2026-02-04 23:31:53 +01:00
|
|
|
<?php
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* HTML-escape output in templates.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function e($string): void
|
|
|
|
|
{
|
|
|
|
|
echo htmlspecialchars((string) $string, ENT_QUOTES, 'UTF-8');
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Build a web asset URL relative to the app base URL.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function asset(string $path): string
|
|
|
|
|
{
|
|
|
|
|
return \MintyPHP\Router::getBaseUrl() . ltrim($path, '/');
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Build an absolute filesystem path inside templates/.
|
|
|
|
|
*/
|
2026-02-11 19:28:12 +01:00
|
|
|
function templatePath(string $path): string
|
|
|
|
|
{
|
|
|
|
|
return dirname(__DIR__, 3) . '/templates/' . ltrim($path, '/');
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
/**
|
|
|
|
|
* Register the app service container for the current request.
|
|
|
|
|
*/
|
|
|
|
|
function setAppContainer(\MintyPHP\App\AppContainer $container): void
|
|
|
|
|
{
|
|
|
|
|
$GLOBALS['minty_app_container'] = $container;
|
|
|
|
|
|
|
|
|
|
\MintyPHP\Http\ApiAuth::configure(
|
2026-03-13 11:31:33 +01:00
|
|
|
static fn (): \MintyPHP\Service\Tenant\TenantScopeService => $container->get(\MintyPHP\Service\Tenant\TenantScopeService::class),
|
2026-03-04 15:56:58 +01:00
|
|
|
static fn (): \MintyPHP\Service\Auth\ApiTokenService => $container->get(\MintyPHP\Service\Auth\ApiTokenService::class),
|
|
|
|
|
static fn (): \MintyPHP\Repository\Access\UserRoleRepository => $container->get(\MintyPHP\Repository\Access\UserRoleRepository::class),
|
|
|
|
|
static fn (): \MintyPHP\Repository\Access\RolePermissionRepository => $container->get(\MintyPHP\Repository\Access\RolePermissionRepository::class),
|
|
|
|
|
static fn (): \MintyPHP\Service\User\UserTenantContextService => $container->get(\MintyPHP\Service\User\UserTenantContextService::class),
|
|
|
|
|
static fn (): \MintyPHP\Service\Access\AuthorizationService => $container->get(\MintyPHP\Service\Access\AuthorizationService::class)
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
\MintyPHP\Http\ApiBootstrap::configure(
|
refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.
Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers
Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n
Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling
All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
|
|
|
$container->has(\MintyPHP\Module\Audit\Service\ApiAuditService::class)
|
|
|
|
|
? static fn () => $container->get(\MintyPHP\Module\Audit\Service\ApiAuditService::class)
|
|
|
|
|
: null,
|
2026-03-06 00:44:52 +01:00
|
|
|
static fn (): \MintyPHP\Service\Settings\SettingsApiPolicyGateway => $container->get(\MintyPHP\Service\Settings\SettingsApiPolicyGateway::class),
|
2026-03-04 15:56:58 +01:00
|
|
|
static fn (): \MintyPHP\Service\Security\RateLimiterService => $container->get(\MintyPHP\Service\Security\RateLimiterService::class),
|
refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.
Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers
Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n
Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling
All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
|
|
|
$container->has(\MintyPHP\Module\Audit\Http\ApiSystemAuditReporter::class)
|
|
|
|
|
? static fn () => $container->get(\MintyPHP\Module\Audit\Http\ApiSystemAuditReporter::class)
|
|
|
|
|
: null
|
2026-03-04 15:56:58 +01:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
\MintyPHP\Http\ApiResponse::configure(
|
refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.
Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers
Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n
Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling
All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
|
|
|
$container->has(\MintyPHP\Module\Audit\Service\ApiAuditService::class)
|
|
|
|
|
? static fn () => $container->get(\MintyPHP\Module\Audit\Service\ApiAuditService::class)
|
|
|
|
|
: null,
|
2026-03-04 15:56:58 +01:00
|
|
|
static fn (): \MintyPHP\Service\Access\AuthorizationService => $container->get(\MintyPHP\Service\Access\AuthorizationService::class),
|
refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.
Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers
Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n
Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling
All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
|
|
|
$container->has(\MintyPHP\Module\Audit\Http\ApiSystemAuditReporter::class)
|
|
|
|
|
? static fn () => $container->get(\MintyPHP\Module\Audit\Http\ApiSystemAuditReporter::class)
|
|
|
|
|
: null
|
2026-03-04 15:56:58 +01:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
\MintyPHP\Support\Guard::configure(
|
|
|
|
|
static fn (): \MintyPHP\Service\Auth\AuthService => $container->get(\MintyPHP\Service\Auth\AuthService::class),
|
|
|
|
|
static fn (): \MintyPHP\Service\Tenant\TenantService => $container->get(\MintyPHP\Service\Tenant\TenantService::class),
|
|
|
|
|
static fn (): \MintyPHP\Service\Access\AuthorizationService => $container->get(\MintyPHP\Service\Access\AuthorizationService::class)
|
|
|
|
|
);
|
|
|
|
|
|
2026-03-19 08:23:14 +01:00
|
|
|
\MintyPHP\Support\SearchConfig::configure(
|
2026-03-25 10:02:03 +01:00
|
|
|
static fn (): \MintyPHP\App\Module\ModuleRegistry => $container->get(\MintyPHP\App\Module\ModuleRegistry::class),
|
|
|
|
|
static fn (string $class): ?object => \MintyPHP\App\Module\ModuleClassResolver::resolve($container, $class)
|
2026-03-19 08:23:14 +01:00
|
|
|
);
|
|
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Resolve a service from the app container.
|
|
|
|
|
*/
|
|
|
|
|
function app(string $id): mixed
|
|
|
|
|
{
|
|
|
|
|
$container = $GLOBALS['minty_app_container'] ?? null;
|
|
|
|
|
if (!$container instanceof \MintyPHP\App\AppContainer) {
|
|
|
|
|
throw new \RuntimeException('App container is not initialized');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $container->get($id);
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Build an asset URL with filemtime cache-busting when available.
|
|
|
|
|
*/
|
2026-02-11 19:28:12 +01:00
|
|
|
function assetVersion(string $path): string
|
|
|
|
|
{
|
|
|
|
|
$path = ltrim($path, '/');
|
|
|
|
|
$file = dirname(__DIR__, 3) . '/web/' . $path;
|
|
|
|
|
$url = asset($path);
|
|
|
|
|
$version = @filemtime($file);
|
|
|
|
|
if ($version === false) {
|
|
|
|
|
return $url;
|
|
|
|
|
}
|
|
|
|
|
return $url . '?v=' . $version;
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Base URL including locale segment (e.g. /de/).
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function localeBase(): string
|
|
|
|
|
{
|
|
|
|
|
$locale = \MintyPHP\I18n::$locale ?? \MintyPHP\I18n::$defaultLocale;
|
|
|
|
|
$prefix = $locale !== '' ? $locale . '/' : '';
|
|
|
|
|
return \MintyPHP\Router::getBaseUrl() . $prefix;
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Locale-aware URL for app routes.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function lurl(string $path = ''): string
|
|
|
|
|
{
|
|
|
|
|
return localeBase() . ltrim($path, '/');
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* App title from settings with APP_NAME fallback.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appTitle(): string
|
|
|
|
|
{
|
2026-03-11 20:11:01 +01:00
|
|
|
$default = defined('APP_NAME') ? APP_NAME : 'CoreCore';
|
2026-02-04 23:31:53 +01:00
|
|
|
$title = appSetting('app_title');
|
|
|
|
|
if ($title !== null) {
|
|
|
|
|
return $title;
|
|
|
|
|
}
|
|
|
|
|
return $default;
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Build an absolute URL using APP_URL or request host fallback.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appUrl(string $path = ''): string
|
|
|
|
|
{
|
|
|
|
|
if ($path !== '' && preg_match('#^https?://#i', $path)) {
|
|
|
|
|
return $path;
|
|
|
|
|
}
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
// Prefer configured canonical URL to keep links stable.
|
2026-02-04 23:31:53 +01:00
|
|
|
$base = getenv('APP_URL') ?: '';
|
|
|
|
|
$base = rtrim((string) $base, '/');
|
|
|
|
|
if ($base === '') {
|
|
|
|
|
$scheme = 'http';
|
|
|
|
|
$https = $_SERVER['HTTPS'] ?? '';
|
|
|
|
|
$forwarded = $_SERVER['HTTP_X_FORWARDED_PROTO'] ?? '';
|
|
|
|
|
if ($https === 'on' || $https === '1' || $forwarded === 'https') {
|
|
|
|
|
$scheme = 'https';
|
|
|
|
|
}
|
|
|
|
|
$host = $_SERVER['HTTP_HOST'] ?? '';
|
|
|
|
|
if ($host !== '') {
|
|
|
|
|
$base = $scheme . '://' . $host;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($base === '') {
|
|
|
|
|
return \MintyPHP\Router::getBaseUrl() . ltrim((string) $path, '/');
|
|
|
|
|
}
|
|
|
|
|
$path = ltrim((string) $path, '/');
|
|
|
|
|
return $base . '/' . $path;
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Human-readable current user name fallback: first+last -> email.
|
|
|
|
|
*/
|
2026-02-11 19:28:12 +01:00
|
|
|
function currentUserDisplayName(): string
|
|
|
|
|
{
|
|
|
|
|
$user = $_SESSION['user'] ?? [];
|
|
|
|
|
$name = trim((string) (($user['first_name'] ?? '') . ' ' . ($user['last_name'] ?? '')));
|
|
|
|
|
if ($name !== '') {
|
|
|
|
|
return $name;
|
|
|
|
|
}
|
|
|
|
|
return trim((string) ($user['email'] ?? ''));
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Absolute logo URL (used in e-mails and metadata).
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appLogoUrlAbsolute(int $size = 128): string
|
|
|
|
|
{
|
|
|
|
|
$url = appLogoUrl($size);
|
|
|
|
|
return appUrl($url);
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
2026-04-01 20:27:42 +02:00
|
|
|
* Read one cached app setting from storage/runtime/settings.php.
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appSetting(string $key): ?string
|
|
|
|
|
{
|
2026-03-04 15:56:58 +01:00
|
|
|
if (!class_exists('MintyPHP\\Service\\Settings\\SettingCacheService')) {
|
2026-02-04 23:31:53 +01:00
|
|
|
return null;
|
|
|
|
|
}
|
2026-02-23 12:58:19 +01:00
|
|
|
|
2026-03-04 15:56:58 +01:00
|
|
|
return app(\MintyPHP\Service\Settings\SettingCacheService::class)->get($key);
|
2026-02-04 23:31:53 +01:00
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Load configured themes with a safe fallback list.
|
|
|
|
|
*/
|
2026-02-11 19:28:12 +01:00
|
|
|
function appThemes(): array
|
|
|
|
|
{
|
2026-03-13 11:31:33 +01:00
|
|
|
if (!class_exists('MintyPHP\\Service\\Settings\\ThemeConfigGateway')) {
|
2026-02-11 19:28:12 +01:00
|
|
|
return [
|
|
|
|
|
'light' => 'Light',
|
|
|
|
|
'dark' => 'Dark',
|
|
|
|
|
];
|
|
|
|
|
}
|
2026-02-23 12:58:19 +01:00
|
|
|
|
2026-03-13 11:31:33 +01:00
|
|
|
return app(\MintyPHP\Service\Settings\ThemeConfigGateway::class)->all();
|
2026-02-11 19:28:12 +01:00
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Resolve default locale only if it exists in APP_LOCALES.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appDefaultLocale(): ?string
|
|
|
|
|
{
|
|
|
|
|
$locale = appSetting('app_locale');
|
|
|
|
|
if ($locale === null) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
$available = defined('APP_LOCALES') ? APP_LOCALES : [];
|
|
|
|
|
if ($available && !in_array($locale, $available, true)) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
return $locale;
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Resolve default theme from settings, then APP_THEME, then light.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appDefaultTheme(): string
|
|
|
|
|
{
|
2026-02-11 19:28:12 +01:00
|
|
|
$themes = appThemes();
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
$tenantTheme = strtolower(trim((string) ($_SESSION['current_tenant']['default_theme'] ?? '')));
|
|
|
|
|
if ($tenantTheme !== '' && isset($themes[$tenantTheme])) {
|
|
|
|
|
return $tenantTheme;
|
|
|
|
|
}
|
2026-02-04 23:31:53 +01:00
|
|
|
$setting = appSetting('app_theme');
|
2026-02-11 19:28:12 +01:00
|
|
|
if ($setting !== null && isset($themes[$setting])) {
|
2026-02-04 23:31:53 +01:00
|
|
|
return $setting;
|
|
|
|
|
}
|
|
|
|
|
$envTheme = getenv('APP_THEME') ?: 'light';
|
|
|
|
|
$envTheme = strtolower(trim((string) $envTheme));
|
2026-02-11 19:28:12 +01:00
|
|
|
return isset($themes[$envTheme]) ? $envTheme : 'light';
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Resolve effective theme with optional per-user override.
|
|
|
|
|
*/
|
2026-02-11 19:28:12 +01:00
|
|
|
function currentTheme(): string
|
|
|
|
|
{
|
|
|
|
|
$themes = appThemes();
|
|
|
|
|
$theme = appDefaultTheme();
|
|
|
|
|
if (!allowUserTheme()) {
|
|
|
|
|
return $theme;
|
|
|
|
|
}
|
|
|
|
|
$user = $_SESSION['user'] ?? [];
|
|
|
|
|
$userTheme = strtolower(trim((string) ($user['theme'] ?? '')));
|
|
|
|
|
if ($userTheme !== '' && isset($themes[$userTheme])) {
|
|
|
|
|
return $userTheme;
|
|
|
|
|
}
|
|
|
|
|
return $theme;
|
2026-02-04 23:31:53 +01:00
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Feature flag: allow users to choose their own theme.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function allowUserTheme(): bool
|
|
|
|
|
{
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
$tenantValue = $_SESSION['current_tenant']['allow_user_theme'] ?? null;
|
|
|
|
|
if ($tenantValue !== null && $tenantValue !== '') {
|
|
|
|
|
$tenantValue = strtolower(trim((string) $tenantValue));
|
|
|
|
|
if (in_array($tenantValue, ['1', 'true', 'yes', 'on'], true)) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
if (in_array($tenantValue, ['0', 'false', 'no', 'off'], true)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-04 23:31:53 +01:00
|
|
|
$value = appSetting('app_theme_user');
|
|
|
|
|
if ($value === null || $value === '') {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return in_array(strtolower($value), ['1', 'true', 'yes', 'on'], true);
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Feature flag: allow public self-registration.
|
|
|
|
|
*/
|
2026-02-11 19:28:12 +01:00
|
|
|
function allowRegistration(): bool
|
|
|
|
|
{
|
|
|
|
|
$value = appSetting('app_registration');
|
|
|
|
|
if ($value === null || $value === '') {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return in_array(strtolower($value), ['1', 'true', 'yes', 'on'], true);
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-06 00:44:52 +01:00
|
|
|
/**
|
|
|
|
|
* Feature flag: allow frontend telemetry events.
|
|
|
|
|
*/
|
|
|
|
|
function frontendTelemetryEnabled(): bool
|
|
|
|
|
{
|
|
|
|
|
$value = appSetting('frontend_telemetry_enabled');
|
|
|
|
|
if ($value === null || $value === '') {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return in_array(strtolower(trim($value)), ['1', 'true', 'yes', 'on'], true);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Frontend telemetry sample rate normalized to 0..1.
|
|
|
|
|
*/
|
|
|
|
|
function frontendTelemetrySampleRate(): float
|
|
|
|
|
{
|
|
|
|
|
$value = appSetting('frontend_telemetry_sample_rate');
|
|
|
|
|
if ($value === null || trim($value) === '') {
|
|
|
|
|
return 0.2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$rate = is_numeric($value) ? (float) $value : NAN;
|
|
|
|
|
if (!is_finite($rate) || $rate < 0 || $rate > 1) {
|
|
|
|
|
return 0.2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $rate;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Allowed frontend telemetry events as canonical short keys.
|
|
|
|
|
*
|
|
|
|
|
* @return list<string>
|
|
|
|
|
*/
|
|
|
|
|
function frontendTelemetryAllowedEvents(): array
|
|
|
|
|
{
|
|
|
|
|
$allowed = ['warn_once', 'ajax_error'];
|
|
|
|
|
$value = appSetting('frontend_telemetry_allowed_events');
|
|
|
|
|
if ($value === null || trim($value) === '') {
|
|
|
|
|
return $allowed;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$items = preg_split('/[\s,]+/', strtolower(trim($value))) ?: [];
|
|
|
|
|
$normalized = array_values(array_unique(array_filter(
|
|
|
|
|
array_map(
|
|
|
|
|
static fn ($entry): string => trim((string) $entry),
|
|
|
|
|
$items
|
|
|
|
|
),
|
|
|
|
|
static fn ($entry): bool => in_array($entry, $allowed, true)
|
|
|
|
|
)));
|
|
|
|
|
|
|
|
|
|
if ($normalized === []) {
|
|
|
|
|
return $allowed;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sort($normalized, SORT_STRING);
|
|
|
|
|
return $normalized;
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Resolve active primary color (tenant override -> app setting).
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appPrimaryColor(): ?string
|
|
|
|
|
{
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
// Tenant-scoped branding has precedence over global settings.
|
2026-02-04 23:31:53 +01:00
|
|
|
$tenantColor = $_SESSION['current_tenant']['primary_color'] ?? null;
|
|
|
|
|
if ($tenantColor !== null) {
|
|
|
|
|
$tenantColor = strtolower(trim((string) $tenantColor));
|
|
|
|
|
if (preg_match('/^#([0-9a-f]{3}|[0-9a-f]{6})$/i', $tenantColor)) {
|
|
|
|
|
return $tenantColor;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$value = appSetting('app_primary_color');
|
|
|
|
|
if ($value === null) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
$value = strtolower(trim($value));
|
|
|
|
|
if (!preg_match('/^#([0-9a-f]{3}|[0-9a-f]{6})$/i', $value)) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
return $value;
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Convert current hex color to CSS HSL custom properties.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appPrimaryCssVars(): string
|
|
|
|
|
{
|
|
|
|
|
$hex = appPrimaryColor();
|
|
|
|
|
if ($hex === null) {
|
|
|
|
|
return '';
|
|
|
|
|
}
|
|
|
|
|
$hex = ltrim($hex, '#');
|
|
|
|
|
if (strlen($hex) === 3) {
|
|
|
|
|
$hex = $hex[0] . $hex[0] . $hex[1] . $hex[1] . $hex[2] . $hex[2];
|
|
|
|
|
}
|
|
|
|
|
$r = hexdec(substr($hex, 0, 2)) / 255;
|
|
|
|
|
$g = hexdec(substr($hex, 2, 2)) / 255;
|
|
|
|
|
$b = hexdec(substr($hex, 4, 2)) / 255;
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
// Short-circuit grayscale values to avoid unstable hue math.
|
2026-02-11 19:28:12 +01:00
|
|
|
$monoThreshold = 0.000001;
|
|
|
|
|
if (abs($r - $g) < $monoThreshold && abs($g - $b) < $monoThreshold) {
|
|
|
|
|
$l = round($r * 100, 2) . '%';
|
|
|
|
|
return "--app-primary-h-base: 0; --app-primary-s-base: 0%; --app-primary-l-base: {$l}; --app-primary-h-light: 0; --app-primary-s-light: 0%; --app-primary-l-light: {$l};";
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-04 23:31:53 +01:00
|
|
|
$max = max($r, $g, $b);
|
|
|
|
|
$min = min($r, $g, $b);
|
|
|
|
|
$delta = $max - $min;
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
if ($delta === 0.0) {
|
2026-02-11 19:28:12 +01:00
|
|
|
$l = round((($max + $min) / 2) * 100, 2) . '%';
|
|
|
|
|
return "--app-primary-h-base: 0; --app-primary-s-base: 0%; --app-primary-l-base: {$l}; --app-primary-h-light: 0; --app-primary-s-light: 0%; --app-primary-l-light: {$l};";
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-04 23:31:53 +01:00
|
|
|
$h = 0.0;
|
2026-02-11 19:28:12 +01:00
|
|
|
if ($max === $r) {
|
|
|
|
|
$h = 60 * fmod((($g - $b) / $delta), 6);
|
|
|
|
|
} elseif ($max === $g) {
|
|
|
|
|
$h = 60 * ((($b - $r) / $delta) + 2);
|
|
|
|
|
} else {
|
|
|
|
|
$h = 60 * ((($r - $g) / $delta) + 4);
|
2026-02-04 23:31:53 +01:00
|
|
|
}
|
|
|
|
|
if ($h < 0) {
|
|
|
|
|
$h += 360;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$l = ($max + $min) / 2;
|
2026-02-11 19:28:12 +01:00
|
|
|
$denominator = 1 - abs(2 * $l - 1);
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
if ($delta === 0.0 || $denominator === 0.0) {
|
2026-02-11 19:28:12 +01:00
|
|
|
$s = 0.0;
|
|
|
|
|
} else {
|
|
|
|
|
$s = $delta / $denominator;
|
|
|
|
|
}
|
2026-02-04 23:31:53 +01:00
|
|
|
|
|
|
|
|
$h = round($h, 2);
|
|
|
|
|
$s = round($s * 100, 2) . '%';
|
|
|
|
|
$l = round($l * 100, 2) . '%';
|
|
|
|
|
|
|
|
|
|
return "--app-primary-h-base: {$h}; --app-primary-s-base: {$s}; --app-primary-l-base: {$l}; --app-primary-h-light: {$h}; --app-primary-s-light: {$s}; --app-primary-l-light: {$l};";
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Resolve app logo path (custom upload with fallback asset).
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appLogoUrl(?int $size = null): string
|
|
|
|
|
{
|
2026-03-04 15:56:58 +01:00
|
|
|
if (class_exists('MintyPHP\\Service\\Branding\\BrandingLogoService')) {
|
|
|
|
|
$logoService = app(\MintyPHP\Service\Branding\BrandingLogoService::class);
|
2026-02-23 12:58:19 +01:00
|
|
|
if ($logoService->hasLogo()) {
|
|
|
|
|
$query = $size ? '?size=' . (int) $size : '';
|
|
|
|
|
return lurl('branding/logo' . $query);
|
|
|
|
|
}
|
2026-02-04 23:31:53 +01:00
|
|
|
}
|
|
|
|
|
return asset('brand/logo.svg');
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-13 18:28:13 +01:00
|
|
|
/**
|
|
|
|
|
* Resolve logo for auth pages: tenant avatar → global logo → default SVG.
|
|
|
|
|
*
|
|
|
|
|
* After logout the tenant context (`$_SESSION['current_tenant']`) is preserved,
|
|
|
|
|
* so the login page can show the tenant avatar instead of the generic app logo.
|
|
|
|
|
*/
|
|
|
|
|
function appAuthLogoUrl(?int $size = null): string
|
|
|
|
|
{
|
|
|
|
|
$tenantUuid = $_SESSION['current_tenant']['uuid'] ?? '';
|
|
|
|
|
if ($tenantUuid !== '' && class_exists('MintyPHP\\Service\\Tenant\\TenantAvatarService')) {
|
|
|
|
|
if (app(\MintyPHP\Service\Tenant\TenantAvatarService::class)->hasAvatar($tenantUuid)) {
|
|
|
|
|
$query = $size ? '&size=' . (int) $size : '';
|
|
|
|
|
return lurl('auth/tenant-avatar-file?uuid=' . rawurlencode($tenantUuid) . $query);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return appLogoUrl($size);
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Resolve favicon path (tenant favicon with global fallback).
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function appFaviconUrl(string $file): string
|
|
|
|
|
{
|
|
|
|
|
$tenantUuid = $_SESSION['current_tenant']['uuid'] ?? '';
|
2026-03-04 15:56:58 +01:00
|
|
|
if ($tenantUuid !== '' && class_exists('MintyPHP\\Service\\Tenant\\TenantFaviconService')) {
|
|
|
|
|
if (app(\MintyPHP\Service\Tenant\TenantFaviconService::class)->hasFavicon($tenantUuid)) {
|
2026-02-11 19:28:12 +01:00
|
|
|
return asset('favicon/tenants/' . $tenantUuid . '/favicon/' . ltrim($file, '/'));
|
2026-02-04 23:31:53 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return asset('favicon/' . ltrim($file, '/'));
|
|
|
|
|
}
|
|
|
|
|
|
add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00
|
|
|
/**
|
|
|
|
|
* Sort array items by 'description' case-insensitively.
|
|
|
|
|
*/
|
2026-02-04 23:31:53 +01:00
|
|
|
function sortByDescription(array &$items): void
|
|
|
|
|
{
|
2026-03-05 11:17:42 +01:00
|
|
|
usort(
|
|
|
|
|
$items,
|
|
|
|
|
static fn ($a, $b) =>
|
2026-02-04 23:31:53 +01:00
|
|
|
strcasecmp((string) ($a['description'] ?? ''), (string) ($b['description'] ?? ''))
|
|
|
|
|
);
|
|
|
|
|
}
|
2026-03-05 08:26:51 +01:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Decide whether any admin panel capability is available in layout auth.
|
|
|
|
|
*
|
|
|
|
|
* @param array<string, mixed> $layoutAuth
|
|
|
|
|
*/
|
|
|
|
|
function layoutHasAdminPanel(array $layoutAuth): bool
|
|
|
|
|
{
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
// Collect capability keys contributed by modules — these are non-admin
|
|
|
|
|
// capabilities that should not trigger the admin panel visibility.
|
|
|
|
|
$moduleCapabilities = [];
|
|
|
|
|
try {
|
|
|
|
|
/** @var \MintyPHP\App\Module\ModuleRegistry $registry */
|
|
|
|
|
$registry = app(\MintyPHP\App\Module\ModuleRegistry::class);
|
|
|
|
|
foreach ($registry->getUiSlots() as $contributions) {
|
|
|
|
|
foreach ($contributions as $contribution) {
|
|
|
|
|
$perm = is_array($contribution) ? trim((string) ($contribution['permission'] ?? '')) : '';
|
|
|
|
|
if ($perm !== '') {
|
|
|
|
|
$moduleCapabilities[$perm] = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} catch (\Throwable) {
|
|
|
|
|
// fail-open: if module registry is not available, skip module capabilities
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-05 08:26:51 +01:00
|
|
|
$capabilityKeys = array_keys(\MintyPHP\Service\Access\UiCapabilityMap::LAYOUT);
|
|
|
|
|
foreach ($capabilityKeys as $key) {
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
if (isset($moduleCapabilities[$key])) {
|
2026-03-05 08:26:51 +01:00
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (!empty($layoutAuth[$key])) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Normalize list-like input to sorted unique non-empty strings.
|
|
|
|
|
*
|
|
|
|
|
* @return list<string>
|
|
|
|
|
*/
|
|
|
|
|
function appNormalizeStringList(mixed $value): array
|
|
|
|
|
{
|
|
|
|
|
$raw = is_array($value) ? $value : explode(',', (string) $value);
|
|
|
|
|
$list = array_filter(array_map('trim', $raw), static fn ($item) => $item !== '');
|
|
|
|
|
$list = array_values(array_unique($list));
|
|
|
|
|
sort($list, SORT_STRING);
|
|
|
|
|
return $list;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Normalize list-like input to sorted unique positive integers.
|
|
|
|
|
*
|
|
|
|
|
* @return list<int>
|
|
|
|
|
*/
|
|
|
|
|
function appNormalizePositiveIntList(mixed $value): array
|
|
|
|
|
{
|
|
|
|
|
$raw = is_array($value) ? $value : explode(',', (string) $value);
|
|
|
|
|
$list = array_values(array_unique(array_map('intval', $raw)));
|
|
|
|
|
$list = array_values(array_filter($list, static fn ($item) => $item > 0));
|
|
|
|
|
sort($list, SORT_NUMERIC);
|
|
|
|
|
return $list;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
* Reserved top-level keys in layout navigation context that modules must not override.
|
2026-03-05 08:26:51 +01:00
|
|
|
*
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
* @return list<string>
|
2026-03-05 08:26:51 +01:00
|
|
|
*/
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
function appLayoutNavReservedKeys(): array
|
|
|
|
|
{
|
|
|
|
|
return [
|
|
|
|
|
'hasAdminPanel',
|
|
|
|
|
'moduleSlots',
|
|
|
|
|
'currentTenant',
|
|
|
|
|
'availableTenants',
|
|
|
|
|
'tenantQueryParam',
|
|
|
|
|
'tenantAvatar',
|
|
|
|
|
'csrfKey',
|
|
|
|
|
'csrfToken',
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Merge one module layout-provider payload into layout navigation context.
|
|
|
|
|
*
|
|
|
|
|
* Provider keys are contract-validated and must be namespaced (`module.key`).
|
|
|
|
|
*
|
|
|
|
|
* @param array<string, mixed> $layoutNav
|
|
|
|
|
* @param array<string, mixed> $providerData
|
|
|
|
|
* @return array<string, mixed>
|
|
|
|
|
*/
|
|
|
|
|
function appMergeLayoutNavProviderData(array $layoutNav, array $providerData, string $providerClass): array
|
2026-03-05 08:26:51 +01:00
|
|
|
{
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
$reserved = array_fill_keys(appLayoutNavReservedKeys(), true);
|
|
|
|
|
|
|
|
|
|
foreach ($providerData as $rawKey => $value) {
|
|
|
|
|
$key = trim((string) $rawKey);
|
2026-03-05 08:26:51 +01:00
|
|
|
if ($key === '') {
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
throw new \RuntimeException(
|
|
|
|
|
"Layout context provider '{$providerClass}' returned an empty top-level key."
|
|
|
|
|
);
|
2026-03-05 08:26:51 +01:00
|
|
|
}
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
if (isset($reserved[$key])) {
|
|
|
|
|
throw new \RuntimeException(
|
|
|
|
|
"Layout context provider '{$providerClass}' must not override reserved layout key '{$key}'."
|
|
|
|
|
);
|
2026-03-05 08:26:51 +01:00
|
|
|
}
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
if (array_key_exists($key, $layoutNav)) {
|
|
|
|
|
throw new \RuntimeException(
|
|
|
|
|
"Layout context provider '{$providerClass}' collides on existing layout key '{$key}'."
|
|
|
|
|
);
|
2026-03-05 08:26:51 +01:00
|
|
|
}
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
if (!preg_match('/^[a-z0-9]+[a-z0-9._-]*$/', $key) || !str_contains($key, '.')) {
|
|
|
|
|
throw new \RuntimeException(
|
|
|
|
|
"Layout context provider '{$providerClass}' key '{$key}' must be namespaced (e.g. '<module_id>.data')."
|
|
|
|
|
);
|
2026-03-05 08:26:51 +01:00
|
|
|
}
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
$layoutNav[$key] = $value;
|
2026-03-05 08:26:51 +01:00
|
|
|
}
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
|
|
|
|
|
return $layoutNav;
|
2026-03-05 08:26:51 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Build precomputed layout navigation context for templates.
|
|
|
|
|
*
|
|
|
|
|
* @param array<string, mixed> $layoutAuth
|
|
|
|
|
* @param array<string, mixed> $session
|
|
|
|
|
* @param array<string, mixed> $query
|
|
|
|
|
* @return array<string, mixed>
|
|
|
|
|
*/
|
|
|
|
|
function appBuildLayoutNavContext(array $layoutAuth, array $session, array $query): array
|
|
|
|
|
{
|
|
|
|
|
$currentTenant = is_array($session['current_tenant'] ?? null) ? $session['current_tenant'] : null;
|
|
|
|
|
$availableTenants = is_array($session['available_tenants'] ?? null) ? $session['available_tenants'] : [];
|
|
|
|
|
$tenantUuid = trim((string) ($currentTenant['uuid'] ?? ''));
|
|
|
|
|
$tenantName = trim((string) ($currentTenant['description'] ?? ''));
|
|
|
|
|
|
|
|
|
|
$tenantQueryParam = '';
|
|
|
|
|
if (count($availableTenants) > 1 && $tenantUuid !== '') {
|
|
|
|
|
$tenantQueryParam = '?tenant=' . urlencode($tenantUuid);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$tenantHasAvatar = false;
|
|
|
|
|
if ($tenantUuid !== '' && class_exists(\MintyPHP\Service\Tenant\TenantAvatarService::class)) {
|
|
|
|
|
$tenantHasAvatar = app(\MintyPHP\Service\Tenant\TenantAvatarService::class)->hasAvatar($tenantUuid);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$csrfKey = \MintyPHP\Session::$csrfSessionKey;
|
|
|
|
|
$csrfToken = (string) ($session[$csrfKey] ?? '');
|
|
|
|
|
|
feat: introduce module system and extract address book as first module (MODULAR-MONOLITH-V1-001)
Add a module kernel (ModuleManifest, ModuleRegistry) that allows modules to
contribute routes, UI slots, search providers, layout context, session
lifecycle, and permissions. Modules are activated via config/modules.php or
APP_ENABLED_MODULES env variable. Conflicts (duplicate routes, permissions,
slot keys) cause a fail-fast with a clear error message.
Extract the address book from hardcoded Core integration points into the
first module (modules/addressbook/). The module provides:
- Aside icon-bar tab + People panel via UI slot system
- Global search resource via AddressBookSearchProvider
- Layout context data via AddressBookLayoutProvider
- Session lifecycle via AddressBookSessionProvider
Core cleanup removes address-book hardcodings from SearchSqlResourceProvider,
SearchUiMetaProvider, SearchItemMapperProvider, appBuildLayoutNavContext(),
and the aside templates. Permissions (ADDRESS_BOOK_VIEW) and business logic
(AddressBookService) remain in Core as they gate general user visibility.
Includes 38 new tests (894 total), PHPStan level 5 clean, and architecture
tests verifying zero hardcoded address-book references in search/templates.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 15:43:25 +01:00
|
|
|
// Pre-resolve module UI slot contributions for templates (templates must not call app() directly)
|
|
|
|
|
$moduleUiSlots = [];
|
|
|
|
|
try {
|
|
|
|
|
/** @var \MintyPHP\App\Module\ModuleRegistry $moduleReg */
|
|
|
|
|
$moduleReg = app(\MintyPHP\App\Module\ModuleRegistry::class);
|
|
|
|
|
$moduleUiSlots = $moduleReg->getUiSlots();
|
|
|
|
|
} catch (\Throwable) {
|
|
|
|
|
// fail-open
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$layoutNav = [
|
2026-03-05 08:26:51 +01:00
|
|
|
'hasAdminPanel' => layoutHasAdminPanel($layoutAuth),
|
feat: introduce module system and extract address book as first module (MODULAR-MONOLITH-V1-001)
Add a module kernel (ModuleManifest, ModuleRegistry) that allows modules to
contribute routes, UI slots, search providers, layout context, session
lifecycle, and permissions. Modules are activated via config/modules.php or
APP_ENABLED_MODULES env variable. Conflicts (duplicate routes, permissions,
slot keys) cause a fail-fast with a clear error message.
Extract the address book from hardcoded Core integration points into the
first module (modules/addressbook/). The module provides:
- Aside icon-bar tab + People panel via UI slot system
- Global search resource via AddressBookSearchProvider
- Layout context data via AddressBookLayoutProvider
- Session lifecycle via AddressBookSessionProvider
Core cleanup removes address-book hardcodings from SearchSqlResourceProvider,
SearchUiMetaProvider, SearchItemMapperProvider, appBuildLayoutNavContext(),
and the aside templates. Permissions (ADDRESS_BOOK_VIEW) and business logic
(AddressBookService) remain in Core as they gate general user visibility.
Includes 38 new tests (894 total), PHPStan level 5 clean, and architecture
tests verifying zero hardcoded address-book references in search/templates.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 15:43:25 +01:00
|
|
|
'moduleSlots' => $moduleUiSlots,
|
2026-03-05 08:26:51 +01:00
|
|
|
'currentTenant' => $currentTenant,
|
|
|
|
|
'availableTenants' => $availableTenants,
|
|
|
|
|
'tenantQueryParam' => $tenantQueryParam,
|
|
|
|
|
'tenantAvatar' => [
|
|
|
|
|
'uuid' => $tenantUuid,
|
|
|
|
|
'name' => $tenantName,
|
|
|
|
|
'hasAvatar' => $tenantHasAvatar,
|
|
|
|
|
],
|
|
|
|
|
'csrfKey' => $csrfKey,
|
|
|
|
|
'csrfToken' => $csrfToken,
|
|
|
|
|
];
|
feat: introduce module system and extract address book as first module (MODULAR-MONOLITH-V1-001)
Add a module kernel (ModuleManifest, ModuleRegistry) that allows modules to
contribute routes, UI slots, search providers, layout context, session
lifecycle, and permissions. Modules are activated via config/modules.php or
APP_ENABLED_MODULES env variable. Conflicts (duplicate routes, permissions,
slot keys) cause a fail-fast with a clear error message.
Extract the address book from hardcoded Core integration points into the
first module (modules/addressbook/). The module provides:
- Aside icon-bar tab + People panel via UI slot system
- Global search resource via AddressBookSearchProvider
- Layout context data via AddressBookLayoutProvider
- Session lifecycle via AddressBookSessionProvider
Core cleanup removes address-book hardcodings from SearchSqlResourceProvider,
SearchUiMetaProvider, SearchItemMapperProvider, appBuildLayoutNavContext(),
and the aside templates. Permissions (ADDRESS_BOOK_VIEW) and business logic
(AddressBookService) remain in Core as they gate general user visibility.
Includes 38 new tests (894 total), PHPStan level 5 clean, and architecture
tests verifying zero hardcoded address-book references in search/templates.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 15:43:25 +01:00
|
|
|
|
|
|
|
|
// ── Module layout context providers ──────────────────────────────
|
|
|
|
|
// Modules can contribute additional layout data via LayoutContextProvider.
|
|
|
|
|
// Each provider returns a key-value array that is merged into $layoutNav.
|
|
|
|
|
try {
|
|
|
|
|
/** @var \MintyPHP\App\Module\ModuleRegistry $moduleRegistry */
|
|
|
|
|
$moduleRegistry = app(\MintyPHP\App\Module\ModuleRegistry::class);
|
|
|
|
|
} catch (\Throwable) {
|
|
|
|
|
// fail-open: if module registry is not available, skip module providers
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
return $layoutNav;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$container = $GLOBALS['minty_app_container'] ?? null;
|
|
|
|
|
if (!$container instanceof \MintyPHP\App\AppContainer) {
|
|
|
|
|
return $layoutNav;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
foreach ($moduleRegistry->getLayoutContextProviders() as $providerClass) {
|
2026-03-25 10:02:03 +01:00
|
|
|
$provider = \MintyPHP\App\Module\ModuleClassResolver::resolve($container, $providerClass);
|
feat: extend module platform with UI slots, runtime components, CLI tooling and {{userId}} search support
Completes the generic module platform that enables modules to contribute
UI elements, runtime JS components, and search resources without any
core hardcoding.
New generic UI slot types:
- topbar.right_item: module-contributed topbar buttons
- layout.body_end_template: module-contributed dialog/overlay templates
- layout.head_style: module-contributed global CSS
- runtime.component: declarative JS component registration with phase ordering
New infrastructure:
- ModuleAutoloader: PSR-4 autoloading for module-local PHP classes
- ModuleRuntimePageBuilder: symlinks module pages into runtime directory
- ModuleRuntimeAssetPublisher: publishes module CSS/JS to web/modules/
- ModulePermissionSynchronizer: syncs module permissions to DB
- CLI scripts: module-runtime-sync, module-build, module-migrate,
module-permissions-sync, module-assets-sync
- {{userId}} placeholder in SearchDataService for user-scoped search queries
- Component runtime with phased initialization (early/default/late)
- AppContainer.protectExistingBindings() to prevent module→core overwrites
- Architecture tests: ModuleStructureContractTest, CoreTemplateIsolationTest,
FrontendComponentRuntimeContractTest, AppContainerIsolationContractTest
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 22:19:56 +01:00
|
|
|
if ($provider instanceof \MintyPHP\App\Module\Contracts\LayoutContextProvider) {
|
|
|
|
|
$providerData = $provider->provide($session, $container);
|
|
|
|
|
if (!is_array($providerData)) {
|
|
|
|
|
throw new \RuntimeException(
|
|
|
|
|
"Layout context provider '{$providerClass}' must return an array."
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
$layoutNav = appMergeLayoutNavProviderData($layoutNav, $providerData, $providerClass);
|
|
|
|
|
}
|
feat: introduce module system and extract address book as first module (MODULAR-MONOLITH-V1-001)
Add a module kernel (ModuleManifest, ModuleRegistry) that allows modules to
contribute routes, UI slots, search providers, layout context, session
lifecycle, and permissions. Modules are activated via config/modules.php or
APP_ENABLED_MODULES env variable. Conflicts (duplicate routes, permissions,
slot keys) cause a fail-fast with a clear error message.
Extract the address book from hardcoded Core integration points into the
first module (modules/addressbook/). The module provides:
- Aside icon-bar tab + People panel via UI slot system
- Global search resource via AddressBookSearchProvider
- Layout context data via AddressBookLayoutProvider
- Session lifecycle via AddressBookSessionProvider
Core cleanup removes address-book hardcodings from SearchSqlResourceProvider,
SearchUiMetaProvider, SearchItemMapperProvider, appBuildLayoutNavContext(),
and the aside templates. Permissions (ADDRESS_BOOK_VIEW) and business logic
(AddressBookService) remain in Core as they gate general user visibility.
Includes 38 new tests (894 total), PHPStan level 5 clean, and architecture
tests verifying zero hardcoded address-book references in search/templates.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 15:43:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $layoutNav;
|
2026-03-05 08:26:51 +01:00
|
|
|
}
|