Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-03 23:00:14 -05:00
Code Issues Activity
ghost/core/test/unit/models/post_spec.js

2010 lines
86 KiB
JavaScript
Raw Normal View History

Fetch relations by default when insert/updating posts (#9568) no issue - required for model events - otherwise you won't receive a full data set - in worst case you have to re-fetch the post - required for the url service - the url service always needs relations (authors,tags) to be able to generate the url properly @IMPORTANT - no API change, we still return what you are asking for - we first edit/add the resource - then we fetch the data with the API options - @TODO: this can be optimised and will improve performance picking/selecting it from the insert/update response - this is an internal change
2018-04-15 12:12:20 +02:00
/* eslint no-invalid-this:0 */
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
Removed old jshint/jscs rules refs https://github.com/TryGhost/Ghost/commit/bcf5a1bc3446864c036eab5454c612b9c3b00211 - leftovers
2018-06-02 21:48:23 +02:00
const should = require('should'),
🎨Added `absolute_url` flag to public api (#9833) closes #9832 The API _should_ be returning absolute URLs for everything, 3rd party applications require absolute urls to read and display ghost data correctly. Currently they have to concat the blog url and the resource url, which is very uncomfortable. Changing the public api like this would be considered a breaking change however so we've opted to put it behind a query parameter named `absolute_urls`.
2018-08-31 18:02:39 +08:00
url = require('url'),
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
sinon = require('sinon'),
Added tests for event behaviour: updating resources with or without updating it's relations closes #9548 - unit test to proof which events are triggered
2018-04-05 17:34:09 +02:00
_ = require('lodash'),
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
testUtils = require('../../utils'),
knex = require('../../../server/data/db').knex,
✨Dynamic Routing Beta (#9596) refs #9601 ### Dynamic Routing This is the beta version of dynamic routing. - we had a initial implementation of "channels" available in the codebase - we have removed and moved this implementation - there is now a centralised place for dynamic routing - server/services/routing - each routing component is represented by a router type e.g. collections, routes, static pages, taxonomies, rss, preview of posts - keep as much as possible logic of routing helpers, middlewares and controllers - ensure test coverage - connect all the things together - yaml file + validation - routing + routers - url service - sitemaps - url access - deeper implementation of yaml validations - e.g. hard require slashes - ensure routing hierarchy/order - e.g. you enable the subscriber app - you have a custom static page, which lives under the same slug /subscribe - static pages are stronger than apps - e.g. the first collection owns the post it has filtered - a post cannot live in two collections - ensure apps are still working and hook into the routers layer (or better said: and register in the routing service) - put as much as possible comments to the code base for better understanding - ensure a clean debug log - ensure we can unmount routes - e.g. you have a collection permalink of /:slug/ represented by {globals.permalink} - and you change the permalink in the admin to dated permalink - the express route get's refreshed from /:slug/ to /:year/:month/:day/:slug/ - unmount without server restart, yey - ensure we are backwards compatible - e.g. render home.hbs for collection index if collection route is / - ensure you can access your configured permalink from the settings table with {globals.permalink} ### Render 503 if url service did not finish - return 503 if the url service has not finished generating the resource urls ### Rewrite sitemaps - we have rewritten the sitemaps "service", because the url generator does no longer happen on runtime - we generate all urls on bootstrap - the sitemaps service will consume created resource and router urls - these urls will be shown on the xml pages - we listen on url events - we listen on router events - we no longer have to fetch the resources, which is nice - the urlservice pre-fetches resources and emits their urls - the urlservice is the only component who knows which urls are valid - i made some ES6 adaptions - we keep the caching logic -> only regenerate xml if there is a change - updated tests - checked test coverage (100%) ### Re-work usage of Url utility - replace all usages of `urlService.utils.urlFor` by `urlService.getByResourceId` - only for resources e.g. post, author, tag - this is important, because with dynamic routing we no longer create static urls based on the settings permalink on runtime - adapt url utility - adapt tests
2018-06-05 19:02:20 +02:00
urlService = require('../../../server/services/url'),
Fetch relations by default when insert/updating posts (#9568) no issue - required for model events - otherwise you won't receive a full data set - in worst case you have to re-fetch the post - required for the url service - the url service always needs relations (authors,tags) to be able to generate the url properly @IMPORTANT - no API change, we still return what you are asking for - we first edit/add the resource - then we fetch the data with the API options - @TODO: this can be optimised and will improve performance picking/selecting it from the insert/update response - this is an internal change
2018-04-15 12:12:20 +02:00
schema = require('../../../server/data/schema'),
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
models = require('../../../server/models'),
common = require('../../../server/lib/common'),
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
security = require('../../../server/lib/security'),
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
sandbox = sinon.sandbox.create();
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
describe('Unit: models/post', function () {
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
before(function () {
models.init();
});
Removed knex mock (#9685) no issue - this mock eat already too much of my/our time - the idea of adding a knex mock was definitely a failed approach/try - it's too much to maintaince and have not found a module which does this already - we have to support any query format - this is too crazy - the idea was to use the knex mock for model unit tests, because if we want to unit test models we have to run through bookshelf, because the whole model layer depends on bookshelf e.g. events - for now we simply use the real database - we could use the sqlite3 memory mode, but that would mean every unit test runs on sqlite3 - something to consider for later e.g. run unit tests on one matrix - run the rest on another matrix for sqlite + mysql
2018-06-12 20:26:16 +02:00
before(testUtils.teardown);
before(testUtils.setup('users:roles', 'posts'));
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
beforeEach(function () {
sandbox.stub(security.password, 'hash').resolves('$2a$10$we16f8rpbrFZ34xWj0/ZC.LTPUux8ler7bcdTs5qIleN6srRHhilG');
✨Dynamic Routing Beta (#9596) refs #9601 ### Dynamic Routing This is the beta version of dynamic routing. - we had a initial implementation of "channels" available in the codebase - we have removed and moved this implementation - there is now a centralised place for dynamic routing - server/services/routing - each routing component is represented by a router type e.g. collections, routes, static pages, taxonomies, rss, preview of posts - keep as much as possible logic of routing helpers, middlewares and controllers - ensure test coverage - connect all the things together - yaml file + validation - routing + routers - url service - sitemaps - url access - deeper implementation of yaml validations - e.g. hard require slashes - ensure routing hierarchy/order - e.g. you enable the subscriber app - you have a custom static page, which lives under the same slug /subscribe - static pages are stronger than apps - e.g. the first collection owns the post it has filtered - a post cannot live in two collections - ensure apps are still working and hook into the routers layer (or better said: and register in the routing service) - put as much as possible comments to the code base for better understanding - ensure a clean debug log - ensure we can unmount routes - e.g. you have a collection permalink of /:slug/ represented by {globals.permalink} - and you change the permalink in the admin to dated permalink - the express route get's refreshed from /:slug/ to /:year/:month/:day/:slug/ - unmount without server restart, yey - ensure we are backwards compatible - e.g. render home.hbs for collection index if collection route is / - ensure you can access your configured permalink from the settings table with {globals.permalink} ### Render 503 if url service did not finish - return 503 if the url service has not finished generating the resource urls ### Rewrite sitemaps - we have rewritten the sitemaps "service", because the url generator does no longer happen on runtime - we generate all urls on bootstrap - the sitemaps service will consume created resource and router urls - these urls will be shown on the xml pages - we listen on url events - we listen on router events - we no longer have to fetch the resources, which is nice - the urlservice pre-fetches resources and emits their urls - the urlservice is the only component who knows which urls are valid - i made some ES6 adaptions - we keep the caching logic -> only regenerate xml if there is a change - updated tests - checked test coverage (100%) ### Re-work usage of Url utility - replace all usages of `urlService.utils.urlFor` by `urlService.getByResourceId` - only for resources e.g. post, author, tag - this is important, because with dynamic routing we no longer create static urls based on the settings permalink on runtime - adapt url utility - adapt tests
2018-06-05 19:02:20 +02:00
sandbox.stub(urlService, 'getUrlByResourceId');
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
});
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
afterEach(function () {
sandbox.restore();
});
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
after(function () {
sandbox.restore();
});
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
🎨Added `absolute_url` flag to public api (#9833) closes #9832 The API _should_ be returning absolute URLs for everything, 3rd party applications require absolute urls to read and display ghost data correctly. Currently they have to concat the blog url and the resource url, which is very uncomfortable. Changing the public api like this would be considered a breaking change however so we've opted to put it behind a query parameter named `absolute_urls`.
2018-08-31 18:02:39 +08:00
describe('toJSON', function () {
const toJSON = function toJSON(model, options) {
return new models.Post(model).toJSON(options);
};
describe('Public context', function () {
const context = {
public: true
};
it('converts relative feature_image url to absolute when absolute_urls flag passed', function () {
const model = {
feature_image: '/content/images/feature_image.jpg'
};
const json = toJSON(model, {context, absolute_urls: true});
const featureImageUrlObject = url.parse(json.feature_image);
should.exist(featureImageUrlObject.protocol);
should.exist(featureImageUrlObject.host);
});
it('converts relative twitter_image url to absolute when absolute_urls flag passed', function () {
const model = {
twitter_image: '/content/images/twitter_image.jpg'
};
const json = toJSON(model, {context, absolute_urls: true});
const twitterImageUrlObject = url.parse(json.twitter_image);
should.exist(twitterImageUrlObject.protocol);
should.exist(twitterImageUrlObject.host);
});
it('converts relative og_image url to absolute when absolute_urls flag passed', function () {
const model = {
og_image: '/content/images/og_image.jpg'
};
const json = toJSON(model, {context, absolute_urls: true});
const ogImageUrlObject = url.parse(json.og_image);
should.exist(ogImageUrlObject.protocol);
should.exist(ogImageUrlObject.host);
});
it('converts relative content urls to absolute when absolute_urls flag passed', function () {
const model = {
html: '<img src="/content/images/my-coole-image.jpg">'
};
const json = toJSON(model, {context, absolute_urls: true});
const imgSrc = json.html.match(/src="([^"]+)"/)[1];
const imgSrcUrlObject = url.parse(imgSrc);
should.exist(imgSrcUrlObject.protocol);
should.exist(imgSrcUrlObject.host);
});
});
});
Fetch relations by default when insert/updating posts (#9568) no issue - required for model events - otherwise you won't receive a full data set - in worst case you have to re-fetch the post - required for the url service - the url service always needs relations (authors,tags) to be able to generate the url properly @IMPORTANT - no API change, we still return what you are asking for - we first edit/add the resource - then we fetch the data with the API options - @TODO: this can be optimised and will improve performance picking/selecting it from the insert/update response - this is an internal change
2018-04-15 12:12:20 +02:00
describe('add', function () {
describe('ensure full set of data for model events', function () {
it('default', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.add({
title: 'My beautiful title.',
tags: [{
name: 'my-tag'
}]
}, testUtils.context.editor)
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(post.hasOwnProperty(key));
Fixed missing defaults in model layer no issue - reported in the forum: https://forum.ghost.org/t/publishing-with-a-single-post-request-to-posts/1648 - the defaults are defined in two places 1. on the schema level (defaults for the database) 2. on the ORM (model layer) - the defaults on the db layer are set correctly when inserting a new resource - but if we don't apply all defaults on the model layer, it will happen that model events are emitted without the correct defaults - see comment in code base - it's caused by the fact that knex only returns the inserted resource id (probably caused by the fact knex has to support x databases) - components/modules are listening on model events and expect: 1. a complete set of attributes 2. a complete set of defaults 3. sanitized values e.g. bool, date - this commit fixes: 1. added missing defaults for user & post model 2. sanitize booleans (0|1 => false|true) 3. added tests to ensure this works as expected 4. clarfies the usage of `defaults` Regarding https://forum.ghost.org/t/publishing-with-a-single-post-request-to-posts/1648: - the post event was emitted with the following values {page: undefined, featured: undefined} - the urlservice receives this event and won't match the resource against collection filters correctly - NOTE: the post data in the db were correct
2018-06-26 16:00:54 +02:00
if (['page', 'status', 'visibility', 'featured'].indexOf(key) !== -1) {
events.post[0].data[key].should.eql(schema.tables.posts[key].defaultTo);
}
Fetch relations by default when insert/updating posts (#9568) no issue - required for model events - otherwise you won't receive a full data set - in worst case you have to re-fetch the post - required for the url service - the url service always needs relations (authors,tags) to be able to generate the url properly @IMPORTANT - no API change, we still return what you are asking for - we first edit/add the resource - then we fetch the data with the API options - @TODO: this can be optimised and will improve performance picking/selecting it from the insert/update response - this is an internal change
2018-04-15 12:12:20 +02:00
});
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.not.exist(post.tags);
should.not.exist(post.primary_tag);
events.post[0].event.should.eql('added');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
Fixed missing defaults in model layer no issue - reported in the forum: https://forum.ghost.org/t/publishing-with-a-single-post-request-to-posts/1648 - the defaults are defined in two places 1. on the schema level (defaults for the database) 2. on the ORM (model layer) - the defaults on the db layer are set correctly when inserting a new resource - but if we don't apply all defaults on the model layer, it will happen that model events are emitted without the correct defaults - see comment in code base - it's caused by the fact that knex only returns the inserted resource id (probably caused by the fact knex has to support x databases) - components/modules are listening on model events and expect: 1. a complete set of attributes 2. a complete set of defaults 3. sanitized values e.g. bool, date - this commit fixes: 1. added missing defaults for user & post model 2. sanitize booleans (0|1 => false|true) 3. added tests to ensure this works as expected 4. clarfies the usage of `defaults` Regarding https://forum.ghost.org/t/publishing-with-a-single-post-request-to-posts/1648: - the post event was emitted with the following values {page: undefined, featured: undefined} - the urlservice receives this event and won't match the resource against collection filters correctly - NOTE: the post data in the db were correct
2018-06-26 16:00:54 +02:00
if (['page', 'status', 'visibility', 'featured'].indexOf(key) !== -1) {
events.post[0].data[key].should.eql(schema.tables.posts[key].defaultTo);
}
Fetch relations by default when insert/updating posts (#9568) no issue - required for model events - otherwise you won't receive a full data set - in worst case you have to re-fetch the post - required for the url service - the url service always needs relations (authors,tags) to be able to generate the url properly @IMPORTANT - no API change, we still return what you are asking for - we first edit/add the resource - then we fetch the data with the API options - @TODO: this can be optimised and will improve performance picking/selecting it from the insert/update response - this is an internal change
2018-04-15 12:12:20 +02:00
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
Fixed missing defaults in model layer no issue - reported in the forum: https://forum.ghost.org/t/publishing-with-a-single-post-request-to-posts/1648 - the defaults are defined in two places 1. on the schema level (defaults for the database) 2. on the ORM (model layer) - the defaults on the db layer are set correctly when inserting a new resource - but if we don't apply all defaults on the model layer, it will happen that model events are emitted without the correct defaults - see comment in code base - it's caused by the fact that knex only returns the inserted resource id (probably caused by the fact knex has to support x databases) - components/modules are listening on model events and expect: 1. a complete set of attributes 2. a complete set of defaults 3. sanitized values e.g. bool, date - this commit fixes: 1. added missing defaults for user & post model 2. sanitize booleans (0|1 => false|true) 3. added tests to ensure this works as expected 4. clarfies the usage of `defaults` Regarding https://forum.ghost.org/t/publishing-with-a-single-post-request-to-posts/1648: - the post event was emitted with the following values {page: undefined, featured: undefined} - the urlservice receives this event and won't match the resource against collection filters correctly - NOTE: the post data in the db were correct
2018-06-26 16:00:54 +02:00
it('with page:1', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.add({
title: 'My beautiful title.',
page: 1
}, testUtils.context.editor)
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
// transformed 1 to true
post.page.should.eql(true);
events.post[0].data.page.should.eql(true);
});
});
Fetch relations by default when insert/updating posts (#9568) no issue - required for model events - otherwise you won't receive a full data set - in worst case you have to re-fetch the post - required for the url service - the url service always needs relations (authors,tags) to be able to generate the url properly @IMPORTANT - no API change, we still return what you are asking for - we first edit/add the resource - then we fetch the data with the API options - @TODO: this can be optimised and will improve performance picking/selecting it from the insert/update response - this is an internal change
2018-04-15 12:12:20 +02:00
it('use `withRelated=tags`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.add({
title: 'My beautiful title.',
tags: [{
name: 'my-tag'
}]
}, _.merge({
withRelated: ['tags']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.exist(post.tags);
should.exist(post.primary_tag);
events.post[0].event.should.eql('added');
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
it('use `withRelated=tags,authors`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.add({
title: 'My beautiful title.',
tags: [{
name: 'my-tag'
}]
}, _.merge({
withRelated: ['tags', 'authors']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
should.exist(post.authors);
should.exist(post.primary_author);
should.exist(post.tags);
should.exist(post.primary_tag);
events.post[0].event.should.eql('added');
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
it('use `columns=title`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.add({
title: 'My beautiful title.',
tags: [{
name: 'my-tag'
}]
}, _.merge({
columns: ['title']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['title', 'id'])), (key) => {
should.not.exist(post[key]);
});
should.exist(post.id);
should.exist(post.title);
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.not.exist(post.tags);
should.not.exist(post.primary_tag);
events.post[0].event.should.eql('added');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
it('use `formats=mobiledoc`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.add({
title: 'My beautiful title.',
tags: [{
name: 'my-tag'
}]
}, _.merge({
formats: ['mobiledoc']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['html', 'amp', 'plaintext'])), (key) => {
should.exist(post.hasOwnProperty(key));
});
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.not.exist(post.tags);
should.not.exist(post.primary_tag);
events.post[0].event.should.eql('added');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
});
});
describe('edit', function () {
🐛 Added logic to avoid updating the `updated_at` and `updated_by` field when migrating (#9814) no issue - we have to explicitly reset the previous `updated_at` field, because Bookshelf auto-updates this field on each update - we have to extend the condition to avoid updating the `updated_by` field - detect and respect `options.migrating`
2018-08-22 13:57:12 +02:00
it('update post with options.migrating', function () {
const events = {
post: [],
tag: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push(event);
});
sandbox.stub(models.Tag.prototype, 'emitChange').callsFake(function (event) {
events.tag.push(event);
});
let originalUpdatedAt;
let originalUpdatedBy;
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: ['tags']})
.then((post) => {
originalUpdatedAt = post.get('updated_at');
originalUpdatedBy = post.get('updated_by');
// post will be updated, tags relation not
return models.Post.edit({
html: 'changed html'
}, _.merge({id: testUtils.DataGenerator.forKnex.posts[3].id, migrating: true}, testUtils.context.editor));
})
.then((post) => {
post.get('updated_at').should.eql(originalUpdatedAt);
post.get('updated_by').should.eql(originalUpdatedBy);
events.post.should.eql(['edited']);
events.tag.should.eql([]);
});
});
Added tests for event behaviour: updating resources with or without updating it's relations closes #9548 - unit test to proof which events are triggered
2018-04-05 17:34:09 +02:00
it('update post, relation has not changed', function () {
const events = {
post: [],
tag: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push(event);
});
sandbox.stub(models.Tag.prototype, 'emitChange').callsFake(function (event) {
events.tag.push(event);
});
Tests: extended knex mock no issue - support more cases - e.g. multiple where matches - @TODO - take time to look for NPM module, which does this already - test sqlite3 :memory: mode again
2018-04-16 00:29:17 +02:00
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: ['tags']})
Added tests for event behaviour: updating resources with or without updating it's relations closes #9548 - unit test to proof which events are triggered
2018-04-05 17:34:09 +02:00
.then((post) => {
// post will be updated, tags relation not
return models.Post.edit({
title: 'change',
Removed knex mock (#9685) no issue - this mock eat already too much of my/our time - the idea of adding a knex mock was definitely a failed approach/try - it's too much to maintaince and have not found a module which does this already - we have to support any query format - this is too crazy - the idea was to use the knex mock for model unit tests, because if we want to unit test models we have to run through bookshelf, because the whole model layer depends on bookshelf e.g. events - for now we simply use the real database - we could use the sqlite3 memory mode, but that would mean every unit test runs on sqlite3 - something to consider for later e.g. run unit tests on one matrix - run the rest on another matrix for sqlite + mysql
2018-06-12 20:26:16 +02:00
tags: post.related('tags').attributes
Added tests for event behaviour: updating resources with or without updating it's relations closes #9548 - unit test to proof which events are triggered
2018-04-05 17:34:09 +02:00
}, _.merge({id: testUtils.DataGenerator.forKnex.posts[3].id}, testUtils.context.editor));
})
.then((post) => {
post.updated('title').should.eql(testUtils.DataGenerator.forKnex.posts[3].title);
post.get('title').should.eql('change');
events.post.should.eql(['edited']);
events.tag.should.eql([]);
});
});
it('update post, relation has changed', function () {
const events = {
post: [],
tag: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push(event);
});
sandbox.stub(models.Tag.prototype, 'emitChange').callsFake(function (event) {
events.tag.push(event);
});
Tests: extended knex mock no issue - support more cases - e.g. multiple where matches - @TODO - take time to look for NPM module, which does this already - test sqlite3 :memory: mode again
2018-04-16 00:29:17 +02:00
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: ['tags']})
Added tests for event behaviour: updating resources with or without updating it's relations closes #9548 - unit test to proof which events are triggered
2018-04-05 17:34:09 +02:00
.then((post) => {
// post will be updated, tags relation not
return models.Post.edit({
title: 'change',
tags: [{id: post.related('tags').toJSON()[0].id, slug: 'after'}]
}, _.merge({id: testUtils.DataGenerator.forKnex.posts[3].id}, testUtils.context.editor));
})
.then((post) => {
post.updated('title').should.eql('change');
post.get('title').should.eql('change');
events.post.should.eql(['edited']);
events.tag.should.eql(['edited']);
});
});
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
it('resets given empty value to null', function () {
return models.Post.findOne({slug: 'html-ipsum'})
.then(function (post) {
post.get('slug').should.eql('html-ipsum');
post.get('feature_image').should.eql('https://example.com/super_photo.jpg');
post.set('feature_image', '');
post.set('custom_excerpt', '');
return post.save();
})
.then(function (post) {
should(post.get('feature_image')).be.null();
post.get('custom_excerpt').should.eql('');
});
});
Fetch relations by default when insert/updating posts (#9568) no issue - required for model events - otherwise you won't receive a full data set - in worst case you have to re-fetch the post - required for the url service - the url service always needs relations (authors,tags) to be able to generate the url properly @IMPORTANT - no API change, we still return what you are asking for - we first edit/add the resource - then we fetch the data with the API options - @TODO: this can be optimised and will improve performance picking/selecting it from the insert/update response - this is an internal change
2018-04-15 12:12:20 +02:00
describe('ensure full set of data for model events', function () {
it('default', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.edit({
title: 'My beautiful title.'
}, _.merge({id: testUtils.DataGenerator.forKnex.posts[3].id}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(post.hasOwnProperty(key));
});
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.not.exist(post.tags);
should.not.exist(post.primary_tag);
events.post[0].event.should.eql('edited');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
it('use `withRelated=tags`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.edit({
title: 'My beautiful title.'
}, _.merge({
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['tags']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(post.hasOwnProperty(key));
});
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.exist(post.tags);
should.exist(post.primary_tag);
events.post[0].event.should.eql('edited');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
it('use `withRelated=tags,authors`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.edit({
title: 'My beautiful title.'
}, _.merge({
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['tags', 'authors']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(post.hasOwnProperty(key));
});
should.exist(post.authors);
should.exist(post.primary_author);
should.exist(post.tags);
should.exist(post.primary_tag);
events.post[0].event.should.eql('edited');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
it('use `columns=title`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.edit({
title: 'My beautiful title.'
}, _.merge({
id: testUtils.DataGenerator.forKnex.posts[3].id,
columns: ['title']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['title', 'id'])), (key) => {
should.not.exist(post[key]);
});
should.exist(post.id);
should.exist(post.title);
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.not.exist(post.tags);
should.not.exist(post.primary_tag);
events.post[0].event.should.eql('edited');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
it('use `formats=mobiledoc`', function () {
const events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
return models.Post.edit({
title: 'My beautiful title.'
}, _.merge({
id: testUtils.DataGenerator.forKnex.posts[3].id,
formats: ['mobiledoc']
}, testUtils.context.editor))
.then((post) => {
post.get('title').should.eql('My beautiful title.');
post = post.toJSON();
_.each(_.keys(_.omit(schema.tables.posts, ['html', 'amp', 'plaintext'])), (key) => {
should.exist(post.hasOwnProperty(key));
});
should.not.exist(post.authors);
should.not.exist(post.primary_author);
should.not.exist(post.tags);
should.not.exist(post.primary_tag);
events.post[0].event.should.eql('edited');
_.each(_.keys(_.omit(schema.tables.posts, ['mobiledoc', 'amp', 'plaintext'])), (key) => {
should.exist(events.post[0].data.hasOwnProperty(key));
});
should.exist(events.post[0].data.authors);
should.exist(events.post[0].data.primary_author);
should.exist(events.post[0].data.tags);
should.exist(events.post[0].data.primary_tag);
});
});
});
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
});
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
describe('Relations', function () {
describe('author/authors', function () {
describe('add', function () {
it('with invalid post.author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
post.author_id = '12345';
return models.Post.add(post, {
context: {user: testUtils.DataGenerator.forKnex.users[2].id},
withRelated: ['author', 'authors']
}).then(function () {
'Expected error'.should.eql(false);
}).catch(function (err) {
(err instanceof common.errors.ValidationError).should.eql(true);
});
});
it('with invalid post.authors[0].id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
delete post.author_id;
delete post.author;
post.authors = [{
id: '12345'
}];
return models.Post.add(post, {
context: {user: testUtils.DataGenerator.forKnex.users[2].id},
withRelated: ['author', 'authors']
}).then(function () {
'Expected error'.should.eql(false);
}).catch(function (err) {
(err instanceof common.errors.ValidationError).should.eql(true);
});
});
// NOTE: this can be supported as soon as we remove the deprecation for post.author_id
it('[unsupported] insert post.authors[0]', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
delete post.author_id;
delete post.author;
post.authors = [{
name: 'Gregor'
}];
return models.Post.add(post, {
context: {user: testUtils.DataGenerator.forKnex.users[2].id},
withRelated: ['author', 'authors']
}).then(function () {
'Expected error'.should.eql(false);
}).catch(function (err) {
(err[0] instanceof common.errors.ValidationError).should.eql(true);
});
});
it('with invalid post.author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
post.author_id = '12345';
return models.Post.add(post, {
context: {user: testUtils.DataGenerator.forKnex.users[2].id},
withRelated: ['author', 'authors']
}).then(function () {
'Expected error'.should.eql(false);
}).catch(function (err) {
(err instanceof common.errors.ValidationError).should.eql(true);
});
});
it('without author_id/author/authors', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
delete post.author_id;
delete post.author;
delete post.authors;
return models.Post.add(post, {
context: {user: testUtils.DataGenerator.forKnex.users[2].id},
withRelated: ['author', 'authors']
}).then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
post.authors.length.should.eql(1);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
it('without author/authors', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
post.author_id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
return models.Post.add(post, {withRelated: ['author', 'authors']})
.then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors.length.should.eql(1);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
});
});
it('without author/authors', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
post.author_id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
return models.Post.add(post, {withRelated: ['author']})
.then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
should.not.exist(post.authors);
});
});
it('with author, with author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
post.author_id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.author = {
id: testUtils.DataGenerator.forKnex.users[1].id
};
return models.Post.add(post, {withRelated: ['author']})
.then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
should.not.exist(post.authors);
});
});
it('[unsupported] with author, without author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
delete post.author_id;
post.author = {
id: testUtils.DataGenerator.forKnex.users[2].id
};
return models.Post.add(post, {
withRelated: ['author'],
context: {user: testUtils.DataGenerator.forKnex.users[0].id}
}).then(function (post) {
post = post.toJSON();
// no update happened, because `post.author` is ignored
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
should.not.exist(post.authors);
});
});
🐛 Fixed importer bug: can't resolve authors relation closes #9547 - you setup a blog with the following owner: - email: test@ghost.org - name: test - slug: test - now you import a JSON db file, which holds the exact same owner - this owner won't be imported, because it's a duplicate - but the slug is different (!) - the importer tries to find a matching existing user, but won't find anything - the importer then send an empty authors array `post.authors=[]` into the model layer - this is not allowed -> this would mean, you are actively trying to unset all authors
2018-04-10 00:20:19 +02:00
it('[not allowed] with empty authors ([]), without author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
delete post.author_id;
post.authors = [];
return models.Post.add(post, {withRelated: ['author', 'authors']})
.then(function () {
'Expected error'.should.eql(false);
})
.catch(function (err) {
(err instanceof common.errors.ValidationError).should.eql(true);
});
});
it('[not allowed] with empty authors ([]), with author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
post.author_id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors = [];
return models.Post.add(post, {withRelated: ['author', 'authors']})
.then(function () {
'Expected error'.should.eql(false);
})
.catch(function (err) {
(err instanceof common.errors.ValidationError).should.eql(true);
});
});
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
it('with authors, with author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
post.author_id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors = [{
id: testUtils.DataGenerator.forKnex.users[0].id
}];
return models.Post.add(post, {withRelated: ['author', 'authors']})
.then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors.length.should.eql(1);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
});
});
it('with authors, without author_id', function () {
const post = testUtils.DataGenerator.forKnex.createPost();
delete post.author_id;
post.authors = [{
id: testUtils.DataGenerator.forKnex.users[0].id
}];
return models.Post.add(post, {
context: {user: testUtils.DataGenerator.forKnex.users[0].id},
withRelated: ['author', 'authors']
}).then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors.length.should.eql(1);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
});
});
});
describe('findOne', function () {
it('withRelated: []', function () {
Tests: extended knex mock no issue - support more cases - e.g. multiple where matches - @TODO - take time to look for NPM module, which does this already - test sqlite3 :memory: mode again
2018-04-16 00:29:17 +02:00
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: []})
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
.then(function (post) {
post = post.toJSON();
post.author.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
should.not.exist(post.authors);
should.not.exist(post.author_id);
});
});
it('withRelated: [author]', function () {
Tests: extended knex mock no issue - support more cases - e.g. multiple where matches - @TODO - take time to look for NPM module, which does this already - test sqlite3 :memory: mode again
2018-04-16 00:29:17 +02:00
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: ['author']})
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
.then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
should.not.exist(post.authors);
});
});
it('withRelated: [authors]', function () {
Tests: extended knex mock no issue - support more cases - e.g. multiple where matches - @TODO - take time to look for NPM module, which does this already - test sqlite3 :memory: mode again
2018-04-16 00:29:17 +02:00
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: ['authors']})
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
.then(function (post) {
post = post.toJSON();
post.author.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
it('withRelated: [authors, author]', function () {
Tests: extended knex mock no issue - support more cases - e.g. multiple where matches - @TODO - take time to look for NPM module, which does this already - test sqlite3 :memory: mode again
2018-04-16 00:29:17 +02:00
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: ['authors', 'author']})
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
.then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
});
describe('edit', function () {
Removed knex mock (#9685) no issue - this mock eat already too much of my/our time - the idea of adding a knex mock was definitely a failed approach/try - it's too much to maintaince and have not found a module which does this already - we have to support any query format - this is too crazy - the idea was to use the knex mock for model unit tests, because if we want to unit test models we have to run through bookshelf, because the whole model layer depends on bookshelf e.g. events - for now we simply use the real database - we could use the sqlite3 memory mode, but that would mean every unit test runs on sqlite3 - something to consider for later e.g. run unit tests on one matrix - run the rest on another matrix for sqlite + mysql
2018-06-12 20:26:16 +02:00
beforeEach(testUtils.teardown);
beforeEach(testUtils.setup('users:roles', 'posts'));
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
Removed knex mock (#9685) no issue - this mock eat already too much of my/our time - the idea of adding a knex mock was definitely a failed approach/try - it's too much to maintaince and have not found a module which does this already - we have to support any query format - this is too crazy - the idea was to use the knex mock for model unit tests, because if we want to unit test models we have to run through bookshelf, because the whole model layer depends on bookshelf e.g. events - for now we simply use the real database - we could use the sqlite3 memory mode, but that would mean every unit test runs on sqlite3 - something to consider for later e.g. run unit tests on one matrix - run the rest on another matrix for sqlite + mysql
2018-06-12 20:26:16 +02:00
beforeEach(function () {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
// posts[3] has the following author_id
testUtils.DataGenerator.forKnex.posts[3].author_id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
// posts[3] has two authors relations
testUtils.DataGenerator.forKnex.posts_authors[3].post_id.should.eql(testUtils.DataGenerator.forKnex.posts[3].id);
testUtils.DataGenerator.forKnex.posts_authors[3].author_id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
testUtils.DataGenerator.forKnex.posts_authors[4].post_id.should.eql(testUtils.DataGenerator.forKnex.posts[3].id);
testUtils.DataGenerator.forKnex.posts_authors[4].author_id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
it('[not allowed] post.authors = []', function () {
const data = {
authors: []
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function () {
'Expected Error'.should.eql(true);
}).catch(function (err) {
(err instanceof common.errors.ValidationError).should.be.true;
});
});
it('[not allowed] primary authors are not equal', function () {
const data = {
author_id: testUtils.DataGenerator.forKnex.users[2].id,
authors: [{
id: testUtils.DataGenerator.forKnex.users[1].id
}]
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function () {
'Expected Error'.should.eql(true);
}).catch(function (err) {
(err instanceof common.errors.ValidationError).should.be.true;
});
});
it('[not allowed] primary authors are not equal', function () {
const data = {
author: {
id: testUtils.DataGenerator.forKnex.users[2].id
},
authors: [{
id: testUtils.DataGenerator.forKnex.users[1].id
}]
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function () {
'Expected Error'.should.eql(true);
}).catch(function (err) {
(err instanceof common.errors.ValidationError).should.be.true;
});
});
it('change post.author_id [has existing post.authors]', function () {
const data = {
author_id: testUtils.DataGenerator.forKnex.users[1].id
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[1].id);
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[1].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
it('change post.author_id [has existing post.authors] [without `withRelated`]', function () {
const data = {
author_id: testUtils.DataGenerator.forKnex.users[1].id
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id
}).then(function (post) {
post = post.toJSON();
post.author.should.eql(testUtils.DataGenerator.forKnex.users[1].id);
should.not.exist(post.authors);
Tests: extended knex mock no issue - support more cases - e.g. multiple where matches - @TODO - take time to look for NPM module, which does this already - test sqlite3 :memory: mode again
2018-04-16 00:29:17 +02:00
return models.Post.findOne({
id: testUtils.DataGenerator.forKnex.posts[3].id,
status: 'draft'
}, {withRelated: ['authors']});
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
}).then(function (post) {
post = post.toJSON();
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[1].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
it('change post.authors', function () {
testUtils.DataGenerator.forKnex.posts[3].author_id.should.not.equal(testUtils.DataGenerator.forKnex.users[3].id);
const data = {
authors: [
{
id: testUtils.DataGenerator.forKnex.users[3].id
},
{
id: testUtils.DataGenerator.forKnex.users[2].id
}
]
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[3].id);
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[3].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
it('change post.authors, do not include `author`', function () {
testUtils.DataGenerator.forKnex.posts[3].author_id.should.not.equal(testUtils.DataGenerator.forKnex.users[3].id);
const data = {
authors: [
{
id: testUtils.DataGenerator.forKnex.users[3].id
},
{
id: testUtils.DataGenerator.forKnex.users[2].id
}
]
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors']
}).then(function (post) {
post = post.toJSON();
post.author.should.eql(testUtils.DataGenerator.forKnex.users[3].id);
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[3].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
it('change post.authors and post.author_id (different primary author)', function () {
const data = {
authors: [
{
id: testUtils.DataGenerator.forKnex.users[1].id
}
],
author_id: testUtils.DataGenerator.forKnex.users[4].id
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[1].id);
post.authors.length.should.eql(1);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[1].id);
});
});
it('change order of existing post.authors', function () {
const data = {
authors: [
{
id: testUtils.DataGenerator.forKnex.users[2].id
},
{
id: testUtils.DataGenerator.forKnex.users[0].id
}
]
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
});
});
it('[unsupported] change post.author', function () {
const data = {
author: {
id: testUtils.DataGenerator.forKnex.users[4].id
}
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[3].id,
withRelated: ['authors', 'author']
}).then(function (post) {
post = post.toJSON();
post.author.id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors.length.should.eql(2);
post.authors[0].id.should.eql(testUtils.DataGenerator.forKnex.users[0].id);
post.authors[1].id.should.eql(testUtils.DataGenerator.forKnex.users[2].id);
});
});
Protect generated post.html and post.plaintext fields (#9559) closes https://github.com/TryGhost/Ghost/issues/9512 - loop through list of generated fields in `Post.onSaving` and reset their values if a new value was passed in via attributes
2018-04-10 21:45:31 +01:00
it('[unsupported] change post.plaintext', function () {
const data = {
plaintext: 'test'
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[2].id
}).then(function (post) {
post = post.toJSON({formats: ['mobiledoc', 'plaintext', 'html']});
post.plaintext.should.eql(testUtils.DataGenerator.forKnex.posts[2].plaintext);
});
});
it('[unsupported] change post.html', function () {
const data = {
html: 'test'
};
return models.Post.edit(data, {
id: testUtils.DataGenerator.forKnex.posts[2].id
}).then(function (post) {
post = post.toJSON({formats: ['mobiledoc', 'plaintext', 'html']});
post.html.should.eql(testUtils.DataGenerator.forKnex.posts[2].html);
});
});
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
});
describe('destroy', function () {
it('by author', function () {
const authorId = testUtils.DataGenerator.forKnex.users[0].id;
return knex('posts_authors')
.where('author_id', authorId)
.then(function (postAuthors) {
postAuthors.length.should.eql(8);
return models.Post.destroyByAuthor({id: authorId});
})
.then(function () {
return knex('posts_authors')
.where('author_id', authorId);
})
.then(function (postAuthors) {
postAuthors.length.should.eql(0);
});
});
});
});
});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
describe('Permissible', function () {
describe('As Contributor', function () {
describe('Editing', function () {
it('rejects if changing status', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {status: 'published'};
mockPostObj.get.withArgs('status').returns('draft');
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
false
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.called).be.false();
should(mockPostObj.related.calledOnce).be.true();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('rejects if changing author id', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {status: 'draft', author_id: 2};
mockPostObj.get.withArgs('author_id').returns(1);
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.calledOnce).be.true();
should(mockPostObj.related.called).be.false();
done();
});
});
it('rejects if changing authors.0', function (done) {
var mockPostObj = {
get: sandbox.stub(),
related: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', authors: [{id: 2}]};
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
testUtils.permissions.contributor,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
should(mockPostObj.related.calledTwice).be.false();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
it('ignores if changes authors.1', function (done) {
var mockPostObj = {
get: sandbox.stub(),
related: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', authors: [{id: 1}, {id: 2}]};
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
mockPostObj.get.withArgs('status').returns('draft');
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
testUtils.permissions.contributor,
false,
true
).then((result) => {
should.exist(result);
should(result.excludedAttrs).deepEqual(['authors', 'tags']);
should(mockPostObj.get.callCount).eql(2);
should(mockPostObj.related.callCount).eql(2);
done();
}).catch(done);
});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
it('rejects if post is not draft', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {status: 'published', author_id: 1};
mockPostObj.get.withArgs('status').returns('published');
mockPostObj.get.withArgs('author_id').returns(1);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.callCount).eql(3);
should(mockPostObj.related.callCount).eql(1);
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('rejects if contributor is not author of post', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {status: 'draft', author_id: 2};
mockPostObj.get.withArgs('status').returns('draft');
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.get.withArgs('author_id').returns(1);
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.callCount).eql(1);
should(mockPostObj.related.callCount).eql(0);
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('resolves if none of the above cases are true', function () {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {status: 'draft', author_id: 1};
mockPostObj.get.withArgs('status').returns('draft');
mockPostObj.get.withArgs('author_id').returns(1);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
return models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then((result) => {
should.exist(result);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(result.excludedAttrs).deepEqual(['authors', 'tags']);
should(mockPostObj.get.callCount).eql(3);
should(mockPostObj.related.callCount).eql(1);
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
});
});
});
describe('Adding', function () {
it('rejects if "published" status', function (done) {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'published', author_id: 1};
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
done();
});
});
it('rejects if different author id', function (done) {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', author_id: 2};
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
done();
});
});
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
it('rejects if different logged in user and `authors.0`', function (done) {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', authors: [{id: 2}]};
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
testUtils.permissions.contributor,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
done();
});
});
it('rejects if same logged in user and `authors.0`, but different author_id', function (done) {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', author_id: 3, authors: [{id: 1}]};
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
testUtils.permissions.contributor,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
done();
});
});
it('rejects if different logged in user and `authors.0`, but correct author_id', function (done) {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', author_id: 1, authors: [{id: 2}]};
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
testUtils.permissions.contributor,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
done();
});
});
it('resolves if same logged in user and `authors.0`', function (done) {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', authors: [{id: 1}]};
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
testUtils.permissions.contributor,
false,
true
).then((result) => {
should.exist(result);
should(result.excludedAttrs).deepEqual(['authors', 'tags']);
should(mockPostObj.get.called).be.false();
done();
}).catch(done);
});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
it('resolves if none of the above cases are true', function () {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {status: 'draft', author_id: 1};
return models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then((result) => {
should.exist(result);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(result.excludedAttrs).deepEqual(['authors', 'tags']);
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
should(mockPostObj.get.called).be.false();
});
});
});
describe('Destroying', function () {
it('rejects if destroying another author\'s post', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1};
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
models.Post.permissible(
mockPostObj,
'destroy',
context,
{},
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.calledOnce).be.true();
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.related.calledOnce).be.true();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('rejects if destroying a published post', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1};
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
mockPostObj.get.withArgs('status').returns('published');
models.Post.permissible(
mockPostObj,
'destroy',
context,
{},
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.calledOnce).be.true();
should(mockPostObj.related.calledOnce).be.true();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('resolves if none of the above cases are true', function () {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1};
mockPostObj.get.withArgs('status').returns('draft');
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
return models.Post.permissible(
mockPostObj,
'destroy',
context,
{},
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.contributor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then((result) => {
should.exist(result);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(result.excludedAttrs).deepEqual(['authors', 'tags']);
should(mockPostObj.get.calledOnce).be.true();
should(mockPostObj.related.calledOnce).be.true();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
});
});
});
});
describe('As Author', function () {
describe('Editing', function () {
it('rejects if editing another\'s post', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {author_id: 2};
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 2}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
mockPostObj.get.withArgs('author_id').returns(2);
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.author,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.called).be.false();
should(mockPostObj.related.calledOnce).be.true();
done();
});
});
it('rejects if editing another\'s post (using `authors`)', function (done) {
var mockPostObj = {
get: sandbox.stub(),
related: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {authors: [{id: 2}]};
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
testUtils.permissions.author,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
should(mockPostObj.related.calledTwice).be.true();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('rejects if changing author', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {author_id: 2};
mockPostObj.get.withArgs('author_id').returns(1);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
testUtils.permissions.author,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.calledOnce).be.true();
should(mockPostObj.related.calledOnce).be.true();
done();
});
});
it('rejects if changing authors', function (done) {
var mockPostObj = {
get: sandbox.stub(),
related: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {authors: [{id: 2}]};
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
testUtils.permissions.author,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
should(mockPostObj.related.calledTwice).be.true();
done();
});
});
it('rejects if changing authors and author_id', function (done) {
var mockPostObj = {
get: sandbox.stub(),
related: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {authors: [{id: 1}], author_id: 2};
mockPostObj.get.withArgs('author_id').returns(1);
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.author,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.calledOnce).be.true();
should(mockPostObj.related.calledOnce).be.true();
done();
});
});
it('rejects if changing authors and author_id', function (done) {
var mockPostObj = {
get: sandbox.stub(),
related: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {authors: [{id: 2}], author_id: 1};
mockPostObj.get.withArgs('author_id').returns(1);
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
testUtils.permissions.author,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
mockPostObj.get.callCount.should.eql(1);
mockPostObj.related.callCount.should.eql(2);
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('resolves if none of the above cases are true', function () {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {author_id: 1};
mockPostObj.get.withArgs('author_id').returns(1);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
return models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.author,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.calledOnce).be.true();
should(mockPostObj.related.calledOnce).be.true();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
});
});
});
describe('Adding', function () {
it('rejects if different author id', function (done) {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {author_id: 2};
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.author,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
done();
});
});
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
it('rejects if different authors', function (done) {
var mockPostObj = {
get: sandbox.stub(),
related: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {authors: [{id: 2}]};
mockPostObj.related.withArgs('authors').returns({models: [{id: 1}]});
models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
testUtils.permissions.author,
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
should(mockPostObj.get.called).be.false();
done();
});
});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
it('resolves if none of the above cases are true', function () {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {author_id: 1};
return models.Post.permissible(
mockPostObj,
'add',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.author,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
should(mockPostObj.get.called).be.false();
});
});
});
});
describe('Everyone Else', function () {
it('rejects if hasUserPermissions is false and not current owner', function (done) {
var mockPostObj = {
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
get: sandbox.stub(),
related: sandbox.stub()
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
},
context = {user: 1},
unsafeAttrs = {author_id: 2};
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
mockPostObj.related.withArgs('authors').returns({models: [{id: 2}]});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
mockPostObj.get.withArgs('author_id').returns(2);
models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.editor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
false,
true
).then(() => {
done(new Error('Permissible function should have rejected.'));
}).catch((error) => {
error.should.be.an.instanceof(common.errors.NoPermissionError);
✨ Multiple authors (#9426) no issue This PR adds the server side logic for multiple authors. This adds the ability to add multiple authors per post. We keep and support single authors (maybe till the next major - this is still in discussion) ### key notes - `authors` are not fetched by default, only if we need them - the migration script iterates over all posts and figures out if an author_id is valid and exists (in master we can add invalid author_id's) and then adds the relation (falls back to owner if invalid) - ~~i had to push a fork of bookshelf to npm because we currently can't bump bookshelf + the two bugs i discovered are anyway not yet merged (https://github.com/kirrg001/bookshelf/commits/master)~~ replaced by new bookshelf release - the implementation of single & multiple authors lives in a single place (introduction of a new concept: model relation) - if you destroy an author, we keep the behaviour for now -> remove all posts where the primary author id matches. furthermore, remove all relations in posts_authors (e.g. secondary author) - we make re-use of the `excludeAttrs` concept which was invented in the contributors PR (to protect editing authors as author/contributor role) -> i've added a clear todo that we need a logic to make a diff of the target relation -> both for tags and authors - `authors` helper available (same as `tags` helper) - `primary_author` computed field available - `primary_author` functionality available (same as `primary_tag` e.g. permalinks, prev/next helper etc)
2018-03-27 16:16:15 +02:00
should(mockPostObj.get.called).be.false();
should(mockPostObj.related.calledOnce).be.true();
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
done();
});
});
it('resolves if hasUserPermission is true', function () {
var mockPostObj = {
get: sandbox.stub()
},
context = {user: 1},
unsafeAttrs = {author_id: 2};
mockPostObj.get.withArgs('author_id').returns(2);
return models.Post.permissible(
mockPostObj,
'edit',
context,
unsafeAttrs,
🐛Fixed image properties to be reset to null after removal (#9432) closes #9085 Fixes an issue, where the client sets image properties to `""` after deleting the image. This causes problems with the query filter (see https://github.com/TryGhost/GQL/issues/24), as they have to be `null`. Added a check in the model layer saving method to set value to `null`, when the property is empty. Affected models and properties: - `posts`: - `feature_image` - `og_image` - `twitter_image` - `users`: - `profile_image` - `cover_image` - `tags`: - `feature_image`
2018-03-05 15:10:27 +07:00
testUtils.permissions.editor,
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
true,
true
).then(() => {
should(mockPostObj.get.called).be.false();
});
});
});
});
Koenig - Versioned renderer (#9606) refs https://github.com/TryGhost/Ghost/issues/9505 - updates mobiledoc converter's `render` method to accept a `version` argument - `1` === Ghost 1.0's markdown-only renderer output - `2` === Koenig's full mobiledoc renderer output - switch between mobiledoc renderer versions in Post model's `onSaving` hook - version 1 by default - version 2 if Koenig is enabled (currently behind dev experiments config + labs flag) - version 2 if the post's mobiledoc is not compatible with the markdown-only renderer - "version 2" full-Koenig mobiledoc renderer output - wraps content in a `.kg-post` div - removes wrapper around markdown and html card output - adds classes to image card output including selected image size/style - standardises es6 usage across mobiledoc related files
2018-05-04 14:59:39 +01:00
describe('Mobiledoc conversion', function () {
let labs = require('../../../server/services/labs');
let origLabs = _.cloneDeep(labs);
let events;
beforeEach(function () {
events = {
post: []
};
sandbox.stub(models.Post.prototype, 'emitChange').callsFake(function (event) {
events.post.push({event: event, data: this.toJSON()});
});
});
Changes for Koenig and Ghost 2.0 (#9750) refs #9742, refs #9724 - handle König Editor format for 2.0 - adapted importer to be able to import 1.0 and 2.0 exports - added migration scripts - remove labs flag for Koenig - migrate all old editor posts to new editor format - ensure we protect the code against mobiledoc or html field being null - ensure we create a blank mobiledoc structure if mobiledoc field is null (model layer) - ensure you can fully rollback 2.0 to 1.0 - keep mobiledoc/markdown version 1 logic to be able to rollback (deprecated code)
2018-08-03 13:02:14 +02:00
it('converts correctly', function () {
Koenig - Versioned renderer (#9606) refs https://github.com/TryGhost/Ghost/issues/9505 - updates mobiledoc converter's `render` method to accept a `version` argument - `1` === Ghost 1.0's markdown-only renderer output - `2` === Koenig's full mobiledoc renderer output - switch between mobiledoc renderer versions in Post model's `onSaving` hook - version 1 by default - version 2 if Koenig is enabled (currently behind dev experiments config + labs flag) - version 2 if the post's mobiledoc is not compatible with the markdown-only renderer - "version 2" full-Koenig mobiledoc renderer output - wraps content in a `.kg-post` div - removes wrapper around markdown and html card output - adds classes to image card output including selected image size/style - standardises es6 usage across mobiledoc related files
2018-05-04 14:59:39 +01:00
let newPost = testUtils.DataGenerator.forModel.posts[2];
return models.Post.add(
newPost,
testUtils.context.editor
).then((post) => {
should.exist(post);
post.has('html').should.equal(true);
Koenig - Finalise Koenig HTML output and migrate existing content (#9741) refs https://github.com/TryGhost/Ghost/issues/9742 We've identified some changes we need to make to the HTML output of the [new Koenig editor]( https://forum.ghost.org/t/koenig-editor-beta-release/1284/102) for future proofing and consistency across cards. - the `<div class="kg-post">` wrapper around post content has been removed - for image cards the `.kg-image-wide` and `.kg-image-full` classes have been changed to `.kg-width-wide` and `.kg-width-full` and applied to the `<figure>` element rather than the `<img>` element Before: ```html <div class="kg-post"> <figure class="kg-image-card"> <img class="kg-image kg-image-wide" src="..."> <figcaption>example wide image</figcaption> </figure> </div> ``` After: ```html <figure class="kg-image-card kg-width-wide"> <img class="kg-image" src="..."> <figcaption>example wide image</figcaption> </figure> ```
2018-07-23 12:23:02 +01:00
post.get('html').should.equal('<h2 id="testing">testing</h2>\n<p>mctesters</p>\n<ul>\n<li>test</li>\n<li>line</li>\n<li>items</li>\n</ul>\n');
Koenig - Versioned renderer (#9606) refs https://github.com/TryGhost/Ghost/issues/9505 - updates mobiledoc converter's `render` method to accept a `version` argument - `1` === Ghost 1.0's markdown-only renderer output - `2` === Koenig's full mobiledoc renderer output - switch between mobiledoc renderer versions in Post model's `onSaving` hook - version 1 by default - version 2 if Koenig is enabled (currently behind dev experiments config + labs flag) - version 2 if the post's mobiledoc is not compatible with the markdown-only renderer - "version 2" full-Koenig mobiledoc renderer output - wraps content in a `.kg-post` div - removes wrapper around markdown and html card output - adds classes to image card output including selected image size/style - standardises es6 usage across mobiledoc related files
2018-05-04 14:59:39 +01:00
});
});
});
Contributor Role (#9315) closes #9314 * added fixtures for contributor role * update post api tests to prevent contributor publishing post * update permissible function in role/user model * fix additional author code in invites * update contributor role migration for knex-migrator v3 * fix paths in contrib migration * ensure contributors can't edit or delete published posts, fix routing tests [ci skip] * update db fixtures hash * strip tags from post if contributor * cleanup post permissible function * excludedAttrs to ignore tag updates for now (might be removed later) * ensure contributors can't edit another's post * migration script for 1.21
2018-02-07 10:46:22 +01:00
});
Reference in a new issue Copy permalink