Commit Graph

65 Commits

Author SHA1 Message Date
Nazar Gargol
c58e03a359 Added stricter validation for post.authors
refs #10438

- By stripping relational fields, it allows to remove redundant code in post input serializer
2019-02-15 12:19:49 +00:00
Katharina Irrgang
40f359a238 🐛 Fixed night mode when using API v2 (#10499)
no issue
2019-02-15 12:15:37 +00:00
Fabien O'Carroll
9dd7aff9c6
Updated Content API to use members plans to determine permission (#10483)
no-issue


* Refactored hideMembersOnlyContent to 3 "stages"
* Exported paymentConfigured flag from members service
* Updated Content-API to check members service for paymentConfigured
* Updated members content output serializer to remove content if plan required and no plan
* Updated isContentAPI method
* Moved api util test
2019-02-14 18:17:02 +01:00
kirrg001
f8b62a063b Removed more unused fields from Admin API v2 response
refs #10438

- these fields are not used
- no need to expose them in v2
- we will either remove them in the next major or use them for new features (will see)
2019-02-13 11:42:08 +01:00
kirrg001
36547a9c3a Removed ghost_auth_id from Admin API v2 response
refs #10438

- unused field
- no need to expose this field
2019-02-12 23:36:42 +01:00
kirrg001
db148e653f Removed tag.parent from Admin API v2 response
refs #10438

- this is an unused field
- no need to expose this field
- if we start working on nested tags, this field might become interesting/used
2019-02-12 19:26:31 +01:00
Nazar Gargol
d0d299285c Fixed tests for post input serialization
refs #10472

- Moved config related variable into function scope, so it can be reset by unit tests
- e47d1e275f broke the build and is being fixed by this commit
2019-02-12 12:04:18 +00:00
Nazar Gargol
e47d1e275f Fixed image URL to be stored as relative in mobiledoc
refs #10477
closes #10472

- Adds transformation for any asset absolute URL's into relative used in mobiledoc
2019-02-11 19:20:16 +00:00
kirrg001
2fd4cbb93b Added v2 actions endpoint
refs #10431

- added v2 endpoint with browse permissions
- context.integration was never accessible in the model layer
  - why? https://github.com/TryGhost/Ghost/issues/10099
2019-02-06 21:36:09 +01:00
kirrg001
93092c8f20 Removed author from Admin API v2 output
refs #10438

- single author is deprecated and get's completely dropped in v3
2019-01-31 16:27:56 +01:00
Nazar Gargol
a463a56971 Changed path returned for uploads to absolute
refs #10438

- This change affects all /uploads/* and /images/* endpoints in Admin API
2019-01-31 15:02:33 +00:00
kirrg001
eafbaaeba5 Added v2 theme controller
refs #10060
2019-01-30 19:45:02 +01:00
Rishabh Garg
8fd4b3f09f
Added new admin API for members (#10435)
no issue

- Added read and browse admin API for members
2019-01-30 17:06:09 +05:30
Nazar Gargol
bc90b8ec27 🐛 Fixed plaintext attribute error when it is empty
refs #10388

- Issue was caused by migration of empty strings to null 0edacf3fc1
2019-01-29 12:12:10 +00:00
Nazar Gargol
6318b65cab Changed context.api_key_id to an object containing key type information
refs #9865

- Changed id passed for api_key to an object to be able to differenciate between admin and content api requests
- Added integration id to frame context
- Small refactoring of frame context initialization
2019-01-24 17:22:58 +00:00
Nazar Gargol
5fbad09a56 Modified Admin API key output format
refs #9865

- Changed key format to {id}:{secret} so API consumer only has to worry about copying a single value during setup
- Updated key expiration time in getValidAdminToken test helper to match server side expiration check
2019-01-23 17:18:50 +00:00
Nazar Gargol
c3e22b6ab9 🐛 Fixed forced page filter not being respected in Content API
closes https://github.com/TryGhost/Ghost/issues/10395, https://github.com/TryGhost/Ghost/issues/10390

- The grouping was introduced due to a flasy conjunction of last filter in 'or' group with enforced page filter, due to this the rest of filters in the 'or' group were bypassed
- Additional grouping added here increases the possiblity of https://github.com/NexesJS/NQL-Lang/issues/7 bug happening
2019-01-21 13:26:45 +00:00
Rishabh Garg
9d9690987a
🐛 Updated v2 content API output to return null instead of “” for empty fields (#10378)
refs #10345

- We are standardising on returning null from the Content API for any empty values
- Updated `post`, `tag` and `author` APIs
2019-01-15 17:58:51 +05:30
Naz Gargol
1a4497fc9a
🐛 Fixed default resource ordering in Content API (#10371)
refs https://github.com/TryGhost/Ghost/issues/10354

- Added ordering on input serialization layer for posts, pages, tags, and authors
- At the moment ordering is dependent on DB engine which will be resolved with https://github.com/TryGhost/Ghost/issues/6104
2019-01-15 12:21:04 +00:00
Katharina Irrgang
3924acd152
🗑Deprecated ghost_head & ghost_foot in favour of codeinjection_* for Settings API v2 (#10380)
closes #10373

- ghost_head & ghost_foot are deprecated from now on
- we want to remove them in v3
- this short fix is dirty (!)
- we return codeinjection_* for admin & content api
- this is a consistentency change e.g. posts return `post.codeinjection_*`
- need to raise a decoupling refactoring issue for the code comments
2019-01-15 13:03:17 +01:00
kirrg001
95b5fb1c81 Fixed relative image paths for settings v2 admin api
refs #10363
2019-01-14 21:01:12 +01:00
Katharina Irrgang
56db4ddd75
🐛 Fixed API v2 Settings browse returns relative image path (#10370)
closes #10363
2019-01-14 20:36:41 +01:00
Rishabh Garg
a7ba90dfa1
🐛 Fixed filtering of page attribute when fields query param is used (#10352)
closes #10351

- Updated filtering logic for `page` in output serialisers of post/page in v2
2019-01-11 22:26:34 +05:30
Hannah Wolfe
954ca8c48f Removed unused visiiblity fields from Content API
refs #10337

- Trying to make the API output as clean as possible,
- We can add these back later if we start using them
2019-01-08 10:00:27 +00:00
Naz Gargol
4177548a84
Migrated redirects controller to API v2 (#10053)
refs #9866

- Migrated redirect routes to use new redirect controller
2019-01-07 11:32:53 +00:00
kirrg001
5548bbb2c1 Removed post.status from Content API v2 response
refs #10335

- only used for the preview feature, which does not remove the status field
2019-01-05 12:11:27 +01:00
kirrg001
a8dc29e794 Reverted page and status not being returned from Content API v2
refs https://github.com/TryGhost/Ghost/issues/10335

- temporary till Monday!!
2019-01-04 20:18:11 +01:00
Katharina Irrgang
30a0b1794a
Added calculated excerpt field to Content API v2 (#10326)
closes #10062

- return `post.excerpt` for Content API v2
- do not use `downsize`, because we might want to get rid of it if we drop v0.1 (downsize does not create good excerpts)
- simple substring of the plaintext field
2019-01-04 19:00:45 +01:00
Hannah Wolfe
5d977f23d4 Added Settings endpoint to V2 Content API
refs #10318

- This settings endpoint returns the commonly used, public information from our settings.
- The values are whitelisted each with a custom name for returning from the endpoint
2019-01-04 12:17:32 +00:00
Hannah Wolfe
80f9765a35 Removed deprecated settings
refs #10318

- cheap and dirty way of removing settings we don't use
- rewritten the settingsFilter function as that was unnecessarily complex
- aslo fixed the require of default-settings in the importer
2019-01-04 12:17:32 +00:00
Hannah Wolfe
ef98c65040
Clean v2 Content API (#10329)
* Removed unused fields from v2 Content API

- We want to ship the v2 Content API as clean and lean as we can
- Many fields in the DB aren't actually used, we shouldn't return these values
- Other values aren't useful outside of Admin clients, and shouldn't be returned either

Fields removed:
- tags: created_at, updated_at, parent
- authors: locale, accessibility, tour
- posts: locale, author status, page
2019-01-04 11:21:21 +00:00
kirrg001
789a3c0715 Removed x_by fields from API v2 response
refs #10286

- v2 no longer exposes x_by fields (published_by, updated_by, created_by)
- we will add a brand new concept called activity stream/actions soon
2019-01-03 16:38:52 +01:00
Nazar Gargol
6797da599b Added functional test for import endpoint in API v2
no issue

- This change is a follow up to this bugfix https://github.com/TryGhost/Ghost/pull/10299
- Added default export JSON to keep the state of db test suite intact
- Small typo fixe that noticed while debugging
2019-01-02 14:10:25 +01:00
Naz Gargol
aa8e75914d
Migrated db controller to API v2 (#10051)
refs #9866

- Migrated db import/export routes to use new db controller
2018-12-17 14:45:09 +01:00
Katharina Irrgang
9d7c3bd726
🐛 Fixed all known filter limitations (#10159)
refs #10105, closes #10108, closes https://github.com/TryGhost/Ghost/issues/9950, refs https://github.com/TryGhost/Ghost/issues/9923, refs https://github.com/TryGhost/Ghost/issues/9916, refs https://github.com/TryGhost/Ghost/issues/9574, refs https://github.com/TryGhost/Ghost/issues/6345, refs https://github.com/TryGhost/Ghost/issues/6309, refs https://github.com/TryGhost/Ghost/issues/6158, refs https://github.com/TryGhost/GQL/issues/16

- removed GQL dependency
- replaced GQL with our brand new NQL implementation
- fixed all known filter limitations
- GQL suffered from some underlying filter bugs, which NQL tried to fix
- the bugs were mostly in how we query the database for relation filtering
- the underlying problem was caused by a too simple implementation of querying the relations
- mongo-knex has implemented a more robust and complex filtering mechanism for relations
- replaced logic in our bookshelf filter plugin
- we pass the custom, default and override filters from Ghost to NQL, which then are getting parsed and merged into a mongo JSON object. The mongo JSON is getting attached by mongo-knex.

NQL: https://github.com/NexesJS/NQL
mongo-knex: https://github.com/NexesJS/mongo-knex
2018-12-11 11:53:40 +01:00
Rishabh Garg
bf295a96a8
Added configuration controller to v2 API (#10056)
refs #10060
2018-12-04 09:27:36 +05:30
Fabien O'Carroll
95ba6a55ec
Checked options.include when filtering tags (#10163)
no-issue
2018-11-14 17:54:15 +07:00
Rishabh Garg
b2201d4179 Removed formats from private posts in content api (#10154)
closes #10118

All behind a members labs switch for now

* Added filter for member only content

* Updated frame context

* Cleaned up members content check

* Cleanup

* Cleanup

* Ensured members filtering works without include=tags

* Protected against missing query

* Fixed usage of include vs withRelated

* Moved includeTags logic for members behind members flag to use tags

* Cleanup

* Update input serializer dependency

Co-Authored-By: rishabhgrg <zrishabhgarg@gmail.com>

* Added some explanations
2018-11-14 14:32:14 +07:00
Katharina Irrgang
ff6bf5f318 Renamed /users to /authors for Content API V2 (#10096)
refs #10061

- Made /authors endpoint available in Content API V2
2018-11-07 15:29:37 +01:00
Naz Gargol
ec03b3cfc5
Content API v2 date formatting (#10095)
closes #10065 

- Added UTC offset to dates returned by Content API
- Added test checking new format is compatible with Admin API
- Refactored output serializer mapping logic
2018-11-06 16:12:12 +01:00
Rishabh Garg
7b38986316 Removed mobiledoc format from Content API V2 response (#10098)
closes #10097

- removed formats `mobiledoc` option directly in post input serializer for v2 Content API
2018-11-06 14:39:16 +01:00
kirrg001
22911b5812 Fixed frame context being empty
no issue
2018-11-06 14:44:06 +05:30
Katharina Irrgang
1b9c61eed1
Returned relative paths in html for Content API V2 by default (#10091)
refs #10083

- you can send `?absolute_urls=true` and Ghost will also transform the paths in the content (this is optional/conditional)
2018-11-05 18:07:45 +01:00
Rishabh Garg
94b3735c6e Added oembed controller to v2 api (#10057)
refs #9866

- Added oembed controller to v2 API
2018-11-02 09:32:26 +01:00
kirrg001
99a2f3ba3a Fixed read pages with user access
refs #9866

- we still serve pages via /posts with user access
- we only differentiate this behaviour for the content api
2018-10-19 10:54:05 +02:00
kirrg001
759c25d03e Fixed read posts/pages for v2
refs #9866

- read does not support `filter`
2018-10-19 10:40:47 +02:00
kirrg001
e302be2749 Changed preview controller to support v0.1 and v2
refs #9866

- invent preview api, but only used internally
  - the idea of a preview api is definitiely reaslistic and came up in the past a couple of times
- by that we don't have to differentiate between pages or posts controller
- still support v0.1
- preview controller is not registered for http, only internal handling
2018-10-18 19:41:07 +02:00
Fabien O'Carroll
17feb14e4a Added HTTP BREAD for integrations resource (#9985)
refs #9865

* Added generic messaging for resource not found
* Ensured integration model uses transaction for writes
* Created POST /integrations endpoint
* Created GET /integrations/:id endpoint
* Created GET /integrations endpoint
* Created PUT /integrations/:id endpoint
* Created DELETE /integrations/:id endpoint
2018-10-18 14:03:56 +01:00
Rishabh Garg
915d5612a1 🐛 Fixed relative image URLs becoming absolute URLs on save (#10025)
closes #10024

- Updated input serializers for posts/tags/users to handle absolute urls conversion

-------
1. Ghost stores relative images urls
2. API V2 returns images with absolute urls
3. Ghost-Admin sends absolute urls back on any save e.g. update user

**Current behavior**: This will override the relative image path in db to absolute, which in turn won't get updated in future if domain or protocol changes for e.g.
**Fix**: On save/update, input serializers converts any absolute image url paths back to relative if the base URL from image fields matches the configured URL
2018-10-18 12:18:47 +01:00
Nazar Gargol
d582c06eee Optimized usage of urls in API v2
refs #9866

- Extracted url decoration logic to utility in output serializers in posts, pages, users, and tags
- Added test cases for url usage by child object (tags of posts)
2018-10-16 13:02:04 +02:00