Commit Graph

7107 Commits

Author SHA1 Message Date
Katharina Irrgang
a68592a6b9 🔥 remove forceAdminSSL and urlSSL, add admin url (#7937)
* 🔥  kill apiUrl helper, use urlFor helper instead

More consistency of creating urls.
Creates an easier ability to add config changes.

Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.

* 🔥  urlSSL

Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.

e.g.

- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)

The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.

* 🔥    remove forceAdminSSL, add new admin url and adapt logic

I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:

1. remove forceAdminSSL
2. add admin.url option

- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option

* 🤖  adapt tests

IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware

* 😎  rename check-ssl middleware

* 🎨  fix theme-handler because of master rebase
2017-02-03 18:13:22 +00:00
Katharina Irrgang
ff7c3a1cf0 🐛 require overrides in MigratorConfig.js (#7938)
no issue

- if using knex-migrator cli not the whole ghost application is required
- that's why we need to ensure the overrides file is loaded
- if not, all dates are in local dates
2017-02-03 15:04:28 +00:00
Katharina Irrgang
2a52af1d99 🔥 remove imageRelPath (#7927)
refs #7488

- remove imageRelPath
- instead add a static image prefix to the url helper
2017-02-03 14:42:05 +00:00
Katharina Irrgang
0201c431d7 🔥 do not store settings in config (#7924)
* 🎨  🔥  do not store settings in config and make settings cache easier available

- remove remembering settings value in theme config
- if we need a cache value, we are asking the settings cache directly
- instead of settings.getSettingSync we use settings.cache.get

- added TODO:
  - think about moving the settings cache out of api/settings
  - we could create a folder named cache cache/settings
  - this settings cache listens on model changes for settings
  - decoupling

* 🔥  remove timezone from config

- no need to store in overrides config and in defaults settings

* 🎨  context object helper

- replace config.get('theme') by settings cache

* 🎨  replace config.get('theme') by settings.cache.get

* 🎨  adapt tests

* fixes from comments
2017-02-03 13:15:11 +00:00
Katharina Irrgang
16f5d1fdaf 🎨 add urlFor('admin') and increase usage of urlFor helper (#7935)
refs #7488

- to be able to refactor the url configuration in ghost, we need to go step by step making this possible
- reduce the usage of forceAdminSSL
- add a urlFor('admin') helper, which returns the admin url + path e.g. http://my-blog.com/blog/ghost
- increase usage of urlFor helper
- do not expose getBaseUrl, use urlFor('home') (home === blog)
2017-02-02 18:51:35 +00:00
Katharina Irrgang
85c0913d70 🎨 config optimisations (#7921)
refs #7488

- rename file keys for config files, see https://github.com/TryGhost/Ghost/pull/7493/files
- add tests to avoid running into config hierarchy problems again
- overrides.json is the strongest!
- argv/env can override any default
- custom config can override defaults
- reorganise util functions for config again
2017-02-02 12:46:30 +00:00
Vivek Kannan
5507adadf1 Import from LTS blogs now properly adds tags to posts. (#7926)
closes #7866

- Importer now uses Javascript's Map instead of the normal object to ensure that tags are properly associated with their corresponding posts.
2017-01-31 17:50:44 +01:00
Katharina Irrgang
bac8bcf978 🎨 jsHint: support ES6 features (#7920)
no issue
- add `eversion: 6` flag to `jshint` config
2017-01-31 13:13:23 +00:00
Katharina Irrgang
eebdfab7b0 🎨 validate ghost profile/token response (#7761)
no issue

- check if profile or access token exists when receiving the response from Ghost Auth server
2017-01-31 11:04:09 +01:00
Aileen Nowak
89d40133a0 💄 Clean up ghost_head test (#7918)
refs #7688

Update the `ghost_head_spec` to reflect the current changes (we're not having a default `icon` setting in our config anymore). Render the link to the default favicon to be relative.
2017-01-30 09:54:40 +01:00
Kevin Ansfield
dd3de4c957 Version bump to 1.0.0-alpha.10 2017-01-26 18:08:41 +00:00
Kevin Ansfield
60757182e2 Updated Ghost-Admin to 1.0.0-alpha.10 2017-01-26 18:08:41 +00:00
Kevin Ansfield
1eafe25bc6 Update yarn.lock 2017-01-26 18:04:09 +00:00
Aileen Nowak
d2f2888da0 Favicon URI (#7700)
closes #7688

- Use `/favicon.ico` and `/favicon.png` in blog app. Depending on type of storage (custom upload = local file storage), serves either from storage adapter with `read()` method or reads the bytes via `fs`.
- Redirects requests for `favicon.ico` to `favicon.png` if custom `png` icon is uploaded and vice versa.
- Redirect requests for `favicon.png` to `favicon.ico` if default icon is used (in `core/shared`).
- Changes the `{{asset}}` helper for favicon to not serve from theme assets anymore. It will either be served the custom blog-icon or the default one.
- The `{{@blog.icon}}` helper renders the url of the **uploaded** blog icon. It won't render the default icon.
2017-01-26 18:01:19 +00:00
Katharina Irrgang
584bd15b76 🔥 remove database version (#7894)
refs #7489

- as we are now using a different migration approach (knex-migrator), we don't need to remember the database version anymore
- it was once used to check the state of a database and based on it we decided to migrate or not
- with knex-migrator everything depends on the migration table entries and the current ghost version you are on
- on current master the leftover usage is to add the db version when exporting the database, which can be replaced by reading the ghost version
- removing this solves also an interesting migration case with knex-migrator:
  - you are on 1.0
  - you update to 1.1, but 1.1 has no migrations
  - the db version would remain in 1.0
  - because the db version was only updated when knex migrator executed a migration
2017-01-26 12:12:00 +00:00
Aileen Nowak
5c94151e14 Blog icon validations (#7893)
refs #7688

Adds an `uploads/icon/` endpoint to the api route to get a seperate entry point for blog icon validations. The blog icon validation will specifically check for images which have icon extensions (`.ico` & `.png`) and throw errors if:

- the icon file size is too big (>100kb)
- the icon is not a squaer
- the icon size is smaller than 32px
- the icon size is larger than 1000px
- the icon is not `.ico` or `.png` extension

TODOs for this PR:
- [X] get image dimensions
- [X] validate for image
	- [X] size
	- [X] form (must be square)
	- [X] type
	- [X] dimenstion (min 32px and max 1,000px)
- [X] return appropriate error messages
- [X] write tests

--------------------

TODOs for #7688:
- [X] Figure out, which favicon should be used (uploaded or default) -> #7713
- [ ] Serve and redirect the favicon for any browser requests, incl. redirects -> #7700 [WIP]
- [X] Upload favicon via `general/settings` and implement basic admin validations -> TryGhost/Ghost-Admin#397
- [X] Build server side validations -> this PR
2017-01-26 10:01:52 +01:00
Greenkeeper
ca4f827945 Update knex-migrator to version 2.0.4 🚀 (#7902)
* chore(package): update knex-migrator to version 2.0.4

https://greenkeeper.io/

* chore: yarn.lock
2017-01-26 00:46:59 +01:00
Katharina Irrgang
c070c9722d 🐛 re-run init migrations protection (#7899)
no issue

- if re-running the init scripts (for example: you lost the init rows in the migrations table), then it was throwing errors
- 1. the owner slug and email can change -> no match and it tried to reinsert the user with id 1, which failed
- 2. querying an inactive user is not allowed, because the user model protects against it
2017-01-25 22:08:09 +01:00
Katharina Irrgang
0424c6675c 🐛 fix backup database (#7898)
refs #7489

The require path for the db backup was wrong. The before hook could not execute db backup.
Furthermore, i have replaced the logging in the backup script.
2017-01-25 20:34:31 +01:00
Greenkeeper
ee3033cde5 Update knex-migrator to version 2.0.3 🚀 (#7897)
* chore(package): update knex-migrator to version 2.0.3

https://greenkeeper.io/

* chore: yarn.lock
2017-01-25 20:11:45 +01:00
Greenkeeper
5f3b5a1c93 Update ghost-ignition to version 2.8.3 🚀 (#7895)
* chore(package): update ghost-ignition to version 2.8.3

https://greenkeeper.io/

* chore: yarn.lock
2017-01-25 19:27:24 +01:00
Vivek Kannan
ada528d386 Fixed caching of theme in development mode. (#7812) (#7857)
refs #7812

- replaced hard-coded maxAge value in static-theme middleware with dynamic value based on env
2017-01-25 15:10:46 +01:00
Katharina Irrgang
2d19ae2c6c 🔥 😎 remove old migrations (#7887)
refs #7489

- remove old migration code
- this logic was sourced out to knex-migrator
2017-01-25 13:47:49 +00:00
Katharina Irrgang
042750f4cf 🐛 fix invite permissions for editor (#7889)
refs #7724

- we already fixed the permissions for the editor
- see 3d3101ad0e
- but as we are inside of a refactoring process, we had two fixtures.json files
- we fixed the fixtures.json in the wrong place
- now that the permissions are used, we can see failing tests
- i have added the correct permissions handling
2017-01-25 12:07:31 +00:00
Aileen Nowak
ca521e234f 🐷 Rename 'favicon' to 'icon' (#7888)
refs TryGhost/Ghost#7688

Just renames `favicon` to `icon` as our usage for it will not be for favicon purposes only.
2017-01-25 11:02:02 +01:00
Greenkeeper
cce3194983 Update knex-migrator to version 2.0.1 🚀 (#7883)
* chore(package): update knex-migrator to version 2.0.1

https://greenkeeper.io/

* chore: yarn.lock
2017-01-24 23:56:37 +01:00
Austin Burdine
bc6980c4ac Update yarn.lock on greenkeeper PR's (#7885)
* update yarn.lock on greenkeeper prs
* chore: yarn.lock
2017-01-24 23:33:10 +01:00
Katharina Irrgang
12c0ca3d2f 🔥 remove knex-migrator from README (#7884)
no issue

- we will update the instructions for 1.0 before we release 1.0
2017-01-24 18:30:22 +01:00
Katharina Irrgang
c796e9f61f Revert "Update knex-migrator to version 2.0.0 🚀" (#7881) 2017-01-24 17:32:15 +01:00
Greenkeeper
6f08e2de26 chore(package): update knex-migrator to version 2.0.0 (#7880)
https://greenkeeper.io/
2017-01-24 17:02:49 +01:00
Austin Burdine
2c73eec34d 🐛 fix sqlite module binary issues with yarn caching (#7879)
no issue
2017-01-24 16:36:21 +01:00
Greenkeeper
94ba209be7 chore(package): update knex-migrator to version 1.1.1 (#7878)
https://greenkeeper.io/
2017-01-24 14:21:01 +01:00
Kevin Ansfield
20efa6fcbb sync yarn.lock file (#7876)
no issue

- between https://github.com/TryGhost/Ghost/pull/7853 being committed and being merged there were changes in `package.json` meaning that the `yarn.lock` file was out of date
2017-01-24 12:07:06 +01:00
Katharina Irrgang
a2edc09762 🎨 optimisations for brute (#7867)
closes #7766, refs #7579

- ensure we are using the correct brute keys
- ensure we are using req.ip as Ghost is configured  with trust proxy option
- tidy up a little
2017-01-23 22:44:39 +01:00
Austin Burdine
4dad5ae742 add yarn.lock file and cleanup .travis.yml (#7853)
no issue

- add yarn.lock with latest dependencies
- remove unused travis cache lines and install deps via yarn
2017-01-23 16:32:49 +01:00
Katharina Irrgang
68741a1106 Revert "🎨 grunt release .knex-migrator" (#7874)
refs #7489
2017-01-23 12:33:03 +01:00
Katharina Irrgang
89ef60fdba 🛠 knex-migrator 1.0.0 (#7873)
refs #7489 

Most important change is the naming of the knex-migrator config file.
2017-01-23 12:32:17 +01:00
Katharina Irrgang
78eacb19e9 🛠 use Ignition for logging/errors (#7869)
no issue

- we started implementing logging and error handling in Ghost
- later we outsourced both into a module
- use the module now in Ghost
- this commit basically just removes the logging and error implementation and uses Ignition
2017-01-23 11:04:01 +00:00
Aileen Nowak
7cb57bff3d Find favicon in Ghost (#7713)
refs #7688

Adds logic in theme settings api to either serve an uploaded favicon and give it the type `upload` or use the default settings `default`, which will serve the favicon from our shared directory.

TODOs for #7688:
- [X] Figure out, which favicon should be used (uploaded or default) -> this PR
- [ ] Serve and redirect the favicon for any browser requests, incl. redirects
- [ ] Upload favicon via `general/settings` and implement basic admin validations -> [WIP] TryGhost/Ghost-Admin#397
- [ ] Built server side validations
2017-01-23 10:13:52 +01:00
Aileen Nowak
503148058c More consistant usage of urlFor('home') (#7689)
refs #7666 

Using `urlFor('home')` instead `config.get('url')` in Ghost.
When `urlFor('home', true)` returns the absolute adress of the blog as defined in the config.
Will always return a trailing `/`.
2017-01-23 09:22:37 +01:00
Katharina Irrgang
857ad4f1a7 Update bookshelf to version 0.10.3 🚀 (#7871) 2017-01-22 22:46:26 +01:00
Katharina Irrgang
ebb2156284 🛠 mysql latest and do not ignore mysql for GK updates (#7868)
refs #5945
2017-01-22 11:31:53 +00:00
Katharina Irrgang
4a4b2f62cc 🐛 re-order api middlewares: cors middleware before connect-slashes (#7861)
closes #7839

- when a browser sends a request to the API without a trailing slash, we are using connect-slashes to redirect permanently
- but because the CORS middleware was registered after the redirect, the CORS headers got lost
2017-01-18 17:36:47 +00:00
Aileen Nowak
2f3081fa9f Make AMP optional (#7830)
closes #7769

Because Google AMP is bitching around and shows errors in Googles' webmaster tools for missing post images and blog icons, we decided to make AMP optional. It will be enabled by default, but can be disabled in general settings. Once disabled, the `amp` route doesn't work anymore.

This PR contains the back end changes for Ghost-alpha:
- Adds `amp` to settings table incl default setting `true`
- Adds `amp` value to our settings cache
- Changes the route handling of AMP app to check for the `amp` setting first.
- Adds tests to check the route handling and ghost_head output
- Includes changes to `post-lookup.js` as done by @kirrg001 in #7842
2017-01-17 16:40:06 +01:00
Kevin Ansfield
8d88f5b6a5 urlencode navigation URLs rather than HTML escape (#7836)
closes #7826

- expose raw url value inside `{{navigation}}` helper
- modify `{{url}}` helper to urlencode values and mark as HTML-safe to avoid Handlebars additional HTML-escaping
2017-01-17 15:55:19 +01:00
kirrg001
49e99c5dfd Upgrading Casper to 1.3.5 2017-01-17 15:49:03 +01:00
John O'Mahoney
47933c9949 Shows help message for broken require in scheduler adapter (#7706)
closes #7584

- added help message to assist in debugging broken require
2017-01-16 21:49:41 +01:00
Austin Burdine
8d29095fa8 🔥 Drop support for Node.js v0.12 (#7820)
no issue

- Node.js v0.12 will be EOL on 31st December
- This removes official support from Ghost
2017-01-16 19:21:45 +01:00
Greenkeeper
c46db8d72f chore(package): update ghost-gql to version 0.0.6 (#7844)
https://greenkeeper.io/
2017-01-12 11:53:20 +01:00
Greenkeeper
259cc3de62 chore(package): update rss to version 1.2.2 (#7841)
https://greenkeeper.io/
2017-01-11 20:42:13 +01:00