Ghost/core/server/api/canary/pages.js

const models = require('../../models');
const i18n = require('../../../shared/i18n');
const errors = require('@tryghost/errors');
const urlUtils = require('../../../shared/url-utils');
const ALLOWED_INCLUDES = ['tags', 'authors', 'authors.roles'];
const UNSAFE_ATTRS = ['status', 'authors', 'visibility'];

module.exports = {
    docName: 'pages',
    browse: {
        options: [
            'include',
            'filter',
            'fields',
            'formats',
            'limit',
            'order',
            'page',
            'debug',
            'absolute_urls'
        ],
        validation: {
            options: {
                include: {
                    values: ALLOWED_INCLUDES
                },
                formats: {
                    values: models.Post.allowedFormats
                }
            }
        },
        permissions: {
            docName: 'posts',
            unsafeAttrs: UNSAFE_ATTRS
        },
        query(frame) {
            return models.Post.findPage(frame.options);
        }
    },

    read: {
        options: [
            'include',
            'fields',
            'formats',
            'debug',
            'absolute_urls',
            // NOTE: only for internal context
            'forUpdate',
            'transacting'
        ],
        data: [
            'id',
            'slug',
            'uuid'
        ],
        validation: {
            options: {
                include: {
                    values: ALLOWED_INCLUDES
                },
                formats: {
                    values: models.Post.allowedFormats
                }
            }
        },
        permissions: {
            docName: 'posts',
            unsafeAttrs: UNSAFE_ATTRS
        },
        query(frame) {
            return models.Post.findOne(frame.data, frame.options)
                .then((model) => {
                    if (!model) {
                        throw new errors.NotFoundError({
                            message: i18n.t('errors.api.pages.pageNotFound')
                        });
                    }

                    return model;
                });
        }
    },

    add: {
        statusCode: 201,
        headers: {},
        options: [
            'include',
            'formats',
            'source'
        ],
        validation: {
            options: {
                include: {
                    values: ALLOWED_INCLUDES
                },
                source: {
                    values: ['html']
                }
            }
        },
        permissions: {
            docName: 'posts',
            unsafeAttrs: UNSAFE_ATTRS
        },
        query(frame) {
            return models.Post.add(frame.data.pages[0], frame.options)
                .then((model) => {
                    if (model.get('status') !== 'published') {
                        this.headers.cacheInvalidate = false;
                    } else {
                        this.headers.cacheInvalidate = true;
                    }

                    return model;
                });
        }
    },

    edit: {
        headers: {},
        options: [
            'include',
            'id',
            'formats',
            'source',
            'force_rerender',
            // NOTE: only for internal context
            'forUpdate',
            'transacting'
        ],
        validation: {
            options: {
                include: {
                    values: ALLOWED_INCLUDES
                },
                id: {
                    required: true
                },
                source: {
                    values: ['html']
                }
            }
        },
        permissions: {
            docName: 'posts',
            unsafeAttrs: UNSAFE_ATTRS
        },
        async query(frame) {
            const model = await models.Post.edit(frame.data.pages[0], frame.options);

            if (
                model.get('status') === 'published' && model.wasChanged() ||
                model.get('status') === 'draft' && model.previous('status') === 'published'
            ) {
                this.headers.cacheInvalidate = true;
            } else if (
                model.get('status') === 'draft' && model.previous('status') !== 'published' ||
                model.get('status') === 'scheduled' && model.wasChanged()
            ) {
                this.headers.cacheInvalidate = {
                    value: urlUtils.urlFor({
                        relativeUrl: urlUtils.urlJoin('/p', model.get('uuid'), '/')
                    })
                };
            } else {
                this.headers.cacheInvalidate = false;
            }

            return model;
        }
    },

    destroy: {
        statusCode: 204,
        headers: {
            cacheInvalidate: true
        },
        options: [
            'include',
            'id'
        ],
        validation: {
            options: {
                include: {
                    values: ALLOWED_INCLUDES
                },
                id: {
                    required: true
                }
            }
        },
        permissions: {
            docName: 'posts',
            unsafeAttrs: UNSAFE_ATTRS
        },
        query(frame) {
            frame.options.require = true;

            return models.Post.destroy(frame.options)
                .then(() => null)
                .catch(models.Post.NotFoundError, () => {
                    return Promise.reject(new errors.NotFoundError({
                        message: i18n.t('errors.api.pages.pageNotFound')
                    }));
                });
        }
    }
};
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`const models = require('../../models');`
Moved i18n to shared refs https://github.com/TryGhost/Ghost/commit/829e8ed010adf5d0856cdc840c53a447e6b8ac2e - i18n is used everywhere but only requires shared or external packages, therefore it's a good candidate for living in shared - this reduces invalid requires across frontend and server, and lets us use it everywhere until we come up with a better option 2021-05-03 19:29:44 +03:00			`const i18n = require('../../../shared/i18n');`
Refactored `common` lib import to use destructuring (#11835) * refactored `core/frontend/apps` to destructure common imports * refactored `core/frontend/services/{apps, redirects, routing}` to destructure common imports * refactored `core/frontend/services/settings` to destructure common imports * refactored remaining `core/frontend/services` to destructure common imports * refactored `core/server/adapters` to destructure common imports * refactored `core/server/data/{db, exporter, schema, validation}` to destructure common imports * refactored `core/server/data/importer` to destructure common imports * refactored `core/server/models/{base, plugins, relations}` to destructure common imports * refactored remaining `core/server/models` to destructure common imports * refactored `core/server/api/canary/utils/serializers/output` to destructure common imports * refactored remaining `core/server/api/canary/utils` to destructure common imports * refactored remaining `core/server/api/canary` to destructure common imports * refactored `core/server/api/shared` to destructure common imports * refactored `core/server/api/v2/utils` to destructure common imports * refactored remaining `core/server/api/v2` to destructure common imports * refactored `core/frontend/meta` to destructure common imports * fixed some tests referencing `common.errors` instead of `@tryghost/errors` - Not all of them need to be updated; only updating the ones that are causing failures * fixed errors import being shadowed by local scope 2020-05-22 21:22:20 +03:00			`const errors = require('@tryghost/errors');`
Moved core/server/lib/url-utils to core/shared/url-utils (#11856) * moved url-utils from server to shared * updated imports of url-utils 2020-05-28 13:57:02 +03:00			`const urlUtils = require('../../../shared/url-utils');`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`const ALLOWED_INCLUDES = ['tags', 'authors', 'authors.roles'];`
Permission restrictions for `post.visibility` modifications (#11213) no issue - Limited posts visibility field permissions to Editor-Up + Admin Integrations - We don't want contributors or other roles lower than Editor to be able to modify content gating attribute 2019-10-08 16:44:27 +03:00			`const UNSAFE_ATTRS = ['status', 'authors', 'visibility'];`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00
			`module.exports = {`
			`docName: 'pages',`
			`browse: {`
			`options: [`
			`'include',`
			`'filter',`
			`'fields',`
			`'formats',`
			`'limit',`
			`'order',`
			`'page',`
			`'debug',`
			`'absolute_urls'`
			`],`
			`validation: {`
			`options: {`
			`include: {`
			`values: ALLOWED_INCLUDES`
			`},`
			`formats: {`
			`values: models.Post.allowedFormats`
			`}`
			`}`
			`},`
			`permissions: {`
			`docName: 'posts',`
			`unsafeAttrs: UNSAFE_ATTRS`
			`},`
			`query(frame) {`
			`return models.Post.findPage(frame.options);`
			`}`
			`},`

			`read: {`
			`options: [`
			`'include',`
			`'fields',`
			`'formats',`
			`'debug',`
			`'absolute_urls',`
			`// NOTE: only for internal context`
			`'forUpdate',`
			`'transacting'`
			`],`
			`data: [`
			`'id',`
			`'slug',`
			`'uuid'`
			`],`
			`validation: {`
			`options: {`
			`include: {`
			`values: ALLOWED_INCLUDES`
			`},`
			`formats: {`
			`values: models.Post.allowedFormats`
			`}`
			`}`
			`},`
			`permissions: {`
			`docName: 'posts',`
			`unsafeAttrs: UNSAFE_ATTRS`
			`},`
			`query(frame) {`
			`return models.Post.findOne(frame.data, frame.options)`
			`.then((model) => {`
			`if (!model) {`
Refactored `common` lib import to use destructuring (#11835) * refactored `core/frontend/apps` to destructure common imports * refactored `core/frontend/services/{apps, redirects, routing}` to destructure common imports * refactored `core/frontend/services/settings` to destructure common imports * refactored remaining `core/frontend/services` to destructure common imports * refactored `core/server/adapters` to destructure common imports * refactored `core/server/data/{db, exporter, schema, validation}` to destructure common imports * refactored `core/server/data/importer` to destructure common imports * refactored `core/server/models/{base, plugins, relations}` to destructure common imports * refactored remaining `core/server/models` to destructure common imports * refactored `core/server/api/canary/utils/serializers/output` to destructure common imports * refactored remaining `core/server/api/canary/utils` to destructure common imports * refactored remaining `core/server/api/canary` to destructure common imports * refactored `core/server/api/shared` to destructure common imports * refactored `core/server/api/v2/utils` to destructure common imports * refactored remaining `core/server/api/v2` to destructure common imports * refactored `core/frontend/meta` to destructure common imports * fixed some tests referencing `common.errors` instead of `@tryghost/errors` - Not all of them need to be updated; only updating the ones that are causing failures * fixed errors import being shadowed by local scope 2020-05-22 21:22:20 +03:00			`throw new errors.NotFoundError({`
			`message: i18n.t('errors.api.pages.pageNotFound')`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`});`
			`}`

			`return model;`
			`});`
			`}`
			`},`

			`add: {`
			`statusCode: 201,`
			`headers: {},`
			`options: [`
✨ Allowed pages to accept HTML as a source (#11422) refs https://github.com/TryGhost/Ghost/issues/10471 - Allow page resource endpoints to accept HTML source. This behavior is the same as the post's resource introduced with e9ecf70ff7372f395b8917340805148bc764e2ef - The functionality was most likely missed when post split into posts & pages was happening. - Added symmetric changes to API v2. 2020-01-08 19:44:34 +03:00			`'include',`
Allowed `?formats` param in Admin API post+page create/edit requests no issue - `?formats` is useful when you want to get `html` back from the Admin API when creating/editing posts, otherwise you're forced to make a following `GET` request 2020-06-18 15:59:01 +03:00			`'formats',`
✨ Allowed pages to accept HTML as a source (#11422) refs https://github.com/TryGhost/Ghost/issues/10471 - Allow page resource endpoints to accept HTML source. This behavior is the same as the post's resource introduced with e9ecf70ff7372f395b8917340805148bc764e2ef - The functionality was most likely missed when post split into posts & pages was happening. - Added symmetric changes to API v2. 2020-01-08 19:44:34 +03:00			`'source'`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`],`
			`validation: {`
			`options: {`
			`include: {`
			`values: ALLOWED_INCLUDES`
✨ Allowed pages to accept HTML as a source (#11422) refs https://github.com/TryGhost/Ghost/issues/10471 - Allow page resource endpoints to accept HTML source. This behavior is the same as the post's resource introduced with e9ecf70ff7372f395b8917340805148bc764e2ef - The functionality was most likely missed when post split into posts & pages was happening. - Added symmetric changes to API v2. 2020-01-08 19:44:34 +03:00			`},`
			`source: {`
			`values: ['html']`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`}`
			`}`
			`},`
			`permissions: {`
			`docName: 'posts',`
			`unsafeAttrs: UNSAFE_ATTRS`
			`},`
			`query(frame) {`
			`return models.Post.add(frame.data.pages[0], frame.options)`
			`.then((model) => {`
			`if (model.get('status') !== 'published') {`
			`this.headers.cacheInvalidate = false;`
			`} else {`
			`this.headers.cacheInvalidate = true;`
			`}`

			`return model;`
			`});`
			`}`
			`},`

			`edit: {`
			`headers: {},`
			`options: [`
			`'include',`
			`'id',`
Allowed `?formats` param in Admin API post+page create/edit requests no issue - `?formats` is useful when you want to get `html` back from the Admin API when creating/editing posts, otherwise you're forced to make a following `GET` request 2020-06-18 15:59:01 +03:00			`'formats',`
✨ Allowed pages to accept HTML as a source (#11422) refs https://github.com/TryGhost/Ghost/issues/10471 - Allow page resource endpoints to accept HTML source. This behavior is the same as the post's resource introduced with e9ecf70ff7372f395b8917340805148bc764e2ef - The functionality was most likely missed when post split into posts & pages was happening. - Added symmetric changes to API v2. 2020-01-08 19:44:34 +03:00			`'source',`
Allowed `?force_reload=true` through on pages edit endpoint refs https://github.com/TryGhost/Ghost/commit/008f86fc2973b97a3d60a40534efcb875edec7fa - same as posts. Related functionality to handle the query param exists on the Post model 2020-06-12 21:15:03 +03:00			`'force_rerender',`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`// NOTE: only for internal context`
			`'forUpdate',`
			`'transacting'`
			`],`
			`validation: {`
			`options: {`
			`include: {`
			`values: ALLOWED_INCLUDES`
			`},`
			`id: {`
			`required: true`
✨ Allowed pages to accept HTML as a source (#11422) refs https://github.com/TryGhost/Ghost/issues/10471 - Allow page resource endpoints to accept HTML source. This behavior is the same as the post's resource introduced with e9ecf70ff7372f395b8917340805148bc764e2ef - The functionality was most likely missed when post split into posts & pages was happening. - Added symmetric changes to API v2. 2020-01-08 19:44:34 +03:00			`},`
			`source: {`
			`values: ['html']`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`}`
			`}`
			`},`
			`permissions: {`
			`docName: 'posts',`
			`unsafeAttrs: UNSAFE_ATTRS`
			`},`
Refactored Pages API v3/canary controllers refs https://github.com/TryGhost/Team/issues/949 refs https://github.com/TryGhost/Ghost/commit/e64274bb45e948c52d6fbac564f609a24e33ce6e - This refactor is needed to bring the code in line with the rest of pages API controllers - Next step will extract shared code patterns into a separate module 2021-08-05 13:42:16 +03:00			`async query(frame) {`
			`const model = await models.Post.edit(frame.data.pages[0], frame.options);`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00
Refactored Pages API v3/canary controllers refs https://github.com/TryGhost/Team/issues/949 refs https://github.com/TryGhost/Ghost/commit/e64274bb45e948c52d6fbac564f609a24e33ce6e - This refactor is needed to bring the code in line with the rest of pages API controllers - Next step will extract shared code patterns into a separate module 2021-08-05 13:42:16 +03:00			`if (`
			`model.get('status') === 'published' && model.wasChanged() \|\|`
			`model.get('status') === 'draft' && model.previous('status') === 'published'`
			`) {`
			`this.headers.cacheInvalidate = true;`
			`} else if (`
			`model.get('status') === 'draft' && model.previous('status') !== 'published' \|\|`
			`model.get('status') === 'scheduled' && model.wasChanged()`
			`) {`
			`this.headers.cacheInvalidate = {`
			`value: urlUtils.urlFor({`
			`relativeUrl: urlUtils.urlJoin('/p', model.get('uuid'), '/')`
			`})`
			`};`
			`} else {`
			`this.headers.cacheInvalidate = false;`
			`}`

			`return model;`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`}`
			`},`

			`destroy: {`
			`statusCode: 204,`
			`headers: {`
			`cacheInvalidate: true`
			`},`
			`options: [`
			`'include',`
			`'id'`
			`],`
			`validation: {`
			`options: {`
			`include: {`
			`values: ALLOWED_INCLUDES`
			`},`
			`id: {`
			`required: true`
			`}`
			`}`
			`},`
			`permissions: {`
			`docName: 'posts',`
			`unsafeAttrs: UNSAFE_ATTRS`
			`},`
			`query(frame) {`
			`frame.options.require = true;`

			`return models.Post.destroy(frame.options)`
Replaced use of Bluebird return method from knex code no issue - Knex removed their use of several Bluebird methods, including `return` - our code used `return`, but mostly to return null after a destroy action - these uses have been replaced with `.then(() => null)` in order to continue returning null and to avoid breaking anything 2020-04-07 09:20:56 +03:00			`.then(() => null)`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`.catch(models.Post.NotFoundError, () => {`
Refactored `common` lib import to use destructuring (#11835) * refactored `core/frontend/apps` to destructure common imports * refactored `core/frontend/services/{apps, redirects, routing}` to destructure common imports * refactored `core/frontend/services/settings` to destructure common imports * refactored remaining `core/frontend/services` to destructure common imports * refactored `core/server/adapters` to destructure common imports * refactored `core/server/data/{db, exporter, schema, validation}` to destructure common imports * refactored `core/server/data/importer` to destructure common imports * refactored `core/server/models/{base, plugins, relations}` to destructure common imports * refactored remaining `core/server/models` to destructure common imports * refactored `core/server/api/canary/utils/serializers/output` to destructure common imports * refactored remaining `core/server/api/canary/utils` to destructure common imports * refactored remaining `core/server/api/canary` to destructure common imports * refactored `core/server/api/shared` to destructure common imports * refactored `core/server/api/v2/utils` to destructure common imports * refactored remaining `core/server/api/v2` to destructure common imports * refactored `core/frontend/meta` to destructure common imports * fixed some tests referencing `common.errors` instead of `@tryghost/errors` - Not all of them need to be updated; only updating the ones that are causing failures * fixed errors import being shadowed by local scope 2020-05-22 21:22:20 +03:00			`return Promise.reject(new errors.NotFoundError({`
			`message: i18n.t('errors.api.pages.pageNotFound')`
Returned Promise.reject instead of throwing error no issue - brings in line with other code changes 2020-04-13 13:20:51 +03:00			`}));`
💡 Added canary api endpoint no issue Adds new canary api endpoint, currently replicating v2 endpoint but paving way for future updates to new version 2019-08-09 17:11:24 +03:00			`});`
			`}`
			`}`
			`};`