Commit Graph

165 Commits

Author SHA1 Message Date
Aileen Nowak
2875f5a9bc 🐛 config.theme.timezone must not be overwritten (#7232)
closes #7182

When calling `config.set()` in the settings api, we want to set the active timezone of the blog to make it available in our `settingsCache`. But because the `theme` object in the `set` prototype was already set to `Etc/UTC` as default, the `_.merge` function would always overwrite our `activeTimezone` with the default value.

This PR changes the code in the way, that we always set 'Etc/UTC' for the timezone as default, _until_ we fetched our settings and therefore the `activeTimezone` setting, so we can overwrite it.

This issue had not only influence on the date helper, but everywhere in our codebase, where we rely on reading the `timezone` from our config, instead of our settings. The `{{@blog.timezone}}` helper reflected that quiet well, as it would always show `Etc/UTC`
2016-08-22 17:56:35 +02:00
Katharina Irrgang
663b410fd4 feature: upload validation middleware (#7208)
no issue

- Source out validation logic into a upload validation middleware for all upload types (csv, image, subscribers). This unit can be later used for Ghost 1.0 as a pre validation core unit. 
- More usage of route tests than controller tests. These are use case tests, a use case only changes if the product changes
2016-08-18 20:25:51 +01:00
Lukas Strassel
9d1848ce5c Allow usage of blogurl:port inside of navigation (#6998)
closes #6893

- modified logic to allow urls in form of domain:port to be referenced in navigation
- added a test a domain:port link
2016-07-21 14:05:13 +01:00
Katharina Irrgang
748c664b78 feature: maintenance mode (#7019)
closes #6976
- add maintenance mode when running migrations
- refactor update/populate migrations
2016-07-15 17:22:41 +01:00
Lukas Strassel
9222577c27 allow multiple subdirectories (#7062)
refs #6958 (first task of it)
-includes additional tests
-Instead of removing all slashes "/g" we now specifically remove leading and trailing slashes.
2016-07-15 12:35:39 +02:00
kirrg001
507677f071 fix: url for post path when post is not published
closes #6999
2016-06-20 14:48:01 +02:00
kirrg001
b5ebd0200b post-scheduling: flat config for scheduling 2016-06-14 15:13:00 +02:00
“kirrg001”
1421c92ba5 post-scheduling
refs #6413
- PUT endpoint to publish a post/page for the scheduler
- fn endpoint to get all scheduled posts (with from/to query params) for the scheduler
- hardcoded permission handling for scheduler client
- fix event bug: unscheduled
- basic structure for scheduling
- post scheduling basics
- offer easy option to change adapter
- integrate the default scheduler adapter
- update scheduled posts when blog TZ changes
- safety check before scheduler can publish a post (not allowed to publish in the future or past)
- add force flag to allow publishing in the past
- invalidate cache header for /schedules/posts/:id
2016-06-14 10:52:13 +02:00
kirrg001
7d5baf4e9a fix: put default timezone into config
no issue
- config.theme.timezone can be undefined, when settings are not loaded from the database
- this PR will define the default blog TZ in config
- use `Etc/UTC` as default instead of `Europe/Dublin`
2016-06-13 15:02:52 +02:00
Hannah Wolfe
eeb41a8976 Merge pull request #6945 from sakulstra/bugfix-url-on-external-page
Allow domain name to be referenced on an external page in the navigation
2016-06-10 18:20:15 +01:00
Lukas Strassel
696a06fa00 Allow domain name to be referenced on an external page in the navigation.
closes #6939
- added a test for the specific issue
- modified the url generation to allow the url in an external pages slug
2016-06-09 15:28:58 +02:00
Ethan Garofolo
b3c88b8c14 Fixes #6935 - Let Bluebird know Promise is not runaway 2016-06-08 07:47:45 -06:00
kirrg001
ff132fd934 timezones: support permalinks based on current timezone
issue #6406
- redirect date permalink if timezone changed
- create permalinks based on blog TZ
- post-lookup fn is now more generic
2016-05-20 18:14:19 +02:00
Sebastian Gierlinger
01ae7ae49f Subscribers: Model, API & CSV import/export
- subscriber model
- subscriber app updates
- subscriber end points
- import/export CSV
- added headers to export file
- added dynamic email field detection for import
- returns stats object after CSV import
- mask error message from DB
2016-05-11 10:28:10 +02:00
Terin Stock
7bbfc37df6 automatically insert Link rel="preload" headers 2016-04-26 14:07:36 -07:00
Hannah Wolfe
c5eda57f1e Minor internal apps improvements
refs #6589

- add internalAppsPath as a proper config path
- middleware/routes will be setup for any internal apps which have the function
- this should be refactored into some sort of proper hooks system as part of apps
- internal apps get permission to do anything the proxy allows
2016-04-14 19:05:48 +01:00
Austin Burdine
1181707a9d move private-blogging functionality into an internal app
closes #5914, #6589
- moves all private-blogging related code & tests into /server/apps/private-blogging/
- rework Grunt to run private-blogging tests
- modify server apps code to have a place for internal apps
2016-04-11 08:58:41 -05:00
Hannah Wolfe
2386a69f9d Always override database config + exit tests on error
refs #6354, #6495 & #6599

- don't allow config.database to be merged, instead, override it always
- make sure that route tests call done even when they error
2016-03-14 15:39:59 +00:00
Hannah Wolfe
9309adc511 Exporter cleanup & tests
refs #6301

- change knex getter def to be configurable, else it is not testable
- remove exportPath and lang from config - neither are used
- add client_trusted_domains to tables which shouldn't be exported as there are no clients in the export
- change export signature to be an object with `doExport` function consistent with import & easier to test
- cleanup export code so it is clearer, easier to read & to test:
  - use mapSeries instead of sequence
  - use Promise.props instead of Promise.join
  - split functionality into smaller functions
- add test coverage
2016-03-12 19:01:25 +00:00
Hannah Wolfe
1c85650108 Move db connection out of config
refs #5047

- database connections are not configuration
2016-02-12 13:56:23 +00:00
Hannah Wolfe
c549914ae8 Merge pull request #6316 from halfdan/5606-subdir
Make regex for subfolder deduplication more restrictive
2016-01-20 20:09:29 +00:00
Hannah Wolfe
4a7a19c86a Merge pull request #6070 from kevinkucharczyk/harvesting-server-side-strings
Harvest server side strings
2016-01-12 20:04:53 +00:00
JT Turner
e4c52a6915 Fix urlFor to handle secure correctly
issue #6270
- Exposed getBaseUrl on the config class.
- Fix formatting config index as array was more then 140 characters long.
- Updated getBaseUrl to handle secure by replacing http with https if true.
- Fixed ghost_head helper to output canonical base url no https.
- Fixed ghost_head helper to set secure correctly for the rss link.
- Fixed navigation helper to pass secure in each nav item, so that urlFor can u$
- Fixed {{url}} to pass secure correctly to config.urlFor.
- Fixed test to use urlSSL over https besides for canonical.
- Add tests for {{url}} and to make sure they output https for absolute and secure.
- Update twitter and og url to use the canonical url.
2016-01-11 19:40:30 -08:00
Fabian Becker
c8e30f0182 Make regex for subfolder deduplication more restrictive
- Add subdir to protected slugs
- Fix regex for subfolder deduplication

fixes #5605
2016-01-11 12:46:59 +01:00
rfpe
7abcc43907 Harvest server side strings
closes #5617
- Replace all hard-coded server-side strings with i18n translations
2015-12-19 12:12:16 +01:00
Hannah Wolfe
9eadeb9fbb Prep shared API URL util for use on external sites
refs #5942, #6150

There were a few key problems I was looking to solve with this:

- Introduce a single point of truth for what the URL for accessing the API should be
- Provide a simple way to configure the utility (much like a true SDK)

As of this commit, this utility is still automatically available in a Ghost theme.
To use it on an external site, the code would look like:

```
<script type="text/javascript" src="http://my-ghost-blog.com/shared/ghost-url.min.js"></script>
<script type="text/javascript">
ghost.init({
   clientId: "<your-client-id>",
   clientSecret: "<your-client-secret>"
});
</script>
```

To achieve this, there have been a number of changes:

- A new `apiUrl` function has been added to config, which calculates the correct URL. This needs to be unified with the other url generation functions as a separate piece of work.
- The serveSharedFile middleware has been updated, so that it can serve files from / or /shared and to substitute `{{api-url}}` as it does `{{blog-url}}`.
- ghost-url.js and ghost-url.min.js have been updated to be served via the serveSharedFile middleware
- ghost-url.js has been changed slightly, to take the url from an inline variable which is substituted the first time it is served
- `{{ghost_head}}` has been updated, removing the api url handling which is now in config/url.js and removing the configuration of the utility in favour of calling `init()` after the script is required
- `{{ghost_head}}` has also had the meta tags for client id and secret removed
- tests have been updated
2015-12-15 11:50:46 +00:00
Hannah Wolfe
bc97de5fe9 Unify usage of config in unit tests
no issue

- provide a single point for accessing config in unit tests
- create a single way to set and restore config
- ensure that restore deletes top level optional keys that are now undefined
- use this._config in check deprecations, otherwise the config gets cached
- solves issues with interdependent tests
2015-12-15 10:48:24 +00:00
Hannah Wolfe
e84b7f3217 Cache permalinks & postsPerPage on config.theme
no issue

- Cache the permalinks & postsPerPage settings on the config.theme object
- Use the config.theme cache to reference these items throughout the frontend of a blog
- Removes the need for workarounds and extra code to handle async fetches
- Makes these values accessible to all themes, which is very useful now we have the API stuff
2015-12-15 08:16:53 +00:00
vdemedes
05f44c4c64 Add readThemes() utility to get a list of themes
refs #5923
- add read-themes module to get a list of themes
- replace readDirectory() usage with readThemes(), where only themes are needed
- test read-themes
- test read-directory
- test validate-themes
- test parse-package-json
- add tempfile testing utility to generate temporary paths
2015-10-13 15:54:41 +02:00
vdemedes
20fec74c73 Refactor require-tree and split it into models
closes #5492
- remove core/server/require-tree.js and split it into modules
- add read-directory module to recursively read directories
- add validate-themes module to scan themes and return errors/warnings
- add parse-package-json module to parse json and validate requirements
- rewrite core/server/models/index.js to manually require models
2015-10-12 17:48:37 +02:00
Sebastian Gierlinger
bfefbabfdc Merge pull request #5931 from ErisDS/issue-5905-context
Fix /author/ pages crashing & permit /tag/
2015-10-12 10:35:37 +02:00
Hannah Wolfe
26231d5bd3 Fix /author/ pages crashing & permit /tag/
fixes #5905

- update context patterns to correctly match author & tag pages
- remove 'tag' and 'tags' from reserved slugs - we'll handle this in terms of overrides in future
2015-10-10 14:52:23 +01:00
Hannah Wolfe
20c192557d Test support for various URL schemes
refs #5801
2015-09-27 10:31:49 +01:00
Kevin Ansfield
621b633079 Fix front-end URL output for more URL schemes
- allows direct pass-through of protocol-relative (`//host`), alternate-scheme (`tel:`), and anchor-only urls (`#contact`)
2015-09-25 22:58:37 +01:00
Fabian Becker
0309b5aa46 Fix urlFor to preserve mailto:
fixes #5561
2015-07-18 03:45:06 +02:00
John O'Mahoney
5fd9d3567f Improve Ghost starup checks and errors
closes #5358
- Moved node version check and exits if not supported
- Removed upgrade warning from `ghost-server.js`
- Perform a check for NODE_ENV, uses `config.example.js` if none apparent
2015-06-23 18:04:37 +01:00
Hannah Wolfe
2700bfa4cc Refactor URL builder
refs #1833

- Refactor url generation to use a base urlJoin method
- urlJoin handles slash de-duping and subdir de-duping
- fixes sitemap xml option
2015-06-02 21:50:17 +01:00
Hannah Wolfe
06959661c0 Misc grunt /dev updates
- Updated all dev dependencies in the root package.json
- Added `--colors` to mocha when called from grunt test:... so that works better
- Removed non-unit tests from coverage, because they're just not useful
- Updated docker config to generate useful docs again - as a statement of intent, I also updated docs in key files
- Setup grunt watch-docs task for documentation writing easyness
2015-05-28 20:25:14 +01:00
Hannah Wolfe
da8752cc88 Merge pull request #5290 from josephwegner/chalk-colors-swap
replace colors with chalk everywhere
2015-05-21 16:28:41 +01:00
Joe Wegner
f26179ae6a replace colors with chalk everywhere
issue #5259
- removes the colors dependency
- adds in chalk dependency, and migrates everything to use that
- reduces some specs now that the log calls are cleaner
2015-05-19 11:07:40 -05:00
Hannah Wolfe
c3dda5e5c4 Theming updates for password protection
refs #4993, #5073

- Removed nonexistent helpers siteDescription and bodyClass from admin templates
- Changed password.hbs to private.hbs to match the route name
- added a new input_password helper for rendering the password input with the correct properties
- removed the forward input as this can be handled via urls only
- moved 'private' to routeKeywords
- added 'private' context
- minor update to text next to the password in settings
2015-05-13 19:48:24 +01:00
Austin Burdine
2865662ee5 added password protection
closes #4993
- brings password protection to the frontend of blogs
- adds testing for password protection
- upgrades bcrypt-js to 2.1.0
2015-04-30 23:44:43 -05:00
Matt Enlow
433956c102 Add post preview via uuid (/p/:uuid)
Refs #5097

- All drafts will show a preview link (this needs real css)
- Published posts will redirect
- prev/next post helpers only activate on published posts
- Powered by ~10 pints between the two of us (@ErisDS, @novaugust)
2015-04-30 11:57:37 +01:00
Hannah Wolfe
8d1e729f30 RSS Refactor with cache
refs #5091, refs #2263

- Move rss handling out of the frontend controller and into its own module
- Separate the code into logical blocks
- Wrap the generation code in a in-memory cache to prevent it being regenerated on every request
2015-04-10 21:32:14 +01:00
Hannah Wolfe
cb2f0c5dee Merge pull request #5056 from ianlopshire/master
url helper breaks subdomains
2015-04-02 22:08:23 +01:00
Katie Fenn
980b0a8610 Refactoring hard-coded frontend route keywords
closes #4519

- Added configurable route keywords
- Replaced instances of hard-coded keywords with config
- Added keywords to frontend tests stub config
2015-03-23 15:00:02 +00:00
Ian Lopshire
e74a329b8a Navigation menu support for subdomains of blog url
Closes #5033
- Added unit tests for the nav context of urlFor
- Fixed issue in the nav context of urlFor where subdomains of blog url were truncated
- Fixed issue in the nav context of urlFor where there was sometimes an extra preceding /
2015-03-22 00:40:55 -05:00
Hannah Wolfe
6cd696b332 Merge pull request #4820 from phated/file-storage
File storage
2015-03-20 08:55:19 +00:00
Blaine Bublitz
5c640e95f5 Initial implementation for custom storage engines
closes #4600
- implemented as suggested in #4600
- loads a custom storage defined in config from the /content/storage directory
2015-03-19 22:34:01 -07:00
Matt Enlow
61b86bf821 Merge pull request #5027 from felixrieseberg/iss4847
Replace fs.exists (deprecated) with fs.stat
2015-03-19 10:47:01 -06:00
Felix Rieseberg
0484eee6a5 Replace fs.exists (deprecated) with fs.stat
Closes #4847

- Replaces the deprecated fs.exists() with fs.stat(), in accordance with iojs & node.
2015-03-17 11:49:43 -07:00
Pascal Borreli
13838fff9d Fixed typos 2015-03-17 17:43:53 +00:00
Matt Enlow
58635b3e0a Serve files to core/built/assets/
- see core/client/lib/assets-delivery/index.js for how this is done
- Turn off ember-cli fingerprinting
- ember-cli 0.2.0; Update .npmignore
- Fallback to old version of ember-cli-sass due to lib-sass errors
- Keep ember-data at beta-14.1 until we find the dep that's breaking on snapshot.attr
- Fix release task to ignore blank lines in .npmignore
2015-03-12 15:59:02 -06:00
Matt Enlow
388a8dd3f0 Build assets with ember, and serve with ghost 2015-03-11 12:37:41 -06:00
Hannah Wolfe
b216677161 Accept mailto: links
refs #4989

- this allows users to enter mailto and output links via the navigation UI
- the navigation validation/cleanup needs a bit of a refactor to handle other kinds or URI, so leaving #4989 open for now
2015-03-09 13:06:26 +00:00
Hannah Wolfe
2450f18170 Make the {{navigation}} helper global
refs #4535

- Rather than storing navigation data as a top level key, store it as @blog.navigation
- Reference the global data from the helper
2015-02-28 12:53:00 +00:00
Hannah Wolfe
eaee9369e8 Don't pass external urls through createUrl
refs #4852, refs #4862, refs #4541

- fixes urlFor for the combination of an external url and a blog using a subdirectory
2015-02-12 23:09:12 +00:00
Marcos Ojeda
6f457768a2 Update urlFor to handle 'nav' contexts
needed for #4852
Before this, calling `{{url}}` with a nav context from #4541 would
output `/`. This adds a check in `urlFor` that looks for keys in a
nav context object, namely `slug`, `current`, `label`, & `url`.

This change allows for a url to pass through if used in a nav context.

* adds `schema.isNav()`
* adds tests to `url_spec.js`
* handles absolute urls correctly even if `absolute=true`
2015-01-31 09:29:53 -08:00
Jason Williams
6c1287c3a2 Allow socket permissions to be set from config
Closes #4478
2014-12-31 15:28:04 +00:00
Jason Williams
3ad68526cb Update pg package and convert data to correct type
No Issue
- Switch 'pg.js' package for 'pg' as the native bindings are
  now an optional add-on to pg and pg.js has been deprecated.
- pg@4.1.1
- Set the driver's parser to automatically convert integer data
  returned from postgres into a javascript integer.
2014-12-18 14:58:20 +00:00
cobbspur
cd5d87ddf2 Return computed url with post object
closes #4445

- post model gets permalink format
- post model queries urlPathForPost to return computed url
- url helper modified to use post url
- urlForPost method abolished and replaced where necessary
- updated tests
2014-12-10 17:23:02 +00:00
Hannah Wolfe
818085f18c Add XSL for Sitemaps
fixes #4555

- There's no easy way to declare an XSL with the node xml module, so I
  needed to move the declarations to both be strings
- Ideally the code to serve the XSL would also be inside the sitemap
  module, but I think we need to refactor a bit to get there easily
- Added the XSL from #4559, with minor amends to make the tables and urls
  display correctly
2014-12-04 09:38:09 +00:00
cobbspur
5f07f5503e Fix image helper for subdirectories
closes #4566

- Url created within urlFor with image context rather than calling createUrl function
2014-12-03 20:19:22 +00:00
cobbspur
edfa74f349 Move ugly debug to Settings Labs
closes #4534

- Adds new Labs route
- Wires route in settings page
- Move and rename debug templates and logic to labs
- Redirect /debug to settings/labs
2014-12-01 19:19:08 +00:00
Jason Williams
1d562c8914 Add Ghost version to config object.
No Issue
- Use Ghost version value that is already loaded instead of
  reading package.json from the filesystem and parsing it on
  every call into the configuration API.
2014-11-28 18:08:50 +00:00
Jason Williams
e499e5dda9 Fix invalid image helper URLs when using a subdir.
No Issue
- Strip sub-directory from image paths before passing to
  config.createUrl. Since images are stored with the sub-directory
  and createUrl builds a URL with the sub-directory the result
  would be a URL that contains the sub-directory twice.
2014-11-17 05:32:51 +00:00
Hannah Wolfe
67e33a65e8 Merge pull request #4317 from cobbspur/image
Created image helper with absolute url option
2014-11-03 15:21:35 +00:00
cobbspur
4a56d10c86 Created image helper with absolute url option
closes #4231

- Adds {{image}} helper
- Adds image_spec test unit
- Updated {{ghost_head}} to use image helper
2014-10-28 13:14:41 +02:00
Felix Rieseberg
c7ad09aace Enable :author as permalink option
Closes #3858
- urlPathForPost is now aware of the author’s slug, allowing for the
permalink setting to use :author
- Frontend controller only renders posts that have the specified
author, if one is given
- Extensive tests included
2014-10-25 18:15:24 -07:00
Hannah Wolfe
2c6d43a0c0 Refactor helpers & tests into individual files
no issue

- Split theme helpers into individual files for each
- Do the same for tests
- Have utils to share some things between them
- Move assetHash onto config
2014-10-14 22:52:40 +02:00
Gabor Javorszky
938b098329 Abstracting away the deprecatedItems
Closes #4189

* moved `deprecatedItems` from within the function to the default config object
* addes tests
2014-10-12 23:04:39 +01:00
Fabian Becker
55293d0d1e Abstract the allowed file types out of API
closes #1891
- Moves contentType and extension check to config
2014-09-26 13:31:23 +00:00
Gabor Javorszky
1f5a378b4c Deprecated mail.fromaddress, mail.from is Title <email@address>
Closes #4018

* cleaned up `mail_spec.js`
* deprecated `mail.fromaddress`
* implemented 'Blog title <email@address.com>' format with fallbacks
* added tests to deprecation and from address, made existing ones more robust
* moved domain intuit into its own module: `GhostMailer.getDomain()`
2014-09-23 09:33:20 +01:00
Gabor Javorszky
b3820fbb31 More robust deprecation check code
Closes #4082
* reformatted code to allow for traversal
* deeper config items should be denoted like this: `object.object.object.property`.
* added tests for testing the deprecation warnings
2014-09-23 09:33:20 +01:00
Fabian Becker
c9b0df752f Cleanup reserved words in generateSlug
closes #1889
- Adds a new filter for slugs
- Move slugs to config.slugs
2014-09-18 13:56:51 +02:00
Harry Wolff
469aaa398c Add jscs task to grunt file and clean up files to adhere to jscs rules.
resolves #1920

- updates all files to conform to style settings.
2014-09-17 21:44:29 -04:00
Hannah Wolfe
b7fdf7d872 Merge pull request #3947 from hswolff/goodbye-config-theme
Removes config.theme and restructures how theme variables are cached
2014-09-15 21:30:44 +01:00
Maurice Williams
3583515e44 adding config flags to control all items mentioned in PRIVACY.md
closes #3241
- in config.js, the `privacy` attribute holds all privacy-related flags
- `privacy.userTinfoil: true` disables everything (equivalent to setting all flags to false)
- added helper function to core/server/config/index.js to checking privacy flags
- added helper function to core/server/config/index.js to show warning about deprecated items
2014-09-13 12:04:01 -04:00
Harry Wolff
2bb1b14ebd Removes config.theme and restructures how theme variables are cached
resolves #1789

- removes config/theme.js
- moves caching of theme variables to api/settings.js which is where the
rest of the settings cache occurs.  this removes the requirement of having
to push changes to cache, now it simply occurs alongside when settings
are changed.
- updates relevant tests.
2014-09-02 23:15:15 -04:00
Harry Wolff
583c7970d9 Move config module to be instance based and merge bootstrap into config.
helps with #827, otherwise no issue

- This is general code clean-up and unification.
- Merges code from bootstrap.js into config module as they were both
concerned with managing the config file and as such should be in one
location.
- Updates all relevant tests.
2014-08-23 15:54:43 -04:00
Jason Williams
07ad400ee0 Replace the when promise library with bluebird.
Closes #968
2014-08-23 17:15:40 +00:00
Harry Wolff
be37070fb6 This aims to speed up both the ghost application and tests by
migration from usage of config() to just an object of config.

no relevant issue

- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing.  Its sole purpose is to make sure a `config.js`
 file exists, and as such the name now reflects that purpose.

- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules

- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.

- Fixes to tests to support new config access method

- Allow each test to still work when invoked invidually
2014-07-22 22:37:44 -04:00
Hannah Wolfe
b7aa09f439 Author helpers
closes #3077

- expend urlFor to handle /author/ urls
- update author helper to output a link
2014-07-20 17:57:59 +01:00
Harry Wolff
e3520feeec Move creation of knex instance to config module
addresses #2170
2014-07-10 08:00:24 -04:00
Fabian Becker
21a7e3ebb2 Fixes static pages when permalinks are active.
fixes #2938
- Fix `page === 1` occurences
- Fix ember logic
2014-06-13 01:00:18 +02:00
Hannah Wolfe
c02ebb0dcf Refactor API arguments
closes #2610, refs #2697

- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
  everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
  to perform reads, updates and deletes where possible - settings / themes
  may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-15 10:41:05 +01:00
Jacob Gable
298077582b ACL and strict rules for Settings API
Ref #2061

- Add canThis permission checks to settings api calls
- Add strict rules about accessing core settings without internal: true
- Omit core settings in browse() call unless internal: true
- Update unit tests to call api.settings with contexts
- Add a couple unit tests for new scenarios
- Update all api.settings calls in the app to call with internal context
- Re-arrange permissions.init in server startup so config.theme.update
can access settings without permissions error
2014-05-07 10:56:03 -05:00
Jason Williams
d0931aa455 Add location header to response when new object is created
closes #2635
- add new logic to the api request handler to set a location header
  when new objects are created
- added an api context to config.urlFor() to return the root url
- added functional tests for the affected routes
2014-05-04 14:52:01 +00:00
Jacob Gable
7e9880ce8d Settings API Primary Document refactor
Closes #2606

- Refactor settings api responses to { settings: [ ] } format
- Update all code using api.settings to handle new response format
- Update test stubs to return new format
- Update client site settings model to parse new format into one object of key/value pairs
- Refactor to include all setting values
- Remove unused settingsCollection method
- Update settingsCache to store all attributes
- Update settingsResult to send all attributes
- Remove unnecessary when() wraps
- Reject if editing a setting that doesn't exist
- Reject earlier if setting key is empty
- Update tests with new error messages
- Use setting.add instead of edit that was incorrectly adding
- Update importer to properly import activePlugins and installedPlugins
- Update expected setting result fields
- Fix a weird situation where hasOwnProperty didn't exist 🤷
2014-04-30 23:15:27 -05:00
Lev Gimelfarb
a013840503 Support for urlSSL config option and forceAdminSSL 403 response
closes #1838
- adding `forceAdminSSL: {redirect: true/false}` option to allow 403 over non-SSL rather than redirect
- adding `urlSSL` option to specify SSL variant of `url`
- using `urlSSL` when redirecting to SSL (forceAdminSSL), if specified
- dynamically patching `.url` property for view engine templates to use SSL variant over HTTPS connections (pass `.secure` property as view engine data)
- using `urlSSL` in a "reset password" email, if specified
- adding unit tests to test `forceAdminSSL` and `urlSSL` options
- created a unit test utility function to dynamically fork a new instance of Ghost during the test, with different configuration options
2014-04-27 17:01:49 -04:00
Harry Wolff
3e21940b18 Add promise to ghost startup process to allow
hooking into when ghost has finished loading

addresses item 9 in #2078
and makes progress on #2182

- has files that startup ghost return a promise
 that is resolved once ghost has finished loading
- moves getSocket into config file
- removes models.reset() as it's not used anywhere
- update functions in server startup
- remove unused version hash variable
2014-03-11 11:41:45 -04:00
Fabian Becker
1a9e91f120 Replace JSLint with JSHint.
closes #2277
- Added ES6 linting to core/client/
- Fix typeof array comparison
2014-03-04 15:47:39 +00:00
Jacob Gable
b4ea8bed61 Refactor require-tree to not share messages
- Pass in messages to each method so they are not shared
- Export each method for calling individually
- Update reference to default export of require-tree
- Add default values for messages if not passed in
2014-02-28 14:13:45 -06:00
Fabian Becker
1124d9e4c0 Helper updates for Tag Pages
fixes #2112
refs #1833

- modified config.urlFor to handle tag pages

- modified {{#tags}} handlebars helper to autolink to
  tag pages. Additional autolink="false" parameter can
  be used to deactivate autolinking

- modified url handlebars helper to handle tags

- added isTag function to schema

- added unit test for additional urlFor functionality

- added unit test for {{#tags}} helper modifications

- added unit test for url handlebards helper
2014-02-13 18:32:08 +01:00
Harry Wolff
9dd543231b Adds ability to pass in configFile path when loading
ghost as a npm module

- modifies main script file to allow it to
take in an options object that currently
supports an express instance or a config file path

- added tests
2014-02-08 10:41:15 -05:00
Harry Wolff
f16dc290b7 Improve bootstrap flow of a Ghost application
addresses #1789, #1364

- Moves ./core/server/loader -> ./core/bootstrap.
The bootstrap file is only accessed once during startup,
and it’s sole job is to ensure a config.js file exists
(creating one if it doesn’t) and then validates
the contents of the config file.

Since this is directly related to the initializing 
the application is is appropriate to have 
it in the ./core folder, named bootstrap as that
is what it does.

This also improves the dependency graph, as now
the bootstrap file require’s the ./core/server/config
module and is responsible for passing in the validated
config file.

Whereas before we had ./core/server/config
require’ing ./core/server/loader and running its
init code and then passing that value back to itself,
the flow is now more straight forward of
./core/bootstrap handling initialization and then
instatiation of config module

- Merges ./core/server/config/paths into 
./core/server/config
This flow was always confusing me to that some config
options were on the config object, and some were on
the paths object.

This change now incorporates all of the variables
previously defined in config/paths directly
into the config module, and in extension,
the config.js file.

This means that you now have the option of deciding
at startup where the content directory for ghost
should reside.

- broke out loader tests in config_spec to bootstrap_spec

- updated all relevant files to now use config().paths

- moved urlFor and urlForPost function into 
 ./server/config/url.js
2014-02-07 17:34:21 -05:00
John-David Dalton
6eab7b3f92 Replace underscore with lodash. 2014-02-06 14:08:34 +00:00
Hannah Wolfe
199a92d9cb Merge branch '0.4-maintenance'
Conflicts:
	core/server/config/paths.js
	core/test/unit/config_spec.js
2014-01-26 16:11:02 +00:00
John O'Nolan
7ebd104f3f Rename 'plugins' to 'apps'
Fixes #1988
2014-01-21 15:45:27 +07:00
Jason Williams
d7c3dbb17e Show message and don't start if javascript files have not been built
fixes #1782
- added builtFilesExist function to check for files during startup.
  If built files do not exist Ghost startup is stopped and a link
  to the documentation is displayed.
- exported a scriptFiles object from server/helpers.
- added a builtScriptPath to the paths module.
- removed "js-msg" about missing javascript from the UI.
2014-01-15 19:10:43 +00:00