Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-10 23:36:14 -05:00
Code Issues Activity

Removed all clients and client_trusted_domains related code

Browse source 
no issue

- v0.1 is ☠️ so there's no longer any use of client auth
- removes all code related to `clients` and `client_trusted_domains`
- noops the "add backup client" migration in 1.7 because the referenced fixture no longer exists causing migrations and consequently all regression tests to fail
This commit is contained in:
Kevin Ansfield 2019-09-12 14:54:39 +01:00
parent c00c04df30
commit 33fe21f888
31 changed files with 133 additions and 935 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/server/data/exporter/index.js
View file

@ -6,7 +6,7 @@ var _ = require('lodash'),
common = require('../../lib/common'),
security = require('../../lib/security'),
models = require('../../models'),
EXCLUDED_TABLES = ['accesstokens', 'refreshtokens', 'clients', 'client_trusted_domains', 'sessions', 'mobiledoc_revisions'],
EXCLUDED_TABLES = ['accesstokens', 'refreshtokens', 'sessions', 'mobiledoc_revisions'],
EXCLUDED_FIELDS_CONDITIONS = {
settings: [{
operator: 'whereNot',

108
core/server/data/importer/importers/data/clients.js
View file

@ -1,108 +0,0 @@
const debug = require('ghost-ignition').debug('importer:clients'),
Promise = require('bluebird'),
_ = require('lodash'),
BaseImporter = require('./base'),
models = require('../../../../models');
class ClientsImporter extends BaseImporter {
constructor(allDataFromFile) {
super(allDataFromFile, {
modelName: 'Client',
dataKeyToImport: 'clients'
});
this.errorConfig = {
allowDuplicates: false,
returnDuplicates: true,
showNotFoundWarning: false
};
}
fetchExisting(modelOptions) {
return models.Client.findAll(_.merge({columns: ['id', 'slug']}, modelOptions))
.then((existingData) => {
this.existingData = existingData.toJSON();
});
}
beforeImport() {
debug('beforeImport');
return super.beforeImport();
}
doImport(options, importOptions = {}) {
debug('doImport', this.dataToImport.length);
let ops = [];
if (!importOptions.include || importOptions.include.indexOf(this.dataKeyToImport) === -1) {
return Promise.resolve().reflect();
}
_.each(this.dataToImport, (obj) => {
ops.push(models[this.modelName].findOne({slug: obj.slug}, options)
.then((client) => {
if (client) {
return models[this.modelName]
.edit(_.omit(obj, 'id'), Object.assign({id: client.id}, options))
.then((importedModel) => {
obj.model = {
id: importedModel.id
};
if (importOptions.returnImportedData) {
this.importedDataToReturn.push(importedModel.toJSON());
}
// for identifier lookup
this.importedData.push({
id: importedModel.id,
slug: importedModel.get('slug'),
originalSlug: obj.slug
});
return importedModel;
})
.catch((err) => {
return this.handleError(err, obj);
});
}
// @NOTE: name is also unique
return models[this.modelName].findOne({name: obj.name}, options);
})
.then((client) => {
if (client) {
obj.name = `${obj.name}-1`;
}
return models[this.modelName].add(obj, options)
.then((importedModel) => {
obj.model = {
id: importedModel.id
};
if (importOptions.returnImportedData) {
this.importedDataToReturn.push(importedModel.toJSON());
}
// for identifier lookup
this.importedData.push({
id: importedModel.id,
slug: importedModel.get('slug'),
originalSlug: obj.slug
});
return importedModel;
})
.catch((err) => {
return this.handleError(err, obj);
});
}).reflect());
});
return Promise.all(ops);
}
}
module.exports = ClientsImporter;

4
core/server/data/importer/importers/data/index.js
View file

@ -9,8 +9,6 @@ var _ = require('lodash'),
PostsImporter = require('./posts'),
TagsImporter = require('./tags'),
SettingsImporter = require('./settings'),
ClientsImporter = require('./clients'),
TrustedDomainsImporter = require('./trusted-domains'),
UsersImporter = require('./users'),
RolesImporter = require('./roles'),
importers = {},
@ -31,8 +29,6 @@ DataImporter = {
importers.subscribers = new SubscribersImporter(importData.data);
importers.posts = new PostsImporter(importData.data);
importers.settings = new SettingsImporter(importData.data);
importers.clients = new ClientsImporter(importData.data);
importers.trustedDomains = new TrustedDomainsImporter(importData.data);
return importData;
},

93
core/server/data/importer/importers/data/trusted-domains.js
View file

@ -1,93 +0,0 @@
const debug = require('ghost-ignition').debug('importer:clients'),
Promise = require('bluebird'),
_ = require('lodash'),
BaseImporter = require('./base'),
models = require('../../../../models');
class TrustedDomainsImporter extends BaseImporter {
constructor(allDataFromFile) {
super(allDataFromFile, {
modelName: 'ClientTrustedDomain',
dataKeyToImport: 'client_trusted_domains',
requiredExistingData: ['clients'],
requiredFromFile: ['clients'],
requiredImportedData: ['clients']
});
this.errorConfig = {
allowDuplicates: false,
returnDuplicates: true,
showNotFoundWarning: false
};
}
fetchExisting(modelOptions) {
return models.ClientTrustedDomain.findAll(_.merge({columns: ['id', 'trusted_domain']}, modelOptions))
.then((existingData) => {
this.existingData = existingData.toJSON();
});
}
beforeImport() {
debug('beforeImport');
// CASE: compare with existing trusted domains
this.dataToImport = _.filter(this.dataToImport, (domainToImport) => {
if (_.find(this.existingData, {trusted_domain: domainToImport.trusted_domain})) {
return false;
}
return true;
});
return super.beforeImport();
}
replaceIdentifiers(modelOptions, importOptions = {}) {
debug('replaceIdentifiers');
if (!importOptions.include || importOptions.include.indexOf(this.dataKeyToImport) === -1) {
return super.replaceIdentifiers(modelOptions, importOptions);
}
const randomClientId = this.requiredExistingData.clients[0].id;
_.each(this.dataToImport, (domainToImport, index) => {
let existingClient = _.find(this.requiredFromFile.clients, {id: domainToImport.client_id.toString()});
// CASE: client is in file, look if it was imported or updated
if (existingClient) {
existingClient = _.find(this.requiredImportedData.clients, {slug: existingClient.slug});
if (existingClient) {
this.dataToImport[index].client_id = existingClient.id;
}
} else {
existingClient = _.find(this.requiredExistingData.clients, {id: domainToImport.client_id.toString()});
if (!existingClient) {
this.dataToImport[index].client_id = randomClientId;
}
}
});
return super.replaceIdentifiers(modelOptions, importOptions);
}
generateIdentifier() {
this.stripProperties(['id']);
return Promise.resolve();
}
doImport(options, importOptions = {}) {
debug('doImport', this.dataToImport.length);
if (!importOptions.include || importOptions.include.indexOf(this.dataKeyToImport) === -1) {
return Promise.resolve().reflect();
}
return super.doImport(options, importOptions);
}
}
module.exports = TrustedDomainsImporter;

50
core/server/data/migrations/versions/1.7/1-add-backup-client.js
View file

@ -1,48 +1,10 @@
const models = require('../../../../models'),
common = require('../../../../lib/common'),
fixtures = require('../../../schema/fixtures'),
_ = require('lodash'),
backupClient = fixtures.utils.findModelFixtureEntry('Client', {slug: 'ghost-backup'}),
Promise = require('bluebird'),
message = 'Adding "Ghost Backup" fixture into clients table',
message1 = 'Removing "Ghost Backup" fixture into clients table';
const Promise = require('bluebird');
module.exports.config = {
transaction: true
// NB: clients and client_trusted_domains were removed in 3.0 so the fixtures previously used here no longer exist
module.exports.up = function addGhostBackupClient() {
return Promise.resolve();
};
module.exports.up = function addGhostBackupClient(options) {
var localOptions = _.merge({
context: {internal: true}
}, options);
return models.Client
.findOne({slug: backupClient.slug}, localOptions)
.then(function (client) {
if (!client) {
common.logging.info(message);
return fixtures.utils.addFixturesForModel({name: 'Client', entries: [backupClient]}, localOptions);
} else {
common.logging.warn(message);
return Promise.resolve();
}
});
};
module.exports.down = function removeGhostBackupClient(options) {
var localOptions = _.merge({
context: {internal: true}
}, options);
return models.Client
.findOne({slug: backupClient.slug}, localOptions)
.then(function (client) {
if (client) {
common.logging.info(message1);
return fixtures.utils.removeFixturesForModel({name: 'Client', entries: [backupClient]}, localOptions);
} else {
common.logging.warn(message1);
return Promise.resolve();
}
});
module.exports.down = function removeGhostBackupClient() {
return Promise.resolve();
};

57
core/server/data/schema/fixtures/fixtures.json
View file

@ -13,33 +13,6 @@
}
]
},
{
"name": "Client",
"entries": [
{
"name": "Ghost Admin",
"slug": "ghost-admin",
"status": "enabled"
},
{
"name": "Ghost Frontend",
"slug": "ghost-frontend",
"status": "enabled"
},
{
"name": "Ghost Scheduler",
"slug": "ghost-scheduler",
"status": "enabled",
"type": "web"
},
{
"name": "Ghost Backup",
"slug": "ghost-backup",
"status": "enabled",
"type": "web"
}
]
},
{
"name": "Role",
"entries": [
@ -250,31 +223,6 @@
"action_type": "browse",
"object_type": "role"
},
{
"name": "Browse clients",
"action_type": "browse",
"object_type": "client"
},
{
"name": "Read clients",
"action_type": "read",
"object_type": "client"
},
{
"name": "Edit clients",
"action_type": "edit",
"object_type": "client"
},
{
"name": "Add clients",
"action_type": "add",
"object_type": "client"
},
{
"name": "Delete clients",
"action_type": "destroy",
"object_type": "client"
},
{
"name": "Browse subscribers",
"action_type": "browse",
@ -627,7 +575,6 @@
"theme": "all",
"user": "all",
"role": "all",
"client": "all",
"subscriber": "all",
"invite": "all",
"redirect": "all",
@ -653,7 +600,6 @@
"theme": "all",
"user": "all",
"role": "all",
"client": "all",
"subscriber": "all",
"invite": "all",
"redirect": "all",
@ -669,7 +615,6 @@
"tag": "all",
"user": "all",
"role": "all",
"client": "all",
"subscriber": ["add"],
"invite": "all",
"theme": ["browse"]
@ -681,7 +626,6 @@
"tag": ["browse", "read", "add"],
"user": ["browse", "read"],
"role": ["browse"],
"client": "all",
"subscriber": ["add"],
"theme": ["browse"]
},
@ -692,7 +636,6 @@
"tag": ["browse", "read"],
"user": ["browse", "read"],
"role": ["browse"],
"client": "all",
"subscriber": ["add"],
"theme": ["browse"]
}

31
core/server/data/schema/schema.js
View file

@ -215,40 +215,10 @@ module.exports = {
updated_at: {type: 'dateTime', nullable: true},
updated_by: {type: 'string', maxlength: 24, nullable: true}
},
clients: {
id: {type: 'string', maxlength: 24, nullable: false, primary: true},
uuid: {type: 'string', maxlength: 36, nullable: false},
name: {type: 'string', maxlength: 50, nullable: false, unique: true},
slug: {type: 'string', maxlength: 50, nullable: false, unique: true},
secret: {type: 'string', maxlength: 191, nullable: false},
redirection_uri: {type: 'string', maxlength: 2000, nullable: true},
client_uri: {type: 'string', maxlength: 2000, nullable: true},
auth_uri: {type: 'string', maxlength: 2000, nullable: true},
logo: {type: 'string', maxlength: 2000, nullable: true},
status: {type: 'string', maxlength: 50, nullable: false, defaultTo: 'development'},
type: {
type: 'string',
maxlength: 50,
nullable: false,
defaultTo: 'ua',
validations: {isIn: [['ua', 'web', 'native']]}
},
description: {type: 'string', maxlength: 2000, nullable: true},
created_at: {type: 'dateTime', nullable: false},
created_by: {type: 'string', maxlength: 24, nullable: false},
updated_at: {type: 'dateTime', nullable: true},
updated_by: {type: 'string', maxlength: 24, nullable: true}
},
client_trusted_domains: {
id: {type: 'string', maxlength: 24, nullable: false, primary: true},
client_id: {type: 'string', maxlength: 24, nullable: false, references: 'clients.id'},
trusted_domain: {type: 'string', maxlength: 2000, nullable: true}
},
accesstokens: {
id: {type: 'string', maxlength: 24, nullable: false, primary: true},
token: {type: 'string', maxlength: 191, nullable: false, unique: true},
user_id: {type: 'string', maxlength: 24, nullable: false, references: 'users.id'},
client_id: {type: 'string', maxlength: 24, nullable: false, references: 'clients.id'},
issued_by: {type: 'string', maxlength: 24, nullable: true},
expires: {type: 'bigInteger', nullable: false}
},
@ -256,7 +226,6 @@ module.exports = {
id: {type: 'string', maxlength: 24, nullable: false, primary: true},
token: {type: 'string', maxlength: 191, nullable: false, unique: true},
user_id: {type: 'string', maxlength: 24, nullable: false, references: 'users.id'},
client_id: {type: 'string', maxlength: 24, nullable: false, references: 'clients.id'},
expires: {type: 'bigInteger', nullable: false}
},
subscribers: {

17
core/server/models/client-trusted-domain.js
View file

@ -1,17 +0,0 @@
var ghostBookshelf = require('./base'),
ClientTrustedDomain,
ClientTrustedDomains;
ClientTrustedDomain = ghostBookshelf.Model.extend({
tableName: 'client_trusted_domains'
});
ClientTrustedDomains = ghostBookshelf.Collection.extend({
model: ClientTrustedDomain
});
module.exports = {
ClientTrustedDomain: ghostBookshelf.model('ClientTrustedDomain', ClientTrustedDomain),
ClientTrustedDomains: ghostBookshelf.collection('ClientTrustedDomains', ClientTrustedDomains)
};

58
core/server/models/client.js
View file

@ -1,58 +0,0 @@
var crypto = require('crypto'),
uuid = require('uuid'),
ghostBookshelf = require('./base'),
config = require('../config'),
Client,
Clients;
Client = ghostBookshelf.Model.extend({
tableName: 'clients',
defaults: function defaults() {
// @TODO: we cannot delete this ugly check here, because ALL routing tests rely on a static client secret
var env = config.get('env'),
secret = env.indexOf('testing') !== 0 ? crypto.randomBytes(6).toString('hex') : 'not_available';
return {
uuid: uuid.v4(),
secret: secret,
status: 'development',
type: 'ua'
};
},
trustedDomains: function trustedDomains() {
return this.hasMany('ClientTrustedDomain', 'client_id');
}
}, {
/**
* Returns an array of keys permitted in a method's `options` hash, depending on the current method.
* @param {String} methodName The name of the method to check valid options for.
* @return {Array} Keys allowed in the `options` hash of the model's method.
*/
permittedOptions: function permittedOptions(methodName) {
var options = ghostBookshelf.Model.permittedOptions.call(this, methodName),
// whitelists for the `options` hash argument on methods, by method name.
// these are the only options that can be passed to Bookshelf / Knex.
validOptions = {
findOne: ['columns', 'withRelated']
};
if (validOptions[methodName]) {
options = options.concat(validOptions[methodName]);
}
return options;
}
});
Clients = ghostBookshelf.Collection.extend({
model: Client
});
module.exports = {
Client: ghostBookshelf.model('Client', Client),
Clients: ghostBookshelf.collection('Clients', Clients)
};

2
core/server/models/index.js
View file

@ -19,8 +19,6 @@ models = [
'app-field',
'app-setting',
'app',
'client-trusted-domain',
'client',
'permission',
'post',
'refreshtoken',

6
core/server/translations/en.json
View file

@ -26,9 +26,6 @@
"invitedByName": "{invitedByName} has invited you to join {blogName}"
}
},
"clients": {
"clientNotFound": "Client not found"
},
"actions": {
"images": {
"upload": "upload image"
@ -318,9 +315,6 @@
"invalidTokenProvided": "Invalid token provided",
"tokenRevocationFailed": "Token revocation failed"
},
"clients": {
"clientNotFound": "Client not found."
},
"configuration": {
"invalidKey": "Invalid key"
},

7
core/server/web/shared/middlewares/api/cors.js
View file

@ -1,7 +1,6 @@
const cors = require('cors');
const url = require('url');
const os = require('os');
const some = require('lodash/some');
const urlUtils = require('../../../../lib/url-utils');
let whitelist = [];
@ -66,18 +65,12 @@ function getWhitelist() {
*/
function handleCORS(req, cb) {
const origin = req.get('origin');
const trustedDomains = req.client && req.client.trustedDomains;
// Request must have an Origin header
if (!origin) {
return cb(null, DISABLE_CORS);
}
// Origin matches a client_trusted_domain
if (some(trustedDomains, {trusted_domain: origin})) {
return cb(null, ENABLE_CORS);
}
// Origin matches whitelist
if (getWhitelist().indexOf(url.parse(origin).hostname) > -1) {
return cb(null, ENABLE_CORS);

8
core/test/acceptance/old/admin/db_spec.js
View file

@ -25,14 +25,6 @@ describe('DB API', function () {
})
.then(() => {
return localUtils.doAuth(request);
})
.then(() => {
return models.Client.findAll();
})
.then((result) => {
const clients = result.toJSON();
backupClient = _.find(clients, {slug: 'ghost-backup'});
schedulerClient = _.find(clients, {slug: 'ghost-scheduler'});
});
});

3
core/test/regression/api/canary/admin/db_spec.js
View file

@ -50,7 +50,8 @@ describe('DB API', function () {
sinon.restore();
});
it('can export the database with more tables', function () {
// SKIPPED: we no longer have the "extra" clients and client_trusted_domains tables
it.skip('can export the database with more tables', function () {
return request.get(localUtils.API.getApiQuery('db/?include=clients,client_trusted_domains'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)

20
core/test/regression/api/canary/admin/redirects_spec.js
View file

@ -20,7 +20,7 @@ describe('Redirects API', function () {
request = supertest.agent(config.get('url'));
})
.then(() => {
return localUtils.doAuth(request, 'client:trusted-domain');
return localUtils.doAuth(request);
})
.then(() => {
originalContentPath = configUtils.config.get('paths:contentPath');
@ -37,7 +37,7 @@ describe('Redirects API', function () {
configUtils.set('paths:contentPath', path.join(__dirname, '../../../utils/fixtures/data'));
return request
.get(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.get(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.expect(200)
.then((res) => {
@ -52,7 +52,7 @@ describe('Redirects API', function () {
it('file exists', function () {
return request
.get(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.get(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /application\/json/)
.expect('Content-Disposition', 'Attachment; filename="redirects.json"')
@ -74,7 +74,7 @@ describe('Redirects API', function () {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), 'something');
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -88,7 +88,7 @@ describe('Redirects API', function () {
}));
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -99,7 +99,7 @@ describe('Redirects API', function () {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify([{to: 'd'}]));
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -114,7 +114,7 @@ describe('Redirects API', function () {
request = supertest.agent(config.get('url'));
})
.then(() => {
return localUtils.doAuth(request, 'client:trusted-domain');
return localUtils.doAuth(request);
});
};
@ -134,7 +134,7 @@ describe('Redirects API', function () {
})
.then(() => {
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects-init.json'))
.expect('Content-Type', /application\/json/)
@ -175,7 +175,7 @@ describe('Redirects API', function () {
.then(() => {
// Override redirects file
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -215,7 +215,7 @@ describe('Redirects API', function () {
.then(() => {
// Override redirects file again and ensure the backup file works twice
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects-something.json'))
.expect('Content-Type', /application\/json/)

3
core/test/regression/api/v2/admin/db_spec.js
View file

@ -50,7 +50,8 @@ describe('DB API', function () {
sinon.restore();
});
it('can export the database with more tables', function () {
// SKIPPED: we no longer have the "extra" clients and client_trusted_domains tables
it.skip('can export the database with more tables', function () {
return request.get(localUtils.API.getApiQuery('db/?include=clients,client_trusted_domains'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)

20
core/test/regression/api/v2/admin/redirects_spec.js
View file

@ -20,7 +20,7 @@ describe('Redirects API', function () {
request = supertest.agent(config.get('url'));
})
.then(() => {
return localUtils.doAuth(request, 'client:trusted-domain');
return localUtils.doAuth(request);
})
.then(() => {
originalContentPath = configUtils.config.get('paths:contentPath');
@ -37,7 +37,7 @@ describe('Redirects API', function () {
configUtils.set('paths:contentPath', path.join(__dirname, '../../../utils/fixtures/data'));
return request
.get(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.get(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.expect(200)
.then((res) => {
@ -52,7 +52,7 @@ describe('Redirects API', function () {
it('file exists', function () {
return request
.get(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.get(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /application\/json/)
.expect('Content-Disposition', 'Attachment; filename="redirects.json"')
@ -74,7 +74,7 @@ describe('Redirects API', function () {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), 'something');
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -88,7 +88,7 @@ describe('Redirects API', function () {
}));
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -99,7 +99,7 @@ describe('Redirects API', function () {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify([{to: 'd'}]));
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -114,7 +114,7 @@ describe('Redirects API', function () {
request = supertest.agent(config.get('url'));
})
.then(() => {
return localUtils.doAuth(request, 'client:trusted-domain');
return localUtils.doAuth(request);
});
};
@ -134,7 +134,7 @@ describe('Redirects API', function () {
})
.then(() => {
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects-init.json'))
.expect('Content-Type', /application\/json/)
@ -175,7 +175,7 @@ describe('Redirects API', function () {
.then(() => {
// Override redirects file
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -215,7 +215,7 @@ describe('Redirects API', function () {
.then(() => {
// Override redirects file again and ensure the backup file works twice
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects-something.json'))
.expect('Content-Type', /application\/json/)

3
core/test/regression/api/v3/admin/db_spec.js
View file

@ -50,7 +50,8 @@ describe('DB API', function () {
sinon.restore();
});
it('can export the database with more tables', function () {
// SKIPPED: we no longer have the "extra" clients and client_trusted_domains tables
it.skip('can export the database with more tables', function () {
return request.get(localUtils.API.getApiQuery('db/?include=clients,client_trusted_domains'))
.set('Origin', config.get('url'))
.expect('Content-Type', /json/)

20
core/test/regression/api/v3/admin/redirects_spec.js
View file

@ -20,7 +20,7 @@ describe('Redirects API', function () {
request = supertest.agent(config.get('url'));
})
.then(() => {
return localUtils.doAuth(request, 'client:trusted-domain');
return localUtils.doAuth(request);
})
.then(() => {
originalContentPath = configUtils.config.get('paths:contentPath');
@ -37,7 +37,7 @@ describe('Redirects API', function () {
configUtils.set('paths:contentPath', path.join(__dirname, '../../../utils/fixtures/data'));
return request
.get(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.get(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.expect(200)
.then((res) => {
@ -52,7 +52,7 @@ describe('Redirects API', function () {
it('file exists', function () {
return request
.get(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.get(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.expect('Content-Type', /application\/json/)
.expect('Content-Disposition', 'Attachment; filename="redirects.json"')
@ -74,7 +74,7 @@ describe('Redirects API', function () {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), 'something');
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -88,7 +88,7 @@ describe('Redirects API', function () {
}));
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -99,7 +99,7 @@ describe('Redirects API', function () {
fs.writeFileSync(path.join(config.get('paths:contentPath'), 'redirects.json'), JSON.stringify([{to: 'd'}]));
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -114,7 +114,7 @@ describe('Redirects API', function () {
request = supertest.agent(config.get('url'));
})
.then(() => {
return localUtils.doAuth(request, 'client:trusted-domain');
return localUtils.doAuth(request);
});
};
@ -134,7 +134,7 @@ describe('Redirects API', function () {
})
.then(() => {
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects-init.json'))
.expect('Content-Type', /application\/json/)
@ -175,7 +175,7 @@ describe('Redirects API', function () {
.then(() => {
// Override redirects file
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects.json'))
.expect('Content-Type', /application\/json/)
@ -215,7 +215,7 @@ describe('Redirects API', function () {
.then(() => {
// Override redirects file again and ensure the backup file works twice
return request
.post(localUtils.API.getApiQuery('redirects/json/?client_id=ghost-admin&client_secret=not_available'))
.post(localUtils.API.getApiQuery('redirects/json/'))
.set('Origin', config.get('url'))
.attach('redirects', path.join(config.get('paths:contentPath'), 'redirects-something.json'))
.expect('Content-Type', /application\/json/)

98
core/test/regression/importer/importer_spec.js
View file

@ -1024,34 +1024,6 @@ describe('Integration: Importer', function () {
});
});
it('skips importing clients, trusted domains by default', function () {
const exportData = exportedLatestBody().db[0];
exportData.data.clients = [];
exportData.data.clients[0] = testUtils.DataGenerator.forKnex.createClient({
slug: 'ghost-something',
secret: '678910'
});
exportData.data.client_trusted_domains = [];
exportData.data.client_trusted_domains[0] = testUtils.DataGenerator.forKnex.createTrustedDomain({
trusted_domain: 'https://test.com'
});
return dataImporter.doImport(exportData, importOptions)
.then(function () {
return models.Client.findOne({slug: 'ghost-something'}, testUtils.context.internal);
})
.then(function (model) {
should.not.exist(model);
return models.ClientTrustedDomain.findOne({trusted_domain: 'https://test.com'}, testUtils.context.internal);
})
.then(function (model) {
should.not.exist(model);
});
});
it('ensure authors are imported correctly', function () {
const exportData = exportedLatestBody().db[0];
@ -1206,9 +1178,9 @@ describe('Integration: Importer', function () {
describe('Existing database', function () {
beforeEach(testUtils.teardown);
beforeEach(testUtils.setup('users:roles', 'posts', 'settings', 'clients', 'client:trusted-domain'));
beforeEach(testUtils.setup('users:roles', 'posts', 'settings'));
it('import multiple users, tags, posts, clients', function () {
it('import multiple users, tags, posts', function () {
const exportData = exportedLatestBody().db[0];
exportData.data.users[0] = testUtils.DataGenerator.forKnex.createUser({
@ -1285,38 +1257,7 @@ describe('Integration: Importer', function () {
updated_by: exportData.data.users[2].id
});
exportData.data.clients = [];
// override ghost-frontend
exportData.data.clients[0] = testUtils.DataGenerator.forKnex.createClient({
slug: 'ghost-frontend',
secret: '678910'
});
// add new client
exportData.data.clients[1] = testUtils.DataGenerator.forKnex.createClient({
slug: 'ghost-new',
secret: '88888',
name: 'Ghost New'
});
exportData.data.client_trusted_domains = [];
exportData.data.client_trusted_domains[0] = testUtils.DataGenerator.forKnex.createTrustedDomain({
trusted_domain: 'https://test.com'
});
exportData.data.client_trusted_domains[1] = testUtils.DataGenerator.forKnex.createTrustedDomain({
client_id: ObjectId.generate(),
trusted_domain: 'https://example.com'
});
exportData.data.client_trusted_domains[2] = testUtils.DataGenerator.forKnex.createTrustedDomain({
client_id: exportData.data.clients[1].id,
trusted_domain: 'https://world.com'
});
const clonedImportOptions = _.cloneDeep(importOptions);
clonedImportOptions.include = ['clients', 'client_trusted_domains'];
const postOptions = Object.assign({withRelated: ['tags']}, testUtils.context.internal);
const tagOptions = Object.assign({order: 'slug ASC'}, testUtils.context.internal);
@ -1327,50 +1268,17 @@ describe('Integration: Importer', function () {
return Promise.all([
models.Post.findPage(postOptions),
models.Tag.findPage(tagOptions),
models.User.findPage(userOptions),
models.Client.findAll(testUtils.context.internal),
models.ClientTrustedDomain.findAll(testUtils.context.internal)
models.User.findPage(userOptions)
]);
}).then(function (result) {
const posts = result[0].data.map(model => model.toJSON(postOptions));
const tags = result[1].data.map(model => model.toJSON(tagOptions));
const users = result[2].data.map(model => model.toJSON(userOptions));
let clients = result[3];
let trustedDomains = result[4];
posts.length.should.equal(exportData.data.posts.length + testUtils.DataGenerator.Content.posts.length, 'Wrong number of posts');
tags.length.should.equal(exportData.data.tags.length + testUtils.DataGenerator.Content.tags.length, 'Wrong number of tags');
// the test env only inserts the user defined in the `forKnex` array
users.length.should.equal(exportData.data.users.length + testUtils.DataGenerator.forKnex.users.length, 'Wrong number of users');
clients.models.length.should.eql(7);
clients = clients.toJSON();
const clientSlugs = _.map(clients, 'slug');
clientSlugs.should.containEql('ghost-scheduler');
clientSlugs.should.containEql('ghost-admin');
clientSlugs.should.containEql('ghost-backup');
clientSlugs.should.containEql('ghost-auth');
clientSlugs.should.containEql('ghost-frontend');
clientSlugs.should.containEql('ghost-new');
clientSlugs.should.containEql('ghost-test');
_.find(clients, {slug: 'ghost-frontend'}).secret.should.eql('678910');
_.find(clients, {slug: 'ghost-new'}).secret.should.eql('88888');
trustedDomains.models.length.should.eql(3);
trustedDomains = trustedDomains.toJSON();
_.map(trustedDomains, 'trusted_domain').should.eql([
'https://example.com',
'https://test.com',
'https://world.com'
]);
_.find(trustedDomains, {trusted_domain: 'https://test.com'}).client_id.should.eql(testUtils.DataGenerator.forKnex.clients[0].id);
_.find(trustedDomains, {trusted_domain: 'https://example.com'}).client_id.should.eql(_.find(clients, {slug: 'ghost-test'}).id);
_.find(trustedDomains, {trusted_domain: 'https://world.com'}).client_id.should.eql(_.find(clients, {slug: 'ghost-new'}).id);
});
});
});

145
core/test/regression/migrations/migration_spec.js
View file

@ -121,98 +121,86 @@ describe('Database Migration (special functions)', function () {
permissions[33].name.should.eql('Browse roles');
permissions[33].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
// Clients
permissions[34].name.should.eql('Browse clients');
permissions[34].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
permissions[35].name.should.eql('Read clients');
permissions[35].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
permissions[36].name.should.eql('Edit clients');
permissions[36].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
permissions[37].name.should.eql('Add clients');
permissions[37].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
permissions[38].name.should.eql('Delete clients');
permissions[38].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
// Subscribers
permissions[39].name.should.eql('Browse subscribers');
permissions[39].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[40].name.should.eql('Read subscribers');
permissions[40].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[41].name.should.eql('Edit subscribers');
permissions[41].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[42].name.should.eql('Add subscribers');
permissions[42].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
permissions[43].name.should.eql('Delete subscribers');
permissions[43].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[34].name.should.eql('Browse subscribers');
permissions[34].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[35].name.should.eql('Read subscribers');
permissions[35].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[36].name.should.eql('Edit subscribers');
permissions[36].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[37].name.should.eql('Add subscribers');
permissions[37].should.be.AssignedToRoles(['Administrator', 'Editor', 'Author', 'Contributor', 'Admin Integration']);
permissions[38].name.should.eql('Delete subscribers');
permissions[38].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
// Invites
permissions[44].name.should.eql('Browse invites');
permissions[44].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[45].name.should.eql('Read invites');
permissions[45].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[46].name.should.eql('Edit invites');
permissions[46].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[47].name.should.eql('Add invites');
permissions[47].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[48].name.should.eql('Delete invites');
permissions[48].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[39].name.should.eql('Browse invites');
permissions[39].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[40].name.should.eql('Read invites');
permissions[40].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[41].name.should.eql('Edit invites');
permissions[41].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[42].name.should.eql('Add invites');
permissions[42].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
permissions[43].name.should.eql('Delete invites');
permissions[43].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration']);
// Redirects
permissions[49].name.should.eql('Download redirects');
permissions[49].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[50].name.should.eql('Upload redirects');
permissions[50].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[44].name.should.eql('Download redirects');
permissions[44].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[45].name.should.eql('Upload redirects');
permissions[45].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
// Webhooks
permissions[51].name.should.eql('Add webhooks');
permissions[51].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[52].name.should.eql('Edit webhooks');
permissions[52].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[53].name.should.eql('Delete webhooks');
permissions[53].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[46].name.should.eql('Add webhooks');
permissions[46].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[47].name.should.eql('Edit webhooks');
permissions[47].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[48].name.should.eql('Delete webhooks');
permissions[48].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
// Integrations
permissions[54].name.should.eql('Browse integrations');
permissions[54].should.be.AssignedToRoles(['Administrator']);
permissions[55].name.should.eql('Read integrations');
permissions[55].should.be.AssignedToRoles(['Administrator']);
permissions[56].name.should.eql('Edit integrations');
permissions[56].should.be.AssignedToRoles(['Administrator']);
permissions[57].name.should.eql('Add integrations');
permissions[57].should.be.AssignedToRoles(['Administrator']);
permissions[58].name.should.eql('Delete integrations');
permissions[58].should.be.AssignedToRoles(['Administrator']);
permissions[49].name.should.eql('Browse integrations');
permissions[49].should.be.AssignedToRoles(['Administrator']);
permissions[50].name.should.eql('Read integrations');
permissions[50].should.be.AssignedToRoles(['Administrator']);
permissions[51].name.should.eql('Edit integrations');
permissions[51].should.be.AssignedToRoles(['Administrator']);
permissions[52].name.should.eql('Add integrations');
permissions[52].should.be.AssignedToRoles(['Administrator']);
permissions[53].name.should.eql('Delete integrations');
permissions[53].should.be.AssignedToRoles(['Administrator']);
// API Keys
permissions[59].name.should.eql('Browse API keys');
permissions[59].should.be.AssignedToRoles(['Administrator']);
permissions[60].name.should.eql('Read API keys');
permissions[60].should.be.AssignedToRoles(['Administrator']);
permissions[61].name.should.eql('Edit API keys');
permissions[61].should.be.AssignedToRoles(['Administrator']);
permissions[62].name.should.eql('Add API keys');
permissions[62].should.be.AssignedToRoles(['Administrator']);
permissions[63].name.should.eql('Delete API keys');
permissions[63].should.be.AssignedToRoles(['Administrator']);
permissions[54].name.should.eql('Browse API keys');
permissions[54].should.be.AssignedToRoles(['Administrator']);
permissions[55].name.should.eql('Read API keys');
permissions[55].should.be.AssignedToRoles(['Administrator']);
permissions[56].name.should.eql('Edit API keys');
permissions[56].should.be.AssignedToRoles(['Administrator']);
permissions[57].name.should.eql('Add API keys');
permissions[57].should.be.AssignedToRoles(['Administrator']);
permissions[58].name.should.eql('Delete API keys');
permissions[58].should.be.AssignedToRoles(['Administrator']);
// Actions
permissions[64].name.should.eql('Browse Actions');
permissions[64].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
permissions[59].name.should.eql('Browse Actions');
permissions[59].should.be.AssignedToRoles(['Administrator', 'Admin Integration']);
// Members
permissions[65].name.should.eql('Browse Members');
permissions[66].name.should.eql('Read Members');
permissions[67].name.should.eql('Edit Members');
permissions[68].name.should.eql('Add Members');
permissions[69].name.should.eql('Delete Members');
permissions[60].name.should.eql('Browse Members');
permissions[61].name.should.eql('Read Members');
permissions[62].name.should.eql('Edit Members');
permissions[63].name.should.eql('Add Members');
permissions[64].name.should.eql('Delete Members');
// Posts
permissions[70].name.should.eql('Publish posts');
permissions[70].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration', 'Scheduler Integration']);
permissions[65].name.should.eql('Publish posts');
permissions[65].should.be.AssignedToRoles(['Administrator', 'Editor', 'Admin Integration', 'Scheduler Integration']);
// DB
permissions[71].name.should.eql('Backup database');
permissions[71].should.be.AssignedToRoles(['Administrator', 'DB Backup Integration']);
permissions[66].name.should.eql('Backup database');
permissions[66].should.be.AssignedToRoles(['Administrator', 'DB Backup Integration']);
});
describe('Populate', function () {
@ -227,7 +215,6 @@ describe('Database Migration (special functions)', function () {
context: {internal: true},
withRelated: ['roles']
}),
clients: Models.Client.findAll(),
roles: Models.Role.findAll(),
permissions: Models.Permission.findAll({withRelated: ['roles']})
};
@ -250,14 +237,6 @@ describe('Database Migration (special functions)', function () {
result.posts.at(0).related('tags').length.should.eql(1);
result.posts.at(0).related('tags').at(0).get('name').should.eql('Getting Started');
// Clients
should.exist(result.clients);
result.clients.length.should.eql(4);
result.clients.at(0).get('name').should.eql('Ghost Admin');
result.clients.at(1).get('name').should.eql('Ghost Frontend');
result.clients.at(2).get('name').should.eql('Ghost Scheduler');
result.clients.at(3).get('name').should.eql('Ghost Backup');
// User (Owner)
should.exist(result.users);
result.users.length.should.eql(1);
@ -279,7 +258,7 @@ describe('Database Migration (special functions)', function () {
result.roles.at(7).get('name').should.eql('Scheduler Integration');
// Permissions
result.permissions.length.should.eql(72);
result.permissions.length.should.eql(67);
result.permissions.toJSON().should.be.CompletePermissions();
});
});

5
core/test/unit/data/exporter/index_spec.js
View file

@ -77,8 +77,6 @@ describe('Exporter', function () {
knexMock.getCall(13).args[0].should.eql('app_settings');
knexMock.getCall(14).args[0].should.eql('app_fields');
knexMock.calledWith('clients').should.be.false();
knexMock.calledWith('client_trusted_domains').should.be.false();
knexMock.calledWith('refreshtokens').should.be.false();
knexMock.calledWith('accesstokens').should.be.false();
@ -86,7 +84,8 @@ describe('Exporter', function () {
}).catch(done);
});
it('should try to export all the correct tables with extra tables', function (done) {
// SKIPPED: the "extra" clients and client_trusted_domains tables no longer exist
it.skip('should try to export all the correct tables with extra tables', function (done) {
// Setup for success
queryMock.select.returns(new Promise.resolve({}));

28
core/test/unit/data/schema/fixtures/utils_spec.js
View file

@ -101,7 +101,7 @@ describe('Migration Fixture Utils', function () {
var postOneStub = sinon.stub(models.Post, 'findOne').returns(Promise.resolve()),
postAddStub = sinon.stub(models.Post, 'add').returns(Promise.resolve({}));
fixtureUtils.addFixturesForModel(fixtures.models[5]).then(function (result) {
fixtureUtils.addFixturesForModel(fixtures.models[4]).then(function (result) {
should.exist(result);
result.should.be.an.Object();
result.should.have.property('expected', 7);
@ -118,7 +118,7 @@ describe('Migration Fixture Utils', function () {
var postOneStub = sinon.stub(models.Post, 'findOne').returns(Promise.resolve({})),
postAddStub = sinon.stub(models.Post, 'add').returns(Promise.resolve({}));
fixtureUtils.addFixturesForModel(fixtures.models[5]).then(function (result) {
fixtureUtils.addFixturesForModel(fixtures.models[4]).then(function (result) {
should.exist(result);
result.should.be.an.Object();
result.should.have.property('expected', 7);
@ -150,19 +150,19 @@ describe('Migration Fixture Utils', function () {
fixtureUtils.addFixturesForRelation(fixtures.relations[0]).then(function (result) {
should.exist(result);
result.should.be.an.Object();
result.should.have.property('expected', 66);
result.should.have.property('done', 66);
result.should.have.property('expected', 61);
result.should.have.property('done', 61);
// Permissions & Roles
permsAllStub.calledOnce.should.be.true();
rolesAllStub.calledOnce.should.be.true();
dataMethodStub.filter.callCount.should.eql(66);
dataMethodStub.filter.callCount.should.eql(61);
dataMethodStub.find.callCount.should.eql(7);
baseUtilAttachStub.callCount.should.eql(66);
baseUtilAttachStub.callCount.should.eql(61);
fromItem.related.callCount.should.eql(66);
fromItem.findWhere.callCount.should.eql(66);
toItem[0].get.callCount.should.eql(132);
fromItem.related.callCount.should.eql(61);
fromItem.findWhere.callCount.should.eql(61);
toItem[0].get.callCount.should.eql(122);
done();
}).catch(done);
@ -244,12 +244,14 @@ describe('Migration Fixture Utils', function () {
describe('findModelFixtureEntry', function () {
it('should fetch a single fixture entry', function () {
var foundFixture = fixtureUtils.findModelFixtureEntry('Client', {slug: 'ghost-admin'});
var foundFixture = fixtureUtils.findModelFixtureEntry('Integration', {slug: 'zapier'});
foundFixture.should.be.an.Object();
foundFixture.should.eql({
name: 'Ghost Admin',
slug: 'ghost-admin',
status: 'enabled'
slug: 'zapier',
name: 'Zapier',
description: 'Built-in Zapier integration',
type: 'builtin',
api_keys: [{type: 'admin'}]
});
});
});

4
core/test/unit/data/schema/integrity_spec.js
View file

@ -19,8 +19,8 @@ var should = require('should'),
*/
describe('DB version integrity', function () {
// Only these variables should need updating
const currentSchemaHash = 'ca66b8548e520731f23be1493f9d560e';
const currentFixturesHash = 'c7b485fe2f16517295bd35c761129729';
const currentSchemaHash = 'b62a14bdddc43af7e36e304792e472b5';
const currentFixturesHash = '4e08bb27bf16338b6eebad1f92a247d1';
// If this test is failing, then it is likely a change has been made that requires a DB version bump,
// and the values above will need updating as confirmation

55
core/test/unit/web/middleware/api/cors_spec.js
View file

@ -12,9 +12,7 @@ describe('cors', function () {
headers: {
origin: null
},
client: {
trustedDomains: []
}
client: {}
};
res = {
@ -75,58 +73,9 @@ describe('cors', function () {
done();
});
it('should be enabled when origin is a client_trusted_domain', function (done) {
var origin = 'http://my-trusted-domain.com';
req.client.trustedDomains.push({trusted_domain: origin});
req.get = sinon.stub().withArgs('origin').returns(origin);
res.get = sinon.stub().withArgs('origin').returns(origin);
req.headers.origin = origin;
cors(req, res, next);
next.called.should.be.true();
res.headers['Access-Control-Allow-Origin'].should.equal(origin);
done();
});
it('should be enabled when there are multiple trusted domains', function (done) {
var origin = 'http://my-other-trusted-domain.com';
req.client.trustedDomains.push({trusted_domain: origin});
req.client.trustedDomains.push({trusted_domain: 'http://my-trusted-domain.com'});
req.get = sinon.stub().withArgs('origin').returns(origin);
res.get = sinon.stub().withArgs('origin').returns(origin);
req.headers.origin = origin;
cors(req, res, next);
next.called.should.be.true();
res.headers['Access-Control-Allow-Origin'].should.equal(origin);
done();
});
it('should not be enabled the origin is not trusted or whitelisted', function (done) {
it('should not be enabled the if origin is not whitelisted', function (done) {
var origin = 'http://not-trusted.com';
req.client.trustedDomains.push({trusted_domain: 'http://example.com'});
req.get = sinon.stub().withArgs('origin').returns(origin);
res.get = sinon.stub().withArgs('origin').returns(origin);
req.headers.origin = origin;
cors(req, res, next);
next.called.should.be.true();
should.not.exist(res.headers['Access-Control-Allow-Origin']);
done();
});
it('should not be enabled the origin client_trusted_domains is empty', function (done) {
var origin = 'http://example.com';
req.get = sinon.stub().withArgs('origin').returns(origin);
res.get = sinon.stub().withArgs('origin').returns(origin);
req.headers.origin = origin;

4
core/test/utils/api.js
View file

@ -95,9 +95,7 @@ const login = (request, API_URL) => {
.send({
grant_type: 'password',
username: request.user.email,
password: 'Sl1m3rson99',
client_id: 'ghost-admin',
client_secret: 'not_available'
password: 'Sl1m3rson99'
})
.then(function then(res) {
if (res.statusCode !== 200 && res.statusCode !== 201) {

20
core/test/utils/fixtures/data-generator.js
View file

@ -636,7 +636,6 @@ DataGenerator.forKnex = (function () {
return _.defaults(newObj, {
id: ObjectId.generate(),
token: uuid.v4(),
client_id: clients[0].id,
expires: Date.now() + constants.ONE_DAY_MS
});
}
@ -656,16 +655,6 @@ DataGenerator.forKnex = (function () {
});
}
function createTrustedDomain(overrides) {
var newObj = _.cloneDeep(overrides);
return _.defaults(newObj, {
id: ObjectId.generate(),
client_id: clients[0].id,
trusted_domain: 'https://example.com'
});
}
function createWebhook(overrides) {
var newObj = _.cloneDeep(overrides);
@ -730,13 +719,6 @@ DataGenerator.forKnex = (function () {
createUser(DataGenerator.Content.users[7])
];
const clients = [
createClient({name: 'Ghost Admin', slug: 'ghost-admin', type: 'ua'}),
createClient({name: 'Ghost Scheduler', slug: 'ghost-scheduler', type: 'web'}),
createClient({name: 'Ghost Auth', slug: 'ghost-auth', type: 'web'}),
createClient({name: 'Ghost Backup', slug: 'ghost-backup', type: 'web'})
];
const roles_users = [
{
id: ObjectId.generate(),
@ -921,7 +903,6 @@ DataGenerator.forKnex = (function () {
createToken: createToken,
createSubscriber: createSubscriber,
createInvite: createInvite,
createTrustedDomain: createTrustedDomain,
createWebhook: createWebhook,
createIntegration: createIntegration,
@ -935,7 +916,6 @@ DataGenerator.forKnex = (function () {
roles: roles,
users: users,
roles_users: roles_users,
clients: clients,
webhooks: webhooks,
integrations: integrations,
api_keys: api_keys

55
core/test/utils/fixtures/export/default_export.json
View file

@ -600,61 +600,6 @@
"updated_at": "2019-01-02T11:56:15.000Z",
"updated_by": "1"
},
{
"id": "5c2ca6dfe015a67616182320",
"name": "Browse clients",
"object_type": "client",
"action_type": "browse",
"object_id": null,
"created_at": "2019-01-02T11:56:15.000Z",
"created_by": "1",
"updated_at": "2019-01-02T11:56:15.000Z",
"updated_by": "1"
},
{
"id": "5c2ca6dfe015a67616182321",
"name": "Read clients",
"object_type": "client",
"action_type": "read",
"object_id": null,
"created_at": "2019-01-02T11:56:15.000Z",
"created_by": "1",
"updated_at": "2019-01-02T11:56:15.000Z",
"updated_by": "1"
},
{
"id": "5c2ca6dfe015a67616182322",
"name": "Edit clients",
"object_type": "client",
"action_type": "edit",
"object_id": null,
"created_at": "2019-01-02T11:56:15.000Z",
"created_by": "1",
"updated_at": "2019-01-02T11:56:15.000Z",
"updated_by": "1"
},
{
"id": "5c2ca6dfe015a67616182323",
"name": "Add clients",
"object_type": "client",
"action_type": "add",
"object_id": null,
"created_at": "2019-01-02T11:56:15.000Z",
"created_by": "1",
"updated_at": "2019-01-02T11:56:15.000Z",
"updated_by": "1"
},
{
"id": "5c2ca6dfe015a67616182324",
"name": "Delete clients",
"object_type": "client",
"action_type": "destroy",
"object_id": null,
"created_at": "2019-01-02T11:56:15.000Z",
"created_by": "1",
"updated_at": "2019-01-02T11:56:15.000Z",
"updated_by": "1"
},
{
"id": "5c2ca6dfe015a67616182325",
"name": "Browse subscribers",

45
core/test/utils/fixtures/export/export-clients-domains.json
View file

@ -1,45 +0,0 @@
{
"db": [
{
"meta": {
"exported_on": 1504269105806,
"version": "1.25.3"
},
"data": {
"posts": [],
"posts_tags": [],
"tags": [],
"users": [],
"posts_authors": [],
"clients": [
{
"id": "59a952be7d79ed06b0d21127",
"slug": "ghost-something",
"name": "Something",
"secret": "678910"
},
{
"id": "59a952be7d79ed06b0d21128",
"slug": "ghost-frontend",
"name": "Frontend",
"secret": "11111"
}
],
"client_trusted_domains": [
{
"client_id": 1,
"trusted_domain": "https://test.com"
},
{
"client_id": "59a952be7d79ed06b0d21127",
"trusted_domain": "https://example.com"
},
{
"client_id": "59a952be7d79ed06b0d21127",
"trusted_domain": "https://lol.com"
}
]
}
}
]
}

55
core/test/utils/fixtures/export/valid.json
View file

@ -425,61 +425,6 @@
"updated_at": "2017-09-01T12:29:51.000Z",
"updated_by": "1"
},
{
"id": "59a952bf7d79ed06b0d21159",
"name": "Browse clients",
"object_type": "client",
"action_type": "browse",
"object_id": null,
"created_at": "2017-09-01T12:29:51.000Z",
"created_by": "1",
"updated_at": "2017-09-01T12:29:51.000Z",
"updated_by": "1"
},
{
"id": "59a952bf7d79ed06b0d2115a",
"name": "Read clients",
"object_type": "client",
"action_type": "read",
"object_id": null,
"created_at": "2017-09-01T12:29:51.000Z",
"created_by": "1",
"updated_at": "2017-09-01T12:29:51.000Z",
"updated_by": "1"
},
{
"id": "59a952bf7d79ed06b0d2115b",
"name": "Edit clients",
"object_type": "client",
"action_type": "edit",
"object_id": null,
"created_at": "2017-09-01T12:29:51.000Z",
"created_by": "1",
"updated_at": "2017-09-01T12:29:51.000Z",
"updated_by": "1"
},
{
"id": "59a952bf7d79ed06b0d2115c",
"name": "Add clients",
"object_type": "client",
"action_type": "add",
"object_id": null,
"created_at": "2017-09-01T12:29:51.000Z",
"created_by": "1",
"updated_at": "2017-09-01T12:29:51.000Z",
"updated_by": "1"
},
{
"id": "59a952bf7d79ed06b0d2115d",
"name": "Delete clients",
"object_type": "client",
"action_type": "destroy",
"object_id": null,
"created_at": "2017-09-01T12:29:51.000Z",
"created_by": "1",
"updated_at": "2017-09-01T12:29:51.000Z",
"updated_by": "1"
},
{
"id": "59a952bf7d79ed06b0d2115e",
"name": "Browse subscribers",

42
core/test/utils/index.js
View file

@ -355,13 +355,9 @@ fixtures = {
// Creates a client, and access and refresh tokens for user with index or 2 by default
createTokensForUser: function createTokensForUser(index) {
return Promise.map(DataGenerator.forKnex.clients, function (client) {
return models.Client.add(client, module.exports.context.internal);
}).then(function () {
return models.Accesstoken.add(DataGenerator.forKnex.createToken({
user_id: DataGenerator.Content.users[index || 2].id
}), module.exports.context.internal);
}).then(function () {
return models.Accesstoken.add(DataGenerator.forKnex.createToken({
user_id: DataGenerator.Content.users[index || 2].id
}), module.exports.context.internal).then(function () {
return models.Refreshtoken.add(DataGenerator.forKnex.createToken({
user_id: DataGenerator.Content.users[index || 2].id
}), module.exports.context.internal);
@ -456,23 +452,6 @@ fixtures = {
});
},
insertClients: function insertClients() {
return Promise.map(DataGenerator.forKnex.clients, function (client) {
return models.Client.add(client, module.exports.context.internal);
});
},
insertClientWithTrustedDomain: function insertClientWithTrustedDomain() {
const client = DataGenerator.forKnex.createClient({slug: 'ghost-test'});
return models.Client.add(client, module.exports.context.internal)
.then(function () {
return models.ClientTrustedDomain.add(DataGenerator.forKnex.createTrustedDomain({
client_id: client.id
}), module.exports.context.internal);
});
},
insertAccessToken: function insertAccessToken(override) {
return models.Accesstoken.insert(DataGenerator.forKnex.createToken(override), module.exports.context.internal);
},
@ -631,12 +610,6 @@ toDoList = {
perms: function permissionsFor(obj) {
return fixtures.permissionsFor(obj);
},
clients: function insertClients() {
return fixtures.insertClients();
},
'client:trusted-domain': function insertClients() {
return fixtures.insertClientWithTrustedDomain();
},
filter: function createFilterParamFixtures() {
return filterData(DataGenerator);
},
@ -934,10 +907,6 @@ startGhost = function startGhost(options) {
.then((roles) => {
module.exports.existingData.roles = roles.toJSON();
return models.Client.findAll({columns: ['id', 'secret']});
})
.then((clients) => {
module.exports.existingData.clients = clients.toJSON();
return models.User.findAll({columns: ['id', 'email']});
})
.then((users) => {
@ -1011,11 +980,6 @@ startGhost = function startGhost(options) {
.then((roles) => {
module.exports.existingData.roles = roles.toJSON();
return models.Client.findAll({columns: ['id', 'secret']});
})
.then((clients) => {
module.exports.existingData.clients = clients.toJSON();
return models.User.findAll({columns: ['id', 'email']});
})
.then((users) => {