0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/core/server/admin/controller.js
Katharina Irrgang a55fb0bafe 🎨 public config endpoint (#7631)
closes #7628

With this PR we expose a public configuration endpoint.
When /ghost is requested, we don't load and render the configurations into the template anymore. Instead, Ghost-Admin can request the public configuration endpoint.

* 🎨  make configuration endpoint public
* 🔥  remove loading configurations in admin app
- do not render them into the default html page
*   load client credentials in configuration endpoint
- this is not a security issue, because we have exposed this information anyway before (by rendering them into the requested html page)
* 🎨  extend existing configuration integration test
*   tests: add ghost-auth to data generator
*   add functional test
* 🔥  remove type/value pattern
* 🎨  do not return stringified JSON objects
2016-10-28 14:07:46 +01:00

38 lines
1.4 KiB
JavaScript

var debug = require('debug')('ghost:admin:controller'),
_ = require('lodash'),
api = require('../api'),
logging = require('../logging'),
updateCheck = require('../update-check'),
i18n = require('../i18n');
// Route: index
// Path: /ghost/
// Method: GET
module.exports = function adminController(req, res) {
/*jslint unparam:true*/
debug('index called');
updateCheck().then(function then() {
return updateCheck.showUpdateNotification();
}).then(function then(updateVersion) {
if (!updateVersion) {
return;
}
var notification = {
status: 'alert',
type: 'info',
location: 'upgrade.new-version-available',
dismissible: false,
message: i18n.t('notices.controllers.newVersionAvailable',
{version: updateVersion, link: '<a href="http://support.ghost.org/how-to-upgrade/" target="_blank">Click here</a>'})};
return api.notifications.browse({context: {internal: true}}).then(function then(results) {
if (!_.some(results.notifications, {message: notification.message})) {
return api.notifications.add({notifications: [notification]}, {context: {internal: true}});
}
});
}).finally(function noMatterWhat() {
res.render('default');
}).catch(logging.logError);
};