Commit Graph

227 Commits

Author SHA1 Message Date
fs
a0d7670dd7 feat(helpdesk): align module with core list/drawer standards
- add helpdesk module pages, services, settings and tests

- standardize debtor list on drawer/grid contracts and robust filter drawer behavior

- add helpdesk aside panel navigation and settings visibility provider

- switch primary list slug to helpdesk/debitor and remove helpdesk/search compatibility

- include required core contract updates for list contracts and detail/drawer integration
2026-04-02 17:48:27 +02:00
fs
5d07236758 feat(search): refresh global search UI and align qa/docs updates 2026-04-02 10:49:35 +02:00
fs
5699bc6c5b refactor(config): remove runtime config files and centralize route/bootstrap 2026-04-01 20:27:42 +02:00
fs
dba589b495 chore(agents): implement v2 hardening and enforcement-ready QA 2026-04-01 19:41:56 +02:00
fs
7121732fcf refactor(cli)!: hard-cut legacy scripts and standardize console runtime
- remove legacy bin/module-*.php and bin/doctor.php entry scripts

- move module/doctor execution into class-based runners under lib/Console

- add stable JSON output for doctor and module:sync

- introduce bin/dev for init/up/down/logs/console/qa workflow

- update DI wiring, phpstan scan config, tests, and docs to new CLI contract
2026-04-01 17:14:20 +02:00
fs
0bf7f62fd8 chore: move php-cs-fixer config into tools
- relocate .php-cs-fixer.dist.php to tools/php-cs-fixer/.php-cs-fixer.dist.php

- update composer scripts, docs, quality gates, and style skill references

- keep finder scope stable via project-root resolution

- fix pre-existing unused imports reported by php-cs-fixer
2026-04-01 16:38:58 +02:00
fs
83b65812d0 little refactore 2026-04-01 16:31:59 +02:00
fs
e97d1ddd31 chore: gitignore module asset symlinks (runtime-generated)
web/modules/* symlinks point to absolute Docker container paths
(/var/www/modules/*/web) and are regenerated by module:assets-sync.
They should not be tracked — they break on fresh clones and are
machine-specific.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 15:11:57 +01:00
fs
883e8ec408 chore: track api-docs and help-center module asset symlinks
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 15:10:05 +01:00
fs
a4eb1c6967 refactor(ui): polish admin sidebar nav groups and audit labels
Use short i18n keys for audit nav labels (nav.audit.*) with translations
in both language files. Restyle admin sidebar group icons with colored
pill backgrounds per group. Adjust details summary line-height and
active-state border color to use group icon color.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 15:09:55 +01:00
fs
5b2ea6bf27 refactor(addressbook): move from aside icon-bar to explorer nav link
Introduce generic explorer.nav_item slot type in app-main-aside.phtml
so modules can contribute links to the explorer nav panel.

Switch addressbook module from aside.tab_panel to explorer.nav_item.
Remove aside department-filter panel, AddressBookLayoutProvider, and
AddressBookSessionProvider (only served the now-removed aside panel).

Fix grid Name column overflow into Email column: CSS selector
.grid-name-cell > span:last-child never matched the <a> name link;
changed to :last-child and scoped flex-shrink:0 to :first-child only.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 15:06:15 +01:00
fs
376cf67c31 fix(help-center): resolve API docs visibility via layout provider
The api_docs.view ability was missing from layoutAuth after removing
the sidebar.admin_nav_item slot from the api-docs module. Add a
HelpCenterLayoutProvider that checks the ability via AuthorizationService
and provides the result in layout nav context (help-center.nav). Panel
template now reads can_view_api_docs from the provider instead of
layoutAuth.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 14:41:17 +01:00
fs
0bb8702019 fix(help-center): persist details open/closed state via localStorage
Add details_storage and details_open_active to the aside.tab_panel
slot declaration, matching the admin panel pattern. Section disclosure
state is now saved and restored across page loads.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 14:34:43 +01:00
fs
31e32941e0 refactor(api-docs): remove admin sidebar nav item
API docs is now accessible exclusively through the help-center panel.
Remove the sidebar.admin_nav_item slot from the api-docs module
manifest — no longer needed in the admin-automation group.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 14:32:55 +01:00
fs
b871dacde2 refactor(ui): move Documentation and System Info from admin to help panel
Remove Documentation and System Info nav items from the admin sidebar
System group — they now live in the help-center panel. The admin
System group retains only Settings. Removes unused $canViewSystemInfo
variable from the sidebar template.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 14:30:48 +01:00
fs
304924368b fix(help-center): replace inline content with standard navigation panel
Rewrite help panel to use the same grouped navigation pattern as the
admin aside panel (details/summary with nav links). Remove inline
keyboard shortcuts table and about section. Panel now shows
permission-gated navigation groups: Documentation (docs viewer, API
docs) and System (system info). Remove custom CSS — panel inherits
existing app-sidebar-admin-nav styling.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 14:25:01 +01:00
fs
d068efa65c feat(help-center): add help panel to sidebar icon bar
New help-center module adds a question-mark icon to the sidebar with
an aside panel containing three sections: Documentation (permission-
gated links to docs viewer and API docs), Keyboard Shortcuts (inline
reference from HotkeyService with Mac/Win variants), and About
(application info). Visible to all logged-in users — individual
resource links respect existing permissions.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 14:19:08 +01:00
fs
02a7d2fe90 feat(api-docs): extract API docs viewer into standalone module
Move the Swagger UI viewer from core (pages/admin/api-docs/) into
modules/api-docs/ as a self-contained module. Create module manifest
with routes, permission, sidebar.admin_nav_item slot, asset group,
and authorization policy. Remove API docs ability from core
OperationsAuthorizationPolicy and UiCapabilityMap. Remove hardcoded
sidebar nav item — now contributed via module slot. Add
admin-automation group meta to sidebar template for module nav items.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 14:02:42 +01:00
fs
5c86c56dec docs: add module creation tutorial and improve make:module guidance
Add howto-modul-erstellen.md covering the full module creation workflow:
scaffold, manifest, container registration, first page, sync, validate,
and test. Includes 9 extension point examples, merge checklist, and
troubleshooting table. Documents the AuthorizationPolicy container
registration requirement (policies with constructor params must be
explicitly registered). Update make:module command output to reference
the tutorial, manifest contract, and notifications as reference module.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 13:14:16 +01:00
fs
c0843b1fca refactor(audit): extract shared page helpers for purge and view actions
Create AuditPageHelper with requirePurgePost() and findOrRedirect()
to eliminate duplicated POST/CSRF guard boilerplate across 4 purge
pages and find-or-redirect boilerplate across 4 view pages. Each page
retains its stream-specific logic (system-audit event recording,
user-lifecycle snapshot/restore).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 12:57:54 +01:00
fs
77badcde67 fix(addressbook): register authorization policy in DI container
AddressBookAuthorizationPolicy requires PermissionService in its
constructor, so ModuleClassResolver cannot auto-instantiate it.
Register it explicitly in the container registrar so the
addressbook.view ability resolves correctly for sidebar visibility.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 12:47:24 +01:00
fs
570e3923b7 refactor(audit): remove factory chain and repository interfaces
Remove AuditRepositoryFactory and AuditServicesFactory — two-layer
factory chain replaced by direct DI container wiring. Delete 4
single-consumer repository interfaces. Register all 4 repositories
and SystemAuditRedactionService directly in container. Update all
service constructors to type-hint concrete classes. Fix architecture
test and documentation references to deleted factories.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 12:33:59 +01:00
fs
4bf871b640 refactor(addressbook): remove factory, extract filter-chip builder, split CSS
Remove AddressBookServicesFactory — all 8 dependencies already registered
in DI container individually. Update container registrar to wire directly.
Extract 42-line filter-chip builder from index().php into
AddressBookService::buildCustomFieldChipMeta(). Split 576-line CSS file
into functional layout (76 lines) and decorative banner animation (500
lines) with separate asset registration.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 12:24:06 +01:00
fs
8f6c9951c1 refactor(bookmarks): remove factory chain, interfaces, and duplicated sort logic
Remove BookmarkRepositoryFactory, BookmarkServicesFactory, and all 3
repository interfaces — single-consumer abstractions with no
polymorphism. Simplify container registrar to wire directly. Extract
duplicated updateSortOrders() (60 identical lines in two repos) into
SortOrderTrait. Consolidate icon labels from template into
BookmarkService::allowedGroupIconLabels() single source of truth.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 12:10:05 +01:00
fs
e746a2e874 refactor(notifications): remove factory indirection, interface, and listener duplication
Remove NotificationRepositoryFactory, NotificationServicesFactory, and
NotificationRepositoryInterface — all single-consumer abstractions with
no polymorphism benefit. Simplify container registrar to wire services
directly. Extract shared listener logic (sanitizeTenantIds,
resolveDisplayName, resolveUuid) into NotificationListenerTrait,
eliminating duplication across 4 listeners.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 12:01:11 +01:00
fs
6ea3c2b88c feat(ui): standardize dialog widths with tiered size system (sm/md/lg)
Add three reusable size tier classes (app-dialog-sm, app-dialog-md,
app-dialog-lg) to base dialog CSS, replacing per-variant max-width
rules. Each tier uses width: min(Xrem, calc(100vw - 2rem)) for
consistent fixed widths with responsive mobile fallback.

- Confirm dialog + session warning: app-dialog-sm (24rem)
- Bookmark + bookmark group dialog: app-dialog-md (32rem)
- Remove max-width from app-confirm-dialog.css and app-bookmark-form.css

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 10:48:12 +01:00
fs
7a222f0b1f fix(audit): harden module isolation and fix post-extraction drift
Fix 5 broken FQCN references (runtime errors) where core pages referenced
non-existent MintyPHP\Service\Audit\AuditMetadataEnricher and SystemAuditService.
Add AuditMetadataEnricherInterface with NullAuditMetadataEnricher fallback so
deactivating the audit module no longer crashes core edit pages.

Move audit search resources from core Search*Provider files into the module
via a new AuditSearchResourceProvider implementing the existing
SearchResourceProvider contract. Add module-specific purge permissions
(audit.api.purge, audit.imports.purge) replacing core ABILITY_ADMIN_SETTINGS_UPDATE.

Also fixes: session key prefix convention, hardcoded English string, $_SERVER
superglobal fallback, and manifest schema drift (i18n_path, group in ui_slots).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 10:03:27 +01:00
fs
1acb4d1934 fix: unwanted overflow due to whitespace 2026-03-26 09:16:20 +01:00
fs
92e0a9f4e9 fix(imports): remove dirty-tracking from wizard forms to prevent false leave-site prompt
The import wizard forms had data-standard-detail-form which activated the
unsaved-changes tracker. Selecting a file marked the form dirty, and since
the action policy was not enabled on this page, the beforeunload handler
could not be suppressed during submit — causing a spurious browser dialog.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 09:14:38 +01:00
fs
292865b0f7 fix(audit): update routes from admin/ to audit/ and fix module namespaces
Routes in nav items, redirects, breadcrumbs, and JS data URLs all pointed
to the old admin/ prefix from before the module was restructured. Also
corrects use-statements still referencing core Domain\Taxonomy namespace
instead of Module\Audit\Domain.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 09:14:25 +01:00
fs
a93788acf1 fix(audit): use absolute import paths in module JS files
Module JS files were using relative imports (../core/) which resolved
incorrectly when served from modules/audit/js/pages/ instead of the
original web/js/pages/. Changed to absolute paths (/js/core/, /js/pages/)
so they correctly resolve to the core JS utilities.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 08:26:29 +01:00
fs
cd4055894d fix(sidebar): render audit module nav group as details/summary section
Module-contributed sidebar.admin_nav_item slots are now rendered as
complete <details><summary> nav groups appended to the admin panel,
matching the same pattern as core groups (Organization, Roles, etc.).

Fixes undefined $moduleNavItemSlots by reading layoutNav early.
Merges mail log into the module-contributed Audit & logs group when
both exist.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 08:22:04 +01:00
fs
83d91789c1 feat(sidebar): render module-contributed admin nav items via sidebar.admin_nav_item slot
The sidebar template now reads sidebar.admin_nav_item UI slots from
modules and merges them into the matching admin nav group (by group
key). Module permissions are resolved via layoutAuth which already
includes module UI abilities from ModuleRegistry::getModuleUiAbilities().

This restores audit nav items (API audit, System audit, Import logs,
User lifecycle logs) in the Logs group when the audit module is active.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 08:16:58 +01:00
fs
e10b1215da fix(audit): restructure module pages to avoid admin/ path collision
Module pages must use a unique top-level directory (audit/) instead of
nesting under admin/ which collides with core's pages/admin/ during
module:build symlink creation. Routes still map admin/* URLs to the
audit/ page directory via manifest route targets.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-26 08:13:37 +01:00
fs
0c351f6aff refactor(audit): extract audit domain into self-contained module
Move the entire audit subsystem (system audit, API audit, import audit,
user lifecycle audit, frontend telemetry) from core into modules/audit/.

Core decoupling via interface-based injection:
- AuditRecorderInterface replaces SystemAuditService in 10+ core services
- UserLifecycleAuditInterface / ImportAuditInterface for specialized flows
- NullAuditRecorder fallback when audit module is disabled
- ApiBootstrap/ApiResponse use null-safe callable resolvers

Module structure (modules/audit/):
- Manifest with routes, permissions, scheduler jobs, authorization policy
- 9 services, 8 repositories, 6 domain enums, 4 job handlers
- 33 page files, 4 JS files, 8 test files, migration scripts, i18n

Core cleanup:
- OperationsAuthorizationPolicy, UiCapabilityMap, PermissionService
  surgically cleaned of audit-specific constants
- Sidebar template cleared of hardcoded audit navigation
- AuditModuleIsolationContractTest ensures no future core→module coupling

All quality gates pass: 1346 tests (19,276 assertions), PHPStan level 5
clean, architecture contracts verified.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 21:12:49 +01:00
fs
12a837bda9 fix(notifications): register authorization policy in DI container
NotificationsAuthorizationPolicy was never registered in the container,
so ModuleClassResolver could not instantiate it (requires PermissionService).
This silently prevented the notifications.view permission from being granted,
hiding the bell icon in the topbar.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 19:39:02 +01:00
fs
3614421eda fix(docs): resolve documentation drift and add missing content
- Fix fictional SettingGateway/SettingService references with actual
  multi-gateway pattern (AdminSettingsService + domain-specific gateways)
- Replace non-existent gridQueryLimitOffset()/gridQueryOrderDir() with
  actual gridParseFiltersFromSchemaFile()
- Normalize bin/doctor.php references to canonical bin/console doctor
- Add i18n_path contract to module manifest docs
- Document module:validate and make:module CLI commands
- Add APP_VENDOR_PHP_ISSUES_MODE env var to config reference
- Remove invalid label field from notifications module permissions
  (violates manifest schema additionalProperties: false)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 19:15:53 +01:00
fs
a102bfb4bf fix: checkbox styling 2026-03-25 19:05:17 +01:00
fs
c609753570 refactor(tests): remove redundant tests and fix assertion style
Remove subset/duplicate architecture tests already covered by broader
checks, and replace assertTrue(true) with self::addToAssertionCount(1)
for explicit no-exception-thrown intent.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 18:46:49 +01:00
fs
cb5f7037b2 Harden module runtime: audited listener failures and DI-first resolver 2026-03-25 10:02:03 +01:00
fs
a721ec0043 refactor(admin): split SSO tab into separate Microsoft SSO and LDAP tabs
Replace the single "SSO" tab in tenant edit with two dedicated tabs:
"Microsoft SSO" and "LDAP". Each provider now has its own tab panel
with focused status tiles and config cards, reducing scroll and
cognitive load for admins configuring a single provider.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 07:48:13 +01:00
fs
6be97205f3 feat(admin): progressive disclosure for LDAP config in tenant edit
Hide LDAP connection, search/bind, and attribute mapping cards until
the "Enable LDAP login" toggle is activated — same UX pattern as the
Microsoft SSO section using data-tenant-ldap-* attributes and a
mirrored JS toggle component.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 07:43:57 +01:00
fs
80f48f4aba fix: option to supress vendor deprecation 2026-03-25 07:39:08 +01:00
fs
d1eeac6692 feat: add LDAP authentication as per-tenant login method
Add LDAP as a third authentication option alongside local password and
Microsoft Entra ID SSO. Per-tenant configuration supports Active Directory,
OpenLDAP, and FreeIPA with configurable attribute mapping, search-then-bind
and direct-bind methods, encrypted bind credentials (AES-256-GCM),
profile sync on login, and user auto-provisioning via external identity
linking.

Includes admin UI for connection settings with test-connection button,
login page LDAP form, 25 new PHPUnit tests, and de/en translations.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-25 07:26:04 +01:00
fs
a0d816caaa fix(error): harden logging, i18n, a11y and handler tests 2026-03-24 22:00:14 +01:00
fs
44a357dfc4 feat: improve bookmark dialog UX with distinct modes, inline validation, and accessibility
Refine bookmark create/edit and group create/edit dialogs to enterprise
quality: distinct titles per mode (Add bookmark vs Edit bookmark), URL
preview when creating, inline field validation with aria-invalid instead
of toast-only errors, loading spinner on submit, compact inline
new-group link, human-readable icon picker aria-labels, and aria-pressed
on selected icons.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 21:53:57 +01:00
fs
211149b3f6 fix: improve Grid.js table header alignment and column min-width
- Add default minWidth (100px) to all grid columns via normalizeGridColumns
  to prevent header truncation when data entries are short
- Fix inconsistent th heights by setting .gridjs-th-content line-height
  to 24px (matching the sort button height) so sortable and non-sortable
  columns render at uniform height
- Remove dead button.gridjs-sort height:15px rule (was overridden by 24px)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 21:23:39 +01:00
fs
ad9101df8e feat: add developer error page with request ID tracking and structured logging
Custom-built error handler for the web channel that shows a tabbed debug
dashboard (exception, request context, environment, SQL queries) in dev mode
and a clean branded error page with copyable request ID in prod mode.
All errors are logged as JSON lines to storage/logs/errors/ for lookup by
request ID. Uses the project's design tokens for visual consistency.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 20:49:22 +01:00
fs
c34e62d729 harden: restore gate baseline, split dev/prod PHP profile, atomic module runtime build
Phase A — Gate Reliability:
- Fix typography token violations in app-breadcrumb.css
- Switch QG-006 from composer cs:check to direct php-cs-fixer
- Align all docs/skills with new gate command

Phase B — Production Profile:
- Multi-stage Dockerfile: dev (xdebug) / prod (no xdebug)
- Compose files target explicit build stages

Phase C — Module Runtime Hardening:
- Atomic staging+swap build in ModuleRuntimePageBuilder
- SHA-256 fingerprint from manifest content + page entries
- 11 new regression tests for build safety and fingerprint drift

Task: STARTERKIT-HARDENING-ONPREM-001

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 20:13:16 +01:00
fs
1c5648c727 fix: replace grid action column with link-column on primary data cell
Remove the dedicated "Edit"/"Open" action button column from all list
pages. Instead, wrap the primary data column (name, description, subject,
etc.) in a clickable <a> link via the new rowInteraction.linkColumn option.

Double-click, Enter-key, and click-to-focus row navigation preserved.
Pages with explicit actions config are unaffected. Address-book opts out
of auto-wrapping (linkColumn: false) and renders the link in its own
formatter to avoid nested <a> with avatar lightbox.

Also fixes pre-existing XSS in insertActionColumn (unescaped href/label)
and updates typography test for --text-page-title token change.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-24 19:43:03 +01:00