closes#6629
- i had the case that in gravatar process.env.NODE_ENV was undefined and indexOf of undefined crashe my application
- so always use config to read current env
refs #6413
- PUT endpoint to publish a post/page for the scheduler
- fn endpoint to get all scheduled posts (with from/to query params) for the scheduler
- hardcoded permission handling for scheduler client
- fix event bug: unscheduled
- basic structure for scheduling
- post scheduling basics
- offer easy option to change adapter
- integrate the default scheduler adapter
- update scheduled posts when blog TZ changes
- safety check before scheduler can publish a post (not allowed to publish in the future or past)
- add force flag to allow publishing in the past
- invalidate cache header for /schedules/posts/:id
refs #6301
- Move secret generation logic to the model defaults, so there's no need to handle this in fixtures
- Tested upgrades from 003 & fresh installs -> all is well
fixes#3275, fixes#3290, ref #3086, ref #3084
- Ensure that we use the current logged in user and not just user 1 when
- removing hard coded user: 1 except where absolutely necessary
- passing context, rather than user to models
- base model has a new function to determine what id to use for created_by etc
Refs #2170
This removes the circular dependency problem from our models thanks to
https://github.com/tgriesser/bookshelf/issues/181
- add the registry plugin
- switch all models and collections to be registered
- switch relationships to be defined using a string, which calls from the registry
closes#2759closes#3027
- added oauth2orize library for server side oAuth handling
- added ember-simple-auth library for admin oAuth handling
- added tables for client, accesstoken and refreshtoken
- implemented RFC6749 4.3 Ressouce Owner Password Credentials Grant
- updated api tests with oAuth
- removed session, authentication is now token based
Known issues:
- Restore spam prevention #3128
- Signin after Signup #3125
- Signin validation #3125
**Attention**
- oldClient doesn't work with this PR anymore, session authentication
was
removed
