Commit Graph

4548 Commits

Author SHA1 Message Date
Hannah Wolfe
4480d3bd02 Merge pull request #1088 from jacobian/postgres-fix
Fix #896 - work around errors in pagination under Postgresql.
2013-10-22 07:08:15 -07:00
Tony Gaskell
2809e405d5 fixed bug where an undefined variable could be dereferenced
which could cause the server to choke.
2013-10-22 03:20:09 -10:00
Fabian Becker
57bd929d2c Allow themes to provide custom error template.
fixes #1212, #1213
2013-10-21 19:12:22 +00:00
Seb Gotvitch
596cd13ca5 Keep the status code generate by connect in case of error.
The status code generate by connect/express in case of error was always
replace by 500 status.
2013-10-21 01:53:26 -04:00
Pascal Borreli
14c420c8d1 Fixed typos 2013-10-20 20:33:51 +00:00
Hannah Wolfe
65dcb17117 Merge branch '0.3.3-wip'
Conflicts:
	core/client/views/blog.js
	core/server/api.js
	core/server/views/default.hbs
	package.json
2013-10-20 10:09:39 +01:00
Sebastian Gierlinger
2ee8f96829 Revert sessions to cookieSessions
no issue
- modified sessions to use cookieSession
- set max-age to 12 hrs
- modified logout to delete cookie completely
2013-10-18 13:24:01 +02:00
Hannah Wolfe
158d237122 Improved error handling
fixes #845

- only returns an error page for get requests, otherwise returns a response
- no more admin menu when not logged in
- no more error message about theme error template
- logWarn is available
2013-10-17 22:49:14 +01:00
Jakob Gillich
0f048eeb79 Set correct HTTP status code on error
closes #1055
2013-10-17 21:52:40 +02:00
Hannah Wolfe
e29a598fa5 CSRF for debug screen 2013-10-17 20:52:09 +01:00
Hannah Wolfe
2a6e77752f API JSON updates 2013-10-17 20:52:05 +01:00
Hannah Wolfe
d9c9ca0e33 Merge pull request #4 from sebgie/sec/3
Sec/3
2013-10-17 10:49:40 -07:00
Hannah Wolfe
491651da59 Merge pull request #2 from ErisDS/bookshelf-knex-update
Updating to bookshelf 0.5.7 & knex 0.4.11
2013-10-17 10:49:28 -07:00
Tim Griesser
13639ad8d1 Updating to bookshelf 0.5.7 & knex 0.4.11 2013-10-17 18:23:36 +01:00
Sebastian Gierlinger
374c41e138 Remove private data from API
no issue
- added removal to user.browse, posts.read, posts.browse
- fixed removal for user.read
2013-10-17 17:15:25 +02:00
Sebastian Gierlinger
90176e1f40 Security improvements
no issue
- added CSRF protection
- changed session handling to express.session
- changed session handling to change session id
- added config property useCookieSession
- added file extension check for /ghost/upload
- removed /ghost/debug/db/reset
2013-10-17 15:28:28 +02:00
Hannah Wolfe
daa87e92c2 Merge pull request #1026 from jenius/master
Remove unneeded info from /user api response
2013-10-17 14:12:13 +01:00
Fabian Becker
dfa7793d44 Improved test coverage of theme helpers.
refs #246
2013-10-17 07:53:11 +00:00
Fabian Becker
f4ac715f97 Add featured class when post is featured
fixes #1112
2013-10-16 11:41:49 +00:00
Hannah Wolfe
3eae0a3939 Merge pull request #1103 from b1nd/merge
Removed unused variables and updated commenting
2013-10-16 03:31:57 -07:00
Hannah Wolfe
7419e05b3a Merge pull request #1092 from halfdan/uc-helper
Added new helper to escape URIs called 'encode'
2013-10-16 02:23:13 -07:00
Fabian Becker
788987d04a Added new helper to escape URIs called 'encode'
fixes #1089
2013-10-16 09:19:26 +00:00
b1nd
c61806c1c8 Removed unused variables and updated commenting 2013-10-16 11:32:44 +11:00
Hannah Wolfe
930309363d Merge pull request #1020 from padhg/omit-uri-scheme
Allow omission of URI Scheme in config.js url
2013-10-15 12:26:18 -07:00
Jacob Kaplan-Moss
2acb546028 Fix #896 - work around errors in pagination under Postgresql. 2013-10-15 11:09:08 -05:00
Jeff Escalante
44973ba255 remove unneeded info from user api response 2013-10-14 15:07:52 -04:00
Ryan Powell
dc1cf3b509 changes to support URI's without a scheme in config.js.
also removed "http:" from google fonts link to prevent a mixed content warning.
2013-10-14 10:42:08 -04:00
Hannah Wolfe
119b0ea430 Merge branch '0.3.2-wip'
Conflicts:
	core/client/assets/lib/uploader.js
2013-10-11 20:56:15 +01:00
Hannah Wolfe
b4e04b3650 Fix for image uploads
- express 3.4.0 uses connect 2.9.0 which had a sizable change to how multipart woks
- this change resulting in req.files.uploadimage.type going away
2013-10-11 20:26:09 +01:00
jamesbloomer
9d114c7fa6 Lock down theme static directory to not serve templates, markdown and text files.
closes #942
- insert custom middleware to check for blacklisted files
- redirect to express.static if file accepted
- if not valid return next() to do nothing
- currently black listing .hbs, .txt, .md and .json
- debatable which is best, black list or white list, either one will probably need tweaks but erred on side of letting
a theme serve unknown types
2013-10-11 18:05:31 +01:00
Sebastian Gierlinger
b040ea3365 Change from address
closes #872
- changed from address to use config.mail.fromaddress
- changed from address to default to settings.email
2013-10-11 12:49:33 +01:00
Hannah Wolfe
9466a9753b Merge branch '0.3.2-wip'
Conflicts:
	core/test/unit/api_posts_spec.js
2013-10-10 16:37:35 +01:00
Hannah Wolfe
54f8a04779 Merge pull request #996 from ErisDS/0.3.2-tagfixes
Improving tag handling in post_class and body_class
2013-10-10 07:05:15 -07:00
Sebastian Gierlinger
6ff17c78a2 Fix filepaths for config and upload
no issue
- added appRoot to config-loader.js
- modified uploader to use correct path
- modified tests
2013-10-10 12:44:31 +02:00
Hannah Wolfe
f1317b84af Improving tag handling in post_class and body_class
closes #967, closes #987

- use slug instead of name (it's unique)
- get tags even if we aren't inside the post context
- add tag handling to body_class too
2013-10-09 19:51:55 +01:00
Hannah Wolfe
95f9fce3be Swapping escape to sanitze
issue #938

- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
2013-10-09 19:13:16 +01:00
Tim Griesser
c9235ccb0b Escaping several fields to prevent XSS
issue #938
- escapes post's title field
- escapes settings title, description, email
- escapes user's name field
- includes test for post title
2013-10-09 19:13:13 +01:00
Hannah Wolfe
59d69f273e Merge pull request #984 from matthojo/Loading-Bar
Loading bar
2013-10-09 09:32:13 -07:00
Hannah Wolfe
b5c5d531d1 Fix for unhandled promise on fresh db startup
issue #977

- As of the addition of when/monitor/console we now get errors about unhandled promises
- This fixes one which appeared when starting up without a DB
2013-10-09 16:58:50 +01:00
Matthew Harrison-Jones
fdf5e3d69e Revert "loading bar implementation"
This reverts commit de6b8ee9b3 and 16742bcaef
2013-10-08 14:12:46 +01:00
John O'Nolan
34762ce1be Move webfonts to // rather than http://
https://en.ghost.org/forum/bugs-suggestions/475-suggestion-remove-system-dependence-on-google-web-fonts
2013-10-04 09:48:51 +02:00
Hannah Wolfe
ba0b6982a4 Trailing slashes for cache invalidation headers
issue #963
2013-10-02 16:14:35 +01:00
Sebastian Gierlinger
0220cf2448 Disable filestorage
closes #937
- fixed bug where ![] is replaced with ![](http://) for image url
- added fileStorage setting to uploader
- added fileStorage helper (could become standard way of providing config data for frontend???)
- added data element to editor and settings
- if no config value is set fileStorage: true is default
2013-10-02 11:39:34 +02:00
John O'Nolan
16742bcaef Initial loading bar implementation
See #726

Becomes visible when <body> has a class of `js-loading`
2013-09-30 11:17:06 +02:00
Hannah Wolfe
17a0bd37b0 Merge pull request #930 from javorszky/iss840
Adds error message to blog import on empty / bad file
2013-09-29 11:10:08 -07:00
Gabor Javorszky
f709dcb798 Adds error message to blog import on empty / bad file
Closes #840
* Checks file to be size > 0
* Checks file to be .json
* Fails if either of them are not good
2013-09-28 15:42:42 +01:00
John O'Nolan
ba0ae3b4d8 Set sensible admin meta title 2013-09-28 16:21:59 +02:00
John O'Nolan
137a8dfc58 Adding support for Apple, Android, and Microsoft app icons 2013-09-28 15:54:12 +02:00
John O'Nolan
82f048c8fd Tidied up indentation/properties for default admin template 2013-09-28 15:00:17 +02:00
Hannah Wolfe
6bd62538af Merge branch '0.3.1-wip'
Conflicts:
	core/server/controllers/admin.js
2013-09-27 17:22:55 +01:00
Hannah Wolfe
a5bf8bf1e2 Removing reset button
- noone needs this, and someone is bound to press it and then complain.
2013-09-27 17:20:41 +01:00
Hannah Wolfe
ee8d8102db Merge pull request #923 from ErisDS/0.3.1-wip-mysql
0.3.1 wip mysql
2013-09-27 05:04:45 -07:00
Hannah Wolfe
d544b4aebb Custom destroy method for posts
issue #858

- correctly handles detaching tags before deleting the post
2013-09-27 11:56:20 +01:00
Hannah Wolfe
e6b779330f Correctly test for an empty Tag array
issue #858

- fixes syntax errors in mysql
2013-09-27 11:55:02 +01:00
Hannah Wolfe
71711c1fd2 Drop tables in correct order
issue #858

- unit tests now run for MySQL
2013-09-27 11:54:09 +01:00
Hannah Wolfe
6369eb20be Remove broken image from fixture
issue #866

- this fixes the problem inside the fixture
2013-09-27 09:18:02 +01:00
Hannah Wolfe
681aa71bf5 Merge pull request #848 from jamesbloomer/705-image-Upload-file-storage-amends-type
Use file mime type to check server side if image upload is a valid file
2013-09-26 15:18:04 -07:00
Sebastian Gierlinger
3def65ee11 Fix for sendmail problem
closes #871
- added solution from email
- tested on OSX
2013-09-26 15:45:34 +01:00
Sebastian Gierlinger
fa43ca79d3 Add content to RSS
closes #886
- removed meta_description which is empty and would have crashed
- added content
- img src converted to absolute path
- a href converted to absolute path
2013-09-26 15:37:25 +01:00
John O'Nolan
d1957958e3 Cleanup indentation and quotes
Aligns all requirements vertically for easier reading + adds single quote standard consistently throughout Ghost, except in long strings.
2013-09-26 15:06:31 +01:00
jamesbloomer
8e3ddcbdcc Trim version number to major and minor numbers only in meta tag
closes #880
- as the version number is under control from package.json use regex to trim
2013-09-26 15:00:05 +01:00
Hannah Wolfe
0b87c42e84 Merge pull request #891 from ErisDS/0.3.1-importerfix
0.3.1 Import & Export fixes
2013-09-26 04:14:56 -07:00
John O'Nolan
78775f1976 Added email to username if no name is given
Gets rid of generic "Ghost" - we know a user will always have an email address as it is a required field.
2013-09-26 12:02:48 +01:00
John O'Nolan
bf5ab32fe9 Renamed user image data helper to make more sense 2013-09-26 12:02:44 +01:00
Hannah Wolfe
02a02054e8 Handle duplicate tags on import
closes #890

- importer only adds tags which don't exist.
- added back the import unit tests - these are basic for now
2013-09-25 11:30:59 +01:00
Hannah Wolfe
f68633df20 Adding missing return to MySQL exporter
closes #888
2013-09-25 09:38:03 +01:00
Sebastian Gierlinger
6697d8a097 Add invalidate cache headers
closes #570
- added X-Cach-Invalidate headers for PUT, POST, DELETE requests
2013-09-24 17:21:43 +02:00
Matthew Harrison-Jones
340958cfcf Updated 'Help / Support' link 2013-09-23 18:46:03 +01:00
John O'Nolan
472406d157 Removed version number from user menu
Fixes #855
2013-09-22 22:54:07 +02:00
jamesbloomer
c215626d2b Use file mime type rather than extension to check server side if image upload is a valid file
closes #705
- uses the file type passed by express/connect
- relies on the type being set correctly by the browser upload
- doesn't reread the file to check
2013-09-20 13:20:59 +01:00
Hannah Wolfe
0c545d5f2e Cleanup 2013-09-19 08:51:01 +01:00
Hannah Wolfe
32d1076d35 Correct validation message for short passwords
closes #833
2013-09-19 08:41:04 +01:00
Hannah Wolfe
5528423636 Client & Server side validation for posts per page
closes #839

- caused a 500 error
2013-09-19 07:55:37 +01:00
Hannah Wolfe
477c4c59fa Merge pull request #843 from cgiffard/500-errors
500 Series Error Handling & Stack Traces
2013-09-18 22:52:52 -07:00
Hannah Wolfe
fe5df2b0d1 Updated Welcome to Ghost fixture
closes #790
2013-09-19 05:59:33 +01:00
Christopher Giffard
9c8b02949a 500 Series Error Handling & Stack Traces
Fixes #825

- Changes the way the error middleware is delivered in server.js, moving
  all the logic back into errorHandling.js
- Alters error logging to use console.error (probably more appropriate) instead
  of console.log
- Changes error tests to accomodate for these alterations
- Alters user-error and error hbs templates to incorporate stack traces
- Adds additional styling for error pages to accomodate stack traces
- Added logic to parse and deliver formatted stack traces

Notes:
======

- Jslint gets in the way of the regex I've got to use to parse the stack.
  (It cites 'security reasons' which are not relevant in this case.)
  I needed to add a condition to relax it at the top of errorHandling.js
- The stack trace should probably be added as a partial, but I figured it
  was out of scope for this PR.
2013-09-19 13:01:20 +10:00
Hannah Wolfe
eb6856dac3 Removing Temporary importer 2013-09-18 23:24:26 +01:00
Hannah Wolfe
ee78f87c47 Import > Signout
- uncommitting the thing I shouldn't have commited
2013-09-18 16:11:21 +01:00
Hannah Wolfe
f717aed96f Merge pull request #820 from jamesbloomer/705-image-Upload-file-storage-amends
Remove temporary files when uploading images
2013-09-18 08:08:48 -07:00
Hannah Wolfe
7193f05376 Default user image and cover
closes #812

- replace defaults with consistently named .png files
- change the settings saving code so that it doesn't double-save images and save the defaults to the db
2013-09-18 15:54:52 +01:00
Hannah Wolfe
571333bb5d Temporary Importer
- seems my very late night commit was a bit screwed.
2013-09-18 15:03:29 +01:00
Hannah Wolfe
ed9259a32e Merge pull request #822 from matthojo/Post-Settings-labels
Bug Fix: Clicking on Post Settings labels now selects relative input
2013-09-18 05:59:01 -07:00
Hannah Wolfe
5fdfa79faf Merge pull request #816 from cgiffard/404-500-design
Default 404/500 Error Message
2013-09-18 05:37:09 -07:00
Matthew Harrison-Jones
d70b8d8479 Bug Fix: Clicking on Post Settings labels now selects relative input 2013-09-18 11:29:57 +01:00
Sebastian Gierlinger
1cac1acded RSS without User
closes #817
- no user, no rss author
2013-09-18 10:17:56 +02:00
jamesbloomer
36f218abaf Remove temporary files when uploading images
closes #502
part of #705
- copy the files but then remove the temporary ones
- moving instead of copying was problematic due to moving across devices
- still need to convert code to using promises
2013-09-18 09:15:21 +01:00
Christopher Giffard
e13ac321c9 Default 404/500 Error Message
Fixes #792

- Added default template for errors where a user has not defined a custom
  template (error.hbs) in the theme folder
- Now searches for user-error.hbs in the server view folder should a user
  template not be present.
2013-09-18 15:12:53 +10:00
Hannah Wolfe
e0edb6455d Temporary Importer
closes #735

 - make sure the importer gets loaded
 - additional preprocessing to ensure data can be loaded
 - removed old importers
2013-09-18 04:20:21 +01:00
Jacob Gable
6c0ddb4124 Importer for 003 Schema
- Add new 003.js in import based on 000.js
- Change importPosts and importUsers from the 000.js for new / default values
- Add language setting to black list
2013-09-18 04:20:17 +01:00
Hannah Wolfe
f661ad9a63 Merge pull request #811 from cgiffard/ugly-settings-404
Settings: Return 404 for unrecognised pages
2013-09-17 19:47:19 -07:00
Christopher Giffard
8fa1ce96ff Settings: Return 404 for unrecognised pages
Fixes #798

- Now checks the request URL against a whitelist to determine whether the settings
  page exists.

**Notes**

- This works in the short term, but a better solution for enumerating the available
  settings views or centralising a list of recognised views that are available
  to client side code, (the router and sidebar, among others) as well as the backend
  controller will be required.
2013-09-18 12:31:43 +10:00
Hannah Wolfe
7be4362523 404 Page vertical centering
closes #791
2013-09-18 03:07:22 +01:00
Hannah Wolfe
658a21bcf8 Quick file type amend
- adding .jpeg spelling to allowed extensions, #705 will fix this properly
2013-09-18 02:53:08 +01:00
Hannah Wolfe
c51c7e197d Merge branch 'master' of github.com:/TryGhost/Ghost 2013-09-17 22:48:18 +01:00
Hannah Wolfe
22f7eb1a8d Merge pull request #804 from cobbspur/metahelper
Added meta title and description theme helpers
2013-09-17 14:47:59 -07:00
Hannah Wolfe
b15b8d03da Clearing out images we don't use 2013-09-17 22:28:28 +01:00
cobbspur
6a5f88ed18 Added meta title and description theme helpers
closes #795

- firstly fixes res.locals to include path again
- adds {{media_title}} and {{media_description}} theme helpers
2013-09-17 22:11:02 +01:00
Sebastian Gierlinger
60d93bd3f3 Fix for images with special chars
closes #780
- added replacing of special chars with '_'
2013-09-17 22:11:22 +02:00
Matthew Harrison-Jones
2305329041 Complete Modal Refactor
* Smoother animations
* Removed blurring in Chrome temporarily
* Centering is now done in CSS (the height is calculated in JS to work in FF and Opera)
* Modals now need close: true to be set to enable the close icon and shortcuts for closing (ESC key, background clicking)
2013-09-17 20:40:19 +01:00
Hannah Wolfe
425328b4af Standard Importer
closes #734

- use models instead of knex so that we know we get correct data
- preprocesses post_tags, adds the right tags back to the posts

TODO

- deduplicate posts (if they have the same title and slug?)
2013-09-17 18:42:06 +01:00
Hannah Wolfe
b165dd3e62 Merge pull request #787 from cgiffard/new-404-handling
Initial 404 Error Handling Support
2013-09-17 07:07:19 -07:00
John O'Nolan
14d07ef98a Restyled delete post-settings menu item 2013-09-17 13:02:20 +01:00
Christopher Giffard
48b75fa396 Initial 404 Error Handling Support
Fixes #356

- Adds new generic methods for handling errors to errorHandling.js
- Initialises generic methods as middleware
- Created error.hbs view in admin
- Error handler searches for error.hbs view file in user theme folder
  and renders it if available, otherwise lets the error fall through
  to express.

- We *could* change the final behaviour to render a default ghost
  template should the user template be missing
- Because it currently isn't possible to require(ghost) in errorHandling.js,
  it was necessary to duplicate some aspects of the ghost path init code
  inside errorhandling.js. This should be cleaned up and moved back
  into ghost.js when possible.
2013-09-17 20:56:05 +10:00
Hannah Wolfe
83e655701c Post settings menu tweaks
closes #782, #783

- delete button hidden until ID
- publish date works before publish
2013-09-17 11:51:24 +01:00
Hannah Wolfe
750c19014a Populating admin email with user signup email
closes #775
2013-09-17 03:08:36 +01:00
Hannah Wolfe
c052fe82d8 Merge pull request #749 from cobbspur/urls2 2013-09-17 02:42:28 +01:00
Hannah Wolfe
16329ac6f0 Removing i18n until it's done properly 2013-09-17 02:41:40 +01:00
cobbspur
713e4c0d5c Adds slashes to urls
ref issue #448

- adds slashes to urls, templates and tests

TODO

Add function to add slash to urls automatically
2013-09-17 02:39:55 +01:00
Hannah Wolfe
79f75865a1 Error handling for the frontend routes 2013-09-17 01:54:36 +01:00
Hannah Wolfe
de7143bc62 Refactoring Ghost middleware
closes #657, closes #761

- Got rid of initTheme from ghost.js (yay)
- Divided up the logic for static assets and views
- Ghost admin static assets are now served from /ghost/
- New logic to figure out if we're on the admin, or a theme and which theme we are on
- Activate theme method reregisters static access and uncaches views
- Re-ordered all of the middleware, and ensured we had a 404 handler at the end
- Activate theme method ensures that middleware maintains order
2013-09-17 01:49:08 +01:00
Hannah Wolfe
8c26249d46 Adding extra paths to not allow slugs for 2013-09-17 01:48:56 +01:00
John O'Nolan
0b89335339 Fix debug tools layout 2013-09-16 18:53:09 +01:00
Hannah Wolfe
e3bc0b3151 Mail documentation link is clickable
closes #760

Also updating notification template missed in issue #729
2013-09-16 18:34:20 +01:00
Hannah Wolfe
84e84b0612 Merge pull request #767 from sebgie/issue#715
Escape RSS post title
2013-09-16 06:34:11 -07:00
Hannah Wolfe
cefa0e14ef Merge pull request #764 from matthojo/Flash-Bar
Renamed the notifications container
2013-09-16 06:07:55 -07:00
Sebastian Gierlinger
141361c40e Escape RSS post title
closes #755
- added html escape for post title
- changed author for rss feed to current user
- added simple test to check rss is working
2013-09-16 13:11:53 +02:00
Hannah Wolfe
522f47a217 Logo in admin goes to blog front
closes #537
2013-09-16 10:25:45 +01:00
Hannah Wolfe
1ee0d51660 Merge pull request #730 from jgable/gruntClientFiles
Compile assets with grunt
2013-09-16 01:57:08 -07:00
Matthew Harrison-Jones
2fe7eda8e2 Renamed the notifications container
Renamed from `#flashbar` to `#notifications`
2013-09-16 09:46:29 +01:00
Hannah Wolfe
8af09e2dd1 Merge pull request #762 from ericterpstra/402-pub-date
Enabled post setting to change published date
2013-09-16 01:10:33 -07:00
ericterpstra
71c99913f6 Enabled post setting to change published date
closes #402
2013-09-15 22:19:53 -05:00
William Dibbern
4b8806ec1d Infinite Scroll Pagination for content screen
Fixes #258

- Modified post collection to have default values for paging.
- Added scroll handler to content view to check for more posts and load
as appropriate.
- Sanitized result from server-side post paging, ensure page # is
returned as an integer.
- Added a functional test stub.
2013-09-15 18:34:23 -05:00
William Dibbern
07629dd9ab Publish button amendments
Fixes #667

- Removed superfluous as-of-yet-unused options in the publish menu.
- Adjusted display names of publish buttons according to differing
states the publish menu can be in (new post, saved draft, published
post).
- Added red highlight style to "important" status change options in the
publish menu (draft => published, published => unpublished).
- Added suite of functional tests around new labels and classes.
2013-09-15 14:52:09 -05:00
Jacob Gable
63eb9581ea Compile assets with grunt
- Made a helper called ghostScriptTags that will spit out the relevant
  script tags with version parameter; 4 unminified files in development,
  1 minified file in production.
- Added grunt concat and uglify tasks to build files into core/built
- Fixed some unit tests by making them native date objects
2013-09-15 14:06:42 -05:00
Sebastian Gierlinger
8f22737f04 Make settings() 'magic'
- access value directly by using ghost.settings('key')
- removed use of <key>.value
- removed workaround for activeTheme path
2013-09-15 19:52:37 +02:00
Hannah Wolfe
117f70dcfd Merge pull request #752 from sebgie/settingsapi
Add setting filter
2013-09-15 09:53:23 -07:00
Hannah Wolfe
8d038b8bf2 One exporter to rule them all
closes #733

- Exporter will read meta data to determine the tables which are present and export all data from those tables
- Exporter figures out which version to export, rather than requiring that information
- deleted old exporters
2013-09-15 17:04:42 +01:00
Sebastian Gierlinger
bd8db968ea Add setting filter
closes #172
- added type to ghost.settings()
- added /api/settings?type=<filter>
- added availableThemes to settingsCache
- removed cachedSettingsRequestHandler
- removed /api/themes (including front end)
- changed activePlugins to type "plugin" in default-settings.json
2013-09-15 18:04:01 +02:00
Hannah Wolfe
596c1dccd2 Updating example config file
- url first, replaced with temporary URL with documentation
- mail config is a commented out example
- mail documentation link in config and mail file
- no more staging
- gruntfile updated to generate correct docs
2013-09-15 15:45:18 +01:00
Hannah Wolfe
71a92194ca Improved error messaging
closes #748

- Removed the alpha software warning
- Better error message output for the whole app - can now specify an error, a context, and a help message
- Improved invalid node version, start and stop messaging
- Listens for Ctrl+C and exits nicely
- Minor improvements to handling and errors with old DBs (temporary)
2013-09-15 13:52:58 +01:00
Hannah Wolfe
9fa659aeee Merge branch 'new-data-model' 2013-09-15 00:36:54 +01:00
Hannah Wolfe
02436645fe Migration adds fixtures on first run only
closes #731, closes #732

- fixtures are imported using the models, rather than knex
- migration treats fresh installs differently
- migration throws errors for un-initialisable databases
- small amount of extra code to deal with old DBs still using currentVersion & give them a nice error message
2013-09-15 00:22:13 +01:00
John O'Nolan
19272a03cc New post title placeholder 2013-09-14 23:18:35 +01:00
Hannah Wolfe
b902f8109c Renaming default to defaultValue as default is reserved 2013-09-14 22:39:31 +01:00
Hannah Wolfe
9fcc0a6ed6 Renamed currentVersion setting to databaseVersion to avoid confusion with software version 2013-09-14 22:13:59 +01:00
Hannah Wolfe
d968495996 Mass renaming of things
Conflicts:
	core/client/views/settings.js
	core/server/models/user.js
2013-09-14 21:56:07 +01:00
Hannah Wolfe
d587a845d4 Set migrations to use new 000 schema
issue #632

- removed old schemas
- updated base model to reflect all of the consistent behaviours and properties across the models
- updated all models to match the new schema

TODO

- no fixtures are currently loaded except settings
- need to rename properties across the codebase
2013-09-14 20:01:46 +01:00
Hannah Wolfe
72229fa8ea Adding the new schema - it doesn't do anything yet
issue #632

- shiny new 000 file contains the new much more detailed schema
2013-09-14 19:17:41 +01:00
Hannah Wolfe
70824a247f Merge branch 'migrations-003' into new-version
Conflicts:
	.gitignore
	config.example.js
	core/server/models/post.js
	package.json
2013-09-14 19:15:04 +01:00
Hannah Wolfe
0b1ffcd1f5 Updating settings types
- issue #573, issue #632
2013-09-14 19:04:41 +01:00
Hannah Wolfe
dea7ac56ac Fixing config path in email 2013-09-14 18:34:21 +01:00
Hannah Wolfe
3fab1f708a Merge pull request #728 from skattyadz/default-settings-validations
Conflicts:
	Gruntfile.js
	core/server.js
	core/server/data/default-settings.json
	core/test/unit/admin_spec.js
2013-09-14 14:37:52 +01:00
Adam Howard
3823d10c35 Restructure default-settings.json and add validations to important settings. 2013-09-14 14:29:27 +01:00
Sebastian Gierlinger
7aca800f53 Remove path from activeTheme
no issue
- obvious
2013-09-14 14:08:38 +01:00
Sebastian Gierlinger
35a32279d9 Clean up config (drop 'env')
closes #628
- removed .env from config.js
- ghost.config() returns correct config for NODE_ENV
- removed .env[process.env.NODE_ENV]
- updated tests
- deleted users.hbs, plugins.hbs, appearance.hbs (forgot to delete in PR #649)
2013-09-14 13:14:00 +01:00
Hannah Wolfe
486c2b4eea Use software version in RSS
closes #723

 Still waiting on https://github.com/dylang/node-rss/pull/16 to get this to actually output
2013-09-14 12:12:27 +01:00
Gabor Javorszky
6c99b67ab3 Added client side validation
Closes #581.

* Basically adds the client side of node validator, that we're already using
* Validator is plonked onto `Ghost.Validator`
* Usage is identical as to https://github.com/chriso/node-validator
* Has sanitizing values et al
* `Ghost.Validator.error` is redefined, it populates Ghost.Validator._errors (Array)
* `Ghost.Validator.handleErrors` is supposed to print out the multiple error messages, if there are multiple (this is broken due to how notifications are presented `.html` instead of `.append`), and also apply class to element
* The ajax calls are wrapped in an if to prevent network traffic if something's not right on client side
* Added validation to general settings and user settings screens.
* On validation error, optionally adds `.input-error` to whatever element you reference, see below (if `el` exists on the error object). This is the only place where usage is different to the original implementation. Redeclared `error()` function in `init.js`
* Usage: `Ghost.Validate.check(valueToCheck, {message: "the error message", el: $('#the element')}).isEmail()`
* The element above will receive the `.input-error` class. `isEmail()` is one of the stuff you can check against.
2013-09-14 10:52:27 +01:00
Hannah Wolfe
486b2406b1 Merge pull request #722 from ericterpstra/370-post-settings-permalink
Added post-settings menu with edit permalink field
2013-09-13 14:31:49 -07:00
Hannah Wolfe
420986de62 Updating tag saving logic to never save duplicates 2013-09-13 21:38:53 +01:00
ericterpstra
e2bc5257a6 Added post-settings menu with edit permalink field
closes #370
- Added new Backbone view for post settings menu
- Moved sass styles to global.scss for post settings menu items
- Added field to change post slug (permalink) using existing slug
  validation
2013-09-13 12:36:38 -05:00
Hannah Wolfe
01f6551bf2 Small model update for tags and users
- tags are now created with uuid & timestamps
- user role is no longer a model, just a join done with attach
2013-09-13 15:06:17 +01:00
Adam Howard
f6b86a98ff Fix bug preventing tags from being saved when a Post is created.
Fixes #658
2013-09-13 14:30:22 +01:00
Hannah Wolfe
8c9bcf661f Merge pull request #707 from sebgie/stable-db-version
Remove path from activeTheme
2013-09-12 07:40:37 -07:00
Sebastian Gierlinger
212521712d Clean up config (drop 'env')
closes #628
- removed .env from config.js
- ghost.config() returns correct config for NODE_ENV
- removed .env[process.env.NODE_ENV]
- updated tests
- deleted users.hbs, plugins.hbs, appearance.hbs (forgot to delete in PR #649)
2013-09-12 15:25:58 +01:00
Hannah Wolfe
cc785cc981 Merge pull request #686 from matthojo/Sign-up-screen-UI
Improved Auth screen markup and validation checks
2013-09-12 06:25:27 -07:00
Hannah Wolfe
4cd9f79116 Merge pull request #703 from matthojo/Dashboard-Removal
Temporarily removed the Dashboard and all references
2013-09-12 06:19:59 -07:00
Matthew Harrison-Jones
2678de902d Improved Auth screen markup and validation checks
* Signup now focuses on 'name' on load
* Fixed fade in on auth forms to work with `display: table`
* The 'name' field is required on Sign up forms
* The length check on the Signup form is in order of inputs
* Added check for password length
* Changed the auth form class names to better represent individual pages
* Updated CasperJS tests
2013-09-12 09:59:58 +01:00
Sebastian Gierlinger
8d16b20c49 Remove path from activeTheme
no issue
- obvious
2013-09-11 19:51:56 +02:00
Matthew Harrison-Jones
a85e8e1efc Temporarily removed the Dashboard and all references
This also updates the CasperJS to match the new changes.
2013-09-11 15:38:09 +01:00
jamesbloomer
3e28803672 Ensure image uploads do not overwrite if they have the same name
closes #619
- check if uploaded image name exists in month/year path
- if unique then save
- if not unique then add -1 to the end of the name eg. image-1.jpg
- if image-1.jpg exists then increment to -2
- keep going until a unique name is found
- uses tail recursion as normal path will be to save the first filename and deep recursion will be the exception
- (the alternative of loading the names of all the files in the directory could result in a large in memory array)
2013-09-10 22:02:28 +01:00
Hannah Wolfe
687d7ed72d Changing icon setting to cover in defaults
issue #571

- forgot to do this
2013-09-10 20:05:35 +01:00
Matthew Harrison-Jones
2280276fdd Removed unused user menu items and linked "Help / Support" to the right place
Also updated CasperJS tests to support changes
2013-09-10 15:05:42 +01:00
Matthew Harrison-Jones
84c2767da6 Temporarily remove unused Post Menu options 2013-09-10 13:53:01 +01:00
William Dibbern
9064914829 Added redirect to get rid of /page/1/
Fixes #592

- Added *permanent* redirect to ensure `/page/1/` isn't used and that
`/` is used instead.
- Added pageUrl helper (and unit tests) to generate client side url
fragment for blog pages conforming to the above standard.
- Updated pagination helper to use new `pageUrl` theme helper.
- Added functional tests for redirects and added scaffolding for
functional frontend tests in general.
2013-09-09 18:32:44 +01:00
Hannah Wolfe
0b3f2797e9 Fix for file upload paths on Windows
closes #669

- override incorrect path separators with / in the src for an image.
2013-09-09 17:19:58 +01:00
Hannah Wolfe
bbbfed9921 Temporary aliasing on the User model
issue #389

- Output only aliases (saving data with these keys won't work) gives us the right names in the theme API
2013-09-09 15:25:20 +01:00
Hannah Wolfe
add7136bd6 Merge pull request #660 from sebgie/issue#626
Remove {{nav}} helper
2013-09-09 06:11:06 -07:00
Hannah Wolfe
d01a4c4662 Merge pull request #665 from JohnONolan/ie
Remove detection for IE7 and lower
2013-09-09 04:36:40 -07:00
John O'Nolan
42a011d6a9 Introducing chromeframe, correcting content type meta tag. 2013-09-09 13:03:36 +02:00
Sebastian Gierlinger
1da0a15be2 Remove {{nav}} helper
closes #626
- removed nav from config.js
- removed navHelper
- removed navHelper tests
- removed core/server/filters
2013-09-09 13:00:56 +02:00
John O'Nolan
935afbf873 Remove detection for IE7 and lower 2013-09-09 12:58:48 +02:00
Hannah Wolfe
946544996c Updating forgotten password email template
closes #288

- added sign off using url from config
2013-09-09 11:51:12 +01:00
Hannah Wolfe
3f51d51e47 Merge pull request #656 from JohnONolan/signup-screen
Signup screen
2013-09-09 01:59:32 -07:00
Hannah Wolfe
4307f48084 Merge pull request #655 from cobbspur/userprofile
User Profile Image Upload
2013-09-09 00:59:57 -07:00
John O'Nolan
229597d341 Input signup name into user profile 2013-09-08 21:16:40 +02:00
cobbspur
9ce0e9f4a0 User Profile Image Upload
closes #280

- adds image uploader to user profile page.
- click on cover picture or change cover button to open file upload modal.
- created new upload modal that extends model to reduce some code duplication
2013-09-08 17:19:57 +01:00
John O'Nolan
4b40bb5aab Center login form with CSS instead of JS 2013-09-08 17:12:25 +02:00
Sebastian Gierlinger
d9fb23496c Clean up config (non-env based settings)
closes #625
- removed defaultLang, forceI18n and activePlugins from config
- added values to default-settings.json
- updated to use values from settings
2013-09-06 18:46:50 +01:00
Hannah Wolfe
630c03d4d4 Fixing issues with {{url}}
closes #639

Updated url helper to work
Updated tests
Changed helper.js in tests/unit to be called testUtil to avoid confusion
2013-09-06 18:23:22 +01:00
Sebastian Gierlinger
27ba9289d6 Add setting for posts per page
closes #593
- added default setting of 6 posts per page
- added posts per page to settings page
- added limit to frontend.js (setting does not change API behavior)
2013-09-05 14:56:09 +02:00
Hannah Wolfe
5bae29a0db Merge branch 'master' into migrations-003
Conflicts:
	core/server/data/migration/index.js
	core/server/models/post.js
2013-09-05 12:40:43 +01:00
Hannah Wolfe
ddcc7b78b6 Removing api calls from server side
closes #603, issue #395

- Changed hard-coded 'JOE BLOGGS' to use author data
- We still had api calls loading data server side before rendering pages.. which is unnecessary.
- Only thing using this was editor title, which is now populated client side
- May improve content screen load time.
2013-09-04 21:51:54 +01:00
Hannah Wolfe
c469d05c46 Mail settings are per environment
closes #624

- example mail setting in development config
- updated mail module & tests
2013-09-04 16:15:21 +01:00
Hannah Wolfe
21487aa802 Email errors & cleanup
closes #618

- don't send a welcome email. This appeared to be breaking tests.
- make sure we handle errors from sending emails properly
- use promises when adding notifications
2013-09-04 15:04:25 +01:00
Adam Howard
e24b5c3382 Proper settings infrastructure, allowing new features without compromising old data.
On server load, check for settings which have not been set, and apply a default value to the settings table from a JSON file.
2013-09-03 22:56:34 +01:00
Hannah Wolfe
36874badd5 Merge pull request #587 from javorszky/iss288
Email sending with Sendgrid plus password reset
2013-09-02 15:44:48 -07:00
Hannah Wolfe
d1db0db073 Merge pull request #614 from ErisDS/theme-globals
Theme globals
2013-09-02 15:07:08 -07:00
Hannah Wolfe
552a25018f Absolute option for {{url}} helper
- pass absolute to {{url}} to get an absolute url rather than a relative one
2013-09-02 22:06:16 +01:00
Hannah Wolfe
599d233be9 RSS Feed Autodetection
closes #599

- {{ghost_head}} now outputs feed link tag
2013-09-02 21:57:26 +01:00
Hannah Wolfe
1ff9550e1f User property aliases
issue #389

 - Temporary aliases for user model, schema will be changed soon, in the meantime we want themes to be built using the right properties
2013-09-02 20:58:49 +01:00
Hannah Wolfe
53063366e0 Fallbacks and defaults for {{date}} helper
closes #608

If no context is specified, falls back to using published_at
If published_at is not available, will output today's date
2013-09-02 20:58:49 +01:00
cobbspur
e43029e894 Modified body_class helper
closes #591

- body_class helper returns archive-template class on archive pages
- added to unit tests
2013-09-02 20:13:48 +01:00
Hannah Wolfe
13646f9ef6 Blog URL per environment
closes #572

 - Moved the siteUrl setting into each individual env config.
 - Updated app start and RSS to use the new config
2013-09-02 15:50:14 +01:00
Hannah Wolfe
4d4d4ac0e6 Merge pull request #604 from jgable/fixRssLink
Fix RSS urls
2013-09-02 07:41:56 -07:00
Hannah Wolfe
76c2ff6818 Merge pull request #574 from sebgie/issue#488-2
Adding theme switcher to settings/general
2013-09-02 03:25:10 -07:00
Jacob Gable
3d2f03a08f Fix RSS urls 2013-09-01 20:34:26 -05:00
Hannah Wolfe
7570599252 Merge pull request #564 from skattyadz/tags-squashed
Add post tagging functionality
2013-09-01 17:50:21 -07:00
Gabor Javorszky
5999d01b7d Repaired email sending, implement password reset
Closes #288
* I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`)
* Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.
2013-09-01 00:20:12 +02:00
Ricardo Tomasi
56619a87f8 Implement e-mail sending 2013-08-31 22:21:33 +02:00
Adam Howard
d90df55b75 Add post tagging functionality
closes #367
closes #368

- Adds Tag model with a many-to-many relationship with Post
- Adds Tag API to retrieve all previously used Tags (needed for suggestions)
- Allows setting and retrieval of Tags for a post through the Post's existing API endpoints.
- Hooks up the editor's tag suggestion box to the Ghost install's previously used tags
- Tidies the client code for adding tags, and encapsulates the functionality into a Backbone view
2013-08-30 16:20:22 +01:00
Hannah Wolfe
5a908bd3d3 Merge pull request #569 from gotdibbs/Issue469
Strip whitespace on post titles
2013-08-30 07:23:13 -07:00
William Dibbern
94f262a697 Strip whitespace on titles
Fixes #469

- Added client-side trimming of title on blur if it is not already
trimmed.
- Added server-side trimming of title on 'saving' event of post model.
2013-08-30 08:04:32 -05:00
Sebastian
4525c355af Adding theme switcher to settings/general
closes #488 and #107
- added dropdown for theme selection on general page
- added GET /api/v0.1/themes to retrieve available themes
- modified settings model to get available themes
- modified updateSettignsCache to remove path from settings.activeTheme
2013-08-30 13:20:30 +02:00
William Dibbern
9a089ecee3 Save post button now stays spun up
Fixes #352

- Removed one-off styles and code for the publish button. Publish button
now uses data-toggle attribute wired up in toggle.js and forms.scss.
- Ensured split button common styles are up to date to conform with
vendor prefixing of transform properties.
2013-08-29 22:16:16 -05:00
John O'Nolan
68704db01a Updated Icons
Closes #556
* New Ghost Logo Icon
* New Lightning Icon for plugins screen
* Remove old Ghost Logo Icon
* Moved #ghost to .ghost-logo to clean up conflicts with editor, previously fixed with dodgy overnesting
2013-08-29 19:06:47 +02:00
John O'Nolan
ce3909d6d9 Updated pagination helper with cleaner markup. 2013-08-29 16:43:47 +01:00
Hannah Wolfe
0a89cf12b2 Merge pull request #459 from ErisDS/showdown-gfm
Adding Github Flavored Markdown support
2013-08-29 07:39:42 -07:00
Hannah Wolfe
f318d164d4 Adding Github Flavored Markdown support
closes #422, issue #295

- Added GFM mode to codemirror
- Took the github.js extension for Showdown and added all useful behaviour
- Now supports strikethrough, line breaking and
  multiple underscores, and auto linking urls & emails without breaking
  definition urls
- Also added definition url handling in preparation for #295
- Added unit tests for the extentions individually and integrated with
  showdown
2013-08-29 14:32:09 +01:00
Hannah Wolfe
f9ace100fb Merge pull request #549 from pmgarman/rss
Add RSS Feed
2013-08-29 06:07:37 -07:00
Hannah Wolfe
840c46e4da Merge pull request #547 from cobbspur/dropzone2
Improved dropzone
2013-08-29 05:44:48 -07:00
Patrick Garman
8030946095 Add RSS Feed
Issue #366
- adds node-rss dependency
- adds /rss/ and /rss/:page/ routes which return XML RSS 2.0 feed
2013-08-28 10:36:32 -05:00
cobbspur
7ca3da398a Improved dropzone
- Made fail warning and button display none to reduce DOM content.
- Made toolbar red for fail not orange
- Fixed loading-cat  which was persistent in cases of low bandwidth (particularly downstream)
2013-08-27 19:54:06 +01:00
cobbspur
5c12c78d00 added url handlebars helper
closes #528

- adds method (isPost)to models index.js that returns true if content, content_raw, title and slug are valid properties
- adds url helper which checks context is post using  isPost method
- adds unit test to check a url is prefixed with  /
-adds unit test which checks for empty string if either of the 4 properties above are not present.
2013-08-26 23:58:35 +01:00
John O'Nolan
12d53dead6 Move pagination to class rather than ID
Pagination could conceivably be used in more than one place on a page (eg. both top and bottom). For that reason it should probably have a class rather than an ID.
2013-08-26 02:29:44 +02:00
Hannah Wolfe
c70dfde7e3 Agressive stripping of the model attributes
- fixes #517
- prevents this from occuring again in future with other relations
- validation function & stripping done for all models
- casper test for flow, plus validation & logged out tests
2013-08-25 18:12:27 +01:00
Hannah Wolfe
41e36cca7e Validation consistency
- introduced validation method in the post and user model
- moved signup validation onto model
- consistent use of validation & error messaging in the admin UI
- helper methods in base view moved to a utils object
2013-08-25 18:10:12 +01:00
Hannah Wolfe
052aa57360 Merge pull request #512 from gotdibbs/Issue443
Rename /logout/ to /signout/ and /login/ to /signin/
2013-08-25 10:06:53 -07:00
Hannah Wolfe
da0ab62989 Merge pull request #525 from cobbspur/helpers
renamed helpers to body_class and post_class
2013-08-25 08:29:20 -07:00
cobbspur
fbe44a041c fixes missing helper
closes #521

- changes handlebars default missing helper function to log error instead of throwing error
2013-08-25 15:45:44 +01:00
cobbspur
ce0f1aae46 renamed helpers to body_class and post_class
closes #508

- changed bodyclass helper to body_class and updated unit test
- changed postclass helper to post_class and updated unit test
2013-08-25 14:49:57 +01:00
Hannah Wolfe
c63012a678 Merge pull request #524 from cobbspur/helpers
added ghost_head and ghost_foot helpers
2013-08-25 06:41:34 -07:00
cobbspur
00d36e976d added ghost_head and ghost_foot helpers
closes #382, closes #383

 - added helper called ghost_head to insert meta data with current version of ghost
 - added helper called ghost_foot to insert script tag for jquery
 - added unit test for both helpers
 - removed trailing slash from ghost.js for 'shared' path and removed from outside of loop as it is shared on front and backend
2013-08-25 14:34:35 +01:00
John O'Nolan
8ac173aa19 Rename classes applied to {{bodyclass}} to be less generic 2013-08-25 12:06:52 +02:00
William Dibbern
d7521958d5 Rename /logout/ to /signout/ and /login/ to /signin/
Closes #443
- Renamed routes
- Added redirects for old routes
- Added unit test for redirect
- Updated references to old routes in templates, html
2013-08-24 22:38:48 -05:00
Hannah Wolfe
6f05812377 Merge pull request #503 from sebgie/questionmarkbug
Fix for post with '?'
2013-08-24 08:06:51 -07:00
Hannah Wolfe
60c7643a58 Merge pull request #438 from cgiffard/hbs-helper-author
Template Helpers: Added author hbs helper
2013-08-24 07:45:36 -07:00
Sebastian
9ee91b3547 Fix for post with '?'
closes #433
- if slug is empty after trimming use "post" as slug instead
2013-08-23 18:49:45 +02:00
Christopher Giffard
4397bcf86e Template Helpers: Added author hbs helper
Fixes #358

 - Altered post model to enable eager loading of author and
   user relationships
 - Fixed broken base model toJSON method, which prevented
   eager resolution of relationships (thanks @tgriesser)
 - Passes author information to template.
 - Added unit tests for author helper.
 - Added unit tests for findOne and findAll additions to Post Model
   which take into account the eager relationships

 Usage:
 `{{author}}` -- returns the full name of the post author
 `{{author.attribute}}` -- returns property of the current post author
 as described by the user model
2013-08-23 19:13:32 +10:00
Hannah Wolfe
ba8bdf7dd7 Merge pull request #496 from javorszky/iss468
Added brute force protection to login
2013-08-22 14:19:05 -07:00
Hannah Wolfe
98e4923077 Added bodyclass and postclass helper
closes #472

- filterable as array, output as string
- with unit tests
2013-08-22 21:01:20 +01:00
Hannah Wolfe
2d3e2f36b1 Merge pull request #493 from ErisDS/helpers
Added excerpt helper
2013-08-22 12:56:01 -07:00
Gabor Javorszky
368eb7a352 Added brute force protection to login
Closes half of #468
* adds a 2 second limit until you can retry logging in, otherwise sends you a 401.
* bounce: 2ms, checks the pw: 254ms on my machine
* added a test to the casper suite
2013-08-22 20:48:36 +01:00
cobbspur
3ac82f14a0 rename helpers paginate -> pagination, dateFormat -> date
closes #381

- renamed entries for dateFormat in helpers to date
- renamed entries for paginate in helpers  and unit tests to pagination
2013-08-22 20:42:54 +01:00
Tim Griesser
c83835a811 fixes incorrect toJSON extension, for eager loaded models 2013-08-22 13:53:46 -04:00
Hannah Wolfe
2afa81bc1e Added excerpt helper
closes #471

- strips HTML aggressively
- with unit tests
2013-08-22 15:51:30 +01:00
Jacob Gable
23ee4cadc3 Fix redirect loop when no content 2013-08-21 09:05:17 -05:00
Hannah Wolfe
4cc3a11cda Manually merging pull request #439 from javorszky/iss354
Conflicts:
	core/client/views/login.js
2013-08-20 10:11:09 +01:00
Gabor Javorszky
be7ed2dfdc Added validation for signup and login screens
Closes #374
* Included node-validator as a package
* Implemented server side validation (the client side js is a mess, need a LOT of work)
* Validates email address both on signup and login screens, gives error message on malformed email addresses
* Requires at least 8 chars of password
* Tells user if password is too short
* Tells user if no such user on login
* Tells user if wrong password on login
* Tells user if server responds with a 404 (goes away, dies, etc)
* Added middleware between req and login / signup for validation
2013-08-20 09:42:42 +01:00
Gabor Javorszky
4e1aa2119c Removed flash, renamed file, unbroken logout / login request notifications
Closes #354
* Reintroduced the redirect functionality (not logged in, tries to go to `/settings/user/`, is sent to `/login/` with info notification, after login user is taken to `/settings/user/)
* Reintroduced the "Successfully logged out" message
* Added middleware to scrub passive notifications from `ghost.notifications` after one use basically mimicing client side passive notifications
* Removed flash from everywhere. Even from package.json.
* Renamed flashed.hbs to notifications.hbs, modified default.hbs accordingly
* Added function to parse GET variables on client side
2013-08-20 08:15:06 +01:00
Jacob Gable
a1d00b56b2 Trim title and don't allow negative pages
Added a .trim() to the slug generation and redirect to the first page if
the page parameter is parsed as less than 1.
2013-08-19 21:18:39 -05:00
William Dibbern
4f2421fac7 MySQL Support
Closes #364
- Confirmed integration with local mysql installation works.
- Updated fixtures and migration with appropriate schema-conforming
values.
- Updated schema with appropriate defaults and nullable columns.
- Updated fixDates function on model base to appropriately deserialize
values coming from SQLite now that dates are stored as actual DateTime
objects/ISO strings.
- Updated default language to be 'en_US'.
2013-08-19 17:25:02 -05:00
Hannah Wolfe
5cb8b640da Merge pull request #454 from skattyadz/login-on-register
Immediately log in when a new user account is created
2013-08-19 13:46:06 -07:00
Hannah Wolfe
fd77d4bb04 Merge pull request #420 from jgable/fix412
Redirect to last page of posts
2013-08-19 13:43:26 -07:00
Jacob Gable
bbd60a6f23 Redirect to last page of posts
If requesting a page of posts that is above the total number of pages,
redirect to the last page of posts.
2013-08-19 09:35:52 -05:00
Adam Howard
6c829a0d63 Immediately log in newly registered users - removing the additional login step 2013-08-19 13:59:30 +01:00
John O'Nolan
2cb471e97c Added functional user profile url to user dropdown menu. 2013-08-19 08:36:29 +02:00
Hannah Wolfe
fd33b276a0 Merge pull request #419 from jgable/postPermissions
Edit Post Permissions
2013-08-18 12:11:55 -07:00
Jacob Gable
53061a4c04 Fix multiple title slug generation
Change slug generation to not append multiple hyphens
2013-08-18 13:23:15 -05:00
Jacob Gable
bbe5105048 Edit Post Permissions 2013-08-18 12:28:05 -05:00
Hannah Wolfe
e765af4633 Merge pull request #404 from matthojo/mobile-interactions
Mobile interactions
2013-08-18 09:19:06 -07:00
Gabor Javorszky
f6d164b5d8 Current user added
Closes #340. Closes #375
* Replaced session with id of current user
* Added method to ghostlocals to always send profile picture and full name to templates (template checks if falsy)
* Modified user saving (`forge().set(new).save()` died on me, `forge().save(new)` didn't)
* If user has profile picture, that will be used
* If user has name, that will be used
* Password changing doesn't care about your email. Uses cookies. Tasty!
* User pane uses current user id. Had to set path to me, otherwise goes to `browse` instead of `read`.
* Added logic to user api to check for `id === 'me'`, and then use the cookie value
* User data saves are now correct
* There is no logout error
2013-08-17 22:02:46 +01:00
Matthew Harrison-Jones
6170acb670 Improved mobile interactions
This is simply a commit which improves the mobile interactions. This does not fix UI problems on mobiles.

New interactions;

Menu
* Swipe right on header to show sidebar
* Swipe left on sidebar to hide

Content
* Tap / Swipe left on item to show preview
* Swipe right to show content list

Settings
* Tap / Swipe left on link to show settings
* Swipe right on settings to show links
2013-08-16 12:44:11 +01:00
cobbspur
66278534dc fixes extensions bug for image uploader
- extensions set to lowercase
- changed navigation images to hyphenated names and corrected references
2013-08-13 21:04:07 +01:00
Hannah Wolfe
c9ec5df9d6 Merge pull request #394 from ErisDS/path-rejig
Improving the use of paths in Ghost
2013-08-12 08:10:31 -07:00
Hannah Wolfe
cbcd3c8efe Improving the use of paths in Ghost
fixes #392

- adds appRoot, and uses this to calculate other paths
- removes path calculations from loader
- remove the themedir setting in config.. completely unnecessary
- highlights just how important #360 is
2013-08-12 15:37:23 +01:00
John O'Nolan
8762f531a7 Removed my personal information from fixtures as Ghost is starting to get deployed more frequently now for testing purposes.
Don't want random test sites accidentally ranking in search engines for my name.
2013-08-10 15:42:54 +02:00
Christopher Giffard
e484d9224e Themes: Added truncation to hbs content helper
Fixes #256

- Developed and linked new module, downsize, for tag-safe truncation
- Altered existing content handler to accept options for truncation
- Added tests for handler

Using truncation:

{{content words=10}}
{{content characters=256}}
2013-08-07 19:45:37 +10:00
Hannah Wolfe
2f11f053ab Minor code cleanup, docs and other bits & pieces 2013-08-06 22:24:40 +01:00
Hannah Wolfe
eac3047d45 Merge pull request #339 from javorszky/iss282
Users can change password
2013-08-06 01:17:43 -07:00
Hannah Wolfe
226e641602 Merge pull request #338 from cobbspur/upload-plugin
Added image upload reusable plugin
2013-08-06 01:02:30 -07:00
Gabor Javorszky
071f9769c6 Users can change password
Closes #282
* Added a new route
* Added new methods
* Triple security!
* Passwords are actually changed
* Also added a change password button, because 'save' has too much baggage.

On security: checks whether you're logged in. Then checks whether your old password is actually the one that belongs to you (gets value from the email field for the email, see caveat no2). Checks the new passwords for === and length > 6 on client and server side as well. And THEN changes passwords.

Caveats:
* didn't add a test, as mocha fails spectacularly on my machine. SQLITE_CORRUPT: database disk image is malformed. Cute, huh?
* Because we don't have / I'm not aware of / could not find a "currentuser" variable, I need to get the email address of the user we want to change from the email field. Theoretically if they replace that with another user's email address, and supply their pw, they will change THEIR password instead of their own.
2013-08-06 00:49:06 +01:00
cobbspur
558c9d6caa Added image upload reusable plugin
issue #40 and issue #280

- Adds uploader jquery plugin
- includes settings for enabling/disabling upload progress bar
- adds routing for image uploads
- adds directories by year and month based on upload date
- Implements plugin on settings - general pane
- Implements plugin on editor
- adjusted general tab to save uploaded image src

TODO:
- Add error handling
- Storing information on editor
- Add events
2013-08-05 23:01:48 +01:00
Hannah Wolfe
1815656778 Merge pull request #267 from jgable/pluginApi
Initial Plugin API Implementation
2013-08-05 12:29:19 -07:00
Hannah Wolfe
52dc22c952 Editable user profiles in settings screen
closes #276

 - settings screen now loads a model when a pane is requested, rather than when the whole screen is requested
 - added browse, read and edit methods and routes for users to the API
 - added user model & template to client and wired everything up.
 - provided default images for cover and profile picture
2013-08-05 18:26:44 +01:00
Jacob Gable
0238909281 Initial Plugin API Implementation
Implements basic functionality described in #227 for loading plugins
from a specific directory and having a specific workflow with an init()
method and a disable() method.
2013-08-05 11:15:17 -05:00
Gabor Javorszky
6c48505701 Fixed persistent success notifications
Closes #333
* Refactored the Ghost.Notifications View bundle
* Added a new initialization of the NotificationCollection (hacky, but at least satisfies JSLint). This was needed as the reason the persistent success notification couldn't be dismissed was that prerendered DOM elements weren't picked up as BB Views beforehand, and thus no events were bound to them.
2013-08-05 13:56:30 +01:00
Hannah Wolfe
338109c762 Data models import, export, and reset for 002
- added line to index.js to set node_env to development if it is not set
 - fixed a small bug with the persistent notifications and used them on debug page from server side
 - added 002 files to manage export and import for 002
 - 002 import is somewhat smarter than 001, merging settings (except version), replacing user & clearing primary keys
 - added reset to models and migration, which does the down operation the same way that init does the up operation
 - import and reset clear session & redirect to login / signup
 - additional unit tests
2013-08-05 13:56:30 +01:00
ErisDS
2a5e7ad516 Data model additions for post tags, custom data and uploads
closes #171, closes #314, closes #315

- added settings for blog logo and icon
- all other settings will need to be added as needed as it's impossible to guess what the default value should be
- added tables for post tags
- added tables for post custom data
- added location column to users
- fixeed minor bug in migrations
2013-08-05 13:56:30 +01:00
Jacob Gable
9393a956f4 Magnificent Migrations of Magical Majesty 2013-08-05 13:56:30 +01:00
Hannah Wolfe
2d8b5ea8c1 Backbone template cleanup
- Ghost.View now extends Ghost.TemplateView giving all views access to subviews and templates
- Views which implemented templates no longer need to
- Some views needed to re-override render which is a bit annoying
- Settings screen now has sub-templates for each pane and for the sidebar
- Additional Casper tests for settings screen
2013-08-03 16:37:06 +01:00
Hannah Wolfe
c30187ad20 Merge pull request #326 from matthojo/admin-temp-removal
Removed `admin-ui-temp.js` and moved code to it's relative places
2013-08-03 07:21:10 -07:00
Hannah Wolfe
373f64a2bd Revert "Merge pull request #318 from matthojo/mobile-interactions"
This reverts commit f18c7f22c3, reversing
changes made to 4ea9d77b11.
2013-08-01 22:19:20 +01:00
Matthew Harrison-Jones
41aa2b9012 Removed admin-ui-temp.js and moved code to it's relative places 2013-08-01 15:28:13 +01:00
Hannah Wolfe
a15210d2dc Merge pull request #323 from javorszky/iss278
Login / Signup forms now use Backbone
2013-08-01 06:20:05 -07:00
Hannah Wolfe
f18c7f22c3 Merge pull request #318 from matthojo/mobile-interactions
Improved mobile interactions
2013-08-01 00:12:25 -07:00
Gabor Javorszky
f36dc3c942 Login / Signup forms now use Backbone
* Moved most of control code to `core/client`
* Implemented ajax checks
2013-08-01 02:11:45 +01:00
Matthew Harrison-Jones
efeede877d Improved the semantics of the Settings page
This introduces a new class of `.form-group` to replace the label containing the elements.

I have also included `name=""` attributes to inputs where there were non.
2013-07-31 12:40:46 +01:00
Hannah Wolfe
6a2851e9ca JSLint fixes for new version
- forgot to force install
- had to clean up grunt task now we no longer need the 'm' alias
- cleaned up a couple of issues it wasn't picking up before
2013-07-31 09:21:22 +01:00
Matthew Harrison-Jones
27b85744f1 Improved mobile interactions
This is simply a commit which improves the mobile interactions. This does not fix UI problems on mobiles.

New interactions;

Menu
* Swipe right on header to show sidebar
* Swipe left on sidebar to hide

Content
* Tap / Swipe left on item to show preview
* Swipe right to show content list

Settings
* Tap / Swipe left on link to show settings
* Swipe right on settings to show links
2013-07-30 15:27:38 +01:00
Hannah Wolfe
97eb827d47 Replaced user menu label with current Ghost version no
closes #286
- added current version as an app.local variable available on both client and server
- swapped out the user menu label for the version no
2013-07-30 12:56:16 +01:00
ErisDS
273e2172cb Bugfix: data export path wasn't changed during restructure 2013-07-24 23:22:33 +01:00
Ricardo Tomasi
814a3d66b7 Move shared third-party libraries to /shared/vendor 2013-07-24 23:21:57 +01:00
Matthew Harrison-Jones
d59f0809cd Started a jQuery utilities file for Ghost jQuery plugins and helpers 2013-07-24 11:15:10 +01:00
Matthew Harrison-Jones
7111960fac Added in Modals 2013-07-24 11:15:09 +01:00
Hannah Wolfe
c2ac06cf0c Merge pull request #298 from matthojo/Markdown-Fixes
Additional Keyboard Shortcuts and improvements to text highlighting
2013-07-23 11:44:14 -07:00
Matthew Harrison-Jones
32b245c53c Fix notification positions
Also fixes the previous editor notification fixes to not include `calc()`
2013-07-22 14:41:27 +01:00
Matthew Harrison-Jones
e7cea72935 Fixes wrong positioning of notifications. 2013-07-22 14:41:27 +01:00
Gabor Javorszky
b77a8fd0d9 Notifications on front end
Should close #37. There are persistent and passive notifications.

Persistent ones:
* are stored on `ghost.notifications`.
* have an api made to add / remove them with client side ajax logic (probably not the most elegant, but works)
* uses a modified `flashes.hbs` template
* will only disappear if user closes the bar
* stack

Passive
* added with backbone view / collection combo
* stack
* disappears on navigation and when user closes it
2013-07-22 14:41:27 +01:00
John O'Nolan
d337e16afe Merge pull request #296 from matthojo/Plugin-Management
First pass at Plugin Management design conversion
2013-07-22 04:22:37 -07:00
John O'Nolan
ae348edbdb Merge pull request #293 from matthojo/Remove-Codemirror-CSS
Removed CodeMirror Stylesheet file and moved over required CSS
2013-07-22 04:22:19 -07:00
Matthew Harrison-Jones
f85bbd5422 Improve title casing 2013-07-18 14:42:16 +01:00
Matthew Harrison-Jones
482da669aa First pass at Plugin Management design conversion 2013-07-18 11:36:37 +01:00
ErisDS
4fd9556904 Fixing up validation and tests for pagination helper where prev and next are undefined by default, rather than null. 2013-07-17 14:37:52 +01:00
cobbspur
115996b88d improves unit testing for pagination and fixes pagination partial template (removed extra </nav>)
removes console logs for error handling in testing and travis environments
2013-07-16 19:57:19 +01:00
Matthew Harrison-Jones
ce8ed96348 Removed CodeMirror Stylesheet file and moved over required CSS
Fixes #6.
2013-07-16 12:14:17 +01:00
ErisDS
b3b296f003 New fixture
- added new getting started fixture
- closes issue #13
2013-07-11 23:10:19 +01:00
Hannah Wolfe
3d3d42bd7c issue #245
hbs templates not building with correct paths
missed a couple of assets paths in settings
2013-07-11 21:00:41 +01:00
Hannah Wolfe
30b4eb07f7 App restructure - closes #245
- This is a first pass at getting a more logical structure. The focus is on moving from admin/frontend to client/server.
- The location of the databases is highly important, this isn't expected to change again
In the future
- client/assets should probably become public/
- more stuff should be shared (helpers etc)
- cleanup some confusion around tpl and views
2013-07-11 20:23:34 +01:00