* Extender docblocks cleanup
* Excplicit type hinting in extenders
* Bring method under constructor
* Mark some classes and methods as internal
* Remove beta references
Co-authored-by: Clark Winkelmann <clark.winkelmann@gmail.com>
Data migrations (seed default groups, seed default permissions) are deliberately excluded.
This also allows us to remove a lot of now unnecessary public API from the migrator and migration repository.
* WIP: Use Laravel filesystem interface where possible
* Drop vendorFilesystem
* Support getting URL of cloud-based logo and favicon
* FilesystemAdapter should always be cloud
* Get base avatar URL from filesystem adapter
* Restore deleted getAsset method
Co-authored-by: Alexander Skvortsov <askvortsov1@users.noreply.github.com>
* Rename `app` helper to `resolve`, deprecate old version
* Rename $this->app to $this->container in service providers
We no longer couple Flarum\Foundation\Application to the Laravel container; instead, we use the container separately. Changing our naming to reflect that will make things clearer.
- Make session token-based instead of user-based
- Clear current session access tokens on logout
- Introduce increment ID so we can show tokens to moderators in the future without exposing secrets
- Switch to type classes to manage the different token types. New implementation fixes#2075
- Drop ability to customize lifetime per-token
- Add developer access keys that don't expire. These must be created from the database for now
- Add title in preparation for the developer token UI
- Add IP and user agent logging
- Delete all non-remember tokens in migration
- Split DispatchRoute. This allows us to run middleware after we figure out which route we're on, but before we actually execute the controller for that route.
- By making the route name explicitly available to middlewares, applications like CSRF and floodgate can set patterns based on route names instead of the path, which is an implementation detail.
- Support using route name match for CSRF extender, deprecate path match
* Write source map without creating temp file
Less I/O, and one less place where we access the global path helpers.
* Drop useless app_path() helper
This was probably taken straight from Laravel. There is no equivalent
concept in Flarum, so this should be safe to remove.
* Deprecate global path helpers
Developers using these helpers can inject the `Paths` class instead.
* Stop storing paths as strings in container
* Avoid using path helpers from Application class
* Deprecate path helpers from Application class
* Avoid using public_path() in prerequisite check
a) The comparison was already outdated, as a different path was passed.
b) We're trying to get rid of these global helpers.
* Updated PHP requirement to 7.2
* Set wikimedia less version to 1.8
* Indentation fix on composer json
* Revert "Set wikimedia less version to 1.8"
This reverts commit 22d862fd98.
- Extract a method for email address generation
- Consistent types
- No docblocks for types where superfluous
- Tweak console output
- Don't inherit from integration test's base class in unit test
- Fix base url when is appended with a script filename
- Add default base url http://flarum.local when CLI wizard used
- Remove some code duplication
- Add minor improvement to the UX when CLI wizard used
- Add tests
- Extract base url normalisation into its own value object
The error handling middleware now expects an array of reporters.
Extensions can register new reporters in the container like this:
use Flarum\Foundation\ErrorHandling\Reporter;
$container->tag(NewReporter::class, Reporter::class);
Note that this is just an implementation detail and will be hidden
behind an extender.
This lets us or anyone modify the path from where dependencies (usually
installed into /vendor by Composer) are loaded. We need to be able to
tweak this in our integration tests, where the application code under
test needs access to certain dependencies.
Since this is not strictly speaking a domain invariant, but rather
specific to the user interface where passwords are not displayed, and
should therefore be entered twice to prevent mistakes going unnoticed,
this stuff should be checked in the frontend, not in the install steps.
Next step: Ensure that all domain-specific validation is done in the
installer's domain layer. This will ensure these validations cannot be
forgotten, and keep the frontends DRY.
Since we do not provide a development VM anymore, it does not make sense
to have "default" credentials etc.
To reproduce something similar, I'd suggest using a YAML or JSON file
together with the `--file` option.
