The test for authentication use a route /api/users/me. This should probably be upgraded to use
a proper passport mock.
In the meanwhile this should make the returned user object safer - using code from core.
Fixes n/a
- Removes deprecated `onlyChanged` npm script. Watch now always runs only changed tests, no parameter needed. Change to gulp tasks was in this commit: eaead7a30c
- Renames npm script `test:watch` to `test:server:watch`
- Updates README.md to mention Gulp less and npm commands more
- Removes mentions to Grunt from README.md
This commit introduces handlebars template system and completely replacing Swig and the Consolidate project to handle multiple template systems.
Fixes#1286
* Fix(users): Don't update secure profile fields
Avoid updating secure fields as password, salt ..etc through
user profile update.
Fixes#1420
* Refactor variable name
* fix(articles): Article controllers name conflicts
Fixes the naming conflicts for the Articles controllers.
Due to how Angular injects the controllers into the StateProvider,
naming conflicts were caused between the Articles public & admin module
controllers.
To resolve the issue the referenced controllers in the Articles admin
route configurations must be unique, and match up with the Admin
controllers.
* Client-side tests failing
Fixed the client-side tests that were failing due to the naming
conflicts.
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
* fix(user): fix changeProfilePicture
* use promises to simplify callbacks
* use fs.unlink to delete old picture once the profile is updated
* log file errors to console
* update error handler module to handle file upload errors
Fixes#1415
Add dockerfile and compose for production (#1438)
Add Dockerfile for production
Fixes#1431Fixes#1435
* feat(deploy): Add docker-compose.yml for production
Add docker-compose.yml for production
Fixes#1435
* feat(deploy): Update documentation for deployment
Update documentation for production deployment
Fixes#1435
Add data container for docker-compose and update to docker compose version 2 (#1437)
Change containers, add environment for mongodb host, change version to 2.
Fixes#1434
* feat(deploy): Add data container for mongodb
Add db-data for mongodb, remove container_name.
Fixes#1434
* feat(deploy): Use networking of compose version 2 (remove links)
Remove links
Fixes#1434
* feat(deploy): Use depends_on for db containers
Add depends_on for db
Fixes#1434
* feat(deploy): Add data container for web data
Add data container, add volumes and remove command.
Fixes#1434
* feat(deploy): Change image for container data
Change busybox to build . for data container
Fixes#1434
* feat(deploy): Change entrypoint for web-data container
Change entrypoint for web-data container
Fixes#1434
* fix(express): updating express session name variable from key (the old deprecated one) to the new variable: name
* fix(express): re-wording confusing comment on the session cookie name
This feature introduces a breaking change, that restricts the User's that
can create/edit/delete Articles to only those that have the `admin` Role.
Fixed ESLint issues.
Resolved merge conflicts, and moved new client Article Service
`createOrUpdate` functionality to new Admin feature controller.
Removed edit functionality from client-side Article controller.
* Support params to state for menu items.
* feat(core): Add support for params in menu items
Proposed by @scfox
Fixes#1304
* Removed trailing space on test.
* Changed default params to be empty object instead of empty string.
* fix(core): packages update due to insecure old versions that carry vulnerabilities
* updating packages to satisify deps
* updating deps for peer dependencies
* updating deps for peer dependencies
* feat(gulp): updating the README.md instructions with the changes to gulp being the mainstream vs the deprecation of grunt. Also added gulp as a task runner for freely executing tasks through npm run.
* feat(core): use npm commands
Replace variety of commands by npm commands.
See #1258
* Remove prestart
* Move bower --config.interactive=false to .bowerrc
* Use validator.js instead of regexp for validations in User Schema.
* Disables "Unexpected console statement no-console" warnings
* Fixes redirection to wrong URL after login with social networks.
* Use ViewModel vm instead of $scope in manage social accounts controller.
* preserving the option to redirect to a specific URL as done in saveOAuthUserProfile() (thanks to @OneOfTheWorld for pointing out)
Adds client-side tests for the Users Edit Profile client controller.
1) should have user context
2) should update the user profile
3) should set vm.error if error
Related #1283
* Fix for users.profile.server.controller.js security (#1338)
Fixes an issue where if req.body._id was not set to the current user it
could potentially log the current user in as another user.
Don't use req.body._id when editing user
Prevents a user from being logged in as another if edit user form _id is
not their own.
Fixes#1338
* replacing grunt-contrib-sass with grunt-sass which doesnt require the ruby dependency anymore
* updating README instructions to remove any reference to grunt-contrib-sass, ruby or gem installation for sass compilation
* replacing file-stream-rotator with a better logging mechanism using winston which can be extended later for other use cases and integrations
* refactoring logger mechanism, accomodating for tests and environment variable configurations
* only enabling morgan logger if config.log.format option was defined, and disabling the app.log file transport option for the test environment
* disabling all kind of logging when in test enviroment
Fixes an issue with an empty/missing/null Email coming from GitHub's
OAuth call response.
Also, introduces the `sparse` index option on the User model's Email
field. This will ensure that we can have multiple User documents without
the Email field.
Adds a server-side User model test for the sparse index setting on the
email field.
Confirms that User documents without the email field are not indexed,
illustrating the sparse option on the schema's email field works
properly.
Added the dropdb task to the Gulp test:client & test:server tasks, to
ensure we have a clean database & that any indexes are rebuilt; this
will ensure any Schema changes (in this case the email index is rebuilt using
the sparse index option) are reflected when the database is started again.
Added a UPGRADE.md for tracking important upgrade information for our
user's to be aware of, when we introduce potentially breaking changes.
Included an explanation of the Sparse index being added, and how to apply it
to an existing MEANJS application's database.
Adds a script for dropping the `email` field's index from the User
collection.
Related #1145