feat(tenant): per-theme logos + file-upload + button UI polish
Replace the single tenant avatar with a pair of theme-scoped brand logos.
Render only the theme-matching <img> server-side and swap src on theme
toggle via a JS hook — no reload, no double request, no CSS tricks.
Tenant logos
- TenantLogoService (ImageUploadTrait) with theme whitelist and per-theme
storage storage/tenants/{uuid}/logo/{light|dark}/, SIZES 128/256/512
- Public serving endpoint auth/tenant-logo-file so login can show the
logo pre-auth; matching authenticated admin preview endpoint
- appTenantLogoUrl(?size, ?theme) with 4-step fallback cascade; PDF +
mail always request 'light'
- Admin tenant edit: avatar block replaced by "Tenant logos" details
block inside the Master-data tab, two side-by-side slots via Pico
.grid with the core app-file-upload partial
- Policy rename ABILITY_ADMIN_TENANTS_AVATAR_VIEW -> LOGO_VIEW, action
routes logo / logo-delete / logo-file with theme body/query param
- API endpoint path kept (backward compat), internals on new service
- CLI tenant:logo-migrate-avatars moves legacy avatar/ -> logo/light/
idempotently (--dry-run, --yes, --cleanup)
- i18n "Tenant image" removed, 12 new keys synced across de/en
File upload component
- Full-width preview + filename/actions below (3D stack layout)
- Fixed 16:9 aspect ratio with 1rem inner padding for consistent
preview size across any logo aspect
- Transparency checker pattern as background so black logos stay
visible on dark mode and white logos on light mode
- form="" + deleteFormId support so the partial works with barrier
forms inside another form
Buttons
- width:100% dropped from button[type="submit"]; scoped back via
.login-main for the auth-flow primary CTA
- .outline base rule now tints background via color-mix of --app-color
so secondary/primary/danger outlines all gain a subtle surface
- .outline.secondary restyled Stripe-style in both themes: solid white
chip with soft shadow in light, solid elevated dark chip with white
text in dark; neutral border replaces role-colored border
- .app-action-success/.app-action-danger outlines get color-mix bg +
theme-aware outline-text tokens for stronger contrast
- Filled .primary/.app-action-success/.app-action-danger get raised
box-shadow (inset highlight + drop) — opt-in via class so chrome
buttons stay flat
- Dropped the legacy .secondary utility that was clobbering the
custom-property cascade with a hardcoded muted color
Theme swap
- Logo img carries data-src-light + data-src-dark; theme-toggle JS
swaps src when data-theme changes, keeping the topbar/login logo in
sync without a page reload
Quality gates: PHPUnit (2045), PHPStan L5, CS-Fixer, docs link/drift,
codex skills sync — all green.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -210,6 +210,31 @@ $openOverrideCard = $detailsOpenAll;
|
||||
</label>
|
||||
</div>
|
||||
<hr>
|
||||
<details name="tenant-master-branding" <?php e($detailsOpenAll ? 'open' : ''); ?>>
|
||||
<summary><?php e(t('Tenant logos')); ?></summary>
|
||||
<hr>
|
||||
<div class="grid">
|
||||
<?php
|
||||
$logoTheme = 'light';
|
||||
$hasLogo = $hasLogoLight ?? false;
|
||||
$fieldLabel = t('Light logo');
|
||||
$uploadFormId = 'tenant-logo-light-form';
|
||||
$deleteFormId = 'tenant-logo-light-delete-form';
|
||||
$canUpdate = $canUpdateTenant;
|
||||
require templatePath('partials/tenant-logo-upload.phtml');
|
||||
?>
|
||||
<?php
|
||||
$logoTheme = 'dark';
|
||||
$hasLogo = $hasLogoDark ?? false;
|
||||
$fieldLabel = t('Dark logo');
|
||||
$uploadFormId = 'tenant-logo-dark-form';
|
||||
$deleteFormId = 'tenant-logo-dark-delete-form';
|
||||
$canUpdate = $canUpdateTenant;
|
||||
require templatePath('partials/tenant-logo-upload.phtml');
|
||||
?>
|
||||
</div>
|
||||
</details>
|
||||
<hr>
|
||||
<details name="tenant-master-contact" <?php e($detailsOpenAll ? 'open' : ''); ?>>
|
||||
<summary><?php e(t('Contact')); ?></summary>
|
||||
<hr>
|
||||
|
||||
@@ -1,4 +0,0 @@
|
||||
<?php
|
||||
|
||||
http_response_code(404);
|
||||
return;
|
||||
@@ -19,11 +19,11 @@ $order = $filters['order'];
|
||||
$dir = $filters['dir'];
|
||||
$computedOrderKeys = ['users'];
|
||||
$userTenantRepository = app(\MintyPHP\Repository\Tenant\UserTenantRepository::class);
|
||||
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
||||
$tenantLogoService = app(\MintyPHP\Service\Tenant\TenantLogoService::class);
|
||||
$settingsDefaultsGateway = app(\MintyPHP\Service\Settings\SettingsDefaultsGateway::class);
|
||||
|
||||
$gridUserCountEnricher = app(\MintyPHP\Service\Data\GridUserCountEnricher::class);
|
||||
$fetchRows = static function (array $tenantRows) use ($userTenantRepository, $tenantAvatarService, $settingsDefaultsGateway, $gridUserCountEnricher): array {
|
||||
$fetchRows = static function (array $tenantRows) use ($userTenantRepository, $tenantLogoService, $settingsDefaultsGateway, $gridUserCountEnricher): array {
|
||||
$userCounts = $gridUserCountEnricher->computeCounts(
|
||||
$tenantRows,
|
||||
$userTenantRepository->countUsersByTenantIds(...),
|
||||
@@ -47,7 +47,10 @@ $fetchRows = static function (array $tenantRows) use ($userTenantRepository, $te
|
||||
'status_badge' => $tenantStatus->badgeVariant(),
|
||||
'status_label' => t($tenantStatus->labelToken()),
|
||||
'total_users' => $counts['active_users'] + $counts['inactive_users'],
|
||||
'has_avatar' => $tenantUuid !== '' && $tenantAvatarService->hasAvatar($tenantUuid),
|
||||
'has_logo' => $tenantUuid !== '' && (
|
||||
$tenantLogoService->hasLogo($tenantUuid, \MintyPHP\Service\Tenant\TenantLogoService::THEME_LIGHT)
|
||||
|| $tenantLogoService->hasLogo($tenantUuid, \MintyPHP\Service\Tenant\TenantLogoService::THEME_DARK)
|
||||
),
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
@@ -16,11 +16,12 @@ $canManageCustomFields = (bool) ($pageAuth['can_manage_custom_fields'] ?? false)
|
||||
$canManageSso = (bool) ($pageAuth['can_manage_sso'] ?? false);
|
||||
$isReadOnly = !$canUpdateTenant;
|
||||
$titleText = $isReadOnly ? t('View tenant') : t('Edit tenant');
|
||||
$avatarUuid = (string) ($values['uuid'] ?? '');
|
||||
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
||||
$tenantUuid = (string) ($values['uuid'] ?? '');
|
||||
$tenantLogoService = app(\MintyPHP\Service\Tenant\TenantLogoService::class);
|
||||
$tenantFaviconService = app(\MintyPHP\Service\Tenant\TenantFaviconService::class);
|
||||
$hasAvatar = $avatarUuid !== '' && $tenantAvatarService->hasAvatar($avatarUuid);
|
||||
$hasFavicon = $avatarUuid !== '' && $tenantFaviconService->hasFavicon($avatarUuid);
|
||||
$hasLogoLight = $tenantUuid !== '' && $tenantLogoService->hasLogo($tenantUuid, \MintyPHP\Service\Tenant\TenantLogoService::THEME_LIGHT);
|
||||
$hasLogoDark = $tenantUuid !== '' && $tenantLogoService->hasLogo($tenantUuid, \MintyPHP\Service\Tenant\TenantLogoService::THEME_DARK);
|
||||
$hasFavicon = $tenantUuid !== '' && $tenantFaviconService->hasFavicon($tenantUuid);
|
||||
|
||||
?>
|
||||
|
||||
@@ -55,6 +56,29 @@ $hasFavicon = $avatarUuid !== '' && $tenantFaviconService->hasFavicon($avatarUui
|
||||
require templatePath('partials/app-details-validation-summary.phtml');
|
||||
?>
|
||||
|
||||
<?php if ($canUpdateTenant && $tenantUuid !== ''): ?>
|
||||
<form id="tenant-logo-light-form" method="post"
|
||||
action="admin/tenants/logo/<?php e($tenantUuid); ?>" enctype="multipart/form-data" hidden>
|
||||
<input type="hidden" name="theme" value="light">
|
||||
<?php Session::getCsrfInput(); ?>
|
||||
</form>
|
||||
<form id="tenant-logo-dark-form" method="post"
|
||||
action="admin/tenants/logo/<?php e($tenantUuid); ?>" enctype="multipart/form-data" hidden>
|
||||
<input type="hidden" name="theme" value="dark">
|
||||
<?php Session::getCsrfInput(); ?>
|
||||
</form>
|
||||
<form id="tenant-logo-light-delete-form" method="post"
|
||||
action="admin/tenants/logo-delete/<?php e($tenantUuid); ?>" hidden>
|
||||
<input type="hidden" name="theme" value="light">
|
||||
<?php Session::getCsrfInput(); ?>
|
||||
</form>
|
||||
<form id="tenant-logo-dark-delete-form" method="post"
|
||||
action="admin/tenants/logo-delete/<?php e($tenantUuid); ?>" hidden>
|
||||
<input type="hidden" name="theme" value="dark">
|
||||
<?php Session::getCsrfInput(); ?>
|
||||
</form>
|
||||
<?php endif; ?>
|
||||
|
||||
<?php
|
||||
$detailsOpenAll = false;
|
||||
$isReadOnly = $isReadOnly ?? false;
|
||||
@@ -83,45 +107,11 @@ $hasFavicon = $avatarUuid !== '' && $tenantFaviconService->hasFavicon($avatarUui
|
||||
</section>
|
||||
<aside id="app-details-aside-section">
|
||||
<div class="app-details-aside-section">
|
||||
<div class="entity-avatar-block avatar-size-auto avatar-borderless">
|
||||
<?php if ($hasAvatar): ?>
|
||||
<a data-fslightbox="tenant-avatar" href="admin/tenants/avatar-file?uuid=<?php e($avatarUuid); ?>&size=256">
|
||||
<img class="entity-avatar-image" src="admin/tenants/avatar-file?uuid=<?php e($avatarUuid); ?>&size=128"
|
||||
alt="<?php e(t('Tenant image')); ?>">
|
||||
</a>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<hgroup>
|
||||
<h2><?php e($values['description'] ?? ''); ?></h2>
|
||||
<p><?php e(t('Tenant')); ?></p>
|
||||
</hgroup>
|
||||
<hr>
|
||||
<?php if ($canUpdateTenant): ?>
|
||||
<details name="tenant-avatar">
|
||||
<summary>
|
||||
<?php e(t('Upload image')); ?>
|
||||
</summary>
|
||||
<hr>
|
||||
<form class="user-avatar-form" method="post" action="admin/tenants/avatar/<?php e($avatarUuid); ?>"
|
||||
enctype="multipart/form-data">
|
||||
<?php
|
||||
$fileUpload = [
|
||||
'name' => 'avatar',
|
||||
'accept' => 'image/*',
|
||||
'hint' => t('Allowed file types: SVG, PNG, JPG, WEBP'),
|
||||
'currentSrc' => $hasAvatar ? 'admin/tenants/avatar-file?uuid=' . $avatarUuid . '&size=128' : '',
|
||||
'deleteAction' => $hasAvatar ? 'admin/tenants/avatar-delete/' . $avatarUuid : '',
|
||||
];
|
||||
require templatePath('partials/app-file-upload.phtml');
|
||||
?>
|
||||
<button type="submit" class="app-action-success">
|
||||
<?php e(t('Save')); ?>
|
||||
</button>
|
||||
<?php Session::getCsrfInput(); ?>
|
||||
</form>
|
||||
</details>
|
||||
<?php endif; ?>
|
||||
<hr>
|
||||
<?php if ($canUpdateTenant): ?>
|
||||
<details name="tenant-favicon">
|
||||
<summary>
|
||||
@@ -130,16 +120,16 @@ $hasFavicon = $avatarUuid !== '' && $tenantFaviconService->hasFavicon($avatarUui
|
||||
<hr>
|
||||
<small><?php e(t('Square images are recommended (icons are center-cropped).')); ?></small>
|
||||
<hr>
|
||||
<form class="user-avatar-form" method="post" action="admin/tenants/favicon/<?php e($avatarUuid); ?>"
|
||||
<form class="user-avatar-form" method="post" action="admin/tenants/favicon/<?php e($tenantUuid); ?>"
|
||||
enctype="multipart/form-data">
|
||||
<?php
|
||||
$fileUpload = [
|
||||
'name' => 'favicon',
|
||||
'accept' => 'image/png',
|
||||
'hint' => t('Allowed file types: PNG'),
|
||||
'currentSrc' => $hasFavicon ? asset('favicon/tenants/' . $avatarUuid . '/favicon/favicon-32x32.png') : '',
|
||||
'currentSrc' => $hasFavicon ? asset('favicon/tenants/' . $tenantUuid . '/favicon/favicon-32x32.png') : '',
|
||||
'currentLabel' => t('Favicon'),
|
||||
'deleteAction' => $hasFavicon ? 'admin/tenants/favicon-delete/' . $avatarUuid : '',
|
||||
'deleteAction' => $hasFavicon ? 'admin/tenants/favicon-delete/' . $tenantUuid : '',
|
||||
];
|
||||
require templatePath('partials/app-file-upload.phtml');
|
||||
?>
|
||||
|
||||
@@ -43,7 +43,7 @@ $pageConfig = [
|
||||
'filterChipMeta' => $filterChipMeta,
|
||||
'gridLang' => $gridLang,
|
||||
'labels' => [
|
||||
'avatar' => t('Avatar'),
|
||||
'logo' => t('Logo'),
|
||||
'tenant' => t('Tenant'),
|
||||
'users' => t('Users'),
|
||||
],
|
||||
|
||||
@@ -3,31 +3,41 @@
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Service\Tenant\TenantLogoService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
||||
$tenantLogoService = app(TenantLogoService::class);
|
||||
|
||||
if (!actionRequirePost('admin/tenants')) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!actionRequireCsrf('admin/tenants', 'admin/tenants', 'tenant_avatar_delete')) {
|
||||
if (!actionRequireCsrf('admin/tenants', 'admin/tenants', 'tenant_logo')) {
|
||||
return;
|
||||
}
|
||||
|
||||
$errorBag = formErrors();
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
if (!$tenantLogoService->isValidUuid($uuid)) {
|
||||
$errorBag->addGlobal('Tenant not found');
|
||||
flashFormErrors($errorBag, 'admin/tenants', 'tenant_avatar_delete');
|
||||
flashFormErrors($errorBag, 'admin/tenants', 'tenant_logo');
|
||||
Router::redirect('admin/tenants');
|
||||
return;
|
||||
}
|
||||
|
||||
$body = requestInput()->bodyAll();
|
||||
$theme = strtolower(trim((string) ($body['theme'] ?? '')));
|
||||
if (!$tenantLogoService->isValidTheme($theme)) {
|
||||
$errorBag->addGlobal(t('Invalid theme'));
|
||||
flashFormErrors($errorBag, "admin/tenants/edit/{$uuid}", 'tenant_logo_upload');
|
||||
Router::redirect("admin/tenants/edit/{$uuid}");
|
||||
return;
|
||||
}
|
||||
|
||||
$tenant = app(\MintyPHP\Service\Tenant\TenantService::class)->findByUuid($uuid);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
@@ -40,6 +50,14 @@ if (!$decision->isAllowed()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$tenantAvatarService->delete($uuid);
|
||||
Flash::success('Avatar removed', "admin/tenants/edit/{$uuid}", 'tenant_avatar_removed');
|
||||
$result = $tenantLogoService->saveUpload($uuid, $theme, requestInput()->filesAll()['logo'] ?? []);
|
||||
if (!($result['ok'] ?? false)) {
|
||||
$error = $result['error'] ?? t('Upload failed');
|
||||
$errorBag->addGlobal((string) $error);
|
||||
flashFormErrors($errorBag, "admin/tenants/edit/{$uuid}", 'tenant_logo_upload');
|
||||
Router::redirect("admin/tenants/edit/{$uuid}");
|
||||
return;
|
||||
}
|
||||
|
||||
Flash::success('Logo updated', "admin/tenants/edit/{$uuid}", 'tenant_logo_updated');
|
||||
Router::redirect("admin/tenants/edit/{$uuid}");
|
||||
@@ -3,31 +3,41 @@
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Router;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Service\Tenant\TenantLogoService;
|
||||
use MintyPHP\Support\Flash;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
||||
$tenantLogoService = app(TenantLogoService::class);
|
||||
|
||||
if (!actionRequirePost('admin/tenants')) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!actionRequireCsrf('admin/tenants', 'admin/tenants', 'tenant_avatar')) {
|
||||
if (!actionRequireCsrf('admin/tenants', 'admin/tenants', 'tenant_logo_delete')) {
|
||||
return;
|
||||
}
|
||||
|
||||
$errorBag = formErrors();
|
||||
$uuid = trim((string) ($id ?? ''));
|
||||
if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
if (!$tenantLogoService->isValidUuid($uuid)) {
|
||||
$errorBag->addGlobal('Tenant not found');
|
||||
flashFormErrors($errorBag, 'admin/tenants', 'tenant_avatar');
|
||||
flashFormErrors($errorBag, 'admin/tenants', 'tenant_logo_delete');
|
||||
Router::redirect('admin/tenants');
|
||||
return;
|
||||
}
|
||||
|
||||
$body = requestInput()->bodyAll();
|
||||
$theme = strtolower(trim((string) ($body['theme'] ?? '')));
|
||||
if (!$tenantLogoService->isValidTheme($theme)) {
|
||||
$errorBag->addGlobal(t('Invalid theme'));
|
||||
flashFormErrors($errorBag, "admin/tenants/edit/{$uuid}", 'tenant_logo_delete');
|
||||
Router::redirect("admin/tenants/edit/{$uuid}");
|
||||
return;
|
||||
}
|
||||
|
||||
$tenant = app(\MintyPHP\Service\Tenant\TenantService::class)->findByUuid($uuid);
|
||||
$tenantId = (int) ($tenant['id'] ?? 0);
|
||||
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
||||
@@ -40,14 +50,6 @@ if (!$decision->isAllowed()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$result = $tenantAvatarService->saveUpload($uuid, requestInput()->filesAll()['avatar'] ?? []);
|
||||
if (!($result['ok'] ?? false)) {
|
||||
$error = $result['error'] ?? t('Upload failed');
|
||||
$errorBag->addGlobal((string) $error);
|
||||
flashFormErrors($errorBag, "admin/tenants/edit/{$uuid}", 'tenant_avatar_upload');
|
||||
Router::redirect("admin/tenants/edit/{$uuid}");
|
||||
return;
|
||||
}
|
||||
|
||||
Flash::success('Avatar updated', "admin/tenants/edit/{$uuid}", 'tenant_avatar_updated');
|
||||
$tenantLogoService->delete($uuid, $theme);
|
||||
Flash::success('Logo removed', "admin/tenants/edit/{$uuid}", 'tenant_logo_removed');
|
||||
Router::redirect("admin/tenants/edit/{$uuid}");
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
use MintyPHP\Http\SessionStoreInterface;
|
||||
use MintyPHP\Service\Access\TenantAuthorizationPolicy;
|
||||
use MintyPHP\Service\Tenant\TenantLogoService;
|
||||
use MintyPHP\Support\Guard;
|
||||
|
||||
$session = app(SessionStoreInterface::class)->all();
|
||||
@@ -9,11 +10,13 @@ define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
Guard::requireLogin();
|
||||
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
||||
$tenantAvatarService = app(\MintyPHP\Service\Tenant\TenantAvatarService::class);
|
||||
$tenantLogoService = app(TenantLogoService::class);
|
||||
|
||||
$uuid = trim((string) (requestInput()->queryAll()['uuid'] ?? ''));
|
||||
$size = isset(requestInput()->queryAll()['size']) ? (int) requestInput()->queryAll()['size'] : null;
|
||||
if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
$query = requestInput()->queryAll();
|
||||
$uuid = trim((string) ($query['uuid'] ?? ''));
|
||||
$theme = strtolower(trim((string) ($query['theme'] ?? '')));
|
||||
$size = isset($query['size']) ? (int) $query['size'] : null;
|
||||
if (!$tenantLogoService->isValidUuid($uuid) || !$tenantLogoService->isValidTheme($theme)) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
@@ -25,7 +28,7 @@ if ($tenantId <= 0) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_AVATAR_VIEW, [
|
||||
$decision = $authorizationService->authorize(TenantAuthorizationPolicy::ABILITY_ADMIN_TENANTS_LOGO_VIEW, [
|
||||
'actor_user_id' => $currentUserId,
|
||||
'target_tenant_id' => $tenantId,
|
||||
]);
|
||||
@@ -34,13 +37,13 @@ if (!$decision->isAllowed()) {
|
||||
return;
|
||||
}
|
||||
|
||||
$path = $tenantAvatarService->findAvatarPath($uuid, $size);
|
||||
$path = $tenantLogoService->findLogoPath($uuid, $theme, $size);
|
||||
if (!$path || !is_file($path)) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
|
||||
$mime = $tenantAvatarService->detectMime($path);
|
||||
$mime = $tenantLogoService->detectMime($path);
|
||||
header('Content-Type: ' . $mime);
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
header('Content-Security-Policy: sandbox');
|
||||
@@ -3,6 +3,7 @@
|
||||
use MintyPHP\Http\ApiAuth;
|
||||
use MintyPHP\Http\ApiBootstrap;
|
||||
use MintyPHP\Http\ApiResponse;
|
||||
use MintyPHP\Service\Tenant\TenantLogoService;
|
||||
use MintyPHP\Service\Tenant\TenantServicesFactory;
|
||||
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
@@ -17,9 +18,9 @@ if ($uuid === '') {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
|
||||
$tenantAvatarService = (app(TenantServicesFactory::class))->createTenantAvatarService();
|
||||
$tenantLogoService = (app(TenantServicesFactory::class))->createTenantLogoService();
|
||||
|
||||
if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
if (!$tenantLogoService->isValidUuid($uuid)) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
|
||||
@@ -32,12 +33,21 @@ if ($tenantId <= 0) {
|
||||
ApiAuth::requireResourceAccess('tenants', $tenantId);
|
||||
|
||||
$size = $request->hasQuery('size') ? $request->queryInt('size') : null;
|
||||
$path = $tenantAvatarService->findAvatarPath($uuid, $size);
|
||||
$theme = $request->hasQuery('theme') ? strtolower(trim((string) $request->queryAll()['theme'])) : TenantLogoService::THEME_LIGHT;
|
||||
if (!$tenantLogoService->isValidTheme($theme)) {
|
||||
$theme = TenantLogoService::THEME_LIGHT;
|
||||
}
|
||||
$path = $tenantLogoService->findLogoPath($uuid, $theme, $size);
|
||||
if (!$path || !is_file($path)) {
|
||||
// Fallback to the other theme so single-theme tenants still respond.
|
||||
$otherTheme = $theme === TenantLogoService::THEME_DARK ? TenantLogoService::THEME_LIGHT : TenantLogoService::THEME_DARK;
|
||||
$path = $tenantLogoService->findLogoPath($uuid, $otherTheme, $size);
|
||||
}
|
||||
if (!$path || !is_file($path)) {
|
||||
ApiResponse::notFound();
|
||||
}
|
||||
|
||||
$mime = $tenantAvatarService->detectMime($path);
|
||||
$mime = $tenantLogoService->detectMime($path);
|
||||
header('Content-Type: ' . $mime);
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
header('Content-Security-Policy: sandbox');
|
||||
|
||||
@@ -69,12 +69,12 @@ $authServicesFactory = app(AuthServicesFactory::class);
|
||||
$authService = $authServicesFactory->createAuthService();
|
||||
$rememberMeService = $authServicesFactory->createRememberMeService();
|
||||
$tenantSsoService = $authServicesFactory->createTenantSsoService();
|
||||
$tenantAvatarService = (app(TenantServicesFactory::class))->createTenantAvatarService();
|
||||
$tenantLogoService = (app(TenantServicesFactory::class))->createTenantLogoService();
|
||||
$userServicesFactory = app(UserServicesFactory::class);
|
||||
$userReadRepository = $userServicesFactory->createUserReadRepository();
|
||||
$userTenantContextService = $userServicesFactory->createUserTenantContextService();
|
||||
|
||||
$resolveLoginCandidates = static function (string $inputEmail) use ($userReadRepository, $userTenantContextService, $tenantSsoService, $tenantAvatarService): array {
|
||||
$resolveLoginCandidates = static function (string $inputEmail) use ($userReadRepository, $userTenantContextService, $tenantSsoService, $tenantLogoService): array {
|
||||
$emailValue = strtolower(trim($inputEmail));
|
||||
if ($emailValue === '' || !filter_var($emailValue, FILTER_VALIDATE_EMAIL)) {
|
||||
return ['ok' => false];
|
||||
@@ -119,7 +119,10 @@ $resolveLoginCandidates = static function (string $inputEmail) use ($userReadRep
|
||||
? ($discoveryMethodsByTenantId[$tenantId] ?? ['local' => false, 'microsoft' => false, 'microsoft_reason' => '', 'ldap' => false, 'ldap_reason' => ''])
|
||||
: $tenantSsoService->resolveTenantLoginMethods($tenantId);
|
||||
$tenantUuid = (string) ($tenant['uuid'] ?? '');
|
||||
$hasAvatar = $tenantUuid !== '' && $tenantAvatarService->hasAvatar($tenantUuid);
|
||||
$hasLogoLight = $tenantUuid !== '' && $tenantLogoService->hasLogo($tenantUuid, \MintyPHP\Service\Tenant\TenantLogoService::THEME_LIGHT);
|
||||
$hasLogoDark = $tenantUuid !== '' && $tenantLogoService->hasLogo($tenantUuid, \MintyPHP\Service\Tenant\TenantLogoService::THEME_DARK);
|
||||
$hasAvatar = $hasLogoLight || $hasLogoDark;
|
||||
$logoTheme = $hasLogoLight ? 'light' : ($hasLogoDark ? 'dark' : '');
|
||||
$candidate = [
|
||||
'id' => $tenantId,
|
||||
'uuid' => $tenantUuid,
|
||||
@@ -127,7 +130,7 @@ $resolveLoginCandidates = static function (string $inputEmail) use ($userReadRep
|
||||
'slug' => $tenantSlug,
|
||||
'has_avatar' => $hasAvatar,
|
||||
'avatar_url' => $hasAvatar
|
||||
? lurl('auth/tenant-avatar-file?uuid=' . rawurlencode($tenantUuid) . '&size=256')
|
||||
? lurl('auth/tenant-logo-file?uuid=' . rawurlencode($tenantUuid) . '&theme=' . rawurlencode($logoTheme) . '&size=256')
|
||||
: '',
|
||||
'methods' => $methods,
|
||||
];
|
||||
|
||||
@@ -4,10 +4,12 @@ use MintyPHP\Service\Tenant\TenantServicesFactory;
|
||||
|
||||
define('MINTY_ALLOW_OUTPUT', true);
|
||||
|
||||
$uuid = trim((string) (requestInput()->queryAll()['uuid'] ?? ''));
|
||||
$size = isset(requestInput()->queryAll()['size']) ? (int) requestInput()->queryAll()['size'] : null;
|
||||
$tenantAvatarService = (app(TenantServicesFactory::class))->createTenantAvatarService();
|
||||
if (!$tenantAvatarService->isValidUuid($uuid)) {
|
||||
$query = requestInput()->queryAll();
|
||||
$uuid = trim((string) ($query['uuid'] ?? ''));
|
||||
$theme = strtolower(trim((string) ($query['theme'] ?? '')));
|
||||
$size = isset($query['size']) ? (int) $query['size'] : null;
|
||||
$tenantLogoService = (app(TenantServicesFactory::class))->createTenantLogoService();
|
||||
if (!$tenantLogoService->isValidUuid($uuid) || !$tenantLogoService->isValidTheme($theme)) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
@@ -18,13 +20,13 @@ if (!$tenant || (string) ($tenant['status'] ?? 'active') !== 'active') {
|
||||
return;
|
||||
}
|
||||
|
||||
$path = $tenantAvatarService->findAvatarPath($uuid, $size);
|
||||
$path = $tenantLogoService->findLogoPath($uuid, $theme, $size);
|
||||
if (!$path || !is_file($path)) {
|
||||
http_response_code(404);
|
||||
return;
|
||||
}
|
||||
|
||||
$mime = $tenantAvatarService->detectMime($path);
|
||||
$mime = $tenantLogoService->detectMime($path);
|
||||
header('Content-Type: ' . $mime);
|
||||
header('X-Content-Type-Options: nosniff');
|
||||
header('Content-Security-Policy: sandbox');
|
||||
Reference in New Issue
Block a user