closes#2759closes#3027
- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based
Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125
**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
no related issue
- Updates package.json packages, adding express middleware packages
that have been broken into their own modules
- Updates controllers/frontend.js to use the new Layer object that Express 4.0
has. Requires some monkey-patching as the Layer object isn't explicitly
surfaced, however it should be safe to do.
- Moved the setup of routes into middleware/index.js because they need to
be added as a middleware function before the 404 and 500 handlers. This is
no longer possible with the old app.use(app.router) as that has been removed.
- Cleaned up middleware/index.js to make it compatible with Express 4.0.
- Simplified the way themes are activated and enabled when they are activated.
The new handling is simpler, yet should still cover all the use cases that
previously existed.
- The entire flow of activating a theme through middleware should be a little
more centralized, letting it be easier to read and maintain.
- Moved every routes/*.js file to use an individual express.Router() instance.
- We no longer need grunt-groc as we are going to use docker instead
- Compile docker to 'docs'
- Docker has a nice option for only building updated files
- Added a few files we didn't need dockering to exclude list
refs #2622, refs #1340
- added documentation to grunt tasks which will replace the wiki page, including reordering the tasks to make the documentation easier to read
- removed grunt changelog which is no longer used
- merged jshint:shared into jshint:server
- cleanup of quote marks, formatting, line lengths etc
- also fixed the incorrect version number for grunt-docker
- added route tests to coverage
closes#2058
- fixed apiContext as suggested in the issue
- added user to options object for models
- added api.users.register() for public registration
- changed models to use options.user for created_by, updated_by,
author_id and published_by
- added override to session model to avoid created_by and updated_by
values
- added user (id: 1) to tests
- added user (id: 1) for registration
- added user (id: 1) for import, fixtures and default settings
- added user (id: 1) for user update
- added user (id: 1) for settings update (dbHash, installedApps, update
check)
- updated bookshelf to version 0.6.8
closes#2148
- Added core/server/xmlrpc.js
- Hook into post::saved to ping when a published post gets saved
- Added node package to hook into http requests
fixes#2075
- Updates knex to latest version
- Fixes expected value in page test
- Change fixture insertion to be sequential
- Add orderBy to insertMorePostsTags fixture helper
Closes#1379
- Convert to new api usage for both server-side and client-side
- Provide way require a negative response for boolean methods in
default-settings.json
- Add field validation functional tests
- Settings (General)
- Title length validation
- Description length validation
- postsPerPage, numeric, min, max
- Settings (User)
- Bio Length validation
- Location length validation
- Url validation
- Login
- Email validation
- Editor
- Title required validation
fixes#2272
- Remove libraries from shared/vendor
- Remove libraries from client/assets/vendor
- Add bower to package.json and postinstall
- Add bower.json with dependencies
- Add scripts from bower_components to concat/uglify
- Fix tests
- Serve jquery from /ghost/built/theme/
address #2078
- removes private: true flag from package.json
- created .npmignore file and moved all of buildGlob
file patterns into here, negating all patterns as
the npmignore file defines what is to be excluded
and not included.
- gruntfile now uses the inverse of the .npmignore file
to define what files to include in a release
expected behavior of npm packages
fixes#1053
- updates travis config to be more in line with
current dev steps
- fix `grunt-cli` warning from appearing when
running grunt
fixes#1053
- npm install doesn't need a path to grunt, and fails on Windows if it has one
- submodule update is handled by grunt (albeit badly... but let's fix that!)
fixes#1053
- fleshed out script object
- added test and install package.json
- updated contributing guide
- updates travis.yml to leverage new npm start
closes#2106
- downsize 0.0.5 contains the fix to accept single quote found inside a double-quote string or vice-versa
- created unit tests to properly check this scenario
fixes#1964, fixes#1975
- Issues with partial handling which caused #1964 have been part fixed by handlebars, part worked around by express-hbs, we must use `registerPartials` to ensure partials are handled correctly.
- Issue with error handling which caused #1975 has also been fixed in express-hbs, which now catches the error from handlebars and passes it to express so that we can handle the error with an error page.
Fixes#1227
- Removed deprecated `multipart` references.
- Setup `busboy` to pass along file streams and do a naive parse of form
values.
- Updated logic in file storage and db import to handle file streams
instead of the temporary files created by `multipart`.
closes#1203
- Update express-hbs module to the new version (0.5.2)
- Use two instance of hbs one for the theme and an other for the admin
- Template helpers are register as partial view
- Partial views of the theme are reload when the theme changed
Remove clear partial cache in handlebars
This code will be move in `express-hbs`.
This doesn't cause a problem to remove this line but it is not clean.
Remove unused hbs instance
Resolve conflict
- there is some sort of bug with 0.5.2 when combined with recent changes which results in the following error:
/home/travis/build/TryGhost/Ghost/node_modules/express-hbs/lib/hbs.js:128
if(count < self.partialsDir.length){
^
TypeError: Cannot read property 'length' of undefined
closes#1189
- added tests
- added request module
- added status codes to API calls
- fixed return values of API calls
- fixed that drafts caused an error when being deleted
- fixed X-Invalidate-Cache headers
- moved testUtils.js to utils/index.js
This includes a single build fix to help avoid install errors in the case that a user has needed to customize their npm `tmp` directory (like on a shared machine): https://github.com/mapbox/node-sqlite3/issues/212
v2.1.18 brings in build fixes so that better errors are reported in the case of a fallback to a source compile + other minor build fixes (so functional code changes) - refs #1269
issue #1287, issue #1147
- our support was partial, is based on node-sqlite3, which has dropped partial support as well
- node 0.11 is a dev version, and has lots of breaking changes
- we will add node 0.12 support when it is released
- Made a helper called ghostScriptTags that will spit out the relevant
script tags with version parameter; 4 unminified files in development,
1 minified file in production.
- Added grunt concat and uglify tasks to build files into core/built
- Fixed some unit tests by making them native date objects
issue #389
- Upgrade express-hbs to get template options access
- Grab config & settings with a hacky new method in ghost & pass to template options
- Settings are no longer passed to res.locals
Closes#374
* Included node-validator as a package
* Implemented server side validation (the client side js is a mess, need a LOT of work)
* Validates email address both on signup and login screens, gives error message on malformed email addresses
* Requires at least 8 chars of password
* Tells user if password is too short
* Tells user if no such user on login
* Tells user if wrong password on login
* Tells user if server responds with a 404 (goes away, dies, etc)
* Added middleware between req and login / signup for validation
Closes#354
* Reintroduced the redirect functionality (not logged in, tries to go to `/settings/user/`, is sent to `/login/` with info notification, after login user is taken to `/settings/user/)
* Reintroduced the "Successfully logged out" message
* Added middleware to scrub passive notifications from `ghost.notifications` after one use basically mimicing client side passive notifications
* Removed flash from everywhere. Even from package.json.
* Renamed flashed.hbs to notifications.hbs, modified default.hbs accordingly
* Added function to parse GET variables on client side
Adds the ability to run a new task via `grunt dev` that will watch our
sass, templates and javascript files for changes and reload them in the browser.
Also, refactored the Gruntfile to auto load all grunt-* tasks to remove
some code.
Fixes#256
- Developed and linked new module, downsize, for tag-safe truncation
- Altered existing content handler to accept options for truncation
- Added tests for handler
Using truncation:
{{content words=10}}
{{content characters=256}}
issue #40 and issue #280
- Adds uploader jquery plugin
- includes settings for enabling/disabling upload progress bar
- adds routing for image uploads
- adds directories by year and month based on upload date
- Implements plugin on settings - general pane
- Implements plugin on editor
- adjusted general tab to save uploaded image src
TODO:
- Add error handling
- Storing information on editor
- Add events
- grunt-jslint merged my changes and released a new version
- all other packages which have newer versions have also been updated
- nothing *seems* to have broken (ran both unit & functional tests...yay)
closes#292
- added engines and enginestrict properties to package.json
- these provide warnings / errors when installing through npm
- added our own check using this info on start, throws a useful error and stops the app if the node version is not supported
- also switched sqlite3 to the latest version and checked it works with various node versions
- Removing mocha-as-promised as this seemed to cause problems with later tests.
- Making failure mode for tests consistent.
- increasing timeout for pagination - would love to know why this is needed
The grunt-mocha-test task seems to be causing problems with our
beforeEach handlers in some cases. The grunt-mocha-cli task runs the
mocha command using grunt.util.spawn for more consistent results
- issue #154, issue #224 and issue #220
- change port number from 3333 to 2368
- change main file name from app.js to index.js
- update README & package.json to match
In order to remove the iiwf we need to be able to lint backend and frontend code separately.
Changed our devDependency for grunt-jslint to use a fork which has multiTask (PR sent to main repo)
Updated Gruntfile with split rules for the jslint tasks
As a result, a few files failed to pass the new rules, these have been fixed and added to the commit
Added a standard grunt build task for doing deploys, this works in tandem with the ghost-deploy.sh script
Switched grunt-zip for grunt-contrib-compress as it seems more stable/reliable
Solves #138.
* Removed user and user_roles from fixture
* Restricted user creation to one user. That user is id 1, is admin
* Changed tests so they accommodate for this fact
* Can not create new user (fails on test, flashes on signup)
Add a `grunt nightly` build task that copies needed files to a build
folder, then zips them up for distribution. We can also add a tag and
push it to github but I've only tested it with throwaway branches.
I made some guesses about the build folder and dist folder. If you
have a better way feel free to give some recommendations.
Related to #102.
Moving towards using an API which we can both expose publicly, and use internally.
Due to issues with JugglingDB, this breaks updating contentHTML on edit
Also, language, status, featured etc are all no long set / updated.