Commit Graph

2229 Commits

Author SHA1 Message Date
Maurice Williams
de1dc4d0d0 Removing "author" role-label
closes #3427
- adding conditional statement to now display users with role "author"
2014-07-29 01:50:34 -04:00
Maurice Williams
e30e29bf5d Implementing HTML emails
closes #3082
- no more in-line HTML strings
- adding files for "welcome", "reset password", and "invite user" emails
- added mail.generateContent() to create HTML and plain-text email content
- refactored methods that trigger emails to send both HTML and plain-text emails
2014-07-29 00:55:14 -04:00
Hannah Wolfe
9343bccb1f Merge pull request #3437 from morficus/issue-3433
Error when inviting users
2014-07-29 05:36:28 +01:00
Maurice Williams
e15fb9ed57 Error when inviting users
fixes #3433
- passing only the role ID when creating a user
- uncommenting test cases
2014-07-29 00:06:40 -04:00
Hannah Wolfe
e8bb8e2c11 Merge pull request #3435 from jaswilli/issue-3133
Preserve order of tags as entered by the user.
2014-07-29 04:36:25 +01:00
Hannah Wolfe
37399b30db Merge pull request #3430 from sebgie/refresh-token-expiry
Change refresh token expiry
2014-07-29 04:19:46 +01:00
Hannah Wolfe
407133df27 Merge pull request #3434 from gleneivey/3431-run-with-latest-casperjs
Change casperjs helper used to get RSS page content.
2014-07-29 04:18:51 +01:00
Jason Williams
7a7138e534 Preserve order of tags as entered by the user.
Closes #3133
- Implement an ordered set for the tags property of the tag
  input controller.  Set order is by order added to the post.
2014-07-29 02:16:21 +00:00
Sebastian Gierlinger
b3112a4349 Reset/Signin while signed in
no issue
- added redirect and notification to reset route
- added notification to signup route
2014-07-28 18:00:08 +02:00
Glen E. Ivey
8826d4e663 Change casperjs helper used to get RSS page content.
closes #3431
- change feed_test.js to call casperjs getHTML() instead of
  getPageContent(), because the latter now strips markup

Alternative fix would be to use .page.frameContent directly
instead of using a casperjs wrapper.

Change runs cleanly on Travis (old casperjs tag) and locally
in the Ghost-Vagrant setup with both the old casperjs tag
and the current HEAD SHA (29bbd03f7cdc9fc1e70f0fe1400635dd7d3537ad)
2014-07-28 07:58:24 -07:00
Sebastian Gierlinger
e1c0c5ce98 Change refresh token expiry
no issue
- acquiring a new access token using a refresh token sets the
expiration time of the refresh token to now + 24 hrs.
- moved all occurrences of ONE_HOUR, ONE_DAY and ONE_YEAR to
`core/server/utils`
2014-07-28 15:19:49 +02:00
Sebastian Gierlinger
cc471aedcb Merge pull request #3395 from ErisDS/issue-3096
User Permissions: Edit, Add, Destroy & Role management
2014-07-28 12:04:07 +02:00
Hannah Wolfe
6adc6efb3b Merge pull request #3423 from jaswilli/issue-3403
Add a mixin for saving a subset of a model.
2014-07-28 09:49:19 +01:00
Hannah Wolfe
64766de8d6 Merge pull request #3422 from sebgie/issue#3177
Hide Access Token
2014-07-28 09:18:42 +01:00
Hannah Wolfe
987e9277dc User edit, add & destroy perms restricted by role
closes #3096, closes #3378, refs #3100

- user.permissible updated to reflect proper permissions
- small amount of API refactoring to handle extra cases
- extensive integration testing
2014-07-28 08:32:04 +01:00
Hannah Wolfe
7714dc6ab1 Adding role API tests & fixing browse
refs #3083, refs #3196
2014-07-28 07:22:06 +01:00
Hannah Wolfe
e7dc51dc66 Improving error handling 2014-07-28 06:30:01 +01:00
Hannah Wolfe
4e3b21b7da Permissions Improvements
refs #3083, #3096

In order to implement advanced permissions based on roles for specific
actions, we need to know
what role the current context user has and also what action we are
granting permissions for:
- Permissible gets passed the action type
- Effective permissions keeps the user role and eventually passes it to
  permissible
- Fixed spelling
- Still needs tests
2014-07-28 06:29:59 +01:00
Jason Williams
d59edf1806 Add a mixin for saving a subset of a model.
Closes #3403
- Add SelectiveSaveMixin so that a DS.Model can save one or more
  properties at a time while preserving other outstanding changes.
2014-07-27 21:04:35 +00:00
Sebastian Gierlinger
d895238571 Add XSS prevention
closes #3387
- added placeholder for <script> and <iframe>
- added google-caja sanitizer
- changed title in posts overview to ‚double-stash‘
2014-07-27 23:03:01 +02:00
Sebastian Gierlinger
f0d38aa66d Hide Access Token
closes #3177
- uses an iFrame to initiate the download to hide the access token

The access token is now hidden in the admin logic. If we would like to
completely hide the token it is possible to remove the access token and
use signed requests instead, but I think the effort isn’t worth the
benefit in this case.
2014-07-27 22:57:57 +02:00
Hannah Wolfe
6628127297 Merge pull request #3413 from halfdan/3407-meta-title
Correct meta_title for author pages.
2014-07-27 19:58:50 +01:00
Hannah Wolfe
77ae8394e0 Merge pull request #3393 from joeldrapper/sort-roles-dropdown
Fixed role sort order in the invite a new user drop down list
2014-07-27 19:39:06 +01:00
Hannah Wolfe
8c017de4d3 Merge pull request #3412 from novaugust/credentials-validation-convergance
Create new user validator to DRY up validators
2014-07-27 19:38:24 +01:00
Hannah Wolfe
f372ecddf0 Merge pull request #3411 from novaugust/signup-password
Rebind password to password input on signup page
2014-07-27 19:36:54 +01:00
Jason Williams
9dfef70d25 Do not clear password until after leaving signin
Closes #3399
- Provide our own authenticate action handler which does not
  clear the password input.
- Use the Signin route's deactivate hook to clear the password
  property on the controller after the user has transitioned
  away from the signin page.
2014-07-26 19:06:58 +00:00
Hannah Wolfe
1cff73f36c Merge pull request #3406 from simplabs/update-ember-simple-auth
Updated Ember Simple Auth to latest version
2014-07-26 17:24:18 +01:00
Fabian Becker
1cd2fa59bd Correct meta_title for author pages.
closes #3407
- Output correct meta_title for author pages
- Add test for meta_title for tag and author pages
2014-07-25 19:48:49 +00:00
Matt Enlow
0d7033f662 Create new user validator to DRY up validators
No issue
- Created NewUserValidator class to DRY up validation of a models name, email, and password
- Changed SignUpValidator to be an instance of NewUserValidator
- Changed SetUpValidator to extend NewUserValidator
2014-07-25 13:20:40 -06:00
Matt Enlow
698f5f6f6e Rebind name and password to inputs on signup page
Closes #3410, Ref #3392
- Removed setting name from user email address per issue #3392
2014-07-25 13:04:33 -06:00
Marco Otte-Witte
6406acef5c updated Ember Simple Auth to latest version 2014-07-25 16:04:19 +02:00
Hannah Wolfe
d2d25faa5c Merge pull request #3397 from morficus/issue-3392
Removing "full name" auto-popualtion during signup
2014-07-25 09:54:51 +01:00
joeldrapper
25b20bb2fe Roles drop down sorted by ID
closes #3391
- Changed sort order to ID instead of name
2014-07-25 09:41:12 +01:00
Hannah Wolfe
ce483a916a Merge pull request #3398 from morficus/issue-3396
Fixing resend user invitation
2014-07-25 08:53:13 +01:00
Hannah Wolfe
d1b84f0f7f Merge pull request #3394 from IanMitchell/settings-user-button
Hides <Users button for authors
2014-07-25 08:51:45 +01:00
Hannah Wolfe
85f3c192dd Merge pull request #3386 from felixrieseberg/iss3374
Signin: Proper notification if user not found
2014-07-25 08:48:49 +01:00
Hannah Wolfe
cc67f295ef Merge pull request #3385 from felixrieseberg/iss3375
Signin error notifications kept from stacking
2014-07-25 08:48:08 +01:00
Maurice Williams
a3da09b50f Removing "full name" auto-popualtion during signup
closes #3392
- removing data-binding attribute for "name" input box on signup screen
- removing data-binding attribute for "password" input box on signup screen
- making "email" the first input box and "name" the 2nd
- removing "autofocus" attribute for "email" input box on signup screen
2014-07-24 22:49:57 -04:00
Maurice Williams
69642e8e53 Fixing resend user invitation
closes #3396
- passing role when resending a users invitation
2014-07-24 22:42:55 -04:00
Ian Mitchell
ff3e68ec36 Hides <Users button for authors
closes #3295
- The <Users button visibility is now restricted by user role
2014-07-24 18:54:02 -07:00
Hannah Wolfe
a9a5acf2f2 Merge pull request #3377 from PaulAdamDavis/signout-button
Change signout link to button
2014-07-24 17:52:09 +01:00
Hannah Wolfe
81cd617741 Merge pull request #3376 from felixrieseberg/iss3292
Redirect authors and editors away from debug page
2014-07-24 17:51:16 +01:00
Hannah Wolfe
1d926787b3 Merge pull request #3368 from felixrieseberg/master
Show errors on reset page (Closes #3330)
2014-07-24 17:49:56 +01:00
John O'Nolan
b6b32ab570 Five posts per page 2014-07-24 17:43:48 +01:00
Felix Rieseberg
0b39df777b Signin: Proper notification if user not found
closes #3374
- If user object is returned but undefined, we'll display a
human-readable
error notification (user model)
- If user object is returned, but the user is inactive or invited (but
not
activated), we'll display a human-readable error notification
2014-07-24 11:34:52 -04:00
Felix Rieseberg
61cf8690dd Signin error notifications kept from stacking
closes #3375
- Prior to showing error notifications, the signin route now calls
  closePassive().
2014-07-24 11:16:00 -04:00
Jason Williams
8a2d50b871 Improve handling of users and roles in admin
Closes #3083 Refs #3229
- Populates the dropdown list in the invite user menu with the
  list of roles a user is permitted to create.
- Users API now checks the invite user request for allowed roles.
- Change API response from 200 to 201 on successful invitation.
- Change API response from 500 to 201 when the user was created but
  the email was not sent.  The client will show a warning notification
  when it sees 'invite-pending' as the new user's status.
- Add support for "?status=all" to the /users endpoint.
- Refactor the route and controller for the /settings/users page so
  that there's only one network API call to load users instead of two.
2014-07-24 14:20:47 +00:00
Felix Rieseberg
80f71e31fd Show error notifications on "reset password" page
closes #3330
- Caught errors are displayed using notifications util
2014-07-24 08:45:42 -04:00
Hannah Wolfe
a7415d38c0 Merge pull request #3380 from sebgie/issue#3373
Fix incorrect error
2014-07-24 12:19:20 +01:00
Hannah Wolfe
96cbd1738d Merge pull request #3362 from sebgie/issue#3087-2
Transfer Ownership
2014-07-24 12:19:08 +01:00
Sebastian Gierlinger
fa054a8eba Fix incorrect error
closes #3373
- added check if role is already assigned
- added check for unknown fields to fixDates/fixBools
- permissions are not implemented yet, so everyone is able to edit
owner ;-)
2014-07-24 10:17:10 +02:00
Maurice Williams
835bf0bd07 Preventing rogue modals from popping up when hitting the enter-key
closes #3352
- adding a ```type``` attribute to buttons inside form in the settings section
- scanning the rest of the project to find any other buttons w/a missing attribute
2014-07-23 22:58:50 -04:00
Felix Rieseberg
dbcb827772 Redirect authors and editors away from debug page
A signed in user with role author or editor will be redirected back to
/ghost.

closes #3292
2014-07-23 17:25:13 -04:00
Paul Adam Davis
93051fcbdb Change signout link to button
References https://github.com/TryGhost/Ghost-UI/issues/65

- Swap signout link from an `<a>` tag to `<button>`
- Changed tests to match new element
2014-07-23 22:12:45 +01:00
Sebastian Gierlinger
1eff3d9471 Fix importer bug for IE
closes #3339
- removed check for mime type
2014-07-23 16:53:03 +02:00
Sebastian Gierlinger
17589a1afe Merge pull request #2306 from mscdex/update-busboy 2014-07-23 15:52:41 +02:00
Sebastian Gierlinger
c43d860a3f Transfer Ownership
closes #3364 (special thanks to @jaswilli)
closes #3087
- added modal
- added controller
2014-07-23 12:41:31 +02:00
Sebastian Gierlinger
ed39e375a2 Fix author page
no issue
- fixed: author page used config object as function
2014-07-23 09:39:51 +02:00
Hannah Wolfe
337713ce63 Refactor fixture use in tests
no issue

- Refactor all integration tests to specify and load ONLY the fixtures
  they require to run, rather than initialising the whole kit-and-kaboodle
  for every single test which takes FOREVER.
- Refactor the route tests to share a doAuth function, and also specify
  additional fixtures required
- Move import and export unit tests, which are actually integration tests
  (they touch the DB)
- Comment out most of the permissions unit tests for now as they need more
  stubs/mocks so as to not touch the DB

Still todo:

- prevent default DB initialisation in route tests, and specify all
  fixtures requires as per the integration tests
- fix up the unit/permissions_spec
2014-07-23 05:04:50 +01:00
Hannah Wolfe
63efa541bd Merge pull request #3367 from jaswilli/issue-3161
Get Ember Admin ready for production
2014-07-23 04:47:19 +01:00
Hannah Wolfe
8e472c9d74 Merge pull request #3344 from hswolff/test-speedup
Speedup tests
2014-07-23 04:43:53 +01:00
Hannah Wolfe
29f867eb85 Merge pull request #3365 from PaulAdamDavis/user-list-img-bg-swap
Make user list images background-image's
2014-07-23 04:11:14 +01:00
Hannah Wolfe
6f1af2aa1c Merge pull request #3358 from IanMitchell/sidebar-role
Hide Settings Sidebar Based on Role
2014-07-23 03:41:40 +01:00
Harry Wolff
be37070fb6 This aims to speed up both the ghost application and tests by
migration from usage of config() to just an object of config.

no relevant issue

- Change 'loadConfig' task to 'ensureConfig' to more accurately reflect
what it is actually doing.  Its sole purpose is to make sure a `config.js`
 file exists, and as such the name now reflects that purpose.

- Update config/index.js to export the ghostConfig object directly
so that it can be accessed from other modules

- Update all references of config(). to config.
This was a blind global find all and replace, treat it as such.

- Fixes to tests to support new config access method

- Allow each test to still work when invoked invidually
2014-07-22 22:37:44 -04:00
Jason Williams
7ae48f1dd3 Get Ember Admin ready for production
Closes #3161
- Add a config.js file for the client which is used to configure
  Ember.Application during runtime. The correct version of config.js
  is copied into place by grunt via the copy:(dev|prod) task from
  either config-dev.js or config-prod.js.
- Serve minified and production versions of libraries where applicable
  including handlebars-runtime and ember-prod.
- Bundle third party libraries into vendor.min.js.
- Bundle Ghost's Ember app and templates into ghost.min.js
- Remove all fixture data and code from the client.
2014-07-22 22:33:49 +00:00
Hannah Wolfe
a620e9017e updating tests to match casper 2014-07-22 23:26:13 +01:00
Paul Adam Davis
3079104815 Make user list images background-image's
References https://github.com/TryGhost/Ghost-UI/issues/76

- Swap user avatars in the user list from ing tags to background images
2014-07-22 20:13:30 +01:00
Ian Mitchell
47ae9d6ca6 Hide Settings Sidebar Based on Role
Implements #3294. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-22 08:03:52 -07:00
Jason Williams
739b57e05b Update Users API to handle role objects or ids
Closes #3357
- API method User#edit now handles User objects that have either
  an array of Role ids or objects.
- Fixed error handler notification on upload modal controller.
2014-07-22 05:48:16 +00:00
Hannah Wolfe
27c1dbd409 Merge pull request #3341 from PaulAdamDavis/psm-class-ammend
Correct markup for the PSM author dropdown
2014-07-22 01:12:45 +01:00
Hannah Wolfe
dabc780110 Merge pull request #3343 from sebgie/issue#3087
Add edit roles
2014-07-22 01:12:26 +01:00
Hannah Wolfe
7f0c2b7782 Merge pull request #3356 from IanMitchell/header-role
Hide Settings Tab if Author
2014-07-21 23:48:01 +01:00
Hannah Wolfe
5b41358e45 Merge pull request #3347 from jaswilli/posts-content
Only load posts once on navigating to content tab
2014-07-21 23:47:55 +01:00
Ian Mitchell
6c0c3c4bde Hide Settings Tab if Author
Implements #3293. Currently, we don’t have a permission system on the
client side, so this relies on a hardcoded “author” string.
2014-07-21 14:31:10 -07:00
Hannah Wolfe
9535af1665 Merge pull request #3355 from JohnONolan/trim
Trim version number in RSS feeds
2014-07-21 22:24:05 +01:00
John O'Nolan
d60382f0f0 Trim version number in RSS feeds 2014-07-21 23:07:21 +02:00
Sebastian Gierlinger
28b03ec87e Add edit roles
refs #3087
- added ability to edit user/roles relation
- user is not allowed assign roles to himself
- only one role per user is supported atm
- added tests
2014-07-21 22:50:43 +02:00
Ian Mitchell
27c42c2bf0 Implements User Role Label
Closes #3287.
2014-07-21 13:31:25 -07:00
Paul Adam Davis
f304d3ed34 Correct markup for the PSM author dropdown 2014-07-21 21:15:14 +01:00
Hannah Wolfe
c0732292ac Merge pull request #3331 from ErisDS/issue-3076
Author pages
2014-07-21 20:57:06 +01:00
Hannah Wolfe
bb70e2b294 Merge pull request #3351 from sebgie/no-inline-script
Remove inline script from default.hbs
2014-07-21 20:55:18 +01:00
Jason Williams
1c356f59b2 Only load posts once on navigating to content tab
No Issue
- Loading posts from the API should not be necessary in PostsIndexRoute
  because its parent resource (PostsRoute) pre-loads the store.
  Changing the store.find to store.all gets rid of a duplicate
  network request to load all posts.
2014-07-21 19:44:03 +00:00
Hannah Wolfe
1caa5bd6e0 Merge pull request #3346 from jaswilli/issue-3325
Extend adapter to support automatic includes
2014-07-21 20:38:57 +01:00
Hannah Wolfe
90880469f6 Merge pull request #3337 from morficus/issue-3222
Pagination on the Users Management screen
2014-07-21 20:34:53 +01:00
Hannah Wolfe
0e168574f0 Merge pull request #3311 from javorszky/iss3196
Added /roles/ API endpoint
2014-07-21 20:34:29 +01:00
Jason Williams
2dcce82fe4 Fix check for using default cover image
Closes #3348
- Cover attribute is a string so its typeof will always return
  string. Switch check to Ember.isBlank.
2014-07-21 18:04:49 +00:00
Maurice Williams
a8ca517c54 Pagination for Users Management screen
closes #3222
- implementing server-side pagination for /users API
- passing /users?limit=none will return all users
- passing /users?status=invited will filter base on user status
- creating 3 mixins (route, controller and view) to keep pagination logic DRY
- updating route, controller and view for Posts to use new mixing
- implementing infinite scrolling for Users Management screen (using new mixins)
- Users Management screen displays all invited users, but paginates active users
2014-07-21 14:03:26 -04:00
Sebastian Gierlinger
05b3606fd3 Remove inline script from default.hbs
no issue
- added config values as data attributes
- removed inline script
- removed current-user.js
2014-07-21 20:00:54 +02:00
Jason Williams
2e67d6bf99 Extend adapter to support automatic includes
Closes #3325
- Add Roles model and add hasMany roles to User model.
- Add EmbeddedRelationAdapter that will automatically include
  hasMany relations in calls to the API.
- UserAdapter and PostAdapter now extend EmbeddedRelationAdapter
  and all explicit includes from store.find() have been removed.
2014-07-21 17:05:13 +00:00
Hannah Wolfe
29800356de Merge pull request #3345 from novaugust/model-relationships
Add relationships to client models
2014-07-21 16:17:43 +01:00
Hannah Wolfe
88743d03c4 Merge pull request #3340 from sebgie/issue#3339
Fix file validation for importer
2014-07-21 16:00:30 +01:00
Gabor Javorszky
80f9023020 Added /roles/ API endpoint
Closes #3196

* adds `/roles/` endpoint
* is given the current user as context
* wraps everything in a canthis.browse.role
* gets all the available roles (should "Owner" be filtered out?)
* optional parameter: `permission=assign`. Gets all roles authenticated user could assign
* if we're not signed in, gives a "please sign in" (standard) error
* if we're signed in, but user is not in the context, gives a "there was no user in the context" error
* if the user is an "Author", gives a "there are no available roles to assign" error
* implemented hacky filter because when.js produces heisenbugs past 3.2.3 (when.filter not available)
* added extra fixtures to `permissions.json`. Might need a migration.

Caveats:

* there are no tests
* for some reason the setup functional test was failing for me locally
2014-07-21 15:02:25 +01:00
Matt Enlow
3667fa9885 Add relationships to client models
No issue
- Removed tabs from tag.js (why didn't jshint catch this?)
- Removed superfluous `activate` in SettingsIndexRoute
- updated `UserModel` and `TagModel` to have `created_by, updated_by` be references to `user` objects.
- updated `UserModel` to use `moment-date` instead of `date`
2014-07-21 08:01:59 -06:00
Hannah Wolfe
4c276603ec Fix tests tripping spam protection 2014-07-21 14:33:42 +01:00
Hannah Wolfe
44cfcb6b01 Caching db config in migration utils 2014-07-21 13:25:53 +01:00
Hannah Wolfe
cf9839c71d Integration tests use consistent teardown methods 2014-07-21 13:25:51 +01:00
Sebastian Gierlinger
772d81849e Fix file validation for importer
refs #3339
- wrong call to file validation
- refs the issue because I get application/json on OSX? Is this
something Windows specific?
2014-07-20 23:07:17 +02:00
Hannah Wolfe
c2f0fd54da Merge pull request #3326 from ErisDS/issue-3309
Adding helper for invite status
2014-07-20 19:11:05 +01:00
Hannah Wolfe
2b28e252d7 Merge pull request #3336 from javorszky/fix-catches-in-tests
Replaces then(null, done) with .catch(done), OCD on blank lines
2014-07-20 18:03:28 +01:00
Hannah Wolfe
4fb3b53653 Merge pull request #3334 from JohnONolan/BIGGER
Larger default gravatar images
2014-07-20 18:03:23 +01:00
Hannah Wolfe
b7aa09f439 Author helpers
closes #3077

- expend urlFor to handle /author/ urls
- update author helper to output a link
2014-07-20 17:57:59 +01:00
John O'Nolan
d10771b711 Larger default gravatar images 2014-07-20 18:50:07 +02:00
Hannah Wolfe
2d01e15a18 Author pages
refs #3076

- This is a first draft implementation, just to make it work so that we can get casper working
2014-07-20 17:49:19 +01:00
Gabor Javorszky
36ba3549e7 Replaces then(null, done) with .catch(done), OCD on blank lines
No issue
2014-07-20 17:32:29 +01:00
Hannah Wolfe
9575b25711 switched parent_id for parent
fixes #3333
2014-07-20 16:39:56 +01:00
Hannah Wolfe
27f980bd42 Removing console.log 2014-07-20 13:35:39 +01:00
Hannah Wolfe
5a6af020c5 Model & test cleanup 2014-07-20 09:34:30 +01:00
Hannah Wolfe
ab90c40e4e Adding helper for invite status
closes #3309, refs #3229

- adds different message depending on status
- doesn't delete the new user if the problem was an email error
- filters the 2 lists based on all statuses
2014-07-20 09:23:57 +01:00
Hannah Wolfe
82742fc233 Export 003
closes #3284

- ensure token tables aren't exported
- cleanup filename
- failed export throws internal server error
2014-07-19 22:38:21 +01:00
Hannah Wolfe
cf4dd8eaa5 Merge pull request #3324 from novaugust/psm-authors
Add Author dropdown to PostSettingsMenu
2014-07-19 01:43:43 +01:00
Hannah Wolfe
43b91f281d Merge pull request #3322 from jaswilli/check-setup
Check setup status when making API responses
2014-07-19 00:36:12 +01:00
Matt Enlow
ad3ff49bea Add Author dropdown to PostSettingsMenu
Ref #3084
This PR does NOT hide the dropdown as required to close 3084.

- `EditorNewRoute` creates post with the author set to the current user
- added `authors` ArrayPromiseProxy (whoa, what?) to PSM
- added `changeAuthor` function that sets author and saves model when the user selects a new author
2014-07-18 17:29:46 -06:00
Hannah Wolfe
c9b24b0a9b Merge pull request #3321 from ErisDS/issue-2600-fin
Wrap up schema amends for 003
2014-07-19 00:19:14 +01:00
Hannah Wolfe
2498098095 Merge pull request #3320 from jaswilli/dup-slug-get
Prevent duplicate slug request on saving new post
2014-07-19 00:14:15 +01:00
Hannah Wolfe
67de186893 Merge pull request #3319 from ErisDS/issue-3275
Extending context concept to models
2014-07-19 00:13:19 +01:00
Hannah Wolfe
fdff51cb6c Merge pull request #3314 from jaswilli/issue-3160
Add a notify action to the notifications component
2014-07-19 00:11:10 +01:00
Jason Williams
7d3139d093 Check setup status when making API responses
Closes #3303, Closes #3299
- Check whether or not setup has been completed when deciding
  how to respond to certain API requests.
- Add tests.
2014-07-18 22:28:28 +00:00
Hannah Wolfe
8fc1b03ea7 Wrap up schema amends for 003
closes #2600

- adds 2 new columns to tags, for the soon-to-land tag management UI
- fixes validation for the active bool in app_fields
- adds missing return to addColumn command
- cleanup in addTableColumn util
2014-07-18 19:33:36 +01:00
Hannah Wolfe
f8a924731a Merge pull request #3318 from halfdan/apps-schema
Schema changes for Apps
2014-07-18 16:39:45 +01:00
Hannah Wolfe
214ef16fae Merge pull request #3297 from jaswilli/issue-3271
Turn off autocomplete for user profile form
2014-07-18 16:07:03 +01:00
Jason Williams
a18e5ce9ed Prevent duplicate slug request on saving new post
No Issue
- Do not run generateSlugPlaceholder if save has been initiated
  and the title has already been set on the post. At that stage
  a slug has already been generated and another API call is not
  necessary.
2014-07-18 15:05:10 +00:00
Hannah Wolfe
6e48275160 Extending context concept to models
fixes #3275, fixes #3290, ref #3086, ref #3084

- Ensure that we use the current logged in user and not just user 1 when
- removing hard coded user: 1 except where absolutely necessary
- passing context, rather than user to models
- base model has a new function to determine what id to use for created_by etc
2014-07-18 15:32:56 +01:00
Fabian Becker
5cd5f8cca9 Schema changes for Apps
refs #2465
- Add active field to app_fields
- Adjust data generator for app fields
2014-07-18 12:39:14 +00:00
Hannah Wolfe
d386f66f1e Merge pull request #3317 from sebgie/fix-edit-posts
Fix editing author
2014-07-18 11:15:41 +01:00
Sebastian Gierlinger
62c1ce128e Fix editing author
no issue
- author_id is converted to author for API responses but was never
converted back for requests
2014-07-18 10:48:48 +02:00
Paul Adam Davis
7b626baf3f Add class to invited users container
No issue

- Relates to 447c7d77ec (diff-acda43902fe5a16fa255b16e7b32e6d0R14)
- Adds class to the invited users container, used only for spacing right now
2014-07-18 09:02:35 +01:00
Jason Williams
b7be74907f Add a notify action to the notifications component
Refs #3160
- gh-notifications component now takes an optional notify
  parameter.  If present it will be invoked as an action
  when a notification is added or removed.
- Add a data-notification-count attribute to the main container
  that tracks the number of "top" notification messages that
  are currently being shown.
2014-07-17 17:34:38 +00:00
Hannah Wolfe
48cbf371a2 Merge pull request #3313 from ErisDS/improve-fixtures
FORCE_MIGRATION ensures fixtures are added
2014-07-17 18:21:44 +01:00
Jason Williams
ec1f4d0297 Turn off autocomplete for user profile form
Closes #3271
2014-07-17 17:09:20 +00:00
Hannah Wolfe
487844122d Merge pull request #3312 from ErisDS/issue-2739-2
Wire permmissions for notifications, mail and tags
2014-07-17 18:04:38 +01:00
Hannah Wolfe
65230cf1b8 Merge pull request #3302 from jgable/fixUserMe
Fetch actual user in settings/users/user
2014-07-17 18:01:55 +01:00
Jacob Gable
d874e79dbd Fetch actual user on settings/users/user
Closes #3279

- Switch from this.session.get('user') to this.store.find('user') and
some further limiting until a custom user adapter is created
- Switch the deactivate logic to rollback the used model
- Pass the user as the model in the link-to in user list template
2014-07-17 10:44:39 -05:00
Hannah Wolfe
cfaa6f058a Wire permmissions for notifications, mail and tags
closes #2739

- wraps the api endpoints for mail, notifications, and tags in a canThis
  check
- add internal context to internal calls
- updates tests
2014-07-17 16:44:09 +01:00
Hannah Wolfe
efa7665124 Merge pull request #3310 from sebgie/issue#3128-2
Fix tests failing because of spam protection
2014-07-17 16:41:31 +01:00
Hannah Wolfe
b46aa2b576 FORCE_MIGRATION ensures fixtures are added
refs #2600, refs #3296
2014-07-17 13:54:03 +01:00
Hannah Wolfe
6ab8a37f79 Merge pull request #3300 from ErisDS/issue-2739
Adding and renaming permissions
2014-07-17 13:25:47 +01:00
Hannah Wolfe
c28167c971 Merge pull request #3304 from JohnONolan/noplaceholder
Removing erroneous placeholder text from user profile
2014-07-17 13:23:04 +01:00
Sebastian Gierlinger
ab456638c1 Fix tests failing because of spam protection
closes #3128 (now really)
- added express variable disableLoginLimiter
- added disableLoginLimiter to all tests that use Ghost as module and
do authentication
- fixed isSetup not working for status other than active
- removed ‚Ensure a User is Registered‘ test as this is covered by the
new setup test
2014-07-17 14:22:32 +02:00
Sebastian Gierlinger
42f461cb6d Restored spam prevention
closes #3128
- added spam prevention middleware
- restored tests
2014-07-17 14:22:07 +02:00
Hannah Wolfe
31fa6bef1f Merge pull request #3308 from JohnONolan/newsignup
New signup screen
2014-07-17 13:09:53 +01:00
John O'Nolan
772f2c7a55 Removing erroneous placeholder text from user profile
Reverting the placeholder that was introduced in #2734 to fix #1623. We should handle this intelligently by automatically interpretting the input and using validation if we can't. The user should not have to know or care about what http is.

Regardless off any of the above, we should not be introducing user-facing text like this without proper consideration. A placeholder of "http://ghost.org" is far more confusing than no placeholder at all. It also looks like a cheap promotional tactic on our part.
2014-07-17 14:07:12 +02:00
John O'Nolan
b42577655a Fade in the setup form 2014-07-17 13:39:53 +02:00
John O'Nolan
9e75ec1f5a New signup screen
See #3082 - This borrows setup screen styles for now
2014-07-17 13:34:40 +02:00
Hannah Wolfe
ce06ad412a Adding and renaming permissions
refs #3283, refs #2739, refs #3096

- Renames permissions which didn't follow bread
- Adds permissions for notifications, mail and tags

Still todo:

- wire up the new permissions where they are needed
- add permissions for roles
2014-07-17 12:32:25 +01:00
Hannah Wolfe
5c1a7a7349 Revert "Restore spam prevention" 2014-07-17 12:11:23 +01:00
Hannah Wolfe
7ce22416c6 Merge pull request #3296 from ErisDS/force-migrate
Hacky FORCE_MIGRATION env var
2014-07-16 20:03:03 +01:00
Hannah Wolfe
00e3588656 Merge pull request #3298 from jaswilli/issue-3288
Handle undefined datetime values
2014-07-16 20:02:44 +01:00
Hannah Wolfe
ef8c280635 Merge pull request #3282 from sebgie/issue#3128
Restore spam prevention
2014-07-16 19:39:32 +01:00
Hannah Wolfe
eed2ac728c Hacky FORCE_MIGRATION env var
refs #2600

One day in the future it would be nice to have a CLI for Ghost
In the meantime, lets have an easy way to force migrations to run
This is for development, or dead end situations only
It will at least do a DB backup ;)
2014-07-16 19:20:26 +01:00
Jason Williams
422806f028 Handle undefined datetime values
Closes #3288
- Check for undefined last_login and created_at values that occur
  on a User model for an invited user.
2014-07-16 17:12:45 +00:00