Commit Graph

109 Commits

Author SHA1 Message Date
Clark Winkelmann
08ba2599d7
Refactor Access Tokens (#2651)
- Make session token-based instead of user-based
- Clear current session access tokens on logout
- Introduce increment ID so we can show tokens to moderators in the future without exposing secrets
- Switch to type classes to manage the different token types. New implementation fixes #2075
- Drop ability to customize lifetime per-token
- Add developer access keys that don't expire. These must be created from the database for now
- Add title in preparation for the developer token UI
- Add IP and user agent logging
- Delete all non-remember tokens in migration
2021-03-04 16:50:38 -05:00
Alexander Skvortsov
8a686911ff
Don't create user bio column on new installations (#2215) 2020-07-01 17:31:52 -04:00
Alexander Skvortsov
6e8884f190
Implement hidden permission groups (#2129)
Only users that have the new `viewHiddenGroups` permissions will be able to see these groups.

You might want this when you want to give certain users special permissions, but don't want to make your authorization scheme public to regular users.

Co-authored-by: luceos <daniel+github@klabbers.email>
2020-04-21 17:49:53 +02:00
Charlie
4c50c8d77a Change default discussion comment count
This allows new public discussions to be immediately visible by users.
2020-04-08 01:13:52 +02:00
Franz Liedke
64c702aaf7
Use Laravel's slugger for basic transliteration
This is better than the current system, as it adds transliteration rules
for special characters, rather than just throwing all of them away.

For languages that cannot be transliterated to ASCII in a reasonable
manner, more possible improvements are outlined in #194.
2020-01-24 17:40:09 +01:00
Franz Liedke
d492579638 Apply fixes from StyleCI
[ci skip] [skip ci]
2019-11-28 00:16:50 +00:00
datitisev
b83adbccfd Apply fixes from StyleCI
[ci skip] [skip ci]
2019-11-18 09:23:53 +01:00
David Sevilla Martin
7b6c666e7b Remove 'or' from 'orWhereNotExists' 2019-11-18 09:23:53 +01:00
David Sevilla Martin
8b9f03e998 Add discussion_id foreign key to posts table 2019-11-18 09:23:53 +01:00
Daniël Klabbers
590b311570 fixes #1801, increasing the size of posts.content to mediumText correctly 2019-06-24 14:53:56 +02:00
Franz Liedke
8e4f02d994
Fix table name in migration 2019-01-31 22:01:05 +01:00
Franz Liedke
8ae85bc49f
Remove obsolete dropForeign() migration
Forgotten in commit 5a04635e7a.
2019-01-31 22:00:41 +01:00
Daniël Klabbers
54fdc40d87 further revert #96e2824 2019-01-15 20:49:06 +01:00
Daniël Klabbers
390148456c reverts #96e2824 2019-01-15 20:39:38 +01:00
Franz Liedke
57d5846b64
Migrations: Fix dropping foreign keys
Passing an array to dropForeign does not mean dropping multiple indices,
but rather dropping a key on multiple tables.

Passing a string means that this string will be interpreted as index
name, not as name of the indexed column. Passing an array with one
string is therefore correct, in order to benefit from automatic index
name generation.
2018-11-30 14:02:37 +01:00
Toby Zerner
96e282458b Fix index names in migrations
This can be reverted when we upgrade to Laravel 5.7.
2018-11-27 12:19:13 +10:30
David Sevilla Martín
cc95faa07d Add migration to add 'fa fa-' to group icons (#1597)
* Add migration to add 'fa fa-' (FA v4 shim) to group icons

* StyleCI

* Change prefix to `fas fa-`
2018-10-10 00:39:19 +02:00
Franz Liedke
bf61753361
Merge pull request #1577 from flarum/tz/database-indices
Database indices
2018-09-24 23:49:23 +02:00
David Sevilla Martín
8c679c715c Allow admins to see last online text (#1540)
* Allow admins to see last online text

* Use viewLastSeenAt permission

* Move permission to UserSerializer, removed from ForumSerializer

* Remove extra comma from ForumSerializer to keep diff clean

* Add permission to new seed migration
2018-09-22 23:55:53 +02:00
Toby Zerner
5dfb9b474c
Auth token and avatarUrl security improvements (#1514)
* Remove AbstractOAuth2Controller

There is no reason to provide an implementation for a specific oAuth2
library in core; it's not generic enough (eg. auth-twitter can't use it).

This code could be moved into another package which auth extensions
depend on, but it's a negligible amount of relatively simple code that
I don't think it's worth the trouble.

* Introduce login providers

Users can have many login providers (a combination of a provider name
and an identifier for that user, eg. their Facebook ID).

After retrieving user data from a provider (eg. Facebook), you pass the
login provider details into the Auth\ResponseFactory. If an associated
user is found, a response that logs them in will be returned. If not, a
registration token will be created so the user can proceed to sign up.
Once the token is fulfilled, the login provider will be associated with
the user.
2018-09-22 13:48:27 +09:30
Toby Zerner
54aa9ee3cf Add database indices. closes #127 2018-09-15 14:32:51 +09:30
Toby Zerner
5635bd26f9 Fix query error 2018-09-15 12:44:59 +09:30
Toby Zerner
622bf26510 Inline permissions migration 2018-09-15 12:40:32 +09:30
Toby Zerner
6bc434c918 Remove user_user table
Since there is currently no core code that facilitates use of this table,
we are removing it for now. It can be re-added in a subsequent PR.
2018-08-24 15:15:40 +09:30
Toby Zerner
5438aea759 Apply fixes from StyleCI
[ci skip] [skip ci]
2018-08-01 03:55:21 +00:00
Toby Zerner
e46ce861dc Change TIMESTAMP columns to DATETIME manually 2018-08-01 13:24:55 +09:30
Toby Zerner
254d5d0c5b Fix group/permission seeding
Updating the Migration::addPermission helper table name means we need
to move the seed migration to after the table rename migration. We also
add a sanity check for each permission's group since the foreign key
will fail if the group doesn't exist. Of course, the only way to make
sure groups are seeded before permissions is to move them into another
migration.
2018-07-21 23:02:44 +09:30
Toby Zerner
baeaa73597 Wrap column names; use whereColumn where possible 2018-07-21 22:02:54 +09:30
Toby Zerner
677a7dd2d3 Merge branch 'master' into 1236-database-changes
# Conflicts:
#	src/Forum/Controller/IndexController.php
#	src/User/UserMetadataUpdater.php
2018-07-21 21:37:49 +09:30
Toby Zerner
aa4c4b07bd Revert notifications_from table
I didn't think this change through and it's going to be too difficult
to implement right now. It can wait until we do the notifications
revamp. For now reverting back to the old structure, with the
`sender_id` column renamed to `from_user_id`.
2018-07-21 18:35:50 +09:30
Toby Zerner
4f259425b0 Fix entity deletion
Foreign keys take care of most of this for us!
2018-07-21 17:18:40 +09:30
Toby Zerner
d0115de771 No need for deleted_at in notifications table 2018-07-21 17:13:51 +09:30
Toby Zerner
9d790c18d6 Change TIMESTAMP columns to DATETIME 2018-07-21 17:12:51 +09:30
Toby Zerner
fe73cf3237 Clean up migrations
* Make filenames and order more consistent

* Split foreign keys into their own migrations, add statements to ensure
  data integrity prior to adding them

* Add renameColumns helper, use other helpers where possible
2018-07-21 15:23:37 +09:30
Daniel Klabbers
c7efbba0da resetting to short annotation for dropping foreign key constraint, as per docs, must use array notation for this to work 2018-07-20 09:35:16 +02:00
Daniel Klabbers
be266a73cd fixed another foreign key drop with incorrect name 2018-07-20 09:24:42 +02:00
Daniel Klabbers
e1a282e0e1 forgot to name a few constraints properly on the dropForeign statement 2018-07-20 09:23:03 +02:00
Daniel Klabbers
5a04635e7a decided to leave the posts.discussion_id foreign key constraint to discussions out for now 2018-07-20 08:41:01 +02:00
Daniel Klabbers
90792abf10 added constraints, discussions_first_post_id_foreign blocks here 2018-07-19 10:36:46 +02:00
Daniel Klabbers
5139ce647e instead of changing fulltext, use medium text schema builder change on posts.content 2018-07-19 09:52:20 +02:00
Daniel Klabbers
8779e40ec5 remove migration (initially was intended) to change settings.value to longblob 2018-07-19 09:45:29 +02:00
Daniel Klabbers
1e372f3881 split up the migration to create and seed notifications_from 2018-07-19 09:22:34 +02:00
Franz Liedke
c76d9e1298
Move initial permission setup to migrations
Refs #1466.
2018-07-16 15:12:46 +02:00
Franz Liedke
665f241348
Add migration for new hidePosts permission
Refs #1387 and #1466.
2018-07-16 00:41:55 +02:00
Daniel Klabbers
2c15597ec9 reset the relation table naming from groups_users to adhere to laravel convention group_user 2018-07-09 11:53:59 +02:00
luceos
cf80cf86e5 Apply fixes from StyleCI
[ci skip] [skip ci]
2018-06-27 19:34:07 +00:00
Daniël Klabbers
a23dc0dfcd
fixed some migration names and used helper where appropriate 2018-06-27 21:33:53 +02:00
Daniël Klabbers
4d2d7465ee
Revert "migrating user preferences obviously works on empty table"
This reverts commit 066baed5b9.
2018-06-27 21:22:28 +02:00
Daniël Klabbers
9449fb4f1f
not dropping bio due to not having a replacement 2018-06-27 21:09:32 +02:00
Daniël Klabbers
d9b357c18e
we need to leave the preferences column for now 2018-06-22 23:43:37 +02:00