Commit Graph

1955 Commits

Author SHA1 Message Date
Hannah Wolfe
dd64deb75b Merge pull request #6610 from dbalders/foreach-last
Change default setting for `to` inside foreach helper
2016-03-28 18:42:06 +01:00
Jason Williams
dde27f4dcf Merge pull request #6638 from ErisDS/knex-config
Make it possible to override `useNullAsDefault`
2016-03-25 10:17:01 -05:00
Hannah Wolfe
681e9f9f51 Data & fixture migration cleanup
refs #6621, #6622

- remove unneeded `return new Promise.resolve()` lines
- reduce code in tests
- improve quality of tests checking that all task functions are executed
- add missing test coverage
2016-03-24 22:24:57 +00:00
Hannah Wolfe
57271878c0 Make it possible to override useNullAsDefault
refs #6623, #6637

- this was supposed to be in the original
2016-03-24 16:34:48 +00:00
Hannah Wolfe
8c74f55b36 Disable knex useNullAsDefault warning
refs #6623

- automatically set useNullAsDefault to false for sqlite3 so that we don't get a warning
- we should *not* be relying on the behaviour of interpretting undefined anywhere, so it is correct that an error should be output if this happens so that we can fix the bad behaviour
2016-03-24 12:49:06 +00:00
David Balderston
81c215dbe5 Update Post Slug while Draft on Title Changes
Closes #5062

* As long as the post has never been published, update the slug to
match the new title if the title is changed
2016-03-23 10:20:22 -07:00
Jason Williams
136bdbd9ff Return http status 204 on deletes
Closes #2871
- Refactor api http handlers.
- Update tests.
- Remove special handling of responses in ember adapter.
2016-03-22 11:42:48 -05:00
Jason Williams
9fe573a0c5 Refactor content deletion
- Simplify the `init` method in `models/index.js` so that it no longer
  returns a promise. Easier to use.
- Eliminates the `deleteAllContent` method from `models/index.js` as it
  can all be handled at the API layer in a single spot.
- Optimize `destroyAllContent` in `api/db.js`. Eliminates
  double-fetching every post from the database and converting it to
  JSON. Also only fetches ids from the database instead of the entire
  model.
- Eliminates the custom static method `destroy` in the Post model in
  favor of handling detaching tag relations in a single place (the
  `destroying` event). This also eliminates a big source of unneeded
  database round trips--needing to get post ids to feed into
  `Post.destroy()` which then re-fetches the post again.
2016-03-22 10:10:09 -05:00
Hannah Wolfe
84f387785a Migration messaging improvements
refs #6301

- fix messages that joined with comma and therefore missed outputting version no
- change `logInfo` to `logger` that has both an info and a warn method
- add new warn method to errors
- add a warn message everytime a migration (data or fixture) gets skipped over
- update logger everywhere, including tests
- update tests to check logger.warn gets called
2016-03-22 09:59:22 +00:00
Hannah Wolfe
9030620b23 Ensure fixture operations only run if needed
refs #6301

- Make sure that every fixture operation has a check to ensure that it hasn't already run
- E.g. The update of sort_order on posts_tags should only happen if there are no values which aren't a zero
  - This makes sure that we don't accidentally overwrite data on FORCE_MIGRATE
- No need to try to set settings types if they are already correct
- Only update the admin client if it needs it, else we're regenerating secrets each time
2016-03-21 18:15:01 +00:00
Sebastian Gierlinger
ea9c8235fa Merge pull request #6609 from ErisDS/new-db-upgrade
Rewrite DB update to be explicit
2016-03-21 16:14:59 +01:00
Sebastian Gierlinger
1256272640 Merge pull request #6616 from ErisDS/meta-schema-fix
Never output null JSON-LD schema
2016-03-21 10:22:06 +01:00
Sebastian Gierlinger
25c490b2ec Merge pull request #6614 from ErisDS/paginated-urls
Clean up paginated URL generation
2016-03-21 10:08:53 +01:00
Hannah Wolfe
9a8fbd5286 Never output null JSON-LD schema
refs #5091, #6612

- fixes meta data so it won't output 'null' as a JSON-LD schema
- added test coverage for this if/else
- this case cannot happen within the existing system, it only happens with custom channels after #6612
2016-03-20 22:36:02 +00:00
Hannah Wolfe
5f2c913fc1 Clean up paginated URL generation
refs #5091, #6612

- unify getNextUrl & getPrevUrl into getPaginatedUrl
- ensure that it can generate a prev, next or exact page no url
- ensure that it can figure out the base url
- use the same code from the page_url helper
- refactor the tests to ensure there's 100% coverage

Following on from #6612, this ensures that pagination always works regardless of whether the channel is default or custom
2016-03-20 22:35:00 +00:00
Hannah Wolfe
17499dbc7b Generate context from channelConfig, not URL
refs #5091

- makes post context explicit - data.post must be set, rather than post being the default
- uses channelConfig to determine the context for a channel (the channel name) rather than basing it off of the URL
- updates tests to setup the contexts more clearly, the outcome has not changed

Since #6469 req has channelConfig attached to it.
We can use req.channelConfig to determine what the context should be for a channel (the channel name)
This allows us to remove the hardcoded URLs, and means that custom channels will automatically get their own context.
Coupled with removing 'post' from being a default/fallthrough, to being explicitly set, this will reduce
potential context errors, as we start to extend the frontend capabilities
2016-03-20 12:59:25 +00:00
David Balderston
c55140d0db Change default setting for to inside foreach helper
closes #6604

* Default for `to` was always `(from-1) + limit`. This caused a problem
where the `to` value could be higher than the length of the number of
blog posts, causing `@last` to never be called/reached
* Now sets `to` to have a default of `length` and if a limit was sent
through and not higher than `length`, to then set `to` to that value
* Added some extra tests for `@last` and `@first` use cases
* Added some inline commenting
2016-03-17 17:52:38 -07:00
Hannah Wolfe
0ad93c3df2 Rewrite DB update to be explicit
refs #6301

- Replace builder & automated database upgrade with a set of explicit tasks
- Ensure the tasks can only happen if they need to
- Remove some duplicate code between fixture & db upgrades (more to do)
- Add tests
2016-03-17 21:17:19 +00:00
Sebastian Gierlinger
0c483a0997 Merge pull request #6599 from ErisDS/migrations-split
Split migrations/index.js & add tests
2016-03-15 13:47:44 +01:00
Sebastian Gierlinger
f950775b48 Merge pull request #6602 from ErisDS/version-tests
Improve `getDatabaseVersion` & versioning tests
2016-03-15 11:22:09 +01:00
Hannah Wolfe
2cfee3812f Split migrations/index.js & add tests
refs #6301

- changes createTable to use createTableIfNotExists, this is consistent with deletion
- splits out backup, reset, update and populate functions from migration/index into their own files
- moves the wrapped function for populatingDefaultSettings to fixtures.ensureDefaultSettings
- moves `modelOptions` down to the fixture files that actually use it
- adds test coverage for backup, reset and populate, but not for update as that needs refactoring
2016-03-15 10:11:33 +00:00
Hannah Wolfe
81deb88263 Improve getDatabaseVersion & versioning tests
refs #6301

- `currentVersion` was leftover from before the first public release of Ghost!
- simplified the code for `getDatabaseVersion`
- improved & made consistent how errors are handled in `getDatabaseVersion`
- migration error handling updated to reflect the changes in `getDatabaseVersion`
- added tests for both `getDatabaseVersion` and `setDatabaseVersion`
2016-03-14 17:11:04 +00:00
Hannah Wolfe
2386a69f9d Always override database config + exit tests on error
refs #6354, #6495 & #6599

- don't allow config.database to be merged, instead, override it always
- make sure that route tests call done even when they error
2016-03-14 15:39:59 +00:00
Hannah Wolfe
9309adc511 Exporter cleanup & tests
refs #6301

- change knex getter def to be configurable, else it is not testable
- remove exportPath and lang from config - neither are used
- add client_trusted_domains to tables which shouldn't be exported as there are no clients in the export
- change export signature to be an object with `doExport` function consistent with import & easier to test
- cleanup export code so it is clearer, easier to read & to test:
  - use mapSeries instead of sequence
  - use Promise.props instead of Promise.join
  - split functionality into smaller functions
- add test coverage
2016-03-12 19:01:25 +00:00
Sebastian Gierlinger
411dd47002 Merge pull request #6579 from jaswilli/auth-api
Refactor authentication API into pipeline format
2016-03-08 15:54:34 +01:00
Jason Williams
fe13503470 Refactor authentication API into pipeline format
Refs #5508
2016-03-07 11:53:54 -06:00
Sebastian Gierlinger
21770c53da Merge pull request #6572 from ErisDS/data005-part1-fixpastfixtures
Data 005 - Part 1 - Fix Past Fixtures (refactor & test fixture migrations)
2016-03-07 11:26:30 +01:00
Hannah Wolfe
b2659d0cbb Refactor & test fixture migrations
refs #6301

Fixtures:
- Removed all the old (and now broken) 003 fixture upgrades
- Split the 004 fixture upgrade tasks out, each into their own file
- Improved the versioning code that figured out which upgrades we should do
- Added lots of test coverage to make sure all the fixtures are still being run correctly.

Permissions fixtures:
- Changed the code that was populating permissions fixtures to be more automated & based only on what is in the permissions.json file.
- Added lots of test coverage to make sure all the permissions are still being created correctly.

Merging the two things:
- Merged the content of permissions.json and fixtures.json into fixtures.json, but using the new structure from permissions.json.
- Changed to use the new automated model & relation creation for all fixtures, not just permissions.
- The only thing that can't be auto-populated just now is the owner creation, I think that's important enough to do separately.
- There were (so far) never any permission updates, so code for updating fixtures stays the same through the merge.
- This results in two clear code paths: populate (fill out a brand new DB) and update (make any changes since the last version)

Test coverage is now 100% across both updates and populations.
2016-03-03 09:03:37 +00:00
Jason Williams
1edf49daf7 deps: bluebird@3.3.3
- Finishes refactoring started in #6376.
- Fixes invalid Promise.map() call.
- Cleans up promise (rejection) handling.
2016-03-01 15:17:20 -06:00
JT Turner
3db9913191 deps: bluebird@3.1.2
closes #6361
- Updated bluebird dependency to latest 3.1.2.
- Updated update check to handle promises not resolving to arrays.
- Reviewed all other promise code and it looks good.
- Updated code using settle to use the new reflect function.
2016-03-01 14:47:23 -06:00
Aileen Nowak
e347f95f15 Including timezones API in configuration endpoint
refs #6406
- endpoint configuration/timezones refers to timezones.json file in data
- added route for endpoint in api.js to use method read in configuration.js
2016-02-24 16:44:01 +02:00
Kevin Ansfield
5de57f892d Merge pull request #6548 from ErisDS/config-api
Restructure Configuration API endpoint
2016-02-24 09:34:51 +00:00
Sebastian Gierlinger
81f119d098 Merge pull request #5888 from ErisDS/improve-fileserve
Serve immediate 404 for static files (no fallthru)
2016-02-23 17:15:21 +01:00
Sebastian Gierlinger
6b852c11d8 Merge pull request #6553 from ErisDS/slack-unfurls
Strutured data: Slack Unfurls & published_at fix
2016-02-22 20:17:04 +01:00
Sebastian Gierlinger
37ef512a19 Merge pull request #6543 from ErisDS/fixture-i18n
Remove i18n from migration output
2016-02-22 09:49:55 +01:00
Sebastian Gierlinger
8d6ec8555c Merge pull request #6544 from ErisDS/client-secret
Move client secret logic into the model
2016-02-22 09:49:05 +01:00
Sebastian Gierlinger
24e6a93f22 Merge pull request #6555 from ErisDS/not-context
Rename confusing 'context' variables
2016-02-22 09:47:06 +01:00
Hannah Wolfe
8cef27d698 Fix jsDoc on i18n.t()
no issue

- my IDE has been moaning at me for every usage of i18n.t that didn't have 2 args
- this uses the optional notation and expects an object instead of JSON (JSON requires keys to be quoted)
2016-02-22 01:57:22 +01:00
Hannah Wolfe
dcc8bcc4f1 Strutured data: Slack Unfurls & published_at fix
refs #6534

- fixes a bug where published_at was incorrectly falling back to the created_at date
- updated meta index to get author name
- add written by & filed under labels + data if the values are present (only on posts/pages)
- updated tests
2016-02-22 01:45:00 +01:00
Hannah Wolfe
10fc320cc8 Rename confusing 'context' variables
no issue
- In Ghost, 'context' means the page or section of a blog we're currently within
when rendering a theme, e.g. 'post' or 'tag' or 'home'.
- In handlebars 'context' refers to the blob of JSON that is tied to a template.
- These two uses of the word 'context' have gotten very confusing, so I've removed all usage of 'context' within the Ghost handlebars helpers, EXCEPT where they actually refer to the current context (e.g. the is helper)
2016-02-21 22:07:15 +00:00
Hannah Wolfe
a59cfc70a1 Serve immediate 404 for static files (no fallthru)
closes #5887

- make use of the new 'fallthrough' option which landed in express-static 1.10.0
- change local-file-store and middleware serving `/public/` and `/shared/` files to use the new `fallthrough: false` option
- 404s are now served directly, without slashes or uncapitalise getting triggered
2016-02-21 19:17:27 +00:00
Hannah Wolfe
ed16998461 Restructure Configuration API endpoint
refs #6421, #6525

- The configuration API endpoint was a bit of an animal:
   - It's used currently in two ways, once for general config, another for the about page.
   - These two things are different, and would require different permissions in future.
   - There was also both a browse and a read version, even though only browse was used.
   - The response from the browse was being artificially turned into many objects, when its really just one with multiple keys
- The new version treats each type of config as a different single object with several keys
- The new version therefore only has a 'read' request
- A basic read request with no key will return basic config that any client would need
- A read request with the about key returns the about config
- A read request with a different key could therefore return some other config
2016-02-19 18:49:23 +00:00
Hannah Wolfe
bbf5763756 Remove i18n from migration output
refs #5345

- As discussed in #5345, this is effectively debug output.
- It currently only appears on the console, and console output should be in English
- If we add a UI later, this should be translated, but console/debug output should not
2016-02-19 12:23:19 +00:00
Hannah Wolfe
003c8d5462 Move client secret logic into the model
refs #6301

- Move secret generation logic to the model defaults, so there's no need to handle this in fixtures
- Tested upgrades from 003 & fresh installs -> all is well
2016-02-18 20:33:37 +00:00
Hannah Wolfe
841b552b52 Fixing typo in i18n key 2016-02-18 12:52:53 +00:00
Hannah Wolfe
d7b9eb6176 Fix facebook/twitter/schema description
refs #6534

- this is an initial fix for having no description at all unless a meta description is provided
- we may need to tweak the lengths / provide different lengths for different values in future
2016-02-18 12:11:46 +00:00
Hannah Wolfe
cdbec7a8ba Merge pull request #6532 from jaswilli/issue-6491
Provide entire model to validator
2016-02-18 09:12:06 +00:00
Hannah Wolfe
71062a0026 Merge pull request #6517 from halfdan/fix-6516
Use req.path instead of req.url to check for file extension
2016-02-18 08:37:32 +00:00
Jason Williams
b10da0569a Provide entire model to validator
Closes #6491
2016-02-17 17:30:16 -06:00
Fabian Becker
f14910fa8e Use req.path instead of req.url to check for file extension
fixes #6516
2016-02-17 19:24:49 +01:00
Hannah Wolfe
02199c6b02 Disambiguate between error code & status code
refs #6526

- Change our errors to use `statusCode` for the status code (like res.statusCode)
- Use statusCode for anything that's supposed to be the statusCode, rather than an error idenfier/code
- Update all the tests that check the key
- Route tests don't need fixing as the status codes are still returned correctly
2016-02-17 15:20:49 +00:00
Hannah Wolfe
c301510cd1 Refactor gravatarLookup, remove request dependency
no issue

- request is quite a heavy dependency
- we were only using request in 3 places: a test, storing contrib images in the gruntfile & the gravatar lookup
- all 3 are relatively simple to do with the http/https module
- refactored all 3, removed request
2016-02-16 11:12:01 +00:00
Sebastian Gierlinger
3c5c5ad9d0 Merge pull request #6469 from ErisDS/dynamic-channel-routing
Dynamic channel routing
2016-02-15 19:27:41 +01:00
Hannah Wolfe
13c1742eb9 Make frontend routing dynamic & driven by channels
refs #5091

- Move renderChannel to own file
- Update channel config to have get/list methods
- Move main routes to be generated based on the list of channels
- Move RSS routes to be subroutes of channels
- Move redirect301 to be a shared util
- Add full test coverage
- Split frontend route tests into frontend & channels
2016-02-15 15:57:20 +00:00
Hannah Wolfe
76934b44c1 Merge pull request #6499 from javorszky/iss_6493
Moves builFilesExist to startup-checks
2016-02-14 19:58:31 +00:00
Gabor Javorszky
7691b03d5a Moves builFilesExist to startup-checks
Fixes #6493

* moved function to startup checks
* flipped file system checks to sync versions
* exits on first sign of trouble
2016-02-14 18:28:37 +00:00
Hannah Wolfe
7c47249ac7 Merge pull request #6501 from cobbspur/backup
Backup database before deletion
2016-02-14 13:57:26 +00:00
cobbspur
8025325b15 Backup database before deletion
No issue

- a json object is now created when a user deletes content in labs
2016-02-14 09:04:53 +00:00
Sebastian Gierlinger
21c272b03f Merge pull request #6495 from ErisDS/db-config
Move db connection out of config
2016-02-13 13:25:35 +01:00
Hannah Wolfe
1c85650108 Move db connection out of config
refs #5047

- database connections are not configuration
2016-02-12 13:56:23 +00:00
Hannah Wolfe
c3673be863 Don't include app fields
no issue

Including app fields along with tags & authors was a preoptimisation.
We don't use them yet, and having them results in database calls that are unnecessary.
2016-02-11 15:03:33 +00:00
Hannah Wolfe
c9e0a70d16 Merge pull request #6481 from jaswilli/issue-5350
Refactor mail service
2016-02-11 08:58:08 +00:00
Jason Williams
c52fd1df9f Refactor mail service
Closes #5350
- No longer necessary to initialize via async init().
- Adds a startup-check for mail configuration.
- Creates a notification in the admin client if
  mail transport is "direct" and sending a message fails.
2016-02-10 16:31:42 -06:00
Hannah Wolfe
4ba0a745df Adding drop-column migration handling
refs #6301, #6165

- Adds detection and processing for column deletions
2016-02-09 12:11:49 +00:00
Sebastian Gierlinger
819116465e Merge pull request #6388 from ErisDS/schema-rejig
Reorganise & Rename server/data/ folder internals
2016-02-08 11:19:40 +01:00
Hannah Wolfe
8b5ea4691a Merge pull request #6405 from jtwebman/ghost_head_refactor
Refactored ghost head helper
2016-02-05 11:12:26 +00:00
JT Turner
06d91ce046 Refactored ghost head helper
closes #6186
- Refactored ghost head helper to use the new metadata functions.
- Fix issue where tag should output description if missing meta description.
- Add test for tag description.
- Updated tests to look for author urls with a tailing backslash
- Fix author to output meta description first and then bio if missing.
2016-02-04 22:18:51 -08:00
Hannah Wolfe
1ad7a91f4d Reorganise & rename server/data/ folder internals
refs #6301

- In the migration folder, commands.js changed to builder.js to resolve conflict with the 'commands' inside data/utils/clients/.
- a new data/schema/ folder has been added to hold all the code related to the database schema
- data/utils/clients have been moved to data/schema/clients
- data/utils/index.js has become data/schema/commands.js
- data/schema.js has been split, the definition of the DB schema stays put, the additional checks have moved to data/schema/checks.js
- data/validation/index.js has become data/schema/versioning.js
- data/fixtures has moved to data/migration/fixtures
- data/default-settings.json has moved to data/schema/default-settings.json
2016-02-04 20:39:15 +00:00
Fabian Becker
3cafc70022 Correctly clear settings cache after import
fixes #6435
2016-02-04 09:23:43 +01:00
Kevin P. Kucharczyk
dc957d7d2e Fix missing nav-current class bug when trailing slashes don't match
closes #6422
- trim trailing slashes before comparing URLs in navigation helper
- add test case to make sure nav-current is appended regardless of trailing slash presence
2016-02-02 11:47:13 +01:00
Hannah Wolfe
08e5848d4a Fix cache-control header for sitemaps
no issue

- sitemaps were getting max-age=undefined as they were depending on the wrong utils folder
- test + fix included
2016-01-25 17:56:05 +00:00
Hannah Wolfe
e5e375057e Merge pull request #6299 from acburdine/config-refactor
Refactor Config Service
2016-01-25 13:22:20 +00:00
Hannah Wolfe
4e355ecba9 Merge pull request #6374 from jtwebman/admin_error_no_theme
Fixed ghost admin error when missing theme folder.
2016-01-25 12:29:31 +00:00
Hannah Wolfe
c29187a5fe Merge pull request #6370 from jtwebman/meta_data_to_functions
Started moving meta data fetching to functions.
2016-01-25 12:16:20 +00:00
JT Turner
cdc98dce15 Fixed ghost admin error when missing theme folder.
closes #6368
- Add test to recreate the error in the static theme middleware.
- Updated static theme middleware to not error if missing theme folder.
2016-01-23 14:01:26 -08:00
JT Turner
1f4c01d207 Started moving meta data fetching to functions.
issue #6186
- Moved asset helper logic to a asset url function.
- Created author image function to be used in ghost_head helper.
- Created author url function to be used in the ghost_head helper.
- Created canonical url function to be used in the ghost_head helper.
- Moved meta_description helper logic to a function.
- Moved excerpt helper logic to a function.
- Created an index in data/meta to be used in ghost_head helper to get all data.
- Created keyword function to be used in the ghost_head helper.
- Created modified data function to be used in the ghost_head helper.
- Created next url function to be used in the ghost_head helper.
- Created ogType function to be used in the ghost_head helper.
- Created previous url function to be used in the ghost_head helper.
- Created published data function to be used in the ghost_head helper.
- Created rss url function to be used in the ghost_head helper.
- Created schema function to be used in the ghost_head helper.
- Created structured data function to be used in the ghost_head helper.
- Moved meta_title helper logic to a title function.
- Moved url helper logic to a url function.
- Wrote tests for all the new functions

This is just the first step. I plan on refactoring the ghost head to use these new functions.
2016-01-23 13:58:21 -08:00
Damien Dormal
58fe7af7d1 Cleanup and improved test coverage for mailer
closes #5489
- Remove unneeded Promise.promisify in mailer
- Remove noEmailTransportConfigured error as not relevant anymore (Direct is default)
- Clone message argument in mailer.send
- Move test from api_mail_spec to mail_spec
- Add default mail title test
2016-01-23 11:49:01 +08:00
Hannah Wolfe
c549914ae8 Merge pull request #6316 from halfdan/5606-subdir
Make regex for subfolder deduplication more restrictive
2016-01-20 20:09:29 +00:00
Austin Burdine
7d304a046f refactor admin config to include explicit value types
closes #6266
- add "type" to valid keys in configuration api
- refactor ember config service to parse values based on provided type
2016-01-19 09:43:09 -06:00
Hannah Wolfe
1b5b6cf6e3 Merge pull request #6314 from halfdan/6287-import
Only import tables defined in core/server/data/schema.js
2016-01-19 15:22:24 +00:00
Fabian Becker
eef37acc49 Revert i18n in startup-check
- Removes preinstall dependencies
- Reintroduce old plain english strings
- Remove translations for startup check

closes #6332
2016-01-13 14:46:51 +01:00
Hannah Wolfe
4a7a19c86a Merge pull request #6070 from kevinkucharczyk/harvesting-server-side-strings
Harvest server side strings
2016-01-12 20:04:53 +00:00
JT Turner
e4c52a6915 Fix urlFor to handle secure correctly
issue #6270
- Exposed getBaseUrl on the config class.
- Fix formatting config index as array was more then 140 characters long.
- Updated getBaseUrl to handle secure by replacing http with https if true.
- Fixed ghost_head helper to output canonical base url no https.
- Fixed ghost_head helper to set secure correctly for the rss link.
- Fixed navigation helper to pass secure in each nav item, so that urlFor can u$
- Fixed {{url}} to pass secure correctly to config.urlFor.
- Fixed test to use urlSSL over https besides for canonical.
- Add tests for {{url}} and to make sure they output https for absolute and secure.
- Update twitter and og url to use the canonical url.
2016-01-11 19:40:30 -08:00
Hannah Wolfe
dfa74ffcd5 Merge pull request #6304 from halfdan/fix-6290
Disallow access to author/tag rss feeds if private blogging is on
2016-01-11 14:04:19 +00:00
Fabian Becker
c8e30f0182 Make regex for subfolder deduplication more restrictive
- Add subdir to protected slugs
- Fix regex for subfolder deduplication

fixes #5605
2016-01-11 12:46:59 +01:00
Fabian Becker
2770def8f1 Only import tables defined in core/server/data/schema.js
fixes #6287
2016-01-11 11:56:18 +01:00
Hannah Wolfe
5e2523a305 Merge pull request #6273 from johnny94/add-attributes
Add attributes for `{{tags}}` and `{{#foreach}}` helpers
2016-01-11 10:24:04 +00:00
Szu Yaung
70327c2a74 Add attributes for {{tags}} and {{#foreach}} helpers
issue #6205
- added `from` and `to` attribute for `{{tags}}` and `{{#foreach}}` helpers.
- added tests for these new atttributes
2016-01-10 02:47:36 +08:00
Hannah Wolfe
816e773f93 Merge pull request #6298 from jtwebman/fix_ghost_head_on_error_page
Fix ghost_head helper to not run if error page.
2016-01-09 13:42:03 +00:00
Hannah Wolfe
5fdfc5a091 Merge pull request #6296 from jgable/imageTags
Refactor sitemap generation to include images consistently
2016-01-09 13:28:32 +00:00
Fabian Becker
8a16dd5d7e Disallow access to author/tag rss feeds if private blogging is on
- Also fixes an issue where posts/tags with slugs starting with rss/sitemap became inaccessible

fixes #6290
2016-01-07 15:03:39 +01:00
JT Turner
3af224ed39 Fix ghost_head helper to not run if error page.
issue #6289
- Made quick fix to return from ghost_head helper if error page
2016-01-05 23:31:46 -08:00
Jacob Gable
d1348d709f Refactor RSS Image node generation
fixes #6292

- Added createImageNodeFromDatum to BaseSiteMapGenerator
- Refactor some defaults code that was unnecessary
- Add tests for posts, tags, users and posts with images
2016-01-05 21:25:52 -08:00
Hannah Wolfe
c10eb58144 Add missing chars to slug generator
closes #6272

- curly braces and back-tick should also be replaced with a dash
- other symbols and chars in ascii table are either removed or replace
- not all the replacements are sensible, but better than having odd chars in the slug for now
2016-01-05 19:12:44 +00:00
Sebastian Gierlinger
c533c48b89 Merge pull request #6251 from ErisDS/issues-6247
Switch channel filters to use strings not literals
2015-12-21 20:20:44 +01:00
Kevin Ansfield
c28f4853b8 Merge pull request #6244 from acburdine/issue-6226
Fix authentication error if setup/two is re-submitted
2015-12-21 11:14:39 +00:00
Hannah Wolfe
20f102808a Switch channel filters to use strings not literals
fixes #6247

- GQL has a bug where literals starting with numbers are incorrectly parsed
- Using strings instead of literals is a workaround, but is probably safer anyway
2015-12-20 16:03:39 +00:00
rfpe
7abcc43907 Harvest server side strings
closes #5617
- Replace all hard-coded server-side strings with i18n translations
2015-12-19 12:12:16 +01:00
Austin Burdine
ea1e454038 fix authentication error if setup/two is re-submitted
closes #6226
- adds calls to oauth middleware on PUT /authentication/setup/
- prevent setup/two from trying to log in again if user is already logged in
2015-12-18 12:18:13 -07:00
Fabian Becker
3b235b9acb Fix broken @last for foreach with limit
refs #6205
2015-12-18 15:55:12 +01:00
Matt Enlow
b5b0ec190b Register helpers as non-asynchronous
Ref #5850
2015-12-17 07:39:43 -07:00
Hannah Wolfe
14c3bd605e Ensure filter parse errors generate 422 not 500
no issue

- This resolves some issues we've seen with Ghost throwing 500 errors when the filter parameter is incorrectly structured/formatted
2015-12-15 15:01:06 +00:00
Sebastian Gierlinger
68a3c2527d Merge pull request #6225 from ErisDS/ghost-head-fix
Ensure `{{ghost_head}}` doesn't overwrite values
2015-12-15 15:13:17 +01:00
Hannah Wolfe
cbea617a24 Ensure {{ghost_head}} doesn't overwrite values
closes #6221

- clones contextObject so that updating values doesn't overwrite real data
2015-12-15 13:18:29 +00:00
Sebastian Gierlinger
efaa04ba61 Merge pull request #6223 from ErisDS/ghost-url
Prep shared API URL util for use on external sites
2015-12-15 14:17:41 +01:00
Kevin Ansfield
f1d7bd3bcb Merge pull request #6092 from ericschultz/aria-pagination
Add aria-hidden to the pagination arrows
2015-12-15 12:56:16 +00:00
Hannah Wolfe
9eadeb9fbb Prep shared API URL util for use on external sites
refs #5942, #6150

There were a few key problems I was looking to solve with this:

- Introduce a single point of truth for what the URL for accessing the API should be
- Provide a simple way to configure the utility (much like a true SDK)

As of this commit, this utility is still automatically available in a Ghost theme.
To use it on an external site, the code would look like:

```
<script type="text/javascript" src="http://my-ghost-blog.com/shared/ghost-url.min.js"></script>
<script type="text/javascript">
ghost.init({
   clientId: "<your-client-id>",
   clientSecret: "<your-client-secret>"
});
</script>
```

To achieve this, there have been a number of changes:

- A new `apiUrl` function has been added to config, which calculates the correct URL. This needs to be unified with the other url generation functions as a separate piece of work.
- The serveSharedFile middleware has been updated, so that it can serve files from / or /shared and to substitute `{{api-url}}` as it does `{{blog-url}}`.
- ghost-url.js and ghost-url.min.js have been updated to be served via the serveSharedFile middleware
- ghost-url.js has been changed slightly, to take the url from an inline variable which is substituted the first time it is served
- `{{ghost_head}}` has been updated, removing the api url handling which is now in config/url.js and removing the configuration of the utility in favour of calling `init()` after the script is required
- `{{ghost_head}}` has also had the meta tags for client id and secret removed
- tests have been updated
2015-12-15 11:50:46 +00:00
Hannah Wolfe
7fea696d21 Merge pull request #6213 from cobbspur/getPaginationFix
Ensure {{get}} helper returns pagination
2015-12-15 11:20:42 +00:00
Hannah Wolfe
bc97de5fe9 Unify usage of config in unit tests
no issue

- provide a single point for accessing config in unit tests
- create a single way to set and restore config
- ensure that restore deletes top level optional keys that are now undefined
- use this._config in check deprecations, otherwise the config gets cached
- solves issues with interdependent tests
2015-12-15 10:48:24 +00:00
Sebastian Gierlinger
432f8610c8 Merge pull request #6220 from ErisDS/issue-6205-limit
Add `limit` attribute to tags & foreach helpers
2015-12-15 11:37:44 +01:00
Sebastian Gierlinger
69ccca2cca Merge pull request #6167 from ErisDS/perma-ppp
Moving 'permalinks' and 'postsPerPage' to config.theme cache
2015-12-15 11:35:46 +01:00
Hannah Wolfe
a27f22acf5 Add limit attribute to tags & foreach helpers
refs #6205

- limit attribute allows theme developers to restrict output from these helpers to a smaller number
than would usually be output
2015-12-15 10:05:25 +00:00
Hannah Wolfe
883152ff15 Improvements to client auth error logging
no issue

- If client credentials are missing, or not valid, output a clear message in the server console
- Still defaults to sending the 'access denied to url' error to the frontend
2015-12-15 08:29:44 +00:00
Hannah Wolfe
e84b7f3217 Cache permalinks & postsPerPage on config.theme
no issue

- Cache the permalinks & postsPerPage settings on the config.theme object
- Use the config.theme cache to reference these items throughout the frontend of a blog
- Removes the need for workarounds and extra code to handle async fetches
- Makes these values accessible to all themes, which is very useful now we have the API stuff
2015-12-15 08:16:53 +00:00
cobbspur
0ce4078f45 Ensure {{get}} helper returns pagination
No Issue

- pagination returned if meta pagination exists
- needed to allow pagination helper to work
2015-12-14 13:27:07 +00:00
Hannah Wolfe
2b145b3c61 Merge pull request #6202 from acburdine/ghost-url-updates
`ghost.url.api` cleanup/minification
2015-12-10 17:21:14 +00:00
Hannah Wolfe
8c355349b3 No more soft 404s in pagination
closes #6201

- redirects for page/1/ or rss/1/ are now 301s
- any other invalid page now 404s
2015-12-10 15:00:02 +00:00
Austin Burdine
8f89997deb minify ghost.url.api in production
closes #6150
- clean up ghost.url.api script
- switch to inlining config and making the ghost-url.js file an external request
- add minification in production
2015-12-10 08:46:58 -06:00
Hannah Wolfe
16c71dde22 Merge pull request #6032 from vdemedes/pipeline-mail
Refactor mail API with pipeline utility
2015-12-09 19:28:08 +00:00
Hannah Wolfe
88065f58a0 Remove filters from theme helpers (no async)
closes #5850

- filters were added so that apps could change the output of the helpers, but as async helpers are a hack, this led to issues
- apps aren't currently a working part of Ghost, so for now, lets remove the filters
- we'll add these back when we have a better implementation of async helpers & this style of app is back on the cards
2015-12-08 14:35:04 +00:00
Hannah Wolfe
a956d595f2 Make channel config dynamic
refs #5091, #6166

- fetch channel config via an internal function
- prevents channel config from being statically cached at runtime
- means that labs & other settings can be used to change these values
2015-12-07 20:06:35 +00:00
John Cruikshank
5e6ed119fa fixing 'undefined is not a function' error when loading apps 2015-12-04 23:00:37 -06:00
Hannah Wolfe
4bfacf6b86 Change server-side labs utility to be synchronous
refs #6165

- Use the settings cache to populate config.labs whenever settings change
- Use the labs util just to check if a flag isSet synchronously
2015-12-03 16:05:50 +00:00
Sebastian Gierlinger
bc83dbce09 Merge pull request #6145 from ErisDS/view-refactor
Unify code for picking a template to render with
2015-12-02 10:02:31 +01:00
Brandon Hops
e5ee97bece Remove undefined function and fix some comments 2015-12-01 23:28:36 -08:00
Hannah Wolfe
7ebc7f7ff1 Merge pull request #6126 from sebgie/option-restore
Restore options
2015-12-02 12:13:36 +08:00
Hannah Wolfe
9f4c6957de Merge pull request #6155 from StevenMcD/issue_6140
Add .git folder to ignore folders list
2015-12-02 12:07:25 +08:00
Sebastian Gierlinger
ee275f4d0c OAuth Middleware refactor
refs #5286
- moved oauth server initialization to oauth.js
- moved generateAccessToken() to oauth.js
- added tests
2015-12-01 21:20:11 +01:00
StevenMcD
6956985c28 Add .git folder to ignore folders list
closes #6140
- simply added '.git' to the list of folder names to ignore when checking for valid themes.
2015-12-01 21:14:23 +02:00
Hannah Wolfe
395079cd2f Unify code for picking a template to render with
refs #5091

- 100% coverage for new frontend/templates file
- new module handles the logic for determining which template to render with
2015-12-01 12:05:46 +08:00
Sebastian Gierlinger
245095c199 Origin Header revisited
closes #6106
- added override for my-ghost-blog.com
- added local IP addresses to be allowed
- changed localhost/127.0.0.1 to be allowed in production
2015-11-26 13:11:31 +01:00
Hannah Wolfe
f25039c4b9 Docs link & unique error codes for startup checks
refs #5821, #6063

- switch out help test to go to a comprehensive doc
- change error codes from 1 to unique codes
2015-11-26 16:20:11 +08:00
Sebastian Gierlinger
014e2c88dd Restore options
refs #6122
- restore original options after delete
- this is a fix for one use case, long term we should aim to leave
options untouched and execute special queries with temporary data
2015-11-25 09:59:27 +01:00
Sebastian Gierlinger
8c50609491 Handling Origin Header
closes #6106
- added better error message for client and console
- added exclusion of localhost/127.0.0.1 for dev mode
2015-11-23 18:21:19 +01:00
Hannah Wolfe
8f620b6dce Merge pull request #6063 from jgillich/version-check
Enable Node 4.2 testing
2015-11-23 09:56:27 +00:00
Jakob Gillich
faa1655a50 Enable Node 4.2 testing
* Do not error when node unsupported if GHOST_NODE_VERSION_CHECK=false is set
* Run engine check in preinstall script
* Add 4.2 to travis

issue #5821
2015-11-23 06:45:40 +01:00
Hannah Wolfe
d4c8b69673 Support ordering by count
refs #6009

- super quick and dirty way to support ordering by counts
- @TODO refactor :)
2015-11-22 17:18:30 +00:00
Hannah Wolfe
2aa16514a3 Rename post_count to count.posts
refs  #6009

- This is a straight rename, no functionality is added
- The dot syntax requires pre/post processing to convert the name
- This PR also includes several updates to the tests, as they weren't being run as part of Travis!
2015-11-20 14:59:58 +00:00
Hannah Wolfe
5df3cd5cfd Merge pull request #6064 from acburdine/ajax-helper
Add themes 'ajax' helper
2015-11-20 11:54:23 +00:00
Austin Burdine
250edf2b06 add themes ajax helper
closes #5942
- adds helper script for calling the api in themes
- adds tests for said helper script
2015-11-19 07:13:54 -06:00
Sebastian Gierlinger
55564e3daf Merge pull request #6091 from ErisDS/safe-count
Safe post_count for Tags & Users
2015-11-19 10:34:14 +01:00
Eric Schultz
1ddea6dbc1 Add aria-hidden to the pagination arrows
Pagination arrows seem to be an appropriate place to use aria-hidden. That is the use-case for bootstrap (http://getbootstrap.com/components/#aligned-links) and based upon my understanding of area seems to be correct.
2015-11-18 13:54:33 -06:00
Hannah Wolfe
770f45245c Safe post_count for Tags & Users
refs #6009, #5614

- Use the new isPublicContext method to detect whether to add extra clauses to the count
- Add count to users
2015-11-18 19:19:11 +00:00
Hannah Wolfe
f8d9af1010 Add some debugging tools to filters
- pass debug: true to the API to get some useful debug output
- does not work in production mode

Note: I have added these lines back in so many times in the past month or so so that I could
figure out what was happening, I figured everyone else might find them useful.

TODO: use a proper logging method dependent on env
2015-11-18 19:17:06 +00:00
Sebastian Gierlinger
c53d31a059 Merge pull request #6082 from ErisDS/filter-plugin
Filter plugin
2015-11-17 12:32:56 +01:00
Hannah Wolfe
6a0f1cf231 Filter plugin with enforce/default logic
refs #5614, #5943

- adds a new 'filter' bookshelf plugin which extends the model
- the filter plugin provides handling for merging/combining various filters (enforced, defaults and custom/user-provided)
- the filter plugin also handles the calls to gql
- post processing is also moved to the plugin, to be further refactored/removed in future
- adds tests showing how filter could be abused prior to this commit
2015-11-17 10:39:44 +00:00
Sebastian Gierlinger
6b31f362a2 Merge pull request #6083 from ErisDS/filter-missing
Add filter param for tags & users
2015-11-17 08:33:56 +01:00
Sebastian Gierlinger
088d5131cf Merge pull request #6027 from reinoudk/bp-limit
Make bodyparser limit configurable to allow for posts larger than 100kB
2015-11-17 08:25:56 +01:00
Hannah Wolfe
1a3ae578af Add filter param for tags & users
refs #5604

- `filter` is missing from tags & users - add it in and add tests which show it works
2015-11-16 18:16:59 +00:00
Sebastian Gierlinger
1b17456f5b Merge pull request #6067 from ErisDS/gql-update
deps: ghost-gql@0.0.3
2015-11-16 16:00:55 +01:00
Hannah Wolfe
a3bd00d978 deps: ghost-gql@0.0.3
- adds test for nested null/not null query issue
- make use of new findStatement tool
2015-11-16 14:44:48 +00:00
Hannah Wolfe
666a616551 Add access rules bookshelf plugin
refs #5614

- change isPublicContext to detectPublicContext
  - behaviour now expands the context object out
  - this is a bit of a sideeffect, but this is the simplest change
    that makes it possible to use the context in the model layer without
    significant wider changes
- add new access rules plugin
  - takes a context object as part of `forge()` & caches it on the model instance
  - provides helper functions for testing access rules later on
2015-11-16 12:24:01 +00:00
Sebastian Gierlinger
007c06fdc0 Merge pull request #6065 from acburdine/export-fix
Fix DB export throwing access denied errors
2015-11-16 10:00:22 +01:00
Austin Burdine
67a6b4c07b allow api requests to be made with the access token as a query parameter
closes #6040
- adds check for access token query parameter in auth middleware
2015-11-12 11:26:18 -06:00
Hannah Wolfe
4dac01cbf9 Refactor old processOptions/where to use GQL JSON
refs #5943

- no longer assume the options in processOptions are set
- set where to a new GQL JSON-like statement object
- rather than setting options, add statements which can be understood by knexify
- pass the statements through knexify to build the query
2015-11-12 17:24:09 +00:00
Hannah Wolfe
8edf382b40 Move bookshelf plugins into own folder 2015-11-11 19:40:12 +00:00
Reinoud Kruithof
e5e699ad8f Set bodyparser limit to 1mb to allow for posts larger than 100kB
closes #5998
- added bodyparser limit of 1mb in core/server/middleware/index.js
2015-11-10 11:25:24 +01:00
Hannah Wolfe
b8bab0e74c Removing featured option code
ref #5943

- found some more code that can be removed
2015-11-09 12:15:40 +00:00
Sebastian Gierlinger
132b2a7084 Merge pull request #6045 from ErisDS/api-meta
Add meta tags for client_id & client_secret
2015-11-05 10:51:24 +01:00
Hannah Wolfe
19603a33f3 Check client is enabled before auth
no issue

- add a check that the client has status 'enabled' to client auth strategy
- this permits the disabling of clients easily
- update tests
2015-11-04 16:59:56 +00:00
Hannah Wolfe
e70898a842 Add meta tags for client_id & client_secret
refs #5942

- refactor ghost_head to use Promise.props (settle is going away and this is easier)
- add a new call to fetch the frontend client, if it exists
- add meta tags for the client_id and client_secret on all pages
- don't include the meta tags if the client is not enabled, or if the labs flag is not set
2015-11-04 16:39:39 +00:00
Sebastian Gierlinger
ddf9874fa1 Disallow staticPages from public API
refs #5151
- disable staticPages parameter for calls without authentication
2015-11-04 10:03:27 +01:00
Hannah Wolfe
df82895db7 Move get helper behind labs flag
issue #5976

- break out the labs check into a utility
- wrap the get helper in a labs check, so it only works if the checkbox is checked
- make the get helper output an error to both the server and browser console if used when not enabled
2015-11-03 19:39:37 +00:00
Hannah Wolfe
e0a6d027c8 Move cross-table api counts into plugin
refs #6009, #5615

- minimal refactor to remove the addition of count from pagination and other various points
- create a include count plugin that overrides fetch and fetchAll
- this ensures that counts get added at the right points
2015-11-03 14:09:38 +00:00
Sebastian Gierlinger
c4f9cde008 Merge pull request #6037 from ErisDS/pagination
Pagination cleanup & improvements
2015-11-03 13:53:18 +01:00
Sebastian Gierlinger
369b6ad19c Merge pull request #6036 from ErisDS/pipeline
Pipeline util tests, clean & fix
2015-11-03 13:52:31 +01:00
Hannah Wolfe
ea402218d3 Pagination cleanup & improvements
no issue

- switching from using fetch to fetch all means some code can be removed from the fetchPage method
- updating tests to reflect cleaner code
- ensure coverage is at 100%
2015-11-03 11:01:48 +00:00
Hannah Wolfe
9d07e6f3be Pipeline util tests, clean & fix
no issue

- added comments to pipeline util, inc where it came from
- added tests for pipeline util
- tests uncovered a bug with promises for args, which has been fixed
2015-11-03 09:14:44 +00:00
Hannah Wolfe
8db90bae73 Merge pull request #5984 from sebgie/issue#5941
Move Public API behind labs flag
2015-11-02 16:15:50 +00:00
Kevin Ansfield
92123e427f Use tag slugs in URLs for tag management and add front-end edit redirect
refs #5845
- adds custom adapter for tags so that `store.queryRecord('tag', {slug: 'tag-slug'})` hits the `/tags/slug/tag-slug` endpoint instead of `/tags/?slug=tag-slug`
- updates tag management screens to use tag slugs instead of IDs
- adds `/tag/:slug/edit` redirect to front-end
2015-11-02 14:56:59 +00:00
vdemedes
51ce3572a0 Refactor mail API with pipeline utility
refs #5508
- refactor mail API with pipeline utility
2015-11-02 14:23:05 +01:00
Sebastian Gierlinger
bf65c136ce Move Public API behind labs flag
closes #5941
- added UI to labs page
- added method to determine if full authentication is required
- updated public_api tests to enable public api first
2015-11-02 14:18:58 +01:00
Hannah Wolfe
0c9befc16f Merge pull request #5999 from delgermurun/api-db-refactor
db api endpoint validation error refactor
2015-11-02 13:16:07 +00:00
Sebastian Gierlinger
de147ba044 Merge pull request #6030 from ErisDS/mini-refactor
Don't use api to lookup theme in frontend controller
2015-11-02 14:14:59 +01:00
Hannah Wolfe
a78ee06848 Merge pull request #6019 from vdemedes/api-order
Add order parameter
2015-11-01 15:04:24 +00:00
Hannah Wolfe
d6fb21fa28 Don't use api to lookup theme in frontend controller
no issue

- small fix, we already have the info, no need to look it up again
2015-10-30 19:02:06 +00:00
Sebastian Gierlinger
6474bba64e Merge pull request #6024 from cobbspur/limit
Ensure public api can uses limit parameter
2015-10-29 17:23:09 +01:00
cobbspur
d0d126eba7 Ensure public api can uses limit parameter
No Issue

- removes client id and secret after authentication
- adds tests to check default limit, all and integer
2015-10-29 15:36:54 +00:00
vdemedes
8687772604 Make read-directory ignore invalid package.json files
refs #5940, #5923
- make read-directory ignore invalid package.json files
- display a warning about invalid package.json files on startup
- add tests to ensure read-directory continues, even with invalid package.json files
2015-10-28 15:37:52 +01:00
vdemedes
6db41584e7 Add order parameter
refs #5602
- add "order" to default browse options
- parse order parameter in Base model
- accept "order" option in Post, User and Tag models
- add tests for posts order
- add tests for tags order
- add tests for users order
2015-10-28 14:14:03 +01:00
Sebastian Gierlinger
f30c0ba484 Merge pull request #5990 from cobbspur/simplify
Simplify fields and includes prior to fetch
2015-10-27 13:49:12 +01:00
Sebastian Gierlinger
9dc4efca13 Merge pull request #6005 from ErisDS/old-filter-clean
Remove featured, tag, author & role API params
2015-10-27 13:05:12 +01:00
vdemedes
0a0aaf01b2 Replace missing title with "(Untitled)" when creating a post
closes #6014
- replace missing title with "(Untitled)" when creating a post
- add a test for creating post without title
2015-10-27 12:15:09 +01:00
Hannah Wolfe
b8a3415726 Remove featured, tag, author & role API params
refs #5943

- removed featured, tag and author parameters from posts API
   - featured was only used in tests
- removed role filter from users API
   - role was only used in tests
- fixed up the tests, skipping those that don't quite work yet
2015-10-27 10:53:51 +00:00
Hannah Wolfe
ff7517b801 Switch RSS to use new filter param
refs #5943, #5091

- split out channel config
- use config.theme instead of api calls to grab title & desc
- wrap rss call in a function which sets channel config for RSS feeds
- change rss `getData` function to use the new multiple-query-handling fetchData functionality
- make sure channelConfig is set in all tests
2015-10-27 10:00:51 +00:00
Hannah Wolfe
e9035fde4e Switch frontend controller to use new filter param
refs #5943, #5091

- updated fetch-data to handle multiple api queries
- using named keys for queries so that the names of items in the result are correct (tag instead of tags etc)
- updated channel configs in frontend controller
- removed old filter code from frontend controller
- added test coverage for fetch-data and format-response
- fixes / removes tests which are broken by the refactor
2015-10-26 09:40:19 +00:00
Delgermurun
146bb01657 db api endpoint validation error refactor
No issue
- Raised ValidationError instead of PermissionError on db api validation
- Added & modified integration tests
2015-10-25 09:20:13 +08:00
Sebastian Gierlinger
0035cc2ac3 Merge pull request #5995 from ErisDS/get-helper-paths
Add path resolution to get helper
2015-10-23 14:22:48 +02:00
Sebastian Gierlinger
22034a9ce0 Merge pull request #5994 from ErisDS/get-helper-imprv
Fix data merging & add pagination block param
2015-10-23 14:20:39 +02:00
Hannah Wolfe
0be56fb5f0 Merge pull request #5983 from vdemedes/pipeline-themes
Refactor themes endpoint with pipeline utility
2015-10-23 12:37:56 +01:00
Hannah Wolfe
6ecc389370 Fix data merging & add pagination block param
refs #5993

- Don't merge the result set with the existing template data.
- If available, return `meta.pagination` as the second blockParam
2015-10-23 09:40:39 +01:00
Hannah Wolfe
994a20cf8b Add path resolution to get helper
refs #5993

- deps: jsonpath@0.2.0
- adds `resolvePaths` method
- supports handlebars style arrays with `.[]`
- supports shorthand post.tags and post.author for common usecases
- adds more tests & improves existing ones
2015-10-23 02:52:52 +01:00
Sebastian Gierlinger
64d9ce44cf Merge pull request #5985 from ErisDS/frontend-split
Further split up frontend controller & improve tests
2015-10-22 21:41:01 +02:00
Hannah Wolfe
afbcecc3f6 Merge pull request #5848 from sebgie/public-api-1
Public API
2015-10-22 20:39:41 +01:00
Hannah Wolfe
06b03bbcfe Split helper functions from frontend controller
no issue

- Split out 'getPostPage' & rename to fetchData
- Split format response methods into own files
- Split out handleError
- Split out setReqCtx and rename to setRequestIsSecure
- Split out theme paths
- Refactor tests in index_spec.js to be more robust
- Add tests to bring coverage for split file up to 100%
2015-10-22 18:46:58 +01:00
Sebastian Gierlinger
28871d3f4d Merge pull request #5978 from ErisDS/filter-param
Add the filter parameter
2015-10-22 16:42:13 +02:00
cobbspur
7a996ecbe7 Simplify fields and includes prior to fetch
No Issue

- allows comma separated include and field parameters to also have a space
- allows capitals in include and field parameters
2015-10-22 15:39:54 +01:00
Sebastian Gierlinger
f48dfb09cf Public API
refs #4180
closes #4181
- added client and user authentication
- added authenticatePublic/authenticatePrivate as workaround for
missing permissions
- added domain validation
- added CORS header for valid clients
- merged authenticate.js and client-auth.js into auth.js
- removed middleware/api-error-handlers.js
- removed authentication middleware
- added and updated tests
2015-10-22 15:28:47 +02:00
Hannah Wolfe
b5cebb9ec6 Add filter parameter using GQL
refs #5604, refs #5463

- deps: ghost-gql@0.0.2
- adds code to wire up the filtering to a paginated query
- updated pagination plugin count query to use 'distinct' so it's more robust
- rename paginationUtils.query to addLimitAndOffset to be more explicit and make the code clearer
- add a new 'advanced browsing spec' set of tests for tracking these features as they are built out
2015-10-22 11:29:05 +01:00
vdemedes
2cd7f2daca Refactor themes endpoint with pipeline
refs #5508

- use pipeline utility in themes controller
2015-10-22 12:17:16 +02:00
Hannah Wolfe
d666fba855 Merge pull request #5971 from cobbspur/fields
Remove unknown fields from fetch
2015-10-21 18:29:59 +01:00
cobbspur
372907890f Remove invalid fields prior to fetch
closes #5601

- Remove invalid fields prior to fetch
- Adds initial tests for fields
2015-10-21 18:20:09 +01:00
Delgermurun
b37c0f2e91 Apply pipeline to db api endpoint
refs #5508
- adds pipeline to export, import and delete all methods
2015-10-21 09:33:31 +08:00
Sebastian Gierlinger
b9daff6932 Merge pull request #5960 from JohnONolan/emailerror
Email error message cleanup
2015-10-19 10:30:30 +02:00
Hannah Wolfe
2c51a89b66 Refactor auth-strategies to use findOne
- Simplifies both strategy & test code
- Should have no side effects
2015-10-16 19:40:02 +01:00
John O'Nolan
cd8544858a Email error message cleanup 2015-10-16 12:07:09 +02:00
Sebastian Gierlinger
611f1e969b Merge pull request #5619 from ErisDS/issue-4439-get
The {{#get}} helper
2015-10-15 16:21:37 +02:00
Hannah Wolfe
c8bb6081ab Frontend controller refactor & test improvements
no issue

- Split context out of frontend controller
- Add 100% test coverage for context
- Add tests for preview & improve other bits of coverage
- Further refactors (WIP) will make it easier to reach 100% coverage on the frontend
2015-10-15 10:17:42 +01:00
Hannah Wolfe
932f12160a Merge pull request #5940 from vdemedes/read-themes
Add readThemes() utility to get a list of themes
2015-10-14 17:32:41 +01:00
vdemedes
05f44c4c64 Add readThemes() utility to get a list of themes
refs #5923
- add read-themes module to get a list of themes
- replace readDirectory() usage with readThemes(), where only themes are needed
- test read-themes
- test read-directory
- test validate-themes
- test parse-package-json
- add tempfile testing utility to generate temporary paths
2015-10-13 15:54:41 +02:00
Kevin Ansfield
ff73f1af92 deps: grunt-jscs@2.1.0
no issue
- update grunt-jscs dependency
- fix deprecated `validateJSDoc` configuration
- fix numerous linting errors, including:
  - use of future-reserved `public` and `private` variable names
  - use of `[]` instead of dot-notation (especially `express['static']` and `cacheRules['x']`)
  - extra spaces in `const { run } = Ember` style constructs

One issue that did become apparent is that there are conflicting rules that prevent the use of object function shorthand such that both of these:

```
{ myFunc() {} }
{ myFunc () {} }
```

are called out due to either the missing or the extra space before the `(`
2015-10-12 19:21:16 +01:00
vdemedes
20fec74c73 Refactor require-tree and split it into models
closes #5492
- remove core/server/require-tree.js and split it into modules
- add read-directory module to recursively read directories
- add validate-themes module to scan themes and return errors/warnings
- add parse-package-json module to parse json and validate requirements
- rewrite core/server/models/index.js to manually require models
2015-10-12 17:48:37 +02:00
Hannah Wolfe
7f3a9f5675 Merge pull request #5927 from olsio/fix-issue-5913
fix for page deletion not updating sitemap-page.xml
2015-10-12 15:43:53 +01:00
Sebastian Gierlinger
bfefbabfdc Merge pull request #5931 from ErisDS/issue-5905-context
Fix /author/ pages crashing & permit /tag/
2015-10-12 10:35:37 +02:00
Oliver Schneider
13adaec6e7 fix for page deletion not updating sitemap-page.xml
closes #5913

Sitemap deletion is based on the page.unpublished event. The previous
logic was always sending post.unpublished instead. If page or post
event is triggered is based on the ‘page’ attribute of the model. When
the destroyed handler all attributes are already cleared from the model
which makes this logic always fall back to post.

The fix is to move to the destroying event which still has all the
model values in place.
2015-10-12 09:26:26 +02:00
Hannah Wolfe
4e29d9e987 Simplify theme middleware + improve tests
refs #5286, #4172, #5888

- no need to pass blogApp around in middleware
- improve test coverage to 100%
2015-10-11 22:26:43 +01:00
Sebastian Gierlinger
debdfa74df Merge pull request #5934 from ErisDS/findall-partial-revert
Revert to using findAll for internal tools
2015-10-11 18:28:18 +02:00
Sebastian Gierlinger
69e93eb5cb Merge pull request #5929 from ErisDS/issue-5373-emitters
Set a higher maxListeners value
2015-10-11 18:24:23 +02:00
Hannah Wolfe
3e40637cd4 The {{#get}} helper
closes #4439

- adds basic get helper which works with the current API
- allows theme developers to make requests against the API
- supports block params and @error message
- includes 100% test coverage using posts

----

The `{{#get}}` helper is an asynchronous block helper which allows for making
requests for data from the API. This allows theme developers to customise the
data which can be shown on a particular page of a blog.

Requests can be made to the posts, tags or users API endpoints:

```
{{#get "posts" limit="3"}}
  {{#foreach posts}}
     <a href="{{url}}">{{title}}</a>
  {{/foreach}}
{{/get}}
```

The `{{#get}}` helper must be used as a block helper, it supports `{{else}}`
logic, for when no data matching the request is available or if an error has
occurred:

```
{{#get "posts" tag="photo"}}
  ...
{{else}}
  {{#if @error}}
    <p>Something went wrong: {{@error}}</p>
  {{else}}
    <p>No posts found</p>
  {{/if}}
{{/get}}
```

The helper also supports block params, meaning the data it outputs can be
given a different name:

```
{{#get "posts" featured="true" as |featured|}}
  {{#foreach featured}}
    ...
  {{/foreach}}
{{/get}}
```

Please Note: At present asynchronous helpers cannot be nested.
2015-10-11 16:51:12 +01:00
Hannah Wolfe
0764c775a7 Revert to using findAll for internal tools
refs #5909, #4577

- removes accidental '.only' which was hiding issues with the findAll changes
- deleteAllContent and importer still need to use a hard 'findAll' as findPage({limit: 'all'}) doesn't have the same behaviour
2015-10-10 17:07:10 +01:00
Hannah Wolfe
26231d5bd3 Fix /author/ pages crashing & permit /tag/
fixes #5905

- update context patterns to correctly match author & tag pages
- remove 'tag' and 'tags' from reserved slugs - we'll handle this in terms of overrides in future
2015-10-10 14:52:23 +01:00
Hannah Wolfe
b943948d24 Set a higher maxListeners value
fixes #5373

- Set Max Listeners on our Event Emitter to 100
- Stops the '11 listeners added' error on node 0.12 during tests
2015-10-09 19:27:49 +01:00
Sebastian Gierlinger
4c1828c027 Merge pull request #5877 from ErisDS/pr-5864-nav-url
Support for more URL schemes in url helpers
2015-10-09 09:46:56 +02:00
Hannah Wolfe
eed6879845 Merge pull request #5892 from yanntech/fix/pg-upgrade
Public is the default schema but if you use different name your are
2015-10-08 08:54:12 +01:00
Yann Verry
eb5a03c8d8 Ghost can now handle a different schema than the default 'public' in PostgreSQL
closes #5891
- use CURRENT_SCHEMA() instead of 'public'
- remove the WHERE condition
2015-10-06 18:19:23 +02:00
Delgermurun
a501711e71 Remove findAll from models that has findPage
closes #4577
- removed findAll from Post and User
- refactored deleteAllContent and data importer
2015-10-02 18:01:35 +08:00
Hannah Wolfe
390d5fcea2 Remove unnecessary API lookup for activeTheme
- the active theme is already managed and kept up to date as a property
of the express app
- this can be accessed via `req.app` inside of middleware
2015-09-29 22:54:55 +02:00
John O'Nolan
1add453733 Remove forum mentions 2015-09-29 13:10:04 +02:00
Hannah Wolfe
77447fc42d Merge pull request #5876 from sebgie/issue#5872
Fix client.secret for new installs
2015-09-27 13:50:36 +01:00
Hannah Wolfe
20c192557d Test support for various URL schemes
refs #5801
2015-09-27 10:31:49 +01:00
Sebastian Gierlinger
dbc53dc853 Merge pull request #5858 from ErisDS/issue-5808
Show a single 422 error for invalid values
2015-09-26 12:14:12 +02:00
Sebastian Gierlinger
67f759df33 Merge pull request #5875 from ErisDS/no-published-by-override
Don't allow published_by override
2015-09-26 12:08:53 +02:00
Kevin Ansfield
621b633079 Fix front-end URL output for more URL schemes
- allows direct pass-through of protocol-relative (`//host`), alternate-scheme (`tel:`), and anchor-only urls (`#contact`)
2015-09-25 22:58:37 +01:00
Sebastian Gierlinger
a87715f688 Fix client.secret for new installs
closes #5872
- added random secret for new databases
- added temporary fix for existing databases
- secret is still static (`not_available`) during tests
- fixed fork mechanism to keep active environment (never change
NODE_ENV!!!)
2015-09-25 21:03:33 +02:00
Hannah Wolfe
0462607296 Don't allow published_by override
- published_by should be set by business logic, rather than by users

Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
2015-09-25 17:44:49 +01:00
Sebastian Gierlinger
bc25348fcc SSL redirects
closes #5873
- replaced redirectPathname with url method
- added tests
2015-09-25 12:02:14 +02:00
Hannah Wolfe
545bea0eaf Return a single 422 error for invalid values
refs #5808

- Fix the API to return a single 422 error when an invalid value is passed
- Only affects Browse, and not Read at present due to differences in how they are handled
- Frontend was changed to always 404 in #5851
- Adds tests to ensure all cases are covered
2015-09-25 10:30:49 +01:00
Sebastian Gierlinger
63f09687bb Merge pull request #5870 from ErisDS/uncapitalise-subdir
Uncapitalise respects subdirectories & no encoding
2015-09-25 10:29:36 +02:00
Hannah Wolfe
8895f41ee2 Uncapitalise respects subdirectories & no encoding
no issue

- Uncapitalise was dropping the subdirectory when redirecting - so the base url has been added where present
- Uncapitalise was also working differently in node 0.10 and 0.12 - so the path is decoded before testing for uppercase
- Adds some test coverage
2015-09-24 18:52:30 +01:00
Sebastian Gierlinger
cce1cc55ca Merge pull request #5867 from ErisDS/api-password
Don't alter password from User.edit endpoint
2015-09-24 13:37:24 +02:00
Sebastian Gierlinger
4351dfd179 Merge pull request #5866 from cobbspur/import
Fix handling of slugs on import
2015-09-24 12:46:16 +02:00
Hannah Wolfe
07e18cbdff Merge pull request #5863 from acburdine/author-edit
Add `/author/:slug/edit/` route to frontend
2015-09-24 08:42:55 +01:00
Hannah Wolfe
00656a729b Don't alter password from User.edit endpoint
- password changes should only be possible from the password change endpoint

Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
2015-09-23 23:07:49 +01:00
Sebastian Gierlinger
48919a96c0 Merge pull request #5859 from ErisDS/plural
Add replacement for zero in plural helper
2015-09-23 18:42:01 +02:00
cobbspur
c0b5de6e81 Fix handling of slugs on import
closes Issue #5812

- pass importing property through to utils
- fix safeString method for imports
2015-09-23 17:41:44 +01:00
Austin Burdine
61705cf5f4 add author edit route
no issue
- adds front-end author edit route that redirects to the edit author page
- adds tests for edit route
2015-09-23 08:33:09 -05:00
Hannah Wolfe
d1c7ec0799 Add replacement for zero in plural helper
- currently, the plural helper doesn't replace % with the number when the number is zero, which is inconsistent
- this change ensures that theme developers can choose to show the number or a plain string
2015-09-22 16:00:20 +01:00
Nazar Gargol
fd7e118ed5 Returns 404 page instead of crashing a server whenever special characters are used for tag filtering
closes #5808
refs #5816
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
2015-09-20 22:47:34 +02:00
Sebastian Gierlinger
c57edd67a7 Merge pull request #5817 from ErisDS/issue-5810-sqlite
Don't eager load relations on tag update
2015-09-18 14:23:36 +02:00
Sebastian Gierlinger
ef6a99fb34 Merge pull request #5844 from ErisDS/validation-fix
Add underscores to general validation
2015-09-18 11:24:04 +02:00