0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-06 22:40:14 -05:00
Commit graph

689 commits

Author SHA1 Message Date
Aileen Nowak
7cd13e6122 🔑 Update Validator to 6.2.1 (#7823)
no issue

Uses new version of [validator](https://github.com/chriso/validator.js) which checks also for in URL embedded script tags.
2017-01-10 13:05:25 +01:00
Greenkeeper
2d0e4ac770 chore(package): update oauth2orize to version 1.7.0 (#7825)
https://greenkeeper.io/
2017-01-09 15:10:16 +01:00
Greenkeeper
0fabbf8a22 chore(package): update mobiledoc-html-renderer to version 0.3.1 (#7720)
https://greenkeeper.io/
2017-01-06 09:19:28 +01:00
Marc Bachmann
353330bb8a chore(package): update uuid to version 3.0.0 (#7742) 2017-01-04 17:10:29 +01:00
Greenkeeper
56062804d1 chore(package): update html-to-text to version 3.0.0 (#7781)
https://greenkeeper.io/
2017-01-04 16:26:50 +01:00
Greenkeeper
abf976c7d8 chore(package): update sinon to version 1.17.7 (#7811)
https://greenkeeper.io/
2017-01-04 15:00:00 +01:00
Greenkeeper
ea341a3de6 chore(package): update lodash to version 4.17.4 (#7814)
https://greenkeeper.io/
2017-01-04 14:50:54 +01:00
Greenkeeper
e40ccada85 chore(package): update image-size to version 0.5.1 (#7805)
https://greenkeeper.io/
2017-01-04 14:45:26 +01:00
Greenkeeper
a3576e5934 chore(package): update debug to version 2.6.0 (#7809)
https://greenkeeper.io/
2017-01-04 14:17:03 +01:00
Greenkeeper
2e00707f86 chore(package): update multer to version 1.2.1 (#7798)
https://greenkeeper.io/
2017-01-04 14:12:57 +01:00
Greenkeeper
153bcba481 chore(package): update bluebird to version 3.4.7 (#7797)
https://greenkeeper.io/
2017-01-04 14:11:00 +01:00
Greenkeeper
56ca9b2798 chore(package): update superagent to version 3.3.1 (#7787)
https://greenkeeper.io/
2017-01-04 14:03:24 +01:00
Greenkeeper
eba907c025 chore(package): update gulp-util to version 3.0.8 (#7807)
https://greenkeeper.io/
2017-01-04 14:00:15 +01:00
Greenkeeper
2a2f676261 chore(package): update gulp-jsonlint to version 1.2.0 (#7794)
https://greenkeeper.io/
2017-01-04 13:59:55 +01:00
Greenkeeper
494c0f5c02 chore(package): update oauth2orize to version 1.6.0 (#7786)
https://greenkeeper.io/
2017-01-04 13:57:11 +01:00
Greenkeeper
e744238f95 chore(package): update archiver to version 1.3.0 (#7782)
https://greenkeeper.io/
2017-01-04 13:54:41 +01:00
Greenkeeper
c6d9a95489 chore(package): update should to version 11.1.2 (#7771)
https://greenkeeper.io/
2017-01-04 12:44:42 +01:00
Greenkeeper
1d2d861a98 chore(package): update moment to version 2.17.1 (#7764)
https://greenkeeper.io/
2017-01-04 12:42:51 +01:00
Greenkeeper
d194c69400 chore(package): update prettyjson to version 1.2.1 (#7758)
https://greenkeeper.io/
2017-01-04 12:40:50 +01:00
Greenkeeper
790ef14ac7 chore(package): update jsonpath to version 0.2.9 (#7743)
https://greenkeeper.io/
2017-01-04 12:34:44 +01:00
Greenkeeper
7ea9356f99 chore(package): update tmp to version 0.0.31 (#7736)
https://greenkeeper.io/
2017-01-04 12:30:17 +01:00
Greenkeeper
378e09e59c chore(package): update mocha to version 3.2.0 (#7747)
https://greenkeeper.io/
2016-12-25 20:07:43 +00:00
Greenkeeper
1bc617174d chore(package): update gscan to version 0.2.0 (#7791)
https://greenkeeper.io/
2016-12-20 12:30:12 +01:00
Greenkeeper
dc60558083 chore(package): update passport-ghost to version 2.2.0 (#7763)
https://greenkeeper.io/
2016-12-03 14:26:48 +07:00
Greenkeeper
5b6a29764c chore(package): update moment to version 2.17.0 (#7740)
https://greenkeeper.io/
2016-11-26 16:12:54 -07:00
Greenkeeper
8d3a560178 chore(package): update passport-ghost to version 2.0.0 (#7737)
https://greenkeeper.io/
2016-11-21 18:06:05 +01:00
Kevin Ansfield
4525145fed Version bump to 1.0.0-alpha.9 2016-11-17 20:15:19 +00:00
Katharina Irrgang
7eb316b786 replace auto increment id's by object id (#7495)
* 🛠  bookshelf tarball, bson-objectid

* 🎨  schema changes

- change increment type to string
- add a default fallback for string length 191 (to avoid adding this logic to every single column which uses an ID)
- remove uuid, because ID now represents a global resource identifier
- keep uuid for post, because we are using this as preview id
- keep uuid for clients for now - we are using this param for Ghost-Auth

*   base model: generate ObjectId on creating event

- each new resource get's a auto generate ObjectId
- this logic won't work for attached models, this commit comes later

* 🎨  centralised attach method

When attaching models there are two things important two know

1. To be able to attach an ObjectId, we need to register the `onCreating` event the fetched model!This is caused by the Bookshelf design in general. On this target model we are attaching the new model.
2. We need to manually fetch the target model, because Bookshelf has a weird behaviour (which is known as a bug, see see https://github.com/tgriesser/bookshelf/issues/629). The most important property when attaching a model is `parentFk`, which is the foreign key. This can be null when fetching the model with the option `withRelated`. To ensure quality and consistency, the custom attach wrapper always fetches the target model manual. By fetching the target model (again) is a little performance decrease, but it also has advantages: we can register the event, and directly unregister the event again. So very clean code.

Important: please only use the custom attach wrapper in the future.

* 🎨  token model had overriden the onCreating function because of the created_at field

- we need to ensure that the base onCreating hook get's triggered for ALL models
- if not, they don't get an ObjectId assigned
- in this case: be smart and check if the target model has a created_at field

* 🎨  we don't have a uuid field anymore, remove the usages

- no default uuid creation in models
- i am pretty sure we have some more definitions in our tests (for example in the export json files), but that is too much work to delete them all

* 🎨  do not parse ID to Number

- we had various occurances of parsing all ID's to numbers
- we don't need this behaviour anymore
- ID is string
- i will adapt the ID validation in the next commit

* 🎨  change ID regex for validation

- we only allow: ID as ObjectId, ID as 1 and ID as me
- we need to keep ID 1, because our whole software relies on ID 1 (permissions etc)

* 🎨  owner fixture

- roles: [4] does not work anymore
- 4 means -> static id 4
- this worked in an auto increment system (not even in a system with distributed writes)
- with ObjectId we generate each ID automatically (for static and dynamic resources)
- it is possible to define all id's for static resources still, but that means we need to know which ID is already used and for consistency we have to define ObjectId's for these static resources
- so no static id's anymore, except of: id 1 for owner and id 0 for external usage (because this is required from our permission system)
- NOTE: please read through the comment in the user model


* 🎨  tests: DataGenerator and test utils

First of all: we need to ensure using ObjectId's in the tests. When don't, we can't ensure that ObjectId's work properly.
This commit brings lot's of dynamic into all the static defined id's.
In one of the next commits, i will adapt all the tests.

* 🚨  remove counter in Notification API

- no need to add a counter
- we simply generate ObjectId's (they are auto incremental as well)
- our id validator does only allow ObjectId as id,1 and me

* 🎨  extend contextUser in Base Model

- remove isNumber check, because id's are no longer numbers, except of id 0/1
- use existing isExternalUser
- support id 0/1 as string or number

*   Ghost Owner has id 1

- ensure we define this id in the fixtures.json
- doesn't matter if number or string

* 🎨  functional tests adaptions

- use dynamic id's

* 🎨  fix unit tests

* 🎨  integration tests adaptions

* 🎨  change importer utils

- all our export examples (test/fixtures/exports) contain id's as numbers
- fact: but we ignore them anyway when inserting into the database, see https://github.com/TryGhost/Ghost/blob/master/core/server/data/import/utils.js#L249
- in 0e6ed957cd (diff-70f514a06347c048648be464819503c4L67) i removed parsing id's to integers
- i realised that this ^ check just existed, because the userIdToMap was an object key and object keys are always strings!
- i think this logic is a little bit complicated, but i don't want to refactor this now
- this commit ensures when trying to find the user, the id comparison works again
- i've added more documentation to understand this logic ;)
- plus i renamed an attribute to improve readability

* 🎨  Data-Generator: add more defaults to createUser

- if i use the function DataGenerator.forKnex.createUser i would like to get a full set of defaults

* 🎨  test utils: change/extend function set for functional tests

- functional tests work a bit different
- they boot Ghost and seed the database
- some functional tests have mis-used the test setup
- the test setup needs two sections: integration/unit and functional tests
- any functional test is allowed to either add more data or change data in the existing Ghost db
- but what it should not do is: add test fixtures like roles or users from our DataGenerator and cross fingers it will work
- this commit adds a clean method for functional tests to add extra users

* 🎨  functional tests adaptions

- use last commit to insert users for functional tests clean
- tidy up usage of testUtils.setup or testUtils.doAuth

* 🐛  test utils: reset database before init

- ensure we don't have any left data from other tests in the database when starting ghost

* 🐛  fix test (unrelated to this PR)

- fixes a random failure
- return statement was missing

* 🎨  make changes for invites
2016-11-17 09:09:11 +00:00
Greenkeeper
1861ccb752 chore(package): update lodash to version 4.17.2 (#7721)
https://greenkeeper.io/
2016-11-16 10:57:27 +00:00
Greenkeeper
b164a89771 chore(package): update lodash to version 4.17.1 (#7716)
https://greenkeeper.io/
2016-11-16 10:19:59 +00:00
Greenkeeper
e9ba22306d chore(package): update gulp-jshint to version 2.0.3 (#7709)
https://greenkeeper.io/
2016-11-15 16:27:38 +00:00
Greenkeeper
b412ea76ac chore(package): update ghost-editor to version 0.1.5 (#7712)
https://greenkeeper.io/
2016-11-15 16:25:32 +00:00
Greenkeeper
30cf309fe6 chore(package): update archiver to version 1.2.0 (#7670)
https://greenkeeper.io/
2016-11-14 14:45:26 +00:00
Hannah Wolfe
0252b6d500 chore(package): update fs-extra to version 1.0.0 (#7657)
https://greenkeeper.io/
2016-11-14 14:44:09 +00:00
Hannah Wolfe
4a2ddbe2ae Merge pull request #7701 from kirrg001/1.0.0-dev/fix-brute-schema
🐛  fix brute
2016-11-14 14:34:31 +00:00
Greenkeeper
de9ac85966 chore(package): update moment to version 2.16.0 (#7704)
https://greenkeeper.io/
2016-11-14 08:28:50 +00:00
kirrg001
254b1a0632 🐛 fix bugs in brute-knex
see and read commit 0cb28fa8e3
2016-11-10 11:50:03 +01:00
kirrg001
c749fe2a45 🛠 brute-knex fix
- do not access the database in the constructor
- that causes Ghost to fail on mysql, because if the database does not exist, knex will fail
2016-11-09 20:55:45 +01:00
kirrg001
28fbaec49d 🛠 use tarball for brute-knex
- current usage requires to have git installed
- can cause trouble when deploying and git is not installed
2016-11-09 12:17:57 +01:00
kirrg001
e3d6e02aed Version bump to 1.0.0-alpha.8 2016-11-08 15:26:37 +01:00
Katharina Irrgang
0a744c2781 🎨 public client registration updates (#7690)
* 🎨  use updateClient function to update redirectUri

refs #7654

* 🎨  name instead of clientName
* 🎨  config.get('theme:title') for client name

- initial read can happen from config

*   register public client: client name and description

- no update yet
- for initial client creation
- we forward title/description to Ghost Auth
- TODO: use settings-cache when merged

*   store blog_uri in db
* 🎨  passport logic changes

- use updateClient instead of changeCallbackURL
- be able to update: blog title, blog description, redirectUri and blogUri
- remove retries, they get implemented in passport-ghost soon
- reorder logic a bit

* 🛠  passport-ghost 1.2.0

* 🎨  tests: extend DataGenerator createClient

- set some defaults

* 🎨  tests

- extend tests
- 👻

*   run auth.init in background

- no need to block the bootstrap process
- if client can't be registered, you will see an error
- ensure Ghost-Admin renders correctly

* 🛠   passport-ghost 1.3.0

- retries

* 🎨  use client_uri in Client Schema

- adapt changes
- use blog_uri only when calling the passport-ghost instance
- Ghost uses the client_uri notation to improve readability

*   read blog title/description from settings cache

* 🚨  Ghost Auth returns email instead of email_address

- adapt Ghost
2016-11-08 14:21:25 +00:00
Austin Burdine
0d0542c5d0 swap sqlite3 & mysql dependencies (#7677)
no issue

- Ghost-CLI's recommended system stack has MySQL as the default
DB engine of choice, making the sqlite requirement unnecessary.
- Mysql (as the default) should be a required dependency
2016-11-08 13:47:14 +00:00
David Wolfe
68af2145a1 Replace memory spam prevention with brute-express (#7579)
no issue

- removes count from user checks model
- uses brute express brute with brute-knex adaptor to store persisted data on spam prevention
- implement brute force protection for password/token exchange, password resets and private blogging
2016-11-08 12:33:19 +01:00
Katharina Irrgang
bae0de6cd5 knex-migrator v2 (#7605)
* 🎨  knex-migrator reset

[ci skip]

*   add migration example

- hooks
- 1.0

[ci skip]

* 🛠  knex-migrator tarball

- remove when released

[ci skip]

* 🎨  jscs/jshint

* 🕵🏻 do not drop the database connection when running tests

- please read the comments in the commit

* 🔥  remove example migration

* 🛠  knex-migrator 0.1.0

* 🛠  knex-migrator 0.1.1

- fix a single test to ensure we catch the error

* 🛠  knex-migrator 0.1.2

* 🎨  make tests green

- added my keyword: kate-migrations
- i will go over all TODO's when removing the old migrations code

* 🛠  knex-migrator update

* 🛠  knex-migrator 0.2.0
2016-11-07 11:39:49 +00:00
Katharina Irrgang
a19fa8d3ac Ghost Auth: register client with blog_uri (#7680)
* 🛠  passport-ghost 1.1.0

*   register client: add blog_uri

refs #7654

- improve readability
- get rid of all the url util usages
- add blog_uri

[ci skip]

* 🎨  tests
2016-11-07 11:38:05 +00:00
greenkeeperio-bot
8311dd44bf chore(package): update fs-extra to version 1.0.0
https://greenkeeper.io/
2016-11-07 10:50:04 +00:00
Greenkeeper
a6226e4832 chore(package): update ghost-editor to version 0.1.4 (#7686)
https://greenkeeper.io/
2016-11-07 11:49:46 +01:00
Greenkeeper
381fb16ddf chore(package): update moment-timezone to version 0.5.9 (#7682)
https://greenkeeper.io/
2016-11-06 17:59:40 +01:00
Greenkeeper
6d658f45d7 chore(package): update amperize to version 1.0.0 (#7662)
https://greenkeeper.io/
2016-11-05 18:14:43 +01:00
Greenkeeper
01f59ab79c chore(package): update lodash to version 4.16.6 (#7659)
https://greenkeeper.io/
2016-11-05 17:59:34 +01:00