Commit Graph

145 Commits

Author SHA1 Message Date
Cameron Viner
faba83d5dc deps: should@8.2.1
closes #6448
-upgraded should.js to the latest version (8.2.1)
-Changed the tests so that they comply with the breaking changes introduced in the new version of should.js
-Installs the package should-http so should.be.json() can be used
-Installs the package should-sinon so that should.be.calledOnce() can be used
2016-02-09 13:39:10 +00:00
Jason Williams
2528ce5304 deps: supertest@1.1.0
Closes #6449
- supertest now includes a `.then()` method and as a
  result, only one of either .then or .end may be called on
  a request object.
2016-02-07 13:10:27 -06:00
Hannah Wolfe
08e5848d4a Fix cache-control header for sitemaps
no issue

- sitemaps were getting max-age=undefined as they were depending on the wrong utils folder
- test + fix included
2016-01-25 17:56:05 +00:00
Kevin Ansfield
da0a0c559b Move user/cover image files used in admin team area into the client folder
no issue
- fixes potential "mixed content" warnings if non-admin urls are redirected
2016-01-14 16:26:48 +00:00
Hannah Wolfe
4a7a19c86a Merge pull request #6070 from kevinkucharczyk/harvesting-server-side-strings
Harvest server side strings
2016-01-12 20:04:53 +00:00
JT Turner
e4c52a6915 Fix urlFor to handle secure correctly
issue #6270
- Exposed getBaseUrl on the config class.
- Fix formatting config index as array was more then 140 characters long.
- Updated getBaseUrl to handle secure by replacing http with https if true.
- Fixed ghost_head helper to output canonical base url no https.
- Fixed ghost_head helper to set secure correctly for the rss link.
- Fixed navigation helper to pass secure in each nav item, so that urlFor can u$
- Fixed {{url}} to pass secure correctly to config.urlFor.
- Fixed test to use urlSSL over https besides for canonical.
- Add tests for {{url}} and to make sure they output https for absolute and secure.
- Update twitter and og url to use the canonical url.
2016-01-11 19:40:30 -08:00
rfpe
7abcc43907 Harvest server side strings
closes #5617
- Replace all hard-coded server-side strings with i18n translations
2015-12-19 12:12:16 +01:00
Hannah Wolfe
8c355349b3 No more soft 404s in pagination
closes #6201

- redirects for page/1/ or rss/1/ are now 301s
- any other invalid page now 404s
2015-12-10 15:00:02 +00:00
Brandon Hops
0a06af02d5 Remove unused base_test.js 2015-11-28 18:46:13 -08:00
Austin Burdine
67a6b4c07b allow api requests to be made with the access token as a query parameter
closes #6040
- adds check for access token query parameter in auth middleware
2015-11-12 11:26:18 -06:00
Alex Cusack
6b94390cd7 remove console log for passing test 2015-11-09 10:51:37 -08:00
Sebastian Gierlinger
ddf9874fa1 Disallow staticPages from public API
refs #5151
- disable staticPages parameter for calls without authentication
2015-11-04 10:03:27 +01:00
Hannah Wolfe
8db90bae73 Merge pull request #5984 from sebgie/issue#5941
Move Public API behind labs flag
2015-11-02 16:15:50 +00:00
Kevin Ansfield
92123e427f Use tag slugs in URLs for tag management and add front-end edit redirect
refs #5845
- adds custom adapter for tags so that `store.queryRecord('tag', {slug: 'tag-slug'})` hits the `/tags/slug/tag-slug` endpoint instead of `/tags/?slug=tag-slug`
- updates tag management screens to use tag slugs instead of IDs
- adds `/tag/:slug/edit` redirect to front-end
2015-11-02 14:56:59 +00:00
Sebastian Gierlinger
bf65c136ce Move Public API behind labs flag
closes #5941
- added UI to labs page
- added method to determine if full authentication is required
- updated public_api tests to enable public api first
2015-11-02 14:18:58 +01:00
Hannah Wolfe
d6fb21fa28 Don't use api to lookup theme in frontend controller
no issue

- small fix, we already have the info, no need to look it up again
2015-10-30 19:02:06 +00:00
cobbspur
d0d126eba7 Ensure public api can uses limit parameter
No Issue

- removes client id and secret after authentication
- adds tests to check default limit, all and integer
2015-10-29 15:36:54 +00:00
Hannah Wolfe
b8a3415726 Remove featured, tag, author & role API params
refs #5943

- removed featured, tag and author parameters from posts API
   - featured was only used in tests
- removed role filter from users API
   - role was only used in tests
- fixed up the tests, skipping those that don't quite work yet
2015-10-27 10:53:51 +00:00
Hannah Wolfe
e9035fde4e Switch frontend controller to use new filter param
refs #5943, #5091

- updated fetch-data to handle multiple api queries
- using named keys for queries so that the names of items in the result are correct (tag instead of tags etc)
- updated channel configs in frontend controller
- removed old filter code from frontend controller
- added test coverage for fetch-data and format-response
- fixes / removes tests which are broken by the refactor
2015-10-26 09:40:19 +00:00
Sebastian Gierlinger
f48dfb09cf Public API
refs #4180
closes #4181
- added client and user authentication
- added authenticatePublic/authenticatePrivate as workaround for
missing permissions
- added domain validation
- added CORS header for valid clients
- merged authenticate.js and client-auth.js into auth.js
- removed middleware/api-error-handlers.js
- removed authentication middleware
- added and updated tests
2015-10-22 15:28:47 +02:00
Hannah Wolfe
106dcb77be deps: rss@1.2.0
- Required test fix, as newline has been removed from the end of the <?xml decl
2015-10-16 17:53:22 +01:00
Kevin Ansfield
ff73f1af92 deps: grunt-jscs@2.1.0
no issue
- update grunt-jscs dependency
- fix deprecated `validateJSDoc` configuration
- fix numerous linting errors, including:
  - use of future-reserved `public` and `private` variable names
  - use of `[]` instead of dot-notation (especially `express['static']` and `cacheRules['x']`)
  - extra spaces in `const { run } = Ember` style constructs

One issue that did become apparent is that there are conflicting rules that prevent the use of object function shorthand such that both of these:

```
{ myFunc() {} }
{ myFunc () {} }
```

are called out due to either the missing or the extra space before the `(`
2015-10-12 19:21:16 +01:00
Hannah Wolfe
26231d5bd3 Fix /author/ pages crashing & permit /tag/
fixes #5905

- update context patterns to correctly match author & tag pages
- remove 'tag' and 'tags' from reserved slugs - we'll handle this in terms of overrides in future
2015-10-10 14:52:23 +01:00
Hannah Wolfe
545bea0eaf Return a single 422 error for invalid values
refs #5808

- Fix the API to return a single 422 error when an invalid value is passed
- Only affects Browse, and not Read at present due to differences in how they are handled
- Frontend was changed to always 404 in #5851
- Adds tests to ensure all cases are covered
2015-09-25 10:30:49 +01:00
Hannah Wolfe
8895f41ee2 Uncapitalise respects subdirectories & no encoding
no issue

- Uncapitalise was dropping the subdirectory when redirecting - so the base url has been added where present
- Uncapitalise was also working differently in node 0.10 and 0.12 - so the path is decoded before testing for uppercase
- Adds some test coverage
2015-09-24 18:52:30 +01:00
Hannah Wolfe
07e18cbdff Merge pull request #5863 from acburdine/author-edit
Add `/author/:slug/edit/` route to frontend
2015-09-24 08:42:55 +01:00
Austin Burdine
61705cf5f4 add author edit route
no issue
- adds front-end author edit route that redirects to the edit author page
- adds tests for edit route
2015-09-23 08:33:09 -05:00
Nazar Gargol
fd7e118ed5 Returns 404 page instead of crashing a server whenever special characters are used for tag filtering
closes #5808
refs #5816
- adds additional filtering any 'slug' containing content in `renderChannel` for frontend
- adds test for invalid characters in tag slug
2015-09-20 22:47:34 +02:00
Sebastian Gierlinger
f22796ff7d Add dynamic client_id/client_secret
no issue
- added ghost-admin client_id to admin
- added ghost-admin client_secret to admin
- added client.read() api endpoint
- added random generation of client_secret to migration
- removed addClientSecret method
- updated tests
2015-09-02 16:39:34 +01:00
Kevin Ansfield
7ac6ebb920 Refactor notifications service & components
issue #5409

- change persistent/passive notification status to alert/notification
- replace showSuccess/Info/Warn/Error with showNotification/showAlert
- fix and clean up notification/alert components
2015-07-28 12:26:11 +01:00
Jason Williams
b6cbd2d4bd Merge pull request #5427 from ErisDS/api-reshuffle
API mini-cleanup + 405 errors
2015-06-15 10:26:11 -05:00
Jason Williams
225dc84367 Merge pull request #5417 from ErisDS/rss-url
Use urlJoin in RSS + test coverage
2015-06-15 10:23:41 -05:00
Fabian Becker
b15f1daf5a Throw 405 - Method not allowed for api routes
closes #2757
- New error MethodNotAllowed
- Throw 405 if valid path but invalid method is used is apiRouter
- Adds api base tests
2015-06-15 09:43:39 +01:00
Hannah Wolfe
34b22eefa2 Use urlJoin in RSS + test coverage
refs #1833

- move RSS tests to be in rss_spec.js
- improve RSS test coverage
- fix a bug with RSS title generation for tag RSS feeds
- replace custom code in processUrls with urlJoin
2015-06-10 09:18:52 +01:00
Jason Williams
6c9682cdd9 Make sure done() is called from before hooks 2015-06-09 22:46:26 -05:00
John O'Nolan
93b0505d68 Fixup broken error page styles 2015-06-08 12:14:58 +01:00
Sebastian Gierlinger
c6176e4d38 Merge pull request #5292 from ErisDS/preview-cache-invalidate
Cache invalidate for previews
2015-05-20 09:31:28 +02:00
Hannah Wolfe
e5cc169bf7 Removing really old admin comments
refs #1773
2015-05-19 19:03:41 +01:00
Hannah Wolfe
023755c566 Cache invalidate for previews
no issue

- draft updates now need to affect the preview route
2015-05-19 18:32:00 +01:00
Adrian Estrada
107c9602c1 API: Adding featured filter option to posts.browse
Closes #5152
- Adds `featured` filter option to posts.browse method modifying the model to take it too
2015-05-13 16:18:50 -05:00
Jason Williams
dae66d00be Upgrade grunt-jscs to fix whitespace linting.
No issue.
- grunt-jscs@1.8.0
- Fix formatting
2015-04-30 16:14:19 -05:00
Matt Enlow
433956c102 Add post preview via uuid (/p/:uuid)
Refs #5097

- All drafts will show a preview link (this needs real css)
- Published posts will redirect
- prev/next post helpers only activate on published posts
- Powered by ~10 pints between the two of us (@ErisDS, @novaugust)
2015-04-30 11:57:37 +01:00
Sebastian Gierlinger
fdcb67d3cc Rename error.type to error.errorType
closes #5178
- renamed error.type to error.errorType
2015-04-22 22:29:45 +02:00
Hannah Wolfe
6d04ead9f2 Switch test coverage to use Istanbul
closes #4644

- Switch from using blanket to istanbul
- Rename some test files for consistency (and so that they will run)
2015-04-19 15:54:05 +01:00
Hannah Wolfe
1b585f213c Cache invalidation can no longer be so clever
no issue

With the introduction of the prev/next helpers (and soon, get helper) we can no longer make any assumptions
about exactly which pages need to be cleared from the cache when a post is published/unpublished.
2015-04-14 16:34:34 +01:00
Hannah Wolfe
14134fb4b0 Add media:content support to RSS
refs #2263, #4888

- Adds media:content element to Ghost Rt pSS feeds containing the post cover image if one is available
- Removes the prepending of the image to the `<description>` field
- Keeps the prepending of the image in `<content:encoded>`
2015-04-06 18:47:10 +01:00
Hannah Wolfe
79d213436e Improve RSS feed
refs #2263

- Switch content type back to text/xml
- Use content:encode for full content
- Use meta description or first 50 words of content for description
2015-04-03 19:00:00 +01:00
Jason Williams
5b72a0eb18 fix routes test. ember-mocha@0.4.2 2015-03-11 12:37:42 -06:00
Hannah Wolfe
cde1842750 Check ids match on edit
no issue

- It should not be possible to provide a different ID in the object being edited to that provided in the URL
- We now send the id to check object to ensure there is a match

Credits: Matteo Beccaro
2015-02-28 16:25:37 +00:00
Eugene Kulabuhov
0e2709c42f [API] Retrieve next and previous post
closes #4262
- implementation based on #1545
- added integration test. Modified mocked posts because code requires published_at timestamps to be different.
- fixed 2 broken tests that depended on mocked posts to have "new Date()" as their timestamps
- added checks to only query db if next/previous post requested
2015-01-13 12:49:16 +00:00