and controller
- Add a adminUrl and apiUrl helper method
2014-05-24 08:52:47 +02:00
Hannah Wolfe
e30ea91234 Merge pull request #2764 from jgable/emberSignin
Improve signin
2014-05-18 15:56:54 +01:00
Fabian Becker
f64203cdf7 Correct behaviour for trailing slashes
fixes #2741
- Extend HistoryLocation
- Add trailing slash to path
2014-05-15 22:28:05 +00:00
Jacob Gable
42a1d55858 Improve signin
Ref #2413

- Remove fixture and use actual API
- Store and send down actual logged in user data
- Refactor isLoggedIn to use computed property on application
- After signin, update user data in dependency container
- Add CSRF to all routes and controllers via initializer
- Update authenticated route to check for user.isLoggedIn
- Add notifications for signin error
- Add notifications.showAPIError helper
- Add plumbing for refreshless signup to doSignUp in admin controller
2014-05-15 09:18:43 -05:00
Fabian Becker
a4f8088697 Implement Notifications for Ember
closes #2417
- Adds Notification(s)Component
- Render notifications in application.hbs
- Adds handleError in application route
2014-04-09 00:36:15 +00:00
Harry Wolff
81eb705a37 Create SettingsUserController
addresses #2422

- creates settings user controller

- creates user model object

- updates user fixture to be compatible with user model

- updates settings/user template

- add validator to Ember Admin

- use validator to validate user model is valid

- add mock response to /users/me/ path

- creates models/base file for all models to inherit from

- add mock response to /ghost/changepw/ path
2014-03-23 22:51:43 -04:00
Manuel Mitasch
dddae8e257 Ember.js: User fixtures + injection + login
* Adding **user fixtures** for signin

* Adds an initializer for the **current logged in user**.
The created singleton object is injected into all controllers + routes.
It can be used inside routes + controllers with this.get('user').
For simple development the object is instanciated with a userFixture.
Once a proper login and api mock is in place, the fixture needs to be removed.

* Added **route 'login'** on url '/ghost/ember/signin'
* Added authenticated route with an error hook that redirects to the login route, if status 401 (unauthorized) is returned from REST API.
* All "secure" routes now extend from authenticated route
* Add /ghost/ember to noAuthNeeded routes in middleware
2014-03-12 19:26:47 +01:00