closes#3468
- added rate limit to deny more than 5 attempt every hour
- updated spam prevention to be configurable
- added config values spamTimeout, ratePeriod, rateAttempts
- added ratePeriod:1 to config.example.js to prevent functional tests
from hitting the rate limit
- commented spam test, I’ll fix it tomorrow
closes#3274
- Ensure that validation errors are always handled by moving them into the
importer
- Ensure that db errors are handled consistently across sqlite and mysql
- Change the errors to be output in a table, with a short failure notification
- Add tests for 003 importing bad files
Closes#3105, Closes#3175
- Removed notification on successful post's `page` status change
- Removed notification on successful post `featured` status change
- Added `closePassive()` notifications on error in the post-settings-menu
- Persistent notifications will close whether their `DELETE` request was
successful or not.
#### Misc
- Added `name` attribute to `post-setting-menu.hbs` inputs to facilitate testing
- Removed `return <Promise>` from action in `PostSettingsMenuController`. Actions should only return `true`
- Toggling `post.featured` won't fire NProgress.
Issue #3160
- Use notifications API to display available update notification.
- Remove update_notification handlebars helper as now both the
check for an available update and the notification handling
is run from the server's admin controller index method.
- Bind the notification's location property to a css class
for styling.
- Refactor Ember notifications to better handle notification
objects. Move responsibility for css class generation onto
the notification component.
- Refactor gh-notifications component to take a location argument
that's used to assign a css class and filter notifications.
closes#3057
- add Notification model
- update injected Notifications object to handle persistent notifications
- load server notifications on setup if logged in otherwise on successful sign-in
- changed all existing notifications.closeAll calls to closePassive
- fixed dismissable/dismissible spelling in server API & tests
- add notifications.closeNotification method so DELETE calls can be made for server-originating notifications
closes#3012
- Inject notification object into router
- Listen to didTransition / observe currentPath to close notifications
- Close notifications on successful save actions
Closes#2976, Closes#3017
- Move logic to signup controller
- Add ValidationEngine mixin to signup controller
- Add signup validator with code from clientold login view
- Add signin validator and integrate into signin controller
- Add validation to forgotten controller
- Switch to button action to support hitting enter in text field to submit
- Clear all notifications in notifications.closeAll
- Modify ValidationEngine.validate to not format errors based on option
- Update casper test for signin to wait for notification before trying
to do another signin
Closes#2988, #2752
Ref #1463, #2984,
# Shortcuts via Keymaster
- Added KeyMaster to bower dependencies. KeyMaster is a minimal keyboard
shortcuts library.
- Added `ShortcutsRouteMixin` for routes that will use shortcuts.
Currently, only routes can have shortcuts. See the extensive comment
at the top of `core/client/mixins/shortcuts-route.js` for a
description of how to implement shortcuts.
## Other Changes
- Injected popover service into ApplicationRoute
- Created `EditorRouteBase` mixin for the `editor.new` and
`editor.edit` routes to mixin.
- `StyleBodyMixin` now calls `this._super()` on `activate` and
`deactivate` to play nicely with other mixins.
## Shortcuts and Stubs implemented
#### Application-Wide
- `'esc':'closePopups'` shortcut **stub** to close popovers,
modals, and notifcations
#### Editor Shortcuts
- `'ctrl+s, command+s': 'save'` note that `command` is the
`meta` key.
- `'ctrl+alt+p': 'publish'`
- `'ctrl+alt+z': 'toggleZenMode'`
Ref #2413
- Remove fixture and use actual API
- Store and send down actual logged in user data
- Refactor isLoggedIn to use computed property on application
- After signin, update user data in dependency container
- Add CSRF to all routes and controllers via initializer
- Update authenticated route to check for user.isLoggedIn
- Add notifications for signin error
- Add notifications.showAPIError helper
- Add plumbing for refreshless signup to doSignUp in admin controller
closes#2419
- Added blur-text-field component, which fires actions on focusOut
- Added utils/date-formatting for moment & date functionality consolidation
- Added functionality to PostsPostController
- Added fixtures: posts/3 & posts/4, posts/slug/test%20title/
- Added Post model saving
- Set posts.post as controller for EditorRoute
- Added PostSettingsMenuView and template
- Added "showErrors" convenience method to notifications