Commit Graph

338 Commits

Author SHA1 Message Date
Hannah Wolfe
3dea6431df Ensure cookies are only ever set for admin
fixes #1901

- Adds a trailing slash to the cookie path
- Resolves random log-outs
- Adds a test which proves the case
2014-01-12 17:08:48 +00:00
nicovalencia
e8746a2375 Add rss to the list of reserved post titles/slugs.
closes #1880
- added `rss` to core/server/models `generateSlug` reserved keywords
- added integration test for safe slug generation to core/test/integration/model/model_posts_spec.js
2014-01-07 17:30:53 -07:00
Hannah Wolfe
dcf4b1e4e4 Add update notifications
closes #1464

- adds opt-out via updateCheck:false in config.js
- update check is done on admin index, but doesn't interfere with rendering
- adds update check module, which gets the usage data, makes the request and handles the response
- adds two new settings to default-settings, one for next check time, and one for whether to show the notification
- adds a new rejectError method to errorHandling
- adds a new helper for displaying the notification

Conflicts:
	core/server/helpers/index.js
	core/test/unit/server_helpers_index_spec.js
2014-01-07 08:20:08 +00:00
Hannah Wolfe
3f9b0fa618 Disable xss santization
issue #1378
fixes #1328

- xss santization does some odd things. This isn't needed until we have multi-user support, and we are investigating better solutions.
2014-01-06 20:17:20 +00:00
Hannah Wolfe
af6137248d New URL helper - URL consistency fixes
fixes #1765
fixes #1811
issue #1833

New UrlFor functions

- moved body of url helper to config.path.urlFor, which can generate a URL for various scenarios
- urlFor can take a string (name) or object (relativeUrl: '/') as the first
  argument - this is the first step towards issue #1833
- also added config.path.urlForPost which is async and handles getting
  permalink setting
- frontend controller, ghost_head helper, cache invalidation all now use
  urlFor or urlForPost all urls should be correct and consistent

URL Consistency Improvements

- refactored invalidateCache into cacheInvalidationHeader which returns a
  promise so that url can be generated properly by urlForPost
- moved isPost from models to schema, and refactored schema to have a tables object
- deleted posts now return the whole object, not just id and slug,
  ensuring cache invalidation header can be set on delete
- frontend controller rss and archive page redirects work properly with subdirectory
- removes {{url}} helper from admin and client, and replaced with adminUrl
  helper which also uses urlFor
- in res.locals ghostRoot becomes relativeUrl, and path is removed
2014-01-06 15:15:48 +00:00
Hannah Wolfe
05dd48feb7 Improving regexes in functional tests
- being more explicit about what resources we expect to load after saving
  a post
- should prevent #1839 from failing tests
2014-01-05 21:10:48 +00:00
Hannah Wolfe
3937c1bf0e Merge pull request #1821 from schneidmaster/fix-1791
Modified github.js to ensure __ is not escaped at the beginning of a line
2014-01-04 11:13:37 -08:00
Hannah Wolfe
d51e63c7b7 Merge pull request #1840 from hswolff/fix-content-helper
Fix {{content words=“0”}} to actually return 0 words
2014-01-04 08:45:26 -08:00
Hannah Wolfe
9f17361bf5 Merge pull request #1831 from schneidmaster/fix-1827
Added handling for undefined errors and test coverage
2014-01-04 08:42:02 -08:00
Harry Wolff
0a2c8248b9 Fix {{content words=“0”}} to actually return 0 words
fixes #1796

- adds in a workaround to the weirdness that currently
exists in downsize module
- adds tests
2014-01-04 00:30:52 -05:00
Harry Wolff
ab80a132f3 Adds ability to quickly get to post’s edit page
fixes #1810

- updates frontend.single route to accept ‘edit’
as the last param

- updates controller.frontend to handle redirection
only when we would otherwise have rendered the page

- added unit tests for this behavior
2014-01-03 18:16:00 -05:00
Zach Schneider
044af51267 Added handling for undefined errors and test coverage
Fixes #1827
2014-01-03 15:07:08 -05:00
Zach Schneider
a79597d8b3 Modified github.js to ensure __ isn't escaped at beginning of line
fixes #1791
2014-01-03 09:45:40 -05:00
Hannah Wolfe
a50f5e1b9d Merge pull request #1815 from ErisDS/more-tests
Error handling simplification & test improvements
2014-01-02 18:13:27 -08:00
Harry Wolff
20055157ef Fixes admin session cookie test
- Currently the test is taking the response date
which is in UTC and passes it through moment()
which by default parses input as local time.  We
then add 12 hours to this now local time
and when compared against the response set-cookie
header the time spread is wrong.

- To fix we’re parsing the response date with
moment.utc which parses the date in UTC.
2014-01-02 21:06:23 -05:00
Hannah Wolfe
495b7b7f05 Error handling simplification & test improvements
fixes #1266

- simplifies the check for if a theme has an error template
- adds more / better tests for error handling
2014-01-02 21:03:37 +00:00
Hannah Wolfe
1925fa0196 Cache control headers & query string asset management
closes #1470
issue #1405

- added cache control middleware
- added defaults for all routes, assets, etc
- updated asset helper to add a query string with a timestamp hash to all assets
- added unit tests for asset and ghostScriptTags helpers
- added cache-control checks to route tests
2014-01-02 12:14:33 +00:00
Hannah Wolfe
16acba5628 Merge pull request #1805 from ErisDS/route-tests
Route tests
2014-01-01 09:05:21 -08:00
Hannah Wolfe
a697a631c2 Route tests
issue #1773

- Adds functional tests for frontend routing
- Tests the request-response contract
- Requires db access at the moment
- Tests #1790
2014-01-01 16:18:03 +00:00
Hannah Wolfe
834cb73613 Date permalinks use published date
fixes #1803

- switches date permalinks from created_at to published_at
- enforces that the post will ONLY render if the date is valid and correct
2014-01-01 15:28:59 +00:00
Hannah Wolfe
a2a606a920 Functional test debugging & improvements
issue #1702
2014-01-01 14:52:49 +00:00
Hannah Wolfe
bfe80da54a Enforce 2-digit dates in permalinks
fixes #1800

- changed permalink regex to require 4/2/2/slug
- changed url helper to enforce the same
- changed permalink toggle to set a specific state, this means the
  functional tests are independent again
- chnaged permalink toggle to wait for the settings page to load
- change as many frontend tests to not login as possible
2014-01-01 11:39:19 +00:00
Harry Wolff
91ca4a43e5 Fix routing of posts and static pages
closes #1757 and #1773

- switches routes.frontend for posts and pages
to use a regex with two capturing groups.  This removes
the need to dynamically remove an express route at a
later point, leaving the decision making to frontend
controller.

- added unit tests for all routing conditions that 
can arise for posts and pages.

- updated functional tests to also test for same thing
in unit tests

- removes old code from server/api/index that used
to fix this issue, but is no longer needed

- removed some un-needed require statements in routes/admin
2013-12-30 02:04:46 -05:00
Hannah Wolfe
e2325dc969 Don't allow a subdirectory called Ghost
fixes #1755

- adds extra validation to config loader
- adds tests for config loader and validation
2013-12-30 01:04:29 +00:00
Hannah Wolfe
ab0ecf65db Merge pull request #1785 from markberger/1777-rss-with-dated-permalinks
RSS uses correct links when dated permalinks are enabled
2013-12-29 16:52:17 -08:00
Hannah Wolfe
158b92cc55 Fixing notifications on ugly debug page
- also fixes an issue where the debug tools didn't redirect properly when Ghost was operating in a subdirectory.
2013-12-30 00:00:43 +00:00
Mark Berger
0b8fbbb68a RSS uses correct links when dated permalinks are enabled
closes #1777
- Uses coreHelpers.url to resolve post url instead of assuming it is siteUrl + post.slug
- Functional feed tests now check for content instead of just rss tags
2013-12-29 17:13:38 -05:00
Hannah Wolfe
d50354dde3 Update import tool to be safe
closes #1681

- import doesn't override user credentials
- import doesn't override theme
- import doesn't kill session
- import does refresh the settings cache
- updated tests, they now use a fixture instead of a generated export
- tests check to ensure import is safe
2013-12-29 13:23:23 +00:00
Hannah Wolfe
64cf2b1b24 Merge pull request #1759 from hswolff/fix-import-updated-at
Allows disabling of timestamps when importing posts
2013-12-28 11:41:05 -08:00
Hannah Wolfe
a8e987ec6c Shared folder asset handling
fixes #1659, fixes #1668

- removed relative asset url from css
- added asset helper to client
- updated references to shared assets
- added functional tests
2013-12-28 18:29:33 +00:00
Hannah Wolfe
755ad934bf Path, url and subdir cleanup & test
issue #1754

- remove path (it was only used once, and not needed)
- change webroot to subdir
- add unit tests for config.paths
- various other cleanup
- renamed client-side ghostRoot to subdir
- added url helper for client
2013-12-28 16:09:56 +00:00
Harry Wolff
32528de4a4 Allows disabling of timestamps when importing posts
fixes #1696

- this is a temp workaround until full fledged support
is added directly to bookshelfjs
- when importing we use the import json blob’s timestamps
as the value that’s set in the DB 
- added tests for this change
2013-12-26 15:29:16 -05:00
Hannah Wolfe
8892b755d5 Adds URL back into theme config
fixes #1749

- pass config().url into theme.update
- rename paths functions to match theme function
- adds tests for theme config
- We should probably try to eliminate passing config.url around
2013-12-26 12:15:10 +00:00
Hannah Wolfe
38e781c8da jQuery link and min map 404 fixes
fixes #1652

- removes the min map thing which doesn't work properly #551, #766, #1479
2013-12-23 21:43:13 +00:00
Michael Bradshaw
a785696115 Escape URL for use in regex 2013-12-21 14:19:23 -07:00
Hannah Wolfe
bdbeffb262 Merge pull request #1716 from ErisDS/post-order
API refactor / cleanup
2013-12-21 12:46:57 -08:00
Hannah Wolfe
545f426c37 Merge pull request #1704 from ErisDS/featured-star
Markup & style fixes for post list statuses
2013-12-21 12:37:39 -08:00
Hannah Wolfe
78737b35ff API refactor / cleanup
closes #1303

- removed where and orderBy from being passed from the API through to bookshelf, and ultimately knex
- ordering is now consistent across both front and backend, which fixes #1303
- validated / cleaned up all the API parameters
- added API tests for the status and staticPages parameters
2013-12-20 13:07:01 +00:00
Hannah Wolfe
05c603ee2c Markup & style fixes for post list statuses
fixes #1703, fixes #1712

- featured star appears immediately for both draft and published items
- featured star is never red & alignment /style is updated
- improved markup and styling of statuses in general
- added to feature tests
2013-12-20 12:29:47 +00:00
Sebastian Gierlinger
7ae543289d Fix 'dbHash' not found
closes #1685
- changed dbHash initialization from db direct access to api access
- added dbHash to default-settings.json
- added dbHash to tests
2013-12-16 11:16:06 +01:00
Hannah Wolfe
96f246533b CasperJS waitForOpaque fails more gracefully 2013-12-15 18:30:15 +00:00
Sebastian Gierlinger
05810b318c Improve Helpers
closes #1640
closes #1672
- changed to include config using require
- deleted has_tag helper
- deleted json helper
- removed fileStorage and ghostScriptTags helpers from frontend
- added fileStorage and url helper to admin
2013-12-14 17:28:54 +01:00
Seb Gotvitch
fef9b4be25 Bug fixes for partial views
closes #1203
- Update express-hbs module to the new version (0.5.2)
- Use two instance of hbs one for the theme and an other for the admin
- Template helpers are register as partial view
- Partial views of the theme are reload when the theme changed

Remove clear partial cache in handlebars

This code will be move in `express-hbs`.
This doesn't cause a problem to remove this line but it is not clean.

Remove unused hbs instance

Resolve conflict
2013-12-12 12:11:02 -05:00
Harry Wolff
9bbf400dfc Fix loading of static pages in frontend controller
fixes #1644

- Fixes bug in controller/frontend
- Created functional test for posts API to test for this bug
- Created unit tests for frontend controller
- Fixed a global variable leak in core/test/utils/fixtures/data-generator
that was leaking the DataGenerator globally
- Resolved issue that arose from fixing above bug
2013-12-09 22:38:25 -05:00
Harry Wolff
c8c02a65fa Remove ghost.js
fixes #1575
- Moves most code that was in ghost.js into ./core/server/index.js
- Creates ./core/server/config/theme.js to hold all theme configurations 
(which previously lived on ghost.blogGlobals())
- Removed ghost.server, passing it in as an argument where needed 
and allowing middleware to hold onto a reference for lazy use.
2013-12-07 10:10:02 -05:00
Hannah Wolfe
7a46c36045 Merge pull request #1627 from sebgie/issue#755
remove ghost.settings and ghost.notifications
2013-12-07 03:36:08 -08:00
Fabian Becker
1f853194ee Upgrade downsize to 0.0.4
refs #1095
- added new unicode test to excerpt helper
2013-12-06 15:43:03 +00:00
Sebastian Gierlinger
078f464197 remove ghost.settings and ghost.notifications
covers 90% of #755
- moved ghost.settings to api.settings
- moved ghost.notifications to api.notifications
- split up api/index.js to notifications.js, posts.js, settings.js,
tags.js and users.js
- added instance.globals as temp workaround for blogglobals (Known
issue: blog title and blog description are updated after restart only)
- added webroot to config() to remove `var root = ...`
- changed `e` and `url` helper to async
- updated tests
2013-12-06 09:51:35 +01:00
Sebastian Gierlinger
faeef9d209 Fix login test failure
no issue
- added timeout after login limit tests
2013-12-05 15:25:20 +01:00
Hannah Wolfe
d69e87b625 Merge pull request #1594 from halfdan/1591-excerpt-helper
Fix excerpt/content helpers
2013-11-30 10:16:26 -08:00