mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-15 11:34:24 +03:00
c6a95c6478
no issue - this commit cleans up the usages of `include` and `withRelated`. ### API layer (`include`) - as request parameter e.g. `?include=roles,tags` - as theme API parameter e.g. `{{get .... include="author"}}` - as internal API access e.g. `api.posts.browse({include: 'author,tags'})` - the `include` notation is more readable than `withRelated` - and it allows us to use a different easier format (comma separated list) - the API utility transforms these more readable properties into model style (or into Ghost style) ### Model access (`withRelated`) - e.g. `models.Post.findPage({withRelated: ['tags']})` - driven by bookshelf --- Commits explained. * Reorder the usage of `convertOptions` - 1. validation - 2. options convertion - 3. permissions - the reason is simple, the permission layer access the model layer - we have to prepare the options before talking to the model layer - added `convertOptions` where it was missed (not required, but for consistency reasons) * Use `withRelated` when accessing the model layer and use `include` when accessing the API layer * Change `convertOptions` API utiliy - API Usage - ghost.api(..., {include: 'tags,authors'}) - `include` should only be used when calling the API (either via request or via manual usage) - `include` is only for readability and easier format - Ghost (Model Layer Usage) - models.Post.findOne(..., {withRelated: ['tags', 'authors']}) - should only use `withRelated` - model layer cannot read 'tags,authors` - model layer has no idea what `include` means, speaks a different language - `withRelated` is bookshelf - internal usage * include-count plugin: use `withRelated` instead of `include` - imagine you outsource this plugin to git and publish it to npm - `include` is an unknown option in bookshelf * Updated `permittedOptions` in base model - `include` is no longer a known option * Remove all occurances of `include` in the model layer * Extend `filterOptions` base function - this function should be called as first action - we clone the unfiltered options - check if you are using `include` (this is a protection which could help us in the beginning) - check for permitted and (later on default `withRelated`) options - the usage is coming in next commit * Ensure we call `filterOptions` as first action - use `ghostBookshelf.Model.filterOptions` as first action - consistent naming pattern for incoming options: `unfilteredOptions` - re-added allowed options for `toJSON` - one unsolved architecture problem: - if you override a function e.g. `edit` - then you should call `filterOptions` as first action - the base implementation of e.g. `edit` will call it again - future improvement * Removed `findOne` from Invite model - no longer needed, the base implementation is the same
108 lines
3.3 KiB
JavaScript
108 lines
3.3 KiB
JavaScript
var Promise = require('bluebird'),
|
|
ghostBookshelf = require('./base'),
|
|
common = require('../lib/common'),
|
|
Subscriber,
|
|
Subscribers;
|
|
|
|
Subscriber = ghostBookshelf.Model.extend({
|
|
tableName: 'subscribers',
|
|
|
|
emitChange: function emitChange(event, options) {
|
|
options = options || {};
|
|
|
|
common.events.emit('subscriber' + '.' + event, this, options);
|
|
},
|
|
|
|
defaults: function defaults() {
|
|
return {
|
|
status: 'subscribed'
|
|
};
|
|
},
|
|
|
|
onCreated: function onCreated(model, response, options) {
|
|
model.emitChange('added', options);
|
|
},
|
|
|
|
onUpdated: function onUpdated(model, response, options) {
|
|
model.emitChange('edited', options);
|
|
},
|
|
|
|
onDestroyed: function onDestroyed(model, response, options) {
|
|
model.emitChange('deleted', options);
|
|
}
|
|
}, {
|
|
|
|
orderDefaultOptions: function orderDefaultOptions() {
|
|
return {};
|
|
},
|
|
/**
|
|
* @deprecated in favour of filter
|
|
*/
|
|
processOptions: function processOptions(options) {
|
|
return options;
|
|
},
|
|
|
|
permittedOptions: function permittedOptions(methodName) {
|
|
var options = ghostBookshelf.Model.permittedOptions(),
|
|
|
|
// whitelists for the `options` hash argument on methods, by method name.
|
|
// these are the only options that can be passed to Bookshelf / Knex.
|
|
validOptions = {
|
|
findPage: ['page', 'limit', 'columns', 'filter', 'order'],
|
|
findAll: ['columns']
|
|
};
|
|
|
|
if (validOptions[methodName]) {
|
|
options = options.concat(validOptions[methodName]);
|
|
}
|
|
|
|
return options;
|
|
},
|
|
|
|
permissible: function permissible(postModelOrId, action, context, unsafeAttrs, loadedPermissions, hasUserPermission, hasAppPermission) {
|
|
// CASE: external is only allowed to add and edit subscribers
|
|
if (context.external) {
|
|
if (['add', 'edit'].indexOf(action) !== -1) {
|
|
return Promise.resolve();
|
|
}
|
|
}
|
|
|
|
if (hasUserPermission && hasAppPermission) {
|
|
return Promise.resolve();
|
|
}
|
|
|
|
return Promise.reject(new common.errors.NoPermissionError({message: common.i18n.t('errors.models.subscriber.notEnoughPermission')}));
|
|
},
|
|
|
|
// TODO: This is a copy paste of models/user.js!
|
|
getByEmail: function getByEmail(email, unfilteredOptions) {
|
|
var options = ghostBookshelf.Model.filterOptions(unfilteredOptions, 'getByEmail');
|
|
options.require = true;
|
|
|
|
return Subscribers.forge().fetch(options).then(function then(subscribers) {
|
|
var subscriberWithEmail = subscribers.find(function findSubscriber(subscriber) {
|
|
return subscriber.get('email').toLowerCase() === email.toLowerCase();
|
|
});
|
|
|
|
if (subscriberWithEmail) {
|
|
return subscriberWithEmail;
|
|
}
|
|
}).catch(function (error) {
|
|
if (error.message === 'NotFound' || error.message === 'EmptyResponse') {
|
|
return Promise.resolve();
|
|
}
|
|
|
|
return Promise.reject(error);
|
|
});
|
|
}
|
|
});
|
|
|
|
Subscribers = ghostBookshelf.Collection.extend({
|
|
model: Subscriber
|
|
});
|
|
|
|
module.exports = {
|
|
Subscriber: ghostBookshelf.model('Subscriber', Subscriber),
|
|
Subscribers: ghostBookshelf.collection('Subscriber', Subscribers)
|
|
};
|