Commit Graph

2487 Commits

Author SHA1 Message Date
David Arvelo
87cda81c84 Sanitize models' attributes/options before passing to bookshelf/knex
closes #2653
- enforce strict whitelists for model methods
- create a class method that reports a model method's valid options
- create a class method that filters a model's valid attributes from data
- create a class method that filters valid options from a model method's options hash
2014-05-06 23:02:49 -04:00
Jacob Gable
9c9cfe763a Update users api canThis context
- Update api.users methods to pass the whole context to canThis instead
of just this.user
2014-05-06 20:11:15 -05:00
Fabian Becker
2795e723e1 Move to new API format for Settings.
refs #2606
- Use new API format when updating settings from the client side
- Add additional test to test new API format
- Adjust functional tests to work with the new format
2014-05-06 19:02:55 +00:00
Hannah Wolfe
7de8025bed Merge pull request #2691 from sebgie/omit-password
Refactor omit of password
2014-05-06 12:04:56 +01:00
Sebastian Gierlinger
b98709b3ce Refactor omit of password
- remove password in toJSON() instead of filtering every occurrence of
user
- changed faulty error type ‚NotFound‘ to ‚NoPermission‘
2014-05-06 12:14:58 +02:00
Hannah Wolfe
8a4e0e27f2 Merge pull request #2687 from shindakun/expressgzip
Add gzip compression, can be enabled/disabled in config.js
2014-05-06 08:24:54 +01:00
Steve
c7459b1d9f Add gzip compression, can be disabled in config.js
Closes #1305
- added compression module
- added new server config variable: compress
- gzip enabled by default
2014-05-05 18:29:13 -07:00
Hannah Wolfe
676d524ea4 Merge pull request #2688 from ErisDS/model-cleanup
Consistency in model method naming
2014-05-06 00:47:57 +01:00
Hannah Wolfe
31fc84cefb Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-06 00:36:42 +01:00
Hannah Wolfe
fc1cbac7b8 Merge pull request #2665 from halfdan/2637-persistent-notifications
Proper endpoints for persistent notifications
2014-05-06 00:35:11 +01:00
Fabian Becker
2a803aecdd Proper endpoints for persistent notifications
closes #2637
- Add new get API route for all notifications
- Wrap API responses to comply with JSON-API
- Add new tests / adjust fixtures
- Adjust all occurences of passive notifications
2014-05-06 00:05:14 +02:00
Hannah Wolfe
046993add0 Docs: switch to docker & finalise config
- We no longer need grunt-groc as we are going to use docker instead
 - Compile docker to 'docs'
 - Docker has a nice option for only building updated files
 - Added a few files we didn't need dockering to exclude list
2014-05-05 23:04:14 +01:00
Hannah Wolfe
d4b1693a2c Merge pull request #2692 from cobbspur/newerror
updated error handling on all mocha tests
2014-05-05 22:58:28 +01:00
cobbspur
b201b06e56 updated error handling on all mocha tests
- switch to using catch
- added error handling where missing
2014-05-05 21:58:58 +01:00
Hannah Wolfe
942f259908 Merge pull request #2669 from sebgie/issue#2643
Change error message response
2014-05-05 21:11:39 +01:00
Sebastian Gierlinger
39e654e9c3 Change error message response
closes #2643
- added error type
- added error property for validations
- wrapped errors in an array
- returns multiple errors for validation
- updated tests and admin
2014-05-05 15:51:21 +02:00
Hannah Wolfe
acd71d423e Merge pull request #2677 from jaswilli/issue-2635
Add location header to response when new object is created
2014-05-04 16:05:54 +01:00
Jason Williams
d0931aa455 Add location header to response when new object is created
closes #2635
- add new logic to the api request handler to set a location header
  when new objects are created
- added an api context to config.urlFor() to return the root url
- added functional tests for the affected routes
2014-05-04 14:52:01 +00:00
Hannah Wolfe
23741ebe57 Merge pull request #2685 from jaswilli/issue-2681
Adjust update check to handle changes in API calls
2014-05-04 15:40:45 +01:00
Jason Williams
4d41e12c02 Adjust update check to handle changes in API calls
closes #2681
- fixed api calls and response parsing
- added a test to for update check
- adjusted gruntfile.js to run new update check integration test
2014-05-04 01:36:00 +00:00
Hannah Wolfe
bfd7610e36 Merge pull request #2683 from lennerd/issue-2680
Return new tags when posts are created via API
2014-05-03 19:54:24 +01:00
lennerd
66a046b00b Return new tags when posts are created via API
closes #2680
- added include options when adding a post
- added functional and integrational tests
2014-05-03 19:24:11 +02:00
Hannah Wolfe
0c252fb687 Gruntfile Cleanup & Documentation
refs #2622, refs #1340

- added documentation to grunt tasks which will replace the wiki page, including reordering the tasks to make the documentation easier to read
- removed grunt changelog which is no longer used
- merged jshint:shared into jshint:server
- cleanup of quote marks, formatting, line lengths etc
- also fixed the incorrect version number for grunt-docker
- added route tests to coverage
2014-05-03 17:59:50 +01:00
Hannah Wolfe
f84d3d32e5 Adding docker for trying out docs generation
issue #2622

- yes 'docks' is a silly directory name but it's easier to remember which is which than docs and docs2
2014-05-03 12:38:59 +01:00
Hannah Wolfe
2c0ba46383 Merge pull request #2682 from ErisDS/issue-2593
Move user API to primary document format
2014-05-02 21:14:16 +01:00
Hannah Wolfe
f2071eedb2 Move user API to primary document format
closes #2593

- added new format to user API methods
- changed all places where the user api was used
- updated tests and added more coverage
- little bit of cleanup in utils/api
2014-05-02 20:50:44 +01:00
Hannah Wolfe
ebdbf8a7aa Merge pull request #2661 from jgable/settingsPrimaryDocument
Settings API Primary Document refactor
2014-05-02 15:55:31 +01:00
Hannah Wolfe
94ed8a5cea Merge pull request #2670 from jaswilli/issue-2628
Redirect from admin editor to frontend post view
2014-05-02 14:59:24 +01:00
Hannah Wolfe
ca3b3782bc Merge pull request #2678 from jaswilli/issue-2273
Add functional test for markdown help modal in editor
2014-05-02 08:16:09 +01:00
Jason Williams
c1bddf4182 Add functional test for markdown help modal in editor
closes #2273
2014-05-02 00:41:46 +00:00
Hannah Wolfe
de4ef7ed83 Merge pull request #2676 from wub/master
Improving uploader "too big" error to help with debug
2014-05-01 22:45:16 +01:00
Jarrod Mosen
1153c3ffd1 Improving uploader "too big" error to help with debug
#994
2014-05-02 08:35:49 +12:00
Hannah Wolfe
0965d82b18 Merge pull request #2659 from appleYaks/clean-transpiled
Clean transpiled ember files when they're changed or deleted
2014-05-01 20:20:58 +01:00
Jacob Gable
7e9880ce8d Settings API Primary Document refactor
Closes #2606

- Refactor settings api responses to { settings: [ ] } format
- Update all code using api.settings to handle new response format
- Update test stubs to return new format
- Update client site settings model to parse new format into one object of key/value pairs
- Refactor to include all setting values
- Remove unused settingsCollection method
- Update settingsCache to store all attributes
- Update settingsResult to send all attributes
- Remove unnecessary when() wraps
- Reject if editing a setting that doesn't exist
- Reject earlier if setting key is empty
- Update tests with new error messages
- Use setting.add instead of edit that was incorrectly adding
- Update importer to properly import activePlugins and installedPlugins
- Update expected setting result fields
- Fix a weird situation where hasOwnProperty didn't exist 🤷
2014-04-30 23:15:27 -05:00
Jason Williams
4b46d85c26 Redirect from admin editor to frontend post view
closes #2628
- added /view/ route to the editor. if /view/ is appended to
  the url of a post being edited a redirect to the frontend
  will occur
- updated controller to check for /view/ and built the
  correct url for the post
- added test for the new route
2014-05-01 01:50:24 +00:00
Hannah Wolfe
b192dd9303 Merge pull request #2662 from sebgie/issue#2660
Removed 2 sec pause
2014-04-30 14:03:37 +01:00
David Arvelo
b3ba64adbb Grunt clean .tmp/ when ember files are changed or deleted
closes #2658
- adds the `clean:tmp` task to the list of ember watch tasks
- adds the `clean:tmp` task to the emberBuild task

This ensures pruned ember modules are cleared out automagically.
2014-04-29 15:13:23 -04:00
Sebastian Gierlinger
00ba9fc898 Removed 2 sec pause
refs #2660
- removed timeout from routes tests (since Ghost is used as module it
is restarted before logging in)
- Casper.js does only one login and the existing waits are executed
after testing login limiters
- gain: 8 sec :-/
2014-04-29 12:06:02 +02:00
Hannah Wolfe
bb75a1f96c Converting aspect -> filters for tag pages
fixes the build

- PR #2238 added an extra reference to aspect which wasn't fixed by #2652, this resolves that
2014-04-28 19:54:16 +01:00
Hannah Wolfe
c347d3fd1c Merge pull request #2652 from sebgie/issue#2620
Additional objects
2014-04-28 16:23:21 +01:00
Hannah Wolfe
3ffa552cfc Merge pull request #2238 from gimelfarb/fix-1838-admin-ssl
Support for urlSSL config option and forceAdminSSL 403 response
2014-04-28 16:20:06 +01:00
Hannah Wolfe
b82ebac44c Merge pull request #2631 from jgable/appProxyContext
AppProxy with permissions checks and app context
2014-04-28 12:17:29 +01:00
Lev Gimelfarb
a013840503 Support for urlSSL config option and forceAdminSSL 403 response
closes #1838
- adding `forceAdminSSL: {redirect: true/false}` option to allow 403 over non-SSL rather than redirect
- adding `urlSSL` option to specify SSL variant of `url`
- using `urlSSL` when redirecting to SSL (forceAdminSSL), if specified
- dynamically patching `.url` property for view engine templates to use SSL variant over HTTPS connections (pass `.secure` property as view engine data)
- using `urlSSL` in a "reset password" email, if specified
- adding unit tests to test `forceAdminSSL` and `urlSSL` options
- created a unit test utility function to dynamically fork a new instance of Ghost during the test, with different configuration options
2014-04-27 17:01:49 -04:00
Sebastian Gierlinger
e1bbc60467 Additional objects
closes #2620
- moved aspect -> filters
- updated tests
- fixed inconsistency in pagination object
2014-04-27 19:34:44 +02:00
Hannah Wolfe
33884e760a Merge pull request #2646 from sebgie/issue#2609
Add include parameter for posts API
2014-04-27 18:21:00 +01:00
Sebastian Gierlinger
1e62400465 Add include parameter for posts API
closes #2609
- added include parameter to api.posts.*
- changed toJSON to omit objects that are not included
- added include parameter to admin
- added include parameter to frontend.js
- updated tests
- removed duplicate code from posts model

**Known Issue:** It is not possible to attach a tag using an ID.
2014-04-27 18:58:34 +02:00
Jacob Gable
822cb2d9f6 AppProxy with permissions checks and app context
Ref #2059

- Refactor appProxy into class that is instantiated per App
- Check for permissions before doing proxied filter/helper calls
- Add all currently existing api methods, let api check for permissions
- Basic unit tests for filter and helper register/deregister
- Adjusted proxy api method existence unit tests
2014-04-26 10:38:23 -05:00
Hannah Wolfe
d089ddfe87 Merge pull request #2651 from sebgie/issue#2638
Changed boolean handling
2014-04-25 14:54:39 +01:00
Sebastian Gierlinger
0bdfadd9d6 Changed boolean handling
closes #2638
- replaced format() with parse() to convert values when fetched
- changed validation from integer to boolean
- added checks to tests
2014-04-25 09:55:53 +02:00
Hannah Wolfe
999136a1f9 Merge pull request #2644 from andschwa/master
Adding public to reserved slugs
2014-04-24 09:15:21 +01:00