Commit Graph

2825 Commits

Author SHA1 Message Date
Franz Liedke
74fbae0b65 Consistent use of private instead of protected
See discussion in fe07d4064b (r30752077).
2018-10-04 09:08:43 +02:00
flarum-bot
3a45c7812a Bundled output for commit 083dcc3700 [skip ci] 2018-09-29 23:59:11 +00:00
Toby Zerner
083dcc3700 The document JS payload attribute was previously renamed to apiDocument 2018-09-30 09:24:25 +09:30
Toby Zerner
692194ec7d Merge pull request #1581 from flarum/fl/1463-extension-install-hooks
Extension enable/disable hooks
2018-09-29 08:19:26 +09:30
Franz Liedke
b55ba61f79 Extensions do not need to know whether they are enabled 2018-09-26 23:34:33 +02:00
Franz Liedke
101cb1255d Let extensions take care of flushing the formatter cache 2018-09-26 23:11:27 +02:00
Franz Liedke
5610824e96 migrate: Use existing public API to filter extensions 2018-09-26 23:03:48 +02:00
Franz Liedke
7e8279ec04 Use early returns to flatten methods 2018-09-26 22:59:48 +02:00
Franz Liedke
5704c37c18 Add a new extender interface for extension lifecycle hooks 2018-09-26 22:56:25 +02:00
Franz Liedke
2bf6a25230 Tweak extender interface in preparation for adding more methods 2018-09-26 22:36:36 +02:00
Charlie
de08988c00 Update ExtensionPage Style (#1560) 2018-09-26 17:00:27 +09:30
Franz Liedke
cb9cf29ab8 Merge pull request #1577 from flarum/tz/database-indices
Database indices
2018-09-24 23:49:23 +02:00
flarum-bot
cd8d2e6576 Bundled output for commit 31b5b4afac [skip ci] 2018-09-23 00:46:47 +00:00
Toby Zerner
31b5b4afac Clean up PostsUserPage placeholder 2018-09-23 10:12:12 +09:30
flarum-bot
b9afcbe50d Bundled output for commit 46ef76266a [skip ci] 2018-09-22 22:01:38 +00:00
David Sevilla Martín
46ef76266a Allow admins to see last online text (#1540)
* Allow admins to see last online text

* Use viewLastSeenAt permission

* Move permission to UserSerializer, removed from ForumSerializer

* Remove extra comma from ForumSerializer to keep diff clean

* Add permission to new seed migration
2018-09-22 23:55:53 +02:00
Toby Zerner
5bd13b0c22 Merge pull request #1576 from datitisev/user-posts-page
Make user posts page similar to discussion page, add empty text
2018-09-23 07:22:08 +09:30
Sajjad Hashemian
d20de83718 fix empty base url (#1453) 2018-09-22 21:58:18 +02:00
David Sevilla Martín
49d9571b8a Make user posts page similar to discussion page, add empty text 2018-09-22 14:02:14 -04:00
Franz Liedke
ad74488af8 Fix installation command, part 2 2018-09-22 17:45:38 +02:00
David Sevilla Martín
def0023382 Align icons & text in SideNav and Dropdown (#1544) 2018-09-22 21:35:45 +09:30
flarum-bot
e1d12a4295 Bundled output for commit e407c9472a [skip ci] 2018-09-22 04:58:46 +00:00
Clark Winkelmann
e407c9472a Clean composer promises (#1439)
* Remove unused login promise code

* Make promise usage consistent across composer action methods
2018-09-22 14:25:19 +09:30
flarum-bot
d70a75a2d8 Bundled output for commit 8107d9787c [skip ci] 2018-09-22 04:19:52 +00:00
Toby Zerner
0c429c1b9f Auth token and avatarUrl security improvements (#1514)
* Remove AbstractOAuth2Controller

There is no reason to provide an implementation for a specific oAuth2
library in core; it's not generic enough (eg. auth-twitter can't use it).

This code could be moved into another package which auth extensions
depend on, but it's a negligible amount of relatively simple code that
I don't think it's worth the trouble.

* Introduce login providers

Users can have many login providers (a combination of a provider name
and an identifier for that user, eg. their Facebook ID).

After retrieving user data from a provider (eg. Facebook), you pass the
login provider details into the Auth\ResponseFactory. If an associated
user is found, a response that logs them in will be returned. If not, a
registration token will be created so the user can proceed to sign up.
Once the token is fulfilled, the login provider will be associated with
the user.
2018-09-22 13:48:27 +09:30
Toby Zerner
8107d9787c Add migration helper to drop columns 2018-09-22 13:45:41 +09:30
Toby Zerner
ee3287d3e9 Merge pull request #1513 from flarum/tz/1419-restrict-own-permissions
Make "own" permissions depend on the user's ability to reply
2018-09-22 12:22:03 +09:30
Toby Zerner
698436e7b0 Make "own" permissions depend on the user's ability to reply
Permission to rename/hide/edit one's own discussion/post is only granted
if the user has permission to reply to the discussion. This makes sense
if you think of these actions as forms of "replying" to a discussion.

Fixes #1419 because suspended users do not have permission to reply to
discussions, therefore they will not be granted these "own" permissions.
2018-09-22 12:15:46 +09:30
Franz Liedke
9fabcff497 Fix tests 2018-09-22 00:40:19 +02:00
Franz Liedke
712d1cdd1e Display only exception messages during booting
By not letting PHP render the stack trace, we prevent displaying
sensitive information (such as the database credentials). Instead,
we display a simple line with the exception message.

In the console, the full exception can still be shown, as that is
a tool only for forum admins anyway.

Fixes #1421.
2018-09-21 23:33:28 +02:00
Franz Liedke
d35532b744 Boot Flarum app in Server classes
This is in preparation for fixing #1421 - it allows us to
encapsulate the exception handling in the server classes, so that
we can keep the skeleton (flarum/flarum) lean.
2018-09-21 23:30:14 +02:00
Franz Liedke
5fa9e1a8a2 Remove references to deleted property 2018-09-21 12:29:16 +02:00
flarum-bot
12ac907404 Bundled output for commit bd0b2a2f1d [skip ci] 2018-09-21 05:07:46 +00:00
Toby Zerner
bd0b2a2f1d Fix tests 2018-09-21 14:32:41 +09:30
Toby Zerner
92e8990e55 Apply fixes from StyleCI (#1574)
[ci skip] [skip ci]
2018-09-21 14:28:02 +09:30
Toby Zerner
ff18859f2e Remove the "debug" button from request error alerts
Using the browser's console to debug failed requests is much more powerful
2018-09-21 14:27:39 +09:30
Toby Zerner
5cda25c8b6 Make registration errors still work properly when debug mode is on 2018-09-21 14:18:17 +09:30
flarum-bot
5e1e7b2171 Bundled output for commit 50d2243fba [skip ci] 2018-09-21 02:30:05 +00:00
Toby Zerner
50d2243fba Sort user discussion list properly 2018-09-21 11:55:00 +09:30
flarum-bot
fc440380d6 Bundled output for commit 354babdc2e [skip ci] 2018-09-21 02:09:25 +00:00
Toby Zerner
354babdc2e Fix installation command 2018-09-21 11:32:46 +09:30
Toby Zerner
288266d85a Update TextFormatter deprecated API 2018-09-21 11:23:24 +09:30
Toby Zerner
aab06e0741 Live output of migrator notes 2018-09-21 11:22:51 +09:30
Toby Zerner
2d3f1d9f5c Fix notifications crash
When loading notifications, $this->type was null and thus array_get
was returning an array instead of null. I assume this issue was
introduced in a Laravel version upgrade? Anyway, this fixes it.
2018-09-21 11:22:26 +09:30
Toby Zerner
1114de5338 Fix group badge misalignment if there is no group icon 2018-09-21 11:20:54 +09:30
Toby Zerner
3a7f88b74c Use default system font instead of Open Sans 2018-09-21 11:20:17 +09:30
Toby Zerner
4690812402 Add "tiny" preset for LoadingIndicator
This is used in various places but had not been added since presets were
removed from Spin.js in a recent version upgrade.
2018-09-21 11:19:32 +09:30
Toby Zerner
c27c968837 Fix regression introduced by #1543
The Page component's config method wasn't being called, therefore the
bodyClass would not be applied.
2018-09-21 11:17:54 +09:30
Toby Zerner
52b5bdcf4e Revert "Frontend extender: Remove route registration"
This reverts commit df6f10da20.
2018-09-21 09:05:45 +09:30
Toby Zerner
5d44b6f259 Use container events as an alternative to the ConfigureMiddleware event (#1462)
By moving the DispatchRoute middleware into an `afterResolving`
callback, this will allow a new Middleware extender to add a `resolving`
callback to the appropriate container binding, removing the need for the
ConfigureMiddleware event.

The ConfigureMiddleware event has been deprecated and should be removed
in beta 9.
2018-09-16 21:21:13 +02:00