Splits the 755-line monolithic settings page into a tile-based landing hub and six focused subpages (general, security, email, api, sso, branding), each with its own form, CSRF scope and POST handler. Each subpage offers Save / Save & close buttons plus a Cancel/back link to the hub. Backend (AdminSettingsService, gateways, policies, DB schema) unchanged. A new settingsSectionMergePost() helper overlays section POSTs onto the current DB values so partial saves don't wipe unrelated fields (the service defaults missing keys to 0/empty). Sub-action files (logo/favicon/tokens/lifecycle) redirect to the matching subpage, and architecture contracts now check the subpage files instead of the removed monolithic index. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
45 lines
1.5 KiB
PHP
45 lines
1.5 KiB
PHP
<?php
|
|
|
|
use MintyPHP\Http\SessionStoreInterface;
|
|
use MintyPHP\Router;
|
|
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
|
|
use MintyPHP\Support\Flash;
|
|
use MintyPHP\Support\Guard;
|
|
|
|
$session = app(SessionStoreInterface::class)->all();
|
|
Guard::requireLogin();
|
|
|
|
$currentUserId = (int) ($session['user']['id'] ?? 0);
|
|
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
|
|
$decision = $authorizationService->authorize(SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_BRANDING_UPDATE, [
|
|
'actor_user_id' => $currentUserId,
|
|
]);
|
|
if (!$decision->isAllowed()) {
|
|
Guard::deny();
|
|
}
|
|
|
|
if (!actionRequirePost('admin/settings/branding')) {
|
|
return;
|
|
}
|
|
|
|
if (!actionRequireCsrf('admin/settings/branding', 'admin/settings/branding', 'favicon_upload')) {
|
|
return;
|
|
}
|
|
|
|
$errorBag = formErrors();
|
|
$faviconService = app(\MintyPHP\Service\Branding\BrandingFaviconService::class);
|
|
$result = $faviconService->saveUpload(requestInput()->filesAll()['favicon'] ?? []);
|
|
if (!($result['ok'] ?? false)) {
|
|
$error = $result['error'] ?? t('Upload failed');
|
|
$errorBag->addGlobal((string) $error);
|
|
flashFormErrors($errorBag, 'admin/settings/branding', 'favicon_upload');
|
|
Router::redirect('admin/settings/branding');
|
|
return;
|
|
}
|
|
|
|
$redirectTarget = ((string) requestInput()->body('action', 'save') === 'save_close')
|
|
? 'admin/settings'
|
|
: 'admin/settings/branding';
|
|
Flash::success('Favicon updated', $redirectTarget, 'favicon_updated');
|
|
Router::redirect($redirectTarget);
|