2017-11-21 14:28:05 +01:00
|
|
|
'use strict';
|
|
|
|
|
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
// # Post Model
|
2017-11-21 14:28:05 +01:00
|
|
|
var _ = require('lodash'),
|
|
|
|
|
uuid = require('uuid'),
|
|
|
|
|
moment = require('moment'),
|
|
|
|
|
Promise = require('bluebird'),
|
|
|
|
|
ObjectId = require('bson-objectid'),
|
2017-12-13 22:20:02 +01:00
|
|
|
sequence = require('../lib/promise/sequence'),
|
2017-12-11 22:47:46 +01:00
|
|
|
common = require('../lib/common'),
|
2017-11-21 14:28:05 +01:00
|
|
|
htmlToText = require('html-to-text'),
|
|
|
|
|
ghostBookshelf = require('./base'),
|
|
|
|
|
config = require('../config'),
|
2017-12-14 15:44:01 +01:00
|
|
|
converters = require('../lib/mobiledoc/converters'),
|
2017-12-11 19:14:05 +01:00
|
|
|
urlService = require('../services/url'),
|
2014-02-19 14:57:26 +01:00
|
|
|
Post,
|
2014-02-21 22:54:56 +01:00
|
|
|
Posts;
|
2013-06-25 12:43:15 +01:00
|
|
|
|
2013-09-22 18:20:08 -04:00
|
|
|
Post = ghostBookshelf.Model.extend({
|
2013-06-25 12:43:15 +01:00
|
|
|
|
|
|
|
|
tableName: 'posts',
|
|
|
|
|
|
2018-02-16 00:49:15 +01:00
|
|
|
/**
|
|
|
|
|
* ## NOTE:
|
|
|
|
|
* We define the defaults on the schema (db) and model level.
|
|
|
|
|
* When inserting resources, the defaults are available **after** calling `.save`.
|
|
|
|
|
* But they are available when the model hooks are triggered (e.g. onSaving).
|
|
|
|
|
* It might be useful to keep them in the model layer for any connected logic.
|
|
|
|
|
*
|
|
|
|
|
* e.g. if `model.get('status') === draft; do something;
|
|
|
|
|
*/
|
|
|
|
|
defaults: function defaults() {
|
|
|
|
|
return {
|
|
|
|
|
uuid: uuid.v4(),
|
|
|
|
|
status: 'draft'
|
|
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
relationships: ['tags'],
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* The base model keeps only the columns, which are defined in the schema.
|
|
|
|
|
* We have to add the relations on top, otherwise bookshelf-relations
|
|
|
|
|
* has no access to the nested relations, which should be updated.
|
|
|
|
|
*/
|
|
|
|
|
permittedAttributes: function permittedAttributes() {
|
|
|
|
|
let filteredKeys = ghostBookshelf.Model.prototype.permittedAttributes.apply(this, arguments);
|
|
|
|
|
|
|
|
|
|
this.relationships.forEach((key) => {
|
|
|
|
|
filteredKeys.push(key);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return filteredKeys;
|
|
|
|
|
},
|
|
|
|
|
|
2017-05-22 10:24:59 +02:00
|
|
|
emitChange: function emitChange(event, options) {
|
|
|
|
|
options = options || {};
|
|
|
|
|
|
2015-03-24 22:23:23 +02:00
|
|
|
var resourceType = this.get('page') ? 'page' : 'post';
|
2017-05-22 10:24:59 +02:00
|
|
|
|
|
|
|
|
if (options.usePreviousResourceType) {
|
2015-03-24 22:23:23 +02:00
|
|
|
resourceType = this.updated('page') ? 'page' : 'post';
|
|
|
|
|
}
|
2017-01-25 14:47:49 +01:00
|
|
|
|
2017-12-11 22:47:46 +01:00
|
|
|
common.events.emit(resourceType + '.' + event, this, options);
|
2015-03-24 22:23:23 +02:00
|
|
|
},
|
|
|
|
|
|
2017-04-19 15:53:23 +02:00
|
|
|
/**
|
|
|
|
|
* We update the tags after the Post was inserted.
|
|
|
|
|
* We update the tags before the Post was updated, see `onSaving` event.
|
|
|
|
|
* `onCreated` is called before `onSaved`.
|
|
|
|
|
*/
|
|
|
|
|
onCreated: function onCreated(model, response, options) {
|
2016-10-14 14:37:01 +02:00
|
|
|
var status = model.get('status');
|
2017-04-19 15:53:23 +02:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
model.emitChange('added');
|
2014-04-27 18:58:34 +02:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
if (['published', 'scheduled'].indexOf(status) !== -1) {
|
2017-05-22 10:24:59 +02:00
|
|
|
model.emitChange(status, {importing: options.importing});
|
2016-10-14 14:37:01 +02:00
|
|
|
}
|
2017-04-19 15:53:23 +02:00
|
|
|
},
|
|
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
onUpdated: function onUpdated(model) {
|
|
|
|
|
model.statusChanging = model.get('status') !== model.updated('status');
|
|
|
|
|
model.isPublished = model.get('status') === 'published';
|
|
|
|
|
model.isScheduled = model.get('status') === 'scheduled';
|
|
|
|
|
model.wasPublished = model.updated('status') === 'published';
|
|
|
|
|
model.wasScheduled = model.updated('status') === 'scheduled';
|
|
|
|
|
model.resourceTypeChanging = model.get('page') !== model.updated('page');
|
|
|
|
|
model.publishedAtHasChanged = model.hasDateChanged('published_at');
|
|
|
|
|
model.needsReschedule = model.publishedAtHasChanged && model.isScheduled;
|
|
|
|
|
|
|
|
|
|
// Handle added and deleted for post -> page or page -> post
|
|
|
|
|
if (model.resourceTypeChanging) {
|
|
|
|
|
if (model.wasPublished) {
|
2017-05-22 10:24:59 +02:00
|
|
|
model.emitChange('unpublished', {usePreviousResourceType: true});
|
2016-10-14 14:37:01 +02:00
|
|
|
}
|
2016-04-14 13:22:38 +02:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
if (model.wasScheduled) {
|
2017-05-22 10:24:59 +02:00
|
|
|
model.emitChange('unscheduled', {usePreviousResourceType: true});
|
2016-10-14 14:37:01 +02:00
|
|
|
}
|
|
|
|
|
|
2017-05-22 10:24:59 +02:00
|
|
|
model.emitChange('deleted', {usePreviousResourceType: true});
|
2015-03-24 22:23:23 +02:00
|
|
|
model.emitChange('added');
|
|
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
if (model.isPublished) {
|
|
|
|
|
model.emitChange('published');
|
2014-10-27 19:41:18 -05:00
|
|
|
}
|
2015-03-24 22:23:23 +02:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
if (model.isScheduled) {
|
|
|
|
|
model.emitChange('scheduled');
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (model.statusChanging) {
|
|
|
|
|
// CASE: was published before and is now e.q. draft or scheduled
|
|
|
|
|
if (model.wasPublished) {
|
|
|
|
|
model.emitChange('unpublished');
|
2016-04-14 13:22:38 +02:00
|
|
|
}
|
|
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
// CASE: was draft or scheduled before and is now e.q. published
|
2015-03-24 22:23:23 +02:00
|
|
|
if (model.isPublished) {
|
|
|
|
|
model.emitChange('published');
|
|
|
|
|
}
|
2016-04-14 13:22:38 +02:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
// CASE: was draft or published before and is now e.q. scheduled
|
2016-04-14 13:22:38 +02:00
|
|
|
if (model.isScheduled) {
|
|
|
|
|
model.emitChange('scheduled');
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
// CASE: from scheduled to something
|
|
|
|
|
if (model.wasScheduled && !model.isScheduled && !model.isPublished) {
|
|
|
|
|
model.emitChange('unscheduled');
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (model.isPublished) {
|
|
|
|
|
model.emitChange('published.edited');
|
2015-03-24 22:23:23 +02:00
|
|
|
}
|
|
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
if (model.needsReschedule) {
|
|
|
|
|
model.emitChange('rescheduled');
|
|
|
|
|
}
|
2014-10-27 19:41:18 -05:00
|
|
|
}
|
2015-03-24 22:23:23 +02:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
// Fire edited if this wasn't a change between resourceType
|
|
|
|
|
model.emitChange('edited');
|
|
|
|
|
}
|
|
|
|
|
},
|
2016-09-19 15:45:36 +02:00
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
onDestroying: function onDestroying(model) {
|
|
|
|
|
if (model.previous('status') === 'published') {
|
|
|
|
|
model.emitChange('unpublished');
|
|
|
|
|
}
|
2016-10-14 14:37:01 +02:00
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
model.emitChange('deleted');
|
2013-08-20 19:52:44 +01:00
|
|
|
},
|
|
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
onSaving: function onSaving(model, attr, options) {
|
2016-04-14 13:22:38 +02:00
|
|
|
options = options || {};
|
|
|
|
|
|
2014-03-24 19:08:06 +01:00
|
|
|
var self = this,
|
2015-10-27 12:15:09 +01:00
|
|
|
title,
|
2016-03-23 06:17:01 -07:00
|
|
|
i,
|
|
|
|
|
// Variables to make the slug checking more readable
|
2017-11-21 14:28:05 +01:00
|
|
|
newTitle = this.get('title'),
|
|
|
|
|
newStatus = this.get('status'),
|
2016-05-19 13:49:22 +02:00
|
|
|
olderStatus = this.previous('status'),
|
2017-11-21 14:28:05 +01:00
|
|
|
prevTitle = this._previousAttributes.title,
|
|
|
|
|
prevSlug = this._previousAttributes.slug,
|
2016-06-02 18:11:54 +01:00
|
|
|
publishedAt = this.get('published_at'),
|
2017-04-06 18:49:59 +02:00
|
|
|
publishedAtHasChanged = this.hasDateChanged('published_at', {beforeWrite: true}),
|
2017-11-21 14:28:05 +01:00
|
|
|
mobiledoc = this.get('mobiledoc'),
|
|
|
|
|
tagsToSave,
|
|
|
|
|
ops = [];
|
2013-08-25 11:49:31 +01:00
|
|
|
|
2016-05-19 13:49:22 +02:00
|
|
|
// CASE: disallow published -> scheduled
|
|
|
|
|
// @TODO: remove when we have versioning based on updated_at
|
|
|
|
|
if (newStatus !== olderStatus && newStatus === 'scheduled' && olderStatus === 'published') {
|
2017-12-11 22:47:46 +01:00
|
|
|
return Promise.reject(new common.errors.ValidationError({
|
|
|
|
|
message: common.i18n.t('errors.models.post.isAlreadyPublished', {key: 'status'})
|
2016-10-06 14:27:35 +02:00
|
|
|
}));
|
2016-05-19 13:49:22 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// CASE: both page and post can get scheduled
|
2016-04-14 13:22:38 +02:00
|
|
|
if (newStatus === 'scheduled') {
|
|
|
|
|
if (!publishedAt) {
|
2017-12-11 22:47:46 +01:00
|
|
|
return Promise.reject(new common.errors.ValidationError({
|
|
|
|
|
message: common.i18n.t('errors.models.post.valueCannotBeBlank', {key: 'published_at'})
|
2016-10-06 14:27:35 +02:00
|
|
|
}));
|
2016-04-14 13:22:38 +02:00
|
|
|
} else if (!moment(publishedAt).isValid()) {
|
2017-12-11 22:47:46 +01:00
|
|
|
return Promise.reject(new common.errors.ValidationError({
|
|
|
|
|
message: common.i18n.t('errors.models.post.valueCannotBeBlank', {key: 'published_at'})
|
2016-10-06 14:27:35 +02:00
|
|
|
}));
|
2017-12-11 22:47:46 +01:00
|
|
|
// CASE: to schedule/reschedule a post, a minimum diff of x minutes is needed (default configured is 2minutes)
|
2017-05-12 14:56:40 +02:00
|
|
|
} else if (
|
|
|
|
|
publishedAtHasChanged &&
|
|
|
|
|
moment(publishedAt).isBefore(moment().add(config.get('times').cannotScheduleAPostBeforeInMinutes, 'minutes')) &&
|
|
|
|
|
!options.importing
|
|
|
|
|
) {
|
2017-12-11 22:47:46 +01:00
|
|
|
return Promise.reject(new common.errors.ValidationError({
|
|
|
|
|
message: common.i18n.t('errors.models.post.expectedPublishedAtInFuture', {
|
2016-09-13 17:41:14 +02:00
|
|
|
cannotScheduleAPostBeforeInMinutes: config.get('times').cannotScheduleAPostBeforeInMinutes
|
2016-05-19 13:49:22 +02:00
|
|
|
})
|
2016-10-06 14:27:35 +02:00
|
|
|
}));
|
2016-04-14 13:22:38 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
// CASE: detect lowercase/uppercase tag slugs
|
|
|
|
|
if (!_.isUndefined(this.get('tags')) && !_.isNull(this.get('tags'))) {
|
|
|
|
|
tagsToSave = [];
|
|
|
|
|
|
2016-06-02 18:11:54 +01:00
|
|
|
// and deduplicate upper/lowercase tags
|
2017-11-21 14:28:05 +01:00
|
|
|
_.each(this.get('tags'), function each(item) {
|
|
|
|
|
for (i = 0; i < tagsToSave.length; i = i + 1) {
|
2018-01-28 18:58:37 +01:00
|
|
|
if (tagsToSave[i].name && item.name && tagsToSave[i].name.toLocaleLowerCase() === item.name.toLocaleLowerCase()) {
|
2016-06-02 18:11:54 +01:00
|
|
|
return;
|
|
|
|
|
}
|
2014-03-24 19:08:06 +01:00
|
|
|
}
|
2014-05-23 19:32:14 +00:00
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
tagsToSave.push(item);
|
2016-06-02 18:11:54 +01:00
|
|
|
});
|
|
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
this.set('tags', tagsToSave);
|
2016-06-02 18:11:54 +01:00
|
|
|
}
|
2014-02-19 14:57:26 +01:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
ghostBookshelf.Model.prototype.onSaving.call(this, model, attr, options);
|
2013-08-25 11:49:31 +01:00
|
|
|
|
2016-09-27 02:23:49 +13:00
|
|
|
if (mobiledoc) {
|
2017-12-14 15:44:01 +01:00
|
|
|
this.set('html', converters.mobiledocConverter.render(JSON.parse(mobiledoc)));
|
2016-09-27 02:23:49 +13:00
|
|
|
}
|
2017-04-11 09:55:36 +01:00
|
|
|
|
replace custom showdown fork with markdown-it (#8451)
refs https://github.com/TryGhost/Ghost-Admin/pull/690, closes #1501, closes #2093, closes #4592, closes #4627, closes #4659, closes #5039, closes #5237, closes #5587, closes #5625, closes #5632, closes #5822, closes #5939, closes #6840, closes #7183, closes #7536
- replace custom showdown fork with markdown-it
- swaps showdown for markdown-it when rendering markdown
- match existing header ID behaviour
- allow headers without a space after the #s
- add duplicate header ID handling
- remove legacy markdown spec
- move markdown-it setup into markdown-converter util
- update mobiledoc specs to match markdown-it newline behaviour
- update data-generator HTML to match markdown-it newline behaviour
- fix Post "converts html to plaintext" test
- update rss spec to match markdown-it newline behaviour
- close almost all related showdown bugs
2017-05-15 17:48:14 +01:00
|
|
|
if (this.hasChanged('html') || !this.get('plaintext')) {
|
2017-04-11 09:55:36 +01:00
|
|
|
this.set('plaintext', htmlToText.fromString(this.get('html'), {
|
|
|
|
|
wordwrap: 80,
|
|
|
|
|
ignoreImage: true,
|
|
|
|
|
hideLinkHrefIfSameAsText: true,
|
|
|
|
|
preserveNewlines: true,
|
|
|
|
|
returnDomByDefault: true,
|
|
|
|
|
uppercaseHeadings: false
|
|
|
|
|
}));
|
|
|
|
|
}
|
2013-06-01 10:47:41 -04:00
|
|
|
|
2014-01-06 20:17:20 +00:00
|
|
|
// disabling sanitization until we can implement a better version
|
2017-05-23 18:18:13 +02:00
|
|
|
if (!options.importing) {
|
2017-12-11 22:47:46 +01:00
|
|
|
title = this.get('title') || common.i18n.t('errors.models.post.untitled');
|
2017-05-23 18:18:13 +02:00
|
|
|
this.set('title', _.toString(title).trim());
|
|
|
|
|
}
|
2013-08-29 23:18:55 -05:00
|
|
|
|
2015-09-25 17:11:22 +01:00
|
|
|
// ### Business logic for published_at and published_by
|
|
|
|
|
// If the current status is 'published' and published_at is not set, set it to now
|
2016-04-14 13:22:38 +02:00
|
|
|
if (newStatus === 'published' && !publishedAt) {
|
2015-09-25 17:11:22 +01:00
|
|
|
this.set('published_at', new Date());
|
|
|
|
|
}
|
2015-02-21 22:04:00 +01:00
|
|
|
|
2015-09-25 17:11:22 +01:00
|
|
|
// If the current status is 'published' and the status has just changed ensure published_by is set correctly
|
2016-04-14 13:22:38 +02:00
|
|
|
if (newStatus === 'published' && this.hasChanged('status')) {
|
2015-02-21 22:04:00 +01:00
|
|
|
// unless published_by is set and we're importing, set published_by to contextUser
|
|
|
|
|
if (!(this.get('published_by') && options.importing)) {
|
2014-08-09 20:16:54 +01:00
|
|
|
this.set('published_by', this.contextUser(options));
|
|
|
|
|
}
|
2015-09-25 17:11:22 +01:00
|
|
|
} else {
|
|
|
|
|
// In any other case (except import), `published_by` should not be changed
|
|
|
|
|
if (this.hasChanged('published_by') && !options.importing) {
|
|
|
|
|
this.set('published_by', this.previous('published_by'));
|
|
|
|
|
}
|
2013-06-25 12:43:15 +01:00
|
|
|
}
|
2013-06-15 12:11:15 -04:00
|
|
|
|
2016-03-23 06:17:01 -07:00
|
|
|
// If a title is set, not the same as the old title, a draft post, and has never been published
|
2016-04-14 13:22:38 +02:00
|
|
|
if (prevTitle !== undefined && newTitle !== prevTitle && newStatus === 'draft' && !publishedAt) {
|
2017-04-19 15:53:23 +02:00
|
|
|
ops.push(function updateSlug() {
|
|
|
|
|
// Pass the new slug through the generator to strip illegal characters, detect duplicates
|
|
|
|
|
return ghostBookshelf.Model.generateSlug(Post, self.get('title'),
|
2015-09-23 11:54:56 +01:00
|
|
|
{status: 'all', transacting: options.transacting, importing: options.importing})
|
2017-04-19 15:53:23 +02:00
|
|
|
.then(function then(slug) {
|
|
|
|
|
// After the new slug is found, do another generate for the old title to compare it to the old slug
|
|
|
|
|
return ghostBookshelf.Model.generateSlug(Post, prevTitle,
|
|
|
|
|
{status: 'all', transacting: options.transacting, importing: options.importing}
|
|
|
|
|
).then(function then(prevTitleSlug) {
|
|
|
|
|
// If the old slug is the same as the slug that was generated from the old title
|
|
|
|
|
// then set a new slug. If it is not the same, means was set by the user
|
|
|
|
|
if (prevTitleSlug === prevSlug) {
|
|
|
|
|
self.set({slug: slug});
|
|
|
|
|
}
|
|
|
|
|
});
|
2016-03-23 06:17:01 -07:00
|
|
|
});
|
2017-04-19 15:53:23 +02:00
|
|
|
});
|
2016-03-23 06:17:01 -07:00
|
|
|
} else {
|
2017-04-19 15:53:23 +02:00
|
|
|
ops.push(function updateSlug() {
|
|
|
|
|
// If any of the attributes above were false, set initial slug and check to see if slug was changed by the user
|
|
|
|
|
if (self.hasChanged('slug') || !self.get('slug')) {
|
|
|
|
|
// Pass the new slug through the generator to strip illegal characters, detect duplicates
|
|
|
|
|
return ghostBookshelf.Model.generateSlug(Post, self.get('slug') || self.get('title'),
|
2016-03-23 06:17:01 -07:00
|
|
|
{status: 'all', transacting: options.transacting, importing: options.importing})
|
2017-04-19 15:53:23 +02:00
|
|
|
.then(function then(slug) {
|
|
|
|
|
self.set({slug: slug});
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Promise.resolve();
|
|
|
|
|
});
|
2013-09-14 20:01:46 +01:00
|
|
|
}
|
2017-04-19 15:53:23 +02:00
|
|
|
|
|
|
|
|
return sequence(ops);
|
2013-06-25 12:43:15 +01:00
|
|
|
},
|
2013-06-01 10:47:41 -04:00
|
|
|
|
2018-03-05 15:10:27 +07:00
|
|
|
emptyStringProperties: function emptyStringProperties() {
|
|
|
|
|
// CASE: the client might send empty image properties with "" instead of setting them to null.
|
|
|
|
|
// This can cause GQL to fail. We therefore enforce 'null' for empty image properties.
|
|
|
|
|
// See https://github.com/TryGhost/GQL/issues/24
|
|
|
|
|
return ['feature_image', 'og_image', 'twitter_image'];
|
|
|
|
|
},
|
|
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
onCreating: function onCreating(model, attr, options) {
|
2014-04-03 15:03:09 +02:00
|
|
|
options = options || {};
|
2013-06-17 23:59:08 +01:00
|
|
|
|
2014-02-19 14:57:26 +01:00
|
|
|
// set any dynamic default properties
|
2013-06-25 12:43:15 +01:00
|
|
|
if (!this.get('author_id')) {
|
2014-07-15 12:03:12 +01:00
|
|
|
this.set('author_id', this.contextUser(options));
|
2013-06-25 12:43:15 +01:00
|
|
|
}
|
2013-06-25 20:42:51 -05:00
|
|
|
|
2016-10-14 14:37:01 +02:00
|
|
|
ghostBookshelf.Model.prototype.onCreating.call(this, model, attr, options);
|
2013-06-25 12:43:15 +01:00
|
|
|
},
|
2013-06-01 10:47:41 -04:00
|
|
|
|
2013-08-21 13:55:58 +01:00
|
|
|
// Relations
|
2015-06-24 10:00:24 +01:00
|
|
|
author: function author() {
|
2014-07-13 12:17:18 +01:00
|
|
|
return this.belongsTo('User', 'author_id');
|
2013-08-21 13:55:58 +01:00
|
|
|
},
|
|
|
|
|
|
2015-06-14 16:58:49 +01:00
|
|
|
created_by: function createdBy() {
|
2014-07-13 12:17:18 +01:00
|
|
|
return this.belongsTo('User', 'created_by');
|
2014-04-27 18:58:34 +02:00
|
|
|
},
|
|
|
|
|
|
2015-06-14 16:58:49 +01:00
|
|
|
updated_by: function updatedBy() {
|
2014-07-13 12:17:18 +01:00
|
|
|
return this.belongsTo('User', 'updated_by');
|
2014-04-27 18:58:34 +02:00
|
|
|
},
|
|
|
|
|
|
2015-06-14 16:58:49 +01:00
|
|
|
published_by: function publishedBy() {
|
2014-07-13 12:17:18 +01:00
|
|
|
return this.belongsTo('User', 'published_by');
|
2014-04-27 18:58:34 +02:00
|
|
|
},
|
|
|
|
|
|
2015-06-14 16:58:49 +01:00
|
|
|
tags: function tags() {
|
2018-02-20 08:49:00 +01:00
|
|
|
return this.belongsToMany('Tag', 'posts_tags', 'post_id', 'tag_id')
|
|
|
|
|
.withPivot('sort_order')
|
|
|
|
|
.query('orderBy', 'sort_order', 'ASC');
|
2014-02-24 20:28:18 +00:00
|
|
|
},
|
|
|
|
|
|
2015-06-14 16:58:49 +01:00
|
|
|
fields: function fields() {
|
2014-07-13 12:17:18 +01:00
|
|
|
return this.morphMany('AppField', 'relatable');
|
2014-04-21 18:08:11 -07:00
|
|
|
},
|
|
|
|
|
|
2016-07-18 14:21:47 -06:00
|
|
|
defaultColumnsToFetch: function defaultColumnsToFetch() {
|
|
|
|
|
return ['id', 'published_at', 'slug', 'author_id'];
|
|
|
|
|
},
|
2017-05-30 11:40:39 +01:00
|
|
|
/**
|
|
|
|
|
* If the `formats` option is not used, we return `html` be default.
|
|
|
|
|
* Otherwise we return what is requested e.g. `?formats=mobiledoc,plaintext`
|
|
|
|
|
*/
|
|
|
|
|
formatsToJSON: function formatsToJSON(attrs, options) {
|
|
|
|
|
var defaultFormats = ['html'],
|
|
|
|
|
formatsToKeep = options.formats || defaultFormats;
|
|
|
|
|
|
|
|
|
|
// Iterate over all known formats, and if they are not in the keep list, remove them
|
|
|
|
|
_.each(Post.allowedFormats, function (format) {
|
|
|
|
|
if (formatsToKeep.indexOf(format) === -1) {
|
|
|
|
|
delete attrs[format];
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
return attrs;
|
|
|
|
|
},
|
2016-07-18 14:21:47 -06:00
|
|
|
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
toJSON: function toJSON(unfilteredOptions) {
|
|
|
|
|
var options = Post.filterOptions(unfilteredOptions, 'toJSON'),
|
|
|
|
|
attrs = ghostBookshelf.Model.prototype.toJSON.call(this, options),
|
2017-07-27 11:55:23 +04:00
|
|
|
oldPostId = attrs.amp,
|
|
|
|
|
commentId;
|
2014-04-21 18:08:11 -07:00
|
|
|
|
2017-05-30 11:40:39 +01:00
|
|
|
attrs = this.formatsToJSON(attrs, options);
|
|
|
|
|
|
2015-07-04 19:27:23 +01:00
|
|
|
if (!options.columns || (options.columns && options.columns.indexOf('author') > -1)) {
|
|
|
|
|
attrs.author = attrs.author || attrs.author_id;
|
|
|
|
|
delete attrs.author_id;
|
|
|
|
|
}
|
2017-07-31 13:00:03 +04:00
|
|
|
// If the current column settings allow it...
|
|
|
|
|
if (!options.columns || (options.columns && options.columns.indexOf('primary_tag') > -1)) {
|
2017-08-24 13:07:19 +01:00
|
|
|
// ... attach a computed property of primary_tag which is the first tag if it is public, else null
|
|
|
|
|
if (attrs.tags && attrs.tags.length > 0 && attrs.tags[0].visibility === 'public') {
|
|
|
|
|
attrs.primary_tag = attrs.tags[0];
|
|
|
|
|
} else {
|
|
|
|
|
attrs.primary_tag = null;
|
|
|
|
|
}
|
2017-07-31 13:00:03 +04:00
|
|
|
}
|
2015-07-04 19:27:23 +01:00
|
|
|
|
|
|
|
|
if (!options.columns || (options.columns && options.columns.indexOf('url') > -1)) {
|
2017-12-11 19:14:05 +01:00
|
|
|
attrs.url = urlService.utils.urlPathForPost(attrs);
|
2015-07-04 19:27:23 +01:00
|
|
|
}
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
|
2017-07-27 11:55:23 +04:00
|
|
|
if (oldPostId) {
|
2017-09-12 17:03:47 +02:00
|
|
|
// CASE: You create a new post on 1.X, you enable disqus. You export your content, you import your content on a different instance.
|
|
|
|
|
// This time, the importer remembers your old post id in the amp field as ObjectId.
|
|
|
|
|
if (ObjectId.isValid(oldPostId)) {
|
2017-07-27 11:55:23 +04:00
|
|
|
commentId = oldPostId;
|
2017-09-12 17:03:47 +02:00
|
|
|
} else {
|
|
|
|
|
oldPostId = Number(oldPostId);
|
|
|
|
|
|
|
|
|
|
// CASE: You import an old post id from your LTS blog. Stored in the amp field.
|
|
|
|
|
if (!isNaN(oldPostId)) {
|
|
|
|
|
commentId = oldPostId.toString();
|
|
|
|
|
} else {
|
|
|
|
|
commentId = attrs.id;
|
|
|
|
|
}
|
2017-07-27 11:55:23 +04:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
commentId = attrs.id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NOTE: we remember the old post id because of disqus
|
|
|
|
|
attrs.comment_id = commentId;
|
|
|
|
|
|
2014-04-21 18:08:11 -07:00
|
|
|
return attrs;
|
2015-11-11 17:52:44 +00:00
|
|
|
},
|
2018-01-25 17:54:28 +01:00
|
|
|
enforcedFilters: function enforcedFilters(options) {
|
|
|
|
|
return options.context && options.context.public ? 'status:published' : null;
|
2015-11-11 17:52:44 +00:00
|
|
|
},
|
2018-01-25 17:54:28 +01:00
|
|
|
defaultFilters: function defaultFilters(options) {
|
|
|
|
|
if (options.context && options.context.internal) {
|
2016-04-14 17:54:49 +02:00
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-25 17:54:28 +01:00
|
|
|
return options.context && options.context.public ? 'page:false' : 'page:false+status:published';
|
2013-06-25 12:43:15 +01:00
|
|
|
}
|
|
|
|
|
}, {
|
2017-05-31 15:46:29 +01:00
|
|
|
allowedFormats: ['mobiledoc', 'html', 'plaintext', 'amp'],
|
2017-05-30 11:40:39 +01:00
|
|
|
|
2015-06-17 14:55:39 +01:00
|
|
|
orderDefaultOptions: function orderDefaultOptions() {
|
|
|
|
|
return {
|
|
|
|
|
status: 'ASC',
|
|
|
|
|
published_at: 'DESC',
|
|
|
|
|
updated_at: 'DESC',
|
|
|
|
|
id: 'DESC'
|
|
|
|
|
};
|
|
|
|
|
},
|
|
|
|
|
|
2016-07-15 12:04:10 +02:00
|
|
|
orderDefaultRaw: function () {
|
|
|
|
|
return '' +
|
|
|
|
|
'CASE WHEN posts.status = \'scheduled\' THEN 1 ' +
|
|
|
|
|
'WHEN posts.status = \'draft\' THEN 2 ' +
|
|
|
|
|
'ELSE 3 END ASC,' +
|
|
|
|
|
'posts.published_at DESC,' +
|
|
|
|
|
'posts.updated_at DESC,' +
|
|
|
|
|
'posts.id DESC';
|
|
|
|
|
},
|
|
|
|
|
|
2015-11-11 19:31:52 +00:00
|
|
|
/**
|
|
|
|
|
* @deprecated in favour of filter
|
|
|
|
|
*/
|
|
|
|
|
processOptions: function processOptions(options) {
|
|
|
|
|
if (!options.staticPages && !options.status) {
|
|
|
|
|
return options;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// This is the only place that 'options.where' is set now
|
|
|
|
|
options.where = {statements: []};
|
|
|
|
|
|
2015-06-17 14:55:39 +01:00
|
|
|
// Step 4: Setup filters (where clauses)
|
2015-11-11 17:52:44 +00:00
|
|
|
if (options.staticPages && options.staticPages !== 'all') {
|
2015-06-17 14:55:39 +01:00
|
|
|
// convert string true/false to boolean
|
|
|
|
|
if (!_.isBoolean(options.staticPages)) {
|
2016-06-11 12:23:27 -06:00
|
|
|
options.staticPages = _.includes(['true', '1'], options.staticPages);
|
2015-06-17 14:55:39 +01:00
|
|
|
}
|
2015-11-11 19:31:52 +00:00
|
|
|
options.where.statements.push({prop: 'page', op: '=', value: options.staticPages});
|
|
|
|
|
delete options.staticPages;
|
|
|
|
|
} else if (options.staticPages === 'all') {
|
|
|
|
|
options.where.statements.push({prop: 'page', op: 'IN', value: [true, false]});
|
|
|
|
|
delete options.staticPages;
|
2015-06-17 14:55:39 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Unless `all` is passed as an option, filter on
|
|
|
|
|
// the status provided.
|
2015-11-11 17:52:44 +00:00
|
|
|
if (options.status && options.status !== 'all') {
|
2015-06-17 14:55:39 +01:00
|
|
|
// make sure that status is valid
|
2016-05-19 13:49:22 +02:00
|
|
|
options.status = _.includes(['published', 'draft', 'scheduled'], options.status) ? options.status : 'published';
|
2015-11-11 19:31:52 +00:00
|
|
|
options.where.statements.push({prop: 'status', op: '=', value: options.status});
|
|
|
|
|
delete options.status;
|
2015-11-11 17:52:44 +00:00
|
|
|
} else if (options.status === 'all') {
|
2016-05-19 13:49:22 +02:00
|
|
|
options.where.statements.push({prop: 'status', op: 'IN', value: ['published', 'draft', 'scheduled']});
|
2015-11-11 19:31:52 +00:00
|
|
|
delete options.status;
|
2015-06-17 14:55:39 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return options;
|
|
|
|
|
},
|
2013-06-01 10:47:41 -04:00
|
|
|
|
2014-05-05 21:45:08 -04:00
|
|
|
/**
|
2017-12-11 22:47:46 +01:00
|
|
|
* Returns an array of keys permitted in a method's `options` hash, depending on the current method.
|
|
|
|
|
* @param {String} methodName The name of the method to check valid options for.
|
|
|
|
|
* @return {Array} Keys allowed in the `options` hash of the model's method.
|
|
|
|
|
*/
|
2015-06-14 16:58:49 +01:00
|
|
|
permittedOptions: function permittedOptions(methodName) {
|
2014-05-05 21:45:08 -04:00
|
|
|
var options = ghostBookshelf.Model.permittedOptions(),
|
|
|
|
|
|
|
|
|
|
// whitelists for the `options` hash argument on methods, by method name.
|
|
|
|
|
// these are the only options that can be passed to Bookshelf / Knex.
|
|
|
|
|
validOptions = {
|
2017-11-14 00:18:59 +01:00
|
|
|
findOne: ['columns', 'importing', 'withRelated', 'require'],
|
2015-10-22 14:49:15 +02:00
|
|
|
findPage: ['page', 'limit', 'columns', 'filter', 'order', 'status', 'staticPages'],
|
2017-11-14 00:18:59 +01:00
|
|
|
findAll: ['columns', 'filter']
|
2014-05-05 21:45:08 -04:00
|
|
|
};
|
|
|
|
|
|
2017-05-30 11:40:39 +01:00
|
|
|
// The post model additionally supports having a formats option
|
|
|
|
|
options.push('formats');
|
|
|
|
|
|
2014-05-05 21:45:08 -04:00
|
|
|
if (validOptions[methodName]) {
|
|
|
|
|
options = options.concat(validOptions[methodName]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return options;
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
/**
|
2017-04-19 10:59:09 +02:00
|
|
|
* Manually add 'tags' attribute since it's not in the schema and call parent.
|
|
|
|
|
*
|
2014-05-05 21:45:08 -04:00
|
|
|
* @param {Object} data Has keys representing the model's attributes/fields in the database.
|
|
|
|
|
* @return {Object} The filtered results of the passed in data, containing only what's allowed in the schema.
|
|
|
|
|
*/
|
2015-06-14 16:58:49 +01:00
|
|
|
filterData: function filterData(data) {
|
2017-04-19 10:59:09 +02:00
|
|
|
var filteredData = ghostBookshelf.Model.filterData.apply(this, arguments),
|
2017-11-21 14:28:05 +01:00
|
|
|
extraData = _.pick(data, this.prototype.relationships);
|
2014-05-05 21:45:08 -04:00
|
|
|
|
2017-04-19 10:59:09 +02:00
|
|
|
_.merge(filteredData, extraData);
|
2014-05-05 21:45:08 -04:00
|
|
|
return filteredData;
|
|
|
|
|
},
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 13:41:19 +01:00
|
|
|
// ## Model Data Functions
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ### Find One
|
|
|
|
|
* @extends ghostBookshelf.Model.findOne to handle post status
|
|
|
|
|
* **See:** [ghostBookshelf.Model.findOne](base.js.html#Find%20One)
|
|
|
|
|
*/
|
2015-06-14 16:58:49 +01:00
|
|
|
findOne: function findOne(data, options) {
|
2015-06-25 19:56:27 +01:00
|
|
|
data = _.defaults(data || {}, {
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
status: 'published'
|
2015-06-25 19:56:27 +01:00
|
|
|
});
|
2013-06-08 18:39:24 -05:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 13:41:19 +01:00
|
|
|
if (data.status === 'all') {
|
|
|
|
|
delete data.status;
|
2013-06-01 10:47:41 -04:00
|
|
|
}
|
|
|
|
|
|
2017-10-13 15:44:39 +01:00
|
|
|
return ghostBookshelf.Model.findOne.call(this, data, options);
|
2013-09-13 14:29:59 +01:00
|
|
|
},
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 13:41:19 +01:00
|
|
|
/**
|
|
|
|
|
* ### Edit
|
2017-04-19 15:53:23 +02:00
|
|
|
* Fetches and saves to Post. See model.Base.edit
|
|
|
|
|
*
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 13:41:19 +01:00
|
|
|
* @extends ghostBookshelf.Model.edit to handle returning the full object and manage _updatedAttributes
|
|
|
|
|
* **See:** [ghostBookshelf.Model.edit](base.js.html#edit)
|
|
|
|
|
*/
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
edit: function edit(data, unfilteredOptions) {
|
|
|
|
|
let options = this.filterOptions(unfilteredOptions, 'edit', {extraAllowedProperties: ['id']});
|
2017-11-21 14:28:05 +01:00
|
|
|
|
|
|
|
|
const editPost = () => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
options.forUpdate = true;
|
2017-04-19 15:53:23 +02:00
|
|
|
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
return ghostBookshelf.Model.edit.call(this, data, options)
|
2017-11-21 14:28:05 +01:00
|
|
|
.then((post) => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
return this.findOne({status: 'all', id: options.id}, options)
|
2017-11-21 14:28:05 +01:00
|
|
|
.then((found) => {
|
2017-04-19 15:53:23 +02:00
|
|
|
if (found) {
|
|
|
|
|
// Pass along the updated attributes for checking status changes
|
|
|
|
|
found._updatedAttributes = post._updatedAttributes;
|
|
|
|
|
return found;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
});
|
2017-11-21 14:28:05 +01:00
|
|
|
};
|
2014-02-19 14:57:26 +01:00
|
|
|
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
if (!options.transacting) {
|
2017-11-21 14:28:05 +01:00
|
|
|
return ghostBookshelf.transaction((transacting) => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
options.transacting = transacting;
|
2017-11-21 14:28:05 +01:00
|
|
|
return editPost();
|
|
|
|
|
});
|
2017-04-19 15:53:23 +02:00
|
|
|
}
|
|
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
return editPost();
|
2013-11-03 18:13:19 +01:00
|
|
|
},
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 13:41:19 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* ### Add
|
|
|
|
|
* @extends ghostBookshelf.Model.add to handle returning the full object
|
|
|
|
|
* **See:** [ghostBookshelf.Model.add](base.js.html#add)
|
|
|
|
|
*/
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
add: function add(data, unfilteredOptions) {
|
|
|
|
|
let options = this.filterOptions(unfilteredOptions, 'add', {extraAllowedProperties: ['id']});
|
Refactor API arguments
closes #2610, refs #2697
- cleanup API index.js, and add docs
- all API methods take consistent arguments: object & options
- browse, read, destroy take options, edit and add take object and options
- the context is passed as part of options, meaning no more .call
everywhere
- destroy expects an object, rather than an id all the way down to the model layer
- route params such as :id, :slug, and :key are passed as an option & used
to perform reads, updates and deletes where possible - settings / themes
may need work here still
- HTTP posts api can find a post by slug
- Add API utils for checkData
2014-05-08 13:41:19 +01:00
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
const addPost = (() => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
return ghostBookshelf.Model.add.call(this, data, options)
|
2017-11-21 14:28:05 +01:00
|
|
|
.then((post) => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
return this.findOne({status: 'all', id: post.id}, options);
|
2017-11-21 14:28:05 +01:00
|
|
|
});
|
2013-09-13 14:29:59 +01:00
|
|
|
});
|
2017-11-21 14:28:05 +01:00
|
|
|
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
if (!options.transacting) {
|
2017-11-21 14:28:05 +01:00
|
|
|
return ghostBookshelf.transaction((transacting) => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
options.transacting = transacting;
|
2017-11-21 14:28:05 +01:00
|
|
|
|
|
|
|
|
return addPost();
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return addPost();
|
|
|
|
|
},
|
|
|
|
|
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
destroy: function destroy(unfilteredOptions) {
|
|
|
|
|
let options = this.filterOptions(unfilteredOptions, 'destroy', {extraAllowedProperties: ['id']});
|
2017-11-21 14:28:05 +01:00
|
|
|
|
|
|
|
|
const destroyPost = () => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
return ghostBookshelf.Model.destroy.call(this, options);
|
2017-11-21 14:28:05 +01:00
|
|
|
};
|
|
|
|
|
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
if (!options.transacting) {
|
2017-11-21 14:28:05 +01:00
|
|
|
return ghostBookshelf.transaction((transacting) => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
options.transacting = transacting;
|
2017-11-21 14:28:05 +01:00
|
|
|
return destroyPost();
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return destroyPost();
|
2013-09-27 11:56:20 +01:00
|
|
|
},
|
2014-04-03 15:03:09 +02:00
|
|
|
|
2014-07-23 09:32:27 +01:00
|
|
|
/**
|
|
|
|
|
* ### destroyByAuthor
|
|
|
|
|
* @param {[type]} options has context and id. Context is the user doing the destroy, id is the user to destroy
|
|
|
|
|
*/
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
destroyByAuthor: function destroyByAuthor(unfilteredOptions) {
|
|
|
|
|
let options = this.filterOptions(unfilteredOptions, 'destroyByAuthor', {extraAllowedProperties: ['id']}),
|
|
|
|
|
postCollection = Posts.forge(),
|
|
|
|
|
authorId = options.id;
|
2016-03-01 22:42:01 -06:00
|
|
|
|
|
|
|
|
if (!authorId) {
|
2017-12-11 22:47:46 +01:00
|
|
|
throw new common.errors.NotFoundError({
|
|
|
|
|
message: common.i18n.t('errors.models.post.noUserFound')
|
2017-11-21 14:28:05 +01:00
|
|
|
});
|
2014-07-23 09:32:27 +01:00
|
|
|
}
|
2016-03-01 22:42:01 -06:00
|
|
|
|
2017-11-21 14:28:05 +01:00
|
|
|
const destroyPost = (() => {
|
|
|
|
|
return postCollection
|
|
|
|
|
.query('where', 'author_id', '=', authorId)
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
.fetch(options)
|
|
|
|
|
.call('invokeThen', 'destroy', options)
|
2017-11-21 14:28:05 +01:00
|
|
|
.catch((err) => {
|
2017-12-11 22:47:46 +01:00
|
|
|
throw new common.errors.GhostError({err: err});
|
2017-11-21 14:28:05 +01:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
if (!options.transacting) {
|
2017-11-21 14:28:05 +01:00
|
|
|
return ghostBookshelf.transaction((transacting) => {
|
Sorted out the mixed usages of `include` and `withRelated` (#9425)
no issue
- this commit cleans up the usages of `include` and `withRelated`.
### API layer (`include`)
- as request parameter e.g. `?include=roles,tags`
- as theme API parameter e.g. `{{get .... include="author"}}`
- as internal API access e.g. `api.posts.browse({include: 'author,tags'})`
- the `include` notation is more readable than `withRelated`
- and it allows us to use a different easier format (comma separated list)
- the API utility transforms these more readable properties into model style (or into Ghost style)
### Model access (`withRelated`)
- e.g. `models.Post.findPage({withRelated: ['tags']})`
- driven by bookshelf
---
Commits explained.
* Reorder the usage of `convertOptions`
- 1. validation
- 2. options convertion
- 3. permissions
- the reason is simple, the permission layer access the model layer
- we have to prepare the options before talking to the model layer
- added `convertOptions` where it was missed (not required, but for consistency reasons)
* Use `withRelated` when accessing the model layer and use `include` when accessing the API layer
* Change `convertOptions` API utiliy
- API Usage
- ghost.api(..., {include: 'tags,authors'})
- `include` should only be used when calling the API (either via request or via manual usage)
- `include` is only for readability and easier format
- Ghost (Model Layer Usage)
- models.Post.findOne(..., {withRelated: ['tags', 'authors']})
- should only use `withRelated`
- model layer cannot read 'tags,authors`
- model layer has no idea what `include` means, speaks a different language
- `withRelated` is bookshelf
- internal usage
* include-count plugin: use `withRelated` instead of `include`
- imagine you outsource this plugin to git and publish it to npm
- `include` is an unknown option in bookshelf
* Updated `permittedOptions` in base model
- `include` is no longer a known option
* Remove all occurances of `include` in the model layer
* Extend `filterOptions` base function
- this function should be called as first action
- we clone the unfiltered options
- check if you are using `include` (this is a protection which could help us in the beginning)
- check for permitted and (later on default `withRelated`) options
- the usage is coming in next commit
* Ensure we call `filterOptions` as first action
- use `ghostBookshelf.Model.filterOptions` as first action
- consistent naming pattern for incoming options: `unfilteredOptions`
- re-added allowed options for `toJSON`
- one unsolved architecture problem:
- if you override a function e.g. `edit`
- then you should call `filterOptions` as first action
- the base implementation of e.g. `edit` will call it again
- future improvement
* Removed `findOne` from Invite model
- no longer needed, the base implementation is the same
2018-02-15 10:53:53 +01:00
|
|
|
options.transacting = transacting;
|
2017-11-21 14:28:05 +01:00
|
|
|
return destroyPost();
|
2016-03-01 22:42:01 -06:00
|
|
|
});
|
2017-11-21 14:28:05 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return destroyPost();
|
|
|
|
|
},
|
2014-07-23 09:32:27 +01:00
|
|
|
|
2017-09-26 17:06:14 +01:00
|
|
|
permissible: function permissible(postModelOrId, action, context, unsafeAttrs, loadedPermissions, hasUserPermission, hasAppPermission) {
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
var self = this,
|
2014-05-13 20:49:07 -05:00
|
|
|
postModel = postModelOrId,
|
2018-02-07 10:46:22 +01:00
|
|
|
result = {},
|
|
|
|
|
origArgs, isContributor, isAuthor, isEdit, isAdd, isDestroy;
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
|
|
|
|
|
// If we passed in an id instead of a model, get the model
|
|
|
|
|
// then check the permissions
|
|
|
|
|
if (_.isNumber(postModelOrId) || _.isString(postModelOrId)) {
|
2014-05-13 20:49:07 -05:00
|
|
|
// Grab the original args without the first one
|
|
|
|
|
origArgs = _.toArray(arguments).slice(1);
|
2016-04-14 17:54:49 +02:00
|
|
|
|
2014-05-13 20:49:07 -05:00
|
|
|
// Get the actual post model
|
2018-02-21 16:59:48 +01:00
|
|
|
return this.findOne({id: postModelOrId, status: 'all'})
|
|
|
|
|
.then(function then(foundPostModel) {
|
|
|
|
|
if (!foundPostModel) {
|
|
|
|
|
throw new common.errors.NotFoundError({
|
|
|
|
|
message: common.i18n.t('errors.models.posts.postNotFound')
|
|
|
|
|
});
|
|
|
|
|
}
|
2014-05-13 20:49:07 -05:00
|
|
|
|
2018-02-21 16:59:48 +01:00
|
|
|
// Build up the original args but substitute with actual model
|
|
|
|
|
var newArgs = [foundPostModel].concat(origArgs);
|
|
|
|
|
|
|
|
|
|
return self.permissible.apply(self, newArgs);
|
|
|
|
|
});
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
}
|
|
|
|
|
|
2017-09-27 12:12:53 +01:00
|
|
|
function isChanging(attr) {
|
|
|
|
|
return unsafeAttrs[attr] && unsafeAttrs[attr] !== postModel.get(attr);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function isOwner() {
|
|
|
|
|
return unsafeAttrs.author_id && unsafeAttrs.author_id === context.user;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-07 10:46:22 +01:00
|
|
|
function isCurrentOwner() {
|
|
|
|
|
return context.user === postModel.get('author_id');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function isPublished() {
|
|
|
|
|
return unsafeAttrs.status && unsafeAttrs.status !== 'draft';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function isDraft() {
|
|
|
|
|
return postModel.get('status') === 'draft';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
isContributor = loadedPermissions.user && _.some(loadedPermissions.user.roles, {name: 'Contributor'});
|
|
|
|
|
isAuthor = loadedPermissions.user && _.some(loadedPermissions.user.roles, {name: 'Author'});
|
|
|
|
|
isEdit = (action === 'edit');
|
|
|
|
|
isAdd = (action === 'add');
|
|
|
|
|
isDestroy = (action === 'destroy');
|
|
|
|
|
|
|
|
|
|
if (isContributor && isEdit) {
|
|
|
|
|
// Only allow contributor edit if neither status or author id are changing, and the post is a draft post
|
|
|
|
|
hasUserPermission = !isChanging('status') && !isChanging('author_id') && isDraft() && isCurrentOwner();
|
|
|
|
|
} else if (isContributor && isAdd) {
|
|
|
|
|
// If adding, make sure it's a draft post and has the correct ownership
|
|
|
|
|
hasUserPermission = !isPublished() && isOwner();
|
|
|
|
|
} else if (isContributor && isDestroy) {
|
|
|
|
|
// If destroying, only allow contributor to destroy their own draft posts
|
|
|
|
|
hasUserPermission = isCurrentOwner() && isDraft();
|
|
|
|
|
} else if (isAuthor && isEdit) {
|
|
|
|
|
// Don't allow author to change author ids
|
|
|
|
|
hasUserPermission = isCurrentOwner() && !isChanging('author_id');
|
|
|
|
|
} else if (isAuthor && isAdd) {
|
|
|
|
|
// Make sure new post is authored by the current user
|
2017-09-27 12:12:53 +01:00
|
|
|
hasUserPermission = isOwner();
|
|
|
|
|
} else if (postModel) {
|
2018-02-07 10:46:22 +01:00
|
|
|
hasUserPermission = hasUserPermission || isCurrentOwner();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (isContributor) {
|
|
|
|
|
// Note: at the moment primary_tag is a computed field,
|
|
|
|
|
// meaning we don't add it to this list. However, if the primary_tag
|
|
|
|
|
// ever becomes a db field rather than a computed field, add it to this list
|
|
|
|
|
//
|
|
|
|
|
// TODO: once contribitors are able to edit existing tags, this can be removed
|
|
|
|
|
result.excludedAttrs = ['tags'];
|
2014-05-13 20:49:07 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (hasUserPermission && hasAppPermission) {
|
2018-02-07 10:46:22 +01:00
|
|
|
return Promise.resolve(result);
|
Consistency in model method naming
- The API has the BREAD naming for methods
- The model now has findAll, findOne, findPage (where needed), edit, add and destroy, meaning it is similar but with a bit more flexibility
- browse, read, update, create, and delete, which were effectively just aliases, have all been removed.
- added jsDoc for the model methods
2014-05-05 16:18:38 +01:00
|
|
|
}
|
|
|
|
|
|
2017-12-11 22:47:46 +01:00
|
|
|
return Promise.reject(new common.errors.NoPermissionError({message: common.i18n.t('errors.models.post.notEnoughPermission')}));
|
2013-06-25 12:43:15 +01:00
|
|
|
}
|
|
|
|
|
});
|
2013-06-01 10:47:41 -04:00
|
|
|
|
2013-09-22 18:20:08 -04:00
|
|
|
Posts = ghostBookshelf.Collection.extend({
|
2015-12-02 18:06:44 +08:00
|
|
|
model: Post
|
2013-06-25 12:43:15 +01:00
|
|
|
});
|
2013-06-01 10:47:41 -04:00
|
|
|
|
2013-06-25 12:43:15 +01:00
|
|
|
module.exports = {
|
2014-07-13 12:17:18 +01:00
|
|
|
Post: ghostBookshelf.model('Post', Post),
|
|
|
|
|
Posts: ghostBookshelf.collection('Posts', Posts)
|
2014-02-25 10:18:33 +00:00
|
|
|
};
|
