diff --git a/.github/workflows/Build.yml b/.github/workflows/Build.yml index 07ff5d9d6..82e08f314 100644 --- a/.github/workflows/Build.yml +++ b/.github/workflows/Build.yml @@ -348,22 +348,22 @@ jobs: - name: Execute build run: php bakery build-assets - Asset-Build-Inspect: + # Asset-Build-Inspect: - name: Assets Build Inspection - runs-on: ubuntu-latest + # name: Assets Build Inspection + # runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 + # steps: + # - uses: actions/checkout@v2 - - uses: actions/setup-node@v2 - with: - node-version: ^14.0.0 + # - uses: actions/setup-node@v2 + # with: + # node-version: ^14.0.0 - - name: Install Dependencies - working-directory: build - run: npm i + # - name: Install Dependencies + # working-directory: build + # run: npm i - - name: Type Validation - working-directory: build - run: node_modules/.bin/tsc -p ./tsconfig.json + # - name: Type Validation + # working-directory: build + # run: node_modules/.bin/tsc -p ./tsconfig.json diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f1baf2d0..6d023655c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## [v4.6.4](https://github.com/userfrosting/UserFrosting/compare/v4.6.3...v4.6.4) + +### Fix +- Foreign Key constraint fails when an admin attempts to create a new user ([#1190](https://github.com/userfrosting/UserFrosting/pull/1190)) +- Fix for AccountControllerTest when registration is disabled ([#1192](https://github.com/userfrosting/UserFrosting/pull/1192)) +- Native install on PHP 8.* install fails due to eventdispatcher incompatibility between rockettheme and Symphony ([#1195](https://github.com/userfrosting/UserFrosting/issues/1195) & [#1196](https://github.com/userfrosting/UserFrosting/issues/1196)) +- Fix PHP7.4+ compatibility in Model findUnique ([#1193](https://github.com/userfrosting/UserFrosting/pull/1193)) +- Handle the case where all roles are removed from a user ([#1194](https://github.com/userfrosting/UserFrosting/pull/1194)) + ## [v4.6.3](https://github.com/userfrosting/UserFrosting/compare/v4.6.2...v4.6.3) ### Security diff --git a/app/defines.php b/app/defines.php index 9843adc07..4eab2b812 100755 --- a/app/defines.php +++ b/app/defines.php @@ -11,7 +11,7 @@ namespace UserFrosting; // Some standard defines -define('UserFrosting\VERSION', '4.6.1'); +define('UserFrosting\VERSION', '4.6.4'); define('UserFrosting\DS', '/'); define('UserFrosting\PHP_MIN_VERSION', '^7.3 | ^8.0'); define('UserFrosting\PHP_RECOMMENDED_VERSION', '^8.0'); diff --git a/app/sprinkles/account/tests/Integration/Controller/AccountControllerTest.php b/app/sprinkles/account/tests/Integration/Controller/AccountControllerTest.php index 296378125..6470a4331 100644 --- a/app/sprinkles/account/tests/Integration/Controller/AccountControllerTest.php +++ b/app/sprinkles/account/tests/Integration/Controller/AccountControllerTest.php @@ -111,6 +111,9 @@ public function testRegisterWithNoMasterUser(AccountController $controller) */ public function testRegister() { + // Force Registration + $this->ci->config['site.registration.enabled'] = true; + // Force locale config $this->ci->config['site.registration.user_defaults.locale'] = 'en_US'; $this->ci->config['site.locales.available'] = [ @@ -146,6 +149,9 @@ public function testRegister() */ public function testRegisterWithNoEmailVerification() { + // Force Registration + $this->ci->config['site.registration.enabled'] = true; + // Delete previous attempt so we can reuse the same shared test code if ($user = User::where('email', 'testRegister@test.com')->first()) { $user->delete(true); @@ -763,6 +769,12 @@ public function testpageForgotPassword(AccountController $controller) */ public function testpageRegister(AccountController $controller) { + // Force Registration + $this->ci->config['site.registration.enabled'] = true; + + // Recreate controller to use new config + $controller = $this->getController(); + $result = $controller->pageRegister($this->getRequest(), $this->getResponse(), []); $this->assertInstanceOf(\Psr\Http\Message\ResponseInterface::class, $result); $this->assertSame($result->getStatusCode(), 200); @@ -793,6 +805,7 @@ public function testpageRegisterWithNoLocales() { // Force config $this->ci->config['site.locales.available'] = []; + $this->ci->config['site.registration.enabled'] = true; // Recreate controller to use new config $controller = $this->getController(); @@ -809,6 +822,9 @@ public function testpageRegisterWithNoLocales() */ public function testpageRegisterWithLoggedInUser() { + // Force Config + $this->ci->config['site.registration.enabled'] = true; + // Create a test user $testUser = $this->createTestUser(false, true); @@ -1179,6 +1195,9 @@ public function testRegisterWithLoggedInUser() */ public function testRegisterWithFailedThrottle() { + // Force config + $this->ci->config['site.registration.enabled'] = true; + // Create fake throttler $throttler = m::mock(Throttler::class); $throttler->shouldReceive('getDelay')->once()->with('registration_attempt')->andReturn(90); @@ -1211,6 +1230,12 @@ public function testRegisterWithFailedThrottle() */ public function testRegisterWithFailedCaptcha(AccountController $controller) { + // Force config + $this->ci->config['site.registration.enabled'] = true; + + // Recreate controller with new config + $controller = $this->getController(); + // Bypass security feature $fm = $this->ci->factory; $dummyUser = $fm->create(User::class); @@ -1240,6 +1265,12 @@ public function testRegisterWithFailedCaptcha(AccountController $controller) */ public function testRegisterWithFailedValidation(AccountController $controller) { + // Force config + $this->ci->config['site.registration.enabled'] = true; + + // Recreate controller with new config + $controller = $this->getController(); + // Bypass security feature $fm = $this->ci->factory; $dummyUser = $fm->create(User::class); diff --git a/app/sprinkles/admin/src/Controller/UserController.php b/app/sprinkles/admin/src/Controller/UserController.php index 1acf4af06..f81b39a05 100644 --- a/app/sprinkles/admin/src/Controller/UserController.php +++ b/app/sprinkles/admin/src/Controller/UserController.php @@ -136,6 +136,11 @@ public function create(Request $request, Response $response, array $args) $data['group_id'] = $currentUser->group_id; } + // 0 maps to "No group", database requires a NULL to avoid issues with foreign keys + if (isset($data['group_id']) && $data['group_id'] == 0) { + $data['group_id'] = null; + } + $data['flag_verified'] = 1; if (!isset($data['password'])) { // Set password as empty on initial creation. We will then send email so new user can set it themselves via a verification token @@ -1322,11 +1327,15 @@ public function updateField(Request $request, Response $response, array $args) // Get PUT parameters: value $put = $request->getParsedBody(); - // Make sure data is part of $_PUT data + // Make sure data is part of $_PUT data, default to empty value if sensible, otherwise error if (isset($put[$fieldName])) { $fieldData = $put[$fieldName]; } else { - throw new BadRequestException(); + if ($fieldName == 'roles') { + $fieldData = []; + } else { + throw new BadRequestException(); + } } // Create and validate key -> value pair diff --git a/app/sprinkles/core/src/Database/Models/Model.php b/app/sprinkles/core/src/Database/Models/Model.php index 987ae9139..561e3e551 100644 --- a/app/sprinkles/core/src/Database/Models/Model.php +++ b/app/sprinkles/core/src/Database/Models/Model.php @@ -70,7 +70,7 @@ public static function findUnique($value, $identifier, $checkDeleted = true) { $query = static::whereRaw("LOWER($identifier) = ?", [mb_strtolower($value)]); - if ($checkDeleted && method_exists($query, 'withTrashed')) { + if ($checkDeleted && $query->hasMacro('withTrashed')) { $query = $query->withTrashed(); }