no issue
Having `session.user` return a promise made dealing with it in components difficult because you always had to remember it returned a promise rather than a model and had to handle the async behaviour. It also meant that you couldn't use any current user properties directly inside getters which made refactors to Glimmer/Octane idioms harder to reason about.
`session.user` was a cached computed property so it really made no sense for it to be a promise - it was loaded on first access and then always returned instantly but with a fulfilled promise rather than the underlying model.
Refactoring to a synchronous property that is loaded as part of the authentication flows (we load the current user to check that we're logged in - we may as well make use of that!) means one less thing to be aware of/remember and provides a nicer migration process to Glimmer components. As part of the refactor, the auth flows and pre-load of required data across other services was also simplified to make it easier to find and follow.
- refactored app setup and `session.user`
- added `session.populateUser()` that fetches a user model from the current user endpoint and sets it on `session.user`
- removed knowledge of app setup from the `cookie` authenticator and moved it into = `session.postAuthPreparation()`, this means we have the same post-authentication setup no matter which authenticator is used so we have more consistent behaviour in tests which don't use the `cookie` authenticator
- switched `session` service to native class syntax to get the expected `super()` behaviour
- updated `handleAuthentication()` so it populate's `session.user` and performs post-auth setup before transitioning (handles sign-in after app load)
- updated `application` route to remove duplicated knowledge of app preload behaviour that now lives in `session.postAuthPreparation()` (handles already-authed app load)
- removed out-of-date attempt at pre-loading data from setup controller as that's now handled automatically via `session.handleAuthentication`
- updated app code to not treat `session.user` as a promise
- predominant usage was router `beforeModel` hooks that transitioned users without valid permissions, this sets us up for an easier removal of the `current-user-settings` mixin in the future
no issue
- display the `context` property of any API errors so that the messages are useful
- use the same email/password that was used for the setup request in the session request to avoid issues with keys being hit after Enter
no issue
- ran [es5-getter-ember-codemod](https://github.com/rondale-sc/es5-getter-ember-codemod)
- [es5 getters RFC](https://github.com/emberjs/rfcs/blob/master/text/0281-es5-getters.md)
- updates the majority of `object.get('property')` with `object.property` with exceptions:
- `.get('nested.property')` - it's not possible to determine if this is relying on "safe" path chaining for when `nested` doesn't exist
- `.get('config.x')` and `.get('settings.x')` - both our `config` and `settings` services are proxy objects which do not support es5 getters
- this PR is not exhaustive, there are still a number of places where `.get('service.foo')` and similar could be replaced but it gets us a long way there in a quick and automated fashion
refs #9865
- removed all `oauth2` and token-based ESA auth
- added new `cookie` authenticator which handles session creation
- updated the session store to extend from the `ephemeral` in-memory store and to restore by fetching the currently logged in user and using the success/failure state to indicate authentication state
- ESA automatically calls this `.restore()` method on app boot
- the `session` service caches the current-user query so there's no unnecessary requests being made for the "logged in" state
- removed the now-unnecessary token refresh and logout routines from the `application` route
- removed the now-unnecessary token refresh routines from the `ajax` service
- removed `access_token` query param from iframe file downloaders
- changed Ember Data adapters and `ghost-paths` to use the `/ghost/api/v2/admin/` namespace
no issue
- upgrade `ember-ajax` to 3.0.0
- `ember-ajax` [now passes the payload through directly](https://github.com/ember-cli/ember-ajax/releases/tag/v3.0.0) rather than trying to normalize it so all our error handling needed to be updated
no issue
Automated tools, code generators, and editor integrations are increasingly standardising on the import style used in `ember-modules-codemod`. Our import style differed a little with regards to service/controller injection imports which meant we were starting to see inconsistent naming.
refs https://github.com/TryGhost/Ghost/issues/8958
- Ghost OAuth isn't coming back, time for the code to disappear and simply all the things
- fixes the `Usage of router is deprecated` notices that flood the console/test logs when testing
no issue
- add eslint-plugin-ember, configure no-old-shims rule
- run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports
- further cleanup of Ember globals usage
- remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
closes https://github.com/TryGhost/Ghost/issues/8859, requires https://github.com/TryGhost/Ghost/pull/8895
- adds Unsplash app to app settings
- enable/disable toggle
- validation and testing of Unsplash App ID
- Unsplash App ID field hidden if provided via Ghost config
- adds `fetchPrivate` method to `config` service to pull config that requires authentication and updates authentication routines to fetch private config
- adds Unsplash buttons to editor toolbar and `{{gh-image-uploader}}`
- only present when Unsplash app is enabled
- opens Unsplash image selector when clicked
- `{{gh-image-uploader}}` has a new `allowUnsplash` attribute to control display of the unsplash button on a per-uploader basis
- adds Unsplash image selector (`{{gh-unsplash}}`)
- uses new `unsplash` service to handle API requests and maintain state
- search
- infinite scroll
- zoom image
- insert image
- download image
- adds `{{gh-scroll-trigger}}` that will fire an event when the component is rendered into or enters the visible screen area via scrolling
- updates `ui` service
- adds `isFullscreen` property and updates `gh-editor` so that it gets set/unset when toggling editor fullscreen mode
- adds `hasSideNav` and `isSideNavHidden` properties
- updates `media-queries` service so that it fires an event each time a breakpoint is entered/exited
- removes the need for observers in certain circumstances
refs TryGhost/Ghost#7865💄 refactor signup to use ember-concurrency
refs https://github.com/TryGhost/Ghost/issues/7865
- moves authentication actions from `signup` route to controller
- refactors authentication and signup logic into EC tasks
- replaces use of `gh-spin-button` with `gh-task-button` in signup template
💄 refactor setup screens to use ember-concurrency
refs https://github.com/TryGhost/Ghost/issues/7865
- moves authentication actions from `setup/two` route to controller
- refactors authentication and setup logic into EC tasks
- replaces use of `gh-spin-button` with `gh-task-button`
- fixes some styling issues with the new SVG icons
- adds `app/styles/patterns/icons.css` back to contain per-icon overrides and animations (some SVGs use fills and others use strokes so we sometimes have conflicting styles)
no issue
- adds `settings` service that acts as a proxy to the singular settings model with methods to fetch and reload, also prevents accidentally loading only some settings types which has caused problems in the past
- updates app boot, signin, and signup processes to fetch settings ensuring that any part of the app can grab settings synchronously if needed
- removes `timeZone` service, it's no longer needed as we can grab `settings.activeTimezone` directly
- replaces all store queries for the settings model with appropriate `settings` methods
- refactors `apps/*` routes/controllers, they had become a little convoluted with the way they were dealing with settings and the new service helped to clean that up
issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451
- use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server
- add OAuth flows for:
- setup
- sign-in
- sign-up
- re-authenticate
- add custom `oauth-ghost` authenticator to support our custom data structure
- add test helpers to stub successful/failed oauth authentication
- hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later)
no issue
- update ember-ajax to 2.5.1
- replace custom error checking in setup/two with ember-ajax's `isInvalidError`
- update error normalisation and associated parsing tests to ensure all error types result in the same object structure
no issue
- updates `package.json` details to better reflect the separation from the `Ghost` package
- update ember config and all import statements to reflect the new `ghost-admin` module name in `package.json`
refs #5798, closes#5018
- adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place
- adds spin-buttons to all modals with async behaviour
- adds/improves behaviour of inline-validation in modals
- improves re-authenticate modal to properly handle validation and authentication errors
closes#6226
- adds calls to oauth middleware on PUT /authentication/setup/
- prevent setup/two from trying to log in again if user is already logged in
no issue
- add ember-suave dependency
- upgrade grunt-jscs dependency
- add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc
- separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc
- standardize es6 usage across client
closes#5903, refs #5409
- switch alert/notification component tests from unit to integration where appropriate
- rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour
- add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service
- close duplicate alerts/notifications before showing a new one
- specify a key for all existing alerts
- close failure alerts on successful retries
- clear all currently displayed alerts on successful sign-in
ref #5652
- validations can be in default, success or error state
- adds check for 'hasValidated' if the validations haven't fired yet, the field is in the default state
- hasValidated is an Ember.Array which tracks the state for each field
issue #5751
- moves `makeRequest` override of simple-auth's OAuth authenticator into our own custom authenticator (previously our override was not taking effect until after ember-simple-auth's initial authentication routines, hence why it was working for post-login token refreshes but failing on app-boot)
ref #5652
- resolves issues with setup flow for the time being
- password is cleared on deactivate, rather than during step 2
- using transitionToRoute instead of transitionTo to remove deprecation warning
closes#5317
- Adds back button to steps 2 and 3
- Prevents user navigating from step 1 to step 3 unless blog has been created
- Prevents user navigating from step 2 to step 3 unless blog has been created
