Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity

🐛 Updated access to be true by default in v3 API

Browse source 
closes #11990

- access should be a members feature, but it was already accidentally exposed to the theme layer
- it has now been added to the API even if members is disabled
- access defaults to true, unless members is enabled
- when members is enabled, access is set to the currently logged in members' access
This commit is contained in:
Hannah Wolfe 2020-07-06 13:00:15 +01:00
parent 4a5079085a
commit 289c1b3e8a
6 changed files with 19 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
core/server/api/canary/utils/serializers/output/utils/post-gating.js
View file

@ -3,6 +3,12 @@ const labs = require('../../../../../../services/labs');
// @TODO: reconsider the location of this - it's part of members and adds a property to the API
const forPost = (attrs, frame) => {
// CASE: Access always defaults to true, unless members is enabled and the member does not have access
if (!Object.prototype.hasOwnProperty.call(frame.options, 'columns') || (frame.options.columns.includes('access'))) {
attrs.access = true;
}
// Handle members being enabled
if (labs.isSet('members')) {
const memberHasAccess = membersService.contentGating.checkPostAccess(attrs, frame.original.context.member);
@ -18,6 +24,7 @@ const forPost = (attrs, frame) => {
attrs.access = memberHasAccess;
}
}
return attrs;
};

2
test/api-acceptance/content/utils.js
View file

@ -29,6 +29,8 @@ const expectedProperties = {
// .without('page')
// v2 returns a calculated excerpt field
.concat('excerpt')
// Access is a calculated property in >= v3
.concat('access')
// returns meta fields from `posts_meta` schema
.concat(
..._(schema.posts_meta).keys().without('post_id', 'id')

7
test/regression/api/canary/content/posts_spec.js
View file

@ -227,7 +227,6 @@ describe('api/canary/content/posts', function () {
let publicPost;
let membersPost;
let paidPost;
let contentGatingFields = ['access'];
before(function () {
// NOTE: ideally this would be set through Admin API request not a stub
@ -291,7 +290,7 @@ describe('api/canary/content/posts', function () {
should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
localUtils.API.checkResponse(post, 'post', null, null);
post.slug.should.eql('thou-shalt-not-be-seen');
post.html.should.eql('');
});
@ -309,7 +308,7 @@ describe('api/canary/content/posts', function () {
should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
localUtils.API.checkResponse(post, 'post', null, null);
post.slug.should.eql('thou-shalt-be-paid-for');
post.html.should.eql('');
});
@ -348,7 +347,7 @@ describe('api/canary/content/posts', function () {
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(14);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post', contentGatingFields, null);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post', null, null);
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true);

2
test/regression/api/canary/content/utils.js
View file

@ -28,6 +28,8 @@ const expectedProperties = {
.without('type')
// canary returns a calculated excerpt field
.concat('excerpt')
// Access is a calculated property in >= v3
.concat('access')
// returns meta fields from `posts_meta` schema
.concat(
..._(schema.posts_meta).keys().without('post_id', 'id')

7
test/regression/api/v3/content/posts_spec.js
View file

@ -227,7 +227,6 @@ describe('api/v3/content/posts', function () {
let publicPost;
let membersPost;
let paidPost;
let contentGatingFields = ['access'];
before(function () {
// NOTE: ideally this would be set through Admin API request not a stub
@ -291,7 +290,7 @@ describe('api/v3/content/posts', function () {
should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
localUtils.API.checkResponse(post, 'post', null, null);
post.slug.should.eql('thou-shalt-not-be-seen');
post.html.should.eql('');
});
@ -309,7 +308,7 @@ describe('api/v3/content/posts', function () {
should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
localUtils.API.checkResponse(post, 'post', null, null);
post.slug.should.eql('thou-shalt-be-paid-for');
post.html.should.eql('');
});
@ -348,7 +347,7 @@ describe('api/v3/content/posts', function () {
should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(14);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post', contentGatingFields, null);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post', null, null);
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true);

2
test/regression/api/v3/content/utils.js
View file

@ -28,6 +28,8 @@ const expectedProperties = {
.without('type')
// v3 returns a calculated excerpt field
.concat('excerpt')
// Access is a calculated property in >= v3
.concat('access')
// returns meta fields from `posts_meta` schema
.concat(
..._(schema.posts_meta).keys().without('post_id', 'id')