Commit Graph

517 Commits

Author SHA1 Message Date
Hannah Wolfe
c1290d77a6 Merge pull request #1954 from ErisDS/issue-1498
Adding case-insensitive User.getByEmail method
2014-01-15 05:57:58 -08:00
Sebastian Gierlinger
03cbc89a53 Fix posts.html and posts.markdown field type
closes #1947
- added fieldtype: medium for posts.html
- changed fieldtype: medium for posts.markdown
- added method to fix databases created with wrong field type
- added tests for database version 002
2014-01-15 14:29:23 +01:00
Hannah Wolfe
6098b83152 Adding case-insensitive User.getByEmail method
fixes #1498

- emails are no longer converted to lowercase, local mailbox can validly
  be mixed case
- getByEmail uses JS to compare emails to ensure we can support unicode
- tests that users can be retrieved by their email address with case
  insensitivity
2014-01-15 10:39:40 +00:00
Hannah Wolfe
c8917cab4d Error message updates
no issue

- couple of tweaks to the messaging of non-fatal errors that can be output when running Ghost
2014-01-12 21:49:24 +00:00
Hannah Wolfe
9f0dea0559 Minor fixes to asset helper and tests
no issue

- asset helper ignores it if theme devs specify the asset dir
- asset helper strips leading slashes
- static asset tests were wrong
2014-01-12 21:48:34 +00:00
Hannah Wolfe
3dea6431df Ensure cookies are only ever set for admin
fixes #1901

- Adds a trailing slash to the cookie path
- Resolves random log-outs
- Adds a test which proves the case
2014-01-12 17:08:48 +00:00
Hannah Wolfe
d6f4312255 Improve errors on image upload 2014-01-11 13:40:21 +00:00
Matt Florence
d1b265be4a Shims for deleted (refactored away) files
closes #1873.
During file system merge upgrades of new releases, old files are not removed and node's require loads the old file instead of all the new ones in the new directory. The files in this commit act as a delegate for all other dependent scripts. These shim files explicitly require the new index.js.
2014-01-09 09:21:09 -06:00
nicovalencia
e8746a2375 Add rss to the list of reserved post titles/slugs.
closes #1880
- added `rss` to core/server/models `generateSlug` reserved keywords
- added integration test for safe slug generation to core/test/integration/model/model_posts_spec.js
2014-01-07 17:30:53 -07:00
Jakob Gillich
f8299ed769 Fix TypeError due to missing mail config 2014-01-07 22:35:22 +01:00
Hannah Wolfe
7a5e5d7f1f Merge pull request #1877 from JohnONolan/old-todos
Get rid of old todos
2014-01-07 10:53:35 -08:00
Hannah Wolfe
bbcabcb849 Merge pull request #1876 from JohnONolan/comment-tweak
Amended comment
2014-01-07 10:53:03 -08:00
Hannah Wolfe
03a8200fa0 Merge pull request #1875 from wangsai/fix-date
fix missused Date obj
2014-01-07 10:52:41 -08:00
John O'Nolan
c8bc6fe7bf Get rid of old todos
Cause they’re already fucking done
2014-01-07 19:20:16 +01:00
John O'Nolan
983002cf79 Amended comment
Swearing in code is fine, but let’s be fucking inclusive about it.
2014-01-07 19:13:32 +01:00
WangSai
dbc1247508 fix missused Date obj 2014-01-08 01:19:14 +08:00
Sebastian Gierlinger
89da402710 Fix command line error
closes #1871
- added check for mailConfig
2014-01-07 22:30:23 +08:00
Hannah Wolfe
b64511acf3 Merge pull request #1839 from hswolff/1351-post-settings-ux
New Post UX behaviour.
2014-01-07 02:00:14 -08:00
Hannah Wolfe
dcf4b1e4e4 Add update notifications
closes #1464

- adds opt-out via updateCheck:false in config.js
- update check is done on admin index, but doesn't interfere with rendering
- adds update check module, which gets the usage data, makes the request and handles the response
- adds two new settings to default-settings, one for next check time, and one for whether to show the notification
- adds a new rejectError method to errorHandling
- adds a new helper for displaying the notification

Conflicts:
	core/server/helpers/index.js
	core/test/unit/server_helpers_index_spec.js
2014-01-07 08:20:08 +00:00
Harry Wolff
a1f64d2f1f Extending halfdan’s work for UX settings improvements
#1351

- prevent a new post (not saved on server) from
updating its slug/date to the server

- fix jshint

- add back creation of a posts slug upon a post creation

- update for rebasing

- hide ability to ‘delete this post’ from post settings
menu when a post hasn’t yet been saved to the server
2014-01-06 21:33:24 -05:00
Fabian Becker
11c8d234f7 New Post UX behaviour.
refs #1351
- Make generateSlug a static method on base model
- Change client behaviour (unfinished)
- Add new getSlug API method
2014-01-06 21:05:17 -05:00
Sebastian Gierlinger
6220bd19f5 Use ajax for import
closes #1854
- added blueimp file upload to debug.js
- changed POST /ghost/api/v0.1/db to be used with AJAX
- cache invalidation header should now work for import
- moved busboy middleware invocation to routes/api and routes/admin
- moved api.db.import to api.db.importContent (I hated the [] notation)
- moved api.db.export to api.db.exportContent (see above)
2014-01-06 22:55:43 +00:00
Hannah Wolfe
f17b320a7b ghost-busboy improvements
- use hex instead of base64 as this can cause errors when trying to reopen the file due to characters like '/' appearing
- added basic console log to errors.
2014-01-06 22:39:03 +00:00
Hannah Wolfe
63521e1ce8 Merge pull request #1861 from pogoapp/fix_pg_table_scan
fix table scan for pg migrations
2014-01-06 13:37:16 -08:00
Hannah Wolfe
3f9b0fa618 Disable xss santization
issue #1378
fixes #1328

- xss santization does some odd things. This isn't needed until we have multi-user support, and we are investigating better solutions.
2014-01-06 20:17:20 +00:00
Paul
b90752114e fix table scan for pg migrations 2014-01-06 16:32:20 -03:00
Sean Hellwig
1640d9bc35 Unique filenames for tmp files in ghost-busboy
fixes #1843

- uses a timestamp and an md5 hash of the filename for the tmp file
  instead of the user-provided filename
2014-01-06 16:03:29 +00:00
Hannah Wolfe
af6137248d New URL helper - URL consistency fixes
fixes #1765
fixes #1811
issue #1833

New UrlFor functions

- moved body of url helper to config.path.urlFor, which can generate a URL for various scenarios
- urlFor can take a string (name) or object (relativeUrl: '/') as the first
  argument - this is the first step towards issue #1833
- also added config.path.urlForPost which is async and handles getting
  permalink setting
- frontend controller, ghost_head helper, cache invalidation all now use
  urlFor or urlForPost all urls should be correct and consistent

URL Consistency Improvements

- refactored invalidateCache into cacheInvalidationHeader which returns a
  promise so that url can be generated properly by urlForPost
- moved isPost from models to schema, and refactored schema to have a tables object
- deleted posts now return the whole object, not just id and slug,
  ensuring cache invalidation header can be set on delete
- frontend controller rss and archive page redirects work properly with subdirectory
- removes {{url}} helper from admin and client, and replaced with adminUrl
  helper which also uses urlFor
- in res.locals ghostRoot becomes relativeUrl, and path is removed
2014-01-06 15:15:48 +00:00
Hannah Wolfe
28f7a7d12d Merge pull request #1849 from gimelfarb/fix-1801-pg-404
Fixing 404 on page view when using PostgreSQL
2014-01-05 13:09:43 -08:00
Lev Gimelfarb
a0ace7a324 Fixing 404 on page view when using PostgreSQL
closes #1801
- adding fixBools method to `server/models/base.js` to convert bools to 1/0 to be consistent with MySQL & sqlite3 data providers (based on @ErisDS recommendation)
- this in turn fixes the check in `server/controllers/frontend.js`, which does an explicit `post.page === 0` comparison (in pgsql this is a `boolean`, since the schema declares it as "bool" in `server/data/schema.js`, but MySQL/sqlite3 don't have concept of Boolean, only an integer or bit)
- any model retrieved from persistence will pass through this (possible future refactoring is to combine fixBools & fixDates into one "canonicalize()" to have a single loop pass)
2014-01-05 10:10:43 -05:00
Harry Wolff
09b64c82df Remove successful login connections from the auth
throttle list

- once a user has successfully logged into ghost
they no longer are a malicious user and as such
their IP address should be removed from the
array of login attempts

- should also reduce the memory usage of Ghost
as the loginSecurity array gets pruned upon
every successful login

- this also fixes a race condition i was experiencing
during functional tests wherein i would receive
the login throttle message during regular testing.
Seems my machine is able to run casper fast enough
that it could complete each test under an amount
of time that tripped the login throttle message.
2014-01-04 21:52:54 -05:00
Hannah Wolfe
d51e63c7b7 Merge pull request #1840 from hswolff/fix-content-helper
Fix {{content words=“0”}} to actually return 0 words
2014-01-04 08:45:26 -08:00
Hannah Wolfe
9f17361bf5 Merge pull request #1831 from schneidmaster/fix-1827
Added handling for undefined errors and test coverage
2014-01-04 08:42:02 -08:00
Harry Wolff
0a2c8248b9 Fix {{content words=“0”}} to actually return 0 words
fixes #1796

- adds in a workaround to the weirdness that currently
exists in downsize module
- adds tests
2014-01-04 00:30:52 -05:00
Harry Wolff
ab80a132f3 Adds ability to quickly get to post’s edit page
fixes #1810

- updates frontend.single route to accept ‘edit’
as the last param

- updates controller.frontend to handle redirection
only when we would otherwise have rendered the page

- added unit tests for this behavior
2014-01-03 18:16:00 -05:00
Zach Schneider
044af51267 Added handling for undefined errors and test coverage
Fixes #1827
2014-01-03 15:07:08 -05:00
Hannah Wolfe
495b7b7f05 Error handling simplification & test improvements
fixes #1266

- simplifies the check for if a theme has an error template
- adds more / better tests for error handling
2014-01-02 21:03:37 +00:00
Hannah Wolfe
73275d760f Move config path.update to config.load
issue #1789

- we can do this step a bit earlier and it aids with neatness
- also means for tests that config.load() is enough to get config & paths initialised
2014-01-02 20:29:49 +00:00
Hannah Wolfe
b955f13cc7 Merge pull request #1798 from ErisDS/cache-control
Cache control headers & query string asset management
2014-01-02 12:20:47 -08:00
Hannah Wolfe
1925fa0196 Cache control headers & query string asset management
closes #1470
issue #1405

- added cache control middleware
- added defaults for all routes, assets, etc
- updated asset helper to add a query string with a timestamp hash to all assets
- added unit tests for asset and ghostScriptTags helpers
- added cache-control checks to route tests
2014-01-02 12:14:33 +00:00
Hannah Wolfe
4bac1e3672 Fix gravatar retrieval
fixes #1778

- use http for initial request, store url with no schema
2014-01-01 18:10:55 +00:00
Hannah Wolfe
834cb73613 Date permalinks use published date
fixes #1803

- switches date permalinks from created_at to published_at
- enforces that the post will ONLY render if the date is valid and correct
2014-01-01 15:28:59 +00:00
Hannah Wolfe
a2a606a920 Functional test debugging & improvements
issue #1702
2014-01-01 14:52:49 +00:00
Hannah Wolfe
bfe80da54a Enforce 2-digit dates in permalinks
fixes #1800

- changed permalink regex to require 4/2/2/slug
- changed url helper to enforce the same
- changed permalink toggle to set a specific state, this means the
  functional tests are independent again
- chnaged permalink toggle to wait for the settings page to load
- change as many frontend tests to not login as possible
2014-01-01 11:39:19 +00:00
Hannah Wolfe
c7c73ef7d9 Merge pull request #1797 from tomgillett/socket-permissions
Changed socket permissions
2013-12-31 12:50:34 -08:00
Tom Gillett
ba1047b938 Switched Socket permissions to 660.
This adds write permissions for groups and is
more security conscious globally.
2013-12-31 20:09:36 +00:00
Hannah Wolfe
5ef399faee Merge pull request #1790 from ErisDS/issue-1776
Ensure that RSS doesn't 404 when there is no user
2013-12-31 03:03:05 -08:00
Harry Wolff
91ca4a43e5 Fix routing of posts and static pages
closes #1757 and #1773

- switches routes.frontend for posts and pages
to use a regex with two capturing groups.  This removes
the need to dynamically remove an express route at a
later point, leaving the decision making to frontend
controller.

- added unit tests for all routing conditions that 
can arise for posts and pages.

- updated functional tests to also test for same thing
in unit tests

- removes old code from server/api/index that used
to fix this issue, but is no longer needed

- removed some un-needed require statements in routes/admin
2013-12-30 02:04:46 -05:00
Hannah Wolfe
e2325dc969 Don't allow a subdirectory called Ghost
fixes #1755

- adds extra validation to config loader
- adds tests for config loader and validation
2013-12-30 01:04:29 +00:00
Hannah Wolfe
7f1609ee78 Ensure that RSS doesn't 404 when there is no user
fixes #1776

- could really do with adding a test for this
2013-12-30 01:03:30 +00:00