Commit Graph

73 Commits

Author SHA1 Message Date
Alexander Skvortsov
d64750b3eb
Rename viewDiscussions => viewForum, viewUserList => searchUsers (#2854)
This naming is clearer as to the intended effect. Changes include:

- A migration to rename all permissions
- Updating the seed migration to use the original naming from the start
- Replacing usage of the old names with new names in code
- Throwing warnings when the old names are used.
2021-05-11 15:15:27 -04:00
Alexander Skvortsov
d12d52918b Use latest version of settings package
This allows us to get rid of hacks for configuring settings and config
2021-05-03 01:35:46 -04:00
Alexander Skvortsov
eb4b18a979 Combine search tests
#b62debf031f1d3aec9cb5e92d9df54cb8ab3a3b1 and #b6f0b01307884b11388eff1ae2d814b7f57715aa
 both added/improved searching tests, but did so in separate files. As a result, the tests did not consider each other, and when both were merged, started failing. This commit combines the tests into one file that tests both order and search in titles.
2021-04-20 19:16:59 -04:00
Alexander Skvortsov
1f2411e15e
Fix searching titles in discussions (#2698)
* Fix searching titles in discussions

* Apply fixes from StyleCI

* Fix tests

* Distinct by discussion ID

* Replace distinct with groupBy

Co-authored-by: Alexander Skvortsov <askvortsov1@users.noreply.github.com>
2021-04-20 18:52:14 -04:00
Alexander Skvortsov
b6f0b01307
Fix relevance sort (#2773)
- Adds a field to QueryCriteria that determines whether the sort provided is the controller's default sort
- Set this field to true iff sort not in query params. Default it to false
- Override $sort if a new default sort has been set on search state, and the param is true.
- Add tests!
2021-04-11 22:21:56 -04:00
Alexander Skvortsov
908d087e00
Remove deprecated code from beta 16 (#2705) 2021-03-19 19:13:50 +01:00
Alexander Skvortsov
91e8b56961 Add deprecated "user" filter for posts
In the filterer refactor for ListPostsController, the filter key was changed to `author` for consistency with the AuthorFilterGambit used in discussions. This commit adds a deprecated `user` filter back in for a release to allow for a graceful transition
2021-03-08 16:20:26 -05:00
Alexander Skvortsov
2c3e1f9923
Use flarum/testing for test infrastructure (#2545) 2021-03-07 16:32:41 -05:00
Daniël Klabbers
84ded0ce50
Laravel components v8 (#2576)
- update actions ci
- include json for 4 spaces tab
- provide output int for process code exit
- adhere to parent type hint of builder
- mailer instance now needs a name, multiple can be instantiated
- getOriginal now uses mutators in the model
- Temporarily loosen MailableInterface requirements. This avoids an immediate BC break for classes in extensions that implement this interface.
- Temporarily provide (and autoload) old symfony translator interface
- make queue exception handler compatible with the contract of L8
- Update phpunit schema for newer version
- Update phpunit assert calls for newer version
2021-03-05 09:43:35 -05:00
Clark Winkelmann
08ba2599d7
Refactor Access Tokens (#2651)
- Make session token-based instead of user-based
- Clear current session access tokens on logout
- Introduce increment ID so we can show tokens to moderators in the future without exposing secrets
- Switch to type classes to manage the different token types. New implementation fixes #2075
- Drop ability to customize lifetime per-token
- Add developer access keys that don't expire. These must be created from the database for now
- Add title in preparation for the developer token UI
- Add IP and user agent logging
- Delete all non-remember tokens in migration
2021-03-04 16:50:38 -05:00
Blake Payne
8eef7230e9
Updated GroupFilterGambit to prevent hidden groups being visible wher… (#2657)
Updated GroupFilterGambit to prevent hidden groups being visible where they shouldn't be and to ensure that only the selected groups are returned on a search. Fixes #2559
2021-03-04 10:08:12 -05:00
Clark Winkelmann
6e01c47c11
Restrict who can use the lastSeenAt user sort (#2634) 2021-03-02 09:59:14 -05:00
Matt Kilgore
9627eb73f1
User edit permission tightening (#2620)
- Split user edit permision into edit attributes, edit credentials, and edit groups
- Only Admins can edit Admin Credentials
- Only Admins can Promote/Demote to/from Admin
2021-03-01 15:52:29 -05:00
Alexander Skvortsov
458a5cc6be
Use filterer for ListPostsController (#2479) 2021-02-28 14:06:07 -05:00
Alexander Skvortsov
023871ef86
Search Filter Split, Use Same Controller (#2454) 2021-02-24 11:17:40 -05:00
Robert Korulczyk
c4ebebe48e
Move locale files from language pack to core (#2408) 2021-02-17 16:23:13 -05:00
Daniël Klabbers
65b5c2043c
PHP 8 support, cookie unit tests (#2507) 2021-01-26 17:53:28 -05:00
Alexander Skvortsov
40b918e139 Remove deprecated API events 2021-01-23 16:48:22 -05:00
Alexander Skvortsov
e2335e867d Remove deprecated policy and visibility scoping events 2021-01-20 15:21:30 -05:00
Alexander Skvortsov
e5f277e640 Apply fixes from StyleCI
[ci skip] [skip ci]
2021-01-09 00:36:07 -05:00
Alexander Skvortsov
4bac667dfd Fix fulltext search tests
Under InnoDB, database entries created in transactions are not processed by fulltext indexes until the transaction is committed. To work around this, cases that test fulltext search have been split off into a separate class that adds and removes seed discussions/posts outside of transactions during setUp/tearDown.
2021-01-09 00:35:55 -05:00
Alexander Skvortsov
fd79a14cac Tests: Add missing instantiation of data 2021-01-09 00:35:55 -05:00
Alexander Skvortsov
c1aa1455d3 Tests: Comply with default permissions
Before transactions, each test class would need to explicitly state starting state for permissions, which made the initial permission configuration somewhat arbitrary. Now, we might as well use the initial state of the default installation.

One of the User show_test tests has been commented out until
2021-01-09 00:35:55 -05:00
Alexander Skvortsov
0a8816938a Add @inheritDoc to all setUp and tearDown methods 2021-01-09 00:35:55 -05:00
Franz Liedke
31765388c1 Tests: Stop using Eloquent models for seeding data 2021-01-07 17:34:13 -05:00
Franz Liedke
a08fd3e475 Tests: Rely on admin user, groups, permissions from test setup script 2021-01-07 17:34:06 -05:00
Franz Liedke
a47187462d Tests: DB tables no longer need to be truncated 2021-01-05 22:48:09 -05:00
Matt Kilgore
4679448300
Slug Driver Support (#2456)
- Support slug drivers for core's sluggable models, easily extends to other models
- Add automated testing for affected single-model API routes
- Fix nickname selection UI
- Serialize slugs as `slug` attribute
- Make min search length a constant
2020-12-07 13:33:42 -05:00
Alexander Skvortsov
1a5e4d454e
Move floodgate to middleware, add extender + integration tests (#2170) 2020-11-29 17:13:22 -05:00
Alexander Skvortsov
6d38de9c8f
Revert https://github.com/flarum/core/pull/1536 (#2305) 2020-09-24 11:30:27 -04:00
Franz Liedke
4866e7d9ba
Stop using app() helper in tests 2020-05-23 01:56:21 +02:00
Franz Liedke
a9470b463f Make two more tests compatible with PHPUnit 8 2020-05-07 09:18:04 +02:00
Alexander Skvortsov
6e8884f190
Implement hidden permission groups (#2129)
Only users that have the new `viewHiddenGroups` permissions will be able to see these groups.

You might want this when you want to give certain users special permissions, but don't want to make your authorization scheme public to regular users.

Co-authored-by: luceos <daniel+github@klabbers.email>
2020-04-21 17:49:53 +02:00
Franz Liedke
8c19ba1aaa
Add integration test for API root endpoint 2020-04-10 17:46:15 +02:00
Alexander Skvortsov
0d57820b50
Added CSRF Extender (#2095) 2020-04-03 21:32:18 +02:00
Franz Liedke
9ae8bcdffe
Make tests compatible with PHPUnit 8 2020-03-28 11:06:47 +01:00
Franz Liedke
6b3d634917
Convert last two controller tests to request tests 2020-03-27 13:39:38 +01:00
Franz Liedke
02e72f4b03
Rename API tests for more consistency
I could not come up with a noun for the new "UpdateTest" for users, so
this is easier in terms of consistency.
2020-03-27 13:22:27 +01:00
Franz Liedke
e3f1e69748
Convert more controller tests to request tests 2020-03-27 13:21:10 +01:00
Franz Liedke
b10a17529d
Convert more controller tests to request tests 2020-03-20 18:54:20 +01:00
Franz Liedke
f31fbc5bcf
Tests: Use new authenticatedAs option where useful
There are two more API integration tests that explicitly add the
"Authorization" header right now:

- `Flarum\Tests\integration\api\authentication\WithApiKeyTest`
- `Flarum\Tests\integration\api\csrf_protection\RequireCsrfTokenTest`

These two specifically test authentication, so in those cases the
explicitness seems desirable.
2020-03-20 18:28:35 +01:00
Franz Liedke
4413848c11 Apply fixes from StyleCI
[ci skip] [skip ci]
2020-03-06 13:55:39 +00:00
Clark Winkelmann
d5ebbab3a7
Rename dead is_activated references with the new is_email_confirmed (#1974) 2020-02-14 15:34:32 +01:00
Franz Liedke
76f7d566b2
Convert another test
Test the request, not a controller (implementation detail). This also
focuses on the observable behavior instead of hacking our way into the
middleware pipeline in order to observe internal behavior.

The authenticated user is now determined by looking at the API response
to compare permissions and (non-)existing JSON keys.
2020-01-22 23:39:41 +01:00
Matt Kilgore
d7a5a6ad14 Change Zend namespace to Laminas (#1963)
Also ensure backwards compatibility for extensions that use the Zend framework but don't explicitly require it.
2020-01-06 22:29:34 +01:00
Franz Liedke
d492579638 Apply fixes from StyleCI
[ci skip] [skip ci]
2019-11-28 00:16:50 +00:00
Daniel Klabbers
63b039a800 incorrect ability used, drop prefix discussion. 2019-11-22 08:17:02 +01:00
Daniel Klabbers
213045aa03 test only on the hidePosts policy ability 2019-11-22 08:17:02 +01:00
Daniël Klabbers
4adf342ce3 [review] using orWhere to allow any where to follow in extensions 2019-11-22 08:17:02 +01:00
Daniël Klabbers
b150636906 fixes #1827
- set default statement to block access
- added tests to confirm all scenarios work as intended
2019-11-22 08:17:02 +01:00