Commit Graph

1362 Commits

Author SHA1 Message Date
cobbspur
d0d126eba7 Ensure public api can uses limit parameter
No Issue

- removes client id and secret after authentication
- adds tests to check default limit, all and integer
2015-10-29 15:36:54 +00:00
vdemedes
8687772604 Make read-directory ignore invalid package.json files
refs #5940, #5923
- make read-directory ignore invalid package.json files
- display a warning about invalid package.json files on startup
- add tests to ensure read-directory continues, even with invalid package.json files
2015-10-28 15:37:52 +01:00
vdemedes
6db41584e7 Add order parameter
refs #5602
- add "order" to default browse options
- parse order parameter in Base model
- accept "order" option in Post, User and Tag models
- add tests for posts order
- add tests for tags order
- add tests for users order
2015-10-28 14:14:03 +01:00
Sebastian Gierlinger
f30c0ba484 Merge pull request #5990 from cobbspur/simplify
Simplify fields and includes prior to fetch
2015-10-27 13:49:12 +01:00
Kevin Ansfield
bc346d2a42 Routable tags
refs #5845
- Updates tag settings screen to match content screen behaviour. Each now tag has it's own route that is link-able from other areas of the app
- Updates a number of places where jQuery event handler code was not wrapped in Ember's run loop
2015-10-27 12:48:41 +00:00
Sebastian Gierlinger
9dc4efca13 Merge pull request #6005 from ErisDS/old-filter-clean
Remove featured, tag, author & role API params
2015-10-27 13:05:12 +01:00
vdemedes
0a0aaf01b2 Replace missing title with "(Untitled)" when creating a post
closes #6014
- replace missing title with "(Untitled)" when creating a post
- add a test for creating post without title
2015-10-27 12:15:09 +01:00
Hannah Wolfe
b8a3415726 Remove featured, tag, author & role API params
refs #5943

- removed featured, tag and author parameters from posts API
   - featured was only used in tests
- removed role filter from users API
   - role was only used in tests
- fixed up the tests, skipping those that don't quite work yet
2015-10-27 10:53:51 +00:00
Hannah Wolfe
ff7517b801 Switch RSS to use new filter param
refs #5943, #5091

- split out channel config
- use config.theme instead of api calls to grab title & desc
- wrap rss call in a function which sets channel config for RSS feeds
- change rss `getData` function to use the new multiple-query-handling fetchData functionality
- make sure channelConfig is set in all tests
2015-10-27 10:00:51 +00:00
Hannah Wolfe
e9035fde4e Switch frontend controller to use new filter param
refs #5943, #5091

- updated fetch-data to handle multiple api queries
- using named keys for queries so that the names of items in the result are correct (tag instead of tags etc)
- updated channel configs in frontend controller
- removed old filter code from frontend controller
- added test coverage for fetch-data and format-response
- fixes / removes tests which are broken by the refactor
2015-10-26 09:40:19 +00:00
Delgermurun
146bb01657 db api endpoint validation error refactor
No issue
- Raised ValidationError instead of PermissionError on db api validation
- Added & modified integration tests
2015-10-25 09:20:13 +08:00
Hannah Wolfe
994a20cf8b Add path resolution to get helper
refs #5993

- deps: jsonpath@0.2.0
- adds `resolvePaths` method
- supports handlebars style arrays with `.[]`
- supports shorthand post.tags and post.author for common usecases
- adds more tests & improves existing ones
2015-10-23 02:52:52 +01:00
Sebastian Gierlinger
64d9ce44cf Merge pull request #5985 from ErisDS/frontend-split
Further split up frontend controller & improve tests
2015-10-22 21:41:01 +02:00
Hannah Wolfe
afbcecc3f6 Merge pull request #5848 from sebgie/public-api-1
Public API
2015-10-22 20:39:41 +01:00
Hannah Wolfe
06b03bbcfe Split helper functions from frontend controller
no issue

- Split out 'getPostPage' & rename to fetchData
- Split format response methods into own files
- Split out handleError
- Split out setReqCtx and rename to setRequestIsSecure
- Split out theme paths
- Refactor tests in index_spec.js to be more robust
- Add tests to bring coverage for split file up to 100%
2015-10-22 18:46:58 +01:00
Sebastian Gierlinger
28871d3f4d Merge pull request #5978 from ErisDS/filter-param
Add the filter parameter
2015-10-22 16:42:13 +02:00
cobbspur
7a996ecbe7 Simplify fields and includes prior to fetch
No Issue

- allows comma separated include and field parameters to also have a space
- allows capitals in include and field parameters
2015-10-22 15:39:54 +01:00
Sebastian Gierlinger
f48dfb09cf Public API
refs #4180
closes #4181
- added client and user authentication
- added authenticatePublic/authenticatePrivate as workaround for
missing permissions
- added domain validation
- added CORS header for valid clients
- merged authenticate.js and client-auth.js into auth.js
- removed middleware/api-error-handlers.js
- removed authentication middleware
- added and updated tests
2015-10-22 15:28:47 +02:00
Hannah Wolfe
b5cebb9ec6 Add filter parameter using GQL
refs #5604, refs #5463

- deps: ghost-gql@0.0.2
- adds code to wire up the filtering to a paginated query
- updated pagination plugin count query to use 'distinct' so it's more robust
- rename paginationUtils.query to addLimitAndOffset to be more explicit and make the code clearer
- add a new 'advanced browsing spec' set of tests for tracking these features as they are built out
2015-10-22 11:29:05 +01:00
Hannah Wolfe
d666fba855 Merge pull request #5971 from cobbspur/fields
Remove unknown fields from fetch
2015-10-21 18:29:59 +01:00
cobbspur
372907890f Remove invalid fields prior to fetch
closes #5601

- Remove invalid fields prior to fetch
- Adds initial tests for fields
2015-10-21 18:20:09 +01:00
Delgermurun
b37c0f2e91 Apply pipeline to db api endpoint
refs #5508
- adds pipeline to export, import and delete all methods
2015-10-21 09:33:31 +08:00
Sebastian Gierlinger
b9daff6932 Merge pull request #5960 from JohnONolan/emailerror
Email error message cleanup
2015-10-19 10:30:30 +02:00
Sebastian Gierlinger
c6b505569b Merge pull request #5963 from ErisDS/auth-strategy-refactor
Auth strategy refactor
2015-10-18 11:56:47 +02:00
Hannah Wolfe
2c51a89b66 Refactor auth-strategies to use findOne
- Simplifies both strategy & test code
- Should have no side effects
2015-10-16 19:40:02 +01:00
Hannah Wolfe
58e31f3bd8 Refactor auth strategy tests to not use DB
- unit tests are not intended to call out to the db
- this fakes the response from the model layer
2015-10-16 19:40:01 +01:00
Hannah Wolfe
106dcb77be deps: rss@1.2.0
- Required test fix, as newline has been removed from the end of the <?xml decl
2015-10-16 17:53:22 +01:00
John O'Nolan
cd8544858a Email error message cleanup 2015-10-16 12:07:09 +02:00
Sebastian Gierlinger
611f1e969b Merge pull request #5619 from ErisDS/issue-4439-get
The {{#get}} helper
2015-10-15 16:21:37 +02:00
Hannah Wolfe
c8bb6081ab Frontend controller refactor & test improvements
no issue

- Split context out of frontend controller
- Add 100% test coverage for context
- Add tests for preview & improve other bits of coverage
- Further refactors (WIP) will make it easier to reach 100% coverage on the frontend
2015-10-15 10:17:42 +01:00
Hannah Wolfe
932f12160a Merge pull request #5940 from vdemedes/read-themes
Add readThemes() utility to get a list of themes
2015-10-14 17:32:41 +01:00
vdemedes
05f44c4c64 Add readThemes() utility to get a list of themes
refs #5923
- add read-themes module to get a list of themes
- replace readDirectory() usage with readThemes(), where only themes are needed
- test read-themes
- test read-directory
- test validate-themes
- test parse-package-json
- add tempfile testing utility to generate temporary paths
2015-10-13 15:54:41 +02:00
Kevin Ansfield
ff73f1af92 deps: grunt-jscs@2.1.0
no issue
- update grunt-jscs dependency
- fix deprecated `validateJSDoc` configuration
- fix numerous linting errors, including:
  - use of future-reserved `public` and `private` variable names
  - use of `[]` instead of dot-notation (especially `express['static']` and `cacheRules['x']`)
  - extra spaces in `const { run } = Ember` style constructs

One issue that did become apparent is that there are conflicting rules that prevent the use of object function shorthand such that both of these:

```
{ myFunc() {} }
{ myFunc () {} }
```

are called out due to either the missing or the extra space before the `(`
2015-10-12 19:21:16 +01:00
Hannah Wolfe
7f3a9f5675 Merge pull request #5927 from olsio/fix-issue-5913
fix for page deletion not updating sitemap-page.xml
2015-10-12 15:43:53 +01:00
Sebastian Gierlinger
bfefbabfdc Merge pull request #5931 from ErisDS/issue-5905-context
Fix /author/ pages crashing & permit /tag/
2015-10-12 10:35:37 +02:00
Oliver Schneider
13adaec6e7 fix for page deletion not updating sitemap-page.xml
closes #5913

Sitemap deletion is based on the page.unpublished event. The previous
logic was always sending post.unpublished instead. If page or post
event is triggered is based on the ‘page’ attribute of the model. When
the destroyed handler all attributes are already cleared from the model
which makes this logic always fall back to post.

The fix is to move to the destroying event which still has all the
model values in place.
2015-10-12 09:26:26 +02:00
Hannah Wolfe
4e29d9e987 Simplify theme middleware + improve tests
refs #5286, #4172, #5888

- no need to pass blogApp around in middleware
- improve test coverage to 100%
2015-10-11 22:26:43 +01:00
Hannah Wolfe
3e40637cd4 The {{#get}} helper
closes #4439

- adds basic get helper which works with the current API
- allows theme developers to make requests against the API
- supports block params and @error message
- includes 100% test coverage using posts

----

The `{{#get}}` helper is an asynchronous block helper which allows for making
requests for data from the API. This allows theme developers to customise the
data which can be shown on a particular page of a blog.

Requests can be made to the posts, tags or users API endpoints:

```
{{#get "posts" limit="3"}}
  {{#foreach posts}}
     <a href="{{url}}">{{title}}</a>
  {{/foreach}}
{{/get}}
```

The `{{#get}}` helper must be used as a block helper, it supports `{{else}}`
logic, for when no data matching the request is available or if an error has
occurred:

```
{{#get "posts" tag="photo"}}
  ...
{{else}}
  {{#if @error}}
    <p>Something went wrong: {{@error}}</p>
  {{else}}
    <p>No posts found</p>
  {{/if}}
{{/get}}
```

The helper also supports block params, meaning the data it outputs can be
given a different name:

```
{{#get "posts" featured="true" as |featured|}}
  {{#foreach featured}}
    ...
  {{/foreach}}
{{/get}}
```

Please Note: At present asynchronous helpers cannot be nested.
2015-10-11 16:51:12 +01:00
Hannah Wolfe
0764c775a7 Revert to using findAll for internal tools
refs #5909, #4577

- removes accidental '.only' which was hiding issues with the findAll changes
- deleteAllContent and importer still need to use a hard 'findAll' as findPage({limit: 'all'}) doesn't have the same behaviour
2015-10-10 17:07:10 +01:00
Hannah Wolfe
26231d5bd3 Fix /author/ pages crashing & permit /tag/
fixes #5905

- update context patterns to correctly match author & tag pages
- remove 'tag' and 'tags' from reserved slugs - we'll handle this in terms of overrides in future
2015-10-10 14:52:23 +01:00
Sebastian Gierlinger
4c1828c027 Merge pull request #5877 from ErisDS/pr-5864-nav-url
Support for more URL schemes in url helpers
2015-10-09 09:46:56 +02:00
Hannah Wolfe
62acd48c6b Merge pull request #5920 from kevinansfield/fix-upload-autoscroll
Fix preview scroll jump when adding/removing images
2015-10-07 12:46:56 +01:00
Kevin Ansfield
a0ec07f797 Ember-cli, Ember, & Ember Data 1.13.x upgrades
closes #5630
- upgrade ember-cli to latest version
- upgrade ember to latest 1.13.x release
- upgrade ember data to latest 1.13.x release
    - update custom adapters and serialisers for new internal JSON-API compatible formats [(docs)][1]
    - update all store queries to use new standardised query methods [(docs)][2]
    - add ember-data-filter addon ready for store.filter removal in ember-data 2.0 [(docs)][3]
- remove use of prototype extensions for computed properties and observers
- consolidate pagination into a single route mixin and simplify configuration

[1]: http://emberjs.com/blog/2015/06/18/ember-data-1-13-released.html#toc_transition-to-the-new-jsonserializer-and-restserializer-apis
[2]: http://emberjs.com/blog/2015/06/18/ember-data-1-13-released.html#toc_simplified-find-methods
[3]: http://emberjs.com/blog/2015/06/18/ember-data-1-13-released.html#toc_ds-store-filter-moved-to-an-addon
2015-10-06 16:09:05 +01:00
Kevin Ansfield
746fd237fe Fix preview scroll jump when adding/removing images
closes #5917
- fixes duplication of dropzone event handlers by filtering for an added data-attribute
- avoid running dropzone code if only scrollPosition attr changes
- fix scroll position jump when adding/removing images by only adjusting preview scroll position when editor scroll position changes
2015-10-06 14:47:06 +01:00
Hannah Wolfe
390d5fcea2 Remove unnecessary API lookup for activeTheme
- the active theme is already managed and kept up to date as a property
of the express app
- this can be accessed via `req.app` inside of middleware
2015-09-29 22:54:55 +02:00
Hannah Wolfe
77447fc42d Merge pull request #5876 from sebgie/issue#5872
Fix client.secret for new installs
2015-09-27 13:50:36 +01:00
Hannah Wolfe
20c192557d Test support for various URL schemes
refs #5801
2015-09-27 10:31:49 +01:00
Sebastian Gierlinger
dbc53dc853 Merge pull request #5858 from ErisDS/issue-5808
Show a single 422 error for invalid values
2015-09-26 12:14:12 +02:00
Sebastian Gierlinger
67f759df33 Merge pull request #5875 from ErisDS/no-published-by-override
Don't allow published_by override
2015-09-26 12:08:53 +02:00
Kevin Ansfield
621b633079 Fix front-end URL output for more URL schemes
- allows direct pass-through of protocol-relative (`//host`), alternate-scheme (`tel:`), and anchor-only urls (`#contact`)
2015-09-25 22:58:37 +01:00
Sebastian Gierlinger
a87715f688 Fix client.secret for new installs
closes #5872
- added random secret for new databases
- added temporary fix for existing databases
- secret is still static (`not_available`) during tests
- fixed fork mechanism to keep active environment (never change
NODE_ENV!!!)
2015-09-25 21:03:33 +02:00
Hannah Wolfe
0462607296 Don't allow published_by override
- published_by should be set by business logic, rather than by users

Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
2015-09-25 17:44:49 +01:00
Sebastian Gierlinger
bc25348fcc SSL redirects
closes #5873
- replaced redirectPathname with url method
- added tests
2015-09-25 12:02:14 +02:00
Hannah Wolfe
545bea0eaf Return a single 422 error for invalid values
refs #5808

- Fix the API to return a single 422 error when an invalid value is passed
- Only affects Browse, and not Read at present due to differences in how they are handled
- Frontend was changed to always 404 in #5851
- Adds tests to ensure all cases are covered
2015-09-25 10:30:49 +01:00
Sebastian Gierlinger
63f09687bb Merge pull request #5870 from ErisDS/uncapitalise-subdir
Uncapitalise respects subdirectories & no encoding
2015-09-25 10:29:36 +02:00
Hannah Wolfe
8895f41ee2 Uncapitalise respects subdirectories & no encoding
no issue

- Uncapitalise was dropping the subdirectory when redirecting - so the base url has been added where present
- Uncapitalise was also working differently in node 0.10 and 0.12 - so the path is decoded before testing for uppercase
- Adds some test coverage
2015-09-24 18:52:30 +01:00
Kevin Ansfield
cdd6cf7d3e Fix over-sized editor pane widths
closes #5804, supersedes and closes #5820
- adds a fixed width that flexbox can expand from to prevent flexbox content dictating the width (see https://github.com/TryGhost/Ghost/issues/5804#issuecomment-141416812)
- adds a hack to the casperjs tests reverting the CSS change because phantomjs and flexbox don't get along
2015-09-24 18:46:13 +01:00
Sebastian Gierlinger
cce1cc55ca Merge pull request #5867 from ErisDS/api-password
Don't alter password from User.edit endpoint
2015-09-24 13:37:24 +02:00
Sebastian Gierlinger
4351dfd179 Merge pull request #5866 from cobbspur/import
Fix handling of slugs on import
2015-09-24 12:46:16 +02:00
Hannah Wolfe
07e18cbdff Merge pull request #5863 from acburdine/author-edit
Add `/author/:slug/edit/` route to frontend
2015-09-24 08:42:55 +01:00
Hannah Wolfe
00656a729b Don't alter password from User.edit endpoint
- password changes should only be possible from the password change endpoint

Credits: An anonymous researcher working with Beyond Security's SecuriTeam Secure Disclosure program
2015-09-23 23:07:49 +01:00
Sebastian Gierlinger
48919a96c0 Merge pull request #5859 from ErisDS/plural
Add replacement for zero in plural helper
2015-09-23 18:42:01 +02:00
cobbspur
c0b5de6e81 Fix handling of slugs on import
closes Issue #5812

- pass importing property through to utils
- fix safeString method for imports
2015-09-23 17:41:44 +01:00
Austin Burdine
61705cf5f4 add author edit route
no issue
- adds front-end author edit route that redirects to the edit author page
- adds tests for edit route
2015-09-23 08:33:09 -05:00
Hannah Wolfe
d1c7ec0799 Add replacement for zero in plural helper
- currently, the plural helper doesn't replace % with the number when the number is zero, which is inconsistent
- this change ensures that theme developers can choose to show the number or a plain string
2015-09-22 16:00:20 +01:00
Nazar Gargol
fd7e118ed5 Returns 404 page instead of crashing a server whenever special characters are used for tag filtering
closes #5808
refs #5816
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
2015-09-20 22:47:34 +02:00
Sebastian Gierlinger
ef6a99fb34 Merge pull request #5844 from ErisDS/validation-fix
Add underscores to general validation
2015-09-18 11:24:04 +02:00
Hannah Wolfe
95623e60ae Add underscores to general validation
fixes #5816

- general slugs and other fields should permit underscores as well as dashes
2015-09-17 12:24:11 +01:00
Hannah Wolfe
1cbef8a712 Merge pull request #5802 from sebgie/fix-cache-test
Fix cache-control test
2015-09-08 19:17:41 +01:00
Sebastian Gierlinger
762824690a Improve Middleware Code Coverage
refs #5286
- finished tests for check-ssl.js
2015-09-08 18:05:22 +02:00
Sebastian Gierlinger
93070c60e2 Fix cache-control test
no issue
- fixed brackets to execute test again
2015-09-03 17:42:15 +02:00
Hannah Wolfe
a3f107da8e Maintain tag order for posts
refs #5727, #5602

- Add new 'order' column to posts_tags table
- Migrate all existing posts_tags to have a correct value for 'order'
- Rewrite updateTags to not remove all tags, and to correctly maintain order
- Add transaction support for tag operations
- Many tests
2015-09-02 16:39:34 +01:00
Sebastian Gierlinger
f22796ff7d Add dynamic client_id/client_secret
no issue
- added ghost-admin client_id to admin
- added ghost-admin client_secret to admin
- added client.read() api endpoint
- added random generation of client_secret to migration
- removed addClientSecret method
- updated tests
2015-09-02 16:39:34 +01:00
Joe Cannatti
6938216984 Add tour field to User
closes #5171

- adds tour field to user model
- Bump Schema version
- Update tests
2015-09-02 13:39:22 +01:00
Austin Burdine
6c5fea40ca Remove auto-inclusion of jQuery via ghost_foot
closes #5298
- remove all harcoded instances of jQuery throughout the front-end of the blog
- add migration function to add cdn link to ghost_foot code injection when migrating up from version 003
- migration version bump
2015-09-02 13:39:22 +01:00
Sebastian Gierlinger
52e35a282b Add table columns for OAuth
closes #4174
- added trusted domains
- removed unique constraint from secret
2015-09-02 13:39:22 +01:00
Samuel Goodwin
48601e6f49 Add the needed table columns for client Oauth.
closes #4174
- Added columns to client table in schema.js
- Bumped database version in default-settings.json
- Updated tests to support new schema version
2015-09-02 13:39:21 +01:00
Kevin Ansfield
871ba32343 Basic post/user search
refs #5343, #5652
- implements basic post and user search using selectize input
- queries minimal API endpoint and refreshes results on search input focus if results are older than 60 seconds
2015-08-31 22:47:26 +01:00
Sebastian Gierlinger
5ce8ca5d6e Merge pull request #5518 from ErisDS/fetch-options
Field options
2015-08-29 19:49:38 +02:00
Hannah Wolfe
e9a96816ac Adding 'fields' param for browse requests
refs #5601, #5463, #5343

- adds rudimentary support for a 'fields' parameter on browse requests
2015-08-28 19:08:22 +01:00
Hannah Wolfe
0e7968c573 Merge pull request #5709 from kevinansfield/tag-name-comma-validation
Validate leading commas in tag names
2015-08-28 19:03:31 +01:00
cobbspur
9bf4a39e83 Add loading spinner to forgot button on signin page
refs #5652

- replaces basic forgot? button on signin page with spin button
- replaces {{input with gh-input}}
2015-08-28 17:20:03 +01:00
Kevin Ansfield
624893456e Set a minimum spin time of 1 second for gh-spin-button
refs #5652, #5719
- adds a timeout to `gh-spin-button` so the spinner is always shown for at least 1 second

As a stopgap solution before #5719 can be implemented it was decided to keep the button spinning for a minimum time, even if the associated action completes quickly. Discussion can be found at https://ghost.slack.com/archives/dev/p1440670418004358
2015-08-27 22:16:01 +01:00
Kevin Ansfield
5d572bda0d Fix invite user validation issues in signup
refs #5652
- wrap emails input in `{{gh-form-group}}` component to give element success/error classes
- pull validation messages into submit button
- clean up validation related aspects of step three controller
2015-08-27 14:05:52 +01:00
cobbspur
78d8b7e1d8 Change reset page errors to match sign-in page
No Issue

- Takes the inline validation messages and displays below form
- Removes unnecessary gh-error-message components from signin and reset pages
 - Returns error messages to sign-in validations
2015-08-26 12:00:37 +01:00
Kevin Ansfield
32ff18ccb0 Validate tag names don't start with commas
closes #5685
- Adds client and server-side validation for tag names starting with commas
- Trim tag names before adding in PSM (tag attributes are already trimmed before saving in TSM)
2015-08-24 16:55:30 +01:00
John O'Nolan
d1e5a8d89c Merge pull request #5702 from kevinansfield/zelda-signin-updates
Fixes for sign-in error handling
2015-08-24 08:00:13 +02:00
Hannah Wolfe
fc39bd1ed4 Merge pull request #5705 from sebgie/auth-strategies-coverage
Improve middleware coverage
2015-08-23 19:05:39 +01:00
Sebastian Gierlinger
6120d0a80f Improve middleware coverage
refs #5286
- changed auth-strategies to be testable
- added tests
2015-08-21 23:46:42 +02:00
Hannah Wolfe
7fa468d9ea Merge pull request #5682 from kevinansfield/tags-v4
Replace the current tag input with a selectize based input
2015-08-21 21:34:06 +01:00
Kevin Ansfield
90d75b2189 Fixes for sign-in error handling
issue #5652, closes #5641
- removes inline errors for empty fields
- separate validation routines for sign-in and forgot password
- highlight fields with errors when trying to submit
2015-08-21 19:38:44 +01:00
Kevin Ansfield
dd9aa0f873 Add inline error handling when creating/editing tag
closes #5684
- add inline error checking and display to tag name & meta data fields
- add tests for tags screen
2015-08-21 18:06:52 +01:00
Kevin Ansfield
c9d053b950 Replace the current tag input with a selectize based input
issue #3800, closes #5648
- uses ember-cli-selectize addon for the tag editing functionality in the PSM
2015-08-20 14:40:56 +01:00
Sebastian Gierlinger
b2ede23c4a Remove duplicate function
no issue
- remove duplicate registerSuccessfulBearerStrategy

Thanks to @jonblack for finding that!
2015-08-12 15:17:09 +02:00
Sebastian Gierlinger
9376bdf699 Merge pull request #5646 from ErisDS/issue-5150-nextprev
Next/Prev Post helpers include author & tags
2015-08-11 15:46:23 +02:00
Hannah Wolfe
4c96fba67f Merge pull request #5633 from acburdine/spin-buttons
Add spin buttons
2015-08-10 19:06:32 +01:00
Austin Burdine
748895ce77 add spin-button component & implement it
closes #3928
- adds spin-button component & styles
- implements spin-button in places where buttons trigger async tasks
2015-08-10 09:43:50 -06:00
Austin Burdine
2c5d2d6a2d reimplement tag editing component for posts
refs #3800
- remove old tag editor code
- reimplement tag editor as an ember component
- add tag editor component to PSM
2015-08-10 07:22:37 -06:00
Hannah Wolfe
a00eace849 Next/Prev Post helpers include author & tags
closes #5150

- Post API understands next.author, next.tags, previous.author and previous.tags
- Post Read request filters out those properties and does the right thing with them
- Prev/Next post helpers send extra include properties
- Tests updated
2015-08-10 08:58:25 +01:00
Hannah Wolfe
8d89c3e5ab Fix pagination for tags with post_count
closes #5551

- adds new test fixture generator and tests for tag pagination
- changes how post_count is added to use a select subquery rather than a join
2015-08-09 18:59:58 +01:00
Sebastian Gierlinger
a993f80a51 Auth tests
- added tests for authentication middleware
- changed use of auth strategies
2015-08-09 12:50:05 +02:00
Fabian Becker
c1a2601514 Middleware Refactor
- Refactor SSL middleware into separate module.
- Refactor redirectToSetup to separate module + tests
- Refactor serveStaticFile + tests
- Refactor authentication middleware + tests
- Refactor private blogging middleware

refs #5286
2015-08-04 14:53:58 +02:00
Hannah Wolfe
524b247c58 Add public API permission handling
refs #4004, #5614

- added new public permission handling functions to permissions
- added a new util to handle either public permissions or normal permissions
- updated posts, tags and users endpoints to use the new util
- added test coverage for the new code
2015-08-03 19:30:17 +01:00
cobbspur
45d1541666 Increase api integration coverage for posts
No Issue

- adds integration tests for posts endpoint - read and browse
- adds grunt coverage-integration task
2015-07-30 17:54:14 +01:00
Hannah Wolfe
d045cad0e5 Merge pull request #5612 from cobbspur/fixFeaturedPost
Fix API query for featured posts
2015-07-29 12:22:29 +01:00
cobbspur
870d6af066 Fix API query for featured posts
No Issue

- fixes bug where featured: false was not being built into query
- adds tests
2015-07-29 02:42:08 +01:00
Kevin Ansfield
1bcd7fd333 Replace validation notifications with inline validations
issue #5409 & #5336

- update settings/general
- update signin
- update signup
- update edit user
- update reset password
- update setup/three
- remove `formatErrors` function from validationEngine mixin (it's no longer needed as inline validations should handle this instead)
2015-07-28 12:26:34 +01:00
Kevin Ansfield
7ac6ebb920 Refactor notifications service & components
issue #5409

- change persistent/passive notification status to alert/notification
- replace showSuccess/Info/Warn/Error with showNotification/showAlert
- fix and clean up notification/alert components
2015-07-28 12:26:11 +01:00
Hannah Wolfe
1e630e6c90 Merge pull request #5578 from hwdsl2/fix-rss-protocol-relative-urls
RSS Fix: Do not convert protocol relative URLs
2015-07-22 22:28:13 +01:00
Hannah Wolfe
ab2049e35c Merge pull request #5580 from halfdan/update-deps
Update lodash and cheerio
2015-07-22 21:35:02 +01:00
hwdsl2
14dd95faf2 RSS Fix: Do not convert protocol relative URLs
closes #5567
- Fixed an issue with protocol relative URLs in the RSS feed
- Such URLs should be kept as-is and not prefixed with baseUrl
- Added corresponding test to cover this case
2015-07-21 23:16:04 -05:00
Fabian Becker
2878b5ae00 Update lodash and cheerio
- update lodash to 3.1.0
- cheerio update uses new css-select, css-what packages (others were deprecated)

refs #5578
2015-07-21 19:59:49 +02:00
Hannah Wolfe
5c637dd37a Merge pull request #5595 from halfdan/fix/5593
Don't rely on order of updates when editing multiple settings
2015-07-21 16:59:16 +01:00
Jason Williams
c3951c4fd7 Merge pull request #5570 from ErisDS/issue-5564
Fix regressions with password reset
2015-07-21 10:14:56 -05:00
Fabian Becker
cf4660dd46 Don't rely on order of updates when editing multiple settings
fixes #5593
2015-07-21 12:41:56 +02:00
Hannah Wolfe
4ba77e0da4 Fix regressions with password reset
fixes #5564

- adds missing part of `/setup/` url in authentication middleware
- ensures data is passed through from API to model in correct (new) format for password reset
- re-adds missing/incorrectly commented out auth tests, and verifies that reset as far as token validation
2015-07-21 08:47:26 +01:00
Sebastian Gierlinger
52f576e185 Merge pull request #5497 from ErisDS/foreach
Improvements to the {{foreach}} helper
2015-07-20 21:36:28 +02:00
Sebastian Gierlinger
4a89c6ac3e Merge pull request #5516 from ErisDS/issue-2758-api-opts
API Option Handling
2015-07-20 21:19:13 +02:00
Fabian Becker
0309b5aa46 Fix urlFor to preserve mailto:
fixes #5561
2015-07-18 03:45:06 +02:00
Hannah Wolfe
2b1c191ae8 Merge pull request #5554 from halfdan/fix/windows-tests
Fix failing frontend_spec on windows.
2015-07-15 14:27:56 +01:00
Fabian Becker
50d4f02388 Fix signin test (run setup properly)
fixes #5536
2015-07-15 12:31:02 +02:00
Hannah Wolfe
b1dd96ecc2 Removing incorrect 405 handling
refs #2757

- As per this convo: https://ghost.slack.com/archives/ghost/p1436895553007431 the 405 handling in Ghost is acting
as a catch all, rather than only returning when the wrong HTTP method is used for a valid resource.
- Implementing proper 405 with express is a challenge, and therefore we defer doing this work until it is needed
2015-07-14 20:49:19 +01:00
Hannah Wolfe
e044136503 API Option Handling
refs #2758

- add a set of default options to utils
- update validation function to only pass through permitted options
- pass permitted options into validate where necessary
- setup basic validation for each known option, and generic validation for the remainder
- change slug to treat 'name' as data, rather than an option
2015-07-14 18:20:27 +01:00
Fabian Becker
99855dfb37 Fix failing frontend_spec on windows. Don't rely on path matches. 2015-07-14 11:16:41 +02:00
Hannah Wolfe
76ebdfd4f9 Merge pull request #5539 from jomahoney/owner-perm
Changed admin permissions so Owner role only editable by itself
2015-07-11 11:33:17 +01:00
Hannah Wolfe
843dd31b74 Merge pull request #5523 from Remchi/change-reset-password-refactor
Refactor changePassword and resetPassword
2015-07-11 11:31:50 +01:00
John O'Mahoney
bce5483ef3 Changed admin permissions so Owner role only editable by itself
closes #5521
- Added test for admin rejection of owner edit
- Added specific permissions so admins can edit Admin, Editor and Author
  roles
2015-07-10 20:46:00 +01:00
Jason Williams
3135fb9761 Refactor role selects; pause transition if saving
Refs #5501
- Switch role select dropdowns from gh-select based components to
  gh-select-native.
- Prevent transition out of editor while there is an in-flight save.
2015-07-09 12:10:00 -05:00
Austin Burdine
ea13133218 [TEMPORARY] commented out failing tests
refs #5501
- comments out failing tests until they can get fixed
2015-07-09 11:05:36 -04:00
John O'Mahoney
ac80569c31 Adds meta referrer tag to the head of ghost pages
closes #5522
- Added meta tag
- Added meta tag to tests
2015-07-08 14:59:39 +01:00
Rem Zolotykh
9323abbb44 Refactor changePassword and resetPassword
issue #5500
- make `changePassword` and `resetPassword` methods on `user` model
  consistent: use `object` and `options` arguments instead of multiple
  different arguments
- change User API `changePassword` method to use these new arguments
2015-07-07 22:03:17 +02:00
Hannah Wolfe
dc06deaa29 Merge pull request #5453 from cobbspur/teampermissions
Change permissions for team area
2015-07-06 20:54:29 +01:00
Austin Burdine
d0c151be70 adds inline errors to validation
closes #5336
- creates gh-form-group component to handle form group status
- refactors current validation methods to work on a per-property basis
- adds gh-error-message component to render error message
- removes (comments out) tests that pertain to the old notifications until the new inline validation is added
2015-07-05 14:02:06 -04:00
cobbspur
ba80e6ebaa Change permissions for team area
closes #5434

- remove transition away from team page to user page of authors
- hide invite button from authors
- hide invited users from authors
- adjusted gh-user-can and renamed to gh-user-can-admin
- hide password reset on owners profile from administrators
- hide input field for owner email from administrators pending api fix
- fix up tests
2015-07-03 20:06:45 +01:00
Hannah Wolfe
b8415e8b90 Merge pull request #5349 from acburdine/onboarding-api
Add PUT route to authentication setup
2015-06-30 12:03:21 +01:00
Sebastian Gierlinger
a0d0045edb Merge pull request #5467 from ErisDS/api-pipeline
Refactor to using pipeline for the API
2015-06-30 10:28:44 +02:00
Austin Burdine
a2a0ba9023 adds put route to authentication setup
closes #5342
- adds put version of authentication/setup that allows for updating of owner/settings values
- doesn't send welcome email
- adds tests for new put route
2015-06-29 13:16:10 -04:00
Hannah Wolfe
8aaac1edd5 Improvements to the {{foreach}} helper
refs #4439

- Brings our custom foreach helper (which has extra features) back into line with Handlebar's own each helper
- Adds a new @number variable to foreach, so that building numbered lists is PEASY
- Improved the existing tests, and added a few more
2015-06-29 17:27:57 +01:00
Sebastian Gierlinger
64e20735a3 Merge pull request #5491 from ErisDS/issue-5490-no-post-url
Add event handling to pagination plugin
2015-06-29 11:44:22 +02:00
Hannah Wolfe
51ac3f6532 Refactor to using pipeline for the API
refs #2758

- Post, Tag & User API methods are refactored to use pipeline
- Each functional code block is a named task function
- Each function takes options, manipulates it, and returns options back
- Tasks like permissions can reject if they don't pass, causing the pipeline to fail
- Tasks like validating and converting options might be abstracted out into utils - the same for each endpoint
- Tasks like the data call can be extremely complex if needs be (like for some user endpoints)
- Option validation is mostly factored out to utils
- Option conversion is factored out to utils
- API utils have 100% test coverage
- Minor updates to inline docs, more to do here
2015-06-28 22:52:31 +01:00
Hannah Wolfe
4772e38521 Add event handling to pagination plugin
closes #5490

- use same event handling pattern as fetchAll
- add support for `fetching:collection` to post model
- add tests to check that url is fetched via findAll and findPage
2015-06-26 22:56:03 +01:00
Hannah Wolfe
f6322da4c9 Use extends correctly & consistently
- extends clobbers the first argument you pass to it, so that should not be a variable that is used elsewhere, if you're also assigning the value, as it will have unintended side effects.
2015-06-25 19:56:27 +01:00
Hannah Wolfe
b3f4beade8 Merge pull request #5471 from kowsheek/5370-settings-model-events
Add events to settings model
2015-06-25 11:08:51 +01:00
Jason Williams
aa333363fe Merge pull request #5479 from ErisDS/author-relation
Use 'author' for relation instead of 'author_id'
2015-06-24 09:01:20 -05:00
Hannah Wolfe
7705e30995 Use 'author' for relation instead of 'author_id'
- this clears a todo in the codebase & gets rid of a few lines of unnecessary code
2015-06-24 10:00:24 +01:00
cobbspur
8a8e90e9a2 Take Trashcan off of url screen for image uploader
closes #5433
- add gh-input class to inputs
- stop the incorrect addition of trash can on url page
- fix trigger of upload success to show loading in editor
- fix duplicate url field for images outside of editor when there is no file storage
2015-06-23 13:14:04 +01:00
Kowsheek Mahmood
68d1feb8c5 Add events to settings model
closes #5370
- Add settings key in the event emission
- Update settings spec to test for events emitted with settings key
2015-06-23 14:33:08 +06:00
Hannah Wolfe
7761873db7 Abstract findPage & add pagination Bookshelf plugin
closes #2896

- move default options / custom code into model functions
- move most of the filtering logic into base/utils.filtering (to be relocated)
- move the remainder of findPage back into base/index.js and remove from posts/users&tags
- move pagination-specific logic to a separate 'plugin' file
- pagination provides new fetchPage function, similar to fetchAll but handling pagination
- findPage model method uses fetchPage
- plugin is fully unit-tested and documented
2015-06-22 10:20:47 +01:00
Jason Williams
1cd703f775 Merge pull request #5451 from cobbspur/userRoutes
Move users routes out of settings & change to team
2015-06-18 14:20:06 -05:00
cobbspur
f67147a685 Move users routes out of settings & change to team
issue #5434

- move users routes/views/controllers out of settings
- rename users team
- update nav-menu.hbs
- remove legacy routes
- fix up tests
2015-06-18 19:46:46 +01:00
Hannah Wolfe
8fe8f8a07b Merge pull request #5447 from kevinansfield/signin-no-email-notification
Provide a more intuitive error message on sign-in for missing email
2015-06-18 17:24:33 +01:00
Jason Williams
c16db084a1 Ensure sqlite3 uses a single database connection
Closes #5411
- Using rewire on the config package circumvents the
  singleton nature of required packages, resulting in a
  second instance of knex and a second connection to the
  sqlite3 database.
2015-06-18 00:54:23 -05:00
Kevin Ansfield
db558e38ea Provide a more intuitive error message on sign-in for missing email
issue 4651#issuecomment-112141801
- display "Please enter an email" validation message rather than "Invalid Email" when no email is entered
2015-06-17 22:56:38 +01:00
Hannah Wolfe
3061247a7e Merge pull request #5431 from kowsheek/5370-settings-model-events
Add events to settings model
2015-06-16 20:46:15 +01:00
Kowsheek Mahmood
33e241ab4e Add events to settings model
issue #5370
- Add emit method to settings model
- Update settings spec to test for events emitted
- Fix formatting on tags spec
2015-06-16 23:57:52 +06:00
Augustus Yuan
05fe09293f Add support for GET /tags/slug/:slug with unit tests
closes #5371
- added new endpoint to the api routes
- created unit tests based on PostModel and PostAPI for testing slug links
2015-06-16 09:22:12 -07:00
Hannah Wolfe
16f98ee80b Move pagination formatting into a util
refs #2896

- moves repeated code out of models
- creates a new file for unit-testable code (this should be moved in future)
- adds a default for `page` as that seems sensible
- adds 100% test coverage for the new file
2015-06-15 16:46:42 +01:00
Jason Williams
b6cbd2d4bd Merge pull request #5427 from ErisDS/api-reshuffle
API mini-cleanup + 405 errors
2015-06-15 10:26:11 -05:00
Jason Williams
225dc84367 Merge pull request #5417 from ErisDS/rss-url
Use urlJoin in RSS + test coverage
2015-06-15 10:23:41 -05:00
Hannah Wolfe
254e0f0597 Improve API error handling
close #2757, refs #5286

- moves error formatting from api/index into errors lib
- moves error handling from api/index into its own middleware
- adds extra middleware for method not allowed which captures all unsupported routes
2015-06-15 10:08:30 +01:00
Fabian Becker
b15f1daf5a Throw 405 - Method not allowed for api routes
closes #2757
- New error MethodNotAllowed
- Throw 405 if valid path but invalid method is used is apiRouter
- Adds api base tests
2015-06-15 09:43:39 +01:00
Matt Enlow
df1c04b8d8 Remove legacy mobile view logic
No issue
- Move editor-base-view mixin into editor/edit view
- Also deletes mobile views and modifies files that were using it
- Helps pave the way for Ember 2.0, where views do not exist
2015-06-14 14:42:21 -07:00
Alex Kleissner
05e49d9a96 Move uncapitalize into its own file.
refs #5286
- Moved the logic into its own file
- Added unit tests
2015-06-10 12:21:15 -07:00
Hannah Wolfe
c1e3bd0786 Merge pull request #5415 from hex337/move-decide-is-admin
Moves the decideIsAdmin into its own file.
2015-06-10 09:51:48 +01:00
Hannah Wolfe
34b22eefa2 Use urlJoin in RSS + test coverage
refs #1833

- move RSS tests to be in rss_spec.js
- improve RSS test coverage
- fix a bug with RSS title generation for tag RSS feeds
- replace custom code in processUrls with urlJoin
2015-06-10 09:18:52 +01:00
Jason Williams
6c9682cdd9 Make sure done() is called from before hooks 2015-06-09 22:46:26 -05:00
Alex Kleissner
511684c436 Moves the decideIsAdmin into its own file.
refs #5286
- Moved the function into its own file
- Added unit tests for the function
2015-06-09 14:02:22 -07:00
Joe Wegner
75faf0109d invite users after signing up during setup
closes #5338
- moves skip link to below the submit button
- makes the submit button better represent form status
- posts notifications based on success/failure of notifications
- goes to the invite page after user creation
- actually sends invites!

functional tests passing for onboarding invitations

cleanup for linitng

remove unreachable return

access the notifications service better

use link-to instead of an anchor with an action

failed user creations get caught, and bubble as errors

a slew of other cleanup stuff via jason
2015-06-09 11:50:24 -07:00
Hannah Wolfe
541de8bc68 Merge pull request #5384 from JohnONolan/zelditor
Content management & editor refactor
2015-06-08 16:22:29 +01:00
Hannah Wolfe
d023333d31 Merge pull request #5404 from JohnONolan/zerrors
Fixup broken error page styles
2015-06-08 14:57:56 +01:00
cobbspur
3f5ac66e47 Fix up tests post-changes to content and editor screen
No Issue

- some tests removed
- other tests commented out pending tags adding to psm
2015-06-08 14:53:53 +01:00
John O'Nolan
93b0505d68 Fixup broken error page styles 2015-06-08 12:14:58 +01:00
Jason Williams
8196133bc7 Merge pull request #5377 from ErisDS/url-refactor
Refactor URL usage
2015-06-06 09:50:20 -05:00
Hannah Wolfe
5e0cc1ae10 Merge pull request #4783 from claydiffrient/master
Makes most special characters be replaced with a dash
2015-06-04 11:54:23 +01:00
Jason Williams
60e160d169 Merge pull request #5361 from ErisDS/fix-contexts
Fix context setup (remove dep on req.route.path)
2015-06-03 16:28:16 -05:00
Jason Williams
f16f72ad7a Merge pull request #5389 from ErisDS/test-imprv
Ensure importer tests don't clash
2015-06-03 16:18:12 -05:00
Hannah Wolfe
8ec8eff6c0 Ensure importer tests don't clash
no issue

- I've noticed the importer tests going wrong on SQLite a couple of times recently.
- I think it's because the teardowns were clashing, hopefully this will help
2015-06-03 18:46:45 +01:00
Hannah Wolfe
2d5a731022 Improvements for debugging transient test failures
refs #4483

- update PSM test to see if it works better this way
- ensure every assertion has a message, so that it's clearer what is failing
2015-06-03 18:12:20 +01:00
Hannah Wolfe
2700bfa4cc Refactor URL builder
refs #1833

- Refactor url generation to use a base urlJoin method
- urlJoin handles slash de-duping and subdir de-duping
- fixes sitemap xml option
2015-06-02 21:50:17 +01:00
Hannah Wolfe
9d01016025 Merge pull request #5353 from morficus/issue-5286
splitting client authentication-related middleware in to its own file
2015-06-02 11:10:43 +01:00
John O'Nolan
9c7a1e2e50 Merge pull request #5318 from acburdine/private-form
Rewrite default private.hbs for new zelda styles
2015-06-02 10:54:59 +01:00
Hannah Wolfe
eb9d924e1b Merge pull request #5306 from acburdine/remove-email
Removes "email" from settings
2015-06-02 09:44:21 +01:00
Maurice Williams
b3cbb20be1 splitting client authentication-related middleware in to its own file
* refs #5286
* includes test cases for `addClientSecret`
* no tests first `generateAccessToken` and `authenticateClient` because there isn't anything to test in them
2015-05-31 12:35:03 -04:00
Alex Kleissner
766bf99de9 Move the spam prevention into its own file.
issue #5286
- Moved the spam prevention functions into their own file
- Added unit tests for the functions
2015-05-29 08:59:29 -07:00
Austin Burdine
bf0e40eda1 rewrites default private.hbs for new zelda styles
closes #5073
- changes format to match new zelda layout
- modifies the input_password helper to allow customization of class & placeholder
2015-05-29 06:25:32 -06:00
Hannah Wolfe
cc00c6c64a Fix context setup (remove dep on req.route.path)
refs #5344

- As a result of #5344, context are pretty broken.
- This PR removes all dependence on req.route.path, and uses res.locals.relativeUrl
- res.locals.relativeUrl is used for many things and is dependable
2015-05-29 09:16:04 +01:00
Jason Williams
1f8abc3869 Merge pull request #5344 from ErisDS/frontend-route-refactor
Frontend route refactor / cleanup
2015-05-27 23:15:38 -05:00
Sebastian Gierlinger
a7555d7497 Merge pull request #5316 from ErisDS/onboarding-zelda
First pass at user onboarding screens
2015-05-27 17:23:40 +02:00
Hannah Wolfe
f6aa46e446 Frontend route refactor / cleanup
refs #5091

- This is step one of several steps towards ending up with dynamic routes for channels
- Refactoring this way makes the similarities between all the routes clearer to see
2015-05-27 11:17:15 +01:00
Jason Williams
5018f2fb9e Clean up Ember router map
No Issue
- Switch resources to routes.
- No longer nest "settings" routes so the router reflects
  the way the templates are rendered.
- Remove renderTemplate override from settings routes.
- Remove unneeded routes, controllers, and views.
- Adjust users page so that infinite scroll loading of users works
  and markup remains the same for Zelda styling.
2015-05-26 16:12:12 -05:00
Hannah Wolfe
4456f17c65 Merge pull request #5332 from cobbspur/route
Fix route for About page
2015-05-25 18:37:45 +01:00
Hannah Wolfe
1883bdb496 Merge pull request #5297 from acburdine/frontend-single
Refactor permalink verification in single post controller
2015-05-25 17:56:02 +01:00
Hannah Wolfe
064a22e7d2 First pass at user onboarding screens
refs #5315

- split setup into 3 screens
- add gravatar fetching
- add download counter
- add button handling for invite users
2015-05-25 17:43:12 +01:00
cobbspur
c3bb7cb396 Fix route for About page
No Issue

- Routes,  views and controllers updated for about page
- fix up tests and add redirect check
2015-05-25 17:06:17 +01:00
Austin Burdine
e69c8c89ac remove settings email
closes #5299
- removes settings/general email field from both client and server side
- fixes tests to reflect removal of email
2015-05-22 15:23:31 -06:00
cobbspur
2e5caeb9c1 Fix-up remaining functional tests
No Issue

- signup, signin and setup tests
- fixup other files for code styles
2015-05-22 20:13:54 +01:00
cobbspur
dd20790bd9 Fix image uploader and update tests
No Issue

- fixes removal of url link on image uploader
- fixes functional tests for editor and content
2015-05-22 19:05:17 +01:00
cobbspur
2c2f9693d2 Add UI link classes
No Issue

- Adds contextual classnames to Nav Bar links
- Various test updates

TODO
- Increase test coverage for new admin UI
- Fix up Caspertests for new Admin UI
2015-05-22 19:05:15 +01:00
John O'Nolan
3bf189ec67 First pass - strip mixins 2015-05-22 19:02:09 +01:00
Hannah Wolfe
da8752cc88 Merge pull request #5290 from josephwegner/chalk-colors-swap
replace colors with chalk everywhere
2015-05-21 16:28:41 +01:00