github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2024-12-05 00:43:39 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,078 Commits 85 Branches 50 Tags 181 MiB
3702ffa998
Commit Graph

890 Commits

Author SHA1 Message Date
Toby Zerner
6beb4fe898 Add external authenticator (social login) API 
Allows registrations to be completed with a pre-confirmed email address
and no password.
 2015-09-15 11:27:31 +09:30
Toby Zerner
cbcad27679 Improve installer validation 
Very rough, but works for now. The basic premise being that we need to
collect all user data before we proceed with installation.
 2015-09-14 18:13:24 +09:30
Toby Zerner
60323e0cf9 Bump version number 2015-09-14 16:32:31 +09:30
Toby Zerner
8cccaaaf6b Improve API error handling 
- Change 'path' key to 'source.pointer', as per spec
- Add 500 error detail if debug mode is on
 2015-09-14 15:40:07 +09:30
Toby Zerner
190aa925ac Set cookies to be HTTP only 2015-09-14 14:40:05 +09:30
Toby Zerner
60b19efe0a Password is not necessarily required 
e.g. on my LAMP setup, I sometimes use a MySQL account without a
password
 2015-09-14 14:39:18 +09:30
Franz Liedke
e7d7df3b0c Cleanup 2015-09-11 09:16:53 +02:00
Franz Liedke
3b5a01e603 Implement more validation in installer 2015-09-11 09:16:43 +02:00
Franz Liedke
902d01712b Remove pointless JSON-API action base class 
Cleanup related to #118.
 2015-09-09 09:04:49 +02:00
Franz Liedke
502a3787d5 Move remaining extension handling to middleware 2015-09-09 08:56:11 +02:00
Franz Liedke
b8ac49ffcc Move exception handling for Flarum exception classes to middleware 
Related to #118.
 2015-09-08 22:36:32 +02:00
Franz Liedke
4b4cea4d87 Implement interface to serialize exceptions to JSON-API format 
Related to #118
 2015-09-08 22:35:39 +02:00
Toby Zerner
8c4e095f23 Allow first post to be hidden/restored 
Anti-spam extensions may automatically hide the first post in a
discussion, and thus we had to implement smarter permissions so
discussions with zero posts wouldn't be visible to users other than the
author/mods. This change allows those hidden posts to be restored again.
 2015-09-07 16:03:45 +09:30
Toby Zerner
84012ca2fd Preliminary implementation of master API keys 
Part of #205
 2015-09-07 08:37:33 +09:30
Toby Zerner
6ee9412f35 Prevent invalid LESS from crashing application 
Failure is silent for now... The default LESS will compile without the
invalid customisations. Not sure if we should log an error somewhere
and display it on the admin page?

closes #400
 2015-09-04 22:33:26 +09:30
Toby Zerner
478ca90c31 Fallback to English if system-wide default_locale doesn't exist 2015-09-04 22:19:28 +09:30
Toby Zerner
1f8f79d272 Don't require database password confirmation 2015-09-04 21:45:52 +09:30
Franz Liedke
db8b9ed0c0 Installer: Fix password confirmation 2015-09-04 12:11:13 +02:00
Franz Liedke
a3d59977b3 Clean up code 2015-09-04 12:05:12 +02:00
Franz Liedke
211d2d25cd Merge pull request #413 from WinterSilence/patch-2 
Update RouteCollection::getPath
 2015-09-04 12:03:51 +02:00
Franz Liedke
42f1abacaf Ask for password confirmation in web installer, too 
Closes #405.
 2015-09-04 12:00:03 +02:00
Franz Liedke
b26c67dd3c Require password confirmation in console installer 
Refs #405.
 2015-09-04 11:57:11 +02:00
Toby Zerner
fc7fc41383 Prevent error when hiding/restoring a post with a deleted user 2015-09-04 13:51:13 +09:30
Toby Zerner
ece23de750 API: Add User::hasPermissionLike() and User::getPermissions() 2015-09-04 12:23:50 +09:30
Toby Zerner
4705600d47 Fix typehint 2015-09-04 12:23:27 +09:30
Toby Zerner
8423de754c Fix bad query in isVisibleTo 2015-09-04 12:23:17 +09:30
Toby Zerner
b597e6f8f6 Don't load a custom relation if the relation is already loaded 2015-09-04 12:22:49 +09:30
Toby Zerner
276334ec52 Improve some post/discussion permission logic 
- Allow users to see their own posts, even if they have been hidden by
someone else
- Don't require hiding a post to be necessarily attributed to a user
- Hide discussions with zero posts, unless the user can edit posts, or
they are the discussion author
 2015-09-04 12:22:27 +09:30
Toby Zerner
f0186d7674 API: Add typehints 2015-09-04 12:18:09 +09:30
Daniel Klabbers
0413daab74 call to $this-> assertValidPassword from static context 2015-09-04 00:00:24 +02:00
Franz Liedke
21dd516eaa Fix code style issues 2015-09-03 08:48:26 +02:00
Franz Liedke
3c9d851889 Check prerequisites in console installer, too 2015-09-03 08:42:16 +02:00
Franz Liedke
942db77416 Extract installation prerequisites into composable classes and use those in the web-based installer 2015-09-03 08:23:34 +02:00
Anton
04db806995 Update RouteCollection.php 2015-09-02 19:22:40 +03:00
Anton
f3bc7d1c23 Update RouteCollection::getPath 
This version work faster - old code create closure at every calling getPath
 2015-09-02 10:58:44 +03:00
Johann Rodríguez
e35bb9e400 Fix enable extension in EntensionManager 2015-09-01 12:09:11 +01:00
Franz Liedke
753a846e7a Check MySQL version when installing on console 
Related to #364.
 2015-09-01 08:02:07 +02:00
Franz Liedke
d3e57d77b4 Fix typehint 2015-09-01 07:49:06 +02:00
Toby Zerner
6e0bffe395 API: Add more locale registration APIs 2015-09-01 10:08:37 +09:30
Toby Zerner
eec4e97d65 Tidy up default extension metadata 2015-09-01 10:08:37 +09:30
Toby Zerner
6aafe54ee7 Fix potential error when discussion doesn't exist 
Not sure how this could be the case, but can't hurt to add the checks.
addresses #343
 2015-09-01 10:08:36 +09:30
Franz Liedke
4c34d0867d Add field for table prefix in web installer 
Related to #269.
 2015-08-31 09:10:27 +02:00
Toby Zerner
f2a3a0cb10 Require the PHP fileinfo extension 
It's required for the intervention/image package
 2015-08-31 15:29:20 +09:30
Toby Zerner
5b7527144c Permit trailing slashes in discussion/user URLs 
closes #334
 2015-08-31 14:43:42 +09:30
Toby Zerner
6c169499b5 Only migrate enabled extensions when upgrading 
Also remove the Extension::install() and Extension::uninstall()
methods, because they add nothing that can't be done with migrations.
 2015-08-31 14:35:52 +09:30
Toby Zerner
5e22458014 Installer: Prevent crash when views directory is not writable 
Use plain PHP templates instead of Blade templates so there is nothing
that needs to be written.

closes #376
 2015-08-31 14:25:16 +09:30
Toby Zerner
c72bdc8238 Fix Laravel 5.1 compat 
closes #307
 2015-08-31 14:07:11 +09:30
Toby Zerner
bcc16a3329 Add target="_blank" and rel="nofollow" to all formatted links 
closes #247
 2015-08-31 13:36:54 +09:30
Toby Zerner
f5517fbd88 Validate password length 
We can't do this using the ValidatesBeforeSave trait because the
password has been hashed by then. Instead, we must validate the
original password as it comes in.
 2015-08-31 12:38:15 +09:30
Toby Zerner
6a0e3fcf2d Validate post length to prevent truncation 
closes #235
 2015-08-31 12:36:19 +09:30
Toby Zerner
9f28b4e8dc Require extensions directory to be writable 2015-08-31 11:22:57 +09:30
Franz Liedke
1d1cc9e443 Fix asset URL generation 
This is important when Flarum is deployed in a subfolder.

Closes #291.
 2015-08-29 22:38:31 +02:00
Franz Liedke
f5d2d2ff79 Installer: Check for openssl extension 
Closes #296.
 2015-08-29 22:07:50 +02:00
Lorenz Bausch
a4fe6f3ce3 limit max title length to 80 characters 2015-08-29 11:26:18 +02:00
Lorenz Bausch
ae06b45bc1 remove executable flag from file 2015-08-29 11:23:05 +02:00
Toby Zerner
12d5e48b95 Add helpful hint on how to upgrade PHP 2015-08-29 14:44:55 +09:30
Toby Zerner
bb3c57f9a4 Fix default database name 2015-08-28 14:53:01 +09:30
Toby Zerner
d5074c5286 Use gd as the image driver 
Presumably gd is more common than imagick, and we already check for it
during installation.
 2015-08-28 05:41:25 +09:30
Toby Zerner
41019597d0 Require the PHP DOM extension 2015-08-28 05:30:27 +09:30
Toby Zerner
b689c9de3b Allow non-admins to reset their password 
The EditUser command requires the actor to have the "edit" permission,
which is only granted to admins. We don't want to allow users to change
their own password via the API, though. So instead of dispatching the
command, we'll just update the user's password directly in the action.
 2015-08-28 03:38:55 +09:30
Toby Zerner
baed659668 Fix reset password error 2015-08-28 02:16:28 +09:30
Toby Zerner
268b041da2 Fix incorrect chmod instruction 2015-08-27 21:51:36 +09:30
Toby Zerner
7d9527e5a0 Check to make sure directories are writable 2015-08-27 21:45:02 +09:30
Toby Zerner
a289884f7c Fix typo causing bundled extensions to not be enabled 2015-08-27 21:28:15 +09:30
Toby Zerner
822b31468a Check some more extension requirements 2015-08-27 20:37:20 +09:30
Toby Zerner
d050a7775f Don't enable the Pusher extension by default 2015-08-27 20:11:14 +09:30
Toby Zerner
5c5be89928 Check some requirements before installation 2015-08-27 20:11:06 +09:30
Toby Zerner
2820ae8ac7 User lighter default theme color 2015-08-27 10:51:14 +09:30
Toby Zerner
498aac5b76 Import admin "log out" translation 2015-08-27 10:50:57 +09:30
Toby Zerner
b0db7bf751 Polish admin dashboard 2015-08-27 10:50:15 +09:30
Franz Liedke
559110a83f Coding standards 2015-08-27 01:40:18 +02:00
Franz Liedke
c0030dc98a Revert PATH_INFO magic 2015-08-27 01:31:28 +02:00
Franz Liedke
3b2a0697e2 Fix config retrieval 2015-08-27 00:58:56 +02:00
Franz Liedke
9ec54ad892 Change base URL etc. in config.php file 2015-08-27 00:47:54 +02:00
Franz Liedke
49f20995b2 By default, don't rewrite API base URL 2015-08-26 23:43:33 +02:00
Franz Liedke
1e1f9e51ee Use path info for routing 2015-08-26 23:39:39 +02:00
Franz Liedke
d12106809f Extract method 2015-08-26 10:33:41 +02:00
Toby Zerner
b194f07a72 Redirect using configured base URL 2015-08-26 17:48:25 +09:30
Toby Zerner
3e804ca0b5 Delete config.php if installation fails 2015-08-26 17:46:49 +09:30
Toby Zerner
0b8aa5c124 Add header comment; PSR-2 fixes; remove seeders 2015-08-26 16:56:32 +09:30
Franz Liedke
dae8e617ae Cleanup small things in installer 2015-08-26 09:02:28 +02:00
Toby Zerner
8ec342f6cb Autoload the cached PHP renderer 2015-08-26 09:46:20 +09:30
Toby Zerner
b67ae4c8a3 Use PHP formatter rendering engine 
Removes dependency on XSLT extension
 2015-08-26 09:34:49 +09:30
Toby Zerner
b8fc0bc376 Make discussion slug URL parameter optional 2015-08-25 19:32:41 +09:30
Toby Zerner
3392d9fdcf Migrate extensions in upgrade script 2015-08-18 13:56:49 +09:30
Toby Zerner
71c7740086 Get generate:extension command working again 2015-08-18 13:56:25 +09:30
Toby Zerner
edccd10693 Only delete avatar if it exists 2015-08-17 16:06:51 +09:30
Toby Zerner
a32250884c Ensure posts are sorted correctly 2015-08-17 15:52:39 +09:30
Toby Zerner
2b812ab211 Use a relative path to locate migrations 2015-08-17 14:57:33 +09:30
Toby Zerner
ce91058ab1 Derive base URL from the original URI 2015-08-17 14:57:12 +09:30
Toby Zerner
fec6e39fe1 Fix PHP 5.5 compat 2015-08-17 14:56:39 +09:30
Toby Zerner
1052aa55ea Implement web installer 2015-08-17 14:12:02 +09:30
Toby Zerner
17dbeefabe Clean up 2015-08-17 14:11:45 +09:30
Toby Zerner
212880640d Support table custom table prefix 
Laravel automatically adds a table prefix to any table names, so we
need to wrap our aliased table in DB::raw.
 2015-08-14 12:51:30 +09:30
Toby Zerner
34d4a7ed89 Fix Laravel 5.1 compat 2015-08-14 12:50:32 +09:30
Toby Zerner
8065c980d4 Don't redirect to HTML-only mode if in debug mode 2015-08-14 12:50:15 +09:30
Toby Zerner
6cee3b7160 Automatically derive base_path from base_url 2015-08-14 12:50:00 +09:30
Toby Zerner
014bacb7ab Add ability to uninstall an extension 2015-08-14 12:48:29 +09:30
Toby Zerner
2edcbacccc Improve install command, add custom migrations system 
Implemented our own migration repository + migrator (based on Laravel's
stuff) so that we can keep track of which migrations have been run for
core and per-extension. That way we can simple call the migrator to
upgrade core/extensions, and to uninstall extensions.
 2015-08-14 12:47:59 +09:30
Toby Zerner
5bcf6ae630 Add Escaper plugin so that formatting can be escaped 2015-08-13 13:04:56 +09:30
Toby Zerner
58223b8a23 Don't allow empty post content 
Parsing the post content makes it non-empty (`<t></t>`), so we don't
parse it if it is empty. Also delete a created discussion if the first
post was invalid.

closes flarum/core#224
 2015-08-13 13:03:49 +09:30
Toby Zerner
9a0190e13a Allow post author to see their own deleted post 
closes flarum/core#225
 2015-08-13 13:02:13 +09:30
Toby Zerner
6dd6942e17 Fix avatar uploading permissions 
closes flarum/core#230
 2015-08-13 12:59:40 +09:30
Toby Zerner
9c7fab5d8c Support running in subdirectory with base_path config 2015-08-13 12:58:59 +09:30
Toby Zerner
aec83b295a Remove old files 2015-08-13 12:56:26 +09:30
Toby Zerner
6123773001 New listen API 
Event subscriptions now take place before *any* boot method is called.
This ensures that all event listeners are registered before things
happen – e.g. locales are registered before the translator is
instantiated in the Tags extension's boot method.
 2015-08-13 12:55:48 +09:30
Toby Zerner
acf27cebb1 Fix tobscure/json-api compat 2015-08-13 10:41:39 +09:30
Toby Zerner
8aafce5fd8 Fix Laravel 5.1 compat 2015-08-13 10:41:17 +09:30
Toby Zerner
46a69b6b7e Fix PHP 5.5 compat 
Might be better to opt for a getLayout method?
 2015-08-13 10:41:08 +09:30
Toby Zerner
47595ff9c4 Decouple from Laravel, implement translator 2015-08-12 18:33:39 +09:30
Toby Zerner
9f0358bb39 Update to Laravel 5.1 
Eloquent `lists()` now returns a collection
 2015-08-12 13:24:11 +09:30
Franz Liedke
25c5fb075f Redo installer 2015-08-12 01:42:39 +02:00
Franz Liedke
7b07e02e75 Use dependency injection in migrations 2015-08-12 01:29:40 +02:00
Toby Zerner
4e01aa10d8 Flush client assets when custom LESS is updated 2015-08-06 16:17:05 +09:30
Toby Zerner
3aebd458b0 Make sure access/email/password tokens are valid 2015-08-06 15:04:38 +09:30
Toby Zerner
2553f4f0a3 Throw an exception if discussion not found 
closes flarum/core#208
 2015-08-06 13:59:09 +09:30
Toby Zerner
edddeeb553 Make some changes to facilitate updates to mentions extension 2015-08-06 13:16:53 +09:30
Toby Zerner
fa5c7cb123 Build very rough HTML-only content 
And redirect to the "no JS" mode if the JS app crashes on boot.

ClientView/ClientAction is all a bit of a mess and will need to be
radically cleaned up at some point...
 2015-08-06 12:21:11 +09:30
Toby Zerner
80e13ae289 Implement default route config setting 2015-08-06 12:18:59 +09:30
Toby Zerner
c361c97394 Enforce discussion renaming/deleting/post editing timed permissions 2015-08-05 19:21:33 +09:30
Toby Zerner
4c06e78b57 Allow/disallow signup per config 2015-08-05 18:19:26 +09:30
Toby Zerner
023eff95e3 Let users see themselves even if they can't see the forum 2015-08-05 18:12:09 +09:30
Toby Zerner
ff8dc5ef25 Enforce forum.view permission 2015-08-05 18:08:31 +09:30
Toby Zerner
ca8fee4685 Let users see their own email/activation status 2015-08-05 16:07:22 +09:30
Toby Zerner
42e382045a API: Add event for determining user groups for permissions 2015-08-05 16:06:55 +09:30
Toby Zerner
57e37e06ef Disable "start discussion" button if no permission 2015-08-05 16:06:25 +09:30
Toby Zerner
f42c3cd1ed Allow admins to delete users 2015-08-05 12:08:28 +09:30
Toby Zerner
1679f1e27b Implement edit user modal 
EditUserHandler is a bit rough
 2015-08-05 11:49:37 +09:30
Toby Zerner
f49d0e5341 Allow locale to be selected in footer 2015-08-05 09:50:57 +09:30
Toby Zerner
48df9bb678 Fix syntax error 2015-08-04 21:50:44 +09:30
Toby Zerner
187517a9c7 Remove ability for users to delete themselves 2015-08-04 21:35:41 +09:30
Toby Zerner
5fa7a8c555 Add the parsedBody to API request input 2015-08-04 21:22:40 +09:30
Franz Liedke
eee34598f1 Include editUser relationship when editing posts. 
Closes flarum/core#214. Hopefully. :)
 2015-08-04 13:15:56 +02:00
Toby Zerner
e091b037f3 Radically simplify user activity system 
The activity system we were using was built around a separate table.
Whenever the user posted something, or deleted a post, we would sync
the table. The advantage of this was that we could aggregate activity
of all different types very efficiently.

It turns out that it came with a huge disadvantage: there was no
efficient way to enforce permissions on activity. If a user posted
something in a private tag, everyone could still see it on their
activity feed. My stopgap solution was to only sync activity for posts
that are viewable by guests, but that was way too limited.

It also turns out that aggregating activity of different types is
really not that useful, especially considering most of it is the user
making posts. So I've gotten rid of that whole overly-complicated
system, and just made the user profile display separate lists of posts
and discussions, retrieved from those respective APIs. The discussions
page is an actual discussion list too, which is pretty cool.

It's still technically possible to aggregate different activity types
(basically just aggregate API responses together), but we can do that
later if there's a need for it.

This is probably my favourite commit of the day :)
 2015-08-04 18:44:22 +09:30
Toby Zerner
a2c3c4e51b Only add posted activity if the post is visible publicly 
This is very restrictive behaviour and we'll probably need to think of
something a bit more powerful in the future. But it's a good stopgap.
 2015-08-04 17:47:46 +09:30
Toby Zerner
667fe56947 Use morphTo instead of mappedMorphTo 
Turns out we don't need MappedMorphTo after all.
 2015-08-04 17:33:58 +09:30
Toby Zerner
556b93e367 Add admin client JS/LESS to extension stub 2015-08-04 17:18:45 +09:30
Toby Zerner
9700fbbb0b Add API to add translations to admin client 
Again, I'll split up these APIs soon enough
 2015-08-04 17:16:34 +09:30
Toby Zerner
7ed3834dc9 Include discussion last user relationship in response after creating post 2015-08-04 17:15:57 +09:30
Toby Zerner
5b3484d3c8 Improve error handling somewhat 
- Fix composer crashing/not showing alert on error
- Make a general ValidationException which takes an array of field ⇒
messages to be outputted nicely by the API
 2015-08-04 13:03:46 +09:30
Toby Zerner
2e4d38b3e7 Move config/permission actions to API; clean up cache flushing 2015-08-04 10:40:04 +09:30
Toby Zerner
83e8503df1 Rough implementation of appearance settings 2015-08-03 14:35:51 +09:30
Toby Zerner
70901b1420 Rough extension management implementation 2015-08-03 12:03:30 +09:30
Toby Zerner
66ee6e57ee Convert permission IDs into strings 2015-08-02 18:02:35 +09:30
Toby Zerner
025d8f691d Add API methods to add POST/DELETE routes to the API 2015-08-02 17:26:30 +09:30
Toby Zerner
6f09ba6591 Clean up 2015-07-31 20:17:17 +09:30
Toby Zerner
fde7afd3e2 Finish admin permissions page and clean up everything 2015-07-31 20:16:47 +09:30
Toby Zerner
5706c71c86 Convert email/password token date fields 2015-07-31 20:14:19 +09:30
Toby Zerner
ba41c5313a Allow for the addition of admin assets 
I think the `BuildClientView` event should ultimately be split into two
separate events for the forum/admin clients, but this is fine for now.
 2015-07-31 20:13:13 +09:30
Toby Zerner
4e0cfdc1b2 Allow for the addition of new API endpoints 2015-07-31 20:11:44 +09:30
Toby Zerner
cea8e7f567 Add group management actions to API 2015-07-31 20:10:49 +09:30
Toby Zerner
6641af3ac3 Refactor some model stuff out into traits 2015-07-31 20:09:31 +09:30
Toby Zerner
e204794b91 Allow custom variables to be set on the client app 2015-07-31 20:08:27 +09:30
Toby Zerner
513d896f51 Fix more aspects of the password reset process 2015-07-31 14:13:35 +09:30
Toby Zerner
8db17b3fb8 Fix password saving 2015-07-31 14:00:42 +09:30
Toby Zerner
42fd8e26c1 Begin implementing permissions page 2015-07-29 21:00:27 +09:30
Toby Zerner
f96cac6057 Implement basic settings page 2015-07-29 21:00:09 +09:30
Toby Zerner
e863bd53d3 Get admin area working again 2015-07-29 20:58:22 +09:30
Toby Zerner
d8d9cac7c3 Enable caching of minified formatter JS 2015-07-29 20:54:48 +09:30
Toby Zerner
97334bea12 Don't display notifications with deleted subjects 2015-07-28 17:15:09 +09:30
Toby Zerner
8f29949016 Fix email confirmation 2015-07-28 17:14:08 +09:30
Toby Zerner
02944548a1 Clean up 2015-07-28 15:35:03 +09:30
Toby Zerner
697cb2ed63 Supporting routing of URL with nothing after the discussion ID 
closes flarum/core#181
 2015-07-28 13:46:43 +09:30
Toby Zerner
8c18ff3349 Tweak TextFormatter JS settings 2015-07-28 12:44:58 +09:30
Toby Zerner
62a01c69a9 Make sure sort key exists 2015-07-28 12:27:59 +09:30
Toby Zerner
3489791932 Allow customisation of the client layout 2015-07-27 14:45:35 +09:30
Toby Zerner
153a5b7ce4 PERF: avoid reinstantiation of event subscribers 2015-07-27 11:53:47 +09:30
Toby Zerner
c0d57fd399 PERF: further simplify User::hasPermission() 2015-07-27 11:20:18 +09:30
Toby Zerner
07b4a5125f PERF: cache the results of User::hasPermssion() 2015-07-27 11:17:21 +09:30
Toby Zerner
b04e7f96c8 Cache model dates 2015-07-27 10:59:24 +09:30
Toby Zerner
e5e737eca4 Update LESS variable names 2015-07-24 10:03:11 +09:30
Toby Zerner
ae3bbc1700 Replace duplicate tags instead of erroring 2015-07-23 20:29:39 +09:30
Toby Zerner
c1b12c7fc9 Extract emoticons, BBCode, and Markdown into extensions 2015-07-23 20:24:41 +09:30
Toby Zerner
cb3004b6de Various fixes to extension generator/stub 2015-07-23 20:24:28 +09:30
Toby Zerner
c8e6fbc338 Pass correct param to notification email views 2015-07-23 16:39:56 +09:30
Toby Zerner
8c6e87760c Docblock cleanup 2015-07-23 14:35:17 +09:30
Toby Zerner
53326e509c Number is a filter, not page param 2015-07-23 14:34:19 +09:30
Toby Zerner
5b54a122c9 Notification one-per-user limit should work between instances 2015-07-23 14:33:58 +09:30
Toby Zerner
6d57f902b3 Ensure we don't preload index data on non-index pages 2015-07-23 14:33:31 +09:30
Toby Zerner
b699bbadbc Make formatter extensible 2015-07-23 14:29:33 +09:30
Toby Zerner
34b7a2fbf6 Move locale files 2015-07-22 16:05:24 +09:30
Toby Zerner
8442f65cdf Fix post visibility scoping 2015-07-22 16:05:11 +09:30
Toby Zerner
017c258e46 Live preview of post editing/replying thanks to TextFormatter 👏 2015-07-22 16:05:00 +09:30
Toby Zerner
a0fe68272c Implement TextFormatter for posts 
Get rid of formatting on user bios, we'll do that with JavaScript
 2015-07-22 16:03:48 +09:30
Toby Zerner
6c50f1614b Group assets by client in extension stub 2015-07-22 10:12:11 +09:30
Toby Zerner
4fb292a777 Always use default includes when preloading discussion list 
Making them explicit causes problems when extensions want to include
something by default (e.g. tags)
 2015-07-22 10:11:23 +09:30
Toby Zerner
57f55c2dd6 Improve forum route registration API 2015-07-22 10:04:22 +09:30
Toby Zerner
c697c734d5 Don't run gambits if there's no search query 2015-07-22 09:57:52 +09:30
Toby Zerner
e1a51f095f Random cleanup 2015-07-22 09:57:25 +09:30
Toby Zerner
d410746c51 Fix new notifications on old subjects not appearing 2015-07-20 18:20:34 +09:30
Toby Zerner
c287d40072 Fix incorrect variable name 2015-07-20 18:10:11 +09:30
Toby Zerner
3820b8c65f Fix incorrect member visibility on event 2015-07-20 18:10:04 +09:30
Toby Zerner
605c56ce3c Update extension generator 2015-07-20 18:08:50 +09:30
Toby Zerner
6b7cf1b6bf Rework extension bootstrapping 
System JS modules don't execute when they're registered, so we need to
import them explicitly. While we're at it, we may as well make the
locale bootstrapper a module too.
 2015-07-20 18:08:28 +09:30
Toby Zerner
19fe138770 Change order of bootstrapping 
See commit on flarum/flarum for explanation
 2015-07-20 18:01:08 +09:30
Toby Zerner
57650fa648 Rework public API based on events 2015-07-18 22:59:47 +09:30
Toby Zerner
6ae270db95 Remove duplicates; replace missing commas 2015-07-17 17:47:53 +09:30
Toby Zerner
f93ff7cb3f Make front-end localizable 2015-07-17 17:43:28 +09:30
Toby Zerner
ea29bd42d8 Merge remote-tracking branch 'origin/master' 2015-07-17 15:05:03 +09:30
Toby Zerner
bc750c8694 Fix login action 2015-07-17 14:48:24 +09:30
Toby Zerner
e3bfa8e404 Fix notifications 2015-07-17 14:48:20 +09:30
Toby Zerner
6fa4d25a5b Fix forgot password action 2015-07-17 14:48:06 +09:30
Franz Liedke
fab9bdb0ef Remove unused import 2015-07-16 00:44:02 +02:00
Franz Liedke
48c5574c66 Try to fix some namespace imports 2015-07-16 00:43:49 +02:00
Franz Liedke
9af1519864 Rename import command 2015-07-16 00:38:27 +02:00
Franz Liedke
6b3a86dd87 Move extension loading to boot method 
This will likely have to be reverted, to make things like $this->app->extend() work
reasonably well in extensions' service providers.

For now, since we fetch the enabled extensions from the config, there is no other way
for us to guarantee that the config is already available.
 2015-07-16 00:36:14 +02:00
Franz Liedke
c2bf0b6b3a Inject SettingsRepository where possible 2015-07-16 00:32:50 +02:00
Franz Liedke
31e9f44dfb Rename caching setting repository implementation 
I'm foreseeing another implementation that uses real caching (across requests).
 2015-07-16 00:10:52 +02:00
Franz Liedke
6a7889934c Register database and cache implementations as binding for the settings repository 2015-07-15 23:54:56 +02:00
Franz Liedke
ba3fa73f16 Build a caching repository decorator for settings 2015-07-15 23:22:25 +02:00
Franz Liedke
8e9cf4fd2e Move settings repositories to own namespace 
Also add a third method to the contract. This will help with building a caching decorator.
 2015-07-15 23:16:57 +02:00
Toby Zerner
88b754ee8d Don't include deleted notifications in the unread count 2015-07-15 14:01:11 +09:30
Toby Zerner
0bb00e4eb2 Fix broken user activity syncer 2015-07-15 14:01:11 +09:30
Toby Zerner
ab6c03c0cc Massive JavaScript cleanup 
- Use JSX for templates
- Docblock/comment everything
- Mostly passes ESLint (still some work to do)
- Lots of renaming, refactoring, etc.

CSS hasn't been updated yet.
 2015-07-15 14:01:11 +09:30
Toby Zerner
42f1fa1272 Improve fulltext search API and interface 2015-07-07 20:35:18 +09:30
Toby Zerner
38c2ff0306 Finish client action refactoring. closes flarum/core#126 2015-07-07 19:23:13 +09:30
Toby Zerner
8a54b362c7 Add todos to document magic properties on models 2015-07-07 19:20:18 +09:30
Toby Zerner
54daad6e7d CSRF protection on logout action 2015-07-07 15:30:13 +09:30
Toby Zerner
99876e9e36 Initial refactor of client actions, data preloading, SEO 
An initial stab at flarum/core#126. Still WIP. Preliminary
implementation of flarum/core#128 and flarum/core#13.
 2015-07-07 15:29:21 +09:30
Toby Zerner
5fe88e448e Improve post stream 
- Return all discussion post IDs from API requests which add/remove
posts, so the post stream updates appropriately. Related to #146
- Always unload posts that are two pages away, no matter how fast
you’re scrolling
- Retrieve posts from cache instead of reloading them
- Fix various bugs. Maybe #152, needs confirmation
 2015-07-06 16:26:27 +09:30
Toby Zerner
01ec661c3f PSR-2 fixes 2015-07-05 21:46:57 +09:30
Toby Zerner
873088750f Remove Interface suffix from some classes 2015-07-05 12:30:23 +09:30
Toby Zerner
2cc619a998 Remove todo 2015-07-05 12:25:51 +09:30
Toby Zerner
53e269fd89 Extract model validation into a trait 
Also use Laravel’s ValidationException rather than our own custom one
 2015-07-05 12:25:08 +09:30
Toby Zerner
04501545e3 Move Group to its own namespace 
We’ll need to add commands etc. for group management in the future
 2015-07-04 19:30:58 +09:30
Toby Zerner
81170980e0 Don't error if trying to serialise a non-existent relationship 2015-07-04 18:39:43 +09:30
Toby Zerner
86811c6508 Get rid of Repository interfaces 2015-07-04 18:38:59 +09:30
Toby Zerner
f7b6d8a568 Merge 2015-07-04 12:28:50 +09:30
Toby Zerner
336c05e77a Clean up 
Goddammit GitHub for Mac
 2015-07-04 12:25:21 +09:30
Toby Zerner
a74b40fe47 Massive refactor 
- Use contextual namespaces within Flarum\Core
- Clean up and docblock everything
- Refactor Activity/Notification blueprint stuff
- Refactor Formatter stuff
- Refactor Search stuff
- Upgrade to JSON-API 1.0
- Removed “addedPosts” and “removedPosts” relationships from discussion
API. This was used for adding/removing event posts after renaming a
discussion etc. Instead we should make an additional request to get all
new posts

Todo:
- Fix Extenders and extensions
- Get rid of repository interfaces
- Fix other bugs I’ve inevitably introduced
 2015-07-04 12:24:48 +09:30
Franz Liedke
126039850a Some things should not be run when Flarum is not installed yet 2015-07-02 23:14:25 +02:00
Franz Liedke
12dd550a14 Add settings repository interface and database implementation. 
Almost done with flarum/core#121 now.
 2015-07-01 23:08:26 +02:00
Franz Liedke
03fd4a5aba Read debug mode from config 2015-07-01 22:49:38 +02:00
Franz Liedke
1e04a20220 Fix login 
We cannot write to an empty response.
 2015-07-01 22:45:14 +02:00
Franz Liedke
ccbebce93b Get rid of JsonApiResponse class 
With the JSON-API library being updated, we can just make use of
Diactoros' JSON response class.
 2015-07-01 20:58:14 +02:00
Toby Zerner
c1e7c00e2d Clean up some relation stuff 2015-07-01 22:35:56 +09:30
Toby Zerner
56932604db Refactor CoreServiceProvider 
A good start I think, but still some work to do. If we go ahead with
https://github.com/flarum/core/issues/132#issuecomment-117507974 (which
I am in favour of), we can extract the entity-related stuff into some
smaller service providers (e.g. discussion repo, an event listener,
permissions, and gambits stuff could all go in
Flarum\Core\Discussions\DiscussionsServiceProvider).
 2015-07-01 22:34:11 +09:30
Toby Zerner
d414ee33ed Make traits more generic 
Type hinting User should take place in the callbacks. Theoretically
these traits could be used for another project now, where something
else has permissions (like a Sheep class, or a number)
 2015-07-01 16:49:40 +09:30
Toby Zerner
810f79ee77 Cleanup, fix static date property error 2015-07-01 16:47:07 +09:30
Toby Zerner
d44b101373 Clean up merging stuff 2015-07-01 16:31:06 +09:30
Toby Zerner
3f32236379 API: allow date attributes to be added 2015-07-01 15:11:57 +09:30
Toby Zerner
c1595af84f Add todo about model validation 2015-07-01 13:35:27 +09:30
Toby Zerner
eafdd415ef Clean up model custom relation functionality 2015-07-01 13:22:09 +09:30
Toby Zerner
094825792a Clean up activity model 2015-07-01 13:19:24 +09:30
Franz Liedke
6e7cb1ff0e Some fixes to get along with the new bootstrapping 2015-06-30 23:29:52 +02:00
Franz Liedke
31effe943e Implement Android theme color support 
As requested in the forums.
http://updates.html5rocks.com/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
 2015-06-26 23:11:13 +02:00
Franz Liedke
074f8087fa Update FastRoute 
This enables optional route parameters.

Required some code changes in the RouteCollection class; once we
actually use optional route parameters, we will have to see whether
route generation for those works as expected.

Closes flarum/core#108
 2015-06-26 23:09:58 +02:00
Franz Liedke
391c510f90 Upgrade Zend Diactoros to 1.1 
This gives us a bunch of handy helper classes for empty responses,
redirects, HTML and JSON content types.

Closes flarum/core#153
 2015-06-26 22:38:43 +02:00
Toby Zerner
558d12c870 Search API tweaks 
Rename some methods, include a mechanism for gambit negation.
Also always include the relevant posts in results. closes
flarum/core#111
 2015-06-26 12:20:43 +09:30
Toby Zerner
bdd7e43e5a Notification API tweaks 2015-06-26 12:18:53 +09:30
Toby Zerner
e829788b63 Update start_post_id when starting a discussion 2015-06-25 09:48:28 +09:30
Toby Zerner
7c0accf14f Be more specific as to when we require edit permission 
Since we update per-user data (e.g. isLiked) through this command’s
event
 2015-06-25 08:38:18 +09:30
Toby Zerner
4c8a60ed7a Make sure discussion post IDs are ordered correctly 2015-06-24 18:57:07 +09:30
Toby Zerner
e466dcc626 Significantly improve mobile UX 
Most of #137 done.

- Use FastClick to make everything feel more responsive
- Use transforms for animations to make them silky smooth
- Style the drawer the same as the header to keep things simple
- Revert to fixed composer, but allow it to be minimised
- Add a separate notifications page for mobile so it’s easy to go back
- Add indicator to the menu button when there are unread notifications
- Close the drawer when navigating away
- Make dropdowns/modals scrollable
- Many other mobile tweaks and bug fixes

Didn’t take much care to keep CSS clean, due to #103
 2015-06-24 11:44:53 +09:30
Toby Zerner
b4dcc02520 Give author permission to delete discussion if there are no replies 
Forgot to commit this part in 64e5d50533
:3
 2015-06-24 09:13:54 +09:30
Toby Zerner
1c6ac80d01 Yo dawg I heard you like APIs so I put an API in your API so you can API while you API 2015-06-23 10:38:17 +09:30
Toby Zerner
64e5d50533 Allow author to delete discussion if there are no replies 
Also disallow the first post in a discussion to be deleted or hidden
(thus preventing discussions with zero posts)

closes flarum/core#90 closes flarum/core#92
 2015-06-23 10:34:33 +09:30
Toby Zerner
3a7efe202e Gracefully handle discussions with no posts 
Although this should never happen
 2015-06-23 10:30:06 +09:30
Franz Liedke
bc2142db51 Implement middleware for presenting pretty error pages 2015-06-20 22:39:33 +02:00
Franz Liedke
74536d7162 Add method for checking debug mode 2015-06-20 20:38:44 +02:00
Franz Liedke
efccf8bb7d Rename console commands 2015-06-20 20:09:47 +02:00
Franz Liedke
626daa9f38 Implement middleware for handling errors according to JSON API spec 2015-06-20 19:45:32 +02:00
Franz Liedke
e8bd58ec07 Clean up 2015-06-20 18:21:26 +02:00
Toby Zerner
479a09a41f Fix incorrect login after confirming token 2015-06-19 19:25:47 +09:30
Toby Zerner
5d5bbb9832 Cleanup 2015-06-19 17:19:13 +09:30
Toby Zerner
80a11ccc86 Fix newly-created event posts being undeletable 2015-06-19 17:19:09 +09:30
Toby Zerner
190c7a6741 Update avatar uploading code for psr-7 
Not sure if a tmp file is the best way, but it works
 2015-06-19 16:26:16 +09:30
Toby Zerner
473963087b Default to 404 code for RouteNotFoundException 
Just want to get Stratigility’s FinalHandler showing something more apt
than “Internal server error”
 2015-06-19 15:29:27 +09:30
Toby Zerner
d4ee1d87a5 Generate a new revision string when files change 2015-06-19 14:44:42 +09:30
Toby Zerner
22f91bb7e4 Add model validation messages 2015-06-19 11:43:49 +09:30
Toby Zerner
d90a8142a1 Get signup working again 2015-06-19 11:43:36 +09:30
Toby Zerner
d14716fa4d Get login/forgot password working again 2015-06-19 11:19:49 +09:30
Toby Zerner
96a2c0eb78 Run discussion events after first post is created 2015-06-19 09:07:39 +09:30
Toby Zerner
137f55317b Add API to add routes 2015-06-18 17:43:41 +09:30
Toby Zerner
555bb18acd Clean up some old code 2015-06-18 17:43:16 +09:30
Toby Zerner
822a216cc9 Roughly implement routes and data preloading 
Only preloading data for basic requests w/o query params, at least for
the moment - if we have to preload for something like
/?q=test&sort=newest, we end up having to duplicate a whole lot of
logic between JS/PHP.
 2015-06-18 17:41:37 +09:30
Toby Zerner
6db3bd9178 Refactor some APIs 2015-06-18 12:45:14 +09:30
Toby Zerner
f2888ee65f Cache permissions per user ID 2015-06-18 12:44:13 +09:30
Toby Zerner
a7e02ca890 Fix permission check in UserSearcher 2015-06-18 12:43:20 +09:30
Toby Zerner
b7617fa5d3 Get rid of total count from UserSearcher 
Same reasoning as 64e6b7d26c
 2015-06-18 12:42:56 +09:30
Toby Zerner
11b740c768 Make sure user activity is synced when whole discussions are deleted 
We need to fire the PostWasDeleted event for every post when a
discussion is deleted. This means deleting big discussions will be an
intensive process, but that’s OK because it’s very rare.
 2015-06-18 12:41:00 +09:30
Toby Zerner
9cb257e11d Update core permissions stuff 2015-06-18 12:38:24 +09:30
Toby Zerner
1dd46526a8 Merge query params into request input as well 2015-06-18 12:24:51 +09:30
Toby Zerner
7bf1fad9d6 Fix fatal error on delete actions 2015-06-18 12:24:31 +09:30
Toby Zerner
4792a47265 Define static properties on SerializeAction subclasses 
Explained in d1e7453ffd.

If we ever come up with a better way of doing this it should be easy to
change over, since modification of these properties by extensions is
abstracted by an Extend API.
 2015-06-18 12:24:18 +09:30
Toby Zerner
64b87f55c5 Revert "Prefix API routes for now" 
This reverts commit f669b95fd1.
 2015-06-17 18:14:41 +09:30
Toby Zerner
25d375cad4 Back to rewritten URLs 2015-06-17 17:58:43 +09:30
Toby Zerner
f669b95fd1 Prefix API routes for now 2015-06-17 17:48:50 +09:30
Toby Zerner
7596dec7b9 Comply to new interface 2015-06-17 12:48:10 +09:30
Toby Zerner
61bea371ab Use UrlGenerator to get avatar URL 2015-06-17 12:48:01 +09:30
Toby Zerner
b91ca93e09 Fix LoginWithCookie middleware being ineffective 
Flarum\Support\Actor needs to be a singleton. There is a comment in
LoginWithHeader - is there a better approach to the whole Actor thing?
 2015-06-17 12:47:49 +09:30
Toby Zerner
00cb2f2e55 Change event so that data can be modified before it is serialized 2015-06-17 12:46:50 +09:30
Franz Liedke
708782637e Change config values to match new base URLs 2015-06-17 02:37:06 +02:00
Franz Liedke
e8aff5bc95 Make sure generated usernames cannot break validation 2015-06-17 02:36:51 +02:00
Franz Liedke
ce34d922d7 Fix merge conflict 2015-06-17 01:27:44 +02:00
Franz Liedke
29c7bf1b42 Remove debug statement 2015-06-17 00:53:03 +02:00
Franz Liedke
1cbc60ca41 Merge branch 'master' into psr-7 
Conflicts:
	src/Api/Actions/Discussions/IndexAction.php
	src/Api/Actions/SerializeAction.php
	src/Core/Formatter/FormatterManager.php
	src/Extend/ForumAssets.php
	src/Forum/Actions/IndexAction.php
	src/Forum/ForumServiceProvider.php
 2015-06-17 00:52:50 +02:00
Franz Liedke
ffb28838b5 Add TODO message 2015-06-17 00:18:16 +02:00
Franz Liedke
33d663bc8e Revamp routing 
All routes are now stored in a RouteCollection, which is then used
for dispatching by the (reusable) RouterMiddleware.

This change also entails moving all routes to the service providers.
This may be changed again later, and is done for convenience reasons
right now.
 2015-06-17 00:16:35 +02:00
Toby Zerner
d1e7453ffd Override static property 
@franzliedke I didn’t realise that static properties are static to the
class they are defined on, and not each individual subclass. All of the
static members of the SerializeAction class (which are intended for
extensions to alter per-action) are being inherited by all actions.

Any ideas on how to work around this other than defining every static
member on each individual subclass?
 2015-06-16 21:55:59 +09:30
Toby Zerner
4b4ff1e7fd Add API to add a link to an action 2015-06-16 17:39:47 +09:30
Toby Zerner
f0df751465 Overhaul permissions 
Get rid of Permissible - too complex and inefficient. Replace with:
- a “Locked” trait which works similarly but only evaluates logic on
hydrated models.
- a “VisibleScope” trait which also works similarly but only scopes
queries

This is all we need, Permissible is overkill. There is only one
instance where we have to duplicate some logic
(Discussion::scopeVisiblePosts and Post::allow(‘view’, …)) but it’s
barely anything.

Haven’t decoupled for now, we can definitely look at doing that later.

Permissions table seeder slightly updated.

Also did a bit of a query audit, there’s still a lot to be done but
it’s much better than it was. Some relatively low-hanging fruit
detailed in EloquentPostRepository.
 2015-06-16 17:33:56 +09:30
Toby Zerner
be2d0ac682 Add WillRespond event 
So that custom data can be loaded onto a model before it is serialized.
(Tags extension uses this to load tags onto the forum model.)
 2015-06-16 17:22:15 +09:30
Toby Zerner
c20a5bb793 Static relationship collections need to be initialised on subclasses 
Will probably make this whole “custom relationships” thing a trait
instead of being on the base class
 2015-06-16 17:21:04 +09:30
Toby Zerner
963078b375 Cache user permissions between calls 2015-06-16 17:18:02 +09:30
Toby Zerner
9ac1f53244 Add todo about query optimization 2015-06-16 16:59:48 +09:30
Toby Zerner
64e6b7d26c Remove total results from discussion searching 
It’s too inefficient (requires a whole table scan) to do a query like:
select count(*) from discussions where [conditions determining
visibility]
 2015-06-16 16:58:10 +09:30
Toby Zerner
c1e3820480 Add a serializer and API action to get information about the forum 2015-06-15 12:18:20 +09:30
Toby Zerner
823027b839 Prefer passing an array to ServiceProvider::extend 2015-06-15 08:59:33 +09:30
Toby Zerner
9997c5d7a3 Update permissions 2015-06-12 16:41:46 +09:30
Toby Zerner
8cebb4d8e6 API: Reorder Extend\Relationship arguments 2015-06-11 18:42:49 +09:30
Toby Zerner
48e33591c9 Add newline in-between JS files, in case last line is a comment 2015-06-11 18:42:26 +09:30
Toby Zerner
8b162344cd Lay the groundwork for translation & refactor asset compilation 
Ditched the idea of having language packs as extensions. Reasoning:

1. Because we use machine keys for translations (rather than English
keys), extensions need to be able to define default translations. If
English translations are to be included in extensions and not in a
language pack extension, then it doesn’t make sense to have other
languages as language pack extensions. Inconsistency → complexity.

2. Translations should maintain version parity with their respective
extensions. There’s no way to do this if extension translations are
external to the extension.

Instead, localisation will be a core effort, as well as a per-extension
effort. Translators will be encouraged to send PRs to core + extensions.

In core, each locale has a directory containing three files:
- translations.yml
- config.js: contains pluralisation logic for the JS app, as well as
moment.js localisation if necessary
- config.php: contains pluralisation logic for the PHP app

Extensions can use the Flarum\Extend\Locale extender to add/override
translations/config to a locale.

Asset compilation has been completely refactored with a better
architecture. Translations + config.js are compiled and cached for the
currently active locale.
 2015-06-10 14:23:56 +09:30
Franz Liedke
b65d18ee7f Use singleton method 2015-06-09 02:51:20 +02:00
Franz Liedke
d1cd4b174b Remove last remaining usage of DB facade 2015-06-09 02:40:02 +02:00
Franz Liedke
2a713ccb67 Remove HTTP method from generated URLs 2015-06-09 00:06:33 +02:00
Franz Liedke
fed3c2ebd1 Remove facade usage 2015-06-09 00:06:08 +02:00
Franz Liedke
238893a601 Get rid of more facade usage 2015-06-08 11:21:42 +02:00
Franz Liedke
38dfe787f2 Avoid usage of facade in user model 2015-06-08 11:20:46 +02:00
Franz Liedke
4db5cc347b Fix cookie retrieval in admin panel 2015-06-08 10:00:29 +02:00
Franz Liedke
f3c854ca57 Always initialize variable 2015-06-08 09:49:07 +02:00
Toby Zerner
0450aba462 Remove old code. 2015-06-08 14:57:05 +09:30
Toby Zerner
36257b1534 Load extensions from the root directory, with precedence. 2015-06-08 14:56:49 +09:30
Toby Zerner
b864ada389 Add extension generator command. 2015-06-08 14:56:19 +09:30
Toby Zerner
4d2f58b693 Clear bio HTML cache when saving bio 2015-06-08 09:50:07 +09:30
Toby Zerner
7a76bf175d Make HTMLPurifier config extensible; allow images 2015-06-08 09:37:30 +09:30
Toby Zerner
f928e746d9 Prevent formatter from being invoked if bio is empty 2015-06-08 09:34:39 +09:30
Franz Liedke
1962eeab72 Remove outdated column name from user table seeder 2015-06-07 22:04:11 +02:00
Franz Liedke
c2df8d5214 Merge branch 'master' into psr-7 
Conflicts:
	composer.json
	composer.lock
	src/Api/Actions/TokenAction.php
	src/Core/Formatter/FormatterManager.php
	src/Core/Handlers/Events/EmailConfirmationMailer.php
	src/Forum/Actions/ConfirmEmailAction.php
	src/Forum/Actions/IndexAction.php
	src/Forum/Actions/ResetPasswordAction.php
	src/Forum/Actions/SavePasswordAction.php
	src/Forum/routes.php
 2015-06-06 13:59:59 +02:00
Toby Zerner
381e7a2c57 Usernames must only contain alphanumeric chars/dashes/underscores 
Perhaps we can relax this a little bit, but right now these are the
only characters that are parsed for @mentions anyway
 2015-06-04 11:19:23 +09:30
Toby Zerner
aae7678cea Really rough fulltext driver implementation 2015-06-04 11:11:56 +09:30
Toby Zerner
42851f425b Rejig formatting API. closes flarum/core#85 
It works but it’s not the most pretty thing in the world. @franzliedke
Would be great if you could take a look at the whole formatting API and
work your magic on it sometime… my brain is fried!
 2015-06-04 10:48:07 +09:30
Toby Zerner
9487a56d61 Allow <hr> in posts 2015-06-03 18:12:15 +09:30
Toby Zerner
5d89618bbd Implement search on front end 2015-06-03 18:10:56 +09:30
Franz Liedke
9564778701 Upgrade to stable cookie dependency 2015-06-03 10:17:59 +02:00
Franz Liedke
5151a5aef5 Fix login response not containing the token 2015-06-03 03:41:09 +02:00
Franz Liedke
82ccf28072 Fix redirect after logout 2015-06-03 03:36:49 +02:00
Franz Liedke
ed79f7c4ea Fix middleware if cookie does not exist. 2015-06-03 03:36:17 +02:00
Franz Liedke
2ba7a2044b Fix redirect helper. 2015-06-03 03:35:30 +02:00
Franz Liedke
79480242a7 Use contracts for typehints where possible. 2015-06-03 03:21:24 +02:00
Franz Liedke
7383c14eae Remove lots of unneeded imports. 2015-06-03 03:20:58 +02:00
Franz Liedke
8c40c2b4ad Get rid of unneeded injected dependency. 2015-06-03 03:19:32 +02:00
Franz Liedke
203c21846c Use API client class in admin action, too 2015-06-03 03:18:33 +02:00
Franz Liedke
7b45ca3a78 Typehint container contract instead of application class. 
This helps us in decoupling from Laravel, as we only need any
implementation of the container contract now.
 2015-06-03 03:05:10 +02:00
Franz Liedke
c616cd811b Use the new client class to consume API actions 2015-06-03 02:40:24 +02:00
Franz Liedke
a94a9afdcc Create an API client class. 
This should make it easier to make API calls from the frontends.
 2015-06-03 02:39:01 +02:00
Franz Liedke
d462eb585e Convert forum app to be PSR-7 compatible. 
I also installed one new dependency: a helper library that makes it
easier to read and write cookies, given that there are no helper methods
for these purposes in the PSR-7 standard.
 2015-06-03 02:04:57 +02:00
Franz Liedke
7f83552cbb Make JSON parameter middleware a bit more generic 2015-06-03 02:04:00 +02:00
Franz Liedke
33ae52a30c Fix responses returned by JSON helper. 2015-06-03 02:02:28 +02:00
Toby Zerner
6cf1dbe648 Add HTMLPurifier after formatters are run. 
After a morning of searching, it seems there is no PHP Markdown library
that has built-in XSS/sanitization support. The recommended solution is
to use HTMLPurifier.

This actually works out OK, though, as it’s probably a good idea to
enforce sanitization regardless of which formatters are enabled, and to
not leave them with the responsibility of sanitization (it’s a big
responsibility). Since we cache rendered posts, the slow speed of
HTMLPurifier isn’t a concern.

Note that HTMLPurifier requires a file to be loaded by Composer, but
Studio does not yet support this, so for now I have included it
manually.
 2015-06-02 11:36:25 +09:30