0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/core/server/themes/validate.js
Hannah Wolfe b2f1d0559b Themes API activation permissions & validation (#8104)
refs #8093

 Add activate theme permission
- add permission to activate themes
- update tests
- also: update tests for invites
TODO: change how the active theme setting is updated to reduce extra permissions

 Move theme validation to gscan
- add a new gscan validation method and use it for upload
- update activate endpoint to do validation also using gscan
- change to using SettingsModel instead of API so that we don't call validation or permissions on the settings API
- remove validation from the settings model
- remove the old validation function
- add new invalid theme message to translations & remove a bunch of theme validation related unused keys

📖  Planned changes

🚨 Tests for theme activation API endpoint
🐛 Don't allow deleting the active theme

🚫 Prevent activeTheme being set via settings API
- We want to control how this happens in future.
- We still want to store the information in settings, via the model.
- We just don't want to be able to change this info via the settings edit endpoint

🐛  Fix warnings for uploads & add for activations
- warnings for uploads were broken in f8b498d
- fix the response + adds tests to cover that warnings are correctly returned
- add the same response to activations + more tests
- activations now return a single theme object - the theme that was activated + any warnings

🎨 Improve how we generate theme API responses
- remove the requirement to pass in the active theme!
- move this to a specialist function, away from the list

🎨 Do not load gscan on boot
2017-03-13 12:44:44 +01:00

32 lines
964 B
JavaScript

var Promise = require('bluebird'),
errors = require('../errors'),
i18n = require('../i18n'),
checkTheme;
checkTheme = function checkTheme(theme, isZip) {
var checkPromise,
// gscan can slow down boot time if we require on boot, for now nest the require.
gscan = require('gscan');
if (isZip) {
checkPromise = gscan.checkZip(theme, {keepExtractedDir: true});
} else {
checkPromise = gscan.check(theme.path);
}
return checkPromise.then(function resultHandler(checkedTheme) {
checkedTheme = gscan.format(checkedTheme);
// @TODO improve gscan results
if (!checkedTheme.results.error.length) {
return checkedTheme;
}
return Promise.reject(new errors.ThemeValidationError({
message: i18n.t('errors.api.themes.invalidTheme'),
errorDetails: checkedTheme.results.error
}));
});
};
module.exports.check = checkTheme;