Commit Graph

2397 Commits

Author SHA1 Message Date
Hannah Wolfe
8337762b3d Merge pull request #3579 from morficus/issue-3502
Replacing "touchstart" with "tap" event, provided by hammer.js
2014-08-03 17:23:30 +01:00
Hannah Wolfe
7b380b706b Merge pull request #3535 from rwjblue/properly-transition-on-mobile
Handle toggleing the content screen on mobile.
2014-08-03 17:23:25 +01:00
Hannah Wolfe
7b7573816a Merge pull request #3571 from felixrieseberg/iss3570
Show "Make Owner" only if displayed user is admin
2014-08-03 17:20:54 +01:00
Felix Rieseberg
be683e3d4b Autofocus on input fields after routing
closes #3538, closes #3541
- The “autofocus” property isn’t considered by browsers if the element
is created after the page has been loaded. The Ember cookbook
recommends extending the input type with a manually triggered
autofocus, which I included here.
- This introduces the new helper “gh-focus-input”, an input field
gaining focus even when routing occurs.
2014-08-03 09:16:13 -07:00
Hannah Wolfe
a8f6b31731 Merge pull request #3574 from rwjblue/speed-up-posts-orderby
Small performance tweak for Posts ordering.
2014-08-03 15:05:02 +01:00
Felix Rieseberg
ec188c66d8 Insert inline code shortcut for editor
closes #3543
- Wired up existing code shortcut in codemirror-shortcuts.js in
editor-shortcuts.js
2014-08-02 23:40:12 -07:00
Maurice Williams
da279de71b Replacing "touch start" with "tap" event, provided by hammer.js
fixes #3502
2014-08-03 01:36:46 -04:00
Maurice Williams
cb9f4f7c05 Stop event propagation when hitting "enter" in the gh-blur-input component
fixes #3516
- new behavior is disabled by default
- added new stopEnterKeyDownPropagation property enable new behavior
2014-08-03 00:48:05 -04:00
Maurice Williams
e8f6bcd176 fix most recent post stolen by the last logged in user AND only show active users in post-settings-menu drop-down
fixes #3549 fixes #3528
- instead of grabbing and setting the author after fetching the list of users, get the author info from the models "author" property and set it when that value returns. (3549)
- added filter to the PSM's "authors" attribute to only display active users (3528)
2014-08-02 21:28:02 -04:00
Maurice Williams
4b5aab8306 Error modifying "author" attribute before post record has been created
fixes #3523
- when changing the author, added a check to NOT trigger a save if the post has not been created/saved as yet
2014-08-02 14:35:19 -04:00
Robert Jackson
3bd938a7eb
Small performance tweak for Posts ordering.
* Move publishedAtCompare to standalone function in closure scope
  (allows better browser optimizations).
* Avoid getting the same field (published_at) more than once.
2014-08-02 11:15:55 -04:00
Robert Jackson
ae56c8a8e2
Ensure keyboard navigation matches custom post sorting. 2014-08-02 10:39:26 -04:00
Felix Rieseberg
2f3520a675 Show "Make Owner" only if displayed user is admin
closes #3570
- Added ‘controller.user.isAdmin’ as an condition for displaying the
“make owner” option
2014-08-02 07:02:50 -07:00
Sebastian Gierlinger
d35598457b Merge pull request #3560 from felixrieseberg/iss3537
Descriptive error if user by mail not found.
2014-08-02 13:13:54 +02:00
Sebastian Gierlinger
8b954efbdb Merge pull request #3521 from jaswilli/notifications
Prevent stacking of notifications
2014-08-02 12:54:56 +02:00
Felix Rieseberg
abf251212c Descriptive error if user by mail not found.
closes #3537
- Replaced generic NotFound error with descriptive NotFoundError.
2014-08-01 18:13:33 -07:00
Felix Rieseberg
4c79770580 Admin isn't shown "make owner" option
closes #3558
- Replaced canAssignRoles as "show user" conditional with new
"canMakeOwner"
2014-08-01 13:03:26 -07:00
Jason Williams
0ef7ee4f33 Fix failure in Post API tests.
Refs #3473
- Make sure test is checking the post it expects by verifying
  the post id in the results.
2014-08-01 17:55:27 +00:00
Jason Williams
dd50cca97a Refactor notifications to prevent stacking.
Closes #3511, Closes #3512, Closes #3526
- show* methods now close existing passive notifications by
  default.  They also now take an optional options object where
  existing parameters such as "delayed" and "defaultErrorText"
  can be passed in as well as the new "doNotClosePassive" flag.
- Removed all explicit calls to notifications.closePassive except
  for the few places where it makes sense to call it separately.
2014-08-01 16:57:29 +00:00
Jason Williams
41493e1ccc Add missing model to template render.
Closes #3530, Refs #3474
- Cleanup from #3474 which stopped passing the model into
  the render template call.
2014-08-01 16:29:59 +00:00
Sebastian Gierlinger
063bd3536b Merge pull request #3525 from jaswilli/issue-3510
Sanity check page parameter used in findPage
2014-08-01 18:24:08 +02:00
Jason Williams
938b183707 Sanity check page parameter used in findPage
Closes #3510
- Make sure the page parameter is does not overflow the
  integer data type.
- Added tests.
2014-08-01 14:32:38 +00:00
Sebastian Gierlinger
42c5a32966 Merge pull request #3551 from halfdan/3540-password-reset
Proper messaging on password reset
2014-08-01 15:47:38 +02:00
Fabian Becker
45f2e956d0 Proper messaging on password reset
fixes #3540
- Show proper message when reusing token
- Show message after resetting password
2014-08-01 13:18:53 +00:00
Paul Adam Davis
a7b5c72e68 Change user menu link to a button
Closes #3546

- Change user menu popover toggle from a <a> to a <button>
- Change tests accordingly
2014-08-01 10:56:03 +01:00
Robert Jackson
188265115a
Handle toggleing the content screen on mobile.
Closes #3520.

Move the custom jQuery animation into an action on the controller so
that we can trigger it from within the route if needed.
2014-08-01 02:47:29 -04:00
Jason Williams
0ebccc5c65 Fix tests to ensure correct post is being checked
Refs #3473
- Change tests to not assume that all inserted fixture data
  will end up with the same millisecond-precision time for
  results sorting.  If a test is set up to check the contents
  of a specific fixture extract it explictly from the results.
2014-08-01 05:12:08 +00:00
Hannah Wolfe
59953c6610 Merge pull request #3486 from sebgie/issue#3468
Update spam prevention
2014-08-01 00:10:50 +01:00
Hannah Wolfe
fa4cb9c19d Merge pull request #3496 from jaswilli/refresh
Remove unnecessary hard refresh on signout.
2014-08-01 00:04:39 +01:00
Sebastian Gierlinger
3792598a31 Update spam prevention
closes #3468
- added rate limit to deny more than 5 attempt every hour
- updated spam prevention to be configurable
- added config values spamTimeout, ratePeriod, rateAttempts
- added ratePeriod:1 to config.example.js to prevent functional tests
from hitting the rate limit
- commented spam test, I’ll fix it tomorrow
2014-08-01 00:58:32 +02:00
Sebastian Gierlinger
2200a65954 Merge pull request #3494 from ErisDS/issue-3285
Update importer for MU
2014-08-01 00:52:00 +02:00
Jason Williams
68775b3ef8 Remove unnecessary hard refresh on signout.
Refs #3488
- Hard refresh handled by ember-simple-auth.
2014-07-31 22:41:35 +00:00
Hannah Wolfe
de46cd4a14 Merge pull request #3488 from manuelmitasch/fix-session-invalidation
The page refresh when oauth token has expired was broken.
2014-07-31 23:28:58 +01:00
Hannah Wolfe
756368721e Update importer for MU
closes #3285

- remove apps stuff for now
- if there is a single user, behave the same as before, overriding
  non-critical properties of the single owner user
- if there are multiple users, import them like normal resource
2014-07-31 23:14:57 +01:00
Hannah Wolfe
f4895a4200 Merge pull request #3487 from JohnONolan/notification-copy
Shorter notifications
2014-07-31 22:53:20 +01:00
Hannah Wolfe
91ae72dc82 Merge pull request #3493 from rwjblue/fix-posts-post-author-list
Show posts authored by current user.
2014-07-31 22:41:11 +01:00
Hannah Wolfe
262169fcf8 Merge pull request #3490 from jaswilli/psm
Fix for missing author when switching posts
2014-07-31 22:38:09 +01:00
Robert Jackson
7ca51764d6
Show posts authored by current user.
The current logic allows showing of all EXCEPT the current users posts
(when the current user is an author).

This fixes that.
2014-07-31 17:23:08 -04:00
Jason Williams
fc88f53bae Fix for missing author when switching posts
No Issue
- Fixes the case where the authors dropdown in the
  post settings menu has no author selected after
  switching between posts.
2014-07-31 20:19:52 +00:00
Hannah Wolfe
a04562b349 Merge pull request #3478 from halfdan/fix-pgsql
Fixing pg build.
2014-07-31 20:55:21 +01:00
Hannah Wolfe
a13f460acb Merge pull request #3485 from jaswilli/migration
Fix naming of export file during migration
2014-07-31 20:55:12 +01:00
Hannah Wolfe
6413337c2f Merge pull request #3425 from jgable/fixImporter
Make importer more robust for tags
2014-07-31 20:52:51 +01:00
Manuel Mitasch
2b1720e43b The page refresh when oauth token has expired was broken.
Ember simple-auth action "sessionInvalidationSucceeded" was overriden to display a meaningless message.
2014-07-31 21:49:29 +02:00
Hannah Wolfe
0b55b39cde Changing second half of script placeholders 2014-07-31 19:05:56 +01:00
Sebastian Gierlinger
c5fbe2def3 Merge pull request #3479 from ErisDS/issue-3079
Complete frontend multi-user features
2014-07-31 18:52:16 +02:00
Hannah Wolfe
687197bf31 Updating HTML for script placeholders 2014-07-31 17:42:43 +01:00
Jason Williams
8936b82014 Fix naming of export file during migration
No Issue
- The method that generates a filename for the export during
  a migration returns a promise, not the filename directly,
  so the export file was being named [object Object].
2014-07-31 16:22:05 +00:00
John O'Nolan
854a3041fd Shorter notifications
Basic notifications are unnecessarily verbose and, in some instances, even cause line-wrapping to occur. This change shortens them to short, concsise statements to indicate what action has taken place.
2014-07-31 19:19:47 +03:00
Hannah Wolfe
b7bfc35079 Merge pull request #3476 from rwjblue/moar-shortcuts
Enable uppercase, lowercase, titlecase shortcuts.
2014-07-31 16:50:11 +01:00
Robert Jackson
3cf9034c90 Cleanup CodeMirror shortcuts.
* Add titleize utility function.
  * Capitalizes first word.
  * Capitalizes all words not contained in simple article/conjunction
    list.
* Enable shortcuts for `uppercase`, `lowercase`, and `titlecase`.
* Fix header shortcuts
  * Ensure that header shortcuts do not duplicate text.
  * Make headers idempotent (pressing `ctrl+alt+1` then
    `ctrl+alt+2` does not make `# # # blah`.
2014-07-31 10:53:13 -04:00
Hannah Wolfe
45b4b95b1d Merge pull request #3477 from halfdan/duplicate-notification
Avoids duplicate notification / transition
2014-07-31 15:47:19 +01:00
Hannah Wolfe
194d45fac6 Merge pull request #3480 from jaswilli/issue-3466
Update user roles in store after owner transfer
2014-07-31 15:39:48 +01:00
Hannah Wolfe
1c3cb1bb6a Merge pull request #3472 from morficus/issue-3401
custom slugging capabilities for individual user pages
2014-07-31 15:36:11 +01:00
Hannah Wolfe
26af1e4843 Merge pull request #3471 from novaugust/editor-shortcuts
Keyboard shortcuts for Mac vs All
2014-07-31 15:34:14 +01:00
Hannah Wolfe
f9ff78475b Complete frontend multi-user features
closes #3076

- author RSS pages
- fixes page_url / pagination helper
- add 'author' option to has helper
- tests for author pages, author rss pages and helpers
2014-07-31 15:33:52 +01:00
Matt Enlow
a7444bf338 Keyboard shortcuts for Mac vs All
Closes #3029, Ref #3469
- Editor shortcuts are now built in a separate file, which uses `ctrlOrCmd` to correctly set OS specific shortcuts.
- Removed `newLine` and `selectWord` shortcuts
2014-07-31 08:00:52 -06:00
Jason Williams
baf9138b27 Update user roles in store after owner transfer
Closes #3466
- Transferring the owner role is now done via a separate
  endpoint and not through Ember-Data.  As a result the
  user role data needs to be updated manually.
- Updated the owner endpoint to return a response body
  containing the updated user objects.
- Updated tests.
2014-07-31 13:41:10 +00:00
Sebastian Gierlinger
87b07eb9e0 Merge pull request #3475 from ErisDS/api-clean
User edit & add endpoints cleanup
2014-07-31 15:24:55 +02:00
Sebastian Gierlinger
6ca9e6c657 Merge pull request #3462 from ErisDS/issue-3446
Post list: authors only see their own posts
2014-07-31 15:03:15 +02:00
Fabian Becker
640f4c2915 Fixing pg build.
refs #2499
- Properly reference pg client
- Fix broken sql queries
2014-07-31 12:52:57 +00:00
Fabian Becker
b26e0ec669 Avoids duplicate notification / transition
no ref
- Let application.js handle transition after setup
- Remove duplicate loading of server notifications
2014-07-31 14:22:37 +02:00
Maurice Williams
489cd08d97 custom slugging capabilities for individual user pages
closes #3401
- modifying slug-generator to be more generic
- adding slugging capabilities for /settings/users/:slug
- modified posts to use the updated slug-generator
2014-07-31 08:14:22 -04:00
Robert Jackson
93e728bba2 Redirect to the first available post for current user. 2014-07-31 12:44:22 +01:00
Hannah Wolfe
eecbdc1693 User edit & add endpoints cleanup
- edit and add endpoints don't assume role
- edit and add endpoints cope with no role, role objects, and strings
- resend user invite was failing at one point due to no role being sent, but this shouldn't be required
- other random api cleanup
2014-07-31 12:37:48 +01:00
Hannah Wolfe
23b2ac07d8 Completed post & user list filer by role
closes #3446, closes #3086

- Authors can only ever get to their own posts
- Editors only ever see authors in the user list
2014-07-31 11:23:37 +01:00
Hannah Wolfe
a6c205ac53 Merge pull request #3474 from felixrieseberg/iss3400
User Settings: Display cog based on rights
2014-07-31 09:30:13 +01:00
Felix Rieseberg
e84b6198c4 User Settings: Display cog based on rights
closes #3400
- The user view has been extended to have properties indicating whether
the user has rights to make the displayed user an owner or delete
him/her
- Handlebar conditionals decide whether or not to display the cog
2014-07-31 01:03:03 -07:00
Robert Jackson
f02c2acd71 Limit Posts for Authors.
* Ensures that posts listing only shows posts that the current user
  authored, if they only have the Author role.
* Do not transition into the posts.post route if the current user is
  not the author (but has the Author role). This is needed because
  the API server will always return the post (regardless of the current
  user).
2014-07-31 09:02:49 +01:00
Hannah Wolfe
7919c15e56 Post list: authors see their own posts
issue #3446
2014-07-31 09:02:48 +01:00
Hannah Wolfe
cc995e8ef6 Merge pull request #3371 from javorszky/iss3100
Implement user and related content deletion
2014-07-31 07:51:15 +01:00
Hannah Wolfe
7bf9d021de Merge pull request #3467 from rwjblue/update-validation-to-match-server-error
Update validation to match server error.
2014-07-31 07:46:57 +01:00
Matt Enlow
420500ffab Add keyboard navigation of posts
Closes #3015
- Added stepThroughPosts method to PostsRouter, takes a integer, goes that far, wraps around the array.
- PostsPostRoute notifies the PostsController of which model it currently has, to help stepThroughPosts know who's selected
2014-07-30 22:23:02 -06:00
Jacob Gable
69b871a754 Make importer more robust for tags
Closes #3242

- Add checks for valid fields in tags and posts
- Add unit test with empty tag export data file
- Add unit test with empty post export data file
2014-07-30 22:33:45 -05:00
Gabor Javorszky
8487dada0b Implement user and related content deletion
Closes #3100

* Introduces `destroyByAuhor`, given a context and an id, it will check if context has permission to delete the user by the id, and then deletes all the content where `author_id` is id, and then deletes the user
* Does multiple checks to make sure user exists
* Added a fixture `posts:mu` that creates 4 users belonging to 4 roles, 50 posts that have authors evenly distributed, 5 tags and all 50 have one tag attached to it, evenly distributed.

Caveats / questions

* Started testing
2014-07-31 03:48:59 +01:00
Hannah Wolfe
3de308dc20 Merge pull request #3436 from novaugust/user-role-dropdown
User role dropdown
2014-07-31 02:06:34 +01:00
Matt Enlow
21abed7f9a Add User Role Dropdown
Closes #3402, Closes #3428

-------------------

 ### Components
- Added GhostSelectComponent to handle async select creation (h/t @rwjblue)
- Added GhostRolesSelector (extends GhostSelect) for displaying user role options
- Created StoreInjector for surgically inserting the store into things that normally wouldn't have them.

 ### Users Settings
- InviteNewUserModal now uses GhostRolesSelector & defaults to Author
- The role dropdown for user settings has permissions set per 3402

 ### User Model
- Added `role` property as an interface to getting and setting `roles`
- Refactored anything that set `roles` to set `role`
- isAdmin, isAuthor, isOwner and isEditor are all keyed off of `role` now

 ### Tests
- Added functional tests for Settings.Users
- updated settings.users and settings.users.user screens
- fix spacing on screens

 ### Server Fixtures
- Fixed owner fixture's roles
2014-07-30 17:59:14 -06:00
Robert Jackson
bdbc689232
Update validation to match server error.
When a using the forgottenRoute if you enter an incorrectly formatted
email address you would see the error message 'Invalid Email', however
if you entered an email address that was correctly formatted but missing
the error message would be 'Invalid email address'.

This fixes the discrepancy.
2014-07-30 19:07:42 -04:00
Hannah Wolfe
9f21730648 Merge pull request #3465 from rwjblue/handle-missing-user
Redirect to error404 when user not found.
2014-07-30 22:51:03 +01:00
Hannah Wolfe
5dc457b417 Merge pull request #3443 from halfdan/30850-users-api
Users API advanced browsing
2014-07-30 22:47:55 +01:00
Robert Jackson
3bddb548a5
Redirect to error404 when user not found.
Closes #3459.
2014-07-30 17:43:45 -04:00
Hannah Wolfe
80cbef8cdb Merge pull request #3461 from halfdan/unhandled-rejection
Fix unhandled exception
2014-07-30 22:31:19 +01:00
Hannah Wolfe
c3308fbe2d Merge pull request #3463 from rwjblue/hard-refresh
Perform a hard refresh upon signout.
2014-07-30 22:28:27 +01:00
Hannah Wolfe
5d3788ffe6 Merge pull request #3457 from sebgie/issue#3426
Transfer ownership end point
2014-07-30 22:26:42 +01:00
Hannah Wolfe
8416839bde Merge pull request #3456 from PaulAdamDavis/prevent-auth-autocomplete
Disable autocomplete for setup & signup screens
2014-07-30 22:22:40 +01:00
Hannah Wolfe
06fb658829 Merge pull request #3454 from halfdan/signout-email
Properly remove email notification on signout.
2014-07-30 22:21:41 +01:00
Hannah Wolfe
3c47e630e8 Merge pull request #3453 from PaulAdamDavis/3271-prevent-website-autofill
Disable user settings autocomplete in Chrome
2014-07-30 22:14:32 +01:00
Hannah Wolfe
2251b58571 Merge pull request #3449 from felixrieseberg/iss3383
Stop validation error notification stack
2014-07-30 22:04:31 +01:00
Fabian Becker
29ad30bec8 Fix unhandled exception
no ref
- return result of mail.send
2014-07-30 18:45:00 +00:00
Robert Jackson
7357ece639
Perform a hard refresh upon signout.
Closes #3458.
2014-07-30 14:22:28 -04:00
Fabian Becker
d4fdb07d9c Users API advanced browsing
closes #3085
- active and invited include multiple statuses when fetching
- adjusted data generator
2014-07-30 16:59:27 +00:00
Sebastian Gierlinger
ded6aa6ac0 Transfer ownership end point
closes #3426
- added transfer ownership endpoint
- added owner to roles.permissible
- manually removed owner from roles.browse
- removed hard coded author role
- fixed tests that were passing due to hard coded author role
- added testUtils.setup(‚roles‘)
2014-07-30 17:40:30 +02:00
Felix Rieseberg
01ee33643c Stop validation error notification stack
closes #3383
- Calls closePassive() if a new validation error is thrown to display
only the latest validation error
2014-07-30 08:07:34 -07:00
Paul Adam Davis
a75d255fda Disable autocomplete for setup & signup screens
No issue

- Adds 2 hidden inputs at the top start of the form that trick chrome into filling those, leaving out the rest.
2014-07-30 16:04:03 +01:00
Hannah Wolfe
57a5444335 User API ability to filter users by role
refs #3446

- This only covers the API changes needed for #3446
2014-07-30 15:02:25 +01:00
Paul Adam Davis
21668cc65d Disable user settings autocomplete in Chrome
Closes #3271

- Adds 2 hidden inputs at the top start of the form that trick chrome into filling those, leaving out the rest.
2014-07-30 14:34:02 +01:00
Fabian Becker
5bc1bf8380 Properly remove email notification on signout.
no ref
- Calls notifications.clear() on signout
2014-07-30 13:32:19 +00:00
Hannah Wolfe
fe2e3f45c7 Merge pull request #3416 from alarobric/case_3291
Settings screens redirect for certain roles
2014-07-30 14:17:19 +01:00
Hannah Wolfe
6a687723c5 Merge pull request #3447 from jaswilli/auth
Fixup signin and signout
2014-07-30 14:13:02 +01:00
Hannah Wolfe
de3d836116 Uncommenting fixed tests 2014-07-30 13:51:32 +01:00
Hannah Wolfe
3e194097a5 Merge pull request #3448 from jaswilli/update-check-test
Ghost instance not needed in update check test
2014-07-30 13:50:02 +01:00
Hannah Wolfe
ecc8c96c03 Merge pull request #3444 from sebgie/fix-invitations
Fix Invitations
2014-07-30 13:40:23 +01:00
Hannah Wolfe
92805d70e1 Merge pull request #3424 from jgable/fixSettings
Fix lazy loading of settings
2014-07-30 13:39:46 +01:00
Alan Richards
dacd1060ee Settings screens redirect for certain roles
Closes #3291
- Adds redirects based on roles as defined in the case
- Adds new mixin `CurrentUserSettings`
- For authors, all settings pages redirect to `users/self`
- For editors, all settings pages other than specific users redirect to `users`. Any user that is not self or an author redirects to `users`
2014-07-30 00:57:16 -07:00
Jason Williams
a4fe341c2f Ghost instance not needed in update check test
Refs #3424, Refs #3444
- API and test suite refactoring triggered a conflict with
  the way update_check_spec.js was written.  Using a running
  copy of Ghost is no longer needed in those tests so it
  was removed.
2014-07-29 22:29:13 +00:00
Jason Williams
725d4aac7d Fixup signin and signout
No Issue
- Move authentication related handlers to the Application route.
- Switch Sign Out from a button to a link.  Use the signout route
  to handle invalidating the session and redirecting instead of
  an action from a button.
- Clear error messages on signin page when pressing log in button.
- Errors are now always shown on sign in screen and a success
  notification is shown after sign out.
- Update functional tests.
2014-07-29 20:58:43 +00:00
Hannah Wolfe
4e85ac1c94 Adding new {{title}} helper
closes #3389
2014-07-29 21:45:56 +01:00
Hannah Wolfe
e4134ccad7 Merge pull request #3438 from hswolff/home-template
Add ability to create a 'home.hbs' template file for templates
2014-07-29 17:10:47 +01:00
Hannah Wolfe
68895c70eb Merge pull request #3442 from sebgie/issue#2330
Remove email address from frontend
2014-07-29 17:10:35 +01:00
Jacob Gable
0b34ad84cb Fix lazy loading of settings
Closes #3281

- Add the missing return to populateDefault
- Wrap defaultSetting in [] when passing to readSettingsResult
- Populate default value of dbHash in parseDefaultSettings
- Modify migrations.init to only load databaseVersion for export_spec test
- Fix spacing in test util file and null reference error in test
- Uncomment user tests (but add .skip) and remove settings from testUtils.setup()
2014-07-29 10:43:38 -05:00
Sebastian Gierlinger
83e1ffca1d Fix Invitations
no issue
- added `invited-pending` when resending invitation
- promise chain was missing a return statement
- email error was masked and front end showed success notification
2014-07-29 15:35:48 +02:00
Harry Wolff
fd61b9ff2a Add ability to create a 'home.hbs' template file for templates
issue #3409

- DRYs out the controllers/frontend a little by moving common functinoality
 into its own function
- adds ability to use home.hbs template file if it exists
- adds unit tests for this functionality
2014-07-29 08:14:20 -04:00
Hannah Wolfe
0ffc5e6d47 Improve importer error messaging
closes #3274

- Ensure that validation errors are always handled by moving them into the
  importer
- Ensure that db errors are handled consistently across sqlite and mysql
- Change the errors to be output in a table, with a short failure notification
- Add tests for 003 importing bad files
2014-07-29 12:02:18 +01:00
Hannah Wolfe
c094facb28 Merge pull request #3415 from PaulAdamDavis/plural-helper
Plural handlebars helper
2014-07-29 11:54:06 +01:00
Hannah Wolfe
9f2ddf7937 Merge pull request #3440 from sebgie/notification-reset-invite
Reset/Signin while signed in
2014-07-29 11:52:40 +01:00
Paul Adam Davis
503f359aab Add plural handlebars helper
Closes #3414

- Adds a helper which shows a select string deopending on the number of items provided

```
{{plural pagination.total empty='No posts' singular='% post' plural='% posts'}}
```
If `pagination.total` == 0, output 'No Posts'
If `pagination.total` == 1, outputs `1 Post`
If `pagination.total` ==  2 or more, outputs `2 Posts`

Credit to @sebgie for making this work.
2014-07-29 11:40:31 +01:00
Sebastian Gierlinger
d5747430e9 Remove email address from frontend
closes #2330
- added deletion email address from post.author in front end
- updated tests
- with some refactoring this could be done on API level
2014-07-29 11:23:02 +02:00
Hannah Wolfe
49660ff703 Test for invite users error
refs #3433
2014-07-29 10:19:02 +01:00
Hannah Wolfe
f5a3a05951 Merge pull request #3439 from morficus/issue-3427
Removing "author" role-label
2014-07-29 08:40:56 +01:00
Maurice Williams
de1dc4d0d0 Removing "author" role-label
closes #3427
- adding conditional statement to now display users with role "author"
2014-07-29 01:50:34 -04:00
Maurice Williams
e30e29bf5d Implementing HTML emails
closes #3082
- no more in-line HTML strings
- adding files for "welcome", "reset password", and "invite user" emails
- added mail.generateContent() to create HTML and plain-text email content
- refactored methods that trigger emails to send both HTML and plain-text emails
2014-07-29 00:55:14 -04:00
Hannah Wolfe
9343bccb1f Merge pull request #3437 from morficus/issue-3433
Error when inviting users
2014-07-29 05:36:28 +01:00
Maurice Williams
e15fb9ed57 Error when inviting users
fixes #3433
- passing only the role ID when creating a user
- uncommenting test cases
2014-07-29 00:06:40 -04:00
Hannah Wolfe
e8bb8e2c11 Merge pull request #3435 from jaswilli/issue-3133
Preserve order of tags as entered by the user.
2014-07-29 04:36:25 +01:00
Hannah Wolfe
37399b30db Merge pull request #3430 from sebgie/refresh-token-expiry
Change refresh token expiry
2014-07-29 04:19:46 +01:00
Hannah Wolfe
407133df27 Merge pull request #3434 from gleneivey/3431-run-with-latest-casperjs
Change casperjs helper used to get RSS page content.
2014-07-29 04:18:51 +01:00
Jason Williams
7a7138e534 Preserve order of tags as entered by the user.
Closes #3133
- Implement an ordered set for the tags property of the tag
  input controller.  Set order is by order added to the post.
2014-07-29 02:16:21 +00:00
Sebastian Gierlinger
b3112a4349 Reset/Signin while signed in
no issue
- added redirect and notification to reset route
- added notification to signup route
2014-07-28 18:00:08 +02:00
Glen E. Ivey
8826d4e663 Change casperjs helper used to get RSS page content.
closes #3431
- change feed_test.js to call casperjs getHTML() instead of
  getPageContent(), because the latter now strips markup

Alternative fix would be to use .page.frameContent directly
instead of using a casperjs wrapper.

Change runs cleanly on Travis (old casperjs tag) and locally
in the Ghost-Vagrant setup with both the old casperjs tag
and the current HEAD SHA (29bbd03f7cdc9fc1e70f0fe1400635dd7d3537ad)
2014-07-28 07:58:24 -07:00
Sebastian Gierlinger
e1c0c5ce98 Change refresh token expiry
no issue
- acquiring a new access token using a refresh token sets the
expiration time of the refresh token to now + 24 hrs.
- moved all occurrences of ONE_HOUR, ONE_DAY and ONE_YEAR to
`core/server/utils`
2014-07-28 15:19:49 +02:00
Sebastian Gierlinger
cc471aedcb Merge pull request #3395 from ErisDS/issue-3096
User Permissions: Edit, Add, Destroy & Role management
2014-07-28 12:04:07 +02:00
Hannah Wolfe
6adc6efb3b Merge pull request #3423 from jaswilli/issue-3403
Add a mixin for saving a subset of a model.
2014-07-28 09:49:19 +01:00
Hannah Wolfe
64766de8d6 Merge pull request #3422 from sebgie/issue#3177
Hide Access Token
2014-07-28 09:18:42 +01:00
Hannah Wolfe
987e9277dc User edit, add & destroy perms restricted by role
closes #3096, closes #3378, refs #3100

- user.permissible updated to reflect proper permissions
- small amount of API refactoring to handle extra cases
- extensive integration testing
2014-07-28 08:32:04 +01:00
Hannah Wolfe
7714dc6ab1 Adding role API tests & fixing browse
refs #3083, refs #3196
2014-07-28 07:22:06 +01:00
Hannah Wolfe
e7dc51dc66 Improving error handling 2014-07-28 06:30:01 +01:00
Hannah Wolfe
4e3b21b7da Permissions Improvements
refs #3083, #3096

In order to implement advanced permissions based on roles for specific
actions, we need to know
what role the current context user has and also what action we are
granting permissions for:
- Permissible gets passed the action type
- Effective permissions keeps the user role and eventually passes it to
  permissible
- Fixed spelling
- Still needs tests
2014-07-28 06:29:59 +01:00
Jason Williams
d59edf1806 Add a mixin for saving a subset of a model.
Closes #3403
- Add SelectiveSaveMixin so that a DS.Model can save one or more
  properties at a time while preserving other outstanding changes.
2014-07-27 21:04:35 +00:00
Sebastian Gierlinger
d895238571 Add XSS prevention
closes #3387
- added placeholder for <script> and <iframe>
- added google-caja sanitizer
- changed title in posts overview to ‚double-stash‘
2014-07-27 23:03:01 +02:00
Sebastian Gierlinger
f0d38aa66d Hide Access Token
closes #3177
- uses an iFrame to initiate the download to hide the access token

The access token is now hidden in the admin logic. If we would like to
completely hide the token it is possible to remove the access token and
use signed requests instead, but I think the effort isn’t worth the
benefit in this case.
2014-07-27 22:57:57 +02:00
Hannah Wolfe
6628127297 Merge pull request #3413 from halfdan/3407-meta-title
Correct meta_title for author pages.
2014-07-27 19:58:50 +01:00
Hannah Wolfe
77ae8394e0 Merge pull request #3393 from joeldrapper/sort-roles-dropdown
Fixed role sort order in the invite a new user drop down list
2014-07-27 19:39:06 +01:00
Hannah Wolfe
8c017de4d3 Merge pull request #3412 from novaugust/credentials-validation-convergance
Create new user validator to DRY up validators
2014-07-27 19:38:24 +01:00
Hannah Wolfe
f372ecddf0 Merge pull request #3411 from novaugust/signup-password
Rebind password to password input on signup page
2014-07-27 19:36:54 +01:00
Jason Williams
9dfef70d25 Do not clear password until after leaving signin
Closes #3399
- Provide our own authenticate action handler which does not
  clear the password input.
- Use the Signin route's deactivate hook to clear the password
  property on the controller after the user has transitioned
  away from the signin page.
2014-07-26 19:06:58 +00:00
Hannah Wolfe
1cff73f36c Merge pull request #3406 from simplabs/update-ember-simple-auth
Updated Ember Simple Auth to latest version
2014-07-26 17:24:18 +01:00
Fabian Becker
1cd2fa59bd Correct meta_title for author pages.
closes #3407
- Output correct meta_title for author pages
- Add test for meta_title for tag and author pages
2014-07-25 19:48:49 +00:00
Matt Enlow
0d7033f662 Create new user validator to DRY up validators
No issue
- Created NewUserValidator class to DRY up validation of a models name, email, and password
- Changed SignUpValidator to be an instance of NewUserValidator
- Changed SetUpValidator to extend NewUserValidator
2014-07-25 13:20:40 -06:00
Matt Enlow
698f5f6f6e Rebind name and password to inputs on signup page
Closes #3410, Ref #3392
- Removed setting name from user email address per issue #3392
2014-07-25 13:04:33 -06:00
Marco Otte-Witte
6406acef5c updated Ember Simple Auth to latest version 2014-07-25 16:04:19 +02:00
Hannah Wolfe
d2d25faa5c Merge pull request #3397 from morficus/issue-3392
Removing "full name" auto-popualtion during signup
2014-07-25 09:54:51 +01:00
joeldrapper
25b20bb2fe Roles drop down sorted by ID
closes #3391
- Changed sort order to ID instead of name
2014-07-25 09:41:12 +01:00
Hannah Wolfe
ce483a916a Merge pull request #3398 from morficus/issue-3396
Fixing resend user invitation
2014-07-25 08:53:13 +01:00
Hannah Wolfe
d1b84f0f7f Merge pull request #3394 from IanMitchell/settings-user-button
Hides <Users button for authors
2014-07-25 08:51:45 +01:00
Hannah Wolfe
85f3c192dd Merge pull request #3386 from felixrieseberg/iss3374
Signin: Proper notification if user not found
2014-07-25 08:48:49 +01:00
Hannah Wolfe
cc67f295ef Merge pull request #3385 from felixrieseberg/iss3375
Signin error notifications kept from stacking
2014-07-25 08:48:08 +01:00
Maurice Williams
a3da09b50f Removing "full name" auto-popualtion during signup
closes #3392
- removing data-binding attribute for "name" input box on signup screen
- removing data-binding attribute for "password" input box on signup screen
- making "email" the first input box and "name" the 2nd
- removing "autofocus" attribute for "email" input box on signup screen
2014-07-24 22:49:57 -04:00
Maurice Williams
69642e8e53 Fixing resend user invitation
closes #3396
- passing role when resending a users invitation
2014-07-24 22:42:55 -04:00
Ian Mitchell
ff3e68ec36 Hides <Users button for authors
closes #3295
- The <Users button visibility is now restricted by user role
2014-07-24 18:54:02 -07:00
Hannah Wolfe
a9a5acf2f2 Merge pull request #3377 from PaulAdamDavis/signout-button
Change signout link to button
2014-07-24 17:52:09 +01:00
Hannah Wolfe
81cd617741 Merge pull request #3376 from felixrieseberg/iss3292
Redirect authors and editors away from debug page
2014-07-24 17:51:16 +01:00
Hannah Wolfe
1d926787b3 Merge pull request #3368 from felixrieseberg/master
Show errors on reset page (Closes #3330)
2014-07-24 17:49:56 +01:00
John O'Nolan
b6b32ab570 Five posts per page 2014-07-24 17:43:48 +01:00
Felix Rieseberg
0b39df777b Signin: Proper notification if user not found
closes #3374
- If user object is returned but undefined, we'll display a
human-readable
error notification (user model)
- If user object is returned, but the user is inactive or invited (but
not
activated), we'll display a human-readable error notification
2014-07-24 11:34:52 -04:00
Felix Rieseberg
61cf8690dd Signin error notifications kept from stacking
closes #3375
- Prior to showing error notifications, the signin route now calls
  closePassive().
2014-07-24 11:16:00 -04:00
Jason Williams
8a2d50b871 Improve handling of users and roles in admin
Closes #3083 Refs #3229
- Populates the dropdown list in the invite user menu with the
  list of roles a user is permitted to create.
- Users API now checks the invite user request for allowed roles.
- Change API response from 200 to 201 on successful invitation.
- Change API response from 500 to 201 when the user was created but
  the email was not sent.  The client will show a warning notification
  when it sees 'invite-pending' as the new user's status.
- Add support for "?status=all" to the /users endpoint.
- Refactor the route and controller for the /settings/users page so
  that there's only one network API call to load users instead of two.
2014-07-24 14:20:47 +00:00
Felix Rieseberg
80f71e31fd Show error notifications on "reset password" page
closes #3330
- Caught errors are displayed using notifications util
2014-07-24 08:45:42 -04:00
Hannah Wolfe
a7415d38c0 Merge pull request #3380 from sebgie/issue#3373
Fix incorrect error
2014-07-24 12:19:20 +01:00
Hannah Wolfe
96cbd1738d Merge pull request #3362 from sebgie/issue#3087-2
Transfer Ownership
2014-07-24 12:19:08 +01:00
Sebastian Gierlinger
fa054a8eba Fix incorrect error
closes #3373
- added check if role is already assigned
- added check for unknown fields to fixDates/fixBools
- permissions are not implemented yet, so everyone is able to edit
owner ;-)
2014-07-24 10:17:10 +02:00
Maurice Williams
835bf0bd07 Preventing rogue modals from popping up when hitting the enter-key
closes #3352
- adding a ```type``` attribute to buttons inside form in the settings section
- scanning the rest of the project to find any other buttons w/a missing attribute
2014-07-23 22:58:50 -04:00
Felix Rieseberg
dbcb827772 Redirect authors and editors away from debug page
A signed in user with role author or editor will be redirected back to
/ghost.

closes #3292
2014-07-23 17:25:13 -04:00
Paul Adam Davis
93051fcbdb Change signout link to button
References https://github.com/TryGhost/Ghost-UI/issues/65

- Swap signout link from an `<a>` tag to `<button>`
- Changed tests to match new element
2014-07-23 22:12:45 +01:00
Sebastian Gierlinger
1eff3d9471 Fix importer bug for IE
closes #3339
- removed check for mime type
2014-07-23 16:53:03 +02:00
Sebastian Gierlinger
17589a1afe Merge pull request #2306 from mscdex/update-busboy 2014-07-23 15:52:41 +02:00
Sebastian Gierlinger
c43d860a3f Transfer Ownership
closes #3364 (special thanks to @jaswilli)
closes #3087
- added modal
- added controller
2014-07-23 12:41:31 +02:00
Sebastian Gierlinger
ed39e375a2 Fix author page
no issue
- fixed: author page used config object as function
2014-07-23 09:39:51 +02:00
Hannah Wolfe
337713ce63 Refactor fixture use in tests
no issue

- Refactor all integration tests to specify and load ONLY the fixtures
  they require to run, rather than initialising the whole kit-and-kaboodle
  for every single test which takes FOREVER.
- Refactor the route tests to share a doAuth function, and also specify
  additional fixtures required
- Move import and export unit tests, which are actually integration tests
  (they touch the DB)
- Comment out most of the permissions unit tests for now as they need more
  stubs/mocks so as to not touch the DB

Still todo:

- prevent default DB initialisation in route tests, and specify all
  fixtures requires as per the integration tests
- fix up the unit/permissions_spec
2014-07-23 05:04:50 +01:00
Hannah Wolfe
63efa541bd Merge pull request #3367 from jaswilli/issue-3161
Get Ember Admin ready for production
2014-07-23 04:47:19 +01:00
Hannah Wolfe
8e472c9d74 Merge pull request #3344 from hswolff/test-speedup
Speedup tests
2014-07-23 04:43:53 +01:00
Hannah Wolfe
29f867eb85 Merge pull request #3365 from PaulAdamDavis/user-list-img-bg-swap
Make user list images background-image's
2014-07-23 04:11:14 +01:00
Hannah Wolfe
6f1af2aa1c Merge pull request #3358 from IanMitchell/sidebar-role
Hide Settings Sidebar Based on Role
2014-07-23 03:41:40 +01:00
Harry Wolff
be37070fb6 This aims to speed up both the ghost application and tests by
migration from usage of config() to just an object of config.

no relevant issue

- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing.  Its sole purpose is to make sure a `config.js`
 file exists, and as such the name now reflects that purpose.

- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules

- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.

- Fixes to tests to support new config access method

- Allow each test to still work when invoked invidually
2014-07-22 22:37:44 -04:00
Jason Williams
7ae48f1dd3 Get Ember Admin ready for production
Closes #3161
- Add a config.js file for the client which is used to configure
  Ember.Application during runtime. The correct version of config.js
  is copied into place by grunt via the copy:(dev|prod) task from
  either config-dev.js or config-prod.js.
- Serve minified and production versions of libraries where applicable
  including handlebars-runtime and ember-prod.
- Bundle third party libraries into vendor.min.js.
- Bundle Ghost's Ember app and templates into ghost.min.js
- Remove all fixture data and code from the client.
2014-07-22 22:33:49 +00:00
Hannah Wolfe
a620e9017e updating tests to match casper 2014-07-22 23:26:13 +01:00
Paul Adam Davis
3079104815 Make user list images background-image's
References https://github.com/TryGhost/Ghost-UI/issues/76

- Swap user avatars in the user list from ing tags to background images
2014-07-22 20:13:30 +01:00
Ian Mitchell
47ae9d6ca6 Hide Settings Sidebar Based on Role
Implements #3294. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-22 08:03:52 -07:00
Jason Williams
739b57e05b Update Users API to handle role objects or ids
Closes #3357
- API method User#edit now handles User objects that have either
  an array of Role ids or objects.
- Fixed error handler notification on upload modal controller.
2014-07-22 05:48:16 +00:00
Hannah Wolfe
27c1dbd409 Merge pull request #3341 from PaulAdamDavis/psm-class-ammend
Correct markup for the PSM author dropdown
2014-07-22 01:12:45 +01:00
Hannah Wolfe
dabc780110 Merge pull request #3343 from sebgie/issue#3087
Add edit roles
2014-07-22 01:12:26 +01:00
Hannah Wolfe
7f0c2b7782 Merge pull request #3356 from IanMitchell/header-role
Hide Settings Tab if Author
2014-07-21 23:48:01 +01:00
Hannah Wolfe
5b41358e45 Merge pull request #3347 from jaswilli/posts-content
Only load posts once on navigating to content tab
2014-07-21 23:47:55 +01:00
Ian Mitchell
6c0c3c4bde Hide Settings Tab if Author
Implements #3293. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-21 14:31:10 -07:00
Hannah Wolfe
9535af1665 Merge pull request #3355 from JohnONolan/trim
Trim version number in RSS feeds
2014-07-21 22:24:05 +01:00
John O'Nolan
d60382f0f0 Trim version number in RSS feeds 2014-07-21 23:07:21 +02:00
Sebastian Gierlinger
28b03ec87e Add edit roles
refs #3087
- added ability to edit user/roles relation
- user is not allowed assign roles to himself
- only one role per user is supported atm
- added tests
2014-07-21 22:50:43 +02:00
Ian Mitchell
27c42c2bf0 Implements User Role Label
Closes #3287.
2014-07-21 13:31:25 -07:00
Paul Adam Davis
f304d3ed34 Correct markup for the PSM author dropdown 2014-07-21 21:15:14 +01:00
Hannah Wolfe
c0732292ac Merge pull request #3331 from ErisDS/issue-3076
Author pages
2014-07-21 20:57:06 +01:00
Hannah Wolfe
bb70e2b294 Merge pull request #3351 from sebgie/no-inline-script
Remove inline script from default.hbs
2014-07-21 20:55:18 +01:00
Jason Williams
1c356f59b2 Only load posts once on navigating to content tab
No Issue
- Loading posts from the API should not be necessary in PostsIndexRoute
  because its parent resource (PostsRoute) pre-loads the store.
  Changing the store.find to store.all gets rid of a duplicate
  network request to load all posts.
2014-07-21 19:44:03 +00:00