* Centralize pagination/canonical meta URL generation in Document
* Apply fixes from StyleCI
[ci skip] [skip ci]
* Use translations for title template
* Apply fixes from StyleCI
[ci skip] [skip ci]
* Dont add translator to title driver interface
It's an implementation detail, and can be made available on specific implementations as needed.
Co-authored-by: Alexander Skvortsov <askvortsov1@users.noreply.github.com>
Fixes https://github.com/flarum/core/issues/3055
- On the frontend, accept only image types as a hint to the OS file picker.
- On the backend, add more robust validation to ensure only valid images make it through. This isn't necessary for security, but results in less confusing error mesages.
By injecting the cache store into the queue, we allow queues to be
restarted using php flarum queue:restart and similar events dispatched
from within Laravelish classes.
* Enforce 65k limit when attempting to store setting values.
* Add space for style.
* Move setting validation into Saving event listener.
* Use consistent var names
* remove extra space
* Move settings validation into separate class.
* Remove unused class.
* Remove extra line.
* Move ValidateCustomLess to SettingsServiceProvider. Use existing convention for validator.
* Update src/Settings/SettingsValidator.php
Co-authored-by: Alexander Skvortsov <38059171+askvortsov1@users.noreply.github.com>
* Revert moving of ValidateCustomLess logic. Allow for attribute specific setting validation rules.
* Style fixes.
* Style fixes.
* Style fixes.
Co-authored-by: Alexander Skvortsov <38059171+askvortsov1@users.noreply.github.com>
Fixes#2492
* Added api/groups/{id} endpoint for retrieving a single group by its id
* Fixed GroupRepository incorrectly opening query to User instead of Group model
* Added filtering & paging abilities to GET api/groups endpoint
* Added test for sorting for GET api/groups endpoint
Co-authored-by: Alexander Skvortsov <38059171+askvortsov1@users.noreply.github.com>
Whether it's due to corrupted content, missing tags, caching issues, or other assorted reasons, post content can't be rendered. Currently, this results in an exception that crashes the entire forum and is hard to debug. Instead, we should log the error and show an indicator message that rendering has failed.
Co-authored-by: Sami Mazouz <sychocouldy@gmail.com>
Co-authored-by: David Wheatley <hi@davwheat.dev>
As a temporary fix it has been requested to disallow dashes in the database prefix. The installation process fails when the prefix does include a dash.
#3022
This PR forces the `Cache-Control: no-store, max-age=0` header to the response in the Admin Area. This forces cache to be ignored upon browsing back and forth between pages using the browser controls. Although absolutely no fail safe, it should provide better protection against serving cached pages once an admin has signed out.
By sorting alphabetically by extension ID before applying topological sort, we ensure that a given set of extensions will always be booted in the same order. This will make it easier to replicate issues caused by complex extension dependencies.
This PR introduces the ability to just override a LESS file's contents through an extender.
This is mainly useful for theme development, as there are times in extensively customized themes where overriding the actual file makes a huge difference vs overriding CSS styles which can turn into a maintenance hell real fast.
Overriding styles is more tedious than overriding files. When you're designing an element, you would normally rather start from a blank canvas, than a styled element. With an already styled element you have to first override and undo the styles you do not wish to have, only then can you start shaping it, but even then you'd always end up constantly undoing default styles. This mostly applies for more advanced themes. (example: 851c55516d/less/forum/DiscussionList.less)
* Add extra error handling for avatar file size & large payload
* Change error message to return 'upload failure' on most errors instead of 'no file' message
With remember from cookie, in certain edge cases, the middleware would
try to load a session which hasn't been instantiated as this middleware
is excluded for the client. Excluding the remember from cookie
middleware will resolve this as authentication is done using the
RequestUtil and ActorReference regardlessly.
