Updated uses of user ID to nullify on delete.
Added testing to cover deletion of user relations.
Added model factories to support changes and potential other tests.
Cleans existing ID references in the DB via migration.
As per PR #5800
* DB: Planned out new entity table format via migrations
* DB: Created entity migration logic
Made some other tweaks/fixes while testing.
* DB: Added change of entity relation columns to suit new entities table
* DB: Got most view queries working for new structure
* Entities: Started logic change to new structure
Updated base entity class, and worked through BaseRepo.
Need to go through other repos next.
Removed a couple of redundant interfaces as part of this since we can
move the logic onto the shared ContainerData model as needed.
* Entities: Been through repos to update for new format
* Entities: Updated repos to act on refreshed clones
Changes to core entity models are now done on clones to ensure clean
state before save, and those clones are returned back if changes are
needed after that action.
* Entities: Updated model classes & relations for changes
* Entities: Changed from *Data to a common "contents" system
Added smart loading from builder instances which should hydrate with
"contents()" loaded via join, while keeping the core model original.
* Entities: Moved entity description/covers to own non-model classes
Added back some interfaces.
* Entities: Removed use of contents system for data access
* Entities: Got most queries back to working order
* Entities: Reverted back to data from contents, fixed various issues
* Entities: Started addressing issues from tests
* Entities: Addressed further tests/issues
* Entities: Been through tests to get all passing in dev
Fixed issues and needed test changes along the way.
* Entities: Addressed phpstan errors
* Entities: Reviewed TODO notes
* Entities: Ensured book/shelf relation data removed on destroy
* Entities: Been through API responses & adjusted field visibility
* Entities: Added type index to massively improve query speed
Updated query classes to align to interface for common aligned
operations.
Extracted repeated string-identifier-based finding from page/chapter
repos to shared higher-level entity queries.
Removes page/chpater addSelect global query, to load book slug, and
instead extracts base queries to be managed in new static class, while
updating specific entitiy relation loading to use our more efficient
MixedEntityListLoader where appropriate.
Related to #4823
Also aligned books, shelves and chapters to return description content
and some relations (where not breaking API) in create/update responses
also so that information can be seen direct from that input in a
request.
API docs and tests not yet updated to match.
For book, shelves and chapters.
Made much of the existing handling generic to entity types.
Added new MixedEntityListLoader to help load lists somewhat efficiently.
Only manually tested so far.
Rolled out HTML editor field and store logic across all target entity
types. Cleaned up WYSIWYG input logic and design.
Cleaned up some injected classes while there.
- Adapted existing page picker to be usable elsewhere.
- Added endpoint for getting templates for entity picker.
- Added search template filter to support above.
- Updated book save handling to check/validate submitted template.
- Allows non-visible pages to flow through the save process, if not
being changed.
- Updated page deletes to handle removal of default usage on books.
- Tweaked wording and form styles to suit.
- Updated migration to explicity reflect default value.
Added since we can't always be sure of future image usage, and in many
cases we don't generate ahead-of-time.
Also:
- Simplified image handling on certain models.
- Updated various string handling operations to use newer functions.
- Adds filtering to the watched items list in notification preferences
so that deleted (recycle bin) items are removed via query.
- Adds relations and logic to properly remove watches upon user and
entity delete events, to old watches in database do not linger.
- Adds testing to cover the above.
Did not add migration for existing data, since patch will be close to
introduction, and lingering DB entries don't open a security concern,
just some potential confusion in specific potential scenarios.
Probably not work extra migration risk, although could add in future if
concerns/issues are found.
Related to #4499
Nothing on back-end logic done to hook this new option up.
Addition of permissions for role_id=0 works out of the box, but active
"everyone else" permissions, with no priviliges, is currently not
working. Needs change of permission gen logic also.
Both caught in tests:
Fixed loss of permissions for admin users when entity restrictions were
active, since there are no entity-restrictions for the admin role but
we'd force generate them in joint permissions, which would be queried.
Fixed new role permission checks when permissions given with only the
action (eg. 'view'), since the type prefix would be required for role
permission checks. Was previously not needed as only the simpler form
was used in the jointpermissions after merge & calculation.
Cleaned up PermissionApplicator to remove old cache system which was
hardly ever actuall caching anything since it was reset after each
public method run.
Changed the scope of 'userCanOnAny' to just check entity permissions,
and added protections of action scope creep, in case a role permission
action was passed by mistake.
Made the following changes, many of these are just to align with
existing conventions.
- Updated urls to be hypenated, instead of underscored, to match other system endpoints.
- Updated URL parameter to be `deletionId` instead of `id`, and removed the ID-based comment on controller methods, so the required ID model is clear from the URL alone, since its not clear from the URL endpoint alone like existing endpoints. This follows the pattern used in the "web" routes.
- Added extra detail on some controller method comments, and copied permission comment to each method.
- Removed existing field visibility mechanisms to use simpler model-based visibility since we didn't need anything too special here (After some of my other changes).
- Allowed the "deletable" model to be shown in response to provide a little more detail on the main deleted item.
- Updated parent/child-count loading to be on the "deletable" model instead of additional properties which results in simpler controller logic and enforces the idea these are relations on the deletable, not the deletion itself. It also removes additional exposure of model namespacing.
- Updated (int) casts to intval, just since that's our most common conversion method in the codebase.
- Testing: Removed `actingAsAuthorizedUser` and used the admin user instead to prevent extra auth steps on each test.
- Testing: Cut logic/data-checks from tests if already covered by other tests.
- Testing: Added simple assertions for delete/restore response data.
- Examples: Updated list example to reflect changes.
Review of PR #3377
To be followed up with changes to polymorphic relations to hide
namespacing.