- remove legacy bin/module-*.php and bin/doctor.php entry scripts
- move module/doctor execution into class-based runners under lib/Console
- add stable JSON output for doctor and module:sync
- introduce bin/dev for init/up/down/logs/console/qa workflow
- update DI wiring, phpstan scan config, tests, and docs to new CLI contract
web/modules/* symlinks point to absolute Docker container paths
(/var/www/modules/*/web) and are regenerated by module:assets-sync.
They should not be tracked — they break on fresh clones and are
machine-specific.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Use short i18n keys for audit nav labels (nav.audit.*) with translations
in both language files. Restyle admin sidebar group icons with colored
pill backgrounds per group. Adjust details summary line-height and
active-state border color to use group icon color.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Introduce generic explorer.nav_item slot type in app-main-aside.phtml
so modules can contribute links to the explorer nav panel.
Switch addressbook module from aside.tab_panel to explorer.nav_item.
Remove aside department-filter panel, AddressBookLayoutProvider, and
AddressBookSessionProvider (only served the now-removed aside panel).
Fix grid Name column overflow into Email column: CSS selector
.grid-name-cell > span:last-child never matched the <a> name link;
changed to :last-child and scoped flex-shrink:0 to :first-child only.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The api_docs.view ability was missing from layoutAuth after removing
the sidebar.admin_nav_item slot from the api-docs module. Add a
HelpCenterLayoutProvider that checks the ability via AuthorizationService
and provides the result in layout nav context (help-center.nav). Panel
template now reads can_view_api_docs from the provider instead of
layoutAuth.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add details_storage and details_open_active to the aside.tab_panel
slot declaration, matching the admin panel pattern. Section disclosure
state is now saved and restored across page loads.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
API docs is now accessible exclusively through the help-center panel.
Remove the sidebar.admin_nav_item slot from the api-docs module
manifest — no longer needed in the admin-automation group.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove Documentation and System Info nav items from the admin sidebar
System group — they now live in the help-center panel. The admin
System group retains only Settings. Removes unused $canViewSystemInfo
variable from the sidebar template.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Rewrite help panel to use the same grouped navigation pattern as the
admin aside panel (details/summary with nav links). Remove inline
keyboard shortcuts table and about section. Panel now shows
permission-gated navigation groups: Documentation (docs viewer, API
docs) and System (system info). Remove custom CSS — panel inherits
existing app-sidebar-admin-nav styling.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New help-center module adds a question-mark icon to the sidebar with
an aside panel containing three sections: Documentation (permission-
gated links to docs viewer and API docs), Keyboard Shortcuts (inline
reference from HotkeyService with Mac/Win variants), and About
(application info). Visible to all logged-in users — individual
resource links respect existing permissions.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move the Swagger UI viewer from core (pages/admin/api-docs/) into
modules/api-docs/ as a self-contained module. Create module manifest
with routes, permission, sidebar.admin_nav_item slot, asset group,
and authorization policy. Remove API docs ability from core
OperationsAuthorizationPolicy and UiCapabilityMap. Remove hardcoded
sidebar nav item — now contributed via module slot. Add
admin-automation group meta to sidebar template for module nav items.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add howto-modul-erstellen.md covering the full module creation workflow:
scaffold, manifest, container registration, first page, sync, validate,
and test. Includes 9 extension point examples, merge checklist, and
troubleshooting table. Documents the AuthorizationPolicy container
registration requirement (policies with constructor params must be
explicitly registered). Update make:module command output to reference
the tutorial, manifest contract, and notifications as reference module.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Create AuditPageHelper with requirePurgePost() and findOrRedirect()
to eliminate duplicated POST/CSRF guard boilerplate across 4 purge
pages and find-or-redirect boilerplate across 4 view pages. Each page
retains its stream-specific logic (system-audit event recording,
user-lifecycle snapshot/restore).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
AddressBookAuthorizationPolicy requires PermissionService in its
constructor, so ModuleClassResolver cannot auto-instantiate it.
Register it explicitly in the container registrar so the
addressbook.view ability resolves correctly for sidebar visibility.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove AuditRepositoryFactory and AuditServicesFactory — two-layer
factory chain replaced by direct DI container wiring. Delete 4
single-consumer repository interfaces. Register all 4 repositories
and SystemAuditRedactionService directly in container. Update all
service constructors to type-hint concrete classes. Fix architecture
test and documentation references to deleted factories.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove AddressBookServicesFactory — all 8 dependencies already registered
in DI container individually. Update container registrar to wire directly.
Extract 42-line filter-chip builder from index().php into
AddressBookService::buildCustomFieldChipMeta(). Split 576-line CSS file
into functional layout (76 lines) and decorative banner animation (500
lines) with separate asset registration.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove BookmarkRepositoryFactory, BookmarkServicesFactory, and all 3
repository interfaces — single-consumer abstractions with no
polymorphism. Simplify container registrar to wire directly. Extract
duplicated updateSortOrders() (60 identical lines in two repos) into
SortOrderTrait. Consolidate icon labels from template into
BookmarkService::allowedGroupIconLabels() single source of truth.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove NotificationRepositoryFactory, NotificationServicesFactory, and
NotificationRepositoryInterface — all single-consumer abstractions with
no polymorphism benefit. Simplify container registrar to wire services
directly. Extract shared listener logic (sanitizeTenantIds,
resolveDisplayName, resolveUuid) into NotificationListenerTrait,
eliminating duplication across 4 listeners.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Fix 5 broken FQCN references (runtime errors) where core pages referenced
non-existent MintyPHP\Service\Audit\AuditMetadataEnricher and SystemAuditService.
Add AuditMetadataEnricherInterface with NullAuditMetadataEnricher fallback so
deactivating the audit module no longer crashes core edit pages.
Move audit search resources from core Search*Provider files into the module
via a new AuditSearchResourceProvider implementing the existing
SearchResourceProvider contract. Add module-specific purge permissions
(audit.api.purge, audit.imports.purge) replacing core ABILITY_ADMIN_SETTINGS_UPDATE.
Also fixes: session key prefix convention, hardcoded English string, $_SERVER
superglobal fallback, and manifest schema drift (i18n_path, group in ui_slots).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The import wizard forms had data-standard-detail-form which activated the
unsaved-changes tracker. Selecting a file marked the form dirty, and since
the action policy was not enabled on this page, the beforeunload handler
could not be suppressed during submit — causing a spurious browser dialog.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Routes in nav items, redirects, breadcrumbs, and JS data URLs all pointed
to the old admin/ prefix from before the module was restructured. Also
corrects use-statements still referencing core Domain\Taxonomy namespace
instead of Module\Audit\Domain.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Module JS files were using relative imports (../core/) which resolved
incorrectly when served from modules/audit/js/pages/ instead of the
original web/js/pages/. Changed to absolute paths (/js/core/, /js/pages/)
so they correctly resolve to the core JS utilities.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Module-contributed sidebar.admin_nav_item slots are now rendered as
complete <details><summary> nav groups appended to the admin panel,
matching the same pattern as core groups (Organization, Roles, etc.).
Fixes undefined $moduleNavItemSlots by reading layoutNav early.
Merges mail log into the module-contributed Audit & logs group when
both exist.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The sidebar template now reads sidebar.admin_nav_item UI slots from
modules and merges them into the matching admin nav group (by group
key). Module permissions are resolved via layoutAuth which already
includes module UI abilities from ModuleRegistry::getModuleUiAbilities().
This restores audit nav items (API audit, System audit, Import logs,
User lifecycle logs) in the Logs group when the audit module is active.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Module pages must use a unique top-level directory (audit/) instead of
nesting under admin/ which collides with core's pages/admin/ during
module:build symlink creation. Routes still map admin/* URLs to the
audit/ page directory via manifest route targets.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
NotificationsAuthorizationPolicy was never registered in the container,
so ModuleClassResolver could not instantiate it (requires PermissionService).
This silently prevented the notifications.view permission from being granted,
hiding the bell icon in the topbar.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove subset/duplicate architecture tests already covered by broader
checks, and replace assertTrue(true) with self::addToAssertionCount(1)
for explicit no-exception-thrown intent.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace the single "SSO" tab in tenant edit with two dedicated tabs:
"Microsoft SSO" and "LDAP". Each provider now has its own tab panel
with focused status tiles and config cards, reducing scroll and
cognitive load for admins configuring a single provider.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Hide LDAP connection, search/bind, and attribute mapping cards until
the "Enable LDAP login" toggle is activated — same UX pattern as the
Microsoft SSO section using data-tenant-ldap-* attributes and a
mirrored JS toggle component.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add LDAP as a third authentication option alongside local password and
Microsoft Entra ID SSO. Per-tenant configuration supports Active Directory,
OpenLDAP, and FreeIPA with configurable attribute mapping, search-then-bind
and direct-bind methods, encrypted bind credentials (AES-256-GCM),
profile sync on login, and user auto-provisioning via external identity
linking.
Includes admin UI for connection settings with test-connection button,
login page LDAP form, 25 new PHPUnit tests, and de/en translations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Refine bookmark create/edit and group create/edit dialogs to enterprise
quality: distinct titles per mode (Add bookmark vs Edit bookmark), URL
preview when creating, inline field validation with aria-invalid instead
of toast-only errors, loading spinner on submit, compact inline
new-group link, human-readable icon picker aria-labels, and aria-pressed
on selected icons.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add default minWidth (100px) to all grid columns via normalizeGridColumns
to prevent header truncation when data entries are short
- Fix inconsistent th heights by setting .gridjs-th-content line-height
to 24px (matching the sort button height) so sortable and non-sortable
columns render at uniform height
- Remove dead button.gridjs-sort height:15px rule (was overridden by 24px)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Custom-built error handler for the web channel that shows a tabbed debug
dashboard (exception, request context, environment, SQL queries) in dev mode
and a clean branded error page with copyable request ID in prod mode.
All errors are logged as JSON lines to storage/logs/errors/ for lookup by
request ID. Uses the project's design tokens for visual consistency.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Phase A — Gate Reliability:
- Fix typography token violations in app-breadcrumb.css
- Switch QG-006 from composer cs:check to direct php-cs-fixer
- Align all docs/skills with new gate command
Phase B — Production Profile:
- Multi-stage Dockerfile: dev (xdebug) / prod (no xdebug)
- Compose files target explicit build stages
Phase C — Module Runtime Hardening:
- Atomic staging+swap build in ModuleRuntimePageBuilder
- SHA-256 fingerprint from manifest content + page entries
- 11 new regression tests for build safety and fingerprint drift
Task: STARTERKIT-HARDENING-ONPREM-001
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove the dedicated "Edit"/"Open" action button column from all list
pages. Instead, wrap the primary data column (name, description, subject,
etc.) in a clickable <a> link via the new rowInteraction.linkColumn option.
Double-click, Enter-key, and click-to-focus row navigation preserved.
Pages with explicit actions config are unaffected. Address-book opts out
of auto-wrapping (linkColumn: false) and renders the link in its own
formatter to avoid nested <a> with avatar lightbox.
Also fixes pre-existing XSS in insertActionColumn (unescaped href/label)
and updates typography test for --text-page-title token change.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>