Commit Graph

275 Commits

Author SHA1 Message Date
David Wolfe
68af2145a1 Replace memory spam prevention with brute-express (#7579)
no issue

- removes count from user checks model
- uses brute express brute with brute-knex adaptor to store persisted data on spam prevention
- implement brute force protection for password/token exchange, password resets and private blogging
2016-11-08 12:33:19 +01:00
Katharina Irrgang
4e7779b783 🎨 remove token logic from user model (#7622)
* 🔥  remove User model functions

- validateToken
- generateToken
- resetPassword
- all this logic will re-appear in a different way

Token logic:
- was already extracted as separate PR, see https://github.com/TryGhost/Ghost/pull/7554
- we will use this logic in the controller, you will see in the next commits

Reset Password:
Was just a wrapper for calling the token logic and change the password.
We can reconsider keeping the function to call: changePassword and activate the status of the user - but i think it's fine to trigger these two actions from the controlling unit.

* 🔥  remove password reset tests from User model

- we already have unit tests for change password and the token logic
- i will re-check at the end if any test case is missing - but for now i will just burn the tests

*   add token logic to controlling unit

generateResetToken endpoint
- the only change here is instead of calling the User model to generate a token, we generate the token via utils
- we fetch the user by email, and generate a hash and return

resetPassword endpoint
- here we have changed a little bit more
- first of all: we have added the validation check if the new passwords match
- a new helper method to extract the token informations
- the brute force security check, which can be handled later from the new bruteforce middleware (see TODO)
- the actual reset function is doing the steps: load me the user, compare the token, change the password and activate the user
- we can think of wrapping these steps into a User model function
- i was not sure about it, because it is actually part of the controlling unit

[ci skip]

* 🎨  tidy up

- jscs
- jshint
- naming functions
- fixes

*   add a test for resetting the password

- there was none
- added a test to reset the password

* 🎨  add more token tests

- ensure quality
- ensure logic we had

* 🔥  remove compare new password check from User Model

- this part of controlling unit

*   compare new passwords for user endpoint

- we deleted the logic in User Model
- we are adding the logic to controlling unit

* 🐛  spam prevention forgotten can crash

- no validation happend before this middleware
- it just assumes that the root key is present
- when we work on our API, we need to ensure that
  1. pre validation happens
  2. we call middlewares
  3. ...

* 🎨  token translation key
2016-11-07 11:18:50 +00:00
Katharina Irrgang
02a1f08ba3 🐛 fix changePassword bug (#7590)
no issue
- comparison for isLoggedInUser did not work when userId was a string
- parsing of int was missing
2016-10-21 10:19:09 +01:00
Katharina Irrgang
25b0c9eb9a add isPasswordCorrect fn to User Model (#7573)
refs #7432
- clean code!
- less code!
2016-10-14 18:46:22 +01:00
Katharina Irrgang
ca7b5643d5 🎨 more clean code in User Model (#7572)
* 🎨  do not call generateSlug twice for User.setup

* 🎨  call generatePasswordHash onSaving only

- now we can add defaults to User Model
- it was not possible before because add User model did the following:
  1. validate password length
  2. hash password manually
  3. call ghostBookshelf.Model.add and THEN bookshelf defaults fn gets triggered
- call generatePasswordHash in onSaving hook for all use case
- add more tests to user model, juhu
2016-10-14 18:24:38 +01:00
Katharina Irrgang
e1ac6a53dd 🎨 gravatar lookup in saving hook (#7561)
refs #7432

- in preparation for more User model cleanup
- look for gravatar when email has changed
- run onSaving tasks in parallel in User model
2016-10-14 15:37:40 +01:00
Katharina Irrgang
8cd5d9f6fe 🎨 register events in base model (#7560)
refs #7432

- all models implemented it's own initialize fn to register events
- we can register all events in the base model
- important: we only listen on the event, if the model has defined a hook for it
- this is just a small clean up PR
- register more bookshelf events
2016-10-14 13:37:01 +01:00
Katharina Irrgang
5b9c213849 🎨 change gravatar file design (#7553)
no issue
- preperation for User model refactoring
- the rule is:
  --> when calling a unit, this unit should return something new
  --> and NOT modifying an existing object and return it (this is an unexpected behaviour, especially for utils and libs)
2016-10-13 13:52:22 +01:00
Katharina Irrgang
869a35c97d migrations: seeding is part of init db task (#7545)
* 🎨  move heart of fixtures to schema folder and change user model

- add fixtures.json to schema folder
- add fixture utils to schema folder
- keep all the logic!

--> FIXTURE.JSON
- add owner user with roles

--> USER MODEL
- add password as default
- findAll: allow querying inactive users when internal context (defaultFilters)
- findOne: do not remove values from original object!
- add: do not remove values from original object!

* 🔥  remove migrations key from default_settings.json

- this was a temporary invention for an older migration script
- sephiroth keep alls needed information in a migration collection

* 🔥   add code property to errors

- add code property to errors
- IMPORTANT: please share your opinion about that
- this is a copy paste behaviour of how node is doing that (errno, code etc.)
- so code specifies a GhostError

* 🎨  change error handling in versioning

- no need to throw specific database errors anymore (this was just a temporary solution)
- now: we are throwing real DatabaseVersionErrors
- specified by a code
- background: the versioning unit has not idea about seeding and population of the database
- it just throws what it knows --> database version does not exist or settings table does not exist

* 🎨  sephiroth optimisations

- added getPath function to get the path to init scripts and migration scripts
- migrationPath is still hardcoded (see TODO)
- tidy up database naming to transacting

*   migration init scripts are now complete

- 1. add tables
- 2. add fixtures
- 3. add default settings

* 🎨  important: make bootup script smaller!

- remove all TODO'S except of one
- no seeding logic in bootup script anymore 🕵🏻

*   sephiroth: allow params for init command

- param: skip (do not run this script)
- param: only (only run this script)
- very simple way

* 🎨  adapt tests and test env

- do not use migrate.populate anymore
- use sephiroth instead
- jscs/jshint

* 🎨  fix User model status checks
2016-10-12 16:18:57 +01:00
Katharina Irrgang
d81bc91bd2 Error creation (#7477)
refs #7116, refs #2001

- Changes the way Ghost errors are implemented to benefit from proper inheritance
- Moves all error definitions into a single file
- Changes the error constructor to take an options object, rather than needing the arguments to be passed in the correct order.
- Provides a wrapper so that any errors that haven't already been converted to GhostErrors get converted before they are displayed.

Summary of changes:

* 🐛  set NODE_ENV in config handler
*   add GhostError implementation (core/server/errors.js)
  - register all errors in one file
  - inheritance from GhostError
  - option pattern
* 🔥  remove all error files
*   wrap all errors into GhostError in case of HTTP
* 🎨  adaptions
  - option pattern for errors
  - use GhostError when needed
* 🎨  revert debug deletion and add TODO for error id's
2016-10-06 13:27:35 +01:00
Katharina Irrgang
1882278b5b 🎨 configurable logging with bunyan (#7431)
- 🛠  add bunyan and prettyjson, remove morgan

-   add logging module
  - GhostLogger class that handles setup of bunyan
  - PrettyStream for stdout

-   config for logging
  - @TODO: testing level fatal?

-   log each request via GhostLogger (express middleware)
  - @TODO: add errors to output

- 🔥  remove errors.updateActiveTheme
  - we can read the value from config

- 🔥  remove 15 helper functions in core/server/errors/index.js
  - all these functions get replaced by modules:
    1. logging
    2. error middleware handling for html/json
    3. error creation (which will be part of PR #7477)

-   add express error handler for html/json
  - one true error handler for express responses
  - contains still some TODO's, but they are not high priority for first implementation/integration
  - this middleware only takes responsibility of either rendering html responses or return json error responses

- 🎨  use new express error handler in middleware/index
  - 404 and 500 handling

- 🎨  return error instead of error message in permissions/index.js
  - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error

- 🎨  wrap serve static module
  - rule: if you call a module/unit, you should always wrap this error
  - it's always the same rule
  - so the caller never has to worry about what comes back
  - it's always a clear error instance
  - in this case: we return our notfounderror if serve static does not find the resource
  - this avoid having checks everywhere

- 🎨  replace usages of errors/index.js functions and adapt tests
  - use logging.error, logging.warn
  - make tests green
  - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically

- 🐛  return errorDetails to Ghost-Admin
  - errorDetails is used for Theme error handling

- 🎨  use 500er error for theme is missing error in theme-handler

- 🎨  extend file rotation to 1w
2016-10-04 16:33:43 +01:00
Hannah Wolfe
e40290af5d 🎨 Use GhostAuth name and example emails (#7475)
refs #7452

- remove references to 'patronus' in favour of GhostAuth, Note: this will require databases to be deleted ;)
- remove email addresses from test data
2016-10-03 15:11:43 +01:00
Katharina Irrgang
6473c9e858 Ghost OAuth (#7451)
issue #7452

Remote oauth2 authentication with Ghost.org.

This PR supports:

- oauth2 login or local login
- authentication on blog setup
- authentication on invite
- normal authentication
- does not contain many, many tests, but we'll improve in the next alpha weeks
2016-09-30 12:45:59 +01:00
kirrg001
b79a18ca8f 🎨 Separate invites from user
refs #7420
- remove invite logic from user
- add invite model and adapt affected logic for inviting team members
2016-09-26 11:08:43 +02:00
Austin Burdine
756d9bcb6e show correct error message the first time account is locked (#7263)
closes #7251

- check if remaining attemps is 0, if so then show account locked error
- adds test
2016-09-19 14:56:55 +01:00
Austin Burdine
44537bd15f deps: lodash@4.13.1
closes #6911
- update lodash to v4
- remove lodash.tostring override
- remove lodash from greenkeeper ignore
2016-06-11 13:13:55 -06:00
Hannah Wolfe
80a79172c4 Revert "Revert "Force UTC at process level"" 2016-06-03 09:06:18 +01:00
Hannah Wolfe
78e693f469 Revert "Force UTC at process level" 2016-06-02 14:38:02 +01:00
kirrg001
ec176c243a Force UTC at process level
issues #6406 #6399
- all dates are stored as UTC with this commit
- use moment.tz.setDefault('UTC')
- add migration file to recalculate local datetimes to UTC
- store all dates in same format into our three supported databases
- add option to remeber migrations inside settings (core)
- support DST offset for migration
- ensure we force UTC in test env
- run whole migration as transaction
- extend: Settings.findOne function
2016-06-02 13:23:09 +02:00
Hannah Wolfe
38e3654bbe Merge pull request #6875 from king6cong/role-id-fix
roles_users.id is not necessarily the same as roles_users.user_id
2016-05-23 09:07:20 +01:00
oregami
834d25b66b fix query user 2016-05-23 11:40:27 +08:00
Katharina Irrgang
f644d99460 add small permission improvements
no issue
- do not check client type in auth middleware
- offer filtering for findAll function in base
- add isInternalContext to base model
2016-05-08 14:22:55 +02:00
Joerg Henning
0f3cb44227 deps: validator@5.1.0
closes #6462

- monkey-patch validator.extends() since it was dropped by validator @5.0.0
- coerce input to string prior to validation (custom toString func)
- need to handle boolean validation based on column type not isIn()
- use `lodash.tostring` to convert input values to strings
2016-04-19 09:39:12 +08:00
David Balderston
110a5be253 Check Old Password on Password Change
Closes #6620

* Changed it from always returning true, to evaluate if it is the
current logged in user, and if so, check the old password. If not,
ignore
2016-03-30 21:04:19 -07:00
Hannah Wolfe
841b552b52 Fixing typo in i18n key 2016-02-18 12:52:53 +00:00
Jason Williams
b10da0569a Provide entire model to validator
Closes #6491
2016-02-17 17:30:16 -06:00
Hannah Wolfe
c301510cd1 Refactor gravatarLookup, remove request dependency
no issue

- request is quite a heavy dependency
- we were only using request in 3 places: a test, storing contrib images in the gruntfile & the gravatar lookup
- all 3 are relatively simple to do with the http/https module
- refactored all 3, removed request
2016-02-16 11:12:01 +00:00
rfpe
7abcc43907 Harvest server side strings
closes #5617
- Replace all hard-coded server-side strings with i18n translations
2015-12-19 12:12:16 +01:00
Brandon Hops
e5ee97bece Remove undefined function and fix some comments 2015-12-01 23:28:36 -08:00
Sebastian Gierlinger
014e2c88dd Restore options
refs #6122
- restore original options after delete
- this is a fix for one use case, long term we should aim to leave
options untouched and execute special queries with temporary data
2015-11-25 09:59:27 +01:00
Sebastian Gierlinger
c53d31a059 Merge pull request #6082 from ErisDS/filter-plugin
Filter plugin
2015-11-17 12:32:56 +01:00
Hannah Wolfe
6a0f1cf231 Filter plugin with enforce/default logic
refs #5614, #5943

- adds a new 'filter' bookshelf plugin which extends the model
- the filter plugin provides handling for merging/combining various filters (enforced, defaults and custom/user-provided)
- the filter plugin also handles the calls to gql
- post processing is also moved to the plugin, to be further refactored/removed in future
- adds tests showing how filter could be abused prior to this commit
2015-11-17 10:39:44 +00:00
Hannah Wolfe
1a3ae578af Add filter param for tags & users
refs #5604

- `filter` is missing from tags & users - add it in and add tests which show it works
2015-11-16 18:16:59 +00:00
Hannah Wolfe
4dac01cbf9 Refactor old processOptions/where to use GQL JSON
refs #5943

- no longer assume the options in processOptions are set
- set where to a new GQL JSON-like statement object
- rather than setting options, add statements which can be understood by knexify
- pass the statements through knexify to build the query
2015-11-12 17:24:09 +00:00
vdemedes
6db41584e7 Add order parameter
refs #5602
- add "order" to default browse options
- parse order parameter in Base model
- accept "order" option in Post, User and Tag models
- add tests for posts order
- add tests for tags order
- add tests for users order
2015-10-28 14:14:03 +01:00
Hannah Wolfe
b8a3415726 Remove featured, tag, author & role API params
refs #5943

- removed featured, tag and author parameters from posts API
   - featured was only used in tests
- removed role filter from users API
   - role was only used in tests
- fixed up the tests, skipping those that don't quite work yet
2015-10-27 10:53:51 +00:00
Sebastian Gierlinger
f48dfb09cf Public API
refs #4180
closes #4181
- added client and user authentication
- added authenticatePublic/authenticatePrivate as workaround for
missing permissions
- added domain validation
- added CORS header for valid clients
- merged authenticate.js and client-auth.js into auth.js
- removed middleware/api-error-handlers.js
- removed authentication middleware
- added and updated tests
2015-10-22 15:28:47 +02:00
Delgermurun
a501711e71 Remove findAll from models that has findPage
closes #4577
- removed findAll from Post and User
- refactored deleteAllContent and data importer
2015-10-02 18:01:35 +08:00
Hannah Wolfe
6926e20478 Fix upgrade path from really old versions
closes #5692, refs felixrieseberg/Ghost-Azure#1

- fix broken promise code
- fix incorrect handling of hash in user.add which causes 'Error: Invalid salt version 2' if owner user fixture is not present
2015-09-02 16:39:13 +01:00
Hannah Wolfe
e9a96816ac Adding 'fields' param for browse requests
refs #5601, #5463, #5343

- adds rudimentary support for a 'fields' parameter on browse requests
2015-08-28 19:08:22 +01:00
Sebastian Gierlinger
44622d943d Refactor handlePermissions
no issue
- extract handlePermissions to utils
- added NoPermissionError when canThis() rejects
- omitted users.js because it uses special permission handling
2015-08-11 16:03:57 +02:00
cobbspur
69d020ce44 Fix signin errors
refs #5635

- fixes format for server errors
- changes signin-api validation errors to be text rather than alerts
2015-08-10 12:26:45 +01:00
Hannah Wolfe
76ebdfd4f9 Merge pull request #5539 from jomahoney/owner-perm
Changed admin permissions so Owner role only editable by itself
2015-07-11 11:33:17 +01:00
John O'Mahoney
bce5483ef3 Changed admin permissions so Owner role only editable by itself
closes #5521
- Added test for admin rejection of owner edit
- Added specific permissions so admins can edit Admin, Editor and Author
  roles
2015-07-10 20:46:00 +01:00
Rem Zolotykh
9323abbb44 Refactor changePassword and resetPassword
issue #5500
- make `changePassword` and `resetPassword` methods on `user` model
  consistent: use `object` and `options` arguments instead of multiple
  different arguments
- change User API `changePassword` method to use these new arguments
2015-07-07 22:03:17 +02:00
Hannah Wolfe
f6322da4c9 Use extends correctly & consistently
- extends clobbers the first argument you pass to it, so that should not be a variable that is used elsewhere, if you're also assigning the value, as it will have unintended side effects.
2015-06-25 19:56:27 +01:00
Hannah Wolfe
7761873db7 Abstract findPage & add pagination Bookshelf plugin
closes #2896

- move default options / custom code into model functions
- move most of the filtering logic into base/utils.filtering (to be relocated)
- move the remainder of findPage back into base/index.js and remove from posts/users&tags
- move pagination-specific logic to a separate 'plugin' file
- pagination provides new fetchPage function, similar to fetchAll but handling pagination
- findPage model method uses fetchPage
- plugin is fully unit-tested and documented
2015-06-22 10:20:47 +01:00
Hannah Wolfe
4cd2865021 Refactor pagination count query
refs #2896

- remove duplicate query-building code
- use the same approach for creating the count query from the main query
- restructure the code to match more closely across the 3 findPage functions (prep for further refactoring)
2015-06-15 19:24:47 +01:00
Hannah Wolfe
16f98ee80b Move pagination formatting into a util
refs #2896

- moves repeated code out of models
- creates a new file for unit-testable code (this should be moved in future)
- adds a default for `page` as that seems sensible
- adds 100% test coverage for the new file
2015-06-15 16:46:42 +01:00
Hannah Wolfe
177cdf1eb1 Misc cleanup: moving files & naming functions 2015-06-15 09:43:19 +01:00
cobbspur
261a862da1 Prevent multiple owner creation via importer
closes #4778

 - If import contains an owner that does not match original owner they are downgraded to admin
 - Change error message for locked users to more generic message to account for imported users
 - Adds duplicated user test
 - Process Roles and maps import roles to db roles
 - reduces export files in test fixtures

temp commit
2015-05-15 10:12:30 +01:00
Jason Williams
dae66d00be Upgrade grunt-jscs to fix whitespace linting.
No issue.
- grunt-jscs@1.8.0
- Fix formatting
2015-04-30 16:14:19 -05:00
Hannah Wolfe
e26e83d40a Refactor to remove author.email from API
refs #2330

- Pass through `options` to all toJSON calls on posts, tags, and users
- Use options.context.user to determine whether it's OK to return user.email
- Remove author.email handling code from frontend.js
2015-04-17 22:27:04 +01:00
Hannah Wolfe
196bbfce18 Refactor sitemaps to use centralised events
fixes #5104, refs #4348, #2263

- Create a centralised event module
- Hook it up for posts, pages, tags and users
- Use it in sitemaps instead of direct method calls
- Use it for xmlrpc calls
- Check events are fired in model tests
- Update sitemap tests to work with new code
- Fix a bug where invited users were appearing in sitemaps
- Move sitemaps and xmlrpc into a directory together
2015-04-05 19:32:18 +01:00
baogechen
351298b83b Add parent call in user.format to fix dateTime
closes #5066

- fix a problem that user model will fail to save if mysql has option of
STRICT_TRANS_TABLES
- add a parent call in user.format override function, which should fix
dateTime format before user saved.
2015-04-03 20:04:19 +01:00
Matt Enlow
e3fc748e92 Merge pull request #4986 from ErisDS/notification-fix
More serverside notificaiton HTML fixes
2015-03-03 14:13:04 -07:00
Hannah Wolfe
b7a80eb5fd Users should get 5 password attempts
closes #4987
2015-03-03 20:23:04 +00:00
Hannah Wolfe
884d766afe More serverside notificaiton HTML fixes
refs #4964, #4969
2015-03-03 19:57:27 +00:00
Jason Williams
7578d674ae Fixup finding user by role name
No Issue.
- Build up query object to lookup a user by the name of a role.  Return
  user with "roles" objects included.
- Add test for findOne by role.
2015-01-20 18:31:17 +00:00
Jason Williams
aee472eb65 Check all users when generating slug
No Issue
- Set 'status: all` when calling generateSlug from the user model
  so that all user slugs are checked for duplicates instead of
  only active users.
2015-01-16 06:56:53 +00:00
Jeremiah Hoyet
bbe3ceb025 Fixed issue where Gravatars with rating higher than G would cause a 404 error.
closes #4770
- Check for Gravatar now allows the highest rating for images
- Defaults to silhouette in the event a user deletes their Gravatar
- Allows highest rating for Gravatars (x), since Ghost should have no opinion on image ratings.
2015-01-08 19:34:28 -05:00
Jason Williams
5c6d45f258 Optimize model class methods
No Issue
- Reorder promise chains to defer database queries until they
  are needed.
- Execute database queries that are not dependent on each other in
  parallel instead of sequentially.
- Reduce the number of variables used to hold state across multiple
  promise blocks.
- Do not go async unless necessary.
2014-12-19 00:54:22 +00:00
Sebastian Gierlinger
40c78493a3 Password change MU
closes #4624
- added user_id to password reset request
- hide old password field
- updated changePassword method to check permissions
- updated changePassword method to work without oldPassword
- fixed bug for errors shown as [Object object]
2014-12-11 21:23:07 +01:00
Sebastian Gierlinger
319887c77b Merge pull request #4573 from ErisDS/limit-all-sitemaps
Add limit=all consistently to users, posts & tags
2014-12-04 09:45:33 +01:00
Hannah Wolfe
9b146e59bb Add limit=all consistently to users, posts & tags
refs #623, #4348

- this fixes sitemaps to list all posts, pages, tags and users
- makes the API behave consistently across all paginated resources
2014-12-03 18:46:26 +00:00
Sebastian Gierlinger
9b8141bb08 Merge pull request #4530 from ErisDS/issue-4498
API - no more m-2-m relation ids by default
2014-12-02 20:49:47 +01:00
Hannah Wolfe
4cb909542a API - no more m-2-m relation ids by default
closes #4498

- remove toJSON code which returns only IDs from objects
- don't auto-include tags & fields in post responses
- don't auto-include roles in user responses
- fix #allthethings that made assumptions about the auto-includes, or otherwise were only working because of the auto-include
2014-12-02 19:24:44 +00:00
Hannah Wolfe
c06e649ab1 Merge pull request #4554 from sebgie/issue#3872
URL safe base64 encoding
2014-12-01 16:56:14 +00:00
Sebastian Gierlinger
9ddabffa10 URL safe base64 encoding
closes #3872
- updated base64 escaping to respect + and \
- updated base64 escaping to remove = during transport
- updated tests
2014-12-01 16:59:49 +01:00
Jacob Gable
2cfa18475a Generate sitemap files
Closes #623

- Add basic init and eventing scaffold
- Add sitemap-index.xml generation
- Broke out generators to individual files, added request handler
- Add page, author and tag xml files; add index mapping
- Add SiteMapManager unit tests
- Add Generators tests
- Cache invalidation headers for sitemap-*.xml
- Redirect sitemap.xml to index and rename to sitemap-index
- Handle page convert and publish/draft changes
- Add very basic functional test for route existence
- Add cache headers to sitemap routes
2014-11-30 10:49:45 -08:00
sanddudu
904727a927 Fix gravatarLookup method
Closes #4511
- Add missing "return"
- Fix error handling
2014-11-25 21:30:53 +08:00
Hugo Jobling
11a0f01e25 Make tokens URL safe
Base64 encoding causes some issues when the token is URL encoded
as the = symbol is not a valid URL character. We replace any =
symbols with a - as this is valid in a URL, but is guaranteed
not to appear in a base64 string. This fix ensures that Ghost
password resets work with mail providers such as Mailgun that
add their own tracking redirects

closes #3872 (for real this time)
2014-11-20 11:38:43 +00:00
Victor Szeto
2e8e2ce367 Improve validation for user.website
closes #4444
- validate URL without protocol in server and client
- when saving url, add `http://` if the url doesn't have a protocol
2014-11-17 00:40:43 -05:00
Jason Williams
15fe121490 Fix gravatar request url.
Refs #4367
- 'http:' was accidentally left out when passing the gravatar
  URL into request, and request requires the full scheme to be present.
2014-11-16 04:33:33 +00:00
Jason Williams
a2e670cb0b Merge pull request #4320 from felixrieseberg/iss4235
Work with case-sensitive email addresses
2014-11-12 19:35:38 -06:00
Felix Rieseberg
af1d2201b0 Work with case-sensitive email addresses
Closes #4235
2014-11-12 17:18:53 -08:00
Jason Williams
8249d88cdd Timeout after two seconds on gravatar lookup.
Refs #4277
- Switch from the built-in http module to request and set
  a timeout of 2 seconds on gravatar lookup requests.
- Move request package from devDependencies to dependencies.
2014-10-30 20:01:11 +00:00
Felix Rieseberg
0025f3d6de Shorter user slugs (if possible)
Closes #4211
2014-10-01 23:27:21 +02:00
Harry Wolff
469aaa398c Add jscs task to grunt file and clean up files to adhere to jscs rules.
resolves #1920

- updates all files to conform to style settings.
2014-09-17 21:44:29 -04:00
Maurice Williams
3583515e44 adding config flags to control all items mentioned in PRIVACY.md
closes #3241
- in config.js, the `privacy` attribute holds all privacy-related flags
- `privacy.userTinfoil: true` disables everything (equivalent to setting all flags to false)
- added helper function to core/server/config/index.js to checking privacy flags
- added helper function to core/server/config/index.js to show warning about deprecated items
2014-09-13 12:04:01 -04:00
Jason Williams
07ad400ee0 Replace the when promise library with bluebird.
Closes #968
2014-08-23 17:15:40 +00:00
Harry Wolff
5ff2a31ce1 Move Models module to have an init method that sets up all models
resolves #2170

- creates a models.init() function that requires all other model files
and caches them.  This is opposed to the previous functionality where
when you require('./models') it would immediately require all other models.
Now it's done when you want.

- Updates all tests to reflect the new structure of the model module
2014-08-18 15:54:10 -04:00
Hannah Wolfe
5381db37cd Fix for bug where owner user has name owner
no issue

- in the case that the role is not being assigned, the code assumes it doesn't get a role..
2014-08-11 10:51:14 +01:00
Hannah Wolfe
8d46705dbb Disable user validation and errors on login
fixes #3658

- Catch any errors from user.save() events during login
- Prevent validation from happening at all when only updating status/last_login
- Fixes a problem I introduced with errors which are arrays in logError
2014-08-08 13:12:17 +01:00
Fabian Becker
9915fb1268 Fix revoke user invite and user.destroy
fixes #3630
- Extend user adapter in ember to load users with status: all
- Fix user.destroy by loading all users with status: all
2014-08-06 16:48:18 +00:00
Fabian Becker
a2d5105bcc Changing User.read API to default to active users.
refs #3542
- Properly handle forgotten screen (ember)
- Change Users API to only return active users on read
- Adjust tests
2014-08-06 00:30:48 +02:00
Felix Rieseberg
abf251212c Descriptive error if user by mail not found.
closes #3537
- Replaced generic NotFound error with descriptive NotFoundError.
2014-08-01 18:13:33 -07:00
Jason Williams
938b183707 Sanity check page parameter used in findPage
Closes #3510
- Make sure the page parameter is does not overflow the
  integer data type.
- Added tests.
2014-08-01 14:32:38 +00:00
Hannah Wolfe
756368721e Update importer for MU
closes #3285

- remove apps stuff for now
- if there is a single user, behave the same as before, overriding
  non-critical properties of the single owner user
- if there are multiple users, import them like normal resource
2014-07-31 23:14:57 +01:00
Hannah Wolfe
194d45fac6 Merge pull request #3480 from jaswilli/issue-3466
Update user roles in store after owner transfer
2014-07-31 15:39:48 +01:00
Hannah Wolfe
1c3cb1bb6a Merge pull request #3472 from morficus/issue-3401
custom slugging capabilities for individual user pages
2014-07-31 15:36:11 +01:00
Jason Williams
baf9138b27 Update user roles in store after owner transfer
Closes #3466
- Transferring the owner role is now done via a separate
  endpoint and not through Ember-Data.  As a result the
  user role data needs to be updated manually.
- Updated the owner endpoint to return a response body
  containing the updated user objects.
- Updated tests.
2014-07-31 13:41:10 +00:00
Maurice Williams
489cd08d97 custom slugging capabilities for individual user pages
closes #3401
- modifying slug-generator to be more generic
- adding slugging capabilities for /settings/users/:slug
- modified posts to use the updated slug-generator
2014-07-31 08:14:22 -04:00
Hannah Wolfe
eecbdc1693 User edit & add endpoints cleanup
- edit and add endpoints don't assume role
- edit and add endpoints cope with no role, role objects, and strings
- resend user invite was failing at one point due to no role being sent, but this shouldn't be required
- other random api cleanup
2014-07-31 12:37:48 +01:00
Gabor Javorszky
8487dada0b Implement user and related content deletion
Closes #3100

* Introduces `destroyByAuhor`, given a context and an id, it will check if context has permission to delete the user by the id, and then deletes all the content where `author_id` is id, and then deletes the user
* Does multiple checks to make sure user exists
* Added a fixture `posts:mu` that creates 4 users belonging to 4 roles, 50 posts that have authors evenly distributed, 5 tags and all 50 have one tag attached to it, evenly distributed.

Caveats / questions

* Started testing
2014-07-31 03:48:59 +01:00
Hannah Wolfe
5dc457b417 Merge pull request #3443 from halfdan/30850-users-api
Users API advanced browsing
2014-07-30 22:47:55 +01:00
Hannah Wolfe
5d3788ffe6 Merge pull request #3457 from sebgie/issue#3426
Transfer ownership end point
2014-07-30 22:26:42 +01:00
Fabian Becker
d4fdb07d9c Users API advanced browsing
closes #3085
- active and invited include multiple statuses when fetching
- adjusted data generator
2014-07-30 16:59:27 +00:00
Sebastian Gierlinger
ded6aa6ac0 Transfer ownership end point
closes #3426
- added transfer ownership endpoint
- added owner to roles.permissible
- manually removed owner from roles.browse
- removed hard coded author role
- fixed tests that were passing due to hard coded author role
- added testUtils.setup(‚roles‘)
2014-07-30 17:40:30 +02:00
Hannah Wolfe
57a5444335 User API ability to filter users by role
refs #3446

- This only covers the API changes needed for #3446
2014-07-30 15:02:25 +01:00
Maurice Williams
e15fb9ed57 Error when inviting users
fixes #3433
- passing only the role ID when creating a user
- uncommenting test cases
2014-07-29 00:06:40 -04:00
Hannah Wolfe
987e9277dc User edit, add & destroy perms restricted by role
closes #3096, closes #3378, refs #3100

- user.permissible updated to reflect proper permissions
- small amount of API refactoring to handle extra cases
- extensive integration testing
2014-07-28 08:32:04 +01:00
Hannah Wolfe
4e3b21b7da Permissions Improvements
refs #3083, #3096

In order to implement advanced permissions based on roles for specific
actions, we need to know
what role the current context user has and also what action we are
granting permissions for:
- Permissible gets passed the action type
- Effective permissions keeps the user role and eventually passes it to
  permissible
- Fixed spelling
- Still needs tests
2014-07-28 06:29:59 +01:00
Felix Rieseberg
0b39df777b Signin: Proper notification if user not found
closes #3374
- If user object is returned but undefined, we'll display a
human-readable
error notification (user model)
- If user object is returned, but the user is inactive or invited (but
not
activated), we'll display a human-readable error notification
2014-07-24 11:34:52 -04:00
Jason Williams
8a2d50b871 Improve handling of users and roles in admin
Closes #3083 Refs #3229
- Populates the dropdown list in the invite user menu with the
  list of roles a user is permitted to create.
- Users API now checks the invite user request for allowed roles.
- Change API response from 200 to 201 on successful invitation.
- Change API response from 500 to 201 when the user was created but
  the email was not sent.  The client will show a warning notification
  when it sees 'invite-pending' as the new user's status.
- Add support for "?status=all" to the /users endpoint.
- Refactor the route and controller for the /settings/users page so
  that there's only one network API call to load users instead of two.
2014-07-24 14:20:47 +00:00
Sebastian Gierlinger
fa054a8eba Fix incorrect error
closes #3373
- added check if role is already assigned
- added check for unknown fields to fixDates/fixBools
- permissions are not implemented yet, so everyone is able to edit
owner ;-)
2014-07-24 10:17:10 +02:00
Jason Williams
739b57e05b Update Users API to handle role objects or ids
Closes #3357
- API method User#edit now handles User objects that have either
  an array of Role ids or objects.
- Fixed error handler notification on upload modal controller.
2014-07-22 05:48:16 +00:00
Sebastian Gierlinger
28b03ec87e Add edit roles
refs #3087
- added ability to edit user/roles relation
- user is not allowed assign roles to himself
- only one role per user is supported atm
- added tests
2014-07-21 22:50:43 +02:00
Maurice Williams
a8ca517c54 Pagination for Users Management screen
closes #3222
- implementing server-side pagination for /users API
- passing /users?limit=none will return all users
- passing /users?status=invited will filter base on user status
- creating 3 mixins (route, controller and view) to keep pagination logic DRY
- updating route, controller and view for Posts to use new mixing
- implementing infinite scrolling for Users Management screen (using new mixins)
- Users Management screen displays all invited users, but paginates active users
2014-07-21 14:03:26 -04:00
John O'Nolan
d10771b711 Larger default gravatar images 2014-07-20 18:50:07 +02:00
Hannah Wolfe
6e48275160 Extending context concept to models
fixes #3275, fixes #3290, ref #3086, ref #3084

- Ensure that we use the current logged in user and not just user 1 when
- removing hard coded user: 1 except where absolutely necessary
- passing context, rather than user to models
- base model has a new function to determine what id to use for created_by etc
2014-07-18 15:32:56 +01:00
Sebastian Gierlinger
42f461cb6d Restored spam prevention
closes #3128
- added spam prevention middleware
- restored tests
2014-07-17 14:22:07 +02:00
Hannah Wolfe
5c1a7a7349 Revert "Restore spam prevention" 2014-07-17 12:11:23 +01:00
Sebastian Gierlinger
e4e027d17b Restored spam prevention
closes #3128
- added spam prevention middleware
- restored tests
2014-07-16 10:00:49 +02:00
Hannah Wolfe
b03ecd9ebc Use bookshelf's model registry plugin
Refs #2170

This removes the circular dependency problem from our models thanks to
https://github.com/tgriesser/bookshelf/issues/181
- add the registry plugin
- switch all models and collections to be registered
- switch relationships to be defined using a string, which calls from the registry
2014-07-13 18:18:25 +01:00
Sebastian Gierlinger
8c2258dc4c Move setup to API
closes #3136
- moved setup to authentication API
- added `POST /ghost/api/v0.1/authentication/setup` to execute the
setup process
- added `GET /ghost/api/v0.1/authentication/setup` to check if blog is
already set up (needed for #3145)
- removed unused methods from api/users.js
2014-07-11 14:17:09 +02:00
Sebastian Gierlinger
215badc663 Setup hijacks owner user
closes #3074
- user generated by fixture is hijacked
- user is updated with name, email, password, slug and status
- creates new user if db is migrated but no user exists
- previously removed tests are back
2014-07-10 19:29:51 +02:00
Sebastian Gierlinger
5e4fae6f11 Add owner fixture
closes #3073
- added fixture for owner role
- added fixture for initial user (new db)
- added conversion administrator -> owner (existing db)
- changed tests to take over owner user
- removed some functional tests until /setup works with owner user
2014-07-10 12:00:51 +02:00
Sebastian Gierlinger
035fb04d34 closes #3197
- added role to user obj (only returned from the user endpoint)
- added `/users/?include=roles` and
`/users/?include=roles,roles.permissions` query parameters
- added and updated tests
2014-07-08 18:00:59 +02:00
Sebastian Gierlinger
84cfd529ed Allow user to accept invitation
closes #3081
- added route `/ghost/api/v0.1/authentication/invitation`
- added accept invitation
- added signup with token
- removed check() from users api
- fixed promise in resetPassword()
2014-07-03 17:06:07 +02:00
Sebastian Gierlinger
79a80b67ac Invite user API
closes #3080
- added users.invite() to add user from email with random password
- added `GET /ghost/api/v0.1/users/` to invite users and resend
invitations
- removed one user limit
- added global utils for uid generation
- changed some „“ to ‚‘
2014-07-02 16:22:18 +02:00
Sebastian Gierlinger
c8e8da4780 oAuth
closes #2759
closes #3027

- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based

Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125

**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
2014-06-30 14:58:10 +02:00
Sebastian Gierlinger
1db0431e4d User API changes
closes #2822
- added destroy user method
- added remove user permission
- added API end point for get reset token
- added API end point for reset password
- added API end point for change password
2014-06-20 11:15:01 +02:00
Jason Williams
9a9593536d Update when.js dependency to version 3.2.3 2014-06-16 04:11:22 +00:00
Hannah Wolfe
c02ebb0dcf Refactor API arguments
closes #2610, refs #2697

- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
  everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
  to perform reads, updates and deletes where possible - settings / themes
  may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-15 10:41:05 +01:00
Jacob Gable
0dc6dc29a7 Add apps permissable checks in posts and users
Closes #2738

- Re-introduce the TargetModel.permissable interface check in the
regular permission flow path
- Pass loadedPermissions, hasUserPermission and hasAppPermission to
permissable interface to reduce logic necessary
- Refactor recursive call to pass original arguments but with actual
model
- Refactor canThis(this.user) use in api/posts.js to just canThis(this)
2014-05-14 09:22:25 -05:00
Sebastian Gierlinger
fd0f5a5028 Add distinct error classes
closes #2690
- added new error classes
- moved errorhandling.js to /errors/index.js
- changed API errors to use new classes
- updated tests
2014-05-09 12:11:29 +02:00
David Arvelo
87cda81c84 Sanitize models' attributes/options before passing to bookshelf/knex
closes #2653
- enforce strict whitelists for model methods
- create a class method that reports a model method's valid options
- create a class method that filters a model's valid attributes from data
- create a class method that filters valid options from a model method's options hash
2014-05-06 23:02:49 -04:00
Sebastian Gierlinger
b98709b3ce Refactor omit of password
- remove password in toJSON() instead of filtering every occurrence of
user
- changed faulty error type ‚NotFound‘ to ‚NoPermission‘
2014-05-06 12:14:58 +02:00
Hannah Wolfe
31fc84cefb Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-06 00:36:42 +01:00
Hannah Wolfe
f2071eedb2 Move user API to primary document format
closes #2593

- added new format to user API methods
- changed all places where the user api was used
- updated tests and added more coverage
- little bit of cleanup in utils/api
2014-05-02 20:50:44 +01:00
Hannah Wolfe
3eb284e4b5 Update & grunt-groc and fix docs errors
issue #2622

- Updated grunt-groc to 0.4.5
- Fixed the few places which made the docs fail to generate
- There is still a mix of styles
2014-04-21 19:04:20 +01:00
Sebastian Gierlinger
e47e9c62d0 Add permissions to API
closes #2264
- added permissions check to db, users and posts
- added register method to users
- added doesUserExist method to users
- added user from session to internal calls
- changed permissible to overwrite canThis
- removed action map and action type from permissable method
2014-04-16 18:22:22 +02:00
Sebastian Gierlinger
61e94a6e8b Use current user in models
closes #2058
- fixed apiContext as suggested in the issue
- added user to options object for models
- added api.users.register() for public registration
- changed models to use options.user for created_by, updated_by,
author_id and published_by
- added override to session model to avoid created_by and updated_by
values
- added user (id: 1) to tests
- added user (id: 1) for registration
- added user (id: 1) for import, fixtures and default settings
- added user (id: 1) for user update
- added user (id: 1) for settings update (dbHash, installedApps, update
check)
- updated bookshelf to version 0.6.8
2014-04-16 18:20:09 +02:00
Jacob Gable
9369dd3bf7 Add app permission checking to canThis
- Pass permissions loading to buildObjectTypeHandlers to eliminate
shared state
- Load both app and user permissions to check
- Check app permissions if present
- Create apps table and App model
- Move effectiveUserPermissions to permissions/effective
- Change permissable interface to take context; user and app.
- Add unit tests for app canThis checks and effective permissions
2014-04-16 18:06:39 +02:00
Matt Enlow
f8d90f1cc6 Added populate last login time
closes #2515
- sets last_login when user is saved if user status changed to active
- added integration test in user Basic Operations
2014-03-27 12:29:43 -06:00
Hannah Wolfe
438cbab68e Ensure generateSlug gets transaction for tags
fixes #2460

- add transacting to tag saving
- add same to users while we're here
2014-03-25 11:14:17 +00:00
Jonathan Johnson
e4bb6d08cc Update validator to 3.4.0
Closes #1379

- Convert to new api usage for both server-side and client-side
- Provide way require a negative response for boolean methods in
  default-settings.json
- Add field validation functional tests
  - Settings (General)
    - Title length validation
    - Description length validation
    - postsPerPage, numeric, min, max
  - Settings (User)
    - Bio Length validation
    - Location length validation
    - Url validation
  - Login
    - Email validation
  - Editor
    - Title required validation
2014-03-04 13:54:24 -07:00
Fabian Becker
1a9e91f120 Replace JSLint with JSHint.
closes #2277
- Added ES6 linting to core/client/
- Fix typeof array comparison
2014-03-04 15:47:39 +00:00
Sebastian Gierlinger
ac7f4f05c4 Add validation from schema.js
closes #1401
- added data/validation/index.js
- added generic validation for length
- added generic validation for nullable
- added validations object to schema.js for custom validation
- removed pyramid of doom from api/db.js
2014-02-19 18:32:23 +01:00
Sebastian Gierlinger
ea6c601b01 Improvements for models
#closes #1655
- removed models as parameter for bookshelf-session
- changed to read permittedAttributes from schema.js
- changed updateTags to be executed at saved event
- added validate to execute after saving event
- added test for published_at = null (see #2015)
- fixed typo in general.hbs
2014-02-19 14:57:26 +01:00
John-David Dalton
6eab7b3f92 Replace underscore with lodash. 2014-02-06 14:08:34 +00:00
Sebastian Gierlinger
d28bf3de4c Improve password reset token
no issue
- added check that a combination of email + expires is rejected after
10 attempts
- changed comparison to time independent method

Thanks to @chiiph for reporting this issue!
2014-01-30 13:00:30 +00:00
Hannah Wolfe
6098b83152 Adding case-insensitive User.getByEmail method
fixes #1498

- emails are no longer converted to lowercase, local mailbox can validly
  be mixed case
- getByEmail uses JS to compare emails to ensure we can support unicode
- tests that users can be retrieved by their email address with case
  insensitivity
2014-01-15 10:39:40 +00:00
Harry Wolff
a1f64d2f1f Extending halfdan’s work for UX settings improvements
#1351

- prevent a new post (not saved on server) from
updating its slug/date to the server

- fix jshint

- add back creation of a posts slug upon a post creation

- update for rebasing

- hide ability to ‘delete this post’ from post settings
menu when a post hasn’t yet been saved to the server
2014-01-06 21:33:24 -05:00
Hannah Wolfe
3f9b0fa618 Disable xss santization
issue #1378
fixes #1328

- xss santization does some odd things. This isn't needed until we have multi-user support, and we are investigating better solutions.
2014-01-06 20:17:20 +00:00
Hannah Wolfe
4bac1e3672 Fix gravatar retrieval
fixes #1778

- use http for initial request, store url with no schema
2014-01-01 18:10:55 +00:00
Sebastian Gierlinger
05ca5edeeb Remove fixed scheme from gravatar url
no issue
- removed scheme from gravatar url

Reason:
Gravatar supports ssl and the fixed scheme will cause ‚insecure
content‘ warnings.
2013-12-17 17:21:00 +01:00
Gabor Javorszky
c515e20ea3 Adds login limiter
Closes #499
* On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked`
* On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords.
* login attempts tell user how many attempts she has remaining in notification box
* successful login will reset status to `active`
* resetting password with forgotten password emailed token resets status to `active`
* complete with a test suite
2013-11-29 01:24:25 +00:00
Jacob Gable
34e453039b Improved Password Reset Tool
Closes #1471

- add api and User model methods for generating and validating tokens
- add routes and handlers for reset password pages
- add client styles and views for reset password form
- some basic integration tests for User model methods
2013-11-22 10:46:19 -06:00