closes#6534
- new input fields in general settings incl. validation
- facebook and twitter as new models in settings.js
- adds values for facebook and twitter to default-settings.js
- adds blog helpers for facebook and twittter
- rather than saving the whole URL, the Twitter username incl. '@' will be extracted from URL and saved in the settings. The User will still input the full URL. After saving the blog setting, the stored Twitter username will be parsed again as the full URL and available in the input field. A custom transform is used for this.
- adding meta fields to be rendered in {{ghost_head}}:
- '<meta property="article:publisher" content="https://www.facebook.com/page" />' and
- '<meta name="twitter:site" content="@user"/>'
- adds facebook and twitter to unit test for structured data
- adds unit test for general settings
- adds acceptance test for new input fields in general settings
- adds a custom transform for twitter model to save only the username to the server
- adds unit test for transform
closes#6584
- Frontend Changes:
- adds 'Apps' to Navigation Menu
- adds 'Slack' as nested page to Apps
- adds `apps.css`
- adds `slack-integration` model and uses `slack-settings` custom transform to parse JSON file
- adds validation for `slack` model
- adds fixtures and `slack/test` API endpoint to Mirage
- adds acceptance tests for `apps-test` and `slack-test`
- adds unit tests for `slack-settings` and `slack-integration`
- Backend Changes:
- adds API endpoint `slack/test` to send Test Notification
- adds default-values for slack model
- sends payload to slack:
- text: the url of the blogpost / test message
- icon_url: url to ghost logo
- username: Ghost
- adds `slack/index.js` to send webhook to slack if
- a new post is published (if slack webhook url is saved in settings)
- user clicks on 'Send Test Notification' in UI
- adds `slack.init()` to `server.index.js` to add event listener
- adds unit test for `slack/index`
no issue
- move the post lookup functionality into its own file
- handle the pre and post lookup checks to verify that we found the correct post
- checking that the URL matches handles checking that a post looked up with pagePermalink is a page
- all cases where there is no match throws a 404 directly, this could just call next() ?
refs #6644
- urls specified in config.js should be considered whitelisted/trusted
- this is not quite straightforward because config.js is not ready at the point the middleware is required
- tests have been updated to cover these new cases + use rewire to override the internal whitelist cache
closes#6462
- monkey-patch validator.extends() since it was dropped by validator @5.0.0
- coerce input to string prior to validation (custom toString func)
- need to handle boolean validation based on column type not isIn()
- use `lodash.tostring` to convert input values to strings
refs #6589
- add internalAppsPath as a proper config path
- middleware/routes will be setup for any internal apps which have the function
- this should be refactored into some sort of proper hooks system as part of apps
- internal apps get permission to do anything the proxy allows
refs #6301, #4176
Add migration for:
- 5 new client permissions
- 15 relations between the admin, editor & author role and the 5 new permissions
- updates to tests to show that permissions get updated properly
refs #6301, #6399
- new scheduler client will be used by any web app that handles time and calls back to the scheduling API at the right time
- new scheduler client will need to be confidential, rather than public, hence the 'web' type instead of 'ua'
- adds validation to client type that it must have a type of 'ua', 'web', or 'native'
refs #6301
- move the temporary `fixClientSecret` function from migration.init into being a proper fixture migration task
- update the tests accordingly
refs #6301
- bump the default version & update corresponding test
- add empty task folders for 005 data & fixture migrations
- update tests to cover the new 005 upgrades
- remove old casper.js tests
- cleanup mochacli groups that are less useful than `grunt test:path`
- improve inline Gruntfile.js docs
- fixup coverage for new internal apps
- add new coverage-all task which works for all our tests
- reverse order of master-warn messages to make this clearer
- remove bluebird from greenkeeper ignores
Closes#6625
- Adds a failing test for not returning computed columns as well
as for the bookshelf bug where extra columns passed into a fetch
will result in the model having an extra "quoted" column.
- Filter model attributes for passing into "fetch" but used the
entire list of columns for `toJSON`.
closes#5914, #6589
- moves all private-blogging related code & tests into /server/apps/private-blogging/
- rework Grunt to run private-blogging tests
- modify server apps code to have a place for internal apps
refs #6301, #4176
- always check existence of items before attempting to create them, in order to prevent duplicates
- provide stats on how many object creations are expected vs done
- split out and improve fixture utils tests (100% covers utils)
Refs #6644
- deps: cors@2.7.1; Add express cors package.
- Adds new middleware for proper CORS support.
- Handles CORS pre-flight checks.
- Separates request authentication/authorization from
CORS.
Refs #6642
- Do not send CORS headers on an invalid "origin"
header, but otherwise allow the response to
proceed normally. This enforces CORS for the browser
but does not blow up non-CORS requests.
refs #6301
- The order of model fixtures matters, so they should be in an array
- By splitting out the population code into a utils file, it'll be possible to use this to do updates as well
- This should make it much easier to do permissions updates in future
Closes#6620
* Changed it from always returning true, to evaluate if it is the
current logged in user, and if so, check the old password. If not,
ignore
refs #6621, #6622
- remove unneeded `return new Promise.resolve()` lines
- reduce code in tests
- improve quality of tests checking that all task functions are executed
- add missing test coverage
- Simplify the `init` method in `models/index.js` so that it no longer
returns a promise. Easier to use.
- Eliminates the `deleteAllContent` method from `models/index.js` as it
can all be handled at the API layer in a single spot.
- Optimize `destroyAllContent` in `api/db.js`. Eliminates
double-fetching every post from the database and converting it to
JSON. Also only fetches ids from the database instead of the entire
model.
- Eliminates the custom static method `destroy` in the Post model in
favor of handling detaching tag relations in a single place (the
`destroying` event). This also eliminates a big source of unneeded
database round trips--needing to get post ids to feed into
`Post.destroy()` which then re-fetches the post again.
refs #6301
- fix messages that joined with comma and therefore missed outputting version no
- change `logInfo` to `logger` that has both an info and a warn method
- add new warn method to errors
- add a warn message everytime a migration (data or fixture) gets skipped over
- update logger everywhere, including tests
- update tests to check logger.warn gets called
