Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
Code Issues Activity

🐛 Moved access to an API property (#11967)

Browse source 
closes #11574

- the current implementation of the access property has it frontend only, and wired up only in one place
- this leaves it only available in a handful of places, e.g. can't use it in a post loop or get helper
- the current implementation also fails logically if the html content of the post is blank

This fix moves the behaviour to the API

- this ensures the field is always available no matter what context you are in
- it also updates the logic to use the same membersHasAccess logic as is used to gate the post, so it's always correct

TODO: should reconsider the location of this code
This commit is contained in:
Hannah Wolfe 2020-06-30 14:46:46 +01:00 committed by GitHub
parent 212e39f772
commit fa91c6c954
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 18 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
core/frontend/services/routing/controllers/entry.js
View file

@ -83,12 +83,6 @@ module.exports = function entryController(req, res, next) {
})); }));
} }
// CASE: Add access property to entry for v3+ api
// @TODO: reconsider the location of this - it's part of members
if (res.locals.apiVersion !== 'v0.1' && res.locals.apiVersion !== 'v2') {
entry.access = !!entry.html;
}
helpers.secure(req, entry); helpers.secure(req, entry);
const renderer = helpers.renderEntry(req, res); const renderer = helpers.renderEntry(req, res);

6
core/server/api/canary/utils/serializers/output/utils/post-gating.js
View file

@ -1,6 +1,7 @@
const membersService = require('../../../../../../services/members'); const membersService = require('../../../../../../services/members');
const labs = require('../../../../../../services/labs'); const labs = require('../../../../../../services/labs');
// @TODO: reconsider the location of this - it's part of members and adds a property to the API
const forPost = (attrs, frame) => { const forPost = (attrs, frame) => {
if (labs.isSet('members')) { if (labs.isSet('members')) {
const memberHasAccess = membersService.contentGating.checkPostAccess(attrs, frame.original.context.member); const memberHasAccess = membersService.contentGating.checkPostAccess(attrs, frame.original.context.member);
@ -12,8 +13,11 @@ const forPost = (attrs, frame) => {
} }
}); });
} }
}
if (!Object.prototype.hasOwnProperty.call(frame.options, 'columns') || (frame.options.columns.includes('access'))) {
attrs.access = memberHasAccess;
}
}
return attrs; return attrs;
}; };

7
test/regression/api/canary/content/posts_spec.js
View file

@ -227,6 +227,7 @@ describe('api/canary/content/posts', function () {
let publicPost; let publicPost;
let membersPost; let membersPost;
let paidPost; let paidPost;
let contentGatingFields = ['access'];
before(function () { before(function () {
// NOTE: ideally this would be set through Admin API request not a stub // NOTE: ideally this would be set through Admin API request not a stub
@ -290,7 +291,7 @@ describe('api/canary/content/posts', function () {
should.exist(jsonResponse.posts); should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0]; const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', null, null); localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
post.slug.should.eql('thou-shalt-not-be-seen'); post.slug.should.eql('thou-shalt-not-be-seen');
post.html.should.eql(''); post.html.should.eql('');
}); });
@ -308,7 +309,7 @@ describe('api/canary/content/posts', function () {
should.exist(jsonResponse.posts); should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0]; const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', null, null); localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
post.slug.should.eql('thou-shalt-be-paid-for'); post.slug.should.eql('thou-shalt-be-paid-for');
post.html.should.eql(''); post.html.should.eql('');
}); });
@ -347,7 +348,7 @@ describe('api/canary/content/posts', function () {
should.exist(jsonResponse.posts); should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts'); localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(14); jsonResponse.posts.should.have.length(14);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post'); localUtils.API.checkResponse(jsonResponse.posts[0], 'post', contentGatingFields, null);
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination'); localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true); _.isBoolean(jsonResponse.posts[0].featured).should.eql(true);

7
test/regression/api/v3/content/posts_spec.js
View file

@ -227,6 +227,7 @@ describe('api/v3/content/posts', function () {
let publicPost; let publicPost;
let membersPost; let membersPost;
let paidPost; let paidPost;
let contentGatingFields = ['access'];
before(function () { before(function () {
// NOTE: ideally this would be set through Admin API request not a stub // NOTE: ideally this would be set through Admin API request not a stub
@ -290,7 +291,7 @@ describe('api/v3/content/posts', function () {
should.exist(jsonResponse.posts); should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0]; const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', null, null); localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
post.slug.should.eql('thou-shalt-not-be-seen'); post.slug.should.eql('thou-shalt-not-be-seen');
post.html.should.eql(''); post.html.should.eql('');
}); });
@ -308,7 +309,7 @@ describe('api/v3/content/posts', function () {
should.exist(jsonResponse.posts); should.exist(jsonResponse.posts);
const post = jsonResponse.posts[0]; const post = jsonResponse.posts[0];
localUtils.API.checkResponse(post, 'post', null, null); localUtils.API.checkResponse(post, 'post', contentGatingFields, null);
post.slug.should.eql('thou-shalt-be-paid-for'); post.slug.should.eql('thou-shalt-be-paid-for');
post.html.should.eql(''); post.html.should.eql('');
}); });
@ -347,7 +348,7 @@ describe('api/v3/content/posts', function () {
should.exist(jsonResponse.posts); should.exist(jsonResponse.posts);
localUtils.API.checkResponse(jsonResponse, 'posts'); localUtils.API.checkResponse(jsonResponse, 'posts');
jsonResponse.posts.should.have.length(14); jsonResponse.posts.should.have.length(14);
localUtils.API.checkResponse(jsonResponse.posts[0], 'post'); localUtils.API.checkResponse(jsonResponse.posts[0], 'post', contentGatingFields, null);
localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination'); localUtils.API.checkResponse(jsonResponse.meta.pagination, 'pagination');
_.isBoolean(jsonResponse.posts[0].featured).should.eql(true); _.isBoolean(jsonResponse.posts[0].featured).should.eql(true);

5
test/unit/api/canary/utils/serializers/output/utils/post-gating_spec.js
View file

@ -32,6 +32,7 @@ describe('Unit: canary/utils/serializers/output/utils/post-gating', function ()
}; };
const frame = { const frame = {
options: {},
original: { original: {
context: {} context: {}
} }
@ -50,6 +51,7 @@ describe('Unit: canary/utils/serializers/output/utils/post-gating', function ()
}; };
const frame = { const frame = {
options: {},
original: { original: {
context: {} context: {}
} }
@ -69,6 +71,7 @@ describe('Unit: canary/utils/serializers/output/utils/post-gating', function ()
}; };
const frame = { const frame = {
options: {},
original: { original: {
context: { context: {
member: {} member: {}
@ -90,6 +93,7 @@ describe('Unit: canary/utils/serializers/output/utils/post-gating', function ()
}; };
const frame = { const frame = {
options: {},
original: { original: {
context: { context: {
member: { member: {
@ -115,6 +119,7 @@ describe('Unit: canary/utils/serializers/output/utils/post-gating', function ()
}; };
const frame = { const frame = {
options: {},
original: { original: {
context: { context: {
member: { member: {