Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-04-01 02:41:39 -05:00
Code Issues Activity

Refactor imports in API's routes files

Browse source 
refs https://github.com/TryGhost/Team/issues/856

- There were two problems with routes.js files defining API routes:
- First, the module requires wen too deep into the "api" module and used specific api modules directly. We have an "index.js" file which defines an API for whole API, it should be used as an entry point to anything to do with the API.
- Second, The naming was inconsistent between the routes.js files for "api", "apiV2", "apiCanary" - it is an extra maintenance burden to go on and change each "api" name when the new version is introduced. The only thing that should be changed within these files is a single line on very top that "requires" a specific API version like so: "const api = require('../../../../api').canary;" - way less maintenance to change that canary to v5 instead of doing an extra rename for all "apiCanary" to "apiV5"
This commit is contained in:
Naz 2021-07-07 18:32:41 +04:00
parent 5bd031ac51
commit 11f37a9363
6 changed files with 240 additions and 240 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

254
core/server/web/api/canary/admin/routes.js
View file

@ -1,5 +1,5 @@
const express = require('../../../../../shared/express');
const apiCanary = require('../../../../api/canary');
const api = require('../../../../api').canary;
const apiMw = require('../../middleware');
const mw = require('./middleware');
@ -13,212 +13,212 @@ module.exports = function apiRoutes() {
router.use(apiMw.cors);
const http = apiCanary.http;
const http = api.http;
// ## Public
router.get('/site', mw.publicAdminApi, http(apiCanary.site.read));
router.get('/site', mw.publicAdminApi, http(api.site.read));
// ## Configuration
router.get('/config', mw.authAdminApi, http(apiCanary.config.read));
router.get('/config', mw.authAdminApi, http(api.config.read));
// ## Posts
router.get('/posts', mw.authAdminApi, http(apiCanary.posts.browse));
router.post('/posts', mw.authAdminApi, http(apiCanary.posts.add));
router.get('/posts/:id', mw.authAdminApi, http(apiCanary.posts.read));
router.get('/posts/slug/:slug', mw.authAdminApi, http(apiCanary.posts.read));
router.put('/posts/:id', mw.authAdminApi, http(apiCanary.posts.edit));
router.del('/posts/:id', mw.authAdminApi, http(apiCanary.posts.destroy));
router.get('/posts', mw.authAdminApi, http(api.posts.browse));
router.post('/posts', mw.authAdminApi, http(api.posts.add));
router.get('/posts/:id', mw.authAdminApi, http(api.posts.read));
router.get('/posts/slug/:slug', mw.authAdminApi, http(api.posts.read));
router.put('/posts/:id', mw.authAdminApi, http(api.posts.edit));
router.del('/posts/:id', mw.authAdminApi, http(api.posts.destroy));
// ## Pages
router.get('/pages', mw.authAdminApi, http(apiCanary.pages.browse));
router.post('/pages', mw.authAdminApi, http(apiCanary.pages.add));
router.get('/pages/:id', mw.authAdminApi, http(apiCanary.pages.read));
router.get('/pages/slug/:slug', mw.authAdminApi, http(apiCanary.pages.read));
router.put('/pages/:id', mw.authAdminApi, http(apiCanary.pages.edit));
router.del('/pages/:id', mw.authAdminApi, http(apiCanary.pages.destroy));
router.get('/pages', mw.authAdminApi, http(api.pages.browse));
router.post('/pages', mw.authAdminApi, http(api.pages.add));
router.get('/pages/:id', mw.authAdminApi, http(api.pages.read));
router.get('/pages/slug/:slug', mw.authAdminApi, http(api.pages.read));
router.put('/pages/:id', mw.authAdminApi, http(api.pages.edit));
router.del('/pages/:id', mw.authAdminApi, http(api.pages.destroy));
// # Integrations
router.get('/integrations', mw.authAdminApi, http(apiCanary.integrations.browse));
router.get('/integrations/:id', mw.authAdminApi, http(apiCanary.integrations.read));
router.post('/integrations', mw.authAdminApi, http(apiCanary.integrations.add));
router.post('/integrations/:id/api_key/:keyid/refresh', mw.authAdminApi, http(apiCanary.integrations.edit));
router.put('/integrations/:id', mw.authAdminApi, http(apiCanary.integrations.edit));
router.del('/integrations/:id', mw.authAdminApi, http(apiCanary.integrations.destroy));
router.get('/integrations', mw.authAdminApi, http(api.integrations.browse));
router.get('/integrations/:id', mw.authAdminApi, http(api.integrations.read));
router.post('/integrations', mw.authAdminApi, http(api.integrations.add));
router.post('/integrations/:id/api_key/:keyid/refresh', mw.authAdminApi, http(api.integrations.edit));
router.put('/integrations/:id', mw.authAdminApi, http(api.integrations.edit));
router.del('/integrations/:id', mw.authAdminApi, http(api.integrations.destroy));
// ## Schedules
router.put('/schedules/:resource/:id', mw.authAdminApiWithUrl, http(apiCanary.schedules.publish));
router.put('/schedules/:resource/:id', mw.authAdminApiWithUrl, http(api.schedules.publish));
// ## Settings
router.get('/settings/routes/yaml', mw.authAdminApi, http(apiCanary.settings.download));
router.get('/settings/routes/yaml', mw.authAdminApi, http(api.settings.download));
router.post('/settings/routes/yaml',
mw.authAdminApi,
apiMw.upload.single('routes'),
apiMw.upload.validation({type: 'routes'}),
http(apiCanary.settings.upload)
http(api.settings.upload)
);
router.get('/settings', mw.authAdminApi, http(apiCanary.settings.browse));
router.get('/settings/:key', mw.authAdminApi, http(apiCanary.settings.read));
router.put('/settings', mw.authAdminApi, http(apiCanary.settings.edit));
router.get('/settings/members/email', http(apiCanary.settings.validateMembersEmailUpdate));
router.post('/settings/members/email', mw.authAdminApi, http(apiCanary.settings.updateMembersEmail));
router.del('/settings/stripe/connect', mw.authAdminApi, http(apiCanary.settings.disconnectStripeConnectIntegration));
router.get('/settings', mw.authAdminApi, http(api.settings.browse));
router.get('/settings/:key', mw.authAdminApi, http(api.settings.read));
router.put('/settings', mw.authAdminApi, http(api.settings.edit));
router.get('/settings/members/email', http(api.settings.validateMembersEmailUpdate));
router.post('/settings/members/email', mw.authAdminApi, http(api.settings.updateMembersEmail));
router.del('/settings/stripe/connect', mw.authAdminApi, http(api.settings.disconnectStripeConnectIntegration));
// ## Users
router.get('/users', mw.authAdminApi, http(apiCanary.users.browse));
router.get('/users/:id', mw.authAdminApi, http(apiCanary.users.read));
router.get('/users/slug/:slug', mw.authAdminApi, http(apiCanary.users.read));
router.get('/users', mw.authAdminApi, http(api.users.browse));
router.get('/users/:id', mw.authAdminApi, http(api.users.read));
router.get('/users/slug/:slug', mw.authAdminApi, http(api.users.read));
// NOTE: We don't expose any email addresses via the public api.
router.get('/users/email/:email', mw.authAdminApi, http(apiCanary.users.read));
router.get('/users/:id/token', mw.authAdminApi, http(apiCanary.users.readToken));
router.get('/users/email/:email', mw.authAdminApi, http(api.users.read));
router.get('/users/:id/token', mw.authAdminApi, http(api.users.readToken));
router.put('/users/password', mw.authAdminApi, http(apiCanary.users.changePassword));
router.put('/users/owner', mw.authAdminApi, http(apiCanary.users.transferOwnership));
router.put('/users/:id', mw.authAdminApi, http(apiCanary.users.edit));
router.put('/users/:id/token', mw.authAdminApi, http(apiCanary.users.regenerateToken));
router.del('/users/:id', mw.authAdminApi, http(apiCanary.users.destroy));
router.put('/users/password', mw.authAdminApi, http(api.users.changePassword));
router.put('/users/owner', mw.authAdminApi, http(api.users.transferOwnership));
router.put('/users/:id', mw.authAdminApi, http(api.users.edit));
router.put('/users/:id/token', mw.authAdminApi, http(api.users.regenerateToken));
router.del('/users/:id', mw.authAdminApi, http(api.users.destroy));
// ## Tags
router.get('/tags', mw.authAdminApi, http(apiCanary.tags.browse));
router.get('/tags/:id', mw.authAdminApi, http(apiCanary.tags.read));
router.get('/tags/slug/:slug', mw.authAdminApi, http(apiCanary.tags.read));
router.post('/tags', mw.authAdminApi, http(apiCanary.tags.add));
router.put('/tags/:id', mw.authAdminApi, http(apiCanary.tags.edit));
router.del('/tags/:id', mw.authAdminApi, http(apiCanary.tags.destroy));
router.get('/tags', mw.authAdminApi, http(api.tags.browse));
router.get('/tags/:id', mw.authAdminApi, http(api.tags.read));
router.get('/tags/slug/:slug', mw.authAdminApi, http(api.tags.read));
router.post('/tags', mw.authAdminApi, http(api.tags.add));
router.put('/tags/:id', mw.authAdminApi, http(api.tags.edit));
router.del('/tags/:id', mw.authAdminApi, http(api.tags.destroy));
// Products
router.get('/products', mw.authAdminApi, http(apiCanary.products.browse));
router.post('/products', mw.authAdminApi, http(apiCanary.products.add));
router.get('/products/:id', mw.authAdminApi, http(apiCanary.products.read));
router.put('/products/:id', mw.authAdminApi, http(apiCanary.products.edit));
router.get('/products', mw.authAdminApi, http(api.products.browse));
router.post('/products', mw.authAdminApi, http(api.products.add));
router.get('/products/:id', mw.authAdminApi, http(api.products.read));
router.put('/products/:id', mw.authAdminApi, http(api.products.edit));
// ## Members
router.get('/members', mw.authAdminApi, http(apiCanary.members.browse));
router.post('/members', mw.authAdminApi, http(apiCanary.members.add));
router.del('/members', mw.authAdminApi, http(apiCanary.members.bulkDestroy));
router.get('/members', mw.authAdminApi, http(api.members.browse));
router.post('/members', mw.authAdminApi, http(api.members.add));
router.del('/members', mw.authAdminApi, http(api.members.bulkDestroy));
router.get('/members/stats/count', mw.authAdminApi, http(apiCanary.members.memberStats));
router.get('/members/stats/mrr', mw.authAdminApi, http(apiCanary.members.mrrStats));
router.get('/members/stats/subscribers', mw.authAdminApi, http(apiCanary.members.subscriberStats));
router.get('/members/stats/gross_volume', mw.authAdminApi, http(apiCanary.members.grossVolumeStats));
router.get('/members/stats/count', mw.authAdminApi, http(api.members.memberStats));
router.get('/members/stats/mrr', mw.authAdminApi, http(api.members.mrrStats));
router.get('/members/stats/subscribers', mw.authAdminApi, http(api.members.subscriberStats));
router.get('/members/stats/gross_volume', mw.authAdminApi, http(api.members.grossVolumeStats));
router.get('/members/events', mw.authAdminApi, http(apiCanary.members.activityFeed));
router.get('/members/events', mw.authAdminApi, http(api.members.activityFeed));
router.get('/members/upload', mw.authAdminApi, http(apiCanary.members.exportCSV));
router.get('/members/upload', mw.authAdminApi, http(api.members.exportCSV));
router.post('/members/upload',
mw.authAdminApi,
apiMw.upload.single('membersfile'),
apiMw.upload.validation({type: 'members'}),
http(apiCanary.members.importCSV)
http(api.members.importCSV)
);
router.get('/members/hasActiveStripeSubscriptions', mw.authAdminApi, http(apiCanary.members.hasActiveStripeSubscriptions));
router.get('/members/hasActiveStripeSubscriptions', mw.authAdminApi, http(api.members.hasActiveStripeSubscriptions));
router.get('/members/stripe_connect', mw.authAdminApi, http(apiCanary.membersStripeConnect.auth));
router.get('/members/stripe_connect', mw.authAdminApi, http(api.membersStripeConnect.auth));
router.get('/members/:id', mw.authAdminApi, http(apiCanary.members.read));
router.put('/members/:id', mw.authAdminApi, http(apiCanary.members.edit));
router.del('/members/:id', mw.authAdminApi, http(apiCanary.members.destroy));
router.get('/members/:id', mw.authAdminApi, http(api.members.read));
router.put('/members/:id', mw.authAdminApi, http(api.members.edit));
router.del('/members/:id', mw.authAdminApi, http(api.members.destroy));
router.post('/members/:id/subscriptions/', mw.authAdminApi, http(apiCanary.members.createSubscription));
router.put('/members/:id/subscriptions/:subscription_id', mw.authAdminApi, http(apiCanary.members.editSubscription));
router.post('/members/:id/subscriptions/', mw.authAdminApi, http(api.members.createSubscription));
router.put('/members/:id/subscriptions/:subscription_id', mw.authAdminApi, http(api.members.editSubscription));
router.get('/members/:id/signin_urls', mw.authAdminApi, http(apiCanary.memberSigninUrls.read));
router.get('/members/:id/signin_urls', mw.authAdminApi, http(api.memberSigninUrls.read));
// ## Labels
router.get('/labels', mw.authAdminApi, http(apiCanary.labels.browse));
router.get('/labels/:id', mw.authAdminApi, http(apiCanary.labels.read));
router.get('/labels/slug/:slug', mw.authAdminApi, http(apiCanary.labels.read));
router.post('/labels', mw.authAdminApi, http(apiCanary.labels.add));
router.put('/labels/:id', mw.authAdminApi, http(apiCanary.labels.edit));
router.del('/labels/:id', mw.authAdminApi, http(apiCanary.labels.destroy));
router.get('/labels', mw.authAdminApi, http(api.labels.browse));
router.get('/labels/:id', mw.authAdminApi, http(api.labels.read));
router.get('/labels/slug/:slug', mw.authAdminApi, http(api.labels.read));
router.post('/labels', mw.authAdminApi, http(api.labels.add));
router.put('/labels/:id', mw.authAdminApi, http(api.labels.edit));
router.del('/labels/:id', mw.authAdminApi, http(api.labels.destroy));
// ## Roles
router.get('/roles/', mw.authAdminApi, http(apiCanary.roles.browse));
router.get('/roles/', mw.authAdminApi, http(api.roles.browse));
// ## Slugs
router.get('/slugs/:type/:name', mw.authAdminApi, http(apiCanary.slugs.generate));
router.get('/slugs/:type/:name', mw.authAdminApi, http(api.slugs.generate));
// ## Themes
router.get('/themes/', mw.authAdminApi, http(apiCanary.themes.browse));
router.get('/themes/', mw.authAdminApi, http(api.themes.browse));
router.get('/themes/:name/download',
mw.authAdminApi,
http(apiCanary.themes.download)
http(api.themes.download)
);
router.post('/themes/upload',
mw.authAdminApi,
apiMw.upload.single('file'),
apiMw.upload.validation({type: 'themes'}),
http(apiCanary.themes.upload)
http(api.themes.upload)
);
router.post('/themes/install', mw.authAdminApi, http(apiCanary.themes.install));
router.post('/themes/install', mw.authAdminApi, http(api.themes.install));
router.put('/themes/:name/activate',
mw.authAdminApi,
http(apiCanary.themes.activate)
http(api.themes.activate)
);
router.del('/themes/:name',
mw.authAdminApi,
http(apiCanary.themes.destroy)
http(api.themes.destroy)
);
// ## Notifications
router.get('/notifications', mw.authAdminApi, http(apiCanary.notifications.browse));
router.post('/notifications', mw.authAdminApi, http(apiCanary.notifications.add));
router.del('/notifications/:notification_id', mw.authAdminApi, http(apiCanary.notifications.destroy));
router.get('/notifications', mw.authAdminApi, http(api.notifications.browse));
router.post('/notifications', mw.authAdminApi, http(api.notifications.add));
router.del('/notifications/:notification_id', mw.authAdminApi, http(api.notifications.destroy));
// ## DB
router.get('/db', mw.authAdminApi, http(apiCanary.db.exportContent));
router.get('/db', mw.authAdminApi, http(api.db.exportContent));
router.post('/db',
mw.authAdminApi,
apiMw.upload.single('importfile'),
apiMw.upload.validation({type: 'db'}),
http(apiCanary.db.importContent)
http(api.db.importContent)
);
router.del('/db', mw.authAdminApi, http(apiCanary.db.deleteAllContent));
router.del('/db', mw.authAdminApi, http(api.db.deleteAllContent));
router.post('/db/backup',
mw.authAdminApi,
http(apiCanary.db.backupContent)
http(api.db.backupContent)
);
// ## Mail
router.post('/mail', mw.authAdminApi, http(apiCanary.mail.send));
router.post('/mail/test', mw.authAdminApi, http(apiCanary.mail.sendTest));
router.post('/mail', mw.authAdminApi, http(api.mail.send));
router.post('/mail/test', mw.authAdminApi, http(api.mail.sendTest));
// ## Slack
router.post('/slack/test', mw.authAdminApi, http(apiCanary.slack.sendTest));
router.post('/slack/test', mw.authAdminApi, http(api.slack.sendTest));
// ## Sessions
router.get('/session', mw.authAdminApi, http(apiCanary.session.read));
router.get('/session', mw.authAdminApi, http(api.session.read));
// We don't need auth when creating a new session (logging in)
router.post('/session',
shared.middlewares.brute.globalBlock,
shared.middlewares.brute.userLogin,
http(apiCanary.session.add)
http(api.session.add)
);
router.del('/session', mw.authAdminApi, http(apiCanary.session.delete));
router.del('/session', mw.authAdminApi, http(api.session.delete));
// ## Identity
router.get('/identities', mw.authAdminApi, http(apiCanary.identities.read));
router.get('/identities', mw.authAdminApi, http(api.identities.read));
// ## Authentication
router.post('/authentication/passwordreset',
shared.middlewares.brute.globalReset,
shared.middlewares.brute.userReset,
http(apiCanary.authentication.generateResetToken)
http(api.authentication.generateResetToken)
);
router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(apiCanary.authentication.resetPassword));
router.post('/authentication/invitation', http(apiCanary.authentication.acceptInvitation));
router.get('/authentication/invitation', http(apiCanary.authentication.isInvitation));
router.post('/authentication/setup', http(apiCanary.authentication.setup));
router.put('/authentication/setup', mw.authAdminApi, http(apiCanary.authentication.updateSetup));
router.get('/authentication/setup', http(apiCanary.authentication.isSetup));
router.post('/authentication/reset_all_passwords', mw.authAdminApi, http(apiCanary.authentication.resetAllPasswords));
router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(api.authentication.resetPassword));
router.post('/authentication/invitation', http(api.authentication.acceptInvitation));
router.get('/authentication/invitation', http(api.authentication.isInvitation));
router.post('/authentication/setup', http(api.authentication.setup));
router.put('/authentication/setup', mw.authAdminApi, http(api.authentication.updateSetup));
router.get('/authentication/setup', http(api.authentication.isSetup));
router.post('/authentication/reset_all_passwords', mw.authAdminApi, http(api.authentication.resetAllPasswords));
// ## Images
router.post('/images/upload',
@ -226,50 +226,50 @@ module.exports = function apiRoutes() {
apiMw.upload.single('file'),
apiMw.upload.validation({type: 'images'}),
apiMw.normalizeImage,
http(apiCanary.images.upload)
http(api.images.upload)
);
// ## Invites
router.get('/invites', mw.authAdminApi, http(apiCanary.invites.browse));
router.get('/invites/:id', mw.authAdminApi, http(apiCanary.invites.read));
router.post('/invites', mw.authAdminApi, http(apiCanary.invites.add));
router.del('/invites/:id', mw.authAdminApi, http(apiCanary.invites.destroy));
router.get('/invites', mw.authAdminApi, http(api.invites.browse));
router.get('/invites/:id', mw.authAdminApi, http(api.invites.read));
router.post('/invites', mw.authAdminApi, http(api.invites.add));
router.del('/invites/:id', mw.authAdminApi, http(api.invites.destroy));
// ## Redirects
router.get('/redirects/download', mw.authAdminApi, http(apiCanary.redirects.download));
router.get('/redirects/download', mw.authAdminApi, http(api.redirects.download));
router.post('/redirects/upload',
mw.authAdminApi,
apiMw.upload.single('redirects'),
apiMw.upload.validation({type: 'redirects'}),
http(apiCanary.redirects.upload)
http(api.redirects.upload)
);
// ## Webhooks (RESTHooks)
router.post('/webhooks', mw.authAdminApi, http(apiCanary.webhooks.add));
router.put('/webhooks/:id', mw.authAdminApi, http(apiCanary.webhooks.edit));
router.del('/webhooks/:id', mw.authAdminApi, http(apiCanary.webhooks.destroy));
router.post('/webhooks', mw.authAdminApi, http(api.webhooks.add));
router.put('/webhooks/:id', mw.authAdminApi, http(api.webhooks.edit));
router.del('/webhooks/:id', mw.authAdminApi, http(api.webhooks.destroy));
// ## Oembed (fetch response from oembed provider)
router.get('/oembed', mw.authAdminApi, http(apiCanary.oembed.read));
router.get('/oembed', mw.authAdminApi, http(api.oembed.read));
// ## Actions
router.get('/actions', mw.authAdminApi, http(apiCanary.actions.browse));
router.get('/actions', mw.authAdminApi, http(api.actions.browse));
// ## Email Preview
router.get('/email_preview/posts/:id', mw.authAdminApi, http(apiCanary.email_preview.read));
router.post('/email_preview/posts/:id', mw.authAdminApi, http(apiCanary.email_preview.sendTestEmail));
router.get('/email_preview/posts/:id', mw.authAdminApi, http(api.email_preview.read));
router.post('/email_preview/posts/:id', mw.authAdminApi, http(api.email_preview.sendTestEmail));
// ## Emails
router.get('/emails', mw.authAdminApi, http(apiCanary.emails.browse));
router.get('/emails/:id', mw.authAdminApi, http(apiCanary.emails.read));
router.put('/emails/:id/retry', mw.authAdminApi, http(apiCanary.emails.retry));
router.get('/emails', mw.authAdminApi, http(api.emails.browse));
router.get('/emails/:id', mw.authAdminApi, http(api.emails.read));
router.put('/emails/:id/retry', mw.authAdminApi, http(api.emails.retry));
// ## Snippets
router.get('/snippets', mw.authAdminApi, http(apiCanary.snippets.browse));
router.get('/snippets/:id', mw.authAdminApi, http(apiCanary.snippets.read));
router.post('/snippets', mw.authAdminApi, http(apiCanary.snippets.add));
router.put('/snippets/:id', mw.authAdminApi, http(apiCanary.snippets.edit));
router.del('/snippets/:id', mw.authAdminApi, http(apiCanary.snippets.destroy));
router.get('/snippets', mw.authAdminApi, http(api.snippets.browse));
router.get('/snippets/:id', mw.authAdminApi, http(api.snippets.read));
router.post('/snippets', mw.authAdminApi, http(api.snippets.add));
router.put('/snippets/:id', mw.authAdminApi, http(api.snippets.edit));
router.del('/snippets/:id', mw.authAdminApi, http(api.snippets.destroy));
return router;
};

32
core/server/web/api/canary/content/routes.js
View file

@ -1,6 +1,6 @@
const express = require('../../../../../shared/express');
const cors = require('cors');
const apiCanary = require('../../../../api/canary');
const api = require('../../../../api').canary;
const mw = require('./middleware');
module.exports = function apiRoutes() {
@ -8,32 +8,32 @@ module.exports = function apiRoutes() {
router.use(cors());
const http = apiCanary.http;
const http = api.http;
// ## Posts
router.get('/posts', mw.authenticatePublic, http(apiCanary.postsPublic.browse));
router.get('/posts/:id', mw.authenticatePublic, http(apiCanary.postsPublic.read));
router.get('/posts/slug/:slug', mw.authenticatePublic, http(apiCanary.postsPublic.read));
router.get('/posts', mw.authenticatePublic, http(api.postsPublic.browse));
router.get('/posts/:id', mw.authenticatePublic, http(api.postsPublic.read));
router.get('/posts/slug/:slug', mw.authenticatePublic, http(api.postsPublic.read));
// ## Pages
router.get('/pages', mw.authenticatePublic, http(apiCanary.pagesPublic.browse));
router.get('/pages/:id', mw.authenticatePublic, http(apiCanary.pagesPublic.read));
router.get('/pages/slug/:slug', mw.authenticatePublic, http(apiCanary.pagesPublic.read));
router.get('/pages', mw.authenticatePublic, http(api.pagesPublic.browse));
router.get('/pages/:id', mw.authenticatePublic, http(api.pagesPublic.read));
router.get('/pages/slug/:slug', mw.authenticatePublic, http(api.pagesPublic.read));
// ## Users
router.get('/authors', mw.authenticatePublic, http(apiCanary.authorsPublic.browse));
router.get('/authors/:id', mw.authenticatePublic, http(apiCanary.authorsPublic.read));
router.get('/authors/slug/:slug', mw.authenticatePublic, http(apiCanary.authorsPublic.read));
router.get('/authors', mw.authenticatePublic, http(api.authorsPublic.browse));
router.get('/authors/:id', mw.authenticatePublic, http(api.authorsPublic.read));
router.get('/authors/slug/:slug', mw.authenticatePublic, http(api.authorsPublic.read));
// ## Tags
router.get('/tags', mw.authenticatePublic, http(apiCanary.tagsPublic.browse));
router.get('/tags/:id', mw.authenticatePublic, http(apiCanary.tagsPublic.read));
router.get('/tags/slug/:slug', mw.authenticatePublic, http(apiCanary.tagsPublic.read));
router.get('/tags', mw.authenticatePublic, http(api.tagsPublic.browse));
router.get('/tags/:id', mw.authenticatePublic, http(api.tagsPublic.read));
router.get('/tags/slug/:slug', mw.authenticatePublic, http(api.tagsPublic.read));
// ## Settings
router.get('/settings', mw.authenticatePublic, http(apiCanary.publicSettings.browse));
router.get('/settings', mw.authenticatePublic, http(api.publicSettings.browse));
router.get('/products', mw.authenticatePublic, http(apiCanary.productsPublic.browse));
router.get('/products', mw.authenticatePublic, http(api.productsPublic.browse));
return router;
};

160
core/server/web/api/v2/admin/routes.js
View file

@ -1,5 +1,5 @@
const express = require('../../../../../shared/express');
const apiv2 = require('../../../../api/v2');
const api = require('../../../../api').v2;
const mw = require('./middleware');
const apiMw = require('../../middleware');
@ -13,153 +13,153 @@ module.exports = function apiRoutes() {
router.use(apiMw.cors);
const http = apiv2.http;
const http = api.http;
// ## Public
router.get('/site', mw.publicAdminApi, http(apiv2.site.read));
router.get('/site', mw.publicAdminApi, http(api.site.read));
// ## Configuration
router.get('/config', mw.authAdminApi, http(apiv2.config.read));
router.get('/config', mw.authAdminApi, http(api.config.read));
// ## Posts
router.get('/posts', mw.authAdminApi, http(apiv2.posts.browse));
router.post('/posts', mw.authAdminApi, http(apiv2.posts.add));
router.get('/posts/:id', mw.authAdminApi, http(apiv2.posts.read));
router.get('/posts/slug/:slug', mw.authAdminApi, http(apiv2.posts.read));
router.put('/posts/:id', mw.authAdminApi, http(apiv2.posts.edit));
router.del('/posts/:id', mw.authAdminApi, http(apiv2.posts.destroy));
router.get('/posts', mw.authAdminApi, http(api.posts.browse));
router.post('/posts', mw.authAdminApi, http(api.posts.add));
router.get('/posts/:id', mw.authAdminApi, http(api.posts.read));
router.get('/posts/slug/:slug', mw.authAdminApi, http(api.posts.read));
router.put('/posts/:id', mw.authAdminApi, http(api.posts.edit));
router.del('/posts/:id', mw.authAdminApi, http(api.posts.destroy));
// ## Pages
router.get('/pages', mw.authAdminApi, http(apiv2.pages.browse));
router.post('/pages', mw.authAdminApi, http(apiv2.pages.add));
router.get('/pages/:id', mw.authAdminApi, http(apiv2.pages.read));
router.get('/pages/slug/:slug', mw.authAdminApi, http(apiv2.pages.read));
router.put('/pages/:id', mw.authAdminApi, http(apiv2.pages.edit));
router.del('/pages/:id', mw.authAdminApi, http(apiv2.pages.destroy));
router.get('/pages', mw.authAdminApi, http(api.pages.browse));
router.post('/pages', mw.authAdminApi, http(api.pages.add));
router.get('/pages/:id', mw.authAdminApi, http(api.pages.read));
router.get('/pages/slug/:slug', mw.authAdminApi, http(api.pages.read));
router.put('/pages/:id', mw.authAdminApi, http(api.pages.edit));
router.del('/pages/:id', mw.authAdminApi, http(api.pages.destroy));
// # Integrations
router.get('/integrations', mw.authAdminApi, http(apiv2.integrations.browse));
router.get('/integrations/:id', mw.authAdminApi, http(apiv2.integrations.read));
router.post('/integrations', mw.authAdminApi, http(apiv2.integrations.add));
router.put('/integrations/:id', mw.authAdminApi, http(apiv2.integrations.edit));
router.del('/integrations/:id', mw.authAdminApi, http(apiv2.integrations.destroy));
router.get('/integrations', mw.authAdminApi, http(api.integrations.browse));
router.get('/integrations/:id', mw.authAdminApi, http(api.integrations.read));
router.post('/integrations', mw.authAdminApi, http(api.integrations.add));
router.put('/integrations/:id', mw.authAdminApi, http(api.integrations.edit));
router.del('/integrations/:id', mw.authAdminApi, http(api.integrations.destroy));
// ## Schedules
router.put('/schedules/:resource/:id', mw.authAdminApiWithUrl, http(apiv2.schedules.publish));
router.put('/schedules/:resource/:id', mw.authAdminApiWithUrl, http(api.schedules.publish));
// ## Settings
router.get('/settings/routes/yaml', mw.authAdminApi, http(apiv2.settings.download));
router.get('/settings/routes/yaml', mw.authAdminApi, http(api.settings.download));
router.post('/settings/routes/yaml',
mw.authAdminApi,
apiMw.upload.single('routes'),
apiMw.upload.validation({type: 'routes'}),
http(apiv2.settings.upload)
http(api.settings.upload)
);
router.get('/settings', mw.authAdminApi, http(apiv2.settings.browse));
router.get('/settings/:key', mw.authAdminApi, http(apiv2.settings.read));
router.put('/settings', mw.authAdminApi, http(apiv2.settings.edit));
router.get('/settings', mw.authAdminApi, http(api.settings.browse));
router.get('/settings/:key', mw.authAdminApi, http(api.settings.read));
router.put('/settings', mw.authAdminApi, http(api.settings.edit));
// ## Users
router.get('/users', mw.authAdminApi, http(apiv2.users.browse));
router.get('/users/:id', mw.authAdminApi, http(apiv2.users.read));
router.get('/users/slug/:slug', mw.authAdminApi, http(apiv2.users.read));
router.get('/users', mw.authAdminApi, http(api.users.browse));
router.get('/users/:id', mw.authAdminApi, http(api.users.read));
router.get('/users/slug/:slug', mw.authAdminApi, http(api.users.read));
// NOTE: We don't expose any email addresses via the public api.
router.get('/users/email/:email', mw.authAdminApi, http(apiv2.users.read));
router.get('/users/email/:email', mw.authAdminApi, http(api.users.read));
router.put('/users/password', mw.authAdminApi, http(apiv2.users.changePassword));
router.put('/users/owner', mw.authAdminApi, http(apiv2.users.transferOwnership));
router.put('/users/:id', mw.authAdminApi, http(apiv2.users.edit));
router.del('/users/:id', mw.authAdminApi, http(apiv2.users.destroy));
router.put('/users/password', mw.authAdminApi, http(api.users.changePassword));
router.put('/users/owner', mw.authAdminApi, http(api.users.transferOwnership));
router.put('/users/:id', mw.authAdminApi, http(api.users.edit));
router.del('/users/:id', mw.authAdminApi, http(api.users.destroy));
// ## Tags
router.get('/tags', mw.authAdminApi, http(apiv2.tags.browse));
router.get('/tags/:id', mw.authAdminApi, http(apiv2.tags.read));
router.get('/tags/slug/:slug', mw.authAdminApi, http(apiv2.tags.read));
router.post('/tags', mw.authAdminApi, http(apiv2.tags.add));
router.put('/tags/:id', mw.authAdminApi, http(apiv2.tags.edit));
router.del('/tags/:id', mw.authAdminApi, http(apiv2.tags.destroy));
router.get('/tags', mw.authAdminApi, http(api.tags.browse));
router.get('/tags/:id', mw.authAdminApi, http(api.tags.read));
router.get('/tags/slug/:slug', mw.authAdminApi, http(api.tags.read));
router.post('/tags', mw.authAdminApi, http(api.tags.add));
router.put('/tags/:id', mw.authAdminApi, http(api.tags.edit));
router.del('/tags/:id', mw.authAdminApi, http(api.tags.destroy));
// ## Roles
router.get('/roles/', mw.authAdminApi, http(apiv2.roles.browse));
router.get('/roles/', mw.authAdminApi, http(api.roles.browse));
// ## Slugs
router.get('/slugs/:type/:name', mw.authAdminApi, http(apiv2.slugs.generate));
router.get('/slugs/:type/:name', mw.authAdminApi, http(api.slugs.generate));
// ## Themes
router.get('/themes/', mw.authAdminApi, http(apiv2.themes.browse));
router.get('/themes/', mw.authAdminApi, http(api.themes.browse));
router.get('/themes/:name/download',
mw.authAdminApi,
http(apiv2.themes.download)
http(api.themes.download)
);
router.post('/themes/upload',
mw.authAdminApi,
apiMw.upload.single('file'),
apiMw.upload.validation({type: 'themes'}),
http(apiv2.themes.upload)
http(api.themes.upload)
);
router.put('/themes/:name/activate',
mw.authAdminApi,
http(apiv2.themes.activate)
http(api.themes.activate)
);
router.del('/themes/:name',
mw.authAdminApi,
http(apiv2.themes.destroy)
http(api.themes.destroy)
);
// ## Notifications
router.get('/notifications', mw.authAdminApi, http(apiv2.notifications.browse));
router.post('/notifications', mw.authAdminApi, http(apiv2.notifications.add));
router.del('/notifications/:notification_id', mw.authAdminApi, http(apiv2.notifications.destroy));
router.get('/notifications', mw.authAdminApi, http(api.notifications.browse));
router.post('/notifications', mw.authAdminApi, http(api.notifications.add));
router.del('/notifications/:notification_id', mw.authAdminApi, http(api.notifications.destroy));
// ## DB
router.get('/db', mw.authAdminApi, http(apiv2.db.exportContent));
router.get('/db', mw.authAdminApi, http(api.db.exportContent));
router.post('/db',
mw.authAdminApi,
apiMw.upload.single('importfile'),
apiMw.upload.validation({type: 'db'}),
http(apiv2.db.importContent)
http(api.db.importContent)
);
router.del('/db', mw.authAdminApi, http(apiv2.db.deleteAllContent));
router.del('/db', mw.authAdminApi, http(api.db.deleteAllContent));
router.post('/db/backup',
mw.authAdminApi,
http(apiv2.db.backupContent)
http(api.db.backupContent)
);
// ## Mail
router.post('/mail', mw.authAdminApi, http(apiv2.mail.send));
router.post('/mail/test', mw.authAdminApi, http(apiv2.mail.sendTest));
router.post('/mail', mw.authAdminApi, http(api.mail.send));
router.post('/mail/test', mw.authAdminApi, http(api.mail.sendTest));
// ## Slack
router.post('/slack/test', mw.authAdminApi, http(apiv2.slack.sendTest));
router.post('/slack/test', mw.authAdminApi, http(api.slack.sendTest));
// ## Sessions
router.get('/session', mw.authAdminApi, http(apiv2.session.read));
router.get('/session', mw.authAdminApi, http(api.session.read));
// We don't need auth when creating a new session (logging in)
router.post('/session',
shared.middlewares.brute.globalBlock,
shared.middlewares.brute.userLogin,
http(apiv2.session.add)
http(api.session.add)
);
router.del('/session', mw.authAdminApi, http(apiv2.session.delete));
router.del('/session', mw.authAdminApi, http(api.session.delete));
// ## Authentication
router.post('/authentication/passwordreset',
shared.middlewares.brute.globalReset,
shared.middlewares.brute.userReset,
http(apiv2.authentication.generateResetToken)
http(api.authentication.generateResetToken)
);
router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(apiv2.authentication.resetPassword));
router.post('/authentication/invitation', http(apiv2.authentication.acceptInvitation));
router.get('/authentication/invitation', http(apiv2.authentication.isInvitation));
router.post('/authentication/setup', http(apiv2.authentication.setup));
router.put('/authentication/setup', mw.authAdminApi, http(apiv2.authentication.updateSetup));
router.get('/authentication/setup', http(apiv2.authentication.isSetup));
router.put('/authentication/passwordreset', shared.middlewares.brute.globalBlock, http(api.authentication.resetPassword));
router.post('/authentication/invitation', http(api.authentication.acceptInvitation));
router.get('/authentication/invitation', http(api.authentication.isInvitation));
router.post('/authentication/setup', http(api.authentication.setup));
router.put('/authentication/setup', mw.authAdminApi, http(api.authentication.updateSetup));
router.get('/authentication/setup', http(api.authentication.isSetup));
// ## Images
router.post('/images/upload',
@ -167,34 +167,34 @@ module.exports = function apiRoutes() {
apiMw.upload.single('file'),
apiMw.upload.validation({type: 'images'}),
apiMw.normalizeImage,
http(apiv2.images.upload)
http(api.images.upload)
);
// ## Invites
router.get('/invites', mw.authAdminApi, http(apiv2.invites.browse));
router.get('/invites/:id', mw.authAdminApi, http(apiv2.invites.read));
router.post('/invites', mw.authAdminApi, http(apiv2.invites.add));
router.del('/invites/:id', mw.authAdminApi, http(apiv2.invites.destroy));
router.get('/invites', mw.authAdminApi, http(api.invites.browse));
router.get('/invites/:id', mw.authAdminApi, http(api.invites.read));
router.post('/invites', mw.authAdminApi, http(api.invites.add));
router.del('/invites/:id', mw.authAdminApi, http(api.invites.destroy));
// ## Redirects (JSON based)
router.get('/redirects/json', mw.authAdminApi, http(apiv2.redirects.download));
router.get('/redirects/json', mw.authAdminApi, http(api.redirects.download));
router.post('/redirects/json',
mw.authAdminApi,
apiMw.upload.single('redirects'),
apiMw.upload.validation({type: 'redirects'}),
http(apiv2.redirects.upload)
http(api.redirects.upload)
);
// ## Webhooks (RESTHooks)
router.post('/webhooks', mw.authAdminApi, http(apiv2.webhooks.add));
router.put('/webhooks/:id', mw.authAdminApi, http(apiv2.webhooks.edit));
router.del('/webhooks/:id', mw.authAdminApi, http(apiv2.webhooks.destroy));
router.post('/webhooks', mw.authAdminApi, http(api.webhooks.add));
router.put('/webhooks/:id', mw.authAdminApi, http(api.webhooks.edit));
router.del('/webhooks/:id', mw.authAdminApi, http(api.webhooks.destroy));
// ## Oembed (fetch response from oembed provider)
router.get('/oembed', mw.authAdminApi, http(apiv2.oembed.read));
router.get('/oembed', mw.authAdminApi, http(api.oembed.read));
// ## Actions
router.get('/actions/:type/:id', mw.authAdminApi, http(apiv2.actions.browse));
router.get('/actions/:type/:id', mw.authAdminApi, http(api.actions.browse));
return router;
};

30
core/server/web/api/v2/content/routes.js
View file

@ -1,6 +1,6 @@
const express = require('../../../../../shared/express');
const cors = require('cors');
const apiv2 = require('../../../../api/v2');
const api = require('../../../../api').v2;
const mw = require('./middleware');
module.exports = function apiRoutes() {
@ -8,30 +8,30 @@ module.exports = function apiRoutes() {
router.use(cors());
const http = apiv2.http;
const http = api.http;
// ## Posts
router.get('/posts', mw.authenticatePublic, http(apiv2.postsPublic.browse));
router.get('/posts/:id', mw.authenticatePublic, http(apiv2.postsPublic.read));
router.get('/posts/slug/:slug', mw.authenticatePublic, http(apiv2.postsPublic.read));
router.get('/posts', mw.authenticatePublic, http(api.postsPublic.browse));
router.get('/posts/:id', mw.authenticatePublic, http(api.postsPublic.read));
router.get('/posts/slug/:slug', mw.authenticatePublic, http(api.postsPublic.read));
// ## Pages
router.get('/pages', mw.authenticatePublic, http(apiv2.pagesPublic.browse));
router.get('/pages/:id', mw.authenticatePublic, http(apiv2.pagesPublic.read));
router.get('/pages/slug/:slug', mw.authenticatePublic, http(apiv2.pagesPublic.read));
router.get('/pages', mw.authenticatePublic, http(api.pagesPublic.browse));
router.get('/pages/:id', mw.authenticatePublic, http(api.pagesPublic.read));
router.get('/pages/slug/:slug', mw.authenticatePublic, http(api.pagesPublic.read));
// ## Users
router.get('/authors', mw.authenticatePublic, http(apiv2.authorsPublic.browse));
router.get('/authors/:id', mw.authenticatePublic, http(apiv2.authorsPublic.read));
router.get('/authors/slug/:slug', mw.authenticatePublic, http(apiv2.authorsPublic.read));
router.get('/authors', mw.authenticatePublic, http(api.authorsPublic.browse));
router.get('/authors/:id', mw.authenticatePublic, http(api.authorsPublic.read));
router.get('/authors/slug/:slug', mw.authenticatePublic, http(api.authorsPublic.read));
// ## Tags
router.get('/tags', mw.authenticatePublic, http(apiv2.tagsPublic.browse));
router.get('/tags/:id', mw.authenticatePublic, http(apiv2.tagsPublic.read));
router.get('/tags/slug/:slug', mw.authenticatePublic, http(apiv2.tagsPublic.read));
router.get('/tags', mw.authenticatePublic, http(api.tagsPublic.browse));
router.get('/tags/:id', mw.authenticatePublic, http(api.tagsPublic.read));
router.get('/tags/slug/:slug', mw.authenticatePublic, http(api.tagsPublic.read));
// ## Settings
router.get('/settings', mw.authenticatePublic, http(apiv2.publicSettings.browse));
router.get('/settings', mw.authenticatePublic, http(api.publicSettings.browse));
return router;
};

2
core/server/web/api/v3/admin/routes.js
View file

@ -1,5 +1,5 @@
const express = require('../../../../../shared/express');
const api = require('../../../../api/v3');
const api = require('../../../../api').v3;
const apiMw = require('../../middleware');
const mw = require('./middleware');

2
core/server/web/api/v3/content/routes.js
View file

@ -1,6 +1,6 @@
const express = require('../../../../../shared/express');
const cors = require('cors');
const api = require('../../../../api/v3');
const api = require('../../../../api').v3;
const mw = require('./middleware');
module.exports = function apiRoutes() {