Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-13 22:41:32 -05:00
Code Issues Activity
ghost/core/test/integration/api
History
Jacob Gable 298077582b ACL and strict rules for Settings API 
Ref #2061

- Add canThis permission checks to settings api calls
- Add strict rules about accessing core settings without internal: true
- Omit core settings in browse() call unless internal: true
- Update unit tests to call api.settings with contexts
- Add a couple unit tests for new scenarios
- Update all api.settings calls in the app to call with internal context
- Re-arrange permissions.init in server startup so config.theme.update
can access settings without permissions error
2014-05-07 10:56:03 -05:00
..
api_db_spec.js Consistency in model method naming 2014-05-06 00:36:42 +01:00
api_notifications_spec.js Proper endpoints for persistent notifications 2014-05-06 00:05:14 +02:00
api_posts_spec.js updated error handling on all mocha tests 2014-05-05 21:58:58 +01:00
api_settings_spec.js ACL and strict rules for Settings API 2014-05-07 10:56:03 -05:00
api_tags_spec.js updated error handling on all mocha tests 2014-05-05 21:58:58 +01:00
api_users_spec.js Move user API to primary document format 2014-05-02 20:50:44 +01:00