refs #5604, refs #5463
- deps: ghost-gql@0.0.2
- adds code to wire up the filtering to a paginated query
- updated pagination plugin count query to use 'distinct' so it's more robust
- rename paginationUtils.query to addLimitAndOffset to be more explicit and make the code clearer
- add a new 'advanced browsing spec' set of tests for tracking these features as they are built out
no issue
- increases individual test timeout from 5sec to 15sec
It seems Travis is occasionally _very_ slow and will timeout on heavier acceptance tests resulting in random failures. Hopefully this will reduce the number of random test failures we see.
closes#5840
- calls `reset()` on the uploader when re-rendered with a blank image
- calls `reset()` and `initWithImage()` on the uploader when re-rendered with an image and the uploader is still in the "blank" state
refs #5845
- add tests for `tag-settings` validator
- add validation for tag slug length
- fix display of error message when saving tag fails on the server
- add max chars text to description char count, remove error message as the count/input colour already indicates an error
no issue
- Split context out of frontend controller
- Add 100% test coverage for context
- Add tests for preview & improve other bits of coverage
- Further refactors (WIP) will make it easier to reach 100% coverage on the frontend
no issue
- increases the timeout because acceptance tests sometimes hit the limit which then caused a knock-on effect through other tests
- fix settings/navigation acceptance tests where it picked up previous test failure error messages
- fix user model unit tests so that `expect` is always called _after_ the runloop has finished handling property updates
refs #5923
- add read-themes module to get a list of themes
- replace readDirectory() usage with readThemes(), where only themes are needed
- test read-themes
- test read-directory
- test validate-themes
- test parse-package-json
- add tempfile testing utility to generate temporary paths
closes#5903, refs #5409
- switch alert/notification component tests from unit to integration where appropriate
- rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour
- add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service
- close duplicate alerts/notifications before showing a new one
- specify a key for all existing alerts
- close failure alerts on successful retries
- clear all currently displayed alerts on successful sign-in
no issue
- update grunt-jscs dependency
- fix deprecated `validateJSDoc` configuration
- fix numerous linting errors, including:
- use of future-reserved `public` and `private` variable names
- use of `[]` instead of dot-notation (especially `express['static']` and `cacheRules['x']`)
- extra spaces in `const { run } = Ember` style constructs
One issue that did become apparent is that there are conflicting rules that prevent the use of object function shorthand such that both of these:
```
{ myFunc() {} }
{ myFunc () {} }
```
are called out due to either the missing or the extra space before the `(`
closes#5492
- remove core/server/require-tree.js and split it into modules
- add read-directory module to recursively read directories
- add validate-themes module to scan themes and return errors/warnings
- add parse-package-json module to parse json and validate requirements
- rewrite core/server/models/index.js to manually require models
closes#5379, refs #3964
- add 'Markdown Help' title to markdown logo
- add 'Post Settings' title to post settings cog
- add 'Edit this post' title to edit icon on content screen
closes#5913
Sitemap deletion is based on the page.unpublished event. The previous
logic was always sending post.unpublished instead. If page or post
event is triggered is based on the ‘page’ attribute of the model. When
the destroyed handler all attributes are already cleared from the model
which makes this logic always fall back to post.
The fix is to move to the destroying event which still has all the
model values in place.
closes#4439
- adds basic get helper which works with the current API
- allows theme developers to make requests against the API
- supports block params and @error message
- includes 100% test coverage using posts
----
The `{{#get}}` helper is an asynchronous block helper which allows for making
requests for data from the API. This allows theme developers to customise the
data which can be shown on a particular page of a blog.
Requests can be made to the posts, tags or users API endpoints:
```
{{#get "posts" limit="3"}}
{{#foreach posts}}
<a href="{{url}}">{{title}}</a>
{{/foreach}}
{{/get}}
```
The `{{#get}}` helper must be used as a block helper, it supports `{{else}}`
logic, for when no data matching the request is available or if an error has
occurred:
```
{{#get "posts" tag="photo"}}
...
{{else}}
{{#if @error}}
<p>Something went wrong: {{@error}}</p>
{{else}}
<p>No posts found</p>
{{/if}}
{{/get}}
```
The helper also supports block params, meaning the data it outputs can be
given a different name:
```
{{#get "posts" featured="true" as |featured|}}
{{#foreach featured}}
...
{{/foreach}}
{{/get}}
```
Please Note: At present asynchronous helpers cannot be nested.
refs #5909, #4577
- removes accidental '.only' which was hiding issues with the findAll changes
- deleteAllContent and importer still need to use a hard 'findAll' as findPage({limit: 'all'}) doesn't have the same behaviour
fixes#5905
- update context patterns to correctly match author & tag pages
- remove 'tag' and 'tags' from reserved slugs - we'll handle this in terms of overrides in future
closes#5852
- resets navigation settings controller's model when transitioning away
- fixes `locationType` config setting so acceptance tests don't mess with the URL
- configure the ephemeral session store for ember-simple-auth during tests
- adds dummy env-config meta fields so acceptance tests don't fail
- adds `ember-cli-simple-auth-testing` dependency for auth testing helpers
- adds Pretender dependency to mock API requests for acceptance tests
no issue
- standardize on "{TestType}: {ModuleType}: {module-name}" for test description strings
- standardize on `{module-name}-test.js` for test file names
- fix deprecation notices for ember component unit tests without explicit `unit: test` or `needs: []`
closes#5917
- fixes duplication of dropzone event handlers by filtering for an added data-attribute
- avoid running dropzone code if only scrollPosition attr changes
- fix scroll position jump when adding/removing images by only adjusting preview scroll position when editor scroll position changes
closes#5872
- added random secret for new databases
- added temporary fix for existing databases
- secret is still static (`not_available`) during tests
- fixed fork mechanism to keep active environment (never change
NODE_ENV!!!)
- published_by should be set by business logic, rather than by users
Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
refs #5808
- Fix the API to return a single 422 error when an invalid value is passed
- Only affects Browse, and not Read at present due to differences in how they are handled
- Frontend was changed to always 404 in #5851
- Adds tests to ensure all cases are covered
no issue
- Uncapitalise was dropping the subdirectory when redirecting - so the base url has been added where present
- Uncapitalise was also working differently in node 0.10 and 0.12 - so the path is decoded before testing for uppercase
- Adds some test coverage
closes#5804, supersedes and closes#5820
- adds a fixed width that flexbox can expand from to prevent flexbox content dictating the width (see https://github.com/TryGhost/Ghost/issues/5804#issuecomment-141416812)
- adds a hack to the casperjs tests reverting the CSS change because phantomjs and flexbox don't get along
- password changes should only be possible from the password change endpoint
Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
issue #5841
- fix relative link checks in navlink url input component
- fix navlink url input component sending absolute URLs instead of relative URLs to action handler
- remove URL manipulation in navigation settings controller (url input handles URL manipulation, validator flags anything that's still incorrect)
- capture cmd-s in url input to ensure changes are actioned before save
- automatically add mailto: to e-mail addresses
- add gh-validation-state-container component so .error/.success validation classes can be applied to any container element
- add validation-state mixin that can be mixed in to any other component to give it access to validation status (used in gh-navitem component to keep alignment when inline error message elements are added)
- validate and display inline errors on save
- improve ember test coverage for navigation settings related controller and components
- currently, the plural helper doesn't replace % with the number when the number is zero, which is inconsistent
- this change ensures that theme developers can choose to show the number or a plain string
no issue
- upgrades ember-cli, ember-cli-mocha, ember-mocha dependencies
- switches Brocfile.js to ember-cli-build.js
- fixes controller tests with missing needs
Pulled into a separate PR as it doesn't affect running code but does provide access to the very useful component integration tests.
closes#5808
refs #5816
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
closes#5813
- when transitioning away from a shortcuts route, always specify the scope when unbinding in keymaster to avoid issues when we are temporarily be in a different scope at time of transition
refs #5652
- reverts previous fix (#5698) to return translate3d smoothness
- add separate open-autonav toggle element and style it to always stick to the viewport edge to avoid wandering hover hit areas
refs #5727, #5602
- Add new 'order' column to posts_tags table
- Migrate all existing posts_tags to have a correct value for 'order'
- Rewrite updateTags to not remove all tags, and to correctly maintain order
- Add transaction support for tag operations
- Many tests
no issue
- added ghost-admin client_id to admin
- added ghost-admin client_secret to admin
- added client.read() api endpoint
- added random generation of client_secret to migration
- removed addClientSecret method
- updated tests
closes#5692, refs felixrieseberg/Ghost-Azure#1
- fix broken promise code
- fix incorrect handling of hash in user.add which causes 'Error: Invalid salt version 2' if owner user fixture is not present
refs #5685, #5709
- cycle through all tags, removing leading commas and trim spaces
- if the string is empty, change to 'tag' - the slug base for this model
- if there is a change, save it
refs #5614 and #5503
- update private blog type, including update to settings.edit
- switch order of populate settings & update fixtures + populate all settings
Private blog settings should not be returned by public endpoints
therefore they need a type which is not `blog` or `theme`.
`core` doesn't suit either, as those settings don't usually have UI
To resolve this, I created a new type `private` which can be used
for any setting which has a UI but should not be public data
closes#5298
- remove all harcoded instances of jQuery throughout the front-end of the blog
- add migration function to add cdn link to ghost_foot code injection when migrating up from version 003
- migration version bump
closes#4174
- Added columns to client table in schema.js
- Bumped database version in default-settings.json
- Updated tests to support new schema version
no issue
- clear private blog password validation errors on enable/disable
- validate maximum tag name length
- fix sticky validations when moving between tags or navigating to/from tags manager
refs #5652
- on mobile, add Markdown/Preview links to the editor footer that switch between the respective views
- temporary resolution to the inability to upload on mobile without access to the preview
ref #5652
- validations can be in default, success or error state
- adds check for 'hasValidated' if the validations haven't fired yet, the field is in the default state
- hasValidated is an Ember.Array which tracks the state for each field
no issue
- modify behaviour of selectize's `openOnFocus` option by ensuring that the dropdown is not opened when the input field is blank
- fixes issue with dropdown opening when content is loaded async despite `openOnFocus=false`
- fixes issue with dropdown remaining open when user enters text then deletes it
refs #5343, #5652
- implements basic post and user search using selectize input
- queries minimal API endpoint and refreshes results on search input focus if results are older than 60 seconds
closes#5762
- changes date to use proper inline validation
- changes meta_title & desc to also use inline validation
- meta_title & desc also give proper errors on save
- title too long causes proper error on save
issue #5751
- moves `makeRequest` override of simple-auth's OAuth authenticator into our own custom authenticator (previously our override was not taking effect until after ember-simple-auth's initial authentication routines, hence why it was working for post-login token refreshes but failing on app-boot)
refs #5652
- Mimics behaviour of post-settings-menu
- Surrounded the subnavpage with a conditional to check if the page is
active before focusing on it
refs #5652
- add `ember-resize` addon that registers a single resize event handler and exposes it as a service and mixin
- add a component that wraps the posts list and content preview and exposes a `previewIsHidden` property
- use the `previewIsHidden` property in `gh-posts-list-item` to switch the item's link between the editor and the preview
- add `display: none` to the preview pane when in mobile so that we can test it's visibility
refs #5652, #5719
- adds a timeout to `gh-spin-button` so the spinner is always shown for at least 1 second
As a stopgap solution before #5719 can be implemented it was decided to keep the button spinning for a minimum time, even if the associated action completes quickly. Discussion can be found at https://ghost.slack.com/archives/dev/p1440670418004358
refs #5652
- wrap emails input in `{{gh-form-group}}` component to give element success/error classes
- pull validation messages into submit button
- clean up validation related aspects of step three controller
refs #5732
- patches ember-selectize to send the caret position to the create-item action handler
- updates `addTag` method in PSM controller to insert new tag in the correct place
refs #5652
- always put button text inside opening/closing helper tag
- only include type if it is 'submit' as button is default
- wrap attributes in double quotes
refs #5652
- ensure gh-spin-button passes type & tabindex through to markup
- add gh-input class to auto focus input
- add tabindexes to setup/two + make first field autofocus and button submit
No Issue
- Takes the inline validation messages and displays below form
- Removes unnecessary gh-error-message components from signin and reset pages
- Returns error messages to sign-in validations
refs #5652
- safari doesn't support the nice toLocaleString function
- this adds a manual, cross-browser way of adding commas in the right places to long number strings
ref #5652
- resolves issues with setup flow for the time being
- password is cleared on deactivate, rather than during step 2
- using transitionToRoute instead of transitionTo to remove deprecation warning
Lastpass injects its password-fill icon into password inputs, this shows up awkwardly with the forgot-password button. Adding a white BG hides this.
Followup on #5641
- Sourcemaps are adding ~.4mb to the release zip, which is not cool
- Long term, we need to swap this out for a system that will let us do sourcemaps in dev, and
generate a separate non-minified css file without the sourcemap when doing a release
- Short term, I'm disabling sourcemaps & they'll need to be enabled when needed
closes#5685
- Adds client and server-side validation for tag names starting with commas
- Trim tag names before adding in PSM (tag attributes are already trimmed before saving in TSM)
closes#5707
- fix disappearing alerts after transitions by not clearing all alerts/notifications when closing menus
- remove `notifications.closeNotifications()` calls left over from needing to clear validation notifications
issue #5652, closes#5641
- removes inline errors for empty fields
- separate validation routines for sign-in and forgot password
- highlight fields with errors when trying to submit
issue #5483 & #5652
- trigger the close menus action every time a route transition is successful
- close nav menu when clicking "collapse sidebar" button (action chain was incomplete)
- use `transition: left` instead of `transform: translate3d`
- fixes issue where translate3d moves the element immediately then animates resulting in invisible hit areas that cause unexpected hover behaviour whilst animation is in progress
- translate3d is sometimes faster as it doesn't need to constantly re-calculate layout, however in this case the element is positon:absolute and we're only animating opaque elements so the benefit is marginal. Tested on Late-2012 13" retina MBP and framerate was consistently 100fps or higher.
issue #5659
- Fixes occasional issue with `Uncaught TypeError: Cannot read property 'val' of undefined` errors appearing when navigating quickly to/from the editor. I traced the `save` action calls back to the `autoSave` method - it may warrant further investigation to find out why the throttled/debounced calls are sometimes made when the editor element is non-existent.
- Modal button position tweaked, removed extraneous margin
- Fix user profile full name field and mobile profile-picture
- Added chevron to tag settings men, corrected chevron colour
- Fixed regression in delete-tag button caused by removing flexbox from buttons
- Fixed regression in button positioning on about-ghost page caused by removing flexbox from buttons
See #5652
- Lighter dropdown shadow
- Removed display:flex from .btn because safari can't handle it on <button> elements, where it will immediately set all text-alignment to "left" with no way to change. I haven't been able to find any regressions for this change so far. Can't remember why buttons were supposed to be flexbox anyway. Maybe for icon alignment within buttons, but I can't find any such examples within the app.
- Safari thinks that user-select: all; means a single click should SELECT ALL THE THINGS. Removed/replaced with user-select: text; which makes it behave like Chrome; click and drag to select.
- Increased hit area for "?" button
- Removed :active style for post-edit button on content management screen, adjusted position
- Increased contrast on tag description, tag count, and view blog links
See #5652
no issue
- extract handlePermissions to utils
- added NoPermissionError when canThis() rejects
- omitted users.js because it uses special permission handling
closes#5150
- Post API understands next.author, next.tags, previous.author and previous.tags
- Post Read request filters out those properties and does the right thing with them
- Prev/Next post helpers send extra include properties
- Tests updated
refs #5315
- adds call to loadServerNotifications so that notifications are loaded after setup
- fixes user invite so that you can't invite someone with the same email as you created the owner with
closes#5551
- adds new test fixture generator and tests for tag pagination
- changes how post_count is added to use a select subquery rather than a join
refs #4004, #5614
- added new public permission handling functions to permissions
- added a new util to handle either public permissions or normal permissions
- updated posts, tags and users endpoints to use the new util
- added test coverage for the new code