General: Version bumped to v0.0.92#92
Open
LouisOuellet wants to merge 28 commits into
Open
Conversation
- ConfigOverrideService removed (config already handles .cfg files with gitignore) - Added Encryption Service (P1), SMS/IMAP Services (P2) - Updated Auth to 2.1 'Security Review + Feature Completion' (2FA/TOTP/Email/SMS) - Profile Modal: reworded to note current page-based system - Debug Audit Logger: note Log.php exists, need audit trail layer on top - Global View Context: reworded to note Route/Bootstrap architecture - Migration Runner → Migration System Improvement (note Schema::compare/update exists) - Developer Mode: note existing dev plugin endpoints (reword 3.1) - Added Phase 1.2 Config Documentation - Added Phase 2.8 SMS/IMAP Services - Added Phase 2.9 SLS Service - Added Phase 3.3 DataTables Standardization - Added Phase 3.4 UI Builder Documentation - Added Phase 3.5 Organization Data Scoping - Updated Database Abstraction to note Schema::compare/update - Updated Config status to note gitignored files - Added Phase Appendix with current phase checklist - Updated VersionProvider: /api/core/info exists, need VersionProvider class
1.1 Testing: - Two-layer approach: php -l syntax validation + route accessibility tests - Scan all PHP files recursively (src/, lib/plugins/*, lib/modules/*) - Route tests with public/logged-in/unauthenticated access levels - GitHub Actions CI workflow (ci.yml + release.yml update) 1.2 Configuration Documentation: - Follow existing docs/index.md TOC structure (03-using/ subdirectory) - Create 4 config docs: configuration, config-override, bootstrap-config, app-settings - docs/index.md already has TOC entries (no link updates needed) 1.3 Application Settings System: - Split into 1.3.1 /admin/ landing page (Controller/Endpoint, panel.php, sidebar) - /admin link added to profile plugin's routes.cfg (user menu location) - 1.3.2 Settings registry: SettingsRegistry, SettingsSection, /admin/settings - /admin/security and /admin/maintenance sub-pages - docs/index.md already has admin pages under 04-administering/ Commit: 28ebad9
… server-agnostic deployment, testing infrastructure Phase A - New Kernel Components: - RouteDTO: thin data object (namespace, template, view, public, level, action, label, icon, color, parent, location) - Response: controller return value (render, redirect, json, error factories) - View: template + view composition engine (output-buffered, cascade resolution) - Controller: base class (extends Abstracts\Controller, adds Response/View support) - Middleware: AuthMiddleware (replicates Router::set() auth chain), MaintenanceMiddleware - Hook: plugin extension points (register/fire pattern) - EntryPoint: thin coordinator (Bootstrap → Router → Middleware → Controller → View) Phase B - Migration Adapter (backward-compatible): - Router: added register(), match(), all(), loadFromConfig() alongside existing routing - Route: render() delegates to View engine; module handling preserved Phase C - Server-Agnostic Deployment: - CoreHelper::init(): generates nginx.conf.example + project root index.php - CoreCommand: added serve command (PHP built-in server) + test:routes command Phase D - Testing Infrastructure: - PHPUnit 10.x dev dependency, phpunit.xml.dist, tests/bootstrap.php - MockGlobals test trait, unit tests for RouteDTO (15) + Response (9) - All 24 tests pass Phase E - Documentation: - DESIGN.md: rewrote §7 (Routing MVC), added §17 (Server Deployment), §20 (Testing) - ROADMAP.md: Phase 1.6 full breakdown + checklist - DESIGN.md section numbering corrected All changes are zero-breaking — existing plugins, Route API, and Router API preserved.
…ide, root entry point Phase D — Testing Infrastructure: - CI workflow (.github/workflows/ci.yml) — syntax check + PHPUnit on PR - RouterTest.php — 23 tests for Router + Response - ControllerTest.php — 8 tests for Controller + Response - MiddlewareTest.php — 10 tests for MiddlewareInterface, Hook, RouteDTO - ViewTest.php — 5 tests for View engine resolution Phase E — Documentation & Entry Points: - docs/mvc-migration.md — plugin migration guide (endpoints → controllers, hooks, deployment) - index.php — project root entry point (shared hosting) - webroot/index.php — front controller (Apache/Nginx) - Fix RouteDTO import paths in Middleware files (Objects namespace)
- Add Router::startMVC() — new MVC entry method using EntryPoint + middleware chain - Wire HOOK + ENTRYPOINT into Bootstrap.php Default services - Fix View::resolveTemplate/resolveView — use global $CONFIG with null-fallback - Fix MiddlewareTest — class_exists() → interface_exists() for MiddlewareInterface - Add EntryPointTest — 13 new integration tests for Response + EntryPoint + Router::startMVC - Fix CLI dispatch — add $CLI->start() to cli entry point - Fix CLI database gap — NullConnector stub + guard Database->init() + guard Schema::tables()/define() - Update ROADMAP.md Phase 1.6 status to Complete 80 tests passing (17 new)
…update - Create tests/syntax.sh — recursive PHP lint (259 files) - Add CI pre-check to release.yml (syntax + PHPUnit before release) - Update ROADMAP.md Phase 1.1 — mark all tasks complete - Update Gaps table — Testing moved from P0 to HTTP tests only - Update Appendix — Phase 1.1 and 1.6 both complete (80 tests, 62 routes) - Phase 5 required list — mark 1.1 and 1.6 as done
- Create src/ViewGlobals.php — centralized guaranteed globals in template scope - Guarantees: $config, $auth, $currentUser, $menu, $breadcrumbs, $locale, $csrf, $request, $output, $app - View engine injects ViewGlobals into every render (no controller changes) - Update all 5 layouts (panel, website, fullscreen, internal, index) with ViewGlobals - Replace $this->Config/Auth/Builder/Request/Locale with direct $config/$auth/$menu/$locale/$request - Guest-safe defaults (null currentUser, safe fallbacks) - Create docs/developer/view-context.md — contract documentation - Add ViewGlobalsTest (6 tests for class, methods, globals list, context) - 261 PHP files pass syntax check; 86 tests pass Roadmap: Phase 1.4 marked complete; doc pending (now done)
…eted items, add timeline assessment - Remove 'Global View Context doc' gap (doc created at docs/developer/view-context.md) - Remove duplicate 'Global View Context' gap (already marked complete in Phase 1.4) - Downgrade Route Accessibility Tests from P0→P1; CLI testroutes covers compilation - Update SQLite Connector note: detailed plan exists in Phase 2.7 - Fix Phase 1.1 test count: 80 → 86 tests - Mark ViewGlobals doc as complete ([x]) - Properly check off all Phase 1.6 A-D tasks with accurate notes - Restructure Phase E deliverables with clear completion status - Reorder V1.0 requirements chronologically; mark completed phases - Add Timeline Assessment section: v0.0.92, ~70 days to target, at-risk status - Update Appendix table statuses to match current state
Core infrastructure (committed to this repo): - src/SettingsRegistry.php — singleton for plugin-registered sections - src/Objects/SettingsField.php — value object (text/textarea/boolean/select types) - src/Objects/SettingsSection.php — value object wrapping groups of fields - docs/developer/admin-settings.md — architecture documentation Config plugin (deployed separately, not tracked in core repo): - lib/plugins/config/ — Endpoint, views, routes.cfg, bootstrap registration - /admin dashboard with quick-access cards to all sub-pages - /admin/settings card-based registry UI with redirect-after-save flash messages - /admin/security page (password policy, session timeout, remember me) - /admin/maintenance page (app name, theme, maintenance mode toggle) - bootstrap.php seeds default application settings section
…ken generation, HMAC utilities Implementation: - src/Encryption.php (~358 lines): full service replacing 0-byte stub - Raw key: generateKey(), encrypt()/decrypt() with unique nonces - AAD binding: encryptWithAad()/decryptWithAad() for context-bound ciphertext - Passphrase convenience: encryptWithPassphrase()/decryptWithPassphrase() - Tokens: token() (hex), urlToken() (URL-safe base64) - HMAC: hmac(), hashEquals() (timing-safe) - tests/Unit/EncryptionTest.php: 30 tests, 42 assertions - docs/developer/encryption.md: API reference, usage examples, security notes Bootstrap/Design updates: - ENCRYPTION scope: [] -> [ROUTER, API, CLI] - Version bump to v0.0.93, Phase 1.5 marked complete
Documents: - configuration.md — Config class API (add/get/set/list/delete/reload), JSON format, path resolution order, committed vs gitignored files - config-override.md — why some .cfg are committed, others gitignored; deploy examples with .cfg.example pattern - bootstrap-config.md — loading order, override merge in Bootstrap, $CONFIG global, bootstrap.cfg format - app-settings.md — SettingsRegistry, SettingsSection, SettingsField (text/textarea/boolean/select/hidden) for admin settings UI Also marks Phase 1.2 complete in ROADMAP.md; version bump to v0.0.94
- Auth: added byRememberToken() auth flow and $needs_2fa flag - Middleware: Auth2FAMiddleware for TOTP verification gate - Objects: PasswordResetToken, RecoveryCodes, TOTP, UserRegistration - Local backend: 2FA login integration - Backend abstract: deprecation notice on reset() - Session/Pin/EntryPoint: minor improvements
- Tests: add route_smoke_test.php covering all 68 discovered routes in guest and auth modes - Module: __call() returns false instead of exit — safe fallback for testing/debugging - EntryPoint: explicit use LaswitchTech\Core\Objects\RouteDTO (namespace fix) - EntryPoint: dispatchController uses global $CONFIG->root() (fixes static call on non-static method) - EntryPoint: null-template guard returns 501 instead of crashing Response::render - RouteDTO: normalize parent field from array to string/json
- Update Phase 2.1 Auth status (2FA/TOTP complete in d3ee34c) - Track Route Smoke Test in Appendix phase checklist - Fix V1.0 timeline metric — Phase 1 fully done, not just Phase 1
- Section 7: Add Auth2FAMiddleware to middleware chain, component table, auth chain - Section 7: Fix duplicate 'level' key in JSON route example - Section 16: Update HTTP entry point diagrams (Auth → 2FA → Maintenance) - Section 20: Clarify Three-Layer testing strategy with Route Smoke Test
…xample - Connectors\SQLite — full PDO-based connector (connect, query, describe via PRAGMA, prepare, affectedRows, lastId) - Connectors\PDOPreparedStatement — mysqli_stmt interface adapter for prepared statement binding - Connectors\PDOResult — mysqli_result interface adapter for row fetching - Database.php — SQLite in connector factory switch - tests/Unit/SQLiteConnectorTest — 10 smoke tests (connect, describe, query, prepare, lastId, close) - AGENTS.md — agent quick reference for this repo - nginx.conf.example — deployment configuration
Connectors: - Abstract Connector: add getDefaultEngine/Charset/Collation, supportsModifyColumn(), showTablesSQL(), tableExistsSQL(), autoIncrementSQL(), defineColumn() methods - SQLite: override all new methods; ENUM->TEXT, tinyint(1)->BOOLEAN type mappings; sqlite_sequence for AUTOINCREMENT; PRAGMA-based showTablesSQL/tableExistsSQL Schema.php: - buildCreate(): only emit ENGINE/CHARSET/COLLATE suffix when connector has non-empty charset - tables()/exists(): delegate to connector's showTablesSQL()/tableExistsSQL() + handle PDOResult/mysqli_result - define(): skip SHOW TABLE STATUS LIKE for SQLite (no charsets); fall back to connector defaults - buildModifyColumnQuery(): return comment placeholder when supportsModifyColumn=false Database.php install(): separate config format for SQLite (path) vs MySQL (host/username/password/database) Query autoIncrement(): delegate to connector's autoIncrementSQL() Docs: database-connectors.md + sqlite-notes.md Configs: requirement.cfg updated with database_connectors catalog Tests: SQLiteSchemaTest.php (connector introspection/type mapping) + SQLiteQueryTest.php (Qb integration)
- src/Connectors/PDOPreparedStatement: make $stmt nullable for safety - src/Connectors/SQLite: resolve relative DB paths via realpath(), remove unnecessary dirname() wrapper - tests/Unit/SQLiteConnectorTest: pass real db path so SQLite opens the test file correctly - AGENTS.md: add working loop section describing development workflow
- PDOResult::fetch_assoc/fetch_row: explicit false coalescing to null - NullConnector: connect/close void return types matching abstract base - NullConnector::prepare mixed return type matching connector contract - NullConnector: reconnect method signature alignment - SQLite::connect: restore mkdir parent directory creation for DB path
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.