no issue
- many routes were attaching classes to the `<body>` tag via the `StyleBody` mixin but those classes were never used and applied inconsistently throughout the app
no issue
`ember-light-table` is falling behind Ember.js and other addon development and is increasingly causing issues with Ember deprecations and addon incompatibility.
- swaps `ember-light-table` usage for a straightforward table using `vertical-collection` for occlusion
- uses the same loading mechanism as the members screen with a slight optimisation where the initial load will fetch subscribers in batches of 200 until they are all loaded
- removes now-unused pagination mixin
- fixes duplicate subscriber validation handling
no issue
- the new version of our Zapier App uses API Key auth so we need to expose the details on the Zapier integration screen
- extracted `copyTextToClipboard` into a util function
- added `integrationModelHook` method to `settings.integrations` controller to remove duplication in the `settings.integration` and `settings.integration.zapier` routes
- fixed missing "Zapier" title token
no issue
- return a basic "guid" from the site's `model` hook so that we have some data which changes on each refresh
- add an action to the wrapper element of the "view site" link which will cause the route to refresh when clicked if we're already on the route
- move the site iframe into a component so that it can watch an @uuid property and force a reset of the iframe's `src` when it detects a change
no refs.
- added "View site" as the first and default menu item in navigation bar to be able to browse the site without leaving the Admin
- rearranged left sidebar items according to new structure (moved Labs down to bottom)
- removed "View site" from publication main menu because it's become redundant
- added Night shift toggle in line with Labs menu to be able quickly access it
no issue
- ran [es5-getter-ember-codemod](https://github.com/rondale-sc/es5-getter-ember-codemod)
- [es5 getters RFC](https://github.com/emberjs/rfcs/blob/master/text/0281-es5-getters.md)
- updates the majority of `object.get('property')` with `object.property` with exceptions:
- `.get('nested.property')` - it's not possible to determine if this is relying on "safe" path chaining for when `nested` doesn't exist
- `.get('config.x')` and `.get('settings.x')` - both our `config` and `settings` services are proxy objects which do not support es5 getters
- this PR is not exhaustive, there are still a number of places where `.get('service.foo')` and similar could be replaced but it gets us a long way there in a quick and automated fashion
no issue
- `/config/` can only be requested when authenticated
- updated `/config/` mock to look for an Authentication header and return a 403 if it's missing
- updated `ajax` service to add an `Authentication` header when authenticated in testing env (cookies are not present when testing)
- updated `config` service to add `fetchUnauthenticated()` and `fetchAuthenticated()` methods in addition to `.fetch()`
- updated `application` route to only fetch authenticated config when authenticated
- updated `signin` controller to correctly fetch config after sign-in
refs. [d6c22df](d6c22df6d7)
- added icons for members and pages
- improved view site link visibility
- added view site to logo dropdown
- updated all navigation and logo menu icons
- rename 'team' to 'staff'
- lots of design refinement and update (colors, shadows)
no issue
- added `page` model
- removed `page` param from Post model
- added pages screen with associated links
- added `:type` param to editor screens to work with the right models
- removed post<->page toggle and associated tour item
closes https://github.com/TryGhost/Ghost/issues/9868
- place email field directly above password field
- enable email field and do not set an initial value requiring user to type-in/auto-fill the email for Chrome to recognise it
no issue
- don't nest details route as it's not nested UI
- implement styled list of members
- add `<MemberAvatar>` component that generates random background colour and initials based on member name
- fixed generation of fake member details in mirage
closes https://github.com/tryghost/ghost/issues/10088
* added `updateDocumentTitle` action to base route and replace usage of `.send('collectTitleTokens, [])`
* added `.titleToken()` method to editor route to add post title to document title
* called `.send('updateDocumentTitle')` after saving post title in editor controller to keep document title in sync
* updated editor controller test for latest ember-mocha and ember-test-helpers
closes https://github.com/TryGhost/Ghost/issues/10307
- removed infinite scroll from the team screen
- adjusted team screen behaviour to pull from the local cache and update in the background to speed up navigation to the screen
- use `{{vertical-collection}}` to render the users list for faster initial render with many users
no issue
- bump green (patch) deps
- bump ember-fetch
- bump ember-simple-auth
- bump broccoli-asset-rev
- bump ember-ajax
- bump yarn.lock sub-dependencies
Only a partial dependency upgrade but fixes production build error that was introduced in https://github.com/TryGhost/Ghost-Admin/pull/1044 so merging as-is.
no issue
- upgrade to latest `ember-source` and related dependencies including `ember-cli`
- upgrade to latest `ember-mocha` and modern ember testing setup
- https://github.com/emberjs/rfcs/blob/master/text/0268-acceptance-testing-refactor.md
- switch from using global acceptance test helpers and `native-dom-helpers` to using the new `ember-test-helpers` methods
- use [`chai-dom`](https://github.com/nathanboktae/chai-dom) assertions where in some places (still a lot of places in the tests that could use these)
- pin `ember-in-viewport` to 3.0.x to work around incompatibilities between different versions used in `ember-light-table`, `ember-infinity`, and `ember-sticky-element`
- incompatibilities manifested as "Invalid value used as weak map key" errors thrown when using `ember-light-table` (subscribers screen)
- pin `ember-power-datepicker` to unreleased version that contains a move from global acceptance test helpers to modern test helpers
refs https://github.com/TryGhost/Ghost/issues/10137
- when closing the edit webhook modal we were rolling back the changed attributes of the webhook model but not clearing the errors object which meant a validation error was shown when re-opening the edit webhook modal
- add `reset()` method to the webhook edit controller and call that when leaving the edit route instead of only rolling back the changed attributes
closesTryGhost/Ghost#9942
- move custom integrations UI out from behind the developer experiments flag
- put Admin API key and web hook secret fields behind the developer experiments flag
- do not show "unsaved changes" modal when adding/editing a webhook
- fixed all webhooks showing for each custom integration
requires https://github.com/TryGhost/Ghost/pull/10033
- added `settings.integration.webhooks.edit` route
- `/integrations/:integration_id/webhooks/:webhook_id`
- added error handling to the webhook form modal that copes with the actual errors we get back from the server
- added `event-name` helper to display humanised event names in the webhooks list
- added delete button to the webhooks list and associated confirmation modal
refs https://github.com/TryGhost/Ghost/issues/9865, https://github.com/TryGhost/Ghost/issues/9942
- `integration`, `api-key`, and `webhook` models and respective mirage mocks
- moves integration routes around to match ember's concept of nested routes (nested routes reflect nested UI not nested URLs)
- adds custom integrations list to integrations screen
- adds custom integration screen
- allow editing of integration details
- show list of webhooks
- webhook creation modal
NB: the `enableDeveloperExperiments` flag needs to be enabled in the `config.development.json` file for the custom integrations UI to be displayed until it's out of development.
refs #9865
- removed all `oauth2` and token-based ESA auth
- added new `cookie` authenticator which handles session creation
- updated the session store to extend from the `ephemeral` in-memory store and to restore by fetching the currently logged in user and using the success/failure state to indicate authentication state
- ESA automatically calls this `.restore()` method on app boot
- the `session` service caches the current-user query so there's no unnecessary requests being made for the "logged in" state
- removed the now-unnecessary token refresh and logout routines from the `application` route
- removed the now-unnecessary token refresh routines from the `ajax` service
- removed `access_token` query param from iframe file downloaders
- changed Ember Data adapters and `ghost-paths` to use the `/ghost/api/v2/admin/` namespace
no issue
- after un-nesting the built-in integration routes they no longer had the automatic redirect for non-admins
- added our non-admin redirect behaviour to all of the integration routes
- added our non-admin redirect behaviour to the Zapier route which didn't even have an authenticated redirect previously
- added acceptance test for Zapier route so verify the new behaviour
- wrapped the Zapier widget `<script>` tag in an "is testing" conditional so that the external script doesn't get loaded during tests
no issue
- integrations index screen no longer needs to reload the settings cache
- individual built-in integration routes should handle their own reloading if necessary (eg, zapier doesn't need any settings so doesn't need a delay or loading template)
- built-in integration routes are no longer nested and so need their own loading templates
closes https://github.com/TryGhost/Ghost/issues/9868
- moved submit action to the `<form>` which allowed removal of the per-input enter key handlers
- changed submit button to trigger the form submit
- improved markup for password managers
- linked labels with inputs
- changed button to a "submit" type and linked it with the form
- added hidden email input at the bottom of the form in case password managers do not take disabled inputs into account
refs https://github.com/TryGhost/Ghost/issues/9724
- when Koenig is active, toggle `ui.isFullscreen` when entering/leaving the editor route
- add `ui.isFullscreen` to the `showNavMenu` CP in the application controller
- when in fullscreen mode, display a "< Stories" link in the editor header
- refine editor header style
no issue
- `staticPages` API param is deprecated in favour of using the `filter` param
- switched `status` query to param to the `filter` param as well for consistency
refs https://github.com/TryGhost/Ghost/issues/9724
- add `ember-useragent` package so that we can check the user agent screen for known-incompatible browsers/devices
- show alerts for Edge, mobile browsers, and IE11 when accessing the editor with Koenig enabled
closes https://github.com/TryGhost/Ghost/issues/9582
- clear the `post` model on the `editor` controller when swapping models to avoid the editor contents and the editor loading state being displayed simultaneously
no issue
- after the ember bump the `signin` route's `deactivate` hook started throwing errors - `Property set failed: object in path "signin" could not be found or was destroyed.`
closes https://github.com/TryGhost/Ghost/issues/9603
- don't add a `setTitle` method on the router and instead call `window.document.title` directly so that we don't have to access `Route#router` (throws deprecation) or `Route#_router` (private and may break without notice)
refs https://github.com/TryGhost/Ghost/issues/9571
- use `replaceWith` rather than `transitionTo` so that the back button still works and doesn't immediately throw you back to the 404 page
- use the new `router` service to avoid deprecation notices
- update the regex replacements to work with `#` urls
no issue
- disabled Ember Simple Auth's default token revocation
- we trigger session invalidation on a 401 which means our token isn't valid so the revoke requests will also fail
- renamed application route's `invalidateSession` to `logout` in order to distinguish it from any ESA methods
- added the token revocation requests to this action, we can be fairly sure at this point that the current tokens will be valid so the requests will succeed
- added check to `ajax.handleResponse` so that we don't invalidate the session for requests to external services
- removed pointless assertion from the ajax integration test
no issue
- we need `?filter=authors:foo` to match all posts where `foo` is an author, the previous `?filter=author:foo` will only match posts where `foo` is the primary author
requires https://github.com/TryGhost/Ghost/pull/9426
- fixed default token component display in {{gh-token-input}}
- if no `tokenComponent` is passed to `{{gh-token-input}}` then it should default to the ember-drag-drop `draggable-object` component but instead it didn't output anything
- put `draggable-object` in quotes because `{{component}}` needs a component name rather than an object
- rename `option` attribute to `content` to match the default `{{draggable-object}}` interface
- add embedded `authors` attr to the Post model
- ensure authors is populated when starting new post
- add validation for empty authors list
- swap author dropdown for a token input in PSM
- show all post authors in posts list
- update tests for `authors`
- always provide through an authors array
- fix mirage serialisation for paginated responses (embedded records were not being serialised)
- unify tags and author inputs design
- remove highlight of primary tags
- highlight internal tags
- remove unnecessary/redundant title attributes on tags
- use SVG icon for "remove option" button in token inputs
closes https://github.com/TryGhost/Ghost/issues/9493
- bump `ember-infinity` to 1.0.0-alpha for Ember Data 3.0 support
- update posts and users routes for change in API
- bump `ember-in-viewport` to 3.0.0 (fixes offset on posts screen with new version of ember-infinity)
refs https://github.com/TryGhost/Ghost/issues/9314
* added save button for contributor
* hide tag filter & redirect to posts.index if post is published
* update editor controller test to need session service
closesTryGhost/Ghost#8287closesTryGhost/Ghost#8750
- moved all editor model functionality into the new `editor` route+controller
- moved editor template from `editor/edit.hbs` to `editor.hbs`
- refactored `editor` controller and the `editor.new`/`editor.edit` routes to work with a persistent editor rather than a teardown/re-render when transitioning from new->edit
- fixed issue in `{{gh-markdown-editor}}` for `autofocus` behaviour when the component isn't re-rendered
- fixed issue in `{{gh-simplemde}}` that was causing multiple updates to the `value` property when a new value is passed in to the component
- added `{{gh-scheduled-post-countdown}}` component to lower the noise in the editor controller
- removed editor route/controller mixins
- removed the `editor.edit` and `editor.new` controllers
closes https://github.com/TryGhost/Ghost/issues/9394
- add `application-error.hbs` template so that we show an error screen for errors during app boot
- track the application route loading state so that we can fall back to the default error handling for errors that usually only show an alert
refs https://github.com/TryGhost/Ghost/issues/5071
Upgrade messages are now shown on the About screen rather than as alerts. Notifications that are marked as `top` or `custom` are still shown as alerts to allow for certain upgrade messages to be given more visibility.
- remove old `upgrade-notification` service
- update the `upgrade-status` service:
- add a `message` property that contains an upgrade notification if any exists
- add a `handleUpgradeNotification` method that accepts a Notification model instance and extracts the `notification.message` property into a html safe string for use in templates
- when loading server notifications during app boot, pass notifications that aren't marked as `top` or `custom` to the new `handleUpgradeNotification` method
- update the `about.hbs` template to pull the upgrade message from the `upgradeStatus` service
no issue
The markdown help link was removed from the sidebar so the only link to toggle the markdown help modal is now the markdown editor yet we we still had a more general implementation with a confusing pass-through of closure actions.
- move the markdown modal toggle and display into the `{{gh-markdown-editor}}` component
closes https://github.com/TryGhost/Ghost/issues/9234
- add `featured` badge to stories/pages that have the featured flag
- add "Featured posts" to the post type filter dropdown
- simplified badge logic in `{{gh-posts-list-item}}`
no issue
- upgrade `ember-ajax` to 3.0.0
- `ember-ajax` [now passes the payload through directly](https://github.com/ember-cli/ember-ajax/releases/tag/v3.0.0) rather than trying to normalize it so all our error handling needed to be updated
closesTryGhost/Ghost#9119, refs TryGhost/Ghost#8483
- Apps - AMP
- Added `leave-settings-modal` component to Settings - Apps - AMP
- Apps - Slack
- Added `leave-settings-modal` component to Settings - Apps - Slack
- Added a `triggerDirtyState` action that will uses a new Array with the input data to trigger the dirty state on the parent settings model
- Apps - Unsplash
- Added `leave-settings-modal` component to Settings - Apps - Unsplash
- Used manual tracking of changes with using a custom `dirtyAttributes` property and a `rollbackValue` to manually rollback the `isActive` attribute on the model
- Code injection
- Added `leave-settings-modal` component to Settings - Code injection
- Design
- Added `leave-settings-modal` component to Settings - Design (only for navigation model)
- Used manual tracking of changes with using a custom `dirtyAttributes`
- Added an additional `updateLabel` action to underlying `gh-navitem` component which gets fired on the `focusOut` event, to detect changes on the label
- Team - User
- Added `leave-settings-modal` component to Team - User
- Used manual tracking of changes with using a custom `dirtyAttributes` to track changes in slug and role properties
closes https://github.com/TryGhost/Ghost/issues/6458
- swap `ember-sortable` for `ember-drag-drop` in navigation UI
- extract PSM tag input into new `{{gh-psm-tags-input}}`
- add new `{{gh-token-input}}` that wraps `ember-power-select` and `ember-drag-drop` to replicate the previous selectize based tags input
- enhance `{{gh-psm-tags-input}}` behaviour to highlight selected primary tag and show "primary/internal" in selected tag titles
- 🔥 remove `selectize`
- 🔥 remove `jquery-ui`
- 🔥 remove unused `{{gh-navigation}}` component
no issue
Automated tools, code generators, and editor integrations are increasingly standardising on the import style used in `ember-modules-codemod`. Our import style differed a little with regards to service/controller injection imports which meant we were starting to see inconsistent naming.
refs TryGhost/Ghost#9150
- added a new validator for password validations that will take care of the rules client side
- Passwort rules added:
- Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm
- Disallow passwords that contain the words "password" or "ghost"
- Disallow passwords that match the user's email address
- Disallow passwords that match the blog domain or blog title
- Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example.
- When changing the own password, the old password is not affected by the new validations
- Validation are running on
- setup
- signup
- password change in Team - User (only new passwords are validated)
- passwort reset
closesTryGhost/Ghost#8483
- Added a new modal component that gets rendered when leaving general/settings after changes have been done but not saved
- Removed independent saving logic for social URL for consistent UX
closes https://github.com/TryGhost/Ghost/issues/9074
- remove unused pagination route attrs that were interfering with routing service - these were a pre-1.0 hangover from when the tags screen had infinite scroll
- change `Posts` to `Stories` in the search dropdown for consistency
- add general fix for `adapter returned an array for the primary data of a 'queryRecord' response` deprecations by ensuring that `normalizeResponse` in our application serializer transforms the array we get from the server into a "single" JSON-API response
- this deprecation was being triggered when loading a tag route directly
- fix `defaultValue` complex object deprecations raised from `Setting.unsplash` attr
no issue
- Unsplash integration is enabled by default for all users
- it's no longer necessary to create your own Unsplash application and configure your application ID
refs https://github.com/TryGhost/Ghost/issues/8958
- Ghost OAuth isn't coming back, time for the code to disappear and simply all the things
- fixes the `Usage of router is deprecated` notices that flood the console/test logs when testing
no issue
- add eslint-plugin-ember, configure no-old-shims rule
- run `eslint --fix` on `app`, `lib`, `mirage`, and `tests` to move imports to the new module imports
- further cleanup of Ember globals usage
- remove event-dispatcher initializer now that `canDispatchToEventManager` is deprecated
closes https://github.com/TryGhost/Ghost/issues/8859, requires https://github.com/TryGhost/Ghost/pull/8895
- adds Unsplash app to app settings
- enable/disable toggle
- validation and testing of Unsplash App ID
- Unsplash App ID field hidden if provided via Ghost config
- adds `fetchPrivate` method to `config` service to pull config that requires authentication and updates authentication routines to fetch private config
- adds Unsplash buttons to editor toolbar and `{{gh-image-uploader}}`
- only present when Unsplash app is enabled
- opens Unsplash image selector when clicked
- `{{gh-image-uploader}}` has a new `allowUnsplash` attribute to control display of the unsplash button on a per-uploader basis
- adds Unsplash image selector (`{{gh-unsplash}}`)
- uses new `unsplash` service to handle API requests and maintain state
- search
- infinite scroll
- zoom image
- insert image
- download image
- adds `{{gh-scroll-trigger}}` that will fire an event when the component is rendered into or enters the visible screen area via scrolling
- updates `ui` service
- adds `isFullscreen` property and updates `gh-editor` so that it gets set/unset when toggling editor fullscreen mode
- adds `hasSideNav` and `isSideNavHidden` properties
- updates `media-queries` service so that it fires an event each time a breakpoint is entered/exited
- removes the need for observers in certain circumstances
no issue
- moves general UI state control such as menu display, autonav, settings menu, etc into a `ui` service for easier use within components
- no longer required to jump through hoops passing state and actions down from application controller into components
- removes indirect "route" actions in favour of calling actions/methods directly on the `ui` service
refs TryGhost/Ghost#8723
- #795 contained a regression where the body focus was lost during the new->edit transition because at that point `model.isNew` is false
- returns `shouldFocusEditor` code that was removed in #768 (it was assumed the body should _always_ have focus in that PR)
- instant-save if body is edited and the post is new - fixes issue where you could keep typing without any save when body had autofocus
- don't show preview link for new posts - fixes issue where it links directly to the admin endpoint so it would force a refresh
closesTryGhost/Ghost#8525
- always give focus to the editor content area by default when loading the editor
- allow content autosave to work for new posts (it was previously turned off for new posts)
- move transition-on-save behaviour from editor/new controller into the controller mixin's save routine
- cancel background autosave when "are you sure you want to leave?" modal is shown as it can cause the "leave" option to fail because it attempts to delete the post record that can be in flight (plus if we're saving anyway it doesn't make much sense to ask the user 🙈) - this is quite an edge-case as it will only happen if the user makes a content change to a draft post then tries to leave the screen within 3 seconds
- change the editor placeholder text
- wait for any save task to finish before exiting the new post route (fixes infinite loop and popup of "are you sure you want to leave?" modal that is then closed automatically straight away
- add a guard to the `gh-post-settings-menu` component so that if the authors query takes a while we don't end up trying to set a value when the component has already been removed
refs https://github.com/TryGhost/Ghost/issues/8616
- only refresh tokens on boot if we last refreshed more than 24hrs ago - this should prevent rapidly changing access/refresh tokens when opening new admin tabs or refreshing whilst other tabs are open
- fix token refresh test which was testing it's own behaviour instead of the applications 🙈
This may not be the full solution to the session issues but it closes one potential culprit and should at least reduce token churn which can only help track down the real cause.
closes https://github.com/TryGhost/Ghost/issues/8540
- use `{{vertical-collection}}` in the tags dropdown filter list, opening the dropdown is now virtually instant as it's not attempting to immediately render components for every tag in the list
- remove pagination/infinite scroll from tags screen
- load all tags when accessing the tags screen
- will pause to show spinner if no tags have previously been loaded
- if tags exist in the ember data store, show the list immediately and load/update list in the background
- use `{{vertical-collection}}` to render enough tags to fill the scrollable area with a small buffer and use occlusion and element re-use to swap tags in whilst scrolling (suuuuper fast no matter number of tags loaded)
- scroll tags into view when they are selected (keyboard nav now makes a lot more sense)
- tested with 875 tags and 2x/5x CPU throttling with no major slowdowns 🎉
closes https://github.com/TryGhost/Ghost/issues/8662
- removes `k`, `j`, `up`, `down` shortcuts for changing the active post (these were already mostly unusable in 1.0) and the associated `enter` and `ctrl/cmd+backspace` commands for opening and triggering the delete modal respectively
- removes the `c` shortcut for opening the new post screen
refs https://github.com/TryGhost/Ghost/issues/5168
- adds a `tour` service that handles syncing and management of tour throbbers & content
- adds a `gh-tour-item` component that handles the display of a throbber and it's associated popover when clicked
- uses settings API endpoint to populate viewed tour items on app boot/signin
- adds `liquid-tether@2.0.3` dependency for attaching throbbers and popups
- adds initial tour contents
refs https://github.com/TryGhost/Ghost/issues/8275
- ask Ghost for `mobiledoc` and `plaintext`
- Ghost returns `html` by default
- use plaintext for `{{subText}}` for posts overview
no issue
- adds `eslint-plugin-sort-imports-es6-autofix` dependency
- implements ESLint's base `sort-imports` rule but has a distinction in that `import {foo} from 'bar';` is considered `multiple` rather than `single`
- fixes ESLint's autofix behaviour so `eslint --fix` will actually fix the sort order
- updates all unordered import rules by using `eslint --fix`
With the increased number of `import` statements since Ember+ecosystem started moving towards es6 modules I've found it frustrating at times trying to search through randomly ordered import statements. Recently I've been sorting imports manually when I've added new code or touched old code so I thought I'd add an ESLint rule to codify it.
refs https://github.com/TryGhost/Ghost/issues/5422
- handles errors and warnings from returned from the server and improves visual display
- adds a reset so that errors are cleared when leaving the labs screen
- removes the unnecessary "Import failed" alert - we already show the errors on the screen, no point bugging the user even further
closesTryGhost/Ghost#8443
- Fixes a bug where the keyboard shortcut `cmd+s` would cause a `Maximum call stack size` error and not save.
- Wherever there is a `save` button, the keyboard shortcut to save works now.
refs TryGhost/Ghost#7865💄 refactor signup to use ember-concurrency
refs https://github.com/TryGhost/Ghost/issues/7865
- moves authentication actions from `signup` route to controller
- refactors authentication and signup logic into EC tasks
- replaces use of `gh-spin-button` with `gh-task-button` in signup template
💄 refactor setup screens to use ember-concurrency
refs https://github.com/TryGhost/Ghost/issues/7865
- moves authentication actions from `setup/two` route to controller
- refactors authentication and setup logic into EC tasks
- replaces use of `gh-spin-button` with `gh-task-button`
- fixes some styling issues with the new SVG icons
- adds `app/styles/patterns/icons.css` back to contain per-icon overrides and animations (some SVGs use fills and others use strokes so we sometimes have conflicting styles)
refs https://github.com/TryGhost/Ghost/issues/7865
- moves authentication actions from `signup` route to controller
- refactors authentication and signup logic into EC tasks
- replaces use of `gh-spin-button` with `gh-task-button` in signup template
closes https://github.com/TryGhost/Ghost/issues/8321
- adds `gh-download-count` component that uses ember-concurrency to poll the count endpoint
- removes the no-longer-needed `setup/one` route as ember-concurrency now handles the setInterval bookkeeping for us
no issue
- adds `settings` service that acts as a proxy to the singular settings model with methods to fetch and reload, also prevents accidentally loading only some settings types which has caused problems in the past
- updates app boot, signin, and signup processes to fetch settings ensuring that any part of the app can grab settings synchronously if needed
- removes `timeZone` service, it's no longer needed as we can grab `settings.activeTimezone` directly
- replaces all store queries for the settings model with appropriate `settings` methods
- refactors `apps/*` routes/controllers, they had become a little convoluted with the way they were dealing with settings and the new service helped to clean that up
refs #8140🎨 remove usage of ghost's {{asset}} helper in built index.html files
requires https://github.com/TryGhost/Ghost/pull/8142
- switch to hash-location rather than history-location
- remove usage of Ghost's `{{asset}}` helper in index.html
- add `content-for` helpers to `asset-delivery` addon that switch asset urls in index.html to `.min` files in production
- update the `asset-delivery` addon to copy the production `index.min.html` to `default-prod.hbs` so Ghost can serve production assets when in production mode
- change template output path to `core/server/admin/views/`
- enable asset fingerprinting
- remove `ember-cli-sri` dependency - we weren't using it but now that ember is handling assets it was used automatically and could potentially create issues if users have proxy servers that attempt to compress or otherwise modify asset files
✨ redirect to setup if server says setup isn't finished
refs https://github.com/TryGhost/Ghost/issues/8140
- now we're using hash-location the server no longer knows if we're hitting the /setup route so it's not able to redirect for us
- extends the default ESA `UnauthenticatedRouteMixin` to add a check against the `/authentication/setup` API endpoint and redirects to `/#/setup/one` if setup isn't complete - this works for all routes because the default behaviour when hitting an authenticated route without the right credentials is to force a logout and redirect to `/#/signin` which utilises the `UnauthenticatedRouteMixin`
deps: ember-cli-inject-live-reload@1.6.1
no issue
- updates `oauth2-ghost` authenticator to reflect the fact that `makeRequest` now returns a ember-ajax and matches the `oauth2` authenticator behaviour
- handle `UnauthorizedError` errors in application route's error handler to avoid tests breaking from unhandled exceptions
requires https://github.com/TryGhost/Ghost/pull/8114
- adds "(Un-)Suspend User" options on user profile page with a modal confirmation screen
- separates team index into "active" and "suspended" users
- adds "suspended" badge to user profile when suspended
no issue
- cleans up some of the render code
- aligns things with the "ember way"
- move metaTitleScratch and metaDescriptionScratch bindings to post model
refs https://github.com/TryGhost/Ghost/issues/7865
- convert all signin related actions to ember-concurrency tasks and consolidate in the signin controller rather than spread across controller+route
- add `successClass` and `failureClass` params to `gh-task-button` that can be used to override the default success/failure button classes
- prevent clicks on `gh-task-button` from triggering form actions (this behaviour should never be necessary, task buttons should either be separate to the form as in the "forgot?" button or the form action performs the same task and can be triggered by a standard form submit)
requires https://github.com/TryGhost/Ghost/pull/8093
- adds `theme.activate()` method and associated adapter method for activating themes rather than relying on `settings.activeTheme`
- minor refactors to the `modals/upload-theme` component to use a full theme model
no issue
- add functionality for night mode feature flag using alternate
stylesheets
- modify lazy loader service to work with alternate stylesheets
- update feature service to use user accessibility property & add tests
refs TryGhost/Ghost#7860
- removes post type filter links
- adds dropdown filters for post type, author, and tag
- replaces custom refresh on query params change with Ember's standard `refreshModel` config
no issue
- the index route/controller/template was initially used for a separate loading state within the posts screen layout, this isn't necessary however as the same effect can be achieved with the `posts-loading.hbs` template
- this change also lays the groundwork for more complex dropdown-based filters as it enables the filters and query params to live in the same controller+template
refs https://github.com/TryGhost/Ghost/issues/5202
- refresh the access token after a successful authenticated application boot so that the session lifetime is continually extended
refs https://github.com/TryGhost/Ghost/issues/7860
- restores the previous up/down/enter/cmd+backspace functionality
- modifies the `delete-post` modal to accept a hash with an `onSuccess` action
refs https://github.com/TryGhost/Ghost/issues/7860
- load 30 posts per page
- clean up unnecessary styles, match class name to component name
- start moving towards desired content/styles end goal
refs https://github.com/TryGhost/Ghost/issues/7860
- remove preview pane from content screen
- add basic post status filters
- replace custom infinite scroll with ember-infinity and increase trigger threshold for improved scroll behaviour
Commits:
* basic content list + filter using existing infinite scroll and pagination
* swap our custom pagination + infinite loader for `ember-infinity`
* minor cleanups
* reset scroll position when changing filter
* fix tests
* remove client-side sorting step as we no longer have a live collection
* remove unused `mobile-index-route`
* add acceptance tests for content screen filters
no issue
- add loading substates for all routes that previously blocked transitions until their model had finished loading
- enables immediate response on navigation click
- loading templates include the title bar to provide immediate indication of which page is loading
- loading templates include a new `{{gh-loading-spinner}}` component that will only show the spinner after 200ms to avoid flashing a spinner for users on fast connections
- updated Version Mismatch tests to match new behaviour of intermediate transitions when navigating
refs https://github.com/TryGhost/Ghost/issues/7432
- invite.role instead of invite.roles
- be able to serialize/deserialize response from and request to server
- server returns role_id
no issue
- switch `jscs` and `jshint` inline config to `eslint` config
- fix eslint errors, predominantly in tests where the config now the main app config more closely
refs TryGhost/Ghost#7628 (issue), refs TryGhost/Ghost#7631 (required)
- update `config` service to fetch from public configuration endpoint
- add `beforeModel` to `application` route to fetch config and pause further processing until the request is complete
- remove `<meta name="env-*">` tags from generated `default.hbs` and internal testing `index.html`
- add mirage config to simulate configuration endpoint and helper to simulate enabled oauth config
- update `ghost-oauth2` torii provider to use auth server URL from server-provided config
- the title is now part of the content
- new ways to navigate from the title to the content
- the new editor contains updated toolbar behavior
- the new editor contains markdown like commands
Refs TryGhost/Ghost#7429
- Added mobiledoc card, this uses the mobiledoc editor from within Ghost. In the future we'll pull this out and replace it with a textarea as the preview is too small to fit in the content.
- Made the HTML editor a codemirror editor (pulled in from ghost-admin to save duplicating libraries).
- Ghost-Admin now passes the paths for the ghost-api and the image directory for tools.
- Fixed the scrolling issue.
issue TryGhost/Ghost#7452, requires TryGhost/Ghost#7451
- use a `ghostOAuth` config flag to switch between the old-style per-install auth and centralized OAuth auth based on config provided by the server
- add OAuth flows for:
- setup
- sign-in
- sign-up
- re-authenticate
- add custom `oauth-ghost` authenticator to support our custom data structure
- add test helpers to stub successful/failed oauth authentication
- hide change password form if using OAuth (temporary - a way to change password via oauth provider will be added later)
closes https://github.com/TryGhost/Ghost/issues/7420, requires https://github.com/TryGhost/Ghost/pull/7422
- adds a new `Invite` model with associated serializer and test setup
- updates team screen to use invites rather than existing users with the "invited" property
- updates signup process to work with new invite model
- updates setup process to create invites instead of users
- swaps usage of `gh-select-native` for `one-way-select` in the invite modal so that attributes can be set on the `select` element
- updates resend invite process to account for server returning a new model
- rewrites the invite management tests and fixes mirage mocks for invite endpoints
- sorts invites by email address to avoid jumping invites when re-sending
refs TryGhost/Ghost#7429, requires TryGhost/Ghost#7437
Added Ghost-Editor (based on mobiled doc).
-------------------
- Added mobiledoc editor
- Fixed problems with workflow and auto saves
- Integrated basic toolbar
- Removed all editor related tests, everything bar the most basic acceptance tests will be in the ghost-editor repository.
- Commented out tests which relied on Ember Helpers that are not compatable with mobile-doc, workarounds are inbound shortly.
This is the first integration of ghost-editor. It's styled enough to work, however it is not anywhere approaching something that looks remotely like what the finished thing will be.
Early ALPHA, development build. Tread cautiously.
* deps: ember-concurrency@0.7.8
* initial conversion of post & user actions to e-concurrency tasks
- add task button which handles auto-spinning of e-concurrency tasks
- fix tests
refs https://github.com/TryGhost/Ghost/issues/6976
- adds custom `MaintenanceError` and associated error checking functions
- updates app route and notifications service to handle `503` errors via the `upgrade-status` service
refs https://github.com/TryGhost/Ghost/issues/6949
Handle version mismatch errors by:
- displaying an alert asking the user to copy any data and refresh
- disabling navigation so that unsaved data is not accidentally lost
Detailed changes:
- add `error` action to application route for global route-based error handling
- remove 404-handler mixin, move logic into app route error handler
- update `.catch` in validation-engine so that promises are rejected with the
original error objects
- add `VersionMismatchError` and `isVersionMismatchError` to ajax service
- add `upgrade-status` service
- has a method to trigger the alert and toggle the "upgrade required" mode
- is injected into all routes by default so that it can be checked before
transitioning
- add `Route` override
- updates the `willTransition` hook to check the `upgrade-status` service
and abort the transition if we're in "upgrade required" mode
- update notifications `showAPIError` method to handle version mismatch errors
- update any areas where we were catching ajax errors manually so that the
version mismatch error handling is obeyed
- fix redirect tests in editor acceptance test
- fix mirage's handling of 404s for unknown posts in get post requests
- adjust alert z-index to to appear above modal backgrounds
closes#51
- move the check into the `afterModel` hook so that it's always performed on app load (previously it would only be displayed after going through the sign-in process)
- change the alert type to `warn` so that it matches our existing types (success, warn, error)
- don't rely on the `.htmlSafe()` prototype extension
- add basic tests for the upgrade alert display
If the user is running a version of Ghost Desktop that requires a
manual update, we display a little warning message referring to a blog
post on dev.ghost.org.
no issue
- updates `package.json` details to better reflect the separation from the `Ghost` package
- update ember config and all import statements to reflect the new `ghost-admin` module name in `package.json`
closes TryGhost/Ghost#6406
follow-up PR of #2
- adds a `timeZone` Service to provide the offset (=timezone reg. moment-timezone) of the users blog settings
- `gh-datetime-input` will read the offset of the timezone now and adjust the `publishedAt` date with it. This is the date which will be shown in the PSM 'Publish Date' field. When the user writes a new date/time, the offset is considered and will be deducted again before saving it to the model. This way, we always work with a UTC publish date except for this input field.
- gets `availableTimezones` from `configuration/timezones` API endpoint
- adds a `moment-utc` transform on all date attr (`createdAt`, `updatedAt`, `publishedAt`, `unsubscribedAt` and `lastLogin`) to only work with UTC times on serverside
- when switching the timezone in the select box, the user will be shown the local time of the selected timezone
- `createdAt`-property in `gh-user-invited` returns now `moment(createdAt).fromNow()` as `createdAt` is a moment date already
- added clock service to show actual time ticking below select box
- default timezone is '(GMT) Greenwich Mean Time : Dublin, Edinburgh, London'
- if no timezone is saved in the settings yet, the default value will be used
- shows the local time in 'Publish Date' in PSM by default, until user overwrites it
- adds dependency `moment-timezone 0.5.4` to `bower.json`
---------
**Tests:**
- sets except for clock service in test env
- adds fixtures to mirage
- adds `service.ajax` and `service:ghostPaths` to navigation-test.js
- adds unit test for `gh-format-timeago` helper
- updates acceptance test `general-setting`
- adds acceptance test for `editor`
- adds integration tests for `services/config` and `services/time-zone`
---------
**Todos:**
- [ ] Integration tests: ~~`services/config`~~, ~~`services/time-zone`~~, `components/gh-datetime-input`
- [x] Acceptance test: `editor`
- [ ] Unit tests: `utils/date-formatting`
- [ ] write issue for renaming date properties (e. g. `createdAt` to `createdAtUTC`) and translate those for server side with serializers
no issue
- if the session is "authenticated" but is invalid, the initial load of the app would fail. It could be replicated by:
1. Authenticating in a running ghost instance
2. Stopping ghost
3. Deleting the database
4. Re-starting ghost
5. Closing the browser
6. Re-opening the browser and visiting http://localhost:2368/ghost
- this fix stores the `transition` object for the duration of the initial load so that `sessionInvalidated` method can trigger actions before the transition has finished
no issue
- always ensure we load a full settings object so that we don't risk saving a partial settings object back to the server
- should fix the issues reported in Slack of disappearing private settings over time
no issue
- Check for title, user_name and user_email in the top level of config.
- If they exist, return them as part of the setup check, so that the setup screen can be prepopulated
Initial Subscribers screen
- set up mocked api endpoints
- basic subscribers screen with data loading, infinite scroll
"Add Subscriber" screen
- uses modal to display a new subscriber form
- validates subscriber e-mail address
- moves pagination from route into controller to use filtered/sorted CPs on top of a live-query so that new subscribers are added to the list and the total can be properly managed
TODO:
- there is currently a pretty serious performance issue where the whole table is re-rendered when the live-query is updated. `ember-light-table` doesn't allow for live-binding and has no options to easily manipulate it's rows using an external interface - it's possible to move the page loading into the component so we only render new rows but that leaves it difficult to react to new subscribers being added through the UI. I believe the number of components used within the table is also adding to the performance problems.
- most likely solution is to drop `ember-light-table` in favour of rendering the table directly - glimmer should do a good job of fast updates even though the underlying array will be completely swapped out
"Import subscribers" screen
- uses modal to display an import subscribers CSV file upload form
- displays upload progress
- displays import stats and reloads subscribers table once import has completed
- adds `gh-file-uploader` component (NB. pared down copy of `gh-image-uploader`, ripe for some refactoring)
- fixes subscribers acceptance test failing because fixtures did not have the labs flag enabled
Unfortunately this doesn't have 100% test coverage as we're limited in how we can simulate file uploads 😞
Fix performance issues with subscribers table
- moves the table definition from the component up to the controller
- switches back to manually manipulating table rows instead of using a live-query
This is a quick-fix in that it allows us to continue using the `ember-light-table` component but it does mean that we lose some flexibility that the live-query gave us. For now it's not much of an issue and it allows us to defer deeper performance/flexibility work until we have a concrete need and requirements.
Hook up Export CSV button
- use a hidden iFrame to trigger the browser to hit the CSV export endpoint and download the file
Re-order subscribers table by clicking column headers
- displays currently sorted column and sort direction
- clicking a column header re-fetches the data from the server with the appropriate query params
Fix scroll triggers for infinite pagination + icon change
- adds a debounce as well as the throttle so that we always get a final scroll trigger once scrolling has stopped
- changes the subscribers icon from the temporary team icon to the mail icon
closes#6534
- new input fields in general settings incl. validation
- facebook and twitter as new models in settings.js
- adds values for facebook and twitter to default-settings.js
- adds blog helpers for facebook and twittter
- rather than saving the whole URL, the Twitter username incl. '@' will be extracted from URL and saved in the settings. The User will still input the full URL. After saving the blog setting, the stored Twitter username will be parsed again as the full URL and available in the input field. A custom transform is used for this.
- adding meta fields to be rendered in {{ghost_head}}:
- '<meta property="article:publisher" content="https://www.facebook.com/page" />' and
- '<meta name="twitter:site" content="@user"/>'
- adds facebook and twitter to unit test for structured data
- adds unit test for general settings
- adds acceptance test for new input fields in general settings
- adds a custom transform for twitter model to save only the username to the server
- adds unit test for transform
closes#6584
- Frontend Changes:
- adds 'Apps' to Navigation Menu
- adds 'Slack' as nested page to Apps
- adds `apps.css`
- adds `slack-integration` model and uses `slack-settings` custom transform to parse JSON file
- adds validation for `slack` model
- adds fixtures and `slack/test` API endpoint to Mirage
- adds acceptance tests for `apps-test` and `slack-test`
- adds unit tests for `slack-settings` and `slack-integration`
- Backend Changes:
- adds API endpoint `slack/test` to send Test Notification
- adds default-values for slack model
- sends payload to slack:
- text: the url of the blogpost / test message
- icon_url: url to ghost logo
- username: Ghost
- adds `slack/index.js` to send webhook to slack if
- a new post is published (if slack webhook url is saved in settings)
- user clicks on 'Send Test Notification' in UI
- adds `slack.init()` to `server.index.js` to add event listener
- adds unit test for `slack/index`
supersedes #6773
- update `feature` service and `gh-feature-flag` component to work synchronously rather than async
- use the application route's `afterModel` hook so that settings are loaded before first load
- override `session` service's `authenticate` method to load the settings after successful authentication before any other routes are processed
no issue
- returns the promise/result from `loadNextPage` so that it's return value can be utilised in closure actions
- sets the `isLoading` property in `loadFirstPage` to match `loadNextPage` behaviour
- reset the `isLoading` property even if the request fails
- adds a `didReceivePaginationMeta` hook so that consumers of the mixin can use the metadata values without having to rely on observers
- eg. pulling the `total` into a separate property that can be manipulated when items are added/removed but still reset to the sever's total value the next time a page is loaded
- renames the `pagination-route` mixin to simply `pagination` as it's not tied to routes and works equally well in other objects that need to paginate an API resource
no issue
- adds `gh-image-uploader` that handles image uploads in a fully ember fashion and with no dependency on `uploader.js`
- adds `gh-image-uploader-with-preview` that can fully replace the old `gh-uploader`
- replace uses of `gh-uploader` in PSM & TSM with `gh-image-uploader-with-preview`
- updates the editor preview image handling to use the new `gh-image-uploader-with-preview` component
- updates the image upload modal to use `gh-image-uploader` (utilises the `saveButton=false` flag which means the preview has to be handled externally to avoid auto-replacement when typing a URL)
- removes all old `uploader.js` related code
- adds custom `RequestEntityTooLargeError` and `UnsupportedMediaTypeError` errors to our `ajax` service
refs #6421, #6525
- The configuration API endpoint was a bit of an animal:
- It's used currently in two ways, once for general config, another for the about page.
- These two things are different, and would require different permissions in future.
- There was also both a browse and a read version, even though only browse was used.
- The response from the browse was being artificially turned into many objects, when its really just one with multiple keys
- The new version treats each type of config as a different single object with several keys
- The new version therefore only has a 'read' request
- A basic read request with no key will return basic config that any client would need
- A read request with the about key returns the about config
- A read request with a different key could therefore return some other config
refs #6483, closes#6541
- removes unloading of all tags when entering the tags screen. Tags list will now function similarly to the content list where already-loaded tags are visible immediately.
Fixes#6483 because it prevents selectize's data being changed out from underneath it before it's destroyed.
refs #6458, closes#6457
- replaces jquery-ui.sortable with ember-sortable for drag-n-drop handling
- moves the "new/blank" nav item out of the nav items list
- allows it to be excluded from the draggable list
- cleans up handling of the `navigationItems` array as there's no longer a need to ignore/exclude this extra item
- clears validation errors when typing in the respective field
- adds acceptance test for adding/removing nav items
- improves acceptance test for saving nav items to cover more edge cases
closes#6385
- redirect to 404 when post is not found
- replace replaceRoute calls with replaceWith calls in routes (replaceRoute is only available on controllers)
- add post mirage factory
- add acceptance test for post 404 redirection
no issue
- updates ember-data dependency and switches to direct es6 module import instead of destructuring assignment
- fixes issue with `authenticationFailed` action being called before transitions have finished
refs #5798, closes#5018
- adds new `gh-fullscreen-modal` component - modals are now specified in-context so that they can have deeper interaction with their surrounding components/controller/route, i.e. a modal component can be a thin confirm/deny wrapper over the underlying controller action keeping all context-sensitive logic in one place
- adds spin-buttons to all modals with async behaviour
- adds/improves behaviour of inline-validation in modals
- improves re-authenticate modal to properly handle validation and authentication errors
closes#6229
- removes `_super` call in the reset route's `setupController` hook to avoid a `model` property being set which was being picked up by the validation engine
- throw the error if we fail in the password reset process from something we aren't expecting
refs #6191, #6192
- adds additional safeguard to tags route to ensure keymaster scope doesn't get stuck in a non-default scope that may break shortcuts elsewhere
closes#6094
- adds 404-handler mixin
- applies mixin to settings/tags/tag, editor/edit and team/user routes
- adds adapter-error test helper to override the default adapter error
no issue
- review use of Ember core hooks and add a call to `this._super` if missing
- fix a few occurrences of using the wrong component lifecycle hooks that could result in multiple/duplicate event handlers being attached
`_super` should always be called when overriding Ember's base hooks so that core functionality or app functionality added through extensions, mixins or addons is not lost. This is important as it guards against issues arising from later refactorings or core changes.
As example of lost functionality, there were a number of routes that extended from `AuthenticatedRoute` but then overrode the `beforeModel` hook without calling `_super` which meant that the route was no longer treated as authenticated.
no issue
- add ember-suave dependency
- upgrade grunt-jscs dependency
- add a new .jscsrc for the client's tests directory that extends from client's base .jscsrc
- separate client tests in Gruntfile jscs task so they pick up the test's .jscsrc
- standardize es6 usage across client
In `gh-content-view-container` the visibility of another DOM node was
being used to detect if a given view was mobile or not. This means the
UI needed to have layout forced (and DOM rendered) before the content
view container would render a second time. This is slow interaction with
the DOM (forcing layout) and slow for Ember's renderer (it needs to
render the container once with a default, then again when the value
changes).
Additionally there were two ways resize was being observed. The
`Window.matchMedia` API was used for some styles and the `ember-resize`
addon used to detect other changes. Here I've unified around just the
`Window.matcheMedia` API but abstracted it behind a service.
Sizes are exposed as properties that can be bound to or used directly in
templates.
refs #6105
- adds `raw` ember-data transform to handle standard JSON `count` attribute
- update mirage factory to return correct `count.posts` format
- rename all uses of `post_count` to `count.posts`
closes#6095
- implements custom user adapter for the `/team/:slug/` route
- abstracts slug-url behavior into a mixin (used in /settings/tags/ as well)
- adds unit tests for both tag and user adapters
refs #6039
- add `jquery-deparam` ember testing dependency for use in mirage config
- setup necessary mirage fixtures & endpoints for successful testing of setup flow's happy-path
- add happy-path acceptance test for setup flow
refs #6039, closes#6047, closes#6048
- delete old/unused fixtures file
- add failing tests for #6047 & #6048
- redirect to sign-in if we get a 401 when making an API request
- fix incorrect `this.notifications` call in tag controller
- raise `authorizationFailed` action in application route's `sessionInvalidated` hook so that it can be handled by leaf routes (fixes re-auth modal display)
- close "saving failed" alert when successfully re-authenticated
- adds a "window-proxy" util so that we can override `window.*` operations in tests
- fix `gh-selectize` attempting to register event handlers when the component has already been destroyed
refs #5845
- adds custom adapter for tags so that `store.queryRecord('tag', {slug: 'tag-slug'})` hits the `/tags/slug/tag-slug` endpoint instead of `/tags/?slug=tag-slug`
- updates tag management screens to use tag slugs instead of IDs
- adds `/tag/:slug/edit` redirect to front-end
refs #5845, #5969
- when on mobile devices tag management UI will only display a list and when a tag is accessed the tag settings form will slide in from the right
- tag settings form header has a 'back' button when on mobile to go back to tags list
- switching from mobile to standard modes will auto load the first tag as per standard tags screen on desktop
- if no tags are present then the blank-slate template will be shown when on mobile
refs #5845
- Updates tag settings screen to match content screen behaviour. Each now tag has it's own route that is link-able from other areas of the app
- Updates a number of places where jQuery event handler code was not wrapped in Ember's run loop
closes#5903, refs #5409
- switch alert/notification component tests from unit to integration where appropriate
- rename `notifications.closeAll` to `notifications.clearAll` to better represent it's behaviour
- add concept of a "key" to alerts/notifications and ability to close only specified keys through notifications service
- close duplicate alerts/notifications before showing a new one
- specify a key for all existing alerts
- close failure alerts on successful retries
- clear all currently displayed alerts on successful sign-in
closes#5852
- resets navigation settings controller's model when transitioning away
- fixes `locationType` config setting so acceptance tests don't mess with the URL
- configure the ephemeral session store for ember-simple-auth during tests
- adds dummy env-config meta fields so acceptance tests don't fail
- adds `ember-cli-simple-auth-testing` dependency for auth testing helpers
- adds Pretender dependency to mock API requests for acceptance tests
refs #5614 and #5503
- update private blog type, including update to settings.edit
- switch order of populate settings & update fixtures + populate all settings
Private blog settings should not be returned by public endpoints
therefore they need a type which is not `blog` or `theme`.
`core` doesn't suit either, as those settings don't usually have UI
To resolve this, I created a new type `private` which can be used
for any setting which has a UI but should not be public data
refs #5652
- safari doesn't support the nice toLocaleString function
- this adds a manual, cross-browser way of adding commas in the right places to long number strings