Merge tag 'v4.0.0' of https://github.com/keystonejs/keystone

* tag 'v4.0.0' of https://github.com/keystonejs/keystone: bumped version 📣🎉 updating package bundle Reviewed Getting Started documentation (keystonejs#4721) Update to multer 1.3.1 and automatically clean uploaded files (keystonejs#4704) Minor fixes and improvements to the location field type (keystonejs#4455) Improve sanity checking for signin "from" param fixed typo added semver notations to dependencies
frapan · May 2, 2019 · 3c3bf8a · 3c3bf8a
2 parents 7bffd07 + 09685b8
commit 3c3bf8a
Show file tree

Hide file tree

Showing 35 changed files with 1,456 additions and 1,140 deletions.
diff --git a/admin/client/Signin/index.js b/admin/client/Signin/index.js
@@ -10,9 +10,10 @@ import React from 'react';
 import ReactDOM from 'react-dom';
 import Signin from './Signin';
 
+// Sanitize from param
+const internalFromRegex = /^\/[^\/\\]\w+/;
 const params = qs.parse(window.location.search.replace(/^\?/, ''));
-const from = typeof params.from === 'string' && params.from.charAt(0) === '/'
-	? params.from : undefined;
+const from = internalFromRegex.test(params.from) ? params.from : undefined;
 
 ReactDOM.render(
 	<Signin

diff --git a/admin/public/js/packages.js b/admin/public/js/packages.js
diff --git a/admin/server/app/createDynamicRouter.js b/admin/server/app/createDynamicRouter.js
@@ -1,6 +1,7 @@
 var bodyParser = require('body-parser');
 var express = require('express');
-var multer = require('multer');
+
+var uploads = require('../../../lib/uploads');
 
 module.exports = function createDynamicRouter (keystone) {
 	// ensure keystone nav has been initialised
@@ -17,7 +18,7 @@ module.exports = function createDynamicRouter (keystone) {
 	// Use bodyParser and multer to parse request bodies and file uploads
 	router.use(bodyParser.json({}));
 	router.use(bodyParser.urlencoded({ extended: true }));
-	router.use(multer({ includeEmptyFields: true }));
+	uploads.configure(router);
 
 	// Bind the request to the keystone instance
 	router.use(function (req, res, next) {

diff --git a/docs/Getting Started/Setting-Up/part-1.md b/docs/Getting Started/Setting-Up/part-1.md
@@ -2,17 +2,17 @@
 
 ## Introduction
 
-If you want to jump right in to a working keystone codebase, check out our [quick start guide](/getting-started/yo-generator), which walks you through using our generator to get a keystone codebase up and running quickly. This tutorial will walk you through setting up a project, looking at what the core parts of keystone are and how to set them up.
+If you want to jump right in to a working Keystone codebase, check out our [quick start guide](/getting-started/yo-generator), which walks you through using our generator to get a Keystone codebase up and running quickly. This tutorial will walk you through setting up a project, looking at what the core parts of Keystone are and how to set them up.
 
 This guide assumes you are familiar with using npm to install packages, and javascript as a language.
 
 We're going to be tackling this in three parts.
 
 Part 1 (this one here) will focus on installation and setting up our `keystone.js` file, which launch our app.
 
-[Part 2](/getting-started/setting-up/part-2) will detail building keystone models and setting up your database.
+[Part 2](/getting-started/setting-up/part-2) will detail building Keystone models and setting up your database.
 
-[Part 3](/getting-started/setting-up/part-3) will go through setting up routes with keystone to serve both database information as well as website pages.
+[Part 3](/getting-started/setting-up/part-3) will go through setting up routes with Keystone to serve both database information as well as website pages.
 
 [Part 4](/getting-started/setting-up/part-4) will get a us a `POST` endpoint which we can use to post data to.
 
@@ -21,20 +21,20 @@ Before we start, make sure you have [node](nodejs.org) and [mongo](https://www.m
 ## Installation
 Start by creating a new directory and then from within it run `npm init`. This will set us up with a `package.json` for you with the ability to set up some default options.
 
-Next, install keystone with `npm install --save keystone`.
+Next, install Keystone with `npm install --save keystone`.
 
-At this point, we should have a `node_modules` directory and keystone should have been added to the `package.json`.
+At this point, we should have a `node_modules` directory and Keystone should have been added to the `package.json`.
 
 ##  Initial Setup
 
-Create a new file, `keystone.js` and we're ready to start configuring keystone.
+Create a new file, `keystone.js` and we're ready to start configuring Keystone.
 
-Your `keystone.js` file is the launch file for keystone, which will connect keystone to your database, start both the database connection, and start your server running. This is where we will be adding configuration options to keystone as well, which allow us to change how keystone is running.
+Your `keystone.js` file is the launch file for Keystone, which will connect Keystone to your database, start the database connection, and start your server running. This is where we will be adding configuration options to Keystone as well, which allow us to change how Keystone is running.
 
-The minimum file we need to start keystone running is:
+The minimum file we need to start Keystone running is:
 
 ```javascript
-var keystone = require('keystone');
+var keystone = require('Keystone');
 
 keystone.init({
   'cookie secret': 'secure string goes here',
@@ -43,11 +43,11 @@ keystone.init({
 keystone.start();
 ```
 
-First we require keystone, then we run `keystone.init()`. This function sets up keystone's initial starting values. Here we are only providing it a cookie secret, however as we build up our application we are going to come back and add more options here. If you want to check out the full list of options, you can find them [here](/documentation/configuration).
+First we require Keystone, then we run `keystone.init()`. This function sets up Keystone's initial starting values. Here we are only providing it a cookie secret, however as we build up our application we are going to come back and add more options here. If you want to check out the full list of options, you can find them [here](/documentation/configuration).
 
-A `cookie secret` is the only option that is technically required to launch keystone, however we'll be fleshing this out as we complete our setup.
+A `cookie secret` is the only option that is technically required to launch Keystone, however we'll be fleshing this out as we complete our setup.
 
-Finally, we call `keystone.start()`, which kicks off our keystone app.
+Finally, we call `keystone.start()`, which kicks off our Keystone app.
 
 We can now check this runs. Run `node keystone.js` and you should be greeted with:
 
@@ -58,7 +58,11 @@ Keystone is ready on http://0.0.0.0:3000
 ------------------------------------------------
 ```
 
-Unfortunately all that's there is a 404 error page. We're going to solve that in [part 3](/getting-started/setting-up/part-3). In [Part 2](/getting-started/setting-up/part-2) we are going to focus on getting the database connected, and the admin UI up and running. You can do these two in either order.
+You should get a 404 page. That's ok! That will be resolved in [part 3](/getting-started/setting-up/part-3) of this guide. In [Part 2](/getting-started/setting-up/part-2) we are going to focus on getting the database connected, and the admin UI up and running. You can do these two in either order.
+
+## Next Steps
+Check out [part 2](/getting-started/setting-up/part-2) of this guide, which walks you through setting up your database, or if you want to read more about any of the parts we set up, you can check out these links:
+
 
 ## Learn more about:
 

diff --git a/docs/Getting Started/Setting-Up/part-2.md b/docs/Getting Started/Setting-Up/part-2.md
@@ -35,7 +35,7 @@ Firstly, we are going to add a `name`. This is used as the site name, and defaul
 
 Next, we want to define what our `'user model'` will be. Let's call it `'User'` to keep it simple.
 
-We want to set `auth` to be `true` so accessing the keystone admin UI requires a person to log in.
+We want to set `auth` to be `true` so accessing the Keystone admin UI requires a person to log in.
 
 Finally we want to set `'auto update'` to be `true`. This is going to make it very easy to get our seed data in to our project.
 
@@ -59,7 +59,7 @@ Finally, we are going to add a new line to the file, which is going to import ou
 keystone.import('models');
 ```
 
-The `import` method allows us to pull in an entire folder, in this case the entire models folder, and will allow us to add as many models as we want without having to come back and let keystone know we've added something new. New models will be noticed each time keystone starts.
+The `import` method allows us to pull in an entire folder, in this case the entire models folder, and will allow us to add as many models as we want without having to come back and let Keystone know we've added something new. New models will be noticed each time Keystone starts.
 
 If you want to know more about `keystone.import()` the documentation is [here](/api/methods/import).
 
@@ -110,7 +110,7 @@ This is our most basic field here. Every field needs a `type` property defined,
 password: { type: keystone.Field.Types.Password }
 ```
 
-Our email field is using a keystone-specific field type. This adds a defined shape to the data, as well as a collection of extra validation. For the password field, it will encrypt it for us. In addition, in the keystone admin UI, it will not display the contents of the password field, and will require a password to be entered twice to change it.
+Our email field is using a keystone-specific field type. This adds a defined shape to the data, as well as a collection of extra validation. For the password field, it will encrypt it for us. In addition, in the Keystone admin UI, it will not display the contents of the password field, and will require a password to be entered twice to change it.
 
 This takes care of a lot of our password security for us.
 
@@ -120,10 +120,9 @@ email: { type: keystone.Field.Types.Email, unique: true },
 
 Email is similar to password in that it is using a keystone-specific field type, in this case to ensure that when this field is filled, it has the shape of an email. In addition, we have passed a second option of `unique: true`, which forces the field to be unique within the database. No doubling up on email addresses for accounts.
 
-// The following para really needs more work. Needs lightness and timing
-If you want to know about all the field types keystone offers, you can find the information find the full list of options in the [field docs](/api/field) Also, for the options like `unique` which are available to all fields, you can read more [here](/api/field/options), for when you are making your own models.
+If you want to know about all the field types Keystone offers, you can find the full list of options in the [Field API documentation](/api/field) Also, for the options like `unique` which are available to all fields, you can read more about the [Field options API](/api/field/options), for when you are making your own models.
 
-There are three more parts we are going to need to get our user model working. The first is to register it to keystone. This will tell keystone to include it in its list of models. To do this, add the following line to the bottom of the file:
+There are three more parts we are going to need to get our user model working. The first is to register it to keystone. This will tell Keystone to include it in its list of models. To do this, add the following line to the bottom of the file:
 
 ```javascript
 User.register();
@@ -169,7 +168,7 @@ User.register();
 
 ### Adding an update script
 
-There's one more thing to do before we can launch our app. We need to have an initial user in our database. We can do this through an update script, which keystone will run on startup.
+There's one more thing to do before we can launch our app. We need to have an initial user in our database. We can do this through an update script, which Keystone will run on startup.
 
 Make a new directory called `updates` and make a file `0.0.1-first-user.js` in it. Next we can just drop in the following code:
 
@@ -186,7 +185,7 @@ exports.create = {
 
 ```
 
-This will create a user with these details (though the password will be hashed before saving) when keystone is started up. If you want to know more about update scripts, you can find the information [here](/documentation/configuration).
+This will create a user with these details (though the password will be hashed before saving) when Keystone is started up. If you want to know more about update scripts, you can find the information [here](/documentation/configuration).
 
 An important note is that you will likely end up committing your update scripts to your project, so you should not include sensitive information in here. Any passwords added in an update script should be manually changed afterwards.
 
@@ -232,13 +231,13 @@ Event.register();
 ```
 
 ## Next Steps
-Check out [part 3](/getting-started/setting-up/part-3) of our setting up keystone guide, which walks you through adding your own pages to your site, or if you want to read more about any of the parts we set up, you can check out these links:
+Check out [Part 3 : Routing](/getting-started/setting-up/part-3) of our setting up Keystone guide, which walks you through adding your own pages to your site, or if you want to read more about any of the parts we set up, you can check out these links:
 
-learn more about:
+## Learn more about:
 
 - [configuring keystone](/documentation/configuration)
 - [importing models](/api/methods/import)
-- [list of keystone fields](/api/field)
-- [keystone field options](/api/fields/options)
-- [update scripts](/documentation/application-updates)
+- [list of Keystone fields](/api/field)
+- [keystone field options](/api/field/options)
+- [update scripts](/documentation/database/application-updates)
 - [virtuals and schema methods](/api/list/schema)
diff --git a/docs/Getting Started/Setting-Up/part-3.md b/docs/Getting Started/Setting-Up/part-3.md
@@ -1,12 +1,12 @@
 # Part 3: Routing
 
-Keystone is designed to do much of the setup of running an [express](expressjs.com) application out of your hands as well as allowing an easy configuration of the options.
+Keystone is designed to do much of the setup of running an [ExpressJS](https://expressjs.com) application out of your hands as well as allowing an easy configuration of the options.
 
-Here we are going to add a router to our keystone application, and set up a basic webpage. This will not rely on what was done in part 2.
+Here we are going to add a router to our Keystone application, and set up a basic webpage. This will not rely on what was done in part 2.
 
 After that, we are going to set up an API endpoint to retrieve information about the events model, which will be relying on setup we did in [Part 2](/getting-started/setting-up/part-2).
 
-For our routing, we are going to be using [pug](pugjs.org) to render our views, however the principles will remain the same for other view engines.
+For our routing, we are going to be using [pug](https://pugjs.org) to render our views, however the principles will remain the same for other view engines.
 
 ## Setup
 
@@ -39,7 +39,7 @@ If you did [part 2](/getting-started/setting-up/part-2), you will have more than
 
 As we mentioned in part one, keystone.init allows us to define our initial options for keystone's startup. For configuring our database connection, we are going to add 2 new properties to our `keystone.init`, and then add a line that will import our routes.
 
-Our two properties are `views` and `view engine`. The first allows us to set a folder location relative to `keystone.js` to load our view files from. The second sets an engine for keystone to try and render the files with.
+Our two properties are `views` and `view engine`. The first allows us to set a folder location relative to `keystone.js` to load our view files from. The second sets an engine for Keystone to try and render the files with.
 
 We are going to want to set them as:
 
@@ -64,7 +64,7 @@ Keystone will look for an installed npm package with the same name as the view e
 $ npm install --save pug
 ```
 
-Finally, we need to add a line to tell keystone where we plan to write our routes.
+Finally, we need to add a line to tell Keystone where we plan to write our routes.
 
 ```javascript
 keystone.set('routes', require('./routes'));
@@ -92,7 +92,7 @@ The reason for this structure is that it is best to keep the individual routes i
 
 Let's fill out our central file, our `routes/index.js`.
 
-This file is going to export a function, takes in the express app keystone has built for us, and adds on our individual routes.
+This file is going to export a function, takes in the express app Keystone has built for us, and adds on our individual routes.
 
 The most basic form of it would look like:
 
@@ -119,7 +119,7 @@ exports = module.exports = function (app) {
 };
 ```
 
-The keystone importer gives us a function that allows us to reduce a folder and its contents to an object with the same nesting.
+The Keystone importer gives us a function that allows us to reduce a folder and its contents to an object with the same nesting.
 
 We then call `importRoutes` with the directory we want to import, and attach it to an object at `routes.views`. Finally, we can now provide `routes.views.index` as the second argument for our `app.get` function call.
 
@@ -180,18 +180,18 @@ html(lang="en")
           Hope you're enjoying learning about keystone. We're close to some very dynamic cool things
 ```
 
-Check out [pugjs.org](pugjs.org) if you want to know more about pug.
+Check out [pugjs.org](https://pugjs.org) if you want to know more about pug.
 
-Now, if we start our keystone app using `node keystone`, we should be able to visit the homepage and see it rendered!
-
-[Part 4](/getting-started/setting-up/part-4)
+Now, if we start our Keystone app using `node keystone`, we should be able to visit the homepage and see it rendered!
 
 ## Next Steps
+Check out [part 4](/getting-started/setting-up/part-4) of our setting up Keystone guide, which walks you through setting up an API endpoint so we can record data to our database from a form.
+
 
-Learn more about:
+## Learn more about:
 
-- [keystone.set](/methods/set)
-- [init options](/configuration)
-- [pug](pugjs.org)
-- [express](expressjs.com)
-- [keystone.importer](/methods/importer)
+- [keystone.set](/api/methods/set)
+- [init options](/documentation/configuration)
+- [pug](https://pugjs.org)
+- [express](https://expressjs.com)
+- [keystone.importer](/api/methods/importer)