refs #3795
- updates all dev dependencies to their latest version number
- jshint now complains about the Promise global, removed it from predef in
lieu of a better solution
- changes in should require minor updates to the tests
- tests are passing and all major grunt commands appear to work: clean,
init, prod, validate and release
addresses #2852
- Moves storage modules to use prototypes and to create prototypes
that inherit from the base storage ctor.
- Makes storage/base conform to an all Promise interface.
Closes#1538
* rips out sendmail
* adds direct
* updates nodemailer to 0.7.1
* changes unit tests for mail
* changed integration tests for mail
* adds mail api tests
resolves#1789
- removes config/theme.js
- moves caching of theme variables to api/settings.js which is where the
rest of the settings cache occurs. this removes the requirement of having
to push changes to cache, now it simply occurs alongside when settings
are changed.
- updates relevant tests.
Closes#3884
- This PR includes a reimplementation of Downsize@0.0.5 with `words: "0"`. It uses the same parsing methods, therefore guarunteeing identical behavior.
- Tests have been updated to be more extensive.
helps with #827, otherwise no issue
- This is general code clean-up and unification.
- Merges code from bootstrap.js into config module as they were both
concerned with managing the config file and as such should be in one
location.
- Updates all relevant tests.
closes#2462
- adds conditionals for pagination for index, tags and author pages
- outputs correct meta title and description according to context
- adds further unit testing
closes#1967
- adds paged to eventually replace archive-template
- adds page-template to eventually replace page
- changes custom page template class to be page-slug instead of
page-template-slug
closes#685
- Now that we have a ‘pagination’ meta object, we can implement
SEO-friendly `next` and `prev` ref links in `<head>`.
- This implementation works uniformly for anything that supports
pagination in the current schema (posts, tags, authors)
- Regex should make the implementation future-proof for additional
pagination
resolves#2170
- creates a models.init() function that requires all other model files
and caches them. This is opposed to the previous functionality where
when you require('./models') it would immediately require all other models.
Now it's done when you want.
- Updates all tests to reflect the new structure of the model module
refs #16, #17, #18, #19, #20, #21, #3801
- This code was a prototype system built when Ghost was still a prototype.
It was never fully implemented and hasn't actually worked for ages.
- Now that the admin is in Ember, it's likely we'll need a very different
system.
fixes#3724
- provide config.url to the ember client app via a data attribute
- create server and client side helpers to output the URL
- wire up the client side helper
- add a class for testing, and add tests for both the server and client side
issue #3409
- DRYs out the controllers/frontend a little by moving common functinoality
into its own function
- adds ability to use home.hbs template file if it exists
- adds unit tests for this functionality
Closes#3414
- Adds a helper which shows a select string deopending on the number of items provided
```
{{plural pagination.total empty='No posts' singular='% post' plural='% posts'}}
```
If `pagination.total` == 0, output 'No Posts'
If `pagination.total` == 1, outputs `1 Post`
If `pagination.total` == 2 or more, outputs `2 Posts`
Credit to @sebgie for making this work.
refs #3083, #3096
In order to implement advanced permissions based on roles for specific
actions, we need to know
what role the current context user has and also what action we are
granting permissions for:
- Permissible gets passed the action type
- Effective permissions keeps the user role and eventually passes it to
permissible
- Fixed spelling
- Still needs tests
no issue
- Refactor all integration tests to specify and load ONLY the fixtures
they require to run, rather than initialising the whole kit-and-kaboodle
for every single test which takes FOREVER.
- Refactor the route tests to share a doAuth function, and also specify
additional fixtures required
- Move import and export unit tests, which are actually integration tests
(they touch the DB)
- Comment out most of the permissions unit tests for now as they need more
stubs/mocks so as to not touch the DB
Still todo:
- prevent default DB initialisation in route tests, and specify all
fixtures requires as per the integration tests
- fix up the unit/permissions_spec
migration from usage of config() to just an object of config.
no relevant issue
- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing. Its sole purpose is to make sure a `config.js`
file exists, and as such the name now reflects that purpose.
- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules
- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.
- Fixes to tests to support new config access method
- Allow each test to still work when invoked invidually
Closes#3161
- Add a config.js file for the client which is used to configure
Ember.Application during runtime. The correct version of config.js
is copied into place by grunt via the copy:(dev|prod) task from
either config-dev.js or config-prod.js.
- Serve minified and production versions of libraries where applicable
including handlebars-runtime and ember-prod.
- Bundle third party libraries into vendor.min.js.
- Bundle Ghost's Ember app and templates into ghost.min.js
- Remove all fixture data and code from the client.
fixes#3275, fixes#3290, ref #3086, ref #3084
- Ensure that we use the current logged in user and not just user 1 when
- removing hard coded user: 1 except where absolutely necessary
- passing context, rather than user to models
- base model has a new function to determine what id to use for created_by etc
refs #3283, refs #2739, refs #3096
- Renames permissions which didn't follow bread
- Adds permissions for notifications, mail and tags
Still todo:
- wire up the new permissions where they are needed
- add permissions for roles
closes#3252
- added `/ghost/api/v0.1/uploads/` endpoint
- removed upload method from `controller/admin.js`
- moved removal of temporary files from storage to endpoint (needed to
account for failed uploads)
- changed and moved tests
- Oversight: I think that we use `.otherwise()` and `.catch()` a bit
too extensive and mask the real error objects. We probably need an
error handling strategy at some point in the future.
Issue #3160
- Use notifications API to display available update notification.
- Remove update_notification handlebars helper as now both the
check for an available update and the notification handling
is run from the server's admin controller index method.
- Bind the notification's location property to a css class
for styling.
- Refactor Ember notifications to better handle notification
objects. Move responsibility for css class generation onto
the notification component.
- Refactor gh-notifications component to take a location argument
that's used to assign a css class and filter notifications.
This frees us up to enforce one single point of access, thus paving
the way towards allowing us to initialize the models at are request,
and not when it's require().
addresses #2170
- added role to user obj (only returned from the user endpoint)
- added `/users/?include=roles` and
`/users/?include=roles,roles.permissions` query parameters
- added and updated tests
closes#3056
- Remove clientold
- Remove clientold tests
- Cleanup old admin helpers
- Remove old routes from admin and controllers from admin controller
- Comment out / remove old and broken tests
- Cleanup Gruntfile.js, bower.js, package.json etc
Still TODO:
- cleanup / add removed tests
- do we still need countable?
closes#2759closes#3027
- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based
Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125
**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
fixes#3072
- Change router to handle /ember/setup/
- Adjust doSignup to also handle setup
- Adjust tests and add new where necessary
- Add setup controller, setup validation, setup route
- Adjust casper emberSetup to handle new setup
Refs #2986
-More thorough promise handling in bootstrap.js
-Catch rejected promises from the bootstrap module and force
a Grunt failure instead of an erroneous success
-Adjust the bootstrap unit tests
fix
Closes#847
- Added logic to export database to the `core\server\data\` folder prior
to beginning a migration.
- Factored out versioning logic from migration to prevent circular
references
Closes#2817
-use async semantics for tests
-fix api.settings.read stub for the url helper describe block
-rename test to describe actual behavior (return '/' instead of '')
closes#2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
closes#2637
- Add new get API route for all notifications
- Wrap API responses to comply with JSON-API
- Add new tests / adjust fixtures
- Adjust all occurences of passive notifications
closes#2643
- added error type
- added error property for validations
- wrapped errors in an array
- returns multiple errors for validation
- updated tests and admin
Closes#2606
- Refactor settings api responses to { settings: [ ] } format
- Update all code using api.settings to handle new response format
- Update test stubs to return new format
- Update client site settings model to parse new format into one object of key/value pairs
- Refactor to include all setting values
- Remove unused settingsCollection method
- Update settingsCache to store all attributes
- Update settingsResult to send all attributes
- Remove unnecessary when() wraps
- Reject if editing a setting that doesn't exist
- Reject earlier if setting key is empty
- Update tests with new error messages
- Use setting.add instead of edit that was incorrectly adding
- Update importer to properly import activePlugins and installedPlugins
- Update expected setting result fields
- Fix a weird situation where hasOwnProperty didn't exist 🤷
Ref #2059
- Refactor appProxy into class that is instantiated per App
- Check for permissions before doing proxied filter/helper calls
- Add all currently existing api methods, let api check for permissions
- Basic unit tests for filter and helper register/deregister
- Adjusted proxy api method existence unit tests
closes#2604
- moved ‚pagination‘ to ‚meta‘ property
- added response test for pagination property
- changed ‚next‘ and ‚prev‘ to be set to null and exist on every
response
- removed unnecessary call to API for RSS author
closes#2264
- added permissions check to db, users and posts
- added register method to users
- added doesUserExist method to users
- added user from session to internal calls
- changed permissible to overwrite canThis
- removed action map and action type from permissable method
closes#2058
- fixed apiContext as suggested in the issue
- added user to options object for models
- added api.users.register() for public registration
- changed models to use options.user for created_by, updated_by,
author_id and published_by
- added override to session model to avoid created_by and updated_by
values
- added user (id: 1) to tests
- added user (id: 1) for registration
- added user (id: 1) for import, fixtures and default settings
- added user (id: 1) for user update
- added user (id: 1) for settings update (dbHash, installedApps, update
check)
- updated bookshelf to version 0.6.8
- Handle passing undefined user to canThis
- Add existence check to parseContext if statement
- Add unit test that passes undefined to canThis
- Allow internal canThis() checks
- Allow passing 'internal' or { internal: true } as context
- Do not lookup user permissions unless context.user found
- If context.internal, resolve immediately
- Add unit tests for passing 'internal' and { internal: true }
Progress on #2095
- Add new AppPermissions class with read() method
- has default permissions to read and browse posts
- uses default permissions if no package.json
- uses default permissions if no ghost object in package.json
- errors when reading malformed package.json
- uses ghost.permissions if found in package.json
closes#2138
- Adds new models for AppField and AppSetting
- Removed permitted attributes from App model (handled by base)
- Added reference from Post to AppFields
- Added fixture data to DataGenerator
- Added integration tests for Apps, AppSettings, AppFields
- Added import for Apps
- Added app_fields to default fixtures
- Pass permissions loading to buildObjectTypeHandlers to eliminate
shared state
- Load both app and user permissions to check
- Check app permissions if present
- Create apps table and App model
- Move effectiveUserPermissions to permissions/effective
- Change permissable interface to take context; user and app.
- Add unit tests for app canThis checks and effective permissions
closes#2580
- added new format to post API methods
- added post object parsing and wrapping to admin
- removed unused ‚user‘ object from API response
- updated tests
closes#2563
- build path relative to imagesPath (which contains the custom content path)
instead of appRoot
- added test for custom content path
- added logic to tests for Windows url building to handle cases where Windows
functionality is being tested on a unix operating system
Closes#2513
- Checks for property `error.hbs` on active theme
- Added unit test to ensure `error` view is rendered when activeTheme has
a custom error template.
- Removed unused variable, `userErrorTemplatePath` from errorHandler
- Refactored errorHandler.`updateActiveTheme` to take one argument, the new active theme, and to then check if the active theme has an error.hbs
- Changed errorHandler unit test to use rewire for mocking config.
closes#2148
- Added core/server/xmlrpc.js
- Hook into post::saved to ping when a published post gets saved
- Added node package to hook into http requests
issue #2312
- The typography extension is still interfering in HTML blocks, reference style links and other bits and pieces it probably shouldn't be :(
- We'll add it back when it's ready.
fixes#2272
- Remove libraries from shared/vendor
- Remove libraries from client/assets/vendor
- Add bower to package.json and postinstall
- Add bower.json with dependencies
- Add scripts from bower_components to concat/uglify
- Fix tests
- Serve jquery from /ghost/built/theme/
closes#2328
- added check for tag in coreHelpers.meta_title and use if set
- added test for correct title on tag pages
Rewritting to tag - blogtitle based on comments from PR
no issue
There seemed to be no convention or order to the functions in the admin controller, so I have:
- organised them
- reordered them
- added a small doc-block
- reordered some routes
- updated tests accordingly
This change is needed because the previous default of the user's email
address is too often mismatched against the site domain, triggering spam filters.
Fixes#2145
- added `fromAddress()` to GhostMailer to handle this logic
- added unit tests to `mail_spec.js`
fixes#1969
- creates new ./server/helpers/tempalte.js method
which returns the correct view to use when rendering
- updates fronted controller to check if a custom page template
exists and if so then uses that to render the static page
- adds additional class name to body_class helper when
a custom page template is being rendered
- adds tests to address all new features
fixes#2111
- modified Post model to support a tag query
param that will filter the desired post collection
to only include posts that contain the requested tag
- in the updated Post model it includes the Tag model
under a nested object called 'aspects'
- added tests for updated Post model, updating
test utils to add more posts_tags relations
- adds two new routes to frontend,
one for initial tag page,
another to page that tag page
- for tag pages the array of posts
is exposed to the view similarly
to the homepeage
- on the tag view page the information
for the tag is also accessible
for further theme usage
- the tag view page supports a hierarchy of
views, it'll first attempt to use a tag.hbs
file if it exists, otherwise fall back
to the default index.hbs file
- modified pageUrl and pagination helper
to have it be compatible with tag paging
- added unit tests for frontend controller
- added unit tests for handlebar helper modifications
- add functional tests for new tag routes
Closes#2081
* Amended require-tree to populate availableThemes and availablePlugins to use full file names (`basename.ext`) as keys instead of just basename. This way `image.jpg`, `image.png`, `image.gif` won't overwrite the `image` key.
* Amended require-tree to allow package.json file parsing to return the contents of the file as json on the `package.json` key.
* settings api populates theme data `package` if it exists. Otherwise it assigns `false` to it
* `general.hbs` (salute) was reworked to if there is the package key on the theme is not false, it will use the `name` and `version` keys of that. You can break it by not having a `name` or `version` in the package.json file.
* Added error and warning messages for package.json file parse errors and misses
fixes#2112
refs #1833
- modified config.urlFor to handle tag pages
- modified {{#tags}} handlebars helper to autolink to
tag pages. Additional autolink="false" parameter can
be used to deactivate autolinking
- modified url handlebars helper to handle tags
- added isTag function to schema
- added unit test for additional urlFor functionality
- added unit test for {{#tags}} helper modifications
- added unit test for url handlebards helper
fixes#2057
- uses express’ Route object to create RegExp’s
that we use to check the incoming path
- refactored structure of fronted controller single
tests to be easier to read
- amend regex to incorporate new allowed permalink
structure
ghost as a npm module
- modifies main script file to allow it to
take in an options object that currently
supports an express instance or a config file path
- added tests
closes#2106
- downsize 0.0.5 contains the fix to accept single quote found inside a double-quote string or vice-versa
- created unit tests to properly check this scenario
addresses #1789, #1364
- Moves ./core/server/loader -> ./core/bootstrap.
The bootstrap file is only accessed once during startup,
and it’s sole job is to ensure a config.js file exists
(creating one if it doesn’t) and then validates
the contents of the config file.
Since this is directly related to the initializing
the application is is appropriate to have
it in the ./core folder, named bootstrap as that
is what it does.
This also improves the dependency graph, as now
the bootstrap file require’s the ./core/server/config
module and is responsible for passing in the validated
config file.
Whereas before we had ./core/server/config
require’ing ./core/server/loader and running its
init code and then passing that value back to itself,
the flow is now more straight forward of
./core/bootstrap handling initialization and then
instatiation of config module
- Merges ./core/server/config/paths into
./core/server/config
This flow was always confusing me to that some config
options were on the config object, and some were on
the paths object.
This change now incorporates all of the variables
previously defined in config/paths directly
into the config module, and in extension,
the config.js file.
This means that you now have the option of deciding
at startup where the content directory for ghost
should reside.
- broke out loader tests in config_spec to bootstrap_spec
- updated all relevant files to now use config().paths
- moved urlFor and urlForPost function into
./server/config/url.js
fixes#1782
- added builtFilesExist function to check for files during startup.
If built files do not exist Ghost startup is stopped and a link
to the documentation is displayed.
- exported a scriptFiles object from server/helpers.
- added a builtScriptPath to the paths module.
- removed "js-msg" about missing javascript from the UI.
closes#1947
- added fieldtype: medium for posts.html
- changed fieldtype: medium for posts.markdown
- added method to fix databases created with wrong field type
- added tests for database version 002
closes#1932
- added showUpdateNotification with version check
- added temp workaround for boolean values in database
- changed default value from false to null
- updated tests
closes#1464
- adds opt-out via updateCheck:false in config.js
- update check is done on admin index, but doesn't interfere with rendering
- adds update check module, which gets the usage data, makes the request and handles the response
- adds two new settings to default-settings, one for next check time, and one for whether to show the notification
- adds a new rejectError method to errorHandling
- adds a new helper for displaying the notification
Conflicts:
core/server/helpers/index.js
core/test/unit/server_helpers_index_spec.js
fixes#1765fixes#1811
issue #1833
New UrlFor functions
- moved body of url helper to config.path.urlFor, which can generate a URL for various scenarios
- urlFor can take a string (name) or object (relativeUrl: '/') as the first
argument - this is the first step towards issue #1833
- also added config.path.urlForPost which is async and handles getting
permalink setting
- frontend controller, ghost_head helper, cache invalidation all now use
urlFor or urlForPost all urls should be correct and consistent
URL Consistency Improvements
- refactored invalidateCache into cacheInvalidationHeader which returns a
promise so that url can be generated properly by urlForPost
- moved isPost from models to schema, and refactored schema to have a tables object
- deleted posts now return the whole object, not just id and slug,
ensuring cache invalidation header can be set on delete
- frontend controller rss and archive page redirects work properly with subdirectory
- removes {{url}} helper from admin and client, and replaced with adminUrl
helper which also uses urlFor
- in res.locals ghostRoot becomes relativeUrl, and path is removed
fixes#1810
- updates frontend.single route to accept ‘edit’
as the last param
- updates controller.frontend to handle redirection
only when we would otherwise have rendered the page
- added unit tests for this behavior
closes#1470
issue #1405
- added cache control middleware
- added defaults for all routes, assets, etc
- updated asset helper to add a query string with a timestamp hash to all assets
- added unit tests for asset and ghostScriptTags helpers
- added cache-control checks to route tests
closes#1757 and #1773
- switches routes.frontend for posts and pages
to use a regex with two capturing groups. This removes
the need to dynamically remove an express route at a
later point, leaving the decision making to frontend
controller.
- added unit tests for all routing conditions that
can arise for posts and pages.
- updated functional tests to also test for same thing
in unit tests
- removes old code from server/api/index that used
to fix this issue, but is no longer needed
- removed some un-needed require statements in routes/admin
closes#1681
- import doesn't override user credentials
- import doesn't override theme
- import doesn't kill session
- import does refresh the settings cache
- updated tests, they now use a fixture instead of a generated export
- tests check to ensure import is safe
issue #1754
- remove path (it was only used once, and not needed)
- change webroot to subdir
- add unit tests for config.paths
- various other cleanup
- renamed client-side ghostRoot to subdir
- added url helper for client
fixes#1696
- this is a temp workaround until full fledged support
is added directly to bookshelfjs
- when importing we use the import json blob’s timestamps
as the value that’s set in the DB
- added tests for this change
fixes#1749
- pass config().url into theme.update
- rename paths functions to match theme function
- adds tests for theme config
- We should probably try to eliminate passing config.url around
closes#1640closes#1672
- changed to include config using require
- deleted has_tag helper
- deleted json helper
- removed fileStorage and ghostScriptTags helpers from frontend
- added fileStorage and url helper to admin
closes#1203
- Update express-hbs module to the new version (0.5.2)
- Use two instance of hbs one for the theme and an other for the admin
- Template helpers are register as partial view
- Partial views of the theme are reload when the theme changed
Remove clear partial cache in handlebars
This code will be move in `express-hbs`.
This doesn't cause a problem to remove this line but it is not clean.
Remove unused hbs instance
Resolve conflict
fixes#1644
- Fixes bug in controller/frontend
- Created functional test for posts API to test for this bug
- Created unit tests for frontend controller
- Fixed a global variable leak in core/test/utils/fixtures/data-generator
that was leaking the DataGenerator globally
- Resolved issue that arose from fixing above bug
fixes#1575
- Moves most code that was in ghost.js into ./core/server/index.js
- Creates ./core/server/config/theme.js to hold all theme configurations
(which previously lived on ghost.blogGlobals())
- Removed ghost.server, passing it in as an argument where needed
and allowing middleware to hold onto a reference for lazy use.
covers 90% of #755
- moved ghost.settings to api.settings
- moved ghost.notifications to api.notifications
- split up api/index.js to notifications.js, posts.js, settings.js,
tags.js and users.js
- added instance.globals as temp workaround for blogglobals (Known
issue: blog title and blog description are updated after restart only)
- added webroot to config() to remove `var root = ...`
- changed `e` and `url` helper to async
- updated tests
Move helper functions registerThemeHelper and registerAsyncThemeHelper
to the helpers module.
Also update the app proxy object to reflect this new code location,
and the tests to reflect that as well
Create ./sore/server/filters which houses all filter related behavior.
Was previously on the ghost singleton.
Also create the filters_spec file for testing
and update all code and tests to use new code location.
Create ./sore/server/helpers/template which houses all template related behavior.
Was previously on the ghost singleton.
Also create the helpers_template_spec file for testing
and update all code and tests to use new code location.
Move ghost.mail instance onto the mail module directly
and update related code and tests to use new location
Move Polyglot instance onto require module directly
Move ghost.availablePlugins to plugins module directly
- changed cookieSession to session
- added session.regenerate for login and logout
- added bookshelf session store
- added session table to database
- added import for databaseVersion 001
- added grunt task test-api
- cleanup of gruntfile to start express when needed only
- moved api tests to functional tests
