Hardened things to enforce the intent that the guest account should not
be used for logins.
Currently this would not be allowed due to empty set password, and no
password fields on user edit forms, but an error could occur if the
login was attempted.
This adds:
- Handling to show normal invalid user warning on login instead of a
hash check error.
- Prevention of guest user via main login route, in the event that
inventive workarounds would be used by admins to set a password for
this account.
- Test for guest user login.
Changes the name of our spacing variables due to the prefixing -/_
meaning private in the use of new "use" rather than include.
All now modular too, so all variables/mixins are accessed via their
package.
Also renamed variables file to vars for simpler/cleaner access/writing.
eg. '$-m' is now 'vars.$m'
Review of #5280.
- Removed additional non-needed loads which could ignore permissions.
- Updated new formatter method name to be more specific on use.
- Added test case to cover changes.
- Updated API examples to align parent id/info in info to be
representative.
Migrations run without force could fail startup in certain environment
conditions (when testing production env).
Also updated paths permission handling to update more needed locations.
We were not responsing with a range request, where the requested range
was for the full extent of content. This changes things to always
provide a range request, even for the full range.
Change made since our existing logic could cause problems in chromium
browsers.
Elseif statement removed as its was likley redundant based upon other
existing checks.
This also changes responses for requested ranges beyond content, but I
think that's technically correct looking at the spec (416 are for when
there are no overlapping request/response ranges at all).
Updated tests to cover.
For #5342
- Handled links to within-zip page images found in chapter/book
descriptions; Added test to cover.
- Fixed session showing unrelated success on failed import.
Tested import file-create undo on failure as part of this testing.
And disable button after submit.
Added here because the import could take some time, so it's best to show
an indicator to the user to show that something is happening, and help
prevent duplicate submission or re-submit attempts.
Images were missing their extension after import since it was
(potentially) not part of the import data.
This adds validation via mime sniffing (to match normal image upload
checks) and also uses the same logic to sniff out a correct extension.
Added tests to cover.
Also fixed some existing tests around zip functionality.
Added file creation reverting and DB rollback on error.
Added error display on failed import.
Extracted likely shown import form/error text to translation files.
* New translations common.php (Ukrainian)
* New translations entities.php (Ukrainian)
* New translations errors.php (Ukrainian)
* New translations activities.php (Czech)
* New translations entities.php (Czech)