Closes#499
* On wrong passwords, statuses: `active` -> `warn-1` -> `warn-2` -> `warn-3` -> `locked`
* On login check, if user's status is `locked`, login automatically fails and user is encouraged to reset password. Does not even bother to check for passwords.
* login attempts tell user how many attempts she has remaining in notification box
* successful login will reset status to `active`
* resetting password with forgotten password emailed token resets status to `active`
* complete with a test suite
Move helper functions registerThemeHelper and registerAsyncThemeHelper
to the helpers module.
Also update the app proxy object to reflect this new code location,
and the tests to reflect that as well
Create ./sore/server/filters which houses all filter related behavior.
Was previously on the ghost singleton.
Also create the filters_spec file for testing
and update all code and tests to use new code location.
Create ./sore/server/helpers/template which houses all template related behavior.
Was previously on the ghost singleton.
Also create the helpers_template_spec file for testing
and update all code and tests to use new code location.
Move ghost.mail instance onto the mail module directly
and update related code and tests to use new location
Move Polyglot instance onto require module directly
Move ghost.availablePlugins to plugins module directly
- changed cookieSession to session
- added session.regenerate for login and logout
- added bookshelf session store
- added session table to database
- added import for databaseVersion 001
- added grunt task test-api
- cleanup of gruntfile to start express when needed only
- moved api tests to functional tests
Closes#1471
- add api and User model methods for generating and validating tokens
- add routes and handlers for reset password pages
- add client styles and views for reset password form
- some basic integration tests for User model methods
closes#1398closes#1399closes#1400
- added schema.js with database version '000'
- refactored migration to use schema.js
- if new table is added to schema.js and databaseVersion is increased, table will be added
- if new table is deleted to schema.js and databaseVersion is increased, table will be deleted
- alter table from issue #1400 is delayed until knex supports column modification
- changed import pre checks to work again (will be refactored separately)
- added basic PostgreSQL support (Attention: not supported/tested)
- changed error handling in server.js
issue #635
- upload controller shouldn't assume fs
- filesystem module proxies all the fs work
- proxies and exposes middleware for serving images
- creating a date based path and unique filename is a base object util
- unit tests updated
closes#1396
- moved core/test/unit/api* to core/test/integration/api/
- moved core/test/integration/model* to core/test/integration/model/
- moved core/test/unit/utils to core/test/utils
- moved core/test/unit/fixtures to core/test/utils/fixtures/
- changed gruntfile.js to execute api tests with target 'integration'
closes#1189
- added tests
- added request module
- added status codes to API calls
- fixed return values of API calls
- fixed that drafts caused an error when being deleted
- fixed X-Invalidate-Cache headers
- moved testUtils.js to utils/index.js
closes#1373
- Note that the tests fail if you run them pre #1363, thus future proofing us from this happening again.
- Added submodule handling to travis
- Added a new test for each of the home and post pages
issue #769
- Refactor doFilter to allow returning a promise from a filter handler
and to also return a promise itself
- Move the logic out of the registerThemeHelper calls and into their own methods so
we could test them in isolation.
- Assign the server to the ghost instance so the initPlugins method can
get access to it.
- Increased post-settings width to properly display "Static Page"
- Changed templates to display "Static Page" if set
- Added unit test for body_class helper
fixes#969
Fixes#1124
- Updated default mocha timeout to 15 seconds. Any future tests that
depend on a timeout (and thus might be better off with a lower value)
can override the default setting which is now 15 seconds.
- Removed test-specific timeout overrides for the mocha tests.
- Fixed the editor/splitbutton tests to wait for the appropriate
selector instead of assuming the dom has been updated immediately.
Should resolve intermittent timeouts when checking the splitbutton's
applied classes.
Fixes#1064
- Updated grunt config for unit and functional tests to remove the test
database after each is run.
- Cleaned up a couple of issues with the functional tests that may have
been causing travis builds to fail randomly, including: the start page
is now `about:blank` instead of whatever page the last test suite left
off at, added some checks in the logout tests to ensure they're truly
independent of the other test suites.
closes#942
- insert custom middleware to check for blacklisted files
- redirect to express.static if file accepted
- if not valid return next() to do nothing
- currently black listing .hbs, .txt, .md and .json
- debatable which is best, black list or white list, either one will probably need tweaks but erred on side of letting
a theme serve unknown types
issue #938
- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
Fixes#362
- There is no need to set the viewport on functional tests anymore
unless something other
than the default of 1280x1024 is desired.
- There is no need to invoke `casper.run` to trigger `test.done`
anymore for functional tests.
- Each test works independently of the rest; registration is handled
once for the lifetime of the test run and then login/logout can be
invoked automatically as desired.
- Mocha tests all utilize predefined, more realistic fixtures when
appropriate.
- Renamed old api tests that were really model tests as appropraite.
- Added example api test for posts.
issue #858
- there is no guaranteed order to arrays, so sort before testing them
- tests run much faster, date comparisons fail
- settings tests are more explicit, otherwise they fail random validations
- dates must be inserted as date objects
closes#865
- rejigged markdown to have some functionality before showdown runs, and other functionality before.
- autolinking now happens last, so it can be smarter
Added a couple sanity checks to the config during the loadConfig call.
- Check that the config exists for the current NODE_ENV
- Check that the config.url exists and is valid structure
- Check that the config.database exists
- Check that the config.server exists and has a port and host value
closes#705
- uses the file type passed by express/connect
- relies on the type being set correctly by the browser upload
- doesn't reread the file to check
Fixes#825
- Changes the way the error middleware is delivered in server.js, moving
all the logic back into errorHandling.js
- Alters error logging to use console.error (probably more appropriate) instead
of console.log
- Changes error tests to accomodate for these alterations
- Alters user-error and error hbs templates to incorporate stack traces
- Adds additional styling for error pages to accomodate stack traces
- Added logic to parse and deliver formatted stack traces
Notes:
======
- Jslint gets in the way of the regex I've got to use to parse the stack.
(It cites 'security reasons' which are not relevant in this case.)
I needed to add a condition to relax it at the top of errorHandling.js
- The stack trace should probably be added as a partial, but I figured it
was out of scope for this PR.
closes#502
part of #705
- copy the files but then remove the temporary ones
- moving instead of copying was problematic due to moving across devices
- still need to convert code to using promises
closes#295
- Maintain a list of markers for CodeMirror which reference image codes
- Upload start triggers a selection
- Upload success replaces the selection
- No ref-style image markdown handling
- Showdown image URL handling improved at the expense of titles
- Tests updated
Fixes#258
- Modified post collection to have default values for paging.
- Added scroll handler to content view to check for more posts and load
as appropriate.
- Sanitized result from server-side post paging, ensure page # is
returned as an integer.
- Added a functional test stub.
Fixes#667
- Removed superfluous as-of-yet-unused options in the publish menu.
- Adjusted display names of publish buttons according to differing
states the publish menu can be in (new post, saved draft, published
post).
- Added red highlight style to "important" status change options in the
publish menu (draft => published, published => unpublished).
- Added suite of functional tests around new labels and classes.
- Made a helper called ghostScriptTags that will spit out the relevant
script tags with version parameter; 4 unminified files in development,
1 minified file in production.
- Added grunt concat and uglify tasks to build files into core/built
- Fixed some unit tests by making them native date objects
closes#733
- Exporter will read meta data to determine the tables which are present and export all data from those tables
- Exporter figures out which version to export, rather than requiring that information
- deleted old exporters
closes#748
- Removed the alpha software warning
- Better error message output for the whole app - can now specify an error, a context, and a help message
- Improved invalid node version, start and stop messaging
- Listens for Ctrl+C and exits nicely
- Minor improvements to handling and errors with old DBs (temporary)
- Commented out import/export tests until they are refactored
- Updating tests to ensure they create objects which conform to the new much stricter schema.
closes#370
- Added new Backbone view for post settings menu
- Moved sass styles to global.scss for post settings menu items
- Added field to change post slug (permalink) using existing slug
validation
* Signup now focuses on 'name' on load
* Fixed fade in on auth forms to work with `display: table`
* The 'name' field is required on Sign up forms
* The length check on the Signup form is in order of inputs
* Added check for password length
* Changed the auth form class names to better represent individual pages
* Updated CasperJS tests
closes#619
- check if uploaded image name exists in month/year path
- if unique then save
- if not unique then add -1 to the end of the name eg. image-1.jpg
- if image-1.jpg exists then increment to -2
- keep going until a unique name is found
- uses tail recursion as normal path will be to save the first filename and deep recursion will be the exception
- (the alternative of loading the names of all the files in the directory could result in a large in memory array)
Fixes#352
- Ensure publish button's default status is set in the `render`
function.
- Ensure publish button's popup arrow has animation reverted when a
status has been selected.
- Bumped up timeout in failing mocha test for exports-002.
closes 644
- replaced showdown's implementation of bold and emphasis with a version close to marked's
- reverted the underscore-in-word handling to only deal with 2 or more underscores & commented the test this causes to fail - this was causing problems with double underscores.
Fixes#592
- Added *permanent* redirect to ensure `/page/1/` isn't used and that
`/` is used instead.
- Added pageUrl helper (and unit tests) to generate client side url
fragment for blog pages conforming to the above standard.
- Updated pagination helper to use new `pageUrl` theme helper.
- Added functional tests for redirects and added scaffolding for
functional frontend tests in general.
Closes#345
- added blog description to general screen
- removed content screen from sidebar
- removed beforeRender from settings front end
- removed content screen from tests
closes#577
- auto-linking was interfering with things that were already a link
- now checks to ensure we are not in a HTML or markdown link already
- added tonnes of new tests
closes#367closes#368
- Adds Tag model with a many-to-many relationship with Post
- Adds Tag API to retrieve all previously used Tags (needed for suggestions)
- Allows setting and retrieval of Tags for a post through the Post's existing API endpoints.
- Hooks up the editor's tag suggestion box to the Ghost install's previously used tags
- Tidies the client code for adding tags, and encapsulates the functionality into a Backbone view
Fixes#469
- Added client-side trimming of title on blur if it is not already
trimmed.
- Added server-side trimming of title on 'saving' event of post model.
- Test environment runs on a different port
- Removed wait() and replaced with waitFor() where possible
- Added more timeout functions / handlers
- General consistency improvements
Closes#556
* New Ghost Logo Icon
* New Lightning Icon for plugins screen
* Remove old Ghost Logo Icon
* Moved #ghost to .ghost-logo to clean up conflicts with editor, previously fixed with dodgy overnesting
closes#422, issue #295
- Added GFM mode to codemirror
- Took the github.js extension for Showdown and added all useful behaviour
- Now supports strikethrough, line breaking and
multiple underscores, and auto linking urls & emails without breaking
definition urls
- Also added definition url handling in preparation for #295
- Added unit tests for the extentions individually and integrated with
showdown
closes#528
- adds method (isPost)to models index.js that returns true if content, content_raw, title and slug are valid properties
- adds url helper which checks context is post using isPost method
- adds unit test to check a url is prefixed with /
-adds unit test which checks for empty string if either of the 4 properties above are not present.
Fixes#363
- Added new grunt task to run casperjs tests.
- Added prerequisites (sass/bourbon/casperjs) to travis config.
- Updated failing functional tests to use more robust `waitFor`
statements.
- Updated capserjs `base.js` file to use a password which conforms to
our 8 character minimum.
- Added necessary logout to first test and also registration step to
ensure a user is present in the system.
Pagination could conceivably be used in more than one place on a page (eg. both top and bottom). For that reason it should probably have a class rather than an ID.
- fixes#517
- prevents this from occuring again in future with other relations
- validation function & stripping done for all models
- casper test for flow, plus validation & logged out tests
closes#382, closes#383
- added helper called ghost_head to insert meta data with current version of ghost
- added helper called ghost_foot to insert script tag for jquery
- added unit test for both helpers
- removed trailing slash from ghost.js for 'shared' path and removed from outside of loop as it is shared on front and backend
Temporary patch for #362
- Split out database teardown and initialization so they each have their
own 2 second timeout.
- Added some test-specific increased timeouts.
