Commit Graph

3125 Commits

Author SHA1 Message Date
Franz Liedke
8474dfd6e2
Consistent use of private instead of protected
See discussion in 5b821b21b1 (r30752077).
2018-10-04 09:08:43 +02:00
flarum-bot
737d33826e Bundled output for commit 3006f58274 [skip ci] 2018-09-29 23:59:11 +00:00
Toby Zerner
3006f58274 The document JS payload attribute was previously renamed to apiDocument 2018-09-30 09:24:25 +09:30
Toby Zerner
d3a5e2451a
Merge pull request #1581 from flarum/fl/1463-extension-install-hooks
Extension enable/disable hooks
2018-09-29 08:19:26 +09:30
Franz Liedke
f03c954dcc
Extensions do not need to know whether they are enabled 2018-09-26 23:34:33 +02:00
Franz Liedke
3b70b9e76e
Let extensions take care of flushing the formatter cache 2018-09-26 23:11:27 +02:00
Franz Liedke
b823a9df47
migrate: Use existing public API to filter extensions 2018-09-26 23:03:48 +02:00
Franz Liedke
8621500501
Use early returns to flatten methods 2018-09-26 22:59:48 +02:00
Franz Liedke
f48101dc04
Add a new extender interface for extension lifecycle hooks 2018-09-26 22:56:25 +02:00
Franz Liedke
3c827d2fce
Tweak extender interface in preparation for adding more methods 2018-09-26 22:36:36 +02:00
Charlie
1f0e9b6280 Update ExtensionPage Style (#1560) 2018-09-26 17:00:27 +09:30
Franz Liedke
bf61753361
Merge pull request #1577 from flarum/tz/database-indices
Database indices
2018-09-24 23:49:23 +02:00
flarum-bot
70cb2f6f2e Bundled output for commit 1736fe3f58 [skip ci] 2018-09-23 00:46:47 +00:00
Toby Zerner
1736fe3f58 Clean up PostsUserPage placeholder 2018-09-23 10:12:12 +09:30
flarum-bot
ae81c4f0f1 Bundled output for commit 8c679c715c [skip ci] 2018-09-22 22:01:38 +00:00
David Sevilla Martín
8c679c715c Allow admins to see last online text (#1540)
* Allow admins to see last online text

* Use viewLastSeenAt permission

* Move permission to UserSerializer, removed from ForumSerializer

* Remove extra comma from ForumSerializer to keep diff clean

* Add permission to new seed migration
2018-09-22 23:55:53 +02:00
Toby Zerner
4236f3d49e
Merge pull request #1576 from datitisev/user-posts-page
Make user posts page similar to discussion page, add empty text
2018-09-23 07:22:08 +09:30
Sajjad Hashemian
e3afb38427 fix empty base url (#1453) 2018-09-22 21:58:18 +02:00
David Sevilla Martín
26a5b107bd
Make user posts page similar to discussion page, add empty text 2018-09-22 14:02:14 -04:00
Franz Liedke
aa70441632
Fix installation command, part 2 2018-09-22 17:45:38 +02:00
David Sevilla Martín
0fb9aa3940 Align icons & text in SideNav and Dropdown (#1544) 2018-09-22 21:35:45 +09:30
flarum-bot
b6a60721e2 Bundled output for commit fe868af224 [skip ci] 2018-09-22 04:58:46 +00:00
Clark Winkelmann
fe868af224 Clean composer promises (#1439)
* Remove unused login promise code

* Make promise usage consistent across composer action methods
2018-09-22 14:25:19 +09:30
flarum-bot
0984979403 Bundled output for commit fcb97b256f [skip ci] 2018-09-22 04:19:52 +00:00
Toby Zerner
5dfb9b474c
Auth token and avatarUrl security improvements (#1514)
* Remove AbstractOAuth2Controller

There is no reason to provide an implementation for a specific oAuth2
library in core; it's not generic enough (eg. auth-twitter can't use it).

This code could be moved into another package which auth extensions
depend on, but it's a negligible amount of relatively simple code that
I don't think it's worth the trouble.

* Introduce login providers

Users can have many login providers (a combination of a provider name
and an identifier for that user, eg. their Facebook ID).

After retrieving user data from a provider (eg. Facebook), you pass the
login provider details into the Auth\ResponseFactory. If an associated
user is found, a response that logs them in will be returned. If not, a
registration token will be created so the user can proceed to sign up.
Once the token is fulfilled, the login provider will be associated with
the user.
2018-09-22 13:48:27 +09:30
Toby Zerner
fcb97b256f Add migration helper to drop columns 2018-09-22 13:45:41 +09:30
Toby Zerner
4429cf4eba
Merge pull request #1513 from flarum/tz/1419-restrict-own-permissions
Make "own" permissions depend on the user's ability to reply
2018-09-22 12:22:03 +09:30
Toby Zerner
c54f739484 Make "own" permissions depend on the user's ability to reply
Permission to rename/hide/edit one's own discussion/post is only granted
if the user has permission to reply to the discussion. This makes sense
if you think of these actions as forms of "replying" to a discussion.

Fixes #1419 because suspended users do not have permission to reply to
discussions, therefore they will not be granted these "own" permissions.
2018-09-22 12:15:46 +09:30
Franz Liedke
6c0d73afa0
Fix tests 2018-09-22 00:40:19 +02:00
Franz Liedke
1cd8ec6873
Display only exception messages during booting
By not letting PHP render the stack trace, we prevent displaying
sensitive information (such as the database credentials). Instead,
we display a simple line with the exception message.

In the console, the full exception can still be shown, as that is
a tool only for forum admins anyway.

Fixes #1421.
2018-09-21 23:33:28 +02:00
Franz Liedke
4ed1c7a1bb
Boot Flarum app in Server classes
This is in preparation for fixing #1421 - it allows us to
encapsulate the exception handling in the server classes, so that
we can keep the skeleton (flarum/flarum) lean.
2018-09-21 23:30:14 +02:00
Franz Liedke
c67f673819
Remove references to deleted property 2018-09-21 12:29:16 +02:00
flarum-bot
7917ce130e Bundled output for commit 2b174b17fc [skip ci] 2018-09-21 05:07:46 +00:00
Toby Zerner
2b174b17fc Fix tests 2018-09-21 14:32:41 +09:30
Toby Zerner
550d35e86f
Apply fixes from StyleCI (#1574)
[ci skip] [skip ci]
2018-09-21 14:28:02 +09:30
Toby Zerner
64686ef7a9 Remove the "debug" button from request error alerts
Using the browser's console to debug failed requests is much more powerful
2018-09-21 14:27:39 +09:30
Toby Zerner
5ce702a5d0 Make registration errors still work properly when debug mode is on 2018-09-21 14:18:17 +09:30
flarum-bot
fdf5fdbaf3 Bundled output for commit 184ffcd991 [skip ci] 2018-09-21 02:30:05 +00:00
Toby Zerner
184ffcd991 Sort user discussion list properly 2018-09-21 11:55:00 +09:30
flarum-bot
ba946237e4 Bundled output for commit 8ec0578ddf [skip ci] 2018-09-21 02:09:25 +00:00
Toby Zerner
8ec0578ddf Fix installation command 2018-09-21 11:32:46 +09:30
Toby Zerner
c34fcecf03 Update TextFormatter deprecated API 2018-09-21 11:23:24 +09:30
Toby Zerner
9e487b4e41 Live output of migrator notes 2018-09-21 11:22:51 +09:30
Toby Zerner
986d811a16 Fix notifications crash
When loading notifications, $this->type was null and thus array_get
was returning an array instead of null. I assume this issue was
introduced in a Laravel version upgrade? Anyway, this fixes it.
2018-09-21 11:22:26 +09:30
Toby Zerner
c32af6559e Fix group badge misalignment if there is no group icon 2018-09-21 11:20:54 +09:30
Toby Zerner
07298e165d Use default system font instead of Open Sans 2018-09-21 11:20:17 +09:30
Toby Zerner
c15bbc9c5e Add "tiny" preset for LoadingIndicator
This is used in various places but had not been added since presets were
removed from Spin.js in a recent version upgrade.
2018-09-21 11:19:32 +09:30
Toby Zerner
6c8c525e57 Fix regression introduced by #1543
The Page component's config method wasn't being called, therefore the
bodyClass would not be applied.
2018-09-21 11:17:54 +09:30
Toby Zerner
93dfb6dec9 Revert "Frontend extender: Remove route registration"
This reverts commit 4770a5c906.
2018-09-21 09:05:45 +09:30
Toby Zerner
750d9d05a6 Use container events as an alternative to the ConfigureMiddleware event (#1462)
By moving the DispatchRoute middleware into an `afterResolving`
callback, this will allow a new Middleware extender to add a `resolving`
callback to the appropriate container binding, removing the need for the
ConfigureMiddleware event.

The ConfigureMiddleware event has been deprecated and should be removed
in beta 9.
2018-09-16 21:21:13 +02:00