Refs #4750
- Make "Feature" a Controller with promise support.
- Use via 'needs' instead of injecting from an initializer because
we need authenticated access to the API.
- Check whether feature is enabled when entering Code Injection route.
Closes#2092
- Adds styling for re-auth modal.
- Prevent transition to posts route on success.
- Clear credentials from controller.
- Handle confirmAccept action if form is submitted via 'enter'.
- Only allow re-auth as the user that was previously logged in.
closes#4485
- removes data attributes used on body in default.hbs
- introduces new way to generate configuration through meta tags
- config initializer consumes configurations from the meta tags using parser
- moves blog_title helper/value to be a property in a configuration api
- Every route can set a title token that is combined with the blog’s
title, resulting in titles like ‘Content - Test Blog’.
- Subroutes are supported (‘Settings - General - Test Blog’)
- The blog’s name is applied to and taken from the `config` object to
spare Ember a REST call via `store.find(‘settings’)`.
- Tests have been changed to test for the new titles.
- The initially proposed solution
(https://github.com/paddle8/ember-document-title) doesn’t play nice
with EAK, which is why I went with this solution
(https://gist.github.com/machty/8413411) by Ember.JS core dev @Machty.
closes#4260
- Adds "tags" route inside of the settings routes.
- Adds this route to router.js
- Links the route from the settings.hbs template
- Adds demo tags html in tag.hbs template
- Adds flag for tagsUI
closes#3758
- new API method to delete access and refresh token
- use new ember-simple-auth config to revoke tokens on logout
- new method to delete tokens by .. token
fixes#3724
- provide config.url to the ember client app via a data attribute
- create server and client side helpers to output the URL
- wire up the client side helper
- add a class for testing, and add tests for both the server and client side
Ref#3603
- Popover Buttons now have an `open` class applied to them when their popover is open
- The open class is removed from the popover button at the start of the popover's fadeout
- Consolidated common code into popover-mixin
Closes#3402, Closes#3428
-------------------
### Components
- Added GhostSelectComponent to handle async select creation (h/t @rwjblue)
- Added GhostRolesSelector (extends GhostSelect) for displaying user role options
- Created StoreInjector for surgically inserting the store into things that normally wouldn't have them.
### Users Settings
- InviteNewUserModal now uses GhostRolesSelector & defaults to Author
- The role dropdown for user settings has permissions set per 3402
### User Model
- Added `role` property as an interface to getting and setting `roles`
- Refactored anything that set `roles` to set `role`
- isAdmin, isAuthor, isOwner and isEditor are all keyed off of `role` now
### Tests
- Added functional tests for Settings.Users
- updated settings.users and settings.users.user screens
- fix spacing on screens
### Server Fixtures
- Fixed owner fixture's roles
closes#3162
- removes injection of user object in application route's beforeModel
- removes injection/cleanup of user object in signedIn/signedOut actions
- removes loading of user and passing to signedIn action in signup/setup controllers
- adds 'user' property to session object
- updates header nav to reference session.user
- sets model of settings/user route to session.user and forces reload
- on leaving settings/user, rollback any unsaved changes
closes#2759closes#3027
- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based
Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125
**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
closes#3012
- Inject notification object into router
- Listen to didTransition / observe currentPath to close notifications
- Close notifications on successful save actions
fixes#3031
- Adds an initializer for passing config to the frontend, it's not pretty but it works
- Forwards the apps route and hides the apps menu item if apps:true is not present in config.js
Closes#2988, #2752
Ref #1463, #2984,
# Shortcuts via Keymaster
- Added KeyMaster to bower dependencies. KeyMaster is a minimal keyboard
shortcuts library.
- Added `ShortcutsRouteMixin` for routes that will use shortcuts.
Currently, only routes can have shortcuts. See the extensive comment
at the top of `core/client/mixins/shortcuts-route.js` for a
description of how to implement shortcuts.
## Other Changes
- Injected popover service into ApplicationRoute
- Created `EditorRouteBase` mixin for the `editor.new` and
`editor.edit` routes to mixin.
- `StyleBodyMixin` now calls `this._super()` on `activate` and
`deactivate` to play nicely with other mixins.
## Shortcuts and Stubs implemented
#### Application-Wide
- `'esc':'closePopups'` shortcut **stub** to close popovers,
modals, and notifcations
#### Editor Shortcuts
- `'ctrl+s, command+s': 'save'` note that `command` is the
`meta` key.
- `'ctrl+alt+p': 'publish'`
- `'ctrl+alt+z': 'toggleZenMode'`
Previously, the exports were somewhat random with some files declaring
local variables then immediately exporting them, and others simply
doing the work needed in the export itself.
No issue
-inject popover:service into modal component delete post
controller so popover close can be triggered as part of
the delete action
-remove unnecessary 'needs' from the delete post controller
Closes#2418, #2714
Ref #2446, #2565
- Added and injected `popover` service to globally control popovers
- Added `gh-popover-button` component
- Added `popover-mixin` for popover and popover-buttons to mixin
- Added body-event-listener mixin for popover service to watch for body
clicks with
- Post settings and post save button both now use `gh-popover`
- Added hacks to `ember-hacks.css` to make popovers work until ghost-ui
consolidates functionality
Ref #2699
- Introduce ember data dependency
- Add loadInitializers and refactor most initializers into one combined
- Add Post ember data model
- Refactor generateSlug to use title of post and ghostPaths
- Refactor post controller to not reference model.property everywhere
- Use RESTAdapter for posts, users and tags
- Setup author and tag relations in Post model
- Fix broken API calls by adding CSRF header
- Add initiaizer for csrf value
- Use actual User model for current user initializer
- Add action for setting featured post, test with actual api call
- Fix the sending of UUID's up to the server
- Refactor current-user to use ember-data store
- If a user is preloaded in the application, use pushPayload to put it
in the store
- Do a lookup on the store to get an actual User model for injection
- Fix posts/post controllerName in route/new.js
- Alter signup process to push user into ember data store
No Issue
- Move the ghostPaths from base model to utils
- Add initializer that injects it into every route, model and controller
- Add a adminUrl and apiUrl helper method
Ref #2413
- Remove fixture and use actual API
- Store and send down actual logged in user data
- Refactor isLoggedIn to use computed property on application
- After signin, update user data in dependency container
- Add CSRF to all routes and controllers via initializer
- Update authenticated route to check for user.isLoggedIn
- Add notifications for signin error
- Add notifications.showAPIError helper
- Add plumbing for refreshless signup to doSignUp in admin controller
addresses #2422
- creates settings user controller
- creates user model object
- updates user fixture to be compatible with user model
- updates settings/user template
- add validator to Ember Admin
- use validator to validate user model is valid
- add mock response to /users/me/ path
- creates models/base file for all models to inherit from
- add mock response to /ghost/changepw/ path
* Adding **user fixtures** for signin
* Adds an initializer for the **current logged in user**.
The created singleton object is injected into all controllers + routes.
It can be used inside routes + controllers with this.get('user').
For simple development the object is instanciated with a userFixture.
Once a proper login and api mock is in place, the fixture needs to be removed.
* Added **route 'login'** on url '/ghost/ember/signin'
* Added authenticated route with an error hook that redirects to the login route, if status 401 (unauthorized) is returned from REST API.
* All "secure" routes now extend from authenticated route
* Add /ghost/ember to noAuthNeeded routes in middleware
