Commit Graph

347 Commits

Author SHA1 Message Date
Hannah Wolfe
43bcf5b374 🐛 better theme name consistency (#7380)
closes #7313

- Adds `getSanitizedFileName` function to storage/base.js which replaces non A-Z0-9@. chacracters with -
- modifies /api/theme.js so that zip.shortName is consistent throughout.
2016-09-14 17:24:28 +00:00
Sebastian Gierlinger
03ca49ca5e Respect subdirectory for preview pages (#7365)
no issue
- added subdirectory for preview route when doing cache invalidation
2016-09-14 12:32:48 +01:00
Hannah Wolfe
4287e0e78b 🐛 Reactivate theme on override + cache clear (#7368)
closes #7350

- When the active theme is overridden, ensure that the activateTheme middleware gets called by removing the `req.app.activeTheme` value.
- Additionally, ensure that the full cache is invalidated
2016-09-14 10:18:52 +00:00
Kevin Ansfield
0b6459cb91 Fix upgrade notification type value (#7308)
refs #7305

* 🎨 display upgrade alerts with the correct "info" style
* 💄 update use of notifications status/type/location attrs to reflect current usage
2016-09-01 17:58:46 +02:00
Hannah Wolfe
84a35a4753 🎨 Theme events (#7269)
no issue
- add events for uploaded, downloaded & deleted
2016-08-25 10:36:12 +02:00
Hannah Wolfe
545d2cb8b0 Use node-archiver to create zips (#7268)
closes #7266, closes #7267

- Adds node-archiver as a dependency
- Adds new zip-folder utility
- Switch out exec 'zip' for zip folder utility
- Store generated zips in os.tmpdir
- Don't delete zips from content/themes when uploading or deleting
- Fixes path resolution for delete
2016-08-25 09:22:22 +02:00
Hannah Wolfe
5739411c51 🐛 Ensure sitemap items are valid (#7261)
closes #7186

- Add a concept of validity to each generator
- Refactor base generator to handle invalid (empty) nodes for both events & the initial generation
- Update the tests a bit, to fix some bugs in the tests
- Ensure the homepage is always present
2016-08-25 07:13:08 +02:00
Hannah Wolfe
02ca986ed7 🎨 Improve theme validation error messaging (#7253)
refs #7204

- Adds a new ThemeValidationError class
- This error has a top level message, but will also contain all the individual errors within the `errorDetails` property
- Updated the API error handling to return `errorDetails` if it is present
2016-08-24 14:45:54 +02:00
Katharina Irrgang
a91e54cf1a feature: theme upload/download/delete (#7209)
refs #7204

- added 3 new themes permissions
- change core/client
- add theme upload/download logic
- extended local file storage to serve zips
- added gscan dependency
- add ability to handle the express response within the api layer
- restrict theme upload to local file storage
- added 007 migration
2016-08-23 13:07:25 +01:00
Katharina Irrgang
3b8f08e0ec fix: delete unused theme endpoints (#7231)
no issue
2016-08-22 10:54:54 +01:00
John O'Nolan
61a8845ab5 Switch to new native system font stack (#7219)
no issue

Based on an increasingly popular trend and modern web typography capabilities, switch out Google Fonts for default native system fonts, tailored in a stack to suit every device. Also makes some very minor visual adjustments to suit.

Nixes all references to Google Fonts, and provides a faster rendering experience and fewer http requests. 💃

Reference material:

https://www.smashingmagazine.com/2015/11/using-system-ui-fonts-practical-guide/
https://medium.design/system-shock-6b1dc6d6596f#.rhqx5fmyz
Dependencies:

TryGhost/Ghost-Admin#211
TryGhost/Ghost-Desktop#190
2016-08-18 20:29:46 +01:00
Katharina Irrgang
663b410fd4 feature: upload validation middleware (#7208)
no issue

- Source out validation logic into a upload validation middleware for all upload types (csv, image, subscribers). This unit can be later used for Ghost 1.0 as a pre validation core unit. 
- More usage of route tests than controller tests. These are use case tests, a use case only changes if the product changes
2016-08-18 20:25:51 +01:00
Hannah Wolfe
3381449d78 Added new setup.completed event (#7217)
refs #6924

- New event allows us to hook into setup in other ways
2016-08-17 20:59:15 +02:00
Katharina Irrgang
9cd9e03fdb fix: notification store without duplicates (#7135)
closes #7133
- ensure we don't add duplicate notifications to the in process notification store
2016-08-11 08:58:51 +01:00
Tim Walling
a0288303f6 Check file type and file extension when importing csv (#7185)
issue #7144
- added a check for file type and file extension
- added an error message to the localization file
- added integration test
2016-08-11 08:46:06 +01:00
Katharina Irrgang
c6f1a8de13 fix: refresh settings cache for migration 006 (#7147)
no issue
- refresh settings cache after 006/001 migration fixture
2016-07-26 13:53:17 +01:00
Vijay Kandy
f2d09df512 Support for custom notifications (#7077)
closes #5071

- Send application/json requests to UpdateCheck service. New UpdateCheck service accepts JSON request
- If UpdateCheck service respponse has messages[] array, iterate over the array and create custom notifications intended for current version
- Save custom notification if its not already in the store AND its uuid is not in seenNotifications array
- When a custom notification is dismissed, store its uuid in seenNotifications array
- setup test fixtures to trigger tests properly
- api_notification_spec test to ensure custom notification can be added to store and added to seenNotifications when dismissed
- update_check_spec test to ensure custom notification can be displayed for a specific Ghost version
- added test to ensure messages meant for other versions don't create notifications
2016-07-22 14:02:10 +01:00
Kevin Ansfield
302702c740 Revert "fix: ensure we initialise activeTheme on bootstrap (#6950)"
This reverts commit 8f2afeed03.
2016-07-21 12:26:16 +01:00
Katharina Irrgang
8f2afeed03 fix: ensure we initialise activeTheme on bootstrap (#6950)
closes #6948
- the hbs engine was never initialised  when server starts
- when you request a page which does not exist, express jumps directly into the error handlers
- delete some dynamic hbs engine setters in theme handler
2016-07-21 12:09:11 +01:00
Katharina Irrgang
e91e9eadac improvement: mail structure (#7033)
no issue
- in preparation for subscribers V2
- do not implement code in index.js
- create mail utils
2016-06-28 20:13:01 +02:00
“kirrg001”
1421c92ba5 post-scheduling
refs #6413
- PUT endpoint to publish a post/page for the scheduler
- fn endpoint to get all scheduled posts (with from/to query params) for the scheduler
- hardcoded permission handling for scheduler client
- fix event bug: unscheduled
- basic structure for scheduling
- post scheduling basics
- offer easy option to change adapter
- integrate the default scheduler adapter
- update scheduled posts when blog TZ changes
- safety check before scheduler can publish a post (not allowed to publish in the future or past)
- add force flag to allow publishing in the past
- invalidate cache header for /schedules/posts/:id
2016-06-14 10:52:13 +02:00
kirrg001
7d5baf4e9a fix: put default timezone into config
no issue
- config.theme.timezone can be undefined, when settings are not loaded from the database
- this PR will define the default blog TZ in config
- use `Etc/UTC` as default instead of `Europe/Dublin`
2016-06-13 15:02:52 +02:00
Hannah Wolfe
584e9911c4 Merge pull request #6973 from acburdine/lodash-4
deps: lodash@4.13.1
2016-06-11 21:39:30 +01:00
Hannah Wolfe
6bcc08e874 Cleanup indentation now JSCS can see it
- this is needed to make #6925 mergable
2016-06-11 20:25:15 +01:00
Austin Burdine
44537bd15f deps: lodash@4.13.1
closes #6911
- update lodash to v4
- remove lodash.tostring override
- remove lodash from greenkeeper ignore
2016-06-11 13:13:55 -06:00
Austin Burdine
aed8c0800e internal tags feature
refs #6165
- change behavior to use 'visibility' property
- finish out client & server-side behavior
- add tests
2016-06-11 09:12:04 -06:00
Hannah Wolfe
369fd2c6bd Initial work on internal tags feature
refs #6165
2016-06-10 13:32:56 -06:00
cobbspur
0f0ca5a304 Add CSV parser for csv read utility
closes #6865

- switch csv-read to use a csv-parser for greater reliability and management of strings when importing a csv
2016-06-07 10:47:56 +01:00
Aileen Nowak
38a261daac timezones: Always use the timezone of blog setting
closes #6406
- adding timeZone Service to get the offset (=timezone reg. moment-timezone) overall available
- new publishedAtOffset date as CP using timeZone service and moment-timezone to calculate offset incl. DST
- removing timezone-obj transform as it became obsolete with moment-timezone
- reading timezones from configuration/timezones api endpoint
- adding a moment-utc transform to only work with utc times in backend
- when switching the timezone in the select box, the user will be shown the local time of the selected timezone
- added clock service to show actual time ticking below select box
- default timezone is '(GMT) Greenwich Mean Time : Dublin, Edinburgh, London'
- if no timezone is saved in the settings yet, the default value will be used
- showing local time in 'Publish Date' when it's a draft and no actual publishedAt value exists
- Removed the format 'DD MMM YY @ HH:mm (UTC Z)' which resolves to '01 Jan 16 @ 14:00 (UTC +02:00)'
- Changing the date.js helper in core/server for moment-timezone
- Fix timezone select: updates `selectedTimezone` to return the matching object from `availableTimezones`
- Including timezones in test for date-helper
- update to moment-timezone 0.5.1
- moving form-group of 'selectTimezone' further up so
- Tests:
	- Set except for clock service in test env
	- adding fixtures to mirage
	- adding 'service.ajax' to navigation-test.js
	- adding 'service:ghostPaths' to navigation-test.js
- Code improvements
- Changing clockservice to ES6
2016-05-20 13:59:45 +02:00
Hannah Wolfe
4571a40f2a Subscribers: Error message improvements 2016-05-12 17:37:45 +02:00
Hannah Wolfe
bd3234d207 Pre-populate setup values from config
no issue
- Check for title, user_name and user_email in the top level of config.
- If they exist, return them as part of the setup check, so that the setup screen can be prepopulated
2016-05-11 19:30:56 +02:00
kirrg001
90d872e592 Subscribers: Error Handling for adding subscribers
no issue
- do not expose information about adding subscribers
2016-05-11 12:55:29 +02:00
kirrg001
77fc9ea265 Subscribers: Move read CSV into separate utility
- split out read CSV function into utility and add tests
- update API response to follow JSONAPI more closely
- update the UI to match the new API response
2016-05-11 11:22:35 +02:00
kirrg001
ef605c5191 Subscribers: finish permission handling
no issue
- add some more tests, optimise tests and finish tests
- subscriber model checks external context permissions in permissible fn
- add missing permissions for subscriber csv
2016-05-11 10:28:12 +02:00
Hannah Wolfe
6ef79534e4 Subscribers: router & form helpers
Form:
- add confirm, location & referrer hidden fields
- add script to populate location & referrer
- add helper for creating the email field
- pass through input class and placeholder for email from top level form helper
- rename subscribe_form template & helper as it sounds more natural
- handle success and error cases differently
- improve error message display
- ensure useful data is passed back so that we can show nice messages
- check for honeypot value being filled out
- refactor error handler to set an error and always still render
2016-05-11 10:28:11 +02:00
Sebastian Gierlinger
01ae7ae49f Subscribers: Model, API & CSV import/export
- subscriber model
- subscriber app updates
- subscriber end points
- import/export CSV
- added headers to export file
- added dynamic email field detection for import
- returns stats object after CSV import
- mask error message from DB
2016-05-11 10:28:10 +02:00
Sebastian Gierlinger
85c1e1407f Merge pull request #6804 from kirrg001/adds/permission-improvements
add small permission improvements
2016-05-11 10:27:32 +02:00
Aileen Nowak
b7bd6d9968 Structured Data 3.0
closes #6534
- new input fields in general settings incl. validation
- facebook and twitter as new models in settings.js
- adds values for facebook and twitter to default-settings.js
- adds blog helpers for facebook and twittter
- rather than saving the whole URL, the Twitter username incl. '@' will be extracted from URL and saved in the settings. The User will still input the full URL. After saving the blog setting, the stored Twitter username will be parsed again as the full URL and available in the input field. A custom transform is used for this.
- adding meta fields to be rendered in {{ghost_head}}:
	- '<meta property="article:publisher" content="https://www.facebook.com/page" />' and
	- '<meta name="twitter:site" content="@user"/>'
- adds facebook and twitter to unit test for structured data
- adds unit test for general settings
- adds acceptance test for new input fields in general settings
- adds a custom transform for twitter model to save only the username to the server
- adds unit test for transform
2016-05-08 17:43:59 +02:00
Katharina Irrgang
f644d99460 add small permission improvements
no issue
- do not check client type in auth middleware
- offer filtering for findAll function in base
- add isInternalContext to base model
2016-05-08 14:22:55 +02:00
Aileen Nowak
35ecaee6d3 Slack integration
closes #6584
- Frontend Changes:
	- adds 'Apps' to Navigation Menu
	- adds 'Slack' as nested page to Apps
	- adds `apps.css`
	- adds `slack-integration` model and uses `slack-settings` custom transform to parse JSON file
	- adds validation for `slack` model
	- adds fixtures and `slack/test` API endpoint to Mirage
	- adds acceptance tests for `apps-test` and `slack-test`
	- adds unit tests for `slack-settings` and `slack-integration`
- Backend Changes:
	- adds API endpoint `slack/test` to send Test Notification
	- adds default-values for slack model
	- sends payload to slack:
		- text: the url of the blogpost / test message
		- icon_url: url to ghost logo
		- username: Ghost
	- adds `slack/index.js` to send webhook to slack if
		- a new post is published (if slack webhook url is saved in settings)
		- user clicks on 'Send Test Notification' in UI
	- adds `slack.init()` to `server.index.js` to add event listener
	- adds unit test for `slack/index`
2016-05-08 12:49:15 +02:00
kirrg001
7d4107fec4 delete null values from incoming objects
no issue
- add more power to validation phase (checkObject) to get rid of null values
2016-05-08 09:18:44 +02:00
king6cong
104e73bd4a fix email error log templat 2016-04-13 14:51:00 +08:00
Jason Williams
c41ee354b1 Replace busboy upload middleware with multer
- deps: multer@1.1.0
2016-04-07 21:30:46 -05:00
Jason Williams
136bdbd9ff Return http status 204 on deletes
Closes #2871
- Refactor api http handlers.
- Update tests.
- Remove special handling of responses in ember adapter.
2016-03-22 11:42:48 -05:00
Jason Williams
9fe573a0c5 Refactor content deletion
- Simplify the `init` method in `models/index.js` so that it no longer
  returns a promise. Easier to use.
- Eliminates the `deleteAllContent` method from `models/index.js` as it
  can all be handled at the API layer in a single spot.
- Optimize `destroyAllContent` in `api/db.js`. Eliminates
  double-fetching every post from the database and converting it to
  JSON. Also only fetches ids from the database instead of the entire
  model.
- Eliminates the custom static method `destroy` in the Post model in
  favor of handling detaching tag relations in a single place (the
  `destroying` event). This also eliminates a big source of unneeded
  database round trips--needing to get post ids to feed into
  `Post.destroy()` which then re-fetches the post again.
2016-03-22 10:10:09 -05:00
Hannah Wolfe
9309adc511 Exporter cleanup & tests
refs #6301

- change knex getter def to be configurable, else it is not testable
- remove exportPath and lang from config - neither are used
- add client_trusted_domains to tables which shouldn't be exported as there are no clients in the export
- change export signature to be an object with `doExport` function consistent with import & easier to test
- cleanup export code so it is clearer, easier to read & to test:
  - use mapSeries instead of sequence
  - use Promise.props instead of Promise.join
  - split functionality into smaller functions
- add test coverage
2016-03-12 19:01:25 +00:00
Jason Williams
fe13503470 Refactor authentication API into pipeline format
Refs #5508
2016-03-07 11:53:54 -06:00
Aileen Nowak
e347f95f15 Including timezones API in configuration endpoint
refs #6406
- endpoint configuration/timezones refers to timezones.json file in data
- added route for endpoint in api.js to use method read in configuration.js
2016-02-24 16:44:01 +02:00
Hannah Wolfe
ed16998461 Restructure Configuration API endpoint
refs #6421, #6525

- The configuration API endpoint was a bit of an animal:
   - It's used currently in two ways, once for general config, another for the about page.
   - These two things are different, and would require different permissions in future.
   - There was also both a browse and a read version, even though only browse was used.
   - The response from the browse was being artificially turned into many objects, when its really just one with multiple keys
- The new version treats each type of config as a different single object with several keys
- The new version therefore only has a 'read' request
- A basic read request with no key will return basic config that any client would need
- A read request with the about key returns the about config
- A read request with a different key could therefore return some other config
2016-02-19 18:49:23 +00:00
cobbspur
8025325b15 Backup database before deletion
No issue

- a json object is now created when a user deletes content in labs
2016-02-14 09:04:53 +00:00