No Issue
- Adds contextual classnames to Nav Bar links
- Various test updates
TODO
- Increase test coverage for new admin UI
- Fix up Caspertests for new Admin UI
closes#5288
- use the config.blogURL as the frontend URL from the admin
- we know this is given to us without a trailing slash, so it's 100% safe to hard code this
- TODO: make all of the url generation a lot nicer i.e. #1833
Refs #5097
- All drafts will show a preview link (this needs real css)
- Published posts will redirect
- prev/next post helpers only activate on published posts
- Powered by ~10 pints between the two of us (@ErisDS, @novaugust)
no issue
With the introduction of the prev/next helpers (and soon, get helper) we can no longer make any assumptions
about exactly which pages need to be cleared from the cache when a post is published/unpublished.
refs #2263, #4888
- Adds media:content element to Ghost Rt pSS feeds containing the post cover image if one is available
- Removes the prepending of the image to the `<description>` field
- Keeps the prepending of the image in `<content:encoded>`
refs #2263
- Switch content type back to text/xml
- Use content:encode for full content
- Use meta description or first 50 words of content for description
- if the user has filled out their email already when they hit 'forgotten password' then automatically fill out and submit the form
- this will look better when we have spinners on the buttons
closes#4368, fixes#1240 (spellcheck), fixes#4974 & fixes#4983 (caret positioning bugs)
- Drop CodeMirror in favour of a plain text area
- Use rangyinputs to handle selections cross-browser
- Create an API for interacting with the textarea
- Replace marker manager with a much simpler image manager
- Reimplement shortcuts, including some bug fixes
no issue
- It should not be possible to provide a different ID in the object being edited to that provided in the URL
- We now send the id to check object to ensure there is a match
Credits: Matteo Beccaro
closes#4262
- implementation based on #1545
- added integration test. Modified mocked posts because code requires published_at timestamps to be different.
- fixed 2 broken tests that depended on mocked posts to have "new Date()" as their timestamps
- added checks to only query db if next/previous post requested
Ember.ObjectController (and Ember.ArrayController) will be deprecated in
Ember 1.11 (and removed from core in Ember 2.0). The reasoning is
detailed in the Ember 2.0 RFC.
This PR does the following:
* Updates templates/controllers/views to explicitly reference model
properties (instead of relying on proxying behavior).
* Clearly delineate where certain properties are being set or retrieved
from (for example it was not clear exactly where `scratch` and
`titleScratch` were stored).
* Remove usage of `Ember.ObjectController`.
* Add JSCS rule to prevent future PR's from adding regressions.
No Issue
- Wait for list item element to appear before starting tests
to make sure template partial has been rendered.
- Remove test for 20 list items as it's possible that there
could be fewer than 20 contributors for during the window.
Instead just test to make sure the list has at least one item.
Closes#4508
Tests for:
- Version number is a number
- Database type is an allowed 1 of 3
- There are 20 contributors
- First contributor has an image tag and image src exists, alt tag, title tag, href to github
closes#4498
- remove toJSON code which returns only IDs from objects
- don't auto-include tags & fields in post responses
- don't auto-include roles in user responses
- fix #allthethings that made assumptions about the auto-includes, or otherwise were only working because of the auto-include
Closes#623
- Add basic init and eventing scaffold
- Add sitemap-index.xml generation
- Broke out generators to individual files, added request handler
- Add page, author and tag xml files; add index mapping
- Add SiteMapManager unit tests
- Add Generators tests
- Cache invalidation headers for sitemap-*.xml
- Redirect sitemap.xml to index and rename to sitemap-index
- Handle page convert and publish/draft changes
- Add very basic functional test for route existence
- Add cache headers to sitemap routes
- Every route can set a title token that is combined with the blog’s
title, resulting in titles like ‘Content - Test Blog’.
- Subroutes are supported (‘Settings - General - Test Blog’)
- The blog’s name is applied to and taken from the `config` object to
spare Ember a REST call via `store.find(‘settings’)`.
- Tests have been changed to test for the new titles.
- The initially proposed solution
(https://github.com/paddle8/ember-document-title) doesn’t play nice
with EAK, which is why I went with this solution
(https://gist.github.com/machty/8413411) by Ember.JS core dev @Machty.
no issue
- changes the content type for the RSS feeds from text/xml to
application/rss+xml
- changes the link rel=alternate tag to use an absolute URL for the feed
in the blog meta data
Continues on from #4401
- Reformats the Sass to match our new style (property order, comments, & white space)
- Changes the modal container to a class from an ID (and adjust tests)
Closes#4277
- Increase the wait time for forked processes to spin up.
- If we give up on waiting for a forked process, send it a
kill signal so if it comes alive later it doesn't sit in the
background forever.
- Fail fast if test setup fails instead of waiting for the timeout.
Closes#4316
- Ember@1.8.0.
- Ember-Data@1.0.0-beta.11.
- Change templates to use new Ember.Select syntax and other minor
cleanup.
- Adjust functional tests.
no issue
- Some of the tests were duplicated and all of these tests are faster and easier to do with super test as we aren't testing interactions
- Introduced a new test util to toggle permalinks which allows us to test the different structures
- Using cheerio in route tests to test the HTML / XML output is well formed
issue #4305, issue #4259, issue #1413
- change new->edit transitionToRoute to be replaceRoute
- auto focus in the editor on transition to the edit route
- change the one-time autosave to happen on codemirror focusin instead of title focusout
- re-add removed tests, and reorder broken test
Refs #4259
- Auto-save new post when title loses focus.
- If a post has '(Untitled)' for a title, regenerate slugs
on all title changes--same behavior as a new post that does
not yet have a slug.
- Adjust some functional tests to handle the automatic transition
from editor/new to editor/editor and the URL changes that go
along with it.
Ref #1413
- If the user stops typing for 5 seconds, a "typingPause" action is sent from the GhCodemirrorComponent
- Editor-base-controller ties the "typingPause" action to its "autosave"
- If a post is being saved and does not have a title, the title is set to "(Untitled)"
- Cleanup editor base controller property dependencies and code
closes#4157
- adds cache-control header back to api routes
- moves cache rules object into testUtils
- adds cache-control header test to every existing API test
refs #3795
- updates all dev dependencies to their latest version number
- jshint now complains about the Promise global, removed it from predef in
lieu of a better solution
- changes in should require minor updates to the tests
- tests are passing and all major grunt commands appear to work: clean,
init, prod, validate and release
Closes#3955
- Change titleScratch from being bound to the title to being
set when entering the editor so it is not overwritten on a
model refresh.
- Ensure that the "unsaved content" dialog is shown when there are
changes to the "scratch" fields after a post-settings-menu change.
- Add tests to prevent regression.
Closes#3856
- No longer call clearData and initData in test setup because
migration.init is run during Ghost startup. The unhandled
error was a result of clearData removing all the tables while
Ghost was running--there was a timing issue with the oauth middleware
checking the refreshtokens table when it had just been deleted.
fixes#3857
- adds uncapitalise middleware which detects uppercase in req.path and
redirects to the lowercase equivalent
- change the ghost route to a regex, just so it's consistent with other
routes in the file
closes#3789
- Create a GhostServer class to manage state
- index.js now calls start on the exported server
- Alter tests to expect a GhostServer instance
See #3671
- As @JohnONolan’s suggestion, if the user enters an invalid value for
the ‘posts per page’ setting, the number autocorrects to 5, iOS
autocorrect-style
No Issue
- When an invalid, all whitespace slug is entered into the
slug input in the post settings menu, it's rejected but
the input's value still remains the same. This resets the
input back to its original value.
- Added test for the above behavior.
- Only show success notification if slug was actually changed.
- Convert whitespace from tabs to spaces in post-settings-menu.hbs
No Issue
- Defer save until after slug is checked.
- If new slug is empty or all whitespace, reset to previous value.
- If new slug is the same as existing slug except for an increment
value (e.g. ghost-user-2), use the original slug.
- If the slug has changed, change the URL path to reflect the
change so that the browser refresh and back button still work.
- Added tests.
Refs #3667, Refs #3776
- If saving a post fails, revert its status back to the
pre-save value.
- Added tests to check post status after failed save attempt
on both new and existing posts.
closes#3667
- If the ‘save’ function on a new post fails, the local Ember model
still beliefs that the status is ‘published’, resulting in wrong
buttons. A simple catch fixes that.
Amends #3736, references #3623
With `button.ghost-logo`, there's no `href`, so cannot be opened in a new window. This changes it back to an anchor and appends the blog URL to a href attribute. Win!
Bumps Ghost-UI version to 0.8.13 bring in related CSS changes.
Closes#3623
- Move hamburger logic to action with terrible name, "toggleSidebarOrGoHome"
- Move ".js-close-sidebar" events to a document.on(event, *selector*, f) to make sure they attach even when the js-close-sidebars aren't on page (ie, hidenav)
fixes#3724
- provide config.url to the ember client app via a data attribute
- create server and client side helpers to output the URL
- wire up the client side helper
- add a class for testing, and add tests for both the server and client side
fixes#3716
- change the importer to not override any user details
- only set published_by if it is not already set
- import users before anything else
- process the import and map user ids to existing users
- test fix - owner should have owner role
- test fix - catch invalid success in importer
closes#3631
- Removed the 'by + setupUser.name' from authentication.js
- Removed the 'by Test User' from feed_test.js
- Added a '.' to the end of each per issue comment example
closes#3544
- limit forgotten password requests to five requests per IP per hour
for different email addresses
- limit forgotten password requests to five requests per email address
- limit signin requests to ten failed requests per IP per hour
- removed special treatment for tests
closes#3468
- added rate limit to deny more than 5 attempt every hour
- updated spam prevention to be configurable
- added config values spamTimeout, ratePeriod, rateAttempts
- added ratePeriod:1 to config.example.js to prevent functional tests
from hitting the rate limit
- commented spam test, I’ll fix it tomorrow
Basic notifications are unnecessarily verbose and, in some instances, even cause line-wrapping to occur. This change shortens them to short, concsise statements to indicate what action has taken place.
Closes#3402, Closes#3428
-------------------
### Components
- Added GhostSelectComponent to handle async select creation (h/t @rwjblue)
- Added GhostRolesSelector (extends GhostSelect) for displaying user role options
- Created StoreInjector for surgically inserting the store into things that normally wouldn't have them.
### Users Settings
- InviteNewUserModal now uses GhostRolesSelector & defaults to Author
- The role dropdown for user settings has permissions set per 3402
### User Model
- Added `role` property as an interface to getting and setting `roles`
- Refactored anything that set `roles` to set `role`
- isAdmin, isAuthor, isOwner and isEditor are all keyed off of `role` now
### Tests
- Added functional tests for Settings.Users
- updated settings.users and settings.users.user screens
- fix spacing on screens
### Server Fixtures
- Fixed owner fixture's roles
No Issue
- Move authentication related handlers to the Application route.
- Switch Sign Out from a button to a link. Use the signout route
to handle invalidating the session and redirecting instead of
an action from a button.
- Clear error messages on signin page when pressing log in button.
- Errors are now always shown on sign in screen and a success
notification is shown after sign out.
- Update functional tests.
closes#3431
- change feed_test.js to call casperjs getHTML() instead of
getPageContent(), because the latter now strips markup
Alternative fix would be to use .page.frameContent directly
instead of using a casperjs wrapper.
Change runs cleanly on Travis (old casperjs tag) and locally
in the Ghost-Vagrant setup with both the old casperjs tag
and the current HEAD SHA (29bbd03f7cdc9fc1e70f0fe1400635dd7d3537ad)
no issue
- acquiring a new access token using a refresh token sets the
expiration time of the refresh token to now + 24 hrs.
- moved all occurrences of ONE_HOUR, ONE_DAY and ONE_YEAR to
`core/server/utils`
no issue
- Refactor all integration tests to specify and load ONLY the fixtures
they require to run, rather than initialising the whole kit-and-kaboodle
for every single test which takes FOREVER.
- Refactor the route tests to share a doAuth function, and also specify
additional fixtures required
- Move import and export unit tests, which are actually integration tests
(they touch the DB)
- Comment out most of the permissions unit tests for now as they need more
stubs/mocks so as to not touch the DB
Still todo:
- prevent default DB initialisation in route tests, and specify all
fixtures requires as per the integration tests
- fix up the unit/permissions_spec
Closes#3161
- Add a config.js file for the client which is used to configure
Ember.Application during runtime. The correct version of config.js
is copied into place by grunt via the copy:(dev|prod) task from
either config-dev.js or config-prod.js.
- Serve minified and production versions of libraries where applicable
including handlebars-runtime and ember-prod.
- Bundle third party libraries into vendor.min.js.
- Bundle Ghost's Ember app and templates into ghost.min.js
- Remove all fixture data and code from the client.
closes#3222
- implementing server-side pagination for /users API
- passing /users?limit=none will return all users
- passing /users?status=invited will filter base on user status
- creating 3 mixins (route, controller and view) to keep pagination logic DRY
- updating route, controller and view for Posts to use new mixing
- implementing infinite scrolling for Users Management screen (using new mixins)
- Users Management screen displays all invited users, but paginates active users
closes#3128 (now really)
- added express variable disableLoginLimiter
- added disableLoginLimiter to all tests that use Ghost as module and
do authentication
- fixed isSetup not working for status other than active
- removed ‚Ensure a User is Registered‘ test as this is covered by the
new setup test
Closes#3145
- Prevent navigation to the setup screen if Ghost setup
has previously been completed.
- Fix templates that were incorrectly using foreach instead of each.
- Add validation for minimum password length.
- Fix up functional tests and split out tests for setup to a separate
instance of casper because setup requires a new database.
- Add a cleanDatabase task to grunt which resets the database to
new.
Closes#3105, Closes#3175
- Removed notification on successful post's `page` status change
- Removed notification on successful post `featured` status change
- Added `closePassive()` notifications on error in the post-settings-menu
- Persistent notifications will close whether their `DELETE` request was
successful or not.
#### Misc
- Added `name` attribute to `post-setting-menu.hbs` inputs to facilitate testing
- Removed `return <Promise>` from action in `PostSettingsMenuController`. Actions should only return `true`
- Toggling `post.featured` won't fire NProgress.
Closes#3254, closes#3138, closes#3245
### Settings Routing and View refactoring
- Refactored `SettingsView` to handle transitions between mobile and desktop layouts
- `SettingsRoute` will only transition to `settings.general` if the screen is large enough to show both the menu and the content
- Added `SettingsIndexView` to handle showing the settings menu on mobile screens
- Added `SettingsContentBaseView` to be inherited by any settings view that is not index.
- Updated Settings templates appropriately to work with new views
- Removed extraneous `active` class from `settings-content`
- Changed settings menu to use `gh-activating-list-item`
- Retooled settings tests
### Mobile Utils
- Renamed file to `mobile.js`, since it's inside of `utils/`
- Added `mobileQuery` MediaQueryList to help detect layout changes
- Removed unused `hasTouchScreen`, `device.js` should be used instead.
- Removed unused `smallScreen` function
- Moved FastClickInit to codemirror-mobile
Closes#3271
- Change validations on both server and client to allow the
Website field to be empty or a valid URL.
- Add new schema validation helper isEmptyOrURL.
- Remove duplicate call to UserValidator in the save action
of the SettingsUser controller.
- User.last_login and User.created_at are already Moment objects
so Moment#fromNow can be called on them directly.
closes#3074
- user generated by fixture is hijacked
- user is updated with name, email, password, slug and status
- creates new user if db is migrated but no user exists
- previously removed tests are back
closes#3073
- added fixture for owner role
- added fixture for initial user (new db)
- added conversion administrator -> owner (existing db)
- changed tests to take over owner user
- removed some functional tests until /setup works with owner user
- added role to user obj (only returned from the user endpoint)
- added `/users/?include=roles` and
`/users/?include=roles,roles.permissions` query parameters
- added and updated tests
Closes#3199
-If datatype is dateTime convert to javascript Date object when
retrieved from the database.
-Add tests to make sure models and internal API are using Date
objects for dateTime fields.
-Add tests to make sure the HTTP API is returning ISO 8601
date strings for dateTime fields.
Fixes#3078
- new "users" resource, with matching controller and template
- fetching real data from /ghost/api/v0.1/users/
- updated "user" route to accept a :slug as a URL parameter
- updated labels everywhere (from "user" to "users")
- updated "profile" link to header to point to proper "users/:slug" route
- updated core/client/.jshintrc to recognize moment as a valid global function
- adjusted DOM selector used in Casper to properly identify the new screen
- adding "slug" as a new property of the user data used during the Casper functional tests
Closes#3158, Closes#3143, Closes#3134
- Added `model.rollback()` when PSM fails to save.
- Added `showErrors` and `showSuccess` helper functions to PSM to abstract
closing and showing of notifications.
- Added `togglePage` action to indirect the setting of `page`.
- Removed `isStaticPage` property in favor of `togglePage` action
- moved `updateSlug` error catching to outer promise (slugGenerator promise)
- modifying the `page` and `published_at` properties will no longer cause a new post to save
- Close passive notifications on published date parse fail
- Removed promise creation in catch statements
- Changed tests to click on label, rather than the input for
.post-setting-static-page.
closes#3056
- Remove clientold
- Remove clientold tests
- Cleanup old admin helpers
- Remove old routes from admin and controllers from admin controller
- Comment out / remove old and broken tests
- Cleanup Gruntfile.js, bower.js, package.json etc
Still TODO:
- cleanup / add removed tests
- do we still need countable?
closes#2759closes#3027
- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based
Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125
**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
- PostsController orderBy function sorts posts with isNew to the top, otherwise their undefined dates fail to compare
- also catch when `updated_at` is undefined, happens when model is being written with results from the server
- catch objects of type Error in validation engine, helps catching client errors
- join server errors with BR tag in ajax util
- add `emberBuild` task to `grunt test-functional`
- add a test helper, `thenTransitionAndWaitForScreenLoad`, to test transitioning to major parts of the app
- add a test that transitions from Content to the Editor, and back to Content
closes#2998
- update PostSerializer to use DS.EmbeddedRecordsMixin
- create PostAdapter to include include=tags in query params for POST and PUT
- set include=tags for various GET post requests
- change PostModel to have { embedded: always } instead of { async: true }
- update Ember-Data to beta8 from beta7
- make call to get tags from model in editor.edit route synchronous since the tags now exist in the store
- change casper test to wait for call to posts api with `?include=tags`
ref #3060
- Some of our tests use the old signin/signout as part of the setup/teardown process. The old stuff is going away, so this PR switches everything over to use the new admin by default.
- There wil be a further PR to remove the old stuff completely soon.
fixes#3072
- Change router to handle /ember/setup/
- Adjust doSignup to also handle setup
- Adjust tests and add new where necessary
- Add setup controller, setup validation, setup route
- Adjust casper emberSetup to handle new setup
Closes#3036 Refs #3012
-Enable validation for settings/general
-Turn on functional tests for the validations
-Move notification closeAll calls so that notifications
are cleared on attempted saves instead of just on
successful saves
Closes#1558
- Adds a wrapping tag around the notification message
- Change tests to look for new wrapping tag
For the fix to work properly, it needs styles from the [0.8 branch](b98029911c) of Ghost-UI
Closes#2976, Closes#3017
- Move logic to signup controller
- Add ValidationEngine mixin to signup controller
- Add signup validator with code from clientold login view
- Add signin validator and integrate into signin controller
- Add validation to forgotten controller
- Switch to button action to support hitting enter in text field to submit
- Clear all notifications in notifications.closeAll
- Modify ValidationEngine.validate to not format errors based on option
- Update casper test for signin to wait for notification before trying
to do another signin
fixes#3031
- Adds an initializer for passing config to the frontend, it's not pretty but it works
- Forwards the apps route and hides the apps menu item if apps:true is not present in config.js
- improving the implementation of thenOpenAndWaitForPageLoad
- adding a class into the settings templates to more easily test which pane we are on
- adding more, and updating more of the settings tests
- added the editor tests
issue #2989
- Adds lodash for bind and isNumber - looking for a better solution for this
- Still needs the editor and flow tests porting
- Some of the tests are commented out awaiting further implementations
Closes#2866
-update slug API to handle users and apps in addition to
posts and tags
-update existing tests
-add new functional tests for slug endpoint on http api
Closes#2798
-fetch full model for active post in Backbone content preview view
-remove unnecessary type check in Models.Post.saving
-add functional tests for all post settings menu actions in editor screen
-add functional tests for all post actions in content preview
screen for posts with and without tags
closes#2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
closes#2647
- GET method returns { db: [exportedData] }
- POST, DELETE methods return { db: [] }
- 'delete all content' test updated
- Attach 'Content-Disposition' header on DB export for 'Save As' browser dialog
- Add DB API functional test for Export
Ref #2061
- Add canThis permission checks to settings api calls
- Add strict rules about accessing core settings without internal: true
- Omit core settings in browse() call unless internal: true
- Update unit tests to call api.settings with contexts
- Add a couple unit tests for new scenarios
- Update all api.settings calls in the app to call with internal context
- Re-arrange permissions.init in server startup so config.theme.update
can access settings without permissions error
refs #2606
- Use new API format when updating settings from the client side
- Add additional test to test new API format
- Adjust functional tests to work with the new format
closes#2637
- Add new get API route for all notifications
- Wrap API responses to comply with JSON-API
- Add new tests / adjust fixtures
- Adjust all occurences of passive notifications
closes#2643
- added error type
- added error property for validations
- wrapped errors in an array
- returns multiple errors for validation
- updated tests and admin
