Commit Graph

1837 Commits

Author SHA1 Message Date
cobbspur
0f0ca5a304 Add CSV parser for csv read utility
closes #6865

- switch csv-read to use a csv-parser for greater reliability and management of strings when importing a csv
2016-06-07 10:47:56 +01:00
Hannah Wolfe
80a79172c4 Revert "Revert "Force UTC at process level"" 2016-06-03 09:06:18 +01:00
Hannah Wolfe
b2051dacf7 Fix post model deletes tags when editing post only
fixes #6919, refs #6917

- resolves the problem by guarding for `tags` being undefined or null
   - If it is undefined, we don't do any tag processing
   - If it is null, we don't do any tag processing
   - To delete all tags, you would provide `tags: []`
- adds tests at both the model (using withRelated) and API (using includes) layers
- moves the tests for the post updateTags functionality from the tag model spec to the post model spec & cleans up a bit
2016-06-02 22:52:34 +01:00
Hannah Wolfe
78e693f469 Revert "Force UTC at process level" 2016-06-02 14:38:02 +01:00
kirrg001
ec176c243a Force UTC at process level
issues #6406 #6399
- all dates are stored as UTC with this commit
- use moment.tz.setDefault('UTC')
- add migration file to recalculate local datetimes to UTC
- store all dates in same format into our three supported databases
- add option to remeber migrations inside settings (core)
- support DST offset for migration
- ensure we force UTC in test env
- run whole migration as transaction
- extend: Settings.findOne function
2016-06-02 13:23:09 +02:00
Hannah Wolfe
45226bcaaa Merge pull request #6889 from kirrg001/improvement/general
improvement: general fixes
2016-06-01 07:58:00 +01:00
kirrg001
c9fbf01521 improvement: general fixes
- add NODE_LEVEL to print errors while running tests
- try/catch while parsing translations file
- run setup/teardown as promise or callback
- some general error improvements
2016-06-01 07:07:20 +02:00
Hannah Wolfe
4c44257115 Merge pull request #6860 from kirrg001/timezones-support-permalinks
Timezones + support permalinks
2016-05-28 17:19:14 +01:00
Hannah Wolfe
38e3654bbe Merge pull request #6875 from king6cong/role-id-fix
roles_users.id is not necessarily the same as roles_users.user_id
2016-05-23 09:07:20 +01:00
oregami
834d25b66b fix query user 2016-05-23 11:40:27 +08:00
kirrg001
ff132fd934 timezones: support permalinks based on current timezone
issue #6406
- redirect date permalink if timezone changed
- create permalinks based on blog TZ
- post-lookup fn is now more generic
2016-05-20 18:14:19 +02:00
Aileen Nowak
38a261daac timezones: Always use the timezone of blog setting
closes #6406
- adding timeZone Service to get the offset (=timezone reg. moment-timezone) overall available
- new publishedAtOffset date as CP using timeZone service and moment-timezone to calculate offset incl. DST
- removing timezone-obj transform as it became obsolete with moment-timezone
- reading timezones from configuration/timezones api endpoint
- adding a moment-utc transform to only work with utc times in backend
- when switching the timezone in the select box, the user will be shown the local time of the selected timezone
- added clock service to show actual time ticking below select box
- default timezone is '(GMT) Greenwich Mean Time : Dublin, Edinburgh, London'
- if no timezone is saved in the settings yet, the default value will be used
- showing local time in 'Publish Date' when it's a draft and no actual publishedAt value exists
- Removed the format 'DD MMM YY @ HH:mm (UTC Z)' which resolves to '01 Jan 16 @ 14:00 (UTC +02:00)'
- Changing the date.js helper in core/server for moment-timezone
- Fix timezone select: updates `selectedTimezone` to return the matching object from `availableTimezones`
- Including timezones in test for date-helper
- update to moment-timezone 0.5.1
- moving form-group of 'selectTimezone' further up so
- Tests:
	- Set except for clock service in test env
	- adding fixtures to mirage
	- adding 'service.ajax' to navigation-test.js
	- adding 'service:ghostPaths' to navigation-test.js
- Code improvements
- Changing clockservice to ES6
2016-05-20 13:59:45 +02:00
Hannah Wolfe
6737427ce9 Don't clobber blog.logo in metadata
- Ghost logo suddenly appearing was raised as an issue in slack
- This copies the blog object, so that the logo doesn't get overridden
2016-05-18 19:21:45 +01:00
Sebastian Gierlinger
d92897c109 Merge pull request #6849 from ErisDS/schema-https
Switch to using https for schema.org
2016-05-18 09:32:50 +02:00
Hannah Wolfe
5948277a95 Merge pull request #6848 from ErisDS/twitter-facebook
Improvements to twitter & facebook handling
2016-05-17 20:59:15 +01:00
Hannah Wolfe
f3de80ebe9 Switch to using https for schema.org
closes #6846

- Using http causes mixed content warnings, using https does not
- Both http & https validate according to Google's validator
2016-05-17 19:32:03 +01:00
Aileen Nowak
6dbf610c8f Fixes error in validation
closes #6826

- refactors the validation of facebook and twitter input field in `general.js` and `user.js` controller
	- Example validations for facebook:
		- `facebook.com/username` will be corrected to the full URL
		- `user` will show error `Your Page name is not a valid Facebook Page name' for `general.js` and `Your Username is not a valid Facebook Username` for `user.js` as the username in facebook has to be at least 5 characters long
		- `twitter.com/username` will be autocorrected to the valid facebook URL incl. the `username`
	- Example validations for twitter:
		- `twitter.com/user_` will be corrected to the full URL
                - `user:99` will show error `Your Username is not a valid Twitter Username`
                - `facebook.com/username` will be autocorrected to the valid twitter URL incl. the `username`
- updates both acceptance tests
- adds further validation for facebook pages in general settings and user. Submitting a url which incl. `/page/` or `/pages/` will now accept any username followed incl. further `/`.
- adds a custom transform `facebook-url-user` which will extract the username (if it's a facebook page, incl. `pages/`) to store only this in the backend
- uses the `twitter-url-user` transform now also for user
2016-05-17 17:44:23 +01:00
Hannah Wolfe
29c9e8b147 Update structured data for fb & twitter usernames
refs #6534

- twitter & facebook fields are changing to store usernames only
- use the new social url util to generate urls where necessary
- update tests
2016-05-17 16:40:09 +01:00
Hannah Wolfe
e96b60b850 Add helpers for facebook & twitter urls
refs #6534

- this PR assumes that we are now saving usernames only in the database for twitter & facebook
- adds a new social links utility which can generate twitter & facebook urls from the username
- adds a {{twitter_url}} and {{facebook_url}} helper which uses these
- adds a full suite of tests for the helpers & utils
2016-05-17 16:39:58 +01:00
kirrg001
9c9283e0c9 fix: ensure import works when user id is 0 2016-05-16 20:47:44 +02:00
Hannah Wolfe
9fd8d47658 Removing very old fix for woff files
no issue

- This was fix a looong, loooonng, looooooooooonnnnnnng time ago: https://github.com/broofa/node-mime/pull/60
2016-05-14 19:06:33 +02:00
Hannah Wolfe
c4d3bd7cd2 Fix errors in JSON-LD output
refs #6534

- don't output publisher for the 'People' type on the author page
- change publisher to a full 'Organisation' for the 'Article' type on posts

Note:
Google's structured data validator also wants image & publisher.logo inside of Article to be full 'ImageObject's.
Currently, it output's an error for them: 'The attribute itemtype has an invalid value.'
However, the spec on Schema.org says a url is valid: https://schema.org/Article,
which is slightly different to Google's spec here: https://developers.google.com/structured-data/rich-snippets/articles#article_markup_properties

Ideally, we would output a full 'ImageObject', however we don't currently have the width & height info required.
Therefore, I think what we have is valid strictly speaking, but we should aim to fix this when we have better image tools.
2016-05-13 15:13:11 +02:00
Aileen Nowak
a018b1bbd2 Prevents sameAs property to be filled with null
no issue

- minor optical fix for schema.org metadata
- sameAs property was showing `null` value in array, if no data was provided
- instead of showing `null`, it will be empty, if no data (author website, facebook or twitter) it will be an empty array
2016-05-13 13:56:30 +02:00
Hannah Wolfe
4571a40f2a Subscribers: Error message improvements 2016-05-12 17:37:45 +02:00
Sebastian Gierlinger
f93405288a Merge pull request #6814 from ErisDS/subscribe-context
Subscribers: Adding subscribe context
2016-05-12 16:46:49 +02:00
Hannah Wolfe
d245f875bf Subscribers: Adding subscribe context
- ensure that the `/subscribe/` route gets a context set correctly
- update context tests§
2016-05-12 11:02:51 +02:00
Hannah Wolfe
9d806cf3b1 Merge pull request #6809 from kirrg001/forsubscribe/fix-empty-collection-bug
subscribers: fix adding subscriber from admin if collection is empty
2016-05-11 22:22:42 +02:00
Hannah Wolfe
bd3234d207 Pre-populate setup values from config
no issue
- Check for title, user_name and user_email in the top level of config.
- If they exist, return them as part of the setup check, so that the setup screen can be prepopulated
2016-05-11 19:30:56 +02:00
kirrg001
88fed6f95a subscribers: fix adding subscriber from admin if collection is empty 2016-05-11 19:23:44 +02:00
kirrg001
90d872e592 Subscribers: Error Handling for adding subscribers
no issue
- do not expose information about adding subscribers
2016-05-11 12:55:29 +02:00
kirrg001
77fc9ea265 Subscribers: Move read CSV into separate utility
- split out read CSV function into utility and add tests
- update API response to follow JSONAPI more closely
- update the UI to match the new API response
2016-05-11 11:22:35 +02:00
kirrg001
804fcffa6c Subscribers: store post id using the postlookup fn 2016-05-11 10:28:12 +02:00
kirrg001
ef605c5191 Subscribers: finish permission handling
no issue
- add some more tests, optimise tests and finish tests
- subscriber model checks external context permissions in permissible fn
- add missing permissions for subscriber csv
2016-05-11 10:28:12 +02:00
kirrg001
a836081f54 Subscribers: keep original referrer & location if set 2016-05-11 10:28:11 +02:00
Hannah Wolfe
6ef79534e4 Subscribers: router & form helpers
Form:
- add confirm, location & referrer hidden fields
- add script to populate location & referrer
- add helper for creating the email field
- pass through input class and placeholder for email from top level form helper
- rename subscribe_form template & helper as it sounds more natural
- handle success and error cases differently
- improve error message display
- ensure useful data is passed back so that we can show nice messages
- check for honeypot value being filled out
- refactor error handler to set an error and always still render
2016-05-11 10:28:11 +02:00
Sebastian Gierlinger
01ae7ae49f Subscribers: Model, API & CSV import/export
- subscriber model
- subscriber app updates
- subscriber end points
- import/export CSV
- added headers to export file
- added dynamic email field detection for import
- returns stats object after CSV import
- mask error message from DB
2016-05-11 10:28:10 +02:00
Hannah Wolfe
4ca0c67f9c Subscribers: Adding subscribe app + tpl + helper
- added new internal app "subscribers"
- app has a template "subscribe.hbs"
- adds a new helper called "form_subscribe"
2016-05-11 10:28:10 +02:00
Hannah Wolfe
c41c09ef97 Subscribers: Migrations for new table + perms
refs #6301

- add new subscribers table with tests
- add permissions for subscribers endpoint
- minor improvments to test code
2016-05-11 10:28:10 +02:00
Sebastian Gierlinger
85c1e1407f Merge pull request #6804 from kirrg001/adds/permission-improvements
add small permission improvements
2016-05-11 10:27:32 +02:00
Aileen Nowak
b7bd6d9968 Structured Data 3.0
closes #6534
- new input fields in general settings incl. validation
- facebook and twitter as new models in settings.js
- adds values for facebook and twitter to default-settings.js
- adds blog helpers for facebook and twittter
- rather than saving the whole URL, the Twitter username incl. '@' will be extracted from URL and saved in the settings. The User will still input the full URL. After saving the blog setting, the stored Twitter username will be parsed again as the full URL and available in the input field. A custom transform is used for this.
- adding meta fields to be rendered in {{ghost_head}}:
	- '<meta property="article:publisher" content="https://www.facebook.com/page" />' and
	- '<meta name="twitter:site" content="@user"/>'
- adds facebook and twitter to unit test for structured data
- adds unit test for general settings
- adds acceptance test for new input fields in general settings
- adds a custom transform for twitter model to save only the username to the server
- adds unit test for transform
2016-05-08 17:43:59 +02:00
Katharina Irrgang
f644d99460 add small permission improvements
no issue
- do not check client type in auth middleware
- offer filtering for findAll function in base
- add isInternalContext to base model
2016-05-08 14:22:55 +02:00
Aileen Nowak
35ecaee6d3 Slack integration
closes #6584
- Frontend Changes:
	- adds 'Apps' to Navigation Menu
	- adds 'Slack' as nested page to Apps
	- adds `apps.css`
	- adds `slack-integration` model and uses `slack-settings` custom transform to parse JSON file
	- adds validation for `slack` model
	- adds fixtures and `slack/test` API endpoint to Mirage
	- adds acceptance tests for `apps-test` and `slack-test`
	- adds unit tests for `slack-settings` and `slack-integration`
- Backend Changes:
	- adds API endpoint `slack/test` to send Test Notification
	- adds default-values for slack model
	- sends payload to slack:
		- text: the url of the blogpost / test message
		- icon_url: url to ghost logo
		- username: Ghost
	- adds `slack/index.js` to send webhook to slack if
		- a new post is published (if slack webhook url is saved in settings)
		- user clicks on 'Send Test Notification' in UI
	- adds `slack.init()` to `server.index.js` to add event listener
	- adds unit test for `slack/index`
2016-05-08 12:49:15 +02:00
kirrg001
7d4107fec4 delete null values from incoming objects
no issue
- add more power to validation phase (checkObject) to get rid of null values
2016-05-08 09:18:44 +02:00
Hannah Wolfe
dac44b4d4b Merge pull request #6797 from kirrg001/fix/005-update-ghost-client-secrets-brace
fix brace mistake in 005/01-update-ghost-client-secrets.js
2016-05-07 17:31:36 +02:00
Sebastian Gierlinger
f7310f77b6 Merge pull request #6739 from ErisDS/cors-update
Add config URLS to CORS whitelist
2016-05-07 17:14:04 +02:00
kirrg001
6238dbc784 fix brace mistake in 005/01-update-ghost-client-secrets.js 2016-05-07 16:19:38 +02:00
Hannah Wolfe
ae2f34c910 Split post lookup out of frontend controller
no issue

- move the post lookup functionality into its own file
- handle the pre and post lookup checks to verify that we found the correct post
- checking that the URL matches handles checking that a post looked up with pagePermalink is a page
- all cases where there is no match throws a 404 directly, this could just call next() ?
2016-05-05 15:53:17 +02:00
Terin Stock
7bbfc37df6 automatically insert Link rel="preload" headers 2016-04-26 14:07:36 -07:00
Hannah Wolfe
94a4e08809 Add config URLS to CORS whitelist
refs #6644

- urls specified in config.js should be considered whitelisted/trusted
- this is not quite straightforward because config.js is not ready at the point the middleware is required
- tests have been updated to cover these new cases + use rewire to override the internal whitelist cache
2016-04-19 13:39:24 +01:00
Joerg Henning
0f3cb44227 deps: validator@5.1.0
closes #6462

- monkey-patch validator.extends() since it was dropped by validator @5.0.0
- coerce input to string prior to validation (custom toString func)
- need to handle boolean validation based on column type not isIn()
- use `lodash.tostring` to convert input values to strings
2016-04-19 09:39:12 +08:00