refs #4004, #5614
- added new public permission handling functions to permissions
- added a new util to handle either public permissions or normal permissions
- updated posts, tags and users endpoints to use the new util
- added test coverage for the new code
issue #5409
`notifications.showErrors` was historically used to display multiple error notifications whether from validation errors or responses form the API. This usage needs to be reviewed as inline validations should handle the validation side and we should be displaying alerts for actual errors.
Eventually `notifications.showErrors` should be left unused and therefore removed.
issue #5409
- change persistent/passive notification status to alert/notification
- replace showSuccess/Info/Warn/Error with showNotification/showAlert
- fix and clean up notification/alert components
* ref #5345 and #3801
* creating helper methods for dealing with i18n initialization, polyfill and string+compilation
* initial structure for server-side JSON language file
related issue #5412
- code-injection route was overriding `beforeModel` without calling `super` which meant the redirect handling added in `AuthenticatedRoute` was being skipped
closes#5567
- Fixed an issue with protocol relative URLs in the RSS feed
- Such URLs should be kept as-is and not prefixed with baseUrl
- Added corresponding test to cover this case
closes#5317
- Adds back button to steps 2 and 3
- Prevents user navigating from step 1 to step 3 unless blog has been created
- Prevents user navigating from step 2 to step 3 unless blog has been created
fixes#5564
- adds missing part of `/setup/` url in authentication middleware
- ensures data is passed through from API to model in correct (new) format for password reset
- re-adds missing/incorrectly commented out auth tests, and verifies that reset as far as token validation
refs #2757
- As per this convo: https://ghost.slack.com/archives/ghost/p1436895553007431 the 405 handling in Ghost is acting
as a catch all, rather than only returning when the wrong HTTP method is used for a valid resource.
- Implementing proper 405 with express is a challenge, and therefore we defer doing this work until it is needed
refs #2758
- add a set of default options to utils
- update validation function to only pass through permitted options
- pass permitted options into validate where necessary
- setup basic validation for each known option, and generic validation for the remainder
- change slug to treat 'name' as data, rather than an option
- Incorrect message was shown (Invitation sent instead of Invitation not sent)
- Correct colouring of message (new .description-error class)
- Correctly display lastLogin time
- Add colour classes
refs #5520
- all errors (or just one if property is specified) are cleared before running the checks to make sure that old errors get cleared
- fixed up validators to be slightly more sane as mutually exclusive tests aren't all being checked if one fails
