Commit Graph

171 Commits

Author SHA1 Message Date
Maurice Williams
8aef67ef52 Stop event propagation when hitting "enter" in the gh-blur-input component
fixes #3516
- new behavior is disabled by default
- added new stopEnterKeyDownPropagation property enable new behavior
2014-08-03 00:48:05 -04:00
Jason Williams
ec1dc0e24a Add missing model to template render.
Closes #3530, Refs #3474
- Cleanup from #3474 which stopped passing the model into
  the render template call.
2014-08-01 16:29:59 +00:00
Paul Adam Davis
f0a3f57dcb Change user menu link to a button
Closes #3546

- Change user menu popover toggle from a <a> to a <button>
- Change tests accordingly
2014-08-01 10:56:03 +01:00
Maurice Williams
e6115c4126 custom slugging capabilities for individual user pages
closes #3401
- modifying slug-generator to be more generic
- adding slugging capabilities for /settings/users/:slug
- modified posts to use the updated slug-generator
2014-07-31 08:14:22 -04:00
Felix Rieseberg
43fe63d956 User Settings: Display cog based on rights
closes #3400
- The user view has been extended to have properties indicating whether
the user has rights to make the displayed user an owner or delete
him/her
- Handlebar conditionals decide whether or not to display the cog
2014-07-31 01:03:03 -07:00
Matt Enlow
975f925561 Add User Role Dropdown
Closes #3402, Closes #3428

-------------------

 ### Components
- Added GhostSelectComponent to handle async select creation (h/t @rwjblue)
- Added GhostRolesSelector (extends GhostSelect) for displaying user role options
- Created StoreInjector for surgically inserting the store into things that normally wouldn't have them.

 ### Users Settings
- InviteNewUserModal now uses GhostRolesSelector & defaults to Author
- The role dropdown for user settings has permissions set per 3402

 ### User Model
- Added `role` property as an interface to getting and setting `roles`
- Refactored anything that set `roles` to set `role`
- isAdmin, isAuthor, isOwner and isEditor are all keyed off of `role` now

 ### Tests
- Added functional tests for Settings.Users
- updated settings.users and settings.users.user screens
- fix spacing on screens

 ### Server Fixtures
- Fixed owner fixture's roles
2014-07-30 17:59:14 -06:00
Hannah Wolfe
ee2d10d7c3 Merge pull request #3456 from PaulAdamDavis/prevent-auth-autocomplete
Disable autocomplete for setup & signup screens
2014-07-30 22:22:40 +01:00
Paul Adam Davis
665b25e424 Disable autocomplete for setup & signup screens
No issue

- Adds 2 hidden inputs at the top start of the form that trick chrome into filling those, leaving out the rest.
2014-07-30 16:04:03 +01:00
Paul Adam Davis
46d85359f1 Disable user settings autocomplete in Chrome
Closes #3271

- Adds 2 hidden inputs at the top start of the form that trick chrome into filling those, leaving out the rest.
2014-07-30 14:34:02 +01:00
Jason Williams
d19c3ae9d1 Fixup signin and signout
No Issue
- Move authentication related handlers to the Application route.
- Switch Sign Out from a button to a link.  Use the signout route
  to handle invalidating the session and redirecting instead of
  an action from a button.
- Clear error messages on signin page when pressing log in button.
- Errors are now always shown on sign in screen and a success
  notification is shown after sign out.
- Update functional tests.
2014-07-29 20:58:43 +00:00
Hannah Wolfe
05afe8afb2 Improve importer error messaging
closes #3274

- Ensure that validation errors are always handled by moving them into the
  importer
- Ensure that db errors are handled consistently across sqlite and mysql
- Change the errors to be output in a table, with a short failure notification
- Add tests for 003 importing bad files
2014-07-29 12:02:18 +01:00
Maurice Williams
3397790204 Removing "author" role-label
closes #3427
- adding conditional statement to now display users with role "author"
2014-07-29 01:50:34 -04:00
Jason Williams
d75483e4a8 Preserve order of tags as entered by the user.
Closes #3133
- Implement an ordered set for the tags property of the tag
  input controller.  Set order is by order added to the post.
2014-07-29 02:16:21 +00:00
Hannah Wolfe
13f34fd992 Merge pull request #3422 from sebgie/issue#3177
Hide Access Token
2014-07-28 09:18:42 +01:00
Sebastian Gierlinger
d40f545106 Add XSS prevention
closes #3387
- added placeholder for <script> and <iframe>
- added google-caja sanitizer
- changed title in posts overview to ‚double-stash‘
2014-07-27 23:03:01 +02:00
Sebastian Gierlinger
4376fcb784 Hide Access Token
closes #3177
- uses an iFrame to initiate the download to hide the access token

The access token is now hidden in the admin logic. If we would like to
completely hide the token it is possible to remove the access token and
use signed requests instead, but I think the effort isn’t worth the
benefit in this case.
2014-07-27 22:57:57 +02:00
Matt Enlow
0d4397ef98 Rebind name and password to inputs on signup page
Closes #3410, Ref #3392
- Removed setting name from user email address per issue #3392
2014-07-25 13:04:33 -06:00
Hannah Wolfe
4057a2c8d5 Merge pull request #3397 from morficus/issue-3392
Removing "full name" auto-popualtion during signup
2014-07-25 09:54:51 +01:00
Maurice Williams
690bd9c551 Removing "full name" auto-popualtion during signup
closes #3392
- removing data-binding attribute for "name" input box on signup screen
- removing data-binding attribute for "password" input box on signup screen
- making "email" the first input box and "name" the 2nd
- removing "autofocus" attribute for "email" input box on signup screen
2014-07-24 22:49:57 -04:00
Ian Mitchell
601692780a Hides <Users button for authors
closes #3295
- The <Users button visibility is now restricted by user role
2014-07-24 18:54:02 -07:00
Hannah Wolfe
1695631f11 Merge pull request #3377 from PaulAdamDavis/signout-button
Change signout link to button
2014-07-24 17:52:09 +01:00
Jason Williams
5e021da86c Improve handling of users and roles in admin
Closes #3083 Refs #3229
- Populates the dropdown list in the invite user menu with the
  list of roles a user is permitted to create.
- Users API now checks the invite user request for allowed roles.
- Change API response from 200 to 201 on successful invitation.
- Change API response from 500 to 201 when the user was created but
  the email was not sent.  The client will show a warning notification
  when it sees 'invite-pending' as the new user's status.
- Add support for "?status=all" to the /users endpoint.
- Refactor the route and controller for the /settings/users page so
  that there's only one network API call to load users instead of two.
2014-07-24 14:20:47 +00:00
Hannah Wolfe
96a61025ec Merge pull request #3362 from sebgie/issue#3087-2
Transfer Ownership
2014-07-24 12:19:08 +01:00
Maurice Williams
bf95c5b268 Preventing rogue modals from popping up when hitting the enter-key
closes #3352
- adding a ```type``` attribute to buttons inside form in the settings section
- scanning the rest of the project to find any other buttons w/a missing attribute
2014-07-23 22:58:50 -04:00
Paul Adam Davis
acb45cb660 Change signout link to button
References https://github.com/TryGhost/Ghost-UI/issues/65

- Swap signout link from an `<a>` tag to `<button>`
- Changed tests to match new element
2014-07-23 22:12:45 +01:00
Sebastian Gierlinger
56eee1a84c Transfer Ownership
closes #3364 (special thanks to @jaswilli)
closes #3087
- added modal
- added controller
2014-07-23 12:41:31 +02:00
Hannah Wolfe
8845f25e02 Merge pull request #3365 from PaulAdamDavis/user-list-img-bg-swap
Make user list images background-image's
2014-07-23 04:11:14 +01:00
Hannah Wolfe
4eb03af0a3 Merge pull request #3358 from IanMitchell/sidebar-role
Hide Settings Sidebar Based on Role
2014-07-23 03:41:40 +01:00
Paul Adam Davis
0de40016ab Make user list images background-image's
References https://github.com/TryGhost/Ghost-UI/issues/76

- Swap user avatars in the user list from ing tags to background images
2014-07-22 20:13:30 +01:00
Ian Mitchell
5db86f2356 Hide Settings Sidebar Based on Role
Implements #3294. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-22 08:03:52 -07:00
Hannah Wolfe
1b5a682e13 Merge pull request #3341 from PaulAdamDavis/psm-class-ammend
Correct markup for the PSM author dropdown
2014-07-22 01:12:45 +01:00
Ian Mitchell
3d4981307f Hide Settings Tab if Author
Implements #3293. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-21 14:31:10 -07:00
Ian Mitchell
9bd7c59c31 Implements User Role Label
Closes #3287.
2014-07-21 13:31:25 -07:00
Paul Adam Davis
55951a0736 Correct markup for the PSM author dropdown 2014-07-21 21:15:14 +01:00
Maurice Williams
fb170d1725 Pagination for Users Management screen
closes #3222
- implementing server-side pagination for /users API
- passing /users?limit=none will return all users
- passing /users?status=invited will filter base on user status
- creating 3 mixins (route, controller and view) to keep pagination logic DRY
- updating route, controller and view for Posts to use new mixing
- implementing infinite scrolling for Users Management screen (using new mixins)
- Users Management screen displays all invited users, but paginates active users
2014-07-21 14:03:26 -04:00
Hannah Wolfe
d3491c53b9 Adding helper for invite status
closes #3309, refs #3229

- adds different message depending on status
- doesn't delete the new user if the problem was an email error
- filters the 2 lists based on all statuses
2014-07-20 09:23:57 +01:00
Matt Enlow
9ad9e6e645 Add Author dropdown to PostSettingsMenu
Ref #3084
This PR does NOT hide the dropdown as required to close 3084.

- `EditorNewRoute` creates post with the author set to the current user
- added `authors` ArrayPromiseProxy (whoa, what?) to PSM
- added `changeAuthor` function that sets author and saves model when the user selects a new author
2014-07-18 17:29:46 -06:00
Hannah Wolfe
15448ede3a Merge pull request #3314 from jaswilli/issue-3160
Add a notify action to the notifications component
2014-07-19 00:11:10 +01:00
Hannah Wolfe
a5682bfe40 Merge pull request #3297 from jaswilli/issue-3271
Turn off autocomplete for user profile form
2014-07-18 16:07:03 +01:00
Paul Adam Davis
f9ef18afac Add class to invited users container
No issue

- Relates to 447c7d77ec (diff-acda43902fe5a16fa255b16e7b32e6d0R14)
- Adds class to the invited users container, used only for spacing right now
2014-07-18 09:02:35 +01:00
Jason Williams
73be0780b9 Add a notify action to the notifications component
Refs #3160
- gh-notifications component now takes an optional notify
  parameter.  If present it will be invoked as an action
  when a notification is added or removed.
- Add a data-notification-count attribute to the main container
  that tracks the number of "top" notification messages that
  are currently being shown.
2014-07-17 17:34:38 +00:00
Jason Williams
12c276f5ad Turn off autocomplete for user profile form
Closes #3271
2014-07-17 17:09:20 +00:00
Jacob Gable
1181c18f20 Fetch actual user on settings/users/user
Closes #3279

- Switch from this.session.get('user') to this.store.find('user') and
some further limiting until a custom user adapter is created
- Switch the deactivate logic to rollback the used model
- Pass the user as the model in the link-to in user list template
2014-07-17 10:44:39 -05:00
Hannah Wolfe
7713b73a00 Merge pull request #3304 from JohnONolan/noplaceholder
Removing erroneous placeholder text from user profile
2014-07-17 13:23:04 +01:00
Hannah Wolfe
8fdbdc1c5e Merge pull request #3308 from JohnONolan/newsignup
New signup screen
2014-07-17 13:09:53 +01:00
John O'Nolan
849936bf17 Removing erroneous placeholder text from user profile
Reverting the placeholder that was introduced in #2734 to fix #1623. We should handle this intelligently by automatically interpretting the input and using validation if we can't. The user should not have to know or care about what http is.

Regardless off any of the above, we should not be introducing user-facing text like this without proper consideration. A placeholder of "http://ghost.org" is far more confusing than no placeholder at all. It also looks like a cheap promotional tactic on our part.
2014-07-17 14:07:12 +02:00
John O'Nolan
c5a9765843 Fade in the setup form 2014-07-17 13:39:53 +02:00
John O'Nolan
d9b3d45463 New signup screen
See #3082 - This borrows setup screen styles for now
2014-07-17 13:34:40 +02:00
Jason Williams
25ff26016e Prevent loading setup screen if already setup
Closes #3145
- Prevent navigation to the setup screen if Ghost setup
  has previously been completed.
- Fix templates that were incorrectly using foreach instead of each.
- Add validation for minimum password length.
- Fix up functional tests and split out tests for setup to a separate
  instance of casper because setup requires a new database.
- Add a cleanDatabase task to grunt which resets the database to
  new.
2014-07-16 15:54:42 +00:00
Hannah Wolfe
3027c9fcdc Merge pull request #3277 from PaulAdamDavis/link-href-fixes
Replace anchors with no real href with buttons
2014-07-15 18:34:50 +01:00