Commit Graph

2397 Commits

Author SHA1 Message Date
Hannah Wolfe
ecc8c96c03 Merge pull request #3444 from sebgie/fix-invitations
Fix Invitations
2014-07-30 13:40:23 +01:00
Hannah Wolfe
92805d70e1 Merge pull request #3424 from jgable/fixSettings
Fix lazy loading of settings
2014-07-30 13:39:46 +01:00
Alan Richards
dacd1060ee Settings screens redirect for certain roles
Closes #3291
- Adds redirects based on roles as defined in the case
- Adds new mixin `CurrentUserSettings`
- For authors, all settings pages redirect to `users/self`
- For editors, all settings pages other than specific users redirect to `users`. Any user that is not self or an author redirects to `users`
2014-07-30 00:57:16 -07:00
Jason Williams
a4fe341c2f Ghost instance not needed in update check test
Refs #3424, Refs #3444
- API and test suite refactoring triggered a conflict with
  the way update_check_spec.js was written.  Using a running
  copy of Ghost is no longer needed in those tests so it
  was removed.
2014-07-29 22:29:13 +00:00
Jason Williams
725d4aac7d Fixup signin and signout
No Issue
- Move authentication related handlers to the Application route.
- Switch Sign Out from a button to a link.  Use the signout route
  to handle invalidating the session and redirecting instead of
  an action from a button.
- Clear error messages on signin page when pressing log in button.
- Errors are now always shown on sign in screen and a success
  notification is shown after sign out.
- Update functional tests.
2014-07-29 20:58:43 +00:00
Hannah Wolfe
4e85ac1c94 Adding new {{title}} helper
closes #3389
2014-07-29 21:45:56 +01:00
Hannah Wolfe
e4134ccad7 Merge pull request #3438 from hswolff/home-template
Add ability to create a 'home.hbs' template file for templates
2014-07-29 17:10:47 +01:00
Hannah Wolfe
68895c70eb Merge pull request #3442 from sebgie/issue#2330
Remove email address from frontend
2014-07-29 17:10:35 +01:00
Jacob Gable
0b34ad84cb Fix lazy loading of settings
Closes #3281

- Add the missing return to populateDefault
- Wrap defaultSetting in [] when passing to readSettingsResult
- Populate default value of dbHash in parseDefaultSettings
- Modify migrations.init to only load databaseVersion for export_spec test
- Fix spacing in test util file and null reference error in test
- Uncomment user tests (but add .skip) and remove settings from testUtils.setup()
2014-07-29 10:43:38 -05:00
Sebastian Gierlinger
83e1ffca1d Fix Invitations
no issue
- added `invited-pending` when resending invitation
- promise chain was missing a return statement
- email error was masked and front end showed success notification
2014-07-29 15:35:48 +02:00
Harry Wolff
fd61b9ff2a Add ability to create a 'home.hbs' template file for templates
issue #3409

- DRYs out the controllers/frontend a little by moving common functinoality
 into its own function
- adds ability to use home.hbs template file if it exists
- adds unit tests for this functionality
2014-07-29 08:14:20 -04:00
Hannah Wolfe
0ffc5e6d47 Improve importer error messaging
closes #3274

- Ensure that validation errors are always handled by moving them into the
  importer
- Ensure that db errors are handled consistently across sqlite and mysql
- Change the errors to be output in a table, with a short failure notification
- Add tests for 003 importing bad files
2014-07-29 12:02:18 +01:00
Hannah Wolfe
c094facb28 Merge pull request #3415 from PaulAdamDavis/plural-helper
Plural handlebars helper
2014-07-29 11:54:06 +01:00
Hannah Wolfe
9f2ddf7937 Merge pull request #3440 from sebgie/notification-reset-invite
Reset/Signin while signed in
2014-07-29 11:52:40 +01:00
Paul Adam Davis
503f359aab Add plural handlebars helper
Closes #3414

- Adds a helper which shows a select string deopending on the number of items provided

```
{{plural pagination.total empty='No posts' singular='% post' plural='% posts'}}
```
If `pagination.total` == 0, output 'No Posts'
If `pagination.total` == 1, outputs `1 Post`
If `pagination.total` ==  2 or more, outputs `2 Posts`

Credit to @sebgie for making this work.
2014-07-29 11:40:31 +01:00
Sebastian Gierlinger
d5747430e9 Remove email address from frontend
closes #2330
- added deletion email address from post.author in front end
- updated tests
- with some refactoring this could be done on API level
2014-07-29 11:23:02 +02:00
Hannah Wolfe
49660ff703 Test for invite users error
refs #3433
2014-07-29 10:19:02 +01:00
Hannah Wolfe
f5a3a05951 Merge pull request #3439 from morficus/issue-3427
Removing "author" role-label
2014-07-29 08:40:56 +01:00
Maurice Williams
de1dc4d0d0 Removing "author" role-label
closes #3427
- adding conditional statement to now display users with role "author"
2014-07-29 01:50:34 -04:00
Maurice Williams
e30e29bf5d Implementing HTML emails
closes #3082
- no more in-line HTML strings
- adding files for "welcome", "reset password", and "invite user" emails
- added mail.generateContent() to create HTML and plain-text email content
- refactored methods that trigger emails to send both HTML and plain-text emails
2014-07-29 00:55:14 -04:00
Hannah Wolfe
9343bccb1f Merge pull request #3437 from morficus/issue-3433
Error when inviting users
2014-07-29 05:36:28 +01:00
Maurice Williams
e15fb9ed57 Error when inviting users
fixes #3433
- passing only the role ID when creating a user
- uncommenting test cases
2014-07-29 00:06:40 -04:00
Hannah Wolfe
e8bb8e2c11 Merge pull request #3435 from jaswilli/issue-3133
Preserve order of tags as entered by the user.
2014-07-29 04:36:25 +01:00
Hannah Wolfe
37399b30db Merge pull request #3430 from sebgie/refresh-token-expiry
Change refresh token expiry
2014-07-29 04:19:46 +01:00
Hannah Wolfe
407133df27 Merge pull request #3434 from gleneivey/3431-run-with-latest-casperjs
Change casperjs helper used to get RSS page content.
2014-07-29 04:18:51 +01:00
Jason Williams
7a7138e534 Preserve order of tags as entered by the user.
Closes #3133
- Implement an ordered set for the tags property of the tag
  input controller.  Set order is by order added to the post.
2014-07-29 02:16:21 +00:00
Sebastian Gierlinger
b3112a4349 Reset/Signin while signed in
no issue
- added redirect and notification to reset route
- added notification to signup route
2014-07-28 18:00:08 +02:00
Glen E. Ivey
8826d4e663 Change casperjs helper used to get RSS page content.
closes #3431
- change feed_test.js to call casperjs getHTML() instead of
  getPageContent(), because the latter now strips markup

Alternative fix would be to use .page.frameContent directly
instead of using a casperjs wrapper.

Change runs cleanly on Travis (old casperjs tag) and locally
in the Ghost-Vagrant setup with both the old casperjs tag
and the current HEAD SHA (29bbd03f7cdc9fc1e70f0fe1400635dd7d3537ad)
2014-07-28 07:58:24 -07:00
Sebastian Gierlinger
e1c0c5ce98 Change refresh token expiry
no issue
- acquiring a new access token using a refresh token sets the
expiration time of the refresh token to now + 24 hrs.
- moved all occurrences of ONE_HOUR, ONE_DAY and ONE_YEAR to
`core/server/utils`
2014-07-28 15:19:49 +02:00
Sebastian Gierlinger
cc471aedcb Merge pull request #3395 from ErisDS/issue-3096
User Permissions: Edit, Add, Destroy & Role management
2014-07-28 12:04:07 +02:00
Hannah Wolfe
6adc6efb3b Merge pull request #3423 from jaswilli/issue-3403
Add a mixin for saving a subset of a model.
2014-07-28 09:49:19 +01:00
Hannah Wolfe
64766de8d6 Merge pull request #3422 from sebgie/issue#3177
Hide Access Token
2014-07-28 09:18:42 +01:00
Hannah Wolfe
987e9277dc User edit, add & destroy perms restricted by role
closes #3096, closes #3378, refs #3100

- user.permissible updated to reflect proper permissions
- small amount of API refactoring to handle extra cases
- extensive integration testing
2014-07-28 08:32:04 +01:00
Hannah Wolfe
7714dc6ab1 Adding role API tests & fixing browse
refs #3083, refs #3196
2014-07-28 07:22:06 +01:00
Hannah Wolfe
e7dc51dc66 Improving error handling 2014-07-28 06:30:01 +01:00
Hannah Wolfe
4e3b21b7da Permissions Improvements
refs #3083, #3096

In order to implement advanced permissions based on roles for specific
actions, we need to know
what role the current context user has and also what action we are
granting permissions for:
- Permissible gets passed the action type
- Effective permissions keeps the user role and eventually passes it to
  permissible
- Fixed spelling
- Still needs tests
2014-07-28 06:29:59 +01:00
Jason Williams
d59edf1806 Add a mixin for saving a subset of a model.
Closes #3403
- Add SelectiveSaveMixin so that a DS.Model can save one or more
  properties at a time while preserving other outstanding changes.
2014-07-27 21:04:35 +00:00
Sebastian Gierlinger
d895238571 Add XSS prevention
closes #3387
- added placeholder for <script> and <iframe>
- added google-caja sanitizer
- changed title in posts overview to ‚double-stash‘
2014-07-27 23:03:01 +02:00
Sebastian Gierlinger
f0d38aa66d Hide Access Token
closes #3177
- uses an iFrame to initiate the download to hide the access token

The access token is now hidden in the admin logic. If we would like to
completely hide the token it is possible to remove the access token and
use signed requests instead, but I think the effort isn’t worth the
benefit in this case.
2014-07-27 22:57:57 +02:00
Hannah Wolfe
6628127297 Merge pull request #3413 from halfdan/3407-meta-title
Correct meta_title for author pages.
2014-07-27 19:58:50 +01:00
Hannah Wolfe
77ae8394e0 Merge pull request #3393 from joeldrapper/sort-roles-dropdown
Fixed role sort order in the invite a new user drop down list
2014-07-27 19:39:06 +01:00
Hannah Wolfe
8c017de4d3 Merge pull request #3412 from novaugust/credentials-validation-convergance
Create new user validator to DRY up validators
2014-07-27 19:38:24 +01:00
Hannah Wolfe
f372ecddf0 Merge pull request #3411 from novaugust/signup-password
Rebind password to password input on signup page
2014-07-27 19:36:54 +01:00
Jason Williams
9dfef70d25 Do not clear password until after leaving signin
Closes #3399
- Provide our own authenticate action handler which does not
  clear the password input.
- Use the Signin route's deactivate hook to clear the password
  property on the controller after the user has transitioned
  away from the signin page.
2014-07-26 19:06:58 +00:00
Hannah Wolfe
1cff73f36c Merge pull request #3406 from simplabs/update-ember-simple-auth
Updated Ember Simple Auth to latest version
2014-07-26 17:24:18 +01:00
Fabian Becker
1cd2fa59bd Correct meta_title for author pages.
closes #3407
- Output correct meta_title for author pages
- Add test for meta_title for tag and author pages
2014-07-25 19:48:49 +00:00
Matt Enlow
0d7033f662 Create new user validator to DRY up validators
No issue
- Created NewUserValidator class to DRY up validation of a models name, email, and password
- Changed SignUpValidator to be an instance of NewUserValidator
- Changed SetUpValidator to extend NewUserValidator
2014-07-25 13:20:40 -06:00
Matt Enlow
698f5f6f6e Rebind name and password to inputs on signup page
Closes #3410, Ref #3392
- Removed setting name from user email address per issue #3392
2014-07-25 13:04:33 -06:00
Marco Otte-Witte
6406acef5c updated Ember Simple Auth to latest version 2014-07-25 16:04:19 +02:00
Hannah Wolfe
d2d25faa5c Merge pull request #3397 from morficus/issue-3392
Removing "full name" auto-popualtion during signup
2014-07-25 09:54:51 +01:00
joeldrapper
25b20bb2fe Roles drop down sorted by ID
closes #3391
- Changed sort order to ID instead of name
2014-07-25 09:41:12 +01:00
Hannah Wolfe
ce483a916a Merge pull request #3398 from morficus/issue-3396
Fixing resend user invitation
2014-07-25 08:53:13 +01:00
Hannah Wolfe
d1b84f0f7f Merge pull request #3394 from IanMitchell/settings-user-button
Hides <Users button for authors
2014-07-25 08:51:45 +01:00
Hannah Wolfe
85f3c192dd Merge pull request #3386 from felixrieseberg/iss3374
Signin: Proper notification if user not found
2014-07-25 08:48:49 +01:00
Hannah Wolfe
cc67f295ef Merge pull request #3385 from felixrieseberg/iss3375
Signin error notifications kept from stacking
2014-07-25 08:48:08 +01:00
Maurice Williams
a3da09b50f Removing "full name" auto-popualtion during signup
closes #3392
- removing data-binding attribute for "name" input box on signup screen
- removing data-binding attribute for "password" input box on signup screen
- making "email" the first input box and "name" the 2nd
- removing "autofocus" attribute for "email" input box on signup screen
2014-07-24 22:49:57 -04:00
Maurice Williams
69642e8e53 Fixing resend user invitation
closes #3396
- passing role when resending a users invitation
2014-07-24 22:42:55 -04:00
Ian Mitchell
ff3e68ec36 Hides <Users button for authors
closes #3295
- The <Users button visibility is now restricted by user role
2014-07-24 18:54:02 -07:00
Hannah Wolfe
a9a5acf2f2 Merge pull request #3377 from PaulAdamDavis/signout-button
Change signout link to button
2014-07-24 17:52:09 +01:00
Hannah Wolfe
81cd617741 Merge pull request #3376 from felixrieseberg/iss3292
Redirect authors and editors away from debug page
2014-07-24 17:51:16 +01:00
Hannah Wolfe
1d926787b3 Merge pull request #3368 from felixrieseberg/master
Show errors on reset page (Closes #3330)
2014-07-24 17:49:56 +01:00
John O'Nolan
b6b32ab570 Five posts per page 2014-07-24 17:43:48 +01:00
Felix Rieseberg
0b39df777b Signin: Proper notification if user not found
closes #3374
- If user object is returned but undefined, we'll display a
human-readable
error notification (user model)
- If user object is returned, but the user is inactive or invited (but
not
activated), we'll display a human-readable error notification
2014-07-24 11:34:52 -04:00
Felix Rieseberg
61cf8690dd Signin error notifications kept from stacking
closes #3375
- Prior to showing error notifications, the signin route now calls
  closePassive().
2014-07-24 11:16:00 -04:00
Jason Williams
8a2d50b871 Improve handling of users and roles in admin
Closes #3083 Refs #3229
- Populates the dropdown list in the invite user menu with the
  list of roles a user is permitted to create.
- Users API now checks the invite user request for allowed roles.
- Change API response from 200 to 201 on successful invitation.
- Change API response from 500 to 201 when the user was created but
  the email was not sent.  The client will show a warning notification
  when it sees 'invite-pending' as the new user's status.
- Add support for "?status=all" to the /users endpoint.
- Refactor the route and controller for the /settings/users page so
  that there's only one network API call to load users instead of two.
2014-07-24 14:20:47 +00:00
Felix Rieseberg
80f71e31fd Show error notifications on "reset password" page
closes #3330
- Caught errors are displayed using notifications util
2014-07-24 08:45:42 -04:00
Hannah Wolfe
a7415d38c0 Merge pull request #3380 from sebgie/issue#3373
Fix incorrect error
2014-07-24 12:19:20 +01:00
Hannah Wolfe
96cbd1738d Merge pull request #3362 from sebgie/issue#3087-2
Transfer Ownership
2014-07-24 12:19:08 +01:00
Sebastian Gierlinger
fa054a8eba Fix incorrect error
closes #3373
- added check if role is already assigned
- added check for unknown fields to fixDates/fixBools
- permissions are not implemented yet, so everyone is able to edit
owner ;-)
2014-07-24 10:17:10 +02:00
Maurice Williams
835bf0bd07 Preventing rogue modals from popping up when hitting the enter-key
closes #3352
- adding a ```type``` attribute to buttons inside form in the settings section
- scanning the rest of the project to find any other buttons w/a missing attribute
2014-07-23 22:58:50 -04:00
Felix Rieseberg
dbcb827772 Redirect authors and editors away from debug page
A signed in user with role author or editor will be redirected back to
/ghost.

closes #3292
2014-07-23 17:25:13 -04:00
Paul Adam Davis
93051fcbdb Change signout link to button
References https://github.com/TryGhost/Ghost-UI/issues/65

- Swap signout link from an `<a>` tag to `<button>`
- Changed tests to match new element
2014-07-23 22:12:45 +01:00
Sebastian Gierlinger
1eff3d9471 Fix importer bug for IE
closes #3339
- removed check for mime type
2014-07-23 16:53:03 +02:00
Sebastian Gierlinger
17589a1afe Merge pull request #2306 from mscdex/update-busboy 2014-07-23 15:52:41 +02:00
Sebastian Gierlinger
c43d860a3f Transfer Ownership
closes #3364 (special thanks to @jaswilli)
closes #3087
- added modal
- added controller
2014-07-23 12:41:31 +02:00
Sebastian Gierlinger
ed39e375a2 Fix author page
no issue
- fixed: author page used config object as function
2014-07-23 09:39:51 +02:00
Hannah Wolfe
337713ce63 Refactor fixture use in tests
no issue

- Refactor all integration tests to specify and load ONLY the fixtures
  they require to run, rather than initialising the whole kit-and-kaboodle
  for every single test which takes FOREVER.
- Refactor the route tests to share a doAuth function, and also specify
  additional fixtures required
- Move import and export unit tests, which are actually integration tests
  (they touch the DB)
- Comment out most of the permissions unit tests for now as they need more
  stubs/mocks so as to not touch the DB

Still todo:

- prevent default DB initialisation in route tests, and specify all
  fixtures requires as per the integration tests
- fix up the unit/permissions_spec
2014-07-23 05:04:50 +01:00
Hannah Wolfe
63efa541bd Merge pull request #3367 from jaswilli/issue-3161
Get Ember Admin ready for production
2014-07-23 04:47:19 +01:00
Hannah Wolfe
8e472c9d74 Merge pull request #3344 from hswolff/test-speedup
Speedup tests
2014-07-23 04:43:53 +01:00
Hannah Wolfe
29f867eb85 Merge pull request #3365 from PaulAdamDavis/user-list-img-bg-swap
Make user list images background-image's
2014-07-23 04:11:14 +01:00
Hannah Wolfe
6f1af2aa1c Merge pull request #3358 from IanMitchell/sidebar-role
Hide Settings Sidebar Based on Role
2014-07-23 03:41:40 +01:00
Harry Wolff
be37070fb6 This aims to speed up both the ghost application and tests by
migration from usage of config() to just an object of config.

no relevant issue

- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing.  Its sole purpose is to make sure a `config.js`
 file exists, and as such the name now reflects that purpose.

- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules

- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.

- Fixes to tests to support new config access method

- Allow each test to still work when invoked invidually
2014-07-22 22:37:44 -04:00
Jason Williams
7ae48f1dd3 Get Ember Admin ready for production
Closes #3161
- Add a config.js file for the client which is used to configure
  Ember.Application during runtime. The correct version of config.js
  is copied into place by grunt via the copy:(dev|prod) task from
  either config-dev.js or config-prod.js.
- Serve minified and production versions of libraries where applicable
  including handlebars-runtime and ember-prod.
- Bundle third party libraries into vendor.min.js.
- Bundle Ghost's Ember app and templates into ghost.min.js
- Remove all fixture data and code from the client.
2014-07-22 22:33:49 +00:00
Hannah Wolfe
a620e9017e updating tests to match casper 2014-07-22 23:26:13 +01:00
Paul Adam Davis
3079104815 Make user list images background-image's
References https://github.com/TryGhost/Ghost-UI/issues/76

- Swap user avatars in the user list from ing tags to background images
2014-07-22 20:13:30 +01:00
Ian Mitchell
47ae9d6ca6 Hide Settings Sidebar Based on Role
Implements #3294. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-22 08:03:52 -07:00
Jason Williams
739b57e05b Update Users API to handle role objects or ids
Closes #3357
- API method User#edit now handles User objects that have either
  an array of Role ids or objects.
- Fixed error handler notification on upload modal controller.
2014-07-22 05:48:16 +00:00
Hannah Wolfe
27c1dbd409 Merge pull request #3341 from PaulAdamDavis/psm-class-ammend
Correct markup for the PSM author dropdown
2014-07-22 01:12:45 +01:00
Hannah Wolfe
dabc780110 Merge pull request #3343 from sebgie/issue#3087
Add edit roles
2014-07-22 01:12:26 +01:00
Hannah Wolfe
7f0c2b7782 Merge pull request #3356 from IanMitchell/header-role
Hide Settings Tab if Author
2014-07-21 23:48:01 +01:00
Hannah Wolfe
5b41358e45 Merge pull request #3347 from jaswilli/posts-content
Only load posts once on navigating to content tab
2014-07-21 23:47:55 +01:00
Ian Mitchell
6c0c3c4bde Hide Settings Tab if Author
Implements #3293. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-21 14:31:10 -07:00
Hannah Wolfe
9535af1665 Merge pull request #3355 from JohnONolan/trim
Trim version number in RSS feeds
2014-07-21 22:24:05 +01:00
John O'Nolan
d60382f0f0 Trim version number in RSS feeds 2014-07-21 23:07:21 +02:00
Sebastian Gierlinger
28b03ec87e Add edit roles
refs #3087
- added ability to edit user/roles relation
- user is not allowed assign roles to himself
- only one role per user is supported atm
- added tests
2014-07-21 22:50:43 +02:00
Ian Mitchell
27c42c2bf0 Implements User Role Label
Closes #3287.
2014-07-21 13:31:25 -07:00
Paul Adam Davis
f304d3ed34 Correct markup for the PSM author dropdown 2014-07-21 21:15:14 +01:00
Hannah Wolfe
c0732292ac Merge pull request #3331 from ErisDS/issue-3076
Author pages
2014-07-21 20:57:06 +01:00
Hannah Wolfe
bb70e2b294 Merge pull request #3351 from sebgie/no-inline-script
Remove inline script from default.hbs
2014-07-21 20:55:18 +01:00
Jason Williams
1c356f59b2 Only load posts once on navigating to content tab
No Issue
- Loading posts from the API should not be necessary in PostsIndexRoute
  because its parent resource (PostsRoute) pre-loads the store.
  Changing the store.find to store.all gets rid of a duplicate
  network request to load all posts.
2014-07-21 19:44:03 +00:00
Hannah Wolfe
1caa5bd6e0 Merge pull request #3346 from jaswilli/issue-3325
Extend adapter to support automatic includes
2014-07-21 20:38:57 +01:00
Hannah Wolfe
90880469f6 Merge pull request #3337 from morficus/issue-3222
Pagination on the Users Management screen
2014-07-21 20:34:53 +01:00
Hannah Wolfe
0e168574f0 Merge pull request #3311 from javorszky/iss3196
Added /roles/ API endpoint
2014-07-21 20:34:29 +01:00
Jason Williams
2dcce82fe4 Fix check for using default cover image
Closes #3348
- Cover attribute is a string so its typeof will always return
  string. Switch check to Ember.isBlank.
2014-07-21 18:04:49 +00:00
Maurice Williams
a8ca517c54 Pagination for Users Management screen
closes #3222
- implementing server-side pagination for /users API
- passing /users?limit=none will return all users
- passing /users?status=invited will filter base on user status
- creating 3 mixins (route, controller and view) to keep pagination logic DRY
- updating route, controller and view for Posts to use new mixing
- implementing infinite scrolling for Users Management screen (using new mixins)
- Users Management screen displays all invited users, but paginates active users
2014-07-21 14:03:26 -04:00
Sebastian Gierlinger
05b3606fd3 Remove inline script from default.hbs
no issue
- added config values as data attributes
- removed inline script
- removed current-user.js
2014-07-21 20:00:54 +02:00
Jason Williams
2e67d6bf99 Extend adapter to support automatic includes
Closes #3325
- Add Roles model and add hasMany roles to User model.
- Add EmbeddedRelationAdapter that will automatically include
  hasMany relations in calls to the API.
- UserAdapter and PostAdapter now extend EmbeddedRelationAdapter
  and all explicit includes from store.find() have been removed.
2014-07-21 17:05:13 +00:00
Hannah Wolfe
29800356de Merge pull request #3345 from novaugust/model-relationships
Add relationships to client models
2014-07-21 16:17:43 +01:00
Hannah Wolfe
88743d03c4 Merge pull request #3340 from sebgie/issue#3339
Fix file validation for importer
2014-07-21 16:00:30 +01:00
Gabor Javorszky
80f9023020 Added /roles/ API endpoint
Closes #3196

* adds `/roles/` endpoint
* is given the current user as context
* wraps everything in a canthis.browse.role
* gets all the available roles (should "Owner" be filtered out?)
* optional parameter: `permission=assign`. Gets all roles authenticated user could assign
* if we're not signed in, gives a "please sign in" (standard) error
* if we're signed in, but user is not in the context, gives a "there was no user in the context" error
* if the user is an "Author", gives a "there are no available roles to assign" error
* implemented hacky filter because when.js produces heisenbugs past 3.2.3 (when.filter not available)
* added extra fixtures to `permissions.json`. Might need a migration.

Caveats:

* there are no tests
* for some reason the setup functional test was failing for me locally
2014-07-21 15:02:25 +01:00
Matt Enlow
3667fa9885 Add relationships to client models
No issue
- Removed tabs from tag.js (why didn't jshint catch this?)
- Removed superfluous `activate` in SettingsIndexRoute
- updated `UserModel` and `TagModel` to have `created_by, updated_by` be references to `user` objects.
- updated `UserModel` to use `moment-date` instead of `date`
2014-07-21 08:01:59 -06:00
Hannah Wolfe
4c276603ec Fix tests tripping spam protection 2014-07-21 14:33:42 +01:00
Hannah Wolfe
44cfcb6b01 Caching db config in migration utils 2014-07-21 13:25:53 +01:00
Hannah Wolfe
cf9839c71d Integration tests use consistent teardown methods 2014-07-21 13:25:51 +01:00
Sebastian Gierlinger
772d81849e Fix file validation for importer
refs #3339
- wrong call to file validation
- refs the issue because I get application/json on OSX? Is this
something Windows specific?
2014-07-20 23:07:17 +02:00
Hannah Wolfe
c2f0fd54da Merge pull request #3326 from ErisDS/issue-3309
Adding helper for invite status
2014-07-20 19:11:05 +01:00
Hannah Wolfe
2b28e252d7 Merge pull request #3336 from javorszky/fix-catches-in-tests
Replaces then(null, done) with .catch(done), OCD on blank lines
2014-07-20 18:03:28 +01:00
Hannah Wolfe
4fb3b53653 Merge pull request #3334 from JohnONolan/BIGGER
Larger default gravatar images
2014-07-20 18:03:23 +01:00
Hannah Wolfe
b7aa09f439 Author helpers
closes #3077

- expend urlFor to handle /author/ urls
- update author helper to output a link
2014-07-20 17:57:59 +01:00
John O'Nolan
d10771b711 Larger default gravatar images 2014-07-20 18:50:07 +02:00
Hannah Wolfe
2d01e15a18 Author pages
refs #3076

- This is a first draft implementation, just to make it work so that we can get casper working
2014-07-20 17:49:19 +01:00
Gabor Javorszky
36ba3549e7 Replaces then(null, done) with .catch(done), OCD on blank lines
No issue
2014-07-20 17:32:29 +01:00
Hannah Wolfe
9575b25711 switched parent_id for parent
fixes #3333
2014-07-20 16:39:56 +01:00
Hannah Wolfe
27f980bd42 Removing console.log 2014-07-20 13:35:39 +01:00
Hannah Wolfe
5a6af020c5 Model & test cleanup 2014-07-20 09:34:30 +01:00
Hannah Wolfe
ab90c40e4e Adding helper for invite status
closes #3309, refs #3229

- adds different message depending on status
- doesn't delete the new user if the problem was an email error
- filters the 2 lists based on all statuses
2014-07-20 09:23:57 +01:00
Hannah Wolfe
82742fc233 Export 003
closes #3284

- ensure token tables aren't exported
- cleanup filename
- failed export throws internal server error
2014-07-19 22:38:21 +01:00
Hannah Wolfe
cf4dd8eaa5 Merge pull request #3324 from novaugust/psm-authors
Add Author dropdown to PostSettingsMenu
2014-07-19 01:43:43 +01:00
Hannah Wolfe
43b91f281d Merge pull request #3322 from jaswilli/check-setup
Check setup status when making API responses
2014-07-19 00:36:12 +01:00
Matt Enlow
ad3ff49bea Add Author dropdown to PostSettingsMenu
Ref #3084
This PR does NOT hide the dropdown as required to close 3084.

- `EditorNewRoute` creates post with the author set to the current user
- added `authors` ArrayPromiseProxy (whoa, what?) to PSM
- added `changeAuthor` function that sets author and saves model when the user selects a new author
2014-07-18 17:29:46 -06:00
Hannah Wolfe
c9b24b0a9b Merge pull request #3321 from ErisDS/issue-2600-fin
Wrap up schema amends for 003
2014-07-19 00:19:14 +01:00
Hannah Wolfe
2498098095 Merge pull request #3320 from jaswilli/dup-slug-get
Prevent duplicate slug request on saving new post
2014-07-19 00:14:15 +01:00
Hannah Wolfe
67de186893 Merge pull request #3319 from ErisDS/issue-3275
Extending context concept to models
2014-07-19 00:13:19 +01:00
Hannah Wolfe
fdff51cb6c Merge pull request #3314 from jaswilli/issue-3160
Add a notify action to the notifications component
2014-07-19 00:11:10 +01:00
Jason Williams
7d3139d093 Check setup status when making API responses
Closes #3303, Closes #3299
- Check whether or not setup has been completed when deciding
  how to respond to certain API requests.
- Add tests.
2014-07-18 22:28:28 +00:00
Hannah Wolfe
8fc1b03ea7 Wrap up schema amends for 003
closes #2600

- adds 2 new columns to tags, for the soon-to-land tag management UI
- fixes validation for the active bool in app_fields
- adds missing return to addColumn command
- cleanup in addTableColumn util
2014-07-18 19:33:36 +01:00
Hannah Wolfe
f8a924731a Merge pull request #3318 from halfdan/apps-schema
Schema changes for Apps
2014-07-18 16:39:45 +01:00
Hannah Wolfe
214ef16fae Merge pull request #3297 from jaswilli/issue-3271
Turn off autocomplete for user profile form
2014-07-18 16:07:03 +01:00
Jason Williams
a18e5ce9ed Prevent duplicate slug request on saving new post
No Issue
- Do not run generateSlugPlaceholder if save has been initiated
  and the title has already been set on the post. At that stage
  a slug has already been generated and another API call is not
  necessary.
2014-07-18 15:05:10 +00:00
Hannah Wolfe
6e48275160 Extending context concept to models
fixes #3275, fixes #3290, ref #3086, ref #3084

- Ensure that we use the current logged in user and not just user 1 when
- removing hard coded user: 1 except where absolutely necessary
- passing context, rather than user to models
- base model has a new function to determine what id to use for created_by etc
2014-07-18 15:32:56 +01:00
Fabian Becker
5cd5f8cca9 Schema changes for Apps
refs #2465
- Add active field to app_fields
- Adjust data generator for app fields
2014-07-18 12:39:14 +00:00
Hannah Wolfe
d386f66f1e Merge pull request #3317 from sebgie/fix-edit-posts
Fix editing author
2014-07-18 11:15:41 +01:00
Sebastian Gierlinger
62c1ce128e Fix editing author
no issue
- author_id is converted to author for API responses but was never
converted back for requests
2014-07-18 10:48:48 +02:00
Paul Adam Davis
7b626baf3f Add class to invited users container
No issue

- Relates to 447c7d77ec (diff-acda43902fe5a16fa255b16e7b32e6d0R14)
- Adds class to the invited users container, used only for spacing right now
2014-07-18 09:02:35 +01:00
Jason Williams
b7be74907f Add a notify action to the notifications component
Refs #3160
- gh-notifications component now takes an optional notify
  parameter.  If present it will be invoked as an action
  when a notification is added or removed.
- Add a data-notification-count attribute to the main container
  that tracks the number of "top" notification messages that
  are currently being shown.
2014-07-17 17:34:38 +00:00
Hannah Wolfe
48cbf371a2 Merge pull request #3313 from ErisDS/improve-fixtures
FORCE_MIGRATION ensures fixtures are added
2014-07-17 18:21:44 +01:00
Jason Williams
ec1f4d0297 Turn off autocomplete for user profile form
Closes #3271
2014-07-17 17:09:20 +00:00
Hannah Wolfe
487844122d Merge pull request #3312 from ErisDS/issue-2739-2
Wire permmissions for notifications, mail and tags
2014-07-17 18:04:38 +01:00
Hannah Wolfe
65230cf1b8 Merge pull request #3302 from jgable/fixUserMe
Fetch actual user in settings/users/user
2014-07-17 18:01:55 +01:00
Jacob Gable
d874e79dbd Fetch actual user on settings/users/user
Closes #3279

- Switch from this.session.get('user') to this.store.find('user') and
some further limiting until a custom user adapter is created
- Switch the deactivate logic to rollback the used model
- Pass the user as the model in the link-to in user list template
2014-07-17 10:44:39 -05:00
Hannah Wolfe
cfaa6f058a Wire permmissions for notifications, mail and tags
closes #2739

- wraps the api endpoints for mail, notifications, and tags in a canThis
  check
- add internal context to internal calls
- updates tests
2014-07-17 16:44:09 +01:00
Hannah Wolfe
efa7665124 Merge pull request #3310 from sebgie/issue#3128-2
Fix tests failing because of spam protection
2014-07-17 16:41:31 +01:00
Hannah Wolfe
b46aa2b576 FORCE_MIGRATION ensures fixtures are added
refs #2600, refs #3296
2014-07-17 13:54:03 +01:00
Hannah Wolfe
6ab8a37f79 Merge pull request #3300 from ErisDS/issue-2739
Adding and renaming permissions
2014-07-17 13:25:47 +01:00
Hannah Wolfe
c28167c971 Merge pull request #3304 from JohnONolan/noplaceholder
Removing erroneous placeholder text from user profile
2014-07-17 13:23:04 +01:00
Sebastian Gierlinger
ab456638c1 Fix tests failing because of spam protection
closes #3128 (now really)
- added express variable disableLoginLimiter
- added disableLoginLimiter to all tests that use Ghost as module and
do authentication
- fixed isSetup not working for status other than active
- removed ‚Ensure a User is Registered‘ test as this is covered by the
new setup test
2014-07-17 14:22:32 +02:00
Sebastian Gierlinger
42f461cb6d Restored spam prevention
closes #3128
- added spam prevention middleware
- restored tests
2014-07-17 14:22:07 +02:00
Hannah Wolfe
31fa6bef1f Merge pull request #3308 from JohnONolan/newsignup
New signup screen
2014-07-17 13:09:53 +01:00
John O'Nolan
772f2c7a55 Removing erroneous placeholder text from user profile
Reverting the placeholder that was introduced in #2734 to fix #1623. We should handle this intelligently by automatically interpretting the input and using validation if we can't. The user should not have to know or care about what http is.

Regardless off any of the above, we should not be introducing user-facing text like this without proper consideration. A placeholder of "http://ghost.org" is far more confusing than no placeholder at all. It also looks like a cheap promotional tactic on our part.
2014-07-17 14:07:12 +02:00
John O'Nolan
b42577655a Fade in the setup form 2014-07-17 13:39:53 +02:00
John O'Nolan
9e75ec1f5a New signup screen
See #3082 - This borrows setup screen styles for now
2014-07-17 13:34:40 +02:00
Hannah Wolfe
ce06ad412a Adding and renaming permissions
refs #3283, refs #2739, refs #3096

- Renames permissions which didn't follow bread
- Adds permissions for notifications, mail and tags

Still todo:

- wire up the new permissions where they are needed
- add permissions for roles
2014-07-17 12:32:25 +01:00
Hannah Wolfe
5c1a7a7349 Revert "Restore spam prevention" 2014-07-17 12:11:23 +01:00
Hannah Wolfe
7ce22416c6 Merge pull request #3296 from ErisDS/force-migrate
Hacky FORCE_MIGRATION env var
2014-07-16 20:03:03 +01:00
Hannah Wolfe
00e3588656 Merge pull request #3298 from jaswilli/issue-3288
Handle undefined datetime values
2014-07-16 20:02:44 +01:00
Hannah Wolfe
ef8c280635 Merge pull request #3282 from sebgie/issue#3128
Restore spam prevention
2014-07-16 19:39:32 +01:00
Hannah Wolfe
eed2ac728c Hacky FORCE_MIGRATION env var
refs #2600

One day in the future it would be nice to have a CLI for Ghost
In the meantime, lets have an easy way to force migrations to run
This is for development, or dead end situations only
It will at least do a DB backup ;)
2014-07-16 19:20:26 +01:00
Jason Williams
422806f028 Handle undefined datetime values
Closes #3288
- Check for undefined last_login and created_at values that occur
  on a User model for an invited user.
2014-07-16 17:12:45 +00:00
Jason Williams
979c3f237c Prevent loading setup screen if already setup
Closes #3145
- Prevent navigation to the setup screen if Ghost setup
  has previously been completed.
- Fix templates that were incorrectly using foreach instead of each.
- Add validation for minimum password length.
- Fix up functional tests and split out tests for setup to a separate
  instance of casper because setup requires a new database.
- Add a cleanDatabase task to grunt which resets the database to
  new.
2014-07-16 15:54:42 +00:00
Sebastian Gierlinger
e4e027d17b Restored spam prevention
closes #3128
- added spam prevention middleware
- restored tests
2014-07-16 10:00:49 +02:00
Hannah Wolfe
5095c6f0dd Merge pull request #3277 from PaulAdamDavis/link-href-fixes
Replace anchors with no real href with buttons
2014-07-15 18:34:50 +01:00
Hannah Wolfe
34a0c42834 Merge pull request #3276 from sebgie/issue#3252
Move image upload to API
2014-07-15 18:09:32 +01:00
Paul Adam Davis
6451be695b Replace anchors with no real href with buttons
Closes #3101 & #916
2014-07-15 17:43:21 +01:00
Hannah Wolfe
0a2c72648d Merge pull request #3270 from ErisDS/migrations
Migration improvements
2014-07-15 17:00:59 +01:00
Hannah Wolfe
5ca558fe06 Merge pull request #3278 from jaswilli/prod-prep
Move inline templates to standalone template file
2014-07-15 17:00:01 +01:00
Hannah Wolfe
4d610268c6 Merge pull request #3259 from novaugust/settings-mobile-routing
Refactor Settings routing and mobile interactions
2014-07-15 16:55:02 +01:00
Jason Williams
b98163c713 Move inline templates to standalone template file
Refs #3161
- Move two inline template snippets from the post tags input
  component into the .hbs template file so they can be
  pre-compiled.  Needed when shipping only the handlebars runtime
  in production mode.
2014-07-15 15:21:44 +00:00
Matt Enlow
58b635203c Remove minor notifications; Close persistent notifications even on error
Closes #3105, Closes #3175

- Removed notification on successful post's `page` status change
- Removed notification on successful post `featured` status change
- Added `closePassive()` notifications on error in the post-settings-menu
- Persistent notifications will close whether their `DELETE` request was
  successful or not.

 #### Misc
- Added `name` attribute to `post-setting-menu.hbs` inputs to facilitate testing
- Removed `return <Promise>` from action in `PostSettingsMenuController`. Actions should only return `true`
- Toggling `post.featured` won't fire NProgress.
2014-07-15 09:03:18 -06:00
Sebastian Gierlinger
2957b0175e Move image upload to API
closes #3252
- added `/ghost/api/v0.1/uploads/` endpoint
- removed upload method from `controller/admin.js`
- moved removal of temporary files from storage to endpoint (needed to
account for failed uploads)
- changed and moved tests
- Oversight: I think that we use `.otherwise()` and `.catch()` a bit
too extensive and mask the real error objects. We probably need an
error handling strategy at some point in the future.
2014-07-15 12:40:14 +02:00
Matt Enlow
153f76aa7c Refactor settings routing and mobile interactions
Closes #3254, closes #3138, closes #3245
 ### Settings Routing and View refactoring
- Refactored `SettingsView` to handle transitions between mobile and desktop layouts
- `SettingsRoute` will only transition to `settings.general` if the screen is large enough to show both the menu and the content
- Added `SettingsIndexView` to handle showing the settings menu on mobile screens
- Added `SettingsContentBaseView` to be inherited by any settings view that is not index.
- Updated Settings templates appropriately to work with new views
- Removed extraneous `active` class from `settings-content`
- Changed settings menu to use `gh-activating-list-item`
- Retooled settings tests

 ### Mobile Utils
- Renamed file to `mobile.js`, since it's inside of `utils/`
- Added `mobileQuery` MediaQueryList to help detect layout changes
- Removed unused `hasTouchScreen`, `device.js` should be used instead.
- Removed unused `smallScreen` function
- Moved FastClickInit to codemirror-mobile
2014-07-14 17:36:48 -06:00
Hannah Wolfe
3ff9146d9e Server side cleanup
- remove sessions
- remove all references to csrf
- create a shared base model for the 2 types of token
2014-07-14 21:50:12 +01:00
Hannah Wolfe
34eb5c84fb Migration improvements
refs #2600

- fixed issue with defaults not being populated on upgrade
- added logging to all actions in the migration process to help debugging
  in future
- did a little bit of refactoring
2014-07-14 21:12:02 +01:00
Jason Williams
ef1858b6c7 Fix validations on user settings page
Closes #3271
- Change validations on both server and client to allow the
  Website field to be empty or a valid URL.
- Add new schema validation helper isEmptyOrURL.
- Remove duplicate call to UserValidator in the save action
  of the SettingsUser controller.
- User.last_login and User.created_at are already Moment objects
  so Moment#fromNow can be called on them directly.
2014-07-14 18:12:57 +00:00
Hannah Wolfe
6cdf9e5999 Merge pull request #3238 from ErisDS/issue-2600
Refactor fixtures & fixture migrations to 003
2014-07-14 17:03:08 +01:00
Hannah Wolfe
0565027900 Refactoring fixtures
refs #2600, refs #2379

Refactoring fixtures to make permission management a little easier
- Separate fixtures into JSON file and split permissions fixtures from other fixtures
- make fixture migrations more robust by fetching objects, not relying on
  ids and checking before adding
- changed owner fixture slightly to remove any confusion between the 'Owner' role and 'Ghost Owner' user.
- moved 003 fixture versions out of config into logic, possibly not a good
  idea
- refactored permissions fixtures and added permissions_roles fixtures to
  make it easier to read / add
2014-07-14 15:52:47 +01:00
Harry Wolff
4f727ed068 Settings: Admin User Tab
closes #2422

- updated to use new change password method
- have all save settings use notifications
- create assetUrl helper for creating asset paths with subdir's properly
 prefixed
- move all url based helpers onto a url object in ghost-paths
2014-07-14 08:52:06 -04:00
Hannah Wolfe
e20c773e5d Merge pull request #3260 from sebgie/invited-pending
Add status invited-pending for users
2014-07-14 11:14:13 +01:00
Sebastian Gierlinger
db5e02da2b Add status invited-pending for users
no issue
- added status invited-pending for invited users where sending the
invitation email failed
- removed console.log() from authentication.js
2014-07-14 11:13:23 +02:00
Matt Enlow
0fa3ab807c Fire NProgress on User, Post, and Settings save
Closes #3037
- Created `NProgressSaveMixin`, which extends the `save` method of a model
  to fire NProgress.
- Extended `UserModel`, `PostModel`, and `SettingModel` with the new
  mixin.
- NProgress can be disabled by passing an options hash to the save function with the `{disableNProgress:true}`
- Now that the ValidationEngine isn't the only thing playing with options inside of `model#save`, refactored it to pass the options down the super chain.
2014-07-13 14:19:27 -06:00
Hannah Wolfe
a8f99df63f Merge pull request #3258 from ErisDS/model-registry
Use bookshelf's model registry plugin
2014-07-13 21:15:25 +01:00
Hannah Wolfe
6b59639331 Merge pull request #3256 from PaulAdamDavis/fix-notification-flicker
Check the end of notification fade-out animation
2014-07-13 21:14:31 +01:00
Hannah Wolfe
0e93f7fa65 Merge pull request #3248 from jaswilli/issue-3246
Add validation to invite new user form.
2014-07-13 21:13:33 +01:00
Hannah Wolfe
b03ecd9ebc Use bookshelf's model registry plugin
Refs #2170

This removes the circular dependency problem from our models thanks to
https://github.com/tgriesser/bookshelf/issues/181
- add the registry plugin
- switch all models and collections to be registered
- switch relationships to be defined using a string, which calls from the registry
2014-07-13 18:18:25 +01:00
Paul Adam Davis
b08a4b1fe5 Check the end of notification fade-out animation 2014-07-13 15:00:25 +01:00
Paul Adam Davis
718adb6c3b Re-add back to Users button and make whole user item a link. 2014-07-13 13:33:21 +01:00
Jason Williams
af51e94cf0 Add validation to invite new user form.
Closes #3246
- Add a UserValidator to the validation engine that runs a set
  of validations based on the user status.
- Added validations for invited users and active users.
2014-07-11 19:09:34 +00:00
Jason Williams
1bf975af90 Turn on update notifications for Ember admin
Issue #3160
- Use notifications API to display available update notification.
- Remove update_notification handlebars helper as now both the
  check for an available update and the notification handling
  is run from the server's admin controller index method.
- Bind the notification's location property to a css class
  for styling.
- Refactor Ember notifications to better handle notification
  objects.  Move responsibility for css class generation onto
  the notification component.
- Refactor gh-notifications component to take a location argument
  that's used to assign a css class and filter notifications.
2014-07-11 15:02:26 +00:00
Hannah Wolfe
ef1207cc0d Merge pull request #3213 from hswolff/lazy-load-models
Preparation for lazy loading of models
2014-07-11 15:29:46 +01:00
Sebastian Gierlinger
8c2258dc4c Move setup to API
closes #3136
- moved setup to authentication API
- added `POST /ghost/api/v0.1/authentication/setup` to execute the
setup process
- added `GET /ghost/api/v0.1/authentication/setup` to check if blog is
already set up (needed for #3145)
- removed unused methods from api/users.js
2014-07-11 14:17:09 +02:00
Jason Williams
4ef4d0f97a Fix handling of async db calls in fixtures
Closes #3167
- Change fixture loading methods to keep track of promises
  returned from async database calls so that aggregators function
  correctly.
2014-07-11 02:39:06 +00:00
Hannah Wolfe
49b08c3bdc Merge pull request #3236 from sebgie/issue#3074
Setup hijacks owner user
2014-07-10 21:52:41 +01:00
Sebastian Gierlinger
215badc663 Setup hijacks owner user
closes #3074
- user generated by fixture is hijacked
- user is updated with name, email, password, slug and status
- creates new user if db is migrated but no user exists
- previously removed tests are back
2014-07-10 19:29:51 +02:00
Harry Wolff
25076ab087 Fix slowdown of tests by reverting back to using knex in test/utils 2014-07-10 08:05:03 -04:00
Harry Wolff
cddd23f926 Only reference model properties through the models module.
This frees us up to enforce one single point of access, thus paving
the way towards allowing us to initialize the models at are request,
and not when it's require().

addresses #2170
2014-07-10 08:04:32 -04:00
Harry Wolff
e3520feeec Move creation of knex instance to config module
addresses #2170
2014-07-10 08:00:24 -04:00
Hannah Wolfe
b69b5e7638 Merge pull request #3230 from jaswilli/issue-3226
Fix active theme selector.  Add validation to API.
2014-07-10 12:52:01 +01:00
Hannah Wolfe
f0ce3f2d02 Merge pull request #3235 from sebgie/issue#3073
Add owner fixture
2014-07-10 12:03:47 +01:00
Sebastian Gierlinger
5e4fae6f11 Add owner fixture
closes #3073
- added fixture for owner role
- added fixture for initial user (new db)
- added conversion administrator -> owner (existing db)
- changed tests to take over owner user
- removed some functional tests until /setup works with owner user
2014-07-10 12:00:51 +02:00
Jordan Sexton
66ae7e5669 Removed duplicative and unreferenced resources section 2014-07-09 18:48:00 -05:00
Jason Williams
fddf2ee42f Fix active theme selector. Add validation to API.
Closes #3226
- Remove dependent property from the computed content property
  that is used to build the active theme selector.
- Add validation to the Settings model so that it rejects
  attempts to set an activeTheme that is not installed.
2014-07-09 22:14:33 +00:00
Hannah Wolfe
d2cc9e5046 Merge pull request #3223 from ErisDS/issue-3187
Move post slug endpoint & add endpoints for users
2014-07-09 21:21:01 +01:00
Hannah Wolfe
a593cbfb53 Move post slug endpoint & add endpoints for users
closes #3187

- move slug endpoint to post/slug/:slug
- create similar  slug and email endpoint for users
- add/update tests
2014-07-09 16:55:34 +01:00
Sebastian Gierlinger
5b0b308513 Owner has all user permissions
closes #3075
- added special treatment for role with name ‚Owner‘
2014-07-09 13:34:38 +02:00
Hannah Wolfe
09e03f4d78 Merge pull request #3221 from sebgie/issue#3197
Add role to user object
2014-07-08 17:18:22 +01:00
Hannah Wolfe
84309e47eb Merge pull request #3219 from JohnONolan/email
New HTML email template
2014-07-08 17:06:48 +01:00
Sebastian Gierlinger
035fb04d34 closes #3197
- added role to user obj (only returned from the user endpoint)
- added `/users/?include=roles` and
`/users/?include=roles,roles.permissions` query parameters
- added and updated tests
2014-07-08 18:00:59 +02:00
Maurice Williams
889239b326 Wiring up "resend" and "revoke" button on user management screen
fixes #3214
- new ```resendInvite``` method on the User model encapsulates all logic
- only sending users email address when re-inviting, since the user already exists on the back-end
- ```revoke``` calls DELETE on /ghost/api/v0.1/users/:user_id
2014-07-08 11:32:34 -04:00
John O'Nolan
474e888b8f New HTML email template
See #3082
2014-07-07 22:47:34 +02:00
Hannah Wolfe
56b680a689 Merge pull request #3217 from PaulAdamDavis/new-form-style
New form styles
2014-07-07 20:38:22 +01:00
Hannah Wolfe
0febf71c97 Merge pull request #3216 from novaugust/mobile-menu
Fix mobile sidebar menu
2014-07-07 20:38:04 +01:00
Hannah Wolfe
4fe37c00b5 Merge pull request #3211 from novaugust/yearless-date-parsing
Add yearless date as an acceptable format for moment parsing
2014-07-07 20:13:13 +01:00
Paul Adam Davis
4f5f84e02a Aditional classes in settings and invite user modal for the new form style 2014-07-07 17:00:47 +01:00
Matt Enlow
77941275ed Fix mobile sidebar menu
Closes #3110
- Created `ApplicationView`
- Added `js-close-sidebar` classes to navbar navigation links
- Clicking on a navigation link in the sidebar will close it
2014-07-07 08:55:22 -06:00
Hannah Wolfe
906634ab68 Merge pull request #3207 from morficus/invite-new-user-modal
Implementation of "invite a new user" modal
2014-07-07 15:05:35 +01:00
Matt Enlow
c1dc9841c7 Add yearless date as an acceptable format for moment parsing
Closes #2331
2014-07-06 20:49:15 -06:00
Maurice Williams
972831c733 Implementation of "invite a new user" modal
Closes #3079
- new controller and template for invite-new-user-modal
- actually triggers email invite via POST /ghost/api/v0.1/users/
- setting default language value (on the client) when creating a user
- only available role is "Author" - pending 3196
- updates to UsersIndexController to allow dynamic property calculation and template rending
2014-07-06 16:18:51 -04:00
Hannah Wolfe
40b7cfbabf Merge pull request #3201 from jaswilli/issue-3199
Check datatype for date format conversion
2014-07-06 20:28:29 +01:00
Matt Enlow
8638fb2f1d Add access_token to debug screen's export link
Closes #3177
2014-07-05 14:48:39 -06:00
Jason Williams
05d199f9b4 Check datatype for date format conversion
Closes #3199
-If datatype is dateTime convert to javascript Date object when
 retrieved from the database.
-Add tests to make sure models and internal API are using Date
 objects for dateTime fields.
-Add tests to make sure the HTTP API is returning ISO 8601
 date strings for dateTime fields.
2014-07-05 19:15:32 +00:00
Maurice Williams
ad9997e995 Removing old "user settings" screen and putting in new MU "users settings" screen and updating functional test cases.
Fixes #3078
- new "users" resource, with matching controller and template
- fetching real data from /ghost/api/v0.1/users/
- updated "user" route to accept a :slug as a URL parameter
- updated labels everywhere (from "user" to "users")
- updated "profile" link to header to point to proper "users/:slug" route
- updated core/client/.jshintrc to recognize moment as a valid global function
- adjusted DOM selector used in Casper to properly identify the new screen
- adding "slug" as a new property of the user data used during the Casper functional tests
2014-07-05 11:33:03 -04:00
Hannah Wolfe
72a1789794 Merge pull request #3194 from novaugust/title-scratch
Indirect post title in editor
2014-07-04 23:19:44 +01:00
Hannah Wolfe
8b2edf7e56 Merge pull request #3192 from sebgie/issue#3081
Allow user to accept invitation
2014-07-04 23:18:47 +01:00
Hannah Wolfe
4a965ed3c8 Merge pull request #3178 from novaugust/popover-fadeout
Added fadeout to gh-popover
2014-07-04 23:17:29 +01:00
Matt Enlow
b1584f63c6 Added fadeout to gh-popover
Closes #2868
- Uses jQuery's `.fadeOut` whenever a popover is closed.

- Reordered `gh-popover`'s code into something a bit more logical and, if
  I may, pretty
- Renamed `open` property into `isOpen`. `isOpen` should only be
  manipulated via `close()` and `open()`
- Added `closing` property to help track state in the case of rapid clicks
  on a popover's button, allowing us to abort
` Added `open()` function
2014-07-03 13:13:18 -06:00
Matt Enlow
6b5b949099 Indirect post title in editor
Closes #3179
- Add `titleScratch` property to `PostModel`.
- Changed references to `title` to `titleScratch`
2014-07-03 11:09:05 -06:00
Sebastian Gierlinger
84cfd529ed Allow user to accept invitation
closes #3081
- added route `/ghost/api/v0.1/authentication/invitation`
- added accept invitation
- added signup with token
- removed check() from users api
- fixed promise in resetPassword()
2014-07-03 17:06:07 +02:00
Jason Williams
13229fb6a4 Fix server-side validation
Closes #3122
-Fix validation so that all values are validated instead
 of just values that evaluate to true.
-Ensure validation methods consistently return promises
 and switch error handling from try/catch to promise.catch
 to get rid of unhandled rejection warnings.
-Add 0 and 1 to list of acceptable values in boolean validation.
2014-07-03 14:57:57 +00:00
Hannah Wolfe
f114f4f2f6 Merge pull request #3174 from kevinansfield/session-user
Fix direct access to settings/user using session.user CP
2014-07-03 08:44:03 +01:00
Hannah Wolfe
e72eef57c2 Merge pull request #3180 from novaugust/psm-reset-on-error
PostSettingsMenu: Don't save new posts, reset values on failure
2014-07-02 23:07:46 +01:00
Matt Enlow
1421550a06 PostSettingsMenu: Don't save new posts, reset values on failure
Closes #3158, Closes #3143, Closes #3134
- Added `model.rollback()` when PSM fails to save.
- Added `showErrors` and `showSuccess` helper functions to PSM to abstract
  closing and showing of notifications.
- Added `togglePage` action to indirect the setting of `page`.
- Removed `isStaticPage` property in favor of `togglePage` action
- moved `updateSlug` error catching to outer promise (slugGenerator promise)
- modifying the `page` and `published_at` properties will no longer cause a new post to save
- Close passive notifications on published date parse fail
- Removed promise creation in catch statements

- Changed tests to click on label, rather than the input for
  .post-setting-static-page.
2014-07-02 15:29:15 -06:00
Hannah Wolfe
28b3dc57d7 Merge pull request #3185 from sebgie/issue#3080
Invite user API
2014-07-02 22:05:11 +01:00
Hannah Wolfe
012b93a885 Merge pull request #3184 from jaswilli/issue-3169
Fix up route parameter validation
2014-07-02 21:37:00 +01:00
Hannah Wolfe
4043f7dfcb Merge pull request #3181 from jaswilli/ember-misc
Prevent stacking notifications during rapid toggle
2014-07-02 21:36:40 +01:00
Hannah Wolfe
44ca159445 Merge pull request #3176 from PaulAdamDavis/2422-edit-user-ui
New edit user UI
2014-07-02 21:32:54 +01:00
Kevin Ansfield
7bfe6e9db7 Fix direct access to settings/user
closes #3162
- removes injection of user object in application route's beforeModel
- removes injection/cleanup of user object in signedIn/signedOut actions
- removes loading of user and passing to signedIn action in signup/setup controllers
- adds 'user' property to session object
- updates header nav to reference session.user
- sets model of settings/user route to session.user and forces reload
- on leaving settings/user, rollback any unsaved changes
2014-07-02 17:45:21 +02:00
Sebastian Gierlinger
79a80b67ac Invite user API
closes #3080
- added users.invite() to add user from email with random password
- added `GET /ghost/api/v0.1/users/` to invite users and resend
invitations
- removed one user limit
- added global utils for uid generation
- changed some „“ to ‚‘
2014-07-02 16:22:18 +02:00
Jason Williams
e54eb677e9 Fix up route parameter validation
Closes #3169
-Replace javascript methods that are not available on all
 supported browsers with lodash methods.
-Add returns to transitionTo calls in cases where the model
 hook should stop executing immediately.
2014-07-02 14:13:07 +00:00
Jason Williams
c6d9fdfe06 Prevent stacking notifications during rapid toggle
No issue
-Call notifications.closePassive after the resolution of the
 promise that generates the notifications. Otherwise multiple
 promises can stack up after notifications have been cleared,
 which results in a bunch of stacked notifications.
-Remove some unnecessary propagation of rejected promises from
 action handlers that can result in unhandled reject errors.
2014-07-02 03:42:27 +00:00
Paul Adam Davis
b013b1fb65 New edit user UI 2014-07-01 18:42:13 +01:00
David Arvelo
a7f1173f93 Signin Validation
closes #3120
- create `validateAndAuthenticate` action to validate, send `authenticate` action on success, notifications on error
- signin template uses `validateAndAuthenticate` action instead of `authenticate` action
2014-07-01 10:51:30 -04:00
Hannah Wolfe
087c483498 Merge pull request #3149 from kevinansfield/persistent-notifications
Persistent notifications
2014-07-01 14:23:38 +01:00
Hannah Wolfe
0beb36d387 Merge pull request #3172 from sebgie/issue#3145
Redirect setup if authenticated
2014-07-01 13:57:56 +01:00
Hannah Wolfe
df30511778 Merge pull request #3170 from sebgie/csrf-remove
Remove CSRF from client
2014-07-01 13:57:49 +01:00
Sebastian Gierlinger
b332e8c158 Redirect setup if authenticated
closes #3145
- added beforeModel redirect
- added test
2014-07-01 12:57:44 +02:00
Sebastian Gierlinger
be45e6fcd0 Remove CSRF from client
no issue
- removed occurrences of csrf from client
2014-07-01 11:39:01 +02:00
Kevin Ansfield
7e2e8b3376 Persistent notifications
closes #3057
- add Notification model
- update injected Notifications object to handle persistent notifications
- load server notifications on setup if logged in otherwise on successful sign-in
- changed all existing notifications.closeAll calls to closePassive
- fixed dismissable/dismissible spelling in server API & tests
- add notifications.closeNotification method so DELETE calls can be made for server-originating notifications
2014-07-01 11:36:21 +02:00
Sebastian Gierlinger
ace2cc1673 Redirect signin if authenticated
closes #3147
- added beforeModel redirect
- added test
2014-07-01 11:21:05 +02:00
Hannah Wolfe
9214f25dee Merge pull request #3165 from ErisDS/issue-3056
Replace the old admin with the ember admin
2014-07-01 09:04:22 +01:00
Hannah Wolfe
14779ffe83 Merge pull request #3157 from novaugust/device
Use Device.js to determine mobile editor use
2014-07-01 09:04:03 +01:00
Hannah Wolfe
f70f99b5cf Replace the old admin with the ember admin
closes #3056

- Remove clientold
- Remove clientold tests
- Cleanup old admin helpers
- Remove old routes from admin and controllers from admin controller
- Comment out / remove old and broken tests
- Cleanup Gruntfile.js, bower.js, package.json etc

Still TODO:

- cleanup / add removed tests
- do we still need countable?
2014-07-01 08:33:17 +01:00
David Arvelo
78affdedb1 Better handling of validation errors + more documentation
closes #3153
- this is all about the validation engine
- add a option, `opts.model`, to use a passed-in model directly if needed
- handle validators that return an array of strings, array of objects, or both
- ajax util returns either an array of errors or a single concat'd string
- remove formatErrors function from the mixin and make it private
- allow validation options to be passed into `.save()` since ember-data doesn't take params on `.save()` anyway
- streamline control flow
2014-06-30 22:35:03 -04:00
Matt Enlow
a82e6e8040 Use Device.js to determine mobile editor use
Ref #2570
- Adds new library, device.js to determine if the user is on an ios mobile
  or tablet.
2014-06-30 18:27:43 -06:00
Hannah Wolfe
c35884ea6e Merge pull request #3146 from darvelo/tags-tracking
Fix tag updating on model save in editor controller
2014-06-30 16:48:27 +01:00
Hannah Wolfe
48a2f9c70d Merge pull request #3144 from darvelo/sort-new-posts
New posts pass PostsController sorting function at the top
2014-06-30 16:23:51 +01:00
Hannah Wolfe
3a329d2198 Merge pull request #3150 from javorszky/iss2843
Made ember version of reset password work
2014-06-30 16:18:20 +01:00
Hannah Wolfe
2d4859cd9f Merge pull request #3155 from PaulAdamDavis/about-page
About page HTML
2014-06-30 16:07:27 +01:00
Gabor Javorszky
ad2bfb511f Made ember version of reset password work
Closes #2843

* Implemnted the ember validator correctly for both reset request and actual reset (with the token)
* added reset validator
* changed the request route addresses to be `/authentication/passwordreset`
* changed the format of data to be `{ thing: [ {data } ] }`

Missing:
* notifications
* tests for these use cases
2014-06-30 14:37:49 +01:00
Sebastian Gierlinger
36d58919c6 Signin after Signup
closes #3125
- added manual authentication after signin
- added manual authentication after setup
2014-06-30 15:34:36 +02:00
Sebastian Gierlinger
c8e8da4780 oAuth
closes #2759
closes #3027

- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based

Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125

**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
2014-06-30 14:58:10 +02:00
Paul Adam Davis
90d2244c2e About page HTML
No issue

This is the non-functional, non-Ember markup for the [About page](https://github.com/TryGhost/Ghost-UI/issues/23) from Ghost-UI
2014-06-30 09:54:52 +01:00
David Arvelo
a958a66c4c New posts pass PostsController sorting function at the top
- PostsController orderBy function sorts posts with isNew to the top, otherwise their undefined dates fail to compare
- also catch when `updated_at` is undefined, happens when model is being written with results from the server
- catch objects of type Error in validation engine, helps catching client errors
- join server errors with BR tag in ajax util
- add `emberBuild` task to `grunt test-functional`
- add a test helper, `thenTransitionAndWaitForScreenLoad`, to test transitioning to major parts of the app
- add a test that transitions from Content to the Editor, and back to Content
2014-06-29 21:49:32 -04:00
David Arvelo
c61817cc80 Fix tag updating on model save in editor controller
closes #3131
- create a hook in the editor controller that fires on a model's save events
- use this hook to perform all the things that need to happen on save, regardless of where the save originated
- remove logic from instances of model.save() that now belongs in the modelSaved hook
- detach the model event listeners on willTransition in the editor routes
2014-06-28 23:50:24 -04:00
David Arvelo
8cbc6dc3b7 Calls to POST API have include=tags
closes #2998
- update PostSerializer to use DS.EmbeddedRecordsMixin
- create PostAdapter to include include=tags in query params for POST and PUT
- set include=tags for various GET post requests
- change PostModel to have { embedded: always } instead of { async: true }
- update Ember-Data to beta8 from beta7
- make call to get tags from model in editor.edit route synchronous since the tags now exist in the store
- change casper test to wait for call to posts api with `?include=tags`
2014-06-28 03:13:31 -04:00
Hannah Wolfe
1b21a42b48 Merge pull request #3129 from jaswilli/issue-3071
Fix mail test send endpoint
2014-06-27 22:07:13 +01:00
Hannah Wolfe
5db08ee333 Ember post order matches server post order
fixes #3008

- this effectively breaks the sort order on the client, because the serverside order is marginally broken.
2014-06-27 21:57:59 +01:00
Hannah Wolfe
a7767a0586 Merge pull request #3115 from halfdan/2850-post-notifications
Show correct post notificatons based on status.
2014-06-27 21:52:28 +01:00
Hannah Wolfe
6cd6260fd2 Merge pull request #3111 from halfdan/3105-notifications
Close notifications on user action properly.
2014-06-27 21:35:29 +01:00
John O'Nolan
e2ca73a1a0 Merge pull request #3113 from ErisDS/issue-3106
Change text on leave modal cancel button
2014-06-27 19:00:11 +02:00
Jason Williams
2356692fe3 Fix mail test send endpoint
Closes #3071
-Refactor api.mail.sendTest to take a "to:" parameter.
-Inject recipient address into the mail api's sendTest method
 from the route handler.
2014-06-26 22:00:31 +00:00
Hannah Wolfe
b391c8d1ae Switching the tests to use ember admin by default
ref #3060

- Some of our tests use the old signin/signout as part of the setup/teardown process. The old stuff is going away, so this PR switches everything over to use the new admin by default.
- There wil be a further PR to remove the old stuff completely soon.
2014-06-26 16:05:42 +01:00
Fabian Becker
72156c7f89 New setup screen for blog installation.
fixes #3072
- Change router to handle /ember/setup/
- Adjust doSignup to also handle setup
- Adjust tests and add new where necessary
- Add setup controller, setup validation, setup route
- Adjust casper emberSetup to handle new setup
2014-06-26 15:31:44 +02:00
Fabian Becker
7fec884ea0 Show correct post notificatons based on status.
closes #2850
- Add messageMap from old admin
- Add two methods to pick the correct notification based on prev status and current status
2014-06-26 09:42:29 +00:00
Hannah Wolfe
b2c3e7b6a9 Change text on leave modal cancel button
issue #3106
2014-06-26 09:04:52 +01:00
Fabian Becker
1af5eb6248 Close notifications on user action properly.
fixes #3105, refs #3012
- Add additional closeAll() calls where users interact with data
2014-06-25 16:56:09 +00:00
Hannah Wolfe
9c4f427340 Merge pull request #3108 from novaugust/touch-editor-off
Add off as a noop function to touch editor.
2014-06-25 17:06:38 +01:00
Matt Enlow
0bb4c1bd06 Add off as a noop function to touch editor.
Closes #3107
2014-06-25 10:04:00 -06:00
Jason Williams
450095460a Stay on posts.index route when no posts exist
No Issue
2014-06-25 14:56:41 +00:00
Fabian Becker
b2662bbdff Allow tabbing responsive editor when not on mobile.
fixes #3095
- Add `click` event to floatingheader
2014-06-25 12:30:57 +00:00
Jason Williams
39c0f219e6 Finish Debug screen for Ember admin
Closes #2847
2014-06-25 04:36:17 +00:00
Hannah Wolfe
ca19017509 Set edit post shortcut to 'enter'
closes #2308
2014-06-24 23:58:43 +01:00
Hannah Wolfe
0c102f3e85 Merge pull request #3052 from ErisDS/issue-2851
Add error template, routes and controller
2014-06-24 23:52:29 +01:00
Hannah Wolfe
aabf853f88 Merge pull request #3055 from darvelo/mobile-interactions
Mobile Interactions
2014-06-24 23:52:14 +01:00
Hannah Wolfe
7bbf372660 Merge pull request #3050 from darvelo/mobile-editor
Implement Mobile Editor
2014-06-24 23:51:55 +01:00
Hannah Wolfe
30a96f9f30 Merge pull request #3089 from halfdan/app-slug
Generate slug when adding new app.
2014-06-24 23:34:53 +01:00
David Arvelo
d236d0a7c3 Mobile Interactions
closes #3018
- split clientold mobile interactions into their respective Ember routes/views
- create PostsView and SettingsView with mobile interactions
- place interactions for the publish bar into ApplicationRoute on init
2014-06-24 18:33:59 -04:00
David Arvelo
6658675646 Implement Mobile Editor
closes #2957
- add FastClick library to Gruntfile.js
- add touch-editor to client/assets/lib/
- add mobile-specific utils to util/mobile-utils.js
- add codemirror util to set up TouchEditor only if we're really on mobile
- change gh-codemirror from having a default action to a named action. prevents Ember.TextArea firing action on change
- change gh-codemirror `cm.getDoc().getValue()` to `cm.getValue()` for portability
- change codemirror-shortcuts ES6 export/import style
- changed ghostimagepreview.js to check for Ember.touchEditor in addition to Ghost.touchEditor
2014-06-24 18:33:43 -04:00
Hannah Wolfe
299b59385b Add error template, route and controller
closes #2851

- adds asset paths to ghostPaths as we don't have an asset helper
- sends any invalid routes to 404
2014-06-24 23:33:02 +01:00
Fabian Becker
3d2205195d Generate slug when adding new app.
No issue
- Remove duplicate code from model_posts_spec.
- Add slug generation to app model
- Test slug generation on app model
2014-06-24 22:20:35 +00:00
Hannah Wolfe
e0587ed79b Merge pull request #3054 from jaswilli/issue-3036-settings
Enable validation for settings/general screen
2014-06-24 23:00:56 +01:00
Hannah Wolfe
62ec124aee Merge pull request #3066 from kevinansfield/fix-sticky-incomplete-tags
Fix incomplete tags sticking between post edits
2014-06-24 21:07:27 +01:00