diff options
| -rw-r--r-- | README.md | 14 | ||||
| -rw-r--r-- | contrib/docker-compose.yml | 4 | ||||
| -rw-r--r-- | includes/controller/shifts_controller.php | 16 | ||||
| -rw-r--r-- | includes/helper/error_helper.php | 11 | ||||
| -rw-r--r-- | includes/includes.php | 1 | ||||
| -rw-r--r-- | includes/pages/user_atom.php | 16 | ||||
| -rw-r--r-- | includes/pages/user_ical.php | 17 | ||||
| -rw-r--r-- | package.json | 2 | ||||
| -rw-r--r-- | resources/assets/js/forms.js | 35 | ||||
| -rw-r--r-- | resources/assets/js/vendor.js | 7 | ||||
| -rw-r--r-- | resources/views/pages/login.twig | 8 | ||||
| -rw-r--r-- | resources/views/pages/user-shifts.html | 8 | ||||
| -rw-r--r-- | storage/.gitignore | 4 | ||||
| -rw-r--r-- | storage/cache/.gitignore | 4 | ||||
| -rw-r--r-- | yarn.lock | 2 |
15 files changed, 100 insertions, 49 deletions
@@ -132,6 +132,20 @@ Import database docker exec -it engelsystem bin/migrate ``` +#### Local development +To use the working directory in the container the docker-compose file has to be changed: +```yaml +[...] + nginx: + volumes: + - ../public/assets:/var/www/public/assets +[...] + engelsystem: + volumes: + - ../:/var/www +[...] +``` + #### Scripts ##### bin/deploy.sh The `bin/deploy.sh` script can be used to deploy the engelsystem. It uses rsync to deploy the application to a server over ssh. diff --git a/contrib/docker-compose.yml b/contrib/docker-compose.yml index b1dab793..4624cce4 100644 --- a/contrib/docker-compose.yml +++ b/contrib/docker-compose.yml @@ -27,19 +27,19 @@ services: depends_on: - database database: - image: mariadb:latest + image: mariadb:10.2 environment: MYSQL_DATABASE: engelsystem MYSQL_USER: engelsystem MYSQL_PASSWORD: engelsystem MYSQL_RANDOM_ROOT_PASSWORD: 1 + MYSQL_INITDB_SKIP_TZINFO: "yes" volumes: - db:/var/lib/mysql networks: - database volumes: db: {} - static: {} networks: internal: diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index caf124ba..726814cf 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -1,5 +1,6 @@ <?php +use Engelsystem\Http\Exceptions\HttpForbidden; use Engelsystem\ShiftSignupState; /** @@ -348,17 +349,18 @@ function shift_next_controller() function shifts_json_export_controller() { $request = request(); + $user = auth()->apiUser('key'); - if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) { - engelsystem_error('Missing key.'); + if ( + !$request->has('key') + || !preg_match('/^[\da-f]{32}$/', $request->input('key')) + || !$user + ) { + throw new HttpForbidden('{"error":"Missing or invalid key"}', ['content-type' => 'application/json']); } - $user = auth()->apiUser('key'); - if (!$user) { - engelsystem_error('Key invalid.'); - } if (!auth()->can('shifts_json_export')) { - engelsystem_error('No privilege for shifts_json_export.'); + throw new HttpForbidden('{"error":"Not allowed"}', ['content-type' => 'application/json']); } $shifts = load_ical_shifts(); diff --git a/includes/helper/error_helper.php b/includes/helper/error_helper.php deleted file mode 100644 index 9314a57a..00000000 --- a/includes/helper/error_helper.php +++ /dev/null @@ -1,11 +0,0 @@ -<?php - -/** - * Displays a fatal message and stops execution. - * - * @param string $message - */ -function engelsystem_error($message) -{ - raw_output($message); -} diff --git a/includes/includes.php b/includes/includes.php index 855ff359..601a6ca2 100644 --- a/includes/includes.php +++ b/includes/includes.php @@ -60,7 +60,6 @@ $includeFiles = [ __DIR__ . '/../includes/helper/graph_helper.php', __DIR__ . '/../includes/helper/message_helper.php', - __DIR__ . '/../includes/helper/error_helper.php', __DIR__ . '/../includes/helper/email_helper.php', __DIR__ . '/../includes/mailer/shifts_mailer.php', diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index 8e5b4858..a491fea7 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -1,6 +1,7 @@ <?php use Engelsystem\Database\DB; +use Engelsystem\Http\Exceptions\HttpForbidden; /** * Publically available page to feed the news to feed readers @@ -8,17 +9,18 @@ use Engelsystem\Database\DB; function user_atom() { $request = request(); + $user = auth()->apiUser('key'); - if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) { - engelsystem_error('Missing key.'); + if ( + !$request->has('key') + || !preg_match('/^[\da-f]{32}$/', $request->input('key')) + || empty($user) + ) { + throw new HttpForbidden('Missing or invalid key', ['content-type' => 'text/text']); } - $user = auth()->apiUser('key'); - if (empty($user)) { - engelsystem_error('Key invalid.'); - } if (!auth()->can('atom')) { - engelsystem_error('No privilege for atom.'); + throw new HttpForbidden('Not allowed', ['content-type' => 'text/text']); } $news = DB::select(' diff --git a/includes/pages/user_ical.php b/includes/pages/user_ical.php index ee3a8340..2f3a7ccc 100644 --- a/includes/pages/user_ical.php +++ b/includes/pages/user_ical.php @@ -1,22 +1,25 @@ <?php +use Engelsystem\Http\Exceptions\HttpForbidden; + /** * Controller for ical output of users own shifts or any user_shifts filter. */ function user_ical() { $request = request(); + $user = auth()->apiUser('key'); - if (!$request->has('key') || !preg_match('/^[\da-f]{32}$/', $request->input('key'))) { - engelsystem_error('Missing key.'); + if ( + !$request->has('key') + || !preg_match('/^[\da-f]{32}$/', $request->input('key')) + || !$user + ) { + throw new HttpForbidden('Missing or invalid key', ['content-type' => 'text/text']); } - $user = auth()->apiUser('key'); - if (!$user) { - engelsystem_error('Key invalid.'); - } if (!auth()->can('ical')) { - engelsystem_error('No privilege for ical.'); + throw new HttpForbidden('Not allowed', ['content-type' => 'text/text']); } $ical_shifts = load_ical_shifts(); diff --git a/package.json b/package.json index 5a8a5a44..8a623a3b 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,7 @@ "eonasdan-bootstrap-datetimepicker": "^4.17.47", "jquery": "^3.3.1", "jquery-ui": "^1.11.2", - "moment": "^2.8.2", + "moment": "^2.12.0", "moment-timezone": "^0.4.0", "select2": "^4.0.6-rc.1", "select2-bootstrap-theme": "0.1.0-beta.10" diff --git a/resources/assets/js/forms.js b/resources/assets/js/forms.js index f5818e97..9970b907 100644 --- a/resources/assets/js/forms.js +++ b/resources/assets/js/forms.js @@ -16,7 +16,7 @@ global.checkAll = (id, checked) => { * Sets the checkboxes according to the given type * * @param {string} id The elements ID - * @param {list} shifts_list A list of numbers + * @param {list} shiftsList A list of numbers */ global.checkOwnTypes = (id, shiftsList) => { $('#' + id + ' input[type="checkbox"]').each(function () { @@ -144,10 +144,10 @@ $(function () { elem.children('input').on('click', function (ev) { ev.stopImmediatePropagation(); if (typeof elem.data('DateTimePicker') === 'undefined') { - elem.datetimepicker(opts); - elem.data('DateTimePicker').show(); + elem.datetimepicker(opts); + elem.data('DateTimePicker').show(); } else { - elem.data('DateTimePicker').toggle(); + elem.data('DateTimePicker').toggle(); } }); }); @@ -173,3 +173,30 @@ $(function () { }); }); }); + +/** + * Set the filter selects to latest state + * + * Uses DOMContentLoaded to prevent flickering + */ +window.addEventListener('DOMContentLoaded', () => { + const filter = document.getElementById('collapseShiftsFilterSelect'); + if (!filter || localStorage.getItem('collapseShiftsFilterSelect') !== 'hidden') { + return; + } + + filter.classList.remove('in'); +}); +$(() => { + if (typeof (localStorage) === 'undefined') { + return; + } + + const onChange = (e) => { + localStorage.setItem('collapseShiftsFilterSelect', e.type); + }; + + $('#collapseShiftsFilterSelect') + .on('hidden.bs.collapse', onChange) + .on('shown.bs.collapse', onChange); +}); diff --git a/resources/assets/js/vendor.js b/resources/assets/js/vendor.js index bf3807f7..b4b6487d 100644 --- a/resources/assets/js/vendor.js +++ b/resources/assets/js/vendor.js @@ -10,6 +10,13 @@ require('./forms'); require('./sticky-headers'); require('./moment-countdown'); +moment.updateLocale('en', { + week : { + dow : 1, // Monday is the first day of the week. + doy : 4 // The week that contains Jan 4th is the first week of the year. + } +}); + $.ajaxSetup({ headers: {'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')} }); diff --git a/resources/views/pages/login.twig b/resources/views/pages/login.twig index da6f4fdf..88326429 100644 --- a/resources/views/pages/login.twig +++ b/resources/views/pages/login.twig @@ -50,7 +50,7 @@ <div class="input-group"> <span class="input-group-addon input-lg">{{ m.glyphicon('lock') }}</span> <input class="form-control input-lg" id="form_password" - type="password" name="password" value="" placeholder="{{ __('Password') }}"> + type="password" name="password" value="" placeholder="{{ __('Password') }}"> </div> </div> @@ -93,8 +93,10 @@ </a> </div> </div> - </div> - {{ m.glyphicon('info-sign') }} {{ __('Please note: You have to activate cookies!') }} + <div class="col-md-12 text-center"> + {{ m.glyphicon('info-sign') }} {{ __('Please note: You have to activate cookies!') }} + </div> + </div> </div> {% endblock %} diff --git a/resources/views/pages/user-shifts.html b/resources/views/pages/user-shifts.html index 9ac501da..d5a98f80 100644 --- a/resources/views/pages/user-shifts.html +++ b/resources/views/pages/user-shifts.html @@ -55,12 +55,12 @@ <div class="col-md-6"> <button class="btn btn-info btn-sm hidden-print" style="margin-top: 20px; margin-bottom:10px" type="button" data-toggle="collapse" - data-target="#collapseRoomSelect" aria-expanded="false" - aria-controls="collapseRoomSelect" + data-target="#collapseShiftsFilterSelect" aria-expanded="true" + aria-controls="collapseShiftsFilterSelect" > collapse/show filters </button> - <div class="collapse in" id="collapseRoomSelect"> + <div class="collapse in" id="collapseShiftsFilterSelect"> <div class="row"> <div class="col-xs-4 col-xxs-12">%room_select%</div> <div class="col-xs-4 col-xxs-12">%type_select%</div> @@ -79,5 +79,5 @@ %shifts_table% <div class="hidden-print"> -%ical_text% + %ical_text% </div>
\ No newline at end of file diff --git a/storage/.gitignore b/storage/.gitignore new file mode 100644 index 00000000..fa776e4d --- /dev/null +++ b/storage/.gitignore @@ -0,0 +1,4 @@ +/* +!/app +!/cache +!.gitignore diff --git a/storage/cache/.gitignore b/storage/cache/.gitignore index ea604cb2..b376bb75 100644 --- a/storage/cache/.gitignore +++ b/storage/cache/.gitignore @@ -1 +1,3 @@ -/routes.cache.php +/* +!/views +!.gitignore @@ -3328,7 +3328,7 @@ moment-timezone@^0.4.0: dependencies: moment ">= 2.6.0" -"moment@>= 2.6.0", moment@^2.10, moment@^2.10.2, moment@^2.8.2: +"moment@>= 2.6.0", moment@^2.10, moment@^2.10.2, moment@^2.12.0: version "2.24.0" resolved "https://registry.yarnpkg.com/moment/-/moment-2.24.0.tgz#0d055d53f5052aa653c9f6eb68bb5d12bf5c2b5b" integrity sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg== |