refactor(settings): remove global appearance settings — tenant is sole source
Removes the global app_theme, app_theme_user and app_primary_color settings from the admin/settings area and the underlying service/cache/API/i18n/docs layers. The tenant columns (tenants.primary_color, default_theme, allow_user_theme) become the single source of truth for appearance. Branding helpers are tenant-only and fall back to a hardcoded 'light' theme with no brand color when no tenant context is available (login, error, pre-session pages). The APP_THEME env var is removed. Scope: - UI: Appearance tab gone from /admin/settings; tenant edit form drops the global-fallback color preview. - Service: SettingsAppGateway no longer exposes setting-backed accessors for theme/user-theme/primary-color. Theme catalog utilities (listThemes, isAllowedTheme, normalizeTheme, resolveDefaultTheme) stay and are used across Tenant / Auth / User flows; resolveDefaultTheme now hardcodes 'light' with a catalog fallback (no global/env lookup). - AdminSettingsService: buildPageData, sanitization, audit snapshot, apply step and cache payload are all stripped of the three keys. Dead helper applyAppPrimaryColor + normalizePrimaryColor removed. - Cache: SettingCacheService HOT_PATH_KEYS drops the three keys. - API: /settings (GET/PUT) and /settings/public (GET) no longer expose appearance fields; OpenAPI schemas pruned accordingly. - Audit redaction list shortened. - DB: db/init/init.sql seed rows removed. No migration for existing installs — legacy rows stay inert. - i18n + docs: setting.app_theme, setting.app_theme_user, setting.app_primary_color removed from de+en locales; reference and explanation docs updated. - Tests: covering tests for the removed methods pruned; ThemeResolutionTest rewritten for tenant-only semantics. One unrelated PHP-CS-Fixer issue in UserRegistrar.php cleaned up to keep QG-006 green. Workflow: .agents/runs/SETTINGS-APPEARANCE-TENANT-ONLY/ (gitignored). Gates: QG-001..003, QG-006, QG-008 all pass (1985 tests, 28764 assertions). Reviews: code, security, acceptance all pass. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -4,6 +4,19 @@ namespace MintyPHP\Service\Settings;
|
||||
|
||||
use MintyPHP\I18n;
|
||||
|
||||
/**
|
||||
* App-wide (global) settings gateway.
|
||||
*
|
||||
* Appearance SETTINGS (theme, user-theme toggle, primary color) are NOT
|
||||
* managed globally — they live on the tenant (tenants.primary_color,
|
||||
* default_theme, allow_user_theme) and are resolved by branding helpers.
|
||||
*
|
||||
* The theme CATALOG utilities (listThemes, isAllowedTheme, normalizeTheme,
|
||||
* resolveDefaultTheme) stay because consumers across Tenant / Auth / User
|
||||
* flows need to validate a theme value and resolve a safe default. There is
|
||||
* no global setting lookup in these helpers anymore — the default is a
|
||||
* hardcoded 'light' falling back to the first available catalog entry.
|
||||
*/
|
||||
class SettingsAppGateway
|
||||
{
|
||||
public function __construct(
|
||||
@@ -53,87 +66,6 @@ class SettingsAppGateway
|
||||
return $this->settingsMetadataGateway->set(SettingKeys::APP_LOCALE_KEY, $value, $desc);
|
||||
}
|
||||
|
||||
public function getAppTheme(): ?string
|
||||
{
|
||||
$value = $this->settingsMetadataGateway->getValue(SettingKeys::APP_THEME_KEY);
|
||||
$value = $value !== null ? strtolower(trim($value)) : '';
|
||||
if (!$this->isAllowedTheme($value)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return $value;
|
||||
}
|
||||
|
||||
public function setAppTheme(?string $theme, ?string $description = null): bool
|
||||
{
|
||||
$value = $theme !== null ? strtolower(trim($theme)) : '';
|
||||
if ($value === '' || !$this->isAllowedTheme($value)) {
|
||||
$value = null;
|
||||
}
|
||||
|
||||
$desc = $description ?? 'setting.app_theme';
|
||||
return $this->settingsMetadataGateway->set(SettingKeys::APP_THEME_KEY, $value, $desc);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array<string, string>
|
||||
*/
|
||||
public function listThemes(): array
|
||||
{
|
||||
return $this->themeConfigService->all();
|
||||
}
|
||||
|
||||
public function isAllowedTheme(?string $theme): bool
|
||||
{
|
||||
$value = strtolower(trim((string) $theme));
|
||||
return $value !== '' && in_array($value, $this->allowedThemes(), true);
|
||||
}
|
||||
|
||||
public function resolveDefaultTheme(): string
|
||||
{
|
||||
$settingTheme = $this->getAppTheme();
|
||||
if ($settingTheme !== null) {
|
||||
return $settingTheme;
|
||||
}
|
||||
|
||||
$envTheme = strtolower(trim((string) (getenv('APP_THEME') ?: '')));
|
||||
if ($this->isAllowedTheme($envTheme)) {
|
||||
return $envTheme;
|
||||
}
|
||||
|
||||
$allowedThemes = $this->allowedThemes();
|
||||
if (in_array('light', $allowedThemes, true)) {
|
||||
return 'light';
|
||||
}
|
||||
|
||||
return (string) ($allowedThemes[0] ?? 'light');
|
||||
}
|
||||
|
||||
public function normalizeTheme(?string $theme): string
|
||||
{
|
||||
$value = strtolower(trim((string) $theme));
|
||||
if ($this->isAllowedTheme($value)) {
|
||||
return $value;
|
||||
}
|
||||
|
||||
return $this->resolveDefaultTheme();
|
||||
}
|
||||
|
||||
public function isUserThemeAllowed(): bool
|
||||
{
|
||||
return settingToBool(
|
||||
$this->settingsMetadataGateway->getValue(SettingKeys::APP_THEME_USER_KEY),
|
||||
true
|
||||
);
|
||||
}
|
||||
|
||||
public function setUserThemeAllowed(bool $allowed, ?string $description = null): bool
|
||||
{
|
||||
$value = $allowed ? '1' : '0';
|
||||
$desc = $description ?? 'setting.app_theme_user';
|
||||
return $this->settingsMetadataGateway->set(SettingKeys::APP_THEME_USER_KEY, $value, $desc);
|
||||
}
|
||||
|
||||
public function isRegistrationEnabled(): bool
|
||||
{
|
||||
return settingToBool(
|
||||
@@ -149,44 +81,46 @@ class SettingsAppGateway
|
||||
return $this->settingsMetadataGateway->set(SettingKeys::APP_REGISTRATION_KEY, $value, $desc);
|
||||
}
|
||||
|
||||
public function getAppPrimaryColor(): ?string
|
||||
/**
|
||||
* Catalog of available themes — purely code-level (config/themes.php),
|
||||
* not a global setting.
|
||||
*
|
||||
* @return array<string, string>
|
||||
*/
|
||||
public function listThemes(): array
|
||||
{
|
||||
$value = $this->settingsMetadataGateway->getValue(SettingKeys::APP_PRIMARY_COLOR_KEY);
|
||||
$value = $value !== null ? strtolower(trim($value)) : '';
|
||||
if ($value === '') {
|
||||
return null;
|
||||
}
|
||||
if (!preg_match('/^#([0-9a-f]{3}|[0-9a-f]{4}|[0-9a-f]{6}|[0-9a-f]{8})$/i', $value)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return $value;
|
||||
return $this->themeConfigService->all();
|
||||
}
|
||||
|
||||
public function setAppPrimaryColor(?string $color, ?string $description = null): bool
|
||||
public function isAllowedTheme(?string $theme): bool
|
||||
{
|
||||
$value = $color !== null ? strtolower(trim($color)) : '';
|
||||
if ($value !== '' && $value[0] !== '#') {
|
||||
if (preg_match('/^[0-9a-f]{3}$/i', $value)
|
||||
|| preg_match('/^[0-9a-f]{4}$/i', $value)
|
||||
|| preg_match('/^[0-9a-f]{6}$/i', $value)
|
||||
|| preg_match('/^[0-9a-f]{8}$/i', $value)) {
|
||||
$value = '#' . $value;
|
||||
}
|
||||
}
|
||||
if ($value === '') {
|
||||
$value = null;
|
||||
} elseif (!preg_match('/^#([0-9a-f]{3}|[0-9a-f]{4}|[0-9a-f]{6}|[0-9a-f]{8})$/i', $value)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$desc = $description ?? 'setting.app_primary_color';
|
||||
return $this->settingsMetadataGateway->set(SettingKeys::APP_PRIMARY_COLOR_KEY, $value, $desc);
|
||||
$value = strtolower(trim((string) $theme));
|
||||
return $value !== '' && in_array($value, $this->allowedThemes(), true);
|
||||
}
|
||||
|
||||
private function allowedThemes(): array
|
||||
/**
|
||||
* Default theme for flows that need ONE value without a tenant context
|
||||
* (user creation defaults, SSO-linked account provisioning, etc.).
|
||||
* Hardcoded to 'light' with a catalog fallback — no global setting.
|
||||
*/
|
||||
public function resolveDefaultTheme(): string
|
||||
{
|
||||
return array_keys($this->listThemes());
|
||||
$allowed = $this->allowedThemes();
|
||||
if (in_array('light', $allowed, true)) {
|
||||
return 'light';
|
||||
}
|
||||
|
||||
return (string) ($allowed[0] ?? 'light');
|
||||
}
|
||||
|
||||
public function normalizeTheme(?string $theme): string
|
||||
{
|
||||
$value = strtolower(trim((string) $theme));
|
||||
if ($this->isAllowedTheme($value)) {
|
||||
return $value;
|
||||
}
|
||||
|
||||
return $this->resolveDefaultTheme();
|
||||
}
|
||||
|
||||
public function normalizeLocale(?string $locale): string
|
||||
@@ -199,4 +133,12 @@ class SettingsAppGateway
|
||||
|
||||
return $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return list<string>
|
||||
*/
|
||||
private function allowedThemes(): array
|
||||
{
|
||||
return array_keys($this->listThemes());
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user