Commit Graph

1328 Commits

Author SHA1 Message Date
Hannah Wolfe
20f102808a Switch channel filters to use strings not literals
fixes #6247

- GQL has a bug where literals starting with numbers are incorrectly parsed
- Using strings instead of literals is a workaround, but is probably safer anyway
2015-12-20 16:03:39 +00:00
Hannah Wolfe
968349236d Merge pull request #6242 from halfdan/6205-last-limit
Fix broken @last for foreach with limit
2015-12-20 14:30:48 +00:00
rfpe
7abcc43907 Harvest server side strings
closes #5617
- Replace all hard-coded server-side strings with i18n translations
2015-12-19 12:12:16 +01:00
Fabian Becker
3b235b9acb Fix broken @last for foreach with limit
refs #6205
2015-12-18 15:55:12 +01:00
Fabian Becker
9899f8d4e7 Fix non-idempotent Ghost API helper
- Add test
- Don't override apiUrl

closes #6239
2015-12-18 15:02:05 +01:00
Sebastian Gierlinger
5256f6929c Merge pull request #6227 from ErisDS/stupid-bug-fix
Fixing bug with ghost-url overwriting url
2015-12-15 15:55:15 +01:00
Hannah Wolfe
e5b0609b33 Fixing bug with ghost-url overwriting url
refs #6223

- I made a stupid error, whereby apiUrl was always set to '' in themes
2015-12-15 14:16:00 +00:00
Sebastian Gierlinger
68a3c2527d Merge pull request #6225 from ErisDS/ghost-head-fix
Ensure `{{ghost_head}}` doesn't overwrite values
2015-12-15 15:13:17 +01:00
Hannah Wolfe
cbea617a24 Ensure {{ghost_head}} doesn't overwrite values
closes #6221

- clones contextObject so that updating values doesn't overwrite real data
2015-12-15 13:18:29 +00:00
Sebastian Gierlinger
efaa04ba61 Merge pull request #6223 from ErisDS/ghost-url
Prep shared API URL util for use on external sites
2015-12-15 14:17:41 +01:00
Hannah Wolfe
9eadeb9fbb Prep shared API URL util for use on external sites
refs #5942, #6150

There were a few key problems I was looking to solve with this:

- Introduce a single point of truth for what the URL for accessing the API should be
- Provide a simple way to configure the utility (much like a true SDK)

As of this commit, this utility is still automatically available in a Ghost theme.
To use it on an external site, the code would look like:

```
<script type="text/javascript" src="http://my-ghost-blog.com/shared/ghost-url.min.js"></script>
<script type="text/javascript">
ghost.init({
   clientId: "<your-client-id>",
   clientSecret: "<your-client-secret>"
});
</script>
```

To achieve this, there have been a number of changes:

- A new `apiUrl` function has been added to config, which calculates the correct URL. This needs to be unified with the other url generation functions as a separate piece of work.
- The serveSharedFile middleware has been updated, so that it can serve files from / or /shared and to substitute `{{api-url}}` as it does `{{blog-url}}`.
- ghost-url.js and ghost-url.min.js have been updated to be served via the serveSharedFile middleware
- ghost-url.js has been changed slightly, to take the url from an inline variable which is substituted the first time it is served
- `{{ghost_head}}` has been updated, removing the api url handling which is now in config/url.js and removing the configuration of the utility in favour of calling `init()` after the script is required
- `{{ghost_head}}` has also had the meta tags for client id and secret removed
- tests have been updated
2015-12-15 11:50:46 +00:00
Hannah Wolfe
7fea696d21 Merge pull request #6213 from cobbspur/getPaginationFix
Ensure {{get}} helper returns pagination
2015-12-15 11:20:42 +00:00
Hannah Wolfe
bc97de5fe9 Unify usage of config in unit tests
no issue

- provide a single point for accessing config in unit tests
- create a single way to set and restore config
- ensure that restore deletes top level optional keys that are now undefined
- use this._config in check deprecations, otherwise the config gets cached
- solves issues with interdependent tests
2015-12-15 10:48:24 +00:00
Sebastian Gierlinger
432f8610c8 Merge pull request #6220 from ErisDS/issue-6205-limit
Add `limit` attribute to tags & foreach helpers
2015-12-15 11:37:44 +01:00
Sebastian Gierlinger
69ccca2cca Merge pull request #6167 from ErisDS/perma-ppp
Moving 'permalinks' and 'postsPerPage' to config.theme cache
2015-12-15 11:35:46 +01:00
Hannah Wolfe
a27f22acf5 Add limit attribute to tags & foreach helpers
refs #6205

- limit attribute allows theme developers to restrict output from these helpers to a smaller number
than would usually be output
2015-12-15 10:05:25 +00:00
Hannah Wolfe
883152ff15 Improvements to client auth error logging
no issue

- If client credentials are missing, or not valid, output a clear message in the server console
- Still defaults to sending the 'access denied to url' error to the frontend
2015-12-15 08:29:44 +00:00
Hannah Wolfe
e84b7f3217 Cache permalinks & postsPerPage on config.theme
no issue

- Cache the permalinks & postsPerPage settings on the config.theme object
- Use the config.theme cache to reference these items throughout the frontend of a blog
- Removes the need for workarounds and extra code to handle async fetches
- Makes these values accessible to all themes, which is very useful now we have the API stuff
2015-12-15 08:16:53 +00:00
cobbspur
0ce4078f45 Ensure {{get}} helper returns pagination
No Issue

- pagination returned if meta pagination exists
- needed to allow pagination helper to work
2015-12-14 13:27:07 +00:00
Hannah Wolfe
2b145b3c61 Merge pull request #6202 from acburdine/ghost-url-updates
`ghost.url.api` cleanup/minification
2015-12-10 17:21:14 +00:00
Hannah Wolfe
8c355349b3 No more soft 404s in pagination
closes #6201

- redirects for page/1/ or rss/1/ are now 301s
- any other invalid page now 404s
2015-12-10 15:00:02 +00:00
Austin Burdine
8f89997deb minify ghost.url.api in production
closes #6150
- clean up ghost.url.api script
- switch to inlining config and making the ghost-url.js file an external request
- add minification in production
2015-12-10 08:46:58 -06:00
Hannah Wolfe
88065f58a0 Remove filters from theme helpers (no async)
closes #5850

- filters were added so that apps could change the output of the helpers, but as async helpers are a hack, this led to issues
- apps aren't currently a working part of Ghost, so for now, lets remove the filters
- we'll add these back when we have a better implementation of async helpers & this style of app is back on the cards
2015-12-08 14:35:04 +00:00
Hannah Wolfe
a956d595f2 Make channel config dynamic
refs #5091, #6166

- fetch channel config via an internal function
- prevents channel config from being statically cached at runtime
- means that labs & other settings can be used to change these values
2015-12-07 20:06:35 +00:00
Hannah Wolfe
4bfacf6b86 Change server-side labs utility to be synchronous
refs #6165

- Use the settings cache to populate config.labs whenever settings change
- Use the labs util just to check if a flag isSet synchronously
2015-12-03 16:05:50 +00:00
Sebastian Gierlinger
bc83dbce09 Merge pull request #6145 from ErisDS/view-refactor
Unify code for picking a template to render with
2015-12-02 10:02:31 +01:00
Sebastian Gierlinger
ee275f4d0c OAuth Middleware refactor
refs #5286
- moved oauth server initialization to oauth.js
- moved generateAccessToken() to oauth.js
- added tests
2015-12-01 21:20:11 +01:00
Hannah Wolfe
395079cd2f Unify code for picking a template to render with
refs #5091

- 100% coverage for new frontend/templates file
- new module handles the logic for determining which template to render with
2015-12-01 12:05:46 +08:00
Brandon Hops
0a06af02d5 Remove unused base_test.js 2015-11-28 18:46:13 -08:00
Sebastian Gierlinger
245095c199 Origin Header revisited
closes #6106
- added override for my-ghost-blog.com
- added local IP addresses to be allowed
- changed localhost/127.0.0.1 to be allowed in production
2015-11-26 13:11:31 +01:00
Sebastian Gierlinger
8c50609491 Handling Origin Header
closes #6106
- added better error message for client and console
- added exclusion of localhost/127.0.0.1 for dev mode
2015-11-23 18:21:19 +01:00
Hannah Wolfe
d4c8b69673 Support ordering by count
refs #6009

- super quick and dirty way to support ordering by counts
- @TODO refactor :)
2015-11-22 17:18:30 +00:00
Hannah Wolfe
2aa16514a3 Rename post_count to count.posts
refs  #6009

- This is a straight rename, no functionality is added
- The dot syntax requires pre/post processing to convert the name
- This PR also includes several updates to the tests, as they weren't being run as part of Travis!
2015-11-20 14:59:58 +00:00
Hannah Wolfe
5df3cd5cfd Merge pull request #6064 from acburdine/ajax-helper
Add themes 'ajax' helper
2015-11-20 11:54:23 +00:00
Austin Burdine
250edf2b06 add themes ajax helper
closes #5942
- adds helper script for calling the api in themes
- adds tests for said helper script
2015-11-19 07:13:54 -06:00
Sebastian Gierlinger
55564e3daf Merge pull request #6091 from ErisDS/safe-count
Safe post_count for Tags & Users
2015-11-19 10:34:14 +01:00
Hannah Wolfe
770f45245c Safe post_count for Tags & Users
refs #6009, #5614

- Use the new isPublicContext method to detect whether to add extra clauses to the count
- Add count to users
2015-11-18 19:19:11 +00:00
Hannah Wolfe
f8d9af1010 Add some debugging tools to filters
- pass debug: true to the API to get some useful debug output
- does not work in production mode

Note: I have added these lines back in so many times in the past month or so so that I could
figure out what was happening, I figured everyone else might find them useful.

TODO: use a proper logging method dependent on env
2015-11-18 19:17:06 +00:00
Sebastian Gierlinger
c53d31a059 Merge pull request #6082 from ErisDS/filter-plugin
Filter plugin
2015-11-17 12:32:56 +01:00
Hannah Wolfe
6a0f1cf231 Filter plugin with enforce/default logic
refs #5614, #5943

- adds a new 'filter' bookshelf plugin which extends the model
- the filter plugin provides handling for merging/combining various filters (enforced, defaults and custom/user-provided)
- the filter plugin also handles the calls to gql
- post processing is also moved to the plugin, to be further refactored/removed in future
- adds tests showing how filter could be abused prior to this commit
2015-11-17 10:39:44 +00:00
Hannah Wolfe
1a3ae578af Add filter param for tags & users
refs #5604

- `filter` is missing from tags & users - add it in and add tests which show it works
2015-11-16 18:16:59 +00:00
Sebastian Gierlinger
1b17456f5b Merge pull request #6067 from ErisDS/gql-update
deps: ghost-gql@0.0.3
2015-11-16 16:00:55 +01:00
Hannah Wolfe
a3bd00d978 deps: ghost-gql@0.0.3
- adds test for nested null/not null query issue
- make use of new findStatement tool
2015-11-16 14:44:48 +00:00
Hannah Wolfe
666a616551 Add access rules bookshelf plugin
refs #5614

- change isPublicContext to detectPublicContext
  - behaviour now expands the context object out
  - this is a bit of a sideeffect, but this is the simplest change
    that makes it possible to use the context in the model layer without
    significant wider changes
- add new access rules plugin
  - takes a context object as part of `forge()` & caches it on the model instance
  - provides helper functions for testing access rules later on
2015-11-16 12:24:01 +00:00
Sebastian Gierlinger
007c06fdc0 Merge pull request #6065 from acburdine/export-fix
Fix DB export throwing access denied errors
2015-11-16 10:00:22 +01:00
Austin Burdine
67a6b4c07b allow api requests to be made with the access token as a query parameter
closes #6040
- adds check for access token query parameter in auth middleware
2015-11-12 11:26:18 -06:00
Hannah Wolfe
8edf382b40 Move bookshelf plugins into own folder 2015-11-11 19:40:12 +00:00
Alex Cusack
6b94390cd7 remove console log for passing test 2015-11-09 10:51:37 -08:00
Sebastian Gierlinger
132b2a7084 Merge pull request #6045 from ErisDS/api-meta
Add meta tags for client_id & client_secret
2015-11-05 10:51:24 +01:00
Hannah Wolfe
19603a33f3 Check client is enabled before auth
no issue

- add a check that the client has status 'enabled' to client auth strategy
- this permits the disabling of clients easily
- update tests
2015-11-04 16:59:56 +00:00
Hannah Wolfe
e70898a842 Add meta tags for client_id & client_secret
refs #5942

- refactor ghost_head to use Promise.props (settle is going away and this is easier)
- add a new call to fetch the frontend client, if it exists
- add meta tags for the client_id and client_secret on all pages
- don't include the meta tags if the client is not enabled, or if the labs flag is not set
2015-11-04 16:39:39 +00:00
Sebastian Gierlinger
ddf9874fa1 Disallow staticPages from public API
refs #5151
- disable staticPages parameter for calls without authentication
2015-11-04 10:03:27 +01:00
Hannah Wolfe
df82895db7 Move get helper behind labs flag
issue #5976

- break out the labs check into a utility
- wrap the get helper in a labs check, so it only works if the checkbox is checked
- make the get helper output an error to both the server and browser console if used when not enabled
2015-11-03 19:39:37 +00:00
Sebastian Gierlinger
c4f9cde008 Merge pull request #6037 from ErisDS/pagination
Pagination cleanup & improvements
2015-11-03 13:53:18 +01:00
Sebastian Gierlinger
369b6ad19c Merge pull request #6036 from ErisDS/pipeline
Pipeline util tests, clean & fix
2015-11-03 13:52:31 +01:00
Hannah Wolfe
ea402218d3 Pagination cleanup & improvements
no issue

- switching from using fetch to fetch all means some code can be removed from the fetchPage method
- updating tests to reflect cleaner code
- ensure coverage is at 100%
2015-11-03 11:01:48 +00:00
Hannah Wolfe
9d07e6f3be Pipeline util tests, clean & fix
no issue

- added comments to pipeline util, inc where it came from
- added tests for pipeline util
- tests uncovered a bug with promises for args, which has been fixed
2015-11-03 09:14:44 +00:00
Hannah Wolfe
8db90bae73 Merge pull request #5984 from sebgie/issue#5941
Move Public API behind labs flag
2015-11-02 16:15:50 +00:00
Kevin Ansfield
92123e427f Use tag slugs in URLs for tag management and add front-end edit redirect
refs #5845
- adds custom adapter for tags so that `store.queryRecord('tag', {slug: 'tag-slug'})` hits the `/tags/slug/tag-slug` endpoint instead of `/tags/?slug=tag-slug`
- updates tag management screens to use tag slugs instead of IDs
- adds `/tag/:slug/edit` redirect to front-end
2015-11-02 14:56:59 +00:00
Sebastian Gierlinger
bf65c136ce Move Public API behind labs flag
closes #5941
- added UI to labs page
- added method to determine if full authentication is required
- updated public_api tests to enable public api first
2015-11-02 14:18:58 +01:00
Hannah Wolfe
0c9befc16f Merge pull request #5999 from delgermurun/api-db-refactor
db api endpoint validation error refactor
2015-11-02 13:16:07 +00:00
Sebastian Gierlinger
de147ba044 Merge pull request #6030 from ErisDS/mini-refactor
Don't use api to lookup theme in frontend controller
2015-11-02 14:14:59 +01:00
Hannah Wolfe
5f7add087d Merge pull request #5969 from kevinansfield/routable-tags
Routable tags
2015-11-01 15:34:33 +00:00
Hannah Wolfe
a78ee06848 Merge pull request #6019 from vdemedes/api-order
Add order parameter
2015-11-01 15:04:24 +00:00
Hannah Wolfe
d6fb21fa28 Don't use api to lookup theme in frontend controller
no issue

- small fix, we already have the info, no need to look it up again
2015-10-30 19:02:06 +00:00
Sebastian Gierlinger
6474bba64e Merge pull request #6024 from cobbspur/limit
Ensure public api can uses limit parameter
2015-10-29 17:23:09 +01:00
cobbspur
d0d126eba7 Ensure public api can uses limit parameter
No Issue

- removes client id and secret after authentication
- adds tests to check default limit, all and integer
2015-10-29 15:36:54 +00:00
vdemedes
8687772604 Make read-directory ignore invalid package.json files
refs #5940, #5923
- make read-directory ignore invalid package.json files
- display a warning about invalid package.json files on startup
- add tests to ensure read-directory continues, even with invalid package.json files
2015-10-28 15:37:52 +01:00
vdemedes
6db41584e7 Add order parameter
refs #5602
- add "order" to default browse options
- parse order parameter in Base model
- accept "order" option in Post, User and Tag models
- add tests for posts order
- add tests for tags order
- add tests for users order
2015-10-28 14:14:03 +01:00
Sebastian Gierlinger
f30c0ba484 Merge pull request #5990 from cobbspur/simplify
Simplify fields and includes prior to fetch
2015-10-27 13:49:12 +01:00
Kevin Ansfield
bc346d2a42 Routable tags
refs #5845
- Updates tag settings screen to match content screen behaviour. Each now tag has it's own route that is link-able from other areas of the app
- Updates a number of places where jQuery event handler code was not wrapped in Ember's run loop
2015-10-27 12:48:41 +00:00
Sebastian Gierlinger
9dc4efca13 Merge pull request #6005 from ErisDS/old-filter-clean
Remove featured, tag, author & role API params
2015-10-27 13:05:12 +01:00
vdemedes
0a0aaf01b2 Replace missing title with "(Untitled)" when creating a post
closes #6014
- replace missing title with "(Untitled)" when creating a post
- add a test for creating post without title
2015-10-27 12:15:09 +01:00
Hannah Wolfe
b8a3415726 Remove featured, tag, author & role API params
refs #5943

- removed featured, tag and author parameters from posts API
   - featured was only used in tests
- removed role filter from users API
   - role was only used in tests
- fixed up the tests, skipping those that don't quite work yet
2015-10-27 10:53:51 +00:00
Hannah Wolfe
ff7517b801 Switch RSS to use new filter param
refs #5943, #5091

- split out channel config
- use config.theme instead of api calls to grab title & desc
- wrap rss call in a function which sets channel config for RSS feeds
- change rss `getData` function to use the new multiple-query-handling fetchData functionality
- make sure channelConfig is set in all tests
2015-10-27 10:00:51 +00:00
Hannah Wolfe
e9035fde4e Switch frontend controller to use new filter param
refs #5943, #5091

- updated fetch-data to handle multiple api queries
- using named keys for queries so that the names of items in the result are correct (tag instead of tags etc)
- updated channel configs in frontend controller
- removed old filter code from frontend controller
- added test coverage for fetch-data and format-response
- fixes / removes tests which are broken by the refactor
2015-10-26 09:40:19 +00:00
Delgermurun
146bb01657 db api endpoint validation error refactor
No issue
- Raised ValidationError instead of PermissionError on db api validation
- Added & modified integration tests
2015-10-25 09:20:13 +08:00
Hannah Wolfe
994a20cf8b Add path resolution to get helper
refs #5993

- deps: jsonpath@0.2.0
- adds `resolvePaths` method
- supports handlebars style arrays with `.[]`
- supports shorthand post.tags and post.author for common usecases
- adds more tests & improves existing ones
2015-10-23 02:52:52 +01:00
Sebastian Gierlinger
64d9ce44cf Merge pull request #5985 from ErisDS/frontend-split
Further split up frontend controller & improve tests
2015-10-22 21:41:01 +02:00
Hannah Wolfe
afbcecc3f6 Merge pull request #5848 from sebgie/public-api-1
Public API
2015-10-22 20:39:41 +01:00
Hannah Wolfe
06b03bbcfe Split helper functions from frontend controller
no issue

- Split out 'getPostPage' & rename to fetchData
- Split format response methods into own files
- Split out handleError
- Split out setReqCtx and rename to setRequestIsSecure
- Split out theme paths
- Refactor tests in index_spec.js to be more robust
- Add tests to bring coverage for split file up to 100%
2015-10-22 18:46:58 +01:00
Sebastian Gierlinger
28871d3f4d Merge pull request #5978 from ErisDS/filter-param
Add the filter parameter
2015-10-22 16:42:13 +02:00
cobbspur
7a996ecbe7 Simplify fields and includes prior to fetch
No Issue

- allows comma separated include and field parameters to also have a space
- allows capitals in include and field parameters
2015-10-22 15:39:54 +01:00
Sebastian Gierlinger
f48dfb09cf Public API
refs #4180
closes #4181
- added client and user authentication
- added authenticatePublic/authenticatePrivate as workaround for
missing permissions
- added domain validation
- added CORS header for valid clients
- merged authenticate.js and client-auth.js into auth.js
- removed middleware/api-error-handlers.js
- removed authentication middleware
- added and updated tests
2015-10-22 15:28:47 +02:00
Hannah Wolfe
b5cebb9ec6 Add filter parameter using GQL
refs #5604, refs #5463

- deps: ghost-gql@0.0.2
- adds code to wire up the filtering to a paginated query
- updated pagination plugin count query to use 'distinct' so it's more robust
- rename paginationUtils.query to addLimitAndOffset to be more explicit and make the code clearer
- add a new 'advanced browsing spec' set of tests for tracking these features as they are built out
2015-10-22 11:29:05 +01:00
Hannah Wolfe
d666fba855 Merge pull request #5971 from cobbspur/fields
Remove unknown fields from fetch
2015-10-21 18:29:59 +01:00
cobbspur
372907890f Remove invalid fields prior to fetch
closes #5601

- Remove invalid fields prior to fetch
- Adds initial tests for fields
2015-10-21 18:20:09 +01:00
Delgermurun
b37c0f2e91 Apply pipeline to db api endpoint
refs #5508
- adds pipeline to export, import and delete all methods
2015-10-21 09:33:31 +08:00
Sebastian Gierlinger
b9daff6932 Merge pull request #5960 from JohnONolan/emailerror
Email error message cleanup
2015-10-19 10:30:30 +02:00
Sebastian Gierlinger
c6b505569b Merge pull request #5963 from ErisDS/auth-strategy-refactor
Auth strategy refactor
2015-10-18 11:56:47 +02:00
Hannah Wolfe
2c51a89b66 Refactor auth-strategies to use findOne
- Simplifies both strategy & test code
- Should have no side effects
2015-10-16 19:40:02 +01:00
Hannah Wolfe
58e31f3bd8 Refactor auth strategy tests to not use DB
- unit tests are not intended to call out to the db
- this fakes the response from the model layer
2015-10-16 19:40:01 +01:00
Hannah Wolfe
106dcb77be deps: rss@1.2.0
- Required test fix, as newline has been removed from the end of the <?xml decl
2015-10-16 17:53:22 +01:00
John O'Nolan
cd8544858a Email error message cleanup 2015-10-16 12:07:09 +02:00
Sebastian Gierlinger
611f1e969b Merge pull request #5619 from ErisDS/issue-4439-get
The {{#get}} helper
2015-10-15 16:21:37 +02:00
Hannah Wolfe
c8bb6081ab Frontend controller refactor & test improvements
no issue

- Split context out of frontend controller
- Add 100% test coverage for context
- Add tests for preview & improve other bits of coverage
- Further refactors (WIP) will make it easier to reach 100% coverage on the frontend
2015-10-15 10:17:42 +01:00
Hannah Wolfe
932f12160a Merge pull request #5940 from vdemedes/read-themes
Add readThemes() utility to get a list of themes
2015-10-14 17:32:41 +01:00
vdemedes
05f44c4c64 Add readThemes() utility to get a list of themes
refs #5923
- add read-themes module to get a list of themes
- replace readDirectory() usage with readThemes(), where only themes are needed
- test read-themes
- test read-directory
- test validate-themes
- test parse-package-json
- add tempfile testing utility to generate temporary paths
2015-10-13 15:54:41 +02:00
Kevin Ansfield
ff73f1af92 deps: grunt-jscs@2.1.0
no issue
- update grunt-jscs dependency
- fix deprecated `validateJSDoc` configuration
- fix numerous linting errors, including:
  - use of future-reserved `public` and `private` variable names
  - use of `[]` instead of dot-notation (especially `express['static']` and `cacheRules['x']`)
  - extra spaces in `const { run } = Ember` style constructs

One issue that did become apparent is that there are conflicting rules that prevent the use of object function shorthand such that both of these:

```
{ myFunc() {} }
{ myFunc () {} }
```

are called out due to either the missing or the extra space before the `(`
2015-10-12 19:21:16 +01:00
Hannah Wolfe
7f3a9f5675 Merge pull request #5927 from olsio/fix-issue-5913
fix for page deletion not updating sitemap-page.xml
2015-10-12 15:43:53 +01:00