1
0

page update

This commit is contained in:
2026-03-12 14:09:06 +01:00
parent 17a72af5f2
commit 0b9014dcbf
17 changed files with 634 additions and 196 deletions

View File

@@ -10,6 +10,7 @@ return [
['path' => 'password/reset', 'target' => 'auth/reset', 'public' => true],
['path' => 'verify-email', 'target' => 'auth/verify-email', 'public' => true],
['path' => 'lang', 'target' => 'lang', 'public' => true],
['path' => 'imprint', 'target' => 'page/imprint', 'public' => true],
['path' => 'privacy', 'target' => 'page/privacy', 'public' => true],
['path' => 'imprint', 'target' => 'public-page/imprint', 'public' => true],
['path' => 'privacy', 'target' => 'public-page/privacy', 'public' => true],
['path' => 'terms', 'target' => 'public-page/terms', 'public' => true],
];

View File

@@ -875,8 +875,61 @@ WHERE u.email = 'demo@user.com'
);
INSERT INTO `pages` (`uuid`, `slug`, `created`)
SELECT UUID(), 'impressum', NOW()
WHERE NOT EXISTS (SELECT 1 FROM pages WHERE slug = 'impressum');
SELECT UUID(), v.slug, NOW()
FROM (
SELECT 'imprint' AS slug
UNION ALL SELECT 'privacy'
UNION ALL SELECT 'terms'
) AS v
WHERE NOT EXISTS (SELECT 1 FROM pages p WHERE p.slug = v.slug);
INSERT INTO `page_contents` (`page_id`, `locale`, `content`, `created`)
SELECT p.id, 'de', '{"blocks":[{"type":"header","data":{"text":"Impressum","level":2}},{"type":"paragraph","data":{"text":"Diese Seite ist eine Vorlage. Bitte tragen Sie hier die Pflichtangaben Ihres Unternehmens ein."}},{"type":"paragraph","data":{"text":"Angaben gemaess Paragraph 5 TMG: Firmenname, Rechtsform, vertretungsberechtigte Person, Anschrift, Kontakt und Registerangaben."}},{"type":"paragraph","data":{"text":"Inhaltlich verantwortlich: Name und Anschrift."}}]}', p.created
FROM pages p
WHERE p.slug = 'imprint'
AND NOT EXISTS (
SELECT 1 FROM page_contents pc WHERE pc.page_id = p.id AND pc.locale = 'de'
);
INSERT INTO `page_contents` (`page_id`, `locale`, `content`, `created`)
SELECT p.id, 'en', '{"blocks":[{"type":"header","data":{"text":"Imprint","level":2}},{"type":"paragraph","data":{"text":"This page is a template. Please add your mandatory company details here."}},{"type":"paragraph","data":{"text":"Provide legal publisher information, address, contact channels, company register data and authorized representatives."}},{"type":"paragraph","data":{"text":"Responsible for content: name and address."}}]}', p.created
FROM pages p
WHERE p.slug = 'imprint'
AND NOT EXISTS (
SELECT 1 FROM page_contents pc WHERE pc.page_id = p.id AND pc.locale = 'en'
);
INSERT INTO `page_contents` (`page_id`, `locale`, `content`, `created`)
SELECT p.id, 'de', '{"blocks":[{"type":"header","data":{"text":"Datenschutz","level":2}},{"type":"paragraph","data":{"text":"Diese Seite ist eine Vorlage. Beschreiben Sie hier transparent, welche personenbezogenen Daten verarbeitet werden."}},{"type":"paragraph","data":{"text":"Nennen Sie Rechtsgrundlagen, Speicherdauer, Empfaenger, Betroffenenrechte und Kontakt der Datenschutzstelle."}},{"type":"paragraph","data":{"text":"Pruefen Sie die Inhalte regelmaessig mit Ihrem Datenschutzbeauftragten."}}]}', p.created
FROM pages p
WHERE p.slug = 'privacy'
AND NOT EXISTS (
SELECT 1 FROM page_contents pc WHERE pc.page_id = p.id AND pc.locale = 'de'
);
INSERT INTO `page_contents` (`page_id`, `locale`, `content`, `created`)
SELECT p.id, 'en', '{"blocks":[{"type":"header","data":{"text":"Privacy","level":2}},{"type":"paragraph","data":{"text":"This page is a template. Explain which personal data is processed and for what purpose."}},{"type":"paragraph","data":{"text":"Document legal bases, retention periods, recipients, data subject rights and your privacy contact point."}},{"type":"paragraph","data":{"text":"Review this content regularly with your legal or privacy team."}}]}', p.created
FROM pages p
WHERE p.slug = 'privacy'
AND NOT EXISTS (
SELECT 1 FROM page_contents pc WHERE pc.page_id = p.id AND pc.locale = 'en'
);
INSERT INTO `page_contents` (`page_id`, `locale`, `content`, `created`)
SELECT p.id, 'de', '{"blocks":[{"type":"header","data":{"text":"Nutzungsbedingungen","level":2}},{"type":"paragraph","data":{"text":"Diese Seite ist eine Vorlage. Beschreiben Sie hier Zweck, Leistungsumfang und zulaessige Nutzung Ihres Angebots."}},{"type":"paragraph","data":{"text":"Ergaenzen Sie Regelungen zu Haftung, Laufzeit, Kuendigung, Gerichtsstand und anwendbarem Recht."}},{"type":"paragraph","data":{"text":"Lassen Sie die Inhalte vor Veroeffentlichung rechtlich pruefen."}}]}', p.created
FROM pages p
WHERE p.slug = 'terms'
AND NOT EXISTS (
SELECT 1 FROM page_contents pc WHERE pc.page_id = p.id AND pc.locale = 'de'
);
INSERT INTO `page_contents` (`page_id`, `locale`, `content`, `created`)
SELECT p.id, 'en', '{"blocks":[{"type":"header","data":{"text":"Terms of Service","level":2}},{"type":"paragraph","data":{"text":"This page is a template. Describe the service scope, intended use and user obligations."}},{"type":"paragraph","data":{"text":"Add clauses for liability, term, termination, governing law and jurisdiction."}},{"type":"paragraph","data":{"text":"Have this content reviewed by legal counsel before publishing."}}]}', p.created
FROM pages p
WHERE p.slug = 'terms'
AND NOT EXISTS (
SELECT 1 FROM page_contents pc WHERE pc.page_id = p.id AND pc.locale = 'en'
);
INSERT INTO `page_contents` (`page_id`, `locale`, `content`, `created`)
SELECT p.id, 'de', NULL, p.created

View File

@@ -752,6 +752,7 @@
"Unverified": "Nicht verifiziert",
"Imprint": "Impressum",
"Privacy": "Datenschutz",
"Terms of Service": "Nutzungsbedingungen",
"Custom fields": "Zusatzfelder",
"User custom fields": "Benutzerzusatzfelder",
"Affected tenants": "Betroffene Mandanten",
@@ -1271,5 +1272,17 @@
"Force on": "Erzwingen (an)",
"Force off": "Erzwingen (aus)",
"Controls whether Microsoft logins automatically persist a remember-me token.": "Steuert, ob Microsoft-Anmeldungen automatisch ein Angemeldet-bleiben-Token setzen.",
"Complete": "Vollständig",
"Incomplete": "Unvollständig",
"No domain restrictions": "Keine Domain-Einschränkungen",
"Configuration status": "Konfigurationsstatus",
"SSO setup is incomplete": "SSO-Konfiguration ist unvollständig",
"Complete the required Microsoft configuration before enforcing Microsoft-only login.": "Vervollständigen Sie die erforderliche Microsoft-Konfiguration, bevor Sie Microsoft-only-Anmeldung erzwingen.",
"Login policy": "Anmelderichtlinie",
"Allow Microsoft-only login (disable local password login)": "Nur Microsoft-Anmeldung erlauben (lokale Passwort-Anmeldung deaktivieren)",
"Remember login after Microsoft sign-in": "Angemeldet bleiben nach Microsoft-Login",
"Access and profile sync": "Zugriff und Profilabgleich",
"Profile sync": "Profilabgleich",
"App credentials (advanced)": "App-Anmeldedaten (Erweitert)",
"Remember token lifetime is invalid": "Token-Lebensdauer ist ungültig"
}

View File

@@ -752,6 +752,7 @@
"Unverified": "Unverified",
"Imprint": "Imprint",
"Privacy": "Privacy",
"Terms of Service": "Terms of Service",
"Custom fields": "Custom fields",
"User custom fields": "User custom fields",
"Affected tenants": "Affected tenants",
@@ -1271,5 +1272,17 @@
"Force on": "Force on",
"Force off": "Force off",
"Controls whether Microsoft logins automatically persist a remember-me token.": "Controls whether Microsoft logins automatically persist a remember-me token.",
"Complete": "Complete",
"Incomplete": "Incomplete",
"No domain restrictions": "No domain restrictions",
"Configuration status": "Configuration status",
"SSO setup is incomplete": "SSO setup is incomplete",
"Complete the required Microsoft configuration before enforcing Microsoft-only login.": "Complete the required Microsoft configuration before enforcing Microsoft-only login.",
"Login policy": "Login policy",
"Allow Microsoft-only login (disable local password login)": "Allow Microsoft-only login (disable local password login)",
"Remember login after Microsoft sign-in": "Remember login after Microsoft sign-in",
"Access and profile sync": "Access and profile sync",
"Profile sync": "Profile sync",
"App credentials (advanced)": "App credentials (advanced)",
"Remember token lifetime is invalid": "Remember token lifetime is invalid"
}

View File

@@ -43,14 +43,6 @@ class AccessControl
return true;
}
// Check page/ prefix with slug lookup
if (str_starts_with($normalizedPath, 'page/')) {
$pageSlug = substr($normalizedPath, strlen('page/'));
if (in_array($pageSlug, $this->configuredPublicPaths, true)) {
return true;
}
}
// Check always-public prefixes
foreach (self::ALWAYS_PUBLIC_PREFIXES as $prefix) {
if (str_starts_with($normalizedPath, $prefix)) {

View File

@@ -430,7 +430,7 @@ function navActivePublicPages(array $extraSlugs = []): array
}
// "page/<slug>" routes and known standalone slugs should highlight the same nav entry.
$publicSlugs = array_merge(['imprint', 'privacy'], $extraSlugs);
$publicSlugs = array_merge(['imprint', 'privacy', 'terms'], $extraSlugs);
$isActive = strpos($current, 'page/') === 0 || in_array($current, $publicSlugs, true);
return [

View File

@@ -104,6 +104,43 @@ $ssoStatusTiles = [
'tone' => $ssoCredentialSource === 'shared' ? 'info' : 'neutral',
],
];
$allowedDomainsList = preg_split('/[\s,;]+/', strtolower($allowedDomains), -1, PREG_SPLIT_NO_EMPTY);
$allowedDomainsList = is_array($allowedDomainsList) ? array_values(array_unique($allowedDomainsList)) : [];
$allowedDomainsCount = count($allowedDomainsList);
$syncFieldCount = count($syncProfileFields);
$ssoSetupBadgeVariant = $microsoftEnabled ? 'success' : 'neutral';
$ssoSetupBadgeLabel = sprintf(
'%s: %s',
t('Microsoft login'),
$microsoftEnabled ? t('Active') : t('Inactive')
);
$ssoShowConfigBadge = $microsoftEnabled;
$ssoConfigBadgeVariant = $microsoftEnabled ? ($ssoConfigComplete ? 'success' : 'warning') : 'neutral';
$ssoConfigBadgeLabel = sprintf(
'%s: %s',
t('Configuration status'),
$ssoConfigComplete ? t('Complete') : t('Incomplete')
);
$ssoPolicyBadgeVariant = match ($ssoPasswordMode) {
'microsoft_only' => 'warning',
'local_and_microsoft' => 'info',
default => 'neutral',
};
$ssoSyncBadgeVariant = $syncProfileOnLogin ? 'info' : 'neutral';
$ssoSyncBadgeLabel = $syncProfileOnLogin ? t('Active') : t('Inactive');
$ssoDomainsBadgeVariant = $allowedDomainsCount > 0 ? 'info' : 'neutral';
$ssoDomainsBadgeLabel = $allowedDomainsCount > 0
? sprintf('%d %s', $allowedDomainsCount, t('Allowed email domains'))
: t('No domain restrictions');
$ssoCredentialsBadgeVariant = $ssoCredentialSource === 'shared' ? 'info' : 'warning';
$ssoCredentialsBadgeLabel = $ssoCredentialSourceLabel;
$openSetupCard = $detailsOpenAll || !$microsoftEnabled || ($microsoftEnabled && !$ssoConfigComplete);
$openPolicyCard = $detailsOpenAll || ($microsoftEnabled && $microsoftEnforce);
$openAccessCard = $detailsOpenAll || ($microsoftEnabled && ($allowedDomainsCount > 0 || $syncProfileOnLogin));
$openOverrideCard = $detailsOpenAll;
?>
<form id="<?php e($formId); ?>" method="post" data-standard-detail-form="1">
@@ -446,12 +483,28 @@ $ssoStatusTiles = [
?>
<?php endforeach; ?>
</div>
<?php if ($microsoftEnabled && !$ssoConfigComplete && $ssoConfigErrorLabel !== ''): ?>
<small class="muted"><?php e($ssoConfigErrorLabel); ?></small>
<?php if ($microsoftEnabled && !$ssoConfigComplete): ?>
<blockquote data-variant="warning">
<strong><?php e(t('SSO setup is incomplete')); ?></strong><br>
<?php if ($ssoConfigErrorLabel !== ''): ?>
<?php e($ssoConfigErrorLabel); ?>
<?php else: ?>
<?php e(t('Complete the required Microsoft configuration before enforcing Microsoft-only login.')); ?>
<?php endif; ?>
</blockquote>
<?php endif; ?>
<fieldset>
<legend><small><?php e(t('Required Microsoft configuration')); ?></small></legend>
<details class="app-details-card" name="tenant-sso-setup" <?php e($openSetupCard ? 'open' : ''); ?>>
<summary>
<span class="app-details-card-summary-title"><?php e(t('Required Microsoft configuration')); ?></span>
<span class="app-details-card-summary-meta">
<span class="badge" data-variant="<?php e($ssoSetupBadgeVariant); ?>"><?php e($ssoSetupBadgeLabel); ?></span>
<?php if ($ssoShowConfigBadge): ?>
<span class="badge" data-variant="<?php e($ssoConfigBadgeVariant); ?>"><?php e($ssoConfigBadgeLabel); ?></span>
<?php endif; ?>
</span>
</summary>
<div class="app-details-card-container">
<label class="app-field">
<input
type="checkbox"
@@ -464,6 +517,7 @@ $ssoStatusTiles = [
<span><?php e(t('Enable Microsoft login for this tenant')); ?></span>
</label>
<small class="muted"><?php e(t('Required for Microsoft login.')); ?></small>
<div data-tenant-sso-when-enabled>
<hr>
<label>
<span><?php e(t('Entra tenant ID (tid)')); ?></span>
@@ -474,6 +528,18 @@ $ssoStatusTiles = [
placeholder="00000000-0000-0000-0000-000000000000"
<?php e($readonlyAttr); ?>>
</label>
</div>
</div>
</details>
<details class="app-details-card" name="tenant-sso-policy" data-tenant-sso-when-enabled <?php e($openPolicyCard ? 'open' : ''); ?>>
<summary>
<span class="app-details-card-summary-title"><?php e(t('Login policy')); ?></span>
<span class="app-details-card-summary-meta">
<span class="badge" data-variant="<?php e($ssoPolicyBadgeVariant); ?>"><?php e($ssoPasswordModeLabel); ?></span>
</span>
</summary>
<div class="app-details-card-container">
<label class="app-field">
<input
type="checkbox"
@@ -482,24 +548,12 @@ $ssoStatusTiles = [
value="1"
<?php e($microsoftEnforce ? 'checked' : ''); ?>
<?php e($disabledAttr); ?>>
<span><?php e(t('Disable password login for this tenant login')); ?></span>
<span><?php e(t('Allow Microsoft-only login (disable local password login)')); ?></span>
</label>
<small class="muted"><?php e(t('Microsoft-only login requires a complete configuration')); ?></small>
</fieldset>
<fieldset data-tenant-sso-when-enabled>
<legend><small><?php e(t('Optional restrictions')); ?></small></legend>
<label>
<span><?php e(t('Allowed email domains')); ?></span>
<textarea name="allowed_domains" rows="3" placeholder="example.com&#10;partner.com" <?php e($readonlyAttr); ?>><?php e($allowedDomains); ?></textarea>
<small><?php e(t('Optional allow-list, comma or newline separated (example.com).')); ?></small>
</label>
</fieldset>
<fieldset data-tenant-sso-when-enabled>
<legend><small><?php e(t('Login persistence')); ?></small></legend>
<hr>
<label class="app-field">
<span><?php e(t('Microsoft Auto-Remember')); ?></span>
<span><?php e(t('Remember login after Microsoft sign-in')); ?></span>
<select name="microsoft_auto_remember_mode" <?php e($readonlyAttr); ?>>
<option value="inherit" <?php if (($form['auto_remember_mode'] ?? null) === null) echo 'selected'; ?>><?php e(t('Inherit global default')); ?></option>
<option value="1" <?php if (($form['auto_remember_mode'] ?? null) === 1 || ($form['auto_remember_mode'] ?? null) === '1') echo 'selected'; ?>><?php e(t('Force on')); ?></option>
@@ -507,10 +561,31 @@ $ssoStatusTiles = [
</select>
<small class="muted"><?php e(t('Controls whether Microsoft logins automatically persist a remember-me token.')); ?></small>
</label>
</fieldset>
</div>
</details>
<fieldset data-tenant-sso-when-enabled>
<legend><small><?php e(t('Profile sync (optional)')); ?></small></legend>
<details class="app-details-card" name="tenant-sso-access-sync" data-tenant-sso-when-enabled <?php e($openAccessCard ? 'open' : ''); ?>>
<summary>
<span class="app-details-card-summary-title"><?php e(t('Access and profile sync')); ?></span>
<span class="app-details-card-summary-meta">
<span class="badge" data-variant="<?php e($ssoDomainsBadgeVariant); ?>"><?php e($ssoDomainsBadgeLabel); ?></span>
<span class="badge" data-variant="<?php e($ssoSyncBadgeVariant); ?>">
<?php e(t('Profile sync')); ?>: <?php e($ssoSyncBadgeLabel); ?>
</span>
<?php if ($syncProfileOnLogin): ?>
<span class="badge" data-variant="info">
<?php e(t('Sync fields')); ?>: <?php e((string) $syncFieldCount); ?>
</span>
<?php endif; ?>
</span>
</summary>
<div class="app-details-card-container">
<label>
<span><?php e(t('Allowed email domains')); ?></span>
<textarea name="allowed_domains" rows="3" placeholder="example.com&#10;partner.com" <?php e($readonlyAttr); ?>><?php e($allowedDomains); ?></textarea>
<small><?php e(t('Optional allow-list, comma or newline separated (example.com).')); ?></small>
</label>
<hr>
<label class="app-field">
<input
type="checkbox"
@@ -544,12 +619,24 @@ $ssoStatusTiles = [
<small class="muted"><?php e(t('Phone/mobile/avatar sync requires Microsoft Graph (User.Read)')); ?></small>
<?php endif; ?>
</div>
</fieldset>
</div>
</details>
<details data-tenant-sso-override-details data-remember-state="admin-tenant-sso-override">
<summary><?php e(t('Advanced app override')); ?></summary>
<hr>
<label class="app-field" data-tenant-sso-when-enabled>
<details
class="app-details-card"
name="tenant-sso-advanced"
data-tenant-sso-override-details
data-tenant-sso-when-enabled
data-remember-state="admin-tenant-sso-override"
<?php e($openOverrideCard ? 'open' : ''); ?>>
<summary>
<span class="app-details-card-summary-title"><?php e(t('App credentials (advanced)')); ?></span>
<span class="app-details-card-summary-meta">
<span class="badge" data-variant="<?php e($ssoCredentialsBadgeVariant); ?>"><?php e($ssoCredentialsBadgeLabel); ?></span>
</span>
</summary>
<div class="app-details-card-container">
<label class="app-field">
<input type="hidden" name="use_shared_app" value="0">
<input
type="checkbox"
@@ -577,6 +664,7 @@ $ssoStatusTiles = [
<input type="checkbox" name="clear_client_secret_override" value="1" <?php e($disabledAttr); ?>>
<span><?php e(t('Clear override secret')); ?></span>
</label>
</div>
</details>
</div>
<?php endif; ?>

View File

@@ -4,6 +4,8 @@ use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\I18n;
use MintyPHP\Router;
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
use MintyPHP\Service\Access\UiAccessService;
use MintyPHP\Service\Content\PageService;
use MintyPHP\Session;
use MintyPHP\Support\Flash;
@@ -18,8 +20,18 @@ if ($currentUserId <= 0) {
Router::redirect('login');
}
if (!Session::checkCsrfToken()) {
$return = Request::safeReturnTarget((string) (requestInput()->bodyAll()['return'] ?? ''));
$canEdit = app(UiAccessService::class)->allow(
$currentUserId,
SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_UPDATE
);
if (!$canEdit) {
http_response_code(403);
Flash::error(t('You are not allowed to edit this page'), $return, 'page_forbidden');
Router::redirect($return !== '' ? $return : '');
}
if (!Session::checkCsrfToken()) {
Flash::error(t('Form expired, please try again'), $return, 'page_csrf');
Router::redirect($return !== '' ? $return : '');
}
@@ -28,7 +40,6 @@ $slug = trim((string) (requestInput()->bodyAll()['slug'] ?? ''));
$fromLocale = trim((string) (requestInput()->bodyAll()['from_locale'] ?? (I18n::$locale ?? '')));
$toLocale = trim((string) (requestInput()->bodyAll()['to_locale'] ?? ''));
$return = Request::safeReturnTarget((string) (requestInput()->bodyAll()['return'] ?? ''));
if ($return === '' && $slug !== '') {
$return = 'page/' . $slug;
}

View File

@@ -5,6 +5,8 @@ use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\I18n;
use MintyPHP\Router;
use MintyPHP\Service\Access\SettingsAuthorizationPolicy;
use MintyPHP\Service\Access\UiAccessService;
use MintyPHP\Service\Content\PageService;
use MintyPHP\Session;
use MintyPHP\Support\Flash;
@@ -28,7 +30,10 @@ if ($notFound) {
$user = $session['user'] ?? [];
$currentUserId = (int) ($user['id'] ?? 0);
$canEdit = $currentUserId > 0;
$canEdit = app(UiAccessService::class)->allow(
$currentUserId,
SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_UPDATE
);
$returnPath = Request::path();
if ($returnPath === '') {
$returnPath = 'page/' . $slug;

View File

@@ -0,0 +1,113 @@
<?php
/**
* @var array|null $page
* @var bool $canEdit
* @var bool $editMode
* @var string $contentJson
* @var string $slug
*/
?>
<div class="app-details-container app-page">
<section>
<?php if (!$page): ?>
<p><?php e(t('Page not found')); ?></p>
<?php else: ?>
<form method="post" action="<?php e($formAction ?? ''); ?>" class="page-editor" id="page-editor" data-page-editor
data-can-edit="<?php e($canEdit ? '1' : '0'); ?>" data-edit-mode="<?php e($editMode ? 'edit' : 'view'); ?>"
data-placeholder="<?php e(t('Start writing...')); ?>" data-header-placeholder="<?php e(t('Heading')); ?>">
<?php MintyPHP\Session::getCsrfInput(); ?>
<input type="hidden" name="return" value="<?php e($returnPath ?? ''); ?>">
<textarea name="content" id="page-content" hidden><?php e($contentJson); ?></textarea>
<div data-editor-holder></div>
</form>
<?php if (file_exists('web/vendor/editorjs/tools/header.umd.js')): ?>
<script src="<?php e(assetVersion('vendor/editorjs/tools/header.umd.js')); ?>"></script>
<?php endif; ?>
<?php if (file_exists('web/vendor/editorjs/tools/list.umd.js')): ?>
<script src="<?php e(assetVersion('vendor/editorjs/tools/list.umd.js')); ?>"></script>
<?php endif; ?>
<?php if (file_exists('web/vendor/editorjs/tools/checklist.umd.js')): ?>
<script src="<?php e(assetVersion('vendor/editorjs/tools/checklist.umd.js')); ?>"></script>
<?php endif; ?>
<?php if (file_exists('web/vendor/editorjs/tools/table.umd.js')): ?>
<script src="<?php e(assetVersion('vendor/editorjs/tools/table.umd.js')); ?>"></script>
<?php endif; ?>
<?php if (file_exists('web/vendor/editorjs/tools/columns.js')): ?>
<script src="<?php e(assetVersion('vendor/editorjs/tools/columns.js')); ?>"></script>
<?php endif; ?>
<?php if (file_exists('web/vendor/editorjs/tools/marker.umd.js')): ?>
<script src="<?php e(assetVersion('vendor/editorjs/tools/marker.umd.js')); ?>"></script>
<?php endif; ?>
<script type="module" src="<?php e(assetVersion('js/components/app-page-editor.js')); ?>"></script>
<?php endif; ?>
</section>
<?php if ($canEdit): ?>
<aside id="app-details-aside-section">
<div class="app-details-aside-section app-page-action-card">
<div class="grid">
<button type="button" class="secondary outline" data-tooltip-pos="top"
data-tooltip="<?php e($editMode ? t('View') : t('Edit')); ?>" data-editor-toggle
data-edit-label="<?php e(t('Edit')); ?>" data-view-label="<?php e(t('View')); ?>">
<?php if ($editMode): ?>
<i class="bi bi-eye-fill" data-editor-icon aria-hidden="true"></i>
<?php else: ?>
<i class="bi bi-pencil-square" data-editor-icon aria-hidden="true"></i>
<?php endif; ?>
</button>
<button type="submit" form="page-editor" class="primary" data-editor-save>
<?php e(t('Save')); ?>
</button>
</div>
<?php if (isset($locales, $currentLocale) && is_array($locales) && count($locales) > 1): ?>
<hr>
<details>
<summary><?php e(t('Copy')); ?></summary>
<hr>
<form method="post" action="page/copy-language" class="app-page-copy">
<?php MintyPHP\Session::getCsrfInput(); ?>
<input type="hidden" name="slug" value="<?php e($slug ?? ''); ?>">
<input type="hidden" name="from_locale" value="<?php e($currentLocale); ?>">
<input type="hidden" name="return" value="<?php e($returnPath ?? ''); ?>">
<label class="app-field">
<span>
<?php e(t('Copy content to')); ?>
</span>
<div role="group">
<select name="to_locale" required>
<?php foreach ($locales as $locale): ?>
<?php if ($locale === $currentLocale) {
continue;
} ?>
<option value="<?php e($locale); ?>">
<?php
$label = strtoupper($locale);
if ($locale === 'de') {
$label = t('German');
} elseif ($locale === 'en') {
$label = t('English');
}
e($label);
?>
</option>
<?php endforeach; ?>
</select>
<button type="submit" class="secondary outline">
<?php e(t('Copy')); ?>
</button>
</div>
</label>
</form>
<small>
<?php e(t('Existing content in the target language will be overwritten')); ?>
</small>
</details>
<hr>
<?php endif; ?>
</div>
</aside>
<?php endif; ?>
</div>

View File

@@ -0,0 +1,47 @@
<?php
use MintyPHP\Buffer;
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\I18n;
use MintyPHP\Router;
use MintyPHP\Service\Content\PageService;
$sessionStore = app(SessionStoreInterface::class);
$session = $sessionStore->all();
$slug = trim((string) ($slug ?? ''));
if ($slug === '') {
Router::redirect('');
}
$currentUserId = (int) (($session['user']['id'] ?? 0));
if ($currentUserId > 0) {
Router::redirect(Request::withLocale('page/' . $slug, I18n::$locale ?? I18n::$defaultLocale));
}
$pageBundle = PageService::findBySlugWithLocale($slug, I18n::$locale ?? null);
$page = $pageBundle['page'] ?? null;
$pageContent = $pageBundle['content'] ?? null;
$notFound = $page === null;
if ($notFound) {
http_response_code(404);
Buffer::set('title', t('Page not found'));
}
$returnPath = Request::path();
if ($returnPath === '') {
$returnPath = $slug;
}
$formAction = '/' . ltrim($returnPath, '/');
$contentJson = '';
if (is_array($pageContent) && isset($pageContent['content'])) {
$contentJson = (string) $pageContent['content'];
}
if ($contentJson === '') {
$contentJson = json_encode(['blocks' => []], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
}
$canEdit = false;
$editMode = false;

View File

@@ -41,6 +41,7 @@ if ($bufferTitle !== '') {
<ul>
<li><a href="<?php e(lurl('imprint')); ?>"><?php e(t('Imprint')); ?></a></li>
<li><a href="<?php e(lurl('privacy')); ?>"><?php e(t('Privacy')); ?></a></li>
<li><a href="<?php e(lurl('terms')); ?>"><?php e(t('Terms of Service')); ?></a></li>
<li><a href="<?php e(lurl('login')); ?>"><?php e(t('Login')); ?></a></li>
</ul>
</nav>

View File

@@ -1,3 +1,7 @@
<?php
$isAuthenticated = !empty($_SESSION['user']['id']);
$pagePrefix = $isAuthenticated ? 'page/' : '';
?>
<footer class="site-footer">
<nav aria-label="<?php e(t('Footer navigation')); ?>">
<ul>
@@ -7,10 +11,13 @@
</a>
</li>
<li>
<a href="<?php e(lurl('imprint')); ?>" class="muted"><small><?php e(t('Imprint')); ?></small></a>
<a href="<?php e(lurl($pagePrefix . 'imprint')); ?>" class="muted"><small><?php e(t('Imprint')); ?></small></a>
</li>
<li>
<a href="<?php e(lurl('privacy')); ?>" class="muted"><small><?php e(t('Privacy')); ?></small></a>
<a href="<?php e(lurl($pagePrefix . 'privacy')); ?>" class="muted"><small><?php e(t('Privacy')); ?></small></a>
</li>
<li>
<a href="<?php e(lurl($pagePrefix . 'terms')); ?>" class="muted"><small><?php e(t('Terms of Service')); ?></small></a>
</li>
</ul>
<ul>

View File

@@ -0,0 +1,56 @@
<?php
namespace MintyPHP\Tests\Architecture;
use PHPUnit\Framework\TestCase;
class PublicPageContractTest extends TestCase
{
use ProjectFileAssertionSupport;
public function testPublicStaticPageRoutesPointToPublicPageTargets(): void
{
$routes = include $this->projectRootPath() . '/config/routes.php';
$this->assertIsArray($routes);
$byPath = [];
foreach ($routes as $route) {
if (!is_array($route)) {
continue;
}
$path = trim((string) ($route['path'] ?? ''));
if ($path === '') {
continue;
}
$byPath[$path] = $route;
}
foreach (['imprint', 'privacy', 'terms'] as $slug) {
$this->assertArrayHasKey($slug, $byPath);
$this->assertSame('public-page/' . $slug, (string) ($byPath[$slug]['target'] ?? ''));
$this->assertTrue((bool) ($byPath[$slug]['public'] ?? false));
}
}
public function testPageTemplatesAreSeparatedByContext(): void
{
$root = $this->projectRootPath();
$this->assertFileExists($root . '/pages/page/index(default).phtml');
$this->assertFileDoesNotExist($root . '/pages/page/index(page).phtml');
$this->assertFileExists($root . '/pages/public-page/index(page).phtml');
}
public function testPageMutationsUseSettingsUpdateCapabilityGuard(): void
{
$indexAction = $this->readProjectFile('pages/page/index($slug).php');
$copyAction = $this->readProjectFile('pages/page/copy-language().php');
$this->assertStringContainsString('UiAccessService::class', $indexAction);
$this->assertStringContainsString('SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_UPDATE', $indexAction);
$this->assertStringNotContainsString('$canEdit = $currentUserId > 0;', $indexAction);
$this->assertStringContainsString('UiAccessService::class', $copyAction);
$this->assertStringContainsString('SettingsAuthorizationPolicy::ABILITY_ADMIN_SETTINGS_UPDATE', $copyAction);
}
}

View File

@@ -0,0 +1,33 @@
<?php
namespace MintyPHP\Tests\Http;
use MintyPHP\Http\AccessControl;
use PHPUnit\Framework\TestCase;
class AccessControlTest extends TestCase
{
public function testConfiguredPublicPathIsAccessible(): void
{
$accessControl = new AccessControl(['imprint', 'privacy']);
$this->assertTrue($accessControl->isPublicPath('imprint'));
$this->assertTrue($accessControl->isPublicPath('/privacy'));
}
public function testPageSlugPathIsNotAutoPublic(): void
{
$accessControl = new AccessControl(['imprint']);
$this->assertTrue($accessControl->isPublicPath('imprint'));
$this->assertFalse($accessControl->isPublicPath('page/imprint'));
}
public function testAlwaysPublicPrefixesRemainAccessible(): void
{
$accessControl = new AccessControl([]);
$this->assertTrue($accessControl->isPublicPath('api/v1/health'));
$this->assertTrue($accessControl->isPublicPath('auth/microsoft/callback'));
}
}

View File

@@ -28,8 +28,6 @@
margin: 0;
}
label.app-field > span {
display: block;
}
@@ -38,7 +36,6 @@ label.app-field > small {
display: block;
}
.page-editor-actions {
margin-top: var(--app-spacing);
display: flex;
@@ -56,13 +53,14 @@ label.app-field > small {
display: none !important;
}
.ce-block__content, .ce-toolbar__content {
.ce-block__content,
.ce-toolbar__content {
max-width: 90% !important;
}
.ce-editorjsColumns_wrapper .ce-toolbar__content,
.ce-editorjsColumns_wrapper .ce-block__content {
max-width: 100% ! Important;
max-width: 100% !important;
}
.ce-popover-item[data-item-name="columns"] svg {
@@ -73,4 +71,11 @@ label.app-field > small {
.app-details-aside-section button {
margin-bottom: 0;
}
@media (min-width: 968px) {
.app-page-action-card {
position: sticky;
top: calc(var(--app-spacing) * 4);
}
}
}