Commit Graph

8900 Commits

Author SHA1 Message Date
kirrg001
95b5fb1c81 Fixed relative image paths for settings v2 admin api
refs #10363
2019-01-14 21:01:12 +01:00
Katharina Irrgang
56db4ddd75
🐛 Fixed API v2 Settings browse returns relative image path (#10370)
closes #10363
2019-01-14 20:36:41 +01:00
Katharina Irrgang
732f97a074
De-aliased api versions in codebase (#10375)
closes #10357
2019-01-14 19:49:55 +01:00
Naz Gargol
48d6e7298a
Refactored content-disposition header handling in API v2 (#10374)
closes https://github.com/TryGhost/Ghost/issues/10331

- Left only a filename part to be handled by controller configuration, the rest was extracted to more generic headers layer
2019-01-14 18:05:16 +00:00
Naz Gargol
ceeb78b85b
Fixed integration test errors caused by URL service reset (#10376)
no issue

- With df1ba8aee1 landing in master, there was an error introduced in integration tests, which was caused by URL service being reset at the same time as it was populating its cache.
2019-01-14 18:04:22 +00:00
Fabien O'Carroll
9837df0b6f
Added brute protection to content api (#10362)
* Revert "Removed brute force middleware form content api (#10353)"

This reverts commit 63c8c310fb.

* Updated content api spam prevention to use memory store

* Used TooManyRequestsError instead of InternalServer
2019-01-14 14:11:48 +01:00
Rishabh Garg
a7ba90dfa1
🐛 Fixed filtering of page attribute when fields query param is used (#10352)
closes #10351

- Updated filtering logic for `page` in output serialisers of post/page in v2
2019-01-11 22:26:34 +05:30
Naz Gargol
aa49f77504
🐛 Fixed url not being immediately available after post publish (#10361)
🐛  Fixed URL not being immediately available after post publish

closes https://github.com/TryGhost/Ghost/issues/10360

- This change makes sure posts and pages URLs are populated in
synchronous manner
- Further cleanup and restructuring of this hacky solution is planned to
be done in https://github.com/TryGhost/Ghost/issues/10360
2019-01-11 10:30:36 +00:00
Fabien O'Carroll
be4eb576e3 Version bump to 2.10.1 2019-01-09 12:27:01 +01:00
Fabien O'Carroll
249b935149 Updated Ghost-Admin to 2.10.1 2019-01-09 12:27:01 +01:00
Fabien O'Carroll
63c8c310fb
Removed brute force middleware form content api (#10353)
* Removed brute force middleware form content api

no-issue

This is just temporary

* Skipped brute test for content api
2019-01-09 11:38:03 +01:00
Nazar Gargol
dcaed2be3c Version bump to 2.10.0 2019-01-08 12:37:48 +00:00
Nazar Gargol
ed2f9180b7 Updated Ghost-Admin to 2.10.0 2019-01-08 12:37:48 +00:00
Nazar Gargol
f284f887cf Upgrading Casper to 2.9.1 2019-01-08 11:58:39 +00:00
Fabien O'Carroll
76bb40b7c0
Added clause in validation for include to not error (#10350)
* Added clause in validation for include to not error

refs #10337

Here we forgo erroring when an invalid property for include is sent, and
instead remove the invalid properties.

* Fixed authors test

* Fixed validators tests
2019-01-08 12:29:15 +01:00
Kevin Ansfield
3a923c597f Remove API readme file
no issue
- it has no useful information and the content is out of date
- API docs live at https://docs.ghost.org/api/
2019-01-08 10:05:05 +00:00
Hannah Wolfe
954ca8c48f Removed unused visiiblity fields from Content API
refs #10337

- Trying to make the API output as clean as possible,
- We can add these back later if we start using them
2019-01-08 10:00:27 +00:00
Fabien O'Carroll
935b0f6d49 🎨 Use unoptimised image when possible for dynamic images (#10314)
closes #10283 

Updated middleware for dynamic image sizes to attempt to read the unoptimized image first, taking into account the `-n` suffix for duplicate image names, by using a regex.
2019-01-08 10:00:15 +00:00
Naz Gargol
df1ba8aee1
Added ability to notify and update url service about changes in related resources (#10336)
refs https://github.com/TryGhost/Ghost/issues/10124

- This PR introduced additional db calls in URL service due to the need for a model recalculation (we can't rely on the objects that come with events)
2019-01-08 09:48:53 +00:00
Hannah Wolfe
da17b2c82b Settings API should return null instead of ""
refs #10345

- We are standardising on returning null from the Content API for any empty values
2019-01-07 15:02:24 +00:00
Fabien O'Carroll
9ce160df78
Added tests for content api brute force protection (#10344)
no-issue
2019-01-07 21:25:19 +07:00
Fabien O'Carroll
d5bf6dc1c8
Updated comment for globalBlock spam prevention (#10342)
no-issue

Just made it more clear it's not global across the entire api.
2019-01-07 20:21:26 +07:00
Fabien O'Carroll
5cecf0cd61
Added brute protection to content api (#10343)
* Added spam config for content api key

no-issue

* Created contentApiKey spam prevention method

* Added contentApiKey brute middleware

no-issue

This middleware attaches a listener for when the request has completed,
if the request ends with a successful response code, we reset any spam
prevention data for that ip.

* Added contentApiKey brute middleware to the content api

* Multipled maxWait by 24, to 24 hours
2019-01-07 20:03:46 +07:00
Naz Gargol
4177548a84
Migrated redirects controller to API v2 (#10053)
refs #9866

- Migrated redirect routes to use new redirect controller
2019-01-07 11:32:53 +00:00
Vikas Potluri
d3194c95f4 Updated pull request template (#10341)
no issue

- Prefer yarn over npm
- Add linting instructions
2019-01-07 11:19:56 +01:00
kirrg001
7e944506e9 Fixed listeners not being removed for test env
no issue

- i saw lot's of event listener warnings
2019-01-05 12:41:26 +01:00
kirrg001
5548bbb2c1 Removed post.status from Content API v2 response
refs #10335

- only used for the preview feature, which does not remove the status field
2019-01-05 12:11:27 +01:00
Katharina Irrgang
6b758bda79
Refactored routing config for multiple api versions (#10333)
refs #10124

- one clean v0.1 and v2 config file for routing!
- solves one underlying bug reported in #10124
- the alias handling was just a hotfix to support v2 for the site
- but it was hard to read, ugly
- now we have two clean configs
- we'll see how useful it is
- need to do proper manual testing on Monday
2019-01-04 21:59:39 +01:00
kirrg001
62a669ac01 Fixed lint
no issue

- 😃 ✌🏻
2019-01-04 21:04:29 +01:00
kirrg001
ec29cfa1da Fixed and extended debug logs in entry-lookup helper
no issue
2019-01-04 20:45:23 +01:00
kirrg001
5e9710cf60 Removed un-used "internal" property in TaxonomyRouter
no issue

- discovered while implementing https://github.com/TryGhost/Ghost/pull/10333
2019-01-04 20:32:54 +01:00
kirrg001
a69a2d814c Added @TODO to theme middleware
no issue
2019-01-04 20:30:17 +01:00
kirrg001
a8dc29e794 Reverted page and status not being returned from Content API v2
refs https://github.com/TryGhost/Ghost/issues/10335

- temporary till Monday!!
2019-01-04 20:18:11 +01:00
kirrg001
a46545f8ab Initialised settings service for integeration tests
no issue
2019-01-04 19:30:04 +01:00
Katharina Irrgang
30a0b1794a
Added calculated excerpt field to Content API v2 (#10326)
closes #10062

- return `post.excerpt` for Content API v2
- do not use `downsize`, because we might want to get rid of it if we drop v0.1 (downsize does not create good excerpts)
- simple substring of the plaintext field
2019-01-04 19:00:45 +01:00
Katharina Irrgang
6448c7bdc8
Fixed site using API v2 (#10332)
no issue

- See explanation: ef98c65040 (r31840536)
- that should not break anything, because resource consumption is based on resource type
- the alias pattern was only invented to make v2 work, it was a little dirty. i wanted to refactor that out anyway
2019-01-04 18:24:00 +01:00
Fabien O'Carroll
b6152684a8
Shortened content api key lengths (#10322)
* Lowered the min length for api keys to 26

* Updated ApiKey model to use shorter secrets for content keys
2019-01-04 19:39:54 +07:00
Hannah Wolfe
dd1cf5ffc7 Aliased {{@blog}} as {{@site}} in the theme API
- we're going to remove @blog in Ghost 3.0 in favour of @site
- @site is the theme-layer equivalent of the Content API settings endpoint
2019-01-04 12:17:32 +00:00
Hannah Wolfe
652e818cae Used settingsCache.getPublic() in theme middleware
- Use the new getPublic function which does the same thing as this code
- This removes the inclusion of the amp property, but this is undocumented and should not be there anyway!
- This also adds the ghost_head and ghost_foot property, which are public settings
2019-01-04 12:17:32 +00:00
Hannah Wolfe
5d977f23d4 Added Settings endpoint to V2 Content API
refs #10318

- This settings endpoint returns the commonly used, public information from our settings.
- The values are whitelisted each with a custom name for returning from the endpoint
2019-01-04 12:17:32 +00:00
Hannah Wolfe
80f9765a35 Removed deprecated settings
refs #10318

- cheap and dirty way of removing settings we don't use
- rewritten the settingsFilter function as that was unnecessarily complex
- aslo fixed the require of default-settings in the importer
2019-01-04 12:17:32 +00:00
Hannah Wolfe
ef98c65040
Clean v2 Content API (#10329)
* Removed unused fields from v2 Content API

- We want to ship the v2 Content API as clean and lean as we can
- Many fields in the DB aren't actually used, we shouldn't return these values
- Other values aren't useful outside of Admin clients, and shouldn't be returned either

Fields removed:
- tags: created_at, updated_at, parent
- authors: locale, accessibility, tour
- posts: locale, author status, page
2019-01-04 11:21:21 +00:00
Naz Gargol
d3f3b3dc20
Added plugin based author and public tag models in API v2 (#10284)
refs #10124

- Author model returns only users that have published non-page posts
- Added a public controller for tags (should be extracted to separate Content API controller https://github.com/TryGhost/Ghost/issues/10106)
- Made resource configuration dynamic based on current theme engine
- This needs a follow-up PR with fixes to the problems described in the PR
2019-01-03 20:30:35 +01:00
kirrg001
75037bcb28 Added some deprecation notes for x_by fields
closes #10286

- we will come up with a new activity stream/actions concept soon
2019-01-03 17:14:52 +01:00
kirrg001
789a3c0715 Removed x_by fields from API v2 response
refs #10286

- v2 no longer exposes x_by fields (published_by, updated_by, created_by)
- we will add a brand new concept called activity stream/actions soon
2019-01-03 16:38:52 +01:00
kirrg001
254a460462 Refactored expected API properties
no issue

- we need to maintain the expected properties per API version
- each API version can return a different result
- move the expected properties to the local utility and call global test helper
2019-01-03 16:38:52 +01:00
Fabien O'Carroll
0f32209e65
🐛 Fixed responsive images for gifs & svgs (#10315)
closes #10301

* Redirected to original image for gifs & svgs

* Created canTransformFileExtension method

* Updated image middlewares to use canTransformFileExtension
2019-01-03 16:28:37 +07:00
Kevin Ansfield
26d567b948 Fixed high CPU usage of grunt dev
no issue
- exclude the `core/server/lib/members/static/auth` from the express reload watch task as it contains a large `node_modules` directory which caused `grunt-contrib-watch` to peg the CPU
- the directory only relates to static client-side files which do not require a server restart on change and ivereload is handled via the separate `preact watch` shell task
2019-01-02 13:30:37 +00:00
Nazar Gargol
6797da599b Added functional test for import endpoint in API v2
no issue

- This change is a follow up to this bugfix https://github.com/TryGhost/Ghost/pull/10299
- Added default export JSON to keep the state of db test suite intact
- Small typo fixe that noticed while debugging
2019-01-02 14:10:25 +01:00
Hannah Wolfe
8d6def159a Reworked ghost_head tests as unit tests
- Removed dependency on the database
- We should not have integration tests for this kind of code

- Note: had to fix rss url tests as sandbox wasn't restored afterwards
2019-01-02 09:51:38 +00:00