Commit Graph

121 Commits

Author SHA1 Message Date
Hannah Wolfe
2983e657a6 Unit test fixes
issue #635
2013-10-31 08:25:24 +00:00
jamesbloomer
6e44280b96 Moving file system storage to a module
issue #635

- refactored file system storage into module
- convert save to return a promise
- convert admin controller to use storage module
2013-10-31 08:25:24 +00:00
cobbspur
b316e2fd70 improve layout of code to jslint standards in helpers unit tests 2013-10-29 20:16:59 +00:00
Jacob Gable
507174a00b Plugin API Refactor: Filter and Theme Helpers
issue #769

- Refactor doFilter to allow returning a promise from a filter handler
  and to also return a promise itself
- Move the logic out of the registerThemeHelper calls and into their own methods so
  we could test them in isolation.
- Assign the server to the ghost instance so the initPlugins method can
  get access to it.
2013-10-29 11:27:52 +00:00
Hannah Wolfe
68f78c9cc4 Merge pull request #1315 from cobbspur/suffix
added suffix to tag helper
2013-10-28 15:24:11 -07:00
Fabian Becker
798e5b1a4e Allow user to mark a post as static page
- Increased post-settings width to properly display "Static Page"
- Changed templates to display "Static Page" if set
- Added unit test for body_class helper

fixes #969
2013-10-28 22:01:03 +00:00
cobbspur
d605100709 added suffix to tag helper
closes #607

- added suffix as optional parameter to tag helper
2013-10-28 21:38:36 +00:00
Zach Geis
1f15df41ef Avoid filtering markdown code blocks
closes #1045
- Fixed markdown code block format issue.
- Added test case to verify fix.
2013-10-26 12:16:47 -05:00
Hannah Wolfe
5c33a707e9 Merge pull request #1164 from halfdan/1162-unpublished-posts
Unpublished Post should not be accessible
2013-10-25 13:18:39 -07:00
Fabian Becker
0997eae716 Remove .txt from blacklist.
fixes #1263
2013-10-25 00:15:39 +00:00
Fabian Becker
aa5c0cc620 Unpublished Post should not be accessible
fixes #1162
2013-10-24 21:29:10 +00:00
Sebastian Gierlinger
6505986f6b Move /api to /ghost/api
closes #1249
- changed routes
- changed apiRoots
2013-10-24 14:50:17 +02:00
Hannah Wolfe
80bbcf7205 Merge pull request #1239 from cobbspur/tagsprefix
adds prefix option to tag helper
2013-10-23 08:11:22 -07:00
cobbspur
b85e5b6196 adds prefix option to tag helper
closes #607

 - added prefix attributetor tags helper
 - will add prefix only if tags are present
 - adds unit tests for prefix
2013-10-22 22:57:31 +01:00
Hannah Wolfe
2d1e28335c Merge pull request #1197 from halfdan/994-image-uploads
Show proper error message when image upload fails
2013-10-22 14:40:47 -07:00
Fabian Becker
27e66f75f3 Show proper error message when image upload fails
fixes #994
2013-10-22 21:08:26 +00:00
Hannah Wolfe
15a2eacaac Merge pull request #1141 from halfdan/246-helper-tests
Improved test coverage of theme helpers.
2013-10-22 12:45:07 -07:00
Hannah Wolfe
e2cf362395 Merge pull request #1117 from halfdan/featured-posts
Add featured class when post is featured
2013-10-22 12:38:33 -07:00
Hannah Wolfe
5d169610ce Merge pull request #1133 from gotdibbs/Issue1124
Fixed intermittent test errors
2013-10-22 07:59:50 -07:00
Pascal Borreli
14c420c8d1 Fixed typos 2013-10-20 20:33:51 +00:00
Hannah Wolfe
accf525061 Temporarily removing API test 2013-10-20 11:02:06 +01:00
Hannah Wolfe
65dcb17117 Merge branch '0.3.3-wip'
Conflicts:
	core/client/views/blog.js
	core/server/api.js
	core/server/views/default.hbs
	package.json
2013-10-20 10:09:39 +01:00
Hannah Wolfe
491651da59 Merge pull request #2 from ErisDS/bookshelf-knex-update
Updating to bookshelf 0.5.7 & knex 0.4.11
2013-10-17 10:49:28 -07:00
Tim Griesser
13639ad8d1 Updating to bookshelf 0.5.7 & knex 0.4.11 2013-10-17 18:23:36 +01:00
Sebastian Gierlinger
90176e1f40 Security improvements
no issue
- added CSRF protection
- changed session handling to express.session
- changed session handling to change session id
- added config property useCookieSession
- added file extension check for /ghost/upload
- removed /ghost/debug/db/reset
2013-10-17 15:28:28 +02:00
Fabian Becker
dfa7793d44 Improved test coverage of theme helpers.
refs #246
2013-10-17 07:53:11 +00:00
William Dibbern
702a016547 Fixed intermittent test errors
Fixes #1124

- Updated default mocha timeout to 15 seconds. Any future tests that
depend on a timeout (and thus might be better off with a lower value)
can override the default setting which is now 15 seconds.
- Removed test-specific timeout overrides for the mocha tests.
- Fixed the editor/splitbutton tests to wait for the appropriate
selector instead of assuming the dom has been updated immediately.
Should resolve intermittent timeouts when checking the splitbutton's
applied classes.
2013-10-16 17:57:52 -05:00
Fabian Becker
f4ac715f97 Add featured class when post is featured
fixes #1112
2013-10-16 11:41:49 +00:00
Fabian Becker
788987d04a Added new helper to escape URIs called 'encode'
fixes #1089
2013-10-16 09:19:26 +00:00
Hannah Wolfe
119b0ea430 Merge branch '0.3.2-wip'
Conflicts:
	core/client/assets/lib/uploader.js
2013-10-11 20:56:15 +01:00
jamesbloomer
9d114c7fa6 Lock down theme static directory to not serve templates, markdown and text files.
closes #942
- insert custom middleware to check for blacklisted files
- redirect to express.static if file accepted
- if not valid return next() to do nothing
- currently black listing .hbs, .txt, .md and .json
- debatable which is best, black list or white list, either one will probably need tweaks but erred on side of letting
a theme serve unknown types
2013-10-11 18:05:31 +01:00
Hannah Wolfe
c732cd2ccb Adding xss unit test
issue #938
2013-10-10 16:43:25 +01:00
Sebastian Gierlinger
6ff17c78a2 Fix filepaths for config and upload
no issue
- added appRoot to config-loader.js
- modified uploader to use correct path
- modified tests
2013-10-10 12:44:31 +02:00
Hannah Wolfe
95f9fce3be Swapping escape to sanitze
issue #938

- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
2013-10-09 19:13:16 +01:00
Tim Griesser
c9235ccb0b Escaping several fields to prevent XSS
issue #938
- escapes post's title field
- escapes settings title, description, email
- escapes user's name field
- includes test for post title
2013-10-09 19:13:13 +01:00
William Dibbern
8ef27f0590 Refactored tests
Fixes #362

- There is no need to set the viewport on functional tests anymore
unless something other
than the default of 1280x1024 is desired.
- There is no need to invoke `casper.run` to trigger `test.done`
anymore for functional tests.
- Each test works independently of the rest; registration is handled
once for the lifetime of the test run and then login/logout can be
invoked automatically as desired.
- Mocha tests all utilize predefined, more realistic fixtures when
appropriate.
- Renamed old api tests that were really model tests as appropraite.
- Added example api test for posts.
2013-10-07 21:05:25 -05:00
Hannah Wolfe
6bd62538af Merge branch '0.3.1-wip'
Conflicts:
	core/server/controllers/admin.js
2013-09-27 17:22:55 +01:00
Hannah Wolfe
ee8d8102db Merge pull request #923 from ErisDS/0.3.1-wip-mysql
0.3.1 wip mysql
2013-09-27 05:04:45 -07:00
Hannah Wolfe
5c10f6608c Unit Test fixes for MySQL
issue #858

- there is no guaranteed order to arrays, so sort before testing them
- tests run much faster, date comparisons fail
- settings tests are more explicit, otherwise they fail random validations
- dates must be inserted as date objects
2013-09-27 12:52:31 +01:00
Hannah Wolfe
50a16ceb76 Test Cleanup 2013-09-27 11:36:12 +01:00
Hannah Wolfe
e411ed6889 No autolinking inside of code blocks
closes #865

- rejigged markdown to have some functionality before showdown runs, and other functionality before.
- autolinking now happens last, so it can be smarter
2013-09-27 11:35:44 +01:00
Hannah Wolfe
8c6519fde7 Don't output image tag for empty source
closes #866

 - ensures we don't end up creating any more empty image tags.
2013-09-27 11:30:41 +01:00
Jacob Gable
a9c0359f18 Add some unit tests for post saving
- Confirm published_at for new posts
- Confirm slug generating on saving posts
2013-09-26 23:15:43 +01:00
Jacob Gable
088518936c Configuration validation in config-loader
Added a couple sanity checks to the config during the loadConfig call.

- Check that the config exists for the current NODE_ENV
- Check that the config.url exists and is valid structure
- Check that the config.database exists
- Check that the config.server exists and has a port and host value
2013-09-26 23:07:48 +01:00
jamesbloomer
55048d6a20 Fix image upload tests on windows
closes #826
- on windows the fs.exists call had windows style back slashes
- set up the test to cope with either (not the most elegant but works)
2013-09-26 15:19:05 +01:00
jamesbloomer
8e3ddcbdcc Trim version number to major and minor numbers only in meta tag
closes #880
- as the version number is under control from package.json use regex to trim
2013-09-26 15:00:05 +01:00
Hannah Wolfe
02a02054e8 Handle duplicate tags on import
closes #890

- importer only adds tags which don't exist.
- added back the import unit tests - these are basic for now
2013-09-25 11:30:59 +01:00
jamesbloomer
c215626d2b Use file mime type rather than extension to check server side if image upload is a valid file
closes #705
- uses the file type passed by express/connect
- relies on the type being set correctly by the browser upload
- doesn't reread the file to check
2013-09-20 13:20:59 +01:00
Hannah Wolfe
477c4c59fa Merge pull request #843 from cgiffard/500-errors
500 Series Error Handling & Stack Traces
2013-09-18 22:52:52 -07:00
Hannah Wolfe
43fe50ca7b New Tag in fixture breaks Tag tests 2013-09-19 06:50:32 +01:00