closes#2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
Ref #2061
- Add canThis permission checks to settings api calls
- Add strict rules about accessing core settings without internal: true
- Omit core settings in browse() call unless internal: true
- Update unit tests to call api.settings with contexts
- Add a couple unit tests for new scenarios
- Update all api.settings calls in the app to call with internal context
- Re-arrange permissions.init in server startup so config.theme.update
can access settings without permissions error
Closes#2606
- Refactor settings api responses to { settings: [ ] } format
- Update all code using api.settings to handle new response format
- Update test stubs to return new format
- Update client site settings model to parse new format into one object of key/value pairs
- Refactor to include all setting values
- Remove unused settingsCollection method
- Update settingsCache to store all attributes
- Update settingsResult to send all attributes
- Remove unnecessary when() wraps
- Reject if editing a setting that doesn't exist
- Reject earlier if setting key is empty
- Update tests with new error messages
- Use setting.add instead of edit that was incorrectly adding
- Update importer to properly import activePlugins and installedPlugins
- Update expected setting result fields
- Fix a weird situation where hasOwnProperty didn't exist 🤷
Ref #2059
- Refactor appProxy into class that is instantiated per App
- Check for permissions before doing proxied filter/helper calls
- Add all currently existing api methods, let api check for permissions
- Basic unit tests for filter and helper register/deregister
- Adjusted proxy api method existence unit tests
closes#2058
- fixed apiContext as suggested in the issue
- added user to options object for models
- added api.users.register() for public registration
- changed models to use options.user for created_by, updated_by,
author_id and published_by
- added override to session model to avoid created_by and updated_by
values
- added user (id: 1) to tests
- added user (id: 1) for registration
- added user (id: 1) for import, fixtures and default settings
- added user (id: 1) for user update
- added user (id: 1) for settings update (dbHash, installedApps, update
check)
- updated bookshelf to version 0.6.8
Progress on #2095
- Add new AppPermissions class with read() method
- has default permissions to read and browse posts
- uses default permissions if no package.json
- uses default permissions if no ghost object in package.json
- errors when reading malformed package.json
- uses ghost.permissions if found in package.json
first 10 % of #2124
- added initial version of JSON API tests
- renamed error.errorCode to error.code
- renamed tags.all to tags.browse for consistency
addresses #1789, #1364
- Moves ./core/server/loader -> ./core/bootstrap.
The bootstrap file is only accessed once during startup,
and it’s sole job is to ensure a config.js file exists
(creating one if it doesn’t) and then validates
the contents of the config file.
Since this is directly related to the initializing
the application is is appropriate to have
it in the ./core folder, named bootstrap as that
is what it does.
This also improves the dependency graph, as now
the bootstrap file require’s the ./core/server/config
module and is responsible for passing in the validated
config file.
Whereas before we had ./core/server/config
require’ing ./core/server/loader and running its
init code and then passing that value back to itself,
the flow is now more straight forward of
./core/bootstrap handling initialization and then
instatiation of config module
- Merges ./core/server/config/paths into
./core/server/config
This flow was always confusing me to that some config
options were on the config object, and some were on
the paths object.
This change now incorporates all of the variables
previously defined in config/paths directly
into the config module, and in extension,
the config.js file.
This means that you now have the option of deciding
at startup where the content directory for ghost
should reside.
- broke out loader tests in config_spec to bootstrap_spec
- updated all relevant files to now use config().paths
- moved urlFor and urlForPost function into
./server/config/url.js