1
0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-18 05:52:40 +03:00
Commit Graph

292 Commits

Author SHA1 Message Date
Hannah Wolfe
e40290af5d 🎨 Use GhostAuth name and example emails ()
refs 

- remove references to 'patronus' in favour of GhostAuth, Note: this will require databases to be deleted ;)
- remove email addresses from test data
2016-10-03 15:11:43 +01:00
Hannah Wolfe
b1c77a2279 ⏱ 🛠 Add debug@2.2.0 & wire up in key places ()
refs , 

- added debug and wired it up:
  - across several key parts of the boot process
  - throughout the middleware loading
  - for requests
  - at render points for key routes
2016-10-03 10:33:14 +02:00
Katharina Irrgang
6473c9e858 Ghost OAuth ()
issue 

Remote oauth2 authentication with Ghost.org.

This PR supports:

- oauth2 login or local login
- authentication on blog setup
- authentication on invite
- normal authentication
- does not contain many, many tests, but we'll improve in the next alpha weeks
2016-09-30 12:45:59 +01:00
kirrg001
0ae0a0b490 🎨 change how we get and set config
refs 
- a replace for all config usages
- always use config.get or config.set
- this a pure replacement, no logic has changed

[ci skip]
2016-09-20 15:59:34 +01:00
kirrg001
0b2940d587 🎨 add getSubdir and getProtectedSlugs
refs 

- do not add the subdir property as static config value
- create functions to read subdir and protected slugs on runtime
2016-09-20 15:59:34 +01:00
Katharina Irrgang
c8119eee1f 🎨 source out url utils from ConfigManager ()
refs 
2016-09-20 15:59:34 +01:00
Kevin Ansfield
0b6459cb91 Fix upgrade notification type value ()
refs 

* 🎨 display upgrade alerts with the correct "info" style
* 💄 update use of notifications status/type/location attrs to reflect current usage
2016-09-01 17:58:46 +02:00
Aileen Nowak
a5c29dfc34 [FEATURE] AMP ()
closes , 

* `ImageObject` with image dimensions (, , )
- Returns meta data as promise
    - returns a new Promise from meta data
    - uses `Promise.props()` to resolve `getClient()` and `getMetaData()`

- Adds 'image-size' util
The util returns an object like this
```
{
    height: 50,
    url: 'http://myblog.com/images/cat.jpg',
    width: 50
};
```
if the dimensions can be fetched and rejects with error, if not.
In case we get a locally stored image or a not complete url (like `//www.gravatar.com/andsoon`), we add the protocol to the incomplete one and use `urlFor()` to get the absolute URL. If the request fails or `image-size` is not able to read the file, we reject with error.
- adds 'image-size' module to dependencies
- adds `getImageSizeFromUrl` function that returns image dimensions

- In preparation of AMP support and to improve our schema.org JSON-LD and structured data, I made the following changes:
    - Changes the following properties to be `Objects`, which have a `url` property by default and a `dimensions` property, if `width` and `height` are available:
        - `metaData.coverImage`
        - `metaData.authorImage`
        - `metaData.blog.logo`
    - Checks cache by calling `getCachedImageSizeFromUrl`. If image dimensions were fetched already, returns them from cache instead of fetching them again.
    - If we have image dimensions on hand, the output in our JSON-LD changes from normal urls to be full `ImageObjects`. Applies to all images and logos.
    - Special case for `publisher.logo` as it has size restrictions: if the image doesn't fulfil the restrictions (<=600 width and <=60 height), we simply output the url instead, so like before.
    - Adds new property for schema.org JSON-LD: `mainEntityOfPage` as an Object.
    - Adds additional Open Graph data (if we have the image size): `og:image:width` and `og:image:height`
    - Adds/updates tests

* AMP router and controller (, )
Implements AMP in `/apps/`:
- renders `amp.hbs` if route is `/:slug/amp/`
- updates `setResponseContext` to set context to `['amp', 'post']` for a amp post and `['amp', 'page']` for a page, but will not render amp template for a page
- updates `context_spec`
- registers 'amp' as new internal app
- adds the `amp.hbs` template to `core/server/apps/amp` which will be the default template for AMP posts.
- adds `isAmpURL` to `post-lookup`

* 🎨 Use `context` in meta as array ()
Instead of reading the first value of the context array, we're checking if it includes certain context values.
This is a preparation change for AMP, where the context will be delivered as `['amp', 'post']`.

*  AMP helpers (, , , )
- Adds AMP helpers `{{amp_content}}`, `{{amp_component}}` and  `{{amp_ghost_head}}` to support AMP:
- `{{amp_content}}`:
    - Adds `Amperize` as dependency
    - AMP app uses new helper `{{amp_content}}` to render AMP HTML
    - `Amperize` transforms regular HTML into AMP HTML
    - Adds test for `{{amp_content}}` helper
    - Adds 'Sanitize-HTML` as dependendy
    - After the HTML get 'amperized' we still might have some HTML tags, which are prohibited in AMP HTML, so we use `sanitize-html` to remove those. With every update, `Amperize` gets and it is able to transform more HTML tags, they valid AMP HTML tags (e. g. `video` and `amp-video`) and will therefore not be removed.
- `{{amp_ghost_head}}`:
    - registers `{{amp_ghost_head}}` helper, but uses `{{ghost_head}}` code
    - uses `{{amp_ghost_head}}` in `amp.hbs` instead of `{{ghost_head}}`
- `{{ghost_head}}`:
    - Render `amphtml` link in metadata for post, which links to the amp post (`getAmpUrl`)
    - Updates all test in metadata to support `amp` context
    - Changes context conditionals to work with full array instead of first array value
    - Adds conditionals, so no additional javascript gets rendered in `{{ghost_head}}`
    - Removes trailing `/amp/` in URLs, so only `amphtml` link on regular post renders it
    - Adds a conditional, so no code injection will be included, for an `amp` context.
- `{{amp_components}}`:
    - AMP app uses new helper `{{amp_components}}` to render necessary script tags for AMP extended components as `amp-iframe`, `amp-anime` and `amp-form`
    - Adds test for `{{amp_components}}`
2016-08-22 18:49:27 +02:00
Austin Burdine
58bb111c56 ensure static page edit route redirects to editor ()
closes 
- double check that page matches the page format in post-lookup
- add tests
2016-08-08 09:42:04 +02:00
Austin Burdine
aed8c0800e internal tags feature
refs 
- change behavior to use 'visibility' property
- finish out client & server-side behavior
- add tests
2016-06-11 09:12:04 -06:00
Hannah Wolfe
369fd2c6bd Initial work on internal tags feature
refs 
2016-06-10 13:32:56 -06:00
kirrg001
ff132fd934 timezones: support permalinks based on current timezone
issue 
- redirect date permalink if timezone changed
- create permalinks based on blog TZ
- post-lookup fn is now more generic
2016-05-20 18:14:19 +02:00
Hannah Wolfe
d245f875bf Subscribers: Adding subscribe context
- ensure that the `/subscribe/` route gets a context set correctly
- update context tests§
2016-05-12 11:02:51 +02:00
Hannah Wolfe
ae2f34c910 Split post lookup out of frontend controller
no issue

- move the post lookup functionality into its own file
- handle the pre and post lookup checks to verify that we found the correct post
- checking that the URL matches handles checking that a post looked up with pagePermalink is a page
- all cases where there is no match throws a 404 directly, this could just call next() ?
2016-05-05 15:53:17 +02:00
Austin Burdine
1181707a9d move private-blogging functionality into an internal app
closes , 
- moves all private-blogging related code & tests into /server/apps/private-blogging/
- rework Grunt to run private-blogging tests
- modify server apps code to have a place for internal apps
2016-04-11 08:58:41 -05:00
Hannah Wolfe
17499dbc7b Generate context from channelConfig, not URL
refs 

- makes post context explicit - data.post must be set, rather than post being the default
- uses channelConfig to determine the context for a channel (the channel name) rather than basing it off of the URL
- updates tests to setup the contexts more clearly, the outcome has not changed

Since  req has channelConfig attached to it.
We can use req.channelConfig to determine what the context should be for a channel (the channel name)
This allows us to remove the hardcoded URLs, and means that custom channels will automatically get their own context.
Coupled with removing 'post' from being a default/fallthrough, to being explicitly set, this will reduce
potential context errors, as we start to extend the frontend capabilities
2016-03-20 12:59:25 +00:00
Hannah Wolfe
ed16998461 Restructure Configuration API endpoint
refs , 

- The configuration API endpoint was a bit of an animal:
   - It's used currently in two ways, once for general config, another for the about page.
   - These two things are different, and would require different permissions in future.
   - There was also both a browse and a read version, even though only browse was used.
   - The response from the browse was being artificially turned into many objects, when its really just one with multiple keys
- The new version treats each type of config as a different single object with several keys
- The new version therefore only has a 'read' request
- A basic read request with no key will return basic config that any client would need
- A read request with the about key returns the about config
- A read request with a different key could therefore return some other config
2016-02-19 18:49:23 +00:00
Sebastian Gierlinger
3c5c5ad9d0 Merge pull request from ErisDS/dynamic-channel-routing
Dynamic channel routing
2016-02-15 19:27:41 +01:00
Hannah Wolfe
13c1742eb9 Make frontend routing dynamic & driven by channels
refs 

- Move renderChannel to own file
- Update channel config to have get/list methods
- Move main routes to be generated based on the list of channels
- Move RSS routes to be subroutes of channels
- Move redirect301 to be a shared util
- Add full test coverage
- Split frontend route tests into frontend & channels
2016-02-15 15:57:20 +00:00
Hannah Wolfe
c3673be863 Don't include app fields
no issue

Including app fields along with tags & authors was a preoptimisation.
We don't use them yet, and having them results in database calls that are unnecessary.
2016-02-11 15:03:33 +00:00
Austin Burdine
7d304a046f refactor admin config to include explicit value types
closes 
- add "type" to valid keys in configuration api
- refactor ember config service to parse values based on provided type
2016-01-19 09:43:09 -06:00
Hannah Wolfe
4a7a19c86a Merge pull request from kevinkucharczyk/harvesting-server-side-strings
Harvest server side strings
2016-01-12 20:04:53 +00:00
Hannah Wolfe
20f102808a Switch channel filters to use strings not literals
fixes 

- GQL has a bug where literals starting with numbers are incorrectly parsed
- Using strings instead of literals is a workaround, but is probably safer anyway
2015-12-20 16:03:39 +00:00
rfpe
7abcc43907 Harvest server side strings
closes 
- Replace all hard-coded server-side strings with i18n translations
2015-12-19 12:12:16 +01:00
Hannah Wolfe
e84b7f3217 Cache permalinks & postsPerPage on config.theme
no issue

- Cache the permalinks & postsPerPage settings on the config.theme object
- Use the config.theme cache to reference these items throughout the frontend of a blog
- Removes the need for workarounds and extra code to handle async fetches
- Makes these values accessible to all themes, which is very useful now we have the API stuff
2015-12-15 08:16:53 +00:00
Hannah Wolfe
8c355349b3 No more soft 404s in pagination
closes 

- redirects for page/1/ or rss/1/ are now 301s
- any other invalid page now 404s
2015-12-10 15:00:02 +00:00
Hannah Wolfe
a956d595f2 Make channel config dynamic
refs , 

- fetch channel config via an internal function
- prevents channel config from being statically cached at runtime
- means that labs & other settings can be used to change these values
2015-12-07 20:06:35 +00:00
Hannah Wolfe
395079cd2f Unify code for picking a template to render with
refs 

- 100% coverage for new frontend/templates file
- new module handles the logic for determining which template to render with
2015-12-01 12:05:46 +08:00
Hannah Wolfe
d6fb21fa28 Don't use api to lookup theme in frontend controller
no issue

- small fix, we already have the info, no need to look it up again
2015-10-30 19:02:06 +00:00
Hannah Wolfe
ff7517b801 Switch RSS to use new filter param
refs , 

- split out channel config
- use config.theme instead of api calls to grab title & desc
- wrap rss call in a function which sets channel config for RSS feeds
- change rss `getData` function to use the new multiple-query-handling fetchData functionality
- make sure channelConfig is set in all tests
2015-10-27 10:00:51 +00:00
Hannah Wolfe
e9035fde4e Switch frontend controller to use new filter param
refs , 

- updated fetch-data to handle multiple api queries
- using named keys for queries so that the names of items in the result are correct (tag instead of tags etc)
- updated channel configs in frontend controller
- removed old filter code from frontend controller
- added test coverage for fetch-data and format-response
- fixes / removes tests which are broken by the refactor
2015-10-26 09:40:19 +00:00
Hannah Wolfe
06b03bbcfe Split helper functions from frontend controller
no issue

- Split out 'getPostPage' & rename to fetchData
- Split format response methods into own files
- Split out handleError
- Split out setReqCtx and rename to setRequestIsSecure
- Split out theme paths
- Refactor tests in index_spec.js to be more robust
- Add tests to bring coverage for split file up to 100%
2015-10-22 18:46:58 +01:00
Hannah Wolfe
c8bb6081ab Frontend controller refactor & test improvements
no issue

- Split context out of frontend controller
- Add 100% test coverage for context
- Add tests for preview & improve other bits of coverage
- Further refactors (WIP) will make it easier to reach 100% coverage on the frontend
2015-10-15 10:17:42 +01:00
Hannah Wolfe
26231d5bd3 Fix /author/ pages crashing & permit /tag/
fixes 

- update context patterns to correctly match author & tag pages
- remove 'tag' and 'tags' from reserved slugs - we'll handle this in terms of overrides in future
2015-10-10 14:52:23 +01:00
Nazar Gargol
fd7e118ed5 Returns 404 page instead of crashing a server whenever special characters are used for tag filtering
closes 
refs 
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
2015-09-20 22:47:34 +02:00
Sebastian Gierlinger
f22796ff7d Add dynamic client_id/client_secret
no issue
- added ghost-admin client_id to admin
- added ghost-admin client_secret to admin
- added client.read() api endpoint
- added random generation of client_secret to migration
- removed addClientSecret method
- updated tests
2015-09-02 16:39:34 +01:00
Kevin Ansfield
7ac6ebb920 Refactor notifications service & components
issue 

- change persistent/passive notification status to alert/notification
- replace showSuccess/Info/Warn/Error with showNotification/showAlert
- fix and clean up notification/alert components
2015-07-28 12:26:11 +01:00
Jason Williams
60e160d169 Merge pull request from ErisDS/fix-contexts
Fix context setup (remove dep on req.route.path)
2015-06-03 16:28:16 -05:00
Hannah Wolfe
7eacd2876d Ensure middleware functions are named
refs 

- adds names to all middleware functions, for debugging purposes
2015-06-02 14:49:18 +01:00
Hannah Wolfe
cc00c6c64a Fix context setup (remove dep on req.route.path)
refs 

- As a result of , context are pretty broken.
- This PR removes all dependence on req.route.path, and uses res.locals.relativeUrl
- res.locals.relativeUrl is used for many things and is dependable
2015-05-29 09:16:04 +01:00
Austin Burdine
75745c2b3b refactor permalink verification in single post controller
closes 
- removes verifying "sections" of permalinks in favor of checking the url returned with the post
- fixes unit tests to define post.url in mock post requests
2015-05-20 07:00:13 -06:00
Hannah Wolfe
c3dda5e5c4 Theming updates for password protection
refs , 

- Removed nonexistent helpers siteDescription and bodyClass from admin templates
- Changed password.hbs to private.hbs to match the route name
- added a new input_password helper for rendering the password input with the correct properties
- removed the forward input as this can be handled via urls only
- moved 'private' to routeKeywords
- added 'private' context
- minor update to text next to the password in settings
2015-05-13 19:48:24 +01:00
Hannah Wolfe
96a3568c3d Merge pull request from PaulAdamDavis/new-upgrade-notifications
Move upgrade notification to /settings/about/
2015-05-13 16:47:46 +01:00
Austin Burdine
8ac168794e refactors the frontend controller
closes 
- combines homepage, author, tag routes into one function (with different hash params)
- provides some abstraction for channels
2015-05-05 07:35:08 -05:00
Austin Burdine
2865662ee5 added password protection
closes 
- brings password protection to the frontend of blogs
- adds testing for password protection
- upgrades bcrypt-js to 2.1.0
2015-04-30 23:44:43 -05:00
Matt Enlow
433956c102 Add post preview via uuid (/p/:uuid)
Refs 

- All drafts will show a preview link (this needs real css)
- Published posts will redirect
- prev/next post helpers only activate on published posts
- Powered by ~10 pints between the two of us (@ErisDS, @novaugust)
2015-04-30 11:57:37 +01:00
Paul Adam Davis
272f1eddaf Move upgrade notification to /settings/about/
Refs 

- Move the Upgrade notification from the top of the screen to the About page
2015-04-29 22:34:04 +01:00
lmoe
03dcb71b08 Added res.locals into the prePostsRender filter call
closes 

 - Added res.locals as a second parameter to the prePostsRender filter
call.
 - This allows accessing the relative url and makes it possible to
react to certain urls.
2015-04-22 23:22:31 +02:00
Sebastian Gierlinger
fdcb67d3cc Rename error.type to error.errorType
closes 
- renamed error.type to error.errorType
2015-04-22 22:29:45 +02:00
Hannah Wolfe
e26e83d40a Refactor to remove author.email from API
refs 

- Pass through `options` to all toJSON calls on posts, tags, and users
- Use options.context.user to determine whether it's OK to return user.email
- Remove author.email handling code from frontend.js
2015-04-17 22:27:04 +01:00