Merge pull request #29 from fernandoval/development

v4.6.0

.env.example

@@ -0,0 +1,21 @@
+# Environment configuration file
+
+# =======================
+# This is an example file.
+# In your environment it must be named .env
+# =======================
+
+# Environment configuration
+
+SPRINGY_ENVIRONMENT="development"
+CHARSET="UTF-8"
+TIMEZONE="America/Sao_Paulo"
+
+# Database configuration
+#
+# Host, database name, user and password
+
+DB_HOST="localhost"
+DB_NAME="springy"
+DB_USER="root"
+DB_PASS=""

.github/workflows/tests.yml

@@ -2,11 +2,14 @@ name: Tests
 
 on:
   push:
-    branches: [ "development" ]
+    branches:
+      - master
+      - development
   pull_request:
-    branches: [ "master" ]
+    branches:
+      - master
   schedule:
-    - cron: '0 * * * *'
+    - cron: '0 0 * * *'
 
 permissions:
   contents: read
@@ -18,10 +21,13 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        php: ['8.0', '8.1', '8.2']
+        php: ['8.1', '8.2', '8.3']
+
+    name: PHP ${{ matrix.php }}
 
     steps:
-      - uses: actions/checkout@v3
+      - name: Checkout
+        uses: actions/checkout@v4
 
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
@@ -43,7 +49,10 @@ jobs:
       #       ${{ runner.os }}-php-
 
       - name: Install dependencies
-        run: composer update --prefer-dist --no-progress --no-suggest
+        run: composer install --prefer-dist --no-interaction --no-progress --no-suggest
+
+      - name: Copy environment file
+        run: cp .env.example .env
 
       - name: Run test suite
         run: vendor/bin/phpunit

.gitignore

@@ -1 +1,7 @@
-.phpunit.result.cache
+.env
+.phpunit.result.cache
+/components.lock
+/phpcs.log
+/phpmd.html
+/components/*
+/node_modules/*

CODE_OF_CONDUCT.md

@@ -0,0 +1,141 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, religion, or sexual identity
+and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+-   Demonstrating empathy and kindness toward other people
+
+-   Being respectful of differing opinions, viewpoints, and experiences
+
+-   Giving and gracefully accepting constructive feedback
+
+-   Accepting responsibility and apologizing to those affected by our mistakes,
+    and learning from the experience
+
+-   Focusing on what is best not just for us as individuals, but for the
+    overall community
+
+Examples of unacceptable behavior include:
+
+-   The use of sexualized language or imagery, and sexual attention or
+    advances of any kind
+
+-   Trolling, insulting or derogatory comments, and personal or political
+    attacks
+
+-   Public or private harassment
+
+-   Publishing others' private information, such as a physical or email
+    address, without their explicit permission
+
+-   Other conduct which could reasonably be considered inappropriate in a
+    professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+`abuse at fval dot com dot br`.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series
+of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or
+permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior,  harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within
+the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.0, available at
+[https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available
+at [https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

README.md

@@ -1,8 +1,6 @@
 # Springy
 
-[![Build Status](https://travis-ci.com/fernandoval/Springy.svg?branch=master)](https://travis-ci.com/fernandoval/Springy)
-[![StyleCI](https://styleci.io/repos/26294247/shield)](https://styleci.io/repos/26294247)
-[![Codacy Badge](https://api.codacy.com/project/badge/grade/6152e69cbc7d433d8a151622e0f6be4b)](https://www.codacy.com/app/fval/Springy)
+![Build Status](https://github.com/fernandoval/Springy/actions/workflows/tests.yml/badge.svg)
 
 A micro framework for smart PHP developers.
 
@@ -24,7 +22,7 @@ It was created based upon the KISS principle in which the simplicity is the base
 
 ## Requirements
 
-* PHP 8.0+
+* PHP 8.1+
 * [Composer](https://getcomposer.org/) Dependency Manager for PHP
 
 ## Language dependencies

app/Security/UserSession.php

@@ -8,11 +8,12 @@
 
 use App\Models\User;
 use Springy\Exceptions\SpringyException;
+use Springy\Security\IdentityInterface;
 use Springy\Session;
 use Springy\URI;
 use Springy\Utils\MessageContainer;
 
-class UserSession
+class UserSession implements IdentityInterface
 {
     // Authentication remember me cookie name
     private const IDENTITY_COOKIE = '_YourSessionCookieName_';
@@ -133,7 +134,7 @@ private function loadPermissions(): void
      *
      * @return void
      */
-    public function fillFromSession(array $data)
+    public function fillFromSession(array $data): void
     {
         $this->userId = $data[self::USER_ID] ?? $this->userData[User::COL_ID] ?? null;
         $this->userData = $data[self::USER_DATA] ?? [];
@@ -151,7 +152,7 @@ public function fillFromSession(array $data)
      *
      * @return array the array with credential data.
      */
-    public function getCredentials()
+    public function getCredentials(): array
     {
         return [
             'login' => User::COL_EMAIL,
@@ -194,7 +195,7 @@ public function getId()
      *
      * @return string the column name of the user uuid.
      */
-    public function getIdField()
+    public function getIdField(): string
     {
         return User::COL_UUID;
     }
@@ -229,24 +230,12 @@ public function getUser(): User
         return loadModel(User::class, User::COL_ID, $this->getPK());
     }
 
-    /**
-     * Get the user permission for the given ACL.
-     *
-     * @param string $aclObjectName the name of the ACL.
-     *
-     * @return bool True if the user has permission to access or false if not.
-     */
-    public function getPermissionFor($aclObjectName)
-    {
-        return $this->hasAccess(URI::requestMethod(), $aclObjectName);
-    }
-
     /**
      * Get the session data.
      *
      * @return array the array with data to be saved in session.
      */
-    public function getSessionData()
+    public function getSessionData(): array
     {
         return [
             self::USER_ID => $this->userId,
@@ -262,7 +251,7 @@ public function getSessionData()
      *
      * @return string the name of the session key.
      */
-    public function getSessionKey()
+    public function getSessionKey(): string
     {
         return self::IDENTITY_COOKIE;
     }
@@ -278,16 +267,15 @@ public function getValidationErrors(): ?MessageContainer
     }
 
     /**
-     * Checks whether the user has access rights.
+     * Get the user permission for the given ACL.
      *
-     * @param string $method
-     * @param string $aclObjectName
+     * @param string $aclObjectName the name of the ACL.
      *
-     * @return bool
+     * @return bool True if the user has permission to access or false if not.
      */
-    public function hasAccess(string $method, string $aclObjectName): bool
+    public function hasPermissionFor(string $aclObjectName): bool
     {
-        $permissions = $this->permissions[$method] ?? [];
+        $permissions = $this->permissions[URI::requestMethod()] ?? [];
 
         return count(array_filter(
             $permissions,
@@ -320,7 +308,7 @@ public function isLoaded(): bool
      *
      * @return void
      */
-    public function loadByCredentials(array $data)
+    public function loadByCredentials(array $data): void
     {
         $user = loadModel(User::class, key($data), current($data));