Commit Graph

569 Commits

Author SHA1 Message Date
Hannah Wolfe
c70dfde7e3 Agressive stripping of the model attributes
- fixes #517
- prevents this from occuring again in future with other relations
- validation function & stripping done for all models
- casper test for flow, plus validation & logged out tests
2013-08-25 18:12:27 +01:00
Hannah Wolfe
41e36cca7e Validation consistency
- introduced validation method in the post and user model
- moved signup validation onto model
- consistent use of validation & error messaging in the admin UI
- helper methods in base view moved to a utils object
2013-08-25 18:10:12 +01:00
Hannah Wolfe
6f05812377 Merge pull request #503 from sebgie/questionmarkbug
Fix for post with '?'
2013-08-24 08:06:51 -07:00
Hannah Wolfe
60c7643a58 Merge pull request #438 from cgiffard/hbs-helper-author
Template Helpers: Added author hbs helper
2013-08-24 07:45:36 -07:00
Sebastian
9ee91b3547 Fix for post with '?'
closes #433
- if slug is empty after trimming use "post" as slug instead
2013-08-23 18:49:45 +02:00
Christopher Giffard
4397bcf86e Template Helpers: Added author hbs helper
Fixes #358

 - Altered post model to enable eager loading of author and
   user relationships
 - Fixed broken base model toJSON method, which prevented
   eager resolution of relationships (thanks @tgriesser)
 - Passes author information to template.
 - Added unit tests for author helper.
 - Added unit tests for findOne and findAll additions to Post Model
   which take into account the eager relationships

 Usage:
 `{{author}}` -- returns the full name of the post author
 `{{author.attribute}}` -- returns property of the current post author
 as described by the user model
2013-08-23 19:13:32 +10:00
Tim Griesser
c83835a811 fixes incorrect toJSON extension, for eager loaded models 2013-08-22 13:53:46 -04:00
Gabor Javorszky
be7ed2dfdc Added validation for signup and login screens
Closes #374
* Included node-validator as a package
* Implemented server side validation (the client side js is a mess, need a LOT of work)
* Validates email address both on signup and login screens, gives error message on malformed email addresses
* Requires at least 8 chars of password
* Tells user if password is too short
* Tells user if no such user on login
* Tells user if wrong password on login
* Tells user if server responds with a 404 (goes away, dies, etc)
* Added middleware between req and login / signup for validation
2013-08-20 09:42:42 +01:00
Jacob Gable
a1d00b56b2 Trim title and don't allow negative pages
Added a .trim() to the slug generation and redirect to the first page if
the page parameter is parsed as less than 1.
2013-08-19 21:18:39 -05:00
William Dibbern
4f2421fac7 MySQL Support
Closes #364
- Confirmed integration with local mysql installation works.
- Updated fixtures and migration with appropriate schema-conforming
values.
- Updated schema with appropriate defaults and nullable columns.
- Updated fixDates function on model base to appropriately deserialize
values coming from SQLite now that dates are stored as actual DateTime
objects/ISO strings.
- Updated default language to be 'en_US'.
2013-08-19 17:25:02 -05:00
Hannah Wolfe
fd33b276a0 Merge pull request #419 from jgable/postPermissions
Edit Post Permissions
2013-08-18 12:11:55 -07:00
Jacob Gable
53061a4c04 Fix multiple title slug generation
Change slug generation to not append multiple hyphens
2013-08-18 13:23:15 -05:00
Jacob Gable
bbe5105048 Edit Post Permissions 2013-08-18 12:28:05 -05:00
Gabor Javorszky
f6d164b5d8 Current user added
Closes #340. Closes #375
* Replaced session with id of current user
* Added method to ghostlocals to always send profile picture and full name to templates (template checks if falsy)
* Modified user saving (`forge().set(new).save()` died on me, `forge().save(new)` didn't)
* If user has profile picture, that will be used
* If user has name, that will be used
* Password changing doesn't care about your email. Uses cookies. Tasty!
* User pane uses current user id. Had to set path to me, otherwise goes to `browse` instead of `read`.
* Added logic to user api to check for `id === 'me'`, and then use the cookie value
* User data saves are now correct
* There is no logout error
2013-08-17 22:02:46 +01:00
Hannah Wolfe
2f11f053ab Minor code cleanup, docs and other bits & pieces 2013-08-06 22:24:40 +01:00
Gabor Javorszky
071f9769c6 Users can change password
Closes #282
* Added a new route
* Added new methods
* Triple security!
* Passwords are actually changed
* Also added a change password button, because 'save' has too much baggage.

On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords.

Caveats:
* didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh?
* Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 00:49:06 +01:00
Hannah Wolfe
338109c762 Data models import, export, and reset for 002
- added line to index.js to set node_env to development if it is not set
 - fixed a small bug with the persistent notifications and used them on debug page from server side
 - added 002 files to manage export and import for 002
 - 002 import is somewhat smarter than 001, merging settings (except version), replacing user & clearing primary keys
 - added reset to models and migration, which does the down operation the same way that init does the up operation
 - import and reset clear session & redirect to login / signup
 - additional unit tests
2013-08-05 13:56:30 +01:00
Jacob Gable
9393a956f4 Magnificent Migrations of Magical Majesty 2013-08-05 13:56:30 +01:00
Hannah Wolfe
30b4eb07f7 App restructure - closes #245
- This is a first pass at getting a more logical structure. The focus is on moving from admin/frontend to client/server.
- The location of the databases is highly important, this isn't expected to change again
In the future
- client/assets should probably become public/
- more stuff should be shared (helpers etc)
- cleanup some confusion around tpl and views
2013-07-11 20:23:34 +01:00